From 21811eec7fda48bc03c03b821bba93b4e9fa06ea Mon Sep 17 00:00:00 2001 From: chiragkyal Date: Tue, 10 Dec 2024 13:54:02 +0530 Subject: [PATCH 1/3] Add support for AWS user tags from PlatformStatus - Added watch on Infrastructure object to detect changes in PlatformStatus.AWS.ResourceTags. - Merged tags from AWSLoadBalancerController.Spec.AdditionalResourceTags and PlatformStatus.AWS.ResourceTags, prioritizing operator spec tags. Signed-off-by: chiragkyal --- Makefile | 14 +- .../awsloadbalancercontroller/controller.go | 33 +- .../awsloadbalancercontroller/deployment.go | 53 +- .../deployment_test.go | 99 +- pkg/controllers/suite_test.go | 5 + pkg/controllers/watch_test.go | 33 + .../test/crd/infrastructure-Default.yaml | 855 ++++++++++++++++++ 7 files changed, 1062 insertions(+), 30 deletions(-) create mode 100644 pkg/utils/test/crd/infrastructure-Default.yaml diff --git a/Makefile b/Makefile index 75cdb967..54be021f 100644 --- a/Makefile +++ b/Makefile @@ -120,6 +120,9 @@ help: ## Display this help. ##@ Development +.PHONY: update +update: update-vendored-crds manifests generate + .PHONY: manifests manifests: ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects. $(CONTROLLER_GEN) rbac:roleName=manager-role crd webhook paths="./..." output:crd:artifacts:config=config/crd/bases @@ -130,6 +133,11 @@ manifests: ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefin generate: iamctl-gen iam-gen## Generate code containing DeepCopy, DeepCopyInto, DeepCopyObject method implementations and iamctl policies. $(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="./..." +.PHONY: update-vendored-crds +update-vendored-crds: + ## Copy infrastructure CRD from openshift/api + cp vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure-Default.crd.yaml ./pkg/utils/test/crd/infrastructure-Default.yaml + .PHONY: fmt fmt: ## Run go fmt against code. go fmt -mod=vendor ./... @@ -301,8 +309,12 @@ catalog-build: catalog catalog-push: $(MAKE) image-push IMG=$(CATALOG_IMG) +.PHONY: verify-vendored-crds +verify-vendored-crds: + diff vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure-Default.crd.yaml ./pkg/utils/test/crd/infrastructure-Default.yaml + .PHONY: verify -verify: +verify: verify-vendored-crds hack/verify-deps.sh hack/verify-generated.sh hack/verify-gofmt.sh diff --git a/pkg/controllers/awsloadbalancercontroller/controller.go b/pkg/controllers/awsloadbalancercontroller/controller.go index e408b5a5..e7b3d720 100644 --- a/pkg/controllers/awsloadbalancercontroller/controller.go +++ b/pkg/controllers/awsloadbalancercontroller/controller.go @@ -31,6 +31,7 @@ import ( cco "github.com/openshift/cloud-credential-operator/pkg/apis/cloudcredential/v1" + configv1 "github.com/openshift/api/config/v1" ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/builder" "sigs.k8s.io/controller-runtime/pkg/client" @@ -46,6 +47,8 @@ import ( const ( // the name of the AWSLoadBalancerController resource which will be reconciled controllerName = "cluster" + // clusterInfrastructureName is the name of the 'cluster' infrastructure object. + clusterInfrastructureName = "cluster" // the port on which controller metrics are served controllerMetricsPort = 8080 // the port on which the controller webhook is served @@ -120,6 +123,12 @@ func (r *AWSLoadBalancerControllerReconciler) Reconcile(ctx context.Context, req } } + infraConfig := &configv1.Infrastructure{} + if err := r.Client.Get(ctx, types.NamespacedName{Name: clusterInfrastructureName}, infraConfig); err != nil { + return ctrl.Result{}, fmt.Errorf("failed to get infrastructure %q: %w", clusterInfrastructureName, err) + } + platformStatus := infraConfig.Status.PlatformStatus + if err := r.ensureIngressClass(ctx, lbController); err != nil { return ctrl.Result{}, fmt.Errorf("failed to ensure default IngressClass for AWSLoadBalancerController %q: %v", req.Name, err) } @@ -187,7 +196,7 @@ func (r *AWSLoadBalancerControllerReconciler) Reconcile(ctx context.Context, req return ctrl.Result{}, fmt.Errorf("failed to ensure ClusterRole and Binding for AWSLoadBalancerController %q: %w", req.Name, err) } - deployment, err := r.ensureDeployment(ctx, sa, credSecretNsName.Name, servingSecretName, lbController, trustCAConfigMap) + deployment, err := r.ensureDeployment(ctx, sa, credSecretNsName.Name, servingSecretName, lbController, platformStatus, trustCAConfigMap) if err != nil { return ctrl.Result{}, fmt.Errorf("failed to ensure Deployment for AWSLoadbalancerController %q: %w", req.Name, err) } @@ -247,17 +256,17 @@ func (r *AWSLoadBalancerControllerReconciler) BuildManagedController(mgr ctrl.Ma Owns(&arv1.ValidatingWebhookConfiguration{}). Owns(&arv1.MutatingWebhookConfiguration{}) - if r.TrustedCAConfigMapName != "" { - clusterALBCInstance := func(ctx context.Context, o client.Object) []reconcile.Request { - return []reconcile.Request{ - { - NamespacedName: types.NamespacedName{ - Name: controllerName, - }, + clusterALBCInstance := func(ctx context.Context, o client.Object) []reconcile.Request { + return []reconcile.Request{ + { + NamespacedName: types.NamespacedName{ + Name: controllerName, }, - } + }, } + } + if r.TrustedCAConfigMapName != "" { // Requeue the only (cluster) instance of AWSLoadBalancerController // so that the main reconciliation loop can detect the changes in the trusted CA configmap's contents // and redeploy the controller if needed. @@ -270,6 +279,12 @@ func (r *AWSLoadBalancerControllerReconciler) BuildManagedController(mgr ctrl.Ma predicate.NewPredicateFuncs(inNamespace(r.Namespace))), predicate.NewPredicateFuncs(hasName(r.TrustedCAConfigMapName)))) } + // Watch Infrastructure object to detect changes in AWS user tags + bldr = bldr.Watches(&configv1.Infrastructure{}, + handler.EnqueueRequestsFromMapFunc(clusterALBCInstance), + builder.WithPredicates( + predicate.NewPredicateFuncs(hasName(clusterInfrastructureName)))) + return bldr } diff --git a/pkg/controllers/awsloadbalancercontroller/deployment.go b/pkg/controllers/awsloadbalancercontroller/deployment.go index bd2a7840..4676bf93 100644 --- a/pkg/controllers/awsloadbalancercontroller/deployment.go +++ b/pkg/controllers/awsloadbalancercontroller/deployment.go @@ -21,6 +21,8 @@ import ( "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" "sigs.k8s.io/controller-runtime/pkg/log" + configv1 "github.com/openshift/api/config/v1" + albo "github.com/openshift/aws-load-balancer-operator/api/v1" ) @@ -69,7 +71,7 @@ const ( allCapabilities = "ALL" ) -func (r *AWSLoadBalancerControllerReconciler) ensureDeployment(ctx context.Context, sa *corev1.ServiceAccount, crSecretName, servingSecretName string, controller *albo.AWSLoadBalancerController, trustCAConfigMap *corev1.ConfigMap) (*appsv1.Deployment, error) { +func (r *AWSLoadBalancerControllerReconciler) ensureDeployment(ctx context.Context, sa *corev1.ServiceAccount, crSecretName, servingSecretName string, controller *albo.AWSLoadBalancerController, platformStatus *configv1.PlatformStatus, trustCAConfigMap *corev1.ConfigMap) (*appsv1.Deployment, error) { deploymentName := fmt.Sprintf("%s-%s", controllerResourcePrefix, controller.Name) reqLogger := log.FromContext(ctx).WithValues("deployment", deploymentName) @@ -90,7 +92,8 @@ func (r *AWSLoadBalancerControllerReconciler) ensureDeployment(ctx context.Conte trustCAConfigMapHash = configMapHash } - desired := r.desiredDeployment(deploymentName, crSecretName, servingSecretName, controller, sa, trustCAConfigMapName, trustCAConfigMapHash) + desired := r.desiredDeployment(deploymentName, crSecretName, servingSecretName, controller, platformStatus, sa, trustCAConfigMapName, trustCAConfigMapHash) + err = controllerutil.SetControllerReference(controller, desired, r.Scheme) if err != nil { return nil, fmt.Errorf("failed to set owner reference on deployment %s: %w", deploymentName, err) @@ -120,7 +123,7 @@ func (r *AWSLoadBalancerControllerReconciler) ensureDeployment(ctx context.Conte return current, nil } -func (r *AWSLoadBalancerControllerReconciler) desiredDeployment(name, credentialsRequestSecretName, servingSecret string, controller *albo.AWSLoadBalancerController, sa *corev1.ServiceAccount, trustedCAConfigMapName, trustedCAConfigMapHash string) *appsv1.Deployment { +func (r *AWSLoadBalancerControllerReconciler) desiredDeployment(name, credentialsRequestSecretName, servingSecret string, controller *albo.AWSLoadBalancerController, platformStatus *configv1.PlatformStatus, sa *corev1.ServiceAccount, trustedCAConfigMapName, trustedCAConfigMapHash string) *appsv1.Deployment { d := &appsv1.Deployment{ ObjectMeta: metav1.ObjectMeta{ Name: name, @@ -145,7 +148,7 @@ func (r *AWSLoadBalancerControllerReconciler) desiredDeployment(name, credential { Name: awsLoadBalancerControllerContainerName, Image: r.Image, - Args: desiredContainerArgs(controller, r.ClusterName, r.VPCID), + Args: desiredContainerArgs(controller, r.ClusterName, r.VPCID, platformStatus), Env: append([]corev1.EnvVar{ { Name: awsRegionEnvVarName, @@ -260,18 +263,14 @@ func (r *AWSLoadBalancerControllerReconciler) desiredDeployment(name, credential return d } -func desiredContainerArgs(controller *albo.AWSLoadBalancerController, clusterName, vpcID string) []string { +func desiredContainerArgs(controller *albo.AWSLoadBalancerController, clusterName, vpcID string, platformStatus *configv1.PlatformStatus) []string { var args []string args = append(args, fmt.Sprintf("--webhook-cert-dir=%s", webhookTLSDir)) args = append(args, fmt.Sprintf("--aws-vpc-id=%s", vpcID)) args = append(args, fmt.Sprintf("--cluster-name=%s", clusterName)) - // if additional keys are present then sort them and append it to the arguments - if controller.Spec.AdditionalResourceTags != nil { - var tags []string - for _, t := range controller.Spec.AdditionalResourceTags { - tags = append(tags, fmt.Sprintf("%s=%s", t.Key, t.Value)) - } + tags := mergeTags(controller, platformStatus) + if len(tags) > 0 { sort.Strings(tags) args = append(args, fmt.Sprintf(`--default-tags=%s`, strings.Join(tags, ","))) } @@ -542,3 +541,35 @@ func buildMapHash(data map[string]string) (string, error) { } return hex.EncodeToString(hash.Sum(nil)), nil } + +// mergeTags merges tags from an AWSLoadBalancerController and PlatformStatus into a slice of strings. +// Tags from `controller.Spec.AdditionalResourceTags` take precedence over those in `platformStatus.AWS.ResourceTags`. +// If a tag key already exists, the value from AdditionalResourceTags will overwrite the one from ResourceTags. +func mergeTags(controller *albo.AWSLoadBalancerController, platformStatus *configv1.PlatformStatus) []string { + // tagMap holds tags with unique keys + tagMap := make(map[string]string) + + // Add tags from controller.Spec.AdditionalResourceTags since operator tags has higher precedence + if controller.Spec.AdditionalResourceTags != nil { + for _, t := range controller.Spec.AdditionalResourceTags { + tagMap[t.Key] = t.Value + } + } + + // Add tags from platformStatus.AWS.ResourceTags to the map, only if the key doesn't exist + if platformStatus != nil && platformStatus.AWS != nil && len(platformStatus.AWS.ResourceTags) > 0 { + for _, t := range platformStatus.AWS.ResourceTags { + if _, exists := tagMap[t.Key]; !exists { + tagMap[t.Key] = t.Value + } + } + } + + // Convert map back to a slice + var tags []string + for key, value := range tagMap { + tags = append(tags, fmt.Sprintf("%s=%s", key, value)) + } + + return tags +} diff --git a/pkg/controllers/awsloadbalancercontroller/deployment_test.go b/pkg/controllers/awsloadbalancercontroller/deployment_test.go index 8d99b072..d5b373f4 100644 --- a/pkg/controllers/awsloadbalancercontroller/deployment_test.go +++ b/pkg/controllers/awsloadbalancercontroller/deployment_test.go @@ -18,6 +18,8 @@ import ( "github.com/google/go-cmp/cmp" "sigs.k8s.io/controller-runtime/pkg/client/fake" + configv1 "github.com/openshift/api/config/v1" + albo "github.com/openshift/aws-load-balancer-operator/api/v1" "github.com/openshift/aws-load-balancer-operator/pkg/utils/test" ) @@ -28,9 +30,10 @@ const ( func TestDesiredArgs(t *testing.T) { for _, tc := range []struct { - name string - controller *albo.AWSLoadBalancerController - expectedArgs sets.Set[string] + name string + controller *albo.AWSLoadBalancerController + platformStatus *configv1.PlatformStatus + expectedArgs sets.Set[string] }{ { name: "non-default ingress class", @@ -110,7 +113,7 @@ func TestDesiredArgs(t *testing.T) { ), }, { - name: "resource tags specified", + name: "resource tags specified in the operator spec", controller: &albo.AWSLoadBalancerController{ Spec: albo.AWSLoadBalancerControllerSpec{ AdditionalResourceTags: []albo.AWSResourceTag{ @@ -128,6 +131,84 @@ func TestDesiredArgs(t *testing.T) { "--default-tags=test-key1=test-value1,test-key2=test-value2,test-key3=test-value3", ), }, + { + name: "resource tags specified in the platform status", + controller: &albo.AWSLoadBalancerController{ + Spec: albo.AWSLoadBalancerControllerSpec{}, + }, + platformStatus: &configv1.PlatformStatus{ + Type: configv1.AWSPlatformType, + AWS: &configv1.AWSPlatformStatus{ + ResourceTags: []configv1.AWSResourceTag{ + {Key: "key1", Value: "value1"}, + {Key: "key2", Value: "value2"}, + }, + }, + }, + expectedArgs: sets.New[string]( + "--enable-shield=false", + "--enable-waf=false", + "--enable-wafv2=false", + "--ingress-class=alb", + "--default-tags=key1=value1,key2=value2", + ), + }, + { + name: "conflicting resource tags specified in the platform status and operator spec", + controller: &albo.AWSLoadBalancerController{ + Spec: albo.AWSLoadBalancerControllerSpec{ + AdditionalResourceTags: []albo.AWSResourceTag{ + {Key: "op-key1", Value: "op-value1"}, + {Key: "conflict-key1", Value: "op-value2"}, + {Key: "conflict-key2", Value: "op-value3"}, + }, + }, + }, + platformStatus: &configv1.PlatformStatus{ + Type: configv1.AWSPlatformType, + AWS: &configv1.AWSPlatformStatus{ + ResourceTags: []configv1.AWSResourceTag{ + {Key: "plat-key1", Value: "plat-value1"}, + {Key: "conflict-key1", Value: "plat-value2"}, + {Key: "conflict-key2", Value: "plat-value3"}, + }, + }, + }, + expectedArgs: sets.New[string]( + "--enable-shield=false", + "--enable-waf=false", + "--enable-wafv2=false", + "--ingress-class=alb", + "--default-tags=conflict-key1=op-value2,conflict-key2=op-value3,op-key1=op-value1,plat-key1=plat-value1", + ), + }, + { + name: "non-conflicting resource tags specified in the platform status and operator spec", + controller: &albo.AWSLoadBalancerController{ + Spec: albo.AWSLoadBalancerControllerSpec{ + AdditionalResourceTags: []albo.AWSResourceTag{ + {Key: "op-key1", Value: "op-value1"}, + {Key: "op-key2", Value: "op-value2"}, + }, + }, + }, + platformStatus: &configv1.PlatformStatus{ + Type: configv1.AWSPlatformType, + AWS: &configv1.AWSPlatformStatus{ + ResourceTags: []configv1.AWSResourceTag{ + {Key: "plat-key1", Value: "plat-value1"}, + {Key: "plat-key2", Value: "plat-value2"}, + }, + }, + }, + expectedArgs: sets.New[string]( + "--enable-shield=false", + "--enable-waf=false", + "--enable-wafv2=false", + "--ingress-class=alb", + "--default-tags=op-key1=op-value1,op-key2=op-value2,plat-key1=plat-value1,plat-key2=plat-value2", + ), + }, } { t.Run(tc.name, func(t *testing.T) { defaultArgs := sets.New[string]( @@ -142,7 +223,7 @@ func TestDesiredArgs(t *testing.T) { if tc.controller.Spec.IngressClass == "" { tc.controller.Spec.IngressClass = "alb" } - args := desiredContainerArgs(tc.controller, "test-cluster", "test-vpc") + args := desiredContainerArgs(tc.controller, "test-cluster", "test-vpc", tc.platformStatus) expected := sets.List(expectedArgs) sort.Strings(expected) @@ -743,11 +824,11 @@ func TestEnsureDeployment(t *testing.T) { VPCID: "test-vpc", AWSRegion: testAWSRegion, } - _, err := r.ensureDeployment(context.Background(), tc.serviceAccount, "test-credentials", "test-serving", tc.controller, tc.trustedCAConfigMap) + _, err := r.ensureDeployment(context.Background(), tc.serviceAccount, "test-credentials", "test-serving", tc.controller, nil, tc.trustedCAConfigMap) if err != nil { t.Fatalf("unexpected error: %v", err) } - tc.expectedDeployment.Spec.Template.Spec.Containers[0].Args = desiredContainerArgs(tc.controller, "test-cluster", "test-vpc") + tc.expectedDeployment.Spec.Template.Spec.Containers[0].Args = desiredContainerArgs(tc.controller, "test-cluster", "test-vpc", nil) var deployment appsv1.Deployment err = client.Get(context.Background(), types.NamespacedName{Namespace: "test-namespace", Name: fmt.Sprintf("%s-%s", controllerResourcePrefix, tc.controller.Name)}, &deployment) if err != nil { @@ -854,11 +935,11 @@ func TestEnsureDeploymentEnvVars(t *testing.T) { VPCID: "test-vpc", AWSRegion: testAWSRegion, } - _, err := r.ensureDeployment(context.Background(), tc.serviceAccount, "test-credentials", "test-serving", tc.controller, nil) + _, err := r.ensureDeployment(context.Background(), tc.serviceAccount, "test-credentials", "test-serving", tc.controller, nil, nil) if err != nil { t.Fatalf("unexpected error: %v", err) } - tc.expectedDeployment.Spec.Template.Spec.Containers[0].Args = desiredContainerArgs(tc.controller, "test-cluster", "test-vpc") + tc.expectedDeployment.Spec.Template.Spec.Containers[0].Args = desiredContainerArgs(tc.controller, "test-cluster", "test-vpc", nil) var deployment appsv1.Deployment err = client.Get(context.Background(), types.NamespacedName{Namespace: "test-namespace", Name: fmt.Sprintf("%s-%s", controllerResourcePrefix, tc.controller.Name)}, &deployment) if err != nil { diff --git a/pkg/controllers/suite_test.go b/pkg/controllers/suite_test.go index 41706610..3ef9079f 100644 --- a/pkg/controllers/suite_test.go +++ b/pkg/controllers/suite_test.go @@ -35,6 +35,8 @@ import ( logf "sigs.k8s.io/controller-runtime/pkg/log" "sigs.k8s.io/controller-runtime/pkg/log/zap" + configv1 "github.com/openshift/api/config/v1" + albo "github.com/openshift/aws-load-balancer-operator/api/v1" albc "github.com/openshift/aws-load-balancer-operator/pkg/controllers/awsloadbalancercontroller" //+kubebuilder:scaffold:imports @@ -82,6 +84,9 @@ var _ = BeforeSuite(func() { err = cco.Install(scheme.Scheme) Expect(err).NotTo(HaveOccurred()) + err = configv1.Install(scheme.Scheme) + Expect(err).NotTo(HaveOccurred()) + //+kubebuilder:scaffold:scheme k8sClient, err = client.New(cfg, client.Options{Scheme: scheme.Scheme}) diff --git a/pkg/controllers/watch_test.go b/pkg/controllers/watch_test.go index beeaaa7a..73873a92 100644 --- a/pkg/controllers/watch_test.go +++ b/pkg/controllers/watch_test.go @@ -8,6 +8,7 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" + configv1 "github.com/openshift/api/config/v1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" @@ -98,6 +99,38 @@ var _ = Describe("AWS Load Balancer Reconciler Watch Predicates", func() { Expect(gotReq).To(Equal(expectedReq)) }) }) + + Context("Infrastructure", func() { + It("does not trigger reconciliation on 'wrong' Infrastructure changes", func() { + infra := &configv1.Infrastructure{ + ObjectMeta: metav1.ObjectMeta{ + Name: "wrong", + }, + } + var gotReq ctrl.Request + errCh := waitForRequest(reconcileCollector.Requests, 1*time.Second, &gotReq) + Expect(k8sClient.Create(context.Background(), infra)).Should(Succeed()) + Expect(<-errCh).NotTo(BeNil()) + }) + It("triggers reconciliation on 'cluster' Infrastructure changes", func() { + infra := &configv1.Infrastructure{ + ObjectMeta: metav1.ObjectMeta{ + Name: "cluster", + }, + } + expectedReq := ctrl.Request{ + NamespacedName: types.NamespacedName{ + Name: "cluster", + }, + } + var gotReq ctrl.Request + errCh := waitForRequest(reconcileCollector.Requests, 1*time.Second, &gotReq) + Expect(k8sClient.Create(context.Background(), infra)).Should(Succeed()) + Expect(<-errCh).To(BeNil()) + Expect(gotReq).To(Equal(expectedReq)) + }) + + }) }) func waitForRequest(requests chan ctrl.Request, timeout time.Duration, res *ctrl.Request) <-chan error { diff --git a/pkg/utils/test/crd/infrastructure-Default.yaml b/pkg/utils/test/crd/infrastructure-Default.yaml new file mode 100644 index 00000000..64a54d5c --- /dev/null +++ b/pkg/utils/test/crd/infrastructure-Default.yaml @@ -0,0 +1,855 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/470 + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + release.openshift.io/feature-set: Default + name: infrastructures.config.openshift.io +spec: + group: config.openshift.io + names: + kind: Infrastructure + listKind: InfrastructureList + plural: infrastructures + singular: infrastructure + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: "Infrastructure holds cluster-wide information about Infrastructure. The canonical name is `cluster` \n Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration + properties: + cloudConfig: + description: "cloudConfig is a reference to a ConfigMap containing the cloud provider configuration file. This configuration file is used to configure the Kubernetes cloud provider integration when using the built-in cloud provider integration or the external cloud controller manager. The namespace for this config map is openshift-config. \n cloudConfig should only be consumed by the kube_cloud_config controller. The controller is responsible for using the user configuration in the spec for various platforms and combining that with the user provided ConfigMap in this field to create a stitched kube cloud config. The controller generates a ConfigMap `kube-cloud-config` in `openshift-config-managed` namespace with the kube cloud config is stored in `cloud.conf` key. All the clients are expected to use the generated ConfigMap only." + properties: + key: + description: Key allows pointing to a specific key/value inside of the configmap. This is useful for logical file references. + type: string + name: + type: string + type: object + platformSpec: + description: platformSpec holds desired information specific to the underlying infrastructure provider. + properties: + alibabaCloud: + description: AlibabaCloud contains settings specific to the Alibaba Cloud infrastructure provider. + type: object + aws: + description: AWS contains settings specific to the Amazon Web Services infrastructure provider. + properties: + serviceEndpoints: + description: serviceEndpoints list contains custom endpoints which will override default service endpoint of AWS Services. There must be only one ServiceEndpoint for a service. + items: + description: AWSServiceEndpoint store the configuration of a custom url to override existing defaults of AWS Services. + properties: + name: + description: name is the name of the AWS service. The list of all the service names can be found at https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html This must be provided and cannot be empty. + pattern: ^[a-z0-9-]+$ + type: string + url: + description: url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. + pattern: ^https:// + type: string + type: object + type: array + type: object + azure: + description: Azure contains settings specific to the Azure infrastructure provider. + type: object + baremetal: + description: BareMetal contains settings specific to the BareMetal platform. + type: object + equinixMetal: + description: EquinixMetal contains settings specific to the Equinix Metal infrastructure provider. + type: object + external: + description: ExternalPlatformType represents generic infrastructure provider. Platform-specific components should be supplemented separately. + properties: + platformName: + default: Unknown + description: PlatformName holds the arbitrary string representing the infrastructure provider name, expected to be set at the installation time. This field is solely for informational and reporting purposes and is not expected to be used for decision-making. + type: string + x-kubernetes-validations: + - message: platform name cannot be changed once set + rule: oldSelf == 'Unknown' || self == oldSelf + type: object + gcp: + description: GCP contains settings specific to the Google Cloud Platform infrastructure provider. + type: object + ibmcloud: + description: IBMCloud contains settings specific to the IBMCloud infrastructure provider. + type: object + kubevirt: + description: Kubevirt contains settings specific to the kubevirt infrastructure provider. + type: object + nutanix: + description: Nutanix contains settings specific to the Nutanix infrastructure provider. + properties: + prismCentral: + description: prismCentral holds the endpoint address and port to access the Nutanix Prism Central. When a cluster-wide proxy is installed, by default, this endpoint will be accessed via the proxy. Should you wish for communication with this endpoint not to be proxied, please add the endpoint to the proxy spec.noProxy list. + properties: + address: + description: address is the endpoint address (DNS name or IP address) of the Nutanix Prism Central or Element (cluster) + maxLength: 256 + type: string + port: + description: port is the port number to access the Nutanix Prism Central or Element (cluster) + format: int32 + maximum: 65535 + minimum: 1 + type: integer + required: + - address + - port + type: object + prismElements: + description: prismElements holds one or more endpoint address and port data to access the Nutanix Prism Elements (clusters) of the Nutanix Prism Central. Currently we only support one Prism Element (cluster) for an OpenShift cluster, where all the Nutanix resources (VMs, subnets, volumes, etc.) used in the OpenShift cluster are located. In the future, we may support Nutanix resources (VMs, etc.) spread over multiple Prism Elements (clusters) of the Prism Central. + items: + description: NutanixPrismElementEndpoint holds the name and endpoint data for a Prism Element (cluster) + properties: + endpoint: + description: endpoint holds the endpoint address and port data of the Prism Element (cluster). When a cluster-wide proxy is installed, by default, this endpoint will be accessed via the proxy. Should you wish for communication with this endpoint not to be proxied, please add the endpoint to the proxy spec.noProxy list. + properties: + address: + description: address is the endpoint address (DNS name or IP address) of the Nutanix Prism Central or Element (cluster) + maxLength: 256 + type: string + port: + description: port is the port number to access the Nutanix Prism Central or Element (cluster) + format: int32 + maximum: 65535 + minimum: 1 + type: integer + required: + - address + - port + type: object + name: + description: name is the name of the Prism Element (cluster). This value will correspond with the cluster field configured on other resources (eg Machines, PVCs, etc). + maxLength: 256 + type: string + required: + - endpoint + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + required: + - prismCentral + - prismElements + type: object + openstack: + description: OpenStack contains settings specific to the OpenStack infrastructure provider. + type: object + ovirt: + description: Ovirt contains settings specific to the oVirt infrastructure provider. + type: object + powervs: + description: PowerVS contains settings specific to the IBM Power Systems Virtual Servers infrastructure provider. + properties: + serviceEndpoints: + description: serviceEndpoints is a list of custom endpoints which will override the default service endpoints of a Power VS service. + items: + description: PowervsServiceEndpoint stores the configuration of a custom url to override existing defaults of PowerVS Services. + properties: + name: + description: name is the name of the Power VS service. Few of the services are IAM - https://cloud.ibm.com/apidocs/iam-identity-token-api ResourceController - https://cloud.ibm.com/apidocs/resource-controller/resource-controller Power Cloud - https://cloud.ibm.com/apidocs/power-cloud + pattern: ^[a-z0-9-]+$ + type: string + url: + description: url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. + format: uri + pattern: ^https:// + type: string + required: + - name + - url + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + type: object + type: + description: type is the underlying infrastructure provider for the cluster. This value controls whether infrastructure automation such as service load balancers, dynamic volume provisioning, machine creation and deletion, and other integrations are enabled. If None, no infrastructure automation is enabled. Allowed values are "AWS", "Azure", "BareMetal", "GCP", "Libvirt", "OpenStack", "VSphere", "oVirt", "KubeVirt", "EquinixMetal", "PowerVS", "AlibabaCloud", "Nutanix" and "None". Individual components may not support all platforms, and must handle unrecognized platforms as None if they do not support that platform. + enum: + - "" + - AWS + - Azure + - BareMetal + - GCP + - Libvirt + - OpenStack + - None + - VSphere + - oVirt + - IBMCloud + - KubeVirt + - EquinixMetal + - PowerVS + - AlibabaCloud + - Nutanix + - External + type: string + vsphere: + description: VSphere contains settings specific to the VSphere infrastructure provider. + properties: + failureDomains: + description: failureDomains contains the definition of region, zone and the vCenter topology. If this is omitted failure domains (regions and zones) will not be used. + items: + description: VSpherePlatformFailureDomainSpec holds the region and zone failure domain and the vCenter topology of that failure domain. + properties: + name: + description: name defines the arbitrary but unique name of a failure domain. + maxLength: 256 + minLength: 1 + type: string + region: + description: region defines the name of a region tag that will be attached to a vCenter datacenter. The tag category in vCenter must be named openshift-region. + maxLength: 80 + minLength: 1 + type: string + server: + anyOf: + - format: ipv4 + - format: ipv6 + - format: hostname + description: server is the fully-qualified domain name or the IP address of the vCenter server. --- + maxLength: 255 + minLength: 1 + type: string + topology: + description: Topology describes a given failure domain using vSphere constructs + properties: + computeCluster: + description: computeCluster the absolute path of the vCenter cluster in which virtual machine will be located. The absolute path is of the form //host/. The maximum length of the path is 2048 characters. + maxLength: 2048 + pattern: ^/.*?/host/.*? + type: string + datacenter: + description: datacenter is the name of vCenter datacenter in which virtual machines will be located. The maximum length of the datacenter name is 80 characters. + maxLength: 80 + type: string + datastore: + description: datastore is the absolute path of the datastore in which the virtual machine is located. The absolute path is of the form //datastore/ The maximum length of the path is 2048 characters. + maxLength: 2048 + pattern: ^/.*?/datastore/.*? + type: string + folder: + description: folder is the absolute path of the folder where virtual machines are located. The absolute path is of the form //vm/. The maximum length of the path is 2048 characters. + maxLength: 2048 + pattern: ^/.*?/vm/.*? + type: string + networks: + description: networks is the list of port group network names within this failure domain. Currently, we only support a single interface per RHCOS virtual machine. The available networks (port groups) can be listed using `govc ls 'network/*'` The single interface should be the absolute path of the form //network/. + items: + type: string + maxItems: 1 + minItems: 1 + type: array + resourcePool: + description: resourcePool is the absolute path of the resource pool where virtual machines will be created. The absolute path is of the form //host//Resources/. The maximum length of the path is 2048 characters. + maxLength: 2048 + pattern: ^/.*?/host/.*?/Resources.* + type: string + required: + - computeCluster + - datacenter + - datastore + - networks + type: object + zone: + description: zone defines the name of a zone tag that will be attached to a vCenter cluster. The tag category in vCenter must be named openshift-zone. + maxLength: 80 + minLength: 1 + type: string + required: + - name + - region + - server + - topology + - zone + type: object + type: array + nodeNetworking: + description: nodeNetworking contains the definition of internal and external network constraints for assigning the node's networking. If this field is omitted, networking defaults to the legacy address selection behavior which is to only support a single address and return the first one found. + properties: + external: + description: external represents the network configuration of the node that is externally routable. + properties: + excludeNetworkSubnetCidr: + description: excludeNetworkSubnetCidr IP addresses in subnet ranges will be excluded when selecting the IP address from the VirtualMachine's VM for use in the status.addresses fields. --- + items: + format: cidr + type: string + type: array + network: + description: network VirtualMachine's VM Network names that will be used to when searching for status.addresses fields. Note that if internal.networkSubnetCIDR and external.networkSubnetCIDR are not set, then the vNIC associated to this network must only have a single IP address assigned to it. The available networks (port groups) can be listed using `govc ls 'network/*'` + type: string + networkSubnetCidr: + description: networkSubnetCidr IP address on VirtualMachine's network interfaces included in the fields' CIDRs that will be used in respective status.addresses fields. --- + items: + format: cidr + type: string + type: array + type: object + internal: + description: internal represents the network configuration of the node that is routable only within the cluster. + properties: + excludeNetworkSubnetCidr: + description: excludeNetworkSubnetCidr IP addresses in subnet ranges will be excluded when selecting the IP address from the VirtualMachine's VM for use in the status.addresses fields. --- + items: + format: cidr + type: string + type: array + network: + description: network VirtualMachine's VM Network names that will be used to when searching for status.addresses fields. Note that if internal.networkSubnetCIDR and external.networkSubnetCIDR are not set, then the vNIC associated to this network must only have a single IP address assigned to it. The available networks (port groups) can be listed using `govc ls 'network/*'` + type: string + networkSubnetCidr: + description: networkSubnetCidr IP address on VirtualMachine's network interfaces included in the fields' CIDRs that will be used in respective status.addresses fields. --- + items: + format: cidr + type: string + type: array + type: object + type: object + vcenters: + description: vcenters holds the connection details for services to communicate with vCenter. Currently, only a single vCenter is supported. --- + items: + description: VSpherePlatformVCenterSpec stores the vCenter connection fields. This is used by the vSphere CCM. + properties: + datacenters: + description: The vCenter Datacenters in which the RHCOS vm guests are located. This field will be used by the Cloud Controller Manager. Each datacenter listed here should be used within a topology. + items: + type: string + minItems: 1 + type: array + port: + description: port is the TCP port that will be used to communicate to the vCenter endpoint. When omitted, this means the user has no opinion and it is up to the platform to choose a sensible default, which is subject to change over time. + format: int32 + maximum: 32767 + minimum: 1 + type: integer + server: + anyOf: + - format: ipv4 + - format: ipv6 + - format: hostname + description: server is the fully-qualified domain name or the IP address of the vCenter server. --- + maxLength: 255 + type: string + required: + - datacenters + - server + type: object + maxItems: 1 + minItems: 0 + type: array + type: object + type: object + type: object + status: + description: status holds observed values from the cluster. They may not be overridden. + properties: + apiServerInternalURI: + description: apiServerInternalURL is a valid URI with scheme 'https', address and optionally a port (defaulting to 443). apiServerInternalURL can be used by components like kubelets, to contact the Kubernetes API server using the infrastructure provider rather than Kubernetes networking. + type: string + apiServerURL: + description: apiServerURL is a valid URI with scheme 'https', address and optionally a port (defaulting to 443). apiServerURL can be used by components like the web console to tell users where to find the Kubernetes API. + type: string + controlPlaneTopology: + default: HighlyAvailable + description: controlPlaneTopology expresses the expectations for operands that normally run on control nodes. The default is 'HighlyAvailable', which represents the behavior operators have in a "normal" cluster. The 'SingleReplica' mode will be used in single-node deployments and the operators should not configure the operand for highly-available operation The 'External' mode indicates that the control plane is hosted externally to the cluster and that its components are not visible within the cluster. + enum: + - HighlyAvailable + - SingleReplica + - External + type: string + etcdDiscoveryDomain: + description: 'etcdDiscoveryDomain is the domain used to fetch the SRV records for discovering etcd servers and clients. For more info: https://github.com/etcd-io/etcd/blob/329be66e8b3f9e2e6af83c123ff89297e49ebd15/Documentation/op-guide/clustering.md#dns-discovery deprecated: as of 4.7, this field is no longer set or honored. It will be removed in a future release.' + type: string + infrastructureName: + description: infrastructureName uniquely identifies a cluster with a human friendly name. Once set it should not be changed. Must be of max length 27 and must have only alphanumeric or hyphen characters. + type: string + infrastructureTopology: + default: HighlyAvailable + description: 'infrastructureTopology expresses the expectations for infrastructure services that do not run on control plane nodes, usually indicated by a node selector for a `role` value other than `master`. The default is ''HighlyAvailable'', which represents the behavior operators have in a "normal" cluster. The ''SingleReplica'' mode will be used in single-node deployments and the operators should not configure the operand for highly-available operation NOTE: External topology mode is not applicable for this field.' + enum: + - HighlyAvailable + - SingleReplica + type: string + platform: + description: "platform is the underlying infrastructure provider for the cluster. \n Deprecated: Use platformStatus.type instead." + enum: + - "" + - AWS + - Azure + - BareMetal + - GCP + - Libvirt + - OpenStack + - None + - VSphere + - oVirt + - IBMCloud + - KubeVirt + - EquinixMetal + - PowerVS + - AlibabaCloud + - Nutanix + - External + type: string + platformStatus: + description: platformStatus holds status information specific to the underlying infrastructure provider. + properties: + alibabaCloud: + description: AlibabaCloud contains settings specific to the Alibaba Cloud infrastructure provider. + properties: + region: + description: region specifies the region for Alibaba Cloud resources created for the cluster. + pattern: ^[0-9A-Za-z-]+$ + type: string + resourceGroupID: + description: resourceGroupID is the ID of the resource group for the cluster. + pattern: ^(rg-[0-9A-Za-z]+)?$ + type: string + resourceTags: + description: resourceTags is a list of additional tags to apply to Alibaba Cloud resources created for the cluster. + items: + description: AlibabaCloudResourceTag is the set of tags to add to apply to resources. + properties: + key: + description: key is the key of the tag. + maxLength: 128 + minLength: 1 + type: string + value: + description: value is the value of the tag. + maxLength: 128 + minLength: 1 + type: string + required: + - key + - value + type: object + maxItems: 20 + type: array + x-kubernetes-list-map-keys: + - key + x-kubernetes-list-type: map + required: + - region + type: object + aws: + description: AWS contains settings specific to the Amazon Web Services infrastructure provider. + properties: + region: + description: region holds the default AWS region for new AWS resources created by the cluster. + type: string + resourceTags: + description: resourceTags is a list of additional tags to apply to AWS resources created for the cluster. See https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html for information on tagging AWS resources. AWS supports a maximum of 50 tags per resource. OpenShift reserves 25 tags for its use, leaving 25 tags available for the user. + items: + description: AWSResourceTag is a tag to apply to AWS resources created for the cluster. + properties: + key: + description: key is the key of the tag + maxLength: 128 + minLength: 1 + pattern: ^[0-9A-Za-z_.:/=+-@]+$ + type: string + value: + description: value is the value of the tag. Some AWS service do not support empty values. Since tags are added to resources in many services, the length of the tag value must meet the requirements of all services. + maxLength: 256 + minLength: 1 + pattern: ^[0-9A-Za-z_.:/=+-@]+$ + type: string + required: + - key + - value + type: object + maxItems: 25 + type: array + serviceEndpoints: + description: ServiceEndpoints list contains custom endpoints which will override default service endpoint of AWS Services. There must be only one ServiceEndpoint for a service. + items: + description: AWSServiceEndpoint store the configuration of a custom url to override existing defaults of AWS Services. + properties: + name: + description: name is the name of the AWS service. The list of all the service names can be found at https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html This must be provided and cannot be empty. + pattern: ^[a-z0-9-]+$ + type: string + url: + description: url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. + pattern: ^https:// + type: string + type: object + type: array + type: object + azure: + description: Azure contains settings specific to the Azure infrastructure provider. + properties: + armEndpoint: + description: armEndpoint specifies a URL to use for resource management in non-soverign clouds such as Azure Stack. + type: string + cloudName: + description: cloudName is the name of the Azure cloud environment which can be used to configure the Azure SDK with the appropriate Azure API endpoints. If empty, the value is equal to `AzurePublicCloud`. + enum: + - "" + - AzurePublicCloud + - AzureUSGovernmentCloud + - AzureChinaCloud + - AzureGermanCloud + - AzureStackCloud + type: string + networkResourceGroupName: + description: networkResourceGroupName is the Resource Group for network resources like the Virtual Network and Subnets used by the cluster. If empty, the value is same as ResourceGroupName. + type: string + resourceGroupName: + description: resourceGroupName is the Resource Group for new Azure resources created for the cluster. + type: string + resourceTags: + description: resourceTags is a list of additional tags to apply to Azure resources created for the cluster. See https://docs.microsoft.com/en-us/rest/api/resources/tags for information on tagging Azure resources. Due to limitations on Automation, Content Delivery Network, DNS Azure resources, a maximum of 15 tags may be applied. OpenShift reserves 5 tags for internal use, allowing 10 tags for user configuration. + items: + description: AzureResourceTag is a tag to apply to Azure resources created for the cluster. + properties: + key: + description: key is the key part of the tag. A tag key can have a maximum of 128 characters and cannot be empty. Key must begin with a letter, end with a letter, number or underscore, and must contain only alphanumeric characters and the following special characters `_ . -`. + maxLength: 128 + minLength: 1 + pattern: ^[a-zA-Z]([0-9A-Za-z_.-]*[0-9A-Za-z_])?$ + type: string + value: + description: 'value is the value part of the tag. A tag value can have a maximum of 256 characters and cannot be empty. Value must contain only alphanumeric characters and the following special characters `_ + , - . / : ; < = > ? @`.' + maxLength: 256 + minLength: 1 + pattern: ^[0-9A-Za-z_.=+-@]+$ + type: string + required: + - key + - value + type: object + maxItems: 10 + type: array + x-kubernetes-validations: + - message: resourceTags are immutable and may only be configured during installation + rule: self.all(x, x in oldSelf) && oldSelf.all(x, x in self) + type: object + x-kubernetes-validations: + - message: resourceTags may only be configured during installation + rule: '!has(oldSelf.resourceTags) && !has(self.resourceTags) || has(oldSelf.resourceTags) && has(self.resourceTags)' + baremetal: + description: BareMetal contains settings specific to the BareMetal platform. + properties: + apiServerInternalIP: + description: "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. \n Deprecated: Use APIServerInternalIPs instead." + type: string + apiServerInternalIPs: + description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. + format: ip + items: + type: string + maxItems: 2 + type: array + ingressIP: + description: "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. \n Deprecated: Use IngressIPs instead." + type: string + ingressIPs: + description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. + format: ip + items: + type: string + maxItems: 2 + type: array + nodeDNSIP: + description: nodeDNSIP is the IP address for the internal DNS used by the nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` provides name resolution for the nodes themselves. There is no DNS-as-a-service for BareMetal deployments. In order to minimize necessary changes to the datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames to the nodes in the cluster. + type: string + type: object + equinixMetal: + description: EquinixMetal contains settings specific to the Equinix Metal infrastructure provider. + properties: + apiServerInternalIP: + description: apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. + type: string + ingressIP: + description: ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + type: string + type: object + external: + description: External contains settings specific to the generic External infrastructure provider. + properties: + cloudControllerManager: + description: cloudControllerManager contains settings specific to the external Cloud Controller Manager (a.k.a. CCM or CPI). When omitted, new nodes will be not tainted and no extra initialization from the cloud controller manager is expected. + properties: + state: + description: "state determines whether or not an external Cloud Controller Manager is expected to be installed within the cluster. https://kubernetes.io/docs/tasks/administer-cluster/running-cloud-controller/#running-cloud-controller-manager \n Valid values are \"External\", \"None\" and omitted. When set to \"External\", new nodes will be tainted as uninitialized when created, preventing them from running workloads until they are initialized by the cloud controller manager. When omitted or set to \"None\", new nodes will be not tainted and no extra initialization from the cloud controller manager is expected." + enum: + - "" + - External + - None + type: string + x-kubernetes-validations: + - message: state is immutable once set + rule: self == oldSelf + type: object + x-kubernetes-validations: + - message: state may not be added or removed once set + rule: (has(self.state) == has(oldSelf.state)) || (!has(oldSelf.state) && self.state != "External") + type: object + x-kubernetes-validations: + - message: cloudControllerManager may not be added or removed once set + rule: has(self.cloudControllerManager) == has(oldSelf.cloudControllerManager) + gcp: + description: GCP contains settings specific to the Google Cloud Platform infrastructure provider. + properties: + projectID: + description: resourceGroupName is the Project ID for new GCP resources created for the cluster. + type: string + region: + description: region holds the region for new GCP resources created for the cluster. + type: string + type: object + ibmcloud: + description: IBMCloud contains settings specific to the IBMCloud infrastructure provider. + properties: + cisInstanceCRN: + description: CISInstanceCRN is the CRN of the Cloud Internet Services instance managing the DNS zone for the cluster's base domain + type: string + dnsInstanceCRN: + description: DNSInstanceCRN is the CRN of the DNS Services instance managing the DNS zone for the cluster's base domain + type: string + location: + description: Location is where the cluster has been deployed + type: string + providerType: + description: ProviderType indicates the type of cluster that was created + type: string + resourceGroupName: + description: ResourceGroupName is the Resource Group for new IBMCloud resources created for the cluster. + type: string + type: object + kubevirt: + description: Kubevirt contains settings specific to the kubevirt infrastructure provider. + properties: + apiServerInternalIP: + description: apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. + type: string + ingressIP: + description: ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + type: string + type: object + nutanix: + description: Nutanix contains settings specific to the Nutanix infrastructure provider. + properties: + apiServerInternalIP: + description: "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. \n Deprecated: Use APIServerInternalIPs instead." + type: string + apiServerInternalIPs: + description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. + format: ip + items: + type: string + maxItems: 2 + type: array + ingressIP: + description: "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. \n Deprecated: Use IngressIPs instead." + type: string + ingressIPs: + description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. + format: ip + items: + type: string + maxItems: 2 + type: array + type: object + openstack: + description: OpenStack contains settings specific to the OpenStack infrastructure provider. + properties: + apiServerInternalIP: + description: "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. \n Deprecated: Use APIServerInternalIPs instead." + type: string + apiServerInternalIPs: + description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. + format: ip + items: + type: string + maxItems: 2 + type: array + cloudName: + description: cloudName is the name of the desired OpenStack cloud in the client configuration file (`clouds.yaml`). + type: string + ingressIP: + description: "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. \n Deprecated: Use IngressIPs instead." + type: string + ingressIPs: + description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. + format: ip + items: + type: string + maxItems: 2 + type: array + loadBalancer: + default: + type: OpenShiftManagedDefault + description: loadBalancer defines how the load balancer used by the cluster is configured. + properties: + type: + default: OpenShiftManagedDefault + description: type defines the type of load balancer used by the cluster on OpenStack platform which can be a user-managed or openshift-managed load balancer that is to be used for the OpenShift API and Ingress endpoints. When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing defined in the machine config operator will be deployed. When set to UserManaged these static pods will not be deployed and it is expected that the load balancer is configured out of band by the deployer. When omitted, this means no opinion and the platform is left to choose a reasonable default. The default value is OpenShiftManagedDefault. + enum: + - OpenShiftManagedDefault + - UserManaged + type: string + x-kubernetes-validations: + - message: type is immutable once set + rule: oldSelf == '' || self == oldSelf + type: object + nodeDNSIP: + description: nodeDNSIP is the IP address for the internal DNS used by the nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` provides name resolution for the nodes themselves. There is no DNS-as-a-service for OpenStack deployments. In order to minimize necessary changes to the datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames to the nodes in the cluster. + type: string + type: object + ovirt: + description: Ovirt contains settings specific to the oVirt infrastructure provider. + properties: + apiServerInternalIP: + description: "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. \n Deprecated: Use APIServerInternalIPs instead." + type: string + apiServerInternalIPs: + description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. + format: ip + items: + type: string + maxItems: 2 + type: array + ingressIP: + description: "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. \n Deprecated: Use IngressIPs instead." + type: string + ingressIPs: + description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. + format: ip + items: + type: string + maxItems: 2 + type: array + nodeDNSIP: + description: 'deprecated: as of 4.6, this field is no longer set or honored. It will be removed in a future release.' + type: string + type: object + powervs: + description: PowerVS contains settings specific to the Power Systems Virtual Servers infrastructure provider. + properties: + cisInstanceCRN: + description: CISInstanceCRN is the CRN of the Cloud Internet Services instance managing the DNS zone for the cluster's base domain + type: string + dnsInstanceCRN: + description: DNSInstanceCRN is the CRN of the DNS Services instance managing the DNS zone for the cluster's base domain + type: string + region: + description: region holds the default Power VS region for new Power VS resources created by the cluster. + type: string + resourceGroup: + description: 'resourceGroup is the resource group name for new IBMCloud resources created for a cluster. The resource group specified here will be used by cluster-image-registry-operator to set up a COS Instance in IBMCloud for the cluster registry. More about resource groups can be found here: https://cloud.ibm.com/docs/account?topic=account-rgs. When omitted, the image registry operator won''t be able to configure storage, which results in the image registry cluster operator not being in an available state.' + maxLength: 40 + pattern: ^[a-zA-Z0-9-_ ]+$ + type: string + x-kubernetes-validations: + - message: resourceGroup is immutable once set + rule: oldSelf == '' || self == oldSelf + serviceEndpoints: + description: serviceEndpoints is a list of custom endpoints which will override the default service endpoints of a Power VS service. + items: + description: PowervsServiceEndpoint stores the configuration of a custom url to override existing defaults of PowerVS Services. + properties: + name: + description: name is the name of the Power VS service. Few of the services are IAM - https://cloud.ibm.com/apidocs/iam-identity-token-api ResourceController - https://cloud.ibm.com/apidocs/resource-controller/resource-controller Power Cloud - https://cloud.ibm.com/apidocs/power-cloud + pattern: ^[a-z0-9-]+$ + type: string + url: + description: url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. + format: uri + pattern: ^https:// + type: string + required: + - name + - url + type: object + type: array + zone: + description: 'zone holds the default zone for the new Power VS resources created by the cluster. Note: Currently only single-zone OCP clusters are supported' + type: string + type: object + x-kubernetes-validations: + - message: cannot unset resourceGroup once set + rule: '!has(oldSelf.resourceGroup) || has(self.resourceGroup)' + type: + description: "type is the underlying infrastructure provider for the cluster. This value controls whether infrastructure automation such as service load balancers, dynamic volume provisioning, machine creation and deletion, and other integrations are enabled. If None, no infrastructure automation is enabled. Allowed values are \"AWS\", \"Azure\", \"BareMetal\", \"GCP\", \"Libvirt\", \"OpenStack\", \"VSphere\", \"oVirt\", \"EquinixMetal\", \"PowerVS\", \"AlibabaCloud\", \"Nutanix\" and \"None\". Individual components may not support all platforms, and must handle unrecognized platforms as None if they do not support that platform. \n This value will be synced with to the `status.platform` and `status.platformStatus.type`. Currently this value cannot be changed once set." + enum: + - "" + - AWS + - Azure + - BareMetal + - GCP + - Libvirt + - OpenStack + - None + - VSphere + - oVirt + - IBMCloud + - KubeVirt + - EquinixMetal + - PowerVS + - AlibabaCloud + - Nutanix + - External + type: string + vsphere: + description: VSphere contains settings specific to the VSphere infrastructure provider. + properties: + apiServerInternalIP: + description: "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. \n Deprecated: Use APIServerInternalIPs instead." + type: string + apiServerInternalIPs: + description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. + format: ip + items: + type: string + maxItems: 2 + type: array + ingressIP: + description: "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. \n Deprecated: Use IngressIPs instead." + type: string + ingressIPs: + description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. + format: ip + items: + type: string + maxItems: 2 + type: array + nodeDNSIP: + description: nodeDNSIP is the IP address for the internal DNS used by the nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` provides name resolution for the nodes themselves. There is no DNS-as-a-service for vSphere deployments. In order to minimize necessary changes to the datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames to the nodes in the cluster. + type: string + type: object + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} From 193c0458203ebc5c94946c1f49440f4bef1c7c4e Mon Sep 17 00:00:00 2001 From: chiragkyal Date: Wed, 11 Dec 2024 12:53:32 +0530 Subject: [PATCH 2/3] Add e2e test Signed-off-by: chiragkyal --- go.mod | 1 + go.sum | 6 + test/e2e/aws.go | 43 + test/e2e/operator_test.go | 290 ++- test/e2e/util.go | 51 + .../resourcegroupstaggingapi/CHANGELOG.md | 94 + .../resourcegroupstaggingapi/LICENSE.txt | 202 ++ .../resourcegroupstaggingapi/api_client.go | 434 ++++ .../api_op_DescribeReportCreation.go | 135 + .../api_op_GetComplianceSummary.go | 282 ++ .../api_op_GetResources.go | 336 +++ .../api_op_GetTagKeys.go | 206 ++ .../api_op_GetTagValues.go | 218 ++ .../api_op_StartReportCreation.go | 124 + .../api_op_TagResources.go | 171 ++ .../api_op_UntagResources.go | 157 ++ .../resourcegroupstaggingapi/deserializers.go | 2285 +++++++++++++++++ .../service/resourcegroupstaggingapi/doc.go | 7 + .../resourcegroupstaggingapi/endpoints.go | 200 ++ .../resourcegroupstaggingapi/generated.json | 35 + .../go_module_metadata.go | 6 + .../internal/endpoints/endpoints.go | 339 +++ .../resourcegroupstaggingapi/serializers.go | 792 ++++++ .../resourcegroupstaggingapi/types/enums.go | 61 + .../resourcegroupstaggingapi/types/errors.go | 162 ++ .../resourcegroupstaggingapi/types/types.go | 150 ++ .../resourcegroupstaggingapi/validators.go | 172 ++ vendor/modules.txt | 5 + 28 files changed, 6961 insertions(+), 3 deletions(-) create mode 100644 vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/CHANGELOG.md create mode 100644 vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/LICENSE.txt create mode 100644 vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_client.go create mode 100644 vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_DescribeReportCreation.go create mode 100644 vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_GetComplianceSummary.go create mode 100644 vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_GetResources.go create mode 100644 vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_GetTagKeys.go create mode 100644 vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_GetTagValues.go create mode 100644 vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_StartReportCreation.go create mode 100644 vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_TagResources.go create mode 100644 vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_UntagResources.go create mode 100644 vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/deserializers.go create mode 100644 vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/doc.go create mode 100644 vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/endpoints.go create mode 100644 vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/generated.json create mode 100644 vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/go_module_metadata.go create mode 100644 vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/internal/endpoints/endpoints.go create mode 100644 vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/serializers.go create mode 100644 vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/types/enums.go create mode 100644 vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/types/errors.go create mode 100644 vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/types/types.go create mode 100644 vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/validators.go diff --git a/go.mod b/go.mod index f562564f..393ddacf 100644 --- a/go.mod +++ b/go.mod @@ -7,6 +7,7 @@ require ( github.com/aws/aws-sdk-go-v2/config v1.13.1 github.com/aws/aws-sdk-go-v2/credentials v1.8.0 github.com/aws/aws-sdk-go-v2/service/ec2 v1.29.0 + github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi v1.13.0 github.com/aws/aws-sdk-go-v2/service/wafregional v1.12.3 github.com/aws/aws-sdk-go-v2/service/wafv2 v1.19.0 github.com/golangci/golangci-lint v1.51.2 diff --git a/go.sum b/go.sum index 27363a86..845a19cb 100644 --- a/go.sum +++ b/go.sum @@ -76,6 +76,7 @@ github.com/ashanbrown/forbidigo v1.4.0/go.mod h1:IvgwB5Y4fzqSAj/WVXKWigoTkB0dzI2 github.com/ashanbrown/makezero v1.1.1 h1:iCQ87C0V0vSyO+M9E/FZYbu65auqH0lnsOkf5FcB28s= github.com/ashanbrown/makezero v1.1.1/go.mod h1:i1bJLCRSCHOcOa9Y6MyF2FTfMZMFdHvxKHxgO5Z1axI= github.com/aws/aws-sdk-go-v2 v1.13.0/go.mod h1:L6+ZpqHaLbAaxsqV0L4cvxZY7QupWJB4fhkf8LXvC7w= +github.com/aws/aws-sdk-go-v2 v1.15.0/go.mod h1:lJYcuZZEHWNIb6ugJjbQY1fykdoobWbOS7kJYb4APoI= github.com/aws/aws-sdk-go-v2 v1.16.2 h1:fqlCk6Iy3bnCumtrLz9r3mJ/2gUT0pJ0wLFVIdWh+JA= github.com/aws/aws-sdk-go-v2 v1.16.2/go.mod h1:ytwTPBG6fXTZLxxeeCCWj2/EMYp/xDUgX+OET6TLNNU= github.com/aws/aws-sdk-go-v2/config v1.13.1 h1:yLv8bfNoT4r+UvUKQKqRtdnvuWGMK5a82l4ru9Jvnuo= @@ -85,9 +86,11 @@ github.com/aws/aws-sdk-go-v2/credentials v1.8.0/go.mod h1:gnMo58Vwx3Mu7hj1wpcG8D github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.10.0 h1:NITDuUZO34mqtOwFWZiXo7yAHj7kf+XPE+EiKuCBNUI= github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.10.0/go.mod h1:I6/fHT/fH460v09eg2gVrd8B/IqskhNdpcLH0WNO3QI= github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.4/go.mod h1:XHgQ7Hz2WY2GAn//UXHofLfPXWh+s62MbMOijrg12Lw= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.6/go.mod h1:SSPEdf9spsFgJyhjrXvawfpyzrXHBCUe+2eQ1CjC1Ak= github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.9 h1:onz/VaaxZ7Z4V+WIN9Txly9XLTmoOh1oJ8XcAC3pako= github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.9/go.mod h1:AnVH5pvai0pAF4lXRq0bmhbes1u9R8wTE+g+183bZNM= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.2.0/go.mod h1:BsCSJHx5DnDXIrOcqB8KN1/B+hXLG/bi4Y6Vjcx/x9E= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.0/go.mod h1:viTrxhAuejD+LszDahzAE2x40YjYWhMqzHxv2ZiWaME= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.3 h1:9stUQR/u2KXU6HkFJYlqnZEjBnbgrVbG6I5HN09xZh0= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.3/go.mod h1:ssOhaLpRlh88H3UmEcsBoVKq309quMvm3Ds8e9d4eJM= github.com/aws/aws-sdk-go-v2/internal/ini v1.3.5 h1:ixotxbfTCFpqbuwFv/RcZwyzhkxPSYDYEMcj4niB5Uk= @@ -96,6 +99,8 @@ github.com/aws/aws-sdk-go-v2/service/ec2 v1.29.0 h1:7jk4NfzDnnSbaR9E4mOBWRZXQThq github.com/aws/aws-sdk-go-v2/service/ec2 v1.29.0/go.mod h1:HoTu0hnXGafTpKIZQ60jw0ybhhCH1QYf20oL7GEJFdg= github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.7.0 h1:4QAOB3KrvI1ApJK14sliGr3Ie2pjyvNypn/lfzDHfUw= github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.7.0/go.mod h1:K/qPe6AP2TGYv4l6n7c88zh9jWBDf6nHhvg1fx/EWfU= +github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi v1.13.0 h1:q1OcgflIAucYLHKizlND4prg+aJyERsN3f5MPRJACH0= +github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi v1.13.0/go.mod h1:4QYL0dA5jLiAQ3J5pEAMUQ0Ytr9NqdcZe7EnohUyz80= github.com/aws/aws-sdk-go-v2/service/sso v1.9.0 h1:1qLJeQGBmNQW3mBNzK2CFmrQNmoXWrscPqsrAaU1aTA= github.com/aws/aws-sdk-go-v2/service/sso v1.9.0/go.mod h1:vCV4glupK3tR7pw7ks7Y4jYRL86VvxS+g5qk04YeWrU= github.com/aws/aws-sdk-go-v2/service/sts v1.14.0 h1:ksiDXhvNYg0D2/UFkLejsaz3LqpW5yjNQ8Nx9Sn2c0E= @@ -105,6 +110,7 @@ github.com/aws/aws-sdk-go-v2/service/wafregional v1.12.3/go.mod h1:XzXFvohfCSZdT github.com/aws/aws-sdk-go-v2/service/wafv2 v1.19.0 h1:jLvBVWZxBNdQmSG3mKNVWWvHMxqw++yhTW9RZPjAcsc= github.com/aws/aws-sdk-go-v2/service/wafv2 v1.19.0/go.mod h1:V2Rgr5dzj2k6MI0uHKH/StDEoEzjNC1KjZvHqtvncZo= github.com/aws/smithy-go v1.10.0/go.mod h1:SObp3lf9smib00L/v3U2eAKG8FyQ7iLrJnQiAmR5n+E= +github.com/aws/smithy-go v1.11.1/go.mod h1:3xHYmszWVx2c0kIwQeEVf9uSm4fYZt67FBJnwub1bgM= github.com/aws/smithy-go v1.11.2 h1:eG/N+CcUMAvsdffgMvjMKwfyDzIkjM6pfxMJ8Mzc6mE= github.com/aws/smithy-go v1.11.2/go.mod h1:3xHYmszWVx2c0kIwQeEVf9uSm4fYZt67FBJnwub1bgM= github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8= diff --git a/test/e2e/aws.go b/test/e2e/aws.go index 213a74b4..aec72f26 100644 --- a/test/e2e/aws.go +++ b/test/e2e/aws.go @@ -16,9 +16,14 @@ import ( "github.com/aws/aws-sdk-go-v2/aws" "github.com/aws/aws-sdk-go-v2/config" "github.com/aws/aws-sdk-go-v2/credentials" + "github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi" + rgtTpye "github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/types" "sigs.k8s.io/controller-runtime/pkg/client" ) +// arnToTagsMap maps ARNs to formatted tags. +type arnToTagsMap map[string]map[string]string + // awsConfigWithCredentials returns the default AWS config with the given region and static credentials. func awsConfigWithCredentials(ctx context.Context, kubeClient client.Client, awsRegion string, secretName types.NamespacedName) (aws.Config, error) { secret := &corev1.Secret{} @@ -42,3 +47,41 @@ func awsConfigWithCredentials(ctx context.Context, kubeClient client.Client, aws config.WithRegion(awsRegion), config.WithCredentialsProvider(credentials.NewStaticCredentialsProvider(keyID, secretKey, ""))) } + +// getLoadBalancerARNsByTags retrieves the ARNs and Tags of Elastic Load Balancers that match the specified tags. +// It uses the Resource Groups Tagging API to filter load balancers based on tag criteria. +func getLoadBalancerARNsByTags(ctx context.Context, rgtClient *resourcegroupstaggingapi.Client, tags map[string]string) (arnToTagsMap, error) { + var tagFilters []rgtTpye.TagFilter + for key, value := range tags { + tagFilters = append(tagFilters, rgtTpye.TagFilter{ + Key: aws.String(key), + Values: []string{value}, + }) + } + + input := &resourcegroupstaggingapi.GetResourcesInput{ + ResourceTypeFilters: []string{"elasticloadbalancing:loadbalancer"}, + TagFilters: tagFilters, + } + + arnsAndTags := make(arnToTagsMap) + paginator := resourcegroupstaggingapi.NewGetResourcesPaginator(rgtClient, input) + for paginator.HasMorePages() { + page, err := paginator.NextPage(ctx) + if err != nil { + return nil, fmt.Errorf("failed getting resources page: %w", err) + } + + for _, resource := range page.ResourceTagMappingList { + formattedTags := make(map[string]string) + for _, tag := range resource.Tags { + formattedTags[*tag.Key] = *tag.Value + } + + arnsAndTags[*resource.ResourceARN] = formattedTags + } + + } + + return arnsAndTags, nil +} diff --git a/test/e2e/operator_test.go b/test/e2e/operator_test.go index 55c81db2..6d9ea855 100644 --- a/test/e2e/operator_test.go +++ b/test/e2e/operator_test.go @@ -9,6 +9,7 @@ import ( "fmt" "net/http" "os" + "sort" "strings" "testing" "time" @@ -24,11 +25,11 @@ import ( "k8s.io/apimachinery/pkg/util/wait" "k8s.io/client-go/kubernetes" clientgoscheme "k8s.io/client-go/kubernetes/scheme" - kscheme "k8s.io/client-go/kubernetes/scheme" "k8s.io/client-go/util/retry" "k8s.io/utils/pointer" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi" waf "github.com/aws/aws-sdk-go-v2/service/wafregional" waftypes "github.com/aws/aws-sdk-go-v2/service/wafregional/types" "github.com/aws/aws-sdk-go-v2/service/wafv2" @@ -59,13 +60,17 @@ const ( // controllerSecretName is the name of the controller's cloud credential secret provisioned by the CI. controllerSecretName = "aws-load-balancer-controller-cluster" + + // awsLoadBalancerControllerContainerName is the name of the AWS load balancer controller's container. + awsLoadBalancerControllerContainerName = "controller" ) var ( cfg aws.Config kubeClient client.Client kubeClientSet *kubernetes.Clientset - scheme = kscheme.Scheme + infra configv1.Infrastructure + scheme = clientgoscheme.Scheme operatorName = "aws-load-balancer-operator-controller-manager" operatorNamespace = "aws-load-balancer-operator" defaultTimeout = 15 * time.Minute @@ -113,7 +118,6 @@ func TestMain(m *testing.M) { os.Exit(1) } - var infra configv1.Infrastructure err = kubeClient.Get(context.TODO(), types.NamespacedName{Name: "cluster"}, &infra) if err != nil { fmt.Printf("failed to fetch infrastructure: %v\n", err) @@ -1199,6 +1203,180 @@ func TestAWSLoadBalancerControllerOpenAPIValidation(t *testing.T) { } } +// TestAWSLoadBalancerControllerUserTags verifies that the user-defined tags are correctly applied. +// It verifies that the controller deployment's `--default-tags` argument is updated +// to include the tags from both the controller spec and the infrastructure status, +// giving precedence to the controller spec in case of key conflicts. +func TestAWSLoadBalancerControllerUserTags(t *testing.T) { + managed, err := isManagedServiceCluster(context.TODO(), kubeClientSet) + if err != nil { + t.Fatalf("failed to check managed cluster %v", err) + } + if managed { + t.Skip("Infrastructure status cannot be directly updated on managed cluster, skipping...") + } + + testWorkloadNamespace := "aws-load-balancer-test-user-tags" + t.Logf("Creating test namespace %q", testWorkloadNamespace) + echoNs := createTestNamespace(t, testWorkloadNamespace) + defer func() { + waitForDeletion(context.TODO(), t, kubeClient, echoNs, defaultTimeout) + }() + + t.Log("Creating aws load balancer controller instance with default ingress class and user tags") + + // create albc with additional resource tags added in albc spec + albc := newALBCBuilder(). + withRoleARNIf(stsModeRequested(), controllerRoleARN). + withResourceTags(map[string]string{ + "op-key1": "op-value1", + "conflict-key1": "op-value2", + "conflict-key2": "op-value3", + }). + build() + + if err := kubeClient.Create(context.TODO(), albc); err != nil { + t.Fatalf("failed to create aws load balancer controller: %v", err) + } + defer func() { + waitForDeletion(context.TODO(), t, kubeClient, albc, defaultTimeout) + }() + + expected := []appsv1.DeploymentCondition{ + {Type: appsv1.DeploymentAvailable, Status: corev1.ConditionTrue}, + } + deploymentName := types.NamespacedName{Name: "aws-load-balancer-controller-cluster", Namespace: "aws-load-balancer-operator"} + if err := waitForDeploymentStatusCondition(context.TODO(), t, kubeClient, defaultTimeout, deploymentName, expected...); err != nil { + t.Fatalf("did not get expected available condition for deployment: %v", err) + } + + dep := &appsv1.Deployment{} + if err := kubeClient.Get(context.TODO(), deploymentName, dep); err != nil { + t.Fatalf("failed to get deployment %s: %v", deploymentName.Name, err) + } + depGeneration := dep.Generation + + t.Logf("Creating test workload in %q namespace", testWorkloadNamespace) + echoSvc := createTestWorkload(t, testWorkloadNamespace) + + t.Log("Creating Ingress Resource with default ingress class") + ingName := types.NamespacedName{Name: "echoserver", Namespace: testWorkloadNamespace} + ingAnnotations := map[string]string{ + "alb.ingress.kubernetes.io/scheme": "internet-facing", + "alb.ingress.kubernetes.io/target-type": "instance", + } + echoIng := buildEchoIngress(ingName, "alb", ingAnnotations, echoSvc) + err = retry.OnError(defaultRetryPolicy, + func(err error) bool { + if errors.IsAlreadyExists(err) { + return false + } + t.Logf("retrying creation of echo ingress due to %v", err) + return true + }, + func() error { return kubeClient.Create(context.TODO(), echoIng) }) + if err != nil && !errors.IsAlreadyExists(err) { + t.Fatalf("failed to ensure echo ingress %s: %v", echoIng.Name, err) + } + defer func() { + waitForDeletion(context.TODO(), t, kubeClient, echoIng, defaultTimeout) + }() + + _, err = getIngress(context.TODO(), t, kubeClient, defaultTimeout, ingName) + if err != nil { + t.Fatalf("did not get load balancer hostname for ingress: %v", err) + } + + // Save a copy of the original infra Config, to revert changes before exiting. + originalInfra := infra.DeepCopy() + defer func() { + if err := updateInfrastructureConfigStatusWithRetryOnConflict(t, 5*time.Minute, kubeClient, func(infra *configv1.Infrastructure) { + infra.Status = originalInfra.Status + }); err != nil { + t.Fatalf("Unable to revert the infrastructure changes: %v", err) + } + }() + + // Update infrastructure status with initialInfraTags + initialInfraTags := []configv1.AWSResourceTag{ + {Key: "plat-key1", Value: "plat-value1"}, + {Key: "conflict-key1", Value: "plat-value2"}, + {Key: "conflict-key2", Value: "plat-value3"}, + } + t.Logf("Updating cluster infrastructure config with resource tags: %v", initialInfraTags) + err = updateInfrastructureConfigStatusWithRetryOnConflict(t, 5*time.Minute, kubeClient, func(infra *configv1.Infrastructure) { + if infra.Status.PlatformStatus == nil { + infra.Status.PlatformStatus = &configv1.PlatformStatus{} + } + if infra.Status.PlatformStatus.AWS == nil { + infra.Status.PlatformStatus.AWS = &configv1.AWSPlatformStatus{} + } + infra.Status.PlatformStatus.AWS.ResourceTags = initialInfraTags + }) + if err != nil { + t.Errorf("failed to update infrastructure status: %v", err) + } + + // wait for the deployment to restart and become available + if err := waitForDeploymentRollout(context.TODO(), t, kubeClient, defaultTimeout, deploymentName, depGeneration); err != nil { + t.Fatalf("deployment did not roll out within timeout: %v", err) + } + if err := waitForDeploymentStatusCondition(context.TODO(), t, kubeClient, defaultTimeout, deploymentName, expected...); err != nil { + t.Fatalf("did not get expected available condition for deployment: %v", err) + } + + // get the updated deployment + if err := kubeClient.Get(context.TODO(), deploymentName, dep); err != nil { + t.Fatalf("failed to get deployment %s: %v", deploymentName.Name, err) + } + depGeneration = dep.Generation + + t.Logf("Testing aws tags present in alb instance and infra status (initialInfraTags)") + expectedTags := map[string]string{ + "conflict-key1": "op-value2", "conflict-key2": "op-value3", "op-key1": "op-value1", "plat-key1": "plat-value1", + } + // Check `--default-tags` container argument + assertContainerArgFromDeployment(t, dep, awsLoadBalancerControllerContainerName, "--default-tags", convertTagsMapToString(expectedTags)) + // Check the actual AWS ELB instance + assertELBbyTags(t, expectedTags, []string{}) + + // Update the status again, removing one tag. + updatedInfraTags := []configv1.AWSResourceTag{ + {Key: "conflict-key1", Value: "plat-value2"}, + {Key: "conflict-key2", Value: "plat-value3"}, + } + t.Logf("Updating AWS ResourceTags in the cluster infrastructure config: %v", updatedInfraTags) + err = updateInfrastructureConfigStatusWithRetryOnConflict(t, 5*time.Minute, kubeClient, func(infra *configv1.Infrastructure) { + infra.Status.PlatformStatus.AWS.ResourceTags = updatedInfraTags + }) + if err != nil { + t.Errorf("failed to update infrastructure status: %v", err) + } + + // wait for the deployment to restart and become available + if err := waitForDeploymentRollout(context.TODO(), t, kubeClient, defaultTimeout, deploymentName, depGeneration); err != nil { + t.Fatalf("deployment did not roll out within timeout: %v", err) + } + if err := waitForDeploymentStatusCondition(context.TODO(), t, kubeClient, defaultTimeout, deploymentName, expected...); err != nil { + t.Fatalf("did not get expected available condition for deployment: %v", err) + } + + // get the updated deployment + if err := kubeClient.Get(context.TODO(), deploymentName, dep); err != nil { + t.Fatalf("failed to get deployment %s: %v", deploymentName.Name, err) + } + + t.Logf("Testing aws tags present in alb instance and infra status (updatedInfraTags)") + expectedTags = map[string]string{ + "conflict-key1": "op-value2", "conflict-key2": "op-value3", "op-key1": "op-value1", + } + expectedAbsentTags := []string{"plat-key1"} + // Check `--default-tags` container argument + assertContainerArgFromDeployment(t, dep, awsLoadBalancerControllerContainerName, "--default-tags", convertTagsMapToString(expectedTags)) + // Check the actual AWS ELB instance + assertELBbyTags(t, expectedTags, expectedAbsentTags) +} + // ensureCredentialsRequest creates CredentialsRequest to provision a secret with the cloud credentials required by this e2e test. func ensureCredentialsRequest(secret types.NamespacedName) error { providerSpec, err := cco.Codec.EncodeProviderSpec(&cco.AWSProviderSpec{ @@ -1213,6 +1391,11 @@ func ensureCredentialsRequest(secret types.NamespacedName) error { Effect: "Allow", Resource: "*", }, + { + Action: []string{"tag:GetResources"}, + Effect: "Allow", + Resource: "*", + }, }, }) if err != nil { @@ -1284,3 +1467,104 @@ func stsModeRequested() bool { } return false } + +// extractArg extracts the value of a specific argument from a list of container arguments. +// Returns an error if the argument is present but malformed, or if not found. +func extractArg(args []string, argKey string) (string, error) { + for _, arg := range args { + if strings.HasPrefix(arg, argKey+"=") { + parts := strings.SplitN(arg, "=", 2) + if len(parts) != 2 { + return "", fmt.Errorf("invalid format for argument %q: %q", argKey, arg) + } + return parts[1], nil + } + } + return "", fmt.Errorf("argument %q not found", argKey) +} + +// assertContainerArgFromDeployment asserts that a container in a deployment has a +// specific argument with an expected value. +func assertContainerArgFromDeployment(t *testing.T, dep *appsv1.Deployment, containerName, argKey, expectedArgValue string) { + t.Helper() + t.Logf("Asserting container %q has argument %q with value %q", containerName, argKey, expectedArgValue) + for _, c := range dep.Spec.Template.Spec.Containers { + if c.Name == containerName { + actualArgValue, err := extractArg(c.Args, argKey) + if err != nil { + t.Fatalf("failed to extract argument %q for container %q: %v", argKey, containerName, err) + } + + if actualArgValue != expectedArgValue { + t.Fatalf("container %q, argument %q: expected value %q, but got %q", containerName, argKey, expectedArgValue, actualArgValue) + } + return + } + } + t.Fatalf("container %q not found in deployment", containerName) +} + +// assertELBbyTags asserts that an ELB instance has the expected tags and doesn't have the expected absent tags +func assertELBbyTags(t *testing.T, expectedTags map[string]string, expectedAbsentTags []string) { + t.Helper() + t.Logf("Asserting ELBs by tags %v", expectedTags) + + rgtClient := resourcegroupstaggingapi.NewFromConfig(cfg) + + err := wait.PollUntilContextTimeout(context.Background(), 30*time.Second, 5*time.Minute, false, func(ctx context.Context) (bool, error) { + lbARNsAndTags, err := getLoadBalancerARNsByTags(ctx, rgtClient, expectedTags) + if err != nil { + return false, fmt.Errorf("unable to get ELBs for %v tags: %v", expectedTags, err) + } + // There must be exactly 1 ELB with the given tags + if len(lbARNsAndTags) != 1 { + t.Logf("expected single ELB with %v tags, but got %d (with arns and tags: %v), retrying... ", expectedTags, len(lbARNsAndTags), lbARNsAndTags) + return false, nil + } + + // expectedAbsentTags must not exist + for _, absentTagKey := range expectedAbsentTags { + for arn, tags := range lbARNsAndTags { + if _, exists := tags[absentTagKey]; exists { + t.Logf("found unexpected tag %s on ELB %s (with tags: %v), retrying...", absentTagKey, arn, tags) + return false, nil + } + } + } + + t.Logf("found ELB with %v tags (with arn and tags: %v)", expectedTags, lbARNsAndTags) + return true, nil + }) + + if err != nil { + t.Fatalf("timed out waiting for %v tags to match an ELB: %v", expectedTags, err) + } +} + +// This logic was inspired by +// https://github.com/openshift/origin/pull/29216/files#diff-35a89a7a7362642eebb559fb8564e857b00d6f7dd6322c3adabaf1adbd609d35R2267-R2278 +// implementation. +func isManagedServiceCluster(ctx context.Context, adminClient kubernetes.Interface) (bool, error) { + _, err := adminClient.CoreV1().Namespaces().Get(ctx, "openshift-backplane", v1.GetOptions{}) + if err == nil { + return true, nil + } + + if !errors.IsNotFound(err) { + return false, err + } + + return false, nil +} + +// convertTagsMapToString converts a map of tags into a sorted comma-separated string. +// Eeach key-value pair is formatted as "key=value". +func convertTagsMapToString(tagsMap map[string]string) string { + var tags []string + for key, value := range tagsMap { + tags = append(tags, fmt.Sprintf("%s=%s", key, value)) + } + + sort.Strings(tags) + return strings.Join(tags, ",") +} diff --git a/test/e2e/util.go b/test/e2e/util.go index 806d2773..325386e5 100644 --- a/test/e2e/util.go +++ b/test/e2e/util.go @@ -41,6 +41,28 @@ var ( allowPrivilegeEscalation = false ) +// waitForDeploymentRollout waits for a deployment to complete a rollout restart +// by observing its generation. +func waitForDeploymentRollout(ctx context.Context, t *testing.T, cl client.Client, timeout time.Duration, deploymentName types.NamespacedName, oldGeneration int64) error { + t.Helper() + + return wait.PollUntilContextTimeout(ctx, time.Second, timeout, true, func(ctx context.Context) (bool, error) { + updatedDep := &appsv1.Deployment{} + if err := cl.Get(ctx, deploymentName, updatedDep); err != nil { + t.Logf("failed to get deployment %s: %v (retrying)", deploymentName.Name, err) + return false, err + } + + // Check if the deployment has progressed to the next generation and has atleast one ready replica + if updatedDep.Status.ObservedGeneration > oldGeneration && updatedDep.Status.ReadyReplicas > 0 { + return true, nil + } + + t.Logf("retrying for deployment rollout: observedGeneration: %d, readyReplicas: %d", updatedDep.Status.ObservedGeneration, updatedDep.Status.ReadyReplicas) + return false, nil + }) +} + func waitForDeploymentStatusCondition(ctx context.Context, t *testing.T, cl client.Client, timeout time.Duration, deploymentName types.NamespacedName, conditions ...appsv1.DeploymentCondition) error { t.Helper() @@ -509,3 +531,32 @@ func mustGetEnv(name string) string { } return val } + +// updateInfrastructureStatus updates the Infrastructure status by applying +// the given update function to the current Infrastructure object. +// If there is a conflict error on update then the complete operation +// is retried until timeout is reached. +func updateInfrastructureConfigStatusWithRetryOnConflict(t *testing.T, timeout time.Duration, kubeClient client.Client, updateFunc func(*configv1.Infrastructure)) error { + t.Helper() + + t.Log("Updating 'cluster' infrastructure config status") + return wait.PollUntilContextTimeout(context.Background(), 5*time.Second, timeout, true, func(ctx context.Context) (bool, error) { + infra := &configv1.Infrastructure{} + if err := kubeClient.Get(context.TODO(), types.NamespacedName{Name: "cluster"}, infra); err != nil { + t.Logf("error getting 'cluster' infrastructure config: %v, retrying...", err) + return false, nil + } + + // Apply the update function to the Infrastructure object. + updateFunc(infra) + + if err := kubeClient.Status().Update(context.TODO(), infra); err != nil { + if errors.IsConflict(err) { + t.Logf("conflict when updating 'cluster' infrastructure config: %v, retrying...", err) + return false, nil + } + return false, err + } + return true, nil + }) +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/CHANGELOG.md new file mode 100644 index 00000000..37d03d5d --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/CHANGELOG.md @@ -0,0 +1,94 @@ +# v1.13.0 (2022-03-08) + +* **Feature**: Updated `github.com/aws/smithy-go` to latest version +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.12.0 (2022-02-24) + +* **Feature**: API client updated +* **Feature**: Adds RetryMaxAttempts and RetryMod to API client Options. This allows the API clients' default Retryer to be configured from the shared configuration files or environment variables. Adding a new Retry mode of `Adaptive`. `Adaptive` retry mode is an experimental mode, adding client rate limiting when throttles reponses are received from an API. See [retry.AdaptiveMode](https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/aws/retry#AdaptiveMode) for more details, and configuration options. +* **Feature**: Updated `github.com/aws/smithy-go` to latest version +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.11.0 (2022-01-14) + +* **Feature**: Updated `github.com/aws/smithy-go` to latest version +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.10.0 (2022-01-07) + +* **Feature**: Updated `github.com/aws/smithy-go` to latest version +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.9.0 (2021-12-21) + +* **Feature**: API Paginators now support specifying the initial starting token, and support stopping on empty string tokens. +* **Feature**: Updated to latest service endpoints + +# v1.8.2 (2021-12-02) + +* **Bug Fix**: Fixes a bug that prevented aws.EndpointResolverWithOptions from being used by the service client. ([#1514](https://github.com/aws/aws-sdk-go-v2/pull/1514)) +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.8.1 (2021-11-19) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.8.0 (2021-11-12) + +* **Feature**: Service clients now support custom endpoints that have an initial URI path defined. +* **Documentation**: Updated service to latest API model. + +# v1.7.0 (2021-11-06) + +* **Feature**: The SDK now supports configuration of FIPS and DualStack endpoints using environment variables, shared configuration, or programmatically. +* **Feature**: Updated `github.com/aws/smithy-go` to latest version +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.6.0 (2021-10-21) + +* **Feature**: Updated to latest version +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.5.2 (2021-10-11) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.5.1 (2021-09-17) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.5.0 (2021-08-27) + +* **Feature**: Updated API model to latest revision. +* **Feature**: Updated `github.com/aws/smithy-go` to latest version +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.4.3 (2021-08-19) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.4.2 (2021-08-04) + +* **Dependency Update**: Updated `github.com/aws/smithy-go` to latest version. +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.4.1 (2021-07-15) + +* **Dependency Update**: Updated `github.com/aws/smithy-go` to latest version +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.4.0 (2021-06-25) + +* **Feature**: Updated `github.com/aws/smithy-go` to latest version +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.3.1 (2021-05-20) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.3.0 (2021-05-14) + +* **Feature**: Constant has been added to modules to enable runtime version inspection for reporting. +* **Dependency Update**: Updated to the latest SDK module versions + diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/LICENSE.txt b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/LICENSE.txt new file mode 100644 index 00000000..d6456956 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/LICENSE.txt @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_client.go b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_client.go new file mode 100644 index 00000000..a7570526 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_client.go @@ -0,0 +1,434 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package resourcegroupstaggingapi + +import ( + "context" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/defaults" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/aws/retry" + "github.com/aws/aws-sdk-go-v2/aws/signer/v4" + awshttp "github.com/aws/aws-sdk-go-v2/aws/transport/http" + internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" + smithy "github.com/aws/smithy-go" + smithydocument "github.com/aws/smithy-go/document" + "github.com/aws/smithy-go/logging" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" + "net" + "net/http" + "time" +) + +const ServiceID = "Resource Groups Tagging API" +const ServiceAPIVersion = "2017-01-26" + +// Client provides the API client to make operations call for AWS Resource Groups +// Tagging API. +type Client struct { + options Options +} + +// New returns an initialized Client based on the functional options. Provide +// additional functional options to further configure the behavior of the client, +// such as changing the client's endpoint or adding custom middleware behavior. +func New(options Options, optFns ...func(*Options)) *Client { + options = options.Copy() + + resolveDefaultLogger(&options) + + setResolvedDefaultsMode(&options) + + resolveRetryer(&options) + + resolveHTTPClient(&options) + + resolveHTTPSignerV4(&options) + + resolveDefaultEndpointConfiguration(&options) + + for _, fn := range optFns { + fn(&options) + } + + client := &Client{ + options: options, + } + + return client +} + +type Options struct { + // Set of options to modify how an operation is invoked. These apply to all + // operations invoked for this client. Use functional options on operation call to + // modify this list for per operation behavior. + APIOptions []func(*middleware.Stack) error + + // Configures the events that will be sent to the configured logger. + ClientLogMode aws.ClientLogMode + + // The credentials object to use when signing requests. + Credentials aws.CredentialsProvider + + // The configuration DefaultsMode that the SDK should use when constructing the + // clients initial default settings. + DefaultsMode aws.DefaultsMode + + // The endpoint options to be used when attempting to resolve an endpoint. + EndpointOptions EndpointResolverOptions + + // The service endpoint resolver. + EndpointResolver EndpointResolver + + // Signature Version 4 (SigV4) Signer + HTTPSignerV4 HTTPSignerV4 + + // The logger writer interface to write logging messages to. + Logger logging.Logger + + // The region to send requests to. (Required) + Region string + + // RetryMaxAttempts specifies the maximum number attempts an API client will call + // an operation that fails with a retryable error. A value of 0 is ignored, and + // will not be used to configure the API client created default retryer, or modify + // per operation call's retry max attempts. When creating a new API Clients this + // member will only be used if the Retryer Options member is nil. This value will + // be ignored if Retryer is not nil. If specified in an operation call's functional + // options with a value that is different than the constructed client's Options, + // the Client's Retryer will be wrapped to use the operation's specific + // RetryMaxAttempts value. + RetryMaxAttempts int + + // RetryMode specifies the retry mode the API client will be created with, if + // Retryer option is not also specified. When creating a new API Clients this + // member will only be used if the Retryer Options member is nil. This value will + // be ignored if Retryer is not nil. Currently does not support per operation call + // overrides, may in the future. + RetryMode aws.RetryMode + + // Retryer guides how HTTP requests should be retried in case of recoverable + // failures. When nil the API client will use a default retryer. The kind of + // default retry created by the API client can be changed with the RetryMode + // option. + Retryer aws.Retryer + + // The RuntimeEnvironment configuration, only populated if the DefaultsMode is set + // to DefaultsModeAuto and is initialized using config.LoadDefaultConfig. You + // should not populate this structure programmatically, or rely on the values here + // within your applications. + RuntimeEnvironment aws.RuntimeEnvironment + + // The initial DefaultsMode used when the client options were constructed. If the + // DefaultsMode was set to aws.DefaultsModeAuto this will store what the resolved + // value was at that point in time. Currently does not support per operation call + // overrides, may in the future. + resolvedDefaultsMode aws.DefaultsMode + + // The HTTP client to invoke API calls with. Defaults to client's default HTTP + // implementation if nil. + HTTPClient HTTPClient +} + +// WithAPIOptions returns a functional option for setting the Client's APIOptions +// option. +func WithAPIOptions(optFns ...func(*middleware.Stack) error) func(*Options) { + return func(o *Options) { + o.APIOptions = append(o.APIOptions, optFns...) + } +} + +// WithEndpointResolver returns a functional option for setting the Client's +// EndpointResolver option. +func WithEndpointResolver(v EndpointResolver) func(*Options) { + return func(o *Options) { + o.EndpointResolver = v + } +} + +type HTTPClient interface { + Do(*http.Request) (*http.Response, error) +} + +// Copy creates a clone where the APIOptions list is deep copied. +func (o Options) Copy() Options { + to := o + to.APIOptions = make([]func(*middleware.Stack) error, len(o.APIOptions)) + copy(to.APIOptions, o.APIOptions) + + return to +} +func (c *Client) invokeOperation(ctx context.Context, opID string, params interface{}, optFns []func(*Options), stackFns ...func(*middleware.Stack, Options) error) (result interface{}, metadata middleware.Metadata, err error) { + ctx = middleware.ClearStackValues(ctx) + stack := middleware.NewStack(opID, smithyhttp.NewStackRequest) + options := c.options.Copy() + for _, fn := range optFns { + fn(&options) + } + + finalizeRetryMaxAttemptOptions(&options, *c) + + finalizeClientEndpointResolverOptions(&options) + + for _, fn := range stackFns { + if err := fn(stack, options); err != nil { + return nil, metadata, err + } + } + + for _, fn := range options.APIOptions { + if err := fn(stack); err != nil { + return nil, metadata, err + } + } + + handler := middleware.DecorateHandler(smithyhttp.NewClientHandler(options.HTTPClient), stack) + result, metadata, err = handler.Handle(ctx, params) + if err != nil { + err = &smithy.OperationError{ + ServiceID: ServiceID, + OperationName: opID, + Err: err, + } + } + return result, metadata, err +} + +type noSmithyDocumentSerde = smithydocument.NoSerde + +func resolveDefaultLogger(o *Options) { + if o.Logger != nil { + return + } + o.Logger = logging.Nop{} +} + +func addSetLoggerMiddleware(stack *middleware.Stack, o Options) error { + return middleware.AddSetLoggerMiddleware(stack, o.Logger) +} + +func setResolvedDefaultsMode(o *Options) { + if len(o.resolvedDefaultsMode) > 0 { + return + } + + var mode aws.DefaultsMode + mode.SetFromString(string(o.DefaultsMode)) + + if mode == aws.DefaultsModeAuto { + mode = defaults.ResolveDefaultsModeAuto(o.Region, o.RuntimeEnvironment) + } + + o.resolvedDefaultsMode = mode +} + +// NewFromConfig returns a new client from the provided config. +func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { + opts := Options{ + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + } + resolveAWSRetryerProvider(cfg, &opts) + resolveAWSRetryMaxAttempts(cfg, &opts) + resolveAWSRetryMode(cfg, &opts) + resolveAWSEndpointResolver(cfg, &opts) + resolveUseDualStackEndpoint(cfg, &opts) + resolveUseFIPSEndpoint(cfg, &opts) + return New(opts, optFns...) +} + +func resolveHTTPClient(o *Options) { + var buildable *awshttp.BuildableClient + + if o.HTTPClient != nil { + var ok bool + buildable, ok = o.HTTPClient.(*awshttp.BuildableClient) + if !ok { + return + } + } else { + buildable = awshttp.NewBuildableClient() + } + + modeConfig, err := defaults.GetModeConfiguration(o.resolvedDefaultsMode) + if err == nil { + buildable = buildable.WithDialerOptions(func(dialer *net.Dialer) { + if dialerTimeout, ok := modeConfig.GetConnectTimeout(); ok { + dialer.Timeout = dialerTimeout + } + }) + + buildable = buildable.WithTransportOptions(func(transport *http.Transport) { + if tlsHandshakeTimeout, ok := modeConfig.GetTLSNegotiationTimeout(); ok { + transport.TLSHandshakeTimeout = tlsHandshakeTimeout + } + }) + } + + o.HTTPClient = buildable +} + +func resolveRetryer(o *Options) { + if o.Retryer != nil { + return + } + + if len(o.RetryMode) == 0 { + modeConfig, err := defaults.GetModeConfiguration(o.resolvedDefaultsMode) + if err == nil { + o.RetryMode = modeConfig.RetryMode + } + } + if len(o.RetryMode) == 0 { + o.RetryMode = aws.RetryModeStandard + } + + var standardOptions []func(*retry.StandardOptions) + if v := o.RetryMaxAttempts; v != 0 { + standardOptions = append(standardOptions, func(so *retry.StandardOptions) { + so.MaxAttempts = v + }) + } + + switch o.RetryMode { + case aws.RetryModeAdaptive: + var adaptiveOptions []func(*retry.AdaptiveModeOptions) + if len(standardOptions) != 0 { + adaptiveOptions = append(adaptiveOptions, func(ao *retry.AdaptiveModeOptions) { + ao.StandardOptions = append(ao.StandardOptions, standardOptions...) + }) + } + o.Retryer = retry.NewAdaptiveMode(adaptiveOptions...) + + default: + o.Retryer = retry.NewStandard(standardOptions...) + } +} + +func resolveAWSRetryerProvider(cfg aws.Config, o *Options) { + if cfg.Retryer == nil { + return + } + o.Retryer = cfg.Retryer() +} + +func resolveAWSRetryMode(cfg aws.Config, o *Options) { + if len(cfg.RetryMode) == 0 { + return + } + o.RetryMode = cfg.RetryMode +} +func resolveAWSRetryMaxAttempts(cfg aws.Config, o *Options) { + if cfg.RetryMaxAttempts == 0 { + return + } + o.RetryMaxAttempts = cfg.RetryMaxAttempts +} + +func finalizeRetryMaxAttemptOptions(o *Options, client Client) { + if v := o.RetryMaxAttempts; v == 0 || v == client.options.RetryMaxAttempts { + return + } + + o.Retryer = retry.AddWithMaxAttempts(o.Retryer, o.RetryMaxAttempts) +} + +func resolveAWSEndpointResolver(cfg aws.Config, o *Options) { + if cfg.EndpointResolver == nil && cfg.EndpointResolverWithOptions == nil { + return + } + o.EndpointResolver = withEndpointResolver(cfg.EndpointResolver, cfg.EndpointResolverWithOptions, NewDefaultEndpointResolver()) +} + +func addClientUserAgent(stack *middleware.Stack) error { + return awsmiddleware.AddSDKAgentKeyValue(awsmiddleware.APIMetadata, "resourcegroupstaggingapi", goModuleVersion)(stack) +} + +func addHTTPSignerV4Middleware(stack *middleware.Stack, o Options) error { + mw := v4.NewSignHTTPRequestMiddleware(v4.SignHTTPRequestMiddlewareOptions{ + CredentialsProvider: o.Credentials, + Signer: o.HTTPSignerV4, + LogSigning: o.ClientLogMode.IsSigning(), + }) + return stack.Finalize.Add(mw, middleware.After) +} + +type HTTPSignerV4 interface { + SignHTTP(ctx context.Context, credentials aws.Credentials, r *http.Request, payloadHash string, service string, region string, signingTime time.Time, optFns ...func(*v4.SignerOptions)) error +} + +func resolveHTTPSignerV4(o *Options) { + if o.HTTPSignerV4 != nil { + return + } + o.HTTPSignerV4 = newDefaultV4Signer(*o) +} + +func newDefaultV4Signer(o Options) *v4.Signer { + return v4.NewSigner(func(so *v4.SignerOptions) { + so.Logger = o.Logger + so.LogSigning = o.ClientLogMode.IsSigning() + }) +} + +func addRetryMiddlewares(stack *middleware.Stack, o Options) error { + mo := retry.AddRetryMiddlewaresOptions{ + Retryer: o.Retryer, + LogRetryAttempts: o.ClientLogMode.IsRetries(), + } + return retry.AddRetryMiddlewares(stack, mo) +} + +// resolves dual-stack endpoint configuration +func resolveUseDualStackEndpoint(cfg aws.Config, o *Options) error { + if len(cfg.ConfigSources) == 0 { + return nil + } + value, found, err := internalConfig.ResolveUseDualStackEndpoint(context.Background(), cfg.ConfigSources) + if err != nil { + return err + } + if found { + o.EndpointOptions.UseDualStackEndpoint = value + } + return nil +} + +// resolves FIPS endpoint configuration +func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { + if len(cfg.ConfigSources) == 0 { + return nil + } + value, found, err := internalConfig.ResolveUseFIPSEndpoint(context.Background(), cfg.ConfigSources) + if err != nil { + return err + } + if found { + o.EndpointOptions.UseFIPSEndpoint = value + } + return nil +} + +func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { + return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) +} + +func addResponseErrorMiddleware(stack *middleware.Stack) error { + return awshttp.AddResponseErrorMiddleware(stack) +} + +func addRequestResponseLogging(stack *middleware.Stack, o Options) error { + return stack.Deserialize.Add(&smithyhttp.RequestResponseLogger{ + LogRequest: o.ClientLogMode.IsRequest(), + LogRequestWithBody: o.ClientLogMode.IsRequestWithBody(), + LogResponse: o.ClientLogMode.IsResponse(), + LogResponseWithBody: o.ClientLogMode.IsResponseWithBody(), + }, middleware.After) +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_DescribeReportCreation.go b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_DescribeReportCreation.go new file mode 100644 index 00000000..0dca975b --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_DescribeReportCreation.go @@ -0,0 +1,135 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package resourcegroupstaggingapi + +import ( + "context" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/aws/signer/v4" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Describes the status of the StartReportCreation operation. You can call this +// operation only from the organization's management account and from the us-east-1 +// Region. +func (c *Client) DescribeReportCreation(ctx context.Context, params *DescribeReportCreationInput, optFns ...func(*Options)) (*DescribeReportCreationOutput, error) { + if params == nil { + params = &DescribeReportCreationInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "DescribeReportCreation", params, optFns, c.addOperationDescribeReportCreationMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*DescribeReportCreationOutput) + out.ResultMetadata = metadata + return out, nil +} + +type DescribeReportCreationInput struct { + noSmithyDocumentSerde +} + +type DescribeReportCreationOutput struct { + + // Details of the common errors that all operations return. + ErrorMessage *string + + // The path to the Amazon S3 bucket where the report was stored on creation. + S3Location *string + + // The date and time that the report was started. + StartDate *string + + // Reports the status of the operation. The operation status can be one of the + // following: + // + // * RUNNING - Report creation is in progress. + // + // * SUCCEEDED - Report + // creation is complete. You can open the report from the Amazon S3 bucket that you + // specified when you ran StartReportCreation. + // + // * FAILED - Report creation timed + // out or the Amazon S3 bucket is not accessible. + // + // * NO REPORT - No report was + // generated in the last 90 days. + Status *string + + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationDescribeReportCreationMiddlewares(stack *middleware.Stack, options Options) (err error) { + err = stack.Serialize.Add(&awsAwsjson11_serializeOpDescribeReportCreation{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpDescribeReportCreation{}, middleware.After) + if err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + return err + } + if err = addRetryMiddlewares(stack, options); err != nil { + return err + } + if err = addHTTPSignerV4Middleware(stack, options); err != nil { + return err + } + if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + return err + } + if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDescribeReportCreation(options.Region), middleware.Before); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + return nil +} + +func newServiceMetadataMiddleware_opDescribeReportCreation(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + SigningName: "tagging", + OperationName: "DescribeReportCreation", + } +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_GetComplianceSummary.go b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_GetComplianceSummary.go new file mode 100644 index 00000000..84f863a4 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_GetComplianceSummary.go @@ -0,0 +1,282 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package resourcegroupstaggingapi + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/aws/signer/v4" + "github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/types" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Returns a table that shows counts of resources that are noncompliant with their +// tag policies. For more information on tag policies, see Tag Policies +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html) +// in the Organizations User Guide. You can call this operation only from the +// organization's management account and from the us-east-1 Region. This operation +// supports pagination, where the response can be sent in multiple pages. You +// should check the PaginationToken response parameter to determine if there are +// additional results available to return. Repeat the query, passing the +// PaginationToken response parameter value as an input to the next request until +// you recieve a null value. A null value for PaginationToken indicates that there +// are no more results waiting to be returned. +func (c *Client) GetComplianceSummary(ctx context.Context, params *GetComplianceSummaryInput, optFns ...func(*Options)) (*GetComplianceSummaryOutput, error) { + if params == nil { + params = &GetComplianceSummaryInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "GetComplianceSummary", params, optFns, c.addOperationGetComplianceSummaryMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*GetComplianceSummaryOutput) + out.ResultMetadata = metadata + return out, nil +} + +type GetComplianceSummaryInput struct { + + // Specifies a list of attributes to group the counts of noncompliant resources by. + // If supplied, the counts are sorted by those attributes. + GroupBy []types.GroupByAttribute + + // Specifies the maximum number of results to be returned in each page. A query can + // return fewer than this maximum, even if there are more results still to return. + // You should always check the PaginationToken response value to see if there are + // more results. You can specify a minimum of 1 and a maximum value of 100. + MaxResults *int32 + + // Specifies a PaginationToken response value from a previous request to indicate + // that you want the next page of results. Leave this parameter empty in your + // initial request. + PaginationToken *string + + // Specifies a list of Amazon Web Services Regions to limit the output to. If you + // use this parameter, the count of returned noncompliant resources includes only + // resources in the specified Regions. + RegionFilters []string + + // Specifies that you want the response to include information for only resources + // of the specified types. The format of each resource type is + // service[:resourceType]. For example, specifying a resource type of ec2 returns + // all Amazon EC2 resources (which includes EC2 instances). Specifying a resource + // type of ec2:instance returns only EC2 instances. The string for each service + // name and resource type is the same as that embedded in a resource's Amazon + // Resource Name (ARN). Consult the Amazon Web Services General Reference + // (https://docs.aws.amazon.com/general/latest/gr/) for the following: + // + // * For a + // list of service name strings, see Amazon Web Services Service Namespaces + // (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces). + // + // * + // For resource type strings, see Example ARNs + // (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arns-syntax). + // + // * + // For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web + // Services Service Namespaces + // (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html). + // + // You + // can specify multiple resource types by using a comma separated array. The array + // can include up to 100 items. Note that the length constraint requirement applies + // to each resource type filter. + ResourceTypeFilters []string + + // Specifies that you want the response to include information for only resources + // that have tags with the specified tag keys. If you use this parameter, the count + // of returned noncompliant resources includes only resources that have the + // specified tag keys. + TagKeyFilters []string + + // Specifies target identifiers (usually, specific account IDs) to limit the output + // by. If you use this parameter, the count of returned noncompliant resources + // includes only resources with the specified target IDs. + TargetIdFilters []string + + noSmithyDocumentSerde +} + +type GetComplianceSummaryOutput struct { + + // A string that indicates that there is more data available than this response + // contains. To receive the next part of the response, specify this response value + // as the PaginationToken value in the request for the next page. + PaginationToken *string + + // A table that shows counts of noncompliant resources. + SummaryList []types.Summary + + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationGetComplianceSummaryMiddlewares(stack *middleware.Stack, options Options) (err error) { + err = stack.Serialize.Add(&awsAwsjson11_serializeOpGetComplianceSummary{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpGetComplianceSummary{}, middleware.After) + if err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + return err + } + if err = addRetryMiddlewares(stack, options); err != nil { + return err + } + if err = addHTTPSignerV4Middleware(stack, options); err != nil { + return err + } + if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + return err + } + if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetComplianceSummary(options.Region), middleware.Before); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + return nil +} + +// GetComplianceSummaryAPIClient is a client that implements the +// GetComplianceSummary operation. +type GetComplianceSummaryAPIClient interface { + GetComplianceSummary(context.Context, *GetComplianceSummaryInput, ...func(*Options)) (*GetComplianceSummaryOutput, error) +} + +var _ GetComplianceSummaryAPIClient = (*Client)(nil) + +// GetComplianceSummaryPaginatorOptions is the paginator options for +// GetComplianceSummary +type GetComplianceSummaryPaginatorOptions struct { + // Specifies the maximum number of results to be returned in each page. A query can + // return fewer than this maximum, even if there are more results still to return. + // You should always check the PaginationToken response value to see if there are + // more results. You can specify a minimum of 1 and a maximum value of 100. + Limit int32 + + // Set to true if pagination should stop if the service returns a pagination token + // that matches the most recent token provided to the service. + StopOnDuplicateToken bool +} + +// GetComplianceSummaryPaginator is a paginator for GetComplianceSummary +type GetComplianceSummaryPaginator struct { + options GetComplianceSummaryPaginatorOptions + client GetComplianceSummaryAPIClient + params *GetComplianceSummaryInput + nextToken *string + firstPage bool +} + +// NewGetComplianceSummaryPaginator returns a new GetComplianceSummaryPaginator +func NewGetComplianceSummaryPaginator(client GetComplianceSummaryAPIClient, params *GetComplianceSummaryInput, optFns ...func(*GetComplianceSummaryPaginatorOptions)) *GetComplianceSummaryPaginator { + if params == nil { + params = &GetComplianceSummaryInput{} + } + + options := GetComplianceSummaryPaginatorOptions{} + if params.MaxResults != nil { + options.Limit = *params.MaxResults + } + + for _, fn := range optFns { + fn(&options) + } + + return &GetComplianceSummaryPaginator{ + options: options, + client: client, + params: params, + firstPage: true, + nextToken: params.PaginationToken, + } +} + +// HasMorePages returns a boolean indicating whether more pages are available +func (p *GetComplianceSummaryPaginator) HasMorePages() bool { + return p.firstPage || (p.nextToken != nil && len(*p.nextToken) != 0) +} + +// NextPage retrieves the next GetComplianceSummary page. +func (p *GetComplianceSummaryPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*GetComplianceSummaryOutput, error) { + if !p.HasMorePages() { + return nil, fmt.Errorf("no more pages available") + } + + params := *p.params + params.PaginationToken = p.nextToken + + var limit *int32 + if p.options.Limit > 0 { + limit = &p.options.Limit + } + params.MaxResults = limit + + result, err := p.client.GetComplianceSummary(ctx, ¶ms, optFns...) + if err != nil { + return nil, err + } + p.firstPage = false + + prevToken := p.nextToken + p.nextToken = result.PaginationToken + + if p.options.StopOnDuplicateToken && + prevToken != nil && + p.nextToken != nil && + *prevToken == *p.nextToken { + p.nextToken = nil + } + + return result, nil +} + +func newServiceMetadataMiddleware_opGetComplianceSummary(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + SigningName: "tagging", + OperationName: "GetComplianceSummary", + } +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_GetResources.go b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_GetResources.go new file mode 100644 index 00000000..af56d4d7 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_GetResources.go @@ -0,0 +1,336 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package resourcegroupstaggingapi + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/aws/signer/v4" + "github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/types" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Returns all the tagged or previously tagged resources that are located in the +// specified Amazon Web Services Region for the account. Depending on what +// information you want returned, you can also specify the following: +// +// * Filters +// that specify what tags and resource types you want returned. The response +// includes all tags that are associated with the requested resources. +// +// * +// Information about compliance with the account's effective tag policy. For more +// information on tag policies, see Tag Policies +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html) +// in the Organizations User Guide. +// +// This operation supports pagination, where the +// response can be sent in multiple pages. You should check the PaginationToken +// response parameter to determine if there are additional results available to +// return. Repeat the query, passing the PaginationToken response parameter value +// as an input to the next request until you recieve a null value. A null value for +// PaginationToken indicates that there are no more results waiting to be returned. +func (c *Client) GetResources(ctx context.Context, params *GetResourcesInput, optFns ...func(*Options)) (*GetResourcesOutput, error) { + if params == nil { + params = &GetResourcesInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "GetResources", params, optFns, c.addOperationGetResourcesMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*GetResourcesOutput) + out.ResultMetadata = metadata + return out, nil +} + +type GetResourcesInput struct { + + // Specifies whether to exclude resources that are compliant with the tag policy. + // Set this to true if you are interested in retrieving information on noncompliant + // resources only. You can use this parameter only if the IncludeComplianceDetails + // parameter is also set to true. + ExcludeCompliantResources *bool + + // Specifies whether to include details regarding the compliance with the effective + // tag policy. Set this to true to determine whether resources are compliant with + // the tag policy and to get details. + IncludeComplianceDetails *bool + + // Specifies a PaginationToken response value from a previous request to indicate + // that you want the next page of results. Leave this parameter empty in your + // initial request. + PaginationToken *string + + // Specifies a list of ARNs of resources for which you want to retrieve tag data. + // You can't specify both this parameter and any of the pagination parameters + // (ResourcesPerPage, TagsPerPage, PaginationToken) in the same request. If you + // specify both, you get an Invalid Parameter exception. If a resource specified by + // this parameter doesn't exist, it doesn't generate an error; it simply isn't + // included in the response. An ARN (Amazon Resource Name) uniquely identifies a + // resource. For more information, see Amazon Resource Names (ARNs) and Amazon Web + // Services Service Namespaces + // (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in + // the Amazon Web Services General Reference. + ResourceARNList []string + + // Specifies the resource types that you want included in the response. The format + // of each resource type is service[:resourceType]. For example, specifying a + // resource type of ec2 returns all Amazon EC2 resources (which includes EC2 + // instances). Specifying a resource type of ec2:instance returns only EC2 + // instances. The string for each service name and resource type is the same as + // that embedded in a resource's Amazon Resource Name (ARN). For the list of + // services whose resources you can use in this parameter, see Services that + // support the Resource Groups Tagging API + // (https://docs.aws.amazon.com/resourcegroupstagging/latest/APIReference/supported-services.html). + // You can specify multiple resource types by using an array. The array can include + // up to 100 items. Note that the length constraint requirement applies to each + // resource type filter. For example, the following string would limit the response + // to only Amazon EC2 instances, Amazon S3 buckets, or any Audit Manager resource: + // ec2:instance,s3:bucket,auditmanager + ResourceTypeFilters []string + + // Specifies the maximum number of results to be returned in each page. A query can + // return fewer than this maximum, even if there are more results still to return. + // You should always check the PaginationToken response value to see if there are + // more results. You can specify a minimum of 1 and a maximum value of 100. + ResourcesPerPage *int32 + + // Specifies a list of TagFilters (keys and values) to restrict the output to only + // those resources that have tags with the specified keys and, if included, the + // specified values. Each TagFilter must contain a key with values optional. A + // request can include up to 50 keys, and each key can include up to 20 values. + // Note the following when deciding how to use TagFilters: + // + // * If you don't specify + // a TagFilter, the response includes all resources that are currently tagged or + // ever had a tag. Resources that currently don't have tags are shown with an empty + // tag set, like this: "Tags": []. + // + // * If you specify more than one filter in a + // single request, the response returns only those resources that satisfy all + // filters. + // + // * If you specify a filter that contains more than one value for a key, + // the response returns resources that match any of the specified values for that + // key. + // + // * If you don't specify a value for a key, the response returns all + // resources that are tagged with that key, with any or no value. For example, for + // the following filters: filter1= {keyA,{value1}}, + // filter2={keyB,{value2,value3,value4}}, filter3= {keyC}: + // + // * + // GetResources({filter1}) returns resources tagged with key1=value1 + // + // * + // GetResources({filter2}) returns resources tagged with key2=value2 or key2=value3 + // or key2=value4 + // + // * GetResources({filter3}) returns resources tagged with any tag + // with the key key3, and with any or no value + // + // * + // GetResources({filter1,filter2,filter3}) returns resources tagged with + // (key1=value1) and (key2=value2 or key2=value3 or key2=value4) and (key3, any or + // no value) + TagFilters []types.TagFilter + + // Amazon Web Services recommends using ResourcesPerPage instead of this parameter. + // A limit that restricts the number of tags (key and value pairs) returned by + // GetResources in paginated output. A resource with no tags is counted as having + // one tag (one key and value pair). GetResources does not split a resource and its + // associated tags across pages. If the specified TagsPerPage would cause such a + // break, a PaginationToken is returned in place of the affected resource and its + // tags. Use that token in another request to get the remaining data. For example, + // if you specify a TagsPerPage of 100 and the account has 22 resources with 10 + // tags each (meaning that each resource has 10 key and value pairs), the output + // will consist of three pages. The first page displays the first 10 resources, + // each with its 10 tags. The second page displays the next 10 resources, each with + // its 10 tags. The third page displays the remaining 2 resources, each with its 10 + // tags. You can set TagsPerPage to a minimum of 100 items up to a maximum of 500 + // items. + TagsPerPage *int32 + + noSmithyDocumentSerde +} + +type GetResourcesOutput struct { + + // A string that indicates that there is more data available than this response + // contains. To receive the next part of the response, specify this response value + // as the PaginationToken value in the request for the next page. + PaginationToken *string + + // A list of resource ARNs and the tags (keys and values) associated with each. + ResourceTagMappingList []types.ResourceTagMapping + + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationGetResourcesMiddlewares(stack *middleware.Stack, options Options) (err error) { + err = stack.Serialize.Add(&awsAwsjson11_serializeOpGetResources{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpGetResources{}, middleware.After) + if err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + return err + } + if err = addRetryMiddlewares(stack, options); err != nil { + return err + } + if err = addHTTPSignerV4Middleware(stack, options); err != nil { + return err + } + if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + return err + } + if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetResources(options.Region), middleware.Before); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + return nil +} + +// GetResourcesAPIClient is a client that implements the GetResources operation. +type GetResourcesAPIClient interface { + GetResources(context.Context, *GetResourcesInput, ...func(*Options)) (*GetResourcesOutput, error) +} + +var _ GetResourcesAPIClient = (*Client)(nil) + +// GetResourcesPaginatorOptions is the paginator options for GetResources +type GetResourcesPaginatorOptions struct { + // Specifies the maximum number of results to be returned in each page. A query can + // return fewer than this maximum, even if there are more results still to return. + // You should always check the PaginationToken response value to see if there are + // more results. You can specify a minimum of 1 and a maximum value of 100. + Limit int32 + + // Set to true if pagination should stop if the service returns a pagination token + // that matches the most recent token provided to the service. + StopOnDuplicateToken bool +} + +// GetResourcesPaginator is a paginator for GetResources +type GetResourcesPaginator struct { + options GetResourcesPaginatorOptions + client GetResourcesAPIClient + params *GetResourcesInput + nextToken *string + firstPage bool +} + +// NewGetResourcesPaginator returns a new GetResourcesPaginator +func NewGetResourcesPaginator(client GetResourcesAPIClient, params *GetResourcesInput, optFns ...func(*GetResourcesPaginatorOptions)) *GetResourcesPaginator { + if params == nil { + params = &GetResourcesInput{} + } + + options := GetResourcesPaginatorOptions{} + if params.ResourcesPerPage != nil { + options.Limit = *params.ResourcesPerPage + } + + for _, fn := range optFns { + fn(&options) + } + + return &GetResourcesPaginator{ + options: options, + client: client, + params: params, + firstPage: true, + nextToken: params.PaginationToken, + } +} + +// HasMorePages returns a boolean indicating whether more pages are available +func (p *GetResourcesPaginator) HasMorePages() bool { + return p.firstPage || (p.nextToken != nil && len(*p.nextToken) != 0) +} + +// NextPage retrieves the next GetResources page. +func (p *GetResourcesPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*GetResourcesOutput, error) { + if !p.HasMorePages() { + return nil, fmt.Errorf("no more pages available") + } + + params := *p.params + params.PaginationToken = p.nextToken + + var limit *int32 + if p.options.Limit > 0 { + limit = &p.options.Limit + } + params.ResourcesPerPage = limit + + result, err := p.client.GetResources(ctx, ¶ms, optFns...) + if err != nil { + return nil, err + } + p.firstPage = false + + prevToken := p.nextToken + p.nextToken = result.PaginationToken + + if p.options.StopOnDuplicateToken && + prevToken != nil && + p.nextToken != nil && + *prevToken == *p.nextToken { + p.nextToken = nil + } + + return result, nil +} + +func newServiceMetadataMiddleware_opGetResources(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + SigningName: "tagging", + OperationName: "GetResources", + } +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_GetTagKeys.go b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_GetTagKeys.go new file mode 100644 index 00000000..ee55df4f --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_GetTagKeys.go @@ -0,0 +1,206 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package resourcegroupstaggingapi + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/aws/signer/v4" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Returns all tag keys currently in use in the specified Amazon Web Services +// Region for the calling account. This operation supports pagination, where the +// response can be sent in multiple pages. You should check the PaginationToken +// response parameter to determine if there are additional results available to +// return. Repeat the query, passing the PaginationToken response parameter value +// as an input to the next request until you recieve a null value. A null value for +// PaginationToken indicates that there are no more results waiting to be returned. +func (c *Client) GetTagKeys(ctx context.Context, params *GetTagKeysInput, optFns ...func(*Options)) (*GetTagKeysOutput, error) { + if params == nil { + params = &GetTagKeysInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "GetTagKeys", params, optFns, c.addOperationGetTagKeysMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*GetTagKeysOutput) + out.ResultMetadata = metadata + return out, nil +} + +type GetTagKeysInput struct { + + // Specifies a PaginationToken response value from a previous request to indicate + // that you want the next page of results. Leave this parameter empty in your + // initial request. + PaginationToken *string + + noSmithyDocumentSerde +} + +type GetTagKeysOutput struct { + + // A string that indicates that there is more data available than this response + // contains. To receive the next part of the response, specify this response value + // as the PaginationToken value in the request for the next page. + PaginationToken *string + + // A list of all tag keys in the Amazon Web Services account. + TagKeys []string + + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationGetTagKeysMiddlewares(stack *middleware.Stack, options Options) (err error) { + err = stack.Serialize.Add(&awsAwsjson11_serializeOpGetTagKeys{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpGetTagKeys{}, middleware.After) + if err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + return err + } + if err = addRetryMiddlewares(stack, options); err != nil { + return err + } + if err = addHTTPSignerV4Middleware(stack, options); err != nil { + return err + } + if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + return err + } + if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetTagKeys(options.Region), middleware.Before); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + return nil +} + +// GetTagKeysAPIClient is a client that implements the GetTagKeys operation. +type GetTagKeysAPIClient interface { + GetTagKeys(context.Context, *GetTagKeysInput, ...func(*Options)) (*GetTagKeysOutput, error) +} + +var _ GetTagKeysAPIClient = (*Client)(nil) + +// GetTagKeysPaginatorOptions is the paginator options for GetTagKeys +type GetTagKeysPaginatorOptions struct { + // Set to true if pagination should stop if the service returns a pagination token + // that matches the most recent token provided to the service. + StopOnDuplicateToken bool +} + +// GetTagKeysPaginator is a paginator for GetTagKeys +type GetTagKeysPaginator struct { + options GetTagKeysPaginatorOptions + client GetTagKeysAPIClient + params *GetTagKeysInput + nextToken *string + firstPage bool +} + +// NewGetTagKeysPaginator returns a new GetTagKeysPaginator +func NewGetTagKeysPaginator(client GetTagKeysAPIClient, params *GetTagKeysInput, optFns ...func(*GetTagKeysPaginatorOptions)) *GetTagKeysPaginator { + if params == nil { + params = &GetTagKeysInput{} + } + + options := GetTagKeysPaginatorOptions{} + + for _, fn := range optFns { + fn(&options) + } + + return &GetTagKeysPaginator{ + options: options, + client: client, + params: params, + firstPage: true, + nextToken: params.PaginationToken, + } +} + +// HasMorePages returns a boolean indicating whether more pages are available +func (p *GetTagKeysPaginator) HasMorePages() bool { + return p.firstPage || (p.nextToken != nil && len(*p.nextToken) != 0) +} + +// NextPage retrieves the next GetTagKeys page. +func (p *GetTagKeysPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*GetTagKeysOutput, error) { + if !p.HasMorePages() { + return nil, fmt.Errorf("no more pages available") + } + + params := *p.params + params.PaginationToken = p.nextToken + + result, err := p.client.GetTagKeys(ctx, ¶ms, optFns...) + if err != nil { + return nil, err + } + p.firstPage = false + + prevToken := p.nextToken + p.nextToken = result.PaginationToken + + if p.options.StopOnDuplicateToken && + prevToken != nil && + p.nextToken != nil && + *prevToken == *p.nextToken { + p.nextToken = nil + } + + return result, nil +} + +func newServiceMetadataMiddleware_opGetTagKeys(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + SigningName: "tagging", + OperationName: "GetTagKeys", + } +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_GetTagValues.go b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_GetTagValues.go new file mode 100644 index 00000000..96608e43 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_GetTagValues.go @@ -0,0 +1,218 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package resourcegroupstaggingapi + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/aws/signer/v4" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Returns all tag values for the specified key that are used in the specified +// Amazon Web Services Region for the calling account. This operation supports +// pagination, where the response can be sent in multiple pages. You should check +// the PaginationToken response parameter to determine if there are additional +// results available to return. Repeat the query, passing the PaginationToken +// response parameter value as an input to the next request until you recieve a +// null value. A null value for PaginationToken indicates that there are no more +// results waiting to be returned. +func (c *Client) GetTagValues(ctx context.Context, params *GetTagValuesInput, optFns ...func(*Options)) (*GetTagValuesOutput, error) { + if params == nil { + params = &GetTagValuesInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "GetTagValues", params, optFns, c.addOperationGetTagValuesMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*GetTagValuesOutput) + out.ResultMetadata = metadata + return out, nil +} + +type GetTagValuesInput struct { + + // Specifies the tag key for which you want to list all existing values that are + // currently used in the specified Amazon Web Services Region for the calling + // account. + // + // This member is required. + Key *string + + // Specifies a PaginationToken response value from a previous request to indicate + // that you want the next page of results. Leave this parameter empty in your + // initial request. + PaginationToken *string + + noSmithyDocumentSerde +} + +type GetTagValuesOutput struct { + + // A string that indicates that there is more data available than this response + // contains. To receive the next part of the response, specify this response value + // as the PaginationToken value in the request for the next page. + PaginationToken *string + + // A list of all tag values for the specified key currently used in the specified + // Amazon Web Services Region for the calling account. + TagValues []string + + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationGetTagValuesMiddlewares(stack *middleware.Stack, options Options) (err error) { + err = stack.Serialize.Add(&awsAwsjson11_serializeOpGetTagValues{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpGetTagValues{}, middleware.After) + if err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + return err + } + if err = addRetryMiddlewares(stack, options); err != nil { + return err + } + if err = addHTTPSignerV4Middleware(stack, options); err != nil { + return err + } + if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + return err + } + if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addOpGetTagValuesValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetTagValues(options.Region), middleware.Before); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + return nil +} + +// GetTagValuesAPIClient is a client that implements the GetTagValues operation. +type GetTagValuesAPIClient interface { + GetTagValues(context.Context, *GetTagValuesInput, ...func(*Options)) (*GetTagValuesOutput, error) +} + +var _ GetTagValuesAPIClient = (*Client)(nil) + +// GetTagValuesPaginatorOptions is the paginator options for GetTagValues +type GetTagValuesPaginatorOptions struct { + // Set to true if pagination should stop if the service returns a pagination token + // that matches the most recent token provided to the service. + StopOnDuplicateToken bool +} + +// GetTagValuesPaginator is a paginator for GetTagValues +type GetTagValuesPaginator struct { + options GetTagValuesPaginatorOptions + client GetTagValuesAPIClient + params *GetTagValuesInput + nextToken *string + firstPage bool +} + +// NewGetTagValuesPaginator returns a new GetTagValuesPaginator +func NewGetTagValuesPaginator(client GetTagValuesAPIClient, params *GetTagValuesInput, optFns ...func(*GetTagValuesPaginatorOptions)) *GetTagValuesPaginator { + if params == nil { + params = &GetTagValuesInput{} + } + + options := GetTagValuesPaginatorOptions{} + + for _, fn := range optFns { + fn(&options) + } + + return &GetTagValuesPaginator{ + options: options, + client: client, + params: params, + firstPage: true, + nextToken: params.PaginationToken, + } +} + +// HasMorePages returns a boolean indicating whether more pages are available +func (p *GetTagValuesPaginator) HasMorePages() bool { + return p.firstPage || (p.nextToken != nil && len(*p.nextToken) != 0) +} + +// NextPage retrieves the next GetTagValues page. +func (p *GetTagValuesPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*GetTagValuesOutput, error) { + if !p.HasMorePages() { + return nil, fmt.Errorf("no more pages available") + } + + params := *p.params + params.PaginationToken = p.nextToken + + result, err := p.client.GetTagValues(ctx, ¶ms, optFns...) + if err != nil { + return nil, err + } + p.firstPage = false + + prevToken := p.nextToken + p.nextToken = result.PaginationToken + + if p.options.StopOnDuplicateToken && + prevToken != nil && + p.nextToken != nil && + *prevToken == *p.nextToken { + p.nextToken = nil + } + + return result, nil +} + +func newServiceMetadataMiddleware_opGetTagValues(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + SigningName: "tagging", + OperationName: "GetTagValues", + } +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_StartReportCreation.go b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_StartReportCreation.go new file mode 100644 index 00000000..33af5d1b --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_StartReportCreation.go @@ -0,0 +1,124 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package resourcegroupstaggingapi + +import ( + "context" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/aws/signer/v4" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Generates a report that lists all tagged resources in the accounts across your +// organization and tells whether each resource is compliant with the effective tag +// policy. Compliance data is refreshed daily. The report is generated +// asynchronously. The generated report is saved to the following location: +// s3://example-bucket/AwsTagPolicies/o-exampleorgid/YYYY-MM-ddTHH:mm:ssZ/report.csv +// You can call this operation only from the organization's management account and +// from the us-east-1 Region. +func (c *Client) StartReportCreation(ctx context.Context, params *StartReportCreationInput, optFns ...func(*Options)) (*StartReportCreationOutput, error) { + if params == nil { + params = &StartReportCreationInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "StartReportCreation", params, optFns, c.addOperationStartReportCreationMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*StartReportCreationOutput) + out.ResultMetadata = metadata + return out, nil +} + +type StartReportCreationInput struct { + + // The name of the Amazon S3 bucket where the report will be stored; for example: + // awsexamplebucket For more information on S3 bucket requirements, including an + // example bucket policy, see the example S3 bucket policy on this page. + // + // This member is required. + S3Bucket *string + + noSmithyDocumentSerde +} + +type StartReportCreationOutput struct { + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationStartReportCreationMiddlewares(stack *middleware.Stack, options Options) (err error) { + err = stack.Serialize.Add(&awsAwsjson11_serializeOpStartReportCreation{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpStartReportCreation{}, middleware.After) + if err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + return err + } + if err = addRetryMiddlewares(stack, options); err != nil { + return err + } + if err = addHTTPSignerV4Middleware(stack, options); err != nil { + return err + } + if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + return err + } + if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addOpStartReportCreationValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opStartReportCreation(options.Region), middleware.Before); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + return nil +} + +func newServiceMetadataMiddleware_opStartReportCreation(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + SigningName: "tagging", + OperationName: "StartReportCreation", + } +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_TagResources.go b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_TagResources.go new file mode 100644 index 00000000..982ff5b9 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_TagResources.go @@ -0,0 +1,171 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package resourcegroupstaggingapi + +import ( + "context" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/aws/signer/v4" + "github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/types" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Applies one or more tags to the specified resources. Note the following: +// +// * Not +// all resources can have tags. For a list of services with resources that support +// tagging using this operation, see Services that support the Resource Groups +// Tagging API +// (https://docs.aws.amazon.com/resourcegroupstagging/latest/APIReference/supported-services.html). +// If the resource doesn't yet support this operation, the resource's service might +// support tagging using its own API operations. For more information, refer to the +// documentation for that service. +// +// * Each resource can have up to 50 tags. For +// other limits, see Tag Naming and Usage Conventions +// (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html#tag-conventions) +// in the Amazon Web Services General Reference. +// +// * You can only tag resources that +// are located in the specified Amazon Web Services Region for the Amazon Web +// Services account. +// +// * To add tags to a resource, you need the necessary +// permissions for the service that the resource belongs to as well as permissions +// for adding tags. For more information, see the documentation for each +// service. +// +// Do not store personally identifiable information (PII) or other +// confidential or sensitive information in tags. We use tags to provide you with +// billing and administration services. Tags are not intended to be used for +// private or sensitive data. Minimum permissions In addition to the +// tag:TagResources permission required by this operation, you must also have the +// tagging permission defined by the service that created the resource. For +// example, to tag an Amazon EC2 instance using the TagResources operation, you +// must have both of the following permissions: +// +// * tag:TagResource +// +// * +// ec2:CreateTags +func (c *Client) TagResources(ctx context.Context, params *TagResourcesInput, optFns ...func(*Options)) (*TagResourcesOutput, error) { + if params == nil { + params = &TagResourcesInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "TagResources", params, optFns, c.addOperationTagResourcesMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*TagResourcesOutput) + out.ResultMetadata = metadata + return out, nil +} + +type TagResourcesInput struct { + + // Specifies the list of ARNs of the resources that you want to apply tags to. An + // ARN (Amazon Resource Name) uniquely identifies a resource. For more information, + // see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces + // (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in + // the Amazon Web Services General Reference. + // + // This member is required. + ResourceARNList []string + + // Specifies a list of tags that you want to add to the specified resources. A tag + // consists of a key and a value that you define. + // + // This member is required. + Tags map[string]string + + noSmithyDocumentSerde +} + +type TagResourcesOutput struct { + + // A map containing a key-value pair for each failed item that couldn't be tagged. + // The key is the ARN of the failed resource. The value is a FailureInfo object + // that contains an error code, a status code, and an error message. If there are + // no errors, the FailedResourcesMap is empty. + FailedResourcesMap map[string]types.FailureInfo + + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationTagResourcesMiddlewares(stack *middleware.Stack, options Options) (err error) { + err = stack.Serialize.Add(&awsAwsjson11_serializeOpTagResources{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpTagResources{}, middleware.After) + if err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + return err + } + if err = addRetryMiddlewares(stack, options); err != nil { + return err + } + if err = addHTTPSignerV4Middleware(stack, options); err != nil { + return err + } + if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + return err + } + if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addOpTagResourcesValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opTagResources(options.Region), middleware.Before); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + return nil +} + +func newServiceMetadataMiddleware_opTagResources(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + SigningName: "tagging", + OperationName: "TagResources", + } +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_UntagResources.go b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_UntagResources.go new file mode 100644 index 00000000..0ce1d7b3 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/api_op_UntagResources.go @@ -0,0 +1,157 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package resourcegroupstaggingapi + +import ( + "context" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/aws/signer/v4" + "github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/types" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Removes the specified tags from the specified resources. When you specify a tag +// key, the action removes both that key and its associated value. The operation +// succeeds even if you attempt to remove tags from a resource that were already +// removed. Note the following: +// +// * To remove tags from a resource, you need the +// necessary permissions for the service that the resource belongs to as well as +// permissions for removing tags. For more information, see the documentation for +// the service whose resource you want to untag. +// +// * You can only tag resources that +// are located in the specified Amazon Web Services Region for the calling Amazon +// Web Services account. +// +// Minimum permissions In addition to the tag:UntagResources +// permission required by this operation, you must also have the remove tags +// permission defined by the service that created the resource. For example, to +// remove the tags from an Amazon EC2 instance using the UntagResources operation, +// you must have both of the following permissions: +// +// * tag:UntagResource +// +// * +// ec2:DeleteTags +func (c *Client) UntagResources(ctx context.Context, params *UntagResourcesInput, optFns ...func(*Options)) (*UntagResourcesOutput, error) { + if params == nil { + params = &UntagResourcesInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "UntagResources", params, optFns, c.addOperationUntagResourcesMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*UntagResourcesOutput) + out.ResultMetadata = metadata + return out, nil +} + +type UntagResourcesInput struct { + + // Specifies a list of ARNs of the resources that you want to remove tags from. An + // ARN (Amazon Resource Name) uniquely identifies a resource. For more information, + // see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces + // (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in + // the Amazon Web Services General Reference. + // + // This member is required. + ResourceARNList []string + + // Specifies a list of tag keys that you want to remove from the specified + // resources. + // + // This member is required. + TagKeys []string + + noSmithyDocumentSerde +} + +type UntagResourcesOutput struct { + + // A map containing a key-value pair for each failed item that couldn't be + // untagged. The key is the ARN of the failed resource. The value is a FailureInfo + // object that contains an error code, a status code, and an error message. If + // there are no errors, the FailedResourcesMap is empty. + FailedResourcesMap map[string]types.FailureInfo + + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationUntagResourcesMiddlewares(stack *middleware.Stack, options Options) (err error) { + err = stack.Serialize.Add(&awsAwsjson11_serializeOpUntagResources{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpUntagResources{}, middleware.After) + if err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + return err + } + if err = addRetryMiddlewares(stack, options); err != nil { + return err + } + if err = addHTTPSignerV4Middleware(stack, options); err != nil { + return err + } + if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + return err + } + if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addOpUntagResourcesValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opUntagResources(options.Region), middleware.Before); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + return nil +} + +func newServiceMetadataMiddleware_opUntagResources(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + SigningName: "tagging", + OperationName: "UntagResources", + } +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/deserializers.go b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/deserializers.go new file mode 100644 index 00000000..481fd9a3 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/deserializers.go @@ -0,0 +1,2285 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package resourcegroupstaggingapi + +import ( + "bytes" + "context" + "encoding/json" + "fmt" + "github.com/aws/aws-sdk-go-v2/aws/protocol/restjson" + "github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/types" + smithy "github.com/aws/smithy-go" + smithyio "github.com/aws/smithy-go/io" + "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" + smithyhttp "github.com/aws/smithy-go/transport/http" + "io" + "strings" +) + +type awsAwsjson11_deserializeOpDescribeReportCreation struct { +} + +func (*awsAwsjson11_deserializeOpDescribeReportCreation) ID() string { + return "OperationDeserializer" +} + +func (m *awsAwsjson11_deserializeOpDescribeReportCreation) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsAwsjson11_deserializeOpErrorDescribeReportCreation(response, &metadata) + } + output := &DescribeReportCreationOutput{} + out.Result = output + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(response.Body, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + err = awsAwsjson11_deserializeOpDocumentDescribeReportCreationOutput(&output, shape) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + return out, metadata, err +} + +func awsAwsjson11_deserializeOpErrorDescribeReportCreation(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + code := response.Header.Get("X-Amzn-ErrorType") + if len(code) != 0 { + errorCode = restjson.SanitizeErrorCode(code) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + code, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(code) != 0 { + errorCode = restjson.SanitizeErrorCode(code) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("ConstraintViolationException", errorCode): + return awsAwsjson11_deserializeErrorConstraintViolationException(response, errorBody) + + case strings.EqualFold("InternalServiceException", errorCode): + return awsAwsjson11_deserializeErrorInternalServiceException(response, errorBody) + + case strings.EqualFold("InvalidParameterException", errorCode): + return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) + + case strings.EqualFold("ThrottledException", errorCode): + return awsAwsjson11_deserializeErrorThrottledException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +type awsAwsjson11_deserializeOpGetComplianceSummary struct { +} + +func (*awsAwsjson11_deserializeOpGetComplianceSummary) ID() string { + return "OperationDeserializer" +} + +func (m *awsAwsjson11_deserializeOpGetComplianceSummary) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsAwsjson11_deserializeOpErrorGetComplianceSummary(response, &metadata) + } + output := &GetComplianceSummaryOutput{} + out.Result = output + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(response.Body, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + err = awsAwsjson11_deserializeOpDocumentGetComplianceSummaryOutput(&output, shape) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + return out, metadata, err +} + +func awsAwsjson11_deserializeOpErrorGetComplianceSummary(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + code := response.Header.Get("X-Amzn-ErrorType") + if len(code) != 0 { + errorCode = restjson.SanitizeErrorCode(code) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + code, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(code) != 0 { + errorCode = restjson.SanitizeErrorCode(code) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("ConstraintViolationException", errorCode): + return awsAwsjson11_deserializeErrorConstraintViolationException(response, errorBody) + + case strings.EqualFold("InternalServiceException", errorCode): + return awsAwsjson11_deserializeErrorInternalServiceException(response, errorBody) + + case strings.EqualFold("InvalidParameterException", errorCode): + return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) + + case strings.EqualFold("ThrottledException", errorCode): + return awsAwsjson11_deserializeErrorThrottledException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +type awsAwsjson11_deserializeOpGetResources struct { +} + +func (*awsAwsjson11_deserializeOpGetResources) ID() string { + return "OperationDeserializer" +} + +func (m *awsAwsjson11_deserializeOpGetResources) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsAwsjson11_deserializeOpErrorGetResources(response, &metadata) + } + output := &GetResourcesOutput{} + out.Result = output + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(response.Body, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + err = awsAwsjson11_deserializeOpDocumentGetResourcesOutput(&output, shape) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + return out, metadata, err +} + +func awsAwsjson11_deserializeOpErrorGetResources(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + code := response.Header.Get("X-Amzn-ErrorType") + if len(code) != 0 { + errorCode = restjson.SanitizeErrorCode(code) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + code, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(code) != 0 { + errorCode = restjson.SanitizeErrorCode(code) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("InternalServiceException", errorCode): + return awsAwsjson11_deserializeErrorInternalServiceException(response, errorBody) + + case strings.EqualFold("InvalidParameterException", errorCode): + return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) + + case strings.EqualFold("PaginationTokenExpiredException", errorCode): + return awsAwsjson11_deserializeErrorPaginationTokenExpiredException(response, errorBody) + + case strings.EqualFold("ThrottledException", errorCode): + return awsAwsjson11_deserializeErrorThrottledException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +type awsAwsjson11_deserializeOpGetTagKeys struct { +} + +func (*awsAwsjson11_deserializeOpGetTagKeys) ID() string { + return "OperationDeserializer" +} + +func (m *awsAwsjson11_deserializeOpGetTagKeys) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsAwsjson11_deserializeOpErrorGetTagKeys(response, &metadata) + } + output := &GetTagKeysOutput{} + out.Result = output + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(response.Body, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + err = awsAwsjson11_deserializeOpDocumentGetTagKeysOutput(&output, shape) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + return out, metadata, err +} + +func awsAwsjson11_deserializeOpErrorGetTagKeys(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + code := response.Header.Get("X-Amzn-ErrorType") + if len(code) != 0 { + errorCode = restjson.SanitizeErrorCode(code) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + code, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(code) != 0 { + errorCode = restjson.SanitizeErrorCode(code) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("InternalServiceException", errorCode): + return awsAwsjson11_deserializeErrorInternalServiceException(response, errorBody) + + case strings.EqualFold("InvalidParameterException", errorCode): + return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) + + case strings.EqualFold("PaginationTokenExpiredException", errorCode): + return awsAwsjson11_deserializeErrorPaginationTokenExpiredException(response, errorBody) + + case strings.EqualFold("ThrottledException", errorCode): + return awsAwsjson11_deserializeErrorThrottledException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +type awsAwsjson11_deserializeOpGetTagValues struct { +} + +func (*awsAwsjson11_deserializeOpGetTagValues) ID() string { + return "OperationDeserializer" +} + +func (m *awsAwsjson11_deserializeOpGetTagValues) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsAwsjson11_deserializeOpErrorGetTagValues(response, &metadata) + } + output := &GetTagValuesOutput{} + out.Result = output + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(response.Body, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + err = awsAwsjson11_deserializeOpDocumentGetTagValuesOutput(&output, shape) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + return out, metadata, err +} + +func awsAwsjson11_deserializeOpErrorGetTagValues(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + code := response.Header.Get("X-Amzn-ErrorType") + if len(code) != 0 { + errorCode = restjson.SanitizeErrorCode(code) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + code, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(code) != 0 { + errorCode = restjson.SanitizeErrorCode(code) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("InternalServiceException", errorCode): + return awsAwsjson11_deserializeErrorInternalServiceException(response, errorBody) + + case strings.EqualFold("InvalidParameterException", errorCode): + return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) + + case strings.EqualFold("PaginationTokenExpiredException", errorCode): + return awsAwsjson11_deserializeErrorPaginationTokenExpiredException(response, errorBody) + + case strings.EqualFold("ThrottledException", errorCode): + return awsAwsjson11_deserializeErrorThrottledException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +type awsAwsjson11_deserializeOpStartReportCreation struct { +} + +func (*awsAwsjson11_deserializeOpStartReportCreation) ID() string { + return "OperationDeserializer" +} + +func (m *awsAwsjson11_deserializeOpStartReportCreation) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsAwsjson11_deserializeOpErrorStartReportCreation(response, &metadata) + } + output := &StartReportCreationOutput{} + out.Result = output + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(response.Body, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + err = awsAwsjson11_deserializeOpDocumentStartReportCreationOutput(&output, shape) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + return out, metadata, err +} + +func awsAwsjson11_deserializeOpErrorStartReportCreation(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + code := response.Header.Get("X-Amzn-ErrorType") + if len(code) != 0 { + errorCode = restjson.SanitizeErrorCode(code) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + code, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(code) != 0 { + errorCode = restjson.SanitizeErrorCode(code) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("ConcurrentModificationException", errorCode): + return awsAwsjson11_deserializeErrorConcurrentModificationException(response, errorBody) + + case strings.EqualFold("ConstraintViolationException", errorCode): + return awsAwsjson11_deserializeErrorConstraintViolationException(response, errorBody) + + case strings.EqualFold("InternalServiceException", errorCode): + return awsAwsjson11_deserializeErrorInternalServiceException(response, errorBody) + + case strings.EqualFold("InvalidParameterException", errorCode): + return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) + + case strings.EqualFold("ThrottledException", errorCode): + return awsAwsjson11_deserializeErrorThrottledException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +type awsAwsjson11_deserializeOpTagResources struct { +} + +func (*awsAwsjson11_deserializeOpTagResources) ID() string { + return "OperationDeserializer" +} + +func (m *awsAwsjson11_deserializeOpTagResources) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsAwsjson11_deserializeOpErrorTagResources(response, &metadata) + } + output := &TagResourcesOutput{} + out.Result = output + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(response.Body, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + err = awsAwsjson11_deserializeOpDocumentTagResourcesOutput(&output, shape) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + return out, metadata, err +} + +func awsAwsjson11_deserializeOpErrorTagResources(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + code := response.Header.Get("X-Amzn-ErrorType") + if len(code) != 0 { + errorCode = restjson.SanitizeErrorCode(code) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + code, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(code) != 0 { + errorCode = restjson.SanitizeErrorCode(code) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("InternalServiceException", errorCode): + return awsAwsjson11_deserializeErrorInternalServiceException(response, errorBody) + + case strings.EqualFold("InvalidParameterException", errorCode): + return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) + + case strings.EqualFold("ThrottledException", errorCode): + return awsAwsjson11_deserializeErrorThrottledException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +type awsAwsjson11_deserializeOpUntagResources struct { +} + +func (*awsAwsjson11_deserializeOpUntagResources) ID() string { + return "OperationDeserializer" +} + +func (m *awsAwsjson11_deserializeOpUntagResources) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsAwsjson11_deserializeOpErrorUntagResources(response, &metadata) + } + output := &UntagResourcesOutput{} + out.Result = output + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(response.Body, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + err = awsAwsjson11_deserializeOpDocumentUntagResourcesOutput(&output, shape) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + return out, metadata, err +} + +func awsAwsjson11_deserializeOpErrorUntagResources(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + code := response.Header.Get("X-Amzn-ErrorType") + if len(code) != 0 { + errorCode = restjson.SanitizeErrorCode(code) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + code, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(code) != 0 { + errorCode = restjson.SanitizeErrorCode(code) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("InternalServiceException", errorCode): + return awsAwsjson11_deserializeErrorInternalServiceException(response, errorBody) + + case strings.EqualFold("InvalidParameterException", errorCode): + return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) + + case strings.EqualFold("ThrottledException", errorCode): + return awsAwsjson11_deserializeErrorThrottledException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +func awsAwsjson11_deserializeErrorConcurrentModificationException(response *smithyhttp.Response, errorBody *bytes.Reader) error { + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + output := &types.ConcurrentModificationException{} + err := awsAwsjson11_deserializeDocumentConcurrentModificationException(&output, shape) + + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + return output +} + +func awsAwsjson11_deserializeErrorConstraintViolationException(response *smithyhttp.Response, errorBody *bytes.Reader) error { + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + output := &types.ConstraintViolationException{} + err := awsAwsjson11_deserializeDocumentConstraintViolationException(&output, shape) + + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + return output +} + +func awsAwsjson11_deserializeErrorInternalServiceException(response *smithyhttp.Response, errorBody *bytes.Reader) error { + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + output := &types.InternalServiceException{} + err := awsAwsjson11_deserializeDocumentInternalServiceException(&output, shape) + + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + return output +} + +func awsAwsjson11_deserializeErrorInvalidParameterException(response *smithyhttp.Response, errorBody *bytes.Reader) error { + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + output := &types.InvalidParameterException{} + err := awsAwsjson11_deserializeDocumentInvalidParameterException(&output, shape) + + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + return output +} + +func awsAwsjson11_deserializeErrorPaginationTokenExpiredException(response *smithyhttp.Response, errorBody *bytes.Reader) error { + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + output := &types.PaginationTokenExpiredException{} + err := awsAwsjson11_deserializeDocumentPaginationTokenExpiredException(&output, shape) + + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + return output +} + +func awsAwsjson11_deserializeErrorThrottledException(response *smithyhttp.Response, errorBody *bytes.Reader) error { + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + output := &types.ThrottledException{} + err := awsAwsjson11_deserializeDocumentThrottledException(&output, shape) + + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + return output +} + +func awsAwsjson11_deserializeDocumentComplianceDetails(v **types.ComplianceDetails, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.ComplianceDetails + if *v == nil { + sv = &types.ComplianceDetails{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "ComplianceStatus": + if value != nil { + jtv, ok := value.(bool) + if !ok { + return fmt.Errorf("expected ComplianceStatus to be of type *bool, got %T instead", value) + } + sv.ComplianceStatus = ptr.Bool(jtv) + } + + case "KeysWithNoncompliantValues": + if err := awsAwsjson11_deserializeDocumentTagKeyList(&sv.KeysWithNoncompliantValues, value); err != nil { + return err + } + + case "NoncompliantKeys": + if err := awsAwsjson11_deserializeDocumentTagKeyList(&sv.NoncompliantKeys, value); err != nil { + return err + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsAwsjson11_deserializeDocumentConcurrentModificationException(v **types.ConcurrentModificationException, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.ConcurrentModificationException + if *v == nil { + sv = &types.ConcurrentModificationException{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "Message": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected ExceptionMessage to be of type string, got %T instead", value) + } + sv.Message = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsAwsjson11_deserializeDocumentConstraintViolationException(v **types.ConstraintViolationException, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.ConstraintViolationException + if *v == nil { + sv = &types.ConstraintViolationException{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "Message": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected ExceptionMessage to be of type string, got %T instead", value) + } + sv.Message = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsAwsjson11_deserializeDocumentFailedResourcesMap(v *map[string]types.FailureInfo, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var mv map[string]types.FailureInfo + if *v == nil { + mv = map[string]types.FailureInfo{} + } else { + mv = *v + } + + for key, value := range shape { + var parsedVal types.FailureInfo + mapVar := parsedVal + destAddr := &mapVar + if err := awsAwsjson11_deserializeDocumentFailureInfo(&destAddr, value); err != nil { + return err + } + parsedVal = *destAddr + mv[key] = parsedVal + + } + *v = mv + return nil +} + +func awsAwsjson11_deserializeDocumentFailureInfo(v **types.FailureInfo, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.FailureInfo + if *v == nil { + sv = &types.FailureInfo{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "ErrorCode": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected ErrorCode to be of type string, got %T instead", value) + } + sv.ErrorCode = types.ErrorCode(jtv) + } + + case "ErrorMessage": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected ErrorMessage to be of type string, got %T instead", value) + } + sv.ErrorMessage = ptr.String(jtv) + } + + case "StatusCode": + if value != nil { + jtv, ok := value.(json.Number) + if !ok { + return fmt.Errorf("expected StatusCode to be json.Number, got %T instead", value) + } + i64, err := jtv.Int64() + if err != nil { + return err + } + sv.StatusCode = int32(i64) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsAwsjson11_deserializeDocumentInternalServiceException(v **types.InternalServiceException, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.InternalServiceException + if *v == nil { + sv = &types.InternalServiceException{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "Message": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected ExceptionMessage to be of type string, got %T instead", value) + } + sv.Message = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsAwsjson11_deserializeDocumentInvalidParameterException(v **types.InvalidParameterException, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.InvalidParameterException + if *v == nil { + sv = &types.InvalidParameterException{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "Message": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected ExceptionMessage to be of type string, got %T instead", value) + } + sv.Message = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsAwsjson11_deserializeDocumentPaginationTokenExpiredException(v **types.PaginationTokenExpiredException, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.PaginationTokenExpiredException + if *v == nil { + sv = &types.PaginationTokenExpiredException{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "Message": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected ExceptionMessage to be of type string, got %T instead", value) + } + sv.Message = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsAwsjson11_deserializeDocumentResourceTagMapping(v **types.ResourceTagMapping, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.ResourceTagMapping + if *v == nil { + sv = &types.ResourceTagMapping{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "ComplianceDetails": + if err := awsAwsjson11_deserializeDocumentComplianceDetails(&sv.ComplianceDetails, value); err != nil { + return err + } + + case "ResourceARN": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected ResourceARN to be of type string, got %T instead", value) + } + sv.ResourceARN = ptr.String(jtv) + } + + case "Tags": + if err := awsAwsjson11_deserializeDocumentTagList(&sv.Tags, value); err != nil { + return err + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsAwsjson11_deserializeDocumentResourceTagMappingList(v *[]types.ResourceTagMapping, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.([]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var cv []types.ResourceTagMapping + if *v == nil { + cv = []types.ResourceTagMapping{} + } else { + cv = *v + } + + for _, value := range shape { + var col types.ResourceTagMapping + destAddr := &col + if err := awsAwsjson11_deserializeDocumentResourceTagMapping(&destAddr, value); err != nil { + return err + } + col = *destAddr + cv = append(cv, col) + + } + *v = cv + return nil +} + +func awsAwsjson11_deserializeDocumentSummary(v **types.Summary, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.Summary + if *v == nil { + sv = &types.Summary{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "LastUpdated": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected LastUpdated to be of type string, got %T instead", value) + } + sv.LastUpdated = ptr.String(jtv) + } + + case "NonCompliantResources": + if value != nil { + jtv, ok := value.(json.Number) + if !ok { + return fmt.Errorf("expected NonCompliantResources to be json.Number, got %T instead", value) + } + i64, err := jtv.Int64() + if err != nil { + return err + } + sv.NonCompliantResources = i64 + } + + case "Region": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected Region to be of type string, got %T instead", value) + } + sv.Region = ptr.String(jtv) + } + + case "ResourceType": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected AmazonResourceType to be of type string, got %T instead", value) + } + sv.ResourceType = ptr.String(jtv) + } + + case "TargetId": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected TargetId to be of type string, got %T instead", value) + } + sv.TargetId = ptr.String(jtv) + } + + case "TargetIdType": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected TargetIdType to be of type string, got %T instead", value) + } + sv.TargetIdType = types.TargetIdType(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsAwsjson11_deserializeDocumentSummaryList(v *[]types.Summary, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.([]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var cv []types.Summary + if *v == nil { + cv = []types.Summary{} + } else { + cv = *v + } + + for _, value := range shape { + var col types.Summary + destAddr := &col + if err := awsAwsjson11_deserializeDocumentSummary(&destAddr, value); err != nil { + return err + } + col = *destAddr + cv = append(cv, col) + + } + *v = cv + return nil +} + +func awsAwsjson11_deserializeDocumentTag(v **types.Tag, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.Tag + if *v == nil { + sv = &types.Tag{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "Key": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected TagKey to be of type string, got %T instead", value) + } + sv.Key = ptr.String(jtv) + } + + case "Value": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected TagValue to be of type string, got %T instead", value) + } + sv.Value = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsAwsjson11_deserializeDocumentTagKeyList(v *[]string, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.([]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var cv []string + if *v == nil { + cv = []string{} + } else { + cv = *v + } + + for _, value := range shape { + var col string + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected TagKey to be of type string, got %T instead", value) + } + col = jtv + } + cv = append(cv, col) + + } + *v = cv + return nil +} + +func awsAwsjson11_deserializeDocumentTagList(v *[]types.Tag, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.([]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var cv []types.Tag + if *v == nil { + cv = []types.Tag{} + } else { + cv = *v + } + + for _, value := range shape { + var col types.Tag + destAddr := &col + if err := awsAwsjson11_deserializeDocumentTag(&destAddr, value); err != nil { + return err + } + col = *destAddr + cv = append(cv, col) + + } + *v = cv + return nil +} + +func awsAwsjson11_deserializeDocumentTagValuesOutputList(v *[]string, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.([]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var cv []string + if *v == nil { + cv = []string{} + } else { + cv = *v + } + + for _, value := range shape { + var col string + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected TagValue to be of type string, got %T instead", value) + } + col = jtv + } + cv = append(cv, col) + + } + *v = cv + return nil +} + +func awsAwsjson11_deserializeDocumentThrottledException(v **types.ThrottledException, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.ThrottledException + if *v == nil { + sv = &types.ThrottledException{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "Message": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected ExceptionMessage to be of type string, got %T instead", value) + } + sv.Message = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsAwsjson11_deserializeOpDocumentDescribeReportCreationOutput(v **DescribeReportCreationOutput, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *DescribeReportCreationOutput + if *v == nil { + sv = &DescribeReportCreationOutput{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "ErrorMessage": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected ErrorMessage to be of type string, got %T instead", value) + } + sv.ErrorMessage = ptr.String(jtv) + } + + case "S3Location": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected S3Location to be of type string, got %T instead", value) + } + sv.S3Location = ptr.String(jtv) + } + + case "StartDate": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected StartDate to be of type string, got %T instead", value) + } + sv.StartDate = ptr.String(jtv) + } + + case "Status": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected Status to be of type string, got %T instead", value) + } + sv.Status = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsAwsjson11_deserializeOpDocumentGetComplianceSummaryOutput(v **GetComplianceSummaryOutput, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *GetComplianceSummaryOutput + if *v == nil { + sv = &GetComplianceSummaryOutput{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "PaginationToken": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected PaginationToken to be of type string, got %T instead", value) + } + sv.PaginationToken = ptr.String(jtv) + } + + case "SummaryList": + if err := awsAwsjson11_deserializeDocumentSummaryList(&sv.SummaryList, value); err != nil { + return err + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsAwsjson11_deserializeOpDocumentGetResourcesOutput(v **GetResourcesOutput, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *GetResourcesOutput + if *v == nil { + sv = &GetResourcesOutput{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "PaginationToken": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected PaginationToken to be of type string, got %T instead", value) + } + sv.PaginationToken = ptr.String(jtv) + } + + case "ResourceTagMappingList": + if err := awsAwsjson11_deserializeDocumentResourceTagMappingList(&sv.ResourceTagMappingList, value); err != nil { + return err + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsAwsjson11_deserializeOpDocumentGetTagKeysOutput(v **GetTagKeysOutput, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *GetTagKeysOutput + if *v == nil { + sv = &GetTagKeysOutput{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "PaginationToken": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected PaginationToken to be of type string, got %T instead", value) + } + sv.PaginationToken = ptr.String(jtv) + } + + case "TagKeys": + if err := awsAwsjson11_deserializeDocumentTagKeyList(&sv.TagKeys, value); err != nil { + return err + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsAwsjson11_deserializeOpDocumentGetTagValuesOutput(v **GetTagValuesOutput, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *GetTagValuesOutput + if *v == nil { + sv = &GetTagValuesOutput{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "PaginationToken": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected PaginationToken to be of type string, got %T instead", value) + } + sv.PaginationToken = ptr.String(jtv) + } + + case "TagValues": + if err := awsAwsjson11_deserializeDocumentTagValuesOutputList(&sv.TagValues, value); err != nil { + return err + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsAwsjson11_deserializeOpDocumentStartReportCreationOutput(v **StartReportCreationOutput, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *StartReportCreationOutput + if *v == nil { + sv = &StartReportCreationOutput{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsAwsjson11_deserializeOpDocumentTagResourcesOutput(v **TagResourcesOutput, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *TagResourcesOutput + if *v == nil { + sv = &TagResourcesOutput{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "FailedResourcesMap": + if err := awsAwsjson11_deserializeDocumentFailedResourcesMap(&sv.FailedResourcesMap, value); err != nil { + return err + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsAwsjson11_deserializeOpDocumentUntagResourcesOutput(v **UntagResourcesOutput, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *UntagResourcesOutput + if *v == nil { + sv = &UntagResourcesOutput{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "FailedResourcesMap": + if err := awsAwsjson11_deserializeDocumentFailedResourcesMap(&sv.FailedResourcesMap, value); err != nil { + return err + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/doc.go b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/doc.go new file mode 100644 index 00000000..8a7fb0f8 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/doc.go @@ -0,0 +1,7 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +// Package resourcegroupstaggingapi provides the API client, operations, and +// parameter types for AWS Resource Groups Tagging API. +// +// Resource Groups Tagging API +package resourcegroupstaggingapi diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/endpoints.go b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/endpoints.go new file mode 100644 index 00000000..d2327c7b --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/endpoints.go @@ -0,0 +1,200 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package resourcegroupstaggingapi + +import ( + "context" + "errors" + "fmt" + "github.com/aws/aws-sdk-go-v2/aws" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + internalendpoints "github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/internal/endpoints" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" + "net/url" + "strings" +) + +// EndpointResolverOptions is the service endpoint resolver options +type EndpointResolverOptions = internalendpoints.Options + +// EndpointResolver interface for resolving service endpoints. +type EndpointResolver interface { + ResolveEndpoint(region string, options EndpointResolverOptions) (aws.Endpoint, error) +} + +var _ EndpointResolver = &internalendpoints.Resolver{} + +// NewDefaultEndpointResolver constructs a new service endpoint resolver +func NewDefaultEndpointResolver() *internalendpoints.Resolver { + return internalendpoints.New() +} + +// EndpointResolverFunc is a helper utility that wraps a function so it satisfies +// the EndpointResolver interface. This is useful when you want to add additional +// endpoint resolving logic, or stub out specific endpoints with custom values. +type EndpointResolverFunc func(region string, options EndpointResolverOptions) (aws.Endpoint, error) + +func (fn EndpointResolverFunc) ResolveEndpoint(region string, options EndpointResolverOptions) (endpoint aws.Endpoint, err error) { + return fn(region, options) +} + +func resolveDefaultEndpointConfiguration(o *Options) { + if o.EndpointResolver != nil { + return + } + o.EndpointResolver = NewDefaultEndpointResolver() +} + +// EndpointResolverFromURL returns an EndpointResolver configured using the +// provided endpoint url. By default, the resolved endpoint resolver uses the +// client region as signing region, and the endpoint source is set to +// EndpointSourceCustom.You can provide functional options to configure endpoint +// values for the resolved endpoint. +func EndpointResolverFromURL(url string, optFns ...func(*aws.Endpoint)) EndpointResolver { + e := aws.Endpoint{URL: url, Source: aws.EndpointSourceCustom} + for _, fn := range optFns { + fn(&e) + } + + return EndpointResolverFunc( + func(region string, options EndpointResolverOptions) (aws.Endpoint, error) { + if len(e.SigningRegion) == 0 { + e.SigningRegion = region + } + return e, nil + }, + ) +} + +type ResolveEndpoint struct { + Resolver EndpointResolver + Options EndpointResolverOptions +} + +func (*ResolveEndpoint) ID() string { + return "ResolveEndpoint" +} + +func (m *ResolveEndpoint) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + req, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) + } + + if m.Resolver == nil { + return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") + } + + eo := m.Options + eo.Logger = middleware.GetLogger(ctx) + + var endpoint aws.Endpoint + endpoint, err = m.Resolver.ResolveEndpoint(awsmiddleware.GetRegion(ctx), eo) + if err != nil { + return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) + } + + req.URL, err = url.Parse(endpoint.URL) + if err != nil { + return out, metadata, fmt.Errorf("failed to parse endpoint URL: %w", err) + } + + if len(awsmiddleware.GetSigningName(ctx)) == 0 { + signingName := endpoint.SigningName + if len(signingName) == 0 { + signingName = "tagging" + } + ctx = awsmiddleware.SetSigningName(ctx, signingName) + } + ctx = awsmiddleware.SetEndpointSource(ctx, endpoint.Source) + ctx = smithyhttp.SetHostnameImmutable(ctx, endpoint.HostnameImmutable) + ctx = awsmiddleware.SetSigningRegion(ctx, endpoint.SigningRegion) + ctx = awsmiddleware.SetPartitionID(ctx, endpoint.PartitionID) + return next.HandleSerialize(ctx, in) +} +func addResolveEndpointMiddleware(stack *middleware.Stack, o Options) error { + return stack.Serialize.Insert(&ResolveEndpoint{ + Resolver: o.EndpointResolver, + Options: o.EndpointOptions, + }, "OperationSerializer", middleware.Before) +} + +func removeResolveEndpointMiddleware(stack *middleware.Stack) error { + _, err := stack.Serialize.Remove((&ResolveEndpoint{}).ID()) + return err +} + +type wrappedEndpointResolver struct { + awsResolver aws.EndpointResolverWithOptions + resolver EndpointResolver +} + +func (w *wrappedEndpointResolver) ResolveEndpoint(region string, options EndpointResolverOptions) (endpoint aws.Endpoint, err error) { + if w.awsResolver == nil { + goto fallback + } + endpoint, err = w.awsResolver.ResolveEndpoint(ServiceID, region, options) + if err == nil { + return endpoint, nil + } + + if nf := (&aws.EndpointNotFoundError{}); !errors.As(err, &nf) { + return endpoint, err + } + +fallback: + if w.resolver == nil { + return endpoint, fmt.Errorf("default endpoint resolver provided was nil") + } + return w.resolver.ResolveEndpoint(region, options) +} + +type awsEndpointResolverAdaptor func(service, region string) (aws.Endpoint, error) + +func (a awsEndpointResolverAdaptor) ResolveEndpoint(service, region string, options ...interface{}) (aws.Endpoint, error) { + return a(service, region) +} + +var _ aws.EndpointResolverWithOptions = awsEndpointResolverAdaptor(nil) + +// withEndpointResolver returns an EndpointResolver that first delegates endpoint resolution to the awsResolver. +// If awsResolver returns aws.EndpointNotFoundError error, the resolver will use the the provided +// fallbackResolver for resolution. +// +// fallbackResolver must not be nil +func withEndpointResolver(awsResolver aws.EndpointResolver, awsResolverWithOptions aws.EndpointResolverWithOptions, fallbackResolver EndpointResolver) EndpointResolver { + var resolver aws.EndpointResolverWithOptions + + if awsResolverWithOptions != nil { + resolver = awsResolverWithOptions + } else if awsResolver != nil { + resolver = awsEndpointResolverAdaptor(awsResolver.ResolveEndpoint) + } + + return &wrappedEndpointResolver{ + awsResolver: resolver, + resolver: fallbackResolver, + } +} + +func finalizeClientEndpointResolverOptions(options *Options) { + options.EndpointOptions.LogDeprecated = options.ClientLogMode.IsDeprecatedUsage() + + if len(options.EndpointOptions.ResolvedRegion) == 0 { + const fipsInfix = "-fips-" + const fipsPrefix = "fips-" + const fipsSuffix = "-fips" + + if strings.Contains(options.Region, fipsInfix) || + strings.Contains(options.Region, fipsPrefix) || + strings.Contains(options.Region, fipsSuffix) { + options.EndpointOptions.ResolvedRegion = strings.ReplaceAll(strings.ReplaceAll(strings.ReplaceAll( + options.Region, fipsInfix, "-"), fipsPrefix, ""), fipsSuffix, "") + options.EndpointOptions.UseFIPSEndpoint = aws.FIPSEndpointStateEnabled + } + } + +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/generated.json b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/generated.json new file mode 100644 index 00000000..70f7cd96 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/generated.json @@ -0,0 +1,35 @@ +{ + "dependencies": { + "github.com/aws/aws-sdk-go-v2": "v1.4.0", + "github.com/aws/aws-sdk-go-v2/internal/configsources": "v0.0.0-00010101000000-000000000000", + "github.com/aws/aws-sdk-go-v2/internal/endpoints/v2": "v2.0.0-00010101000000-000000000000", + "github.com/aws/smithy-go": "v1.4.0" + }, + "files": [ + "api_client.go", + "api_client_test.go", + "api_op_DescribeReportCreation.go", + "api_op_GetComplianceSummary.go", + "api_op_GetResources.go", + "api_op_GetTagKeys.go", + "api_op_GetTagValues.go", + "api_op_StartReportCreation.go", + "api_op_TagResources.go", + "api_op_UntagResources.go", + "deserializers.go", + "doc.go", + "endpoints.go", + "generated.json", + "internal/endpoints/endpoints.go", + "internal/endpoints/endpoints_test.go", + "protocol_test.go", + "serializers.go", + "types/enums.go", + "types/errors.go", + "types/types.go", + "validators.go" + ], + "go": "1.15", + "module": "github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi", + "unstable": false +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/go_module_metadata.go new file mode 100644 index 00000000..1f54245a --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/go_module_metadata.go @@ -0,0 +1,6 @@ +// Code generated by internal/repotools/cmd/updatemodulemeta DO NOT EDIT. + +package resourcegroupstaggingapi + +// goModuleVersion is the tagged release for this module +const goModuleVersion = "1.13.0" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/internal/endpoints/endpoints.go b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/internal/endpoints/endpoints.go new file mode 100644 index 00000000..65a18003 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/internal/endpoints/endpoints.go @@ -0,0 +1,339 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package endpoints + +import ( + "github.com/aws/aws-sdk-go-v2/aws" + endpoints "github.com/aws/aws-sdk-go-v2/internal/endpoints/v2" + "github.com/aws/smithy-go/logging" + "regexp" +) + +// Options is the endpoint resolver configuration options +type Options struct { + // Logger is a logging implementation that log events should be sent to. + Logger logging.Logger + + // LogDeprecated indicates that deprecated endpoints should be logged to the + // provided logger. + LogDeprecated bool + + // ResolvedRegion is used to override the region to be resolved, rather then the + // using the value passed to the ResolveEndpoint method. This value is used by the + // SDK to translate regions like fips-us-east-1 or us-east-1-fips to an alternative + // name. You must not set this value directly in your application. + ResolvedRegion string + + // DisableHTTPS informs the resolver to return an endpoint that does not use the + // HTTPS scheme. + DisableHTTPS bool + + // UseDualStackEndpoint specifies the resolver must resolve a dual-stack endpoint. + UseDualStackEndpoint aws.DualStackEndpointState + + // UseFIPSEndpoint specifies the resolver must resolve a FIPS endpoint. + UseFIPSEndpoint aws.FIPSEndpointState +} + +func (o Options) GetResolvedRegion() string { + return o.ResolvedRegion +} + +func (o Options) GetDisableHTTPS() bool { + return o.DisableHTTPS +} + +func (o Options) GetUseDualStackEndpoint() aws.DualStackEndpointState { + return o.UseDualStackEndpoint +} + +func (o Options) GetUseFIPSEndpoint() aws.FIPSEndpointState { + return o.UseFIPSEndpoint +} + +func transformToSharedOptions(options Options) endpoints.Options { + return endpoints.Options{ + Logger: options.Logger, + LogDeprecated: options.LogDeprecated, + ResolvedRegion: options.ResolvedRegion, + DisableHTTPS: options.DisableHTTPS, + UseDualStackEndpoint: options.UseDualStackEndpoint, + UseFIPSEndpoint: options.UseFIPSEndpoint, + } +} + +// Resolver Resource Groups Tagging API endpoint resolver +type Resolver struct { + partitions endpoints.Partitions +} + +// ResolveEndpoint resolves the service endpoint for the given region and options +func (r *Resolver) ResolveEndpoint(region string, options Options) (endpoint aws.Endpoint, err error) { + if len(region) == 0 { + return endpoint, &aws.MissingRegionError{} + } + + opt := transformToSharedOptions(options) + return r.partitions.ResolveEndpoint(region, opt) +} + +// New returns a new Resolver +func New() *Resolver { + return &Resolver{ + partitions: defaultPartitions, + } +} + +var partitionRegexp = struct { + Aws *regexp.Regexp + AwsCn *regexp.Regexp + AwsIso *regexp.Regexp + AwsIsoB *regexp.Regexp + AwsUsGov *regexp.Regexp +}{ + + Aws: regexp.MustCompile("^(us|eu|ap|sa|ca|me|af)\\-\\w+\\-\\d+$"), + AwsCn: regexp.MustCompile("^cn\\-\\w+\\-\\d+$"), + AwsIso: regexp.MustCompile("^us\\-iso\\-\\w+\\-\\d+$"), + AwsIsoB: regexp.MustCompile("^us\\-isob\\-\\w+\\-\\d+$"), + AwsUsGov: regexp.MustCompile("^us\\-gov\\-\\w+\\-\\d+$"), +} + +var defaultPartitions = endpoints.Partitions{ + { + ID: "aws", + Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ + { + Variant: endpoints.DualStackVariant, + }: { + Hostname: "tagging.{region}.api.aws", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + { + Variant: endpoints.FIPSVariant, + }: { + Hostname: "tagging-fips.{region}.amazonaws.com", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + { + Variant: endpoints.FIPSVariant | endpoints.DualStackVariant, + }: { + Hostname: "tagging-fips.{region}.api.aws", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + { + Variant: 0, + }: { + Hostname: "tagging.{region}.amazonaws.com", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + }, + RegionRegex: partitionRegexp.Aws, + IsRegionalized: true, + Endpoints: endpoints.Endpoints{ + endpoints.EndpointKey{ + Region: "af-south-1", + }: endpoints.Endpoint{}, + endpoints.EndpointKey{ + Region: "ap-east-1", + }: endpoints.Endpoint{}, + endpoints.EndpointKey{ + Region: "ap-northeast-1", + }: endpoints.Endpoint{}, + endpoints.EndpointKey{ + Region: "ap-northeast-2", + }: endpoints.Endpoint{}, + endpoints.EndpointKey{ + Region: "ap-northeast-3", + }: endpoints.Endpoint{}, + endpoints.EndpointKey{ + Region: "ap-south-1", + }: endpoints.Endpoint{}, + endpoints.EndpointKey{ + Region: "ap-southeast-1", + }: endpoints.Endpoint{}, + endpoints.EndpointKey{ + Region: "ap-southeast-2", + }: endpoints.Endpoint{}, + endpoints.EndpointKey{ + Region: "ap-southeast-3", + }: endpoints.Endpoint{}, + endpoints.EndpointKey{ + Region: "ca-central-1", + }: endpoints.Endpoint{}, + endpoints.EndpointKey{ + Region: "eu-central-1", + }: endpoints.Endpoint{}, + endpoints.EndpointKey{ + Region: "eu-north-1", + }: endpoints.Endpoint{}, + endpoints.EndpointKey{ + Region: "eu-south-1", + }: endpoints.Endpoint{}, + endpoints.EndpointKey{ + Region: "eu-west-1", + }: endpoints.Endpoint{}, + endpoints.EndpointKey{ + Region: "eu-west-2", + }: endpoints.Endpoint{}, + endpoints.EndpointKey{ + Region: "eu-west-3", + }: endpoints.Endpoint{}, + endpoints.EndpointKey{ + Region: "me-south-1", + }: endpoints.Endpoint{}, + endpoints.EndpointKey{ + Region: "sa-east-1", + }: endpoints.Endpoint{}, + endpoints.EndpointKey{ + Region: "us-east-1", + }: endpoints.Endpoint{}, + endpoints.EndpointKey{ + Region: "us-east-2", + }: endpoints.Endpoint{}, + endpoints.EndpointKey{ + Region: "us-west-1", + }: endpoints.Endpoint{}, + endpoints.EndpointKey{ + Region: "us-west-2", + }: endpoints.Endpoint{}, + }, + }, + { + ID: "aws-cn", + Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ + { + Variant: endpoints.DualStackVariant, + }: { + Hostname: "tagging.{region}.api.amazonwebservices.com.cn", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + { + Variant: endpoints.FIPSVariant, + }: { + Hostname: "tagging-fips.{region}.amazonaws.com.cn", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + { + Variant: endpoints.FIPSVariant | endpoints.DualStackVariant, + }: { + Hostname: "tagging-fips.{region}.api.amazonwebservices.com.cn", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + { + Variant: 0, + }: { + Hostname: "tagging.{region}.amazonaws.com.cn", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + }, + RegionRegex: partitionRegexp.AwsCn, + IsRegionalized: true, + Endpoints: endpoints.Endpoints{ + endpoints.EndpointKey{ + Region: "cn-north-1", + }: endpoints.Endpoint{}, + endpoints.EndpointKey{ + Region: "cn-northwest-1", + }: endpoints.Endpoint{}, + }, + }, + { + ID: "aws-iso", + Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ + { + Variant: endpoints.FIPSVariant, + }: { + Hostname: "tagging-fips.{region}.c2s.ic.gov", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + { + Variant: 0, + }: { + Hostname: "tagging.{region}.c2s.ic.gov", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + }, + RegionRegex: partitionRegexp.AwsIso, + IsRegionalized: true, + }, + { + ID: "aws-iso-b", + Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ + { + Variant: endpoints.FIPSVariant, + }: { + Hostname: "tagging-fips.{region}.sc2s.sgov.gov", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + { + Variant: 0, + }: { + Hostname: "tagging.{region}.sc2s.sgov.gov", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + }, + RegionRegex: partitionRegexp.AwsIsoB, + IsRegionalized: true, + Endpoints: endpoints.Endpoints{ + endpoints.EndpointKey{ + Region: "us-isob-east-1", + }: endpoints.Endpoint{}, + }, + }, + { + ID: "aws-us-gov", + Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ + { + Variant: endpoints.DualStackVariant, + }: { + Hostname: "tagging.{region}.api.aws", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + { + Variant: endpoints.FIPSVariant, + }: { + Hostname: "tagging-fips.{region}.amazonaws.com", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + { + Variant: endpoints.FIPSVariant | endpoints.DualStackVariant, + }: { + Hostname: "tagging-fips.{region}.api.aws", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + { + Variant: 0, + }: { + Hostname: "tagging.{region}.amazonaws.com", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + }, + RegionRegex: partitionRegexp.AwsUsGov, + IsRegionalized: true, + Endpoints: endpoints.Endpoints{ + endpoints.EndpointKey{ + Region: "us-gov-east-1", + }: endpoints.Endpoint{}, + endpoints.EndpointKey{ + Region: "us-gov-west-1", + }: endpoints.Endpoint{}, + }, + }, +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/serializers.go b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/serializers.go new file mode 100644 index 00000000..799fe6e1 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/serializers.go @@ -0,0 +1,792 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package resourcegroupstaggingapi + +import ( + "bytes" + "context" + "fmt" + "github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/types" + smithy "github.com/aws/smithy-go" + "github.com/aws/smithy-go/encoding/httpbinding" + smithyjson "github.com/aws/smithy-go/encoding/json" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" + "path" +) + +type awsAwsjson11_serializeOpDescribeReportCreation struct { +} + +func (*awsAwsjson11_serializeOpDescribeReportCreation) ID() string { + return "OperationSerializer" +} + +func (m *awsAwsjson11_serializeOpDescribeReportCreation) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*DescribeReportCreationInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + operationPath := "/" + if len(request.Request.URL.Path) == 0 { + request.Request.URL.Path = operationPath + } else { + request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) + if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { + request.Request.URL.Path += "/" + } + } + request.Request.Method = "POST" + httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") + httpBindingEncoder.SetHeader("X-Amz-Target").String("ResourceGroupsTaggingAPI_20170126.DescribeReportCreation") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsAwsjson11_serializeOpDocumentDescribeReportCreationInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} + +type awsAwsjson11_serializeOpGetComplianceSummary struct { +} + +func (*awsAwsjson11_serializeOpGetComplianceSummary) ID() string { + return "OperationSerializer" +} + +func (m *awsAwsjson11_serializeOpGetComplianceSummary) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*GetComplianceSummaryInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + operationPath := "/" + if len(request.Request.URL.Path) == 0 { + request.Request.URL.Path = operationPath + } else { + request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) + if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { + request.Request.URL.Path += "/" + } + } + request.Request.Method = "POST" + httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") + httpBindingEncoder.SetHeader("X-Amz-Target").String("ResourceGroupsTaggingAPI_20170126.GetComplianceSummary") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsAwsjson11_serializeOpDocumentGetComplianceSummaryInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} + +type awsAwsjson11_serializeOpGetResources struct { +} + +func (*awsAwsjson11_serializeOpGetResources) ID() string { + return "OperationSerializer" +} + +func (m *awsAwsjson11_serializeOpGetResources) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*GetResourcesInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + operationPath := "/" + if len(request.Request.URL.Path) == 0 { + request.Request.URL.Path = operationPath + } else { + request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) + if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { + request.Request.URL.Path += "/" + } + } + request.Request.Method = "POST" + httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") + httpBindingEncoder.SetHeader("X-Amz-Target").String("ResourceGroupsTaggingAPI_20170126.GetResources") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsAwsjson11_serializeOpDocumentGetResourcesInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} + +type awsAwsjson11_serializeOpGetTagKeys struct { +} + +func (*awsAwsjson11_serializeOpGetTagKeys) ID() string { + return "OperationSerializer" +} + +func (m *awsAwsjson11_serializeOpGetTagKeys) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*GetTagKeysInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + operationPath := "/" + if len(request.Request.URL.Path) == 0 { + request.Request.URL.Path = operationPath + } else { + request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) + if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { + request.Request.URL.Path += "/" + } + } + request.Request.Method = "POST" + httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") + httpBindingEncoder.SetHeader("X-Amz-Target").String("ResourceGroupsTaggingAPI_20170126.GetTagKeys") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsAwsjson11_serializeOpDocumentGetTagKeysInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} + +type awsAwsjson11_serializeOpGetTagValues struct { +} + +func (*awsAwsjson11_serializeOpGetTagValues) ID() string { + return "OperationSerializer" +} + +func (m *awsAwsjson11_serializeOpGetTagValues) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*GetTagValuesInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + operationPath := "/" + if len(request.Request.URL.Path) == 0 { + request.Request.URL.Path = operationPath + } else { + request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) + if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { + request.Request.URL.Path += "/" + } + } + request.Request.Method = "POST" + httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") + httpBindingEncoder.SetHeader("X-Amz-Target").String("ResourceGroupsTaggingAPI_20170126.GetTagValues") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsAwsjson11_serializeOpDocumentGetTagValuesInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} + +type awsAwsjson11_serializeOpStartReportCreation struct { +} + +func (*awsAwsjson11_serializeOpStartReportCreation) ID() string { + return "OperationSerializer" +} + +func (m *awsAwsjson11_serializeOpStartReportCreation) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*StartReportCreationInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + operationPath := "/" + if len(request.Request.URL.Path) == 0 { + request.Request.URL.Path = operationPath + } else { + request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) + if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { + request.Request.URL.Path += "/" + } + } + request.Request.Method = "POST" + httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") + httpBindingEncoder.SetHeader("X-Amz-Target").String("ResourceGroupsTaggingAPI_20170126.StartReportCreation") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsAwsjson11_serializeOpDocumentStartReportCreationInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} + +type awsAwsjson11_serializeOpTagResources struct { +} + +func (*awsAwsjson11_serializeOpTagResources) ID() string { + return "OperationSerializer" +} + +func (m *awsAwsjson11_serializeOpTagResources) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*TagResourcesInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + operationPath := "/" + if len(request.Request.URL.Path) == 0 { + request.Request.URL.Path = operationPath + } else { + request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) + if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { + request.Request.URL.Path += "/" + } + } + request.Request.Method = "POST" + httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") + httpBindingEncoder.SetHeader("X-Amz-Target").String("ResourceGroupsTaggingAPI_20170126.TagResources") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsAwsjson11_serializeOpDocumentTagResourcesInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} + +type awsAwsjson11_serializeOpUntagResources struct { +} + +func (*awsAwsjson11_serializeOpUntagResources) ID() string { + return "OperationSerializer" +} + +func (m *awsAwsjson11_serializeOpUntagResources) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*UntagResourcesInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + operationPath := "/" + if len(request.Request.URL.Path) == 0 { + request.Request.URL.Path = operationPath + } else { + request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) + if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { + request.Request.URL.Path += "/" + } + } + request.Request.Method = "POST" + httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") + httpBindingEncoder.SetHeader("X-Amz-Target").String("ResourceGroupsTaggingAPI_20170126.UntagResources") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsAwsjson11_serializeOpDocumentUntagResourcesInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} +func awsAwsjson11_serializeDocumentGroupBy(v []types.GroupByAttribute, value smithyjson.Value) error { + array := value.Array() + defer array.Close() + + for i := range v { + av := array.Value() + av.String(string(v[i])) + } + return nil +} + +func awsAwsjson11_serializeDocumentRegionFilterList(v []string, value smithyjson.Value) error { + array := value.Array() + defer array.Close() + + for i := range v { + av := array.Value() + av.String(v[i]) + } + return nil +} + +func awsAwsjson11_serializeDocumentResourceARNListForGet(v []string, value smithyjson.Value) error { + array := value.Array() + defer array.Close() + + for i := range v { + av := array.Value() + av.String(v[i]) + } + return nil +} + +func awsAwsjson11_serializeDocumentResourceARNListForTagUntag(v []string, value smithyjson.Value) error { + array := value.Array() + defer array.Close() + + for i := range v { + av := array.Value() + av.String(v[i]) + } + return nil +} + +func awsAwsjson11_serializeDocumentResourceTypeFilterList(v []string, value smithyjson.Value) error { + array := value.Array() + defer array.Close() + + for i := range v { + av := array.Value() + av.String(v[i]) + } + return nil +} + +func awsAwsjson11_serializeDocumentTagFilter(v *types.TagFilter, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.Key != nil { + ok := object.Key("Key") + ok.String(*v.Key) + } + + if v.Values != nil { + ok := object.Key("Values") + if err := awsAwsjson11_serializeDocumentTagValueList(v.Values, ok); err != nil { + return err + } + } + + return nil +} + +func awsAwsjson11_serializeDocumentTagFilterList(v []types.TagFilter, value smithyjson.Value) error { + array := value.Array() + defer array.Close() + + for i := range v { + av := array.Value() + if err := awsAwsjson11_serializeDocumentTagFilter(&v[i], av); err != nil { + return err + } + } + return nil +} + +func awsAwsjson11_serializeDocumentTagKeyFilterList(v []string, value smithyjson.Value) error { + array := value.Array() + defer array.Close() + + for i := range v { + av := array.Value() + av.String(v[i]) + } + return nil +} + +func awsAwsjson11_serializeDocumentTagKeyListForUntag(v []string, value smithyjson.Value) error { + array := value.Array() + defer array.Close() + + for i := range v { + av := array.Value() + av.String(v[i]) + } + return nil +} + +func awsAwsjson11_serializeDocumentTagMap(v map[string]string, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + for key := range v { + om := object.Key(key) + om.String(v[key]) + } + return nil +} + +func awsAwsjson11_serializeDocumentTagValueList(v []string, value smithyjson.Value) error { + array := value.Array() + defer array.Close() + + for i := range v { + av := array.Value() + av.String(v[i]) + } + return nil +} + +func awsAwsjson11_serializeDocumentTargetIdFilterList(v []string, value smithyjson.Value) error { + array := value.Array() + defer array.Close() + + for i := range v { + av := array.Value() + av.String(v[i]) + } + return nil +} + +func awsAwsjson11_serializeOpDocumentDescribeReportCreationInput(v *DescribeReportCreationInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + return nil +} + +func awsAwsjson11_serializeOpDocumentGetComplianceSummaryInput(v *GetComplianceSummaryInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.GroupBy != nil { + ok := object.Key("GroupBy") + if err := awsAwsjson11_serializeDocumentGroupBy(v.GroupBy, ok); err != nil { + return err + } + } + + if v.MaxResults != nil { + ok := object.Key("MaxResults") + ok.Integer(*v.MaxResults) + } + + if v.PaginationToken != nil { + ok := object.Key("PaginationToken") + ok.String(*v.PaginationToken) + } + + if v.RegionFilters != nil { + ok := object.Key("RegionFilters") + if err := awsAwsjson11_serializeDocumentRegionFilterList(v.RegionFilters, ok); err != nil { + return err + } + } + + if v.ResourceTypeFilters != nil { + ok := object.Key("ResourceTypeFilters") + if err := awsAwsjson11_serializeDocumentResourceTypeFilterList(v.ResourceTypeFilters, ok); err != nil { + return err + } + } + + if v.TagKeyFilters != nil { + ok := object.Key("TagKeyFilters") + if err := awsAwsjson11_serializeDocumentTagKeyFilterList(v.TagKeyFilters, ok); err != nil { + return err + } + } + + if v.TargetIdFilters != nil { + ok := object.Key("TargetIdFilters") + if err := awsAwsjson11_serializeDocumentTargetIdFilterList(v.TargetIdFilters, ok); err != nil { + return err + } + } + + return nil +} + +func awsAwsjson11_serializeOpDocumentGetResourcesInput(v *GetResourcesInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.ExcludeCompliantResources != nil { + ok := object.Key("ExcludeCompliantResources") + ok.Boolean(*v.ExcludeCompliantResources) + } + + if v.IncludeComplianceDetails != nil { + ok := object.Key("IncludeComplianceDetails") + ok.Boolean(*v.IncludeComplianceDetails) + } + + if v.PaginationToken != nil { + ok := object.Key("PaginationToken") + ok.String(*v.PaginationToken) + } + + if v.ResourceARNList != nil { + ok := object.Key("ResourceARNList") + if err := awsAwsjson11_serializeDocumentResourceARNListForGet(v.ResourceARNList, ok); err != nil { + return err + } + } + + if v.ResourcesPerPage != nil { + ok := object.Key("ResourcesPerPage") + ok.Integer(*v.ResourcesPerPage) + } + + if v.ResourceTypeFilters != nil { + ok := object.Key("ResourceTypeFilters") + if err := awsAwsjson11_serializeDocumentResourceTypeFilterList(v.ResourceTypeFilters, ok); err != nil { + return err + } + } + + if v.TagFilters != nil { + ok := object.Key("TagFilters") + if err := awsAwsjson11_serializeDocumentTagFilterList(v.TagFilters, ok); err != nil { + return err + } + } + + if v.TagsPerPage != nil { + ok := object.Key("TagsPerPage") + ok.Integer(*v.TagsPerPage) + } + + return nil +} + +func awsAwsjson11_serializeOpDocumentGetTagKeysInput(v *GetTagKeysInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.PaginationToken != nil { + ok := object.Key("PaginationToken") + ok.String(*v.PaginationToken) + } + + return nil +} + +func awsAwsjson11_serializeOpDocumentGetTagValuesInput(v *GetTagValuesInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.Key != nil { + ok := object.Key("Key") + ok.String(*v.Key) + } + + if v.PaginationToken != nil { + ok := object.Key("PaginationToken") + ok.String(*v.PaginationToken) + } + + return nil +} + +func awsAwsjson11_serializeOpDocumentStartReportCreationInput(v *StartReportCreationInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.S3Bucket != nil { + ok := object.Key("S3Bucket") + ok.String(*v.S3Bucket) + } + + return nil +} + +func awsAwsjson11_serializeOpDocumentTagResourcesInput(v *TagResourcesInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.ResourceARNList != nil { + ok := object.Key("ResourceARNList") + if err := awsAwsjson11_serializeDocumentResourceARNListForTagUntag(v.ResourceARNList, ok); err != nil { + return err + } + } + + if v.Tags != nil { + ok := object.Key("Tags") + if err := awsAwsjson11_serializeDocumentTagMap(v.Tags, ok); err != nil { + return err + } + } + + return nil +} + +func awsAwsjson11_serializeOpDocumentUntagResourcesInput(v *UntagResourcesInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.ResourceARNList != nil { + ok := object.Key("ResourceARNList") + if err := awsAwsjson11_serializeDocumentResourceARNListForTagUntag(v.ResourceARNList, ok); err != nil { + return err + } + } + + if v.TagKeys != nil { + ok := object.Key("TagKeys") + if err := awsAwsjson11_serializeDocumentTagKeyListForUntag(v.TagKeys, ok); err != nil { + return err + } + } + + return nil +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/types/enums.go b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/types/enums.go new file mode 100644 index 00000000..19fd7a5c --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/types/enums.go @@ -0,0 +1,61 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package types + +type ErrorCode string + +// Enum values for ErrorCode +const ( + ErrorCodeInternalServiceException ErrorCode = "InternalServiceException" + ErrorCodeInvalidParameterException ErrorCode = "InvalidParameterException" +) + +// Values returns all known values for ErrorCode. Note that this can be expanded in +// the future, and so it is only as up to date as the client. The ordering of this +// slice is not guaranteed to be stable across updates. +func (ErrorCode) Values() []ErrorCode { + return []ErrorCode{ + "InternalServiceException", + "InvalidParameterException", + } +} + +type GroupByAttribute string + +// Enum values for GroupByAttribute +const ( + GroupByAttributeTargetId GroupByAttribute = "TARGET_ID" + GroupByAttributeRegion GroupByAttribute = "REGION" + GroupByAttributeResourceType GroupByAttribute = "RESOURCE_TYPE" +) + +// Values returns all known values for GroupByAttribute. Note that this can be +// expanded in the future, and so it is only as up to date as the client. The +// ordering of this slice is not guaranteed to be stable across updates. +func (GroupByAttribute) Values() []GroupByAttribute { + return []GroupByAttribute{ + "TARGET_ID", + "REGION", + "RESOURCE_TYPE", + } +} + +type TargetIdType string + +// Enum values for TargetIdType +const ( + TargetIdTypeAccount TargetIdType = "ACCOUNT" + TargetIdTypeOu TargetIdType = "OU" + TargetIdTypeRoot TargetIdType = "ROOT" +) + +// Values returns all known values for TargetIdType. Note that this can be expanded +// in the future, and so it is only as up to date as the client. The ordering of +// this slice is not guaranteed to be stable across updates. +func (TargetIdType) Values() []TargetIdType { + return []TargetIdType{ + "ACCOUNT", + "OU", + "ROOT", + } +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/types/errors.go b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/types/errors.go new file mode 100644 index 00000000..23d59890 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/types/errors.go @@ -0,0 +1,162 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package types + +import ( + "fmt" + smithy "github.com/aws/smithy-go" +) + +// The target of the operation is currently being modified by a different request. +// Try again later. +type ConcurrentModificationException struct { + Message *string + + noSmithyDocumentSerde +} + +func (e *ConcurrentModificationException) Error() string { + return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) +} +func (e *ConcurrentModificationException) ErrorMessage() string { + if e.Message == nil { + return "" + } + return *e.Message +} +func (e *ConcurrentModificationException) ErrorCode() string { + return "ConcurrentModificationException" +} +func (e *ConcurrentModificationException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } + +// The request was denied because performing this operation violates a constraint. +// Some of the reasons in the following list might not apply to this specific +// operation. +// +// * You must meet the prerequisites for using tag policies. For +// information, see Prerequisites and Permissions for Using Tag Policies +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies-prereqs.html) +// in the Organizations User Guide. +// +// * You must enable the tag policies service +// principal (tagpolicies.tag.amazonaws.com) to integrate with Organizations For +// information, see EnableAWSServiceAccess +// (https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnableAWSServiceAccess.html). +// +// * +// You must have a tag policy attached to the organization root, an OU, or an +// account. +type ConstraintViolationException struct { + Message *string + + noSmithyDocumentSerde +} + +func (e *ConstraintViolationException) Error() string { + return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) +} +func (e *ConstraintViolationException) ErrorMessage() string { + if e.Message == nil { + return "" + } + return *e.Message +} +func (e *ConstraintViolationException) ErrorCode() string { return "ConstraintViolationException" } +func (e *ConstraintViolationException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } + +// The request processing failed because of an unknown error, exception, or +// failure. You can retry the request. +type InternalServiceException struct { + Message *string + + noSmithyDocumentSerde +} + +func (e *InternalServiceException) Error() string { + return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) +} +func (e *InternalServiceException) ErrorMessage() string { + if e.Message == nil { + return "" + } + return *e.Message +} +func (e *InternalServiceException) ErrorCode() string { return "InternalServiceException" } +func (e *InternalServiceException) ErrorFault() smithy.ErrorFault { return smithy.FaultServer } + +// This error indicates one of the following: +// +// * A parameter is missing. +// +// * A +// malformed string was supplied for the request parameter. +// +// * An out-of-range +// value was supplied for the request parameter. +// +// * The target ID is invalid, +// unsupported, or doesn't exist. +// +// * You can't access the Amazon S3 bucket for +// report storage. For more information, see Additional Requirements for +// Organization-wide Tag Compliance Reports +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies-prereqs.html#bucket-policies-org-report) +// in the Organizations User Guide. +type InvalidParameterException struct { + Message *string + + noSmithyDocumentSerde +} + +func (e *InvalidParameterException) Error() string { + return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) +} +func (e *InvalidParameterException) ErrorMessage() string { + if e.Message == nil { + return "" + } + return *e.Message +} +func (e *InvalidParameterException) ErrorCode() string { return "InvalidParameterException" } +func (e *InvalidParameterException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } + +// A PaginationToken is valid for a maximum of 15 minutes. Your request was denied +// because the specified PaginationToken has expired. +type PaginationTokenExpiredException struct { + Message *string + + noSmithyDocumentSerde +} + +func (e *PaginationTokenExpiredException) Error() string { + return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) +} +func (e *PaginationTokenExpiredException) ErrorMessage() string { + if e.Message == nil { + return "" + } + return *e.Message +} +func (e *PaginationTokenExpiredException) ErrorCode() string { + return "PaginationTokenExpiredException" +} +func (e *PaginationTokenExpiredException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } + +// The request was denied to limit the frequency of submitted requests. +type ThrottledException struct { + Message *string + + noSmithyDocumentSerde +} + +func (e *ThrottledException) Error() string { + return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) +} +func (e *ThrottledException) ErrorMessage() string { + if e.Message == nil { + return "" + } + return *e.Message +} +func (e *ThrottledException) ErrorCode() string { return "ThrottledException" } +func (e *ThrottledException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/types/types.go b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/types/types.go new file mode 100644 index 00000000..c1222b9e --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/types/types.go @@ -0,0 +1,150 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package types + +import ( + smithydocument "github.com/aws/smithy-go/document" +) + +// Information that shows whether a resource is compliant with the effective tag +// policy, including details on any noncompliant tag keys. +type ComplianceDetails struct { + + // Whether a resource is compliant with the effective tag policy. + ComplianceStatus *bool + + // These are keys defined in the effective policy that are on the resource with + // either incorrect case treatment or noncompliant values. + KeysWithNoncompliantValues []string + + // These tag keys on the resource are noncompliant with the effective tag policy. + NoncompliantKeys []string + + noSmithyDocumentSerde +} + +// Information about the errors that are returned for each failed resource. This +// information can include InternalServiceException and InvalidParameterException +// errors. It can also include any valid error code returned by the Amazon Web +// Services service that hosts the resource that the ARN key represents. The +// following are common error codes that you might receive from other Amazon Web +// Services services: +// +// * InternalServiceException – This can mean that the Resource +// Groups Tagging API didn't receive a response from another Amazon Web Services +// service. It can also mean that the resource type in the request is not supported +// by the Resource Groups Tagging API. In these cases, it's safe to retry the +// request and then call GetResources +// (https://docs.aws.amazon.com/resourcegroupstagging/latest/APIReference/API_GetResources.html) +// to verify the changes. +// +// * AccessDeniedException – This can mean that you need +// permission to call the tagging operations in the Amazon Web Services service +// that contains the resource. For example, to use the Resource Groups Tagging API +// to tag a Amazon CloudWatch alarm resource, you need permission to call both +// TagResources +// (https://docs.aws.amazon.com/resourcegroupstagging/latest/APIReference/API_TagResources.html) +// and TagResource +// (https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_TagResource.html) +// in the CloudWatch API. +// +// For more information on errors that are generated from +// other Amazon Web Services services, see the documentation for that service. +type FailureInfo struct { + + // The code of the common error. Valid values include InternalServiceException, + // InvalidParameterException, and any valid error code returned by the Amazon Web + // Services service that hosts the resource that you want to tag. + ErrorCode ErrorCode + + // The message of the common error. + ErrorMessage *string + + // The HTTP status code of the common error. + StatusCode int32 + + noSmithyDocumentSerde +} + +// A list of resource ARNs and the tags (keys and values) that are associated with +// each. +type ResourceTagMapping struct { + + // Information that shows whether a resource is compliant with the effective tag + // policy, including details on any noncompliant tag keys. + ComplianceDetails *ComplianceDetails + + // The ARN of the resource. + ResourceARN *string + + // The tags that have been applied to one or more Amazon Web Services resources. + Tags []Tag + + noSmithyDocumentSerde +} + +// A count of noncompliant resources. +type Summary struct { + + // The timestamp that shows when this summary was generated in this Region. + LastUpdated *string + + // The count of noncompliant resources. + NonCompliantResources int64 + + // The Amazon Web Services Region that the summary applies to. + Region *string + + // The Amazon Web Services resource type. + ResourceType *string + + // The account identifier or the root identifier of the organization. If you don't + // know the root ID, you can call the Organizations ListRoots + // (https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListRoots.html) + // API. + TargetId *string + + // Whether the target is an account, an OU, or the organization root. + TargetIdType TargetIdType + + noSmithyDocumentSerde +} + +// The metadata that you apply to Amazon Web Services resources to help you +// categorize and organize them. Each tag consists of a key and a value, both of +// which you define. For more information, see Tagging Amazon Web Services +// Resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in +// the Amazon Web Services General Reference. +type Tag struct { + + // One part of a key-value pair that makes up a tag. A key is a general label that + // acts like a category for more specific tag values. + // + // This member is required. + Key *string + + // One part of a key-value pair that make up a tag. A value acts as a descriptor + // within a tag category (key). The value can be empty or null. + // + // This member is required. + Value *string + + noSmithyDocumentSerde +} + +// A list of tags (keys and values) that are used to specify the associated +// resources. +type TagFilter struct { + + // One part of a key-value pair that makes up a tag. A key is a general label that + // acts like a category for more specific tag values. + Key *string + + // One part of a key-value pair that make up a tag. A value acts as a descriptor + // within a tag category (key). The value can be empty or null. + Values []string + + noSmithyDocumentSerde +} + +type noSmithyDocumentSerde = smithydocument.NoSerde diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/validators.go b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/validators.go new file mode 100644 index 00000000..88c40c8f --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/validators.go @@ -0,0 +1,172 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package resourcegroupstaggingapi + +import ( + "context" + "fmt" + smithy "github.com/aws/smithy-go" + "github.com/aws/smithy-go/middleware" +) + +type validateOpGetTagValues struct { +} + +func (*validateOpGetTagValues) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpGetTagValues) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*GetTagValuesInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpGetTagValuesInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + +type validateOpStartReportCreation struct { +} + +func (*validateOpStartReportCreation) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpStartReportCreation) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*StartReportCreationInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpStartReportCreationInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + +type validateOpTagResources struct { +} + +func (*validateOpTagResources) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpTagResources) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*TagResourcesInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpTagResourcesInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + +type validateOpUntagResources struct { +} + +func (*validateOpUntagResources) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpUntagResources) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*UntagResourcesInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpUntagResourcesInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + +func addOpGetTagValuesValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpGetTagValues{}, middleware.After) +} + +func addOpStartReportCreationValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpStartReportCreation{}, middleware.After) +} + +func addOpTagResourcesValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpTagResources{}, middleware.After) +} + +func addOpUntagResourcesValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpUntagResources{}, middleware.After) +} + +func validateOpGetTagValuesInput(v *GetTagValuesInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "GetTagValuesInput"} + if v.Key == nil { + invalidParams.Add(smithy.NewErrParamRequired("Key")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + +func validateOpStartReportCreationInput(v *StartReportCreationInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "StartReportCreationInput"} + if v.S3Bucket == nil { + invalidParams.Add(smithy.NewErrParamRequired("S3Bucket")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + +func validateOpTagResourcesInput(v *TagResourcesInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "TagResourcesInput"} + if v.ResourceARNList == nil { + invalidParams.Add(smithy.NewErrParamRequired("ResourceARNList")) + } + if v.Tags == nil { + invalidParams.Add(smithy.NewErrParamRequired("Tags")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + +func validateOpUntagResourcesInput(v *UntagResourcesInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "UntagResourcesInput"} + if v.ResourceARNList == nil { + invalidParams.Add(smithy.NewErrParamRequired("ResourceARNList")) + } + if v.TagKeys == nil { + invalidParams.Add(smithy.NewErrParamRequired("TagKeys")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} diff --git a/vendor/modules.txt b/vendor/modules.txt index 22c9cd98..4a07ab28 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -102,6 +102,11 @@ github.com/aws/aws-sdk-go-v2/service/ec2/types # github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.7.0 ## explicit; go 1.15 github.com/aws/aws-sdk-go-v2/service/internal/presigned-url +# github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi v1.13.0 +## explicit; go 1.15 +github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi +github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/internal/endpoints +github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi/types # github.com/aws/aws-sdk-go-v2/service/sso v1.9.0 ## explicit; go 1.15 github.com/aws/aws-sdk-go-v2/service/sso From c577e3cfe3ee078939d9e61a26060f6db0fa55cc Mon Sep 17 00:00:00 2001 From: chiragkyal Date: Tue, 10 Dec 2024 17:41:54 +0530 Subject: [PATCH 3/3] make update bundle catalog Signed-off-by: chiragkyal --- .../elbv2.k8s.aws_ingressclassparams.yaml | 101 +++++++--- .../elbv2.k8s.aws_targetgroupbindings.yaml | 160 +++++++++------- .../elbv2.k8s.aws_ingressclassparams.yaml | 113 ++++++++--- .../elbv2.k8s.aws_targetgroupbindings.yaml | 176 +++++++++++++----- config/rbac/upstream_role.yaml | 2 - 5 files changed, 382 insertions(+), 170 deletions(-) diff --git a/bundle/manifests/elbv2.k8s.aws_ingressclassparams.yaml b/bundle/manifests/elbv2.k8s.aws_ingressclassparams.yaml index e1ab95a5..5de9e9de 100644 --- a/bundle/manifests/elbv2.k8s.aws_ingressclassparams.yaml +++ b/bundle/manifests/elbv2.k8s.aws_ingressclassparams.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.14.0 creationTimestamp: null name: ingressclassparams.elbv2.k8s.aws spec: @@ -36,20 +36,31 @@ spec: description: IngressClassParams is the Schema for the IngressClassParams API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: IngressClassParamsSpec defines the desired state of IngressClassParams properties: + certificateArn: + description: CertificateArn specifies the ARN of the certificates + for all Ingresses that belong to IngressClass with this IngressClassParams. + items: + type: string + type: array group: description: Group defines the IngressGroup for all Ingresses that belong to IngressClass with this IngressClassParams. @@ -60,12 +71,19 @@ spec: required: - name type: object + inboundCIDRs: + description: InboundCIDRs specifies the CIDRs that are allowed to + access the Ingresses that belong to IngressClass with this IngressClassParams. + items: + type: string + type: array ipAddressType: description: IPAddressType defines the ip address type for all Ingresses that belong to IngressClass with this IngressClassParams. enum: - ipv4 - dualstack + - dualstack-without-public-ipv4 type: string loadBalancerAttributes: description: LoadBalancerAttributes define the custom attributes to @@ -86,51 +104,53 @@ spec: type: object type: array namespaceSelector: - description: NamespaceSelector restrict the namespaces of Ingresses - that are allowed to specify the IngressClass with this IngressClassParams. + description: |- + NamespaceSelector restrict the namespaces of Ingresses that are allowed to specify the IngressClass with this IngressClassParams. * if absent or present but empty, it selects all namespaces. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object + x-kubernetes-map-type: atomic scheme: description: Scheme defines the scheme for all Ingresses that belong to IngressClass with this IngressClassParams. @@ -138,6 +158,35 @@ spec: - internal - internet-facing type: string + sslPolicy: + description: SSLPolicy specifies the SSL Policy for all Ingresses + that belong to IngressClass with this IngressClassParams. + type: string + subnets: + description: Subnets defines the subnets for all Ingresses that belong + to IngressClass with this IngressClassParams. + properties: + ids: + description: IDs specify the resource IDs of subnets. Exactly + one of this or `tags` must be specified. + items: + description: SubnetID specifies a subnet ID. + pattern: subnet-[0-9a-f]+ + type: string + minItems: 1 + type: array + tags: + additionalProperties: + items: + type: string + type: array + description: |- + Tags specifies subnets in the load balancer's VPC where each + tag specified in the map key contains one of the values in the corresponding + value list. + Exactly one of this or `ids` must be specified. + type: object + type: object tags: description: Tags defines list of Tags on AWS resources provisioned for Ingresses that belong to IngressClass with this IngressClassParams. @@ -164,5 +213,5 @@ status: acceptedNames: kind: "" plural: "" - conditions: [] - storedVersions: [] + conditions: null + storedVersions: null diff --git a/bundle/manifests/elbv2.k8s.aws_targetgroupbindings.yaml b/bundle/manifests/elbv2.k8s.aws_targetgroupbindings.yaml index f3253804..d0550782 100644 --- a/bundle/manifests/elbv2.k8s.aws_targetgroupbindings.yaml +++ b/bundle/manifests/elbv2.k8s.aws_targetgroupbindings.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.14.0 creationTimestamp: null name: targetgroupbindings.elbv2.k8s.aws spec: @@ -41,14 +41,19 @@ spec: description: TargetGroupBinding is the Schema for the TargetGroupBinding API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -65,28 +70,30 @@ spec: items: properties: from: - description: List of peers which should be able to access - the targets in TargetGroup. At least one NetworkingPeer - should be specified. + description: |- + List of peers which should be able to access the targets in TargetGroup. + At least one NetworkingPeer should be specified. items: description: NetworkingPeer defines the source/destination peer for networking rules. properties: ipBlock: - description: IPBlock defines an IPBlock peer. If specified, - none of the other fields can be set. + description: |- + IPBlock defines an IPBlock peer. + If specified, none of the other fields can be set. properties: cidr: - description: CIDR is the network CIDR. Both IPV4 - or IPV6 CIDR are accepted. + description: |- + CIDR is the network CIDR. + Both IPV4 or IPV6 CIDR are accepted. type: string required: - cidr type: object securityGroup: - description: SecurityGroup defines a SecurityGroup - peer. If specified, none of the other fields can - be set. + description: |- + SecurityGroup defines a SecurityGroup peer. + If specified, none of the other fields can be set. properties: groupID: description: GroupID is the EC2 SecurityGroupID. @@ -97,24 +104,24 @@ spec: type: object type: array ports: - description: List of ports which should be made accessible - on the targets in TargetGroup. If ports is empty or unspecified, - it defaults to all ports with TCP. + description: |- + List of ports which should be made accessible on the targets in TargetGroup. + If ports is empty or unspecified, it defaults to all ports with TCP. items: properties: port: anyOf: - type: integer - type: string - description: The port which traffic must match. When - NodePort endpoints(instance TargetType) is used, - this must be a numerical port. When Port endpoints(ip - TargetType) is used, this can be either numerical - or named port on pods. if port is unspecified, it - defaults to all ports. + description: |- + The port which traffic must match. + When NodePort endpoints(instance TargetType) is used, this must be a numerical port. + When Port endpoints(ip TargetType) is used, this can be either numerical or named port on pods. + if port is unspecified, it defaults to all ports. x-kubernetes-int-or-string: true protocol: - description: The protocol which traffic must match. + description: |- + The protocol which traffic must match. If protocol is unspecified, it defaults to TCP. enum: - TCP @@ -200,14 +207,19 @@ spec: description: TargetGroupBinding is the Schema for the TargetGroupBinding API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -233,28 +245,30 @@ spec: of traffic that is allowed to access TargetGroup's targets. properties: from: - description: List of peers which should be able to access - the targets in TargetGroup. At least one NetworkingPeer - should be specified. + description: |- + List of peers which should be able to access the targets in TargetGroup. + At least one NetworkingPeer should be specified. items: description: NetworkingPeer defines the source/destination peer for networking rules. properties: ipBlock: - description: IPBlock defines an IPBlock peer. If specified, - none of the other fields can be set. + description: |- + IPBlock defines an IPBlock peer. + If specified, none of the other fields can be set. properties: cidr: - description: CIDR is the network CIDR. Both IPV4 - or IPV6 CIDR are accepted. + description: |- + CIDR is the network CIDR. + Both IPV4 or IPV6 CIDR are accepted. type: string required: - cidr type: object securityGroup: - description: SecurityGroup defines a SecurityGroup - peer. If specified, none of the other fields can - be set. + description: |- + SecurityGroup defines a SecurityGroup peer. + If specified, none of the other fields can be set. properties: groupID: description: GroupID is the EC2 SecurityGroupID. @@ -265,9 +279,9 @@ spec: type: object type: array ports: - description: List of ports which should be made accessible - on the targets in TargetGroup. If ports is empty or unspecified, - it defaults to all ports with TCP. + description: |- + List of ports which should be made accessible on the targets in TargetGroup. + If ports is empty or unspecified, it defaults to all ports with TCP. items: description: NetworkingPort defines the port and protocol for networking rules. @@ -276,15 +290,15 @@ spec: anyOf: - type: integer - type: string - description: The port which traffic must match. When - NodePort endpoints(instance TargetType) is used, - this must be a numerical port. When Port endpoints(ip - TargetType) is used, this can be either numerical - or named port on pods. if port is unspecified, it - defaults to all ports. + description: |- + The port which traffic must match. + When NodePort endpoints(instance TargetType) is used, this must be a numerical port. + When Port endpoints(ip TargetType) is used, this can be either numerical or named port on pods. + if port is unspecified, it defaults to all ports. x-kubernetes-int-or-string: true protocol: - description: The protocol which traffic must match. + description: |- + The protocol which traffic must match. If protocol is unspecified, it defaults to TCP. enum: - TCP @@ -306,43 +320,45 @@ spec: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object + x-kubernetes-map-type: atomic serviceRef: description: serviceRef is a reference to a Kubernetes Service and ServicePort. @@ -372,6 +388,10 @@ spec: - instance - ip type: string + vpcID: + description: VpcID is the VPC of the TargetGroup. If unspecified, + it will be automatically inferred. + type: string required: - serviceRef - targetGroupARN @@ -393,5 +413,5 @@ status: acceptedNames: kind: "" plural: "" - conditions: [] - storedVersions: [] + conditions: null + storedVersions: null diff --git a/config/crd/bases/elbv2.k8s.aws_ingressclassparams.yaml b/config/crd/bases/elbv2.k8s.aws_ingressclassparams.yaml index 3651e06d..ba9ae4f6 100644 --- a/config/crd/bases/elbv2.k8s.aws_ingressclassparams.yaml +++ b/config/crd/bases/elbv2.k8s.aws_ingressclassparams.yaml @@ -1,11 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: ingressclassparams.elbv2.k8s.aws spec: group: elbv2.k8s.aws @@ -38,18 +36,34 @@ spec: description: IngressClassParams is the Schema for the IngressClassParams API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: IngressClassParamsSpec defines the desired state of IngressClassParams properties: + certificateArn: + description: CertificateArn specifies the ARN of the certificates + for all Ingresses that belong to IngressClass with this IngressClassParams. + items: + type: string + type: array group: - description: Group defines the IngressGroup for all Ingresses that belong to IngressClass with this IngressClassParams. + description: Group defines the IngressGroup for all Ingresses that + belong to IngressClass with this IngressClassParams. properties: name: description: Name is the name of IngressGroup. @@ -57,14 +71,24 @@ spec: required: - name type: object + inboundCIDRs: + description: InboundCIDRs specifies the CIDRs that are allowed to + access the Ingresses that belong to IngressClass with this IngressClassParams. + items: + type: string + type: array ipAddressType: - description: IPAddressType defines the ip address type for all Ingresses that belong to IngressClass with this IngressClassParams. + description: IPAddressType defines the ip address type for all Ingresses + that belong to IngressClass with this IngressClassParams. enum: - ipv4 - dualstack + - dualstack-without-public-ipv4 type: string loadBalancerAttributes: - description: LoadBalancerAttributes define the custom attributes to LoadBalancers for all Ingress that that belong to IngressClass with this IngressClassParams. + description: LoadBalancerAttributes define the custom attributes to + LoadBalancers for all Ingress that that belong to IngressClass with + this IngressClassParams. items: description: Attributes defines custom attributes on resources. properties: @@ -80,43 +104,92 @@ spec: type: object type: array namespaceSelector: - description: NamespaceSelector restrict the namespaces of Ingresses that are allowed to specify the IngressClass with this IngressClassParams. * if absent or present but empty, it selects all namespaces. + description: |- + NamespaceSelector restrict the namespaces of Ingresses that are allowed to specify the IngressClass with this IngressClassParams. + * if absent or present but empty, it selects all namespaces. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: - description: key is the label key that the selector applies to. + description: key is the label key that the selector applies + to. type: string operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object + x-kubernetes-map-type: atomic scheme: - description: Scheme defines the scheme for all Ingresses that belong to IngressClass with this IngressClassParams. + description: Scheme defines the scheme for all Ingresses that belong + to IngressClass with this IngressClassParams. enum: - internal - internet-facing type: string + sslPolicy: + description: SSLPolicy specifies the SSL Policy for all Ingresses + that belong to IngressClass with this IngressClassParams. + type: string + subnets: + description: Subnets defines the subnets for all Ingresses that belong + to IngressClass with this IngressClassParams. + properties: + ids: + description: IDs specify the resource IDs of subnets. Exactly + one of this or `tags` must be specified. + items: + description: SubnetID specifies a subnet ID. + pattern: subnet-[0-9a-f]+ + type: string + minItems: 1 + type: array + tags: + additionalProperties: + items: + type: string + type: array + description: |- + Tags specifies subnets in the load balancer's VPC where each + tag specified in the map key contains one of the values in the corresponding + value list. + Exactly one of this or `ids` must be specified. + type: object + type: object tags: - description: Tags defines list of Tags on AWS resources provisioned for Ingresses that belong to IngressClass with this IngressClassParams. + description: Tags defines list of Tags on AWS resources provisioned + for Ingresses that belong to IngressClass with this IngressClassParams. items: description: Tag defines a AWS Tag on resources. properties: @@ -136,9 +209,3 @@ spec: served: true storage: true subresources: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crd/bases/elbv2.k8s.aws_targetgroupbindings.yaml b/config/crd/bases/elbv2.k8s.aws_targetgroupbindings.yaml index acb61231..c5bfd257 100644 --- a/config/crd/bases/elbv2.k8s.aws_targetgroupbindings.yaml +++ b/config/crd/bases/elbv2.k8s.aws_targetgroupbindings.yaml @@ -1,11 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: targetgroupbindings.elbv2.k8s.aws spec: group: elbv2.k8s.aws @@ -43,10 +41,19 @@ spec: description: TargetGroupBinding is the Schema for the TargetGroupBinding API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,28 +61,39 @@ spec: description: TargetGroupBindingSpec defines the desired state of TargetGroupBinding properties: networking: - description: networking provides the networking setup for ELBV2 LoadBalancer to access targets in TargetGroup. + description: networking provides the networking setup for ELBV2 LoadBalancer + to access targets in TargetGroup. properties: ingress: - description: List of ingress rules to allow ELBV2 LoadBalancer to access targets in TargetGroup. + description: List of ingress rules to allow ELBV2 LoadBalancer + to access targets in TargetGroup. items: properties: from: - description: List of peers which should be able to access the targets in TargetGroup. At least one NetworkingPeer should be specified. + description: |- + List of peers which should be able to access the targets in TargetGroup. + At least one NetworkingPeer should be specified. items: - description: NetworkingPeer defines the source/destination peer for networking rules. + description: NetworkingPeer defines the source/destination + peer for networking rules. properties: ipBlock: - description: IPBlock defines an IPBlock peer. If specified, none of the other fields can be set. + description: |- + IPBlock defines an IPBlock peer. + If specified, none of the other fields can be set. properties: cidr: - description: CIDR is the network CIDR. Both IPV4 or IPV6 CIDR are accepted. + description: |- + CIDR is the network CIDR. + Both IPV4 or IPV6 CIDR are accepted. type: string required: - cidr type: object securityGroup: - description: SecurityGroup defines a SecurityGroup peer. If specified, none of the other fields can be set. + description: |- + SecurityGroup defines a SecurityGroup peer. + If specified, none of the other fields can be set. properties: groupID: description: GroupID is the EC2 SecurityGroupID. @@ -86,17 +104,25 @@ spec: type: object type: array ports: - description: List of ports which should be made accessible on the targets in TargetGroup. If ports is empty or unspecified, it defaults to all ports with TCP. + description: |- + List of ports which should be made accessible on the targets in TargetGroup. + If ports is empty or unspecified, it defaults to all ports with TCP. items: properties: port: anyOf: - type: integer - type: string - description: The port which traffic must match. When NodePort endpoints(instance TargetType) is used, this must be a numerical port. When Port endpoints(ip TargetType) is used, this can be either numerical or named port on pods. if port is unspecified, it defaults to all ports. + description: |- + The port which traffic must match. + When NodePort endpoints(instance TargetType) is used, this must be a numerical port. + When Port endpoints(ip TargetType) is used, this can be either numerical or named port on pods. + if port is unspecified, it defaults to all ports. x-kubernetes-int-or-string: true protocol: - description: The protocol which traffic must match. If protocol is unspecified, it defaults to TCP. + description: |- + The protocol which traffic must match. + If protocol is unspecified, it defaults to TCP. enum: - TCP - UDP @@ -110,7 +136,8 @@ spec: type: array type: object serviceRef: - description: serviceRef is a reference to a Kubernetes Service and ServicePort. + description: serviceRef is a reference to a Kubernetes Service and + ServicePort. properties: name: description: Name is the name of the Service. @@ -126,10 +153,12 @@ spec: - port type: object targetGroupARN: - description: targetGroupARN is the Amazon Resource Name (ARN) for the TargetGroup. + description: targetGroupARN is the Amazon Resource Name (ARN) for + the TargetGroup. type: string targetType: - description: targetType is the TargetType of TargetGroup. If unspecified, it will be automatically inferred. + description: targetType is the TargetType of TargetGroup. If unspecified, + it will be automatically inferred. enum: - instance - ip @@ -178,10 +207,19 @@ spec: description: TargetGroupBinding is the Schema for the TargetGroupBinding API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -189,35 +227,48 @@ spec: description: TargetGroupBindingSpec defines the desired state of TargetGroupBinding properties: ipAddressType: - description: ipAddressType specifies whether the target group is of type IPv4 or IPv6. If unspecified, it will be automatically inferred. + description: ipAddressType specifies whether the target group is of + type IPv4 or IPv6. If unspecified, it will be automatically inferred. enum: - ipv4 - ipv6 type: string networking: - description: networking defines the networking rules to allow ELBV2 LoadBalancer to access targets in TargetGroup. + description: networking defines the networking rules to allow ELBV2 + LoadBalancer to access targets in TargetGroup. properties: ingress: - description: List of ingress rules to allow ELBV2 LoadBalancer to access targets in TargetGroup. + description: List of ingress rules to allow ELBV2 LoadBalancer + to access targets in TargetGroup. items: - description: NetworkingIngressRule defines a particular set of traffic that is allowed to access TargetGroup's targets. + description: NetworkingIngressRule defines a particular set + of traffic that is allowed to access TargetGroup's targets. properties: from: - description: List of peers which should be able to access the targets in TargetGroup. At least one NetworkingPeer should be specified. + description: |- + List of peers which should be able to access the targets in TargetGroup. + At least one NetworkingPeer should be specified. items: - description: NetworkingPeer defines the source/destination peer for networking rules. + description: NetworkingPeer defines the source/destination + peer for networking rules. properties: ipBlock: - description: IPBlock defines an IPBlock peer. If specified, none of the other fields can be set. + description: |- + IPBlock defines an IPBlock peer. + If specified, none of the other fields can be set. properties: cidr: - description: CIDR is the network CIDR. Both IPV4 or IPV6 CIDR are accepted. + description: |- + CIDR is the network CIDR. + Both IPV4 or IPV6 CIDR are accepted. type: string required: - cidr type: object securityGroup: - description: SecurityGroup defines a SecurityGroup peer. If specified, none of the other fields can be set. + description: |- + SecurityGroup defines a SecurityGroup peer. + If specified, none of the other fields can be set. properties: groupID: description: GroupID is the EC2 SecurityGroupID. @@ -228,18 +279,27 @@ spec: type: object type: array ports: - description: List of ports which should be made accessible on the targets in TargetGroup. If ports is empty or unspecified, it defaults to all ports with TCP. + description: |- + List of ports which should be made accessible on the targets in TargetGroup. + If ports is empty or unspecified, it defaults to all ports with TCP. items: - description: NetworkingPort defines the port and protocol for networking rules. + description: NetworkingPort defines the port and protocol + for networking rules. properties: port: anyOf: - type: integer - type: string - description: The port which traffic must match. When NodePort endpoints(instance TargetType) is used, this must be a numerical port. When Port endpoints(ip TargetType) is used, this can be either numerical or named port on pods. if port is unspecified, it defaults to all ports. + description: |- + The port which traffic must match. + When NodePort endpoints(instance TargetType) is used, this must be a numerical port. + When Port endpoints(ip TargetType) is used, this can be either numerical or named port on pods. + if port is unspecified, it defaults to all ports. x-kubernetes-int-or-string: true protocol: - description: The protocol which traffic must match. If protocol is unspecified, it defaults to TCP. + description: |- + The protocol which traffic must match. + If protocol is unspecified, it defaults to TCP. enum: - TCP - UDP @@ -253,37 +313,55 @@ spec: type: array type: object nodeSelector: - description: node selector for instance type target groups to only register certain nodes + description: node selector for instance type target groups to only + register certain nodes properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: - description: key is the label key that the selector applies to. + description: key is the label key that the selector applies + to. type: string operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object + x-kubernetes-map-type: atomic serviceRef: - description: serviceRef is a reference to a Kubernetes Service and ServicePort. + description: serviceRef is a reference to a Kubernetes Service and + ServicePort. properties: name: description: Name is the name of the Service. @@ -299,15 +377,21 @@ spec: - port type: object targetGroupARN: - description: targetGroupARN is the Amazon Resource Name (ARN) for the TargetGroup. + description: targetGroupARN is the Amazon Resource Name (ARN) for + the TargetGroup. minLength: 1 type: string targetType: - description: targetType is the TargetType of TargetGroup. If unspecified, it will be automatically inferred. + description: targetType is the TargetType of TargetGroup. If unspecified, + it will be automatically inferred. enum: - instance - ip type: string + vpcID: + description: VpcID is the VPC of the TargetGroup. If unspecified, + it will be automatically inferred. + type: string required: - serviceRef - targetGroupARN @@ -325,9 +409,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/rbac/upstream_role.yaml b/config/rbac/upstream_role.yaml index 704ba8b4..c9d2abe9 100644 --- a/config/rbac/upstream_role.yaml +++ b/config/rbac/upstream_role.yaml @@ -1,9 +1,7 @@ - --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - creationTimestamp: null name: controller-role rules: - apiGroups: