Merge pull request #68 from chainguard-dev/create-pull-request/patch

Export mono/sdk: refs/heads/main
chainguard-dev · Dec 10, 2024 · 5328081 · 5328081
2 parents edbb722 + fb8ec2e
commit 5328081
Show file tree

Hide file tree

Showing 13 changed files with 700 additions and 509 deletions.
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
@@ -18,7 +18,7 @@ jobs:
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       # https://github.com/mvdan/github-actions-golang#how-do-i-set-up-caching-between-builds
-      - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
+      - uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0
         with:
           # In order:
           # * Module download cache

diff --git a/.github/workflows/verify.yaml b/.github/workflows/verify.yaml
@@ -32,7 +32,7 @@ jobs:
           check-latest: true
 
       # https://github.com/mvdan/github-actions-golang#how-do-i-set-up-caching-between-builds
-      - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
+      - uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0
         with:
           # In order:
           # * Module download cache

diff --git a/auth/login/login.go b/auth/login/login.go
@@ -11,7 +11,6 @@ import (
 	"context"
 	"fmt"
 	"net/url"
-	"os"
 	"strings"
 
 	"github.com/pkg/browser"
@@ -91,9 +90,9 @@ func Login(ctx context.Context, opts ...Option) (token string, refreshToken stri
 	}
 	u := fmt.Sprintf("%s/oauth?%s", conf.Issuer, params.Encode())
 	if conf.SkipBrowser {
-		fmt.Fprintf(os.Stderr, "Please open a browser to %s\n", u)
+		fmt.Fprintf(conf.MessageWriter, "Please open a browser to %s\n", u)
 	} else {
-		fmt.Fprintf(os.Stderr, "Opening browser to %s\n", u)
+		fmt.Fprintf(conf.MessageWriter, "Opening browser to %s\n", u)
 		err = browser.OpenURL(u)
 		if err != nil {
 			return "", "", &OpenBrowserError{err}

diff --git a/auth/login/options.go b/auth/login/options.go
@@ -8,6 +8,8 @@ package login
 import (
 	"errors"
 	"fmt"
+	"io"
+	"os"
 
 	"chainguard.dev/sdk/uidp"
 )
@@ -53,13 +55,20 @@ type config struct {
 
 	// HeadlessCode is the code to use for headless login
 	HeadlessCode string
+
+	// MessageWriter is the writer to use for outputting informational messages to
+	// the user. (e.g. os.Stderr)
+	MessageWriter io.Writer
 }
 
 const defaultIssuer = `https://issuer.enforce.dev`
 
+var defaultMessageWriter io.Writer = os.Stderr
+
 func newDefaultConfig() *config {
 	return &config{
-		Issuer: defaultIssuer,
+		Issuer:        defaultIssuer,
+		MessageWriter: defaultMessageWriter,
 	}
 }
 
@@ -88,6 +97,11 @@ func (c *config) valid() error {
 			return errors.New("must select one of client id, custom identity provider and organization name")
 		}
 	}
+
+	if c.MessageWriter == nil {
+		return errors.New("message writer must be set to a non-nil value (consider os.Stderr or io.Discard)")
+	}
+
 	switch {
 	case c.IDP != "":
 		if !uidp.Valid(c.IDP) {
@@ -190,3 +204,9 @@ func WithHeadlessCode(code string) Option {
 		c.HeadlessCode = code
 	}
 }
+
+func WithMessageWriter(w io.Writer) Option {
+	return func(c *config) {
+		c.MessageWriter = w
+	}
+}
diff --git a/auth/login/options_test.go b/auth/login/options_test.go
@@ -7,10 +7,12 @@ package login
 
 import (
 	"net/http/httptest"
+	"os"
 	"testing"
 
 	"chainguard.dev/sdk/uidp"
 	"github.com/google/go-cmp/cmp"
+	"github.com/google/go-cmp/cmp/cmpopts"
 )
 
 func TestConfFromOptions(t *testing.T) {
@@ -30,9 +32,10 @@ func TestConfFromOptions(t *testing.T) {
 				WithInviteCode("foo"),
 			},
 			WantConfig: &config{
-				Issuer:     "https://example.com",
-				IDP:        id,
-				InviteCode: "foo",
+				Issuer:        "https://example.com",
+				IDP:           id,
+				InviteCode:    "foo",
+				MessageWriter: defaultMessageWriter,
 			},
 		},
 		"Bad IDP ID": {
@@ -48,8 +51,9 @@ func TestConfFromOptions(t *testing.T) {
 				WithOrgName("chainguard.dev"),
 			},
 			WantConfig: &config{
-				Issuer:  testIssuer.URL,
-				OrgName: "chainguard.dev",
+				Issuer:        testIssuer.URL,
+				OrgName:       "chainguard.dev",
+				MessageWriter: defaultMessageWriter,
 			},
 		},
 		"Cannot specify both identity provider and org name": {
@@ -71,8 +75,9 @@ func TestConfFromOptions(t *testing.T) {
 				WithIdentityProvider(id),
 			},
 			WantConfig: &config{
-				Issuer: defaultIssuer,
-				IDP:    id,
+				Issuer:        defaultIssuer,
+				IDP:           id,
+				MessageWriter: defaultMessageWriter,
 			},
 		},
 		"No idp ID or client ID set errors": {
@@ -106,7 +111,10 @@ func TestConfFromOptions(t *testing.T) {
 				return
 			}
 
-			if diff := cmp.Diff(gotConfig, data.WantConfig); diff != "" {
+			// We need to ignore unexported fields of os.File because the default value of
+			// MessageWriter is os.Stderr, and its unexported fields cause problems with
+			// cmp.Diff otherwise.
+			if diff := cmp.Diff(gotConfig, data.WantConfig, cmpopts.IgnoreUnexported(os.File{})); diff != "" {
 				t.Errorf("diff in expected config = %s", diff)
 			}
 		})

diff --git a/go.mod b/go.mod
@@ -3,46 +3,46 @@ module chainguard.dev/sdk
 go 1.23.3
 
 require (
-	chainguard.dev/apko v0.19.9
+	chainguard.dev/apko v0.20.1
 	chainguard.dev/go-grpc-kit v0.17.7
 	chainguard.dev/go-oidctest v0.3.1
 	cloud.google.com/go/compute/metadata v0.5.2
 	github.com/aws/aws-sdk-go-v2 v1.32.4
-	github.com/bits-and-blooms/bitset v1.14.3
-	github.com/chainguard-dev/clog v1.5.1-0.20240811185937-4c523ae4593f
+	github.com/bits-and-blooms/bitset v1.15.0
+	github.com/chainguard-dev/clog v1.5.1
 	github.com/cloudevents/sdk-go/v2 v2.15.2
 	github.com/coreos/go-oidc/v3 v3.11.0
 	github.com/go-jose/go-jose/v3 v3.0.3
 	github.com/google/go-cmp v0.6.0
 	github.com/google/go-containerregistry v0.20.2
-	github.com/grpc-ecosystem/grpc-gateway/v2 v2.23.0
+	github.com/grpc-ecosystem/grpc-gateway/v2 v2.24.0
 	github.com/microcosm-cc/bluemonday v1.0.27
 	github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c
 	github.com/russross/blackfriday/v2 v2.1.0
 	github.com/sigstore/sigstore v1.8.10
-	golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c
+	golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f
 	golang.org/x/oauth2 v0.24.0
-	google.golang.org/api v0.204.0
-	google.golang.org/genproto/googleapis/api v0.0.0-20241104194629-dd2ea8efbc28
-	google.golang.org/grpc v1.68.0
+	google.golang.org/api v0.208.0
+	google.golang.org/genproto/googleapis/api v0.0.0-20241118233622-e639e219e697
+	google.golang.org/grpc v1.68.1
 	google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.5.1
-	google.golang.org/protobuf v1.35.1
+	google.golang.org/protobuf v1.35.2
 	k8s.io/apimachinery v0.31.2
 
 )
 
 require (
-	cloud.google.com/go/auth v0.10.0 // indirect
+	cloud.google.com/go/auth v0.10.2 // indirect
 	cloud.google.com/go/auth/oauth2adapt v0.2.5 // indirect
 	dario.cat/mergo v1.0.1 // indirect
 	github.com/Microsoft/go-winio v0.6.2 // indirect
-	github.com/ProtonMail/go-crypto v1.0.0 // indirect
-	github.com/aws/smithy-go v1.22.0 // indirect
+	github.com/ProtonMail/go-crypto v1.1.2 // indirect
+	github.com/aws/smithy-go v1.22.1 // indirect
 	github.com/aymerick/douceur v0.2.0 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
-	github.com/cloudflare/circl v1.3.8 // indirect
-	github.com/cyphar/filepath-securejoin v0.2.5 // indirect
+	github.com/cloudflare/circl v1.5.0 // indirect
+	github.com/cyphar/filepath-securejoin v0.3.4 // indirect
 	github.com/docker/cli v27.3.1+incompatible // indirect
 	github.com/docker/docker-credential-helpers v0.8.2 // indirect
 	github.com/emirpasic/gods v1.18.1 // indirect
@@ -57,6 +57,7 @@ require (
 	github.com/google/s2a-go v0.1.8 // indirect
 	github.com/google/uuid v1.6.0 // indirect
 	github.com/googleapis/enterprise-certificate-proxy v0.3.4 // indirect
+	github.com/googleapis/gax-go/v2 v2.14.0 // indirect
 	github.com/gorilla/css v1.0.1 // indirect
 	github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 // indirect
 	github.com/grpc-ecosystem/go-grpc-prometheus v1.2.1-0.20210315223345-82c243799c99 // indirect
@@ -79,22 +80,23 @@ require (
 	github.com/segmentio/ksuid v1.0.4 // indirect
 	github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect
 	github.com/sirupsen/logrus v1.9.3 // indirect
-	github.com/skeema/knownhosts v1.2.2 // indirect
+	github.com/skeema/knownhosts v1.3.0 // indirect
 	github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966 // indirect
+	github.com/stretchr/testify v1.10.0 // indirect
 	github.com/xanzy/ssh-agent v0.3.3 // indirect
 	go.opencensus.io v0.24.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.57.0 // indirect
-	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.56.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.57.0 // indirect
 	go.opentelemetry.io/otel v1.32.0 // indirect
 	go.opentelemetry.io/otel/metric v1.32.0 // indirect
 	go.opentelemetry.io/otel/trace v1.32.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	go.uber.org/zap v1.27.0 // indirect
-	golang.org/x/crypto v0.29.0 // indirect
+	golang.org/x/crypto v0.30.0 // indirect
 	golang.org/x/net v0.31.0 // indirect
-	golang.org/x/sys v0.27.0 // indirect
-	golang.org/x/text v0.20.0 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20241104194629-dd2ea8efbc28 // indirect
+	golang.org/x/sys v0.28.0 // indirect
+	golang.org/x/text v0.21.0 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20241118233622-e639e219e697 // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )