From bc5cf079abfda3cb3daf441fcd7e970887b7a1c1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" Date: Wed, 6 Sep 2023 08:42:26 +0000 Subject: [PATCH] chore(userconfigs): generate files --- .../userconfig/service/cassandra/cassandra.go | 3 +- .../userconfig/service/kafka/kafka.go | 11 +- .../service/kafka/zz_generated.deepcopy.go | 15 +- .../service/opensearch/opensearch.go | 102 ++++++++++++ .../opensearch/zz_generated.deepcopy.go | 155 ++++++++++++++++++ .../templates/aiven.io_cassandras.yaml | 2 +- .../templates/aiven.io_kafkas.yaml | 19 ++- .../templates/aiven.io_opensearches.yaml | 111 +++++++++++++ config/crd/bases/aiven.io_cassandras.yaml | 2 +- config/crd/bases/aiven.io_kafkas.yaml | 19 ++- config/crd/bases/aiven.io_opensearches.yaml | 111 +++++++++++++ docs/docs/api-reference/cassandra.md | 2 +- docs/docs/api-reference/kafka.md | 3 +- docs/docs/api-reference/opensearch.md | 47 ++++++ generators/docs/generator.go | 6 +- go.mod | 4 +- go.sum | 8 +- 17 files changed, 592 insertions(+), 28 deletions(-) diff --git a/api/v1alpha1/userconfig/service/cassandra/cassandra.go b/api/v1alpha1/userconfig/service/cassandra/cassandra.go index 19fe12396..d92d07e7e 100644 --- a/api/v1alpha1/userconfig/service/cassandra/cassandra.go +++ b/api/v1alpha1/userconfig/service/cassandra/cassandra.go @@ -44,7 +44,8 @@ type PublicAccess struct { } type CassandraUserConfig struct { // +kubebuilder:validation:MaxItems=1 - // Additional Cloud Regions for Backup Replication + // +kubebuilder:deprecatedversion:warning="additional_backup_regions is deprecated" + // Deprecated. Additional Cloud Regions for Backup Replication AdditionalBackupRegions []string `groups:"create,update" json:"additional_backup_regions,omitempty"` // +kubebuilder:validation:Minimum=0 diff --git a/api/v1alpha1/userconfig/service/kafka/kafka.go b/api/v1alpha1/userconfig/service/kafka/kafka.go index 013355629..17b8905fd 100644 --- a/api/v1alpha1/userconfig/service/kafka/kafka.go +++ b/api/v1alpha1/userconfig/service/kafka/kafka.go @@ -88,6 +88,14 @@ type Kafka struct { // The maximum size in bytes of the offset index LogIndexSizeMaxBytes *int `groups:"create,update" json:"log_index_size_max_bytes,omitempty"` + // +kubebuilder:validation:Minimum=-2 + // The maximum size of local log segments that can grow for a partition before it gets eligible for deletion. If set to -2, the value of log.retention.bytes is used. The effective value should always be less than or equal to log.retention.bytes value. + LogLocalRetentionBytes *int `groups:"create,update" json:"log_local_retention_bytes,omitempty"` + + // +kubebuilder:validation:Minimum=-2 + // The number of milliseconds to keep the local log segments before it gets eligible for deletion. If set to -2, the value of log.retention.ms is used. The effective value should always be less than or equal to log.retention.ms value. + LogLocalRetentionMs *int `groups:"create,update" json:"log_local_retention_ms,omitempty"` + // This configuration controls whether down-conversion of message formats is enabled to satisfy consume requests. LogMessageDownconversionEnable *bool `groups:"create,update" json:"log_message_downconversion_enable,omitempty"` @@ -168,9 +176,6 @@ type Kafka struct { // The purge interval (in number of requests) of the producer request purgatory(defaults to 1000). ProducerPurgatoryPurgeIntervalRequests *int `groups:"create,update" json:"producer_purgatory_purge_interval_requests,omitempty"` - // Whether to enable the tiered storage functionality - RemoteLogStorageSystemEnable *bool `groups:"create,update" json:"remote_log_storage_system_enable,omitempty"` - // +kubebuilder:validation:Minimum=1048576 // +kubebuilder:validation:Maximum=104857600 // The number of bytes of messages to attempt to fetch for each partition (defaults to 1048576). This is not an absolute maximum, if the first record batch in the first non-empty partition of the fetch is larger than this value, the record batch will still be returned to ensure that progress can be made. diff --git a/api/v1alpha1/userconfig/service/kafka/zz_generated.deepcopy.go b/api/v1alpha1/userconfig/service/kafka/zz_generated.deepcopy.go index 9816618e0..a411b0135 100644 --- a/api/v1alpha1/userconfig/service/kafka/zz_generated.deepcopy.go +++ b/api/v1alpha1/userconfig/service/kafka/zz_generated.deepcopy.go @@ -112,6 +112,16 @@ func (in *Kafka) DeepCopyInto(out *Kafka) { *out = new(int) **out = **in } + if in.LogLocalRetentionBytes != nil { + in, out := &in.LogLocalRetentionBytes, &out.LogLocalRetentionBytes + *out = new(int) + **out = **in + } + if in.LogLocalRetentionMs != nil { + in, out := &in.LogLocalRetentionMs, &out.LogLocalRetentionMs + *out = new(int) + **out = **in + } if in.LogMessageDownconversionEnable != nil { in, out := &in.LogMessageDownconversionEnable, &out.LogMessageDownconversionEnable *out = new(bool) @@ -202,11 +212,6 @@ func (in *Kafka) DeepCopyInto(out *Kafka) { *out = new(int) **out = **in } - if in.RemoteLogStorageSystemEnable != nil { - in, out := &in.RemoteLogStorageSystemEnable, &out.RemoteLogStorageSystemEnable - *out = new(bool) - **out = **in - } if in.ReplicaFetchMaxBytes != nil { in, out := &in.ReplicaFetchMaxBytes, &out.ReplicaFetchMaxBytes *out = new(int) diff --git a/api/v1alpha1/userconfig/service/opensearch/opensearch.go b/api/v1alpha1/userconfig/service/opensearch/opensearch.go index baed611a0..4d5497505 100644 --- a/api/v1alpha1/userconfig/service/opensearch/opensearch.go +++ b/api/v1alpha1/userconfig/service/opensearch/opensearch.go @@ -105,6 +105,80 @@ type Openid struct { // The key in the JSON payload that stores the user’s name. If not defined, the subject registered claim is used. Most IdP providers use the preferred_username claim. Optional. SubjectKey *string `groups:"create,update" json:"subject_key,omitempty"` } +type InternalAuthenticationBackendLimiting struct { + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=2147483647 + // The number of login attempts allowed before login is blocked + AllowedTries *int `groups:"create,update" json:"allowed_tries,omitempty"` + + // +kubebuilder:validation:MaxLength=1024 + // internal_authentication_backend_limiting.authentication_backend + AuthenticationBackend *string `groups:"create,update" json:"authentication_backend,omitempty"` + + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=2147483647 + // The duration of time that login remains blocked after a failed login + BlockExpirySeconds *int `groups:"create,update" json:"block_expiry_seconds,omitempty"` + + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=2147483647 + // internal_authentication_backend_limiting.max_blocked_clients + MaxBlockedClients *int `groups:"create,update" json:"max_blocked_clients,omitempty"` + + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=2147483647 + // The maximum number of tracked IP addresses that have failed login + MaxTrackedClients *int `groups:"create,update" json:"max_tracked_clients,omitempty"` + + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=2147483647 + // The window of time in which the value for `allowed_tries` is enforced + TimeWindowSeconds *int `groups:"create,update" json:"time_window_seconds,omitempty"` + + // +kubebuilder:validation:MaxLength=1024 + // internal_authentication_backend_limiting.type + Type *string `groups:"create,update" json:"type,omitempty"` +} + +// IP address rate limiting settings +type IpRateLimiting struct { + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=2147483647 + // The number of login attempts allowed before login is blocked + AllowedTries *int `groups:"create,update" json:"allowed_tries,omitempty"` + + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=36000 + // The duration of time that login remains blocked after a failed login + BlockExpirySeconds *int `groups:"create,update" json:"block_expiry_seconds,omitempty"` + + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=2147483647 + // The maximum number of blocked IP addresses + MaxBlockedClients *int `groups:"create,update" json:"max_blocked_clients,omitempty"` + + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=2147483647 + // The maximum number of tracked IP addresses that have failed login + MaxTrackedClients *int `groups:"create,update" json:"max_tracked_clients,omitempty"` + + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=36000 + // The window of time in which the value for `allowed_tries` is enforced + TimeWindowSeconds *int `groups:"create,update" json:"time_window_seconds,omitempty"` + + // +kubebuilder:validation:MaxLength=1024 + // The type of rate limiting + Type *string `groups:"create,update" json:"type,omitempty"` +} + +// Opensearch Security Plugin Settings +type AuthFailureListeners struct { + InternalAuthenticationBackendLimiting *InternalAuthenticationBackendLimiting `groups:"create,update" json:"internal_authentication_backend_limiting,omitempty"` + + // IP address rate limiting settings + IpRateLimiting *IpRateLimiting `groups:"create,update" json:"ip_rate_limiting,omitempty"` +} // OpenSearch settings type Opensearch struct { @@ -114,6 +188,9 @@ type Opensearch struct { // Require explicit index names when deleting ActionDestructiveRequiresName *bool `groups:"create,update" json:"action_destructive_requires_name,omitempty"` + // Opensearch Security Plugin Settings + AuthFailureListeners *AuthFailureListeners `groups:"create,update" json:"auth_failure_listeners,omitempty"` + // +kubebuilder:validation:Minimum=100 // +kubebuilder:validation:Maximum=10000 // Controls the number of shards allowed in the cluster per data node @@ -184,6 +261,31 @@ type Opensearch struct { // Number of file chunks sent in parallel for each recovery. Defaults to 2. IndicesRecoveryMaxConcurrentFileChunks *int `groups:"create,update" json:"indices_recovery_max_concurrent_file_chunks,omitempty"` + // Specifies whether ISM is enabled or not + IsmEnabled *bool `groups:"create,update" json:"ism_enabled,omitempty"` + + // Specifies whether audit history is enabled or not. The logs from ISM are automatically indexed to a logs document. + IsmHistoryEnabled *bool `groups:"create,update" json:"ism_history_enabled,omitempty"` + + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=2147483647 + // The maximum age before rolling over the audit history index in hours + IsmHistoryMaxAge *int `groups:"create,update" json:"ism_history_max_age,omitempty"` + + // +kubebuilder:validation:Minimum=1 + // The maximum number of documents before rolling over the audit history index. + IsmHistoryMaxDocs *int `groups:"create,update" json:"ism_history_max_docs,omitempty"` + + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=2147483647 + // The time between rollover checks for the audit history index in hours. + IsmHistoryRolloverCheckPeriod *int `groups:"create,update" json:"ism_history_rollover_check_period,omitempty"` + + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=2147483647 + // How long audit history indices are kept in days. + IsmHistoryRolloverRetentionPeriod *int `groups:"create,update" json:"ism_history_rollover_retention_period,omitempty"` + // Compatibility mode sets OpenSearch to report its version as 7.10 so clients continue to work. Default is false OverrideMainResponseVersion *bool `groups:"create,update" json:"override_main_response_version,omitempty"` diff --git a/api/v1alpha1/userconfig/service/opensearch/zz_generated.deepcopy.go b/api/v1alpha1/userconfig/service/opensearch/zz_generated.deepcopy.go index fc2b8fced..d0c306849 100644 --- a/api/v1alpha1/userconfig/service/opensearch/zz_generated.deepcopy.go +++ b/api/v1alpha1/userconfig/service/opensearch/zz_generated.deepcopy.go @@ -9,6 +9,31 @@ package opensearchuserconfig import () +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AuthFailureListeners) DeepCopyInto(out *AuthFailureListeners) { + *out = *in + if in.InternalAuthenticationBackendLimiting != nil { + in, out := &in.InternalAuthenticationBackendLimiting, &out.InternalAuthenticationBackendLimiting + *out = new(InternalAuthenticationBackendLimiting) + (*in).DeepCopyInto(*out) + } + if in.IpRateLimiting != nil { + in, out := &in.IpRateLimiting, &out.IpRateLimiting + *out = new(IpRateLimiting) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthFailureListeners. +func (in *AuthFailureListeners) DeepCopy() *AuthFailureListeners { + if in == nil { + return nil + } + out := new(AuthFailureListeners) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IndexPatterns) DeepCopyInto(out *IndexPatterns) { *out = *in @@ -59,6 +84,56 @@ func (in *IndexTemplate) DeepCopy() *IndexTemplate { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InternalAuthenticationBackendLimiting) DeepCopyInto(out *InternalAuthenticationBackendLimiting) { + *out = *in + if in.AllowedTries != nil { + in, out := &in.AllowedTries, &out.AllowedTries + *out = new(int) + **out = **in + } + if in.AuthenticationBackend != nil { + in, out := &in.AuthenticationBackend, &out.AuthenticationBackend + *out = new(string) + **out = **in + } + if in.BlockExpirySeconds != nil { + in, out := &in.BlockExpirySeconds, &out.BlockExpirySeconds + *out = new(int) + **out = **in + } + if in.MaxBlockedClients != nil { + in, out := &in.MaxBlockedClients, &out.MaxBlockedClients + *out = new(int) + **out = **in + } + if in.MaxTrackedClients != nil { + in, out := &in.MaxTrackedClients, &out.MaxTrackedClients + *out = new(int) + **out = **in + } + if in.TimeWindowSeconds != nil { + in, out := &in.TimeWindowSeconds, &out.TimeWindowSeconds + *out = new(int) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InternalAuthenticationBackendLimiting. +func (in *InternalAuthenticationBackendLimiting) DeepCopy() *InternalAuthenticationBackendLimiting { + if in == nil { + return nil + } + out := new(InternalAuthenticationBackendLimiting) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IpFilter) DeepCopyInto(out *IpFilter) { *out = *in @@ -79,6 +154,51 @@ func (in *IpFilter) DeepCopy() *IpFilter { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IpRateLimiting) DeepCopyInto(out *IpRateLimiting) { + *out = *in + if in.AllowedTries != nil { + in, out := &in.AllowedTries, &out.AllowedTries + *out = new(int) + **out = **in + } + if in.BlockExpirySeconds != nil { + in, out := &in.BlockExpirySeconds, &out.BlockExpirySeconds + *out = new(int) + **out = **in + } + if in.MaxBlockedClients != nil { + in, out := &in.MaxBlockedClients, &out.MaxBlockedClients + *out = new(int) + **out = **in + } + if in.MaxTrackedClients != nil { + in, out := &in.MaxTrackedClients, &out.MaxTrackedClients + *out = new(int) + **out = **in + } + if in.TimeWindowSeconds != nil { + in, out := &in.TimeWindowSeconds, &out.TimeWindowSeconds + *out = new(int) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IpRateLimiting. +func (in *IpRateLimiting) DeepCopy() *IpRateLimiting { + if in == nil { + return nil + } + out := new(IpRateLimiting) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Openid) DeepCopyInto(out *Openid) { *out = *in @@ -152,6 +272,11 @@ func (in *Opensearch) DeepCopyInto(out *Opensearch) { *out = new(bool) **out = **in } + if in.AuthFailureListeners != nil { + in, out := &in.AuthFailureListeners, &out.AuthFailureListeners + *out = new(AuthFailureListeners) + (*in).DeepCopyInto(*out) + } if in.ClusterMaxShardsPerNode != nil { in, out := &in.ClusterMaxShardsPerNode, &out.ClusterMaxShardsPerNode *out = new(int) @@ -222,6 +347,36 @@ func (in *Opensearch) DeepCopyInto(out *Opensearch) { *out = new(int) **out = **in } + if in.IsmEnabled != nil { + in, out := &in.IsmEnabled, &out.IsmEnabled + *out = new(bool) + **out = **in + } + if in.IsmHistoryEnabled != nil { + in, out := &in.IsmHistoryEnabled, &out.IsmHistoryEnabled + *out = new(bool) + **out = **in + } + if in.IsmHistoryMaxAge != nil { + in, out := &in.IsmHistoryMaxAge, &out.IsmHistoryMaxAge + *out = new(int) + **out = **in + } + if in.IsmHistoryMaxDocs != nil { + in, out := &in.IsmHistoryMaxDocs, &out.IsmHistoryMaxDocs + *out = new(int) + **out = **in + } + if in.IsmHistoryRolloverCheckPeriod != nil { + in, out := &in.IsmHistoryRolloverCheckPeriod, &out.IsmHistoryRolloverCheckPeriod + *out = new(int) + **out = **in + } + if in.IsmHistoryRolloverRetentionPeriod != nil { + in, out := &in.IsmHistoryRolloverRetentionPeriod, &out.IsmHistoryRolloverRetentionPeriod + *out = new(int) + **out = **in + } if in.OverrideMainResponseVersion != nil { in, out := &in.OverrideMainResponseVersion, &out.OverrideMainResponseVersion *out = new(bool) diff --git a/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml b/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml index b6bb97c6e..f317a50c0 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml @@ -184,7 +184,7 @@ spec: description: Cassandra specific user configuration options properties: additional_backup_regions: - description: Additional Cloud Regions for Backup Replication + description: Deprecated. Additional Cloud Regions for Backup Replication items: type: string maxItems: 1 diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml index 33522fcd7..13b6a94c5 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml @@ -334,6 +334,22 @@ spec: maximum: 104857600 minimum: 1048576 type: integer + log_local_retention_bytes: + description: The maximum size of local log segments that can + grow for a partition before it gets eligible for deletion. + If set to -2, the value of log.retention.bytes is used. + The effective value should always be less than or equal + to log.retention.bytes value. + minimum: -2 + type: integer + log_local_retention_ms: + description: The number of milliseconds to keep the local + log segments before it gets eligible for deletion. If set + to -2, the value of log.retention.ms is used. The effective + value should always be less than or equal to log.retention.ms + value. + minimum: -2 + type: integer log_message_downconversion_enable: description: This configuration controls whether down-conversion of message formats is enabled to satisfy consume requests. @@ -435,9 +451,6 @@ spec: maximum: 10000 minimum: 10 type: integer - remote_log_storage_system_enable: - description: Whether to enable the tiered storage functionality - type: boolean replica_fetch_max_bytes: description: The number of bytes of messages to attempt to fetch for each partition (defaults to 1048576). This is diff --git a/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml b/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml index 51482a997..e73b27764 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml @@ -366,6 +366,87 @@ spec: action_destructive_requires_name: description: Require explicit index names when deleting type: boolean + auth_failure_listeners: + description: Opensearch Security Plugin Settings + properties: + internal_authentication_backend_limiting: + properties: + allowed_tries: + description: The number of login attempts allowed + before login is blocked + maximum: 2147483647 + minimum: 0 + type: integer + authentication_backend: + description: internal_authentication_backend_limiting.authentication_backend + maxLength: 1024 + type: string + block_expiry_seconds: + description: The duration of time that login remains + blocked after a failed login + maximum: 2147483647 + minimum: 0 + type: integer + max_blocked_clients: + description: internal_authentication_backend_limiting.max_blocked_clients + maximum: 2147483647 + minimum: 0 + type: integer + max_tracked_clients: + description: The maximum number of tracked IP addresses + that have failed login + maximum: 2147483647 + minimum: 0 + type: integer + time_window_seconds: + description: The window of time in which the value + for `allowed_tries` is enforced + maximum: 2147483647 + minimum: 0 + type: integer + type: + description: internal_authentication_backend_limiting.type + maxLength: 1024 + type: string + type: object + ip_rate_limiting: + description: IP address rate limiting settings + properties: + allowed_tries: + description: The number of login attempts allowed + before login is blocked + maximum: 2147483647 + minimum: 1 + type: integer + block_expiry_seconds: + description: The duration of time that login remains + blocked after a failed login + maximum: 36000 + minimum: 1 + type: integer + max_blocked_clients: + description: The maximum number of blocked IP addresses + maximum: 2147483647 + minimum: 0 + type: integer + max_tracked_clients: + description: The maximum number of tracked IP addresses + that have failed login + maximum: 2147483647 + minimum: 0 + type: integer + time_window_seconds: + description: The window of time in which the value + for `allowed_tries` is enforced + maximum: 36000 + minimum: 1 + type: integer + type: + description: The type of rate limiting + maxLength: 1024 + type: string + type: object + type: object cluster_max_shards_per_node: description: Controls the number of shards allowed in the cluster per data node @@ -461,6 +542,36 @@ spec: maximum: 5 minimum: 2 type: integer + ism_enabled: + description: Specifies whether ISM is enabled or not + type: boolean + ism_history_enabled: + description: Specifies whether audit history is enabled or + not. The logs from ISM are automatically indexed to a logs + document. + type: boolean + ism_history_max_age: + description: The maximum age before rolling over the audit + history index in hours + maximum: 2147483647 + minimum: 1 + type: integer + ism_history_max_docs: + description: The maximum number of documents before rolling + over the audit history index. + minimum: 1 + type: integer + ism_history_rollover_check_period: + description: The time between rollover checks for the audit + history index in hours. + maximum: 2147483647 + minimum: 1 + type: integer + ism_history_rollover_retention_period: + description: How long audit history indices are kept in days. + maximum: 2147483647 + minimum: 1 + type: integer override_main_response_version: description: Compatibility mode sets OpenSearch to report its version as 7.10 so clients continue to work. Default diff --git a/config/crd/bases/aiven.io_cassandras.yaml b/config/crd/bases/aiven.io_cassandras.yaml index b6bb97c6e..f317a50c0 100644 --- a/config/crd/bases/aiven.io_cassandras.yaml +++ b/config/crd/bases/aiven.io_cassandras.yaml @@ -184,7 +184,7 @@ spec: description: Cassandra specific user configuration options properties: additional_backup_regions: - description: Additional Cloud Regions for Backup Replication + description: Deprecated. Additional Cloud Regions for Backup Replication items: type: string maxItems: 1 diff --git a/config/crd/bases/aiven.io_kafkas.yaml b/config/crd/bases/aiven.io_kafkas.yaml index 33522fcd7..13b6a94c5 100644 --- a/config/crd/bases/aiven.io_kafkas.yaml +++ b/config/crd/bases/aiven.io_kafkas.yaml @@ -334,6 +334,22 @@ spec: maximum: 104857600 minimum: 1048576 type: integer + log_local_retention_bytes: + description: The maximum size of local log segments that can + grow for a partition before it gets eligible for deletion. + If set to -2, the value of log.retention.bytes is used. + The effective value should always be less than or equal + to log.retention.bytes value. + minimum: -2 + type: integer + log_local_retention_ms: + description: The number of milliseconds to keep the local + log segments before it gets eligible for deletion. If set + to -2, the value of log.retention.ms is used. The effective + value should always be less than or equal to log.retention.ms + value. + minimum: -2 + type: integer log_message_downconversion_enable: description: This configuration controls whether down-conversion of message formats is enabled to satisfy consume requests. @@ -435,9 +451,6 @@ spec: maximum: 10000 minimum: 10 type: integer - remote_log_storage_system_enable: - description: Whether to enable the tiered storage functionality - type: boolean replica_fetch_max_bytes: description: The number of bytes of messages to attempt to fetch for each partition (defaults to 1048576). This is diff --git a/config/crd/bases/aiven.io_opensearches.yaml b/config/crd/bases/aiven.io_opensearches.yaml index 51482a997..e73b27764 100644 --- a/config/crd/bases/aiven.io_opensearches.yaml +++ b/config/crd/bases/aiven.io_opensearches.yaml @@ -366,6 +366,87 @@ spec: action_destructive_requires_name: description: Require explicit index names when deleting type: boolean + auth_failure_listeners: + description: Opensearch Security Plugin Settings + properties: + internal_authentication_backend_limiting: + properties: + allowed_tries: + description: The number of login attempts allowed + before login is blocked + maximum: 2147483647 + minimum: 0 + type: integer + authentication_backend: + description: internal_authentication_backend_limiting.authentication_backend + maxLength: 1024 + type: string + block_expiry_seconds: + description: The duration of time that login remains + blocked after a failed login + maximum: 2147483647 + minimum: 0 + type: integer + max_blocked_clients: + description: internal_authentication_backend_limiting.max_blocked_clients + maximum: 2147483647 + minimum: 0 + type: integer + max_tracked_clients: + description: The maximum number of tracked IP addresses + that have failed login + maximum: 2147483647 + minimum: 0 + type: integer + time_window_seconds: + description: The window of time in which the value + for `allowed_tries` is enforced + maximum: 2147483647 + minimum: 0 + type: integer + type: + description: internal_authentication_backend_limiting.type + maxLength: 1024 + type: string + type: object + ip_rate_limiting: + description: IP address rate limiting settings + properties: + allowed_tries: + description: The number of login attempts allowed + before login is blocked + maximum: 2147483647 + minimum: 1 + type: integer + block_expiry_seconds: + description: The duration of time that login remains + blocked after a failed login + maximum: 36000 + minimum: 1 + type: integer + max_blocked_clients: + description: The maximum number of blocked IP addresses + maximum: 2147483647 + minimum: 0 + type: integer + max_tracked_clients: + description: The maximum number of tracked IP addresses + that have failed login + maximum: 2147483647 + minimum: 0 + type: integer + time_window_seconds: + description: The window of time in which the value + for `allowed_tries` is enforced + maximum: 36000 + minimum: 1 + type: integer + type: + description: The type of rate limiting + maxLength: 1024 + type: string + type: object + type: object cluster_max_shards_per_node: description: Controls the number of shards allowed in the cluster per data node @@ -461,6 +542,36 @@ spec: maximum: 5 minimum: 2 type: integer + ism_enabled: + description: Specifies whether ISM is enabled or not + type: boolean + ism_history_enabled: + description: Specifies whether audit history is enabled or + not. The logs from ISM are automatically indexed to a logs + document. + type: boolean + ism_history_max_age: + description: The maximum age before rolling over the audit + history index in hours + maximum: 2147483647 + minimum: 1 + type: integer + ism_history_max_docs: + description: The maximum number of documents before rolling + over the audit history index. + minimum: 1 + type: integer + ism_history_rollover_check_period: + description: The time between rollover checks for the audit + history index in hours. + maximum: 2147483647 + minimum: 1 + type: integer + ism_history_rollover_retention_period: + description: How long audit history indices are kept in days. + maximum: 2147483647 + minimum: 1 + type: integer override_main_response_version: description: Compatibility mode sets OpenSearch to report its version as 7.10 so clients continue to work. Default diff --git a/docs/docs/api-reference/cassandra.md b/docs/docs/api-reference/cassandra.md index 52639ebbc..5a5bdff6f 100644 --- a/docs/docs/api-reference/cassandra.md +++ b/docs/docs/api-reference/cassandra.md @@ -136,7 +136,7 @@ Cassandra specific user configuration options. **Optional** -- [`additional_backup_regions`](#spec.userConfig.additional_backup_regions-property){: name='spec.userConfig.additional_backup_regions-property'} (array of strings, MaxItems: 1). Additional Cloud Regions for Backup Replication. +- [`additional_backup_regions`](#spec.userConfig.additional_backup_regions-property){: name='spec.userConfig.additional_backup_regions-property'} (array of strings, MaxItems: 1). Deprecated. Additional Cloud Regions for Backup Replication. - [`backup_hour`](#spec.userConfig.backup_hour-property){: name='spec.userConfig.backup_hour-property'} (integer, Minimum: 0, Maximum: 23). The hour of day (in UTC) when backup for the service is started. New backup is only started if previous backup has already completed. - [`backup_minute`](#spec.userConfig.backup_minute-property){: name='spec.userConfig.backup_minute-property'} (integer, Minimum: 0, Maximum: 59). The minute of an hour when backup for the service is started. New backup is only started if previous backup has already completed. - [`cassandra`](#spec.userConfig.cassandra-property){: name='spec.userConfig.cassandra-property'} (object). cassandra configuration values. See below for [nested schema](#spec.userConfig.cassandra). diff --git a/docs/docs/api-reference/kafka.md b/docs/docs/api-reference/kafka.md index 99ef98080..6a792cb3b 100644 --- a/docs/docs/api-reference/kafka.md +++ b/docs/docs/api-reference/kafka.md @@ -185,6 +185,8 @@ Kafka broker configuration values. - [`log_flush_interval_ms`](#spec.userConfig.kafka.log_flush_interval_ms-property){: name='spec.userConfig.kafka.log_flush_interval_ms-property'} (integer, Minimum: 0). The maximum time in ms that a message in any topic is kept in memory before flushed to disk. If not set, the value in log.flush.scheduler.interval.ms is used. - [`log_index_interval_bytes`](#spec.userConfig.kafka.log_index_interval_bytes-property){: name='spec.userConfig.kafka.log_index_interval_bytes-property'} (integer, Minimum: 0, Maximum: 104857600). The interval with which Kafka adds an entry to the offset index. - [`log_index_size_max_bytes`](#spec.userConfig.kafka.log_index_size_max_bytes-property){: name='spec.userConfig.kafka.log_index_size_max_bytes-property'} (integer, Minimum: 1048576, Maximum: 104857600). The maximum size in bytes of the offset index. +- [`log_local_retention_bytes`](#spec.userConfig.kafka.log_local_retention_bytes-property){: name='spec.userConfig.kafka.log_local_retention_bytes-property'} (integer, Minimum: -2). The maximum size of local log segments that can grow for a partition before it gets eligible for deletion. If set to -2, the value of log.retention.bytes is used. The effective value should always be less than or equal to log.retention.bytes value. +- [`log_local_retention_ms`](#spec.userConfig.kafka.log_local_retention_ms-property){: name='spec.userConfig.kafka.log_local_retention_ms-property'} (integer, Minimum: -2). The number of milliseconds to keep the local log segments before it gets eligible for deletion. If set to -2, the value of log.retention.ms is used. The effective value should always be less than or equal to log.retention.ms value. - [`log_message_downconversion_enable`](#spec.userConfig.kafka.log_message_downconversion_enable-property){: name='spec.userConfig.kafka.log_message_downconversion_enable-property'} (boolean). This configuration controls whether down-conversion of message formats is enabled to satisfy consume requests. - [`log_message_timestamp_difference_max_ms`](#spec.userConfig.kafka.log_message_timestamp_difference_max_ms-property){: name='spec.userConfig.kafka.log_message_timestamp_difference_max_ms-property'} (integer, Minimum: 0). The maximum difference allowed between the timestamp when a broker receives a message and the timestamp specified in the message. - [`log_message_timestamp_type`](#spec.userConfig.kafka.log_message_timestamp_type-property){: name='spec.userConfig.kafka.log_message_timestamp_type-property'} (string, Enum: `CreateTime`, `LogAppendTime`). Define whether the timestamp in the message is message create time or log append time. @@ -203,7 +205,6 @@ Kafka broker configuration values. - [`num_partitions`](#spec.userConfig.kafka.num_partitions-property){: name='spec.userConfig.kafka.num_partitions-property'} (integer, Minimum: 1, Maximum: 1000). Number of partitions for autocreated topics. - [`offsets_retention_minutes`](#spec.userConfig.kafka.offsets_retention_minutes-property){: name='spec.userConfig.kafka.offsets_retention_minutes-property'} (integer, Minimum: 1, Maximum: 2147483647). Log retention window in minutes for offsets topic. - [`producer_purgatory_purge_interval_requests`](#spec.userConfig.kafka.producer_purgatory_purge_interval_requests-property){: name='spec.userConfig.kafka.producer_purgatory_purge_interval_requests-property'} (integer, Minimum: 10, Maximum: 10000). The purge interval (in number of requests) of the producer request purgatory(defaults to 1000). -- [`remote_log_storage_system_enable`](#spec.userConfig.kafka.remote_log_storage_system_enable-property){: name='spec.userConfig.kafka.remote_log_storage_system_enable-property'} (boolean). Whether to enable the tiered storage functionality. - [`replica_fetch_max_bytes`](#spec.userConfig.kafka.replica_fetch_max_bytes-property){: name='spec.userConfig.kafka.replica_fetch_max_bytes-property'} (integer, Minimum: 1048576, Maximum: 104857600). The number of bytes of messages to attempt to fetch for each partition (defaults to 1048576). This is not an absolute maximum, if the first record batch in the first non-empty partition of the fetch is larger than this value, the record batch will still be returned to ensure that progress can be made. - [`replica_fetch_response_max_bytes`](#spec.userConfig.kafka.replica_fetch_response_max_bytes-property){: name='spec.userConfig.kafka.replica_fetch_response_max_bytes-property'} (integer, Minimum: 10485760, Maximum: 1048576000). Maximum bytes expected for the entire fetch response (defaults to 10485760). Records are fetched in batches, and if the first record batch in the first non-empty partition of the fetch is larger than this value, the record batch will still be returned to ensure that progress can be made. As such, this is not an absolute maximum. - [`socket_request_max_bytes`](#spec.userConfig.kafka.socket_request_max_bytes-property){: name='spec.userConfig.kafka.socket_request_max_bytes-property'} (integer, Minimum: 10485760, Maximum: 209715200). The maximum number of bytes in a socket request (defaults to 104857600). diff --git a/docs/docs/api-reference/opensearch.md b/docs/docs/api-reference/opensearch.md index 95984afd1..d1c1bfc07 100644 --- a/docs/docs/api-reference/opensearch.md +++ b/docs/docs/api-reference/opensearch.md @@ -224,6 +224,7 @@ OpenSearch settings. - [`action_auto_create_index_enabled`](#spec.userConfig.opensearch.action_auto_create_index_enabled-property){: name='spec.userConfig.opensearch.action_auto_create_index_enabled-property'} (boolean). Explicitly allow or block automatic creation of indices. Defaults to true. - [`action_destructive_requires_name`](#spec.userConfig.opensearch.action_destructive_requires_name-property){: name='spec.userConfig.opensearch.action_destructive_requires_name-property'} (boolean). Require explicit index names when deleting. +- [`auth_failure_listeners`](#spec.userConfig.opensearch.auth_failure_listeners-property){: name='spec.userConfig.opensearch.auth_failure_listeners-property'} (object). Opensearch Security Plugin Settings. See below for [nested schema](#spec.userConfig.opensearch.auth_failure_listeners). - [`cluster_max_shards_per_node`](#spec.userConfig.opensearch.cluster_max_shards_per_node-property){: name='spec.userConfig.opensearch.cluster_max_shards_per_node-property'} (integer, Minimum: 100, Maximum: 10000). Controls the number of shards allowed in the cluster per data node. - [`cluster_routing_allocation_node_concurrent_recoveries`](#spec.userConfig.opensearch.cluster_routing_allocation_node_concurrent_recoveries-property){: name='spec.userConfig.opensearch.cluster_routing_allocation_node_concurrent_recoveries-property'} (integer, Minimum: 2, Maximum: 16). How many concurrent incoming/outgoing shard recoveries (normally replicas) are allowed to happen on a node. Defaults to 2. - [`email_sender_name`](#spec.userConfig.opensearch.email_sender_name-property){: name='spec.userConfig.opensearch.email_sender_name-property'} (string, Pattern: `^[a-zA-Z0-9-_]+$`, MaxLength: 40). Sender name placeholder to be used in Opensearch Dashboards and Opensearch keystore. @@ -238,6 +239,12 @@ OpenSearch settings. - [`indices_query_bool_max_clause_count`](#spec.userConfig.opensearch.indices_query_bool_max_clause_count-property){: name='spec.userConfig.opensearch.indices_query_bool_max_clause_count-property'} (integer, Minimum: 64, Maximum: 4096). Maximum number of clauses Lucene BooleanQuery can have. The default value (1024) is relatively high, and increasing it may cause performance issues. Investigate other approaches first before increasing this value. - [`indices_recovery_max_bytes_per_sec`](#spec.userConfig.opensearch.indices_recovery_max_bytes_per_sec-property){: name='spec.userConfig.opensearch.indices_recovery_max_bytes_per_sec-property'} (integer, Minimum: 40, Maximum: 400). Limits total inbound and outbound recovery traffic for each node. Applies to both peer recoveries as well as snapshot recoveries (i.e., restores from a snapshot). Defaults to 40mb. - [`indices_recovery_max_concurrent_file_chunks`](#spec.userConfig.opensearch.indices_recovery_max_concurrent_file_chunks-property){: name='spec.userConfig.opensearch.indices_recovery_max_concurrent_file_chunks-property'} (integer, Minimum: 2, Maximum: 5). Number of file chunks sent in parallel for each recovery. Defaults to 2. +- [`ism_enabled`](#spec.userConfig.opensearch.ism_enabled-property){: name='spec.userConfig.opensearch.ism_enabled-property'} (boolean). Specifies whether ISM is enabled or not. +- [`ism_history_enabled`](#spec.userConfig.opensearch.ism_history_enabled-property){: name='spec.userConfig.opensearch.ism_history_enabled-property'} (boolean). Specifies whether audit history is enabled or not. The logs from ISM are automatically indexed to a logs document. +- [`ism_history_max_age`](#spec.userConfig.opensearch.ism_history_max_age-property){: name='spec.userConfig.opensearch.ism_history_max_age-property'} (integer, Minimum: 1, Maximum: 2147483647). The maximum age before rolling over the audit history index in hours. +- [`ism_history_max_docs`](#spec.userConfig.opensearch.ism_history_max_docs-property){: name='spec.userConfig.opensearch.ism_history_max_docs-property'} (integer, Minimum: 1). The maximum number of documents before rolling over the audit history index. +- [`ism_history_rollover_check_period`](#spec.userConfig.opensearch.ism_history_rollover_check_period-property){: name='spec.userConfig.opensearch.ism_history_rollover_check_period-property'} (integer, Minimum: 1, Maximum: 2147483647). The time between rollover checks for the audit history index in hours. +- [`ism_history_rollover_retention_period`](#spec.userConfig.opensearch.ism_history_rollover_retention_period-property){: name='spec.userConfig.opensearch.ism_history_rollover_retention_period-property'} (integer, Minimum: 1, Maximum: 2147483647). How long audit history indices are kept in days. - [`override_main_response_version`](#spec.userConfig.opensearch.override_main_response_version-property){: name='spec.userConfig.opensearch.override_main_response_version-property'} (boolean). Compatibility mode sets OpenSearch to report its version as 7.10 so clients continue to work. Default is false. - [`reindex_remote_whitelist`](#spec.userConfig.opensearch.reindex_remote_whitelist-property){: name='spec.userConfig.opensearch.reindex_remote_whitelist-property'} (array of strings, MaxItems: 32). Whitelisted addresses for reindexing. Changing this value will cause all OpenSearch instances to restart. - [`script_max_compilations_rate`](#spec.userConfig.opensearch.script_max_compilations_rate-property){: name='spec.userConfig.opensearch.script_max_compilations_rate-property'} (string, MaxLength: 1024). Script compilation circuit breaker limits the number of inline script compilations within a period of time. Default is use-context. @@ -254,6 +261,46 @@ OpenSearch settings. - [`thread_pool_write_queue_size`](#spec.userConfig.opensearch.thread_pool_write_queue_size-property){: name='spec.userConfig.opensearch.thread_pool_write_queue_size-property'} (integer, Minimum: 10, Maximum: 2000). Size for the thread pool queue. See documentation for exact details. - [`thread_pool_write_size`](#spec.userConfig.opensearch.thread_pool_write_size-property){: name='spec.userConfig.opensearch.thread_pool_write_size-property'} (integer, Minimum: 1, Maximum: 128). Size for the thread pool. See documentation for exact details. Do note this may have maximum value depending on CPU count - value is automatically lowered if set to higher than maximum value. +#### auth_failure_listeners {: #spec.userConfig.opensearch.auth_failure_listeners } + +_Appears on [`spec.userConfig.opensearch`](#spec.userConfig.opensearch)._ + +Opensearch Security Plugin Settings. + +**Optional** + +- [`internal_authentication_backend_limiting`](#spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting-property){: name='spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting-property'} (object). See below for [nested schema](#spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting). +- [`ip_rate_limiting`](#spec.userConfig.opensearch.auth_failure_listeners.ip_rate_limiting-property){: name='spec.userConfig.opensearch.auth_failure_listeners.ip_rate_limiting-property'} (object). IP address rate limiting settings. See below for [nested schema](#spec.userConfig.opensearch.auth_failure_listeners.ip_rate_limiting). + +##### internal_authentication_backend_limiting {: #spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting } + +_Appears on [`spec.userConfig.opensearch.auth_failure_listeners`](#spec.userConfig.opensearch.auth_failure_listeners)._ + +**Optional** + +- [`allowed_tries`](#spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting.allowed_tries-property){: name='spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting.allowed_tries-property'} (integer, Minimum: 0, Maximum: 2147483647). The number of login attempts allowed before login is blocked. +- [`authentication_backend`](#spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting.authentication_backend-property){: name='spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting.authentication_backend-property'} (string, MaxLength: 1024). internal_authentication_backend_limiting.authentication_backend. +- [`block_expiry_seconds`](#spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting.block_expiry_seconds-property){: name='spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting.block_expiry_seconds-property'} (integer, Minimum: 0, Maximum: 2147483647). The duration of time that login remains blocked after a failed login. +- [`max_blocked_clients`](#spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting.max_blocked_clients-property){: name='spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting.max_blocked_clients-property'} (integer, Minimum: 0, Maximum: 2147483647). internal_authentication_backend_limiting.max_blocked_clients. +- [`max_tracked_clients`](#spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting.max_tracked_clients-property){: name='spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting.max_tracked_clients-property'} (integer, Minimum: 0, Maximum: 2147483647). The maximum number of tracked IP addresses that have failed login. +- [`time_window_seconds`](#spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting.time_window_seconds-property){: name='spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting.time_window_seconds-property'} (integer, Minimum: 0, Maximum: 2147483647). The window of time in which the value for `allowed_tries` is enforced. +- [`type`](#spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting.type-property){: name='spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting.type-property'} (string, MaxLength: 1024). internal_authentication_backend_limiting.type. + +##### ip_rate_limiting {: #spec.userConfig.opensearch.auth_failure_listeners.ip_rate_limiting } + +_Appears on [`spec.userConfig.opensearch.auth_failure_listeners`](#spec.userConfig.opensearch.auth_failure_listeners)._ + +IP address rate limiting settings. + +**Optional** + +- [`allowed_tries`](#spec.userConfig.opensearch.auth_failure_listeners.ip_rate_limiting.allowed_tries-property){: name='spec.userConfig.opensearch.auth_failure_listeners.ip_rate_limiting.allowed_tries-property'} (integer, Minimum: 1, Maximum: 2147483647). The number of login attempts allowed before login is blocked. +- [`block_expiry_seconds`](#spec.userConfig.opensearch.auth_failure_listeners.ip_rate_limiting.block_expiry_seconds-property){: name='spec.userConfig.opensearch.auth_failure_listeners.ip_rate_limiting.block_expiry_seconds-property'} (integer, Minimum: 1, Maximum: 36000). The duration of time that login remains blocked after a failed login. +- [`max_blocked_clients`](#spec.userConfig.opensearch.auth_failure_listeners.ip_rate_limiting.max_blocked_clients-property){: name='spec.userConfig.opensearch.auth_failure_listeners.ip_rate_limiting.max_blocked_clients-property'} (integer, Minimum: 0, Maximum: 2147483647). The maximum number of blocked IP addresses. +- [`max_tracked_clients`](#spec.userConfig.opensearch.auth_failure_listeners.ip_rate_limiting.max_tracked_clients-property){: name='spec.userConfig.opensearch.auth_failure_listeners.ip_rate_limiting.max_tracked_clients-property'} (integer, Minimum: 0, Maximum: 2147483647). The maximum number of tracked IP addresses that have failed login. +- [`time_window_seconds`](#spec.userConfig.opensearch.auth_failure_listeners.ip_rate_limiting.time_window_seconds-property){: name='spec.userConfig.opensearch.auth_failure_listeners.ip_rate_limiting.time_window_seconds-property'} (integer, Minimum: 1, Maximum: 36000). The window of time in which the value for `allowed_tries` is enforced. +- [`type`](#spec.userConfig.opensearch.auth_failure_listeners.ip_rate_limiting.type-property){: name='spec.userConfig.opensearch.auth_failure_listeners.ip_rate_limiting.type-property'} (string, MaxLength: 1024). The type of rate limiting. + ### opensearch_dashboards {: #spec.userConfig.opensearch_dashboards } _Appears on [`spec.userConfig`](#spec.userConfig)._ diff --git a/generators/docs/generator.go b/generators/docs/generator.go index 601853ecb..3ce1fef1c 100644 --- a/generators/docs/generator.go +++ b/generators/docs/generator.go @@ -6,6 +6,7 @@ import ( "os" "path" "regexp" + "sort" "strings" "text/template" @@ -179,10 +180,9 @@ func (s *schemaType) init() { s.properties = append(s.properties, v) } - slices.SortFunc(s.properties, func(a, b *schemaType) bool { - return a.Name < b.Name + sort.Slice(s.properties, func(i, j int) bool { + return s.properties[i].Name < s.properties[j].Name }) - } // ListProperties lists all object properties diff --git a/go.mod b/go.mod index fe4ce4013..cfad33827 100644 --- a/go.mod +++ b/go.mod @@ -17,7 +17,7 @@ require ( github.com/stoewer/go-strcase v1.3.0 github.com/stretchr/testify v1.8.4 github.com/xeipuuv/gojsonschema v1.2.0 - golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e + golang.org/x/exp v0.0.0-20230905200255-921286631fa9 golang.org/x/sync v0.3.0 golang.org/x/tools v0.13.0 gopkg.in/yaml.v3 v3.0.1 @@ -54,7 +54,7 @@ require ( github.com/google/uuid v1.3.0 // indirect github.com/hashicorp/errwrap v1.0.0 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect - github.com/hashicorp/go-retryablehttp v0.7.2 // indirect + github.com/hashicorp/go-retryablehttp v0.7.4 // indirect github.com/hashicorp/go-version v0.0.0-20161031182605-e96d38404026 // indirect github.com/imdario/mergo v0.3.12 // indirect github.com/josharian/intern v1.0.0 // indirect diff --git a/go.sum b/go.sum index 3cbc93673..631053031 100644 --- a/go.sum +++ b/go.sum @@ -241,8 +241,8 @@ github.com/hashicorp/go-hclog v0.9.2 h1:CG6TE5H9/JXsFWJCfoIVpKFIkFe6ysEuHirp4DxC github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= -github.com/hashicorp/go-retryablehttp v0.7.2 h1:AcYqCvkpalPnPF2pn0KamgwamS42TqUDDYFRKq/RAd0= -github.com/hashicorp/go-retryablehttp v0.7.2/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= +github.com/hashicorp/go-retryablehttp v0.7.4 h1:ZQgVdpTdAL7WpMIwLzCfbalOcSUdkDZnpUv3/+BxzFA= +github.com/hashicorp/go-retryablehttp v0.7.4/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= github.com/hashicorp/go-version v0.0.0-20161031182605-e96d38404026 h1:qWx/DcC6l4ZzuS+JBAzI5XjtLFDCc08zYeZ0kLnaH2g= github.com/hashicorp/go-version v0.0.0-20161031182605-e96d38404026/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= @@ -412,8 +412,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e h1:+WEEuIdZHnUeJJmEUjyYC2gfUMj69yZXw17EnHg/otA= -golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e/go.mod h1:Kr81I6Kryrl9sr8s2FK3vxD90NdsKWRuOIl2O4CvYbA= +golang.org/x/exp v0.0.0-20230905200255-921286631fa9 h1:GoHiUyI/Tp2nVkLI2mCxVkOjsbSXD66ic0XW0js0R9g= +golang.org/x/exp v0.0.0-20230905200255-921286631fa9/go.mod h1:S2oDrQGGwySpoQPVqRShND87VCbxmc6bL1Yd2oYrm6k= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=