From fb576e437736a9239960ad2b811cd8f2fb1166fa Mon Sep 17 00:00:00 2001 From: Piotr Rygielski <114479+vikin91@users.noreply.github.com> Date: Tue, 17 Jan 2023 11:30:32 +0100 Subject: [PATCH 01/19] Extend Enricher to accept NodeInventory as a second parameter --- .../service/service_impl_test.go | 4 ++ .../pipeline/nodeinventory/pipeline.go | 53 ++++++++++++++++--- go.mod | 8 +-- go.sum | 12 ++--- pkg/nodes/enricher/enricher.go | 1 + pkg/nodes/enricher/enricher_impl.go | 27 ++++++++-- pkg/nodes/enricher/enricher_impl_test.go | 21 ++++++++ pkg/nodes/enricher/mocks/enricher.go | 8 +++ pkg/scanners/clairify/clairify.go | 10 ++-- pkg/scanners/clairify/convert.go | 48 ++++++++++++++++- pkg/scanners/clairify/convert_test.go | 2 +- pkg/scanners/types/types.go | 1 + 12 files changed, 168 insertions(+), 27 deletions(-) diff --git a/central/imageintegration/service/service_impl_test.go b/central/imageintegration/service/service_impl_test.go index c3e0b8ddc1ccd..b5d1ea2c169d7 100644 --- a/central/imageintegration/service/service_impl_test.go +++ b/central/imageintegration/service/service_impl_test.go @@ -70,6 +70,10 @@ func (*fakeNodeScanner) GetNodeScan(*storage.Node) (*storage.NodeScan, error) { panic("implement me") } +func (*fakeNodeScanner) GetNodeInventoryScan(node *storage.Node, inv *storage.NodeInventory) (*storage.NodeScan, error) { + panic("implement me") +} + func (*fakeNodeScanner) TestNodeScanner() error { return nil } diff --git a/central/sensor/service/pipeline/nodeinventory/pipeline.go b/central/sensor/service/pipeline/nodeinventory/pipeline.go index 27a9fe499689f..642b835a86a90 100644 --- a/central/sensor/service/pipeline/nodeinventory/pipeline.go +++ b/central/sensor/service/pipeline/nodeinventory/pipeline.go @@ -4,13 +4,18 @@ import ( "context" "github.com/pkg/errors" + clusterDataStore "github.com/stackrox/rox/central/cluster/datastore" + "github.com/stackrox/rox/central/enrichment" countMetrics "github.com/stackrox/rox/central/metrics" + nodeDatastore "github.com/stackrox/rox/central/node/datastore" + "github.com/stackrox/rox/central/risk/manager" "github.com/stackrox/rox/central/sensor/service/common" "github.com/stackrox/rox/central/sensor/service/pipeline" "github.com/stackrox/rox/central/sensor/service/pipeline/reconciliation" "github.com/stackrox/rox/generated/internalapi/central" "github.com/stackrox/rox/pkg/logging" "github.com/stackrox/rox/pkg/metrics" + "github.com/stackrox/rox/pkg/nodes/enricher" ) var ( @@ -19,15 +24,24 @@ var ( // GetPipeline returns an instantiation of this particular pipeline func GetPipeline() pipeline.Fragment { - return NewPipeline() + return NewPipeline(clusterDataStore.Singleton(), nodeDatastore.Singleton(), enrichment.NodeEnricherSingleton(), manager.Singleton()) } // NewPipeline returns a new instance of Pipeline. -func NewPipeline() pipeline.Fragment { - return &pipelineImpl{} +func NewPipeline(clusters clusterDataStore.DataStore, nodes nodeDatastore.DataStore, enricher enricher.NodeEnricher, riskManager manager.Manager) pipeline.Fragment { + return &pipelineImpl{ + clusterStore: clusters, + nodeDatastore: nodes, + enricher: enricher, + riskManager: riskManager, + } } type pipelineImpl struct { + clusterStore clusterDataStore.DataStore + nodeDatastore nodeDatastore.DataStore + enricher enricher.NodeEnricher + riskManager manager.Manager } func (p *pipelineImpl) Reconcile(ctx context.Context, clusterID string, storeMap *reconciliation.StoreMap) error { @@ -43,14 +57,39 @@ func (p *pipelineImpl) Run(ctx context.Context, clusterID string, msg *central.M defer countMetrics.IncrementResourceProcessedCounter(pipeline.ActionToOperation(msg.GetEvent().GetAction()), metrics.NodeInventory) event := msg.GetEvent() - nodeInventory := event.GetNodeInventory() - if nodeInventory == nil { + ninv := event.GetNodeInventory() + if ninv == nil { return errors.Errorf("unexpected resource type %T for node inventory", event.GetResource()) } - // TODO(ROX-12975): Handle nodeInventory - log.Infof("Central received NodeInventory for Node name='%s' ID='%s'", nodeInventory.GetNodeName(), nodeInventory.GetNodeId()) + log.Infof("Central received NodeInventory for Node name='%s' ID='%s'", ninv.GetNodeName(), ninv.GetNodeId()) + + if event.GetAction() == central.ResourceAction_REMOVE_RESOURCE { + // NodeInventory will never be deleted + return nil + } + + ninv = ninv.Clone() + + node, found, err := p.nodeDatastore.GetNode(ctx, ninv.GetNodeId()) + if err != nil || !found { + log.Warnf("Node ID %s not found when processing NodeInventory", ninv.GetNodeId()) + return errors.WithMessagef(err, "processing node inventory for node '%s'", ninv.GetNodeId()) + } + log.Debugf("Node ID %s found. Will enrich Node with NodeInventory", ninv.GetNodeId()) + + err = p.enricher.EnrichNodeWithInventory(node, ninv) + if err != nil { + log.Warnf("enriching node with node inventory %s:%s: %v", node.GetClusterName(), node.GetName(), err) + } + // Here NodeInventory stops to matter. All data required for the DB and UI is in node.NodeScan already + + if err := p.riskManager.CalculateRiskAndUpsertNode(node); err != nil { + err = errors.Wrapf(err, "upserting node %s:%s into datastore", node.GetClusterName(), node.GetName()) + log.Error(err) + return err + } return nil } diff --git a/go.mod b/go.mod index 6899e41a97b4b..74d01ee73a35e 100644 --- a/go.mod +++ b/go.mod @@ -96,7 +96,7 @@ require ( go.etcd.io/bbolt v1.3.6 go.uber.org/atomic v1.10.0 go.uber.org/goleak v1.2.0 - go.uber.org/zap v1.23.0 + go.uber.org/zap v1.24.0 golang.org/x/crypto v0.5.0 golang.org/x/exp v0.0.0-20220823124025-807a23277127 golang.org/x/net v0.5.0 @@ -169,7 +169,7 @@ require ( github.com/blevesearch/go-porterstemmer v1.0.3 // indirect github.com/blevesearch/mmap-go v1.0.2 // indirect github.com/blevesearch/segment v0.9.0 // indirect - github.com/cespare/xxhash/v2 v2.1.2 // indirect + github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/chai2010/gettext-go v0.0.0-20160711120539-c6fed771bfd5 // indirect github.com/containerd/cgroups v1.0.4 // indirect github.com/containerd/containerd v1.6.12 // indirect @@ -298,7 +298,7 @@ require ( github.com/peterbourgon/diskv v2.0.1+incompatible // indirect github.com/pierrec/lz4/v4 v4.1.2 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect - github.com/prometheus/procfs v0.8.0 // indirect + github.com/prometheus/procfs v0.9.0 // indirect github.com/rivo/uniseg v0.2.0 // indirect github.com/rogpeppe/go-internal v1.8.1 // indirect github.com/rubenv/sql-migrate v1.1.1 // indirect @@ -345,7 +345,7 @@ require ( go.mongodb.org/mongo-driver v1.10.0 // indirect go.opencensus.io v0.24.0 // indirect go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5 // indirect - go.uber.org/multierr v1.8.0 // indirect + go.uber.org/multierr v1.9.0 // indirect golang.org/x/mod v0.7.0 // indirect golang.org/x/term v0.4.0 // indirect golang.org/x/text v0.6.0 // indirect diff --git a/go.sum b/go.sum index 2e487baf37459..9d7ffadffe6c7 100644 --- a/go.sum +++ b/go.sum @@ -299,8 +299,8 @@ github.com/certifi/gocertifi v0.0.0-20191021191039-0944d244cd40/go.mod h1:sGbDF6 github.com/certifi/gocertifi v0.0.0-20210507211836-431795d63e8d/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/cespare/xxhash/v2 v2.1.2 h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE= -github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= +github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chai2010/gettext-go v0.0.0-20160711120539-c6fed771bfd5 h1:7aWHqerlJ41y6FOsEUvknqgXnGmJyJSbjhAWq5pO4F8= github.com/chai2010/gettext-go v0.0.0-20160711120539-c6fed771bfd5/go.mod h1:/iP1qXHoty45bqomnu2LM+VVyAEdWN+vtSHGlQgyxbw= github.com/checkpoint-restore/go-criu/v4 v4.1.0/go.mod h1:xUQBLp4RLc5zJtWY++yjOoMoB5lihDt7fai+75m+rGw= @@ -1610,8 +1610,8 @@ github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+Gx github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= github.com/prometheus/procfs v0.2.0/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= -github.com/prometheus/procfs v0.8.0 h1:ODq8ZFEaYeCaZOJlZZdJA2AbQR98dSHSM1KW/You5mo= -github.com/prometheus/procfs v0.8.0/go.mod h1:z7EfXMXOkbkqb9IINtpCn86r/to3BnA0uaxHdg830/4= +github.com/prometheus/procfs v0.9.0 h1:wzCHvIvM5SxWqYvwgVL7yJY8Lz3PKn49KQtpgMYJfhI= +github.com/prometheus/procfs v0.9.0/go.mod h1:+pB4zwohETzFnmlpe6yd2lSc+0/46IYZRB/chUwxUZY= github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= github.com/pseudomuto/protoc-gen-doc v1.4.1/go.mod h1:exDTOVwqpp30eV/EDPFLZy3Pwr2sn6hBC1WIYH/UbIg= github.com/pseudomuto/protokit v0.2.0/go.mod h1:2PdH30hxVHsup8KpBTOXTBeMVhJZVio3Q8ViKSAXT0Q= @@ -2026,8 +2026,8 @@ go.uber.org/goleak v1.2.0/go.mod h1:XJYK+MuIchqpmGmUSAzotztawfKvYLUIgg7guXrwVUo= go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= go.uber.org/multierr v1.5.0/go.mod h1:FeouvMocqHpRaaGuG9EjoKcStLC43Zu/fmqdUMPcKYU= go.uber.org/multierr v1.7.0/go.mod h1:7EAYxJLBy9rStEaz58O2t4Uvip6FSURkq8/ppBp95ak= -go.uber.org/multierr v1.8.0 h1:dg6GjLku4EH+249NNmoIciG9N/jURbDG+pFlTkhzIC8= -go.uber.org/multierr v1.8.0/go.mod h1:7EAYxJLBy9rStEaz58O2t4Uvip6FSURkq8/ppBp95ak= +go.uber.org/multierr v1.9.0 h1:7fIwc/ZtS0q++VgcfqFDxSBZVv/Xo49/SYnDFupUwlI= +go.uber.org/multierr v1.9.0/go.mod h1:X2jQV1h+kxSjClGpnseKVIxpmcjrj7MNnI0bnlfKTVQ= go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9Ejo0C68/HhF8uaILCdgjnY+goOA= gocloud.dev v0.19.0/go.mod h1:SmKwiR8YwIMMJvQBKLsC3fHNyMwXLw3PMDO+VVteJMI= golang.org/x/crypto v0.0.0-20171113213409-9f005a07e0d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= diff --git a/pkg/nodes/enricher/enricher.go b/pkg/nodes/enricher/enricher.go index bbffc51e6668a..843461f24f5d0 100644 --- a/pkg/nodes/enricher/enricher.go +++ b/pkg/nodes/enricher/enricher.go @@ -16,6 +16,7 @@ var ( // NodeEnricher provides functions for enriching nodes with vulnerability data. //go:generate mockgen-wrapper type NodeEnricher interface { + EnrichNodeWithInventory(node *storage.Node, nodeInventory *storage.NodeInventory) error EnrichNode(node *storage.Node) error CreateNodeScanner(integration *storage.NodeIntegration) (types.NodeScannerWithDataSource, error) UpsertNodeIntegration(integration *storage.NodeIntegration) error diff --git a/pkg/nodes/enricher/enricher_impl.go b/pkg/nodes/enricher/enricher_impl.go index 8b6a90e33a1dd..311852a2cd5e1 100644 --- a/pkg/nodes/enricher/enricher_impl.go +++ b/pkg/nodes/enricher/enricher_impl.go @@ -15,6 +15,8 @@ import ( "github.com/stackrox/rox/pkg/sync" ) +var _ NodeEnricher = (*enricherImpl)(nil) + type enricherImpl struct { cves CVESuppressor @@ -49,13 +51,28 @@ func (e *enricherImpl) RemoveNodeIntegration(id string) { delete(e.scanners, id) } +func (e *enricherImpl) EnrichNodeWithInventory(node *storage.Node, nodeInventory *storage.NodeInventory) error { + // Clear any pre-existing notes, as it will all be filled here. + // Note: this is valid even if node.Notes is nil. + node.Notes = node.Notes[:0] + + err := e.enrichWithScan(node, nodeInventory) + if err != nil { + node.Notes = append(node.Notes, storage.Node_MISSING_SCAN_DATA) + } + + e.cves.EnrichNodeWithSuppressedCVEs(node) + + return err +} + // EnrichNode enriches a node with the integration set present. func (e *enricherImpl) EnrichNode(node *storage.Node) error { // Clear any pre-existing notes, as it will all be filled here. // Note: this is valid even if node.Notes is nil. node.Notes = node.Notes[:0] - err := e.enrichWithScan(node) + err := e.enrichWithScan(node, nil) if err != nil { node.Notes = append(node.Notes, storage.Node_MISSING_SCAN_DATA) } @@ -65,7 +82,7 @@ func (e *enricherImpl) EnrichNode(node *storage.Node) error { return err } -func (e *enricherImpl) enrichWithScan(node *storage.Node) error { +func (e *enricherImpl) enrichWithScan(node *storage.Node, nodeInventory *storage.NodeInventory) error { errorList := errorhelpers.NewErrorList(fmt.Sprintf("error scanning node %s:%s", node.GetClusterName(), node.GetName())) e.lock.RLock() @@ -81,7 +98,7 @@ func (e *enricherImpl) enrichWithScan(node *storage.Node) error { } for _, scanner := range scanners { - if err := e.enrichNodeWithScanner(node, scanner.GetNodeScanner()); err != nil { + if err := e.enrichNodeWithScanner(node, nodeInventory, scanner.GetNodeScanner()); err != nil { errorList.AddError(err) continue } @@ -92,13 +109,13 @@ func (e *enricherImpl) enrichWithScan(node *storage.Node) error { return errorList.ToError() } -func (e *enricherImpl) enrichNodeWithScanner(node *storage.Node, scanner types.NodeScanner) error { +func (e *enricherImpl) enrichNodeWithScanner(node *storage.Node, nodeInventory *storage.NodeInventory, scanner types.NodeScanner) error { sema := scanner.MaxConcurrentNodeScanSemaphore() _ = sema.Acquire(context.Background(), 1) defer sema.Release(1) scanStartTime := time.Now() - scan, err := scanner.GetNodeScan(node) + scan, err := scanner.GetNodeInventoryScan(node, nodeInventory) e.metrics.SetScanDurationTime(scanStartTime, scanner.Name(), err) if err != nil { diff --git a/pkg/nodes/enricher/enricher_impl_test.go b/pkg/nodes/enricher/enricher_impl_test.go index 14bd15398202c..f4bb3aae006a7 100644 --- a/pkg/nodes/enricher/enricher_impl_test.go +++ b/pkg/nodes/enricher/enricher_impl_test.go @@ -71,6 +71,27 @@ func (f *fakeNodeScanner) GetNodeScan(*storage.Node) (*storage.NodeScan, error) }, nil } +func (f *fakeNodeScanner) GetNodeInventoryScan(*storage.Node, *storage.NodeInventory) (*storage.NodeScan, error) { + f.requestedScan = true + return &storage.NodeScan{ + Components: []*storage.EmbeddedNodeScanComponent{ + { + Vulns: []*storage.EmbeddedVulnerability{ + { + Cve: "CVE-2020-1234", + }, + { + Cve: "CVE-2021-1234", + }, + { + Cve: "CVE-2022-1234", + }, + }, + }, + }, + }, nil +} + func (*fakeNodeScanner) TestNodeScanner() error { return nil } diff --git a/pkg/nodes/enricher/mocks/enricher.go b/pkg/nodes/enricher/mocks/enricher.go index e0317f8ea7f6f..e787ef703ab0e 100644 --- a/pkg/nodes/enricher/mocks/enricher.go +++ b/pkg/nodes/enricher/mocks/enricher.go @@ -9,15 +9,23 @@ import ( gomock "github.com/golang/mock/gomock" storage "github.com/stackrox/rox/generated/storage" + "github.com/stackrox/rox/pkg/nodes/enricher" types "github.com/stackrox/rox/pkg/scanners/types" ) +var _ enricher.NodeEnricher = (*MockNodeEnricher)(nil) + // MockNodeEnricher is a mock of NodeEnricher interface. type MockNodeEnricher struct { ctrl *gomock.Controller recorder *MockNodeEnricherMockRecorder } +func (m *MockNodeEnricher) EnrichNodeWithInventory(node *storage.Node, nodeInventory *storage.NodeInventory) error { + //TODO implement me + panic("implement me") +} + // MockNodeEnricherMockRecorder is the mock recorder for MockNodeEnricher. type MockNodeEnricherMockRecorder struct { mock *MockNodeEnricher diff --git a/pkg/scanners/clairify/clairify.go b/pkg/scanners/clairify/clairify.go index 7f8d49fb30ed6..6219fc8facf61 100644 --- a/pkg/scanners/clairify/clairify.go +++ b/pkg/scanners/clairify/clairify.go @@ -408,9 +408,8 @@ func (c *clairify) GetVulnerabilities(image *storage.Image, components *clairGRP return convertImageToImageScan(image.GetMetadata(), resp.GetImage()), nil } -// GetNodeScan retrieves the most recent node scan -func (c *clairify) GetNodeScan(node *storage.Node) (*storage.NodeScan, error) { - req := convertNodeToVulnRequest(node) +func (c *clairify) GetNodeInventoryScan(node *storage.Node, inv *storage.NodeInventory) (*storage.NodeScan, error) { + req := convertNodeToVulnRequest(node, inv) ctx, cancel := context.WithTimeout(context.Background(), clientTimeout) defer cancel() resp, err := c.nodeScanServiceClient.GetNodeVulnerabilities(ctx, req) @@ -426,6 +425,11 @@ func (c *clairify) GetNodeScan(node *storage.Node) (*storage.NodeScan, error) { return scan, nil } +// GetNodeScan retrieves the most recent node scan +func (c *clairify) GetNodeScan(node *storage.Node) (*storage.NodeScan, error) { + return c.GetNodeInventoryScan(node, nil) +} + // Match decides if the image is contained within this scanner func (c *clairify) Match(image *storage.ImageName) bool { return c.activeRegistries.Match(image) diff --git a/pkg/scanners/clairify/convert.go b/pkg/scanners/clairify/convert.go index 558dc65722f6e..6a7591c5ed276 100644 --- a/pkg/scanners/clairify/convert.go +++ b/pkg/scanners/clairify/convert.go @@ -12,16 +12,53 @@ import ( v1 "github.com/stackrox/scanner/generated/scanner/api/v1" ) -func convertNodeToVulnRequest(node *storage.Node) *v1.GetNodeVulnerabilitiesRequest { +func convertNodeToVulnRequest(node *storage.Node, inventory *storage.NodeInventory) *v1.GetNodeVulnerabilitiesRequest { return &v1.GetNodeVulnerabilitiesRequest{ OsImage: node.GetOsImage(), KernelVersion: node.GetKernelVersion(), KubeletVersion: node.GetKubeletVersion(), KubeproxyVersion: node.GetKubeProxyVersion(), Runtime: convertContainerRuntime(node.GetContainerRuntime()), + Components: convertComponents(inventory.GetComponents()), } } +func convertComponents(c *storage.NodeInventory_Components) *v1.Components { + components := &v1.Components{ + Namespace: c.Namespace, + OsComponents: nil, + LanguageComponents: nil, + RhelComponents: make([]*v1.RHELComponent, len(c.GetRhelComponents())), + RhelContentSets: c.GetRhelContentSets(), + } + for i, comp := range c.GetRhelComponents() { + components.RhelComponents[i] = &v1.RHELComponent{ + Id: comp.GetId(), + Name: comp.GetName(), + Namespace: comp.GetNamespace(), + Version: comp.GetVersion(), + Arch: comp.GetArch(), + Module: comp.GetModule(), + AddedBy: comp.GetAddedBy(), + Executables: make([]*v1.Executable, len(comp.GetExecutables())), + } + for i2, exe := range comp.GetExecutables() { + components.RhelComponents[i].Executables[i2] = &v1.Executable{ + Path: exe.GetPath(), + RequiredFeatures: make([]*v1.FeatureNameVersion, len(exe.GetRequiredFeatures())), + } + for i3, fnv := range exe.GetRequiredFeatures() { + components.RhelComponents[i].Executables[i2].RequiredFeatures[i3] = &v1.FeatureNameVersion{ + Name: fnv.GetName(), + Version: fnv.GetVersion(), + } + } + } + + } + return components +} + func convertContainerRuntime(containerRuntime *storage.ContainerRuntimeInfo) *v1.GetNodeVulnerabilitiesRequest_ContainerRuntime { var name, version string switch containerRuntime.GetType() { @@ -69,6 +106,15 @@ func convertVulnResponseToNodeScan(req *v1.GetNodeVulnerabilitiesRequest, resp * }, Notes: convertNodeNotes(resp.GetNodeNotes()), } + if resp.GetFeatures() != nil { + for _, feature := range resp.GetFeatures() { + scan.Components = append(scan.Components, &storage.EmbeddedNodeScanComponent{ + Name: feature.GetName(), + Version: feature.GetVersion(), + Vulns: convertNodeVulns(feature.GetVulnerabilities()), + }) + } + } if req.GetRuntime().GetName() != "" && req.GetRuntime().GetVersion() != "" { scan.Components = append(scan.Components, &storage.EmbeddedNodeScanComponent{ Name: req.GetRuntime().GetName(), diff --git a/pkg/scanners/clairify/convert_test.go b/pkg/scanners/clairify/convert_test.go index 2d4bd57074b3b..f43f78d692427 100644 --- a/pkg/scanners/clairify/convert_test.go +++ b/pkg/scanners/clairify/convert_test.go @@ -72,7 +72,7 @@ func TestConvertNodeToVulnRequest(t *testing.T) { KubeletVersion: testCase.kubeletVersion, KubeProxyVersion: testCase.kubeProxyVersion, } - assert.Equal(t, testCase.expected, convertNodeToVulnRequest(node)) + assert.Equal(t, testCase.expected, convertNodeToVulnRequest(node, nil)) } } diff --git a/pkg/scanners/types/types.go b/pkg/scanners/types/types.go index c4b189d013b63..7b20ee99caff0 100644 --- a/pkg/scanners/types/types.go +++ b/pkg/scanners/types/types.go @@ -38,6 +38,7 @@ type ImageVulnerabilityGetter interface { type NodeScanner interface { NodeScanSemaphore Name() string + GetNodeInventoryScan(node *storage.Node, inv *storage.NodeInventory) (*storage.NodeScan, error) GetNodeScan(node *storage.Node) (*storage.NodeScan, error) TestNodeScanner() error Type() string From 00af4e5ffaf6684c12026d6a45c97b25e0abb19a Mon Sep 17 00:00:00 2001 From: Piotr Rygielski <114479+vikin91@users.noreply.github.com> Date: Fri, 20 Jan 2023 13:12:35 +0100 Subject: [PATCH 02/19] Add imageScanServiceClient to clairify node scanner This reverts commit f71ac7d8a689fcb8db3bdba02aab881cff983469. --- pkg/scanners/clairify/clairify.go | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/pkg/scanners/clairify/clairify.go b/pkg/scanners/clairify/clairify.go index 6219fc8facf61..749ccdeb7e7aa 100644 --- a/pkg/scanners/clairify/clairify.go +++ b/pkg/scanners/clairify/clairify.go @@ -176,13 +176,16 @@ func newNodeScanner(protoNodeIntegration *storage.NodeIntegration) (*clairify, e pingServiceClient := clairGRPCV1.NewPingServiceClient(gRPCConnection) scanServiceClient := clairGRPCV1.NewNodeScanServiceClient(gRPCConnection) + // required as RHCOS scanning uses ImageScan API + imageScanServiceClient := clairGRPCV1.NewImageScanServiceClient(gRPCConnection) return &clairify{ - NodeScanSemaphore: scannerTypes.NewNodeSemaphoreWithValue(defaultMaxConcurrentScans), - conf: conf, - pingServiceClient: pingServiceClient, - nodeScanServiceClient: scanServiceClient, - protoNodeIntegration: protoNodeIntegration, + NodeScanSemaphore: scannerTypes.NewNodeSemaphoreWithValue(defaultMaxConcurrentScans), + conf: conf, + pingServiceClient: pingServiceClient, + nodeScanServiceClient: scanServiceClient, + imageScanServiceClient: imageScanServiceClient, + protoNodeIntegration: protoNodeIntegration, }, nil } From 39573b34cf36b98997d60e0c4c18ba9ee97e6e7a Mon Sep 17 00:00:00 2001 From: Piotr Rygielski <114479+vikin91@users.noreply.github.com> Date: Tue, 17 Jan 2023 13:51:58 +0100 Subject: [PATCH 03/19] Fixes and tmp changes: - convertNodeToVulnRequest when inventory is nil - use scanner from branch - addd debug logging --- pkg/scanners/clairify/clairify.go | 2 ++ pkg/scanners/clairify/convert.go | 8 ++++++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/pkg/scanners/clairify/clairify.go b/pkg/scanners/clairify/clairify.go index 749ccdeb7e7aa..58a26bcd4e071 100644 --- a/pkg/scanners/clairify/clairify.go +++ b/pkg/scanners/clairify/clairify.go @@ -415,10 +415,12 @@ func (c *clairify) GetNodeInventoryScan(node *storage.Node, inv *storage.NodeInv req := convertNodeToVulnRequest(node, inv) ctx, cancel := context.WithTimeout(context.Background(), clientTimeout) defer cancel() + log.Debugf("Calling GetNodeVulnerabilities with node inventory: %v", req.GetComponents()) resp, err := c.nodeScanServiceClient.GetNodeVulnerabilities(ctx, req) if err != nil { return nil, err } + log.Debugf("Got reply GetNodeVulnerabilities with features: %v", resp.GetFeatures()) scan := convertVulnResponseToNodeScan(req, resp) if scan == nil { diff --git a/pkg/scanners/clairify/convert.go b/pkg/scanners/clairify/convert.go index 6a7591c5ed276..5da660c326cb2 100644 --- a/pkg/scanners/clairify/convert.go +++ b/pkg/scanners/clairify/convert.go @@ -13,14 +13,18 @@ import ( ) func convertNodeToVulnRequest(node *storage.Node, inventory *storage.NodeInventory) *v1.GetNodeVulnerabilitiesRequest { - return &v1.GetNodeVulnerabilitiesRequest{ + req := &v1.GetNodeVulnerabilitiesRequest{ OsImage: node.GetOsImage(), KernelVersion: node.GetKernelVersion(), KubeletVersion: node.GetKubeletVersion(), KubeproxyVersion: node.GetKubeProxyVersion(), Runtime: convertContainerRuntime(node.GetContainerRuntime()), - Components: convertComponents(inventory.GetComponents()), + Components: nil, } + if inventory != nil && inventory.GetComponents() != nil { + req.Components = convertComponents(inventory.GetComponents()) + } + return req } func convertComponents(c *storage.NodeInventory_Components) *v1.Components { From b58390fd0eada928f1c4f872b2cc1a84b9a7dd18 Mon Sep 17 00:00:00 2001 From: Piotr Rygielski <114479+vikin91@users.noreply.github.com> Date: Mon, 23 Jan 2023 10:44:29 +0100 Subject: [PATCH 04/19] Bump scanner version and dependency --- go.mod | 4 ++-- go.sum | 5 +++++ 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/go.mod b/go.mod index 74d01ee73a35e..9c6bfdf29e9fa 100644 --- a/go.mod +++ b/go.mod @@ -86,7 +86,7 @@ require ( github.com/stackrox/external-network-pusher v0.0.0-20210419192707-074af92bbfa7 github.com/stackrox/helmtest v0.0.0-20220930104945-c4a3c15e834a github.com/stackrox/k8s-istio-cve-pusher v0.0.0-20210422200002-d89f671ac4f5 - github.com/stackrox/scanner v0.0.0-20230120022619-96107ead11f0 + github.com/stackrox/scanner v0.0.0-20230123093733-a299911d6af0 github.com/stretchr/testify v1.8.1 github.com/tecbot/gorocksdb v0.0.0-20191217155057-f0fad39f321c github.com/tidwall/gjson v1.14.1 @@ -107,7 +107,7 @@ require ( golang.org/x/tools v0.5.0 golang.stackrox.io/grpc-http1 v0.2.6 google.golang.org/api v0.107.0 - google.golang.org/genproto v0.0.0-20221227171554-f9683d7f8bef + google.golang.org/genproto v0.0.0-20230119192704-9d59e20e5cd1 google.golang.org/grpc v1.52.0 google.golang.org/grpc/examples v0.0.0-20210902184326-c93e472777b9 gopkg.in/robfig/cron.v2 v2.0.0-20150107220207-be2e0b0deed5 diff --git a/go.sum b/go.sum index 9d7ffadffe6c7..ce591c84b89ad 100644 --- a/go.sum +++ b/go.sum @@ -297,6 +297,7 @@ github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA github.com/census-instrumentation/opencensus-proto v0.3.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/certifi/gocertifi v0.0.0-20191021191039-0944d244cd40/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= github.com/certifi/gocertifi v0.0.0-20210507211836-431795d63e8d/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= +github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= @@ -1788,6 +1789,8 @@ github.com/stackrox/pkcs7 v0.0.0-20220914154527-cfdb0aa47179 h1:5wzvROh+LGgeIeOp github.com/stackrox/pkcs7 v0.0.0-20220914154527-cfdb0aa47179/go.mod h1:zwEXo3PEZZb6QQZBrBORMX0Hvnnwst3PduSaTQZMFYc= github.com/stackrox/scanner v0.0.0-20230120022619-96107ead11f0 h1:zptoNaSOjU3NWs9CWM00qN3Vm2xNn48SDh3V9e0UDFw= github.com/stackrox/scanner v0.0.0-20230120022619-96107ead11f0/go.mod h1:RwswIqA9mUk4ON9GPU9bTFBXzsQFQR8F85Yv/8W8vU0= +github.com/stackrox/scanner v0.0.0-20230123093733-a299911d6af0 h1:kxTaX5WGC3HRDdiUCYxxquLajf/Vfq0kQXBqsPOzMAI= +github.com/stackrox/scanner v0.0.0-20230123093733-a299911d6af0/go.mod h1:RwswIqA9mUk4ON9GPU9bTFBXzsQFQR8F85Yv/8W8vU0= github.com/stackrox/tail v1.4.9-0.20210831224919-407035634f5d h1:jeM6QMtwE9BU0rfDYcmkI/aOChOUfIO18LDp/DSnZpI= github.com/stackrox/tail v1.4.9-0.20210831224919-407035634f5d/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= github.com/stackrox/yaml/v2 v2.4.1 h1:09ux+QFfvp+Lk73pwGlMTAHeZoS2pqs6CCngYaJ6EQo= @@ -2628,6 +2631,8 @@ google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxH google.golang.org/genproto v0.0.0-20220107163113-42d7afdf6368/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20221227171554-f9683d7f8bef h1:uQ2vjV/sHTsWSqdKeLqmwitzgvjMl7o4IdtHwUDXSJY= google.golang.org/genproto v0.0.0-20221227171554-f9683d7f8bef/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230119192704-9d59e20e5cd1 h1:wSjSSQW7LuPdv3m1IrSN33nVxH/kID6OIKy+FMwGB2k= +google.golang.org/genproto v0.0.0-20230119192704-9d59e20e5cd1/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= google.golang.org/grpc v0.0.0-20160317175043-d3ddb4469d5a/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.8.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= From fda68b93ca9fca7acfc288d58daa96daef596dc6 Mon Sep 17 00:00:00 2001 From: Piotr Rygielski <114479+vikin91@users.noreply.github.com> Date: Tue, 24 Jan 2023 10:31:02 +0100 Subject: [PATCH 05/19] Update Scanner dep from master --- go.mod | 2 +- go.sum | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 9c6bfdf29e9fa..d84df68d22130 100644 --- a/go.mod +++ b/go.mod @@ -107,7 +107,7 @@ require ( golang.org/x/tools v0.5.0 golang.stackrox.io/grpc-http1 v0.2.6 google.golang.org/api v0.107.0 - google.golang.org/genproto v0.0.0-20230119192704-9d59e20e5cd1 + google.golang.org/genproto v0.0.0-20230123190316-2c411cf9d197 google.golang.org/grpc v1.52.0 google.golang.org/grpc/examples v0.0.0-20210902184326-c93e472777b9 gopkg.in/robfig/cron.v2 v2.0.0-20150107220207-be2e0b0deed5 diff --git a/go.sum b/go.sum index ce591c84b89ad..0aaadf1fbe892 100644 --- a/go.sum +++ b/go.sum @@ -2633,6 +2633,8 @@ google.golang.org/genproto v0.0.0-20221227171554-f9683d7f8bef h1:uQ2vjV/sHTsWSqd google.golang.org/genproto v0.0.0-20221227171554-f9683d7f8bef/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= google.golang.org/genproto v0.0.0-20230119192704-9d59e20e5cd1 h1:wSjSSQW7LuPdv3m1IrSN33nVxH/kID6OIKy+FMwGB2k= google.golang.org/genproto v0.0.0-20230119192704-9d59e20e5cd1/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230123190316-2c411cf9d197 h1:BwjeHhu4HS48EZmu1nS7flldBIDPC3qn+HqaSQ1K4x8= +google.golang.org/genproto v0.0.0-20230123190316-2c411cf9d197/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= google.golang.org/grpc v0.0.0-20160317175043-d3ddb4469d5a/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.8.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= From 0aadc6d06e608108439a2ac80c6eb2e2ae2a314a Mon Sep 17 00:00:00 2001 From: Piotr Rygielski <114479+vikin91@users.noreply.github.com> Date: Tue, 24 Jan 2023 10:37:35 +0100 Subject: [PATCH 06/19] Add comments explaining the data race between the pipelines --- central/sensor/service/pipeline/nodeinventory/pipeline.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/central/sensor/service/pipeline/nodeinventory/pipeline.go b/central/sensor/service/pipeline/nodeinventory/pipeline.go index 642b835a86a90..28b7e8973f0f8 100644 --- a/central/sensor/service/pipeline/nodeinventory/pipeline.go +++ b/central/sensor/service/pipeline/nodeinventory/pipeline.go @@ -71,6 +71,7 @@ func (p *pipelineImpl) Run(ctx context.Context, clusterID string, msg *central.M ninv = ninv.Clone() + // TODO(ROX-14484): Resolve the race between pipelines - Start of critical section node, found, err := p.nodeDatastore.GetNode(ctx, ninv.GetNodeId()) if err != nil || !found { log.Warnf("Node ID %s not found when processing NodeInventory", ninv.GetNodeId()) @@ -90,6 +91,9 @@ func (p *pipelineImpl) Run(ctx context.Context, clusterID string, msg *central.M log.Error(err) return err } + // TODO(ROX-14484): Resolve the race between pipelines - End of critical section (when CalculateRiskAndUpsertNode finishes) + // We will loose data written in the node pipelinen if the node pipeline writes an update to the DB + // while this pipeline is in the critical section! return nil } From f869fca08d3ccb7d597181e117b68e2cbede4c27 Mon Sep 17 00:00:00 2001 From: Piotr Rygielski <114479+vikin91@users.noreply.github.com> Date: Tue, 24 Jan 2023 11:53:18 +0100 Subject: [PATCH 07/19] Rerun code generation --- pkg/nodes/enricher/mocks/enricher.go | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/pkg/nodes/enricher/mocks/enricher.go b/pkg/nodes/enricher/mocks/enricher.go index e787ef703ab0e..93f3bda5618cb 100644 --- a/pkg/nodes/enricher/mocks/enricher.go +++ b/pkg/nodes/enricher/mocks/enricher.go @@ -9,23 +9,15 @@ import ( gomock "github.com/golang/mock/gomock" storage "github.com/stackrox/rox/generated/storage" - "github.com/stackrox/rox/pkg/nodes/enricher" types "github.com/stackrox/rox/pkg/scanners/types" ) -var _ enricher.NodeEnricher = (*MockNodeEnricher)(nil) - // MockNodeEnricher is a mock of NodeEnricher interface. type MockNodeEnricher struct { ctrl *gomock.Controller recorder *MockNodeEnricherMockRecorder } -func (m *MockNodeEnricher) EnrichNodeWithInventory(node *storage.Node, nodeInventory *storage.NodeInventory) error { - //TODO implement me - panic("implement me") -} - // MockNodeEnricherMockRecorder is the mock recorder for MockNodeEnricher. type MockNodeEnricherMockRecorder struct { mock *MockNodeEnricher @@ -72,6 +64,20 @@ func (mr *MockNodeEnricherMockRecorder) EnrichNode(node interface{}) *gomock.Cal return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "EnrichNode", reflect.TypeOf((*MockNodeEnricher)(nil).EnrichNode), node) } +// EnrichNodeWithInventory mocks base method. +func (m *MockNodeEnricher) EnrichNodeWithInventory(node *storage.Node, nodeInventory *storage.NodeInventory) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "EnrichNodeWithInventory", node, nodeInventory) + ret0, _ := ret[0].(error) + return ret0 +} + +// EnrichNodeWithInventory indicates an expected call of EnrichNodeWithInventory. +func (mr *MockNodeEnricherMockRecorder) EnrichNodeWithInventory(node, nodeInventory interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "EnrichNodeWithInventory", reflect.TypeOf((*MockNodeEnricher)(nil).EnrichNodeWithInventory), node, nodeInventory) +} + // RemoveNodeIntegration mocks base method. func (m *MockNodeEnricher) RemoveNodeIntegration(id string) { m.ctrl.T.Helper() From acc35b25914eae3ced791c18f02949e340175b20 Mon Sep 17 00:00:00 2001 From: Piotr Rygielski <114479+vikin91@users.noreply.github.com> Date: Thu, 26 Jan 2023 10:54:16 +0100 Subject: [PATCH 08/19] Add more test coverage for convertNodeToVulnRequest --- pkg/scanners/clairify/convert.go | 2 +- pkg/scanners/clairify/convert_test.go | 51 ++++++++++++++++++++++++++- 2 files changed, 51 insertions(+), 2 deletions(-) diff --git a/pkg/scanners/clairify/convert.go b/pkg/scanners/clairify/convert.go index 5da660c326cb2..9a7a0064e3018 100644 --- a/pkg/scanners/clairify/convert.go +++ b/pkg/scanners/clairify/convert.go @@ -29,7 +29,7 @@ func convertNodeToVulnRequest(node *storage.Node, inventory *storage.NodeInvento func convertComponents(c *storage.NodeInventory_Components) *v1.Components { components := &v1.Components{ - Namespace: c.Namespace, + Namespace: c.GetNamespace(), OsComponents: nil, LanguageComponents: nil, RhelComponents: make([]*v1.RHELComponent, len(c.GetRhelComponents())), diff --git a/pkg/scanners/clairify/convert_test.go b/pkg/scanners/clairify/convert_test.go index f43f78d692427..3b8fefb103ea7 100644 --- a/pkg/scanners/clairify/convert_test.go +++ b/pkg/scanners/clairify/convert_test.go @@ -17,6 +17,7 @@ func TestConvertNodeToVulnRequest(t *testing.T) { osImage string kubeletVersion string kubeProxyVersion string + nodeInventory *storage.NodeInventory expected *v1.GetNodeVulnerabilitiesRequest }{ @@ -64,6 +65,54 @@ func TestConvertNodeToVulnRequest(t *testing.T) { }, }, }, + { + nodeInventory: &storage.NodeInventory{ + Components: &storage.NodeInventory_Components{ + Namespace: "rhcos:4.11", + RhelContentSets: []string{"rhel-8-for-x86_64-appstream-rpms", "rhel-8-for-x86_64-baseos-rpms"}, + RhelComponents: []*storage.NodeInventory_Components_RHELComponent{ + { + Id: int64(1), + Name: "vim-minimal", + Namespace: "rhel:8", + Version: "2:7.4.629-6.el8", + Arch: "x86_64", + Module: "", + AddedBy: "", + }, + }, + }, + }, + containerRuntime: &storage.ContainerRuntimeInfo{ + Type: storage.ContainerRuntime_UNKNOWN_CONTAINER_RUNTIME, + Version: "containerd://1.2.8", + }, + expected: &v1.GetNodeVulnerabilitiesRequest{ + Runtime: &v1.GetNodeVulnerabilitiesRequest_ContainerRuntime{ + Name: "containerd", + Version: "1.2.8", + }, + Components: &v1.Components{ + Namespace: "rhcos:4.11", + RhelContentSets: []string{"rhel-8-for-x86_64-appstream-rpms", "rhel-8-for-x86_64-baseos-rpms"}, + RhelComponents: []*v1.RHELComponent{ + { + Id: int64(1), + Name: "vim-minimal", + Namespace: "rhel:8", + Version: "2:7.4.629-6.el8", + Arch: "x86_64", + Module: "", + AddedBy: "", + Cpes: nil, + Executables: []*v1.Executable{}, + }, + }, + OsComponents: nil, + LanguageComponents: nil, + }, + }, + }, } { node := &storage.Node{ ContainerRuntime: testCase.containerRuntime, @@ -72,7 +121,7 @@ func TestConvertNodeToVulnRequest(t *testing.T) { KubeletVersion: testCase.kubeletVersion, KubeProxyVersion: testCase.kubeProxyVersion, } - assert.Equal(t, testCase.expected, convertNodeToVulnRequest(node, nil)) + assert.Equal(t, testCase.expected, convertNodeToVulnRequest(node, testCase.nodeInventory)) } } From b93895745d8a217f8742f6ec5bc53e904f158220 Mon Sep 17 00:00:00 2001 From: Piotr Rygielski <114479+vikin91@users.noreply.github.com> Date: Thu, 26 Jan 2023 10:58:31 +0100 Subject: [PATCH 09/19] Refactor & comment on nil-ness of EnrichNodeWithInventory params --- pkg/nodes/enricher/enricher_impl.go | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) diff --git a/pkg/nodes/enricher/enricher_impl.go b/pkg/nodes/enricher/enricher_impl.go index 311852a2cd5e1..b165cc7a50685 100644 --- a/pkg/nodes/enricher/enricher_impl.go +++ b/pkg/nodes/enricher/enricher_impl.go @@ -51,6 +51,9 @@ func (e *enricherImpl) RemoveNodeIntegration(id string) { delete(e.scanners, id) } +// EnrichNodeWithInventory does vulnerability scanning and sets the result in node.NodeScan. +// node must not be nil - it is caller's responsibility to ensure this +// nodeInventory can be nil - in that case it is skipped on scanning func (e *enricherImpl) EnrichNodeWithInventory(node *storage.Node, nodeInventory *storage.NodeInventory) error { // Clear any pre-existing notes, as it will all be filled here. // Note: this is valid even if node.Notes is nil. @@ -68,18 +71,7 @@ func (e *enricherImpl) EnrichNodeWithInventory(node *storage.Node, nodeInventory // EnrichNode enriches a node with the integration set present. func (e *enricherImpl) EnrichNode(node *storage.Node) error { - // Clear any pre-existing notes, as it will all be filled here. - // Note: this is valid even if node.Notes is nil. - node.Notes = node.Notes[:0] - - err := e.enrichWithScan(node, nil) - if err != nil { - node.Notes = append(node.Notes, storage.Node_MISSING_SCAN_DATA) - } - - e.cves.EnrichNodeWithSuppressedCVEs(node) - - return err + return e.EnrichNodeWithInventory(node, nil) } func (e *enricherImpl) enrichWithScan(node *storage.Node, nodeInventory *storage.NodeInventory) error { From a6cafdd71bc68990e92fcc72ec857c0483f51d13 Mon Sep 17 00:00:00 2001 From: Piotr Rygielski <114479+vikin91@users.noreply.github.com> Date: Thu, 26 Jan 2023 10:59:10 +0100 Subject: [PATCH 10/19] Fix typo --- central/sensor/service/pipeline/nodeinventory/pipeline.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/central/sensor/service/pipeline/nodeinventory/pipeline.go b/central/sensor/service/pipeline/nodeinventory/pipeline.go index 28b7e8973f0f8..43f3dc7b02859 100644 --- a/central/sensor/service/pipeline/nodeinventory/pipeline.go +++ b/central/sensor/service/pipeline/nodeinventory/pipeline.go @@ -92,7 +92,7 @@ func (p *pipelineImpl) Run(ctx context.Context, clusterID string, msg *central.M return err } // TODO(ROX-14484): Resolve the race between pipelines - End of critical section (when CalculateRiskAndUpsertNode finishes) - // We will loose data written in the node pipelinen if the node pipeline writes an update to the DB + // We will loose data written in the node pipeline if the node pipeline writes an update to the DB // while this pipeline is in the critical section! return nil } From 562e75ee318af3ff2814495ccb3d9f012919344c Mon Sep 17 00:00:00 2001 From: Piotr Rygielski <114479+vikin91@users.noreply.github.com> Date: Thu, 26 Jan 2023 11:04:04 +0100 Subject: [PATCH 11/19] Rename import to riskManager --- central/sensor/service/pipeline/nodeinventory/pipeline.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/central/sensor/service/pipeline/nodeinventory/pipeline.go b/central/sensor/service/pipeline/nodeinventory/pipeline.go index 43f3dc7b02859..d7c453b18f92a 100644 --- a/central/sensor/service/pipeline/nodeinventory/pipeline.go +++ b/central/sensor/service/pipeline/nodeinventory/pipeline.go @@ -8,7 +8,7 @@ import ( "github.com/stackrox/rox/central/enrichment" countMetrics "github.com/stackrox/rox/central/metrics" nodeDatastore "github.com/stackrox/rox/central/node/datastore" - "github.com/stackrox/rox/central/risk/manager" + riskManager "github.com/stackrox/rox/central/risk/manager" "github.com/stackrox/rox/central/sensor/service/common" "github.com/stackrox/rox/central/sensor/service/pipeline" "github.com/stackrox/rox/central/sensor/service/pipeline/reconciliation" @@ -24,11 +24,11 @@ var ( // GetPipeline returns an instantiation of this particular pipeline func GetPipeline() pipeline.Fragment { - return NewPipeline(clusterDataStore.Singleton(), nodeDatastore.Singleton(), enrichment.NodeEnricherSingleton(), manager.Singleton()) + return NewPipeline(clusterDataStore.Singleton(), nodeDatastore.Singleton(), enrichment.NodeEnricherSingleton(), riskManager.Singleton()) } // NewPipeline returns a new instance of Pipeline. -func NewPipeline(clusters clusterDataStore.DataStore, nodes nodeDatastore.DataStore, enricher enricher.NodeEnricher, riskManager manager.Manager) pipeline.Fragment { +func NewPipeline(clusters clusterDataStore.DataStore, nodes nodeDatastore.DataStore, enricher enricher.NodeEnricher, riskManager riskManager.Manager) pipeline.Fragment { return &pipelineImpl{ clusterStore: clusters, nodeDatastore: nodes, @@ -41,7 +41,7 @@ type pipelineImpl struct { clusterStore clusterDataStore.DataStore nodeDatastore nodeDatastore.DataStore enricher enricher.NodeEnricher - riskManager manager.Manager + riskManager riskManager.Manager } func (p *pipelineImpl) Reconcile(ctx context.Context, clusterID string, storeMap *reconciliation.StoreMap) error { From baa2b6e81fe94b94ba7aab98f933e1d693563876 Mon Sep 17 00:00:00 2001 From: Piotr Rygielski <114479+vikin91@users.noreply.github.com> Date: Thu, 26 Jan 2023 11:04:52 +0100 Subject: [PATCH 12/19] Unexport nodeinventory.newPipeline --- central/sensor/service/pipeline/nodeinventory/pipeline.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/central/sensor/service/pipeline/nodeinventory/pipeline.go b/central/sensor/service/pipeline/nodeinventory/pipeline.go index d7c453b18f92a..551af4cb7cca1 100644 --- a/central/sensor/service/pipeline/nodeinventory/pipeline.go +++ b/central/sensor/service/pipeline/nodeinventory/pipeline.go @@ -24,11 +24,11 @@ var ( // GetPipeline returns an instantiation of this particular pipeline func GetPipeline() pipeline.Fragment { - return NewPipeline(clusterDataStore.Singleton(), nodeDatastore.Singleton(), enrichment.NodeEnricherSingleton(), riskManager.Singleton()) + return newPipeline(clusterDataStore.Singleton(), nodeDatastore.Singleton(), enrichment.NodeEnricherSingleton(), riskManager.Singleton()) } -// NewPipeline returns a new instance of Pipeline. -func NewPipeline(clusters clusterDataStore.DataStore, nodes nodeDatastore.DataStore, enricher enricher.NodeEnricher, riskManager riskManager.Manager) pipeline.Fragment { +// newPipeline returns a new instance of Pipeline. +func newPipeline(clusters clusterDataStore.DataStore, nodes nodeDatastore.DataStore, enricher enricher.NodeEnricher, riskManager riskManager.Manager) pipeline.Fragment { return &pipelineImpl{ clusterStore: clusters, nodeDatastore: nodes, From f5f56597482ff2c5ec7f5b3b5d1156a43ecfc162 Mon Sep 17 00:00:00 2001 From: Piotr Rygielski <114479+vikin91@users.noreply.github.com> Date: Thu, 26 Jan 2023 15:33:45 +0100 Subject: [PATCH 13/19] Add informational debug logging --- central/sensor/service/pipeline/nodeinventory/pipeline.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/central/sensor/service/pipeline/nodeinventory/pipeline.go b/central/sensor/service/pipeline/nodeinventory/pipeline.go index 551af4cb7cca1..b8e84d6b131c5 100644 --- a/central/sensor/service/pipeline/nodeinventory/pipeline.go +++ b/central/sensor/service/pipeline/nodeinventory/pipeline.go @@ -62,7 +62,9 @@ func (p *pipelineImpl) Run(ctx context.Context, clusterID string, msg *central.M return errors.Errorf("unexpected resource type %T for node inventory", event.GetResource()) } - log.Infof("Central received NodeInventory for Node name='%s' ID='%s'", ninv.GetNodeName(), ninv.GetNodeId()) + log.Infof("Received NodeInventory for Node name='%s' ID='%s'", ninv.GetNodeName(), ninv.GetNodeId()) + log.Debugf("NodeInventory for name='%s' contains %d packages to scan from %d content sets", ninv.GetNodeName(), + len(ninv.GetComponents().GetRhelComponents()), len(ninv.GetComponents().GetRhelContentSets())) if event.GetAction() == central.ResourceAction_REMOVE_RESOURCE { // NodeInventory will never be deleted @@ -84,6 +86,9 @@ func (p *pipelineImpl) Run(ctx context.Context, clusterID string, msg *central.M log.Warnf("enriching node with node inventory %s:%s: %v", node.GetClusterName(), node.GetName(), err) } + log.Debugf("NodeInventory for name='%s' has been scanned and contains %d results", ninv.GetNodeName(), + len(node.GetScan().GetComponents())) + // Here NodeInventory stops to matter. All data required for the DB and UI is in node.NodeScan already if err := p.riskManager.CalculateRiskAndUpsertNode(node); err != nil { From ca9a1132064e839e213d18b3a1ec291b9c3a195f Mon Sep 17 00:00:00 2001 From: Piotr Rygielski <114479+vikin91@users.noreply.github.com> Date: Fri, 27 Jan 2023 13:54:28 +0100 Subject: [PATCH 14/19] Tmp: Pull scanner code from Victor's branch to check content sets --- go.mod | 2 +- go.sum | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index d84df68d22130..166d3216ee180 100644 --- a/go.mod +++ b/go.mod @@ -86,7 +86,7 @@ require ( github.com/stackrox/external-network-pusher v0.0.0-20210419192707-074af92bbfa7 github.com/stackrox/helmtest v0.0.0-20220930104945-c4a3c15e834a github.com/stackrox/k8s-istio-cve-pusher v0.0.0-20210422200002-d89f671ac4f5 - github.com/stackrox/scanner v0.0.0-20230123093733-a299911d6af0 + github.com/stackrox/scanner v0.0.0-20230127075840-1c373325cab0 github.com/stretchr/testify v1.8.1 github.com/tecbot/gorocksdb v0.0.0-20191217155057-f0fad39f321c github.com/tidwall/gjson v1.14.1 diff --git a/go.sum b/go.sum index 0aaadf1fbe892..d217ee778a351 100644 --- a/go.sum +++ b/go.sum @@ -1791,6 +1791,8 @@ github.com/stackrox/scanner v0.0.0-20230120022619-96107ead11f0 h1:zptoNaSOjU3NWs github.com/stackrox/scanner v0.0.0-20230120022619-96107ead11f0/go.mod h1:RwswIqA9mUk4ON9GPU9bTFBXzsQFQR8F85Yv/8W8vU0= github.com/stackrox/scanner v0.0.0-20230123093733-a299911d6af0 h1:kxTaX5WGC3HRDdiUCYxxquLajf/Vfq0kQXBqsPOzMAI= github.com/stackrox/scanner v0.0.0-20230123093733-a299911d6af0/go.mod h1:RwswIqA9mUk4ON9GPU9bTFBXzsQFQR8F85Yv/8W8vU0= +github.com/stackrox/scanner v0.0.0-20230127075840-1c373325cab0 h1:sYRklnvpw92Juwh9hwd7MHQE2p6WIKCzJw69JSNIgxQ= +github.com/stackrox/scanner v0.0.0-20230127075840-1c373325cab0/go.mod h1:RwswIqA9mUk4ON9GPU9bTFBXzsQFQR8F85Yv/8W8vU0= github.com/stackrox/tail v1.4.9-0.20210831224919-407035634f5d h1:jeM6QMtwE9BU0rfDYcmkI/aOChOUfIO18LDp/DSnZpI= github.com/stackrox/tail v1.4.9-0.20210831224919-407035634f5d/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= github.com/stackrox/yaml/v2 v2.4.1 h1:09ux+QFfvp+Lk73pwGlMTAHeZoS2pqs6CCngYaJ6EQo= From 06dab9c13ce46ff943da2cb5e8af3f747b55c0c3 Mon Sep 17 00:00:00 2001 From: Piotr Rygielski <114479+vikin91@users.noreply.github.com> Date: Fri, 27 Jan 2023 14:45:13 +0100 Subject: [PATCH 15/19] Ignore requests to delete node inventories --- central/sensor/service/pipeline/nodeinventory/pipeline.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/central/sensor/service/pipeline/nodeinventory/pipeline.go b/central/sensor/service/pipeline/nodeinventory/pipeline.go index b8e84d6b131c5..7ff50cde89f73 100644 --- a/central/sensor/service/pipeline/nodeinventory/pipeline.go +++ b/central/sensor/service/pipeline/nodeinventory/pipeline.go @@ -67,7 +67,7 @@ func (p *pipelineImpl) Run(ctx context.Context, clusterID string, msg *central.M len(ninv.GetComponents().GetRhelComponents()), len(ninv.GetComponents().GetRhelContentSets())) if event.GetAction() == central.ResourceAction_REMOVE_RESOURCE { - // NodeInventory will never be deleted + log.Warn("Deletion of NodeInventories is not supported", ninv.GetNodeId()) return nil } From dc233820e759af5f947728baaa36256611d6dc40 Mon Sep 17 00:00:00 2001 From: Piotr Rygielski <114479+vikin91@users.noreply.github.com> Date: Mon, 30 Jan 2023 12:14:19 +0100 Subject: [PATCH 16/19] Use scanner version and deps from master --- go.mod | 38 +++++++++++++++++++------------------- go.sum | 37 +++++++++++++++++++++++++++++-------- 2 files changed, 48 insertions(+), 27 deletions(-) diff --git a/go.mod b/go.mod index 166d3216ee180..1c799f55f724f 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.18 require ( cloud.google.com/go/compute/metadata v0.2.3 cloud.google.com/go/containeranalysis v0.6.0 - cloud.google.com/go/storage v1.28.1 + cloud.google.com/go/storage v1.29.0 github.com/BurntSushi/toml v1.2.1 github.com/Masterminds/semver v1.5.0 github.com/Masterminds/sprig/v3 v3.2.3 @@ -18,14 +18,14 @@ require ( github.com/blevesearch/bleve v1.0.14 github.com/cenkalti/backoff/v3 v3.2.2 github.com/cloudflare/cfssl v1.6.3 - github.com/containers/image/v5 v5.23.1 + github.com/containers/image/v5 v5.24.0 github.com/coreos/go-oidc/v3 v3.5.0 github.com/coreos/go-systemd/v22 v22.5.0 github.com/dave/jennifer v1.6.0 github.com/dexidp/dex v0.0.0-20220607113954-3836196af2e7 github.com/docker/distribution v2.8.1+incompatible // If this is updated, be sure to check the version of github.com/opencontainers/runc used. - github.com/docker/docker v20.10.21+incompatible + github.com/docker/docker v20.10.23+incompatible github.com/docker/go-connections v0.4.0 github.com/docker/go-units v0.5.0 github.com/facebookincubator/nvdtools v0.1.5 @@ -86,7 +86,7 @@ require ( github.com/stackrox/external-network-pusher v0.0.0-20210419192707-074af92bbfa7 github.com/stackrox/helmtest v0.0.0-20220930104945-c4a3c15e834a github.com/stackrox/k8s-istio-cve-pusher v0.0.0-20210422200002-d89f671ac4f5 - github.com/stackrox/scanner v0.0.0-20230127075840-1c373325cab0 + github.com/stackrox/scanner v0.0.0-20230127183442-f5521e941607 github.com/stretchr/testify v1.8.1 github.com/tecbot/gorocksdb v0.0.0-20191217155057-f0fad39f321c github.com/tidwall/gjson v1.14.1 @@ -107,8 +107,8 @@ require ( golang.org/x/tools v0.5.0 golang.stackrox.io/grpc-http1 v0.2.6 google.golang.org/api v0.107.0 - google.golang.org/genproto v0.0.0-20230123190316-2c411cf9d197 - google.golang.org/grpc v1.52.0 + google.golang.org/genproto v0.0.0-20230127162408-596548ed4efa + google.golang.org/grpc v1.52.3 google.golang.org/grpc/examples v0.0.0-20210902184326-c93e472777b9 gopkg.in/robfig/cron.v2 v2.0.0-20150107220207-be2e0b0deed5 gopkg.in/square/go-jose.v2 v2.6.0 @@ -140,7 +140,7 @@ require ( ) require ( - cloud.google.com/go v0.105.0 // indirect + cloud.google.com/go v0.107.0 // indirect cloud.google.com/go/compute v1.14.0 // indirect cloud.google.com/go/iam v0.8.0 // indirect github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect @@ -155,7 +155,7 @@ require ( github.com/Masterminds/semver/v3 v3.2.0 // indirect github.com/Masterminds/squirrel v1.5.3 // indirect github.com/Microsoft/go-winio v0.6.0 // indirect - github.com/Microsoft/hcsshim v0.9.5 // indirect + github.com/Microsoft/hcsshim v0.9.6 // indirect github.com/ProtonMail/go-crypto v0.0.0-20221026131551-cf6655e29de4 // indirect github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d // indirect github.com/acomagu/bufpipe v1.0.3 // indirect @@ -174,13 +174,13 @@ require ( github.com/containerd/cgroups v1.0.4 // indirect github.com/containerd/containerd v1.6.12 // indirect github.com/containerd/continuity v0.3.0 // indirect - github.com/containerd/stargz-snapshotter/estargz v0.12.1 // indirect - github.com/containers/storage v1.43.0 // indirect + github.com/containerd/stargz-snapshotter/estargz v0.13.0 // indirect + github.com/containers/storage v1.45.3 // indirect github.com/couchbase/ghistogram v0.1.0 // indirect github.com/couchbase/moss v0.1.0 // indirect github.com/couchbase/vellum v1.0.2 // indirect github.com/creack/pty v1.1.18 // indirect - github.com/cyberphone/json-canonicalization v0.0.0-20210823021906-dc406ceaf94b // indirect + github.com/cyberphone/json-canonicalization v0.0.0-20220623050100-57a0ce2678a7 // indirect github.com/cyphar/filepath-securejoin v0.2.3 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/docker/cli v20.10.20+incompatible // indirect @@ -216,7 +216,7 @@ require ( github.com/go-openapi/validate v0.22.0 // indirect github.com/go-playground/locales v0.14.0 // indirect github.com/go-playground/universal-translator v0.18.0 // indirect - github.com/go-playground/validator/v10 v10.11.0 // indirect + github.com/go-playground/validator/v10 v10.11.1 // indirect github.com/gobuffalo/flect v0.2.5 // indirect github.com/gobwas/glob v0.2.3 // indirect github.com/golang/glog v1.0.0 // indirect @@ -257,8 +257,8 @@ require ( github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect github.com/kevinburke/ssh_config v1.2.0 // indirect - github.com/klauspost/compress v1.15.14 // indirect - github.com/klauspost/pgzip v1.2.5 // indirect + github.com/klauspost/compress v1.15.15 // indirect + github.com/klauspost/pgzip v1.2.6-0.20220930104621-17e8dac29df8 // indirect github.com/knqyf263/go-rpm-version v0.0.0-20220614171824-631e686d1075 // indirect github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 // indirect @@ -268,7 +268,7 @@ require ( github.com/mattermost/xml-roundtrip-validator v0.1.0 // indirect github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-isatty v0.0.17 // indirect - github.com/mattn/go-runewidth v0.0.13 // indirect + github.com/mattn/go-runewidth v0.0.14 // indirect github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect github.com/mholt/archiver/v3 v3.5.1 // indirect github.com/mitchellh/copystructure v1.2.0 // indirect @@ -299,7 +299,7 @@ require ( github.com/pierrec/lz4/v4 v4.1.2 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/prometheus/procfs v0.9.0 // indirect - github.com/rivo/uniseg v0.2.0 // indirect + github.com/rivo/uniseg v0.4.3 // indirect github.com/rogpeppe/go-internal v1.8.1 // indirect github.com/rubenv/sql-migrate v1.1.1 // indirect github.com/russross/blackfriday v1.6.0 // indirect @@ -309,7 +309,7 @@ require ( github.com/segmentio/backo-go v1.0.1 // indirect github.com/shibumi/go-pathspec v1.3.0 // indirect github.com/shopspring/decimal v1.2.0 // indirect - github.com/sigstore/rekor v0.12.1-0.20220915152154-4bb6f441c1b2 // indirect + github.com/sigstore/rekor v1.0.1 // indirect github.com/sirupsen/logrus v1.9.0 // indirect github.com/spf13/afero v1.8.2 // indirect github.com/spf13/cast v1.5.0 // indirect @@ -324,7 +324,7 @@ require ( github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635 // indirect github.com/syndtr/goleveldb v1.0.1-0.20220721030215-126854af5e6d // indirect github.com/tent/canonical-json-go v0.0.0-20130607151641-96e4ba3a7613 // indirect - github.com/theupdateframework/go-tuf v0.5.2-0.20220930112810-3890c1e7ace4 // indirect + github.com/theupdateframework/go-tuf v0.5.2-0.20221207161717-9cb61d6e65f5 // indirect github.com/tidwall/match v1.1.1 // indirect github.com/tidwall/pretty v1.2.0 // indirect github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 // indirect @@ -342,7 +342,7 @@ require ( github.com/xlab/treeprint v0.0.0-20181112141820-a009c3971eca // indirect github.com/zmap/zcrypto v0.0.0-20220402174210-599ec18ecbac // indirect github.com/zmap/zlint/v3 v3.4.0 // indirect - go.mongodb.org/mongo-driver v1.10.0 // indirect + go.mongodb.org/mongo-driver v1.11.1 // indirect go.opencensus.io v0.24.0 // indirect go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5 // indirect go.uber.org/multierr v1.9.0 // indirect diff --git a/go.sum b/go.sum index d217ee778a351..2596678b1f618 100644 --- a/go.sum +++ b/go.sum @@ -30,6 +30,7 @@ cloud.google.com/go v0.79.0/go.mod h1:3bzgcEeQlzbuEAYu4mrWhKqWjmpprinYgKJLgKHnbb cloud.google.com/go v0.81.0/go.mod h1:mk/AM35KwGk/Nm2YSeZbxXdrNK3KZOYHmLkOqC2V6E0= cloud.google.com/go v0.105.0 h1:DNtEKRBAAzeS4KyIory52wWHuClNaXJ5x1F7xa4q+5Y= cloud.google.com/go v0.105.0/go.mod h1:PrLgOJNe5nfE9UMxKxgXj4mD3voiP+YQ6gdt6KMFOKM= +cloud.google.com/go v0.107.0/go.mod h1:wpc2eNrD7hXUTy8EKS10jkxpZBjASrORK7goS+3YX2I= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= @@ -63,6 +64,7 @@ cloud.google.com/go/storage v1.12.0/go.mod h1:fFLk2dp2oAhDz8QFKwqrjdJvxSp/W2g7ni cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3fOKtUw0Xmo= cloud.google.com/go/storage v1.28.1 h1:F5QDG5ChchaAVQhINh24U99OWHURqrW8OmQcGKXcbgI= cloud.google.com/go/storage v1.28.1/go.mod h1:Qnisd4CqDdo6BGs2AD5LLnEsmSQ80wQ5ogcBBKhU86Y= +cloud.google.com/go/storage v1.29.0/go.mod h1:4puEjyTKnku6gfKoTfNOU/W+a9JyuVNxjpS5GBrB8h4= code.gitea.io/sdk/gitea v0.11.3/go.mod h1:z3uwDV/b9Ls47NGukYM9XhnHtqPh/J+t40lsUrR6JDY= contrib.go.opencensus.io/exporter/aws v0.0.0-20181029163544-2befc13012d0/go.mod h1:uu1P0UCM/6RbsMrgPa98ll8ZcHM858i/AD06a9aLRCA= contrib.go.opencensus.io/exporter/ocagent v0.5.0/go.mod h1:ImxhfLRpxoYiSq891pBrLVhN+qmP8BTVvdH2YLs7Gl0= @@ -163,6 +165,8 @@ github.com/Microsoft/hcsshim v0.8.21/go.mod h1:+w2gRZ5ReXQhFOrvSQeNfhrYB/dg3oDwT github.com/Microsoft/hcsshim v0.9.4/go.mod h1:7pLA8lDk46WKDWlVsENo92gC0XFa8rbKfyFRBqxEbCc= github.com/Microsoft/hcsshim v0.9.5 h1:AbV+VPfTrIVffukazHcpxmz/sRiE6YaMDzHWR9BXZHo= github.com/Microsoft/hcsshim v0.9.5/go.mod h1:7pLA8lDk46WKDWlVsENo92gC0XFa8rbKfyFRBqxEbCc= +github.com/Microsoft/hcsshim v0.9.6 h1:VwnDOgLeoi2du6dAznfmspNqTiwczvjv4K7NxuY9jsY= +github.com/Microsoft/hcsshim v0.9.6/go.mod h1:7pLA8lDk46WKDWlVsENo92gC0XFa8rbKfyFRBqxEbCc= github.com/Microsoft/hcsshim/test v0.0.0-20201218223536-d3e5debf77da/go.mod h1:5hlzMzRKMLyo42nCZ9oml8AdTlq/0cvIaBv6tK1RehU= github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3/go.mod h1:mw7qgWloBUl75W/gVH3cQszUg1+gUITj7D6NY7ywVnY= github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= @@ -406,6 +410,8 @@ github.com/containerd/stargz-snapshotter/estargz v0.4.1/go.mod h1:x7Q9dg9QYb4+EL github.com/containerd/stargz-snapshotter/estargz v0.12.0/go.mod h1:AIQ59TewBFJ4GOPEQXujcrJ/EKxh5xXZegW1rkR1P/M= github.com/containerd/stargz-snapshotter/estargz v0.12.1 h1:+7nYmHJb0tEkcRaAW+MHqoKaJYZmkikupxCqVtmPuY0= github.com/containerd/stargz-snapshotter/estargz v0.12.1/go.mod h1:12VUuCq3qPq4y8yUW+l5w3+oXV3cx2Po3KSe/SmPGqw= +github.com/containerd/stargz-snapshotter/estargz v0.13.0 h1:fD7AwuVV+B40p0d9qVkH/Au1qhp8hn/HWJHIYjpEcfw= +github.com/containerd/stargz-snapshotter/estargz v0.13.0/go.mod h1:m+9VaGJGlhCnrcEUod8mYumTmRgblwd3rC5UCEh2Yp0= github.com/containerd/ttrpc v0.0.0-20190828154514-0e0f228740de/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= github.com/containerd/ttrpc v0.0.0-20190828172938-92c8520ef9f8/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= github.com/containerd/ttrpc v0.0.0-20191028202541-4f1b8fe65a5c/go.mod h1:LPm1u0xBw8r8NOKoOdNMeVHSawSsltak+Ihv+etqsE8= @@ -428,11 +434,13 @@ github.com/containernetworking/plugins v0.8.6/go.mod h1:qnw5mN19D8fIwkqW7oHHYDHV github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRDjeJr6FLK6vuiUwoH7P8= github.com/containers/image/v5 v5.23.1 h1:dUK9p5xfd38iTQXJEgMsUGqIHXbkDugrleZtd3zB+Wg= github.com/containers/image/v5 v5.23.1/go.mod h1:EXFFGEsL99S6aqLqK2mQJ3yrNh6Q05UCHt4mhF9JNoM= +github.com/containers/image/v5 v5.24.0/go.mod h1:oss5F6ssGQz8ZtC79oY+fuzYA3m3zBek9tq9gmhuvHc= github.com/containers/ocicrypt v1.0.1/go.mod h1:MeJDzk1RJHv89LjsH0Sp5KTY3ZYkjXO/C+bKAeWFIrc= github.com/containers/ocicrypt v1.1.0/go.mod h1:b8AOe0YR67uU8OqfVNcznfFpAzu3rdgUV4GP9qXPfu4= github.com/containers/ocicrypt v1.1.1/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY= github.com/containers/storage v1.43.0 h1:P+zulGXA3mqe2GnYmZU0xu87Wy1M0PVHM2ucrgmvTdU= github.com/containers/storage v1.43.0/go.mod h1:uZ147thiIFGdVTjMmIw19knttQnUCl3y9zjreHrg11s= +github.com/containers/storage v1.45.3/go.mod h1:OdRUYHrq1HP6iAo79VxqtYuJzC5j4eA2I60jKOoCT7g= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/etcd v3.3.13+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= @@ -472,6 +480,8 @@ github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY= github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= github.com/cyberphone/json-canonicalization v0.0.0-20210823021906-dc406ceaf94b h1:lMzA7yYThpwx7iYNpTeiQnRH6h5JSfSYMJdz+pxZOW8= github.com/cyberphone/json-canonicalization v0.0.0-20210823021906-dc406ceaf94b/go.mod h1:uzvlm1mxhHkdfqitSA92i7Se+S9ksOn3a3qmv/kyOCw= +github.com/cyberphone/json-canonicalization v0.0.0-20220623050100-57a0ce2678a7 h1:vU+EP9ZuFUCYE0NYLwTSob+3LNEJATzNfP/DC7SWGWI= +github.com/cyberphone/json-canonicalization v0.0.0-20220623050100-57a0ce2678a7/go.mod h1:uzvlm1mxhHkdfqitSA92i7Se+S9ksOn3a3qmv/kyOCw= github.com/cyphar/filepath-securejoin v0.2.2/go.mod h1:FpkQEhXnPnOthhzymB7CGsFk2G9VLXONKD9G7QGMM+4= github.com/cyphar/filepath-securejoin v0.2.3 h1:YX6ebbZCZP7VkM3scTTokDgBL2TY741X51MTk3ycuNI= github.com/cyphar/filepath-securejoin v0.2.3/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= @@ -514,6 +524,7 @@ github.com/docker/distribution v2.8.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4Kfc github.com/docker/docker v1.4.2-0.20190924003213-a8608b5b67c7/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker v20.10.21+incompatible h1:UTLdBmHk3bEY+w8qeO5KttOhy6OmXWsl/FEet9Uswog= github.com/docker/docker v20.10.21+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker v20.10.23+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker-credential-helpers v0.6.3/go.mod h1:WRaJzqw3CTB9bk10avuGsjVBZsD05qeibJ1/TYlvc0Y= github.com/docker/docker-credential-helpers v0.7.0 h1:xtCHsjxogADNZcdv1pKUHXryefjlVRqWqIhk/uXJp0A= github.com/docker/docker-credential-helpers v0.7.0/go.mod h1:rETQfLdHNT3foU5kuNkFR1R1V12OJRRO5lzt2D1b5X0= @@ -714,6 +725,7 @@ github.com/go-playground/universal-translator v0.18.0/go.mod h1:UvRDBj+xPUEGrFYl github.com/go-playground/validator/v10 v10.2.0/go.mod h1:uOYAAleCW8F/7oMFd6aG0GOhaH6EGOAJShg8Id5JGkI= github.com/go-playground/validator/v10 v10.11.0 h1:0W+xRM511GY47Yy3bZUbJVitCNg2BOGlCyvTqsp/xIw= github.com/go-playground/validator/v10 v10.11.0/go.mod h1:i+3WkQ1FvaUjjxh1kSvIA4dMGDBiPU55YFDl0WbKdWU= +github.com/go-playground/validator/v10 v10.11.1/go.mod h1:i+3WkQ1FvaUjjxh1kSvIA4dMGDBiPU55YFDl0WbKdWU= github.com/go-redis/redis v6.15.9+incompatible/go.mod h1:NAIEuMOZ/fxfXJIrKDQDz8wamY7mA7PouImQ2Jvg6kA= github.com/go-sql-driver/mysql v1.4.0/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= github.com/go-sql-driver/mysql v1.4.1/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= @@ -1212,11 +1224,14 @@ github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47e github.com/klauspost/compress v1.15.7/go.mod h1:PhcZ0MbTNciWF3rruxRgKxI5NkcHHrHUDtV4Yw2GlzU= github.com/klauspost/compress v1.15.9/go.mod h1:PhcZ0MbTNciWF3rruxRgKxI5NkcHHrHUDtV4Yw2GlzU= github.com/klauspost/compress v1.15.11/go.mod h1:QPwzmACJjUTFsnSHH934V6woptycfrDDJnH7hvFVbGM= +github.com/klauspost/compress v1.15.12/go.mod h1:QPwzmACJjUTFsnSHH934V6woptycfrDDJnH7hvFVbGM= github.com/klauspost/compress v1.15.14 h1:i7WCKDToww0wA+9qrUZ1xOjp218vfFo3nTU6UHp+gOc= github.com/klauspost/compress v1.15.14/go.mod h1:QPwzmACJjUTFsnSHH934V6woptycfrDDJnH7hvFVbGM= +github.com/klauspost/compress v1.15.15/go.mod h1:ZcK2JAFqKOpnBlxcLsJzYfrS9X1akm9fHZNnD9+Vo/4= github.com/klauspost/cpuid v1.2.0/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek= github.com/klauspost/pgzip v1.2.5 h1:qnWYvvKqedOF2ulHpMG72XQol4ILEJ8k2wwRl/Km8oE= github.com/klauspost/pgzip v1.2.5/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs= +github.com/klauspost/pgzip v1.2.6-0.20220930104621-17e8dac29df8/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs= github.com/knqyf263/go-rpm-version v0.0.0-20220614171824-631e686d1075 h1:aC6MEAs3PE3lWD7lqrJfDxHd6hcced9R4JTZu85cJwU= github.com/knqyf263/go-rpm-version v0.0.0-20220614171824-631e686d1075/go.mod h1:i4sF0l1fFnY1aiw08QQSwVAFxHEm311Me3WsU/X7nL0= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= @@ -1324,6 +1339,7 @@ github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m github.com/mattn/go-runewidth v0.0.12/go.mod h1:RAqKPSqVFrSLVXbA8x7dzmKdmGzieGRCM46jaSJTDAk= github.com/mattn/go-runewidth v0.0.13 h1:lTGmDsbAYt5DmK6OnoV7EuIF1wEIFAcxld6ypU4OSgU= github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= +github.com/mattn/go-runewidth v0.0.14/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/mattn/go-shellwords v1.0.3/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= github.com/mattn/go-shellwords v1.0.6/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= github.com/mattn/go-shellwords v1.0.10/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lLtQsUlTZDWQ8Y= @@ -1629,6 +1645,7 @@ github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qq github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= +github.com/rivo/uniseg v0.4.3/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= github.com/rogpeppe/fastuuid v1.1.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= @@ -1695,6 +1712,8 @@ github.com/sigstore/cosign v1.13.1 h1:+5oF8jisEcDw2TuXxCADC1u5//HfdnJhGbpv9Isiwu github.com/sigstore/cosign v1.13.1/go.mod h1:PlfJODkovUOKsLrGI7Su57Ie/Eb/Ks7hRHw3tn5hQS4= github.com/sigstore/rekor v0.12.1-0.20220915152154-4bb6f441c1b2 h1:LD8LcwygdD2DxaINWwbkaUEBAknr205wmn66/N05s7c= github.com/sigstore/rekor v0.12.1-0.20220915152154-4bb6f441c1b2/go.mod h1:C/jZ3EZywl/Kew48fGMWQoh+1LxOMk0BkP3DHmtB+8M= +github.com/sigstore/rekor v1.0.1 h1:rcESXSNkAPRWFYZel9rarspdvneET60F2ngNkadi89c= +github.com/sigstore/rekor v1.0.1/go.mod h1:ecTKdZWGWqE1pl3U1m1JebQJLU/hSjD9vYHOmHQ7w4g= github.com/sigstore/sigstore v1.5.1 h1:iUou0QJW8eQKMUkTXbFyof9ZOblDtfaW2Sn2+QI8Tcs= github.com/sigstore/sigstore v1.5.1/go.mod h1:3i6UTWVNtFwOtbgG63FZZNID4vO9KcO8AszIJlaNI8k= github.com/sirupsen/logrus v1.0.4-0.20170822132746-89742aefa4b2/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= @@ -1787,12 +1806,10 @@ github.com/stackrox/oauth2 v0.0.0-20220531064142-8b312376cb4c h1:lpB76HIH2VEIOgr github.com/stackrox/oauth2 v0.0.0-20220531064142-8b312376cb4c/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= github.com/stackrox/pkcs7 v0.0.0-20220914154527-cfdb0aa47179 h1:5wzvROh+LGgeIeOpMuEpIkRIALDFU/ltFB8cY3916c4= github.com/stackrox/pkcs7 v0.0.0-20220914154527-cfdb0aa47179/go.mod h1:zwEXo3PEZZb6QQZBrBORMX0Hvnnwst3PduSaTQZMFYc= -github.com/stackrox/scanner v0.0.0-20230120022619-96107ead11f0 h1:zptoNaSOjU3NWs9CWM00qN3Vm2xNn48SDh3V9e0UDFw= -github.com/stackrox/scanner v0.0.0-20230120022619-96107ead11f0/go.mod h1:RwswIqA9mUk4ON9GPU9bTFBXzsQFQR8F85Yv/8W8vU0= -github.com/stackrox/scanner v0.0.0-20230123093733-a299911d6af0 h1:kxTaX5WGC3HRDdiUCYxxquLajf/Vfq0kQXBqsPOzMAI= -github.com/stackrox/scanner v0.0.0-20230123093733-a299911d6af0/go.mod h1:RwswIqA9mUk4ON9GPU9bTFBXzsQFQR8F85Yv/8W8vU0= github.com/stackrox/scanner v0.0.0-20230127075840-1c373325cab0 h1:sYRklnvpw92Juwh9hwd7MHQE2p6WIKCzJw69JSNIgxQ= github.com/stackrox/scanner v0.0.0-20230127075840-1c373325cab0/go.mod h1:RwswIqA9mUk4ON9GPU9bTFBXzsQFQR8F85Yv/8W8vU0= +github.com/stackrox/scanner v0.0.0-20230127183442-f5521e941607 h1:rT6VpbxOhzFl/3Cs0Ft0z1CzpTMf+8n7uiGCKz4xwA0= +github.com/stackrox/scanner v0.0.0-20230127183442-f5521e941607/go.mod h1:HsMXVRDwTodgI1vaUILXRPE5OQf0zg4iwWyDQyLEkQM= github.com/stackrox/tail v1.4.9-0.20210831224919-407035634f5d h1:jeM6QMtwE9BU0rfDYcmkI/aOChOUfIO18LDp/DSnZpI= github.com/stackrox/tail v1.4.9-0.20210831224919-407035634f5d/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= github.com/stackrox/yaml/v2 v2.4.1 h1:09ux+QFfvp+Lk73pwGlMTAHeZoS2pqs6CCngYaJ6EQo= @@ -1847,6 +1864,8 @@ github.com/tent/canonical-json-go v0.0.0-20130607151641-96e4ba3a7613/go.mod h1:g github.com/tetafro/godot v1.3.0/go.mod h1:/7NLHhv08H1+8DNj0MElpAACw1ajsCuf3TKNQxA5S+0= github.com/theupdateframework/go-tuf v0.5.2-0.20220930112810-3890c1e7ace4 h1:1i/Afw3rmaR1gF3sfVkG2X6ldkikQwA9zY380LrR5YI= github.com/theupdateframework/go-tuf v0.5.2-0.20220930112810-3890c1e7ace4/go.mod h1:vAqWV3zEs89byeFsAYoh/Q14vJTgJkHwnnRCWBBBINY= +github.com/theupdateframework/go-tuf v0.5.2-0.20221207161717-9cb61d6e65f5 h1:s+Yvt6bzRwHljSE7j6DLBDcfpZEdBhrvLgOUmd8f7ZM= +github.com/theupdateframework/go-tuf v0.5.2-0.20221207161717-9cb61d6e65f5/go.mod h1:Le8NAjvDJK1vmLgpVYr4AR1Tqam/b/mTdQyTy37UJDA= github.com/tidwall/gjson v1.14.1 h1:iymTbGkQBhveq21bEvAQ81I0LEBork8BFe1CUZXdyuo= github.com/tidwall/gjson v1.14.1/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk= github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA= @@ -2001,6 +2020,8 @@ go.mongodb.org/mongo-driver v1.7.5/go.mod h1:VXEWRZ6URJIkUq2SCAyapmhH0ZLRBP+FT4x go.mongodb.org/mongo-driver v1.8.3/go.mod h1:0sQWfOeY63QTntERDJJ/0SuKK0T1uVSgKCuAROlKEPY= go.mongodb.org/mongo-driver v1.10.0 h1:UtV6N5k14upNp4LTduX0QCufG124fSu25Wz9tu94GLg= go.mongodb.org/mongo-driver v1.10.0/go.mod h1:wsihk0Kdgv8Kqu1Anit4sfK+22vSFbUrAVEYRhCXrA8= +go.mongodb.org/mongo-driver v1.11.1 h1:QP0znIRTuL0jf1oBQoAoM0C6ZJfBK4kx0Uumtv1A7w8= +go.mongodb.org/mongo-driver v1.11.1/go.mod h1:s7p5vEtfbeR1gYi6pnj3c3/urpbLv2T5Sfd6Rp2HBB8= go.mozilla.org/pkcs7 v0.0.0-20200128120323-432b2356ecb1/go.mod h1:SNgMg+EgDFwmvSmLRTNKC5fegJjB7v23qTQ0XLGUNHk= go.opencensus.io v0.15.0/go.mod h1:UffZAU+4sDEINUGP/B7UfBBkq4fqLu9zXAX7ke6CHW0= go.opencensus.io v0.20.1/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk= @@ -2631,12 +2652,10 @@ google.golang.org/genproto v0.0.0-20210413151531-c14fb6ef47c3/go.mod h1:P3QM42oQ google.golang.org/genproto v0.0.0-20210510173355-fb37daa5cd7a/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A= google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= google.golang.org/genproto v0.0.0-20220107163113-42d7afdf6368/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20221227171554-f9683d7f8bef h1:uQ2vjV/sHTsWSqdKeLqmwitzgvjMl7o4IdtHwUDXSJY= -google.golang.org/genproto v0.0.0-20221227171554-f9683d7f8bef/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= -google.golang.org/genproto v0.0.0-20230119192704-9d59e20e5cd1 h1:wSjSSQW7LuPdv3m1IrSN33nVxH/kID6OIKy+FMwGB2k= -google.golang.org/genproto v0.0.0-20230119192704-9d59e20e5cd1/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= google.golang.org/genproto v0.0.0-20230123190316-2c411cf9d197 h1:BwjeHhu4HS48EZmu1nS7flldBIDPC3qn+HqaSQ1K4x8= google.golang.org/genproto v0.0.0-20230123190316-2c411cf9d197/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230127162408-596548ed4efa h1:GZXdWYIKckxQE2EcLHLvF+KLF+bIwoxGdMUxTZizueg= +google.golang.org/genproto v0.0.0-20230127162408-596548ed4efa/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= google.golang.org/grpc v0.0.0-20160317175043-d3ddb4469d5a/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.8.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= @@ -2671,6 +2690,8 @@ google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQ google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= google.golang.org/grpc v1.52.0 h1:kd48UiU7EHsV4rnLyOJRuP/Il/UHE7gdDAQ+SZI7nZk= google.golang.org/grpc v1.52.0/go.mod h1:pu6fVzoFb+NBYNAvQL08ic+lvB2IojljRYuun5vorUY= +google.golang.org/grpc v1.52.3 h1:pf7sOysg4LdgBqduXveGKrcEwbStiK2rtfghdzlUYDQ= +google.golang.org/grpc v1.52.3/go.mod h1:pu6fVzoFb+NBYNAvQL08ic+lvB2IojljRYuun5vorUY= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= google.golang.org/grpc/examples v0.0.0-20210902184326-c93e472777b9 h1:nuV5/Eu1pLmXFqSuM5yYgg1z+m3f7+HC1HO1xsmCz9I= google.golang.org/grpc/examples v0.0.0-20210902184326-c93e472777b9/go.mod h1:gID3PKrg7pWKntu9Ss6zTLJ0ttC0X9IHgREOCZwbCVU= From 31e6b7d55e0347d415e51f9dd7918bbf6bc116e6 Mon Sep 17 00:00:00 2001 From: Piotr Rygielski <114479+vikin91@users.noreply.github.com> Date: Mon, 30 Jan 2023 12:30:38 +0100 Subject: [PATCH 17/19] Run go mod tidy again --- go.sum | 58 ++++++++++------------------------------------------------ 1 file changed, 10 insertions(+), 48 deletions(-) diff --git a/go.sum b/go.sum index 2596678b1f618..3c72b963cd25a 100644 --- a/go.sum +++ b/go.sum @@ -28,8 +28,7 @@ cloud.google.com/go v0.75.0/go.mod h1:VGuuCn7PG0dwsd5XPVm2Mm3wlh3EL55/79EKB6hlPT cloud.google.com/go v0.78.0/go.mod h1:QjdrLG0uq+YwhjoVOLsS1t7TW8fs36kLs4XO5R5ECHg= cloud.google.com/go v0.79.0/go.mod h1:3bzgcEeQlzbuEAYu4mrWhKqWjmpprinYgKJLgKHnbb8= cloud.google.com/go v0.81.0/go.mod h1:mk/AM35KwGk/Nm2YSeZbxXdrNK3KZOYHmLkOqC2V6E0= -cloud.google.com/go v0.105.0 h1:DNtEKRBAAzeS4KyIory52wWHuClNaXJ5x1F7xa4q+5Y= -cloud.google.com/go v0.105.0/go.mod h1:PrLgOJNe5nfE9UMxKxgXj4mD3voiP+YQ6gdt6KMFOKM= +cloud.google.com/go v0.107.0 h1:qkj22L7bgkl6vIeZDlOY2po43Mx/TIa2Wsa7VR+PEww= cloud.google.com/go v0.107.0/go.mod h1:wpc2eNrD7hXUTy8EKS10jkxpZBjASrORK7goS+3YX2I= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= @@ -62,8 +61,7 @@ cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RX cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= cloud.google.com/go/storage v1.12.0/go.mod h1:fFLk2dp2oAhDz8QFKwqrjdJvxSp/W2g7nillojlL5Ho= cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3fOKtUw0Xmo= -cloud.google.com/go/storage v1.28.1 h1:F5QDG5ChchaAVQhINh24U99OWHURqrW8OmQcGKXcbgI= -cloud.google.com/go/storage v1.28.1/go.mod h1:Qnisd4CqDdo6BGs2AD5LLnEsmSQ80wQ5ogcBBKhU86Y= +cloud.google.com/go/storage v1.29.0 h1:6weCgzRvMg7lzuUurI4697AqIRPU1SvzHhynwpW31jI= cloud.google.com/go/storage v1.29.0/go.mod h1:4puEjyTKnku6gfKoTfNOU/W+a9JyuVNxjpS5GBrB8h4= code.gitea.io/sdk/gitea v0.11.3/go.mod h1:z3uwDV/b9Ls47NGukYM9XhnHtqPh/J+t40lsUrR6JDY= contrib.go.opencensus.io/exporter/aws v0.0.0-20181029163544-2befc13012d0/go.mod h1:uu1P0UCM/6RbsMrgPa98ll8ZcHM858i/AD06a9aLRCA= @@ -114,7 +112,6 @@ github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbt github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo= github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/BurntSushi/toml v1.2.0/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/BurntSushi/toml v1.2.1 h1:9F2/+DoOYIOksmaJFPw1tGFy1eDnIJXg+UHjuD8lTak= github.com/BurntSushi/toml v1.2.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= @@ -162,9 +159,6 @@ github.com/Microsoft/hcsshim v0.8.14/go.mod h1:NtVKoYxQuTLx6gEq0L96c9Ju4JbRJ4nY2 github.com/Microsoft/hcsshim v0.8.15/go.mod h1:x38A4YbHbdxJtc0sF6oIz+RG0npwSCAvn69iY6URG00= github.com/Microsoft/hcsshim v0.8.16/go.mod h1:o5/SZqmR7x9JNKsW3pu+nqHm0MF8vbA+VxGOoXdC600= github.com/Microsoft/hcsshim v0.8.21/go.mod h1:+w2gRZ5ReXQhFOrvSQeNfhrYB/dg3oDwTOcER2fw4I4= -github.com/Microsoft/hcsshim v0.9.4/go.mod h1:7pLA8lDk46WKDWlVsENo92gC0XFa8rbKfyFRBqxEbCc= -github.com/Microsoft/hcsshim v0.9.5 h1:AbV+VPfTrIVffukazHcpxmz/sRiE6YaMDzHWR9BXZHo= -github.com/Microsoft/hcsshim v0.9.5/go.mod h1:7pLA8lDk46WKDWlVsENo92gC0XFa8rbKfyFRBqxEbCc= github.com/Microsoft/hcsshim v0.9.6 h1:VwnDOgLeoi2du6dAznfmspNqTiwczvjv4K7NxuY9jsY= github.com/Microsoft/hcsshim v0.9.6/go.mod h1:7pLA8lDk46WKDWlVsENo92gC0XFa8rbKfyFRBqxEbCc= github.com/Microsoft/hcsshim/test v0.0.0-20201218223536-d3e5debf77da/go.mod h1:5hlzMzRKMLyo42nCZ9oml8AdTlq/0cvIaBv6tK1RehU= @@ -301,7 +295,6 @@ github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA github.com/census-instrumentation/opencensus-proto v0.3.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/certifi/gocertifi v0.0.0-20191021191039-0944d244cd40/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= github.com/certifi/gocertifi v0.0.0-20210507211836-431795d63e8d/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= -github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= @@ -407,9 +400,6 @@ github.com/containerd/nri v0.0.0-20201007170849-eb1350a75164/go.mod h1:+2wGSDGFY github.com/containerd/nri v0.0.0-20210316161719-dbaa18c31c14/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= github.com/containerd/nri v0.1.0/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= github.com/containerd/stargz-snapshotter/estargz v0.4.1/go.mod h1:x7Q9dg9QYb4+ELgxmo4gBUeJB0tl5dqH1Sdz0nJU1QM= -github.com/containerd/stargz-snapshotter/estargz v0.12.0/go.mod h1:AIQ59TewBFJ4GOPEQXujcrJ/EKxh5xXZegW1rkR1P/M= -github.com/containerd/stargz-snapshotter/estargz v0.12.1 h1:+7nYmHJb0tEkcRaAW+MHqoKaJYZmkikupxCqVtmPuY0= -github.com/containerd/stargz-snapshotter/estargz v0.12.1/go.mod h1:12VUuCq3qPq4y8yUW+l5w3+oXV3cx2Po3KSe/SmPGqw= github.com/containerd/stargz-snapshotter/estargz v0.13.0 h1:fD7AwuVV+B40p0d9qVkH/Au1qhp8hn/HWJHIYjpEcfw= github.com/containerd/stargz-snapshotter/estargz v0.13.0/go.mod h1:m+9VaGJGlhCnrcEUod8mYumTmRgblwd3rC5UCEh2Yp0= github.com/containerd/ttrpc v0.0.0-20190828154514-0e0f228740de/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= @@ -432,14 +422,12 @@ github.com/containernetworking/cni v0.8.0/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ github.com/containernetworking/cni v0.8.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= github.com/containernetworking/plugins v0.8.6/go.mod h1:qnw5mN19D8fIwkqW7oHHYDHVlzhJpcY6TQxn/fUyDDM= github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRDjeJr6FLK6vuiUwoH7P8= -github.com/containers/image/v5 v5.23.1 h1:dUK9p5xfd38iTQXJEgMsUGqIHXbkDugrleZtd3zB+Wg= -github.com/containers/image/v5 v5.23.1/go.mod h1:EXFFGEsL99S6aqLqK2mQJ3yrNh6Q05UCHt4mhF9JNoM= +github.com/containers/image/v5 v5.24.0 h1:2Pu8ztTntqNxteVN15bORCQnM8rfnbYuyKwUiiKUBuc= github.com/containers/image/v5 v5.24.0/go.mod h1:oss5F6ssGQz8ZtC79oY+fuzYA3m3zBek9tq9gmhuvHc= github.com/containers/ocicrypt v1.0.1/go.mod h1:MeJDzk1RJHv89LjsH0Sp5KTY3ZYkjXO/C+bKAeWFIrc= github.com/containers/ocicrypt v1.1.0/go.mod h1:b8AOe0YR67uU8OqfVNcznfFpAzu3rdgUV4GP9qXPfu4= github.com/containers/ocicrypt v1.1.1/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY= -github.com/containers/storage v1.43.0 h1:P+zulGXA3mqe2GnYmZU0xu87Wy1M0PVHM2ucrgmvTdU= -github.com/containers/storage v1.43.0/go.mod h1:uZ147thiIFGdVTjMmIw19knttQnUCl3y9zjreHrg11s= +github.com/containers/storage v1.45.3 h1:GbtTvTtp3GW2/tcFg5VhgHXcYMwVn2KfZKiHjf9FAOM= github.com/containers/storage v1.45.3/go.mod h1:OdRUYHrq1HP6iAo79VxqtYuJzC5j4eA2I60jKOoCT7g= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= @@ -478,8 +466,6 @@ github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ3 github.com/creack/pty v1.1.11/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY= github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= -github.com/cyberphone/json-canonicalization v0.0.0-20210823021906-dc406ceaf94b h1:lMzA7yYThpwx7iYNpTeiQnRH6h5JSfSYMJdz+pxZOW8= -github.com/cyberphone/json-canonicalization v0.0.0-20210823021906-dc406ceaf94b/go.mod h1:uzvlm1mxhHkdfqitSA92i7Se+S9ksOn3a3qmv/kyOCw= github.com/cyberphone/json-canonicalization v0.0.0-20220623050100-57a0ce2678a7 h1:vU+EP9ZuFUCYE0NYLwTSob+3LNEJATzNfP/DC7SWGWI= github.com/cyberphone/json-canonicalization v0.0.0-20220623050100-57a0ce2678a7/go.mod h1:uzvlm1mxhHkdfqitSA92i7Se+S9ksOn3a3qmv/kyOCw= github.com/cyphar/filepath-securejoin v0.2.2/go.mod h1:FpkQEhXnPnOthhzymB7CGsFk2G9VLXONKD9G7QGMM+4= @@ -522,8 +508,7 @@ github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4Kfc github.com/docker/distribution v2.8.1+incompatible h1:Q50tZOPR6T/hjNsyc9g8/syEs6bk8XXApsHjKukMl68= github.com/docker/distribution v2.8.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/docker v1.4.2-0.20190924003213-a8608b5b67c7/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= -github.com/docker/docker v20.10.21+incompatible h1:UTLdBmHk3bEY+w8qeO5KttOhy6OmXWsl/FEet9Uswog= -github.com/docker/docker v20.10.21+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker v20.10.23+incompatible h1:1ZQUUYAdh+oylOT85aA2ZcfRp22jmLhoaEcVEfK8dyA= github.com/docker/docker v20.10.23+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker-credential-helpers v0.6.3/go.mod h1:WRaJzqw3CTB9bk10avuGsjVBZsD05qeibJ1/TYlvc0Y= github.com/docker/docker-credential-helpers v0.7.0 h1:xtCHsjxogADNZcdv1pKUHXryefjlVRqWqIhk/uXJp0A= @@ -723,8 +708,7 @@ github.com/go-playground/universal-translator v0.17.0/go.mod h1:UkSxE5sNxxRwHyU+ github.com/go-playground/universal-translator v0.18.0 h1:82dyy6p4OuJq4/CByFNOn/jYrnRPArHwAcmLoJZxyho= github.com/go-playground/universal-translator v0.18.0/go.mod h1:UvRDBj+xPUEGrFYl+lu/H90nyDXpg0fqeB/AQUGNTVA= github.com/go-playground/validator/v10 v10.2.0/go.mod h1:uOYAAleCW8F/7oMFd6aG0GOhaH6EGOAJShg8Id5JGkI= -github.com/go-playground/validator/v10 v10.11.0 h1:0W+xRM511GY47Yy3bZUbJVitCNg2BOGlCyvTqsp/xIw= -github.com/go-playground/validator/v10 v10.11.0/go.mod h1:i+3WkQ1FvaUjjxh1kSvIA4dMGDBiPU55YFDl0WbKdWU= +github.com/go-playground/validator/v10 v10.11.1 h1:prmOlTVv+YjZjmRmNSF3VmspqJIxJWXmqUsHwfTRRkQ= github.com/go-playground/validator/v10 v10.11.1/go.mod h1:i+3WkQ1FvaUjjxh1kSvIA4dMGDBiPU55YFDl0WbKdWU= github.com/go-redis/redis v6.15.9+incompatible/go.mod h1:NAIEuMOZ/fxfXJIrKDQDz8wamY7mA7PouImQ2Jvg6kA= github.com/go-sql-driver/mysql v1.4.0/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= @@ -908,7 +892,6 @@ github.com/google/go-containerregistry v0.12.1/go.mod h1:sdIK+oHQO7B93xI8UweYdl8 github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+umXrS52loVEgC2AApnigrVQ= github.com/google/go-github/v28 v28.1.1/go.mod h1:bsqJWQX05omyWVmc00nEUql9mhQyv38lDZ8kPZcQVoM= github.com/google/go-github/v32 v32.1.0/go.mod h1:rIEpZD9CTDQwDK9GDrtMTycQNA4JU3qBsCizh3q2WCI= -github.com/google/go-intervals v0.0.2/go.mod h1:MkaR3LNRfeKLPmqgJYs4E66z5InYjmCjbbr4TQlcT6Y= github.com/google/go-licenses v0.0.0-20210329231322-ce1d9163b77d/go.mod h1:+TYOmkVoJOpwnS0wfdsJCV9CoD5nJYsHoFk/0CrTK4M= github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck= github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8= @@ -1221,16 +1204,12 @@ github.com/klauspost/compress v1.11.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYs github.com/klauspost/compress v1.11.4/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.11.13/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= -github.com/klauspost/compress v1.15.7/go.mod h1:PhcZ0MbTNciWF3rruxRgKxI5NkcHHrHUDtV4Yw2GlzU= -github.com/klauspost/compress v1.15.9/go.mod h1:PhcZ0MbTNciWF3rruxRgKxI5NkcHHrHUDtV4Yw2GlzU= -github.com/klauspost/compress v1.15.11/go.mod h1:QPwzmACJjUTFsnSHH934V6woptycfrDDJnH7hvFVbGM= github.com/klauspost/compress v1.15.12/go.mod h1:QPwzmACJjUTFsnSHH934V6woptycfrDDJnH7hvFVbGM= -github.com/klauspost/compress v1.15.14 h1:i7WCKDToww0wA+9qrUZ1xOjp218vfFo3nTU6UHp+gOc= -github.com/klauspost/compress v1.15.14/go.mod h1:QPwzmACJjUTFsnSHH934V6woptycfrDDJnH7hvFVbGM= +github.com/klauspost/compress v1.15.15 h1:EF27CXIuDsYJ6mmvtBRlEuB2UVOqHG1tAXgZ7yIO+lw= github.com/klauspost/compress v1.15.15/go.mod h1:ZcK2JAFqKOpnBlxcLsJzYfrS9X1akm9fHZNnD9+Vo/4= github.com/klauspost/cpuid v1.2.0/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek= -github.com/klauspost/pgzip v1.2.5 h1:qnWYvvKqedOF2ulHpMG72XQol4ILEJ8k2wwRl/Km8oE= github.com/klauspost/pgzip v1.2.5/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs= +github.com/klauspost/pgzip v1.2.6-0.20220930104621-17e8dac29df8 h1:BcxbplxjtczA1a6d3wYoa7a0WL3rq9DKBMGHeKyjEF0= github.com/klauspost/pgzip v1.2.6-0.20220930104621-17e8dac29df8/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs= github.com/knqyf263/go-rpm-version v0.0.0-20220614171824-631e686d1075 h1:aC6MEAs3PE3lWD7lqrJfDxHd6hcced9R4JTZu85cJwU= github.com/knqyf263/go-rpm-version v0.0.0-20220614171824-631e686d1075/go.mod h1:i4sF0l1fFnY1aiw08QQSwVAFxHEm311Me3WsU/X7nL0= @@ -1337,13 +1316,11 @@ github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzp github.com/mattn/go-runewidth v0.0.7/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= github.com/mattn/go-runewidth v0.0.12/go.mod h1:RAqKPSqVFrSLVXbA8x7dzmKdmGzieGRCM46jaSJTDAk= -github.com/mattn/go-runewidth v0.0.13 h1:lTGmDsbAYt5DmK6OnoV7EuIF1wEIFAcxld6ypU4OSgU= -github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= +github.com/mattn/go-runewidth v0.0.14 h1:+xnbZSEeDbOIg5/mE6JF0w6n9duR1l3/WmbinWVwUuU= github.com/mattn/go-runewidth v0.0.14/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/mattn/go-shellwords v1.0.3/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= github.com/mattn/go-shellwords v1.0.6/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= github.com/mattn/go-shellwords v1.0.10/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lLtQsUlTZDWQ8Y= -github.com/mattn/go-shellwords v1.0.12/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lLtQsUlTZDWQ8Y= github.com/mattn/go-sqlite3 v1.9.0/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc= github.com/mattn/go-sqlite3 v1.11.0/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc= github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= @@ -1364,7 +1341,6 @@ github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3N github.com/miekg/pkcs11 v1.0.2/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= github.com/miekg/pkcs11 v1.0.3/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible/go.mod h1:8AuVvqP/mXw1px98n46wfvcGfQ4ci2FwoAjKYxuo3Z4= -github.com/mistifyio/go-zfs/v3 v3.0.0/go.mod h1:CzVgeB0RvF2EGzQnytKVvVSDwmKJXxkOTUGbNrTja/k= github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= github.com/mitchellh/cli v1.1.2/go.mod h1:6iaV0fGdElS6dPBx0EApTxHrcWvmJphyh2n8YBLPPZ4= github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= @@ -1516,7 +1492,6 @@ github.com/opencontainers/runtime-tools v0.0.0-20181011054405-1d69bd0f9c39/go.mo github.com/opencontainers/selinux v1.6.0/go.mod h1:VVGKuOLlE7v4PJyT6h7mNWvq1rzqiriPsEqVhc+svHE= github.com/opencontainers/selinux v1.8.0/go.mod h1:RScLhm78qiWa2gbVCcGkC7tCGdgk3ogry1nUQF8Evvo= github.com/opencontainers/selinux v1.8.2/go.mod h1:MUIHuUEvKB1wtJjQdOyYRgOnLD2xAPP8dBsCoU0KuF8= -github.com/opencontainers/selinux v1.10.1/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI= github.com/opencontainers/selinux v1.10.2 h1:NFy2xCsjn7+WspbfZkUd5zyVeisV7VFbPSP96+8/ha4= github.com/openshift/api v0.0.0-20200623075207-eb651a5bb0ad/go.mod h1:l6TGeqJ92DrZBuWMNKcot1iZUHfbYSJyBWHGgg6Dn6s= github.com/openshift/api v3.9.1-0.20191201231411-9f834e337466+incompatible h1:QuymwFhW85sgklix1dTn58zOYqBXWHVlZOFQVIVsMi0= @@ -1643,8 +1618,8 @@ github.com/qur/ar v0.0.0-20130629153254-282534b91770/go.mod h1:SjlYv2m9lpV0UW6K7 github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo= github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= -github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= +github.com/rivo/uniseg v0.4.3 h1:utMvzDsuh3suAEnhH0RdHmoPbU648o6CvXxTx4SBMOw= github.com/rivo/uniseg v0.4.3/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= github.com/rogpeppe/fastuuid v1.1.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= @@ -1710,8 +1685,6 @@ github.com/shurcooL/go-goon v0.0.0-20170922171312-37c2f522c041/go.mod h1:N5mDOms github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= github.com/sigstore/cosign v1.13.1 h1:+5oF8jisEcDw2TuXxCADC1u5//HfdnJhGbpv9Isiwu4= github.com/sigstore/cosign v1.13.1/go.mod h1:PlfJODkovUOKsLrGI7Su57Ie/Eb/Ks7hRHw3tn5hQS4= -github.com/sigstore/rekor v0.12.1-0.20220915152154-4bb6f441c1b2 h1:LD8LcwygdD2DxaINWwbkaUEBAknr205wmn66/N05s7c= -github.com/sigstore/rekor v0.12.1-0.20220915152154-4bb6f441c1b2/go.mod h1:C/jZ3EZywl/Kew48fGMWQoh+1LxOMk0BkP3DHmtB+8M= github.com/sigstore/rekor v1.0.1 h1:rcESXSNkAPRWFYZel9rarspdvneET60F2ngNkadi89c= github.com/sigstore/rekor v1.0.1/go.mod h1:ecTKdZWGWqE1pl3U1m1JebQJLU/hSjD9vYHOmHQ7w4g= github.com/sigstore/sigstore v1.5.1 h1:iUou0QJW8eQKMUkTXbFyof9ZOblDtfaW2Sn2+QI8Tcs= @@ -1806,8 +1779,6 @@ github.com/stackrox/oauth2 v0.0.0-20220531064142-8b312376cb4c h1:lpB76HIH2VEIOgr github.com/stackrox/oauth2 v0.0.0-20220531064142-8b312376cb4c/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= github.com/stackrox/pkcs7 v0.0.0-20220914154527-cfdb0aa47179 h1:5wzvROh+LGgeIeOpMuEpIkRIALDFU/ltFB8cY3916c4= github.com/stackrox/pkcs7 v0.0.0-20220914154527-cfdb0aa47179/go.mod h1:zwEXo3PEZZb6QQZBrBORMX0Hvnnwst3PduSaTQZMFYc= -github.com/stackrox/scanner v0.0.0-20230127075840-1c373325cab0 h1:sYRklnvpw92Juwh9hwd7MHQE2p6WIKCzJw69JSNIgxQ= -github.com/stackrox/scanner v0.0.0-20230127075840-1c373325cab0/go.mod h1:RwswIqA9mUk4ON9GPU9bTFBXzsQFQR8F85Yv/8W8vU0= github.com/stackrox/scanner v0.0.0-20230127183442-f5521e941607 h1:rT6VpbxOhzFl/3Cs0Ft0z1CzpTMf+8n7uiGCKz4xwA0= github.com/stackrox/scanner v0.0.0-20230127183442-f5521e941607/go.mod h1:HsMXVRDwTodgI1vaUILXRPE5OQf0zg4iwWyDQyLEkQM= github.com/stackrox/tail v1.4.9-0.20210831224919-407035634f5d h1:jeM6QMtwE9BU0rfDYcmkI/aOChOUfIO18LDp/DSnZpI= @@ -1856,14 +1827,11 @@ github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG github.com/syndtr/goleveldb v1.0.1-0.20220721030215-126854af5e6d h1:vfofYNRScrDdvS342BElfbETmL1Aiz3i2t0zfRj16Hs= github.com/syndtr/goleveldb v1.0.1-0.20220721030215-126854af5e6d/go.mod h1:RRCYJbIwD5jmqPI9XoAFR0OcDxqUctll6zUj/+B4S48= github.com/tchap/go-patricia v2.2.6+incompatible/go.mod h1:bmLyhP68RS6kStMGxByiQ23RP/odRBOTVjwp2cDyi6I= -github.com/tchap/go-patricia v2.3.0+incompatible/go.mod h1:bmLyhP68RS6kStMGxByiQ23RP/odRBOTVjwp2cDyi6I= github.com/tdakkota/asciicheck v0.0.0-20200416190851-d7f85be797a2/go.mod h1:yHp0ai0Z9gUljN3o0xMhYJnH/IcvkdTBOX2fmJ93JEM= github.com/tebeka/snowball v0.4.2/go.mod h1:4IfL14h1lvwZcp1sfXuuc7/7yCsvVffTWxWxCLfFpYg= github.com/tent/canonical-json-go v0.0.0-20130607151641-96e4ba3a7613 h1:iGnD/q9160NWqKZZ5vY4p0dMiYMRknzctfSkqA4nBDw= github.com/tent/canonical-json-go v0.0.0-20130607151641-96e4ba3a7613/go.mod h1:g6AnIpDSYMcphz193otpSIzN+11Rs+AAIIC6rm1enug= github.com/tetafro/godot v1.3.0/go.mod h1:/7NLHhv08H1+8DNj0MElpAACw1ajsCuf3TKNQxA5S+0= -github.com/theupdateframework/go-tuf v0.5.2-0.20220930112810-3890c1e7ace4 h1:1i/Afw3rmaR1gF3sfVkG2X6ldkikQwA9zY380LrR5YI= -github.com/theupdateframework/go-tuf v0.5.2-0.20220930112810-3890c1e7ace4/go.mod h1:vAqWV3zEs89byeFsAYoh/Q14vJTgJkHwnnRCWBBBINY= github.com/theupdateframework/go-tuf v0.5.2-0.20221207161717-9cb61d6e65f5 h1:s+Yvt6bzRwHljSE7j6DLBDcfpZEdBhrvLgOUmd8f7ZM= github.com/theupdateframework/go-tuf v0.5.2-0.20221207161717-9cb61d6e65f5/go.mod h1:Le8NAjvDJK1vmLgpVYr4AR1Tqam/b/mTdQyTy37UJDA= github.com/tidwall/gjson v1.14.1 h1:iymTbGkQBhveq21bEvAQ81I0LEBork8BFe1CUZXdyuo= @@ -1905,7 +1873,6 @@ github.com/ulikunitz/xz v0.5.6/go.mod h1:2bypXElzHzzJZwzH67Y6wb67pO62Rzfn7BSiF4A github.com/ulikunitz/xz v0.5.7/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= github.com/ulikunitz/xz v0.5.8/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= github.com/ulikunitz/xz v0.5.9/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= -github.com/ulikunitz/xz v0.5.10/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= github.com/ulikunitz/xz v0.5.11 h1:kpFauv27b6ynzBNT/Xy+1k+fK4WswhN/6PN5WhFAGw8= github.com/ulikunitz/xz v0.5.11/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= github.com/ultraware/funlen v0.0.3/go.mod h1:Dp4UiAus7Wdb9KUZsYWZEWiRzGuM2kXM1lPbfaF6xhA= @@ -2018,7 +1985,6 @@ go.etcd.io/etcd/v3 v3.5.0-alpha.0/go.mod h1:JZ79d3LV6NUfPjUxXrpiFAYcjhT+06qqw+i2 go.mongodb.org/mongo-driver v1.7.3/go.mod h1:NqaYOwnXWr5Pm7AOpO5QFxKJ503nbMse/R79oO62zWg= go.mongodb.org/mongo-driver v1.7.5/go.mod h1:VXEWRZ6URJIkUq2SCAyapmhH0ZLRBP+FT4xhp5Zvxng= go.mongodb.org/mongo-driver v1.8.3/go.mod h1:0sQWfOeY63QTntERDJJ/0SuKK0T1uVSgKCuAROlKEPY= -go.mongodb.org/mongo-driver v1.10.0 h1:UtV6N5k14upNp4LTduX0QCufG124fSu25Wz9tu94GLg= go.mongodb.org/mongo-driver v1.10.0/go.mod h1:wsihk0Kdgv8Kqu1Anit4sfK+22vSFbUrAVEYRhCXrA8= go.mongodb.org/mongo-driver v1.11.1 h1:QP0znIRTuL0jf1oBQoAoM0C6ZJfBK4kx0Uumtv1A7w8= go.mongodb.org/mongo-driver v1.11.1/go.mod h1:s7p5vEtfbeR1gYi6pnj3c3/urpbLv2T5Sfd6Rp2HBB8= @@ -2652,8 +2618,6 @@ google.golang.org/genproto v0.0.0-20210413151531-c14fb6ef47c3/go.mod h1:P3QM42oQ google.golang.org/genproto v0.0.0-20210510173355-fb37daa5cd7a/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A= google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= google.golang.org/genproto v0.0.0-20220107163113-42d7afdf6368/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20230123190316-2c411cf9d197 h1:BwjeHhu4HS48EZmu1nS7flldBIDPC3qn+HqaSQ1K4x8= -google.golang.org/genproto v0.0.0-20230123190316-2c411cf9d197/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= google.golang.org/genproto v0.0.0-20230127162408-596548ed4efa h1:GZXdWYIKckxQE2EcLHLvF+KLF+bIwoxGdMUxTZizueg= google.golang.org/genproto v0.0.0-20230127162408-596548ed4efa/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= google.golang.org/grpc v0.0.0-20160317175043-d3ddb4469d5a/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= @@ -2688,8 +2652,6 @@ google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAG google.golang.org/grpc v1.37.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= -google.golang.org/grpc v1.52.0 h1:kd48UiU7EHsV4rnLyOJRuP/Il/UHE7gdDAQ+SZI7nZk= -google.golang.org/grpc v1.52.0/go.mod h1:pu6fVzoFb+NBYNAvQL08ic+lvB2IojljRYuun5vorUY= google.golang.org/grpc v1.52.3 h1:pf7sOysg4LdgBqduXveGKrcEwbStiK2rtfghdzlUYDQ= google.golang.org/grpc v1.52.3/go.mod h1:pu6fVzoFb+NBYNAvQL08ic+lvB2IojljRYuun5vorUY= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= From 4e202154ed8220e8204a02f889ff0e93382203ad Mon Sep 17 00:00:00 2001 From: Piotr Rygielski <114479+vikin91@users.noreply.github.com> Date: Wed, 1 Feb 2023 08:07:25 +0100 Subject: [PATCH 18/19] Minor: Correct log message --- central/sensor/service/pipeline/nodeinventory/pipeline.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/central/sensor/service/pipeline/nodeinventory/pipeline.go b/central/sensor/service/pipeline/nodeinventory/pipeline.go index 7ff50cde89f73..e431e73750da4 100644 --- a/central/sensor/service/pipeline/nodeinventory/pipeline.go +++ b/central/sensor/service/pipeline/nodeinventory/pipeline.go @@ -67,7 +67,7 @@ func (p *pipelineImpl) Run(ctx context.Context, clusterID string, msg *central.M len(ninv.GetComponents().GetRhelComponents()), len(ninv.GetComponents().GetRhelContentSets())) if event.GetAction() == central.ResourceAction_REMOVE_RESOURCE { - log.Warn("Deletion of NodeInventories is not supported", ninv.GetNodeId()) + log.Warn("Deletion of NodeInventories is not supported") return nil } From 1684b59a61dd7d0dd6d6bade3d1ab118437a6a6d Mon Sep 17 00:00:00 2001 From: Piotr Rygielski <114479+vikin91@users.noreply.github.com> Date: Wed, 1 Feb 2023 15:07:15 +0100 Subject: [PATCH 19/19] Take scanner deps from master --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index 1c799f55f724f..f3aa6e40149ed 100644 --- a/go.mod +++ b/go.mod @@ -86,7 +86,7 @@ require ( github.com/stackrox/external-network-pusher v0.0.0-20210419192707-074af92bbfa7 github.com/stackrox/helmtest v0.0.0-20220930104945-c4a3c15e834a github.com/stackrox/k8s-istio-cve-pusher v0.0.0-20210422200002-d89f671ac4f5 - github.com/stackrox/scanner v0.0.0-20230127183442-f5521e941607 + github.com/stackrox/scanner v0.0.0-20230131200500-e3d8a27d67b7 github.com/stretchr/testify v1.8.1 github.com/tecbot/gorocksdb v0.0.0-20191217155057-f0fad39f321c github.com/tidwall/gjson v1.14.1 @@ -107,7 +107,7 @@ require ( golang.org/x/tools v0.5.0 golang.stackrox.io/grpc-http1 v0.2.6 google.golang.org/api v0.107.0 - google.golang.org/genproto v0.0.0-20230127162408-596548ed4efa + google.golang.org/genproto v0.0.0-20230131230820-1c016267d619 google.golang.org/grpc v1.52.3 google.golang.org/grpc/examples v0.0.0-20210902184326-c93e472777b9 gopkg.in/robfig/cron.v2 v2.0.0-20150107220207-be2e0b0deed5 diff --git a/go.sum b/go.sum index 3c72b963cd25a..e08577939f3f4 100644 --- a/go.sum +++ b/go.sum @@ -1779,8 +1779,8 @@ github.com/stackrox/oauth2 v0.0.0-20220531064142-8b312376cb4c h1:lpB76HIH2VEIOgr github.com/stackrox/oauth2 v0.0.0-20220531064142-8b312376cb4c/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= github.com/stackrox/pkcs7 v0.0.0-20220914154527-cfdb0aa47179 h1:5wzvROh+LGgeIeOpMuEpIkRIALDFU/ltFB8cY3916c4= github.com/stackrox/pkcs7 v0.0.0-20220914154527-cfdb0aa47179/go.mod h1:zwEXo3PEZZb6QQZBrBORMX0Hvnnwst3PduSaTQZMFYc= -github.com/stackrox/scanner v0.0.0-20230127183442-f5521e941607 h1:rT6VpbxOhzFl/3Cs0Ft0z1CzpTMf+8n7uiGCKz4xwA0= -github.com/stackrox/scanner v0.0.0-20230127183442-f5521e941607/go.mod h1:HsMXVRDwTodgI1vaUILXRPE5OQf0zg4iwWyDQyLEkQM= +github.com/stackrox/scanner v0.0.0-20230131200500-e3d8a27d67b7 h1:WCWMO53m+X0hrGlL93Haz9S5USNN0XbLsaVzzkwA9YE= +github.com/stackrox/scanner v0.0.0-20230131200500-e3d8a27d67b7/go.mod h1:HsMXVRDwTodgI1vaUILXRPE5OQf0zg4iwWyDQyLEkQM= github.com/stackrox/tail v1.4.9-0.20210831224919-407035634f5d h1:jeM6QMtwE9BU0rfDYcmkI/aOChOUfIO18LDp/DSnZpI= github.com/stackrox/tail v1.4.9-0.20210831224919-407035634f5d/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= github.com/stackrox/yaml/v2 v2.4.1 h1:09ux+QFfvp+Lk73pwGlMTAHeZoS2pqs6CCngYaJ6EQo= @@ -2618,8 +2618,8 @@ google.golang.org/genproto v0.0.0-20210413151531-c14fb6ef47c3/go.mod h1:P3QM42oQ google.golang.org/genproto v0.0.0-20210510173355-fb37daa5cd7a/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A= google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= google.golang.org/genproto v0.0.0-20220107163113-42d7afdf6368/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20230127162408-596548ed4efa h1:GZXdWYIKckxQE2EcLHLvF+KLF+bIwoxGdMUxTZizueg= -google.golang.org/genproto v0.0.0-20230127162408-596548ed4efa/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230131230820-1c016267d619 h1:p0kMzw6AG0JEzd7Z+kXqOiLhC6gjUQTbtS2zR0Q3DbI= +google.golang.org/genproto v0.0.0-20230131230820-1c016267d619/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= google.golang.org/grpc v0.0.0-20160317175043-d3ddb4469d5a/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.8.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs=