diff --git a/go.mod b/go.mod index 2d911ec48b..5c1930ee6a 100644 --- a/go.mod +++ b/go.mod @@ -13,9 +13,9 @@ require ( github.com/Masterminds/sprig/v3 v3.2.3 github.com/aokoli/goutils v1.1.1 github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 - github.com/coreos/container-linux-config-transpiler v0.9.0 + github.com/coreos/butane v0.21.0 github.com/coreos/go-oidc/v3 v3.10.0 - github.com/coreos/ignition v0.35.0 + github.com/coreos/vcontext v0.0.0-20231102161604-685dc7299dc5 github.com/databus23/goslo.policy v0.0.0-20210929125152-81bf2876dbdb github.com/databus23/guttle v0.0.0-20210623071842-89102dbdfc85 github.com/databus23/keystone v0.0.0-20180111110916-350fd0e663cd @@ -42,7 +42,7 @@ require ( github.com/rs/cors v1.11.0 github.com/satori/go.uuid v1.2.0 github.com/spf13/cobra v1.8.1 - github.com/spf13/pflag v1.0.5 + github.com/spf13/pflag v1.0.6-0.20210604193023-d5e0c0615ace github.com/stretchr/testify v1.9.0 github.com/tredoe/osutil v1.5.0 github.com/zalando/go-keyring v0.2.5 @@ -68,18 +68,19 @@ require ( github.com/MakeNowJust/heredoc v1.0.0 // indirect github.com/Masterminds/squirrel v1.5.4 // indirect github.com/Microsoft/hcsshim v0.11.4 // indirect - github.com/ajeddeloh/go-json v0.0.0-00010101000000-000000000000 // indirect - github.com/ajeddeloh/yaml v0.0.0-20160722214022-1072abfea311 // indirect - github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137 // indirect github.com/alessio/shellescape v1.4.1 // indirect + github.com/aws/aws-sdk-go v1.50.25 // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/cenkalti/backoff v2.2.1+incompatible // indirect github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/chai2010/gettext-go v1.0.2 // indirect + github.com/clarketm/json v1.17.1 // indirect github.com/containerd/containerd v1.7.12 // indirect github.com/containerd/log v0.1.0 // indirect + github.com/coreos/go-json v0.0.0-20230131223807-18775e0fb4fb // indirect github.com/coreos/go-semver v0.3.1 // indirect - github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e // indirect + github.com/coreos/go-systemd/v22 v22.5.0 // indirect + github.com/coreos/ignition/v2 v2.18.0 // indirect github.com/cyphar/filepath-securejoin v0.2.4 // indirect github.com/danieljoos/wincred v1.2.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect @@ -94,7 +95,7 @@ require ( github.com/emicklei/go-restful/v3 v3.11.0 // indirect github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d // indirect github.com/fatih/color v1.13.0 // indirect - github.com/felixge/httpsnoop v1.0.3 // indirect + github.com/felixge/httpsnoop v1.0.4 // indirect github.com/go-errors/errors v1.4.2 // indirect github.com/go-gorp/gorp/v3 v3.1.0 // indirect github.com/go-jose/go-jose/v4 v4.0.1 // indirect @@ -166,24 +167,23 @@ require ( github.com/sirupsen/logrus v1.9.3 // indirect github.com/spf13/cast v1.5.0 // indirect github.com/stretchr/objx v0.5.2 // indirect - github.com/vincent-petithory/dataurl v0.0.0-20160330182126-9a301d65acbb // indirect + github.com/vincent-petithory/dataurl v1.0.0 // indirect github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect github.com/xeipuuv/gojsonschema v1.2.0 // indirect github.com/xlab/treeprint v1.2.0 // indirect go.mongodb.org/mongo-driver v1.14.0 // indirect - go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.45.0 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.48.0 // indirect go.opentelemetry.io/otel v1.24.0 // indirect go.opentelemetry.io/otel/metric v1.24.0 // indirect go.opentelemetry.io/otel/trace v1.24.0 // indirect go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect - go4.org v0.0.0-20230225012048-214862532bf5 // indirect golang.org/x/sync v0.7.0 // indirect golang.org/x/term v0.21.0 // indirect golang.org/x/text v0.16.0 // indirect - golang.org/x/time v0.3.0 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect - google.golang.org/grpc v1.58.3 // indirect + golang.org/x/time v0.5.0 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20240213162025-012b6fc9bca9 // indirect + google.golang.org/grpc v1.61.1 // indirect google.golang.org/protobuf v1.33.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect diff --git a/go.sum b/go.sum index ce5f1bb349..0ccc71ff0b 100644 --- a/go.sum +++ b/go.sum @@ -1,22 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= -cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= -cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= -cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= -cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= -cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= -cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M= -cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= -cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= -cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= -cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= -cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= -cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= -cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk= dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= -dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 h1:bvDV9vkmnHYOMsOr4WLk+Vo07yKIzd94sVoIqshQ4bU= github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24/go.mod h1:8o94RPi1/7XTJvwPpRSzSUedZrtlirdB3r9Z20bi2f8= github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOElx5B5HZ4hJQsoJ/PvUvKRhJHDQXO8P8= @@ -24,7 +9,6 @@ github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg6 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/toml v1.4.0 h1:kuoIxZQy2WRRk1pttg9asf+WVv6tWQuBNVmK8+nqPr0= github.com/BurntSushi/toml v1.4.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho= -github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/DATA-DOG/go-sqlmock v1.5.2 h1:OcvFkGmslmlZibjAjaHm3L//6LiuBgolP7OputlJIzU= github.com/DATA-DOG/go-sqlmock v1.5.2/go.mod h1:88MAG/4G7SMwSE3CeA0ZKzrT5CiOU3OJ+JlNzwDqpNU= github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible/go.mod h1:r7JcOSlj0wfOMncg0iLm8Leh48TZaKVeNIfJntJ2wa0= @@ -51,14 +35,10 @@ github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWX github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI= github.com/VividCortex/gohistogram v1.0.0/go.mod h1:Pf5mBqqDxYaXu3hDrrU+w6nw50o/4+TcAqDqk/vUH7g= github.com/afex/hystrix-go v0.0.0-20180502004556-fa1af6a1f4f5/go.mod h1:SkGFH1ia65gfNATL8TAiHDNxPzPdmEL5uirI2Uyuz6c= -github.com/ajeddeloh/yaml v0.0.0-20160722214022-1072abfea311 h1:2GE/uW8k9V6gEj+GNZtrPBKTy30wpi1UpTrCdM1YBmg= -github.com/ajeddeloh/yaml v0.0.0-20160722214022-1072abfea311/go.mod h1:idhzw68Q7v4j+rQ2AGyq3OlZW2Jij9mdmGA4/Sk6J0E= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137 h1:s6gZFSlWYmbqAuRjVTiNNhvNRfY2Wxp9nhfyel4rklc= -github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE= github.com/alessio/shellescape v1.4.1 h1:V7yhSDDn8LP4lc4jS8pFkt0zCnzVJlG5JXy9BVKJUX0= github.com/alessio/shellescape v1.4.1/go.mod h1:PZAiSCk0LJaZkiCSkPv8qIobYglO3FPpyFjDCtHLS30= github.com/aokoli/goutils v1.1.1 h1:/hA+Ywo3AxoDZY5ZMnkiEkUvkK4BPp927ax110KCqqg= @@ -75,6 +55,8 @@ github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3d github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= github.com/aws/aws-lambda-go v1.13.3/go.mod h1:4UKl9IzQMoD+QF79YdCuzCwp8VbmG4VAQwij/eHl5CU= github.com/aws/aws-sdk-go v1.27.0/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= +github.com/aws/aws-sdk-go v1.50.25 h1:vhiHtLYybv1Nhx3Kv18BBC6L0aPJHaG9aeEsr92W99c= +github.com/aws/aws-sdk-go v1.50.25/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/aws/aws-sdk-go-v2 v0.18.0/go.mod h1:JWVYvqSMppoMJC0x5wdwiImzgXTI9FuZwxzkQq9wy+g= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= @@ -101,6 +83,8 @@ github.com/chai2010/gettext-go v1.0.2/go.mod h1:y+wnP2cHYaVj19NZhYKAwEMH2CI1gNHe github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= +github.com/clarketm/json v1.17.1 h1:U1IxjqJkJ7bRK4L6dyphmoO840P6bdhPdbbLySourqI= +github.com/clarketm/json v1.17.1/go.mod h1:ynr2LRfb0fQU34l07csRNBTcivjySLLiY1YzQqKVfdo= github.com/clbanning/x2j v0.0.0-20191024224557-825249438eec/go.mod h1:jMjuTZXRI4dUb/I5gc9Hdhagfvm9+RyrPryS/auMzxE= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8= @@ -113,21 +97,23 @@ github.com/containerd/continuity v0.4.2 h1:v3y/4Yz5jwnvqPKJJ+7Wf93fyWoCB3F5EclWG github.com/containerd/continuity v0.4.2/go.mod h1:F6PTNCKepoxEaXLQp3wDAjygEnImnZ/7o4JzpodfroQ= github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I= github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo= -github.com/coreos/container-linux-config-transpiler v0.9.0 h1:UBGpT8qWqzi48hNLrzMAgAUNJsR0LW8Gk5/dR/caI8U= -github.com/coreos/container-linux-config-transpiler v0.9.0/go.mod h1:SlcxXZQ2c42knj8pezMiQsM1f+ADxFMjGetuMKR/YSQ= -github.com/coreos/go-json v0.0.0-20230530211827-23ecf4482aa9 h1:+DrPcGLdO848mxC4gNC6DW6lM86e1bBUdrYvMc9DYEU= -github.com/coreos/go-json v0.0.0-20230530211827-23ecf4482aa9/go.mod h1:rcFZM3uxVvdyNmsAV2jopgPD1cs5SPWJWU5dOz2LUnw= +github.com/coreos/butane v0.21.0 h1:GDi6XBheEfvxaq7Ez3wxdN+0IraAz3U7QvpVGcbHd84= +github.com/coreos/butane v0.21.0/go.mod h1:3OKS5qaH58O2yLAKgAtOgBpUQSm7aIOU09IpG+IvmF4= +github.com/coreos/go-json v0.0.0-20230131223807-18775e0fb4fb h1:rmqyI19j3Z/74bIRhuC59RB442rXUazKNueVpfJPxg4= +github.com/coreos/go-json v0.0.0-20230131223807-18775e0fb4fb/go.mod h1:rcFZM3uxVvdyNmsAV2jopgPD1cs5SPWJWU5dOz2LUnw= github.com/coreos/go-oidc/v3 v3.10.0 h1:tDnXHnLyiTVyT/2zLDGj09pFPkhND8Gl8lnTRhoEaJU= github.com/coreos/go-oidc/v3 v3.10.0/go.mod h1:5j11xcw0D3+SGxn6Z/WFADsgcWVMyNAlSQupk0KK3ac= github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= github.com/coreos/go-semver v0.3.1 h1:yi21YpKnrx1gt5R+la8n5WgS0kCrsPp33dmEyHReZr4= github.com/coreos/go-semver v0.3.1/go.mod h1:irMmmIw/7yzSRPWryHsK7EYSg09caPQL03VsM8rvUec= github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e h1:Wf6HqHfScWJN9/ZjdUKyjop4mf3Qdd+1TvvltAvM3m8= -github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/ignition v0.35.0 h1:UFodoYq1mOPrbEjtxIsZbThcDyQwAI1owczRDqWmKkQ= -github.com/coreos/ignition v0.35.0/go.mod h1:WJQapxzEn9DE0ryxsGvm8QnBajm/XsS/PkrDqSpz+bA= +github.com/coreos/go-systemd/v22 v22.5.0 h1:RrqgGjYQKalulkV8NGVIfkXQf6YYmOyiJKk8iXXhfZs= +github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= +github.com/coreos/ignition/v2 v2.18.0 h1:sPSGGsxaCuFMpKOMBQ71I9RIR20SIF4dWnoTomcPEYQ= +github.com/coreos/ignition/v2 v2.18.0/go.mod h1:TURPHDqWUWTmej8c+CEMBENMU3N/Lt6GfreHJuoDMbA= github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= +github.com/coreos/vcontext v0.0.0-20231102161604-685dc7299dc5 h1:sMZSC2BW5LKCdvNbfN12SbKrNvtLBUNjfHZmMvI2ItY= +github.com/coreos/vcontext v0.0.0-20231102161604-685dc7299dc5/go.mod h1:Salmysdw7DAVuobBW/LwsKKgpyCPHUhjyJoMJD+ZJiI= github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= @@ -188,8 +174,8 @@ github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d/go.mod h1:ZZM github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= github.com/fatih/color v1.13.0 h1:8LOYc1KYPPmyKMuN8QV2DNRWNbLo6LZ0iLs8+mlH53w= github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= -github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBdXk= -github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= +github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= +github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/foxcpp/go-mockdns v1.0.0 h1:7jBqxd3WDWwi/6WhDvacvH1XsN3rOLXyHM1uhvIx6FI= github.com/foxcpp/go-mockdns v1.0.0/go.mod h1:lgRN6+KxQBawyIghpnl5CezHFGS9VLzvtVlwxvzXTQ4= github.com/franela/goblin v0.0.0-20200105215937-c9ffbefa60db/go.mod h1:7dvUGVsVBjqR7JHJk0brhHOZYGmfBYOrK0ZhYMEtBr4= @@ -201,8 +187,6 @@ github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA= github.com/go-errors/errors v1.4.2/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og= -github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= -github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gorp/gorp/v3 v3.1.0 h1:ItKF/Vbuj31dmV4jxA1qblpSwkl9g1typ24xoe70IGs= github.com/go-gorp/gorp/v3 v3.1.0/go.mod h1:dLEjIyyRNiXvNZ8PSmzpt1GsWAUK8kjVhEpjH8TixEw= github.com/go-jose/go-jose/v4 v4.0.1 h1:QVEPDE3OluqXBQZDcnNvQrInro2h0e4eqNbnZSWqS6U= @@ -260,6 +244,7 @@ github.com/gobuffalo/packr/v2 v2.8.3 h1:xE1yzvnO56cUC0sTpKR3DIbxZgB54AftTFMhB2XE github.com/gobuffalo/packr/v2 v2.8.3/go.mod h1:0SahksCVcx4IMnigTjiFuyldmTrdTctXsOdiU5KwbKc= github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y= github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8= +github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/godbus/dbus/v5 v5.1.0 h1:4KLkAxT3aOY8Li4FRJe/KvhoNFFxo0m6fNuFUO8QJUk= github.com/godbus/dbus/v5 v5.1.0/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/gogo/googleapis v1.1.0/go.mod h1:gf4bu3Q80BeJ6H1S1vYPm8/ELATdvryBaNFGgqEef3s= @@ -271,18 +256,12 @@ github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= -github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= @@ -312,10 +291,6 @@ github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeN github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= -github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec= github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= @@ -325,8 +300,6 @@ github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+ github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= -github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/gophercloud/gophercloud v1.3.0/go.mod h1:aAVqcocTSXh2vYFZ1JTvx4EQmfgzxRcNupUfxZbBNDM= github.com/gophercloud/gophercloud v1.12.0 h1:Jrz16vPAL93l80q16fp8NplrTCp93y7rZh2P3Q4Yq7g= github.com/gophercloud/gophercloud v1.12.0/go.mod h1:aAVqcocTSXh2vYFZ1JTvx4EQmfgzxRcNupUfxZbBNDM= @@ -387,7 +360,6 @@ github.com/huandu/xstrings v1.3.3/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq github.com/huandu/xstrings v1.4.0 h1:D17IlohoQq4UcpqD7fDk80P7l+lwAmlFaBHgOipl2FU= github.com/huandu/xstrings v1.4.0/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= github.com/hudl/fargo v1.3.0/go.mod h1:y3CKSmjA+wD2gak7sUSXTAoopbhU08POFhmITJgmKTg= -github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk= github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK2O4oXg= @@ -408,8 +380,6 @@ github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/u github.com/json-iterator/go v1.1.8/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= -github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= github.com/justinas/alice v1.2.0 h1:+MHSA/vccVCF4Uq37S42jwlkvI2Xzl7zTPCN5BnZNVo= @@ -609,7 +579,6 @@ github.com/rubenv/sql-migrate v1.5.2/go.mod h1:H38GW8Vqf8F0Su5XignRyaRcbXbJunSWx github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/rwcarlsen/goexif v0.0.0-20190401172101-9e8deecbddbd/go.mod h1:hPqNNc0+uJM6H+SuU8sEs5K5IQeKccPqeSjfgcKGgPk= github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= github.com/samuel/go-zookeeper v0.0.0-20190923202752-2cc03de413da/go.mod h1:gi+0XIa01GRL2eRQVjQkKGqKF3SF9vZR/HnPullcV2E= github.com/satori/go.uuid v1.2.0 h1:0uYX9dsZ2yD7q2RtLRtPSdGDWzjeM3TbMJP9utgA0ww= @@ -638,8 +607,9 @@ github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3 github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM= github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y= github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/spf13/pflag v1.0.6-0.20210604193023-d5e0c0615ace h1:9PNP1jnUjRhfmGMlkXHjYPishpcw4jpSt/V/xYY3FMA= +github.com/spf13/pflag v1.0.6-0.20210604193023-d5e0c0615ace/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/streadway/amqp v0.0.0-20190404075320-75d898a42a94/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw= github.com/streadway/amqp v0.0.0-20190827072141-edfb9018d271/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw= github.com/streadway/handy v0.0.0-20190108123426-d5acb3125c2a/go.mod h1:qNTQ5P5JnDBl6z3cMAg/SywNDC5ABu5ApDIw6lUbRmI= @@ -659,8 +629,8 @@ github.com/tredoe/osutil v1.5.0 h1:UGVxbbHRoZi8xXVmbNZ2vgG6XoJ15ndE4LniiQ3rJKg= github.com/tredoe/osutil v1.5.0/go.mod h1:TEzphzUUunysbdDRfdOgqkg10POQbnfIPV50ynqOfIg= github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= -github.com/vincent-petithory/dataurl v0.0.0-20160330182126-9a301d65acbb h1:lyL3z7vYwTWXf4/bI+A01+cCSnfhKIBhy+SQ46Z/ml8= -github.com/vincent-petithory/dataurl v0.0.0-20160330182126-9a301d65acbb/go.mod h1:FHafX5vmDzyP+1CQATJn7WFKc9CvnvxyvZy6I1MrG/U= +github.com/vincent-petithory/dataurl v1.0.0 h1:cXw+kPto8NLuJtlMsI152irrVw9fRDX8AbShPRpg2CI= +github.com/vincent-petithory/dataurl v1.0.0/go.mod h1:FHafX5vmDzyP+1CQATJn7WFKc9CvnvxyvZy6I1MrG/U= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb h1:zGWFAtiMcyryUHoUjUJX0/lt1H2+i2Ka2n+D3DImSNo= github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= @@ -688,14 +658,11 @@ go.mongodb.org/mongo-driver v1.14.0 h1:P98w8egYRjYe3XDjxhYJagTokP/H6HzlsnojRgZRd go.mongodb.org/mongo-driver v1.14.0/go.mod h1:Vzb0Mk/pa7e6cWw85R4F/endUC3u0U9jGcNU603k65c= go.opencensus.io v0.20.1/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk= go.opencensus.io v0.20.2/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk= -go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= -go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.45.0 h1:x8Z78aZx8cOF0+Kkazoc7lwUNMGy0LrzEMxTm4BbTxg= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.45.0/go.mod h1:62CPTSry9QZtOaSsE3tOzhx6LzDhHnXJ6xHeMNNiM6Q= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.48.0 h1:doUP+ExOpH3spVTLS0FcWGLnQrPct/hD/bCPbDRUEAU= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.48.0/go.mod h1:rdENBZMT2OE6Ne/KLwpiXudnAsbdrdBaqBvTN8M8BgA= go.opentelemetry.io/otel v1.24.0 h1:0LAOdjNmQeSTzGBzduGe/rU4tZhMwL5rWgtp9Ku5Jfo= go.opentelemetry.io/otel v1.24.0/go.mod h1:W7b9Ozg4nkF5tWI5zsXkaKKDjdVjpD4oAt9Qi/MArHo= go.opentelemetry.io/otel/metric v1.24.0 h1:6EhoGWWK28x1fbpA4tYTOWBkPefTDQnb8WSGXlc88kI= @@ -713,13 +680,10 @@ go.uber.org/multierr v1.3.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+ go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9Ejo0C68/HhF8uaILCdgjnY+goOA= go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.13.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM= -go4.org v0.0.0-20230225012048-214862532bf5 h1:nifaUDeh+rPaBCMPMQHZmvJf+QdpLFnuQPwx+LxVmtc= -go4.org v0.0.0-20230225012048-214862532bf5/go.mod h1:F57wTi5Lrj6WLyswp5EYV1ncrEbFGHD4hhz6S1ZYeaU= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= @@ -729,28 +693,12 @@ golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4 golang.org/x/crypto v0.24.0 h1:mnl8DM0o513X8fdIkmyFE/5hTYxbwYOjDS/+rK6qpRI= golang.org/x/crypto v0.24.0/go.mod h1:Z1PMYSOR5nyMcyAVAIQSKCDwalqy85Aqn1x3Ws4L5DM= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= -golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= -golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= -golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= -golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= -golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= -golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= -golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= -golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= @@ -769,29 +717,20 @@ golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3/go.mod h1:mL1N/T3taQHkDXs73r golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= -golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.26.0 h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ= golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.21.0 h1:tsimM75w1tF/uws5rbeHzIWxEqElMehnc+iW793zsZs= golang.org/x/oauth2 v0.21.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -813,21 +752,14 @@ golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5h golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191220142924-d4481acd189f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -840,63 +772,40 @@ golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws= golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.0.0-20220526004731-065cf7ba2467/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= -golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.21.0 h1:WVXCp+/EBEHOj53Rvu+7KiT/iElMrO8ACK16SMZ3jaA= golang.org/x/term v0.21.0/go.mod h1:ooXLefLobQVslOqselCNF4SxFAaoS6KujMbsGzSDmX0= -golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4= golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI= golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= +golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200103221440-774c71fcf114/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= @@ -907,51 +816,29 @@ golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/api v0.3.1/go.mod h1:6wY9I6uQWHQ8EM57III9mq/AjF+i8G65rmVagqKMtkk= -google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= -google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= -google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= -google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= -google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.2.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= -google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190530194941-fb225487d101/go.mod h1:z3L6/3dTEVtUr6QSP8miRzeRqwQOioJ9I66odjN4I7s= -google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= -google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= -google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d h1:uvYuEyMHKNt+lT4K3bN6fGswmK8qSvcreM3BwjDh+y4= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240213162025-012b6fc9bca9 h1:hZB7eLIaYlW9qXRfCq/qDaPdbeY3757uARz5Vvfv+cY= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240213162025-012b6fc9bca9/go.mod h1:YUWgXUFRPfoYK1IHMuxH5K6nPEXSCzIMljnQ59lLRCk= google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.0/go.mod h1:chYK+tFQF0nDUGJgXMSgLCQk3phJEuONr2DCgLDdAQM= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= -google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= google.golang.org/grpc v1.22.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.23.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.58.3 h1:BjnpXut1btbtgN/6sp+brB2Kbm2LjNXnidYujAVbSoQ= -google.golang.org/grpc v1.58.3/go.mod h1:tgX3ZQDlNJGU96V6yHh1T/JeoBQ2TXdr43YbYSsCJk0= +google.golang.org/grpc v1.61.1 h1:kLAiWrZs7YeDM6MumDe7m3y4aM6wacLzM1Y/wiLP9XY= +google.golang.org/grpc v1.61.1/go.mod h1:VUbo7IFqmF1QtCAstipjG0GIoq49KvMe9+h1jFLBNJs= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -993,8 +880,6 @@ helm.sh/helm/v3 v3.15.2 h1:/3XINUFinJOBjQplGnjw92eLGpgXXp1L8chWPkCkDuw= helm.sh/helm/v3 v3.15.2/go.mod h1:FzSIP8jDQaa6WAVg9F+OkKz7J0ZmAga4MABtTbsb9WQ= honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= k8s.io/api v0.30.2 h1:+ZhRj+28QT4UOH+BKznu4CBgPWgkXO7XAvMcMl0qKvI= @@ -1023,9 +908,6 @@ k8s.io/utils v0.0.0-20240502163921-fe8a2dddb1d0 h1:jgGTlFYnhF1PM1Ax/lAlxUPE+KfCI k8s.io/utils v0.0.0-20240502163921-fe8a2dddb1d0/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= oras.land/oras-go v1.2.5 h1:XpYuAwAb0DfQsunIyMfeET92emK8km3W4yEzZvUbsTo= oras.land/oras-go v1.2.5/go.mod h1:PuAwRShRZCsZb7g8Ar3jKKQR/2A/qN+pkYxIOd/FAoo= -rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= -rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= -rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 h1:XX3Ajgzov2RKUdc5jW3t5jwY7Bo7dcRm+tFxT+NfgY0= diff --git a/pkg/templates/ignition.go b/pkg/templates/ignition.go index 2a35112443..e05e81f67d 100644 --- a/pkg/templates/ignition.go +++ b/pkg/templates/ignition.go @@ -2,16 +2,15 @@ package templates import ( "bytes" - "encoding/json" "fmt" "strings" "text/template" "github.com/Masterminds/sprig/v3" "github.com/aokoli/goutils" - "github.com/coreos/container-linux-config-transpiler/config" - "github.com/coreos/container-linux-config-transpiler/config/platform" - "github.com/coreos/ignition/config/validate/report" + butaneConfig "github.com/coreos/butane/config" + "github.com/coreos/butane/config/common" + "github.com/coreos/vcontext/report" "github.com/go-kit/log" "github.com/tredoe/osutil/user/crypt/sha512_crypt" @@ -233,24 +232,13 @@ func (i *ignition) GenerateNode(kluster *kubernikusv1.Kluster, pool *models.Node return nil, err } - ignitionConfig, ast, report := config.Parse(buffer.Bytes()) - if len(report.Entries) > 0 { - if report.IsFatal() { - return nil, fmt.Errorf("Couldn't transpile ignition file: %v", report.String()) - } - } - - ignitionConfig3, report := config.Convert(ignitionConfig, platform.OpenStackMetadata, ast) - if len(report.Entries) > 0 { - if report.IsFatal() { - return nil, fmt.Errorf("Couldn't convert ignition config: %v", report.String()) - } - } - - dataOut, err = json.Marshal(&ignitionConfig3) + dataOut, report, err = butaneConfig.TranslateBytes( + buffer.Bytes(), + common.TranslateBytesOptions{Pretty: false, Raw: false}, + ) if err != nil { - return nil, err + return nil, fmt.Errorf("Couldn't translate ignition file: %v", report.String()) } return dataOut, nil diff --git a/pkg/templates/node_1.10.go b/pkg/templates/node_1.10.go index 4a53e42658..41d00b97e7 100644 --- a/pkg/templates/node_1.10.go +++ b/pkg/templates/node_1.10.go @@ -3,6 +3,11 @@ package templates var Node_1_10 = ` +variant: flatcar +version: 1.0.0 +kernel_arguments: + should_not_exist: + - flatcar.autologin passwd: users: - name: core @@ -18,7 +23,7 @@ passwd: systemd: units: - name: legacy-cgroup-reboot.service - enable: true + enabled: true contents: | [Unit] Description=Reboot if legacy cgroups are not enabled yet @@ -30,9 +35,9 @@ systemd: [Install] WantedBy=multi-user.target - name: iptables-restore.service - enable: true + enabled: true - name: ccloud-metadata-hostname.service - enable: true + enabled: true contents: | [Unit] Description=Workaround for coreos-metadata hostname bug @@ -46,7 +51,7 @@ systemd: [Install] WantedBy=multi-user.target - name: docker.service - enable: true + enabled: true dropins: - name: 20-docker-opts.conf contents: | @@ -54,7 +59,7 @@ systemd: Environment="DOCKER_OPTS=--log-opt max-size=5m --log-opt max-file=5 --ip-masq=false --iptables=false --bridge=none" Environment="DOCKER_CGROUPS=--exec-opt native.cgroupdriver=cgroupfs" - name: flanneld.service - enable: true + enabled: true contents: | [Unit] Description=flannel - Network fabric for containers (System Application Container) @@ -99,7 +104,7 @@ systemd: --volume etc-kube-flannel,kind=host,source=/etc/kube-flannel,readOnly=true \ --mount volume=etc-kube-flannel,target=/etc/kube-flannel" - name: flannel-docker-opts.service - enable: true + enabled: true contents: | [Unit] PartOf=flanneld.service @@ -109,7 +114,7 @@ systemd: Type=oneshot ExecStart=/bin/true - name: kubelet.service - enable: true + enabled: true contents: | [Unit] Description=Kubelet via Hyperkube ACI @@ -207,14 +212,14 @@ systemd: Restart=always RestartSec=10s - name: wormhole.path - enable: true + enabled: true contents: | [Path] PathExists=/var/lib/kubelet/kubeconfig [Install] WantedBy=multi-user.target - name: kube-proxy.service - enable: true + enabled: true contents: | [Unit] Description=Kube-Proxy @@ -248,7 +253,7 @@ systemd: WantedBy=multi-user.target - name: updatecertificates.service command: start - enable: true + enabled: true contents: | [Unit] Description=Update the certificates w/ self-signed root CAs @@ -262,7 +267,7 @@ systemd: WantedBy=multi-user.target - name: fix-cert-rotation.service command: start - enable: true + enabled: true contents: | [Unit] Description=Fix kubelet certificate rotation @@ -283,7 +288,7 @@ systemd: Type=oneshot ExecStart=/opt/bin/rkt gc --grace-period=${GRACE_PERIOD} - name: rkt-gc.timer - enable: true + enabled: true command: start contents: | [Unit] @@ -303,6 +308,7 @@ storage: - filesystem: "OEM" path: "/grub.cfg" mode: 0644 + overwrite: true append: true contents: inline: | @@ -310,6 +316,7 @@ storage: - path: /etc/systemd/resolved.conf filesystem: root mode: 0644 + overwrite: true contents: inline: | [Resolve] @@ -317,6 +324,7 @@ storage: - path: /etc/systemd/network/50-kubernikus.netdev filesystem: root mode: 0644 + overwrite: true contents: inline: | [NetDev] @@ -326,6 +334,7 @@ storage: - path: /etc/systemd/network/51-kubernikus.network filesystem: root mode: 0644 + overwrite: true contents: inline: | [Match] @@ -336,12 +345,14 @@ storage: - path: /etc/udev/rules.d/99-vmware-scsi-udev.rules filesystem: root mode: 0644 + overwrite: true contents: inline: | ACTION=="add", SUBSYSTEMS=="scsi", ATTRS{vendor}=="VMware ", ATTRS{model}=="Virtual disk", RUN+="/bin/sh -c 'echo 180 >/sys$DEVPATH/timeout'" - path: /etc/ssl/certs/SAPGlobalRootCA.pem filesystem: root mode: 0644 + overwrite: true contents: inline: | -----BEGIN CERTIFICATE----- @@ -383,6 +394,7 @@ storage: - path: /etc/ssl/certs/SAPNetCA_G2.pem filesystem: root mode: 0644 + overwrite: true contents: inline: | -----BEGIN CERTIFICATE----- @@ -424,6 +436,7 @@ storage: - path: /var/lib/iptables/rules-save filesystem: root mode: 0644 + overwrite: true contents: inline: | *nat @@ -438,12 +451,14 @@ storage: - path: /etc/sysctl.d/10-enable-icmp-redirects.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- net.ipv4.conf.all.accept_redirects=1 - path: /etc/sysctl.d/20-inotify-max-user.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- fs.inotify.max_user_instances=8192 @@ -451,6 +466,7 @@ storage: - path: /etc/kube-flannel/net-conf.json filesystem: root mode: 0644 + overwrite: true contents: inline: |- { @@ -462,36 +478,42 @@ storage: - path: /etc/kubernetes/environment filesystem: root mode: 0644 + overwrite: true contents: inline: |- NODE_NAME={{ .NodeName }} - path: /etc/kubernetes/certs/kubelet-clients-ca.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .KubeletClientsCA | indent 10 }} - path: /etc/kubernetes/certs/apiserver-clients-system-kube-proxy-key.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .ApiserverClientsSystemKubeProxyKey | indent 10 }} - path: /etc/kubernetes/certs/apiserver-clients-system-kube-proxy.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .ApiserverClientsSystemKubeProxy | indent 10 }} - path: /etc/kubernetes/certs/tls-ca.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .TLSCA | indent 10 }} - path: /etc/kubernetes/bootstrap/kubeconfig filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: v1 @@ -514,6 +536,7 @@ storage: - path: /etc/kubernetes/kube-proxy/kubeconfig filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: v1 @@ -537,6 +560,7 @@ storage: - path: /etc/kubernetes/kubelet/config filesystem: root mode: 0644 + overwrite: true contents: inline: |- kind: KubeletConfiguration @@ -552,6 +576,7 @@ storage: - path: /etc/kubernetes/kube-proxy/config filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: kubeproxy.config.k8s.io/v1alpha1 @@ -589,6 +614,7 @@ storage: - path: /etc/kubernetes/openstack/openstack.config filesystem: root mode: 0644 + overwrite: true contents: inline: |- [Global] @@ -615,12 +641,14 @@ storage: - path: /etc/coreos/update.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- REBOOT_STRATEGY="off" - path: /etc/kubernetes/fix-cert-roration.sh filesystem: root mode: 0755 + overwrite: true contents: inline: |- #!/bin/bash @@ -654,6 +682,7 @@ storage: - path: /opt/bin/rkt filesystem: root mode: 0755 + overwrite: true contents: remote: url: https://repo.{{.OpenstackRegion}}.cloud.sap/controlplane/flatcar-rkt/rkt-v1.30.0.gz @@ -665,6 +694,7 @@ storage: - path: /opt/rkt/stage1-fly.aci filesystem: root mode: 0644 + overwrite: true contents: remote: url: https://repo.{{.OpenstackRegion}}.cloud.sap/controlplane/flatcar-rkt/stage1-fly-rkt-v1.30.0.aci @@ -675,6 +705,7 @@ storage: - path: /opt/rkt/stage1-coreos.aci filesystem: root mode: 0644 + overwrite: true contents: remote: url: https://repo.{{.OpenstackRegion}}.cloud.sap/controlplane/flatcar-rkt/stage1-coreos-rkt-v1.30.0.aci @@ -685,6 +716,7 @@ storage: - path: /etc/rkt/paths.d/stage1.json filesystem: root mode: 0644 + overwrite: true contents: inline: |- { @@ -696,6 +728,7 @@ storage: - path: /opt/bin/kubelet-wrapper filesystem: root mode: 0755 + overwrite: true contents: inline: |- #!/bin/bash @@ -775,6 +808,7 @@ storage: - path: /opt/bin/flannel-wrapper filesystem: root mode: 0755 + overwrite: true contents: inline: |- #!/bin/bash -e @@ -849,11 +883,13 @@ storage: - path: /etc/modules-load.d/br_netfilter.conf filesystem: root mode: 0644 + overwrite: true contents: inline: br_netfilter - path: /etc/sysctl.d/30-br_netfilter.conf filesystem: root mode: 0644 + overwrite: true contents: inline: | net.bridge.bridge-nf-call-ip6tables = 1 diff --git a/pkg/templates/node_1.11.go b/pkg/templates/node_1.11.go index a84ad165d6..5ca1f28c3f 100644 --- a/pkg/templates/node_1.11.go +++ b/pkg/templates/node_1.11.go @@ -3,6 +3,11 @@ package templates var Node_1_11 = ` +variant: flatcar +version: 1.0.0 +kernel_arguments: + should_not_exist: + - flatcar.autologin passwd: users: - name: core @@ -18,7 +23,7 @@ passwd: systemd: units: - name: legacy-cgroup-reboot.service - enable: true + enabled: true contents: | [Unit] Description=Reboot if legacy cgroups are not enabled yet @@ -30,9 +35,9 @@ systemd: [Install] WantedBy=multi-user.target - name: iptables-restore.service - enable: true + enabled: true - name: ccloud-metadata-hostname.service - enable: true + enabled: true contents: | [Unit] Description=Workaround for coreos-metadata hostname bug @@ -46,7 +51,7 @@ systemd: [Install] WantedBy=multi-user.target - name: docker.service - enable: true + enabled: true dropins: - name: 20-docker-opts.conf contents: | @@ -54,7 +59,7 @@ systemd: Environment="DOCKER_OPTS=--log-opt max-size=5m --log-opt max-file=5 --ip-masq=false --iptables=false --bridge=none" Environment="DOCKER_CGROUPS=--exec-opt native.cgroupdriver=cgroupfs" - name: flanneld.service - enable: true + enabled: true contents: | [Unit] Description=flannel - Network fabric for containers (System Application Container) @@ -99,7 +104,7 @@ systemd: --volume etc-kube-flannel,kind=host,source=/etc/kube-flannel,readOnly=true \ --mount volume=etc-kube-flannel,target=/etc/kube-flannel" - name: flannel-docker-opts.service - enable: true + enabled: true contents: | [Unit] PartOf=flanneld.service @@ -109,7 +114,7 @@ systemd: Type=oneshot ExecStart=/bin/true - name: kubelet.service - enable: true + enabled: true contents: | [Unit] Description=Kubelet via Hyperkube ACI @@ -205,14 +210,14 @@ systemd: Restart=always RestartSec=10s - name: wormhole.path - enable: true + enabled: true contents: | [Path] PathExists=/var/lib/kubelet/kubeconfig [Install] WantedBy=multi-user.target - name: kube-proxy.service - enable: true + enabled: true contents: | [Unit] Description=Kube-Proxy @@ -246,7 +251,7 @@ systemd: WantedBy=multi-user.target - name: updatecertificates.service command: start - enable: true + enabled: true contents: | [Unit] Description=Update the certificates w/ self-signed root CAs @@ -268,7 +273,7 @@ systemd: Type=oneshot ExecStart=/opt/bin/rkt gc --grace-period=${GRACE_PERIOD} - name: rkt-gc.timer - enable: true + enabled: true command: start contents: | [Unit] @@ -289,6 +294,7 @@ storage: - filesystem: "OEM" path: "/grub.cfg" mode: 0644 + overwrite: true append: true contents: inline: | @@ -296,6 +302,7 @@ storage: - path: /etc/systemd/resolved.conf filesystem: root mode: 0644 + overwrite: true contents: inline: | [Resolve] @@ -303,6 +310,7 @@ storage: - path: /etc/systemd/network/50-kubernikus.netdev filesystem: root mode: 0644 + overwrite: true contents: inline: | [NetDev] @@ -312,6 +320,7 @@ storage: - path: /etc/systemd/network/51-kubernikus.network filesystem: root mode: 0644 + overwrite: true contents: inline: | [Match] @@ -322,12 +331,14 @@ storage: - path: /etc/udev/rules.d/99-vmware-scsi-udev.rules filesystem: root mode: 0644 + overwrite: true contents: inline: | ACTION=="add", SUBSYSTEMS=="scsi", ATTRS{vendor}=="VMware ", ATTRS{model}=="Virtual disk", RUN+="/bin/sh -c 'echo 180 >/sys$DEVPATH/timeout'" - path: /etc/ssl/certs/SAPGlobalRootCA.pem filesystem: root mode: 0644 + overwrite: true contents: inline: | -----BEGIN CERTIFICATE----- @@ -369,6 +380,7 @@ storage: - path: /etc/ssl/certs/SAPNetCA_G2.pem filesystem: root mode: 0644 + overwrite: true contents: inline: | -----BEGIN CERTIFICATE----- @@ -410,6 +422,7 @@ storage: - path: /var/lib/iptables/rules-save filesystem: root mode: 0644 + overwrite: true contents: inline: | *nat @@ -424,12 +437,14 @@ storage: - path: /etc/sysctl.d/10-enable-icmp-redirects.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- net.ipv4.conf.all.accept_redirects=1 - path: /etc/sysctl.d/20-inotify-max-user.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- fs.inotify.max_user_instances=8192 @@ -437,6 +452,7 @@ storage: - path: /etc/kube-flannel/net-conf.json filesystem: root mode: 0644 + overwrite: true contents: inline: |- { @@ -448,36 +464,42 @@ storage: - path: /etc/kubernetes/environment filesystem: root mode: 0644 + overwrite: true contents: inline: |- NODE_NAME={{ .NodeName }} - path: /etc/kubernetes/certs/kubelet-clients-ca.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .KubeletClientsCA | indent 10 }} - path: /etc/kubernetes/certs/apiserver-clients-system-kube-proxy-key.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .ApiserverClientsSystemKubeProxyKey | indent 10 }} - path: /etc/kubernetes/certs/apiserver-clients-system-kube-proxy.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .ApiserverClientsSystemKubeProxy | indent 10 }} - path: /etc/kubernetes/certs/tls-ca.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .TLSCA | indent 10 }} - path: /etc/kubernetes/bootstrap/kubeconfig filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: v1 @@ -500,6 +522,7 @@ storage: - path: /etc/kubernetes/kube-proxy/kubeconfig filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: v1 @@ -523,6 +546,7 @@ storage: - path: /etc/kubernetes/kubelet/config filesystem: root mode: 0644 + overwrite: true contents: inline: |- kind: KubeletConfiguration @@ -539,6 +563,7 @@ storage: - path: /etc/kubernetes/kube-proxy/config filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: kubeproxy.config.k8s.io/v1alpha1 @@ -576,6 +601,7 @@ storage: - path: /etc/kubernetes/openstack/openstack.config filesystem: root mode: 0644 + overwrite: true contents: inline: |- [Global] @@ -602,12 +628,14 @@ storage: - path: /etc/coreos/update.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- REBOOT_STRATEGY="off" - path: /opt/bin/rkt filesystem: root mode: 0755 + overwrite: true contents: remote: url: https://repo.{{.OpenstackRegion}}.cloud.sap/controlplane/flatcar-rkt/rkt-v1.30.0.gz @@ -619,6 +647,7 @@ storage: - path: /opt/rkt/stage1-fly.aci filesystem: root mode: 0644 + overwrite: true contents: remote: url: https://repo.{{.OpenstackRegion}}.cloud.sap/controlplane/flatcar-rkt/stage1-fly-rkt-v1.30.0.aci @@ -629,6 +658,7 @@ storage: - path: /opt/rkt/stage1-coreos.aci filesystem: root mode: 0644 + overwrite: true contents: remote: url: https://repo.{{.OpenstackRegion}}.cloud.sap/controlplane/flatcar-rkt/stage1-coreos-rkt-v1.30.0.aci @@ -639,6 +669,7 @@ storage: - path: /etc/rkt/paths.d/stage1.json filesystem: root mode: 0644 + overwrite: true contents: inline: |- { @@ -650,6 +681,7 @@ storage: - path: /opt/bin/kubelet-wrapper filesystem: root mode: 0755 + overwrite: true contents: inline: |- #!/bin/bash @@ -729,6 +761,7 @@ storage: - path: /opt/bin/flannel-wrapper filesystem: root mode: 0755 + overwrite: true contents: inline: |- #!/bin/bash -e @@ -803,11 +836,13 @@ storage: - path: /etc/modules-load.d/br_netfilter.conf filesystem: root mode: 0644 + overwrite: true contents: inline: br_netfilter - path: /etc/sysctl.d/30-br_netfilter.conf filesystem: root mode: 0644 + overwrite: true contents: inline: | net.bridge.bridge-nf-call-ip6tables = 1 diff --git a/pkg/templates/node_1.12.go b/pkg/templates/node_1.12.go index 7791f01ccd..e4b6103b8e 100644 --- a/pkg/templates/node_1.12.go +++ b/pkg/templates/node_1.12.go @@ -3,6 +3,11 @@ package templates var Node_1_12 = ` +variant: flatcar +version: 1.0.0 +kernel_arguments: + should_not_exist: + - flatcar.autologin passwd: users: - name: core @@ -18,7 +23,7 @@ passwd: systemd: units: - name: legacy-cgroup-reboot.service - enable: true + enabled: true contents: | [Unit] Description=Reboot if legacy cgroups are not enabled yet @@ -30,9 +35,9 @@ systemd: [Install] WantedBy=multi-user.target - name: iptables-restore.service - enable: true + enabled: true - name: ccloud-metadata-hostname.service - enable: true + enabled: true contents: | [Unit] Description=Workaround for coreos-metadata hostname bug @@ -46,7 +51,7 @@ systemd: [Install] WantedBy=multi-user.target - name: docker.service - enable: true + enabled: true dropins: - name: 20-docker-opts.conf contents: | @@ -54,7 +59,7 @@ systemd: Environment="DOCKER_OPTS=--log-opt max-size=5m --log-opt max-file=5 --ip-masq=false --iptables=false --bridge=none" Environment="DOCKER_CGROUPS=--exec-opt native.cgroupdriver=cgroupfs" - name: flanneld.service - enable: true + enabled: true contents: | [Unit] Description=flannel - Network fabric for containers (System Application Container) @@ -99,7 +104,7 @@ systemd: --volume etc-kube-flannel,kind=host,source=/etc/kube-flannel,readOnly=true \ --mount volume=etc-kube-flannel,target=/etc/kube-flannel" - name: flannel-docker-opts.service - enable: true + enabled: true contents: | [Unit] PartOf=flanneld.service @@ -109,7 +114,7 @@ systemd: Type=oneshot ExecStart=/bin/true - name: kubelet.service - enable: true + enabled: true contents: | [Unit] Description=Kubelet via Hyperkube ACI @@ -205,14 +210,14 @@ systemd: Restart=always RestartSec=10s - name: wormhole.path - enable: true + enabled: true contents: | [Path] PathExists=/var/lib/kubelet/kubeconfig [Install] WantedBy=multi-user.target - name: kube-proxy.service - enable: true + enabled: true contents: | [Unit] Description=Kube-Proxy @@ -246,7 +251,7 @@ systemd: WantedBy=multi-user.target - name: updatecertificates.service command: start - enable: true + enabled: true contents: | [Unit] Description=Update the certificates w/ self-signed root CAs @@ -267,7 +272,7 @@ systemd: Type=oneshot ExecStart=/opt/bin/rkt gc --grace-period=${GRACE_PERIOD} - name: rkt-gc.timer - enable: true + enabled: true command: start contents: | [Unit] @@ -287,6 +292,7 @@ storage: - filesystem: "OEM" path: "/grub.cfg" mode: 0644 + overwrite: true append: true contents: inline: | @@ -294,6 +300,7 @@ storage: - path: /etc/systemd/resolved.conf filesystem: root mode: 0644 + overwrite: true contents: inline: | [Resolve] @@ -301,6 +308,7 @@ storage: - path: /etc/systemd/network/50-kubernikus.netdev filesystem: root mode: 0644 + overwrite: true contents: inline: | [NetDev] @@ -310,6 +318,7 @@ storage: - path: /etc/systemd/network/51-kubernikus.network filesystem: root mode: 0644 + overwrite: true contents: inline: | [Match] @@ -320,12 +329,14 @@ storage: - path: /etc/udev/rules.d/99-vmware-scsi-udev.rules filesystem: root mode: 0644 + overwrite: true contents: inline: | ACTION=="add", SUBSYSTEMS=="scsi", ATTRS{vendor}=="VMware ", ATTRS{model}=="Virtual disk", RUN+="/bin/sh -c 'echo 180 >/sys$DEVPATH/timeout'" - path: /etc/ssl/certs/SAPGlobalRootCA.pem filesystem: root mode: 0644 + overwrite: true contents: inline: | -----BEGIN CERTIFICATE----- @@ -367,6 +378,7 @@ storage: - path: /etc/ssl/certs/SAPNetCA_G2.pem filesystem: root mode: 0644 + overwrite: true contents: inline: | -----BEGIN CERTIFICATE----- @@ -408,6 +420,7 @@ storage: - path: /var/lib/iptables/rules-save filesystem: root mode: 0644 + overwrite: true contents: inline: | *nat @@ -422,12 +435,14 @@ storage: - path: /etc/sysctl.d/10-enable-icmp-redirects.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- net.ipv4.conf.all.accept_redirects=1 - path: /etc/sysctl.d/20-inotify-max-user.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- fs.inotify.max_user_instances=8192 @@ -435,6 +450,7 @@ storage: - path: /etc/kube-flannel/net-conf.json filesystem: root mode: 0644 + overwrite: true contents: inline: |- { @@ -446,36 +462,42 @@ storage: - path: /etc/kubernetes/environment filesystem: root mode: 0644 + overwrite: true contents: inline: |- NODE_NAME={{ .NodeName }} - path: /etc/kubernetes/certs/kubelet-clients-ca.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .KubeletClientsCA | indent 10 }} - path: /etc/kubernetes/certs/apiserver-clients-system-kube-proxy-key.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .ApiserverClientsSystemKubeProxyKey | indent 10 }} - path: /etc/kubernetes/certs/apiserver-clients-system-kube-proxy.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .ApiserverClientsSystemKubeProxy | indent 10 }} - path: /etc/kubernetes/certs/tls-ca.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .TLSCA | indent 10 }} - path: /etc/kubernetes/bootstrap/kubeconfig filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: v1 @@ -498,6 +520,7 @@ storage: - path: /etc/kubernetes/kube-proxy/kubeconfig filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: v1 @@ -521,6 +544,7 @@ storage: - path: /etc/kubernetes/kubelet/config filesystem: root mode: 0644 + overwrite: true contents: inline: |- kind: KubeletConfiguration @@ -537,6 +561,7 @@ storage: - path: /etc/kubernetes/kube-proxy/config filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: kubeproxy.config.k8s.io/v1alpha1 @@ -574,6 +599,7 @@ storage: - path: /etc/kubernetes/openstack/openstack.config filesystem: root mode: 0644 + overwrite: true contents: inline: |- [Global] @@ -600,12 +626,14 @@ storage: - path: /etc/coreos/update.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- REBOOT_STRATEGY="off" - path: /opt/bin/rkt filesystem: root mode: 0755 + overwrite: true contents: remote: url: https://repo.{{.OpenstackRegion}}.cloud.sap/controlplane/flatcar-rkt/rkt-v1.30.0.gz @@ -617,6 +645,7 @@ storage: - path: /opt/rkt/stage1-fly.aci filesystem: root mode: 0644 + overwrite: true contents: remote: url: https://repo.{{.OpenstackRegion}}.cloud.sap/controlplane/flatcar-rkt/stage1-fly-rkt-v1.30.0.aci @@ -627,6 +656,7 @@ storage: - path: /opt/rkt/stage1-coreos.aci filesystem: root mode: 0644 + overwrite: true contents: remote: url: https://repo.{{.OpenstackRegion}}.cloud.sap/controlplane/flatcar-rkt/stage1-coreos-rkt-v1.30.0.aci @@ -637,6 +667,7 @@ storage: - path: /etc/rkt/paths.d/stage1.json filesystem: root mode: 0644 + overwrite: true contents: inline: |- { @@ -648,6 +679,7 @@ storage: - path: /opt/bin/kubelet-wrapper filesystem: root mode: 0755 + overwrite: true contents: inline: |- #!/bin/bash @@ -727,6 +759,7 @@ storage: - path: /opt/bin/flannel-wrapper filesystem: root mode: 0755 + overwrite: true contents: inline: |- #!/bin/bash -e @@ -801,11 +834,13 @@ storage: - path: /etc/modules-load.d/br_netfilter.conf filesystem: root mode: 0644 + overwrite: true contents: inline: br_netfilter - path: /etc/sysctl.d/30-br_netfilter.conf filesystem: root mode: 0644 + overwrite: true contents: inline: | net.bridge.bridge-nf-call-ip6tables = 1 diff --git a/pkg/templates/node_1.14.go b/pkg/templates/node_1.14.go index 1c80f67648..c79fc465ee 100644 --- a/pkg/templates/node_1.14.go +++ b/pkg/templates/node_1.14.go @@ -3,6 +3,11 @@ package templates var Node_1_14 = ` +variant: flatcar +version: 1.0.0 +kernel_arguments: + should_not_exist: + - flatcar.autologin passwd: users: - name: core @@ -18,7 +23,7 @@ passwd: systemd: units: - name: legacy-cgroup-reboot.service - enable: true + enabled: true contents: | [Unit] Description=Reboot if legacy cgroups are not enabled yet @@ -30,9 +35,9 @@ systemd: [Install] WantedBy=multi-user.target - name: iptables-restore.service - enable: true + enabled: true - name: ccloud-metadata-hostname.service - enable: true + enabled: true contents: | [Unit] Description=Workaround for coreos-metadata hostname bug @@ -46,7 +51,7 @@ systemd: [Install] WantedBy=multi-user.target - name: docker.service - enable: true + enabled: true dropins: - name: 20-docker-opts.conf contents: | @@ -54,7 +59,7 @@ systemd: Environment="DOCKER_OPTS=--log-opt max-size=5m --log-opt max-file=5 --ip-masq=false --iptables=false --bridge=none" Environment="DOCKER_CGROUPS=--exec-opt native.cgroupdriver=cgroupfs" - name: flanneld.service - enable: true + enabled: true contents: | [Unit] Description=flannel - Network fabric for containers (System Application Container) @@ -99,7 +104,7 @@ systemd: --volume etc-kube-flannel,kind=host,source=/etc/kube-flannel,readOnly=true \ --mount volume=etc-kube-flannel,target=/etc/kube-flannel" - name: flannel-docker-opts.service - enable: true + enabled: true contents: | [Unit] PartOf=flanneld.service @@ -109,7 +114,7 @@ systemd: Type=oneshot ExecStart=/bin/true - name: kubelet.service - enable: true + enabled: true contents: | [Unit] Description=Kubelet via Hyperkube ACI @@ -206,14 +211,14 @@ systemd: Restart=always RestartSec=10s - name: wormhole.path - enable: true + enabled: true contents: | [Path] PathExists=/var/lib/kubelet/kubeconfig [Install] WantedBy=multi-user.target - name: kube-proxy.service - enable: true + enabled: true contents: | [Unit] Description=Kube-Proxy @@ -247,7 +252,7 @@ systemd: WantedBy=multi-user.target - name: updatecertificates.service command: start - enable: true + enabled: true contents: | [Unit] Description=Update the certificates w/ self-signed root CAs @@ -269,7 +274,7 @@ systemd: Type=oneshot ExecStart=/opt/bin/rkt gc --grace-period=${GRACE_PERIOD} - name: rkt-gc.timer - enable: true + enabled: true command: start contents: | [Unit] @@ -289,6 +294,7 @@ storage: - filesystem: "OEM" path: "/grub.cfg" mode: 0644 + overwrite: true append: true contents: inline: | @@ -296,6 +302,7 @@ storage: - path: /etc/systemd/resolved.conf filesystem: root mode: 0644 + overwrite: true contents: inline: | [Resolve] @@ -303,6 +310,7 @@ storage: - path: /etc/systemd/network/50-kubernikus.netdev filesystem: root mode: 0644 + overwrite: true contents: inline: | [NetDev] @@ -312,6 +320,7 @@ storage: - path: /etc/systemd/network/51-kubernikus.network filesystem: root mode: 0644 + overwrite: true contents: inline: | [Match] @@ -322,12 +331,14 @@ storage: - path: /etc/udev/rules.d/99-vmware-scsi-udev.rules filesystem: root mode: 0644 + overwrite: true contents: inline: | ACTION=="add", SUBSYSTEMS=="scsi", ATTRS{vendor}=="VMware ", ATTRS{model}=="Virtual disk", RUN+="/bin/sh -c 'echo 180 >/sys$DEVPATH/timeout'" - path: /etc/ssl/certs/SAPGlobalRootCA.pem filesystem: root mode: 0644 + overwrite: true contents: inline: | -----BEGIN CERTIFICATE----- @@ -369,6 +380,7 @@ storage: - path: /etc/ssl/certs/SAPNetCA_G2.pem filesystem: root mode: 0644 + overwrite: true contents: inline: | -----BEGIN CERTIFICATE----- @@ -410,6 +422,7 @@ storage: - path: /var/lib/iptables/rules-save filesystem: root mode: 0644 + overwrite: true contents: inline: | *nat @@ -424,12 +437,14 @@ storage: - path: /etc/sysctl.d/10-enable-icmp-redirects.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- net.ipv4.conf.all.accept_redirects=1 - path: /etc/sysctl.d/20-inotify-max-user.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- fs.inotify.max_user_instances=8192 @@ -437,6 +452,7 @@ storage: - path: /etc/kube-flannel/net-conf.json filesystem: root mode: 0644 + overwrite: true contents: inline: |- { @@ -448,36 +464,42 @@ storage: - path: /etc/kubernetes/environment filesystem: root mode: 0644 + overwrite: true contents: inline: |- NODE_NAME={{ .NodeName }} - path: /etc/kubernetes/certs/kubelet-clients-ca.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .KubeletClientsCA | indent 10 }} - path: /etc/kubernetes/certs/apiserver-clients-system-kube-proxy-key.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .ApiserverClientsSystemKubeProxyKey | indent 10 }} - path: /etc/kubernetes/certs/apiserver-clients-system-kube-proxy.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .ApiserverClientsSystemKubeProxy | indent 10 }} - path: /etc/kubernetes/certs/tls-ca.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .TLSCA | indent 10 }} - path: /etc/kubernetes/bootstrap/kubeconfig filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: v1 @@ -500,6 +522,7 @@ storage: - path: /etc/kubernetes/kube-proxy/kubeconfig filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: v1 @@ -523,6 +546,7 @@ storage: - path: /etc/kubernetes/kubelet/config filesystem: root mode: 0644 + overwrite: true contents: inline: |- kind: KubeletConfiguration @@ -541,6 +565,7 @@ storage: - path: /etc/kubernetes/kube-proxy/config filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: kubeproxy.config.k8s.io/v1alpha1 @@ -578,6 +603,7 @@ storage: - path: /etc/kubernetes/openstack/openstack.config filesystem: root mode: 0644 + overwrite: true contents: inline: |- [Global] @@ -604,12 +630,14 @@ storage: - path: /etc/coreos/update.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- REBOOT_STRATEGY="off" - path: /opt/bin/rkt filesystem: root mode: 0755 + overwrite: true contents: remote: url: https://repo.{{.OpenstackRegion}}.cloud.sap/controlplane/flatcar-rkt/rkt-v1.30.0.gz @@ -621,6 +649,7 @@ storage: - path: /opt/rkt/stage1-fly.aci filesystem: root mode: 0644 + overwrite: true contents: remote: url: https://repo.{{.OpenstackRegion}}.cloud.sap/controlplane/flatcar-rkt/stage1-fly-rkt-v1.30.0.aci @@ -631,6 +660,7 @@ storage: - path: /opt/rkt/stage1-coreos.aci filesystem: root mode: 0644 + overwrite: true contents: remote: url: https://repo.{{.OpenstackRegion}}.cloud.sap/controlplane/flatcar-rkt/stage1-coreos-rkt-v1.30.0.aci @@ -641,6 +671,7 @@ storage: - path: /etc/rkt/paths.d/stage1.json filesystem: root mode: 0644 + overwrite: true contents: inline: |- { @@ -652,6 +683,7 @@ storage: - path: /opt/bin/kubelet-wrapper filesystem: root mode: 0755 + overwrite: true contents: inline: |- #!/bin/bash @@ -731,6 +763,7 @@ storage: - path: /opt/bin/flannel-wrapper filesystem: root mode: 0755 + overwrite: true contents: inline: |- #!/bin/bash -e @@ -805,11 +838,13 @@ storage: - path: /etc/modules-load.d/br_netfilter.conf filesystem: root mode: 0644 + overwrite: true contents: inline: br_netfilter - path: /etc/sysctl.d/30-br_netfilter.conf filesystem: root mode: 0644 + overwrite: true contents: inline: | net.bridge.bridge-nf-call-ip6tables = 1 diff --git a/pkg/templates/node_1.17.go b/pkg/templates/node_1.17.go index 73936e9410..449b01caea 100644 --- a/pkg/templates/node_1.17.go +++ b/pkg/templates/node_1.17.go @@ -3,6 +3,11 @@ package templates var Node_1_17 = ` +variant: flatcar +version: 1.0.0 +kernel_arguments: + should_not_exist: + - flatcar.autologin passwd: users: - name: core @@ -18,7 +23,7 @@ passwd: systemd: units: - name: legacy-cgroup-reboot.service - enable: true + enabled: true contents: | [Unit] Description=Reboot if legacy cgroups are not enabled yet @@ -30,9 +35,9 @@ systemd: [Install] WantedBy=multi-user.target - name: iptables-restore.service - enable: true + enabled: true - name: ccloud-metadata-hostname.service - enable: true + enabled: true contents: | [Unit] Description=Workaround for coreos-metadata hostname bug @@ -46,7 +51,7 @@ systemd: [Install] WantedBy=multi-user.target - name: docker.service - enable: true + enabled: true dropins: - name: 20-docker-opts.conf contents: | @@ -54,7 +59,7 @@ systemd: Environment="DOCKER_OPTS=--log-opt max-size=5m --log-opt max-file=5 --ip-masq=false --iptables=false --bridge=none" Environment="DOCKER_CGROUPS=--exec-opt native.cgroupdriver=cgroupfs" - name: flanneld.service - enable: true + enabled: true contents: | [Unit] Description=flannel - Network fabric for containers (System Application Container) @@ -99,7 +104,7 @@ systemd: --volume etc-kube-flannel,kind=host,source=/etc/kube-flannel,readOnly=true \ --mount volume=etc-kube-flannel,target=/etc/kube-flannel" - name: flannel-docker-opts.service - enable: true + enabled: true contents: | [Unit] PartOf=flanneld.service @@ -109,7 +114,7 @@ systemd: Type=oneshot ExecStart=/bin/true - name: kubelet.service - enable: true + enabled: true contents: | [Unit] Description=Kubelet via Hyperkube ACI @@ -205,14 +210,14 @@ systemd: Restart=always RestartSec=10s - name: wormhole.path - enable: true + enabled: true contents: | [Path] PathExists=/var/lib/kubelet/kubeconfig [Install] WantedBy=multi-user.target - name: kube-proxy.service - enable: true + enabled: true contents: | [Unit] Description=Kube-Proxy @@ -246,7 +251,7 @@ systemd: WantedBy=multi-user.target - name: updatecertificates.service command: start - enable: true + enabled: true contents: | [Unit] Description=Update the certificates w/ self-signed root CAs @@ -268,7 +273,7 @@ systemd: Type=oneshot ExecStart=/opt/bin/rkt gc --grace-period=${GRACE_PERIOD} - name: rkt-gc.timer - enable: true + enabled: true command: start contents: | [Unit] @@ -290,6 +295,7 @@ storage: - filesystem: "OEM" path: "/grub.cfg" mode: 0644 + overwrite: true append: true contents: inline: | @@ -297,6 +303,7 @@ storage: - path: /etc/systemd/resolved.conf filesystem: root mode: 0644 + overwrite: true contents: inline: | [Resolve] @@ -304,6 +311,7 @@ storage: - path: /etc/systemd/network/50-kubernikus.netdev filesystem: root mode: 0644 + overwrite: true contents: inline: | [NetDev] @@ -313,6 +321,7 @@ storage: - path: /etc/systemd/network/51-kubernikus.network filesystem: root mode: 0644 + overwrite: true contents: inline: | [Match] @@ -323,12 +332,14 @@ storage: - path: /etc/udev/rules.d/99-vmware-scsi-udev.rules filesystem: root mode: 0644 + overwrite: true contents: inline: | ACTION=="add", SUBSYSTEMS=="scsi", ATTRS{vendor}=="VMware ", ATTRS{model}=="Virtual disk", RUN+="/bin/sh -c 'echo 180 >/sys$DEVPATH/timeout'" - path: /etc/ssl/certs/SAPGlobalRootCA.pem filesystem: root mode: 0644 + overwrite: true contents: inline: | -----BEGIN CERTIFICATE----- @@ -370,6 +381,7 @@ storage: - path: /etc/ssl/certs/SAPNetCA_G2.pem filesystem: root mode: 0644 + overwrite: true contents: inline: | -----BEGIN CERTIFICATE----- @@ -411,6 +423,7 @@ storage: - path: /var/lib/iptables/rules-save filesystem: root mode: 0644 + overwrite: true contents: inline: | *nat @@ -425,12 +438,14 @@ storage: - path: /etc/sysctl.d/10-enable-icmp-redirects.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- net.ipv4.conf.all.accept_redirects=1 - path: /etc/sysctl.d/20-inotify-max-user.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- fs.inotify.max_user_instances=8192 @@ -438,6 +453,7 @@ storage: - path: /etc/kube-flannel/net-conf.json filesystem: root mode: 0644 + overwrite: true contents: inline: |- { @@ -449,36 +465,42 @@ storage: - path: /etc/kubernetes/environment filesystem: root mode: 0644 + overwrite: true contents: inline: |- NODE_NAME={{ .NodeName }} - path: /etc/kubernetes/certs/kubelet-clients-ca.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .KubeletClientsCA | indent 10 }} - path: /etc/kubernetes/certs/apiserver-clients-system-kube-proxy-key.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .ApiserverClientsSystemKubeProxyKey | indent 10 }} - path: /etc/kubernetes/certs/apiserver-clients-system-kube-proxy.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .ApiserverClientsSystemKubeProxy | indent 10 }} - path: /etc/kubernetes/certs/tls-ca.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .TLSCA | indent 10 }} - path: /etc/kubernetes/bootstrap/kubeconfig filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: v1 @@ -501,6 +523,7 @@ storage: - path: /etc/kubernetes/kube-proxy/kubeconfig filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: v1 @@ -524,6 +547,7 @@ storage: - path: /etc/kubernetes/kubelet/config filesystem: root mode: 0644 + overwrite: true contents: inline: |- kind: KubeletConfiguration @@ -542,6 +566,7 @@ storage: - path: /etc/kubernetes/kube-proxy/config filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: kubeproxy.config.k8s.io/v1alpha1 @@ -579,6 +604,7 @@ storage: - path: /etc/kubernetes/openstack/openstack.config filesystem: root mode: 0644 + overwrite: true contents: inline: |- [Global] @@ -605,12 +631,14 @@ storage: - path: /etc/coreos/update.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- REBOOT_STRATEGY="off" - path: /opt/bin/rkt filesystem: root mode: 0755 + overwrite: true contents: remote: url: https://repo.{{.OpenstackRegion}}.cloud.sap/controlplane/flatcar-rkt/rkt-v1.30.0.gz @@ -622,6 +650,7 @@ storage: - path: /opt/rkt/stage1-fly.aci filesystem: root mode: 0644 + overwrite: true contents: remote: url: https://repo.{{.OpenstackRegion}}.cloud.sap/controlplane/flatcar-rkt/stage1-fly-rkt-v1.30.0.aci @@ -632,6 +661,7 @@ storage: - path: /opt/rkt/stage1-coreos.aci filesystem: root mode: 0644 + overwrite: true contents: remote: url: https://repo.{{.OpenstackRegion}}.cloud.sap/controlplane/flatcar-rkt/stage1-coreos-rkt-v1.30.0.aci @@ -642,6 +672,7 @@ storage: - path: /etc/rkt/paths.d/stage1.json filesystem: root mode: 0644 + overwrite: true contents: inline: |- { @@ -653,6 +684,7 @@ storage: - path: /opt/bin/kubelet-wrapper filesystem: root mode: 0755 + overwrite: true contents: inline: |- #!/bin/bash @@ -732,6 +764,7 @@ storage: - path: /opt/bin/flannel-wrapper filesystem: root mode: 0755 + overwrite: true contents: inline: |- #!/bin/bash -e @@ -806,11 +839,13 @@ storage: - path: /etc/modules-load.d/br_netfilter.conf filesystem: root mode: 0644 + overwrite: true contents: inline: br_netfilter - path: /etc/sysctl.d/30-br_netfilter.conf filesystem: root mode: 0644 + overwrite: true contents: inline: | net.bridge.bridge-nf-call-ip6tables = 1 diff --git a/pkg/templates/node_1.19.go b/pkg/templates/node_1.19.go index 1f8854ac3c..a4331060a1 100644 --- a/pkg/templates/node_1.19.go +++ b/pkg/templates/node_1.19.go @@ -3,6 +3,11 @@ package templates var Node_1_19 = ` +variant: flatcar +version: 1.0.0 +kernel_arguments: + should_not_exist: + - flatcar.autologin passwd: users: - name: core @@ -19,9 +24,9 @@ passwd: systemd: units: - name: iptables-restore.service - enable: true + enabled: true - name: ccloud-metadata-hostname.service - enable: true + enabled: true contents: | [Unit] Description=Workaround for coreos-metadata hostname bug @@ -37,14 +42,14 @@ systemd: [Install] WantedBy=multi-user.target - name: docker.service - enable: true + enabled: true dropins: - name: 20-docker-opts.conf contents: | [Service] Environment="DOCKER_OPTS=--log-opt max-size=5m --log-opt max-file=5 --ip-masq=false --iptables=false --bridge=none" - name: flanneld.service - enable: true + enabled: true contents: | [Unit] Description=flannel - Network fabric for containers (System Application Container) @@ -93,7 +98,7 @@ systemd: --volume etc-kube-flannel,kind=host,source=/etc/kube-flannel,readOnly=true \ --mount volume=etc-kube-flannel,target=/etc/kube-flannel" - name: flannel-docker-opts.service - enable: true + enabled: true contents: | [Unit] PartOf=flanneld.service @@ -103,7 +108,7 @@ systemd: Type=oneshot ExecStart=/bin/true - name: kubelet.service - enable: true + enabled: true contents: | [Unit] Description=Kubelet @@ -201,14 +206,14 @@ systemd: Restart=always RestartSec=10s - name: wormhole.path - enable: true + enabled: true contents: | [Path] PathExists=/var/lib/kubelet/kubeconfig [Install] WantedBy=multi-user.target - name: kube-proxy.service - enable: true + enabled: true contents: | [Unit] Description=Kube-Proxy @@ -239,7 +244,7 @@ systemd: WantedBy=multi-user.target - name: updatecertificates.service command: start - enable: true + enabled: true contents: | [Unit] Description=Update the certificates w/ self-signed root CAs @@ -261,7 +266,7 @@ systemd: Type=oneshot ExecStart=/opt/bin/rkt gc --grace-period=${GRACE_PERIOD} - name: rkt-gc.timer - enable: true + enabled: true command: start contents: | [Unit] @@ -279,6 +284,7 @@ storage: - path: /etc/systemd/resolved.conf filesystem: root mode: 0644 + overwrite: true contents: inline: | [Resolve] @@ -286,6 +292,7 @@ storage: - path: /etc/systemd/network/50-kubernikus.netdev filesystem: root mode: 0644 + overwrite: true contents: inline: | [NetDev] @@ -295,6 +302,7 @@ storage: - path: /etc/systemd/network/51-kubernikus.network filesystem: root mode: 0644 + overwrite: true contents: inline: | [Match] @@ -305,12 +313,14 @@ storage: - path: /etc/udev/rules.d/99-vmware-scsi-udev.rules filesystem: root mode: 0644 + overwrite: true contents: inline: | ACTION=="add", SUBSYSTEMS=="scsi", ATTRS{vendor}=="VMware ", ATTRS{model}=="Virtual disk", RUN+="/bin/sh -c 'echo 180 >/sys$DEVPATH/timeout'" - path: /etc/ssl/certs/SAPGlobalRootCA.pem filesystem: root mode: 0644 + overwrite: true contents: inline: | -----BEGIN CERTIFICATE----- @@ -352,6 +362,7 @@ storage: - path: /etc/ssl/certs/SAPNetCA_G2.pem filesystem: root mode: 0644 + overwrite: true contents: inline: | -----BEGIN CERTIFICATE----- @@ -393,6 +404,7 @@ storage: - path: /var/lib/iptables/rules-save filesystem: root mode: 0644 + overwrite: true contents: inline: | *nat @@ -407,12 +419,14 @@ storage: - path: /etc/sysctl.d/10-enable-icmp-redirects.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- net.ipv4.conf.all.accept_redirects=1 - path: /etc/sysctl.d/20-inotify-max-user.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- fs.inotify.max_user_instances=8192 @@ -420,6 +434,7 @@ storage: - path: /etc/kube-flannel/net-conf.json filesystem: root mode: 0644 + overwrite: true contents: inline: |- { @@ -431,36 +446,42 @@ storage: - path: /etc/kubernetes/environment filesystem: root mode: 0644 + overwrite: true contents: inline: |- NODE_NAME={{ .NodeName }} - path: /etc/kubernetes/certs/kubelet-clients-ca.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .KubeletClientsCA | indent 10 }} - path: /etc/kubernetes/certs/apiserver-clients-system-kube-proxy-key.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .ApiserverClientsSystemKubeProxyKey | indent 10 }} - path: /etc/kubernetes/certs/apiserver-clients-system-kube-proxy.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .ApiserverClientsSystemKubeProxy | indent 10 }} - path: /etc/kubernetes/certs/tls-ca.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .TLSCA | indent 10 }} - path: /etc/kubernetes/bootstrap/kubeconfig filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: v1 @@ -483,6 +504,7 @@ storage: - path: /etc/kubernetes/kube-proxy/kubeconfig filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: v1 @@ -506,6 +528,7 @@ storage: - path: /etc/kubernetes/kubelet/config filesystem: root mode: 0644 + overwrite: true contents: inline: |- kind: KubeletConfiguration @@ -525,6 +548,7 @@ storage: - path: /etc/kubernetes/kube-proxy/config filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: kubeproxy.config.k8s.io/v1alpha1 @@ -562,6 +586,7 @@ storage: - path: /etc/kubernetes/openstack/openstack.config filesystem: root mode: 0644 + overwrite: true contents: inline: |- [Global] @@ -588,12 +613,14 @@ storage: - path: /etc/coreos/update.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- REBOOT_STRATEGY="off" - path: /opt/bin/rkt filesystem: root mode: 0755 + overwrite: true contents: remote: url: https://repo.{{.OpenstackRegion}}.cloud.sap/controlplane/flatcar-rkt/rkt-v1.30.0.gz @@ -605,6 +632,7 @@ storage: - path: /opt/rkt/stage1-fly.aci filesystem: root mode: 0644 + overwrite: true contents: remote: url: https://repo.{{.OpenstackRegion}}.cloud.sap/controlplane/flatcar-rkt/stage1-fly-rkt-v1.30.0.aci @@ -615,6 +643,7 @@ storage: - path: /opt/rkt/stage1-coreos.aci filesystem: root mode: 0644 + overwrite: true contents: remote: url: https://repo.{{.OpenstackRegion}}.cloud.sap/controlplane/flatcar-rkt/stage1-coreos-rkt-v1.30.0.aci @@ -625,6 +654,7 @@ storage: - path: /etc/rkt/paths.d/stage1.json filesystem: root mode: 0644 + overwrite: true contents: inline: |- { @@ -636,6 +666,7 @@ storage: - path: /opt/bin/kubelet-wrapper filesystem: root mode: 0755 + overwrite: true contents: inline: |- #!/bin/bash @@ -714,6 +745,7 @@ storage: - path: /opt/bin/flannel-wrapper filesystem: root mode: 0755 + overwrite: true contents: inline: |- #!/bin/bash -e @@ -788,11 +820,13 @@ storage: - path: /etc/modules-load.d/br_netfilter.conf filesystem: root mode: 0644 + overwrite: true contents: inline: br_netfilter - path: /etc/sysctl.d/30-br_netfilter.conf filesystem: root mode: 0644 + overwrite: true contents: inline: | net.bridge.bridge-nf-call-ip6tables = 1 diff --git a/pkg/templates/node_1.20.go b/pkg/templates/node_1.20.go index 837636da58..2831384e26 100644 --- a/pkg/templates/node_1.20.go +++ b/pkg/templates/node_1.20.go @@ -3,6 +3,11 @@ package templates var Node_1_20 = ` +variant: flatcar +version: 1.0.0 +kernel_arguments: + should_not_exist: + - flatcar.autologin passwd: users: - name: core @@ -19,9 +24,9 @@ passwd: systemd: units: - name: iptables-restore.service - enable: true + enabled: true - name: ccloud-metadata-hostname.service - enable: true + enabled: true contents: | [Unit] Description=Workaround for coreos-metadata hostname bug @@ -37,14 +42,14 @@ systemd: [Install] WantedBy=multi-user.target - name: docker.service - enable: true + enabled: true dropins: - name: 20-docker-opts.conf contents: | [Service] Environment="DOCKER_OPTS=--log-opt max-size=5m --log-opt max-file=5 --ip-masq=false --iptables=false --bridge=none" - name: flanneld.service - enable: true + enabled: true contents: | [Unit] Description=flannel - Network fabric for containers (System Application Container) @@ -93,7 +98,7 @@ systemd: --volume etc-kube-flannel,kind=host,source=/etc/kube-flannel,readOnly=true \ --mount volume=etc-kube-flannel,target=/etc/kube-flannel" - name: flannel-docker-opts.service - enable: true + enabled: true contents: | [Unit] PartOf=flanneld.service @@ -103,7 +108,7 @@ systemd: Type=oneshot ExecStart=/bin/true - name: kubelet.service - enable: true + enabled: true contents: | [Unit] Description=Kubelet @@ -200,14 +205,14 @@ systemd: Restart=always RestartSec=10s - name: wormhole.path - enable: true + enabled: true contents: | [Path] PathExists=/var/lib/kubelet/kubeconfig [Install] WantedBy=multi-user.target - name: kube-proxy.service - enable: true + enabled: true contents: | [Unit] Description=Kube-Proxy @@ -238,7 +243,7 @@ systemd: WantedBy=multi-user.target - name: updatecertificates.service command: start - enable: true + enabled: true contents: | [Unit] Description=Update the certificates w/ self-signed root CAs @@ -260,7 +265,7 @@ systemd: Type=oneshot ExecStart=/opt/bin/rkt gc --grace-period=${GRACE_PERIOD} - name: rkt-gc.timer - enable: true + enabled: true command: start contents: | [Unit] @@ -278,6 +283,7 @@ storage: - path: /etc/systemd/resolved.conf filesystem: root mode: 0644 + overwrite: true contents: inline: | [Resolve] @@ -285,6 +291,7 @@ storage: - path: /etc/systemd/network/50-kubernikus.netdev filesystem: root mode: 0644 + overwrite: true contents: inline: | [NetDev] @@ -294,6 +301,7 @@ storage: - path: /etc/systemd/network/51-kubernikus.network filesystem: root mode: 0644 + overwrite: true contents: inline: | [Match] @@ -304,12 +312,14 @@ storage: - path: /etc/udev/rules.d/99-vmware-scsi-udev.rules filesystem: root mode: 0644 + overwrite: true contents: inline: | ACTION=="add", SUBSYSTEMS=="scsi", ATTRS{vendor}=="VMware ", ATTRS{model}=="Virtual disk", RUN+="/bin/sh -c 'echo 180 >/sys$DEVPATH/timeout'" - path: /etc/ssl/certs/SAPGlobalRootCA.pem filesystem: root mode: 0644 + overwrite: true contents: inline: | -----BEGIN CERTIFICATE----- @@ -351,6 +361,7 @@ storage: - path: /etc/ssl/certs/SAPNetCA_G2.pem filesystem: root mode: 0644 + overwrite: true contents: inline: | -----BEGIN CERTIFICATE----- @@ -392,6 +403,7 @@ storage: - path: /var/lib/iptables/rules-save filesystem: root mode: 0644 + overwrite: true contents: inline: | *nat @@ -406,12 +418,14 @@ storage: - path: /etc/sysctl.d/10-enable-icmp-redirects.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- net.ipv4.conf.all.accept_redirects=1 - path: /etc/sysctl.d/20-inotify-max-user.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- fs.inotify.max_user_instances=8192 @@ -419,6 +433,7 @@ storage: - path: /etc/kube-flannel/net-conf.json filesystem: root mode: 0644 + overwrite: true contents: inline: |- { @@ -430,36 +445,42 @@ storage: - path: /etc/kubernetes/environment filesystem: root mode: 0644 + overwrite: true contents: inline: |- NODE_NAME={{ .NodeName }} - path: /etc/kubernetes/certs/kubelet-clients-ca.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .KubeletClientsCA | indent 10 }} - path: /etc/kubernetes/certs/apiserver-clients-system-kube-proxy-key.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .ApiserverClientsSystemKubeProxyKey | indent 10 }} - path: /etc/kubernetes/certs/apiserver-clients-system-kube-proxy.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .ApiserverClientsSystemKubeProxy | indent 10 }} - path: /etc/kubernetes/certs/tls-ca.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .TLSCA | indent 10 }} - path: /etc/kubernetes/bootstrap/kubeconfig filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: v1 @@ -482,6 +503,7 @@ storage: - path: /etc/kubernetes/kube-proxy/kubeconfig filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: v1 @@ -505,6 +527,7 @@ storage: - path: /etc/kubernetes/kubelet/config filesystem: root mode: 0644 + overwrite: true contents: inline: |- kind: KubeletConfiguration @@ -529,6 +552,7 @@ storage: - path: /etc/kubernetes/kube-proxy/config filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: kubeproxy.config.k8s.io/v1alpha1 @@ -566,6 +590,7 @@ storage: - path: /etc/kubernetes/openstack/openstack.config filesystem: root mode: 0644 + overwrite: true contents: inline: |- [Global] @@ -592,12 +617,14 @@ storage: - path: /etc/coreos/update.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- REBOOT_STRATEGY="off" - path: /opt/bin/rkt filesystem: root mode: 0755 + overwrite: true contents: remote: url: https://repo.{{.OpenstackRegion}}.cloud.sap/controlplane/flatcar-rkt/rkt-v1.30.0.gz @@ -609,6 +636,7 @@ storage: - path: /opt/rkt/stage1-fly.aci filesystem: root mode: 0644 + overwrite: true contents: remote: url: https://repo.{{.OpenstackRegion}}.cloud.sap/controlplane/flatcar-rkt/stage1-fly-rkt-v1.30.0.aci @@ -619,6 +647,7 @@ storage: - path: /opt/rkt/stage1-coreos.aci filesystem: root mode: 0644 + overwrite: true contents: remote: url: https://repo.{{.OpenstackRegion}}.cloud.sap/controlplane/flatcar-rkt/stage1-coreos-rkt-v1.30.0.aci @@ -629,6 +658,7 @@ storage: - path: /etc/rkt/paths.d/stage1.json filesystem: root mode: 0644 + overwrite: true contents: inline: |- { @@ -640,6 +670,7 @@ storage: - path: /opt/bin/kubelet-wrapper filesystem: root mode: 0755 + overwrite: true contents: inline: |- #!/bin/bash @@ -718,6 +749,7 @@ storage: - path: /opt/bin/flannel-wrapper filesystem: root mode: 0755 + overwrite: true contents: inline: |- #!/bin/bash -e @@ -792,11 +824,13 @@ storage: - path: /etc/modules-load.d/br_netfilter.conf filesystem: root mode: 0644 + overwrite: true contents: inline: br_netfilter - path: /etc/sysctl.d/30-br_netfilter.conf filesystem: root mode: 0644 + overwrite: true contents: inline: | net.bridge.bridge-nf-call-ip6tables = 1 diff --git a/pkg/templates/node_1.21.go b/pkg/templates/node_1.21.go index 411f72112f..7288caff1c 100644 --- a/pkg/templates/node_1.21.go +++ b/pkg/templates/node_1.21.go @@ -3,6 +3,11 @@ package templates var Node_1_21 = ` +variant: flatcar +version: 1.0.0 +kernel_arguments: + should_not_exist: + - flatcar.autologin passwd: users: - name: core @@ -18,9 +23,9 @@ passwd: systemd: units: - name: iptables-restore.service - enable: true + enabled: true - name: ccloud-metadata-hostname.service - enable: true + enabled: true contents: | [Unit] Description=Workaround for coreos-metadata hostname bug @@ -34,14 +39,14 @@ systemd: [Install] WantedBy=multi-user.target - name: docker.service - enable: true + enabled: true dropins: - name: 20-docker-opts.conf contents: | [Service] Environment="DOCKER_OPTS=--log-opt max-size=5m --log-opt max-file=5 --ip-masq=false --iptables=false --bridge=none" - name: flanneld.service - enable: true + enabled: true contents: | [Unit] Description=flannel - Network fabric for containers (System Application Container) @@ -86,7 +91,7 @@ systemd: --volume etc-kube-flannel,kind=host,source=/etc/kube-flannel,readOnly=true \ --mount volume=etc-kube-flannel,target=/etc/kube-flannel" - name: flannel-docker-opts.service - enable: true + enabled: true contents: | [Unit] PartOf=flanneld.service @@ -96,7 +101,7 @@ systemd: Type=oneshot ExecStart=/bin/true - name: kubelet.service - enable: true + enabled: true contents: | [Unit] Description=Kubelet @@ -191,14 +196,14 @@ systemd: Restart=always RestartSec=10s - name: wormhole.path - enable: true + enabled: true contents: | [Path] PathExists=/var/lib/kubelet/kubeconfig [Install] WantedBy=multi-user.target - name: kube-proxy.service - enable: true + enabled: true contents: | [Unit] Description=Kube-Proxy @@ -229,7 +234,7 @@ systemd: WantedBy=multi-user.target - name: updatecertificates.service command: start - enable: true + enabled: true contents: | [Unit] Description=Update the certificates w/ self-signed root CAs @@ -250,7 +255,7 @@ systemd: Type=oneshot ExecStart=/opt/bin/rkt gc --grace-period=${GRACE_PERIOD} - name: rkt-gc.timer - enable: true + enabled: true command: start contents: | [Unit] @@ -265,6 +270,7 @@ storage: - path: /etc/systemd/resolved.conf filesystem: root mode: 0644 + overwrite: true contents: inline: | [Resolve] @@ -272,6 +278,7 @@ storage: - path: /etc/systemd/network/50-kubernikus.netdev filesystem: root mode: 0644 + overwrite: true contents: inline: | [NetDev] @@ -281,6 +288,7 @@ storage: - path: /etc/systemd/network/51-kubernikus.network filesystem: root mode: 0644 + overwrite: true contents: inline: | [Match] @@ -291,12 +299,14 @@ storage: - path: /etc/udev/rules.d/99-vmware-scsi-udev.rules filesystem: root mode: 0644 + overwrite: true contents: inline: | ACTION=="add", SUBSYSTEMS=="scsi", ATTRS{vendor}=="VMware ", ATTRS{model}=="Virtual disk", RUN+="/bin/sh -c 'echo 180 >/sys$DEVPATH/timeout'" - path: /etc/ssl/certs/SAPGlobalRootCA.pem filesystem: root mode: 0644 + overwrite: true contents: inline: | -----BEGIN CERTIFICATE----- @@ -338,6 +348,7 @@ storage: - path: /etc/ssl/certs/SAPNetCA_G2.pem filesystem: root mode: 0644 + overwrite: true contents: inline: | -----BEGIN CERTIFICATE----- @@ -379,6 +390,7 @@ storage: - path: /var/lib/iptables/rules-save filesystem: root mode: 0644 + overwrite: true contents: inline: | *nat @@ -393,12 +405,14 @@ storage: - path: /etc/sysctl.d/10-enable-icmp-redirects.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- net.ipv4.conf.all.accept_redirects=1 - path: /etc/sysctl.d/20-inotify-max-user.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- fs.inotify.max_user_instances=8192 @@ -406,6 +420,7 @@ storage: - path: /etc/kube-flannel/net-conf.json filesystem: root mode: 0644 + overwrite: true contents: inline: |- { @@ -417,36 +432,42 @@ storage: - path: /etc/kubernetes/environment filesystem: root mode: 0644 + overwrite: true contents: inline: |- NODE_NAME={{ .NodeName }} - path: /etc/kubernetes/certs/kubelet-clients-ca.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .KubeletClientsCA | indent 10 }} - path: /etc/kubernetes/certs/apiserver-clients-system-kube-proxy-key.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .ApiserverClientsSystemKubeProxyKey | indent 10 }} - path: /etc/kubernetes/certs/apiserver-clients-system-kube-proxy.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .ApiserverClientsSystemKubeProxy | indent 10 }} - path: /etc/kubernetes/certs/tls-ca.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .TLSCA | indent 10 }} - path: /etc/kubernetes/bootstrap/kubeconfig filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: v1 @@ -469,6 +490,7 @@ storage: - path: /etc/kubernetes/kube-proxy/kubeconfig filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: v1 @@ -492,6 +514,7 @@ storage: - path: /etc/kubernetes/kubelet/config filesystem: root mode: 0644 + overwrite: true contents: inline: |- kind: KubeletConfiguration @@ -516,6 +539,7 @@ storage: - path: /etc/kubernetes/kube-proxy/config filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: kubeproxy.config.k8s.io/v1alpha1 @@ -553,6 +577,7 @@ storage: - path: /etc/kubernetes/openstack/openstack.config filesystem: root mode: 0644 + overwrite: true contents: inline: |- [Global] @@ -579,12 +604,14 @@ storage: - path: /etc/coreos/update.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- REBOOT_STRATEGY="off" - path: /opt/bin/rkt filesystem: root mode: 0755 + overwrite: true contents: remote: url: https://repo.{{.OpenstackRegion}}.cloud.sap/controlplane/flatcar-rkt/rkt-v1.30.0.gz @@ -596,6 +623,7 @@ storage: - path: /opt/rkt/stage1-fly.aci filesystem: root mode: 0644 + overwrite: true contents: remote: url: https://repo.{{.OpenstackRegion}}.cloud.sap/controlplane/flatcar-rkt/stage1-fly-rkt-v1.30.0.aci @@ -606,6 +634,7 @@ storage: - path: /opt/rkt/stage1-coreos.aci filesystem: root mode: 0644 + overwrite: true contents: remote: url: https://repo.{{.OpenstackRegion}}.cloud.sap/controlplane/flatcar-rkt/stage1-coreos-rkt-v1.30.0.aci @@ -616,6 +645,7 @@ storage: - path: /etc/rkt/paths.d/stage1.json filesystem: root mode: 0644 + overwrite: true contents: inline: |- { @@ -627,6 +657,7 @@ storage: - path: /opt/bin/kubelet-wrapper filesystem: root mode: 0755 + overwrite: true contents: inline: |- #!/bin/bash @@ -705,6 +736,7 @@ storage: - path: /opt/bin/flannel-wrapper filesystem: root mode: 0755 + overwrite: true contents: inline: |- #!/bin/bash -e @@ -779,6 +811,7 @@ storage: - path: /etc/modules-load.d/br_netfilter.conf filesystem: root mode: 0644 + overwrite: true contents: inline: br_netfilter - path: /etc/sysctl.d/30-br_netfilter.conf diff --git a/pkg/templates/node_1.24.go b/pkg/templates/node_1.24.go index fbb334eb5e..5f39c6808b 100644 --- a/pkg/templates/node_1.24.go +++ b/pkg/templates/node_1.24.go @@ -3,6 +3,11 @@ package templates var Node_1_24 = ` +variant: flatcar +version: 1.0.0 +kernel_arguments: + should_not_exist: + - flatcar.autologin passwd: users: - name: core @@ -14,7 +19,7 @@ passwd: systemd: units: - name: ccloud-metadata-hostname.service - enable: true + enabled: true contents: | [Unit] Description=Workaround for coreos-metadata hostname bug @@ -28,7 +33,7 @@ systemd: [Install] WantedBy=multi-user.target - name: containerd.service - enable: true + enabled: true dropins: - name: 10-custom-config.conf contents: | @@ -36,14 +41,14 @@ systemd: ExecStart= ExecStart=/usr/bin/containerd - name: docker.service - enable: true + enabled: true dropins: - name: 20-docker-opts.conf contents: | [Service] Environment="DOCKER_OPTS=--iptables=false --bridge=none" - name: kubelet.service - enable: true + enabled: true contents: | [Unit] Description=Kubelet @@ -81,7 +86,7 @@ systemd: WantedBy=multi-user.target - name: updatecertificates.service command: start - enable: true + enabled: true contents: | [Unit] Description=Update the certificates w/ self-signed root CAs @@ -94,7 +99,7 @@ systemd: [Install] WantedBy=multi-user.target - name: containerd-config-replace.service - enable: true + enabled: true contents: | [Unit] Description=Modify startup configuration file of containerd @@ -113,18 +118,21 @@ storage: - path: /etc/crictl.yaml filesystem: root mode: 0644 + overwrite: true contents: inline: | runtime-endpoint: unix:///run/containerd/containerd.sock - path: /etc/profile.d/envs.sh filesystem: root mode: 0644 + overwrite: true contents: inline: | export CONTAINERD_NAMESPACE=k8s.io - path: /etc/systemd/resolved.conf filesystem: root mode: 0644 + overwrite: true contents: inline: | [Resolve] @@ -132,6 +140,7 @@ storage: - path: /etc/systemd/network/50-kubernikus.netdev filesystem: root mode: 0644 + overwrite: true contents: inline: | [NetDev] @@ -141,6 +150,7 @@ storage: - path: /etc/systemd/network/51-kubernikus.network filesystem: root mode: 0644 + overwrite: true contents: inline: | [Match] @@ -151,12 +161,14 @@ storage: - path: /etc/udev/rules.d/99-vmware-scsi-udev.rules filesystem: root mode: 0644 + overwrite: true contents: inline: | ACTION=="add", SUBSYSTEMS=="scsi", ATTRS{vendor}=="VMware ", ATTRS{model}=="Virtual disk", RUN+="/bin/sh -c 'echo 180 >/sys$DEVPATH/timeout'" - path: /etc/ssl/certs/SAPGlobalRootCA.pem filesystem: root mode: 0644 + overwrite: true contents: inline: | -----BEGIN CERTIFICATE----- @@ -198,6 +210,7 @@ storage: - path: /etc/ssl/certs/SAPNetCA_G2.pem filesystem: root mode: 0644 + overwrite: true contents: inline: | -----BEGIN CERTIFICATE----- @@ -239,12 +252,14 @@ storage: - path: /etc/sysctl.d/10-enable-icmp-redirects.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- net.ipv4.conf.all.accept_redirects=1 - path: /etc/sysctl.d/20-inotify-max-user.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- fs.inotify.max_user_instances=8192 @@ -252,12 +267,14 @@ storage: - path: /etc/kubernetes/certs/kubelet-clients-ca.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .KubeletClientsCA | indent 10 }} - path: /etc/kubernetes/bootstrap/kubeconfig filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: v1 @@ -280,6 +297,7 @@ storage: - path: /etc/kubernetes/kubelet/config filesystem: root mode: 0644 + overwrite: true contents: inline: |- kind: KubeletConfiguration @@ -304,17 +322,20 @@ storage: - path: /etc/flatcar/update.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- REBOOT_STRATEGY="off" - path: /etc/modules-load.d/br_netfilter.conf filesystem: root mode: 0644 + overwrite: true contents: inline: br_netfilter - path: /etc/sysctl.d/30-br_netfilter.conf filesystem: root mode: 0644 + overwrite: true contents: inline: | net.bridge.bridge-nf-call-ip6tables = 1 @@ -322,6 +343,7 @@ storage: - path: /opt/bin/containerd-config-replace.sh filesystem: root mode: 0755 + overwrite: true contents: inline: | #!/usr/bin/env bash diff --git a/pkg/templates/node_1.26.go b/pkg/templates/node_1.26.go index 68a52e3c69..db41e23c4c 100644 --- a/pkg/templates/node_1.26.go +++ b/pkg/templates/node_1.26.go @@ -3,6 +3,11 @@ package templates var Node_1_26 = ` +variant: flatcar +version: 1.0.0 +kernel_arguments: + should_not_exist: + - flatcar.autologin passwd: users: - name: core @@ -14,7 +19,7 @@ passwd: systemd: units: - name: ccloud-metadata-hostname.service - enable: true + enabled: true contents: | [Unit] Description=Workaround for coreos-metadata hostname bug @@ -28,7 +33,7 @@ systemd: [Install] WantedBy=multi-user.target - name: containerd.service - enable: true + enabled: true dropins: - name: 10-custom-config.conf contents: | @@ -36,14 +41,14 @@ systemd: ExecStart= ExecStart=/usr/bin/containerd - name: docker.service - enable: true + enabled: true dropins: - name: 20-docker-opts.conf contents: | [Service] Environment="DOCKER_OPTS=--iptables=false --bridge=none" - name: kubelet.service - enable: true + enabled: true contents: | [Unit] Description=Kubelet @@ -81,7 +86,7 @@ systemd: WantedBy=multi-user.target - name: updatecertificates.service command: start - enable: true + enabled: true contents: | [Unit] Description=Update the certificates w/ self-signed root CAs @@ -97,7 +102,7 @@ systemd: mask: true enable: false - name: containerd-config-replace.service - enable: true + enabled: true contents: | [Unit] Description=Modify startup configuration file of containerd @@ -116,18 +121,21 @@ storage: - path: /etc/crictl.yaml filesystem: root mode: 0644 + overwrite: true contents: inline: | runtime-endpoint: unix:///run/containerd/containerd.sock - path: /etc/profile.d/envs.sh filesystem: root mode: 0644 + overwrite: true contents: inline: | export CONTAINERD_NAMESPACE=k8s.io - path: /etc/systemd/resolved.conf filesystem: root mode: 0644 + overwrite: true contents: inline: | [Resolve] @@ -135,6 +143,7 @@ storage: - path: /etc/systemd/network/50-kubernikus.netdev filesystem: root mode: 0644 + overwrite: true contents: inline: | [NetDev] @@ -144,6 +153,7 @@ storage: - path: /etc/systemd/network/51-kubernikus.network filesystem: root mode: 0644 + overwrite: true contents: inline: | [Match] @@ -154,12 +164,14 @@ storage: - path: /etc/udev/rules.d/99-vmware-scsi-udev.rules filesystem: root mode: 0644 + overwrite: true contents: inline: | ACTION=="add", SUBSYSTEMS=="scsi", ATTRS{vendor}=="VMware ", ATTRS{model}=="Virtual disk", RUN+="/bin/sh -c 'echo 180 >/sys$DEVPATH/timeout'" - path: /etc/ssl/certs/SAPGlobalRootCA.pem filesystem: root mode: 0644 + overwrite: true contents: inline: | -----BEGIN CERTIFICATE----- @@ -201,6 +213,7 @@ storage: - path: /etc/ssl/certs/SAPNetCA_G2.pem filesystem: root mode: 0644 + overwrite: true contents: inline: | -----BEGIN CERTIFICATE----- @@ -242,12 +255,14 @@ storage: - path: /etc/sysctl.d/10-enable-icmp-redirects.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- net.ipv4.conf.all.accept_redirects=1 - path: /etc/sysctl.d/20-inotify-max-user.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- fs.inotify.max_user_instances=8192 @@ -255,12 +270,14 @@ storage: - path: /etc/kubernetes/certs/kubelet-clients-ca.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .KubeletClientsCA | indent 10 }} - path: /etc/kubernetes/bootstrap/kubeconfig filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: v1 @@ -283,6 +300,7 @@ storage: - path: /etc/kubernetes/kubelet/config filesystem: root mode: 0644 + overwrite: true contents: inline: |- kind: KubeletConfiguration @@ -302,17 +320,20 @@ storage: - path: /etc/flatcar/update.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- REBOOT_STRATEGY="off" - path: /etc/modules-load.d/br_netfilter.conf filesystem: root mode: 0644 + overwrite: true contents: inline: br_netfilter - path: /etc/sysctl.d/30-br_netfilter.conf filesystem: root mode: 0644 + overwrite: true contents: inline: | net.bridge.bridge-nf-call-ip6tables = 1 @@ -320,6 +341,7 @@ storage: - path: /opt/bin/containerd-config-replace.sh filesystem: root mode: 0755 + overwrite: true contents: inline: | #!/usr/bin/env bash diff --git a/pkg/templates/node_1.27.go b/pkg/templates/node_1.27.go index 14c20e498c..0b649eac72 100644 --- a/pkg/templates/node_1.27.go +++ b/pkg/templates/node_1.27.go @@ -3,6 +3,11 @@ package templates var Node_1_27 = ` +variant: flatcar +version: 1.0.0 +kernel_arguments: + should_not_exist: + - flatcar.autologin passwd: users: - name: core @@ -14,7 +19,7 @@ passwd: systemd: units: - name: ccloud-metadata-hostname.service - enable: true + enabled: true contents: | [Unit] Description=Workaround for coreos-metadata hostname bug @@ -28,7 +33,7 @@ systemd: [Install] WantedBy=multi-user.target - name: containerd.service - enable: true + enabled: true dropins: - name: 10-custom-config.conf contents: | @@ -36,14 +41,14 @@ systemd: ExecStart= ExecStart=/usr/bin/containerd - name: docker.service - enable: true + enabled: true dropins: - name: 20-docker-opts.conf contents: | [Service] Environment="DOCKER_OPTS=--iptables=false --bridge=none" - name: kubelet.service - enable: true + enabled: true contents: | [Unit] Description=Kubelet @@ -80,7 +85,7 @@ systemd: WantedBy=multi-user.target - name: updatecertificates.service command: start - enable: true + enabled: true contents: | [Unit] Description=Update the certificates w/ self-signed root CAs @@ -96,7 +101,7 @@ systemd: mask: true enable: false - name: containerd-config-replace.service - enable: true + enabled: true contents: | [Unit] Description=Modify startup configuration file of containerd @@ -115,18 +120,21 @@ storage: - path: /etc/crictl.yaml filesystem: root mode: 0644 + overwrite: true contents: inline: | runtime-endpoint: unix:///run/containerd/containerd.sock - path: /etc/profile.d/envs.sh filesystem: root mode: 0644 + overwrite: true contents: inline: | export CONTAINERD_NAMESPACE=k8s.io - path: /etc/systemd/resolved.conf filesystem: root mode: 0644 + overwrite: true contents: inline: | [Resolve] @@ -134,6 +142,7 @@ storage: - path: /etc/systemd/network/50-kubernikus.netdev filesystem: root mode: 0644 + overwrite: true contents: inline: | [NetDev] @@ -143,6 +152,7 @@ storage: - path: /etc/systemd/network/51-kubernikus.network filesystem: root mode: 0644 + overwrite: true contents: inline: | [Match] @@ -153,12 +163,14 @@ storage: - path: /etc/udev/rules.d/99-vmware-scsi-udev.rules filesystem: root mode: 0644 + overwrite: true contents: inline: | ACTION=="add", SUBSYSTEMS=="scsi", ATTRS{vendor}=="VMware ", ATTRS{model}=="Virtual disk", RUN+="/bin/sh -c 'echo 180 >/sys$DEVPATH/timeout'" - path: /etc/ssl/certs/SAPGlobalRootCA.pem filesystem: root mode: 0644 + overwrite: true contents: inline: | -----BEGIN CERTIFICATE----- @@ -200,6 +212,7 @@ storage: - path: /etc/ssl/certs/SAPNetCA_G2.pem filesystem: root mode: 0644 + overwrite: true contents: inline: | -----BEGIN CERTIFICATE----- @@ -241,12 +254,14 @@ storage: - path: /etc/sysctl.d/10-enable-icmp-redirects.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- net.ipv4.conf.all.accept_redirects=1 - path: /etc/sysctl.d/20-inotify-max-user.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- fs.inotify.max_user_instances=8192 @@ -254,12 +269,14 @@ storage: - path: /etc/kubernetes/certs/kubelet-clients-ca.pem filesystem: root mode: 0644 + overwrite: true contents: inline: |- {{ .KubeletClientsCA | indent 10 }} - path: /etc/kubernetes/bootstrap/kubeconfig filesystem: root mode: 0644 + overwrite: true contents: inline: |- apiVersion: v1 @@ -282,6 +299,7 @@ storage: - path: /etc/kubernetes/kubelet/config filesystem: root mode: 0644 + overwrite: true contents: inline: |- kind: KubeletConfiguration @@ -308,17 +326,20 @@ storage: - path: /etc/flatcar/update.conf filesystem: root mode: 0644 + overwrite: true contents: inline: |- REBOOT_STRATEGY="off" - path: /etc/modules-load.d/br_netfilter.conf filesystem: root mode: 0644 + overwrite: true contents: inline: br_netfilter - path: /etc/sysctl.d/30-br_netfilter.conf filesystem: root mode: 0644 + overwrite: true contents: inline: | net.bridge.bridge-nf-call-ip6tables = 1 @@ -326,6 +347,7 @@ storage: - path: /opt/bin/containerd-config-replace.sh filesystem: root mode: 0755 + overwrite: true contents: inline: | #!/usr/bin/env bash