Skip to content
This repository was archived by the owner on Mar 16, 2024. It is now read-only.

Commit 47d1a71

Browse files
iwilltry42iwilltry42
authored
Fix: Importing Private Keys (SSH Keys) for signing and deny them for verification (#2063 + #2115) (#2145)
1 parent c7766fd commit 47d1a71

File tree

10 files changed

+319
-228
lines changed

10 files changed

+319
-228
lines changed

go.mod

+55-57
Original file line numberDiff line numberDiff line change
@@ -11,27 +11,27 @@ replace (
1111
)
1212

1313
require (
14-
cuelang.org/go v0.5.0
14+
cuelang.org/go v0.6.0
1515
github.com/AlecAivazis/survey/v2 v2.3.6
1616
github.com/acorn-io/aml v0.0.0-20230827061234-6707a74cdc97
1717
github.com/acorn-io/baaah v0.0.0-20230827055549-50fb849cd5d3
1818
github.com/acorn-io/mink v0.0.0-20230804175412-8d121aae112c
1919
github.com/acorn-io/namegenerator v0.0.0-20220915160418-9e3d5a0ffe78
2020
github.com/acorn-io/z v0.0.0-20230714155009-a770ecbbdc45
2121
github.com/adrg/xdg v0.4.0
22-
github.com/aws/aws-sdk-go-v2 v1.18.0
23-
github.com/aws/aws-sdk-go-v2/config v1.18.23
22+
github.com/aws/aws-sdk-go-v2 v1.20.0
23+
github.com/aws/aws-sdk-go-v2/config v1.18.32
2424
github.com/aws/aws-sdk-go-v2/service/iam v1.19.10
2525
github.com/containerd/console v1.0.3
2626
github.com/containerd/containerd v1.6.20
2727
github.com/denisbrodbeck/machineid v1.0.1
2828
github.com/depot/depot-go v0.0.0-20230819013533-12cec5cbd2f9
29-
github.com/docker/cli v23.0.5+incompatible
29+
github.com/docker/cli v24.0.0+incompatible
3030
github.com/docker/docker-credential-helpers v0.7.0
3131
github.com/go-acme/lego/v4 v4.9.1
3232
github.com/golang/mock v1.6.0
3333
github.com/google/go-cmp v0.5.9
34-
github.com/google/go-containerregistry v0.14.1-0.20230409045903-ed5c185df419
34+
github.com/google/go-containerregistry v0.16.1
3535
github.com/google/go-containerregistry/pkg/authn/kubernetes v0.0.0-20221213180026-23d895d08035
3636
github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510
3737
github.com/google/uuid v1.3.0
@@ -42,25 +42,25 @@ require (
4242
github.com/loft-sh/devspace v1.1.1-0.20221217093921-7604c5857f98
4343
github.com/moby/buildkit v0.11.6
4444
github.com/opencontainers/go-digest v1.0.0
45-
github.com/opencontainers/image-spec v1.1.0-rc3
45+
github.com/opencontainers/image-spec v1.1.0-rc4
4646
github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8
4747
github.com/pkg/errors v0.9.1
4848
github.com/pterm/pterm v0.12.49
4949
github.com/rancher/wrangler v1.0.2
5050
github.com/robfig/cron/v3 v3.0.1
5151
github.com/secure-systems-lab/go-securesystemslib v0.7.0
52-
github.com/sigstore/cosign/v2 v2.0.2
53-
github.com/sigstore/sigstore v1.6.4
54-
github.com/sirupsen/logrus v1.9.2
52+
github.com/sigstore/cosign/v2 v2.2.0
53+
github.com/sigstore/sigstore v1.7.3
54+
github.com/sirupsen/logrus v1.9.3
5555
github.com/spf13/cobra v1.7.0
5656
github.com/spf13/pflag v1.0.5
5757
github.com/stretchr/testify v1.8.4
5858
github.com/tonistiigi/fsutil v0.0.0-20230629203738-36ef4d8c0dbb
5959
github.com/wI2L/jsondiff v0.3.0
60-
golang.org/x/crypto v0.11.0
60+
golang.org/x/crypto v0.13.0
6161
golang.org/x/exp v0.0.0-20230713183714-613f0c0eb8a1
6262
golang.org/x/sync v0.3.0
63-
google.golang.org/grpc v1.55.0
63+
google.golang.org/grpc v1.57.0
6464
gopkg.in/src-d/go-git.v4 v4.13.1
6565
inet.af/tcpproxy v0.0.0-20221017015627-91f861402626
6666
k8s.io/api v0.27.3
@@ -73,7 +73,7 @@ require (
7373
k8s.io/kube-aggregator v0.27.3
7474
k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f
7575
k8s.io/kubectl v0.27.3
76-
k8s.io/utils v0.0.0-20230406110748-d93618cff8a2
76+
k8s.io/utils v0.0.0-20230505201702-9f6742963106
7777
sigs.k8s.io/controller-runtime v0.15.0-beta.0
7878
sigs.k8s.io/yaml v1.3.0
7979
)
@@ -84,23 +84,22 @@ require (
8484
github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
8585
github.com/Microsoft/go-winio v0.6.1 // indirect
8686
github.com/NYTimes/gziphandler v1.1.1 // indirect
87-
github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8 // indirect
87+
github.com/ProtonMail/go-crypto v0.0.0-20230518184743-7afd39499903 // indirect
8888
github.com/ThalesIgnite/crypto11 v1.2.5 // indirect
8989
github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d // indirect
9090
github.com/agnivade/levenshtein v1.1.1 // indirect
9191
github.com/antlr/antlr4/runtime/Go/antlr v1.4.10 // indirect
9292
github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
93-
github.com/aws/aws-sdk-go v1.44.259 // indirect
94-
github.com/aws/aws-sdk-go-v2/credentials v1.13.22 // indirect
95-
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.3 // indirect
96-
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.33 // indirect
97-
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.27 // indirect
98-
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.34 // indirect
99-
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.27 // indirect
100-
github.com/aws/aws-sdk-go-v2/service/sso v1.12.10 // indirect
101-
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.10 // indirect
102-
github.com/aws/aws-sdk-go-v2/service/sts v1.18.11 // indirect
103-
github.com/aws/smithy-go v1.13.5 // indirect
93+
github.com/aws/aws-sdk-go-v2/credentials v1.13.31 // indirect
94+
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.7 // indirect
95+
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.37 // indirect
96+
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.31 // indirect
97+
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.38 // indirect
98+
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.31 // indirect
99+
github.com/aws/aws-sdk-go-v2/service/sso v1.13.1 // indirect
100+
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.15.1 // indirect
101+
github.com/aws/aws-sdk-go-v2/service/sts v1.21.1 // indirect
102+
github.com/aws/smithy-go v1.14.0 // indirect
104103
github.com/beorn7/perks v1.0.1 // indirect
105104
github.com/blang/semver v3.5.1+incompatible // indirect
106105
github.com/blang/semver/v4 v4.0.0 // indirect
@@ -119,11 +118,11 @@ require (
119118
github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect
120119
github.com/cyberphone/json-canonicalization v0.0.0-20220623050100-57a0ce2678a7 // indirect
121120
github.com/davecgh/go-spew v1.1.1 // indirect
122-
github.com/digitorus/pkcs7 v0.0.0-20221212123742-001c36b64ec3 // indirect
123-
github.com/digitorus/timestamp v0.0.0-20221019182153-ef3b63b79b31 // indirect
121+
github.com/digitorus/pkcs7 v0.0.0-20230818184609-3a137a874352 // indirect
122+
github.com/digitorus/timestamp v0.0.0-20230821155606-d1ad5ca9624c // indirect
124123
github.com/docker/distribution v2.8.2+incompatible // indirect
125-
github.com/docker/docker v23.0.5+incompatible // indirect
126-
github.com/emicklei/go-restful/v3 v3.9.0 // indirect
124+
github.com/docker/docker v24.0.0+incompatible // indirect
125+
github.com/emicklei/go-restful/v3 v3.10.2 // indirect
127126
github.com/emicklei/proto v1.10.0 // indirect
128127
github.com/emirpasic/gods v1.12.0 // indirect
129128
github.com/evanphx/json-patch v4.12.0+incompatible // indirect
@@ -138,41 +137,40 @@ require (
138137
github.com/go-logr/logr v1.2.4 // indirect
139138
github.com/go-logr/stdr v1.2.2 // indirect
140139
github.com/go-openapi/analysis v0.21.4 // indirect
141-
github.com/go-openapi/errors v0.20.3 // indirect
140+
github.com/go-openapi/errors v0.20.4 // indirect
142141
github.com/go-openapi/jsonpointer v0.19.6 // indirect
143-
github.com/go-openapi/jsonreference v0.20.1 // indirect
142+
github.com/go-openapi/jsonreference v0.20.2 // indirect
144143
github.com/go-openapi/loads v0.21.2 // indirect
145144
github.com/go-openapi/runtime v0.26.0 // indirect
146145
github.com/go-openapi/spec v0.20.9 // indirect
147146
github.com/go-openapi/strfmt v0.21.7 // indirect
148-
github.com/go-openapi/swag v0.22.3 // indirect
147+
github.com/go-openapi/swag v0.22.4 // indirect
149148
github.com/go-openapi/validate v0.22.1 // indirect
150149
github.com/go-playground/locales v0.14.1 // indirect
151150
github.com/go-playground/universal-translator v0.18.1 // indirect
152-
github.com/go-playground/validator/v10 v10.14.0 // indirect
151+
github.com/go-playground/validator/v10 v10.15.1 // indirect
153152
github.com/gofrs/flock v0.8.1 // indirect
154153
github.com/gogo/googleapis v1.4.1 // indirect
155154
github.com/gogo/protobuf v1.3.2 // indirect
156-
github.com/golang/glog v1.1.0 // indirect
157155
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
158156
github.com/golang/protobuf v1.5.3 // indirect
159157
github.com/golang/snappy v0.0.4 // indirect
160158
github.com/google/cel-go v0.12.6 // indirect
161159
github.com/google/certificate-transparency-go v1.1.6 // indirect
162160
github.com/google/gnostic v0.6.9 // indirect
163-
github.com/google/go-github/v50 v50.2.0 // indirect
161+
github.com/google/go-github/v53 v53.2.0 // indirect
164162
github.com/google/go-querystring v1.1.0 // indirect
165163
github.com/google/gofuzz v1.2.0 // indirect
166-
github.com/google/trillian v1.5.2 // indirect
164+
github.com/google/pprof v0.0.0-20221103000818-d260c55eee4c // indirect
167165
github.com/gookit/color v1.5.2 // indirect
168166
github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 // indirect
169167
github.com/grpc-ecosystem/go-grpc-prometheus v1.2.1-0.20210315223345-82c243799c99 // indirect
170168
github.com/grpc-ecosystem/grpc-gateway/v2 v2.15.2 // indirect
171169
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
172-
github.com/hashicorp/go-retryablehttp v0.7.2 // indirect
170+
github.com/hashicorp/go-retryablehttp v0.7.4 // indirect
173171
github.com/hashicorp/hcl v1.0.0 // indirect
174172
github.com/hexops/gotextdiff v1.0.3 // indirect
175-
github.com/imdario/mergo v0.3.12 // indirect
173+
github.com/imdario/mergo v0.3.15 // indirect
176174
github.com/in-toto/in-toto-golang v0.9.0 // indirect
177175
github.com/inconshreveable/mousetrap v1.1.0 // indirect
178176
github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
@@ -213,26 +211,27 @@ require (
213211
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
214212
github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect
215213
github.com/nightlyone/lockfile v1.0.0 // indirect
214+
github.com/nozzle/throttler v0.0.0-20180817012639-2ea982251481 // indirect
216215
github.com/oklog/ulid v1.3.1 // indirect
217216
github.com/olekukonko/tablewriter v0.0.5 // indirect
218217
github.com/opentracing/opentracing-go v1.2.0 // indirect
219218
github.com/otiai10/copy v1.7.0 // indirect
220219
github.com/pelletier/go-toml/v2 v2.0.8 // indirect
221220
github.com/pmezard/go-difflib v1.0.0 // indirect
222-
github.com/prometheus/client_golang v1.15.1 // indirect
221+
github.com/prometheus/client_golang v1.16.0 // indirect
223222
github.com/prometheus/client_model v0.4.0 // indirect
224-
github.com/prometheus/common v0.42.0 // indirect
225-
github.com/prometheus/procfs v0.9.0 // indirect
226-
github.com/protocolbuffers/txtpbfmt v0.0.0-20220428173112-74888fd59c2b // indirect
223+
github.com/prometheus/common v0.44.0 // indirect
224+
github.com/prometheus/procfs v0.10.1 // indirect
225+
github.com/protocolbuffers/txtpbfmt v0.0.0-20230328191034-3462fbc510c0 // indirect
227226
github.com/rancher/lasso v0.0.0-20221227210133-6ea88ca2fbcc // indirect
228227
github.com/rivo/uniseg v0.2.0 // indirect
229228
github.com/russross/blackfriday/v2 v2.1.0 // indirect
230229
github.com/sabhiram/go-gitignore v0.0.0-20180611051255-d3107576ba94 // indirect
231230
github.com/sassoftware/relic v7.2.1+incompatible // indirect
232231
github.com/sergi/go-diff v1.3.1 // indirect
233232
github.com/shibumi/go-pathspec v1.3.0 // indirect
234-
github.com/sigstore/rekor v1.2.1 // indirect
235-
github.com/sigstore/timestamp-authority v1.1.1 // indirect
233+
github.com/sigstore/rekor v1.2.2 // indirect
234+
github.com/sigstore/timestamp-authority v1.1.2 // indirect
236235
github.com/spf13/afero v1.9.5 // indirect
237236
github.com/spf13/cast v1.5.1 // indirect
238237
github.com/spf13/jwalterweatherman v1.1.0 // indirect
@@ -242,7 +241,7 @@ require (
242241
github.com/subosito/gotenv v1.4.2 // indirect
243242
github.com/syndtr/goleveldb v1.0.1-0.20220721030215-126854af5e6d // indirect
244243
github.com/thales-e-security/pool v0.0.2 // indirect
245-
github.com/theupdateframework/go-tuf v0.5.2 // indirect
244+
github.com/theupdateframework/go-tuf v0.6.1 // indirect
246245
github.com/tidwall/gjson v1.14.3 // indirect
247246
github.com/tidwall/match v1.1.1 // indirect
248247
github.com/tidwall/pretty v1.2.1 // indirect
@@ -251,7 +250,7 @@ require (
251250
github.com/tonistiigi/vt100 v0.0.0-20210615222946-8066bb97264f // indirect
252251
github.com/transparency-dev/merkle v0.0.2 // indirect
253252
github.com/vbatts/tar-split v0.11.3 // indirect
254-
github.com/xanzy/go-gitlab v0.83.0 // indirect
253+
github.com/xanzy/go-gitlab v0.90.0 // indirect
255254
github.com/xanzy/ssh-agent v0.2.1 // indirect
256255
github.com/xo/terminfo v0.0.0-20210125001918-ca9a967f8778 // indirect
257256
go.etcd.io/etcd/api/v3 v3.5.9 // indirect
@@ -268,22 +267,21 @@ require (
268267
go.opentelemetry.io/otel/sdk v1.16.0 // indirect
269268
go.opentelemetry.io/otel/trace v1.16.0 // indirect
270269
go.opentelemetry.io/proto/otlp v0.19.0 // indirect
271-
go.uber.org/atomic v1.10.0 // indirect
272270
go.uber.org/multierr v1.11.0 // indirect
273-
go.uber.org/zap v1.24.0 // indirect
271+
go.uber.org/zap v1.25.0 // indirect
274272
golang.org/x/mod v0.11.0 // indirect
275-
golang.org/x/net v0.10.0 // indirect
276-
golang.org/x/oauth2 v0.8.0 // indirect
277-
golang.org/x/sys v0.10.0 // indirect
278-
golang.org/x/term v0.10.0 // indirect
279-
golang.org/x/text v0.11.0 // indirect
273+
golang.org/x/net v0.14.0 // indirect
274+
golang.org/x/oauth2 v0.11.0 // indirect
275+
golang.org/x/sys v0.12.0 // indirect
276+
golang.org/x/term v0.12.0 // indirect
277+
golang.org/x/text v0.13.0 // indirect
280278
golang.org/x/time v0.3.0 // indirect
281-
golang.org/x/tools v0.9.1 // indirect
279+
golang.org/x/tools v0.9.3 // indirect
282280
google.golang.org/appengine v1.6.7 // indirect
283-
google.golang.org/genproto v0.0.0-20230530153820-e85fd2cbaebc // indirect
284-
google.golang.org/genproto/googleapis/api v0.0.0-20230530153820-e85fd2cbaebc // indirect
285-
google.golang.org/genproto/googleapis/rpc v0.0.0-20230530153820-e85fd2cbaebc // indirect
286-
google.golang.org/protobuf v1.30.0 // indirect
281+
google.golang.org/genproto v0.0.0-20230803162519-f966b187b2e5 // indirect
282+
google.golang.org/genproto/googleapis/api v0.0.0-20230803162519-f966b187b2e5 // indirect
283+
google.golang.org/genproto/googleapis/rpc v0.0.0-20230807174057-1744710a1577 // indirect
284+
google.golang.org/protobuf v1.31.0 // indirect
287285
gopkg.in/inf.v0 v0.9.1 // indirect
288286
gopkg.in/ini.v1 v1.67.0 // indirect
289287
gopkg.in/natefinch/lumberjack.v2 v2.0.0 // indirect

0 commit comments

Comments
 (0)