diff --git a/.circleci/config.yml b/.circleci/config.yml deleted file mode 100644 index 64df0dd..0000000 --- a/.circleci/config.yml +++ /dev/null @@ -1,269 +0,0 @@ -alias: - default: &default - docker: - - image: cimg/go:1.19.3 - environment: - GO111MODULE: "on" - REPO_NAME: "yahoojapan" - DOCKERHUB_REPO_NAME: "yahoojapan" - IMAGE_NAME: "authorization-proxy" - GITHUB_API: "https://api.github.com/" - DOCKER_USER: "tatyano" - setup_remote_docker: &setup_remote_docker - version: 20.10.18 - -version: 2 -jobs: - test: - <<: *default - steps: - - checkout - - restore_cache: - key: gosum-{{ .Branch }}-{{ checksum "go.sum" }} - - run: - name: preparation - command: | - go mod vendor - - run: - name: run tests - command: | - rm -rf example - go test -v -race -covermode=atomic -coverprofile=coverage.out ./... - go tool cover -html=coverage.out -o coverage.html - # bash <(curl -s https://codecov.io/bash) - - store_artifacts: - path: ./coverage.html - - save_cache: - key: gosum-{{ .Branch }}-{{ checksum "go.sum" }} - paths: - - ./vendor - build: - <<: *default - steps: - - setup_remote_docker: *setup_remote_docker - - attach_workspace: - at: . - - checkout - - run: - name: check docker version - command: | - docker version - - run: - name: docker image build - command: | - if [ ! -z "$CIRCLE_TAG" ]; then - echo '$CIRCLE_TAG exists, use: '"$CIRCLE_TAG" - TAG="$CIRCLE_TAG" - elif [ -f ./.tag ]; then - TAG=`cat ./.tag` - fi - if [ ! -z "$TAG" ]; then - docker build --build-arg APP_VERSION=${TAG} -t ${DOCKERHUB_REPO_NAME}/${IMAGE_NAME}:latest . - else - # env DOCKER_BUILDKIT=1 docker build -t ${DOCKERHUB_REPO_NAME}/${IMAGE_NAME}:latest . - docker build -t ${DOCKERHUB_REPO_NAME}/${IMAGE_NAME}:latest . - fi - - run: - name: check build version - command: | - docker run --rm --name ${IMAGE_NAME} ${DOCKERHUB_REPO_NAME}/${IMAGE_NAME}:latest --version - - run: - name: save image - command: | - docker image save ${DOCKERHUB_REPO_NAME}/${IMAGE_NAME}:latest > ./docker-image.tar - - persist_to_workspace: - root: . - paths: - - . - publish_nightly: - <<: *default - steps: - - setup_remote_docker: *setup_remote_docker - - attach_workspace: - at: . - - run: - name: load image from tar - command: | - docker load -i ./docker-image.tar - - run: - name: tag to latest - command: | - docker tag ${DOCKERHUB_REPO_NAME}/${IMAGE_NAME}:latest ${DOCKERHUB_REPO_NAME}/${IMAGE_NAME}:nightly - - run: - name: docker login - command: | - docker login -u ${DOCKER_USER} -p ${DOCKER_PASS} - - run: - name: push image to registry - command: | - docker push ${DOCKERHUB_REPO_NAME}/${IMAGE_NAME}:nightly - publish: - <<: *default - steps: - - setup_remote_docker: *setup_remote_docker - - attach_workspace: - at: . - - run: - name: load image from tar - command: | - docker load -i ./docker-image.tar - - run: - name: tag to latest - command: | - docker tag ${DOCKERHUB_REPO_NAME}/${IMAGE_NAME}:latest ${DOCKERHUB_REPO_NAME}/${IMAGE_NAME}:$CIRCLE_TAG - - run: - name: docker login - command: | - docker login -u ${DOCKER_USER} -p ${DOCKER_PASS} - - run: - name: push image to registry - command: | - docker push ${DOCKERHUB_REPO_NAME}/${IMAGE_NAME} - versioning: - <<: *default - steps: - - checkout - - run: - name: check - command: | - mkdir -p "$HOME/.ssh/" && echo -e 'Host github.com\n\tStrictHostKeyChecking no\n' > ~/.ssh/config - LAST_COMMIT="$(git log -1 --pretty=%B)" - if [ -n "$CIRCLE_PULL_REQUEST" ]; then - # If PR, use PR title instead of last commit msg - PR_NUM="${CIRCLE_PULL_REQUEST##*/}" - LAST_COMMIT="$(curl -s "${GITHUB_API}repos/${REPO_NAME}/${IMAGE_NAME}/pulls/${PR_NUM}" | jq -r .title)" - fi - printf 'LAST_COMMIT: %s\n' "${LAST_COMMIT}" - touch ./.tag - VERSION="$(git tag -l --sort=-creatordate 'v*' | head -n 1)" - # Diff to prevent pipeline re-runs. - if [ -n "$(git diff "$VERSION")" ]; then - VERSION=${VERSION:-'v0.0.0'} - MAJOR="${VERSION%%.*}"; MAJOR="${MAJOR#v}"; VERSION="${VERSION#*.}" - MINOR="${VERSION%%.*}"; VERSION="${VERSION#*.}" - PATCH="${VERSION%%.*}"; VERSION="${VERSION#*.}" - - case "$LAST_COMMIT" in - '[patch]'* | '[PATCH]'*) - PATCH=$((PATCH+1)) - echo "v$MAJOR.$MINOR.$PATCH" > ./.tag - ;; - '[minor]'* | '[MINOR]'*) - MINOR=$((MINOR+1)) - echo "v$MAJOR.$MINOR.0" > ./.tag - ;; - '[major]'* | '[MAJOR]'*) - MAJOR=$((MAJOR+1)) - echo "v$MAJOR.0.0" > ./.tag - ;; - # Don't release (nightly images only) - '[skip]'* | '[SKIP]'*) - echo "Skip release..." - ;; - # Don't want to run CI. - '[skip ci]'* | '[ci skip]'*) - echo "Will skip CI..." - ;; - *) - echo "Required prefixes: [major]/[minor]/[patch]/[skip]/[skip ci]" - exit 1 - ;; - esac - else - if [ -n "$VERSION" ]; then - echo "No diff, skip tagging..." - else - echo "No diff, No tag. Tag it as \"v0.0.0\"." - echo "v0.0.0" > ./.tag - fi - fi - - run: - name: echo version - command: | - TAG_FILE='./.tag' \ - && if [[ -s ${TAG_FILE} ]]; then echo "TAG: `cat "${TAG_FILE}"`"; else echo "TAG: (${TAG_FILE} is empty)"; fi - - persist_to_workspace: - root: . - paths: - - . - push: - <<: *default - steps: - - attach_workspace: - at: . - - run: - name: push tag and check PR body - command: | - mkdir -p $HOME/.ssh/ && echo -e "Host github.com\n\tStrictHostKeyChecking no\n" > ~/.ssh/config - TAG=`cat ./.tag` - if [ ! -z "$TAG" ]; then - echo $TAG - git tag $TAG - git push https://${GITHUB_ACCESS_TOKEN}:x-oauth-basic@github.com/${REPO_NAME}/${IMAGE_NAME} --tags - fi - - persist_to_workspace: - root: . - paths: - - . - gh_release: - <<: *default - steps: - - attach_workspace: - at: . - - run: - name: release - command: | - mkdir -p $HOME/.ssh/ && echo -e "Host github.com\n\tStrictHostKeyChecking no\n" > ~/.ssh/config - TAG=`cat ./.tag` - if [ ! -z "$TAG" ]; then - echo "Create release: ${TAG}" - curl -H "Authorization: token ${GITHUB_ACCESS_TOKEN}" \ - -X POST \ - -d "{\"tag_name\": \"${TAG}\"}" \ - ${GITHUB_API}repos/${REPO_NAME}/${IMAGE_NAME}/releases - fi - -workflows: - version: 2 - build: - jobs: - - test - - versioning - - build: - requires: - - versioning - - publish_nightly: - requires: - - test - - build - filters: - branches: - only: - - master - - push: - filters: - branches: - only: - - master - requires: - - test - - versioning - - gh_release: - requires: - - push - release: - jobs: - - build: - filters: - branches: - ignore: /.*/ - tags: - only: /v[0-9]+\.[0-9]+\.[0-9]+/ - - publish: - requires: - - build - filters: - branches: - ignore: /.*/ - tags: - only: /v[0-9]+\.[0-9]+\.[0-9]+/ diff --git a/.github/workflows/docker-build-publish.yaml b/.github/workflows/docker-build-publish.yaml index 7eb5ccd..e038f10 100644 --- a/.github/workflows/docker-build-publish.yaml +++ b/.github/workflows/docker-build-publish.yaml @@ -130,6 +130,7 @@ jobs: # The Github action runs CIS Dockerfile benchmark against dockerfiles in repository (CIS 4.1, 4.2, 4.3, 4.6, 4.7, 4.9, 4.10) # https://github.com/sysdiglabs/benchmark-dockerfile + # TODO: Skipping CIS 4.1 check until https://github.com/yahoojapan/authorization-proxy/pull/95 is fixed. - name: Post Sysdig Benchmark Dockerfile id: postsysdig @@ -137,7 +138,7 @@ jobs: echo ${{ toJSON(steps.sysdig.outputs.violation_report) }} | \ jq -r . echo ${{ toJSON(steps.sysdig.outputs.violation_report) }} | \ - jq -r .cis_docker_benchmark_violation_report[].violations[] | \ + jq -r '.cis_docker_benchmark_violation_report[] | select(.rule!="CIS 4.1 Create a user for the container") | .violations[]' | \ wc -l | \ xargs -I% test 0 -eq % diff --git a/config/config.go b/config/config.go index 945e927..0e54b81 100755 --- a/config/config.go +++ b/config/config.go @@ -21,8 +21,8 @@ import ( "strings" "time" + authorizerd "github.com/AthenZ/athenz-authorizer/v5" "github.com/pkg/errors" - authorizerd "github.com/yahoojapan/athenz-authorizer/v5" yaml "gopkg.in/yaml.v2" ) diff --git a/config/config_test.go b/config/config_test.go index e042965..38840d1 100644 --- a/config/config_test.go +++ b/config/config_test.go @@ -23,8 +23,8 @@ import ( "testing" "time" + authorizerd "github.com/AthenZ/athenz-authorizer/v5" "github.com/kpango/glg" - authorizerd "github.com/yahoojapan/athenz-authorizer/v5" ) func TestNew(t *testing.T) { diff --git a/docs/grpc-design-brief.md b/docs/grpc-design-brief.md index 0766bac..9605ef8 100644 --- a/docs/grpc-design-brief.md +++ b/docs/grpc-design-brief.md @@ -19,7 +19,7 @@ When the user uses the legacy provider sidecar configuration file with the new v File changes: -https://github.com/yahoojapan/authorization-proxy/pull/83/files +https://github.com/AthenZ/authorization-proxy/commit/79614ab05d4becffb48e1ed89f493a13b1f8791e We have updated/changed the implementation in the following layers: @@ -31,7 +31,7 @@ We have updated/changed the implementation in the following layers: In this layer, we create gRPC handler and pass it to service layer. -[Reference](https://github.com/yahoojapan/authorization-proxy/blob/1e14186eb1dd959e246a18be98c92d40a677a56e/usecase/authz_proxyd.go#L71-L84) +[Reference](https://github.com/AthenZ/authorization-proxy/blob/1e14186eb1dd959e246a18be98c92d40a677a56e/usecase/authz_proxyd.go#L71-L84) #### Service layer @@ -43,11 +43,11 @@ In this layer, we implemented gRPC reverse proxy handler. When the value of the configuration `proxy.scheme` is set to `grpc`, the gRPC handler will be created, and the server will start with gRPC mode. -[Reference](https://github.com/yahoojapan/authorization-proxy/blob/1e14186eb1dd959e246a18be98c92d40a677a56e/config/config.go#L133) +[Reference](https://github.com/AthenZ/authorization-proxy/blob/1e14186eb1dd959e246a18be98c92d40a677a56e/config/config.go#L133) If it is not `grpc`, nil will be returned, and the service layer will start with HTTP mode. -[Reference](https://github.com/yahoojapan/authorization-proxy/blob/1e14186eb1dd959e246a18be98c92d40a677a56e/handler/grpc.go) +[Reference](https://github.com/AthenZ/authorization-proxy/blob/1e14186eb1dd959e246a18be98c92d40a677a56e/handler/grpc.go) It retrieves the role token from the gRPC metadata, and authorize it using the athenz-authorizer. @@ -143,7 +143,7 @@ Due to the limitation of gRPC, each RPC endpoint support only 1 resource, a sepa For the reasons above, currently Vald team decided to hardcode `grpc` in the action field and use the when performing authentication and authorization check. -[Reference](https://github.com/yahoojapan/authorization-proxy/blob/1e14186eb1dd959e246a18be98c92d40a677a56e/handler/grpc.go#L67) +[Reference](https://github.com/AthenZ/authorization-proxy/blob/1e14186eb1dd959e246a18be98c92d40a677a56e/handler/grpc.go#L67) #### Policy Resources diff --git a/go.mod b/go.mod index 5f3c235..9e50e67 100644 --- a/go.mod +++ b/go.mod @@ -1,17 +1,17 @@ -module github.com/yahoojapan/authorization-proxy/v4 +module github.com/AthenZ/authorization-proxy/v4 go 1.19 replace ( cloud.google.com/go => cloud.google.com/go v0.106.0 + github.com/AthenZ/athenz-authorizer/v5 => github.com/AthenZ/athenz-authorizer/v5 v5.5.1 github.com/golang/mock => github.com/golang/mock v1.6.0 github.com/golang/protobuf => github.com/golang/protobuf v1.5.2 github.com/google/go-cmp => github.com/google/go-cmp v0.5.9 github.com/google/pprof => github.com/google/pprof v0.0.0-20221112000123-84eb7ad69597 github.com/mwitkow/grpc-proxy => github.com/mwitkow/grpc-proxy v0.0.0-20181017164139-0f1106ef9c76 - github.com/yahoojapan/athenz-authorizer/v5 => github.com/yahoojapan/athenz-authorizer/v5 v5.5.0 golang.org/x/crypto => golang.org/x/crypto v0.2.0 - golang.org/x/exp => golang.org/x/exp v0.0.0-20221111204811-129d8d6c17ab + golang.org/x/exp => golang.org/x/exp v0.0.0-20221114191408-850992195362 golang.org/x/image => golang.org/x/image v0.1.0 golang.org/x/lint => golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 golang.org/x/mobile => golang.org/x/mobile v0.0.0-20221110043201-43a038452099 @@ -27,17 +27,16 @@ replace ( golang.org/x/xerrors => golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 google.golang.org/api => google.golang.org/api v0.103.0 google.golang.org/appengine => google.golang.org/appengine v1.6.7 - google.golang.org/genproto => google.golang.org/genproto v0.0.0-20221111202108-142d8a6fa32e + google.golang.org/genproto => google.golang.org/genproto v0.0.0-20221114212237-e4508ebdbee1 google.golang.org/grpc => google.golang.org/grpc v1.50.1 google.golang.org/protobuf => google.golang.org/protobuf v1.28.1 ) require ( - github.com/AthenZ/authorization-proxy/v4 v4.0.0-20221003060027-b5b2a7eb564f + github.com/AthenZ/athenz-authorizer/v5 v5.0.0-00010101000000-000000000000 github.com/kpango/glg v1.6.13 github.com/mwitkow/grpc-proxy v0.0.0-00010101000000-000000000000 github.com/pkg/errors v0.9.1 - github.com/yahoojapan/athenz-authorizer/v5 v5.3.3 golang.org/x/sync v0.1.0 google.golang.org/grpc v1.50.1 google.golang.org/protobuf v1.28.1 @@ -45,23 +44,23 @@ require ( ) require ( - github.com/AthenZ/athenz v1.11.6 // indirect + github.com/AthenZ/athenz v1.11.14 // indirect github.com/ardielle/ardielle-go v1.5.2 // indirect - github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1 // indirect + github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.0-20210816181553-5444fa50b93d // indirect github.com/goccy/go-json v0.9.11 // indirect github.com/golang-jwt/jwt/v4 v4.4.2 // indirect github.com/golang/protobuf v1.5.2 // indirect - github.com/klauspost/cpuid/v2 v2.1.0 // indirect + github.com/klauspost/cpuid/v2 v2.0.9 // indirect github.com/kpango/fastime v1.1.4 // indirect github.com/kpango/gache v1.2.8 // indirect github.com/lestrrat-go/backoff/v2 v2.0.8 // indirect - github.com/lestrrat-go/blackmagic v1.0.1 // indirect + github.com/lestrrat-go/blackmagic v1.0.0 // indirect github.com/lestrrat-go/httpcc v1.0.1 // indirect - github.com/lestrrat-go/iter v1.0.2 // indirect + github.com/lestrrat-go/iter v1.0.1 // indirect github.com/lestrrat-go/jwx v1.2.25 // indirect github.com/lestrrat-go/option v1.0.0 // indirect github.com/zeebo/xxh3 v1.0.2 // indirect - golang.org/x/crypto v0.0.0-20220817183753-04dced17f71c // indirect + golang.org/x/crypto v0.1.0 // indirect golang.org/x/net v0.2.0 // indirect golang.org/x/sys v0.2.0 // indirect golang.org/x/text v0.4.0 // indirect diff --git a/go.mod.default b/go.mod.default index 2f0a0b8..194afb9 100644 --- a/go.mod.default +++ b/go.mod.default @@ -1,4 +1,4 @@ -module github.com/yahoojapan/authorization-proxy/v4 +module github.com/AthenZ/authorization-proxy/v4 go 1.19 @@ -9,7 +9,7 @@ replace ( github.com/google/go-cmp => github.com/google/go-cmp latest github.com/google/pprof => github.com/google/pprof latest github.com/mwitkow/grpc-proxy => github.com/mwitkow/grpc-proxy 0f1106ef9c766333b9acb4b81e705da4bade7215 - github.com/yahoojapan/athenz-authorizer/v5 => github.com/yahoojapan/athenz-authorizer/v5 latest + github.com/AthenZ/athenz-authorizer/v5 => github.com/AthenZ/athenz-authorizer/v5 latest golang.org/x/crypto => golang.org/x/crypto latest golang.org/x/exp => golang.org/x/exp latest golang.org/x/image => golang.org/x/image latest diff --git a/go.sum b/go.sum index b993977..59cfdb9 100644 --- a/go.sum +++ b/go.sum @@ -1,15 +1,14 @@ -github.com/AthenZ/athenz v1.11.6 h1:X9afe1ziWKY//PKnRBaeZOHXu/HRpuxZrcUgMT5rTBw= -github.com/AthenZ/athenz v1.11.6/go.mod h1:Up0jlS3E3h6YWqOZpdbW26rmUtnGhZB+AQDZtWpoGUo= -github.com/AthenZ/authorization-proxy/v4 v4.0.0-20221003060027-b5b2a7eb564f h1:RcUWMiUceHpgzGNHZbBXqpnxFAHdr54iO1DSGXj15c0= -github.com/AthenZ/authorization-proxy/v4 v4.0.0-20221003060027-b5b2a7eb564f/go.mod h1:a/36f5MUsb/fkSOJAabAetNd0ftQK5VxiabSXK0kHHo= +github.com/AthenZ/athenz v1.11.14 h1:B8UufvrUm1DjVJci1bWKxHNrGa1y6qTlM1IPL/7FaUs= +github.com/AthenZ/athenz v1.11.14/go.mod h1:EQzE5ZMu7HN+bLk4apc04aHBRN9ftFgunwjoWhr/nyQ= +github.com/AthenZ/athenz-authorizer/v5 v5.5.1 h1:okVP8IVuYnQaJG8CfSOwDbyTKyVRBhL0ldZ5XZBpMNg= +github.com/AthenZ/athenz-authorizer/v5 v5.5.1/go.mod h1:Y4AYjbSeqaK6KdOjfGDbk1yvlVJ4Fm37+3ujnthE/1M= github.com/ardielle/ardielle-go v1.5.2 h1:TilHTpHIQJ27R1Tl/iITBzMwiUGSlVfiVhwDNGM3Zj4= github.com/ardielle/ardielle-go v1.5.2/go.mod h1:I4hy1n795cUhaVt/ojz83SNVCYIGsAFAONtv2Dr7HUI= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/decred/dcrd/crypto/blake256 v1.0.0/go.mod h1:sQl2p6Y26YV+ZOcSTP6thNdn47hh8kt6rqSlvmrXFAc= +github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.0-20210816181553-5444fa50b93d h1:1iy2qD6JEhHKKhUOA9IWs7mjco7lnw2qx8FsRI2wirE= github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.0-20210816181553-5444fa50b93d/go.mod h1:tmAIfUFEirG/Y8jhZ9M+h36obRZAk/1fcSpXwAVlfqE= -github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1 h1:YLtO71vCjJRCBcrPMtQ9nqBsqpA1m5sE92cU+pd5Mcc= -github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1/go.mod h1:hyedUtir6IdtD/7lIxGeCxkaw7y45JueMRL4DIyJDKs= github.com/dimfeld/httptreemux v5.0.1+incompatible h1:Qj3gVcDNoOthBAqftuD596rm4wg/adLLz5xh5CmpiCA= github.com/goccy/go-json v0.9.7/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= github.com/goccy/go-json v0.9.11 h1:/pAaQDLHEoCq/5FFmSKBswWmK6H0e8g4159Kc/X/nqk= @@ -20,8 +19,8 @@ github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/klauspost/cpuid/v2 v2.1.0 h1:eyi1Ad2aNJMW95zcSbmGg7Cg6cq3ADwLpMAP96d8rF0= -github.com/klauspost/cpuid/v2 v2.1.0/go.mod h1:RVVoqg1df56z8g3pUjL/3lE5UfnlrJX8tyFgg4nqhuY= +github.com/klauspost/cpuid/v2 v2.0.9 h1:lgaqFMSdTdQYdZ04uHyN2d/eKdOMyi2YLSvlQIBFYa4= +github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= github.com/kpango/fastime v1.1.4 h1:pus9JgJBg/8Jie3ozayA4yNIV67BUPhbq0wMZY3CtYo= github.com/kpango/fastime v1.1.4/go.mod h1:tTNDbIo5qL6D7g5vh2YbkyUbOVP2kD/we3rSjN22PMY= github.com/kpango/gache v1.2.8 h1:+OjREOmuWO4qrJksDhzWJq80o9iwHiezdVmMR1jtCG0= @@ -30,14 +29,12 @@ github.com/kpango/glg v1.6.13 h1:QMhxOm/Oo1k8qraMtH4SQOYIgB/SI2RW2Hvrn1kgAZw= github.com/kpango/glg v1.6.13/go.mod h1:fwP/c6NJTXe0vd9L3He6myDnO33lFVfgQGtGmlMnyws= github.com/lestrrat-go/backoff/v2 v2.0.8 h1:oNb5E5isby2kiro9AgdHLv5N5tint1AnDVVf2E2un5A= github.com/lestrrat-go/backoff/v2 v2.0.8/go.mod h1:rHP/q/r9aT27n24JQLa7JhSQZCKBBOiM/uP402WwN8Y= +github.com/lestrrat-go/blackmagic v1.0.0 h1:XzdxDbuQTz0RZZEmdU7cnQxUtFUzgCSPq8RCz4BxIi4= github.com/lestrrat-go/blackmagic v1.0.0/go.mod h1:TNgH//0vYSs8VXDCfkZLgIrVTTXQELZffUV0tz3MtdQ= -github.com/lestrrat-go/blackmagic v1.0.1 h1:lS5Zts+5HIC/8og6cGHb0uCcNCa3OUt1ygh3Qz2Fe80= -github.com/lestrrat-go/blackmagic v1.0.1/go.mod h1:UrEqBzIR2U6CnzVyUtfM6oZNMt/7O7Vohk2J0OGSAtU= github.com/lestrrat-go/httpcc v1.0.1 h1:ydWCStUeJLkpYyjLDHihupbn2tYmZ7m22BGkcvZZrIE= github.com/lestrrat-go/httpcc v1.0.1/go.mod h1:qiltp3Mt56+55GPVCbTdM9MlqhvzyuL6W/NMDA8vA5E= +github.com/lestrrat-go/iter v1.0.1 h1:q8faalr2dY6o8bV45uwrxq12bRa1ezKrB6oM9FUgN4A= github.com/lestrrat-go/iter v1.0.1/go.mod h1:zIdgO1mRKhn8l9vrZJZz9TUMMFbQbLeTsbqPDrJ/OJc= -github.com/lestrrat-go/iter v1.0.2 h1:gMXo1q4c2pHmC3dn8LzRhJfP1ceCbgSiT9lUydIzltI= -github.com/lestrrat-go/iter v1.0.2/go.mod h1:Momfcq3AnRlRjI5b5O8/G5/BvpzrhoFTZcn06fEOPt4= github.com/lestrrat-go/jwx v1.2.25 h1:tAx93jN2SdPvFn08fHNAhqFJazn5mBBOB8Zli0g0otA= github.com/lestrrat-go/jwx v1.2.25/go.mod h1:zoNuZymNl5lgdcu6P7K6ie2QRll5HVfF4xwxBBK1NxY= github.com/lestrrat-go/option v1.0.0 h1:WqAWL8kh8VcSoD6xjSH34/1m8yxluXQbDeKNfvFeEO4= @@ -55,8 +52,6 @@ github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk= -github.com/yahoojapan/athenz-authorizer/v5 v5.5.0 h1:OCv8zgLKonThVCAp9872z5BWNc8UXfaQX77KDM4oAuM= -github.com/yahoojapan/athenz-authorizer/v5 v5.5.0/go.mod h1:tKVy3zc5TVkD1M82OGrMOvLOJtl1e7eO/KJRBWvMqPk= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= github.com/zeebo/assert v1.3.0 h1:g7C04CbJuIDKNPFHmsk4hwZDO5O+kntRxzaUoNXj+IQ= github.com/zeebo/xxh3 v1.0.2 h1:xZmwmqxHZA8AI603jOQ0tMqmBr9lPeFwGg6d+xy9DC0= @@ -77,8 +72,8 @@ golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= golang.org/x/text v0.4.0 h1:BrVqGRd7+k1DiOgtnFvAkoQEWQvBc25ouMJM6429SFg= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/tools v0.3.0/go.mod h1:/rWhSS2+zyEVwoJf8YAX6L2f0ntZ7Kn/mGgAWcipA5k= -google.golang.org/genproto v0.0.0-20221111202108-142d8a6fa32e h1:azcyH5lGzGy7pkLCbhPe0KkKxsM7c6UA/FZIXImKE7M= -google.golang.org/genproto v0.0.0-20221111202108-142d8a6fa32e/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= +google.golang.org/genproto v0.0.0-20221114212237-e4508ebdbee1 h1:jCw9YRd2s40X9Vxi4zKsPRvSPlHWNqadVkpbMsCPzPQ= +google.golang.org/genproto v0.0.0-20221114212237-e4508ebdbee1/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= google.golang.org/grpc v1.50.1 h1:DS/BukOZWp8s6p4Dt/tOaJaTQyPyOoCcrjroHuCeLzY= google.golang.org/grpc v1.50.1/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI= google.golang.org/protobuf v1.28.1 h1:d0NfwRgPtno5B1Wa6L2DAG+KivqkdutMf1UhdNx175w= diff --git a/handler/grpc.go b/handler/grpc.go index bee3834..862fc7c 100644 --- a/handler/grpc.go +++ b/handler/grpc.go @@ -17,9 +17,9 @@ import ( "google.golang.org/grpc/metadata" "google.golang.org/grpc/status" - authorizerd "github.com/yahoojapan/athenz-authorizer/v5" - "github.com/yahoojapan/authorization-proxy/v4/config" - "github.com/yahoojapan/authorization-proxy/v4/service" + authorizerd "github.com/AthenZ/athenz-authorizer/v5" + "github.com/AthenZ/authorization-proxy/v4/config" + "github.com/AthenZ/authorization-proxy/v4/service" ) const ( diff --git a/handler/grpc_option.go b/handler/grpc_option.go index aff9c2e..1736d52 100644 --- a/handler/grpc_option.go +++ b/handler/grpc_option.go @@ -1,8 +1,8 @@ package handler import ( - "github.com/yahoojapan/authorization-proxy/v4/config" - "github.com/yahoojapan/authorization-proxy/v4/service" + "github.com/AthenZ/authorization-proxy/v4/config" + "github.com/AthenZ/authorization-proxy/v4/service" ) // Option represents a functional option for gRPC Handler diff --git a/handler/grpc_option_test.go b/handler/grpc_option_test.go index 773e38c..6dfa138 100644 --- a/handler/grpc_option_test.go +++ b/handler/grpc_option_test.go @@ -4,9 +4,9 @@ import ( "reflect" "testing" + "github.com/AthenZ/authorization-proxy/v4/config" + "github.com/AthenZ/authorization-proxy/v4/service" "github.com/pkg/errors" - "github.com/yahoojapan/authorization-proxy/v4/config" - "github.com/yahoojapan/authorization-proxy/v4/service" ) func TestWithProxyConfig(t *testing.T) { diff --git a/handler/grpc_test.go b/handler/grpc_test.go index 74869b9..a725a97 100644 --- a/handler/grpc_test.go +++ b/handler/grpc_test.go @@ -10,11 +10,11 @@ import ( "testing" "time" + authorizerd "github.com/AthenZ/athenz-authorizer/v5" + "github.com/AthenZ/authorization-proxy/v4/config" + "github.com/AthenZ/authorization-proxy/v4/service" "github.com/mwitkow/grpc-proxy/proxy" "github.com/pkg/errors" - authorizerd "github.com/yahoojapan/athenz-authorizer/v5" - "github.com/yahoojapan/authorization-proxy/v4/config" - "github.com/yahoojapan/authorization-proxy/v4/service" "golang.org/x/sync/singleflight" "google.golang.org/grpc" "google.golang.org/grpc/codes" diff --git a/handler/handler_test.go b/handler/handler_test.go index e9b3099..8f8d761 100644 --- a/handler/handler_test.go +++ b/handler/handler_test.go @@ -14,11 +14,11 @@ import ( "testing" "time" + authorizerd "github.com/AthenZ/athenz-authorizer/v5" "github.com/AthenZ/authorization-proxy/v4/config" "github.com/AthenZ/authorization-proxy/v4/infra" "github.com/AthenZ/authorization-proxy/v4/service" "github.com/pkg/errors" - authorizerd "github.com/yahoojapan/athenz-authorizer/v5" ) func TestNew(t *testing.T) { diff --git a/handler/transport.go b/handler/transport.go index f3b8acc..99ab0dd 100644 --- a/handler/transport.go +++ b/handler/transport.go @@ -21,9 +21,9 @@ import ( "strconv" "strings" + authorizerd "github.com/AthenZ/athenz-authorizer/v5" "github.com/AthenZ/authorization-proxy/v4/config" "github.com/AthenZ/authorization-proxy/v4/service" - authorizerd "github.com/yahoojapan/athenz-authorizer/v5" "github.com/kpango/glg" "github.com/pkg/errors" diff --git a/handler/transport_test.go b/handler/transport_test.go index af62467..68eb7dc 100644 --- a/handler/transport_test.go +++ b/handler/transport_test.go @@ -6,9 +6,9 @@ import ( "reflect" "testing" + authorizerd "github.com/AthenZ/athenz-authorizer/v5" "github.com/AthenZ/authorization-proxy/v4/config" "github.com/AthenZ/authorization-proxy/v4/service" - authorizerd "github.com/yahoojapan/athenz-authorizer/v5" ) type readCloseCounter struct { diff --git a/service/authorizerd.go b/service/authorizerd.go index fca6f99..d13df26 100644 --- a/service/authorizerd.go +++ b/service/authorizerd.go @@ -16,7 +16,7 @@ limitations under the License. package service -import authorizer "github.com/yahoojapan/athenz-authorizer/v5" +import authorizer "github.com/AthenZ/athenz-authorizer/v5" // Authorizationd represents the authorization daemon to do the authorization check. type Authorizationd interface { diff --git a/service/authorizerd_mock.go b/service/authorizerd_mock.go index f6a94cf..ea729f9 100644 --- a/service/authorizerd_mock.go +++ b/service/authorizerd_mock.go @@ -5,7 +5,7 @@ import ( "crypto/x509" "net/http" - authorizerd "github.com/yahoojapan/athenz-authorizer/v5" + authorizerd "github.com/AthenZ/athenz-authorizer/v5" ) // AuthorizerdMock is a mock of Authorizerd diff --git a/service/server_test.go b/service/server_test.go index f3d2184..42c1007 100644 --- a/service/server_test.go +++ b/service/server_test.go @@ -15,9 +15,9 @@ import ( "testing" "time" + "github.com/AthenZ/authorization-proxy/v4/config" "github.com/mwitkow/grpc-proxy/proxy" "github.com/pkg/errors" - "github.com/yahoojapan/authorization-proxy/v4/config" "google.golang.org/grpc" "google.golang.org/grpc/credentials" "google.golang.org/protobuf/types/known/emptypb" diff --git a/usecase/authz_proxyd.go b/usecase/authz_proxyd.go index 01d5039..990513c 100644 --- a/usecase/authz_proxyd.go +++ b/usecase/authz_proxyd.go @@ -32,7 +32,7 @@ import ( "github.com/AthenZ/authorization-proxy/v4/router" "github.com/AthenZ/authorization-proxy/v4/service" - authorizerd "github.com/yahoojapan/athenz-authorizer/v5" + authorizerd "github.com/AthenZ/athenz-authorizer/v5" ) // AuthzProxyDaemon represents Authorization Proxy daemon behavior. diff --git a/usecase/authz_proxyd_test.go b/usecase/authz_proxyd_test.go index 46d277e..7c5c699 100644 --- a/usecase/authz_proxyd_test.go +++ b/usecase/authz_proxyd_test.go @@ -9,9 +9,9 @@ import ( "testing" "time" + authorizerd "github.com/AthenZ/athenz-authorizer/v5" "github.com/AthenZ/authorization-proxy/v4/config" "github.com/AthenZ/authorization-proxy/v4/service" - authorizerd "github.com/yahoojapan/athenz-authorizer/v5" "github.com/pkg/errors" )