diff --git a/access/discord/Makefile b/access/discord/Makefile index 6c48c00e7..445de4126 100644 --- a/access/discord/Makefile +++ b/access/discord/Makefile @@ -1,4 +1,4 @@ -VERSION=15.0.1 +VERSION=15.0.2 GO_VERSION=1.21.7 BUILDDIR ?= build diff --git a/access/email/Makefile b/access/email/Makefile index ed571eb78..debdb59a2 100644 --- a/access/email/Makefile +++ b/access/email/Makefile @@ -1,4 +1,4 @@ -VERSION=15.0.1 +VERSION=15.0.2 GO_VERSION=1.21.7 BUILDDIR ?= build diff --git a/access/jira/Makefile b/access/jira/Makefile index 57593868f..d8f11c626 100644 --- a/access/jira/Makefile +++ b/access/jira/Makefile @@ -1,4 +1,4 @@ -VERSION=15.0.1 +VERSION=15.0.2 GO_VERSION=1.21.7 BUILDDIR ?= build diff --git a/access/mattermost/Makefile b/access/mattermost/Makefile index 97b6cd40d..dec51b49a 100644 --- a/access/mattermost/Makefile +++ b/access/mattermost/Makefile @@ -1,4 +1,4 @@ -VERSION=15.0.1 +VERSION=15.0.2 GO_VERSION=1.21.7 BUILDDIR ?= build diff --git a/access/msteams/Makefile b/access/msteams/Makefile index d1db60dea..d9c4a08ab 100644 --- a/access/msteams/Makefile +++ b/access/msteams/Makefile @@ -1,4 +1,4 @@ -VERSION=15.0.1 +VERSION=15.0.2 GO_VERSION=1.21.7 BUILDDIR ?= build diff --git a/access/pagerduty/Makefile b/access/pagerduty/Makefile index caec1a222..a30f5f31a 100644 --- a/access/pagerduty/Makefile +++ b/access/pagerduty/Makefile @@ -1,4 +1,4 @@ -VERSION=15.0.1 +VERSION=15.0.2 GO_VERSION=1.21.7 BUILDDIR ?= build diff --git a/access/slack/Makefile b/access/slack/Makefile index 361bc89dc..6e2d99e44 100644 --- a/access/slack/Makefile +++ b/access/slack/Makefile @@ -1,4 +1,4 @@ -VERSION=15.0.1 +VERSION=15.0.2 GO_VERSION=1.21.7 BUILDDIR ?= build diff --git a/charts/access/discord/Chart.yaml b/charts/access/discord/Chart.yaml index 6fc3a35c9..303aa69d1 100644 --- a/charts/access/discord/Chart.yaml +++ b/charts/access/discord/Chart.yaml @@ -15,16 +15,16 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: "15.0.1" +version: "15.0.2" # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -version: "15.0.1" +version: "15.0.2" # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "15.0.1" +appVersion: "15.0.2" diff --git a/charts/access/discord/tests/__snapshot__/configmap_test.yaml.snap b/charts/access/discord/tests/__snapshot__/configmap_test.yaml.snap index 56538e9a9..558226aad 100644 --- a/charts/access/discord/tests/__snapshot__/configmap_test.yaml.snap +++ b/charts/access/discord/tests/__snapshot__/configmap_test.yaml.snap @@ -24,6 +24,6 @@ should match the snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-discord - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-discord-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-discord-15.0.2 name: RELEASE-NAME-teleport-plugin-discord diff --git a/charts/access/discord/tests/__snapshot__/deployment_test.yaml.snap b/charts/access/discord/tests/__snapshot__/deployment_test.yaml.snap index 111f15228..25004f50c 100644 --- a/charts/access/discord/tests/__snapshot__/deployment_test.yaml.snap +++ b/charts/access/discord/tests/__snapshot__/deployment_test.yaml.snap @@ -7,8 +7,8 @@ should match the snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-discord - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-discord-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-discord-15.0.2 name: RELEASE-NAME-teleport-plugin-discord spec: replicas: 1 @@ -22,8 +22,8 @@ should match the snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-discord - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-discord-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-discord-15.0.2 spec: containers: - command: diff --git a/charts/access/email/Chart.yaml b/charts/access/email/Chart.yaml index 447342575..6bb9e9880 100644 --- a/charts/access/email/Chart.yaml +++ b/charts/access/email/Chart.yaml @@ -13,10 +13,10 @@ description: A Helm chart for the Teleport Email Plugin type: application # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: "15.0.1" +version: "15.0.2" # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "15.0.1" +appVersion: "15.0.2" diff --git a/charts/access/email/tests/__snapshot__/configmap_test.yaml.snap b/charts/access/email/tests/__snapshot__/configmap_test.yaml.snap index cafa6ad44..b47e15eab 100644 --- a/charts/access/email/tests/__snapshot__/configmap_test.yaml.snap +++ b/charts/access/email/tests/__snapshot__/configmap_test.yaml.snap @@ -26,8 +26,8 @@ should match the snapshot (mailgun on): app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-email - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-email-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-email-15.0.2 name: RELEASE-NAME-teleport-plugin-email should match the snapshot (smtp on): 1: | @@ -59,8 +59,8 @@ should match the snapshot (smtp on): app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-email - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-email-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-email-15.0.2 name: RELEASE-NAME-teleport-plugin-email should match the snapshot (smtp on, no starttls): 1: | @@ -92,8 +92,8 @@ should match the snapshot (smtp on, no starttls): app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-email - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-email-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-email-15.0.2 name: RELEASE-NAME-teleport-plugin-email should match the snapshot (smtp on, password file): 1: | @@ -125,8 +125,8 @@ should match the snapshot (smtp on, password file): app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-email - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-email-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-email-15.0.2 name: RELEASE-NAME-teleport-plugin-email should match the snapshot (smtp on, roleToRecipients set): 1: | @@ -161,8 +161,8 @@ should match the snapshot (smtp on, roleToRecipients set): app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-email - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-email-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-email-15.0.2 name: RELEASE-NAME-teleport-plugin-email should match the snapshot (smtp on, starttls disabled): 1: | @@ -194,6 +194,6 @@ should match the snapshot (smtp on, starttls disabled): app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-email - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-email-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-email-15.0.2 name: RELEASE-NAME-teleport-plugin-email diff --git a/charts/access/email/tests/__snapshot__/deployment_test.yaml.snap b/charts/access/email/tests/__snapshot__/deployment_test.yaml.snap index d20d31512..9c082abd9 100644 --- a/charts/access/email/tests/__snapshot__/deployment_test.yaml.snap +++ b/charts/access/email/tests/__snapshot__/deployment_test.yaml.snap @@ -7,8 +7,8 @@ should be possible to override volume name (smtp on): app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-email - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-email-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-email-15.0.2 name: RELEASE-NAME-teleport-plugin-email spec: replicas: 1 @@ -22,8 +22,8 @@ should be possible to override volume name (smtp on): app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-email - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-email-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-email-15.0.2 spec: containers: - command: @@ -34,7 +34,7 @@ should be possible to override volume name (smtp on): env: - name: TELEPORT_PLUGIN_FAIL_FAST value: "true" - image: public.ecr.aws/gravitational/teleport-plugin-email:15.0.1 + image: public.ecr.aws/gravitational/teleport-plugin-email:15.0.2 imagePullPolicy: IfNotPresent name: teleport-plugin-email ports: @@ -75,8 +75,8 @@ should match the snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-email - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-email-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-email-15.0.2 name: RELEASE-NAME-teleport-plugin-email spec: replicas: 1 @@ -90,8 +90,8 @@ should match the snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-email - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-email-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-email-15.0.2 spec: containers: - command: @@ -136,8 +136,8 @@ should match the snapshot (mailgun on): app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-email - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-email-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-email-15.0.2 name: RELEASE-NAME-teleport-plugin-email spec: replicas: 1 @@ -151,8 +151,8 @@ should match the snapshot (mailgun on): app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-email - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-email-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-email-15.0.2 spec: containers: - command: @@ -163,7 +163,7 @@ should match the snapshot (mailgun on): env: - name: TELEPORT_PLUGIN_FAIL_FAST value: "true" - image: public.ecr.aws/gravitational/teleport-plugin-email:15.0.1 + image: public.ecr.aws/gravitational/teleport-plugin-email:15.0.2 imagePullPolicy: IfNotPresent name: teleport-plugin-email ports: @@ -204,8 +204,8 @@ should match the snapshot (smtp on): app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-email - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-email-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-email-15.0.2 name: RELEASE-NAME-teleport-plugin-email spec: replicas: 1 @@ -219,8 +219,8 @@ should match the snapshot (smtp on): app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-email - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-email-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-email-15.0.2 spec: containers: - command: @@ -231,7 +231,7 @@ should match the snapshot (smtp on): env: - name: TELEPORT_PLUGIN_FAIL_FAST value: "true" - image: public.ecr.aws/gravitational/teleport-plugin-email:15.0.1 + image: public.ecr.aws/gravitational/teleport-plugin-email:15.0.2 imagePullPolicy: IfNotPresent name: teleport-plugin-email ports: @@ -272,8 +272,8 @@ should mount external secret (mailgun on): app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-email - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-email-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-email-15.0.2 name: RELEASE-NAME-teleport-plugin-email spec: replicas: 1 @@ -287,8 +287,8 @@ should mount external secret (mailgun on): app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-email - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-email-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-email-15.0.2 spec: containers: - command: @@ -299,7 +299,7 @@ should mount external secret (mailgun on): env: - name: TELEPORT_PLUGIN_FAIL_FAST value: "true" - image: public.ecr.aws/gravitational/teleport-plugin-email:15.0.1 + image: public.ecr.aws/gravitational/teleport-plugin-email:15.0.2 imagePullPolicy: IfNotPresent name: teleport-plugin-email ports: @@ -340,8 +340,8 @@ should mount external secret (smtp on): app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-email - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-email-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-email-15.0.2 name: RELEASE-NAME-teleport-plugin-email spec: replicas: 1 @@ -355,8 +355,8 @@ should mount external secret (smtp on): app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-email - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-email-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-email-15.0.2 spec: containers: - command: @@ -367,7 +367,7 @@ should mount external secret (smtp on): env: - name: TELEPORT_PLUGIN_FAIL_FAST value: "true" - image: public.ecr.aws/gravitational/teleport-plugin-email:15.0.1 + image: public.ecr.aws/gravitational/teleport-plugin-email:15.0.2 imagePullPolicy: IfNotPresent name: teleport-plugin-email ports: diff --git a/charts/access/jira/Chart.yaml b/charts/access/jira/Chart.yaml index b1ba91bb2..2d8746653 100644 --- a/charts/access/jira/Chart.yaml +++ b/charts/access/jira/Chart.yaml @@ -15,10 +15,10 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: "15.0.1" +version: "15.0.2" # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "15.0.1" +appVersion: "15.0.2" diff --git a/charts/access/jira/tests/__snapshot__/configmap_test.yaml.snap b/charts/access/jira/tests/__snapshot__/configmap_test.yaml.snap index de5c8c20b..2a72fa587 100644 --- a/charts/access/jira/tests/__snapshot__/configmap_test.yaml.snap +++ b/charts/access/jira/tests/__snapshot__/configmap_test.yaml.snap @@ -32,6 +32,6 @@ should match the snapshot (smtp on): app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-jira - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-jira-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-jira-15.0.2 name: RELEASE-NAME-teleport-plugin-jira diff --git a/charts/access/jira/tests/__snapshot__/deployment_test.yaml.snap b/charts/access/jira/tests/__snapshot__/deployment_test.yaml.snap index eb4fde579..ecfab4205 100644 --- a/charts/access/jira/tests/__snapshot__/deployment_test.yaml.snap +++ b/charts/access/jira/tests/__snapshot__/deployment_test.yaml.snap @@ -7,8 +7,8 @@ should match the snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-jira - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-jira-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-jira-15.0.2 name: RELEASE-NAME-teleport-plugin-jira spec: replicas: 1 @@ -22,8 +22,8 @@ should match the snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-jira - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-jira-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-jira-15.0.2 spec: containers: - command: diff --git a/charts/access/mattermost/Chart.yaml b/charts/access/mattermost/Chart.yaml index ea8c4f632..042266124 100644 --- a/charts/access/mattermost/Chart.yaml +++ b/charts/access/mattermost/Chart.yaml @@ -15,10 +15,10 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: "15.0.1" +version: "15.0.2" # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "15.0.1" +appVersion: "15.0.2" diff --git a/charts/access/mattermost/tests/__snapshot__/configmap_test.yaml.snap b/charts/access/mattermost/tests/__snapshot__/configmap_test.yaml.snap index 8c6dab697..3fa9424c2 100644 --- a/charts/access/mattermost/tests/__snapshot__/configmap_test.yaml.snap +++ b/charts/access/mattermost/tests/__snapshot__/configmap_test.yaml.snap @@ -22,6 +22,6 @@ should match the snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-mattermost - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-mattermost-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-mattermost-15.0.2 name: RELEASE-NAME-teleport-plugin-mattermost diff --git a/charts/access/mattermost/tests/__snapshot__/deployment_test.yaml.snap b/charts/access/mattermost/tests/__snapshot__/deployment_test.yaml.snap index 23005185e..a0d804dd8 100644 --- a/charts/access/mattermost/tests/__snapshot__/deployment_test.yaml.snap +++ b/charts/access/mattermost/tests/__snapshot__/deployment_test.yaml.snap @@ -7,8 +7,8 @@ should match the snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-mattermost - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-mattermost-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-mattermost-15.0.2 name: RELEASE-NAME-teleport-plugin-mattermost spec: replicas: 1 @@ -22,8 +22,8 @@ should match the snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-mattermost - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-mattermost-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-mattermost-15.0.2 spec: containers: - command: @@ -75,8 +75,8 @@ should mount external secret: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-mattermost - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-mattermost-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-mattermost-15.0.2 name: RELEASE-NAME-teleport-plugin-mattermost spec: replicas: 1 @@ -90,8 +90,8 @@ should mount external secret: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-mattermost - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-mattermost-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-mattermost-15.0.2 spec: containers: - command: @@ -102,7 +102,7 @@ should mount external secret: env: - name: TELEPORT_PLUGIN_FAIL_FAST value: "true" - image: public.ecr.aws/gravitational/teleport-plugin-mattermost:15.0.1 + image: public.ecr.aws/gravitational/teleport-plugin-mattermost:15.0.2 imagePullPolicy: IfNotPresent name: teleport-plugin-mattermost ports: @@ -143,8 +143,8 @@ should override volume name: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-mattermost - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-mattermost-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-mattermost-15.0.2 name: RELEASE-NAME-teleport-plugin-mattermost spec: replicas: 1 @@ -158,8 +158,8 @@ should override volume name: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-mattermost - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-mattermost-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-mattermost-15.0.2 spec: containers: - command: @@ -170,7 +170,7 @@ should override volume name: env: - name: TELEPORT_PLUGIN_FAIL_FAST value: "true" - image: public.ecr.aws/gravitational/teleport-plugin-mattermost:15.0.1 + image: public.ecr.aws/gravitational/teleport-plugin-mattermost:15.0.2 imagePullPolicy: IfNotPresent name: teleport-plugin-mattermost ports: diff --git a/charts/access/msteams/Chart.yaml b/charts/access/msteams/Chart.yaml index 78a7cb805..f61a741de 100644 --- a/charts/access/msteams/Chart.yaml +++ b/charts/access/msteams/Chart.yaml @@ -15,10 +15,10 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: "15.0.1" +version: "15.0.2" # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "15.0.1" +appVersion: "15.0.2" diff --git a/charts/access/msteams/tests/__snapshot__/configmap_test.yaml.snap b/charts/access/msteams/tests/__snapshot__/configmap_test.yaml.snap index e176ad005..536fa0014 100644 --- a/charts/access/msteams/tests/__snapshot__/configmap_test.yaml.snap +++ b/charts/access/msteams/tests/__snapshot__/configmap_test.yaml.snap @@ -29,6 +29,6 @@ should match the snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-msteams - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-msteams-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-msteams-15.0.2 name: RELEASE-NAME-teleport-plugin-msteams diff --git a/charts/access/msteams/tests/__snapshot__/deployment_test.yaml.snap b/charts/access/msteams/tests/__snapshot__/deployment_test.yaml.snap index 74e2078e3..8b2caa389 100644 --- a/charts/access/msteams/tests/__snapshot__/deployment_test.yaml.snap +++ b/charts/access/msteams/tests/__snapshot__/deployment_test.yaml.snap @@ -7,8 +7,8 @@ should match the snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-msteams - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-msteams-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-msteams-15.0.2 name: RELEASE-NAME-teleport-plugin-msteams spec: replicas: 1 @@ -22,8 +22,8 @@ should match the snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-msteams - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-msteams-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-msteams-15.0.2 spec: containers: - command: diff --git a/charts/access/pagerduty/Chart.yaml b/charts/access/pagerduty/Chart.yaml index e7573695a..51f7f78b5 100644 --- a/charts/access/pagerduty/Chart.yaml +++ b/charts/access/pagerduty/Chart.yaml @@ -15,10 +15,10 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: "15.0.1" +version: "15.0.2" # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "15.0.1" +appVersion: "15.0.2" diff --git a/charts/access/pagerduty/tests/__snapshot__/configmap_test.yaml.snap b/charts/access/pagerduty/tests/__snapshot__/configmap_test.yaml.snap index 559ef2ba8..5fe1ef2f8 100644 --- a/charts/access/pagerduty/tests/__snapshot__/configmap_test.yaml.snap +++ b/charts/access/pagerduty/tests/__snapshot__/configmap_test.yaml.snap @@ -21,6 +21,6 @@ should match the snapshot (smtp on): app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-pagerduty - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-pagerduty-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-pagerduty-15.0.2 name: RELEASE-NAME-teleport-plugin-pagerduty diff --git a/charts/access/pagerduty/tests/__snapshot__/deployment_test.yaml.snap b/charts/access/pagerduty/tests/__snapshot__/deployment_test.yaml.snap index ad5a0b494..ef195a8f1 100644 --- a/charts/access/pagerduty/tests/__snapshot__/deployment_test.yaml.snap +++ b/charts/access/pagerduty/tests/__snapshot__/deployment_test.yaml.snap @@ -7,8 +7,8 @@ should match the snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-pagerduty - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-pagerduty-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-pagerduty-15.0.2 name: RELEASE-NAME-teleport-plugin-pagerduty spec: replicas: 1 @@ -22,8 +22,8 @@ should match the snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-pagerduty - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-pagerduty-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-pagerduty-15.0.2 spec: containers: - command: diff --git a/charts/access/slack/Chart.yaml b/charts/access/slack/Chart.yaml index b3f2cf359..fa8ebe32d 100644 --- a/charts/access/slack/Chart.yaml +++ b/charts/access/slack/Chart.yaml @@ -15,10 +15,10 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: "15.0.1" +version: "15.0.2" # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "15.0.1" +appVersion: "15.0.2" diff --git a/charts/access/slack/tests/__snapshot__/configmap_test.yaml.snap b/charts/access/slack/tests/__snapshot__/configmap_test.yaml.snap index 2186a7ce7..5f96e0676 100644 --- a/charts/access/slack/tests/__snapshot__/configmap_test.yaml.snap +++ b/charts/access/slack/tests/__snapshot__/configmap_test.yaml.snap @@ -24,6 +24,6 @@ should match the snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-slack - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-slack-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-slack-15.0.2 name: RELEASE-NAME-teleport-plugin-slack diff --git a/charts/access/slack/tests/__snapshot__/deployment_test.yaml.snap b/charts/access/slack/tests/__snapshot__/deployment_test.yaml.snap index 0c21c63f7..d2914a28b 100644 --- a/charts/access/slack/tests/__snapshot__/deployment_test.yaml.snap +++ b/charts/access/slack/tests/__snapshot__/deployment_test.yaml.snap @@ -7,8 +7,8 @@ should match the snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-slack - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-slack-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-slack-15.0.2 name: RELEASE-NAME-teleport-plugin-slack spec: replicas: 1 @@ -22,8 +22,8 @@ should match the snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-slack - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-slack-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-slack-15.0.2 spec: containers: - command: diff --git a/charts/event-handler/Chart.yaml b/charts/event-handler/Chart.yaml index 0db65eba0..8d19c094c 100644 --- a/charts/event-handler/Chart.yaml +++ b/charts/event-handler/Chart.yaml @@ -15,10 +15,10 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: "15.0.1" +version: "15.0.2" # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "15.0.1" +appVersion: "15.0.2" diff --git a/charts/event-handler/tests/__snapshot__/configmap_test.yaml.snap b/charts/event-handler/tests/__snapshot__/configmap_test.yaml.snap index 571488ad6..b7ce38870 100644 --- a/charts/event-handler/tests/__snapshot__/configmap_test.yaml.snap +++ b/charts/event-handler/tests/__snapshot__/configmap_test.yaml.snap @@ -24,6 +24,6 @@ should match the snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-event-handler - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-event-handler-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-event-handler-15.0.2 name: RELEASE-NAME-teleport-plugin-event-handler diff --git a/charts/event-handler/tests/__snapshot__/deployment_test.yaml.snap b/charts/event-handler/tests/__snapshot__/deployment_test.yaml.snap index 1eb854da1..e7ad58e54 100644 --- a/charts/event-handler/tests/__snapshot__/deployment_test.yaml.snap +++ b/charts/event-handler/tests/__snapshot__/deployment_test.yaml.snap @@ -7,8 +7,8 @@ should match the snapshot: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: teleport-plugin-event-handler - app.kubernetes.io/version: 15.0.1 - helm.sh/chart: teleport-plugin-event-handler-15.0.1 + app.kubernetes.io/version: 15.0.2 + helm.sh/chart: teleport-plugin-event-handler-15.0.2 name: RELEASE-NAME-teleport-plugin-event-handler spec: replicas: 1 diff --git a/event-handler/Makefile b/event-handler/Makefile index 2e7a0f227..febe0f21a 100644 --- a/event-handler/Makefile +++ b/event-handler/Makefile @@ -1,4 +1,4 @@ -VERSION=15.0.1 +VERSION=15.0.2 GO_VERSION=1.21.7 GITTAG=v$(VERSION) diff --git a/go.mod b/go.mod index 2e76f7bce..dfbca2679 100644 --- a/go.mod +++ b/go.mod @@ -138,8 +138,8 @@ replace ( github.com/alecthomas/kingpin/v2 => github.com/gravitational/kingpin/v2 v2.1.11-0.20230515143221-4ec6b70ecd33 github.com/coreos/go-oidc => github.com/gravitational/go-oidc v0.1.1 github.com/gogo/protobuf => github.com/gravitational/protobuf v1.3.2-0.20201123192827-2b9fcfaffcbf - github.com/gravitational/teleport => github.com/gravitational/teleport v0.0.0-20240206024131-d3475109e4d8 // ref: tags/v15.0.1 - github.com/gravitational/teleport/api => github.com/gravitational/teleport/api v0.0.0-20240206024131-d3475109e4d8 // ref: tags/v15.0.1 + github.com/gravitational/teleport => github.com/gravitational/teleport v0.0.0-20240216204833-520f79d46f94 // ref: tags/v15.0.2 + github.com/gravitational/teleport/api => github.com/gravitational/teleport/api v0.0.0-20240216204833-520f79d46f94 // ref: tags/v15.0.2 github.com/julienschmidt/httprouter => github.com/rw-access/httprouter v1.3.1-0.20210321233808-98e93175c124 github.com/microsoft/go-mssqldb => github.com/gravitational/go-mssqldb v0.11.1-0.20230331180905-0f76f1751cd3 github.com/vulcand/predicate => github.com/gravitational/predicate v1.3.1 diff --git a/go.sum b/go.sum index a0602d34b..633672acd 100644 --- a/go.sum +++ b/go.sum @@ -44,6 +44,8 @@ cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9 cloud.google.com/go/storage v1.36.0 h1:P0mOkAcaJxhCTvAkMhxMfrTKiNcub4YmmPBtlhAyTr8= cloud.google.com/go/storage v1.36.0/go.mod h1:M6M/3V/D3KpzMTJyPOR/HU6n2Si5QdaXYEsng2xgOs8= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= +github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 h1:bvDV9vkmnHYOMsOr4WLk+Vo07yKIzd94sVoIqshQ4bU= +github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24/go.mod h1:8o94RPi1/7XTJvwPpRSzSUedZrtlirdB3r9Z20bi2f8= github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.1 h1:lGlwhPtrX6EVml1hO0ivjkUxsSyl4dsiw9qcA1k/3IQ= github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.1/go.mod h1:RKUqNu35KJYcVG/fqTRqmuXJZYNhYkBrnC/hX7yGbTA= github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0 h1:BMAjVKJM0U/CYF27gA0ZMmXGkOcvfFtD0oHVZ1TIPRI= @@ -80,14 +82,28 @@ github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbi github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/DanielTitkov/go-adaptive-cards v0.2.2 h1:tBFExyvsbCcrBJEvPaV3FW4gcAkwQjXFKiKEBrE7Yuw= github.com/DanielTitkov/go-adaptive-cards v0.2.2/go.mod h1:RtCzt65p/zEos6+zhiCFQmiaHmro6M63l9NP7xXx/Lg= +github.com/MakeNowJust/heredoc v1.0.0 h1:cXCdzVdstXyiTqTvfqk9SDHpKNjxuom+DOlyEeQ4pzQ= +github.com/MakeNowJust/heredoc v1.0.0/go.mod h1:mG5amYoWBHf8vpLOuehzbGGw0EHxpZZ6lCpQ4fNJ8LE= github.com/Masterminds/goutils v1.1.0/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= +github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= +github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= +github.com/Masterminds/semver v1.5.0 h1:H65muMkzWKEuNDnfl9d70GUjFniHKHRbFPGBuZ3QEww= github.com/Masterminds/semver v1.5.0/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y= +github.com/Masterminds/semver/v3 v3.2.1 h1:RN9w6+7QoMeJVGyfmbcgs28Br8cvmnucEXnY0rYXWg0= +github.com/Masterminds/semver/v3 v3.2.1/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ= +github.com/Masterminds/sprig v2.22.0+incompatible h1:z4yfnGrZ7netVz+0EDJ0Wi+5VZCSYp4Z0m2dk6cEM60= github.com/Masterminds/sprig v2.22.0+incompatible/go.mod h1:y6hNFY5UBTIWBxnzTeuNhlNS5hqE0NB0E6fgfo2Br3o= +github.com/Masterminds/sprig/v3 v3.2.3 h1:eL2fZNezLomi0uOLqjQoN6BfsDD+fyLtgbJMAj9n6YA= +github.com/Masterminds/sprig/v3 v3.2.3/go.mod h1:rXcFaZ2zZbLRJv/xSysmlgIM1u11eBaRMhvYXJNkGuM= +github.com/Masterminds/squirrel v1.5.4 h1:uUcX/aBc8O7Fg9kaISIUsHXdKuqehiXAMQTYX8afzqM= +github.com/Masterminds/squirrel v1.5.4/go.mod h1:NNaOrjSoIDfDA40n7sr2tPNZRfjzjA400rg+riTZj10= github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0= github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY= github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow= github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM= +github.com/Microsoft/hcsshim v0.11.4 h1:68vKo2VN8DE9AdN4tnkWnmdhqdbpUFM8OF3Airm7fz8= +github.com/Microsoft/hcsshim v0.11.4/go.mod h1:smjE4dvqPX9Zldna+t5FG3rnoHhaB7QYxPRqGcpAD9w= github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7 h1:YoJbenK9C67SkzkDfmQuVln04ygHj3vjZfd9FL+GmQQ= github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo= github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI= @@ -133,6 +149,8 @@ github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= +github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so= +github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= github.com/aws/aws-sdk-go v1.15.78/go.mod h1:E3/ieXAlvM0XWO57iftYVDLLvQ824smPP3ATZkfNZeM= github.com/aws/aws-sdk-go v1.25.3/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= github.com/aws/aws-sdk-go v1.49.16 h1:KAQwhLg296hfffRdh+itA9p7Nx/3cXS/qOa3uF9ssig= @@ -161,6 +179,12 @@ github.com/aws/aws-sdk-go-v2/service/athena v1.37.4 h1:zY9TYF+NdIMSx1S4hh/j4NvCz github.com/aws/aws-sdk-go-v2/service/athena v1.37.4/go.mod h1:vzLQ7VnwMhaVgHyQF7Eg7Hbx8cBN7/UW294MrRHDrgM= github.com/aws/aws-sdk-go-v2/service/ec2 v1.142.1 h1:tTAfm9YsKlmlv6ORgco838e0ZeAcGVRkgevseiYO0gU= github.com/aws/aws-sdk-go-v2/service/ec2 v1.142.1/go.mod h1:hIsHE0PaWAQakLCshKS7VKWMGXaqrAFp4m95s2W9E6c= +github.com/aws/aws-sdk-go-v2/service/ec2instanceconnect v1.20.6 h1:Y0pqdpafA8TdG6AalCMFbbQ5SlO99MAybU0BDPLHbwo= +github.com/aws/aws-sdk-go-v2/service/ec2instanceconnect v1.20.6/go.mod h1:y6fUhf01cjz+VUz+zrmJh3KfIXhefV7dS4STCxgHx7g= +github.com/aws/aws-sdk-go-v2/service/ecs v1.36.0 h1:XjN5jaDmvP0fDGEOn/Ws06wNKNXUAPGLdeBhKUetQcc= +github.com/aws/aws-sdk-go-v2/service/ecs v1.36.0/go.mod h1:kt+L4lMA2nvv9evq9S6TOH1up95/2RsQG4GXfxoPRfM= +github.com/aws/aws-sdk-go-v2/service/eks v1.37.1 h1:5eFw5vlZI2KOChY0DOWxsnuC6N01WC3ZUo5+lco9mN8= +github.com/aws/aws-sdk-go-v2/service/eks v1.37.1/go.mod h1:0R62cZb66e+iaJU7jG3GQbenxD8B7kh4UFNZ19pauTA= github.com/aws/aws-sdk-go-v2/service/glue v1.73.1 h1:z/NBYW8RygzWrDgNWib10fuLUBl0SLj0KruGoEHxnKQ= github.com/aws/aws-sdk-go-v2/service/glue v1.73.1/go.mod h1:F3B9DC5FsIHAxUtHZdY5KUeqN+tHoGlRPzSSYdXjC38= github.com/aws/aws-sdk-go-v2/service/iam v1.28.7 h1:FKPRDYZOO0Eur19vWUL1B40Op0j89KQj3kARjrszMK8= @@ -207,6 +231,8 @@ github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/chai2010/gettext-go v1.0.2 h1:1Lwwip6Q2QGsAdl/ZKPCwTe9fe0CjlUbqj5bFNSjIRk= +github.com/chai2010/gettext-go v1.0.2/go.mod h1:y+wnP2cHYaVj19NZhYKAwEMH2CI1gNHeQQ+5AjwawxA= github.com/cheggaaa/pb v1.0.27/go.mod h1:pQciLPpbU0oxA0h+VJYYLxO+XeDQb5pZijXscXHm81s= github.com/chzyer/logex v1.1.10 h1:Swpa1K6QvQznwJRcfTfQJmTE72DqScAa40E+fbHEXEE= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= @@ -225,6 +251,10 @@ github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWH github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20231016030527-8bd2eac9fb4a h1:SZL0tarhuhoN0kvo5pfO4i6vxYghwzXUo9w0WHIjI4k= github.com/cncf/xds/go v0.0.0-20231016030527-8bd2eac9fb4a/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/containerd/containerd v1.7.11 h1:lfGKw3eU35sjV0aG2eYZTiwFEY1pCzxdzicHP3SZILw= +github.com/containerd/containerd v1.7.11/go.mod h1:5UluHxHTX2rdvYuZ5OJTC5m/KJNs0Zs9wVoJm9zf5ZE= +github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I= +github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo= github.com/coreos/bbolt v1.3.3/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/etcd v3.3.15+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= @@ -239,6 +269,8 @@ github.com/crewjam/httperr v0.2.0 h1:b2BfXR8U3AlIHwNeFFvZ+BV1LFvKLlzMjzaTnZMybNo github.com/crewjam/httperr v0.2.0/go.mod h1:Jlz+Sg/XqBQhyMjdDiC+GNNRzZTD7x39Gu3pglZ5oH4= github.com/crewjam/saml v0.4.14 h1:g9FBNx62osKusnFzs3QTN5L9CVA/Egfgm+stJShzw/c= github.com/crewjam/saml v0.4.14/go.mod h1:UVSZCf18jJkk6GpWNVqcyQJMD5HsRugBPf4I1nl2mME= +github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg= +github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= @@ -250,8 +282,24 @@ github.com/di-wu/xsd-datetime v1.0.0 h1:vZoGNkbzpBNoc+JyfVLEbutNDNydYV8XwHeV7eUJ github.com/di-wu/xsd-datetime v1.0.0/go.mod h1:i3iEhrP3WchwseOBeIdW/zxeoleXTOzx1WyDXgdmOww= github.com/digitorus/pkcs7 v0.0.0-20230818184609-3a137a874352 h1:ge14PCmCvPjpMQMIAH7uKg0lrtNSOdpYsRXlwk3QbaE= github.com/digitorus/pkcs7 v0.0.0-20230818184609-3a137a874352/go.mod h1:SKVExuS+vpu2l9IoOc0RwqE7NYnb0JlcFHFnEJkVDzc= +github.com/distribution/reference v0.5.0 h1:/FUIFXtfc/x2gpa5/VGfiGLuOIdYa1t65IKK2OFGvA0= +github.com/distribution/reference v0.5.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E= github.com/dlclark/regexp2 v1.9.0 h1:pTK/l/3qYIKaRXuHnEnIf7Y5NxfRPfpb7dis6/gdlVI= github.com/dlclark/regexp2 v1.9.0/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8= +github.com/docker/cli v24.0.7+incompatible h1:wa/nIwYFW7BVTGa7SWPVyyXU9lgORqUb1xfI36MSkFg= +github.com/docker/cli v24.0.7+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= +github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk= +github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= +github.com/docker/docker v24.0.7+incompatible h1:Wo6l37AuwP3JaMnZa226lzVXGA3F9Ig1seQen0cKYlM= +github.com/docker/docker v24.0.7+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker-credential-helpers v0.8.0 h1:YQFtbBQb4VrpoPxhFuzEBPQ9E16qz5SpHLS+uswaCp8= +github.com/docker/docker-credential-helpers v0.8.0/go.mod h1:UGFXcuoQ5TxPiB54nHOZ32AWRqQdECoh/Mg0AlEYb40= +github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ= +github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= +github.com/docker/go-metrics v0.0.1 h1:AgB/0SvBxihN0X8OR4SjsblXkbMvalQ8cjmtKQ2rQV8= +github.com/docker/go-metrics v0.0.1/go.mod h1:cG1hvH2utMXtqgqqYE9plW6lDxS3/5ayHzueweSI3Vw= +github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4= +github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= github.com/elimity-com/scim v0.0.0-20230426070224-941a5eac92f3 h1:+zrUtdBUJpY9qptMaaY3CA3T/lBI2+QqfUbzM2uxJss= github.com/elimity-com/scim v0.0.0-20230426070224-941a5eac92f3/go.mod h1:JkjcmqbLW+khwt2fmBPJFBhx2zGZ8XobRZ+O0VhlwWo= github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= @@ -268,8 +316,11 @@ github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7 github.com/envoyproxy/protoc-gen-validate v1.0.2 h1:QkIBuU5k+x7/QXPvPPnWXWlCdaBFApVqftFV6k087DA= github.com/envoyproxy/protoc-gen-validate v1.0.2/go.mod h1:GpiZQP3dDbg4JouG/NNS7QWXpgx6x8QiMKdmN72jogE= github.com/evanphx/json-patch v5.7.0+incompatible h1:vgGkfT/9f8zE6tvSCe74nfpAVDQ2tG6yudJd8LBksgI= +github.com/evanphx/json-patch v5.7.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJCLunww= github.com/evanphx/json-patch/v5 v5.6.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4= +github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d h1:105gxyaGwCFad8crR9dcMQWvV9Hvulu6hwUh4tWPJnM= +github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d/go.mod h1:ZZMPRZwes7CROmyNKgQzC3XPs6L/G2EJLHddWejkmf4= github.com/facebookgo/ensure v0.0.0-20160127193407-b4ab57deab51 h1:0JZ+dUmQeA8IIVUMzysrX4/AKuQwWhV2dYQuPZdvdSQ= github.com/facebookgo/ensure v0.0.0-20160127193407-b4ab57deab51/go.mod h1:Yg+htXGokKKdzcwhuNDwVvN+uBxDGXJ7G/VN1d8fa64= github.com/facebookgo/stack v0.0.0-20160209184415-751773369052 h1:JWuenKqqX8nojtoVVWjGfOF9635RETekkoH6Cc9SX0A= @@ -293,6 +344,8 @@ github.com/fxamacker/cbor/v2 v2.5.0/go.mod h1:TA1xS00nchWmaBnEIxPSE5oHLuJBAVvqrt github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/gliderlabs/ssh v0.2.2/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0= +github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA= +github.com/go-errors/errors v1.4.2/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og= github.com/go-git/gcfg v1.5.0 h1:Q5ViNfGF8zFgyJWPqYwA7qGFoMTEiBmdlkcfRmpIMa4= github.com/go-git/gcfg v1.5.0/go.mod h1:5m20vg6GwYabIxaOonVkTdrILxQMpEShl1xiMF4ua+E= github.com/go-git/go-billy/v5 v5.2.0/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= @@ -304,6 +357,8 @@ github.com/go-git/go-git/v5 v5.4.2/go.mod h1:gQ1kArt6d+n+BGd+/B/I74HwRTLhth2+zti github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= +github.com/go-gorp/gorp/v3 v3.1.0 h1:ItKF/Vbuj31dmV4jxA1qblpSwkl9g1typ24xoe70IGs= +github.com/go-gorp/gorp/v3 v3.1.0/go.mod h1:dLEjIyyRNiXvNZ8PSmzpt1GsWAUK8kjVhEpjH8TixEw= github.com/go-jose/go-jose/v3 v3.0.1 h1:pWmKFVtt+Jl0vBZTIpz/eAKwsm6LkIxDVVbFHKkchhA= github.com/go-jose/go-jose/v3 v3.0.1/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= @@ -331,6 +386,8 @@ github.com/go-webauthn/webauthn v0.10.0 h1:yuW2e1tXnRAwAvKrR4q4LQmc6XtCMH639/ypZ github.com/go-webauthn/webauthn v0.10.0/go.mod h1:l0NiauXhL6usIKqNLCUM3Qir43GK7ORg8ggold0Uv/Y= github.com/go-webauthn/x v0.1.6 h1:QNAX+AWeqRt9loE8mULeWJCqhVG5D/jvdmJ47fIWCkQ= github.com/go-webauthn/x v0.1.6/go.mod h1:W8dFVZ79o4f+nY1eOUICy/uq5dhrRl7mxQkYhXTo0FA= +github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y= +github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8= github.com/gofrs/flock v0.8.1 h1:+gYjHKf32LDeiEEFhQaotPbLuUXjY5ZqxKgXy7n59aw= github.com/gofrs/flock v0.8.1/go.mod h1:F1TvTiK9OcQqauNUHlbJvyl9Qa1QvF/gOUDKA14jxHU= github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= @@ -417,6 +474,8 @@ github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hf github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/s2a-go v0.1.7 h1:60BLSyTrOV4/haCDW4zb1guZItoSq8foHCXrAnjBo/o= github.com/google/s2a-go v0.1.7/go.mod h1:50CgR4k1jNlWBu4UfS4AcfhVe1r6pdZPygJ3R8F0Qdw= +github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= +github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.5.0 h1:1p67kYwdtXjb0gL0BPiP1Av9wiZPo5A8z2cWkTZ+eyU= github.com/google/uuid v1.5.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= @@ -431,6 +490,10 @@ github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB7 github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY= github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ= github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/gorilla/websocket v1.5.1 h1:gmztn0JnHVt9JZquRuzLw3g4wouNVzKL15iLr/zn/QY= +github.com/gorilla/websocket v1.5.1/go.mod h1:x3kM2JMyaluk02fnUJpQuwD2dCS5NDG2ZHL0uE0tcaY= +github.com/gosuri/uitable v0.0.4 h1:IG2xLKRvErL3uhY6e1BylFzG+aJiwQviDDTfOKeKTpY= +github.com/gosuri/uitable v0.0.4/go.mod h1:tKR86bXuXPZazfOTG1FIzvjIdXzd0mo4Vtn16vt0PJo= github.com/gravitational/go-oidc v0.1.1 h1:T5nZxwkrfqfDMW4VPomCiG50Ae5ToaL9NFxEJHKURXc= github.com/gravitational/go-oidc v0.1.1/go.mod h1:A/IrBuKme/aPiJ9RIctJnSfPKUAzSQ4zaacIXDCQGx4= github.com/gravitational/kingpin v2.1.11-0.20220901134012-2a1956e29525+incompatible h1:TEGeCHqyhYjjYs1YatUJfZ8GgOhZGVfnJeC+BfdxoLQ= @@ -447,12 +510,14 @@ github.com/gravitational/protobuf v1.3.2-0.20201123192827-2b9fcfaffcbf h1:MQ4e8X github.com/gravitational/protobuf v1.3.2-0.20201123192827-2b9fcfaffcbf/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= github.com/gravitational/roundtrip v1.0.2 h1:eOCY0NEKKaB0ksJmvhO6lPMFz1pIIef+vyPBTBROQ5c= github.com/gravitational/roundtrip v1.0.2/go.mod h1:fuI1booM2hLRA/B/m5MRAPOU6mBZNYcNycono2UuTw0= -github.com/gravitational/teleport v0.0.0-20240206024131-d3475109e4d8 h1:78SoaB9QxvS0jYbhWdEdK1ctoulpvmIdXXl13T2eMrA= -github.com/gravitational/teleport v0.0.0-20240206024131-d3475109e4d8/go.mod h1:gLE/ObKeD3XYtGmAEDl3UUFxcNAzhdrLvshMuC9Yt6Q= -github.com/gravitational/teleport/api v0.0.0-20240206024131-d3475109e4d8 h1:Qy719Ycap8WPVxgTayOJrR3jiL2G4U61KrkAOrPweMY= -github.com/gravitational/teleport/api v0.0.0-20240206024131-d3475109e4d8/go.mod h1:NgSiXazdkct7YHQZfTTfZF93zlSqJyOr7/4R/KVuAVs= +github.com/gravitational/teleport v0.0.0-20240216204833-520f79d46f94 h1:Qy687vHen0wm1FVRLzQyT0ThNLd2FXxIwq4+nomMSec= +github.com/gravitational/teleport v0.0.0-20240216204833-520f79d46f94/go.mod h1:gSHj+bnPoaDUWqpbjE1E6J4wZo4H+iNm5QqUiHdFvS4= +github.com/gravitational/teleport/api v0.0.0-20240216204833-520f79d46f94 h1:nj/SSnA7rAyI4qIT2wGZDnPRz/iuos0T+3whWwgC2N0= +github.com/gravitational/teleport/api v0.0.0-20240216204833-520f79d46f94/go.mod h1:NgSiXazdkct7YHQZfTTfZF93zlSqJyOr7/4R/KVuAVs= github.com/gravitational/trace v1.3.1 h1:jwZEuRtCYpLhUtqHo+JH+lu2qM0LB98UagqHtvdKuLI= github.com/gravitational/trace v1.3.1/go.mod h1:E61mn73aro7Zg9gZheZaeUsK6gjUMbCLazY76xuYAVA= +github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 h1:pdN6V1QBWetyv/0+wjACpqVH+eVULgEjkurDLq3goeM= +github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= github.com/grpc-ecosystem/go-grpc-middleware v1.0.0 h1:Iju5GlWwrvL6UBg4zJJt3btmonfrMlCDdsejg4CZE7c= github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= github.com/grpc-ecosystem/go-grpc-middleware/providers/openmetrics/v2 v2.0.0-rc.3 h1:kKuOg7gEBO7otn5QpZ4FnlbZBz1p5EZ7sX6RDbE36Bc= @@ -550,11 +615,15 @@ github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb/go.mod h1:+NfK9FKe github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d h1:kJCB4vdITiW1eC1vq2e6IsrXKrZit1bv/TDYFGMp4BQ= github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM= github.com/huandu/xstrings v1.3.2/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= +github.com/huandu/xstrings v1.4.0 h1:D17IlohoQq4UcpqD7fDk80P7l+lwAmlFaBHgOipl2FU= +github.com/huandu/xstrings v1.4.0/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= +github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= +github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4= @@ -609,6 +678,14 @@ github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= +github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 h1:SOEGU9fKiNWd/HOJuq6+3iTQz8KNCLtVX6idSoTLdUw= +github.com/lann/builder v0.0.0-20180802200727-47ae307949d0/go.mod h1:dXGbAdH5GtBTC4WfIxhKZfyBF/HBFgRZSWwZ9g/He9o= +github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 h1:P6pPBnrTSX3DEVR4fDembhRWSsG5rVo6hYhAB/ADZrk= +github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0/go.mod h1:vmVJ0l/dxyfGW6FmdpVm2joNMFikkuWg0EoCKLGUMNw= +github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw= +github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= +github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de h1:9TO3cAIGXtEhnIaL+V+BEER86oLrvS+kWobKpbJuye0= +github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de/go.mod h1:zAbeS9B/r2mtpb6U+EI2rYA5OAXxsYw6wTamcNW+zcE= github.com/lunixbochs/vtclean v0.0.0-20180621232353-2d01aacdc34a h1:weJVJJRzAJBFRlAiJQROKQs8oC9vOxvm4rZmBBk0ONw= github.com/lunixbochs/vtclean v0.0.0-20180621232353-2d01aacdc34a/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm/+2c2E2WMI= github.com/mailgun/holster/v3 v3.16.2 h1:Zl5Spy4WdgLMKWbHgkuDwsQwsJN0Xr3Mgt2dZGJih18= @@ -682,6 +759,10 @@ github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RR github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= +github.com/moby/locker v1.0.1 h1:fOXqR41zeveg4fFODix+1Ch4mj/gT0NE1XJbp/epuBg= +github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= +github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8= +github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= github.com/moby/term v0.5.0 h1:xt8Q1nalod/v7BqbG21f8mQPqH+xAaC9C3N3wfWbVP0= github.com/moby/term v0.5.0/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -691,9 +772,15 @@ github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lN github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 h1:n6/2gBQ3RWajuToeY6ZtZTIKv2v7ThUy5KKusIT0yc0= +github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00/go.mod h1:Pm3mSP3c5uWn86xMLZ5Sa7JB9GsEZySvHYXCTK4E9q4= +github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A= +github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f h1:y5//uYreIhSUg3J1GEMiLbxo1LJaP8RfCpH6pymGZus= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= github.com/nsf/jsondiff v0.0.0-20200515183724-f29ed568f4ce h1:RPclfga2SEJmgMmz2k+Mg7cowZ8yv4Trqw9UsJby758= github.com/nsf/jsondiff v0.0.0-20200515183724-f29ed568f4ce/go.mod h1:uFMI8w+ref4v2r9jz+c9i1IfIttS/OkmLfrk1jne5hs= @@ -703,11 +790,17 @@ github.com/okta/okta-sdk-golang/v2 v2.20.0 h1:EDKM+uOPfihOMNwgHMdno+NAsIfyXkVnoF github.com/okta/okta-sdk-golang/v2 v2.20.0/go.mod h1:FMy5hN5G8Rd/VoS0XrfyPPhIfOVo78ZK7lvwiQRS2+U= github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec= github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY= +github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= +github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= +github.com/opencontainers/image-spec v1.1.0-rc5 h1:Ygwkfw9bpDvs+c9E34SdgGOj41dX/cbdlwvlWt0pnFI= +github.com/opencontainers/image-spec v1.1.0-rc5/go.mod h1:X4pATf0uXsnn3g5aiGIsVnJBR4mxhKzfwmvK/B2NTm8= github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/patrickmn/go-cache v0.0.0-20180815053127-5633e0862627 h1:pSCLCl6joCFRnjpeojzOpEYs4q7Vditq8fySFG5ap3Y= github.com/patrickmn/go-cache v0.0.0-20180815053127-5633e0862627/go.mod h1:3Qf8kWWT7OJRJbdiICTKqZju1ZixQ/KpMGzzAfe6+WQ= github.com/pelletier/go-toml v1.9.5 h1:4yBQzkHv+7BHq2PQUZF3Mx0IYxG7LsP222s7Agd3ve8= github.com/pelletier/go-toml v1.9.5/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= +github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI= +github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= github.com/peterbourgon/diskv/v3 v3.0.1 h1:x06SQA46+PKIUftmEujdwSEpIx8kR+M9eLYsUxeYveU= github.com/peterbourgon/diskv/v3 v3.0.1/go.mod h1:kJ5Ny7vLdARGU3WUuy6uzO6T0nb/2gWcT1JiBvRmb5o= github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 h1:KoWmjvw+nsYOo29YJK9vDA65RGE3NrOnUtO7a+RF9HU= @@ -755,11 +848,15 @@ github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTE github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE= github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA= +github.com/rubenv/sql-migrate v1.5.2 h1:bMDqOnrJVV/6JQgQ/MxOpU+AdO8uzYYA/TxFUBzFtS0= +github.com/rubenv/sql-migrate v1.5.2/go.mod h1:H38GW8Vqf8F0Su5XignRyaRcbXbJunSWxs+kmzlg0Is= github.com/russellhaering/gosaml2 v0.9.1 h1:H/whrl8NuSoxyW46Ww5lKPskm+5K+qYLw9afqJ/Zef0= github.com/russellhaering/gosaml2 v0.9.1/go.mod h1:ja+qgbayxm+0mxBRLMSUuX3COqy+sb0RRhIGun/W2kc= github.com/russellhaering/goxmldsig v1.3.0/go.mod h1:gM4MDENBQf7M+V824SGfyIUVFWydB7n0KkEubVJl+Tw= github.com/russellhaering/goxmldsig v1.4.0 h1:8UcDh/xGyQiyrW+Fq5t8f+l2DLB1+zlhYzkPUJ7Qhys= github.com/russellhaering/goxmldsig v1.4.0/go.mod h1:gM4MDENBQf7M+V824SGfyIUVFWydB7n0KkEubVJl+Tw= +github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= +github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/rw-access/httprouter v1.3.1-0.20210321233808-98e93175c124 h1:HiiqjwsUvob18HsTIQgf4YH7Emph9aH37IwmaCykShQ= github.com/rw-access/httprouter v1.3.1-0.20210321233808-98e93175c124/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM= github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= @@ -778,6 +875,8 @@ github.com/sethvargo/go-diceware v0.3.0 h1:UVVEfmN/uF50JfWAN7nbY6CiAlp5xeSx+5U0l github.com/sethvargo/go-diceware v0.3.0/go.mod h1:lH5Q/oSPMivseNdhMERAC7Ti5oOPqsaVddU1BcN1CY0= github.com/sethvargo/go-limiter v0.7.2 h1:FgC4N7RMpV5gMrUdda15FaFTkQ/L4fEqM7seXMs4oO8= github.com/sethvargo/go-limiter v0.7.2/go.mod h1:C0kbSFbiriE5k2FFOe18M1YZbAR2Fiwf72uGu0CXCcU= +github.com/shopspring/decimal v1.3.1 h1:2Usl1nmF/WZucqkFZhnfFYxxxu8LG21F6nPQBE5gKV8= +github.com/shopspring/decimal v1.3.1/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= github.com/sijms/go-ora/v2 v2.7.9 h1:FvPwsyNtAOywDKlgjrgCpGkL0s49ZA/ShTBgEAfYKE0= github.com/sijms/go-ora/v2 v2.7.9/go.mod h1:EHxlY6x7y9HAsdfumurRfTd+v8NrEOTR3Xl4FWlH6xk= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= @@ -788,6 +887,10 @@ github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= +github.com/spf13/cast v1.5.1 h1:R+kOtfhWQE6TVQzY+4D7wJLBgkdVasCEFxSUBYBYIlA= +github.com/spf13/cast v1.5.1/go.mod h1:b9PdjNptOpzXr7Rq1q9gJML/2cdGQAo69NKzQ10KN48= +github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= +github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= @@ -833,9 +936,17 @@ github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcY github.com/xanzy/ssh-agent v0.3.0/go.mod h1:3s9xbODqPuuhK9JV1R321M/FlMZSBvE5aY6eAcqrDh0= github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM= github.com/xanzy/ssh-agent v0.3.3/go.mod h1:6dzNDKs0J9rVPHPhaGCukekBHKqfl+L3KghI1Bc68Uw= +github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb h1:zGWFAtiMcyryUHoUjUJX0/lt1H2+i2Ka2n+D3DImSNo= +github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= +github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 h1:EzJWgHovont7NscjpAxXsDA8S8BMYve8Y5+7cuRE7R0= +github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= +github.com/xeipuuv/gojsonschema v1.2.0 h1:LhYJRs+L4fBtjZUfuSZIKGeVu0QRy8e5Xi7D17UxZ74= +github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= github.com/xhit/go-str2duration/v2 v2.1.0 h1:lxklc02Drh6ynqX+DdPyp5pCKLUQpRT8bp8Ydu2Bstc= github.com/xhit/go-str2duration/v2 v2.1.0/go.mod h1:ohY8p+0f07DiV6Em5LKB0s2YpLtXVyJfNt1+BlmyAsU= github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= +github.com/xlab/treeprint v1.2.0 h1:HzHnuAF1plUN2zGlAFHbSQP2qJ0ZAD3XF5XD7OesXRQ= +github.com/xlab/treeprint v1.2.0/go.mod h1:gj5Gd3gPdKtR1ikdDK6fnFLdmIS0X30kTTuNd/WEJu0= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -881,6 +992,8 @@ go.opentelemetry.io/otel/trace v1.21.0/go.mod h1:LGbsEB0f9LGjN+OZaQQ26sohbOmiMR+ go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= go.opentelemetry.io/proto/otlp v1.0.0 h1:T0TX0tmXU8a3CbNXzEKGeU5mIVOdf0oykP+u2lIVU/I= go.opentelemetry.io/proto/otlp v1.0.0/go.mod h1:Sy6pihPLfYHkr3NkUbEhGHFhINUSI/v80hjKIs5JXpM= +go.starlark.net v0.0.0-20230525235612-a134d8f9ddca h1:VdD38733bfYv5tUZwEIskMM93VanwNIi5bIKnDrJdEY= +go.starlark.net v0.0.0-20230525235612-a134d8f9ddca/go.mod h1:jxU+3+j+71eXOW14274+SmmuW82qJzl6iZSeqEtTGds= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= @@ -1274,6 +1387,8 @@ gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +helm.sh/helm/v3 v3.14.1 h1:4AwRLx+wfzlPtvrsbDmWP5PUokGmf9/nAmEdk21vae8= +helm.sh/helm/v3 v3.14.1/go.mod h1:2itvvDv2WSZXTllknfQo6j7u3VVgMAvm8POCDgYH424= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= @@ -1283,16 +1398,28 @@ honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9 honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= k8s.io/api v0.29.0 h1:NiCdQMY1QOp1H8lfRyeEf8eOwV6+0xA6XEE44ohDX2A= k8s.io/api v0.29.0/go.mod h1:sdVmXoz2Bo/cb77Pxi71IPTSErEW32xa4aXwKH7gfBA= +k8s.io/apiextensions-apiserver v0.29.0 h1:0VuspFG7Hj+SxyF/Z/2T0uFbI5gb5LRgEyUVE3Q4lV0= +k8s.io/apiextensions-apiserver v0.29.0/go.mod h1:TKmpy3bTS0mr9pylH0nOt/QzQRrW7/h7yLdRForMZwc= k8s.io/apimachinery v0.29.0 h1:+ACVktwyicPz0oc6MTMLwa2Pw3ouLAfAon1wPLtG48o= k8s.io/apimachinery v0.29.0/go.mod h1:eVBxQ/cwiJxH58eK/jd/vAk4mrxmVlnpBH5J2GbMeis= +k8s.io/apiserver v0.29.0 h1:Y1xEMjJkP+BIi0GSEv1BBrf1jLU9UPfAnnGGbbDdp7o= +k8s.io/apiserver v0.29.0/go.mod h1:31n78PsRKPmfpee7/l9NYEv67u6hOL6AfcE761HapDM= +k8s.io/cli-runtime v0.29.0 h1:q2kC3cex4rOBLfPOnMSzV2BIrrQlx97gxHJs21KxKS4= +k8s.io/cli-runtime v0.29.0/go.mod h1:VKudXp3X7wR45L+nER85YUzOQIru28HQpXr0mTdeCrk= k8s.io/client-go v0.29.0 h1:KmlDtFcrdUzOYrBhXHgKw5ycWzc3ryPX5mQe0SkG3y8= k8s.io/client-go v0.29.0/go.mod h1:yLkXH4HKMAywcrD82KMSmfYg2DlE8mepPR4JGSo5n38= +k8s.io/component-base v0.29.0 h1:T7rjd5wvLnPBV1vC4zWd/iWRbV8Mdxs+nGaoaFzGw3s= +k8s.io/component-base v0.29.0/go.mod h1:sADonFTQ9Zc9yFLghpDpmNXEdHyQmFIGbiuZbqAXQ1M= k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0= k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo= k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780= k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= +k8s.io/kubectl v0.29.0 h1:Oqi48gXjikDhrBF67AYuZRTcJV4lg2l42GmvsP7FmYI= +k8s.io/kubectl v0.29.0/go.mod h1:0jMjGWIcMIQzmUaMgAzhSELv5WtHo2a8pq67DtviAJs= k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +oras.land/oras-go v1.2.4 h1:djpBY2/2Cs1PV87GSJlxv4voajVOMZxqqtq9AB8YNvY= +oras.land/oras-go v1.2.4/go.mod h1:DYcGfb3YF1nKjcezfX2SNlDAeQFKSXmf+qrFmrh4324= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= @@ -1300,6 +1427,10 @@ sigs.k8s.io/controller-runtime v0.16.1 h1:+15lzrmHsE0s2kNl0Dl8cTchI5Cs8qofo5PGcP sigs.k8s.io/controller-runtime v0.16.1/go.mod h1:vpMu3LpI5sYWtujJOa2uPK61nB5rbwlN7BAB8aSLvGU= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= +sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 h1:XX3Ajgzov2RKUdc5jW3t5jwY7Bo7dcRm+tFxT+NfgY0= +sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3/go.mod h1:9n16EZKMhXBNSiUC5kSdFQJkdH3zbxS/JoO619G1VAY= +sigs.k8s.io/kustomize/kyaml v0.16.0 h1:6J33uKSoATlKZH16unr2XOhDI+otoe2sR3M8PDzW3K0= +sigs.k8s.io/kustomize/kyaml v0.16.0/go.mod h1:xOK/7i+vmE14N2FdFyugIshB8eF6ALpy7jI87Q2nRh4= sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= diff --git a/terraform/install.mk b/terraform/install.mk index 2ffe8087e..5bb3f6c4b 100644 --- a/terraform/install.mk +++ b/terraform/install.mk @@ -1,4 +1,4 @@ -VERSION=15.0.1 +VERSION=15.0.2 OS ?= $(shell go env GOOS) ARCH ?= $(shell go env GOARCH) diff --git a/terraform/reference.mdx b/terraform/reference.mdx index 0901b1a1f..71c6afb6c 100755 --- a/terraform/reference.mdx +++ b/terraform/reference.mdx @@ -134,12 +134,12 @@ To mitigate this, you should explicitly set the resource version. header is the header for the resource. -| Name | Type | Required | Description | -|----------|--------|----------|--------------------------------------------------------------------| -| kind | string | | kind is a resource kind. | -| metadata | object | | metadata is resource metadata. | -| sub_kind | string | | sub_kind is an optional resource sub kind, used in some resources. | -| version | string | * | version is version. | +| Name | Type | Required | Description | +|----------|--------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| kind | string | | kind is a resource kind. | +| metadata | object | | metadata is resource metadata. | +| sub_kind | string | | sub_kind is an optional resource sub kind, used in some resources. | +| version | string | * | Version is the API version used to create the resource. It must be specified. Based on this version, Teleport will apply different defaults on resource creation or deletion. It must be an integer prefixed by "v". For example: `v1` | #### header.metadata @@ -163,7 +163,7 @@ spec is the specification for the access list. | audit | object | * | audit describes the frequency that this access list must be audited. | | description | string | | description is an optional plaintext description of the access list. | | grants | object | * | grants describes the access granted by membership to this access list. | -| membership | string | | membership defines how list membership is applied. There are two possible values: `explicit` (default): To be considered ag member of the access list, a user must both meet the `membership_requires` conditions AND be explicitly added to the list. `implicit`: Any user meeting the `membership_requires` conditions will automatically be cosidered a member of this list. | +| membership | string | | membership defines how list membership is applied. There are two possible values: `explicit` (default): To be considered ag member of the access list, a user must both meet the `membership_requires` conditions AND be explicitly added to the list. `implicit`: Any user meeting the `membership_requires` conditions will automatically be considered a member of this list. | | membership_requires | object | | membership_requires describes the requirements for a user to be a member of the access list. For a membership to an access list to be effective, the user must meet the requirements of Membership_requires and must be in the members list. | | owner_grants | object | | owner_grants describes the access granted by owners to this access list. | | owners | object | * | owners is a list of owners of the access list. | @@ -326,12 +326,12 @@ resource "teleport_access_list" "crane-operation" { ## teleport_app -| Name | Type | Required | Description | -|----------|--------|----------|------------------------------------------| -| metadata | object | | Metadata is the app resource metadata. | -| spec | object | | Spec is the app resource spec. | -| sub_kind | string | | SubKind is an optional resource subkind. | -| version | string | * | Version is the resource version. | +| Name | Type | Required | Description | +|----------|--------|----------|-----------------------------------------------------------------------------------| +| metadata | object | | Metadata is the app resource metadata. | +| spec | object | | Spec is the app resource spec. | +| sub_kind | string | | SubKind is an optional resource subkind. | +| version | string | * | Version is the resource version. It must be specified. Supported values are:`v3`. | ### metadata @@ -420,12 +420,12 @@ resource "teleport_app" "example" { ## teleport_auth_preference -| Name | Type | Required | Description | -|----------|--------|----------|------------------------------------------------------------------| -| metadata | object | | Metadata is resource metadata | -| spec | object | * | Spec is an AuthPreference specification | -| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources | -| version | string | * | Version is a resource version | +| Name | Type | Required | Description | +|----------|--------|----------|------------------------------------------------------------------------------------| +| metadata | object | | Metadata is resource metadata | +| spec | object | * | Spec is an AuthPreference specification | +| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources | +| version | string | * | Version is the resource version. It must be specified. Supported values are: `v2`. | ### metadata @@ -452,11 +452,12 @@ Spec is an AuthPreference specification | default_session_ttl | duration | | DefaultSessionTTL is the TTL to use for user certs when an explicit TTL is not requested. | | device_trust | object | | DeviceTrust holds settings related to trusted device verification. Requires Teleport Enterprise. | | disconnect_expired_cert | bool | | | +| hardware_key | object | | HardwareKey are the settings for hardware key support. | | idp | object | | IDP is a set of options related to accessing IdPs within Teleport. Requires Teleport Enterprise. | | locking_mode | string | | LockingMode is the cluster-wide locking mode default. | | message_of_the_day | string | | | | okta | object | | Okta is a set of options related to the Okta service in Teleport. Requires Teleport Enterprise. | -| piv_slot | string | | PIVSlot is a PIV slot that Teleport clients should use instead of the default based on private key policy. For example, "9a" or "9e". | +| piv_slot | string | | TODO(Joerger): DELETE IN 17.0.0 Deprecated, replaced by HardwareKey settings. | | require_session_mfa | number | | RequireMFAType is the type of MFA requirement enforced for this cluster: 0:Off, 1:Session, 2:SessionAndHardwareKey, 3:HardwareKeyTouch | | second_factor | string | | SecondFactor is the type of second factor. | | type | string | | Type is the type of authentication. | @@ -473,6 +474,24 @@ DeviceTrust holds settings related to trusted device verification. Requires Tele | ekcert_allowed_cas | array of strings | | Allow list of EKCert CAs in PEM format. If present, only TPM devices that present an EKCert that is signed by a CA specified here may be enrolled (existing enrollments are unchanged). If not present, then the CA of TPM EKCerts will not be checked during enrollment, this allows any device to enroll. | | mode | string | | Mode of verification for trusted devices. The following modes are supported: - "off": disables both device authentication and authorization. - "optional": allows both device authentication and authorization, but doesn't enforce the presence of device extensions for sensitive endpoints. - "required": enforces the presence of device extensions for sensitive endpoints. Mode is always "off" for OSS. Defaults to "optional" for Enterprise. | +#### spec.hardware_key + +HardwareKey are the settings for hardware key support. + +| Name | Type | Required | Description | +|--------------------------|--------|----------|---------------------------------------------------------------------------------------------------------------------------------------| +| piv_slot | string | | PIVSlot is a PIV slot that Teleport clients should use instead of the default based on private key policy. For example, "9a" or "9e". | +| serial_number_validation | object | | SerialNumberValidation holds settings for hardware key serial number validation. By default, serial number validation is disabled. | + +##### spec.hardware_key.serial_number_validation + +SerialNumberValidation holds settings for hardware key serial number validation. By default, serial number validation is disabled. + +| Name | Type | Required | Description | +|--------------------------|--------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| enabled | bool | | Enabled indicates whether hardware key serial number validation is enabled. | +| serial_number_trait_name | string | | SerialNumberTraitName is an optional custom user trait name for hardware key serial numbers to replace the default: "hardware_key_serial_numbers". Note: Values for this user trait should be a comma-separated list of serial numbers, or a list of comm-separated lists. e.g ["123", "345,678"] | + #### spec.idp IDP is a set of options related to accessing IdPs within Teleport. Requires Teleport Enterprise. @@ -593,13 +612,13 @@ resource "teleport_bot" "example" { ## teleport_cluster_maintenance_config -| Name | Type | Required | Description | -|----------|--------|----------|----------------------------------------------------------------------------------------------------------------------------| -| metadata | object | | Metadata is resource metadata | -| nonce | number | | Nonce is used to protect against concurrent modification of the maintenance window. Clients should treat nonces as opaque. | -| spec | object | | | -| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources | -| version | string | * | Version is version | +| Name | Type | Required | Description | +|----------|--------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| metadata | object | | Metadata is resource metadata | +| nonce | number | | Nonce is used to protect against concurrent modification of the maintenance window. Clients should treat nonces as opaque. | +| spec | object | | | +| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources | +| version | string | * | Version is the API version used to create the resource. It must be specified. Based on this version, Teleport will apply different defaults on resource creation or deletion. It must be an integer prefixed by "v". For example: `v1` | ### metadata @@ -652,12 +671,12 @@ resource "teleport_cluster_maintenance_config" "example" { ## teleport_cluster_networking_config -| Name | Type | Required | Description | -|----------|--------|----------|------------------------------------------------------------------| -| metadata | object | | Metadata is resource metadata | -| spec | object | | Spec is a ClusterNetworkingConfig specification | -| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources | -| version | string | | Version is a resource version | +| Name | Type | Required | Description | +|----------|--------|----------|-----------------------------------------------------------------------------------| +| metadata | object | | Metadata is resource metadata | +| spec | object | | Spec is a ClusterNetworkingConfig specification | +| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources | +| version | string | | Version is the resource version. It must be specified. Supported values are:`v2`. | ### metadata @@ -737,12 +756,12 @@ resource "teleport_cluster_networking_config" "example" { ## teleport_database -| Name | Type | Required | Description | -|----------|--------|----------|------------------------------------------| -| metadata | object | | Metadata is the database metadata. | -| spec | object | | Spec is the database spec. | -| sub_kind | string | | SubKind is an optional resource subkind. | -| version | string | * | Version is the resource version. | +| Name | Type | Required | Description | +|----------|--------|----------|------------------------------------------------------------------------------------| +| metadata | object | | Metadata is the database metadata. | +| spec | object | | Spec is the database spec. | +| sub_kind | string | | SubKind is an optional resource subkind. | +| version | string | * | Version is the resource version. It must be specified. Supported values are: `v3`. | ### metadata @@ -997,12 +1016,12 @@ resource "teleport_database" "example" { ## teleport_github_connector -| Name | Type | Required | Description | -|----------|--------|----------|-------------------------------------------------------------------| -| metadata | object | | Metadata holds resource metadata. | -| spec | object | * | Spec is an Github connector specification. | -| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources. | -| version | string | * | Version is a resource version. | +| Name | Type | Required | Description | +|----------|--------|----------|------------------------------------------------------------------------------------| +| metadata | object | | Metadata holds resource metadata. | +| spec | object | * | Spec is an Github connector specification. | +| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources. | +| version | string | * | Version is the resource version. It must be specified. Supported values are: `v3`. | ### metadata @@ -1153,12 +1172,12 @@ resource "teleport_login_rule" "example" { ## teleport_oidc_connector -| Name | Type | Required | Description | -|----------|--------|----------|-------------------------------------------------------------------| -| metadata | object | | Metadata holds resource metadata. | -| spec | object | * | Spec is an OIDC connector specification. | -| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources. | -| version | string | * | Version is a resource version. | +| Name | Type | Required | Description | +|----------|--------|----------|------------------------------------------------------------------------------------| +| metadata | object | | Metadata holds resource metadata. | +| spec | object | * | Spec is an OIDC connector specification. | +| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources. | +| version | string | * | Version is the resource version. It must be specified. Supported values are: `v3`. | ### metadata @@ -1241,12 +1260,12 @@ resource "teleport_oidc_connector" "example" { ## teleport_okta_import_rule -| Name | Type | Required | Description | -|----------|--------|----------|------------------------------------------------------------------| -| metadata | object | | Metadata is resource metadata | -| spec | object | * | Spec is the specification for the Okta import rule. | -| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources | -| version | string | * | Version is version | +| Name | Type | Required | Description | +|----------|--------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| metadata | object | | Metadata is resource metadata | +| spec | object | * | Spec is the specification for the Okta import rule. | +| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources | +| version | string | * | Version is the API version used to create the resource. It must be specified. Based on this version, Teleport will apply different defaults on resource creation or deletion. It must be an integer prefixed by "v". For example: `v1` | ### metadata @@ -1356,12 +1375,12 @@ resource "teleport_okta_import_rule" "example" { ## teleport_provision_token -| Name | Type | Required | Description | -|----------|--------|----------|------------------------------------------------------------------| -| metadata | object | | Metadata is resource metadata | -| spec | object | * | Spec is a provisioning token V2 spec | -| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources | -| version | string | * | Version is version | +| Name | Type | Required | Description | +|----------|--------|----------|-----------------------------------------------------------------------------------| +| metadata | object | | Metadata is resource metadata | +| spec | object | * | Spec is a provisioning token V2 spec | +| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources | +| version | string | * | Version is the resource version. It must be specified. Supported values are:`v2`. | ### metadata @@ -1469,7 +1488,7 @@ GitHub allows the configuration of options specific to the "github" join method. |------------------------|--------|----------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | allow | object | | Allow is a list of TokenRules, nodes using this token must match one allow rule to use this token. | | enterprise_server_host | string | | EnterpriseServerHost allows joining from runners associated with a GitHub Enterprise Server instance. When unconfigured, tokens will be validated against github.com, but when configured to the host of a GHES instance, then the tokens will be validated against host. This value should be the hostname of the GHES instance, and should not include the scheme or a path. The instance must be accessible over HTTPS at this hostname and the certificate must be trusted by the Auth Server. | -| enterprise_slug | string | | EnterpriseSlug allows the slug of a GitHub Enterprise organisation to be included in the expected issuer of the OIDC tokens. This is for compatibility with the `include_enterprise_slug` option in GHE. This field should be set to the slug of your enterprise if this is enabled. If this is not enabled, then this field must be left empty. This field cannot be specified if `enterprise_server_host` is specified. See https://docs.github.com/en/enterprise-cloud@latest/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#customizing-the-issuer-value-for-an-enterprise for more information about customised issuer values. | +| enterprise_slug | string | | EnterpriseSlug allows the slug of a GitHub Enterprise organisation to be included in the expected issuer of the OIDC tokens. This is for compatibility with the `include_enterprise_slug` option in GHE. This field should be set to the slug of your enterprise if this is enabled. If this is not enabled, then this field must be left empty. This field cannot be specified if `enterprise_server_host` is specified. See https://docs.github.com/en/enterprise-cloud@latest/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#customizing-the-issuer-value-for-an-enterprise for more information about customized issuer values. | ##### spec.github.allow @@ -1603,12 +1622,12 @@ resource "teleport_provision_token" "iam-token" { ## teleport_role -| Name | Type | Required | Description | -|----------|--------|----------|------------------------------------------------------------------| -| metadata | object | | Metadata is resource metadata | -| spec | object | | Spec is a role specification | -| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources | -| version | string | * | Version is version | +| Name | Type | Required | Description | +|----------|--------|----------|------------------------------------------------------------------------------------------------------------| +| metadata | object | | Metadata is resource metadata | +| spec | object | | Spec is a role specification | +| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources | +| version | string | * | Version is the resource version. It must be specified. Supported values are: `v3`, `v4`, `v5`, `v6`, `v7`. | ### metadata @@ -1637,44 +1656,55 @@ Spec is a role specification Allow is the set of conditions evaluated to grant access. -| Name | Type | Required | Description | -|-----------------------------------|----------------------|----------|---------------------------------------------------------------------------------------------------------------------------------| -| app_labels | map of string arrays | | | -| app_labels_expression | string | | AppLabelsExpression is a predicate expression used to allow/deny access to Apps. | -| aws_role_arns | array of strings | | AWSRoleARNs is a list of AWS role ARNs this role is allowed to assume. | -| azure_identities | array of strings | | AzureIdentities is a list of Azure identities this role is allowed to assume. | -| cluster_labels | map of string arrays | | | -| cluster_labels_expression | string | | ClusterLabelsExpression is a predicate expression used to allow/deny access to remote Teleport clusters. | -| db_labels | map of string arrays | | | -| db_labels_expression | string | | DatabaseLabelsExpression is a predicate expression used to allow/deny access to Databases. | -| db_names | array of strings | | DatabaseNames is a list of database names this role is allowed to connect to. | -| db_roles | array of strings | | DatabaseRoles is a list of databases roles for automatic user creation. | -| db_service_labels | map of string arrays | | | -| db_service_labels_expression | string | | DatabaseServiceLabelsExpression is a predicate expression used to allow/deny access to Database Services. | -| db_users | array of strings | | DatabaseUsers is a list of databases users this role is allowed to connect as. | -| desktop_groups | array of strings | | DesktopGroups is a list of groups for created desktop users to be added to | -| gcp_service_accounts | array of strings | | GCPServiceAccounts is a list of GCP service accounts this role is allowed to assume. | -| group_labels | map of string arrays | | | -| group_labels_expression | string | | GroupLabelsExpression is a predicate expression used to allow/deny access to user groups. | -| host_groups | array of strings | | HostGroups is a list of groups for created users to be added to | -| host_sudoers | array of strings | | HostSudoers is a list of entries to include in a users sudoer file | -| impersonate | object | | Impersonate specifies what users and roles this role is allowed to impersonate by issuing certificates or other possible means. | -| join_sessions | object | | JoinSessions specifies policies to allow users to join other sessions. | -| kubernetes_groups | array of strings | | KubeGroups is a list of kubernetes groups | -| kubernetes_labels | map of string arrays | | | -| kubernetes_labels_expression | string | | KubernetesLabelsExpression is a predicate expression used to allow/deny access to kubernetes clusters. | -| kubernetes_resources | object | | KubernetesResources is the Kubernetes Resources this Role grants access to. | -| kubernetes_users | array of strings | | KubeUsers is an optional kubernetes users to impersonate | -| logins | array of strings | | Logins is a list of *nix system logins. | -| node_labels | map of string arrays | | | -| node_labels_expression | string | | NodeLabelsExpression is a predicate expression used to allow/deny access to SSH nodes. | -| request | object | | | -| require_session_join | object | | RequireSessionJoin specifies policies for required users to start a session. | -| review_requests | object | | ReviewRequests defines conditions for submitting access reviews. | -| rules | object | | Rules is a list of rules and their access levels. Rules are a high level construct used for access control. | -| windows_desktop_labels | map of string arrays | | | -| windows_desktop_labels_expression | string | | WindowsDesktopLabelsExpression is a predicate expression used to allow/deny access to Windows desktops. | -| windows_desktop_logins | array of strings | | WindowsDesktopLogins is a list of desktop login names allowed/denied for Windows desktops. | +| Name | Type | Required | Description | +|-----------------------------------|----------------------|----------|-----------------------------------------------------------------------------------------------------------------------------------------------| +| app_labels | map of string arrays | | | +| app_labels_expression | string | | AppLabelsExpression is a predicate expression used to allow/deny access to Apps. | +| aws_role_arns | array of strings | | AWSRoleARNs is a list of AWS role ARNs this role is allowed to assume. | +| azure_identities | array of strings | | AzureIdentities is a list of Azure identities this role is allowed to assume. | +| cluster_labels | map of string arrays | | | +| cluster_labels_expression | string | | ClusterLabelsExpression is a predicate expression used to allow/deny access to remote Teleport clusters. | +| db_labels | map of string arrays | | | +| db_labels_expression | string | | DatabaseLabelsExpression is a predicate expression used to allow/deny access to Databases. | +| db_names | array of strings | | DatabaseNames is a list of database names this role is allowed to connect to. | +| db_permissions | object | | DatabasePermissions specifies a set of permissions that will be granted to the database user when using automatic database user provisioning. | +| db_roles | array of strings | | DatabaseRoles is a list of databases roles for automatic user creation. | +| db_service_labels | map of string arrays | | | +| db_service_labels_expression | string | | DatabaseServiceLabelsExpression is a predicate expression used to allow/deny access to Database Services. | +| db_users | array of strings | | DatabaseUsers is a list of databases users this role is allowed to connect as. | +| desktop_groups | array of strings | | DesktopGroups is a list of groups for created desktop users to be added to | +| gcp_service_accounts | array of strings | | GCPServiceAccounts is a list of GCP service accounts this role is allowed to assume. | +| group_labels | map of string arrays | | | +| group_labels_expression | string | | GroupLabelsExpression is a predicate expression used to allow/deny access to user groups. | +| host_groups | array of strings | | HostGroups is a list of groups for created users to be added to | +| host_sudoers | array of strings | | HostSudoers is a list of entries to include in a users sudoer file | +| impersonate | object | | Impersonate specifies what users and roles this role is allowed to impersonate by issuing certificates or other possible means. | +| join_sessions | object | | JoinSessions specifies policies to allow users to join other sessions. | +| kubernetes_groups | array of strings | | KubeGroups is a list of kubernetes groups | +| kubernetes_labels | map of string arrays | | | +| kubernetes_labels_expression | string | | KubernetesLabelsExpression is a predicate expression used to allow/deny access to kubernetes clusters. | +| kubernetes_resources | object | | KubernetesResources is the Kubernetes Resources this Role grants access to. | +| kubernetes_users | array of strings | | KubeUsers is an optional kubernetes users to impersonate | +| logins | array of strings | | Logins is a list of *nix system logins. | +| node_labels | map of string arrays | | | +| node_labels_expression | string | | NodeLabelsExpression is a predicate expression used to allow/deny access to SSH nodes. | +| request | object | | | +| require_session_join | object | | RequireSessionJoin specifies policies for required users to start a session. | +| review_requests | object | | ReviewRequests defines conditions for submitting access reviews. | +| rules | object | | Rules is a list of rules and their access levels. Rules are a high level construct used for access control. | +| spiffe | object | | SPIFFE is used to allow or deny access to a role holder to generating a SPIFFE SVID. | +| windows_desktop_labels | map of string arrays | | | +| windows_desktop_labels_expression | string | | WindowsDesktopLabelsExpression is a predicate expression used to allow/deny access to Windows desktops. | +| windows_desktop_logins | array of strings | | WindowsDesktopLogins is a list of desktop login names allowed/denied for Windows desktops. | + +##### spec.allow.db_permissions + +DatabasePermissions specifies a set of permissions that will be granted to the database user when using automatic database user provisioning. + +| Name | Type | Required | Description | +|-------------|----------------------|----------|------------------------------------------------------------------------------------------------------------------| +| match | map of string arrays | | | +| permissions | array of strings | | Permission is the list of string representations of the permission to be given, e.g. SELECT, INSERT, UPDATE, ... | ##### spec.allow.impersonate @@ -1788,48 +1818,69 @@ Rules is a list of rules and their access levels. Rules are a high level constru | verbs | array of strings | | Verbs is a list of verbs | | where | string | | Where specifies optional advanced matcher | +##### spec.allow.spiffe + +SPIFFE is used to allow or deny access to a role holder to generating a SPIFFE SVID. + +| Name | Type | Required | Description | +|----------|------------------|----------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| dns_sans | array of strings | | DNSSANs specifies matchers for the SPIFFE ID DNS SANs. Each requested DNS SAN is compared against all matchers configured and if any match, the condition is considered to be met. The matcher by default allows '*' to be used to indicate zero or more of any character. Prepend '^' and append '$' to instead switch to matching using the Go regex syntax. Example: *.example.com would match foo.example.com | +| ip_sans | array of strings | | IPSANs specifies matchers for the SPIFFE ID IP SANs. Each requested IP SAN is compared against all matchers configured and if any match, the condition is considered to be met. The matchers should be specified using CIDR notation, it supports IPv4 and IPv6. Examples: - 10.0.0.0/24 would match 10.0.0.0 to 10.255.255.255 - 10.0.0.42/32 would match only 10.0.0.42 | +| path | string | | Path specifies a matcher for the SPIFFE ID path. It should not include the trust domain and should start with a leading slash. The matcher by default allows '*' to be used to indicate zero or more of any character. Prepend '^' and append '$' to instead switch to matching using the Go regex syntax. Example: - /svc/foo/*/bar would match /svc/foo/baz/bar - ^\/svc\/foo\/.*\/bar$ would match /svc/foo/baz/bar | + #### spec.deny Deny is the set of conditions evaluated to deny access. Deny takes priority over allow. -| Name | Type | Required | Description | -|-----------------------------------|----------------------|----------|---------------------------------------------------------------------------------------------------------------------------------| -| app_labels | map of string arrays | | | -| app_labels_expression | string | | AppLabelsExpression is a predicate expression used to allow/deny access to Apps. | -| aws_role_arns | array of strings | | AWSRoleARNs is a list of AWS role ARNs this role is allowed to assume. | -| azure_identities | array of strings | | AzureIdentities is a list of Azure identities this role is allowed to assume. | -| cluster_labels | map of string arrays | | | -| cluster_labels_expression | string | | ClusterLabelsExpression is a predicate expression used to allow/deny access to remote Teleport clusters. | -| db_labels | map of string arrays | | | -| db_labels_expression | string | | DatabaseLabelsExpression is a predicate expression used to allow/deny access to Databases. | -| db_names | array of strings | | DatabaseNames is a list of database names this role is allowed to connect to. | -| db_roles | array of strings | | DatabaseRoles is a list of databases roles for automatic user creation. | -| db_service_labels | map of string arrays | | | -| db_service_labels_expression | string | | DatabaseServiceLabelsExpression is a predicate expression used to allow/deny access to Database Services. | -| db_users | array of strings | | DatabaseUsers is a list of databases users this role is allowed to connect as. | -| desktop_groups | array of strings | | DesktopGroups is a list of groups for created desktop users to be added to | -| gcp_service_accounts | array of strings | | GCPServiceAccounts is a list of GCP service accounts this role is allowed to assume. | -| group_labels | map of string arrays | | | -| group_labels_expression | string | | GroupLabelsExpression is a predicate expression used to allow/deny access to user groups. | -| host_groups | array of strings | | HostGroups is a list of groups for created users to be added to | -| host_sudoers | array of strings | | HostSudoers is a list of entries to include in a users sudoer file | -| impersonate | object | | Impersonate specifies what users and roles this role is allowed to impersonate by issuing certificates or other possible means. | -| join_sessions | object | | JoinSessions specifies policies to allow users to join other sessions. | -| kubernetes_groups | array of strings | | KubeGroups is a list of kubernetes groups | -| kubernetes_labels | map of string arrays | | | -| kubernetes_labels_expression | string | | KubernetesLabelsExpression is a predicate expression used to allow/deny access to kubernetes clusters. | -| kubernetes_resources | object | | KubernetesResources is the Kubernetes Resources this Role grants access to. | -| kubernetes_users | array of strings | | KubeUsers is an optional kubernetes users to impersonate | -| logins | array of strings | | Logins is a list of *nix system logins. | -| node_labels | map of string arrays | | | -| node_labels_expression | string | | NodeLabelsExpression is a predicate expression used to allow/deny access to SSH nodes. | -| request | object | | | -| require_session_join | object | | RequireSessionJoin specifies policies for required users to start a session. | -| review_requests | object | | ReviewRequests defines conditions for submitting access reviews. | -| rules | object | | Rules is a list of rules and their access levels. Rules are a high level construct used for access control. | -| windows_desktop_labels | map of string arrays | | | -| windows_desktop_labels_expression | string | | WindowsDesktopLabelsExpression is a predicate expression used to allow/deny access to Windows desktops. | -| windows_desktop_logins | array of strings | | WindowsDesktopLogins is a list of desktop login names allowed/denied for Windows desktops. | +| Name | Type | Required | Description | +|-----------------------------------|----------------------|----------|-----------------------------------------------------------------------------------------------------------------------------------------------| +| app_labels | map of string arrays | | | +| app_labels_expression | string | | AppLabelsExpression is a predicate expression used to allow/deny access to Apps. | +| aws_role_arns | array of strings | | AWSRoleARNs is a list of AWS role ARNs this role is allowed to assume. | +| azure_identities | array of strings | | AzureIdentities is a list of Azure identities this role is allowed to assume. | +| cluster_labels | map of string arrays | | | +| cluster_labels_expression | string | | ClusterLabelsExpression is a predicate expression used to allow/deny access to remote Teleport clusters. | +| db_labels | map of string arrays | | | +| db_labels_expression | string | | DatabaseLabelsExpression is a predicate expression used to allow/deny access to Databases. | +| db_names | array of strings | | DatabaseNames is a list of database names this role is allowed to connect to. | +| db_permissions | object | | DatabasePermissions specifies a set of permissions that will be granted to the database user when using automatic database user provisioning. | +| db_roles | array of strings | | DatabaseRoles is a list of databases roles for automatic user creation. | +| db_service_labels | map of string arrays | | | +| db_service_labels_expression | string | | DatabaseServiceLabelsExpression is a predicate expression used to allow/deny access to Database Services. | +| db_users | array of strings | | DatabaseUsers is a list of databases users this role is allowed to connect as. | +| desktop_groups | array of strings | | DesktopGroups is a list of groups for created desktop users to be added to | +| gcp_service_accounts | array of strings | | GCPServiceAccounts is a list of GCP service accounts this role is allowed to assume. | +| group_labels | map of string arrays | | | +| group_labels_expression | string | | GroupLabelsExpression is a predicate expression used to allow/deny access to user groups. | +| host_groups | array of strings | | HostGroups is a list of groups for created users to be added to | +| host_sudoers | array of strings | | HostSudoers is a list of entries to include in a users sudoer file | +| impersonate | object | | Impersonate specifies what users and roles this role is allowed to impersonate by issuing certificates or other possible means. | +| join_sessions | object | | JoinSessions specifies policies to allow users to join other sessions. | +| kubernetes_groups | array of strings | | KubeGroups is a list of kubernetes groups | +| kubernetes_labels | map of string arrays | | | +| kubernetes_labels_expression | string | | KubernetesLabelsExpression is a predicate expression used to allow/deny access to kubernetes clusters. | +| kubernetes_resources | object | | KubernetesResources is the Kubernetes Resources this Role grants access to. | +| kubernetes_users | array of strings | | KubeUsers is an optional kubernetes users to impersonate | +| logins | array of strings | | Logins is a list of *nix system logins. | +| node_labels | map of string arrays | | | +| node_labels_expression | string | | NodeLabelsExpression is a predicate expression used to allow/deny access to SSH nodes. | +| request | object | | | +| require_session_join | object | | RequireSessionJoin specifies policies for required users to start a session. | +| review_requests | object | | ReviewRequests defines conditions for submitting access reviews. | +| rules | object | | Rules is a list of rules and their access levels. Rules are a high level construct used for access control. | +| spiffe | object | | SPIFFE is used to allow or deny access to a role holder to generating a SPIFFE SVID. | +| windows_desktop_labels | map of string arrays | | | +| windows_desktop_labels_expression | string | | WindowsDesktopLabelsExpression is a predicate expression used to allow/deny access to Windows desktops. | +| windows_desktop_logins | array of strings | | WindowsDesktopLogins is a list of desktop login names allowed/denied for Windows desktops. | + +##### spec.deny.db_permissions + +DatabasePermissions specifies a set of permissions that will be granted to the database user when using automatic database user provisioning. + +| Name | Type | Required | Description | +|-------------|----------------------|----------|------------------------------------------------------------------------------------------------------------------| +| match | map of string arrays | | | +| permissions | array of strings | | Permission is the list of string representations of the permission to be given, e.g. SELECT, INSERT, UPDATE, ... | ##### spec.deny.impersonate @@ -1943,6 +1994,16 @@ Rules is a list of rules and their access levels. Rules are a high level constru | verbs | array of strings | | Verbs is a list of verbs | | where | string | | Where specifies optional advanced matcher | +##### spec.deny.spiffe + +SPIFFE is used to allow or deny access to a role holder to generating a SPIFFE SVID. + +| Name | Type | Required | Description | +|----------|------------------|----------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| dns_sans | array of strings | | DNSSANs specifies matchers for the SPIFFE ID DNS SANs. Each requested DNS SAN is compared against all matchers configured and if any match, the condition is considered to be met. The matcher by default allows '*' to be used to indicate zero or more of any character. Prepend '^' and append '$' to instead switch to matching using the Go regex syntax. Example: *.example.com would match foo.example.com | +| ip_sans | array of strings | | IPSANs specifies matchers for the SPIFFE ID IP SANs. Each requested IP SAN is compared against all matchers configured and if any match, the condition is considered to be met. The matchers should be specified using CIDR notation, it supports IPv4 and IPv6. Examples: - 10.0.0.0/24 would match 10.0.0.0 to 10.255.255.255 - 10.0.0.42/32 would match only 10.0.0.42 | +| path | string | | Path specifies a matcher for the SPIFFE ID path. It should not include the trust domain and should start with a leading slash. The matcher by default allows '*' to be used to indicate zero or more of any character. Prepend '^' and append '$' to instead switch to matching using the Go regex syntax. Example: - /svc/foo/*/bar would match /svc/foo/baz/bar - ^\/svc\/foo\/.*\/bar$ would match /svc/foo/baz/bar | + #### spec.options Options is for OpenSSH options like agent forwarding. @@ -2072,12 +2133,12 @@ resource "teleport_role" "example" { ## teleport_saml_connector -| Name | Type | Required | Description | -|----------|--------|----------|-------------------------------------------------------------------| -| metadata | object | | Metadata holds resource metadata. | -| spec | object | * | Spec is an SAML connector specification. | -| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources. | -| version | string | * | Version is a resource version. | +| Name | Type | Required | Description | +|----------|--------|----------|------------------------------------------------------------------------------------| +| metadata | object | | Metadata holds resource metadata. | +| spec | object | * | Spec is an SAML connector specification. | +| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources. | +| version | string | * | Version is the resource version. It must be specified. Supported values are: `v2`. | ### metadata @@ -2191,12 +2252,12 @@ resource "teleport_saml_connector" "example" { ## teleport_session_recording_config -| Name | Type | Required | Description | -|----------|--------|----------|------------------------------------------------------------------| -| metadata | object | | Metadata is resource metadata | -| spec | object | | Spec is a SessionRecordingConfig specification | -| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources | -| version | string | * | Version is a resource version | +| Name | Type | Required | Description | +|----------|--------|----------|-----------------------------------------------------------------------------------| +| metadata | object | | Metadata is resource metadata | +| spec | object | | Spec is a SessionRecordingConfig specification | +| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources | +| version | string | * | Version is the resource version. It must be specified. Supported values are:`v2`. | ### metadata @@ -2241,12 +2302,12 @@ resource "teleport_session_recording_config" "example" { ## teleport_trusted_cluster -| Name | Type | Required | Description | -|----------|--------|----------|-------------------------------------------------------------------| -| metadata | object | | Metadata holds resource metadata. | -| spec | object | * | Spec is a Trusted Cluster specification. | -| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources. | -| version | string | * | Version is a resource version. | +| Name | Type | Required | Description | +|----------|--------|----------|------------------------------------------------------------------------------------| +| metadata | object | | Metadata holds resource metadata. | +| spec | object | * | Spec is a Trusted Cluster specification. | +| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources. | +| version | string | * | Version is the resource version. It must be specified. Supported values are: `v2`. | ### metadata @@ -2313,11 +2374,11 @@ resource "teleport_trusted_cluster" "cluster" { ## teleport_trusted_device -| Name | Type | Required | Description | -|----------|--------|----------|-------------------------------| -| metadata | object | | Metadata is resource metadata | -| spec | object | | Specification of the device. | -| version | string | * | Version is version | +| Name | Type | Required | Description | +|----------|--------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| metadata | object | | Metadata is resource metadata | +| spec | object | | Specification of the device. | +| version | string | * | Version is the API version used to create the resource. It must be specified. Based on this version, Teleport will apply different defaults on resource creation or deletion. It must be an integer prefixed by "v". For example: `v1` | ### metadata @@ -2366,12 +2427,12 @@ resource "teleport_trusted_device" "TESTDEVICE1" { ## teleport_user -| Name | Type | Required | Description | -|----------|--------|----------|------------------------------------------------------------------| -| metadata | object | | Metadata is resource metadata | -| spec | object | | Spec is a user specification | -| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources | -| version | string | * | Version is version | +| Name | Type | Required | Description | +|----------|--------|----------|------------------------------------------------------------------------------------| +| metadata | object | | Metadata is resource metadata | +| spec | object | | Spec is a user specification | +| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources | +| version | string | * | Version is the resource version. It must be specified. Supported values are: `v2`. | ### metadata diff --git a/terraform/tfschema/accesslist/v1/accesslist_terraform.go b/terraform/tfschema/accesslist/v1/accesslist_terraform.go index 7ca0130cd..cc18d5c8d 100644 --- a/terraform/tfschema/accesslist/v1/accesslist_terraform.go +++ b/terraform/tfschema/accesslist/v1/accesslist_terraform.go @@ -94,7 +94,7 @@ func GenSchemaAccessList(ctx context.Context) (github_com_hashicorp_terraform_pl Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, }, "version": { - Description: "version is version.", + Description: "Version is the API version used to create the resource. It must be specified. Based on this version, Teleport will apply different defaults on resource creation or deletion. It must be an integer prefixed by \"v\". For example: `v1`", PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, Required: true, Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, @@ -173,7 +173,7 @@ func GenSchemaAccessList(ctx context.Context) (github_com_hashicorp_terraform_pl Required: true, }, "membership": { - Description: "membership defines how list membership is applied. There are two possible values: `explicit` (default): To be considered ag member of the access list, a user must both meet the `membership_requires` conditions AND be explicitly added to the list. `implicit`: Any user meeting the `membership_requires` conditions will automatically be cosidered a member of this list.", + Description: "membership defines how list membership is applied. There are two possible values: `explicit` (default): To be considered ag member of the access list, a user must both meet the `membership_requires` conditions AND be explicitly added to the list. `implicit`: Any user meeting the `membership_requires` conditions will automatically be considered a member of this list.", Optional: true, Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, }, diff --git a/terraform/tfschema/devicetrust/v1/device_terraform.go b/terraform/tfschema/devicetrust/v1/device_terraform.go index 338a5a383..d61e621b7 100644 --- a/terraform/tfschema/devicetrust/v1/device_terraform.go +++ b/terraform/tfschema/devicetrust/v1/device_terraform.go @@ -127,7 +127,7 @@ func GenSchemaDeviceV1(ctx context.Context) (github_com_hashicorp_terraform_plug Optional: true, }, "version": { - Description: "Version is version", + Description: "Version is the API version used to create the resource. It must be specified. Based on this version, Teleport will apply different defaults on resource creation or deletion. It must be an integer prefixed by \"v\". For example: `v1`", PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, Required: true, Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, diff --git a/terraform/tfschema/types_terraform.go b/terraform/tfschema/types_terraform.go index 2b567802b..a0a7bbd46 100644 --- a/terraform/tfschema/types_terraform.go +++ b/terraform/tfschema/types_terraform.go @@ -507,7 +507,7 @@ func GenSchemaDatabaseV3(ctx context.Context) (github_com_hashicorp_terraform_pl Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, }, "version": { - Description: "Version is the resource version.", + Description: "Version is the resource version. It must be specified. Supported values are: `v3`.", PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, Required: true, Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, @@ -674,7 +674,7 @@ func GenSchemaAppV3(ctx context.Context) (github_com_hashicorp_terraform_plugin_ Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, }, "version": { - Description: "Version is the resource version.", + Description: "Version is the resource version. It must be specified. Supported values are:`v3`.", PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, Required: true, Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, @@ -908,7 +908,7 @@ func GenSchemaProvisionTokenV2(ctx context.Context) (github_com_hashicorp_terraf Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, }, "enterprise_slug": { - Description: "EnterpriseSlug allows the slug of a GitHub Enterprise organisation to be included in the expected issuer of the OIDC tokens. This is for compatibility with the `include_enterprise_slug` option in GHE. This field should be set to the slug of your enterprise if this is enabled. If this is not enabled, then this field must be left empty. This field cannot be specified if `enterprise_server_host` is specified. See https://docs.github.com/en/enterprise-cloud@latest/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#customizing-the-issuer-value-for-an-enterprise for more information about customised issuer values.", + Description: "EnterpriseSlug allows the slug of a GitHub Enterprise organisation to be included in the expected issuer of the OIDC tokens. This is for compatibility with the `include_enterprise_slug` option in GHE. This field should be set to the slug of your enterprise if this is enabled. If this is not enabled, then this field must be left empty. This field cannot be specified if `enterprise_server_host` is specified. See https://docs.github.com/en/enterprise-cloud@latest/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#customizing-the-issuer-value-for-an-enterprise for more information about customized issuer values.", Optional: true, Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, }, @@ -1093,7 +1093,7 @@ func GenSchemaProvisionTokenV2(ctx context.Context) (github_com_hashicorp_terraf Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, }, "version": { - Description: "Version is version", + Description: "Version is the resource version. It must be specified. Supported values are:`v2`.", PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, Required: true, Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, @@ -1251,7 +1251,7 @@ func GenSchemaClusterNetworkingConfigV2(ctx context.Context) (github_com_hashico }, "version": { Computed: true, - Description: "Version is a resource version", + Description: "Version is the resource version. It must be specified. Supported values are:`v2`.", Optional: true, PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, @@ -1332,7 +1332,7 @@ func GenSchemaSessionRecordingConfigV2(ctx context.Context) (github_com_hashicor Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, }, "version": { - Description: "Version is a resource version", + Description: "Version is the resource version. It must be specified. Supported values are:`v2`.", PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, Required: true, Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, @@ -1432,6 +1432,33 @@ func GenSchemaAuthPreferenceV2(ctx context.Context) (github_com_hashicorp_terraf Optional: true, }, "disconnect_expired_cert": GenSchemaBoolOption(ctx), + "hardware_key": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "piv_slot": { + Description: "PIVSlot is a PIV slot that Teleport clients should use instead of the default based on private key policy. For example, \"9a\" or \"9e\".", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "serial_number_validation": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "enabled": { + Description: "Enabled indicates whether hardware key serial number validation is enabled.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.BoolType, + }, + "serial_number_trait_name": { + Description: "SerialNumberTraitName is an optional custom user trait name for hardware key serial numbers to replace the default: \"hardware_key_serial_numbers\". Note: Values for this user trait should be a comma-separated list of serial numbers, or a list of comm-separated lists. e.g [\"123\", \"345,678\"]", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "SerialNumberValidation holds settings for hardware key serial number validation. By default, serial number validation is disabled.", + Optional: true, + }, + }), + Description: "HardwareKey are the settings for hardware key support.", + Optional: true, + }, "idp": { Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{"saml": { Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{"enabled": GenSchemaBoolOption(ctx)}), @@ -1463,7 +1490,7 @@ func GenSchemaAuthPreferenceV2(ctx context.Context) (github_com_hashicorp_terraf Optional: true, }, "piv_slot": { - Description: "PIVSlot is a PIV slot that Teleport clients should use instead of the default based on private key policy. For example, \"9a\" or \"9e\".", + Description: "TODO(Joerger): DELETE IN 17.0.0 Deprecated, replaced by HardwareKey settings.", Optional: true, Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, }, @@ -1538,7 +1565,7 @@ func GenSchemaAuthPreferenceV2(ctx context.Context) (github_com_hashicorp_terraf Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, }, "version": { - Description: "Version is a resource version", + Description: "Version is the resource version. It must be specified. Supported values are: `v2`.", PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, Required: true, Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, @@ -1641,6 +1668,18 @@ func GenSchemaRoleV6(ctx context.Context) (github_com_hashicorp_terraform_plugin Optional: true, Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, }, + "db_permissions": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "match": GenSchemaLabels(ctx), + "permissions": { + Description: "Permission is the list of string representations of the permission to be given, e.g. SELECT, INSERT, UPDATE, ...", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + }), + Description: "DatabasePermissions specifies a set of permissions that will be granted to the database user when using automatic database user provisioning.", + Optional: true, + }, "db_roles": { Description: "DatabaseRoles is a list of databases roles for automatic user creation.", Optional: true, @@ -1965,6 +2004,27 @@ func GenSchemaRoleV6(ctx context.Context) (github_com_hashicorp_terraform_plugin Description: "Rules is a list of rules and their access levels. Rules are a high level construct used for access control.", Optional: true, }, + "spiffe": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "dns_sans": { + Description: "DNSSANs specifies matchers for the SPIFFE ID DNS SANs. Each requested DNS SAN is compared against all matchers configured and if any match, the condition is considered to be met. The matcher by default allows '*' to be used to indicate zero or more of any character. Prepend '^' and append '$' to instead switch to matching using the Go regex syntax. Example: *.example.com would match foo.example.com", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "ip_sans": { + Description: "IPSANs specifies matchers for the SPIFFE ID IP SANs. Each requested IP SAN is compared against all matchers configured and if any match, the condition is considered to be met. The matchers should be specified using CIDR notation, it supports IPv4 and IPv6. Examples: - 10.0.0.0/24 would match 10.0.0.0 to 10.255.255.255 - 10.0.0.42/32 would match only 10.0.0.42", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "path": { + Description: "Path specifies a matcher for the SPIFFE ID path. It should not include the trust domain and should start with a leading slash. The matcher by default allows '*' to be used to indicate zero or more of any character. Prepend '^' and append '$' to instead switch to matching using the Go regex syntax. Example: - /svc/foo/*/bar would match /svc/foo/baz/bar - ^\\/svc\\/foo\\/.*\\/bar$ would match /svc/foo/baz/bar", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "SPIFFE is used to allow or deny access to a role holder to generating a SPIFFE SVID.", + Optional: true, + }, "windows_desktop_labels": GenSchemaLabels(ctx), "windows_desktop_labels_expression": { Description: "WindowsDesktopLabelsExpression is a predicate expression used to allow/deny access to Windows desktops.", @@ -2015,6 +2075,18 @@ func GenSchemaRoleV6(ctx context.Context) (github_com_hashicorp_terraform_plugin Optional: true, Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, }, + "db_permissions": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "match": GenSchemaLabels(ctx), + "permissions": { + Description: "Permission is the list of string representations of the permission to be given, e.g. SELECT, INSERT, UPDATE, ...", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + }), + Description: "DatabasePermissions specifies a set of permissions that will be granted to the database user when using automatic database user provisioning.", + Optional: true, + }, "db_roles": { Description: "DatabaseRoles is a list of databases roles for automatic user creation.", Optional: true, @@ -2335,6 +2407,27 @@ func GenSchemaRoleV6(ctx context.Context) (github_com_hashicorp_terraform_plugin Description: "Rules is a list of rules and their access levels. Rules are a high level construct used for access control.", Optional: true, }, + "spiffe": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "dns_sans": { + Description: "DNSSANs specifies matchers for the SPIFFE ID DNS SANs. Each requested DNS SAN is compared against all matchers configured and if any match, the condition is considered to be met. The matcher by default allows '*' to be used to indicate zero or more of any character. Prepend '^' and append '$' to instead switch to matching using the Go regex syntax. Example: *.example.com would match foo.example.com", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "ip_sans": { + Description: "IPSANs specifies matchers for the SPIFFE ID IP SANs. Each requested IP SAN is compared against all matchers configured and if any match, the condition is considered to be met. The matchers should be specified using CIDR notation, it supports IPv4 and IPv6. Examples: - 10.0.0.0/24 would match 10.0.0.0 to 10.255.255.255 - 10.0.0.42/32 would match only 10.0.0.42", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "path": { + Description: "Path specifies a matcher for the SPIFFE ID path. It should not include the trust domain and should start with a leading slash. The matcher by default allows '*' to be used to indicate zero or more of any character. Prepend '^' and append '$' to instead switch to matching using the Go regex syntax. Example: - /svc/foo/*/bar would match /svc/foo/baz/bar - ^\\/svc\\/foo\\/.*\\/bar$ would match /svc/foo/baz/bar", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "SPIFFE is used to allow or deny access to a role holder to generating a SPIFFE SVID.", + Optional: true, + }, "windows_desktop_labels": GenSchemaLabels(ctx), "windows_desktop_labels_expression": { Description: "WindowsDesktopLabelsExpression is a predicate expression used to allow/deny access to Windows desktops.", @@ -2521,7 +2614,7 @@ func GenSchemaRoleV6(ctx context.Context) (github_com_hashicorp_terraform_plugin Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, }, "version": { - Description: "Version is version", + Description: "Version is the resource version. It must be specified. Supported values are: `v3`, `v4`, `v5`, `v6`, `v7`.", PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, Required: true, Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, @@ -2658,7 +2751,7 @@ func GenSchemaUserV2(ctx context.Context) (github_com_hashicorp_terraform_plugin Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, }, "version": { - Description: "Version is version", + Description: "Version is the resource version. It must be specified. Supported values are: `v2`.", PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, Required: true, Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, @@ -2830,7 +2923,7 @@ func GenSchemaOIDCConnectorV3(ctx context.Context) (github_com_hashicorp_terrafo Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, }, "version": { - Description: "Version is a resource version.", + Description: "Version is the resource version. It must be specified. Supported values are: `v3`.", PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, Required: true, Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, @@ -3039,7 +3132,7 @@ func GenSchemaSAMLConnectorV2(ctx context.Context) (github_com_hashicorp_terrafo Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, }, "version": { - Description: "Version is a resource version.", + Description: "Version is the resource version. It must be specified. Supported values are: `v2`.", PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, Required: true, Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, @@ -3200,7 +3293,7 @@ func GenSchemaGithubConnectorV3(ctx context.Context) (github_com_hashicorp_terra Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, }, "version": { - Description: "Version is a resource version.", + Description: "Version is the resource version. It must be specified. Supported values are: `v3`.", PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, Required: true, Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, @@ -3320,7 +3413,7 @@ func GenSchemaTrustedClusterV2(ctx context.Context) (github_com_hashicorp_terraf Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, }, "version": { - Description: "Version is a resource version.", + Description: "Version is the resource version. It must be specified. Supported values are: `v2`.", PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, Required: true, Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, @@ -3410,7 +3503,7 @@ func GenSchemaClusterMaintenanceConfigV1(ctx context.Context) (github_com_hashic Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, }, "version": { - Description: "Version is version", + Description: "Version is the API version used to create the resource. It must be specified. Based on this version, Teleport will apply different defaults on resource creation or deletion. It must be an integer prefixed by \"v\". For example: `v1`", PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, Required: true, Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, @@ -3530,7 +3623,7 @@ func GenSchemaOktaImportRuleV1(ctx context.Context) (github_com_hashicorp_terraf Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, }, "version": { - Description: "Version is version", + Description: "Version is the API version used to create the resource. It must be specified. Based on this version, Teleport will apply different defaults on resource creation or deletion. It must be an integer prefixed by \"v\". For example: `v1`", PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, Required: true, Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, @@ -14938,6 +15031,93 @@ func CopyAuthPreferenceV2FromTerraform(_ context.Context, tf github_com_hashicor } } } + { + a, ok := tf.Attrs["hardware_key"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.HardwareKey"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.HardwareKey", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.HardwareKey = nil + if !v.Null && !v.Unknown { + tf := v + obj.HardwareKey = &github_com_gravitational_teleport_api_types.HardwareKey{} + obj := obj.HardwareKey + { + a, ok := tf.Attrs["piv_slot"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.HardwareKey.PIVSlot"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.HardwareKey.PIVSlot", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.PIVSlot = t + } + } + } + { + a, ok := tf.Attrs["serial_number_validation"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.SerialNumberValidation = nil + if !v.Null && !v.Unknown { + tf := v + obj.SerialNumberValidation = &github_com_gravitational_teleport_api_types.HardwareKeySerialNumberValidation{} + obj := obj.SerialNumberValidation + { + a, ok := tf.Attrs["enabled"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation.Enabled"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation.Enabled", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } else { + var t bool + if !v.Null && !v.Unknown { + t = bool(v.Value) + } + obj.Enabled = t + } + } + } + { + a, ok := tf.Attrs["serial_number_trait_name"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation.SerialNumberTraitName"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation.SerialNumberTraitName", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SerialNumberTraitName = t + } + } + } + } + } + } + } + } + } + } + } } } } @@ -16004,6 +16184,136 @@ func CopyAuthPreferenceV2ToTerraform(ctx context.Context, obj *github_com_gravit tf.Attrs["piv_slot"] = v } } + { + a, ok := tf.AttrTypes["hardware_key"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.HardwareKey"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.HardwareKey", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["hardware_key"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.HardwareKey == nil { + v.Null = true + } else { + obj := obj.HardwareKey + tf := &v + { + t, ok := tf.AttrTypes["piv_slot"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.HardwareKey.PIVSlot"}) + } else { + v, ok := tf.Attrs["piv_slot"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Spec.HardwareKey.PIVSlot", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.HardwareKey.PIVSlot", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.PIVSlot) == "" + } + v.Value = string(obj.PIVSlot) + v.Unknown = false + tf.Attrs["piv_slot"] = v + } + } + { + a, ok := tf.AttrTypes["serial_number_validation"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["serial_number_validation"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.SerialNumberValidation == nil { + v.Null = true + } else { + obj := obj.SerialNumberValidation + tf := &v + { + t, ok := tf.AttrTypes["enabled"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation.Enabled"}) + } else { + v, ok := tf.Attrs["enabled"].(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation.Enabled", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation.Enabled", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } + v.Null = bool(obj.Enabled) == false + } + v.Value = bool(obj.Enabled) + v.Unknown = false + tf.Attrs["enabled"] = v + } + } + { + t, ok := tf.AttrTypes["serial_number_trait_name"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation.SerialNumberTraitName"}) + } else { + v, ok := tf.Attrs["serial_number_trait_name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation.SerialNumberTraitName", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation.SerialNumberTraitName", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.SerialNumberTraitName) == "" + } + v.Value = string(obj.SerialNumberTraitName) + v.Unknown = false + tf.Attrs["serial_number_trait_name"] = v + } + } + } + v.Unknown = false + tf.Attrs["serial_number_validation"] = v + } + } + } + } + v.Unknown = false + tf.Attrs["hardware_key"] = v + } + } + } } v.Unknown = false tf.Attrs["spec"] = v @@ -18432,57 +18742,219 @@ func CopyRoleV6FromTerraform(_ context.Context, tf github_com_hashicorp_terrafor } } } - } - } - } - } - { - a, ok := tf.Attrs["deny"] - if !ok { - diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny"}) - } else { - v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) - if !ok { - diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) - } else { - obj.Deny = github_com_gravitational_teleport_api_types.RoleConditions{} - if !v.Null && !v.Unknown { - tf := v - obj := &obj.Deny { - a, ok := tf.Attrs["logins"] + a, ok := tf.Attrs["db_permissions"] if !ok { - diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Logins"}) + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.DatabasePermissions"}) } else { v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) if !ok { - diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Logins", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.DatabasePermissions", "github.com/hashicorp/terraform-plugin-framework/types.List"}) } else { - obj.Logins = make([]string, len(v.Elems)) + obj.DatabasePermissions = make([]github_com_gravitational_teleport_api_types.DatabasePermission, len(v.Elems)) if !v.Null && !v.Unknown { for k, a := range v.Elems { - v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) if !ok { - diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Logins", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.DatabasePermissions", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) } else { - var t string + var t github_com_gravitational_teleport_api_types.DatabasePermission if !v.Null && !v.Unknown { - t = string(v.Value) - } - obj.Logins[k] = t - } - } - } - } - } - } - { - a, ok := tf.Attrs["node_labels"] - if !ok { - diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.NodeLabels"}) - } - CopyFromLabels(diags, a, &obj.NodeLabels) - } + tf := v + obj := &t + { + a, ok := tf.Attrs["permissions"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.DatabasePermissions.Permissions"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.DatabasePermissions.Permissions", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Permissions = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.DatabasePermissions.Permissions", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Permissions[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["match"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.DatabasePermissions.Match"}) + } + CopyFromLabels(diags, a, &obj.Match) + } + } + obj.DatabasePermissions[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["spiffe"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.SPIFFE"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.SPIFFE", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.SPIFFE = make([]*github_com_gravitational_teleport_api_types.SPIFFERoleCondition, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.SPIFFE", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_types.SPIFFERoleCondition + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_types.SPIFFERoleCondition{} + obj := t + { + a, ok := tf.Attrs["path"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.SPIFFE.Path"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.SPIFFE.Path", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Path = t + } + } + } + { + a, ok := tf.Attrs["dns_sans"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.SPIFFE.DNSSANs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.SPIFFE.DNSSANs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.DNSSANs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.SPIFFE.DNSSANs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.DNSSANs[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["ip_sans"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.SPIFFE.IPSANs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.SPIFFE.IPSANs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.IPSANs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.SPIFFE.IPSANs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.IPSANs[k] = t + } + } + } + } + } + } + } + obj.SPIFFE[k] = t + } + } + } + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["deny"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Deny = github_com_gravitational_teleport_api_types.RoleConditions{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Deny + { + a, ok := tf.Attrs["logins"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Logins"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Logins", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Logins = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Logins", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Logins[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["node_labels"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.NodeLabels"}) + } + CopyFromLabels(diags, a, &obj.NodeLabels) + } { a, ok := tf.Attrs["rules"] if !ok { @@ -20077,6 +20549,168 @@ func CopyRoleV6FromTerraform(_ context.Context, tf github_com_hashicorp_terrafor } } } + { + a, ok := tf.Attrs["db_permissions"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.DatabasePermissions"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.DatabasePermissions", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.DatabasePermissions = make([]github_com_gravitational_teleport_api_types.DatabasePermission, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.DatabasePermissions", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t github_com_gravitational_teleport_api_types.DatabasePermission + if !v.Null && !v.Unknown { + tf := v + obj := &t + { + a, ok := tf.Attrs["permissions"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.DatabasePermissions.Permissions"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.DatabasePermissions.Permissions", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Permissions = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.DatabasePermissions.Permissions", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Permissions[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["match"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.DatabasePermissions.Match"}) + } + CopyFromLabels(diags, a, &obj.Match) + } + } + obj.DatabasePermissions[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["spiffe"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.SPIFFE"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.SPIFFE", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.SPIFFE = make([]*github_com_gravitational_teleport_api_types.SPIFFERoleCondition, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.SPIFFE", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_types.SPIFFERoleCondition + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_types.SPIFFERoleCondition{} + obj := t + { + a, ok := tf.Attrs["path"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.SPIFFE.Path"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.SPIFFE.Path", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Path = t + } + } + } + { + a, ok := tf.Attrs["dns_sans"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.SPIFFE.DNSSANs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.SPIFFE.DNSSANs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.DNSSANs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.SPIFFE.DNSSANs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.DNSSANs[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["ip_sans"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.SPIFFE.IPSANs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.SPIFFE.IPSANs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.IPSANs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.SPIFFE.IPSANs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.IPSANs[k] = t + } + } + } + } + } + } + } + obj.SPIFFE[k] = t + } + } + } + } + } + } } } } @@ -24054,11 +24688,315 @@ func CopyRoleV6ToTerraform(ctx context.Context, obj *github_com_gravitational_te if !ok { diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.GroupLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) } - v.Null = string(obj.GroupLabelsExpression) == "" + v.Null = string(obj.GroupLabelsExpression) == "" + } + v.Value = string(obj.GroupLabelsExpression) + v.Unknown = false + tf.Attrs["group_labels_expression"] = v + } + } + { + a, ok := tf.AttrTypes["db_permissions"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.DatabasePermissions"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.DatabasePermissions", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["db_permissions"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabasePermissions)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabasePermissions)) + } + } + if obj.DatabasePermissions != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.DatabasePermissions) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabasePermissions)) + } + for k, a := range obj.DatabasePermissions { + v, ok := tf.Attrs["db_permissions"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := a + tf := &v + { + a, ok := tf.AttrTypes["permissions"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.DatabasePermissions.Permissions"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.DatabasePermissions.Permissions", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["permissions"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Permissions)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Permissions)) + } + } + if obj.Permissions != nil { + t := o.ElemType + if len(obj.Permissions) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Permissions)) + } + for k, a := range obj.Permissions { + v, ok := tf.Attrs["permissions"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.DatabasePermissions.Permissions", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.DatabasePermissions.Permissions", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Permissions) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["permissions"] = c + } + } + } + { + t, ok := tf.AttrTypes["match"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.DatabasePermissions.Match"}) + } else { + v := CopyToLabels(diags, obj.Match, t, tf.Attrs["match"]) + tf.Attrs["match"] = v + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.DatabasePermissions) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["db_permissions"] = c + } + } + } + { + a, ok := tf.AttrTypes["spiffe"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.SPIFFE"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.SPIFFE", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["spiffe"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SPIFFE)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SPIFFE)) + } + } + if obj.SPIFFE != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.SPIFFE) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SPIFFE)) + } + for k, a := range obj.SPIFFE { + v, ok := tf.Attrs["spiffe"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["path"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.SPIFFE.Path"}) + } else { + v, ok := tf.Attrs["path"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.SPIFFE.Path", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.SPIFFE.Path", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Path) == "" + } + v.Value = string(obj.Path) + v.Unknown = false + tf.Attrs["path"] = v + } + } + { + a, ok := tf.AttrTypes["dns_sans"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.SPIFFE.DNSSANs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.SPIFFE.DNSSANs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["dns_sans"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DNSSANs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DNSSANs)) + } + } + if obj.DNSSANs != nil { + t := o.ElemType + if len(obj.DNSSANs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DNSSANs)) + } + for k, a := range obj.DNSSANs { + v, ok := tf.Attrs["dns_sans"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.SPIFFE.DNSSANs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.SPIFFE.DNSSANs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.DNSSANs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["dns_sans"] = c + } + } + } + { + a, ok := tf.AttrTypes["ip_sans"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.SPIFFE.IPSANs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.SPIFFE.IPSANs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["ip_sans"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.IPSANs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.IPSANs)) + } + } + if obj.IPSANs != nil { + t := o.ElemType + if len(obj.IPSANs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.IPSANs)) + } + for k, a := range obj.IPSANs { + v, ok := tf.Attrs["ip_sans"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.SPIFFE.IPSANs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.SPIFFE.IPSANs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.IPSANs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["ip_sans"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.SPIFFE) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["spiffe"] = c } - v.Value = string(obj.GroupLabelsExpression) - v.Unknown = false - tf.Attrs["group_labels_expression"] = v } } } @@ -26923,6 +27861,310 @@ func CopyRoleV6ToTerraform(ctx context.Context, obj *github_com_gravitational_te tf.Attrs["group_labels_expression"] = v } } + { + a, ok := tf.AttrTypes["db_permissions"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.DatabasePermissions"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.DatabasePermissions", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["db_permissions"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabasePermissions)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabasePermissions)) + } + } + if obj.DatabasePermissions != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.DatabasePermissions) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabasePermissions)) + } + for k, a := range obj.DatabasePermissions { + v, ok := tf.Attrs["db_permissions"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := a + tf := &v + { + a, ok := tf.AttrTypes["permissions"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.DatabasePermissions.Permissions"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.DatabasePermissions.Permissions", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["permissions"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Permissions)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Permissions)) + } + } + if obj.Permissions != nil { + t := o.ElemType + if len(obj.Permissions) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Permissions)) + } + for k, a := range obj.Permissions { + v, ok := tf.Attrs["permissions"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.DatabasePermissions.Permissions", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.DatabasePermissions.Permissions", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Permissions) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["permissions"] = c + } + } + } + { + t, ok := tf.AttrTypes["match"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.DatabasePermissions.Match"}) + } else { + v := CopyToLabels(diags, obj.Match, t, tf.Attrs["match"]) + tf.Attrs["match"] = v + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.DatabasePermissions) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["db_permissions"] = c + } + } + } + { + a, ok := tf.AttrTypes["spiffe"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.SPIFFE"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.SPIFFE", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["spiffe"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SPIFFE)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SPIFFE)) + } + } + if obj.SPIFFE != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.SPIFFE) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SPIFFE)) + } + for k, a := range obj.SPIFFE { + v, ok := tf.Attrs["spiffe"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["path"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.SPIFFE.Path"}) + } else { + v, ok := tf.Attrs["path"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.SPIFFE.Path", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.SPIFFE.Path", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Path) == "" + } + v.Value = string(obj.Path) + v.Unknown = false + tf.Attrs["path"] = v + } + } + { + a, ok := tf.AttrTypes["dns_sans"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.SPIFFE.DNSSANs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.SPIFFE.DNSSANs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["dns_sans"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DNSSANs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DNSSANs)) + } + } + if obj.DNSSANs != nil { + t := o.ElemType + if len(obj.DNSSANs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DNSSANs)) + } + for k, a := range obj.DNSSANs { + v, ok := tf.Attrs["dns_sans"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.SPIFFE.DNSSANs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.SPIFFE.DNSSANs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.DNSSANs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["dns_sans"] = c + } + } + } + { + a, ok := tf.AttrTypes["ip_sans"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.SPIFFE.IPSANs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.SPIFFE.IPSANs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["ip_sans"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.IPSANs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.IPSANs)) + } + } + if obj.IPSANs != nil { + t := o.ElemType + if len(obj.IPSANs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.IPSANs)) + } + for k, a := range obj.IPSANs { + v, ok := tf.Attrs["ip_sans"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.SPIFFE.IPSANs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.SPIFFE.IPSANs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.IPSANs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["ip_sans"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.SPIFFE) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["spiffe"] = c + } + } + } } v.Unknown = false tf.Attrs["deny"] = v