From cb6067b0d5832255e86c0a4c342a22ae62a18f57 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Thu, 30 Mar 2023 10:21:52 +0200 Subject: [PATCH 001/268] SPM-1991: fix baseline system evaluation --- evaluator/evaluate_advisories.go | 8 +++----- evaluator/evaluate_baseline.go | 9 ++++++++- 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/evaluator/evaluate_advisories.go b/evaluator/evaluate_advisories.go index 00c3c32e3..3b158b9f3 100644 --- a/evaluator/evaluate_advisories.go +++ b/evaluator/evaluate_advisories.go @@ -118,7 +118,7 @@ func getAdvisoryChanges(reported map[string]int, stored map[string]models.System applicableNames := make([]string, 0, len(reported)) deleteIDs := make([]int64, 0, len(stored)) for reportedAdvisory, statusID := range reported { - if _, found := stored[reportedAdvisory]; !found { + if advisory, found := stored[reportedAdvisory]; !found || advisory.StatusID != statusID { if statusID == INSTALLABLE { installableNames = append(installableNames, reportedAdvisory) } else { @@ -164,10 +164,8 @@ func ensureSystemAdvisories(tx *gorm.DB, rhAccountID int, systemID int64, instal StatusID: APPLICABLE}) } - txOnConflict := tx.Clauses(clause.OnConflict{ - DoNothing: true, - }) - err := database.BulkInsert(txOnConflict, advisoriesObjs) + tx = database.OnConflictUpdateMulti(tx, []string{"rh_account_id", "system_id", "advisory_id"}, "status_id") + err := database.BulkInsert(tx, advisoriesObjs) return err } diff --git a/evaluator/evaluate_baseline.go b/evaluator/evaluate_baseline.go index 451e173a0..c8afa98c4 100644 --- a/evaluator/evaluate_baseline.go +++ b/evaluator/evaluate_baseline.go @@ -35,7 +35,9 @@ func limitVmaasToBaseline(tx *gorm.DB, system *models.SystemPlatform, vmaasData filterOutNamesSet[i] = struct{}{} } - for _, updates := range vmaasData.GetUpdateList() { + updateList := vmaasData.GetUpdateList() + modifiedUpdateList := make(map[string]vmaas.UpdatesV2ResponseUpdateList, len(updateList)) + for pkg, updates := range updateList { availableUpdates := updates.GetAvailableUpdates() for i := range availableUpdates { advisoryName := availableUpdates[i].GetErratum() @@ -45,7 +47,12 @@ func limitVmaasToBaseline(tx *gorm.DB, system *models.SystemPlatform, vmaasData availableUpdates[i].StatusID = INSTALLABLE } } + updates.AvailableUpdates = &availableUpdates + modifiedUpdateList[pkg] = updates } + if vmaasData != nil && vmaasData.UpdateList != nil { + vmaasData.UpdateList = &modifiedUpdateList + } return nil } From b80f76ce4f153bb831a0752f1c203d5efd382332 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Thu, 30 Mar 2023 17:05:08 +0200 Subject: [PATCH 002/268] SPM-1991: enable baseline evaluation by default --- deploy/clowdapp.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 8d9c8902c..594998818 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -589,7 +589,7 @@ parameters: - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} - {name: ENABLE_BYPASS_EVALUATOR_UPLOAD, value: 'false'} # Enable only bypass (fake) messages processing - {name: ENABLE_LAZY_PACKAGE_SAVE_EVALUATOR_UPLOAD, value: 'false'} # Enable unknown EVRAs saving during the evaluation -- {name: ENABLE_BASELINE_EVAL_EVALUATOR_UPLOAD, value: 'false'} # Take baselines into account during the evaluation +- {name: ENABLE_BASELINE_EVAL_EVALUATOR_UPLOAD, value: 'true'} # Take baselines into account during the evaluation - {name: ENABLE_ADVISORY_ANALYSIS_SAVE_EVALUATOR_UPLOAD, value: 'true'} - {name: ENABLE_PACKAGE_ANALYSIS_SAVE_EVALUATOR_UPLOAD, value: 'true'} - {name: ENABLE_REPO_ANALYSIS_SAVE_EVALUATOR_UPLOAD, value: 'true'} @@ -614,7 +614,7 @@ parameters: - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} - {name: ENABLE_BYPASS_EVALUATOR_RECALC, value: 'false'} # Enable only bypass (fake) messages processing - {name: ENABLE_LAZY_PACKAGE_SAVE_EVALUATOR_RECALC, value: 'false'} # Enable unknown EVRAs saving during the evaluation -- {name: ENABLE_BASELINE_EVAL_EVALUATOR_RECALC, value: 'false'} # Take baselines into account during the evaluation +- {name: ENABLE_BASELINE_EVAL_EVALUATOR_RECALC, value: 'true'} # Take baselines into account during the evaluation - {name: ENABLE_ADVISORY_ANALYSIS_SAVE_EVALUATOR_RECALC, value: 'true'} - {name: ENABLE_PACKAGE_ANALYSIS_SAVE_EVALUATOR_RECALC, value: 'true'} - {name: ENABLE_REPO_ANALYSIS_SAVE_EVALUATOR_RECALC, value: 'true'} From 3add94acfe8bdbf036ceba6f5605cdba8efe0d87 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Fri, 31 Mar 2023 07:58:46 +0000 Subject: [PATCH 003/268] v3.1.28 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index d8c907121..2bd5dc0f9 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.1.27 +v3.1.28 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 594998818..85bbb2213 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -541,7 +541,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.1.27} +- {name: IMAGE_TAG_MANAGER, value: v3.1.28} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -564,7 +564,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.1.27} +- {name: IMAGE_TAG_LISTENER, value: v3.1.28} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -582,7 +582,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.27} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.28} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -607,7 +607,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.27} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.28} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -630,7 +630,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.1.27} +- {name: IMAGE_TAG_JOBS, value: v3.1.28} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -675,7 +675,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.27} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.28} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -705,7 +705,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.1.27} +- {name: IMAGE_TAG_ADMIN, value: v3.1.28} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index b3ecb6338..bbbe90845 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.27" + "version": "v3.1.28" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 7cdaf0894..8a2420598 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.27" + "version": "v3.1.28" }, "servers": [ { From d2609e5e264230eddb263fec9a493c8969c26039 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Wed, 29 Mar 2023 13:39:08 +0200 Subject: [PATCH 004/268] SPM-1990: fix dbchange response parsing --- base/types/timestamp.go | 14 ++++---------- base/vmaas/vmaas.go | 18 +++++++----------- platform/vmaas.go | 12 +++++------- tasks/vmaas_sync/dbchange.go | 4 ++-- tasks/vmaas_sync/vmaas_sync.go | 2 +- 5 files changed, 19 insertions(+), 31 deletions(-) diff --git a/base/types/timestamp.go b/base/types/timestamp.go index 54332f25d..844e8e83f 100644 --- a/base/types/timestamp.go +++ b/base/types/timestamp.go @@ -32,6 +32,10 @@ func (d Rfc3339Timestamp) MarshalJSON() ([]byte, error) { func (d *Rfc3339Timestamp) UnmarshalJSON(data []byte) error { t, err := unmarshalTimestamp(data, Rfc3339NoTz) + if err != nil { + // parsing fail, try to parse timestamp without T + t, err = unmarshalTimestamp(data, Rfc3339NoT) + } *d = Rfc3339Timestamp(t) return err } @@ -60,16 +64,6 @@ func (d *Rfc3339TimestampWithZ) Time() *time.Time { return (*time.Time)(d) } -func (d Rfc3339TimestampNoT) MarshalJSON() ([]byte, error) { - return json.Marshal(d.Time().Format(Rfc3339NoT)) -} - -func (d *Rfc3339TimestampNoT) UnmarshalJSON(data []byte) error { - t, err := unmarshalTimestamp(data, Rfc3339NoT) - *d = Rfc3339TimestampNoT(t) - return err -} - func (d *Rfc3339TimestampNoT) Time() *time.Time { if d == nil { return nil diff --git a/base/vmaas/vmaas.go b/base/vmaas/vmaas.go index b7b0775af..538c20337 100644 --- a/base/vmaas/vmaas.go +++ b/base/vmaas/vmaas.go @@ -234,20 +234,16 @@ type ReposResponse struct { } type DBChangeResponse struct { - DBChange dbChange `json:"dbchange,omitempty"` + ErrataChanges *types.Rfc3339Timestamp `json:"errata_changes,omitempty"` + CVEChanges *types.Rfc3339Timestamp `json:"cve_changes,omitempty"` + RepositoryChanges *types.Rfc3339Timestamp `json:"repository_changes,omitempty"` + LastChange *types.Rfc3339Timestamp `json:"last_change,omitempty"` + Exported *types.Rfc3339Timestamp `json:"exported,omitempty"` } -type dbChange struct { - ErrataChanges *types.Rfc3339TimestampNoT `json:"errata_changes,omitempty"` - CVEChanges *types.Rfc3339TimestampNoT `json:"cve_changes,omitempty"` - RepositoryChanges *types.Rfc3339TimestampNoT `json:"repository_changes,omitempty"` - LastChange *types.Rfc3339TimestampNoT `json:"last_change,omitempty"` - Exported *types.Rfc3339TimestampNoT `json:"exported,omitempty"` -} - -func (o *DBChangeResponse) GetExported() *types.Rfc3339TimestampNoT { +func (o *DBChangeResponse) GetExported() *types.Rfc3339Timestamp { if o == nil { return nil } - return o.DBChange.Exported + return o.Exported } diff --git a/platform/vmaas.go b/platform/vmaas.go index 25eb378c7..133c7ad1b 100644 --- a/platform/vmaas.go +++ b/platform/vmaas.go @@ -194,13 +194,11 @@ func reposHandler(c *gin.Context) { func dbchangeHandler(c *gin.Context) { data := `{ - "dbchange": { - "errata_changes": "2222-04-16 20:07:58.500192+00", - "cve_changes": "2222-04-16 20:06:47.214266+00", - "repository_changes": "2222-04-16 20:07:55.214266+00", - "last_change": "2222-04-16 20:07:58.500192+00", - "exported": "2222-04-16 20:07:59.235962+00" - } + "errata_changes": "2222-04-16 20:07:58.500192+00", + "cve_changes": "2222-04-16 20:06:47.214266+00", + "repository_changes": "2222-04-16 20:07:55.214266+00", + "last_change": "2222-04-16 20:07:58.500192+00", + "exported": "2222-04-16 20:07:59.235962+00" }` c.Data(http.StatusOK, gin.MIMEJSON, []byte(data)) } diff --git a/tasks/vmaas_sync/dbchange.go b/tasks/vmaas_sync/dbchange.go index 58ee26493..8ddc29dc3 100644 --- a/tasks/vmaas_sync/dbchange.go +++ b/tasks/vmaas_sync/dbchange.go @@ -10,7 +10,7 @@ import ( "github.com/pkg/errors" ) -func isSyncNeeded(dbExportedTS *types.Rfc3339TimestampWithZ, vmaasExportedTS *types.Rfc3339TimestampNoT) bool { +func isSyncNeeded(dbExportedTS *types.Rfc3339TimestampWithZ, vmaasExportedTS *types.Rfc3339Timestamp) bool { if dbExportedTS == nil || vmaasExportedTS == nil { return true } @@ -38,7 +38,7 @@ func vmaasDBChangeRequest() (*vmaas.DBChangeResponse, error) { return vmaasDataPtr.(*vmaas.DBChangeResponse), nil } -func VmaasDBExported() *types.Rfc3339TimestampNoT { +func VmaasDBExported() *types.Rfc3339Timestamp { dbchange, err := vmaasDBChangeRequest() if err != nil { utils.LogError("err", err, "Could'n query vmaas dbchange") diff --git a/tasks/vmaas_sync/vmaas_sync.go b/tasks/vmaas_sync/vmaas_sync.go index 99c8317d3..ad3a383f3 100644 --- a/tasks/vmaas_sync/vmaas_sync.go +++ b/tasks/vmaas_sync/vmaas_sync.go @@ -100,7 +100,7 @@ func GetLastSync(key string) *types.Rfc3339TimestampWithZ { return ts } -func SyncData(lastModifiedTS *types.Rfc3339TimestampWithZ, vmaasExportedTS *types.Rfc3339TimestampNoT) error { +func SyncData(lastModifiedTS *types.Rfc3339TimestampWithZ, vmaasExportedTS *types.Rfc3339Timestamp) error { utils.LogInfo("Data sync started") syncStart := time.Now() defer utils.ObserveSecondsSince(syncStart, syncDuration) From afb60c30f722da5f5e966bd0c7a9c89893a6d675 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Fri, 31 Mar 2023 08:05:43 +0000 Subject: [PATCH 005/268] v3.1.29 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 2bd5dc0f9..9843cb1a6 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.1.28 +v3.1.29 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 85bbb2213..de3d51745 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -541,7 +541,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.1.28} +- {name: IMAGE_TAG_MANAGER, value: v3.1.29} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -564,7 +564,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.1.28} +- {name: IMAGE_TAG_LISTENER, value: v3.1.29} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -582,7 +582,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.28} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.29} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -607,7 +607,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.28} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.29} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -630,7 +630,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.1.28} +- {name: IMAGE_TAG_JOBS, value: v3.1.29} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -675,7 +675,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.28} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.29} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -705,7 +705,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.1.28} +- {name: IMAGE_TAG_ADMIN, value: v3.1.29} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index bbbe90845..ff997ddae 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.28" + "version": "v3.1.29" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 8a2420598..d8103688a 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.28" + "version": "v3.1.29" }, "servers": [ { From 14ae81d9e142ead655de09b5cb4492d576616939 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Fri, 31 Mar 2023 12:02:34 +0200 Subject: [PATCH 006/268] SPM-1990: use checksum value as vmaas-cache key --- evaluator/vmaas_cache.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/evaluator/vmaas_cache.go b/evaluator/vmaas_cache.go index 5802a5157..6dcc6af43 100644 --- a/evaluator/vmaas_cache.go +++ b/evaluator/vmaas_cache.go @@ -42,10 +42,10 @@ func NewVmaasPackageCache(enabled bool, size int, checkDuration time.Duration) * func (c *VmaasCache) Get(checksum *string) (*vmaas.UpdatesV2Response, bool) { if c.enabled && checksum != nil { - val, ok := c.data.Get(checksum) + val, ok := c.data.Get(*checksum) if ok { vmaasCacheCnt.WithLabelValues("hit").Inc() - utils.LogTrace("checksum", checksum, "VmaasCache.Get cache hit") + utils.LogTrace("checksum", *checksum, "VmaasCache.Get cache hit") response := val.(*vmaas.UpdatesV2Response) return response, true } @@ -57,7 +57,7 @@ func (c *VmaasCache) Get(checksum *string) (*vmaas.UpdatesV2Response, bool) { func (c *VmaasCache) Add(checksum *string, response *vmaas.UpdatesV2Response) { if c.enabled && checksum != nil { vmaasCacheGauge.Inc() - c.data.Add(checksum, response) + c.data.Add(*checksum, response) } } From 941d3da7bd6d848a6ddae516c20b0085eed9c741 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Fri, 31 Mar 2023 12:40:44 +0200 Subject: [PATCH 007/268] update golang-lru pkg --- evaluator/package_cache.go | 48 ++++++++++++++------------ evaluator/vmaas_cache.go | 9 +++-- go.mod | 2 +- go.sum | 4 +-- manager/controllers/advisory_detail.go | 13 +++---- 5 files changed, 40 insertions(+), 36 deletions(-) diff --git a/evaluator/package_cache.go b/evaluator/package_cache.go index b2660ef17..9a806b94d 100644 --- a/evaluator/package_cache.go +++ b/evaluator/package_cache.go @@ -8,7 +8,7 @@ import ( "time" rpm "github.com/ezamriy/gorpm" - lru "github.com/hashicorp/golang-lru" + lru "github.com/hashicorp/golang-lru/v2" "gorm.io/gorm" ) @@ -30,10 +30,10 @@ type PackageCache struct { preload bool size int nameSize int - byID *lru.Cache - byNevra *lru.Cache - latestByName *lru.Cache - nameByID *lru.Cache + byID *lru.Cache[int64, *PackageCacheMetadata] + byNevra *lru.Cache[string, *PackageCacheMetadata] + latestByName *lru.Cache[string, *PackageCacheMetadata] + nameByID *lru.Cache[int64, *PackageCacheMetadata] } func NewPackageCache(enabled bool, preload bool, size int, nameSize int) *PackageCache { @@ -51,19 +51,19 @@ func NewPackageCache(enabled bool, preload bool, size int, nameSize int) *Packag if c.enabled { var err error - c.byID, err = lru.New(c.size) + c.byID, err = lru.New[int64, *PackageCacheMetadata](c.size) if err != nil { panic(err) } - c.byNevra, err = lru.New(c.size) + c.byNevra, err = lru.New[string, *PackageCacheMetadata](c.size) if err != nil { panic(err) } - c.latestByName, err = lru.New(c.nameSize) + c.latestByName, err = lru.New[string, *PackageCacheMetadata](c.nameSize) if err != nil { panic(err) } - c.nameByID, err = lru.New(c.nameSize) + c.nameByID, err = lru.New[int64, *PackageCacheMetadata](c.nameSize) if err != nil { panic(err) } @@ -127,8 +127,7 @@ func (c *PackageCache) GetByID(id int64) (*PackageCacheMetadata, bool) { if ok { packageCacheCnt.WithLabelValues("hit", "id").Inc() utils.LogTrace("id", id, "PackageCache.GetByID cache hit") - metadata := val.(*PackageCacheMetadata) - return metadata, true + return val, true } } @@ -149,8 +148,7 @@ func (c *PackageCache) GetByNevra(nevra string) (*PackageCacheMetadata, bool) { if ok { packageCacheCnt.WithLabelValues("hit", "nevra").Inc() utils.LogTrace("nevra", nevra, "PackageCache.GetByNevra cache hit") - metadata := val.(*PackageCacheMetadata) - return metadata, true + return val, true } } @@ -171,8 +169,7 @@ func (c *PackageCache) GetLatestByName(name string) (*PackageCacheMetadata, bool if ok { packageCacheCnt.WithLabelValues("hit", "name").Inc() utils.LogTrace("name", name, "PackageCache.GetLatestByName cache hit") - metadata := val.(*PackageCacheMetadata) - return metadata, true + return val, true } } @@ -193,8 +190,7 @@ func (c *PackageCache) GetNameByID(id int64) (string, bool) { if ok { packageCacheCnt.WithLabelValues("hit", "nameByID").Inc() utils.LogTrace("id", id, "PackageCache.GetNameByID cache hit") - metadata := val.(*PackageCacheMetadata) - return metadata.Name, true + return val.Name, true } } @@ -218,7 +214,9 @@ func (c *PackageCache) Add(pkg *PackageCacheMetadata) { func (c *PackageCache) addByID(pkg *PackageCacheMetadata) { evicted := c.byID.Add(pkg.ID, pkg) - packageCacheGauge.WithLabelValues("id").Inc() + if !evicted { + packageCacheGauge.WithLabelValues("id").Inc() + } utils.LogTrace("byID", pkg.ID, "evicted", evicted, "PackageCache.addByID") } @@ -232,7 +230,9 @@ func (c *PackageCache) addByNevra(pkg *PackageCacheMetadata) { } nevraString := nevra.StringE(true) evicted := c.byNevra.Add(nevraString, pkg) - packageCacheGauge.WithLabelValues("nevra").Inc() + if !evicted { + packageCacheGauge.WithLabelValues("nevra").Inc() + } utils.LogTrace("byNevra", nevraString, "evicted", evicted, "PackageCache.addByNevra") } @@ -240,13 +240,15 @@ func (c *PackageCache) addLatestByName(pkg *PackageCacheMetadata) { var latestEvra string latest, ok := c.latestByName.Peek(pkg.Name) if ok { - latestEvra = latest.(*PackageCacheMetadata).Evra + latestEvra = latest.Evra } if !ok || rpm.Vercmp(pkg.Evra, latestEvra) > 0 { // if there is no record yet // or it has older EVR we have to replace it evicted := c.latestByName.Add(pkg.Name, pkg) - packageCacheGauge.WithLabelValues("name").Inc() + if !evicted { + packageCacheGauge.WithLabelValues("name").Inc() + } utils.LogTrace("latestByName", pkg.Name, "evicted", evicted, "PackageCache.addLatestByName") } } @@ -255,7 +257,9 @@ func (c *PackageCache) addNameByID(pkg *PackageCacheMetadata) { ok, evicted := c.nameByID.ContainsOrAdd(pkg.NameID, pkg) if !ok { // name was not there and we've added it - packageCacheGauge.WithLabelValues("nameByID").Inc() + if !evicted { + packageCacheGauge.WithLabelValues("nameByID").Inc() + } utils.LogTrace("nameByID", pkg.NameID, "evicted", evicted, "PackageCache.addNameByID") } } diff --git a/evaluator/vmaas_cache.go b/evaluator/vmaas_cache.go index 6dcc6af43..cbe305d40 100644 --- a/evaluator/vmaas_cache.go +++ b/evaluator/vmaas_cache.go @@ -7,7 +7,7 @@ import ( "app/tasks/vmaas_sync" "time" - lru "github.com/hashicorp/golang-lru" + lru "github.com/hashicorp/golang-lru/v2" ) var memoryVmaasCache *VmaasCache @@ -17,7 +17,7 @@ type VmaasCache struct { size int validity *types.Rfc3339TimestampWithZ checkDuration time.Duration - data *lru.TwoQueueCache + data *lru.TwoQueueCache[string, *vmaas.UpdatesV2Response] } func NewVmaasPackageCache(enabled bool, size int, checkDuration time.Duration) *VmaasCache { @@ -31,7 +31,7 @@ func NewVmaasPackageCache(enabled bool, size int, checkDuration time.Duration) * if c.enabled { var err error - c.data, err = lru.New2Q(c.size) + c.data, err = lru.New2Q[string, *vmaas.UpdatesV2Response](c.size) if err != nil { panic(err) } @@ -46,8 +46,7 @@ func (c *VmaasCache) Get(checksum *string) (*vmaas.UpdatesV2Response, bool) { if ok { vmaasCacheCnt.WithLabelValues("hit").Inc() utils.LogTrace("checksum", *checksum, "VmaasCache.Get cache hit") - response := val.(*vmaas.UpdatesV2Response) - return response, true + return val, true } } vmaasCacheCnt.WithLabelValues("miss").Inc() diff --git a/go.mod b/go.mod index ff0f81306..405b859c6 100644 --- a/go.mod +++ b/go.mod @@ -11,7 +11,7 @@ require ( github.com/gin-gonic/gin v1.8.1 github.com/gocarina/gocsv v0.0.0-20200330101823-46266ca37bd3 // newer version skips some columns github.com/golang-migrate/migrate/v4 v4.15.2 - github.com/hashicorp/golang-lru v0.5.4 + github.com/hashicorp/golang-lru/v2 v2.0.2 github.com/jackc/pgconn v1.13.0 github.com/joho/godotenv v1.4.0 github.com/lestrrat-go/backoff v1.0.1 diff --git a/go.sum b/go.sum index 07bdfb389..531b5343a 100644 --- a/go.sum +++ b/go.sum @@ -688,8 +688,8 @@ github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/b github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA0oac0k90= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc= -github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= +github.com/hashicorp/golang-lru/v2 v2.0.2 h1:Dwmkdr5Nc/oBiXgJS3CDHNhJtIHkuZ3DZF5twqnfBdU= +github.com/hashicorp/golang-lru/v2 v2.0.2/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ= diff --git a/manager/controllers/advisory_detail.go b/manager/controllers/advisory_detail.go index b04a714bf..8a4a6f344 100644 --- a/manager/controllers/advisory_detail.go +++ b/manager/controllers/advisory_detail.go @@ -11,7 +11,7 @@ import ( "time" "github.com/gin-gonic/gin" - lru "github.com/hashicorp/golang-lru" + lru "github.com/hashicorp/golang-lru/v2" "github.com/pkg/errors" "gorm.io/gorm" ) @@ -234,13 +234,13 @@ func pkgsV2topkgsV1(pkgsV2 packagesV2) packagesV1 { return pkgsV1 } -func initAdvisoryDetailCache() *lru.Cache { +func initAdvisoryDetailCache() *lru.Cache[string, AdvisoryDetailResponseV2] { middlewares.AdvisoryDetailGauge.Set(0) if !enableAdvisoryDetailCache { return nil } - cache, err := lru.New(advisoryDetailCacheSize) + cache, err := lru.New[string, AdvisoryDetailResponseV2](advisoryDetailCacheSize) if err != nil { panic(err) } @@ -284,9 +284,8 @@ func tryGetAdvisoryFromCacheV2(advisoryName string) *AdvisoryDetailResponseV2 { middlewares.AdvisoryDetailCnt.WithLabelValues("miss").Inc() return nil } - resp := val.(AdvisoryDetailResponseV2) middlewares.AdvisoryDetailCnt.WithLabelValues("hit").Inc() - return &resp + return &val } func tryAddAdvisoryToCacheV2(advisoryName string, resp *AdvisoryDetailResponseV2) { @@ -294,7 +293,9 @@ func tryAddAdvisoryToCacheV2(advisoryName string, resp *AdvisoryDetailResponseV2 return } evicted := advisoryDetailCacheV2.Add(advisoryName, *resp) - middlewares.AdvisoryDetailGauge.Inc() + if !evicted { + middlewares.AdvisoryDetailGauge.Inc() + } utils.LogDebug("evictedV2", evicted, "advisoryName", advisoryName, "saved to cache") } From bfed058f829e9f5e8ed6e55ace13e0d9747a4f57 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Fri, 31 Mar 2023 16:30:06 +0200 Subject: [PATCH 008/268] make sure cache var is not nil and fix tests --- evaluator/evaluate_test.go | 4 ++++ evaluator/package_cache.go | 2 +- evaluator/vmaas_cache.go | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/evaluator/evaluate_test.go b/evaluator/evaluate_test.go index 53a93aad8..7bb675f9a 100644 --- a/evaluator/evaluate_test.go +++ b/evaluator/evaluate_test.go @@ -28,6 +28,10 @@ func TestEvaluate(t *testing.T) { utils.SkipWithoutDB(t) utils.SkipWithoutPlatform(t) core.SetupTestEnvironment() + // don't use vmaas-cache since tests here are not using vmaas_json + // so it will always get the same result from cache for empty vmaas_json + os.Setenv("ENABLE_VMAAS_CACHE", "false") + defer os.Setenv("ENABLE_VMAAS_CACHE", "true") configure() loadCache() diff --git a/evaluator/package_cache.go b/evaluator/package_cache.go index 9a806b94d..10872c16c 100644 --- a/evaluator/package_cache.go +++ b/evaluator/package_cache.go @@ -69,7 +69,7 @@ func NewPackageCache(enabled bool, preload bool, size int, nameSize int) *Packag } return c } - return nil + return c } func (c *PackageCache) Load() { diff --git a/evaluator/vmaas_cache.go b/evaluator/vmaas_cache.go index cbe305d40..3a5dca943 100644 --- a/evaluator/vmaas_cache.go +++ b/evaluator/vmaas_cache.go @@ -37,7 +37,7 @@ func NewVmaasPackageCache(enabled bool, size int, checkDuration time.Duration) * } return c } - return nil + return c } func (c *VmaasCache) Get(checksum *string) (*vmaas.UpdatesV2Response, bool) { From f1892cfd46736028bb53bc94799c068642359430 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Mon, 3 Apr 2023 14:12:07 +0000 Subject: [PATCH 009/268] v3.1.30 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 9843cb1a6..c85a8ed8d 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.1.29 +v3.1.30 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index de3d51745..dd1b17e84 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -541,7 +541,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.1.29} +- {name: IMAGE_TAG_MANAGER, value: v3.1.30} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -564,7 +564,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.1.29} +- {name: IMAGE_TAG_LISTENER, value: v3.1.30} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -582,7 +582,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.29} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.30} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -607,7 +607,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.29} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.30} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -630,7 +630,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.1.29} +- {name: IMAGE_TAG_JOBS, value: v3.1.30} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -675,7 +675,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.29} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.30} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -705,7 +705,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.1.29} +- {name: IMAGE_TAG_ADMIN, value: v3.1.30} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index ff997ddae..edac46820 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.29" + "version": "v3.1.30" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index d8103688a..3cb4522d9 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.29" + "version": "v3.1.30" }, "servers": [ { From d846bdc58197749bacb84a2618fb0eedaa3d84a1 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 3 Apr 2023 17:46:16 +0200 Subject: [PATCH 010/268] SPM-1984: fix v2/advisories backward compatibility --- base/core/gintesting.go | 2 +- manager/controllers/advisories.go | 15 ++++++++---- manager/controllers/advisories_test.go | 23 +++++++++++-------- .../controllers/system_advisories_export.go | 2 +- manager/controllers/utils.go | 17 +++++++++++--- 5 files changed, 39 insertions(+), 20 deletions(-) diff --git a/base/core/gintesting.go b/base/core/gintesting.go index 77550edbb..c85134c44 100644 --- a/base/core/gintesting.go +++ b/base/core/gintesting.go @@ -31,7 +31,7 @@ func InitRouterWithParams(handler gin.HandlerFunc, account int, method, path str } router.Use(func(c *gin.Context) { // set default api version for tests to latest - c.Set(middlewares.KeyApiver, 3) + c.Set(middlewares.KeyApiver, LatestAPIVersion) for _, kv := range contextKVs { c.Set(kv.Key, kv.Value) } diff --git a/manager/controllers/advisories.go b/manager/controllers/advisories.go index f719495d3..d0404e70c 100644 --- a/manager/controllers/advisories.go +++ b/manager/controllers/advisories.go @@ -14,11 +14,16 @@ var AdvisoriesFields = database.MustGetQueryAttrs(&AdvisoriesDBLookupV3{}) var AdvisoriesSelectV2 = database.MustGetSelect(&AdvisoriesDBLookupV2{}) var AdvisoriesSelectV3 = database.MustGetSelect(&AdvisoriesDBLookupV3{}) var AdvisoriesOpts = ListOpts{ - Fields: AdvisoriesFields, - DefaultFilters: nil, - DefaultSort: "-public_date", - StableSort: "id", - SearchFields: []string{"am.name", "am.cve_list", "synopsis"}, + Fields: AdvisoriesFields, + DefaultFilters: map[string]FilterData{ + "applicable_systems": { + Operator: "gt", + Values: []string{"0"}, + }, + }, + DefaultSort: "-public_date", + StableSort: "id", + SearchFields: []string{"am.name", "am.cve_list", "synopsis"}, } type AdvisoryID struct { diff --git a/manager/controllers/advisories_test.go b/manager/controllers/advisories_test.go index 2f1107b6d..dcbb7a04c 100644 --- a/manager/controllers/advisories_test.go +++ b/manager/controllers/advisories_test.go @@ -47,8 +47,8 @@ func TestAdvisoriesDefault(t *testing.T) { assert.Equal(t, false, output.Data[3].Attributes.RebootRequired) // links - assert.Equal(t, "/?offset=0&limit=20&sort=-public_date", output.Links.First) - assert.Equal(t, "/?offset=0&limit=20&sort=-public_date", output.Links.Last) + assert.Equal(t, "/?offset=0&limit=20&filter[applicable_systems]=gt:0&sort=-public_date", output.Links.First) + assert.Equal(t, "/?offset=0&limit=20&filter[applicable_systems]=gt:0&sort=-public_date", output.Links.Last) assert.Nil(t, output.Links.Next) assert.Nil(t, output.Links.Previous) @@ -153,9 +153,11 @@ func TestAdvisoriesFilterTypeID1(t *testing.T) { assert.Equal(t, "RH-4", output.Data[1].ID) assert.Equal(t, "RH-7", output.Data[2].ID) assert.Equal(t, FilterData{Values: []string{"enhancement"}, Operator: "eq"}, output.Meta.Filter["advisory_type_name"]) - assert.Equal(t, - "/?offset=0&limit=20&filter[advisory_type_name]=eq:enhancement&sort=id", - output.Links.First) + assert.Equal(t, 101, len(output.Links.First)) + assert.Contains(t, output.Links.First, "?offset=0&limit=20") + assert.Contains(t, output.Links.First, "filter[advisory_type_name]=eq:enhancement") + assert.Contains(t, output.Links.First, "filter[applicable_systems]=gt:0") + assert.Contains(t, output.Links.First, "sort=id") } func TestAdvisoriesFilterTypeID2(t *testing.T) { @@ -250,9 +252,9 @@ func TestAdvisoriesSearch(t *testing.T) { assert.Equal(t, 1, output.Data[0].Attributes.ApplicableSystems) // links - assert.Equal(t, "/?offset=0&limit=20&sort=-public_date&search=h-3", + assert.Equal(t, "/?offset=0&limit=20&filter[applicable_systems]=gt:0&sort=-public_date&search=h-3", output.Links.First) - assert.Equal(t, "/?offset=0&limit=20&sort=-public_date&search=h-3", + assert.Equal(t, "/?offset=0&limit=20&filter[applicable_systems]=gt:0&sort=-public_date&search=h-3", output.Links.Last) assert.Nil(t, output.Links.Next) assert.Nil(t, output.Links.Previous) @@ -280,7 +282,7 @@ func TestAdvisoriesTags(t *testing.T) { assert.Equal(t, 8, len(output.Data)) assert.Equal(t, 1, output.Data[0].Attributes.InstallableSystems) assert.Equal(t, 2, output.Data[0].Attributes.ApplicableSystems) - assert.Equal(t, "/?offset=0&limit=20&sort=id&tags=ns1/k2=val2", output.Links.First) + assert.Equal(t, "/?offset=0&limit=20&filter[applicable_systems]=gt:0&sort=id&tags=ns1/k2=val2", output.Links.First) } func TestListAdvisoriesTagsInvalid(t *testing.T) { @@ -314,8 +316,9 @@ func TestAdvisoryTagsInMetadata(t *testing.T) { CheckResponse(t, w, http.StatusOK, &output) testMap := map[string]FilterData{ - "ns1/k1": {"eq", []string{"val1"}}, - "ns1/k3": {"eq", []string{"val4"}}, + "ns1/k1": {"eq", []string{"val1"}}, + "ns1/k3": {"eq", []string{"val4"}}, + "applicable_systems": {"gt", []string{"0"}}, } assert.Equal(t, testMap, output.Meta.Filter) } diff --git a/manager/controllers/system_advisories_export.go b/manager/controllers/system_advisories_export.go index 567096508..b31706765 100644 --- a/manager/controllers/system_advisories_export.go +++ b/manager/controllers/system_advisories_export.go @@ -60,7 +60,7 @@ func SystemAdvisoriesExportHandler(c *gin.Context) { query := buildSystemAdvisoriesQuery(db, account, inventoryID) query = query.Order("id") - query, err = ExportListCommon(query, c, AdvisoriesOpts) + query, err = ExportListCommon(query, c, SystemAdvisoriesOpts) if err != nil { // Error handling and setting of result code & content is done in ListCommon return diff --git a/manager/controllers/utils.go b/manager/controllers/utils.go index 26c73c066..5d1ff06b6 100644 --- a/manager/controllers/utils.go +++ b/manager/controllers/utils.go @@ -113,7 +113,7 @@ func validateFilters(q QueryMap, allowedFields database.AttrMap) error { } func ParseFilters(q QueryMap, allowedFields database.AttrMap, - defaultFilters map[string]FilterData) (Filters, error) { + defaultFilters map[string]FilterData, apiver int) (Filters, error) { filters := Filters{} var err error @@ -145,6 +145,15 @@ func ParseFilters(q QueryMap, allowedFields database.AttrMap, } } + // backward compatibility for v2 api and applicable_systems filter + if apiver < 3 { + if _, ok := filters["applicable_systems"]; ok { + // replace with `installable_systems` + filters["installable_systems"] = filters["applicable_systems"] + delete(filters, "applicable_systems") + } + } + return filters, err } @@ -158,7 +167,8 @@ type ListOpts struct { func ExportListCommon(tx *gorm.DB, c *gin.Context, opts ListOpts) (*gorm.DB, error) { query := NestedQueryMap(c, "filter") - filters, err := ParseFilters(query, opts.Fields, opts.DefaultFilters) + apiver := c.GetInt(middlewares.KeyApiver) + filters, err := ParseFilters(query, opts.Fields, opts.DefaultFilters, apiver) if err != nil { LogAndRespBadRequest(c, err, err.Error()) return nil, errors.Wrap(err, "filters parsing failed") @@ -186,6 +196,7 @@ func extractTagsQueryString(c *gin.Context) string { func ListCommon(tx *gorm.DB, c *gin.Context, tagFilter map[string]FilterData, opts ListOpts, params ...string) ( *gorm.DB, *ListMeta, []string, error) { hasSystems := true + apiver := c.GetInt(middlewares.KeyApiver) limit, offset, err := utils.LoadLimitOffset(c, core.DefaultLimit) if err != nil { LogAndRespBadRequest(c, err, err.Error()) @@ -195,7 +206,7 @@ func ListCommon(tx *gorm.DB, c *gin.Context, tagFilter map[string]FilterData, op query := NestedQueryMap(c, "filter") - filters, err := ParseFilters(query, opts.Fields, opts.DefaultFilters) + filters, err := ParseFilters(query, opts.Fields, opts.DefaultFilters, apiver) if err != nil { LogAndRespBadRequest(c, err, err.Error()) return nil, nil, nil, errors.Wrap(err, "filters parsing failed") From 331946bf2831d03c52475f3600decb45d5368876 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Wed, 12 Apr 2023 08:35:16 +0000 Subject: [PATCH 011/268] v3.1.31 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index c85a8ed8d..8cd9208d9 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.1.30 +v3.1.31 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index dd1b17e84..61627b096 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -541,7 +541,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.1.30} +- {name: IMAGE_TAG_MANAGER, value: v3.1.31} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -564,7 +564,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.1.30} +- {name: IMAGE_TAG_LISTENER, value: v3.1.31} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -582,7 +582,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.30} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.31} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -607,7 +607,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.30} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.31} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -630,7 +630,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.1.30} +- {name: IMAGE_TAG_JOBS, value: v3.1.31} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -675,7 +675,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.30} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.31} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -705,7 +705,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.1.30} +- {name: IMAGE_TAG_ADMIN, value: v3.1.31} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index edac46820..b26157874 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.30" + "version": "v3.1.31" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 3cb4522d9..b10770525 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.30" + "version": "v3.1.31" }, "servers": [ { From b621c5b3053d8dec93a23798ac44dfb0d432575c Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Wed, 12 Apr 2023 16:01:28 +0200 Subject: [PATCH 012/268] SPM-2013: store applicable but not installable advisories to aad --- evaluator/evaluate_advisories.go | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/evaluator/evaluate_advisories.go b/evaluator/evaluate_advisories.go index 3b158b9f3..f9df75c2b 100644 --- a/evaluator/evaluate_advisories.go +++ b/evaluator/evaluate_advisories.go @@ -190,11 +190,6 @@ func calcAdvisoryChanges(system *models.SystemPlatform, deleteIDs, installableID return []models.AdvisoryAccountData{} } - isApplicable := make(map[int64]bool, len(applicableIDs)) - for _, id := range applicableIDs { - isApplicable[id] = true - } - aadMap := make(map[int64]models.AdvisoryAccountData, len(installableIDs)) for _, id := range installableIDs { @@ -207,6 +202,19 @@ func calcAdvisoryChanges(system *models.SystemPlatform, deleteIDs, installableID } } + isApplicable := make(map[int64]bool, len(applicableIDs)) + for _, id := range applicableIDs { + isApplicable[id] = true + // add advisories which are only applicable and not installable to aad + if _, ok := aadMap[id]; !ok { + aadMap[id] = models.AdvisoryAccountData{ + AdvisoryID: id, + RhAccountID: system.RhAccountID, + SystemsApplicable: 1, + } + } + } + for _, id := range deleteIDs { aadMap[id] = models.AdvisoryAccountData{ AdvisoryID: id, @@ -221,7 +229,7 @@ func calcAdvisoryChanges(system *models.SystemPlatform, deleteIDs, installableID } } - deltas := make([]models.AdvisoryAccountData, 0, len(deleteIDs)+len(installableIDs)) + deltas := make([]models.AdvisoryAccountData, 0, len(deleteIDs)+len(installableIDs)+len(applicableIDs)) for _, aad := range aadMap { deltas = append(deltas, aad) } From feb7c006c48606c3e8447b5a2ca998726512c267 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Thu, 13 Apr 2023 08:20:38 +0000 Subject: [PATCH 013/268] v3.1.32 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 8cd9208d9..60ec7d8c4 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.1.31 +v3.1.32 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 61627b096..b9c185e15 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -541,7 +541,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.1.31} +- {name: IMAGE_TAG_MANAGER, value: v3.1.32} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -564,7 +564,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.1.31} +- {name: IMAGE_TAG_LISTENER, value: v3.1.32} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -582,7 +582,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.31} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.32} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -607,7 +607,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.31} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.32} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -630,7 +630,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.1.31} +- {name: IMAGE_TAG_JOBS, value: v3.1.32} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -675,7 +675,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.31} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.32} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -705,7 +705,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.1.31} +- {name: IMAGE_TAG_ADMIN, value: v3.1.32} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index b26157874..8c0cef839 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.31" + "version": "v3.1.32" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index b10770525..8e059d769 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.31" + "version": "v3.1.32" }, "servers": [ { From 60c4f814ef08513079379044ada74a8420b4b6a8 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Fri, 14 Apr 2023 13:16:08 +0200 Subject: [PATCH 014/268] SPM-2013: run advisory_refresh for individual accounts in 4 goroutines --- deploy/clowdapp.yaml | 2 + tasks/caches/caches.go | 2 + tasks/caches/refresh_advisory_caches.go | 49 ++++++++++++++++---- tasks/caches/refresh_advisory_caches_test.go | 5 +- 4 files changed, 49 insertions(+), 9 deletions(-) diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index b9c185e15..c1230817a 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -434,6 +434,7 @@ objects: - {name: DB_PASSWD, valueFrom: {secretKeyRef: {name: patchman-engine-database-passwords, key: vmaas-sync-database-password}}} - {name: ENABLE_REFRESH_ADVISORY_CACHES, value: '${ENABLE_REFRESH_ADVISORY_CACHES}'} + - {name: SKIP_N_ACCOUNTS_REFRESH, value: '${SKIP_N_ACCOUNTS_REFRESH}'} - name: delete-unused activeDeadlineSeconds: ${{JOBS_TIMEOUT}} @@ -672,6 +673,7 @@ parameters: - {name: ADVISORY_REFRESH_SCHEDULE, value: '*/15 * * * *'} # Cronjob schedule definition - {name: ADVISORY_REFRESH_SUSPEND, value: 'false'} # Disable cronjob execution - {name: ENABLE_REFRESH_ADVISORY_CACHES, value: 'true'} # Enable periodic refresh of account advisory caches +- {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} diff --git a/tasks/caches/caches.go b/tasks/caches/caches.go index 784ec2e0c..44b5d261a 100644 --- a/tasks/caches/caches.go +++ b/tasks/caches/caches.go @@ -8,11 +8,13 @@ import ( var ( enableRefreshAdvisoryCaches bool + skipNAccountsRefresh int ) func configure() { core.ConfigureApp() enableRefreshAdvisoryCaches = utils.GetBoolEnvOrDefault("ENABLE_REFRESH_ADVISORY_CACHES", false) + skipNAccountsRefresh = utils.GetIntEnvOrDefault("SKIP_N_ACCOUNTS_REFRESH", 0) } func RunAdvisoryRefresh() { diff --git a/tasks/caches/refresh_advisory_caches.go b/tasks/caches/refresh_advisory_caches.go index 58b8e93da..5cf40aef3 100644 --- a/tasks/caches/refresh_advisory_caches.go +++ b/tasks/caches/refresh_advisory_caches.go @@ -1,8 +1,10 @@ package caches import ( + "app/base/database" "app/base/utils" "app/tasks" + "sync" "gorm.io/gorm" ) @@ -11,16 +13,47 @@ func RefreshAdvisoryCaches() { if !enableRefreshAdvisoryCaches { return } - refreshAdvisoryCachesPerAccounts() + + var wg sync.WaitGroup + refreshAdvisoryCachesPerAccounts(&wg) + wg.Wait() } -func refreshAdvisoryCachesPerAccounts() { - err := tasks.WithTx(func(tx *gorm.DB) error { - return tx.Exec("select refresh_advisory_caches(NULL, NULL)").Error - }) +func refreshAdvisoryCachesPerAccounts(wg *sync.WaitGroup) { + var rhAccountIDs []int + err := database.Db.Table("rh_account").Order("id").Pluck("id", &rhAccountIDs).Error + if skipNAccountsRefresh > 0 { + utils.LogInfo("n", skipNAccountsRefresh, "Skipping refresh of first N accounts") + rhAccountIDs = rhAccountIDs[skipNAccountsRefresh:] + } + utils.LogInfo("accounts", len(rhAccountIDs), "Starting advisory cache refresh for accounts") if err != nil { - utils.LogError("err", err.Error(), "Refreshed account advisory caches") - } else { - utils.LogInfo("Refreshed account advisory caches") + utils.LogError("err", err.Error(), "Unable to load rh_account table ids to refresh caches") + return + } + + // use max 4 goroutines for cache refresh + guard := make(chan struct{}, 4) + + for i, rhAccountID := range rhAccountIDs { + guard <- struct{}{} + wg.Add(1) + go func(i, rhAccountID int) { + defer func() { + <-guard + wg.Done() + }() + + err = tasks.WithTx(func(tx *gorm.DB) error { + utils.LogInfo("i", i, "rh_account_id", rhAccountID, "Refreshing account advisory cache") + return tx.Exec("select refresh_advisory_caches(NULL, ?)", rhAccountID).Error + }) + if err != nil { + utils.LogError("err", err.Error(), "rh_account_id", rhAccountID, + "Refreshed account advisory caches") + return + } + utils.LogInfo("i", i, "rh_account_id", rhAccountID, "Refreshed account advisory cache") + }(i, rhAccountID) } } diff --git a/tasks/caches/refresh_advisory_caches_test.go b/tasks/caches/refresh_advisory_caches_test.go index fe59ef910..82f2343bb 100644 --- a/tasks/caches/refresh_advisory_caches_test.go +++ b/tasks/caches/refresh_advisory_caches_test.go @@ -5,6 +5,7 @@ import ( "app/base/database" "app/base/models" "app/base/utils" + "sync" "testing" "github.com/stretchr/testify/assert" @@ -23,7 +24,9 @@ func TestRefreshAdvisoryCachesPerAccounts(t *testing.T) { assert.Nil(t, database.Db.Model(&models.AdvisoryAccountData{}). Where("advisory_id = 3 AND rh_account_id = 1").Update("systems_installable", 8).Error) - refreshAdvisoryCachesPerAccounts() + var wg sync.WaitGroup + refreshAdvisoryCachesPerAccounts(&wg) + wg.Wait() assert.Equal(t, 1, database.PluckInt(database.Db.Table("advisory_account_data"). Where("advisory_id = 1 AND rh_account_id = 2"), "systems_installable")) From 468ba661aef3d8f5a77dda44210ec8ef5ac98ecb Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Mon, 17 Apr 2023 08:22:27 +0000 Subject: [PATCH 015/268] v3.1.33 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 60ec7d8c4..73ee80f97 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.1.32 +v3.1.33 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index c1230817a..43ecab8ef 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -542,7 +542,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.1.32} +- {name: IMAGE_TAG_MANAGER, value: v3.1.33} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -565,7 +565,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.1.32} +- {name: IMAGE_TAG_LISTENER, value: v3.1.33} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -583,7 +583,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.32} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.33} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -608,7 +608,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.32} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.33} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -631,7 +631,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.1.32} +- {name: IMAGE_TAG_JOBS, value: v3.1.33} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -677,7 +677,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.32} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.33} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -707,7 +707,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.1.32} +- {name: IMAGE_TAG_ADMIN, value: v3.1.33} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 8c0cef839..ec4bf6679 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.32" + "version": "v3.1.33" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 8e059d769..fb2e669c1 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.32" + "version": "v3.1.33" }, "servers": [ { From beb3b1fe5fcaa51b4d25de80084d701912e0baf1 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Thu, 13 Apr 2023 14:31:36 +0200 Subject: [PATCH 016/268] SPM-2002: fix advisorySystems status sort --- manager/controllers/advisory_systems.go | 6 +++++- manager/controllers/advisory_systems_test.go | 2 +- manager/controllers/common_attributes.go | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/manager/controllers/advisory_systems.go b/manager/controllers/advisory_systems.go index 6b08cf225..7e15fec52 100644 --- a/manager/controllers/advisory_systems.go +++ b/manager/controllers/advisory_systems.go @@ -62,7 +62,11 @@ func advisorySystemsCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error return nil, nil, nil, err } // Error handled in method itself query, _ = ApplyTagsFilter(filters, query, "sp.inventory_id") - query, meta, params, err := ListCommon(query, c, filters, AdvisorySystemOpts) + opts := AdvisorySystemOptsV3 + if apiver < 3 { + opts = AdvisorySystemOpts + } + query, meta, params, err := ListCommon(query, c, filters, opts) // Error handled in method itself return query, meta, params, err } diff --git a/manager/controllers/advisory_systems_test.go b/manager/controllers/advisory_systems_test.go index f54ae47b3..1762681a2 100644 --- a/manager/controllers/advisory_systems_test.go +++ b/manager/controllers/advisory_systems_test.go @@ -75,7 +75,7 @@ func TestAdvisorySystemsOffsetOverflow(t *testing.T) { func TestAdvisorySystemsSorts(t *testing.T) { core.SetupTest(t) - for sort := range SystemsFields { + for sort := range AdvisorySystemsFields { w := CreateRequestRouterWithPath("GET", fmt.Sprintf("/RH-1?sort=%v", sort), nil, "", AdvisorySystemsListHandler, "/:advisory_id") diff --git a/manager/controllers/common_attributes.go b/manager/controllers/common_attributes.go index 61d3c60f4..1409f5591 100644 --- a/manager/controllers/common_attributes.go +++ b/manager/controllers/common_attributes.go @@ -68,7 +68,7 @@ type SystemIDAttribute struct { } type SystemAdvisoryStatus struct { - Status string `json:"status" csv:"status" query:"st.name" gorm:"column:name"` + Status string `json:"status" csv:"status" query:"st.name" gorm:"column:status"` } // nolint: lll From 8e0168e54df199ddfb46b9b3891a0c81a56a39d9 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Thu, 13 Apr 2023 15:24:13 +0200 Subject: [PATCH 017/268] SPM-2001: add updatable filter to spec of /packages/{package_name}/systems --- docs/v3/openapi.json | 8 ++++++++ manager/controllers/package_systems.go | 1 + 2 files changed, 9 insertions(+) diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index fb2e669c1..5e0a2ce12 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -3754,6 +3754,14 @@ "schema": { "type": "string" } + }, + { + "name": "filter[updatable]", + "in": "query", + "description": "Filter", + "schema": { + "type": "boolean" + } } ], "responses": { diff --git a/manager/controllers/package_systems.go b/manager/controllers/package_systems.go index 2198606ee..f86774e81 100644 --- a/manager/controllers/package_systems.go +++ b/manager/controllers/package_systems.go @@ -112,6 +112,7 @@ func packageSystemsCommon(db *gorm.DB, c *gin.Context) (*gorm.DB, *ListMeta, []s // @Param filter[system_profile][ansible][controller_version] query string false "Filter systems by ansible version" // @Param filter[system_profile][mssql] query string false "Filter systems by mssql version" // @Param filter[system_profile][mssql][version] query string false "Filter systems by mssql version" +// @Param filter[updatable] query bool false "Filter" // @Success 200 {object} PackageSystemsResponse // @Failure 400 {object} utils.ErrorResponse // @Failure 404 {object} utils.ErrorResponse From 166e7db39712e09068a83347f6dc230d6519bbab Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Mon, 17 Apr 2023 08:23:00 +0000 Subject: [PATCH 018/268] v3.1.34 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 73ee80f97..b58a9414e 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.1.33 +v3.1.34 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 43ecab8ef..4debc4fdc 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -542,7 +542,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.1.33} +- {name: IMAGE_TAG_MANAGER, value: v3.1.34} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -565,7 +565,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.1.33} +- {name: IMAGE_TAG_LISTENER, value: v3.1.34} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -583,7 +583,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.33} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.34} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -608,7 +608,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.33} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.34} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -631,7 +631,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.1.33} +- {name: IMAGE_TAG_JOBS, value: v3.1.34} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -677,7 +677,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.33} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.34} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -707,7 +707,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.1.33} +- {name: IMAGE_TAG_ADMIN, value: v3.1.34} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index ec4bf6679..51b25ee9c 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.33" + "version": "v3.1.34" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 5e0a2ce12..0772d6dbe 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.33" + "version": "v3.1.34" }, "servers": [ { From 5b7ec0e6bc3472193d2a60a2dac6e87b1acc6854 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Mon, 17 Apr 2023 13:15:08 +0200 Subject: [PATCH 019/268] SPM-2013: process accounts from the same system_account partition together --- tasks/caches/refresh_advisory_caches.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/caches/refresh_advisory_caches.go b/tasks/caches/refresh_advisory_caches.go index 5cf40aef3..9e77d83b1 100644 --- a/tasks/caches/refresh_advisory_caches.go +++ b/tasks/caches/refresh_advisory_caches.go @@ -21,7 +21,7 @@ func RefreshAdvisoryCaches() { func refreshAdvisoryCachesPerAccounts(wg *sync.WaitGroup) { var rhAccountIDs []int - err := database.Db.Table("rh_account").Order("id").Pluck("id", &rhAccountIDs).Error + err := database.Db.Table("rh_account").Order("hash_partition_id(id, 32), id").Pluck("id", &rhAccountIDs).Error if skipNAccountsRefresh > 0 { utils.LogInfo("n", skipNAccountsRefresh, "Skipping refresh of first N accounts") rhAccountIDs = rhAccountIDs[skipNAccountsRefresh:] From d6906c606a1b10de39f483d32c8f6fe5abffb07d Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Tue, 18 Apr 2023 10:31:24 +0000 Subject: [PATCH 020/268] v3.1.35 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index b58a9414e..6d869c41b 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.1.34 +v3.1.35 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 4debc4fdc..298d68ca8 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -542,7 +542,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.1.34} +- {name: IMAGE_TAG_MANAGER, value: v3.1.35} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -565,7 +565,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.1.34} +- {name: IMAGE_TAG_LISTENER, value: v3.1.35} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -583,7 +583,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.34} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.35} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -608,7 +608,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.34} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.35} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -631,7 +631,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.1.34} +- {name: IMAGE_TAG_JOBS, value: v3.1.35} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -677,7 +677,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.34} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.35} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -707,7 +707,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.1.34} +- {name: IMAGE_TAG_ADMIN, value: v3.1.35} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 51b25ee9c..bc07dc12f 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.34" + "version": "v3.1.35" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 0772d6dbe..8e8e22895 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.34" + "version": "v3.1.35" }, "servers": [ { From 466f9e9177f0753208c841f318fc9de035f596cb Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Wed, 19 Apr 2023 11:52:40 +0200 Subject: [PATCH 021/268] SPM-1816: add new rhsm reporter --- .../migrations/108_add_rhsm-system-profile-bridge.up.sql | 3 +++ database_admin/schema/create_schema.sql | 5 +++-- listener/listener_test.go | 6 ++++-- 3 files changed, 10 insertions(+), 4 deletions(-) create mode 100644 database_admin/migrations/108_add_rhsm-system-profile-bridge.up.sql diff --git a/database_admin/migrations/108_add_rhsm-system-profile-bridge.up.sql b/database_admin/migrations/108_add_rhsm-system-profile-bridge.up.sql new file mode 100644 index 000000000..19931888c --- /dev/null +++ b/database_admin/migrations/108_add_rhsm-system-profile-bridge.up.sql @@ -0,0 +1,3 @@ +INSERT INTO reporter (id, name) VALUES + (4, 'rhsm-system-profile-bridge') +ON CONFLICT DO NOTHING; diff --git a/database_admin/schema/create_schema.sql b/database_admin/schema/create_schema.sql index 6078e2e50..772087ea4 100644 --- a/database_admin/schema/create_schema.sql +++ b/database_admin/schema/create_schema.sql @@ -7,7 +7,7 @@ CREATE TABLE IF NOT EXISTS schema_migrations INSERT INTO schema_migrations -VALUES (107, false); +VALUES (108, false); -- --------------------------------------------------------------------------- -- Functions @@ -630,7 +630,8 @@ CREATE TABLE reporter INSERT INTO reporter (id, name) VALUES (1, 'puptoo'), (2, 'rhsm-conduit'), - (3, 'yupana') + (3, 'yupana'), + (4, 'rhsm-system-profile-bridge') ON CONFLICT DO NOTHING; -- baseline diff --git a/listener/listener_test.go b/listener/listener_test.go index b7f130f52..37aaa5767 100644 --- a/listener/listener_test.go +++ b/listener/listener_test.go @@ -2,8 +2,9 @@ package listener import ( "app/base/utils" - "github.com/stretchr/testify/assert" "testing" + + "github.com/stretchr/testify/assert" ) func TestLoadValidReporters(t *testing.T) { @@ -12,8 +13,9 @@ func TestLoadValidReporters(t *testing.T) { configure() reporter := loadValidReporters() - assert.Equal(t, 3, len(reporter)) + assert.Equal(t, 4, len(reporter)) assert.Equal(t, 1, reporter["puptoo"]) assert.Equal(t, 2, reporter["rhsm-conduit"]) assert.Equal(t, 3, reporter["yupana"]) + assert.Equal(t, 4, reporter["rhsm-system-profile-bridge"]) } From e8b1e38d0f875a4efdf2ed29a3109bbf12c74c3a Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Fri, 21 Apr 2023 12:18:24 +0000 Subject: [PATCH 022/268] v3.1.36 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 6d869c41b..30ffdcb8c 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.1.35 +v3.1.36 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 298d68ca8..c28e58de7 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -542,7 +542,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.1.35} +- {name: IMAGE_TAG_MANAGER, value: v3.1.36} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -565,7 +565,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.1.35} +- {name: IMAGE_TAG_LISTENER, value: v3.1.36} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -583,7 +583,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.35} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.36} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -608,7 +608,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.35} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.36} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -631,7 +631,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.1.35} +- {name: IMAGE_TAG_JOBS, value: v3.1.36} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -677,7 +677,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.35} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.36} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -707,7 +707,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.1.35} +- {name: IMAGE_TAG_ADMIN, value: v3.1.36} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index bc07dc12f..ddf7b2123 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.35" + "version": "v3.1.36" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 8e8e22895..d0ad512d6 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.35" + "version": "v3.1.36" }, "servers": [ { From 9a675f15a9faf4761b591db4c381eeb03b02016e Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 24 Apr 2023 10:39:43 +0200 Subject: [PATCH 023/268] SPM-2024: remove smart management check --- manager/middlewares/authentication.go | 15 --------------- manager/routes/routes.go | 1 - 2 files changed, 16 deletions(-) diff --git a/manager/middlewares/authentication.go b/manager/middlewares/authentication.go index 84c88be0a..de0e4815b 100644 --- a/manager/middlewares/authentication.go +++ b/manager/middlewares/authentication.go @@ -125,21 +125,6 @@ func MockAuthenticator(account int) gin.HandlerFunc { } } -func EntitlementsAuthenticator() gin.HandlerFunc { - return func(c *gin.Context) { - xrhid := (*ginContext)(c).GetXRHID() - if xrhid == nil { - // aborted by GetXRHID - return - } - if !xrhid.Entitlements["smart_management"].IsEntitled { - c.AbortWithStatusJSON( - http.StatusUnauthorized, utils.ErrorResponse{Error: "Missing smart management entitlement"}, - ) - } - } -} - // Get identity header from gin.Context func (c *ginContext) GetXRHID() *identity.XRHID { identStr := (*gin.Context)(c).GetHeader("x-rh-identity") diff --git a/manager/routes/routes.go b/manager/routes/routes.go index 2fbc65efe..15a25c8d2 100644 --- a/manager/routes/routes.go +++ b/manager/routes/routes.go @@ -25,7 +25,6 @@ func InitAPI(api *gin.RouterGroup, config docs.EndpointsConfig) { // nolint: fun if config.EnableBaselines { baselines := api.Group("/baselines") - baselines.Use(middlewares.EntitlementsAuthenticator()) baselines.GET("", controllers.BaselinesListHandler) baselines.GET("/:baseline_id", controllers.BaselineDetailHandler) baselines.GET("/:baseline_id/systems", controllers.BaselineSystemsListHandler) From 61a96a9b89c129bf0d1178144d1c48b5cf3a4f2a Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Mon, 24 Apr 2023 09:36:29 +0000 Subject: [PATCH 024/268] v3.1.37 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 30ffdcb8c..eeda7372d 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.1.36 +v3.1.37 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index c28e58de7..b25abe7b2 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -542,7 +542,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.1.36} +- {name: IMAGE_TAG_MANAGER, value: v3.1.37} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -565,7 +565,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.1.36} +- {name: IMAGE_TAG_LISTENER, value: v3.1.37} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -583,7 +583,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.36} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.37} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -608,7 +608,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.36} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.37} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -631,7 +631,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.1.36} +- {name: IMAGE_TAG_JOBS, value: v3.1.37} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -677,7 +677,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.36} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.37} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -707,7 +707,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.1.36} +- {name: IMAGE_TAG_ADMIN, value: v3.1.37} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index ddf7b2123..50f8421a3 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.36" + "version": "v3.1.37" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index d0ad512d6..40c872910 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.36" + "version": "v3.1.37" }, "servers": [ { From 55838d82f0ee3edcc93a2f8375f0a7e1d46d3512 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Tue, 25 Apr 2023 13:33:00 +0200 Subject: [PATCH 025/268] SPM-2019: add /ids endpoint for baselines/systems --- docs/v3/openapi.json | 140 ++++++++++++++++++++++++ manager/controllers/baseline_systems.go | 115 ++++++++++++++----- manager/routes/routes.go | 3 + 3 files changed, 229 insertions(+), 29 deletions(-) diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 40c872910..fa3f38b2b 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -2818,6 +2818,146 @@ ] } }, + "/ids/baselines/{baseline_id}/systems": { + "get": { + "summary": "Show me all systems belonging to a baseline", + "description": "Show me all systems applicable to a baseline", + "operationId": "listBaselineSystemsIds", + "parameters": [ + { + "name": "baseline_id", + "in": "path", + "description": "Baseline ID", + "required": true, + "schema": { + "type": "integer" + } + }, + { + "name": "limit", + "in": "query", + "description": "Limit for paging, set -1 to return all", + "schema": { + "type": "integer" + } + }, + { + "name": "offset", + "in": "query", + "description": "Offset for paging", + "schema": { + "type": "integer" + } + }, + { + "name": "sort", + "in": "query", + "description": "Sort field", + "schema": { + "type": "string", + "enum": [ + "id", + "display_name", + "os", + "installable_rhsa_count", + "installable_rhba_count", + "installable_rhea_count", + "installable_other_count", + "applicable_rhsa_count", + "applicable_rhba_count", + "applicable_rhea_count", + "applicable_other_count", + "last_upload" + ] + } + }, + { + "name": "search", + "in": "query", + "description": "Find matching text", + "schema": { + "type": "string" + } + }, + { + "name": "filter[display_name]", + "in": "query", + "description": "Filter", + "schema": { + "type": "string" + } + }, + { + "name": "filter[os]", + "in": "query", + "description": "Filter", + "schema": { + "type": "string" + } + }, + { + "name": "tags", + "in": "query", + "description": "Tag filter", + "style": "form", + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string" + } + } + } + ], + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/controllers.IDsResponse" + } + } + } + }, + "400": { + "description": "Bad Request", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/utils.ErrorResponse" + } + } + } + }, + "404": { + "description": "Not Found", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/utils.ErrorResponse" + } + } + } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/utils.ErrorResponse" + } + } + } + } + }, + "security": [ + { + "RhIdentity": [] + } + ] + } + }, "/ids/packages/{package_name}/systems": { "get": { "summary": "Show me all my systems which have a package installed", diff --git a/manager/controllers/baseline_systems.go b/manager/controllers/baseline_systems.go index 09d8a0e9e..f65c50ed4 100644 --- a/manager/controllers/baseline_systems.go +++ b/manager/controllers/baseline_systems.go @@ -85,35 +85,12 @@ type BaselineSystemsResponse struct { Meta ListMeta `json:"meta"` } -// nolint: lll -// @Summary Show me all systems belonging to a baseline -// @Description Show me all systems applicable to a baseline -// @ID listBaselineSystems -// @Security RhIdentity -// @Accept json -// @Produce json -// @Param baseline_id path int true "Baseline ID" -// @Param limit query int false "Limit for paging, set -1 to return all" -// @Param offset query int false "Offset for paging" -// @Param sort query string false "Sort field" Enums(id,display_name,os,installable_rhsa_count,installable_rhba_count,installable_rhea_count,installable_other_count,applicable_rhsa_count,applicable_rhba_count,applicable_rhea_count,applicable_other_count,last_upload) -// @Param search query string false "Find matching text" -// @Param filter[display_name] query string false "Filter" -// @Param filter[os] query string false "Filter" -// @Param tags query []string false "Tag filter" -// @Success 200 {object} BaselineSystemsResponse -// @Failure 400 {object} utils.ErrorResponse -// @Failure 404 {object} utils.ErrorResponse -// @Failure 500 {object} utils.ErrorResponse -// @Router /baselines/{baseline_id}/systems [get] -func BaselineSystemsListHandler(c *gin.Context) { - account := c.GetInt(middlewares.KeyAccount) - apiver := c.GetInt(middlewares.KeyApiver) - +func baselineSystemsCommon(c *gin.Context, account, apiver int) (*gorm.DB, *ListMeta, []string, error) { baselineID := c.Param("baseline_id") id, err := strconv.ParseInt(baselineID, 10, 64) if err != nil { LogAndRespBadRequest(c, err, fmt.Sprintf("Invalid baseline_id: %s", baselineID)) - return + return nil, nil, nil, err } db := middlewares.DBFromContext(c) @@ -122,26 +99,58 @@ func BaselineSystemsListHandler(c *gin.Context) { Where("id = ? ", id).Count(&exists).Error if err != nil { LogAndRespError(c, err, "database error") - return + return nil, nil, nil, err } if exists == 0 { LogAndRespNotFound(c, errors.New("Baseline not found"), "Baseline not found") - return + return nil, nil, nil, err } query := buildQueryBaselineSystems(db, account, id, apiver) filters, err := ParseTagsFilters(c) if err != nil { - return + return nil, nil, nil, err } // Error handled in method itself query, _ = ApplyTagsFilter(filters, query, "sp.inventory_id") query, meta, params, err := ListCommon(query, c, nil, BaselineSystemOpts) if err != nil { // Error handling and setting of result code & content is done in ListCommon - return + return nil, nil, nil, err } + return query, meta, params, err +} + +// nolint: lll +// @Summary Show me all systems belonging to a baseline +// @Description Show me all systems applicable to a baseline +// @ID listBaselineSystems +// @Security RhIdentity +// @Accept json +// @Produce json +// @Param baseline_id path int true "Baseline ID" +// @Param limit query int false "Limit for paging, set -1 to return all" +// @Param offset query int false "Offset for paging" +// @Param sort query string false "Sort field" Enums(id,display_name,os,installable_rhsa_count,installable_rhba_count,installable_rhea_count,installable_other_count,applicable_rhsa_count,applicable_rhba_count,applicable_rhea_count,applicable_other_count,last_upload) +// @Param search query string false "Find matching text" +// @Param filter[display_name] query string false "Filter" +// @Param filter[os] query string false "Filter" +// @Param tags query []string false "Tag filter" +// @Success 200 {object} BaselineSystemsResponse +// @Failure 400 {object} utils.ErrorResponse +// @Failure 404 {object} utils.ErrorResponse +// @Failure 500 {object} utils.ErrorResponse +// @Router /baselines/{baseline_id}/systems [get] +func BaselineSystemsListHandler(c *gin.Context) { + account := c.GetInt(middlewares.KeyAccount) + apiver := c.GetInt(middlewares.KeyApiver) + + query, meta, params, err := baselineSystemsCommon(c, account, apiver) + if err != nil { + return + } // Error handled in method itself + var baselineSystems []BaselineSystemsDBLookup err = query.Find(&baselineSystems).Error if err != nil { @@ -167,6 +176,54 @@ func BaselineSystemsListHandler(c *gin.Context) { c.JSON(http.StatusOK, &resp) } +// nolint: lll +// @Summary Show me all systems belonging to a baseline +// @Description Show me all systems applicable to a baseline +// @ID listBaselineSystemsIds +// @Security RhIdentity +// @Accept json +// @Produce json +// @Param baseline_id path int true "Baseline ID" +// @Param limit query int false "Limit for paging, set -1 to return all" +// @Param offset query int false "Offset for paging" +// @Param sort query string false "Sort field" Enums(id,display_name,os,installable_rhsa_count,installable_rhba_count,installable_rhea_count,installable_other_count,applicable_rhsa_count,applicable_rhba_count,applicable_rhea_count,applicable_other_count,last_upload) +// @Param search query string false "Find matching text" +// @Param filter[display_name] query string false "Filter" +// @Param filter[os] query string false "Filter" +// @Param tags query []string false "Tag filter" +// @Success 200 {object} IDsResponse +// @Failure 400 {object} utils.ErrorResponse +// @Failure 404 {object} utils.ErrorResponse +// @Failure 500 {object} utils.ErrorResponse +// @Router /ids/baselines/{baseline_id}/systems [get] +func BaselineSystemsListIDsHandler(c *gin.Context) { + account := c.GetInt(middlewares.KeyAccount) + apiver := c.GetInt(middlewares.KeyApiver) + if apiver < 3 { + c.AbortWithStatus(404) + return + } + + query, meta, _, err := baselineSystemsCommon(c, account, apiver) + if err != nil { + return + } // Error handled in method itself + + var sids []SystemsID + + if err = query.Scan(&sids).Error; err != nil { + LogAndRespError(c, err, "db error") + return + } + + ids, err := systemsIDs(c, sids, meta) + if err != nil { + return // Error handled in method itself + } + var resp = IDsResponse{IDs: ids} + c.JSON(http.StatusOK, &resp) +} + func buildQueryBaselineSystems(db *gorm.DB, account int, baselineID int64, apiver int) *gorm.DB { query := db.Table("system_platform AS sp"). Joins("JOIN inventory.hosts ih ON ih.id = sp.inventory_id"). diff --git a/manager/routes/routes.go b/manager/routes/routes.go index 15a25c8d2..3edcaffa3 100644 --- a/manager/routes/routes.go +++ b/manager/routes/routes.go @@ -70,6 +70,9 @@ func InitAPI(api *gin.RouterGroup, config docs.EndpointsConfig) { // nolint: fun ids.GET("/packages/:package_name/systems", controllers.PackageSystemsListIDsHandler) ids.GET("/systems", controllers.SystemsListIDsHandler) ids.GET("/systems/:inventory_id/advisories", controllers.SystemAdvisoriesIDsHandler) + if config.EnableBaselines { + ids.GET("/baselines/:baseline_id/systems", controllers.BaselineSystemsListIDsHandler) + } api.GET("/status", controllers.Status) } From 546a7d8cfd42955e1a7d9766c60ea2f266069d28 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Thu, 27 Apr 2023 08:47:32 +0000 Subject: [PATCH 026/268] v3.1.38 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index eeda7372d..045c27879 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.1.37 +v3.1.38 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index b25abe7b2..21137ea90 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -542,7 +542,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.1.37} +- {name: IMAGE_TAG_MANAGER, value: v3.1.38} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -565,7 +565,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.1.37} +- {name: IMAGE_TAG_LISTENER, value: v3.1.38} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -583,7 +583,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.37} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.38} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -608,7 +608,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.37} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.38} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -631,7 +631,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.1.37} +- {name: IMAGE_TAG_JOBS, value: v3.1.38} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -677,7 +677,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.37} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.38} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -707,7 +707,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.1.37} +- {name: IMAGE_TAG_ADMIN, value: v3.1.38} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 50f8421a3..bcbfa9b20 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.37" + "version": "v3.1.38" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index fa3f38b2b..75fc1fd09 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.37" + "version": "v3.1.38" }, "servers": [ { From 9ab64d8c8724d2cad8535c50b7871b491900c219 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Thu, 4 May 2023 17:48:52 +0200 Subject: [PATCH 027/268] fix advisory detail cache preload run cache preload once, not in InitAPI don't try to get items from cache and count hit/miss during preload --- manager/controllers/advisory_detail.go | 16 +++++++++------- manager/manager.go | 2 ++ manager/routes/routes.go | 1 - 3 files changed, 11 insertions(+), 8 deletions(-) diff --git a/manager/controllers/advisory_detail.go b/manager/controllers/advisory_detail.go index 8a4a6f344..3ddc03037 100644 --- a/manager/controllers/advisory_detail.go +++ b/manager/controllers/advisory_detail.go @@ -100,7 +100,7 @@ func AdvisoryDetailHandler(c *gin.Context) { var err error var respV2 *AdvisoryDetailResponseV2 db := middlewares.DBFromContext(c) - respV2, err = getAdvisoryV2(db, advisoryName) + respV2, err = getAdvisoryV2(db, advisoryName, false) if err != nil { if errors.Is(err, gorm.ErrRecordNotFound) { LogAndRespNotFound(c, err, "advisory not found") @@ -265,7 +265,7 @@ func PreloadAdvisoryCacheItems() { progress, count := utils.LogProgress("Advisory detail cache preload", logProgressDuration, int64(len(advisoryNames))) for _, advisoryName := range advisoryNames { - _, err = getAdvisoryV2(database.Db, advisoryName) + _, err = getAdvisoryV2(database.Db, advisoryName, true) if err != nil { utils.LogError("advisoryName", advisoryName, "err", err.Error(), "can not re-load item to cache - V2") } @@ -299,11 +299,13 @@ func tryAddAdvisoryToCacheV2(advisoryName string, resp *AdvisoryDetailResponseV2 utils.LogDebug("evictedV2", evicted, "advisoryName", advisoryName, "saved to cache") } -func getAdvisoryV2(db *gorm.DB, advisoryName string) (*AdvisoryDetailResponseV2, error) { - resp := tryGetAdvisoryFromCacheV2(advisoryName) - if resp != nil { - utils.LogDebug("advisoryName", advisoryName, "found in cache") - return resp, nil // return data found in cache +func getAdvisoryV2(db *gorm.DB, advisoryName string, isPreload bool) (*AdvisoryDetailResponseV2, error) { + if !isPreload { + resp := tryGetAdvisoryFromCacheV2(advisoryName) + if resp != nil { + utils.LogDebug("advisoryName", advisoryName, "found in cache") + return resp, nil // return data found in cache + } } resp, err := getAdvisoryFromDBV2(db, advisoryName) // search for data in database diff --git a/manager/manager.go b/manager/manager.go index 32ab57491..ffc5814ce 100644 --- a/manager/manager.go +++ b/manager/manager.go @@ -6,6 +6,7 @@ import ( "app/base/mqueue" "app/base/utils" "app/docs" + "app/manager/controllers" "app/manager/kafka" "app/manager/middlewares" "app/manager/routes" @@ -58,6 +59,7 @@ func RunManager() { } go base.TryExposeOnMetricsPort(app) + go controllers.PreloadAdvisoryCacheItems() kafka.TryStartEvalQueue(mqueue.NewKafkaWriterFromEnv) diff --git a/manager/routes/routes.go b/manager/routes/routes.go index 3edcaffa3..1e5982cd9 100644 --- a/manager/routes/routes.go +++ b/manager/routes/routes.go @@ -19,7 +19,6 @@ func InitAPI(api *gin.RouterGroup, config docs.EndpointsConfig) { // nolint: fun advisories := api.Group("/advisories") advisories.GET("", controllers.AdvisoriesListHandler) - go controllers.PreloadAdvisoryCacheItems() advisories.GET("/:advisory_id", controllers.AdvisoryDetailHandler) advisories.GET("/:advisory_id/systems", controllers.AdvisorySystemsListHandler) From f0aa0d1d16ae0f4b9bb892a0ab2844c3ae87847b Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Thu, 4 May 2023 17:53:54 +0200 Subject: [PATCH 028/268] don't increment vmaas cache size when cache is full --- evaluator/vmaas_cache.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/evaluator/vmaas_cache.go b/evaluator/vmaas_cache.go index 3a5dca943..19405243e 100644 --- a/evaluator/vmaas_cache.go +++ b/evaluator/vmaas_cache.go @@ -15,6 +15,7 @@ var memoryVmaasCache *VmaasCache type VmaasCache struct { enabled bool size int + currentSize int validity *types.Rfc3339TimestampWithZ checkDuration time.Duration data *lru.TwoQueueCache[string, *vmaas.UpdatesV2Response] @@ -25,6 +26,7 @@ func NewVmaasPackageCache(enabled bool, size int, checkDuration time.Duration) * c.enabled = enabled c.size = size + c.currentSize = 0 c.validity = vmaas_sync.GetLastSync(vmaas_sync.VmaasExported) c.checkDuration = checkDuration vmaasCacheGauge.Set(0) @@ -55,8 +57,11 @@ func (c *VmaasCache) Get(checksum *string) (*vmaas.UpdatesV2Response, bool) { func (c *VmaasCache) Add(checksum *string, response *vmaas.UpdatesV2Response) { if c.enabled && checksum != nil { - vmaasCacheGauge.Inc() c.data.Add(*checksum, response) + if c.currentSize <= c.size { + c.currentSize++ + vmaasCacheGauge.Inc() + } } } From a8dd28641b758df417ebe66057027296d5aea4af Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Fri, 5 May 2023 08:26:24 +0000 Subject: [PATCH 029/268] v3.1.39 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 045c27879..cb86bba78 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.1.38 +v3.1.39 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 21137ea90..01518371d 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -542,7 +542,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.1.38} +- {name: IMAGE_TAG_MANAGER, value: v3.1.39} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -565,7 +565,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.1.38} +- {name: IMAGE_TAG_LISTENER, value: v3.1.39} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -583,7 +583,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.38} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.39} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -608,7 +608,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.38} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.39} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -631,7 +631,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.1.38} +- {name: IMAGE_TAG_JOBS, value: v3.1.39} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -677,7 +677,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.38} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.39} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -707,7 +707,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.1.38} +- {name: IMAGE_TAG_ADMIN, value: v3.1.39} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index bcbfa9b20..f79b9c506 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.38" + "version": "v3.1.39" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 75fc1fd09..06f9a30fc 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.38" + "version": "v3.1.39" }, "servers": [ { From 74d6fc71ac303682d891b07de8553b416d8ba5c4 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Wed, 17 May 2023 11:34:51 +0200 Subject: [PATCH 030/268] RHINENG-390: don't evaluate hosts without epoch in package_list --- base/vmaas/vmaas.go | 2 ++ evaluator/evaluate.go | 1 + 2 files changed, 3 insertions(+) diff --git a/base/vmaas/vmaas.go b/base/vmaas/vmaas.go index 538c20337..db5fb7d87 100644 --- a/base/vmaas/vmaas.go +++ b/base/vmaas/vmaas.go @@ -18,6 +18,8 @@ type UpdatesV3Request struct { ThirdParty *bool `json:"third_party,omitempty"` // Search for updates of unknown package EVRAs. OptimisticUpdates *bool `json:"optimistic_updates,omitempty"` + // VMaaS will check package_list and return error if we provide package_list without epochs + EpochRequired *bool `json:"epoch_required,omitempty"` } type UpdatesV3RequestModulesList struct { diff --git a/evaluator/evaluate.go b/evaluator/evaluate.go index 867b6203b..2db1c2119 100644 --- a/evaluator/evaluate.go +++ b/evaluator/evaluate.go @@ -288,6 +288,7 @@ func getVmaasUpdates(ctx context.Context, tx *gorm.DB, updatesReq.ThirdParty = utils.PtrBool(thirdParty) // enable "third_party" updates in VMaaS if needed useOptimisticUpdates := thirdParty || vmaasCallUseOptimisticUpdates updatesReq.OptimisticUpdates = utils.PtrBool(useOptimisticUpdates) + updatesReq.EpochRequired = utils.PtrBool(true) vmaasData, err = callVMaas(ctx, updatesReq) if err != nil { From 70fea51a7680f37665f729d09edcd12f82e7c86d Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Tue, 16 May 2023 20:25:33 +0200 Subject: [PATCH 031/268] add -buildvcs=false to `go list` in tests --- scripts/go_test_db.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/go_test_db.sh b/scripts/go_test_db.sh index 6002b65f5..3fdba8d10 100755 --- a/scripts/go_test_db.sh +++ b/scripts/go_test_db.sh @@ -15,5 +15,5 @@ go test -v app/database_admin WAIT_FOR_DB=full go run ./scripts/feed_db.go feed # Normal test run - everything except database schema test -TEST_DIRS=$(go list ./... | grep -v "app/database_admin") +TEST_DIRS=$(go list -buildvcs=false ./... | grep -v "app/database_admin") ./scripts/go_test.sh "${TEST_DIRS}" From 9d128cf1bd6016c11a1e398ac61ee6d39f05b8d8 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Wed, 17 May 2023 12:29:26 +0000 Subject: [PATCH 032/268] v3.1.40 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index cb86bba78..6c68e844e 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.1.39 +v3.1.40 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 01518371d..0f8a2c5ca 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -542,7 +542,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.1.39} +- {name: IMAGE_TAG_MANAGER, value: v3.1.40} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -565,7 +565,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.1.39} +- {name: IMAGE_TAG_LISTENER, value: v3.1.40} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -583,7 +583,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.39} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.40} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -608,7 +608,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.39} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.40} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -631,7 +631,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.1.39} +- {name: IMAGE_TAG_JOBS, value: v3.1.40} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -677,7 +677,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.39} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.40} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -707,7 +707,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.1.39} +- {name: IMAGE_TAG_ADMIN, value: v3.1.40} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index f79b9c506..b1478c06d 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.39" + "version": "v3.1.40" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 06f9a30fc..8ed76336f 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.39" + "version": "v3.1.40" }, "servers": [ { From 44dc62351e89b0dfa7e7b063bd61ac4231c904c6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 5 May 2023 02:44:48 +0000 Subject: [PATCH 033/268] Bump github.com/gin-gonic/gin from 1.8.1 to 1.9.0 Bumps [github.com/gin-gonic/gin](https://github.com/gin-gonic/gin) from 1.8.1 to 1.9.0. - [Release notes](https://github.com/gin-gonic/gin/releases) - [Changelog](https://github.com/gin-gonic/gin/blob/master/CHANGELOG.md) - [Commits](https://github.com/gin-gonic/gin/compare/v1.8.1...v1.9.0) --- updated-dependencies: - dependency-name: github.com/gin-gonic/gin dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- go.mod | 26 +++++++++++++++----------- go.sum | 51 ++++++++++++++++++++++++++++++++++----------------- 2 files changed, 49 insertions(+), 28 deletions(-) diff --git a/go.mod b/go.mod index 405b859c6..d8fa12c26 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( github.com/getkin/kin-openapi v0.106.0 github.com/gin-contrib/gzip v0.0.6 github.com/gin-contrib/timeout v0.0.3 - github.com/gin-gonic/gin v1.8.1 + github.com/gin-gonic/gin v1.9.0 github.com/gocarina/gocsv v0.0.0-20200330101823-46266ca37bd3 // newer version skips some columns github.com/golang-migrate/migrate/v4 v4.15.2 github.com/hashicorp/golang-lru/v2 v2.0.2 @@ -24,7 +24,7 @@ require ( github.com/redhatinsights/platform-go-middlewares v0.20.0 github.com/segmentio/kafka-go v0.4.35 github.com/sirupsen/logrus v1.9.0 - github.com/stretchr/testify v1.8.0 + github.com/stretchr/testify v1.8.1 github.com/swaggo/files v0.0.0-20220728132757-551d4a08d97a github.com/swaggo/gin-swagger v1.5.3 github.com/zsais/go-gin-prometheus v0.1.0 @@ -37,17 +37,19 @@ require ( require ( github.com/KyleBanks/depth v1.2.1 // indirect github.com/beorn7/perks v1.0.1 // indirect + github.com/bytedance/sonic v1.8.0 // indirect github.com/cespare/xxhash/v2 v2.1.2 // indirect + github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/gin-contrib/sse v0.1.0 // indirect github.com/go-openapi/jsonpointer v0.19.5 // indirect github.com/go-openapi/jsonreference v0.20.0 // indirect github.com/go-openapi/spec v0.20.7 // indirect github.com/go-openapi/swag v0.22.3 // indirect - github.com/go-playground/locales v0.14.0 // indirect - github.com/go-playground/universal-translator v0.18.0 // indirect - github.com/go-playground/validator/v10 v10.11.1 // indirect - github.com/goccy/go-json v0.9.11 // indirect + github.com/go-playground/locales v0.14.1 // indirect + github.com/go-playground/universal-translator v0.18.1 // indirect + github.com/go-playground/validator/v10 v10.11.2 // indirect + github.com/goccy/go-json v0.10.0 // indirect github.com/golang/protobuf v1.5.2 // indirect github.com/google/go-cmp v0.5.9 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect @@ -66,29 +68,31 @@ require ( github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect github.com/klauspost/compress v1.15.11 // indirect + github.com/klauspost/cpuid/v2 v2.0.9 // indirect github.com/leodido/go-urn v1.2.1 // indirect github.com/mailru/easyjson v0.7.7 // indirect - github.com/mattn/go-isatty v0.0.16 // indirect + github.com/mattn/go-isatty v0.0.17 // indirect github.com/matttproud/golang_protobuf_extensions v1.0.2 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 // indirect - github.com/pelletier/go-toml/v2 v2.0.5 // indirect + github.com/pelletier/go-toml/v2 v2.0.6 // indirect github.com/pierrec/lz4/v4 v4.1.17 // indirect github.com/prometheus/client_model v0.2.0 // indirect github.com/prometheus/common v0.37.0 // indirect github.com/prometheus/procfs v0.8.0 // indirect github.com/swaggo/swag v1.8.6 // indirect - github.com/ugorji/go/codec v1.2.7 // indirect + github.com/twitchyliquid64/golang-asm v0.15.1 // indirect + github.com/ugorji/go/codec v1.2.9 // indirect github.com/xdg/scram v1.0.5 // indirect github.com/xdg/stringprep v1.0.3 // indirect go.uber.org/atomic v1.10.0 // indirect - golang.org/x/crypto v0.0.0-20221012134737-56aed061732a // indirect + golang.org/x/arch v0.0.0-20210923205945-b76863e36670 // indirect + golang.org/x/crypto v0.5.0 // indirect golang.org/x/sys v0.5.0 // indirect golang.org/x/text v0.7.0 // indirect golang.org/x/tools v0.1.12 // indirect google.golang.org/protobuf v1.28.1 // indirect - gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index 531b5343a..e0f2f6692 100644 --- a/go.sum +++ b/go.sum @@ -183,6 +183,9 @@ github.com/buger/jsonparser v1.1.1/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx2 github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd/go.mod h1:2oa8nejYd4cQ/b0hMIopN0lCRxU0bueqREvZLWFrtK8= github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b/go.mod h1:obH5gd0BsqsP2LwDJ9aOkm/6J86V6lyAXCoQWGw3K50= github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE= +github.com/bytedance/sonic v1.5.0/go.mod h1:ED5hyg4y6t3/9Ku1R6dU/4KyJ48DZ4jPhfY1O2AihPM= +github.com/bytedance/sonic v1.8.0 h1:ea0Xadu+sHlu7x5O3gKhRpQ1IKiMrSiHttPF0ybECuA= +github.com/bytedance/sonic v1.8.0/go.mod h1:i736AoUSYt75HyZLoJW9ERYxcy6eaN6h4BZXU064P/U= github.com/cenkalti/backoff/v4 v4.1.1/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= github.com/cenkalti/backoff/v4 v4.1.2/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= @@ -196,6 +199,9 @@ github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XL github.com/checkpoint-restore/go-criu/v4 v4.1.0/go.mod h1:xUQBLp4RLc5zJtWY++yjOoMoB5lihDt7fai+75m+rGw= github.com/checkpoint-restore/go-criu/v5 v5.0.0/go.mod h1:cfwC0EG7HMUenopBsUf9d89JlCLQIfgVcNsNN0t6T2M= github.com/checkpoint-restore/go-criu/v5 v5.3.0/go.mod h1:E/eQpaFtUKGOOSEBZgmKAcn+zUUwWxqcaKZlF54wK8E= +github.com/chenzhuoyu/base64x v0.0.0-20211019084208-fb5309c8db06/go.mod h1:DH46F32mSOjUmXrMHnKwZdA8wcEefY7UVqBKYGjpdQY= +github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 h1:qSGYFH7+jGhDF8vLC+iwCD4WpbV1EBDSzWkJODFLams= +github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311/go.mod h1:b583jCggY9gE99b6G5LEC39OIiVsWj+R97kbl5odCEk= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= @@ -430,8 +436,9 @@ github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm github.com/gin-contrib/timeout v0.0.3 h1:ysZQ7kChgqlzBkuLgwTTDjTPP2uqdI68XxRyqIFK68g= github.com/gin-contrib/timeout v0.0.3/go.mod h1:F3fjkmFc4I1QdF7MyVwtO6ZkPueBckNoiOVpU73HGgU= github.com/gin-gonic/gin v1.7.2/go.mod h1:jD2toBW3GZUr5UMcdrwQA10I7RuaFOl/SGeDjXkfUtY= -github.com/gin-gonic/gin v1.8.1 h1:4+fr/el88TOO3ewCmQr8cx/CtZ/umlIRIs5M4NTNjf8= github.com/gin-gonic/gin v1.8.1/go.mod h1:ji8BvRH1azfM+SYow9zQ6SZMvR8qOMZHmsCuWR9tTTk= +github.com/gin-gonic/gin v1.9.0 h1:OjyFBKICoexlu99ctXNR2gg+c5pKrKMuyjgARg9qeY8= +github.com/gin-gonic/gin v1.9.0/go.mod h1:W1Me9+hsUSyj3CePGrd1/QrKJMSJ1Tu/0hFEH89961k= github.com/go-chi/chi v4.0.2+incompatible/go.mod h1:eB3wogJHnLi3x/kFX2A+IbTBlXxmMeXJVKy9tTv1XzQ= github.com/go-fonts/dejavu v0.1.0/go.mod h1:4Wt4I4OU2Nq9asgDCteaAaWZOV24E+0/Pwo0gppep4g= github.com/go-fonts/latin-modern v0.2.0/go.mod h1:rQVLdDMK+mK1xscDwsqM5J8U2jrRa3T0ecnM9pNujks= @@ -482,18 +489,20 @@ github.com/go-openapi/swag v0.19.14/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/ github.com/go-openapi/swag v0.19.15/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= -github.com/go-playground/assert/v2 v2.0.1 h1:MsBgLAaY856+nPRTKrp3/OZK38U/wa0CcBYNjji3q3A= github.com/go-playground/assert/v2 v2.0.1/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4= +github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s= github.com/go-playground/locales v0.13.0/go.mod h1:taPMhCMXrRLJO55olJkUXHZBHCxTMfnGwq/HNwmWNS8= -github.com/go-playground/locales v0.14.0 h1:u50s323jtVGugKlcYeyzC0etD1HifMjqmJqb8WugfUU= github.com/go-playground/locales v0.14.0/go.mod h1:sawfccIbzZTqEDETgFXqTho0QybSa7l++s0DH+LDiLs= +github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA= +github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY= github.com/go-playground/universal-translator v0.17.0/go.mod h1:UkSxE5sNxxRwHyU+Scu5vgOQjsIJAF8j9muTVoKLVtA= -github.com/go-playground/universal-translator v0.18.0 h1:82dyy6p4OuJq4/CByFNOn/jYrnRPArHwAcmLoJZxyho= github.com/go-playground/universal-translator v0.18.0/go.mod h1:UvRDBj+xPUEGrFYl+lu/H90nyDXpg0fqeB/AQUGNTVA= +github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY= +github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY= github.com/go-playground/validator/v10 v10.4.1/go.mod h1:nlOn6nFhuKACm19sB/8EGNn9GlaMV7XkbRSipzJ0Ii4= github.com/go-playground/validator/v10 v10.10.0/go.mod h1:74x4gJWsvQexRdW8Pn3dXSGrTK4nAUsbPlLADvpJkos= -github.com/go-playground/validator/v10 v10.11.1 h1:prmOlTVv+YjZjmRmNSF3VmspqJIxJWXmqUsHwfTRRkQ= -github.com/go-playground/validator/v10 v10.11.1/go.mod h1:i+3WkQ1FvaUjjxh1kSvIA4dMGDBiPU55YFDl0WbKdWU= +github.com/go-playground/validator/v10 v10.11.2 h1:q3SHpufmypg+erIExEKUmsgmhDTyhcJ38oeKGACXohU= +github.com/go-playground/validator/v10 v10.11.2/go.mod h1:NieE624vt4SCTJtD87arVLvdmjPAeV8BQlHtMnw9D7s= github.com/go-sql-driver/mysql v1.4.0/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= @@ -526,8 +535,8 @@ github.com/gobuffalo/syncx v0.0.0-20190224160051-33c29581e754/go.mod h1:HhnNqWY9 github.com/gocarina/gocsv v0.0.0-20200330101823-46266ca37bd3 h1:B7k6N+JlLM/u1xrIkpifUfE7GRJsZIYHoHbiAa5cSP4= github.com/gocarina/gocsv v0.0.0-20200330101823-46266ca37bd3/go.mod h1:5YoVOkjYAQumqlV356Hj3xeYh4BdZuLE0/nRkf2NKkI= github.com/goccy/go-json v0.9.7/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= -github.com/goccy/go-json v0.9.11 h1:/pAaQDLHEoCq/5FFmSKBswWmK6H0e8g4159Kc/X/nqk= -github.com/goccy/go-json v0.9.11/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= +github.com/goccy/go-json v0.10.0 h1:mXKd9Qw4NuzShiRlOXKews24ufknHO7gx30lsDyokKA= +github.com/goccy/go-json v0.10.0/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= github.com/gocql/gocql v0.0.0-20210515062232-b7ef815b4556/go.mod h1:DL0ekTmBSTdlNF25Orwt/JMzqIq3EJ4MVa/J/uK64OY= github.com/godbus/dbus v0.0.0-20151105175453-c7fdd8b5cd55/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= github.com/godbus/dbus v0.0.0-20180201030542-885f9cc04c9c/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= @@ -832,6 +841,8 @@ github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47e github.com/klauspost/compress v1.15.7/go.mod h1:PhcZ0MbTNciWF3rruxRgKxI5NkcHHrHUDtV4Yw2GlzU= github.com/klauspost/compress v1.15.11 h1:Lcadnb3RKGin4FYM/orgq0qde+nc15E5Cbqg4B9Sx9c= github.com/klauspost/compress v1.15.11/go.mod h1:QPwzmACJjUTFsnSHH934V6woptycfrDDJnH7hvFVbGM= +github.com/klauspost/cpuid/v2 v2.0.9 h1:lgaqFMSdTdQYdZ04uHyN2d/eKdOMyi2YLSvlQIBFYa4= +github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= @@ -891,8 +902,8 @@ github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hd github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ= github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= -github.com/mattn/go-isatty v0.0.16 h1:bq3VjFmv/sOjHtdEhmkEV4x1AJtvUvOJ2PFAZ5+peKQ= -github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= +github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng= +github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= github.com/mattn/go-shellwords v1.0.3/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= github.com/mattn/go-shellwords v1.0.6/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= @@ -1023,8 +1034,8 @@ github.com/pelletier/go-toml v1.7.0/go.mod h1:vwGMzjaWMwyfHwgIBhI2YUM4fB6nL6lVAv github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrapLU/GW4pbc= github.com/pelletier/go-toml v1.9.3/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= github.com/pelletier/go-toml/v2 v2.0.1/go.mod h1:r9LEWfGN8R5k0VXJ+0BkIe7MYkRdwZOjgMj2KwnJFUo= -github.com/pelletier/go-toml/v2 v2.0.5 h1:ipoSadvV8oGUjnUbMub59IDPPwfxF694nG/jwbMiyQg= -github.com/pelletier/go-toml/v2 v2.0.5/go.mod h1:OMHamSCAODeSsVrwwvcJOaoN0LIUIaFVNZzmWyNfXas= +github.com/pelletier/go-toml/v2 v2.0.6 h1:nrzqCb7j9cDFj2coyLNLaZuJTLjWjlaz6nvTvIwycIU= +github.com/pelletier/go-toml/v2 v2.0.6/go.mod h1:eumQOmlWiOPt5WriQQqoM5y18pDHwha2N+QD+EUNTek= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= github.com/phpdave11/gofpdf v1.4.2/go.mod h1:zpO6xFn9yxo3YLyMvW8HcKWVdbNqgIfOOp2dXMnm1mY= github.com/phpdave11/gofpdi v1.0.12/go.mod h1:vBmVV0Do6hSBHC8uKUQ71JGW+ZGQq74llk/7bXwjDoI= @@ -1168,6 +1179,7 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+ github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v0.0.0-20180303142811-b89eecf5ca5d/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= @@ -1176,8 +1188,9 @@ github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= +github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= github.com/swaggo/files v0.0.0-20220728132757-551d4a08d97a h1:kAe4YSu0O0UFn1DowNo2MY5p6xzqtJ/wQ7LZynSvGaY= github.com/swaggo/files v0.0.0-20220728132757-551d4a08d97a/go.mod h1:lKJPbtWzJ9JhsTN1k1gZgleJWY/cqq0psdoMmaThG3w= @@ -1195,12 +1208,15 @@ github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1 github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tv42/httpunix v0.0.0-20191220191345-2ba4b9c3382c/go.mod h1:hzIxponao9Kjc7aWznkXaL4U4TWaDSs8zcsY4Ka08nM= +github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS4MhqMhdFk5YI= +github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08= github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw= github.com/ugorji/go v1.2.7/go.mod h1:nF9osbDWLy6bDVv/Rtoh6QgnvNDpmCalQV5urGCCS6M= github.com/ugorji/go/codec v1.1.7/go.mod h1:Ax+UKWsSmolVDwsd+7N3ZtXu+yMGCf907BLYF3GoBXY= -github.com/ugorji/go/codec v1.2.7 h1:YPXUKf7fYbp/y8xloBqZOw2qaVggbfwMlI8WM3wZUJ0= github.com/ugorji/go/codec v1.2.7/go.mod h1:WGN1fab3R1fzQlVQTkfxVtIBhWDRqOviHU95kRgeqEY= +github.com/ugorji/go/codec v1.2.9 h1:rmenucSohSTiyL09Y+l2OCk+FrMxGMzho2+tjr5ticU= +github.com/ugorji/go/codec v1.2.9/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZgYf6w6lg= github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= @@ -1303,6 +1319,8 @@ go.uber.org/zap v1.9.1/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.13.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM= go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo= +golang.org/x/arch v0.0.0-20210923205945-b76863e36670 h1:18EFjUmQOcUvxNYSkA6jO9VAiXCnxFY6NyDX0bHDmkU= +golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8= golang.org/x/crypto v0.0.0-20171113213409-9f005a07e0d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20181009213950-7c1a557ab941/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= @@ -1330,11 +1348,10 @@ golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.0.0-20221012134737-56aed061732a h1:NmSIgad6KjE6VvHciPZuNRTKxGhlPfD6OA87W/PLkqg= -golang.org/x/crypto v0.0.0-20221012134737-56aed061732a/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.5.0 h1:U/0M97KRkSFvyD/3FSmdP5W5swImpNgle/EHFhOsQPE= +golang.org/x/crypto v0.5.0/go.mod h1:NK/OQwhpMQP3MwtdjgLlYHnH9ebylxKWv3e0fK+mkQU= golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= From 56fa90283c6736a23c8c7276693e237f0f9df3ef Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Thu, 18 May 2023 09:34:01 +0000 Subject: [PATCH 034/268] v3.1.41 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 6c68e844e..96ffc7321 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.1.40 +v3.1.41 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 0f8a2c5ca..0bb59a694 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -542,7 +542,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.1.40} +- {name: IMAGE_TAG_MANAGER, value: v3.1.41} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -565,7 +565,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.1.40} +- {name: IMAGE_TAG_LISTENER, value: v3.1.41} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -583,7 +583,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.40} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.41} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -608,7 +608,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.40} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.41} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -631,7 +631,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.1.40} +- {name: IMAGE_TAG_JOBS, value: v3.1.41} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -677,7 +677,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.40} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.41} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -707,7 +707,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.1.40} +- {name: IMAGE_TAG_ADMIN, value: v3.1.41} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index b1478c06d..1f4befd52 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.40" + "version": "v3.1.41" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 8ed76336f..214a7e36a 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.40" + "version": "v3.1.41" }, "servers": [ { From 8f2aa86667415d013c9a56722c878c3c56eafec1 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Thu, 18 May 2023 13:26:22 +0200 Subject: [PATCH 035/268] SPM-2071: only installable advisories in v3 /views --- docs/v3/openapi.json | 8 ++-- .../controllers/systems_advisories_view.go | 43 ++++++++++++++----- .../systems_advisories_view_test.go | 9 ++-- 3 files changed, 40 insertions(+), 20 deletions(-) diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 214a7e36a..03635544f 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -4797,8 +4797,8 @@ }, "/views/advisories/systems": { "post": { - "summary": "View advisory-system pairs for selected systems and advisories", - "description": "View advisory-system pairs for selected systems and advisories", + "summary": "View advisory-system pairs for selected systems and installable advisories", + "description": "View advisory-system pairs for selected systems and installable advisories", "operationId": "viewAdvisoriesSystems", "requestBody": { "description": "Request body", @@ -4853,8 +4853,8 @@ }, "/views/systems/advisories": { "post": { - "summary": "View system-advisory pairs for selected systems and advisories", - "description": "View system-advisory pairs for selected systems and advisories", + "summary": "View system-advisory pairs for selected systems and installable advisories", + "description": "View system-advisory pairs for selected systems and installable advisories", "operationId": "viewSystemsAdvisories", "requestBody": { "description": "Request body", diff --git a/manager/controllers/systems_advisories_view.go b/manager/controllers/systems_advisories_view.go index 08ebdb243..2b105b9aa 100644 --- a/manager/controllers/systems_advisories_view.go +++ b/manager/controllers/systems_advisories_view.go @@ -43,7 +43,7 @@ func totalItems(tx *gorm.DB, cols string) (int, error) { } func systemsAdvisoriesQuery(db *gorm.DB, acc int, systems []SystemID, advisories []AdvisoryName, - limit, offset *int) (*gorm.DB, int, int, int, error) { + limit, offset *int, apiver int) (*gorm.DB, int, int, int, error) { sysq := database.Systems(db, acc). Distinct("sp.rh_account_id, sp.id, sp.inventory_id"). // we need to join system_advisories to make `limit` work properly @@ -65,10 +65,16 @@ func systemsAdvisoriesQuery(db *gorm.DB, acc int, systems []SystemID, advisories return nil, total, lim, off, err } + installableOnly := "" + if apiver > 2 { + // display only installable advisories in v3 api + installableOnly = "AND sa.status_id = 0" + } + query := db.Table("(?) as sp", sysq). Select(systemsAdvisoriesSelect). - Joins(`LEFT JOIN system_advisories sa ON sa.system_id = sp.id - AND sa.rh_account_id = sp.rh_account_id AND sa.rh_account_id = ?`, acc) + Joins(fmt.Sprintf(`LEFT JOIN system_advisories sa ON sa.system_id = sp.id + AND sa.rh_account_id = sp.rh_account_id AND sa.rh_account_id = ? %s`, installableOnly), acc) if len(advisories) > 0 { query = query.Joins("LEFT JOIN advisory_metadata am ON am.id = sa.advisory_id AND am.name in (?)", advisories) } else { @@ -80,7 +86,7 @@ func systemsAdvisoriesQuery(db *gorm.DB, acc int, systems []SystemID, advisories } func advisoriesSystemsQuery(db *gorm.DB, acc int, systems []SystemID, advisories []AdvisoryName, - limit, offset *int) (*gorm.DB, int, int, int, error) { + limit, offset *int, apiver int) (*gorm.DB, int, int, int, error) { advq := db.Table("advisory_metadata am"). Distinct("am.id, am.name"). // we need to join system_advisories to make `limit` work properly @@ -101,10 +107,22 @@ func advisoriesSystemsQuery(db *gorm.DB, acc int, systems []SystemID, advisories return nil, total, lim, off, err } + installableOnly := "" + if apiver > 2 { + // display only systems with installable advisories in v3 api + installableOnly = "AND sa.status_id = 0" + } + spJoin := "LEFT JOIN system_platform sp ON sp.id = sa.system_id AND sa.rh_account_id = sp.rh_account_id" query := db.Table("(?) as am", advq). Distinct(systemsAdvisoriesSelect). - Joins("JOIN system_advisories sa ON am.id = sa.advisory_id AND sa.rh_account_id = ?", acc) + Joins( + fmt.Sprintf( + "LEFT JOIN system_advisories sa ON am.id = sa.advisory_id AND sa.rh_account_id = ? %s", + installableOnly, + ), + acc, + ) if len(systems) > 0 { query = query.Joins(fmt.Sprintf("%s AND sp.inventory_id::text in (?)", spJoin), systems) } else { @@ -126,12 +144,15 @@ func queryDB(c *gin.Context, endpoint string) ([]systemsAdvisoriesDBLoad, *ListM return nil, nil, err } acc := c.GetInt(middlewares.KeyAccount) + apiver := c.GetInt(middlewares.KeyApiver) db := middlewares.DBFromContext(c) switch endpoint { case "SystemsAdvisories": - q, total, limit, offset, err = systemsAdvisoriesQuery(db, acc, req.Systems, req.Advisories, req.Limit, req.Offset) + q, total, limit, offset, err = systemsAdvisoriesQuery( + db, acc, req.Systems, req.Advisories, req.Limit, req.Offset, apiver) case "AdvisoriesSystems": - q, total, limit, offset, err = advisoriesSystemsQuery(db, acc, req.Systems, req.Advisories, req.Limit, req.Offset) + q, total, limit, offset, err = advisoriesSystemsQuery( + db, acc, req.Systems, req.Advisories, req.Limit, req.Offset, apiver) default: return nil, nil, fmt.Errorf("unknown endpoint '%s'", endpoint) } @@ -152,8 +173,8 @@ func queryDB(c *gin.Context, endpoint string) ([]systemsAdvisoriesDBLoad, *ListM return data, &meta, nil } -// @Summary View system-advisory pairs for selected systems and advisories -// @Description View system-advisory pairs for selected systems and advisories +// @Summary View system-advisory pairs for selected systems and installable advisories +// @Description View system-advisory pairs for selected systems and installable advisories // @ID viewSystemsAdvisories // @Security RhIdentity // @Accept json @@ -188,8 +209,8 @@ func PostSystemsAdvisories(c *gin.Context) { c.JSON(http.StatusOK, response) } -// @Summary View advisory-system pairs for selected systems and advisories -// @Description View advisory-system pairs for selected systems and advisories +// @Summary View advisory-system pairs for selected systems and installable advisories +// @Description View advisory-system pairs for selected systems and installable advisories // @ID viewAdvisoriesSystems // @Security RhIdentity // @Accept json diff --git a/manager/controllers/systems_advisories_view_test.go b/manager/controllers/systems_advisories_view_test.go index 0332f5858..ee5892593 100644 --- a/manager/controllers/systems_advisories_view_test.go +++ b/manager/controllers/systems_advisories_view_test.go @@ -17,7 +17,7 @@ func doTestView(t *testing.T, handler gin.HandlerFunc, limit, offset *int, check core.SetupTest(t) body := SystemsAdvisoriesRequest{ Systems: []SystemID{"00000000-0000-0000-0000-000000000001", "00000000-0000-0000-0000-000000000002"}, - Advisories: []AdvisoryName{"RH-1", "RH-2"}, + Advisories: []AdvisoryName{"RH-1", "RH-3"}, Limit: limit, Offset: offset, } @@ -35,8 +35,8 @@ func TestSystemsAdvisoriesView(t *testing.T) { var output SystemsAdvisoriesResponse CheckResponse(t, w, http.StatusOK, &output) assert.Equal(t, output.Data["00000000-0000-0000-0000-000000000001"][0], AdvisoryName("RH-1")) - assert.Equal(t, output.Data["00000000-0000-0000-0000-000000000001"][1], AdvisoryName("RH-2")) - assert.Equal(t, output.Data["00000000-0000-0000-0000-000000000002"][0], AdvisoryName("RH-1")) + assert.Equal(t, output.Data["00000000-0000-0000-0000-000000000001"][1], AdvisoryName("RH-3")) + assert.Equal(t, 0, len(output.Data["00000000-0000-0000-0000-000000000002"])) }) } @@ -45,8 +45,7 @@ func TestAdvisoriesSystemsView(t *testing.T) { var output AdvisoriesSystemsResponse CheckResponse(t, w, http.StatusOK, &output) assert.Equal(t, output.Data["RH-1"][0], SystemID("00000000-0000-0000-0000-000000000001")) - assert.Equal(t, output.Data["RH-1"][1], SystemID("00000000-0000-0000-0000-000000000002")) - assert.Equal(t, output.Data["RH-2"][0], SystemID("00000000-0000-0000-0000-000000000001")) + assert.Equal(t, output.Data["RH-3"][0], SystemID("00000000-0000-0000-0000-000000000001")) }) } From 820d2bdada9396a3e5551c8b787a079534b6b993 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Fri, 19 May 2023 13:24:26 +0000 Subject: [PATCH 036/268] v3.1.42 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 96ffc7321..e806e7ed7 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.1.41 +v3.1.42 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 0bb59a694..4cd4fde9e 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -542,7 +542,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.1.41} +- {name: IMAGE_TAG_MANAGER, value: v3.1.42} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -565,7 +565,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.1.41} +- {name: IMAGE_TAG_LISTENER, value: v3.1.42} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -583,7 +583,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.41} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.42} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -608,7 +608,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.41} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.42} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -631,7 +631,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.1.41} +- {name: IMAGE_TAG_JOBS, value: v3.1.42} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -677,7 +677,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.41} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.42} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -707,7 +707,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.1.41} +- {name: IMAGE_TAG_ADMIN, value: v3.1.42} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 1f4befd52..25e2c8e5b 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.41" + "version": "v3.1.42" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 03635544f..b6a184964 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.41" + "version": "v3.1.42" }, "servers": [ { From 8e0407cd8ad13ce3da059ed49bcbd9b75395065d Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Tue, 23 May 2023 18:01:04 +0200 Subject: [PATCH 037/268] SPM-2064: re-evaluate systems removed from baseline --- manager/controllers/baseline_systems_remove.go | 5 +++++ manager/kafka/kafka.go | 4 ++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/manager/controllers/baseline_systems_remove.go b/manager/controllers/baseline_systems_remove.go index 200ee745a..14270837c 100644 --- a/manager/controllers/baseline_systems_remove.go +++ b/manager/controllers/baseline_systems_remove.go @@ -3,6 +3,7 @@ package controllers import ( "app/base/models" "app/base/utils" + "app/manager/kafka" "app/manager/middlewares" "net/http" @@ -52,6 +53,10 @@ func BaselineSystemsRemoveHandler(c *gin.Context) { return } + // re-evaluate systems removed from baselines + inventoryAIDs := kafka.InventoryIDs2InventoryAIDs(account, req.InventoryIDs) + kafka.EvaluateBaselineSystems(inventoryAIDs) + c.Status(http.StatusOK) } diff --git a/manager/kafka/kafka.go b/manager/kafka/kafka.go index 3f8d12f5e..e43196f35 100644 --- a/manager/kafka/kafka.go +++ b/manager/kafka/kafka.go @@ -48,7 +48,7 @@ func GetInventoryIDsToEvaluate(db *gorm.DB, baselineID *int64, accountID int, var inventoryAIDs []mqueue.EvalData if !configUpdated { // we just need to evaluate updated inventory IDs - inventoryAIDs = inventoryIDs2InventoryAIDs(accountID, updatedInventoryIDs) + inventoryAIDs = InventoryIDs2InventoryAIDs(accountID, updatedInventoryIDs) } else { // config updated - we need to update all baseline inventory IDs and the added ones too inventoryAIDs = getInventoryIDs(db, baselineID, accountID, updatedInventoryIDs) } @@ -58,7 +58,7 @@ func GetInventoryIDsToEvaluate(db *gorm.DB, baselineID *int64, accountID int, return inventoryAIDs } -func inventoryIDs2InventoryAIDs(accountID int, inventoryIDs []string) []mqueue.EvalData { +func InventoryIDs2InventoryAIDs(accountID int, inventoryIDs []string) []mqueue.EvalData { inventoryAIDs := make([]mqueue.EvalData, 0, len(inventoryIDs)) for _, v := range inventoryIDs { inventoryAIDs = append(inventoryAIDs, mqueue.EvalData{InventoryID: v, RhAccountID: accountID}) From bffd81ab577adc70beb5fb2ccfeb58070fca0897 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Wed, 24 May 2023 08:29:14 +0000 Subject: [PATCH 038/268] v3.1.43 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index e806e7ed7..b0fd70e3e 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.1.42 +v3.1.43 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 4cd4fde9e..f59b212e0 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -542,7 +542,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.1.42} +- {name: IMAGE_TAG_MANAGER, value: v3.1.43} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -565,7 +565,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.1.42} +- {name: IMAGE_TAG_LISTENER, value: v3.1.43} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -583,7 +583,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.42} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.43} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -608,7 +608,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.42} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.43} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -631,7 +631,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.1.42} +- {name: IMAGE_TAG_JOBS, value: v3.1.43} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -677,7 +677,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.42} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.43} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -707,7 +707,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.1.42} +- {name: IMAGE_TAG_ADMIN, value: v3.1.43} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 25e2c8e5b..aee503704 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.42" + "version": "v3.1.43" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index b6a184964..826079fa7 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.42" + "version": "v3.1.43" }, "servers": [ { From 10ab77ddda292abc1b8a4e9d1552a746ea29c1e3 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Fri, 26 May 2023 18:49:43 +0200 Subject: [PATCH 039/268] SPM-2077: export baseline systems --- docs/v3/openapi.json | 301 ++++++++++++++++++ manager/controllers/baseline_systems.go | 24 +- .../controllers/baseline_systems_export.go | 62 ++++ manager/controllers/utils.go | 13 + 4 files changed, 395 insertions(+), 5 deletions(-) create mode 100644 manager/controllers/baseline_systems_export.go diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 826079fa7..1e6579e1b 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -1074,6 +1074,59 @@ "type": "string" } } + }, + { + "name": "filter[system_profile][sap_system]", + "in": "query", + "description": "Filter only SAP systems", + "schema": { + "type": "string" + } + }, + { + "name": "filter[system_profile][sap_sids][in]", + "in": "query", + "description": "Filter systems by their SAP SIDs", + "style": "form", + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string" + } + } + }, + { + "name": "filter[system_profile][ansible]", + "in": "query", + "description": "Filter systems by ansible", + "schema": { + "type": "string" + } + }, + { + "name": "filter[system_profile][ansible][controller_version]", + "in": "query", + "description": "Filter systems by ansible version", + "schema": { + "type": "string" + } + }, + { + "name": "filter[system_profile][mssql]", + "in": "query", + "description": "Filter systems by mssql version", + "schema": { + "type": "string" + } + }, + { + "name": "filter[system_profile][mssql][version]", + "in": "query", + "description": "Filter systems by mssql version", + "schema": { + "type": "string" + } } ], "responses": { @@ -1476,6 +1529,202 @@ ] } }, + "/export/baselines/{baseline_id}/systems": { + "get": { + "summary": "Export systems belonging to a baseline", + "description": "Export systems applicable to a baseline", + "operationId": "exportBaselineSystems", + "parameters": [ + { + "name": "baseline_id", + "in": "path", + "description": "Baseline ID", + "required": true, + "schema": { + "type": "integer" + } + }, + { + "name": "search", + "in": "query", + "description": "Find matching text", + "schema": { + "type": "string" + } + }, + { + "name": "filter[display_name]", + "in": "query", + "description": "Filter", + "schema": { + "type": "string" + } + }, + { + "name": "filter[os]", + "in": "query", + "description": "Filter", + "schema": { + "type": "string" + } + }, + { + "name": "tags", + "in": "query", + "description": "Tag filter", + "style": "form", + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string" + } + } + }, + { + "name": "filter[system_profile][sap_system]", + "in": "query", + "description": "Filter only SAP systems", + "schema": { + "type": "string" + } + }, + { + "name": "filter[system_profile][sap_sids][in]", + "in": "query", + "description": "Filter systems by their SAP SIDs", + "style": "form", + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string" + } + } + }, + { + "name": "filter[system_profile][ansible]", + "in": "query", + "description": "Filter systems by ansible", + "schema": { + "type": "string" + } + }, + { + "name": "filter[system_profile][ansible][controller_version]", + "in": "query", + "description": "Filter systems by ansible version", + "schema": { + "type": "string" + } + }, + { + "name": "filter[system_profile][mssql]", + "in": "query", + "description": "Filter systems by mssql version", + "schema": { + "type": "string" + } + }, + { + "name": "filter[system_profile][mssql][version]", + "in": "query", + "description": "Filter systems by mssql version", + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/controllers.BaselineSystemsDBLookup" + } + } + }, + "text/csv": { + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/controllers.BaselineSystemsDBLookup" + } + } + } + } + }, + "400": { + "description": "Bad Request", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/utils.ErrorResponse" + } + }, + "text/csv": { + "schema": { + "$ref": "#/components/schemas/utils.ErrorResponse" + } + } + } + }, + "404": { + "description": "Not Found", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/utils.ErrorResponse" + } + }, + "text/csv": { + "schema": { + "$ref": "#/components/schemas/utils.ErrorResponse" + } + } + } + }, + "415": { + "description": "Unsupported Media Type", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/utils.ErrorResponse" + } + }, + "text/csv": { + "schema": { + "$ref": "#/components/schemas/utils.ErrorResponse" + } + } + } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/utils.ErrorResponse" + } + }, + "text/csv": { + "schema": { + "$ref": "#/components/schemas/utils.ErrorResponse" + } + } + } + } + }, + "security": [ + { + "RhIdentity": [] + } + ] + } + }, "/export/packages": { "get": { "summary": "Show me all installed packages across my systems", @@ -5419,6 +5668,58 @@ } } }, + "controllers.BaselineSystemsDBLookup": { + "type": "object", + "properties": { + "applicable_other_count": { + "type": "integer" + }, + "applicable_rhba_count": { + "type": "integer" + }, + "applicable_rhea_count": { + "type": "integer" + }, + "applicable_rhsa_count": { + "type": "integer" + }, + "display_name": { + "type": "string", + "description": "Baseline system display name", + "example": "my-baselined-system" + }, + "id": { + "type": "string" + }, + "installable_other_count": { + "type": "integer" + }, + "installable_rhba_count": { + "type": "integer" + }, + "installable_rhea_count": { + "type": "integer" + }, + "installable_rhsa_count": { + "type": "integer" + }, + "last_upload": { + "type": "string" + }, + "os": { + "type": "string" + }, + "rhsm": { + "type": "string" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/components/schemas/controllers.SystemTag" + } + } + } + }, "controllers.BaselineSystemsRemoveRequest": { "type": "object", "properties": { diff --git a/manager/controllers/baseline_systems.go b/manager/controllers/baseline_systems.go index f65c50ed4..818e85a2a 100644 --- a/manager/controllers/baseline_systems.go +++ b/manager/controllers/baseline_systems.go @@ -85,12 +85,12 @@ type BaselineSystemsResponse struct { Meta ListMeta `json:"meta"` } -func baselineSystemsCommon(c *gin.Context, account, apiver int) (*gorm.DB, *ListMeta, []string, error) { +func queryBaselineSystems(c *gin.Context, account, apiver int) (*gorm.DB, error) { baselineID := c.Param("baseline_id") id, err := strconv.ParseInt(baselineID, 10, 64) if err != nil { LogAndRespBadRequest(c, err, fmt.Sprintf("Invalid baseline_id: %s", baselineID)) - return nil, nil, nil, err + return nil, err } db := middlewares.DBFromContext(c) @@ -99,19 +99,27 @@ func baselineSystemsCommon(c *gin.Context, account, apiver int) (*gorm.DB, *List Where("id = ? ", id).Count(&exists).Error if err != nil { LogAndRespError(c, err, "database error") - return nil, nil, nil, err + return nil, err } if exists == 0 { LogAndRespNotFound(c, errors.New("Baseline not found"), "Baseline not found") - return nil, nil, nil, err + return nil, err } query := buildQueryBaselineSystems(db, account, id, apiver) filters, err := ParseTagsFilters(c) if err != nil { - return nil, nil, nil, err + return nil, err } // Error handled in method itself query, _ = ApplyTagsFilter(filters, query, "sp.inventory_id") + return query, nil +} + +func baselineSystemsCommon(c *gin.Context, account, apiver int) (*gorm.DB, *ListMeta, []string, error) { + query, err := queryBaselineSystems(c, account, apiver) + if err != nil { + return nil, nil, nil, err + } // Error handled in method itself query, meta, params, err := ListCommon(query, c, nil, BaselineSystemOpts) if err != nil { @@ -137,6 +145,12 @@ func baselineSystemsCommon(c *gin.Context, account, apiver int) (*gorm.DB, *List // @Param filter[display_name] query string false "Filter" // @Param filter[os] query string false "Filter" // @Param tags query []string false "Tag filter" +// @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" +// @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" +// @Param filter[system_profile][ansible] query string false "Filter systems by ansible" +// @Param filter[system_profile][ansible][controller_version] query string false "Filter systems by ansible version" +// @Param filter[system_profile][mssql] query string false "Filter systems by mssql version" +// @Param filter[system_profile][mssql][version] query string false "Filter systems by mssql version" // @Success 200 {object} BaselineSystemsResponse // @Failure 400 {object} utils.ErrorResponse // @Failure 404 {object} utils.ErrorResponse diff --git a/manager/controllers/baseline_systems_export.go b/manager/controllers/baseline_systems_export.go new file mode 100644 index 000000000..3873d569e --- /dev/null +++ b/manager/controllers/baseline_systems_export.go @@ -0,0 +1,62 @@ +package controllers + +import ( + "app/manager/middlewares" + "fmt" + + "github.com/gin-gonic/gin" +) + +// nolint: lll +// @Summary Export systems belonging to a baseline +// @Description Export systems applicable to a baseline +// @ID exportBaselineSystems +// @Security RhIdentity +// @Accept json +// @Produce json,text/csv +// @Param baseline_id path int true "Baseline ID" +// @Param search query string false "Find matching text" +// @Param filter[display_name] query string false "Filter" +// @Param filter[os] query string false "Filter" +// @Param tags query []string false "Tag filter" +// @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" +// @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" +// @Param filter[system_profile][ansible] query string false "Filter systems by ansible" +// @Param filter[system_profile][ansible][controller_version] query string false "Filter systems by ansible version" +// @Param filter[system_profile][mssql] query string false "Filter systems by mssql version" +// @Param filter[system_profile][mssql][version] query string false "Filter systems by mssql version" +// @Success 200 {array} BaselineSystemsDBLookup +// @Failure 400 {object} utils.ErrorResponse +// @Failure 404 {object} utils.ErrorResponse +// @Failure 415 {object} utils.ErrorResponse +// @Failure 500 {object} utils.ErrorResponse +// @Router /export/baselines/{baseline_id}/systems [get] +func BaselineSystemsExportHandler(c *gin.Context) { + account := c.GetInt(middlewares.KeyAccount) + apiver := c.GetInt(middlewares.KeyApiver) + if apiver < 3 { + err := fmt.Errorf("endpoint does not exist in v%d API, use API >= v3", apiver) + LogAndRespNotFound(c, err, err.Error()) + return + } + + query, err := queryBaselineSystems(c, account, apiver) + if err != nil { + return + } // Error handled in method itself + + query, err = ExportListCommon(query, c, BaselineSystemOpts) + if err != nil { + return + } // Error handled in method itself + + var baselineSystems BaselineSystemsDBLookupSlice + err = query.Find(&baselineSystems).Error + if err != nil { + LogAndRespError(c, err, err.Error()) + return + } + + baselineSystems.ParseAndFillTags() + OutputExportData(c, baselineSystems) +} diff --git a/manager/controllers/utils.go b/manager/controllers/utils.go index 5d1ff06b6..491c3d607 100644 --- a/manager/controllers/utils.go +++ b/manager/controllers/utils.go @@ -747,6 +747,7 @@ func systemsIDs(c *gin.Context, systems []SystemsID, meta *ListMeta) ([]string, type SystemDBLookupSlice []SystemDBLookup type AdvisorySystemDBLookupSlice []AdvisorySystemDBLookup +type BaselineSystemsDBLookupSlice []BaselineSystemsDBLookup // Parse tags from TagsStr string attribute to Tags SystemTag array attribute. // It's used in /*systems endpoints as we can not map this attribute directly from database query result. @@ -772,6 +773,18 @@ func (s *AdvisorySystemDBLookupSlice) ParseAndFillTags() { } } +// Parse tags from TagsStr string attribute to Tags SystemTag array attribute. +// It's used in /*systems endpoints as we can not map this attribute directly from database query result. +func (s *BaselineSystemsDBLookupSlice) ParseAndFillTags() { + var err error + for i, system := range *s { + (*s)[i].Tags, err = parseSystemTags(system.TagsStr) + if err != nil { + utils.LogDebug("err", err.Error(), "inventory_id", system.ID, "system tags to export parsing failed") + } + } +} + func fillAdvisoryItemAttributeReleaseVersion(advisory AdvisoryItemAttributesCommon) AdvisoryItemAttributesCommon { // parse release version from json to []strings var err error From b27869e2fedbe2408e9125dbc5120ab52bcec5b6 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 29 May 2023 17:40:54 +0200 Subject: [PATCH 040/268] SPM-2077: add tests for export baselines systems /minor --- manager/controllers/advisories_export_test.go | 3 +- .../baseline_systems_export_test.go | 126 ++++++++++++++++++ manager/controllers/systems_export_test.go | 3 +- manager/controllers/test_utils.go | 2 + 4 files changed, 130 insertions(+), 4 deletions(-) create mode 100644 manager/controllers/baseline_systems_export_test.go diff --git a/manager/controllers/advisories_export_test.go b/manager/controllers/advisories_export_test.go index c0602308c..a7878fa83 100644 --- a/manager/controllers/advisories_export_test.go +++ b/manager/controllers/advisories_export_test.go @@ -48,8 +48,7 @@ func TestAdvisoriesExportWrongFormat(t *testing.T) { assert.Equal(t, http.StatusUnsupportedMediaType, w.Code) body := w.Body.String() - exp := `{"error":"Invalid content type 'test-format', use 'application/json' or 'text/csv'"}` - assert.Equal(t, exp, body) + assert.Equal(t, InvalidContentTypeErr, body) } func TestAdvisoriesExportCSVFilter(t *testing.T) { diff --git a/manager/controllers/baseline_systems_export_test.go b/manager/controllers/baseline_systems_export_test.go new file mode 100644 index 000000000..d65d1f474 --- /dev/null +++ b/manager/controllers/baseline_systems_export_test.go @@ -0,0 +1,126 @@ +package controllers + +import ( + "app/base/core" + "app/base/utils" + "fmt" + "net/http" + "strings" + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestBaselineSystemsExportJSON(t *testing.T) { + core.SetupTest(t) + w := CreateRequestRouterWithPath("GET", "/1/systems", nil, "application/json", BaselineSystemsExportHandler, + "/:baseline_id/systems") + + var output []BaselineSystemsDBLookup + CheckResponse(t, w, http.StatusOK, &output) + assert.Equal(t, 2, len(output)) + + assert.Equal(t, "00000000-0000-0000-0000-000000000001", output[0].ID) + assert.Equal(t, "00000000-0000-0000-0000-000000000001", output[0].DisplayName) + assert.Equal(t, "RHEL 8.10", output[0].OS) + assert.Equal(t, "8.10", output[0].Rhsm) + assert.Equal(t, 2, output[0].InstallableRhsaCount) + assert.Equal(t, 2, output[0].InstallableRhbaCount) + assert.Equal(t, 1, output[0].InstallableRheaCount) + assert.Equal(t, 0, output[0].InstallableOtherCount) + assert.Equal(t, 2, output[0].ApplicableRhsaCount) + assert.Equal(t, 3, output[0].ApplicableRhbaCount) + assert.Equal(t, 3, output[0].ApplicableRheaCount) + assert.Equal(t, 0, output[0].ApplicableOtherCount) + assert.Equal(t, "00000000-0000-0000-0000-000000000002", output[1].ID) + assert.Equal(t, "00000000-0000-0000-0000-000000000002", output[1].DisplayName) +} + +func TestBaselineSystemsExportCSV(t *testing.T) { + core.SetupTest(t) + w := CreateRequestRouterWithPath("GET", "/1/systems", nil, "text/csv", BaselineSystemsExportHandler, + "/:baseline_id/systems") + + assert.Equal(t, http.StatusOK, w.Code) + body := w.Body.String() + lines := strings.Split(body, "\n") + + assert.Equal(t, 4, len(lines)) + assert.Equal(t, + "id,display_name,os,rhsm,installable_rhsa_count,installable_rhba_count,installable_rhea_count,"+ + "installable_other_count,applicable_rhsa_count,applicable_rhba_count,applicable_rhea_count,"+ + "applicable_other_count,tags,last_upload", + lines[0]) + + assert.Equal(t, "00000000-0000-0000-0000-000000000001,00000000-0000-0000-0000-000000000001,RHEL 8.10,"+ + "8.10,2,2,1,0,2,3,3,0,\"[{'key':'k1','namespace':'ns1','value':'val1'},"+ + "{'key':'k2','namespace':'ns1','value':'val2'}]\",2020-09-22T16:00:00Z", + lines[1]) +} + +func TestBaselineSystemsExportWrongFormat(t *testing.T) { + core.SetupTest(t) + w := CreateRequestRouterWithPath("GET", "/1/systems", nil, "test-format", BaselineSystemsExportHandler, + "/:baseline_id/systems") + + assert.Equal(t, http.StatusUnsupportedMediaType, w.Code) + body := w.Body.String() + assert.Equal(t, InvalidContentTypeErr, body) +} + +func TestBaselineSystemsExportCSVFilter(t *testing.T) { + core.SetupTest(t) + w := CreateRequestRouterWithPath("GET", "/1/systems?filter[display_name]=nonexistant", nil, "text/csv", + BaselineSystemsExportHandler, "/:baseline_id/systems") + + assert.Equal(t, http.StatusOK, w.Code) + body := w.Body.String() + lines := strings.Split(body, "\n") + + assert.Equal(t, + "id,display_name,os,rhsm,installable_rhsa_count,installable_rhba_count,installable_rhea_count,"+ + "installable_other_count,applicable_rhsa_count,applicable_rhba_count,applicable_rhea_count,"+ + "applicable_other_count,tags,last_upload", + lines[0]) + assert.Equal(t, "", lines[1]) +} + +func TestExportBaselineSystemsTags(t *testing.T) { + core.SetupTest(t) + w := CreateRequestRouterWithPath("GET", "/1/systems?tags=ns1/k2=val2", nil, "application/json", + BaselineSystemsExportHandler, "/:baseline_id/systems") + + var output []BaselineSystemsDBLookup + CheckResponse(t, w, http.StatusOK, &output) + + assert.Equal(t, 2, len(output)) + assert.Equal(t, "00000000-0000-0000-0000-000000000001", output[0].ID) +} + +func TestExportBaselineSystemsTagsInvalid(t *testing.T) { + core.SetupTest(t) + w := CreateRequestRouterWithPath("GET", "/1/systems?tags=ns1/k3=val4&tags=invalidTag", nil, "application/json", + BaselineSystemsExportHandler, "/:baseline_id/systems") + + var errResp utils.ErrorResponse + CheckResponse(t, w, http.StatusBadRequest, &errResp) + assert.Equal(t, fmt.Sprintf(InvalidTagMsg, "invalidTag"), errResp.Error) +} + +func TestBaselineSystemsExportWorkloads(t *testing.T) { + core.SetupTest(t) + w := CreateRequestRouterWithPath( + "GET", + "/1/systems?filter[system_profile][sap_system]=true&filter[system_profile][sap_sids][in][]=ABC", + nil, + "application/json", + BaselineSystemsExportHandler, + "/:baseline_id/systems", + ) + + var output []BaselineSystemsDBLookup + CheckResponse(t, w, http.StatusOK, &output) + + assert.Equal(t, 2, len(output)) + assert.Equal(t, "00000000-0000-0000-0000-000000000001", output[0].ID) +} diff --git a/manager/controllers/systems_export_test.go b/manager/controllers/systems_export_test.go index 79cd21477..62f314c3b 100644 --- a/manager/controllers/systems_export_test.go +++ b/manager/controllers/systems_export_test.go @@ -63,8 +63,7 @@ func TestSystemsExportWrongFormat(t *testing.T) { assert.Equal(t, http.StatusUnsupportedMediaType, w.Code) body := w.Body.String() - exp := `{"error":"Invalid content type 'test-format', use 'application/json' or 'text/csv'"}` - assert.Equal(t, exp, body) + assert.Equal(t, InvalidContentTypeErr, body) } func TestSystemsExportCSVFilter(t *testing.T) { diff --git a/manager/controllers/test_utils.go b/manager/controllers/test_utils.go index ce5ea0c40..aec8ebdba 100644 --- a/manager/controllers/test_utils.go +++ b/manager/controllers/test_utils.go @@ -7,6 +7,8 @@ import ( "github.com/stretchr/testify/assert" ) +const InvalidContentTypeErr = `{"error":"Invalid content type 'test-format', use 'application/json' or 'text/csv'"}` + func ParseResponseBody(t *testing.T, bytes []byte, out interface{}) { err := json.Unmarshal(bytes, out) assert.Nil(t, err, string(bytes)) From 7b4fb806a444c035148eeac9b77bad11fb09875e Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Tue, 30 May 2023 08:54:01 +0000 Subject: [PATCH 041/268] v3.2.0 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index b0fd70e3e..6d260c3af 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.1.43 +v3.2.0 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index f59b212e0..f507cdc9a 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -542,7 +542,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.1.43} +- {name: IMAGE_TAG_MANAGER, value: v3.2.0} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -565,7 +565,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.1.43} +- {name: IMAGE_TAG_LISTENER, value: v3.2.0} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -583,7 +583,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.1.43} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.2.0} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -608,7 +608,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.1.43} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.2.0} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -631,7 +631,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.1.43} +- {name: IMAGE_TAG_JOBS, value: v3.2.0} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -677,7 +677,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.1.43} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.2.0} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -707,7 +707,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.1.43} +- {name: IMAGE_TAG_ADMIN, value: v3.2.0} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index aee503704..a4e103c38 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.43" + "version": "v3.2.0" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 1e6579e1b..625391cfe 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.1.43" + "version": "v3.2.0" }, "servers": [ { From ca1429e7bc52cd82e1d9c18ae46dd8f3b97be914 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Tue, 30 May 2023 16:30:47 +0200 Subject: [PATCH 042/268] SPM-2077: add route for baseline systems export handler --- manager/routes/routes.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/manager/routes/routes.go b/manager/routes/routes.go index 1e5982cd9..0e11de692 100644 --- a/manager/routes/routes.go +++ b/manager/routes/routes.go @@ -58,6 +58,9 @@ func InitAPI(api *gin.RouterGroup, config docs.EndpointsConfig) { // nolint: fun export.GET("/packages", controllers.PackagesExportHandler) export.GET("/packages/:package_name/systems", controllers.PackageSystemsExportHandler) + if config.EnableBaselines { + export.GET("/baselines/:baseline_id/systems", controllers.BaselineSystemsExportHandler) + } views := api.Group("/views") views.POST("/systems/advisories", controllers.PostSystemsAdvisories) From b3353b937b09534d14ae96f9b48201e0e01e9da2 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Tue, 30 May 2023 14:55:50 +0200 Subject: [PATCH 043/268] SPM-2079: fix invalid sort/filter options in Advisories spec --- docs/v3/openapi.json | 13 +++---------- manager/controllers/advisories.go | 3 +-- 2 files changed, 4 insertions(+), 12 deletions(-) diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 625391cfe..433eb1827 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -46,10 +46,11 @@ "type": "string", "enum": [ "id", - "name", - "advisory_type", + "advisory_type_name", "synopsis", "public_date", + "severity", + "installable_systems", "applicable_systems" ] } @@ -94,14 +95,6 @@ "type": "string" } }, - { - "name": "filter[advisory_type]", - "in": "query", - "description": "Filter", - "schema": { - "type": "string" - } - }, { "name": "filter[advisory_type_name]", "in": "query", diff --git a/manager/controllers/advisories.go b/manager/controllers/advisories.go index d0404e70c..0139a77a6 100644 --- a/manager/controllers/advisories.go +++ b/manager/controllers/advisories.go @@ -148,13 +148,12 @@ func advisoriesCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error) { // @Produce json // @Param limit query int false "Limit for paging, set -1 to return all" // @Param offset query int false "Offset for paging" -// @Param sort query string false "Sort field" Enums(id,name,advisory_type,synopsis,public_date,applicable_systems) +// @Param sort query string false "Sort field" Enums(id,advisory_type_name,synopsis,public_date,severity,installable_systems,applicable_systems) // @Param search query string false "Find matching text" // @Param filter[id] query string false "Filter " // @Param filter[description] query string false "Filter" // @Param filter[public_date] query string false "Filter" // @Param filter[synopsis] query string false "Filter" -// @Param filter[advisory_type] query string false "Filter" // @Param filter[advisory_type_name] query string false "Filter" // @Param filter[severity] query string false "Filter" // @Param filter[installable_systems] query string false "Filter" From 3b0b343c1fb596768044ce1f0b93f9f721951899 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Wed, 31 May 2023 14:54:36 +0000 Subject: [PATCH 044/268] v3.2.1 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 6d260c3af..040943e56 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.2.0 +v3.2.1 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index f507cdc9a..3640621f0 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -542,7 +542,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.2.0} +- {name: IMAGE_TAG_MANAGER, value: v3.2.1} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -565,7 +565,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.2.0} +- {name: IMAGE_TAG_LISTENER, value: v3.2.1} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -583,7 +583,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.2.0} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.2.1} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -608,7 +608,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.2.0} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.2.1} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -631,7 +631,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.2.0} +- {name: IMAGE_TAG_JOBS, value: v3.2.1} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -677,7 +677,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.2.0} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.2.1} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -707,7 +707,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.2.0} +- {name: IMAGE_TAG_ADMIN, value: v3.2.1} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index a4e103c38..7b3e79395 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.2.0" + "version": "v3.2.1" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 433eb1827..b8e0d2d52 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.2.0" + "version": "v3.2.1" }, "servers": [ { From 2c48a453ad2b5350ca9abb1dcd408fa1b06c31ba Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Thu, 1 Jun 2023 11:47:30 +0200 Subject: [PATCH 045/268] lower garbage collection limit for evaluators slow garbage collection causes evaluator restarts --- deploy/clowdapp.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 3640621f0..96df82f15 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -232,6 +232,7 @@ objects: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: '${ENABLE_INSTANT_NOTIFICATIONS}'} - {name: USE_VMAAS_GO, value: '${USE_VMAAS_GO}'} - {name: SSL_CERT_DIR, value: '${SSL_CERT_DIR}'} + - {name: GOGC, value: '${GOGC}'} # set garbage collection limit for go 1.18 resources: limits: {cpu: '${RES_LIMIT_CPU_EVALUATOR_UPLOAD}', memory: '${RES_LIMIT_MEM_EVALUATOR_UPLOAD}'} requests: {cpu: '${RES_REQUEST_CPU_EVALUATOR_UPLOAD}', memory: '${RES_REQUEST_MEM_EVALUATOR_UPLOAD}'} @@ -297,6 +298,7 @@ objects: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: '${ENABLE_INSTANT_NOTIFICATIONS}'} - {name: USE_VMAAS_GO, value: '${USE_VMAAS_GO}'} - {name: SSL_CERT_DIR, value: '${SSL_CERT_DIR}'} + - {name: GOGC, value: '${GOGC}'} # set garbage collection limit for go 1.18 resources: limits: {cpu: '${RES_LIMIT_CPU_EVALUATOR_RECALC}', memory: '${RES_LIMIT_MEM_EVALUATOR_RECALC}'} requests: {cpu: '${RES_REQUEST_CPU_EVALUATOR_RECALC}', memory: '${RES_REQUEST_MEM_EVALUATOR_RECALC}'} @@ -580,6 +582,7 @@ parameters: # Evaluator - {name: USE_VMAAS_GO, value: 'false'} +- {name: GOGC, value: '25'} # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} From 21ba8d9462970a7cfec992867ffba9f920748f94 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Thu, 1 Jun 2023 11:14:56 +0000 Subject: [PATCH 046/268] v3.2.2 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 040943e56..b57c3c66f 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.2.1 +v3.2.2 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 96df82f15..1e8bbb473 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -544,7 +544,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.2.1} +- {name: IMAGE_TAG_MANAGER, value: v3.2.2} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -567,7 +567,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.2.1} +- {name: IMAGE_TAG_LISTENER, value: v3.2.2} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -586,7 +586,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.2.1} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.2.2} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -611,7 +611,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.2.1} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.2.2} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -634,7 +634,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.2.1} +- {name: IMAGE_TAG_JOBS, value: v3.2.2} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -680,7 +680,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.2.1} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.2.2} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -710,7 +710,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.2.1} +- {name: IMAGE_TAG_ADMIN, value: v3.2.2} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 7b3e79395..3945af80c 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.2.1" + "version": "v3.2.2" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index b8e0d2d52..9d0b9c8ca 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.2.1" + "version": "v3.2.2" }, "servers": [ { From bae58cc938d9ad422a6746c858cb125a8d9a35bf Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Thu, 1 Jun 2023 13:45:26 +0200 Subject: [PATCH 047/268] SPM-2080: include status in system-advisory /ids --- docs/v3/openapi.json | 32 +++++++++++++++++-- manager/controllers/advisory_systems.go | 12 ++++--- manager/controllers/advisory_systems_test.go | 5 ++- manager/controllers/advisory_systems_v3.go | 31 ++++++++++++++++++ manager/controllers/structures.go | 12 +++++++ manager/controllers/system_advisories.go | 17 +++++++--- manager/controllers/system_advisories_test.go | 10 ++++-- manager/controllers/utils.go | 16 ++++++++++ 8 files changed, 122 insertions(+), 13 deletions(-) diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 9d0b9c8ca..d72800a33 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -3017,7 +3017,7 @@ "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/controllers.IDsResponse" + "$ref": "#/components/schemas/controllers.IDsStatusResponse" } } } @@ -3740,7 +3740,7 @@ "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/controllers.IDsResponse" + "$ref": "#/components/schemas/controllers.IDsStatusResponse" } } } @@ -5876,6 +5876,17 @@ } } }, + "controllers.IDStatus": { + "type": "object", + "properties": { + "id": { + "type": "string" + }, + "status": { + "type": "string" + } + } + }, "controllers.IDsResponse": { "type": "object", "properties": { @@ -5887,6 +5898,23 @@ } } }, + "controllers.IDsStatusResponse": { + "type": "object", + "properties": { + "data": { + "type": "array", + "items": { + "$ref": "#/components/schemas/controllers.IDStatus" + } + }, + "ids": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, "controllers.Links": { "type": "object", "properties": { diff --git a/manager/controllers/advisory_systems.go b/manager/controllers/advisory_systems.go index 7e15fec52..c599058d6 100644 --- a/manager/controllers/advisory_systems.go +++ b/manager/controllers/advisory_systems.go @@ -175,29 +175,33 @@ func advisorySystemsListHandler(c *gin.Context) { // @Param filter[system_profile][ansible][controller_version] query string false "Filter systems by ansible version" // @Param filter[system_profile][mssql] query string false "Filter systems by mssql version" // @Param filter[system_profile][mssql][version] query string false "Filter systems by mssql version" -// @Success 200 {object} IDsResponse +// @Success 200 {object} IDsStatusResponse // @Failure 400 {object} utils.ErrorResponse // @Failure 404 {object} utils.ErrorResponse // @Failure 500 {object} utils.ErrorResponse // @Router /ids/advisories/{advisory_id}/systems [get] func AdvisorySystemsListIDsHandler(c *gin.Context) { + apiver := c.GetInt(middlewares.KeyApiver) query, meta, _, err := advisorySystemsCommon(c) if err != nil { return } // Error handled in method itself - var sids []SystemsID + var sids []SystemsStatusID if err = query.Scan(&sids).Error; err != nil { LogAndRespError(c, err, "database error") return } - ids, err := systemsIDs(c, sids, meta) + resp, err := systemsIDsStatus(c, sids, meta) if err != nil { return // Error handled in method itself } - var resp = IDsResponse{IDs: ids} + if apiver < 3 { + c.JSON(http.StatusOK, &resp.IDsResponse) + return + } c.JSON(http.StatusOK, &resp) } diff --git a/manager/controllers/advisory_systems_test.go b/manager/controllers/advisory_systems_test.go index 1762681a2..27b250c54 100644 --- a/manager/controllers/advisory_systems_test.go +++ b/manager/controllers/advisory_systems_test.go @@ -36,10 +36,13 @@ func TestAdvisorySystemsIDsDefault(t *testing.T) { //nolint:dupl core.SetupTest(t) w := CreateRequestRouterWithPath("GET", "/RH-1", nil, "", AdvisorySystemsListIDsHandler, "/:advisory_id") - var output IDsResponse + var output IDsStatusResponse CheckResponse(t, w, http.StatusOK, &output) assert.Equal(t, 6, len(output.IDs)) assert.Equal(t, "00000000-0000-0000-0000-000000000001", output.IDs[0]) + assert.Equal(t, 6, len(output.Data)) + assert.Equal(t, "00000000-0000-0000-0000-000000000001", output.Data[0].ID) + assert.Equal(t, "Installable", output.Data[0].Status) } func TestAdvisorySystemsNotFound(t *testing.T) { //nolint:dupl diff --git a/manager/controllers/advisory_systems_v3.go b/manager/controllers/advisory_systems_v3.go index a33cb9d50..58ce1a023 100644 --- a/manager/controllers/advisory_systems_v3.go +++ b/manager/controllers/advisory_systems_v3.go @@ -6,6 +6,7 @@ import ( "net/http" "github.com/gin-gonic/gin" + "github.com/pkg/errors" ) var AdvisorySystemsFields = database.MustGetQueryAttrs(&AdvisorySystemDBLookup{}) @@ -43,6 +44,11 @@ type AdvisorySystemItemAttributes struct { SystemAdvisoryStatus } +type SystemsStatusID struct { + SystemsID + SystemAdvisoryStatus +} + var AdvisorySystemOptsV3 = ListOpts{ Fields: AdvisorySystemsFields, // By default, we show only fresh systems. If all systems are required, you must pass in:true,false filter into the api @@ -104,3 +110,28 @@ func buildAdvisorySystemsData(fields []AdvisorySystemDBLookup) ([]AdvisorySystem } return data, total } + +func systemsIDsStatus(c *gin.Context, systems []SystemsStatusID, meta *ListMeta) (IDsStatusResponse, error) { + var total int + resp := IDsStatusResponse{} + if len(systems) > 0 { + total = systems[0].Total + } + if meta.Offset > total { + err := errors.New("Offset") + LogAndRespBadRequest(c, err, InvalidOffsetMsg) + return resp, err + } + if systems == nil { + return resp, nil + } + ids := make([]string, len(systems)) + data := make([]IDStatus, len(systems)) + for i, x := range systems { + ids[i] = x.ID + data[i] = IDStatus{x.ID, x.Status} + } + resp.IDs = ids + resp.Data = data + return resp, nil +} diff --git a/manager/controllers/structures.go b/manager/controllers/structures.go index 5bab1afdf..c76ef352a 100644 --- a/manager/controllers/structures.go +++ b/manager/controllers/structures.go @@ -36,3 +36,15 @@ type ListMeta struct { type IDsResponse struct { IDs []string `json:"ids"` } + +type IDStatus struct { + ID string `json:"id"` + Status string `json:"status"` +} + +type IDsStatusResponse struct { + Data []IDStatus `json:"data"` + // backward compatibility + // TODO: delete later once UI is using only the new `data` field + IDsResponse +} diff --git a/manager/controllers/system_advisories.go b/manager/controllers/system_advisories.go index c2b6e4b64..6c86d1f8d 100644 --- a/manager/controllers/system_advisories.go +++ b/manager/controllers/system_advisories.go @@ -52,6 +52,11 @@ type SystemAdvisoriesResponse struct { Meta ListMeta `json:"meta"` } +type AdvisoryStatusID struct { + AdvisoryID + SystemAdvisoryStatus +} + func (v RelList) String() string { return strings.Join(v, ",") } @@ -161,25 +166,29 @@ func SystemAdvisoriesHandler(c *gin.Context) { // @Param filter[advisory_type] query string false "Filter" // @Param filter[advisory_type_name] query string false "Filter" // @Param filter[severity] query string false "Filter" -// @Success 200 {object} IDsResponse +// @Success 200 {object} IDsStatusResponse // @Failure 400 {object} utils.ErrorResponse // @Failure 404 {object} utils.ErrorResponse // @Failure 500 {object} utils.ErrorResponse // @Router /ids/systems/{inventory_id}/advisories [get] func SystemAdvisoriesIDsHandler(c *gin.Context) { + apiver := c.GetInt(middlewares.KeyApiver) query, _, _, err := systemAdvisoriesCommon(c) if err != nil { return } // Error handled in method itself - var aids []AdvisoryID + var aids []AdvisoryStatusID err = query.Find(&aids).Error if err != nil { LogAndRespError(c, err, "db error") } - ids := advisoriesIDs(aids) - var resp = IDsResponse{IDs: ids} + resp := advisoriesStatusIDs(aids) + if apiver < 3 { + c.JSON(http.StatusOK, &resp.IDsResponse) + return + } c.JSON(http.StatusOK, &resp) } diff --git a/manager/controllers/system_advisories_test.go b/manager/controllers/system_advisories_test.go index 4208515d2..0236b89ee 100644 --- a/manager/controllers/system_advisories_test.go +++ b/manager/controllers/system_advisories_test.go @@ -36,10 +36,13 @@ func TestSystemAdvisoriesIDsDefault(t *testing.T) { w := CreateRequestRouterWithPath("GET", "/00000000-0000-0000-0000-000000000001", nil, "", SystemAdvisoriesIDsHandler, "/:inventory_id") - var output IDsResponse + var output IDsStatusResponse CheckResponse(t, w, http.StatusOK, &output) assert.Equal(t, 8, len(output.IDs)) assert.Equal(t, "RH-7", output.IDs[0]) + assert.Equal(t, 8, len(output.Data)) + assert.Equal(t, "RH-7", output.Data[0].ID) + assert.Equal(t, "Applicable", output.Data[0].Status) } func TestSystemAdvisoriesNotFound(t *testing.T) { //nolint:dupl @@ -74,10 +77,13 @@ func TestSystemAdvisoriesIDsOffsetLimit(t *testing.T) { w := CreateRequestRouterWithPath("GET", "/00000000-0000-0000-0000-000000000001?offset=4&limit=3", nil, "", SystemAdvisoriesIDsHandler, "/:inventory_id") - var output IDsResponse + var output IDsStatusResponse CheckResponse(t, w, http.StatusOK, &output) assert.Equal(t, 3, len(output.IDs)) assert.Equal(t, "RH-1", output.IDs[0]) + assert.Equal(t, 3, len(output.Data)) + assert.Equal(t, "RH-1", output.Data[0].ID) + assert.Equal(t, "Installable", output.Data[0].Status) } func TestSystemAdvisoriesOffsetOverflow(t *testing.T) { diff --git a/manager/controllers/utils.go b/manager/controllers/utils.go index 491c3d607..12e6e4293 100644 --- a/manager/controllers/utils.go +++ b/manager/controllers/utils.go @@ -725,6 +725,22 @@ func advisoriesIDs(advisories []AdvisoryID) []string { return ids } +func advisoriesStatusIDs(advisories []AdvisoryStatusID) IDsStatusResponse { + resp := IDsStatusResponse{} + if advisories == nil { + return resp + } + ids := make([]string, len(advisories)) + data := make([]IDStatus, len(advisories)) + for i, x := range advisories { + ids[i] = x.ID + data[i] = IDStatus{x.ID, x.Status} + } + resp.IDs = ids + resp.Data = data + return resp +} + func systemsIDs(c *gin.Context, systems []SystemsID, meta *ListMeta) ([]string, error) { var total int if len(systems) > 0 { From be1dafbe5b3af1d450b980d448cced2f6b4c5826 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Thu, 1 Jun 2023 12:38:40 +0000 Subject: [PATCH 048/268] v3.2.3 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index b57c3c66f..510336928 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.2.2 +v3.2.3 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 1e8bbb473..ae411e2d1 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -544,7 +544,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.2.2} +- {name: IMAGE_TAG_MANAGER, value: v3.2.3} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -567,7 +567,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.2.2} +- {name: IMAGE_TAG_LISTENER, value: v3.2.3} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -586,7 +586,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.2.2} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.2.3} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -611,7 +611,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.2.2} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.2.3} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -634,7 +634,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.2.2} +- {name: IMAGE_TAG_JOBS, value: v3.2.3} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -680,7 +680,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.2.2} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.2.3} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -710,7 +710,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.2.2} +- {name: IMAGE_TAG_ADMIN, value: v3.2.3} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 3945af80c..fd1590d48 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.2.2" + "version": "v3.2.3" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index d72800a33..62bb659ff 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.2.2" + "version": "v3.2.3" }, "servers": [ { From bf83b9137bd7df92689511e0e18942f9e2689843 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Thu, 1 Jun 2023 15:04:21 +0200 Subject: [PATCH 049/268] use go 1.19 to take advantage of better memory management --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index d8fa12c26..4284333da 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module app -go 1.18 +go 1.19 require ( github.com/aws/aws-sdk-go v1.44.116 From 57068ad946808be7877ff3e855a8b751185a3d7b Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Thu, 1 Jun 2023 13:47:47 +0000 Subject: [PATCH 050/268] v3.2.4 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 510336928..293fbd1e2 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.2.3 +v3.2.4 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index ae411e2d1..50fc90bda 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -544,7 +544,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.2.3} +- {name: IMAGE_TAG_MANAGER, value: v3.2.4} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -567,7 +567,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.2.3} +- {name: IMAGE_TAG_LISTENER, value: v3.2.4} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -586,7 +586,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.2.3} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.2.4} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -611,7 +611,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.2.3} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.2.4} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -634,7 +634,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.2.3} +- {name: IMAGE_TAG_JOBS, value: v3.2.4} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -680,7 +680,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.2.3} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.2.4} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -710,7 +710,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.2.3} +- {name: IMAGE_TAG_ADMIN, value: v3.2.4} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index fd1590d48..7386df4a0 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.2.3" + "version": "v3.2.4" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 62bb659ff..247ce992f 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.2.3" + "version": "v3.2.4" }, "servers": [ { From 66aace2f99614d67c74129d3b46fc66e886363cb Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Wed, 19 Apr 2023 10:47:10 +0200 Subject: [PATCH 051/268] fix systemID type --- base/database/utils.go | 2 +- evaluator/evaluate_advisories.go | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/base/database/utils.go b/base/database/utils.go index 7f04bb757..ad681bdf2 100644 --- a/base/database/utils.go +++ b/base/database/utils.go @@ -57,7 +57,7 @@ func SystemAdvisoriesByInventoryID(tx *gorm.DB, accountID int, inventoryID strin return SystemAdvisories(tx, accountID).Where("sp.inventory_id = ?::uuid", inventoryID) } -func SystemAdvisoriesBySystemID(tx *gorm.DB, accountID, systemID int) *gorm.DB { +func SystemAdvisoriesBySystemID(tx *gorm.DB, accountID int, systemID int64) *gorm.DB { query := systemAdvisoriesQuery(tx, accountID).Where("sp.id = ?", systemID) return query } diff --git a/evaluator/evaluate_advisories.go b/evaluator/evaluate_advisories.go index f9df75c2b..7575ac01d 100644 --- a/evaluator/evaluate_advisories.go +++ b/evaluator/evaluate_advisories.go @@ -47,7 +47,7 @@ func processSystemAdvisories(tx *gorm.DB, system *models.SystemPlatform, vmaasDa defer utils.ObserveSecondsSince(tStart, evaluationPartDuration.WithLabelValues("advisories-processing")) reported := getReportedAdvisories(vmaasData) - oldSystemAdvisories, err := getStoredAdvisoriesMap(tx, system.RhAccountID, int(system.ID)) + oldSystemAdvisories, err := getStoredAdvisoriesMap(tx, system.RhAccountID, system.ID) if err != nil { return nil, nil, nil, errors.Wrap(err, "Unable to get system stored advisories") } @@ -98,7 +98,7 @@ func storeAdvisoryData(tx *gorm.DB, system *models.SystemPlatform, return newSystemAdvisories, nil } -func getStoredAdvisoriesMap(tx *gorm.DB, accountID, systemID int) (map[string]models.SystemAdvisories, error) { +func getStoredAdvisoriesMap(tx *gorm.DB, accountID int, systemID int64) (map[string]models.SystemAdvisories, error) { var advisories []models.SystemAdvisories err := database.SystemAdvisoriesBySystemID(tx, accountID, systemID).Preload("Advisory").Find(&advisories).Error if err != nil { From b5bd5b80db6e648f013399ef694ffd83af8c4647 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Thu, 25 May 2023 13:37:29 +0200 Subject: [PATCH 052/268] SPM-1915: read status table into memory --- evaluator/evaluate.go | 1 + evaluator/evaluate_advisories.go | 5 ----- evaluator/status.go | 26 ++++++++++++++++++++++++++ evaluator/status_test.go | 18 ++++++++++++++++++ 4 files changed, 45 insertions(+), 5 deletions(-) create mode 100644 evaluator/status.go create mode 100644 evaluator/status_test.go diff --git a/evaluator/evaluate.go b/evaluator/evaluate.go index 2db1c2119..f799f58b0 100644 --- a/evaluator/evaluate.go +++ b/evaluator/evaluate.go @@ -99,6 +99,7 @@ func configure() { enableInstantNotifications = utils.GetBoolEnvOrDefault("ENABLE_INSTANT_NOTIFICATIONS", true) configureRemediations() configureNotifications() + configureStatus() } func Evaluate(ctx context.Context, event *mqueue.PlatformEvent, inventoryID, evaluationType string) error { diff --git a/evaluator/evaluate_advisories.go b/evaluator/evaluate_advisories.go index 7575ac01d..1f12308be 100644 --- a/evaluator/evaluate_advisories.go +++ b/evaluator/evaluate_advisories.go @@ -12,11 +12,6 @@ import ( "gorm.io/gorm/clause" ) -const ( - INSTALLABLE = 0 - APPLICABLE = 1 -) - func analyzeAdvisories(tx *gorm.DB, system *models.SystemPlatform, vmaasData *vmaas.UpdatesV2Response) ( SystemAdvisoryMap, error) { if !enableAdvisoryAnalysis { diff --git a/evaluator/status.go b/evaluator/status.go new file mode 100644 index 000000000..a15d2b282 --- /dev/null +++ b/evaluator/status.go @@ -0,0 +1,26 @@ +package evaluator + +import "app/base/database" + +var STATUS = make(map[int]string, 2) + +const INSTALLABLE = 0 +const APPLICABLE = 1 + +type statusRow struct { + ID int + Name string +} + +func configureStatus() { + var rows []statusRow + + err := database.Db.Table("status s").Select("id, name").Scan(&rows).Error + if err != nil { + panic(err) + } + + for _, r := range rows { + STATUS[r.ID] = r.Name + } +} diff --git a/evaluator/status_test.go b/evaluator/status_test.go new file mode 100644 index 000000000..6fa0ecbf9 --- /dev/null +++ b/evaluator/status_test.go @@ -0,0 +1,18 @@ +package evaluator + +import ( + "app/base/core" + "app/base/utils" + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestStatus(t *testing.T) { + utils.SkipWithoutDB(t) + core.SetupTestEnvironment() + configureStatus() + + assert.Equal(t, "Installable", STATUS[INSTALLABLE]) + assert.Equal(t, "Applicable", STATUS[APPLICABLE]) +} From 97109b9b60777356e52a8d7fc24fd61c41821d57 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Thu, 25 May 2023 14:06:52 +0200 Subject: [PATCH 053/268] SPM-1915: write status into package.update_data during evaluation --- base/models/models.go | 1 + docs/v3/openapi.json | 3 +++ evaluator/evaluate_packages.go | 18 ++++++++++++++++-- 3 files changed, 20 insertions(+), 2 deletions(-) diff --git a/base/models/models.go b/base/models/models.go index 9f5e52546..2f8df5d64 100644 --- a/base/models/models.go +++ b/base/models/models.go @@ -119,6 +119,7 @@ func (SystemPackage) TableName() string { type PackageUpdate struct { EVRA string `json:"evra"` Advisory string `json:"advisory"` + Status string `json:"status"` } type DeletedSystem struct { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 247ce992f..913664d2e 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -6693,6 +6693,9 @@ }, "evra": { "type": "string" + }, + "status": { + "type": "string" } } }, diff --git a/evaluator/evaluate_packages.go b/evaluator/evaluate_packages.go index 86558a5db..2382192d3 100644 --- a/evaluator/evaluate_packages.go +++ b/evaluator/evaluate_packages.go @@ -319,6 +319,8 @@ func updateSystemPackages(tx *gorm.DB, system *models.SystemPlatform, } func vmaasResponse2UpdateDataJSON(updateData *vmaas.UpdatesV2ResponseUpdateList) ([]byte, error) { + var latestInstallable models.PackageUpdate + var latestApplicable models.PackageUpdate uniqUpdates := make(map[models.PackageUpdate]bool) pkgUpdates := make([]models.PackageUpdate, 0, len(updateData.GetAvailableUpdates())) for _, upData := range updateData.GetAvailableUpdates() { @@ -330,16 +332,28 @@ func vmaasResponse2UpdateDataJSON(updateData *vmaas.UpdatesV2ResponseUpdateList) } // Keep only unique entries for each update in the list pkgUpdate := models.PackageUpdate{ - EVRA: upNevra.EVRAString(), Advisory: upData.GetErratum(), + EVRA: upNevra.EVRAString(), Advisory: upData.GetErratum(), Status: STATUS[upData.StatusID], } if !uniqUpdates[pkgUpdate] { pkgUpdates = append(pkgUpdates, pkgUpdate) uniqUpdates[pkgUpdate] = true + switch upData.StatusID { + case INSTALLABLE: + latestInstallable = pkgUpdate + case APPLICABLE: + latestApplicable = pkgUpdate + } } } if prunePackageLatestOnly && len(pkgUpdates) > 1 { - pkgUpdates = pkgUpdates[len(pkgUpdates)-1:] + pkgUpdates = make([]models.PackageUpdate, 0, 2) + if latestInstallable.EVRA != "" { + pkgUpdates = append(pkgUpdates, latestInstallable) + } + if latestApplicable.EVRA != "" { + pkgUpdates = append(pkgUpdates, latestApplicable) + } } var updateDataJSON []byte From 32e17f1e964e6a876efbd75f223d963ab69e6df4 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Mon, 29 May 2023 14:56:28 +0200 Subject: [PATCH 054/268] SPM-1915: db function to display package upgrade status --- .../migrations/109_update_status.down.sql | 1 + .../migrations/109_update_status.up.sql | 18 ++++++++++++++++ database_admin/schema/create_schema.sql | 21 ++++++++++++++++++- 3 files changed, 39 insertions(+), 1 deletion(-) create mode 100644 database_admin/migrations/109_update_status.down.sql create mode 100644 database_admin/migrations/109_update_status.up.sql diff --git a/database_admin/migrations/109_update_status.down.sql b/database_admin/migrations/109_update_status.down.sql new file mode 100644 index 000000000..ab9cc9fe0 --- /dev/null +++ b/database_admin/migrations/109_update_status.down.sql @@ -0,0 +1 @@ +DROP FUNCTION IF EXISTS update_status(update_data jsonb); diff --git a/database_admin/migrations/109_update_status.up.sql b/database_admin/migrations/109_update_status.up.sql new file mode 100644 index 000000000..a68baeeea --- /dev/null +++ b/database_admin/migrations/109_update_status.up.sql @@ -0,0 +1,18 @@ +CREATE OR REPLACE FUNCTION update_status(update_data jsonb) + RETURNS TEXT as +$$ +DECLARE + len int; +BEGIN + len = jsonb_array_length(update_data); + IF len IS NULL or len = 0 THEN + RETURN 'None'; + END IF; + len = jsonb_array_length(jsonb_path_query_array(update_data, '$ ? (@.status == "Installable")')); + IF len > 0 THEN + RETURN 'Installable'; + END IF; + RETURN 'Applicable'; +END; +$$ LANGUAGE 'plpgsql'; + diff --git a/database_admin/schema/create_schema.sql b/database_admin/schema/create_schema.sql index 772087ea4..53bbecb73 100644 --- a/database_admin/schema/create_schema.sql +++ b/database_admin/schema/create_schema.sql @@ -7,7 +7,7 @@ CREATE TABLE IF NOT EXISTS schema_migrations INSERT INTO schema_migrations -VALUES (108, false); +VALUES (109, false); -- --------------------------------------------------------------------------- -- Functions @@ -600,6 +600,25 @@ END; $$ LANGUAGE plpgsql; +CREATE OR REPLACE FUNCTION update_status(update_data jsonb) + RETURNS TEXT as +$$ +DECLARE + len int; +BEGIN + len = jsonb_array_length(update_data); + IF len IS NULL or len = 0 THEN + RETURN 'None'; + END IF; + len = jsonb_array_length(jsonb_path_query_array(update_data, '$ ? (@.status == "Installable")')); + IF len > 0 THEN + RETURN 'Installable'; + END IF; + RETURN 'Applicable'; +END; +$$ LANGUAGE 'plpgsql'; + + -- --------------------------------------------------------------------------- -- Tables -- --------------------------------------------------------------------------- From 3d5d165acb25378eb59905afd793b9e5c5eba1eb Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Mon, 29 May 2023 14:58:01 +0200 Subject: [PATCH 055/268] SPM-1915: modify SystemPackage attributes to handle installble/applicable status --- docs/v3/openapi.json | 6 +++++ manager/controllers/system_packages.go | 22 ++++++++++++++----- manager/controllers/system_packages_export.go | 6 ++--- .../system_packages_export_test.go | 6 ++--- 4 files changed, 28 insertions(+), 12 deletions(-) diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 913664d2e..993d676ae 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -6504,6 +6504,9 @@ "updatable": { "type": "boolean" }, + "update_status": { + "type": "string" + }, "updates": { "type": "array", "items": { @@ -6532,6 +6535,9 @@ }, "updatable": { "type": "boolean" + }, + "update_status": { + "type": "string" } } }, diff --git a/manager/controllers/system_packages.go b/manager/controllers/system_packages.go index b521249a2..41a919d46 100644 --- a/manager/controllers/system_packages.go +++ b/manager/controllers/system_packages.go @@ -14,16 +14,26 @@ import ( ) // nolint: lll -type SystemPackagesAttrs struct { +type SystemPackagesAttrsCommon struct { Name string `json:"name" csv:"name" query:"pn.name" gorm:"column:name"` EVRA string `json:"evra" csv:"evra" query:"p.evra" gorm:"column:evra"` Summary string `json:"summary" csv:"summary" query:"sum.value" gorm:"column:summary"` Description string `json:"description" csv:"description" query:"descr.value" gorm:"column:description"` - Updatable bool `json:"updatable" csv:"updatable" query:"(COALESCE(json_array_length(spkg.update_data::json),0) > 0)" gorm:"column:updatable"` + Updatable bool `json:"updatable" csv:"updatable" query:"(COALESCE(jsonb_array_length(spkg.update_data),0) > 0)" gorm:"column:updatable"` +} + +type SystemPackagesAttrsV2 struct { + SystemPackagesAttrsCommon +} + +// nolint: lll +type SystemPackagesAttrsV3 struct { + SystemPackagesAttrsCommon + UpdateStatus string `json:"update_status" csv:"update_status" query:"update_status(spkg.update_data)" gorm:"column:update_status"` } type SystemPackageData struct { - SystemPackagesAttrs + SystemPackagesAttrsV3 Updates []models.PackageUpdate `json:"updates"` } type SystemPackageResponse struct { @@ -33,7 +43,7 @@ type SystemPackageResponse struct { } var SystemPackagesSelect = database.MustGetSelect(&SystemPackageDBLoad{}) -var SystemPackagesFields = database.MustGetQueryAttrs(&SystemPackagesAttrs{}) +var SystemPackagesFields = database.MustGetQueryAttrs(&SystemPackagesAttrsV3{}) var SystemPackagesOpts = ListOpts{ Fields: SystemPackagesFields, DefaultFilters: nil, @@ -43,7 +53,7 @@ var SystemPackagesOpts = ListOpts{ } type SystemPackageDBLoad struct { - SystemPackagesAttrs + SystemPackagesAttrsV3 Updates []byte `json:"updates" query:"spkg.update_data" gorm:"column:updates"` // a helper to get total number of systems MetaTotalHelper @@ -118,7 +128,7 @@ func SystemPackagesHandler(c *gin.Context) { } data := make([]SystemPackageData, len(loaded)) for i, sp := range loaded { - data[i].SystemPackagesAttrs = sp.SystemPackagesAttrs + data[i].SystemPackagesAttrsV3 = sp.SystemPackagesAttrsV3 if sp.Updates == nil { continue } diff --git a/manager/controllers/system_packages_export.go b/manager/controllers/system_packages_export.go index f082765d3..c1902ab05 100644 --- a/manager/controllers/system_packages_export.go +++ b/manager/controllers/system_packages_export.go @@ -13,7 +13,7 @@ import ( ) type SystemPackageInline struct { - SystemPackagesAttrs + SystemPackagesAttrsV3 LatestEVRA string `json:"latest_evra" csv:"latest_evra"` } @@ -77,9 +77,9 @@ func SystemPackagesExportHandler(c *gin.Context) { func convertToOutputArray(inArr *[]SystemPackageDBLoad) *[]SystemPackageInline { outData := make([]SystemPackageInline, len(*inArr)) for i, v := range *inArr { - outData[i].SystemPackagesAttrs = v.SystemPackagesAttrs + outData[i].SystemPackagesAttrsV3 = v.SystemPackagesAttrsV3 if v.Updates == nil { - outData[i].LatestEVRA = v.SystemPackagesAttrs.EVRA + outData[i].LatestEVRA = v.SystemPackagesAttrsV3.EVRA continue } var updates []models.PackageUpdate diff --git a/manager/controllers/system_packages_export_test.go b/manager/controllers/system_packages_export_test.go index 382482908..4297310e5 100644 --- a/manager/controllers/system_packages_export_test.go +++ b/manager/controllers/system_packages_export_test.go @@ -33,12 +33,12 @@ func TestSystemPackagesExportHandlerCSV(t *testing.T) { lines := strings.Split(body, "\n") assert.Equal(t, 6, len(lines)) - assert.Equal(t, "name,evra,summary,description,updatable,latest_evra", lines[0]) + assert.Equal(t, "name,evra,summary,description,updatable,update_status,latest_evra", lines[0]) assert.Equal(t, "kernel,5.6.13-200.fc31.x86_64,The Linux kernel,The kernel meta package,false,"+ - "5.6.13-200.fc31.x86_64", lines[1]) + "None,5.6.13-200.fc31.x86_64", lines[1]) assert.Equal(t, "firefox,76.0.1-1.fc31.x86_64,Mozilla Firefox Web browser,Mozilla Firefox is an "+ - "open-source web browser...,true,76.0.1-1.fc31.x86_64", lines[2]) + "open-source web browser...,true,Applicable,76.0.1-1.fc31.x86_64", lines[2]) } func TestSystemPackagesExportUnknown(t *testing.T) { From 78c5001bffae183aa985f082b030ce22552699a4 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Tue, 30 May 2023 10:54:50 +0200 Subject: [PATCH 056/268] SPM-1915: keep /system/packages V2 API --- docs/v3/openapi.json | 8 +-- manager/controllers/system_packages.go | 79 ++++++++++++++++----- manager/controllers/system_packages_test.go | 8 +-- 3 files changed, 69 insertions(+), 26 deletions(-) diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 993d676ae..84a027a43 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -4920,7 +4920,7 @@ "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/controllers.SystemPackageResponse" + "$ref": "#/components/schemas/controllers.SystemPackageResponseV3" } } } @@ -6486,7 +6486,7 @@ } } }, - "controllers.SystemPackageData": { + "controllers.SystemPackageDataV3": { "type": "object", "properties": { "description": { @@ -6541,13 +6541,13 @@ } } }, - "controllers.SystemPackageResponse": { + "controllers.SystemPackageResponseV3": { "type": "object", "properties": { "data": { "type": "array", "items": { - "$ref": "#/components/schemas/controllers.SystemPackageData" + "$ref": "#/components/schemas/controllers.SystemPackageDataV3" } }, "links": { diff --git a/manager/controllers/system_packages.go b/manager/controllers/system_packages.go index 41a919d46..853657d5d 100644 --- a/manager/controllers/system_packages.go +++ b/manager/controllers/system_packages.go @@ -22,6 +22,10 @@ type SystemPackagesAttrsCommon struct { Updatable bool `json:"updatable" csv:"updatable" query:"(COALESCE(jsonb_array_length(spkg.update_data),0) > 0)" gorm:"column:updatable"` } +type SystemPackageUpdates struct { + Updates []models.PackageUpdate `json:"updates"` +} + type SystemPackagesAttrsV2 struct { SystemPackagesAttrsCommon } @@ -32,14 +36,23 @@ type SystemPackagesAttrsV3 struct { UpdateStatus string `json:"update_status" csv:"update_status" query:"update_status(spkg.update_data)" gorm:"column:update_status"` } -type SystemPackageData struct { +type SystemPackageDataV2 struct { + SystemPackagesAttrsV2 + SystemPackageUpdates +} +type SystemPackageDataV3 struct { SystemPackagesAttrsV3 - Updates []models.PackageUpdate `json:"updates"` + SystemPackageUpdates } -type SystemPackageResponse struct { - Data []SystemPackageData `json:"data"` - Meta ListMeta `json:"meta"` - Links Links `json:"links"` +type SystemPackageResponseV2 struct { + Data []SystemPackageDataV2 `json:"data"` + Meta ListMeta `json:"meta"` + Links Links `json:"links"` +} +type SystemPackageResponseV3 struct { + Data []SystemPackageDataV3 `json:"data"` + Meta ListMeta `json:"meta"` + Links Links `json:"links"` } var SystemPackagesSelect = database.MustGetSelect(&SystemPackageDBLoad{}) @@ -84,13 +97,14 @@ func systemPackageQuery(db *gorm.DB, account int, inventoryID string) *gorm.DB { // @Param filter[evra] query string false "Filter" // @Param filter[summary] query string false "Filter" // @Param filter[updatable] query bool false "Filter" -// @Success 200 {object} SystemPackageResponse +// @Success 200 {object} SystemPackageResponseV3 // @Failure 400 {object} utils.ErrorResponse // @Failure 404 {object} utils.ErrorResponse // @Failure 500 {object} utils.ErrorResponse // @Router /systems/{inventory_id}/packages [get] func SystemPackagesHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) + apiver := c.GetInt(middlewares.KeyApiver) inventoryID := c.Param("inventory_id") if inventoryID == "" { @@ -122,11 +136,36 @@ func SystemPackagesHandler(c *gin.Context) { return } + total, data := buildSystemPackageData(loaded) + meta, links, err := UpdateMetaLinks(c, meta, total, nil, params...) + if err != nil { + return // Error handled in method itself + } + if apiver < 3 { + dataV2 := systemPackageV3toV2(data) + var resp = SystemPackageResponseV2{ + Data: dataV2, + Links: *links, + Meta: *meta, + } + c.JSON(http.StatusOK, &resp) + return + } + response := SystemPackageResponseV3{ + Data: data, + Meta: *meta, + Links: *links, + } + + c.JSON(http.StatusOK, response) +} + +func buildSystemPackageData(loaded []SystemPackageDBLoad) (int, []SystemPackageDataV3) { var total int if len(loaded) > 0 { total = loaded[0].Total } - data := make([]SystemPackageData, len(loaded)) + data := make([]SystemPackageDataV3, len(loaded)) for i, sp := range loaded { data[i].SystemPackagesAttrsV3 = sp.SystemPackagesAttrsV3 if sp.Updates == nil { @@ -136,15 +175,19 @@ func SystemPackagesHandler(c *gin.Context) { panic(err) } } - meta, links, err := UpdateMetaLinks(c, meta, total, nil, params...) - if err != nil { - return // Error handled in method itself - } - response := SystemPackageResponse{ - Data: data, - Meta: *meta, - Links: *links, - } + return total, data +} - c.JSON(http.StatusOK, response) +func systemPackageV3toV2(pkgs []SystemPackageDataV3) []SystemPackageDataV2 { + nPkgs := len(pkgs) + pkgsV2 := make([]SystemPackageDataV2, nPkgs) + for i := 0; i < nPkgs; i++ { + pkgsV2[i] = SystemPackageDataV2{ + SystemPackagesAttrsV2: SystemPackagesAttrsV2{ + SystemPackagesAttrsCommon: pkgs[i].SystemPackagesAttrsCommon, + }, + SystemPackageUpdates: pkgs[i].SystemPackageUpdates, + } + } + return pkgsV2 } diff --git a/manager/controllers/system_packages_test.go b/manager/controllers/system_packages_test.go index 2e0317802..d015248c7 100644 --- a/manager/controllers/system_packages_test.go +++ b/manager/controllers/system_packages_test.go @@ -13,7 +13,7 @@ func TestSystemPackages(t *testing.T) { w := CreateRequestRouterWithParams("GET", "/00000000-0000-0000-0000-000000000013/packages", nil, "", SystemPackagesHandler, 3, "GET", "/:inventory_id/packages") - var output SystemPackageResponse + var output SystemPackageResponseV3 CheckResponse(t, w, http.StatusOK, &output) assert.Len(t, output.Data, 4) assert.Equal(t, output.Data[0].Name, "bash") @@ -32,7 +32,7 @@ func TestPackagesSearch(t *testing.T) { w := CreateRequestRouterWithParams("GET", "/00000000-0000-0000-0000-000000000012/packages?search=kernel", nil, "", SystemPackagesHandler, 3, "GET", "/:inventory_id/packages") - var output SystemPackageResponse + var output SystemPackageResponseV3 CheckResponse(t, w, http.StatusOK, &output) assert.Len(t, output.Data, 1) assert.Equal(t, output.Data[0].Name, "kernel") @@ -51,7 +51,7 @@ func TestSystemPackagesUpdatableOnly(t *testing.T) { w := CreateRequestRouterWithParams("GET", "/00000000-0000-0000-0000-000000000013/packages?filter[updatable]=true", nil, "", SystemPackagesHandler, 3, "GET", "/:inventory_id/packages") - var output SystemPackageResponse + var output SystemPackageResponseV3 CheckResponse(t, w, http.StatusOK, &output) assert.Len(t, output.Data, 1) assert.Equal(t, output.Data[0].Name, "firefox") @@ -63,7 +63,7 @@ func TestSystemPackagesNonUpdatableOnly(t *testing.T) { "/00000000-0000-0000-0000-000000000013/packages?filter[updatable]=false", nil, "", SystemPackagesHandler, 3, "GET", "/:inventory_id/packages") - var output SystemPackageResponse + var output SystemPackageResponseV3 CheckResponse(t, w, http.StatusOK, &output) assert.Len(t, output.Data, 3) assert.Equal(t, output.Data[0].Name, "bash") From 5fa508ba618ccb1b1c74d3eb82123b0983d94b6e Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Tue, 30 May 2023 16:04:24 +0200 Subject: [PATCH 057/268] SPM-1915: update /export/syste/packages to V3 --- docs/v3/openapi.json | 9 ++- manager/controllers/system_packages_export.go | 72 ++++++++++++++----- .../system_packages_export_test.go | 11 +-- 3 files changed, 65 insertions(+), 27 deletions(-) diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 84a027a43..b99a334e8 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -2454,7 +2454,7 @@ "schema": { "type": "array", "items": { - "$ref": "#/components/schemas/controllers.SystemPackageInline" + "$ref": "#/components/schemas/controllers.SystemPackageInlineV3" } } } @@ -6515,7 +6515,7 @@ } } }, - "controllers.SystemPackageInline": { + "controllers.SystemPackageInlineV3": { "type": "object", "properties": { "description": { @@ -6524,7 +6524,10 @@ "evra": { "type": "string" }, - "latest_evra": { + "latest_applicable": { + "type": "string" + }, + "latest_installable": { "type": "string" }, "name": { diff --git a/manager/controllers/system_packages_export.go b/manager/controllers/system_packages_export.go index c1902ab05..49ad83659 100644 --- a/manager/controllers/system_packages_export.go +++ b/manager/controllers/system_packages_export.go @@ -12,11 +12,17 @@ import ( "gorm.io/gorm" ) -type SystemPackageInline struct { - SystemPackagesAttrsV3 +type SystemPackageInlineV2 struct { + SystemPackagesAttrsV2 LatestEVRA string `json:"latest_evra" csv:"latest_evra"` } +type SystemPackageInlineV3 struct { + SystemPackagesAttrsV3 + LatestInstallable string `json:"latest_installable" csv:"latest_installable"` + LatestApplicable string `json:"latest_applicable" csv:"latest_applicable"` +} + // @Summary Show me details about a system packages by given inventory id // @Description Show me details about a system packages by given inventory id // @ID exportSystemPackages @@ -30,7 +36,7 @@ type SystemPackageInline struct { // @Param filter[evra] query string false "Filter" // @Param filter[summary] query string false "Filter" // @Param filter[updatable] query bool false "Filter" -// @Success 200 {array} SystemPackageInline +// @Success 200 {array} SystemPackageInlineV3 // @Failure 400 {object} utils.ErrorResponse // @Failure 404 {object} utils.ErrorResponse // @Failure 415 {object} utils.ErrorResponse @@ -38,6 +44,7 @@ type SystemPackageInline struct { // @Router /export/systems/{inventory_id}/packages [get] func SystemPackagesExportHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) + apiver := c.GetInt(middlewares.KeyApiver) inventoryID := c.Param("inventory_id") if inventoryID == "" { @@ -70,25 +77,52 @@ func SystemPackagesExportHandler(c *gin.Context) { return } - data := convertToOutputArray(&loaded) + if apiver < 3 { + data := buildSystemPackageInlineV2(loaded) + OutputExportData(c, data) + return + } + data := buildSystemPackageInlineV3(loaded) OutputExportData(c, data) } -func convertToOutputArray(inArr *[]SystemPackageDBLoad) *[]SystemPackageInline { - outData := make([]SystemPackageInline, len(*inArr)) - for i, v := range *inArr { - outData[i].SystemPackagesAttrsV3 = v.SystemPackagesAttrsV3 - if v.Updates == nil { - outData[i].LatestEVRA = v.SystemPackagesAttrsV3.EVRA - continue - } - var updates []models.PackageUpdate - if err := json.Unmarshal(v.Updates, &updates); err != nil { - panic(err) - } - if len(updates) > 0 { - outData[i].LatestEVRA = updates[len(updates)-1].EVRA +func findLatestEVRA(pkg SystemPackageDBLoad) (installable string, applicable string) { + installable = pkg.SystemPackagesAttrsV3.EVRA + applicable = pkg.SystemPackagesAttrsV3.EVRA + if pkg.Updates == nil { + return + } + var updates []models.PackageUpdate + if err := json.Unmarshal(pkg.Updates, &updates); err != nil { + panic(err) + } + nUpdates := len(updates) + if nUpdates > 0 { + applicable = updates[nUpdates-1].EVRA + for i := nUpdates - 1; i >= 0; i-- { + if updates[i].Status == "Installable" { + installable = updates[i].EVRA + break + } } } - return &outData + return +} + +func buildSystemPackageInlineV2(pkgs []SystemPackageDBLoad) []SystemPackageInlineV2 { + data := make([]SystemPackageInlineV2, len(pkgs)) + for i, v := range pkgs { + data[i].SystemPackagesAttrsCommon = v.SystemPackagesAttrsCommon + data[i].LatestEVRA, _ = findLatestEVRA(v) + } + return data +} + +func buildSystemPackageInlineV3(pkgs []SystemPackageDBLoad) []SystemPackageInlineV3 { + data := make([]SystemPackageInlineV3, len(pkgs)) + for i, v := range pkgs { + data[i].SystemPackagesAttrsV3 = v.SystemPackagesAttrsV3 + data[i].LatestInstallable, data[i].LatestApplicable = findLatestEVRA(v) + } + return data } diff --git a/manager/controllers/system_packages_export_test.go b/manager/controllers/system_packages_export_test.go index 4297310e5..bf8130a23 100644 --- a/manager/controllers/system_packages_export_test.go +++ b/manager/controllers/system_packages_export_test.go @@ -14,12 +14,13 @@ func TestSystemPackagesExportHandlerJSON(t *testing.T) { w := CreateRequestRouterWithParams("GET", "/00000000-0000-0000-0000-000000000013/packages", nil, "application/json", SystemPackagesExportHandler, 3, "GET", "/:inventory_id/packages") - var output []SystemPackageInline + var output []SystemPackageInlineV3 CheckResponse(t, w, http.StatusOK, &output) assert.Equal(t, 4, len(output)) assert.Equal(t, output[0].Name, "kernel") assert.Equal(t, output[0].EVRA, "5.6.13-200.fc31.x86_64") - assert.Equal(t, output[0].LatestEVRA, "5.6.13-200.fc31.x86_64") + assert.Equal(t, output[0].LatestInstallable, "5.6.13-200.fc31.x86_64") + assert.Equal(t, output[0].LatestApplicable, "5.6.13-200.fc31.x86_64") assert.Equal(t, output[0].Summary, "The Linux kernel") } @@ -33,12 +34,12 @@ func TestSystemPackagesExportHandlerCSV(t *testing.T) { lines := strings.Split(body, "\n") assert.Equal(t, 6, len(lines)) - assert.Equal(t, "name,evra,summary,description,updatable,update_status,latest_evra", lines[0]) + assert.Equal(t, "name,evra,summary,description,updatable,update_status,latest_installable,latest_applicable", lines[0]) assert.Equal(t, "kernel,5.6.13-200.fc31.x86_64,The Linux kernel,The kernel meta package,false,"+ - "None,5.6.13-200.fc31.x86_64", lines[1]) + "None,5.6.13-200.fc31.x86_64,5.6.13-200.fc31.x86_64", lines[1]) assert.Equal(t, "firefox,76.0.1-1.fc31.x86_64,Mozilla Firefox Web browser,Mozilla Firefox is an "+ - "open-source web browser...,true,Applicable,76.0.1-1.fc31.x86_64", lines[2]) + "open-source web browser...,true,Applicable,76.0.1-1.fc31.x86_64,76.0.1-1.fc31.x86_64", lines[2]) } func TestSystemPackagesExportUnknown(t *testing.T) { From 313255f3a017420119526bd298409217703d87a5 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Thu, 1 Jun 2023 15:44:29 +0200 Subject: [PATCH 058/268] SPM-1915: keep updatable meaning i.e. you can install new version of the package in new terminology it means there's an Installable update --- dev/test_data.sql | 6 +++--- manager/controllers/system_packages.go | 2 +- manager/controllers/system_packages_export_test.go | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/dev/test_data.sql b/dev/test_data.sql index f46c894df..571112f4d 100644 --- a/dev/test_data.sql +++ b/dev/test_data.sql @@ -150,10 +150,10 @@ INSERT INTO package(id, name_id, evra, description_hash, summary_hash, advisory_ (12, 102, '76.0.1-2.fc31.x86_64', '22', '2', null, true); -- firefox INSERT INTO system_package (rh_account_id, system_id, package_id, name_id, update_data) VALUES -(3, 12, 1, 101, '[{"evra": "5.10.13-200.fc31.x86_64", "advisory": "RH-100"}]'), -(3, 12, 2, 102, '[{"evra": "77.0.1-1.fc31.x86_64", "advisory": "RH-1"}, {"evra": "76.0.1-1.fc31.x86_64", "advisory": "RH-2"}]'), +(3, 12, 1, 101, '[{"evra": "5.10.13-200.fc31.x86_64", "advisory": "RH-100", "status": "Installable"}]'), +(3, 12, 2, 102, '[{"evra": "77.0.1-1.fc31.x86_64", "advisory": "RH-1", "status": "Installable"}, {"evra": "76.0.1-1.fc31.x86_64", "advisory": "RH-2", "status": "Installable"}]'), (3, 13, 1, 101, null), -(3, 13, 2, 102, '[{"evra": "77.0.1-1.fc31.x86_64", "advisory": "RH-1"}, {"evra": "76.0.1-1.fc31.x86_64", "advisory": "RH-2"}]'), +(3, 13, 2, 102, '[{"evra": "76.0.1-1.fc31.x86_64", "advisory": "RH-2", "status": "Installable"},{"evra": "77.0.1-1.fc31.x86_64", "advisory": "RH-1", "status": "Applicable"}]'), (3, 13, 3, 103, null), (3, 13, 4, 104, null); diff --git a/manager/controllers/system_packages.go b/manager/controllers/system_packages.go index 853657d5d..85a1c0a4f 100644 --- a/manager/controllers/system_packages.go +++ b/manager/controllers/system_packages.go @@ -19,7 +19,7 @@ type SystemPackagesAttrsCommon struct { EVRA string `json:"evra" csv:"evra" query:"p.evra" gorm:"column:evra"` Summary string `json:"summary" csv:"summary" query:"sum.value" gorm:"column:summary"` Description string `json:"description" csv:"description" query:"descr.value" gorm:"column:description"` - Updatable bool `json:"updatable" csv:"updatable" query:"(COALESCE(jsonb_array_length(spkg.update_data),0) > 0)" gorm:"column:updatable"` + Updatable bool `json:"updatable" csv:"updatable" query:"(update_status(spkg.update_data) = 'Installable')" gorm:"column:updatable"` } type SystemPackageUpdates struct { diff --git a/manager/controllers/system_packages_export_test.go b/manager/controllers/system_packages_export_test.go index bf8130a23..31cba7448 100644 --- a/manager/controllers/system_packages_export_test.go +++ b/manager/controllers/system_packages_export_test.go @@ -39,7 +39,7 @@ func TestSystemPackagesExportHandlerCSV(t *testing.T) { assert.Equal(t, "kernel,5.6.13-200.fc31.x86_64,The Linux kernel,The kernel meta package,false,"+ "None,5.6.13-200.fc31.x86_64,5.6.13-200.fc31.x86_64", lines[1]) assert.Equal(t, "firefox,76.0.1-1.fc31.x86_64,Mozilla Firefox Web browser,Mozilla Firefox is an "+ - "open-source web browser...,true,Applicable,76.0.1-1.fc31.x86_64,76.0.1-1.fc31.x86_64", lines[2]) + "open-source web browser...,true,Installable,76.0.1-1.fc31.x86_64,77.0.1-1.fc31.x86_64", lines[2]) } func TestSystemPackagesExportUnknown(t *testing.T) { From 0e13a64843c6ab16f0a1c9563f538ecb41aba0a6 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Thu, 1 Jun 2023 14:56:39 +0000 Subject: [PATCH 059/268] v3.2.5 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 293fbd1e2..f08544a53 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.2.4 +v3.2.5 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 50fc90bda..2d8d9213d 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -544,7 +544,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.2.4} +- {name: IMAGE_TAG_MANAGER, value: v3.2.5} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -567,7 +567,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.2.4} +- {name: IMAGE_TAG_LISTENER, value: v3.2.5} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -586,7 +586,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.2.4} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.2.5} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -611,7 +611,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.2.4} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.2.5} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -634,7 +634,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.2.4} +- {name: IMAGE_TAG_JOBS, value: v3.2.5} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -680,7 +680,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.2.4} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.2.5} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -710,7 +710,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.2.4} +- {name: IMAGE_TAG_ADMIN, value: v3.2.5} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 7386df4a0..bb569c12f 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.2.4" + "version": "v3.2.5" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index b99a334e8..3b7235701 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.2.4" + "version": "v3.2.5" }, "servers": [ { From dc00f5ae55d22bc9d42f73615ff0295e5a74c67a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 1 Jun 2023 20:36:09 +0000 Subject: [PATCH 060/268] Bump github.com/gin-gonic/gin from 1.9.0 to 1.9.1 Bumps [github.com/gin-gonic/gin](https://github.com/gin-gonic/gin) from 1.9.0 to 1.9.1. - [Release notes](https://github.com/gin-gonic/gin/releases) - [Changelog](https://github.com/gin-gonic/gin/blob/master/CHANGELOG.md) - [Commits](https://github.com/gin-gonic/gin/compare/v1.9.0...v1.9.1) --- updated-dependencies: - dependency-name: github.com/gin-gonic/gin dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- go.mod | 35 ++++++++++++++-------------- go.sum | 72 ++++++++++++++++++++++++++++++++-------------------------- 2 files changed, 58 insertions(+), 49 deletions(-) diff --git a/go.mod b/go.mod index 4284333da..c9f1cfcec 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( github.com/getkin/kin-openapi v0.106.0 github.com/gin-contrib/gzip v0.0.6 github.com/gin-contrib/timeout v0.0.3 - github.com/gin-gonic/gin v1.9.0 + github.com/gin-gonic/gin v1.9.1 github.com/gocarina/gocsv v0.0.0-20200330101823-46266ca37bd3 // newer version skips some columns github.com/golang-migrate/migrate/v4 v4.15.2 github.com/hashicorp/golang-lru/v2 v2.0.2 @@ -24,11 +24,11 @@ require ( github.com/redhatinsights/platform-go-middlewares v0.20.0 github.com/segmentio/kafka-go v0.4.35 github.com/sirupsen/logrus v1.9.0 - github.com/stretchr/testify v1.8.1 + github.com/stretchr/testify v1.8.3 github.com/swaggo/files v0.0.0-20220728132757-551d4a08d97a github.com/swaggo/gin-swagger v1.5.3 github.com/zsais/go-gin-prometheus v0.1.0 - golang.org/x/net v0.7.0 + golang.org/x/net v0.10.0 gorm.io/driver/postgres v1.4.4 gorm.io/gorm v1.24.0 modernc.org/strutil v1.1.3 @@ -37,10 +37,11 @@ require ( require ( github.com/KyleBanks/depth v1.2.1 // indirect github.com/beorn7/perks v1.0.1 // indirect - github.com/bytedance/sonic v1.8.0 // indirect + github.com/bytedance/sonic v1.9.1 // indirect github.com/cespare/xxhash/v2 v2.1.2 // indirect github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 // indirect github.com/davecgh/go-spew v1.1.1 // indirect + github.com/gabriel-vasile/mimetype v1.4.2 // indirect github.com/gin-contrib/sse v0.1.0 // indirect github.com/go-openapi/jsonpointer v0.19.5 // indirect github.com/go-openapi/jsonreference v0.20.0 // indirect @@ -48,8 +49,8 @@ require ( github.com/go-openapi/swag v0.22.3 // indirect github.com/go-playground/locales v0.14.1 // indirect github.com/go-playground/universal-translator v0.18.1 // indirect - github.com/go-playground/validator/v10 v10.11.2 // indirect - github.com/goccy/go-json v0.10.0 // indirect + github.com/go-playground/validator/v10 v10.14.0 // indirect + github.com/goccy/go-json v0.10.2 // indirect github.com/golang/protobuf v1.5.2 // indirect github.com/google/go-cmp v0.5.9 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect @@ -68,31 +69,31 @@ require ( github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect github.com/klauspost/compress v1.15.11 // indirect - github.com/klauspost/cpuid/v2 v2.0.9 // indirect - github.com/leodido/go-urn v1.2.1 // indirect + github.com/klauspost/cpuid/v2 v2.2.4 // indirect + github.com/leodido/go-urn v1.2.4 // indirect github.com/mailru/easyjson v0.7.7 // indirect - github.com/mattn/go-isatty v0.0.17 // indirect + github.com/mattn/go-isatty v0.0.19 // indirect github.com/matttproud/golang_protobuf_extensions v1.0.2 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 // indirect - github.com/pelletier/go-toml/v2 v2.0.6 // indirect + github.com/pelletier/go-toml/v2 v2.0.8 // indirect github.com/pierrec/lz4/v4 v4.1.17 // indirect github.com/prometheus/client_model v0.2.0 // indirect github.com/prometheus/common v0.37.0 // indirect github.com/prometheus/procfs v0.8.0 // indirect github.com/swaggo/swag v1.8.6 // indirect github.com/twitchyliquid64/golang-asm v0.15.1 // indirect - github.com/ugorji/go/codec v1.2.9 // indirect + github.com/ugorji/go/codec v1.2.11 // indirect github.com/xdg/scram v1.0.5 // indirect github.com/xdg/stringprep v1.0.3 // indirect go.uber.org/atomic v1.10.0 // indirect - golang.org/x/arch v0.0.0-20210923205945-b76863e36670 // indirect - golang.org/x/crypto v0.5.0 // indirect - golang.org/x/sys v0.5.0 // indirect - golang.org/x/text v0.7.0 // indirect - golang.org/x/tools v0.1.12 // indirect - google.golang.org/protobuf v1.28.1 // indirect + golang.org/x/arch v0.3.0 // indirect + golang.org/x/crypto v0.9.0 // indirect + golang.org/x/sys v0.8.0 // indirect + golang.org/x/text v0.9.0 // indirect + golang.org/x/tools v0.6.0 // indirect + google.golang.org/protobuf v1.30.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index e0f2f6692..94f896035 100644 --- a/go.sum +++ b/go.sum @@ -184,8 +184,8 @@ github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd/go.mod h1:2oa8n github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b/go.mod h1:obH5gd0BsqsP2LwDJ9aOkm/6J86V6lyAXCoQWGw3K50= github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE= github.com/bytedance/sonic v1.5.0/go.mod h1:ED5hyg4y6t3/9Ku1R6dU/4KyJ48DZ4jPhfY1O2AihPM= -github.com/bytedance/sonic v1.8.0 h1:ea0Xadu+sHlu7x5O3gKhRpQ1IKiMrSiHttPF0ybECuA= -github.com/bytedance/sonic v1.8.0/go.mod h1:i736AoUSYt75HyZLoJW9ERYxcy6eaN6h4BZXU064P/U= +github.com/bytedance/sonic v1.9.1 h1:6iJ6NqdoxCDr6mbY8h18oSO+cShGSMRGCEo7F2h0x8s= +github.com/bytedance/sonic v1.9.1/go.mod h1:i736AoUSYt75HyZLoJW9ERYxcy6eaN6h4BZXU064P/U= github.com/cenkalti/backoff/v4 v4.1.1/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= github.com/cenkalti/backoff/v4 v4.1.2/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= @@ -423,6 +423,8 @@ github.com/fsouza/fake-gcs-server v1.17.0/go.mod h1:D1rTE4YCyHFNa99oyJJ5HyclvN/0 github.com/fullsailor/pkcs7 v0.0.0-20190404230743-d7302db945fa/go.mod h1:KnogPXtdwXqoenmZCw6S+25EAm2MkxbG0deNDu4cbSA= github.com/gabriel-vasile/mimetype v1.3.1/go.mod h1:fA8fi6KUiG7MgQQ+mEWotXoEOvmxRtOJlERCzSmRvr8= github.com/gabriel-vasile/mimetype v1.4.0/go.mod h1:fA8fi6KUiG7MgQQ+mEWotXoEOvmxRtOJlERCzSmRvr8= +github.com/gabriel-vasile/mimetype v1.4.2 h1:w5qFW6JKBz9Y393Y4q372O9A7cUSequkh1Q7OhCmWKU= +github.com/gabriel-vasile/mimetype v1.4.2/go.mod h1:zApsH/mKG4w07erKIaJPFiX0Tsq9BFQgN3qGY5GnNgA= github.com/garyburd/redigo v0.0.0-20150301180006-535138d7bcd7/go.mod h1:NR3MbYisc3/PwhQ00EMzDiPmrwpPxAn5GI05/YaO1SY= github.com/getkin/kin-openapi v0.106.0 h1:hrqfqJPAvWvuO/V0lCr/xyQOq4Gy21mcr28JJOSRcEI= github.com/getkin/kin-openapi v0.106.0/go.mod h1:9Dhr+FasATJZjS4iOLvB0hkaxgYdulrNYm2e9epLWOo= @@ -437,8 +439,8 @@ github.com/gin-contrib/timeout v0.0.3 h1:ysZQ7kChgqlzBkuLgwTTDjTPP2uqdI68XxRyqIF github.com/gin-contrib/timeout v0.0.3/go.mod h1:F3fjkmFc4I1QdF7MyVwtO6ZkPueBckNoiOVpU73HGgU= github.com/gin-gonic/gin v1.7.2/go.mod h1:jD2toBW3GZUr5UMcdrwQA10I7RuaFOl/SGeDjXkfUtY= github.com/gin-gonic/gin v1.8.1/go.mod h1:ji8BvRH1azfM+SYow9zQ6SZMvR8qOMZHmsCuWR9tTTk= -github.com/gin-gonic/gin v1.9.0 h1:OjyFBKICoexlu99ctXNR2gg+c5pKrKMuyjgARg9qeY8= -github.com/gin-gonic/gin v1.9.0/go.mod h1:W1Me9+hsUSyj3CePGrd1/QrKJMSJ1Tu/0hFEH89961k= +github.com/gin-gonic/gin v1.9.1 h1:4idEAncQnU5cB7BeOkPtxjfCSye0AAm1R0RVIqJ+Jmg= +github.com/gin-gonic/gin v1.9.1/go.mod h1:hPrL7YrpYKXt5YId3A/Tnip5kqbEAP+KLuI3SUcPTeU= github.com/go-chi/chi v4.0.2+incompatible/go.mod h1:eB3wogJHnLi3x/kFX2A+IbTBlXxmMeXJVKy9tTv1XzQ= github.com/go-fonts/dejavu v0.1.0/go.mod h1:4Wt4I4OU2Nq9asgDCteaAaWZOV24E+0/Pwo0gppep4g= github.com/go-fonts/latin-modern v0.2.0/go.mod h1:rQVLdDMK+mK1xscDwsqM5J8U2jrRa3T0ecnM9pNujks= @@ -501,8 +503,8 @@ github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJn github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY= github.com/go-playground/validator/v10 v10.4.1/go.mod h1:nlOn6nFhuKACm19sB/8EGNn9GlaMV7XkbRSipzJ0Ii4= github.com/go-playground/validator/v10 v10.10.0/go.mod h1:74x4gJWsvQexRdW8Pn3dXSGrTK4nAUsbPlLADvpJkos= -github.com/go-playground/validator/v10 v10.11.2 h1:q3SHpufmypg+erIExEKUmsgmhDTyhcJ38oeKGACXohU= -github.com/go-playground/validator/v10 v10.11.2/go.mod h1:NieE624vt4SCTJtD87arVLvdmjPAeV8BQlHtMnw9D7s= +github.com/go-playground/validator/v10 v10.14.0 h1:vgvQWe3XCz3gIeFDm/HnTIbj6UGmg/+t63MyGU2n5js= +github.com/go-playground/validator/v10 v10.14.0/go.mod h1:9iXMNT7sEkjXb0I+enO7QXmzG6QCsPWY4zveKFVRSyU= github.com/go-sql-driver/mysql v1.4.0/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= @@ -535,8 +537,8 @@ github.com/gobuffalo/syncx v0.0.0-20190224160051-33c29581e754/go.mod h1:HhnNqWY9 github.com/gocarina/gocsv v0.0.0-20200330101823-46266ca37bd3 h1:B7k6N+JlLM/u1xrIkpifUfE7GRJsZIYHoHbiAa5cSP4= github.com/gocarina/gocsv v0.0.0-20200330101823-46266ca37bd3/go.mod h1:5YoVOkjYAQumqlV356Hj3xeYh4BdZuLE0/nRkf2NKkI= github.com/goccy/go-json v0.9.7/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= -github.com/goccy/go-json v0.10.0 h1:mXKd9Qw4NuzShiRlOXKews24ufknHO7gx30lsDyokKA= -github.com/goccy/go-json v0.10.0/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= +github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU= +github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= github.com/gocql/gocql v0.0.0-20210515062232-b7ef815b4556/go.mod h1:DL0ekTmBSTdlNF25Orwt/JMzqIq3EJ4MVa/J/uK64OY= github.com/godbus/dbus v0.0.0-20151105175453-c7fdd8b5cd55/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= github.com/godbus/dbus v0.0.0-20180201030542-885f9cc04c9c/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= @@ -841,8 +843,9 @@ github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47e github.com/klauspost/compress v1.15.7/go.mod h1:PhcZ0MbTNciWF3rruxRgKxI5NkcHHrHUDtV4Yw2GlzU= github.com/klauspost/compress v1.15.11 h1:Lcadnb3RKGin4FYM/orgq0qde+nc15E5Cbqg4B9Sx9c= github.com/klauspost/compress v1.15.11/go.mod h1:QPwzmACJjUTFsnSHH934V6woptycfrDDJnH7hvFVbGM= -github.com/klauspost/cpuid/v2 v2.0.9 h1:lgaqFMSdTdQYdZ04uHyN2d/eKdOMyi2YLSvlQIBFYa4= github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= +github.com/klauspost/cpuid/v2 v2.2.4 h1:acbojRNwl3o09bUq+yDCtZFc1aiwaAAxtcn8YkZXnvk= +github.com/klauspost/cpuid/v2 v2.2.4/go.mod h1:RVVoqg1df56z8g3pUjL/3lE5UfnlrJX8tyFgg4nqhuY= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= @@ -861,8 +864,9 @@ github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/ktrysmt/go-bitbucket v0.6.4/go.mod h1:9u0v3hsd2rqCHRIpbir1oP7F58uo5dq19sBYvuMoyQ4= github.com/leodido/go-urn v1.2.0/go.mod h1:+8+nEpDfqqsY+g338gtMEUOtuK+4dEMhiQEgxpxOKII= -github.com/leodido/go-urn v1.2.1 h1:BqpAaACuzVSgi/VLzGZIobT2z4v53pjosyNd9Yv6n/w= github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ictyFfxY= +github.com/leodido/go-urn v1.2.4 h1:XlAE/cm/ms7TE/VMVoduSpNBoyc2dOxHs5MZSwAN63Q= +github.com/leodido/go-urn v1.2.4/go.mod h1:7ZrI8mTSeBSHl/UaRyKQW1qZeMgak41ANeCNaVckg+4= github.com/lestrrat-go/backoff v1.0.1 h1:Gphaach0QvvtaHmR9U8hwXNHXWckPyD8V6S+V+D184c= github.com/lestrrat-go/backoff v1.0.1/go.mod h1:5QVJKC49Q5yQvCrpup0ZqzDGHEO/O4H82cnDuYdumkw= github.com/lib/pq v1.0.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= @@ -902,8 +906,8 @@ github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hd github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ= github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= -github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng= -github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= +github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA= +github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= github.com/mattn/go-shellwords v1.0.3/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= github.com/mattn/go-shellwords v1.0.6/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= @@ -1034,8 +1038,8 @@ github.com/pelletier/go-toml v1.7.0/go.mod h1:vwGMzjaWMwyfHwgIBhI2YUM4fB6nL6lVAv github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrapLU/GW4pbc= github.com/pelletier/go-toml v1.9.3/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= github.com/pelletier/go-toml/v2 v2.0.1/go.mod h1:r9LEWfGN8R5k0VXJ+0BkIe7MYkRdwZOjgMj2KwnJFUo= -github.com/pelletier/go-toml/v2 v2.0.6 h1:nrzqCb7j9cDFj2coyLNLaZuJTLjWjlaz6nvTvIwycIU= -github.com/pelletier/go-toml/v2 v2.0.6/go.mod h1:eumQOmlWiOPt5WriQQqoM5y18pDHwha2N+QD+EUNTek= +github.com/pelletier/go-toml/v2 v2.0.8 h1:0ctb6s9mE31h0/lhu+J6OPmVeDxJn+kYnJc2jZR9tGQ= +github.com/pelletier/go-toml/v2 v2.0.8/go.mod h1:vuYfssBdrU2XDZ9bYydBu6t+6a6PYNcZljzZR9VXg+4= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= github.com/phpdave11/gofpdf v1.4.2/go.mod h1:zpO6xFn9yxo3YLyMvW8HcKWVdbNqgIfOOp2dXMnm1mY= github.com/phpdave11/gofpdi v1.0.12/go.mod h1:vBmVV0Do6hSBHC8uKUQ71JGW+ZGQq74llk/7bXwjDoI= @@ -1189,8 +1193,10 @@ github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY= +github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= github.com/swaggo/files v0.0.0-20220728132757-551d4a08d97a h1:kAe4YSu0O0UFn1DowNo2MY5p6xzqtJ/wQ7LZynSvGaY= github.com/swaggo/files v0.0.0-20220728132757-551d4a08d97a/go.mod h1:lKJPbtWzJ9JhsTN1k1gZgleJWY/cqq0psdoMmaThG3w= @@ -1215,8 +1221,8 @@ github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVM github.com/ugorji/go v1.2.7/go.mod h1:nF9osbDWLy6bDVv/Rtoh6QgnvNDpmCalQV5urGCCS6M= github.com/ugorji/go/codec v1.1.7/go.mod h1:Ax+UKWsSmolVDwsd+7N3ZtXu+yMGCf907BLYF3GoBXY= github.com/ugorji/go/codec v1.2.7/go.mod h1:WGN1fab3R1fzQlVQTkfxVtIBhWDRqOviHU95kRgeqEY= -github.com/ugorji/go/codec v1.2.9 h1:rmenucSohSTiyL09Y+l2OCk+FrMxGMzho2+tjr5ticU= -github.com/ugorji/go/codec v1.2.9/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZgYf6w6lg= +github.com/ugorji/go/codec v1.2.11 h1:BMaWp1Bb6fHwEtbplGBGJ498wD+LKlNSl25MjdZY4dU= +github.com/ugorji/go/codec v1.2.11/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZgYf6w6lg= github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= @@ -1319,8 +1325,9 @@ go.uber.org/zap v1.9.1/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.13.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM= go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo= -golang.org/x/arch v0.0.0-20210923205945-b76863e36670 h1:18EFjUmQOcUvxNYSkA6jO9VAiXCnxFY6NyDX0bHDmkU= golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8= +golang.org/x/arch v0.3.0 h1:02VY4/ZcO/gBOH6PUaoiptASxtXU10jazRCP865E97k= +golang.org/x/arch v0.3.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8= golang.org/x/crypto v0.0.0-20171113213409-9f005a07e0d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20181009213950-7c1a557ab941/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= @@ -1350,8 +1357,8 @@ golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.5.0 h1:U/0M97KRkSFvyD/3FSmdP5W5swImpNgle/EHFhOsQPE= -golang.org/x/crypto v0.5.0/go.mod h1:NK/OQwhpMQP3MwtdjgLlYHnH9ebylxKWv3e0fK+mkQU= +golang.org/x/crypto v0.9.0 h1:LF6fAI+IutBocDJ2OT0Q1g8plpYljMZ4+lty+dsqw3g= +golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0= golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -1399,7 +1406,7 @@ golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.5.0/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro= -golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 h1:6zppjxzCulZykYSLyVDYbneBfbaBIQPYMevg0bEwv2s= +golang.org/x/mod v0.8.0 h1:LUYupSeNrTNCGzR/hVBk2NHZO4hXcVaW1k4Qx7rjPx8= golang.org/x/net v0.0.0-20180218175443-cbe0f9307d01/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -1472,8 +1479,8 @@ golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220706163947-c90051bbdb60/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g= -golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= +golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M= +golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/oauth2 v0.0.0-20180227000427-d7d64896b5ff/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20181106182150-f42d05182288/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -1628,10 +1635,11 @@ golang.org/x/sys v0.0.0-20220111092808-5a964db01320/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220317061510-51cd9980dadf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU= -golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU= +golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= @@ -1646,8 +1654,8 @@ golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo= -golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE= +golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -1737,8 +1745,8 @@ golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.7/go.mod h1:LGqMHiF4EqQNHR1JncWGqT5BVaXmza+X+BDGol+dOxo= -golang.org/x/tools v0.1.12 h1:VveCTK38A2rkS8ZqFY25HIDFscX5X9OoEhJd3quQmXU= -golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= +golang.org/x/tools v0.6.0 h1:BOw41kyTf3PuCW1pVQf8+Cyg8pMlkYB1oo9iJ6D/lKM= +golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= golang.org/x/xerrors v0.0.0-20190410155217-1f06c39b4373/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20190513163551-3ee3066db522/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -1913,8 +1921,8 @@ google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp0 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.28.1 h1:d0NfwRgPtno5B1Wa6L2DAG+KivqkdutMf1UhdNx175w= -google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng= +google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= From bd49dedbfe791b05aa14a718689f9ea379a9d9e7 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Fri, 2 Jun 2023 09:07:17 +0000 Subject: [PATCH 061/268] v3.2.6 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index f08544a53..ddd44db7f 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.2.5 +v3.2.6 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 2d8d9213d..2bb7efa92 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -544,7 +544,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.2.5} +- {name: IMAGE_TAG_MANAGER, value: v3.2.6} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -567,7 +567,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.2.5} +- {name: IMAGE_TAG_LISTENER, value: v3.2.6} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -586,7 +586,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.2.5} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.2.6} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -611,7 +611,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.2.5} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.2.6} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -634,7 +634,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.2.5} +- {name: IMAGE_TAG_JOBS, value: v3.2.6} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -680,7 +680,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.2.5} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.2.6} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -710,7 +710,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.2.5} +- {name: IMAGE_TAG_ADMIN, value: v3.2.6} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index bb569c12f..49b94067e 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.2.5" + "version": "v3.2.6" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 3b7235701..01d0072a6 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.2.5" + "version": "v3.2.6" }, "servers": [ { From 2b22d22d28a214a2ffadcacd51618a03d4317512 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Tue, 30 May 2023 10:51:11 +0200 Subject: [PATCH 062/268] use vmaas-go in vmaas-sync --- deploy/clowdapp.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 2bb7efa92..f5e8c2d61 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -347,6 +347,7 @@ objects: - {name: PROMETHEUS_PUSHGATEWAY,value: '${PROMETHEUS_PUSHGATEWAY}'} - {name: FULL_SYNC_CADENCE,value: '${FULL_SYNC_CADENCE}'} - {name: SSL_CERT_DIR, value: '${SSL_CERT_DIR}'} + - {name: USE_VMAAS_GO, value: '${USE_VMAAS_GO}'} resources: limits: {cpu: '${RES_LIMIT_CPU_VMAAS_SYNC}', memory: '${RES_LIMIT_MEM_VMAAS_SYNC}'} requests: {cpu: '${RES_REQUEST_CPU_VMAAS_SYNC}', memory: '${RES_REQUEST_MEM_VMAAS_SYNC}'} From 0e59c4c2ce646ec17468431a2f6cc8bcb3a6b189 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Fri, 2 Jun 2023 09:08:03 +0000 Subject: [PATCH 063/268] v3.2.7 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index ddd44db7f..4671105d7 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.2.6 +v3.2.7 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index f5e8c2d61..ae1617c03 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -545,7 +545,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.2.6} +- {name: IMAGE_TAG_MANAGER, value: v3.2.7} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -568,7 +568,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.2.6} +- {name: IMAGE_TAG_LISTENER, value: v3.2.7} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -587,7 +587,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.2.6} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.2.7} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -612,7 +612,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.2.6} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.2.7} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -635,7 +635,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.2.6} +- {name: IMAGE_TAG_JOBS, value: v3.2.7} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -681,7 +681,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.2.6} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.2.7} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -711,7 +711,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.2.6} +- {name: IMAGE_TAG_ADMIN, value: v3.2.7} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 49b94067e..63c7d8a31 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.2.6" + "version": "v3.2.7" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 01d0072a6..fa8d06f89 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.2.6" + "version": "v3.2.7" }, "servers": [ { From 66f6755c37323b4934a6204c0b4255344f8eac37 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Fri, 2 Jun 2023 14:29:00 +0200 Subject: [PATCH 064/268] SPM-1917: update /package/systems to intallable/applicable --- manager/controllers/package_systems.go | 71 +++++++++++++++---- manager/controllers/package_systems_export.go | 11 ++- 2 files changed, 65 insertions(+), 17 deletions(-) diff --git a/manager/controllers/package_systems.go b/manager/controllers/package_systems.go index f86774e81..9a1ae54d3 100644 --- a/manager/controllers/package_systems.go +++ b/manager/controllers/package_systems.go @@ -23,26 +23,42 @@ var PackageSystemsOpts = ListOpts{ } //nolint:lll -type PackageSystemItem struct { +type PackageSystemItemCommon struct { SystemIDAttribute SystemDisplayName InstalledEVRA string `json:"installed_evra" csv:"installed_evra" query:"p.evra" gorm:"column:installed_evra"` AvailableEVRA string `json:"available_evra" csv:"available_evra" query:"spkg.latest_evra" gorm:"column:available_evra"` - Updatable bool `json:"updatable" csv:"updatable" query:"spkg.latest_evra IS NOT NULL" gorm:"column:updatable"` + Updatable bool `json:"updatable" csv:"updatable" query:"(update_status(spkg.update_data) = 'Installable')" gorm:"column:updatable"` Tags SystemTagsList `json:"tags" csv:"tags" query:"null" gorm:"-"` BaselineAttributes } +type PackageSystemItemV2 struct { + PackageSystemItemCommon +} + +//nolint:lll +type PackageSystemItemV3 struct { + PackageSystemItemCommon + UpdateStatus string `json:"update_status" csv:"update_status" query:"update_status(spkg.update_data)" gorm:"column:update_status"` +} + type PackageSystemDBLookup struct { SystemsMetaTagTotal - PackageSystemItem + PackageSystemItemV3 } -type PackageSystemsResponse struct { - Data []PackageSystemItem `json:"data"` - Links Links `json:"links"` - Meta ListMeta `json:"meta"` +type PackageSystemsResponseV2 struct { + Data []PackageSystemItemV2 `json:"data"` + Links Links `json:"links"` + Meta ListMeta `json:"meta"` +} + +type PackageSystemsResponseV3 struct { + Data []PackageSystemItemV3 `json:"data"` + Links Links `json:"links"` + Meta ListMeta `json:"meta"` } func packagesByNameQuery(db *gorm.DB, pkgName string) *gorm.DB { @@ -113,13 +129,15 @@ func packageSystemsCommon(db *gorm.DB, c *gin.Context) (*gorm.DB, *ListMeta, []s // @Param filter[system_profile][mssql] query string false "Filter systems by mssql version" // @Param filter[system_profile][mssql][version] query string false "Filter systems by mssql version" // @Param filter[updatable] query bool false "Filter" -// @Success 200 {object} PackageSystemsResponse +// @Success 200 {object} PackageSystemsResponseV3 // @Failure 400 {object} utils.ErrorResponse // @Failure 404 {object} utils.ErrorResponse // @Failure 500 {object} utils.ErrorResponse // @Router /packages/{package_name}/systems [get] func PackageSystemsListHandler(c *gin.Context) { db := middlewares.DBFromContext(c) + apiver := c.GetInt(middlewares.KeyApiver) + query, meta, params, err := packageSystemsCommon(db, c) if err != nil { return @@ -132,17 +150,29 @@ func PackageSystemsListHandler(c *gin.Context) { return } - outputItems, total := packageSystemDBLookups2PackageSystemItems(systems) + outputItems, total := packageSystemDBLookups2PackageSystemItemsV3(systems) meta, links, err := UpdateMetaLinks(c, meta, total, nil, params...) if err != nil { return // Error handled in method itself } - c.JSON(http.StatusOK, PackageSystemsResponse{ + if apiver < 3 { + dataV2 := packageSystemItemV3toV2(outputItems) + var resp = PackageSystemsResponseV2{ + Data: dataV2, + Links: *links, + Meta: *meta, + } + c.JSON(http.StatusOK, &resp) + return + } + + response := PackageSystemsResponseV3{ Data: outputItems, Links: *links, Meta: *meta, - }) + } + c.JSON(http.StatusOK, response) } // nolint: dupl @@ -189,19 +219,30 @@ func PackageSystemsListIDsHandler(c *gin.Context) { c.JSON(http.StatusOK, &resp) } -func packageSystemDBLookups2PackageSystemItems(systems []PackageSystemDBLookup) ([]PackageSystemItem, int) { +func packageSystemDBLookups2PackageSystemItemsV3(systems []PackageSystemDBLookup) ([]PackageSystemItemV3, int) { var total int if len(systems) > 0 { total = systems[0].Total } - data := make([]PackageSystemItem, len(systems)) + data := make([]PackageSystemItemV3, len(systems)) var err error for i, system := range systems { - system.PackageSystemItem.Tags, err = parseSystemTags(system.TagsStr) + system.PackageSystemItemV3.Tags, err = parseSystemTags(system.TagsStr) if err != nil { utils.LogDebug("err", err.Error(), "inventory_id", system.ID, "system tags parsing failed") } - data[i] = system.PackageSystemItem + data[i] = system.PackageSystemItemV3 } return data, total } + +func packageSystemItemV3toV2(systems []PackageSystemItemV3) []PackageSystemItemV2 { + nSystems := len(systems) + systemsV2 := make([]PackageSystemItemV2, nSystems) + for i := 0; i < nSystems; i++ { + systemsV2[i] = PackageSystemItemV2{ + PackageSystemItemCommon: systems[i].PackageSystemItemCommon, + } + } + return systemsV2 +} diff --git a/manager/controllers/package_systems_export.go b/manager/controllers/package_systems_export.go index 5bca82e37..6a440bc7e 100644 --- a/manager/controllers/package_systems_export.go +++ b/manager/controllers/package_systems_export.go @@ -23,7 +23,7 @@ import ( // @Param filter[system_profile][mssql] query string false "Filter systems by mssql version" // @Param filter[system_profile][mssql][version] query string false "Filter systems by mssql version" // @Param tags query []string false "Tag filter" -// @Success 200 {array} PackageSystemItem +// @Success 200 {array} PackageSystemItemV3 // @Failure 400 {object} utils.ErrorResponse // @Failure 404 {object} utils.ErrorResponse // @Failure 415 {object} utils.ErrorResponse @@ -31,6 +31,7 @@ import ( // @Router /export/packages/{package_name}/systems [get] func PackageSystemsExportHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) + apiver := c.GetInt(middlewares.KeyApiver) packageName := c.Param("package_name") if packageName == "" { @@ -68,6 +69,12 @@ func PackageSystemsExportHandler(c *gin.Context) { return } - outputItems, _ := packageSystemDBLookups2PackageSystemItems(systems) + outputItems, _ := packageSystemDBLookups2PackageSystemItemsV3(systems) + if apiver < 3 { + itemsV2 := packageSystemItemV3toV2(outputItems) + OutputExportData(c, itemsV2) + return + } + OutputExportData(c, outputItems) } From 105289574d0abc25967f623b0a5ad55e180f256e Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Fri, 2 Jun 2023 14:39:26 +0200 Subject: [PATCH 065/268] SPM-1917: update /ids/package/systems to installable/applicable --- manager/controllers/package_systems.go | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/manager/controllers/package_systems.go b/manager/controllers/package_systems.go index 9a1ae54d3..94155671f 100644 --- a/manager/controllers/package_systems.go +++ b/manager/controllers/package_systems.go @@ -192,30 +192,34 @@ func PackageSystemsListHandler(c *gin.Context) { // @Param filter[system_profile][ansible][controller_version] query string false "Filter systems by ansible version" // @Param filter[system_profile][mssql] query string false "Filter systems by mssql version" // @Param filter[system_profile][mssql][version] query string false "Filter systems by mssql version" -// @Success 200 {object} IDsResponse +// @Success 200 {object} IDsStatusResponse // @Failure 400 {object} utils.ErrorResponse // @Failure 404 {object} utils.ErrorResponse // @Failure 500 {object} utils.ErrorResponse // @Router /ids/packages/{package_name}/systems [get] func PackageSystemsListIDsHandler(c *gin.Context) { db := middlewares.DBFromContext(c) + apiver := c.GetInt(middlewares.KeyApiver) query, meta, _, err := packageSystemsCommon(db, c) if err != nil { return } // Error handled in method itself - var sids []SystemsID + var sids []SystemsStatusID err = query.Find(&sids).Error if err != nil { LogAndRespError(c, err, "database error") return } - ids, err := systemsIDs(c, sids, meta) + resp, err := systemsIDsStatus(c, sids, meta) if err != nil { return // Error handled in method itself } - var resp = IDsResponse{IDs: ids} + if apiver < 3 { + c.JSON(http.StatusOK, &resp.IDsResponse) + return + } c.JSON(http.StatusOK, &resp) } From bfb25c32393542b6e15c1a3708aeefa1ce4edd6f Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Fri, 2 Jun 2023 14:42:20 +0200 Subject: [PATCH 066/268] SPM-1917: update tests --- manager/controllers/package_systems_export_test.go | 9 +++++---- manager/controllers/package_systems_test.go | 6 +++--- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/manager/controllers/package_systems_export_test.go b/manager/controllers/package_systems_export_test.go index 9caf2a3b6..8657675b0 100644 --- a/manager/controllers/package_systems_export_test.go +++ b/manager/controllers/package_systems_export_test.go @@ -15,7 +15,7 @@ func TestPackageSystemsExportHandlerJSON(t *testing.T) { w := CreateRequestRouterWithParams("GET", "/kernel/systems?sort=id", nil, "application/json", PackageSystemsExportHandler, 3, "GET", "/:package_name/systems") - var output []PackageSystemItem + var output []PackageSystemItemV3 CheckResponse(t, w, http.StatusOK, &output) assert.Equal(t, 2, len(output)) assert.Equal(t, "00000000-0000-0000-0000-000000000012", output[0].ID) @@ -37,12 +37,13 @@ func TestPackageSystemsExportHandlerCSV(t *testing.T) { assert.Equal(t, 4, len(lines)) assert.Equal(t, "id,display_name,installed_evra,available_evra,updatable,tags,"+ - "baseline_name,baseline_uptodate", lines[0]) + "baseline_name,baseline_uptodate,update_status", lines[0]) assert.Equal(t, "00000000-0000-0000-0000-000000000012,00000000-0000-0000-0000-000000000012,"+ - "5.6.13-200.fc31.x86_64,5.10.13-200.fc31.x86_64,true,\"[{'key':'k1','namespace':'ns1','value':'val1'}]\",,", + "5.6.13-200.fc31.x86_64,5.10.13-200.fc31.x86_64,true,"+ + "\"[{'key':'k1','namespace':'ns1','value':'val1'}]\",,,Installable", lines[1]) assert.Equal(t, "00000000-0000-0000-0000-000000000013,00000000-0000-0000-0000-000000000013,"+ - "5.6.13-200.fc31.x86_64,,false,\"[{'key':'k1','namespace':'ns1','value':'val1'}]\",,", lines[2]) + "5.6.13-200.fc31.x86_64,,false,\"[{'key':'k1','namespace':'ns1','value':'val1'}]\",,,None", lines[2]) } func TestPackageSystemsExportInvalidName(t *testing.T) { diff --git a/manager/controllers/package_systems_test.go b/manager/controllers/package_systems_test.go index 20aeb748e..7a7968272 100644 --- a/manager/controllers/package_systems_test.go +++ b/manager/controllers/package_systems_test.go @@ -44,12 +44,12 @@ func TestPackageSystemsInvalidName(t *testing.T) { assert.Equal(t, "package not found", errResp.Error) } -func testPackageSystems(t *testing.T, url string, account int) PackageSystemsResponse { +func testPackageSystems(t *testing.T, url string, account int) PackageSystemsResponseV3 { core.SetupTest(t) w := CreateRequestRouterWithParams("GET", url, nil, "", PackageSystemsListHandler, account, "GET", "/:package_name/systems") - var output PackageSystemsResponse + var output PackageSystemsResponseV3 CheckResponse(t, w, http.StatusOK, &output) return output } @@ -79,7 +79,7 @@ func TestPackageSystemsTagsInMetadata(t *testing.T) { w := CreateRequestRouterWithParams("GET", "/kernel/systems?tags=ns1/k3=val4&tags=ns1/k1=val1", nil, "", PackageSystemsListHandler, 3, "GET", "/:package_name/systems") - var output PackageSystemsResponse + var output PackageSystemsResponseV3 ParseResponseBody(t, w.Body.Bytes(), &output) testMap := map[string]FilterData{ From b7a63dc6761adbd97e5e063d16f94e1eae6b468f Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Fri, 2 Jun 2023 14:46:57 +0200 Subject: [PATCH 067/268] SPM-1917: update api spec --- docs/v3/openapi.json | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index fa8d06f89..f604f23c2 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -1929,7 +1929,7 @@ "schema": { "type": "array", "items": { - "$ref": "#/components/schemas/controllers.PackageSystemItem" + "$ref": "#/components/schemas/controllers.PackageSystemItemV3" } } } @@ -3304,7 +3304,7 @@ "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/controllers.IDsResponse" + "$ref": "#/components/schemas/controllers.IDsStatusResponse" } } } @@ -4152,7 +4152,7 @@ "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/controllers.PackageSystemsResponse" + "$ref": "#/components/schemas/controllers.PackageSystemsResponseV3" } } } @@ -6048,7 +6048,7 @@ } } }, - "controllers.PackageSystemItem": { + "controllers.PackageSystemItemV3": { "type": "object", "properties": { "available_evra": { @@ -6077,16 +6077,19 @@ }, "updatable": { "type": "boolean" + }, + "update_status": { + "type": "string" } } }, - "controllers.PackageSystemsResponse": { + "controllers.PackageSystemsResponseV3": { "type": "object", "properties": { "data": { "type": "array", "items": { - "$ref": "#/components/schemas/controllers.PackageSystemItem" + "$ref": "#/components/schemas/controllers.PackageSystemItemV3" } }, "links": { From 404a2a1b9814d1f49280689a677fb9250e687765 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Fri, 2 Jun 2023 14:23:38 +0000 Subject: [PATCH 068/268] v3.2.8 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 4671105d7..701dbeed7 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.2.7 +v3.2.8 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index ae1617c03..0eb1bd65e 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -545,7 +545,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.2.7} +- {name: IMAGE_TAG_MANAGER, value: v3.2.8} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -568,7 +568,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.2.7} +- {name: IMAGE_TAG_LISTENER, value: v3.2.8} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -587,7 +587,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.2.7} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.2.8} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -612,7 +612,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.2.7} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.2.8} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -635,7 +635,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.2.7} +- {name: IMAGE_TAG_JOBS, value: v3.2.8} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -681,7 +681,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.2.7} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.2.8} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -711,7 +711,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.2.7} +- {name: IMAGE_TAG_ADMIN, value: v3.2.8} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 63c7d8a31..5964f55f4 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.2.7" + "version": "v3.2.8" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index f604f23c2..2f0235882 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.2.7" + "version": "v3.2.8" }, "servers": [ { From 761c8ff6c9ebc32439c47a3a4d1c6abb337bdc53 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Fri, 2 Jun 2023 16:11:53 +0200 Subject: [PATCH 069/268] SPM-1916: installable and applicable counts in package_account_data --- .../migrations/110_package_account_data_applicable.up.sql | 4 ++++ .../migrations/110_package_account_data_installable.down.sql | 4 ++++ database_admin/schema/create_schema.sql | 5 +++-- 3 files changed, 11 insertions(+), 2 deletions(-) create mode 100644 database_admin/migrations/110_package_account_data_applicable.up.sql create mode 100644 database_admin/migrations/110_package_account_data_installable.down.sql diff --git a/database_admin/migrations/110_package_account_data_applicable.up.sql b/database_admin/migrations/110_package_account_data_applicable.up.sql new file mode 100644 index 000000000..307bd5b25 --- /dev/null +++ b/database_admin/migrations/110_package_account_data_applicable.up.sql @@ -0,0 +1,4 @@ +TRUNCATE package_account_data; +UPDATE rh_account SET valid_package_cache = FALSE; +ALTER TABLE package_account_data RENAME COLUMN systems_updatable TO systems_installable; +ALTER TABLE package_account_data ADD COLUMN systems_applicable INT NOT NULL DEFAULT 0; diff --git a/database_admin/migrations/110_package_account_data_installable.down.sql b/database_admin/migrations/110_package_account_data_installable.down.sql new file mode 100644 index 000000000..e01efd83e --- /dev/null +++ b/database_admin/migrations/110_package_account_data_installable.down.sql @@ -0,0 +1,4 @@ +TRUNCATE package_account_data; +UPDATE rh_account SET valid_package_cache = FALSE; +ALTER TABLE package_account_data RENAME COLUMN systems_installable TO systems_updatable; +ALTER TABLE package_account_data DROP COLUMN systems_applicable; diff --git a/database_admin/schema/create_schema.sql b/database_admin/schema/create_schema.sql index 53bbecb73..1e5eb8c47 100644 --- a/database_admin/schema/create_schema.sql +++ b/database_admin/schema/create_schema.sql @@ -7,7 +7,7 @@ CREATE TABLE IF NOT EXISTS schema_migrations INSERT INTO schema_migrations -VALUES (109, false); +VALUES (110, false); -- --------------------------------------------------------------------------- -- Functions @@ -1032,7 +1032,8 @@ CREATE TABLE IF NOT EXISTS package_account_data package_name_id BIGINT NOT NULL, rh_account_id INT NOT NULL, systems_installed INT NOT NULL DEFAULT 0, - systems_updatable INT NOT NULL DEFAULT 0, + systems_installable INT NOT NULL DEFAULT 0, + systems_applicable INT NOT NULL DEFAULT 0, CONSTRAINT package_name_id FOREIGN KEY (package_name_id) REFERENCES package_name (id), From 4c23462dce8b2ad2248a8c61c85fe9384cc29c3d Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Fri, 2 Jun 2023 16:12:23 +0200 Subject: [PATCH 070/268] SPM-1916: update package_account_data refresh --- base/models/models.go | 9 +++++---- tasks/caches/refresh_packages_caches.go | 7 ++++--- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/base/models/models.go b/base/models/models.go index 2f8df5d64..f3bb27c82 100644 --- a/base/models/models.go +++ b/base/models/models.go @@ -239,10 +239,11 @@ func (TimestampKV) TableName() string { } type PackageAccountData struct { - AccID int `gorm:"column:rh_account_id"` - PkgNameID int64 `gorm:"column:package_name_id"` - SysInstalled int `gorm:"column:systems_installed"` - SysUpdatable int `gorm:"column:systems_updatable"` + AccID int `gorm:"column:rh_account_id"` + PkgNameID int64 `gorm:"column:package_name_id"` + SysInstalled int `gorm:"column:systems_installed"` + SysInstallable int `gorm:"column:systems_installable"` + SysApplicable int `gorm:"column:systems_applicable"` } func (PackageAccountData) TableName() string { diff --git a/tasks/caches/refresh_packages_caches.go b/tasks/caches/refresh_packages_caches.go index a02f865cf..102a7a350 100644 --- a/tasks/caches/refresh_packages_caches.go +++ b/tasks/caches/refresh_packages_caches.go @@ -73,8 +73,9 @@ func getCounts(pkgSysCounts *[]models.PackageAccountData, accID *int) error { Select(` sp.rh_account_id rh_account_id, spkg.name_id package_name_id, - count(spkg.system_id) as systems_installed, - count(spkg.system_id) filter (where spkg.latest_evra IS NOT NULL) as systems_updatable + count(*) as systems_installed, + count(*) filter (where update_status(spkg.update_data) = 'Installable') as systems_installable, + count(*) filter (where update_status(spkg.update_data) != 'None') as systems_applicable `). Joins("JOIN system_package spkg ON sp.id = spkg.system_id AND sp.rh_account_id = spkg.rh_account_id"). Joins("JOIN rh_account acc ON sp.rh_account_id = acc.id"). @@ -95,7 +96,7 @@ func getCounts(pkgSysCounts *[]models.PackageAccountData, accID *int) error { func updatePackageAccountData(pkgSysCounts []models.PackageAccountData) error { err := tasks.WithTx(func(tx *gorm.DB) error { tx = database.OnConflictUpdateMulti( - tx, []string{"package_name_id", "rh_account_id"}, "systems_updatable", "systems_installed", + tx, []string{"package_name_id", "rh_account_id"}, "systems_installable", "systems_applicable", "systems_installed", ) return database.BulkInsert(tx, pkgSysCounts) }) From ed16fb29d46b6564344002204b11688bea49e38a Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Fri, 2 Jun 2023 17:08:47 +0200 Subject: [PATCH 071/268] SPM-1916: installable and applicable counts in /packages --- manager/controllers/packages.go | 73 ++++++++++++++++++++------ manager/controllers/packages_export.go | 6 +++ 2 files changed, 63 insertions(+), 16 deletions(-) diff --git a/manager/controllers/packages.go b/manager/controllers/packages.go index f3437180e..101ea1aab 100644 --- a/manager/controllers/packages.go +++ b/manager/controllers/packages.go @@ -30,12 +30,29 @@ type PackageDBLookup struct { PackageItem } -//nolint:lll -type PackageItem struct { +// nolint: lll +type PackageItemCommon struct { Name string `json:"name" csv:"name" query:"pn.name" gorm:"column:name"` - SystemsInstalled int `json:"systems_installed" csv:"systems_installed" query:"res.systems_installed" gorm:"column:systems_installed"` - SystemsUpdatable int `json:"systems_updatable" csv:"systems_updatable" query:"res.systems_updatable" gorm:"column:systems_updatable"` Summary string `json:"summary" csv:"summary" query:"pn.summary" gorm:"column:summary"` + SystemsInstalled int `json:"systems_installed" csv:"systems_installed" query:"res.systems_installed" gorm:"column:systems_installed"` +} + +// nolint: lll +type PackageItem struct { + PackageItemCommon + SystemsInstallable int `json:"systems_installable" csv:"systems_installable" query:"res.systems_installable" gorm:"column:systems_installable"` + SystemsApplicable int `json:"systems_applicable" csv:"systems_applicable" query:"res.systems_applicable" gorm:"column:systems_applicable"` +} + +type PackageItemV2 struct { + PackageItemCommon + SystemsUpdatable int `json:"systems_updatable" csv:"systems_updatable"` +} + +type PackagesResponseV2 struct { + Data []PackageItemV2 `json:"data"` + Links Links `json:"links"` + Meta ListMeta `json:"meta"` } type PackagesResponse struct { @@ -47,9 +64,10 @@ type PackagesResponse struct { // nolint: lll // Used as a for subquery performing the actual calculation which is joined with latest summaries type queryItem struct { - NameID int `query:"spkg.name_id" gorm:"column:name_id"` - SystemsInstalled int `json:"systems_installed" query:"count(*)" gorm:"column:systems_installed"` - SystemsUpdatable int `json:"systems_updatable" query:"count(*) filter (where spkg.latest_evra IS NOT NULL)" gorm:"column:systems_updatable"` + NameID int `query:"spkg.name_id" gorm:"column:name_id"` + SystemsInstalled int `json:"systems_installed" query:"count(*)" gorm:"column:systems_installed"` + SystemsInstallable int `json:"systems_installable" query:"count(*) filter (where update_status(spkg.update_data) = 'Installable')" gorm:"column:systems_installable"` + SystemsApplicable int `json:"systems_applicable" query:"count(*) filter (where update_status(spkg.update_data) != 'None')" gorm:"column:systems_applicable"` } var queryItemSelect = database.MustGetSelect(&queryItem{}) @@ -85,21 +103,23 @@ func packagesQuery(db *gorm.DB, filters map[string]FilterData, acc int) *gorm.DB Joins("JOIN (?) res ON res.name_id = pn.id", subQ) } +// nolint: lll // @Summary Show me all installed packages across my systems // @Description Show me all installed packages across my systems // @ID listPackages // @Security RhIdentity // @Accept json // @Produce json -// @Param limit query int false "Limit for paging, set -1 to return all" -// @Param offset query int false "Offset for paging" -// @Param sort query string false "Sort field" Enums(id,name,systems_installed,systems_updatable) -// @Param search query string false "Find matching text" -// @Param filter[name] query string false "Filter" -// @Param filter[systems_installed] query string false "Filter" -// @Param filter[systems_updatable] query string false "Filter" -// @Param filter[summary] query string false "Filter" -// @Param tags query []string false "Tag filter" +// @Param limit query int false "Limit for paging, set -1 to return all" +// @Param offset query int false "Offset for paging" +// @Param sort query string false "Sort field" Enums(id,name,systems_installed,systems_installable,systems_applicable) +// @Param search query string false "Find matching text" +// @Param filter[name] query string false "Filter" +// @Param filter[systems_installed] query string false "Filter" +// @Param filter[systems_installable] query string false "Filter" +// @Param filter[systems_applicable] query string false "Filter" +// @Param filter[summary] query string false "Filter" +// @Param tags query []string false "Tag filter" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" // @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" @@ -114,6 +134,7 @@ func packagesQuery(db *gorm.DB, filters map[string]FilterData, acc int) *gorm.DB func PackagesListHandler(c *gin.Context) { var filters map[string]FilterData account := c.GetInt(middlewares.KeyAccount) + apiver := c.GetInt(middlewares.KeyApiver) filters, err := ParseTagsFilters(c) if err != nil { @@ -142,6 +163,15 @@ func PackagesListHandler(c *gin.Context) { if err != nil { return // Error handled in method itself } + if apiver < 3 { + dataV2 := packages2PackagesV2(data) + c.JSON(http.StatusOK, PackagesResponseV2{ + Data: dataV2, + Links: *links, + Meta: *meta, + }) + return + } c.JSON(http.StatusOK, PackagesResponse{ Data: data, @@ -161,3 +191,14 @@ func PackageDBLookup2Item(packages []PackageDBLookup) ([]PackageItem, int) { } return data, total } + +func packages2PackagesV2(data []PackageItem) []PackageItemV2 { + v2 := make([]PackageItemV2, len(data)) + for i, x := range data { + v2[i] = PackageItemV2{ + PackageItemCommon: x.PackageItemCommon, + SystemsUpdatable: x.SystemsInstallable, + } + } + return v2 +} diff --git a/manager/controllers/packages_export.go b/manager/controllers/packages_export.go index e4401d4a3..3d4425be8 100644 --- a/manager/controllers/packages_export.go +++ b/manager/controllers/packages_export.go @@ -24,6 +24,7 @@ import ( // @Router /export/packages [get] func PackagesExportHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) + apiver := c.GetInt(middlewares.KeyApiver) filters, err := ParseTagsFilters(c) if err != nil { return @@ -48,6 +49,11 @@ func PackagesExportHandler(c *gin.Context) { LogAndRespError(c, err, "db error") return } + if apiver < 3 { + itemsV2 := packages2PackagesV2(items) + OutputExportData(c, itemsV2) + return + } OutputExportData(c, items) } From 1d2602fd00995fb853ca8e0631a42e7e4cf50eae Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Fri, 2 Jun 2023 17:09:08 +0200 Subject: [PATCH 072/268] SPM-1916: update openapi spec --- docs/v3/openapi.json | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 2f0235882..5dc6ce3d6 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -3815,7 +3815,8 @@ "id", "name", "systems_installed", - "systems_updatable" + "systems_installable", + "systems_applicable" ] } }, @@ -3844,7 +3845,15 @@ } }, { - "name": "filter[systems_updatable]", + "name": "filter[systems_installable]", + "in": "query", + "description": "Filter", + "schema": { + "type": "string" + } + }, + { + "name": "filter[systems_applicable]", "in": "query", "description": "Filter", "schema": { @@ -6040,10 +6049,13 @@ "summary": { "type": "string" }, - "systems_installed": { + "systems_applicable": { "type": "integer" }, - "systems_updatable": { + "systems_installable": { + "type": "integer" + }, + "systems_installed": { "type": "integer" } } From 135f728ce1f3e04f7a604ab7f1000b8ea89ed50d Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Fri, 2 Jun 2023 17:09:53 +0200 Subject: [PATCH 073/268] SPM-1916: update /packages tests --- manager/controllers/packages_export_test.go | 4 ++-- manager/controllers/packages_test.go | 15 +++++++++++---- 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/manager/controllers/packages_export_test.go b/manager/controllers/packages_export_test.go index c19dd2879..8bf0f096f 100644 --- a/manager/controllers/packages_export_test.go +++ b/manager/controllers/packages_export_test.go @@ -28,7 +28,7 @@ func TestPackageExportCSV(t *testing.T) { lines := strings.Split(body, "\n") assert.Equal(t, 6, len(lines)) - assert.Equal(t, "name,systems_installed,systems_updatable,summary", lines[0]) + assert.Equal(t, "name,summary,systems_installed,systems_installable,systems_applicable", lines[0]) - assert.Equal(t, "kernel,2,1,The Linux kernel", lines[1]) + assert.Equal(t, "kernel,The Linux kernel,2,1,1", lines[1]) } diff --git a/manager/controllers/packages_test.go b/manager/controllers/packages_test.go index 6c0e06cc5..f44cfe5f7 100644 --- a/manager/controllers/packages_test.go +++ b/manager/controllers/packages_test.go @@ -38,8 +38,13 @@ func TestPackagesEmptyResponse(t *testing.T) { assert.Equal(t, "{\"data\":[]", respStr[:10]) } -func TestPackagesFilterUpdatable(t *testing.T) { - output := doTestPackages(t, "/?filter[systems_updatable]=4") +func TestPackagesFilterInstallable(t *testing.T) { + output := doTestPackages(t, "/?filter[systems_installable]=4") + assert.Equal(t, 0, len(output.Data)) +} + +func TestPackagesFilterApplicable(t *testing.T) { + output := doTestPackages(t, "/?filter[systems_applicable]=4") assert.Equal(t, 0, len(output.Data)) } @@ -48,7 +53,8 @@ func TestPackagesFilterSummary(t *testing.T) { assert.Equal(t, 1, len(output.Data)) assert.Equal(t, "firefox", output.Data[0].Name) assert.Equal(t, 2, output.Data[0].SystemsInstalled) - assert.Equal(t, 2, output.Data[0].SystemsUpdatable) + assert.Equal(t, 2, output.Data[0].SystemsInstallable) + assert.Equal(t, 2, output.Data[0].SystemsApplicable) } func TestPackagesFilterSAP(t *testing.T) { @@ -56,7 +62,8 @@ func TestPackagesFilterSAP(t *testing.T) { assert.Equal(t, 4, len(output.Data)) assert.Equal(t, "kernel", output.Data[3].Name) assert.Equal(t, 2, output.Data[3].SystemsInstalled) - assert.Equal(t, 1, output.Data[3].SystemsUpdatable) + assert.Equal(t, 1, output.Data[3].SystemsInstallable) + assert.Equal(t, 1, output.Data[3].SystemsApplicable) } func TestSearchPackages(t *testing.T) { From 12c1603b8ce434162bd6334fb57a33498778828e Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Fri, 2 Jun 2023 17:12:18 +0200 Subject: [PATCH 074/268] SPM-1916: use packages cache by default /minor --- deploy/clowdapp.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 0eb1bd65e..8bfa7ebe8 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -557,7 +557,7 @@ parameters: - {name: PRELOAD_ADVISORY_DETAIL_CACHE, value: 'true'} # Enable advisory detail cache preloading - {name: ENABLE_BASELINES_API, value: 'true'} # Enable baselines API endpoints - {name: ENABLE_BASELINE_CHANGE_EVAL, value: 'true'} # Send Kafka eval messages on baseline update -- {name: ENABLE_PACKAGE_CACHE_MANAGER, value: 'false'} # Enable caching for /packages endpoint +- {name: ENABLE_PACKAGE_CACHE_MANAGER, value: 'true'} # Enable caching for /packages endpoint - {name: EVAL_TOPIC_MANAGER, value: patchman.evaluator.upload} - {name: RES_LIMIT_CPU_MANAGER, value: 200m} - {name: RES_LIMIT_MEM_MANAGER, value: 256Mi} From b5c1de598b42c414d936e761c0b88b375645afae Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Mon, 5 Jun 2023 11:38:20 +0000 Subject: [PATCH 075/268] v3.3.0 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 701dbeed7..b299be978 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.2.8 +v3.3.0 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 8bfa7ebe8..50b4aa84a 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -545,7 +545,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.2.8} +- {name: IMAGE_TAG_MANAGER, value: v3.3.0} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -568,7 +568,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.2.8} +- {name: IMAGE_TAG_LISTENER, value: v3.3.0} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -587,7 +587,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.2.8} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.0} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -612,7 +612,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.2.8} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.0} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -635,7 +635,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.2.8} +- {name: IMAGE_TAG_JOBS, value: v3.3.0} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -681,7 +681,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.2.8} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.0} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -711,7 +711,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.2.8} +- {name: IMAGE_TAG_ADMIN, value: v3.3.0} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 5964f55f4..750dc752c 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.2.8" + "version": "v3.3.0" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 5dc6ce3d6..f620d43aa 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.2.8" + "version": "v3.3.0" }, "servers": [ { From 609b7bff7e48929808e073b34544dc3be6fc47ce Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 5 Jun 2023 17:03:18 +0200 Subject: [PATCH 076/268] SPM-1916: backward compatibility for systems_updatable sort and filter --- manager/controllers/packages.go | 23 +++++++++++++++++------ 1 file changed, 17 insertions(+), 6 deletions(-) diff --git a/manager/controllers/packages.go b/manager/controllers/packages.go index 101ea1aab..31b9a8d38 100644 --- a/manager/controllers/packages.go +++ b/manager/controllers/packages.go @@ -27,7 +27,9 @@ type PackageDBLookup struct { // a helper to get total number of systems MetaTotalHelper - PackageItem + PackageItemCommon + PackageItemV2Only + PackageItemV3Only } // nolint: lll @@ -38,15 +40,24 @@ type PackageItemCommon struct { } // nolint: lll -type PackageItem struct { - PackageItemCommon +type PackageItemV3Only struct { SystemsInstallable int `json:"systems_installable" csv:"systems_installable" query:"res.systems_installable" gorm:"column:systems_installable"` SystemsApplicable int `json:"systems_applicable" csv:"systems_applicable" query:"res.systems_applicable" gorm:"column:systems_applicable"` } +type PackageItem struct { + PackageItemCommon + PackageItemV3Only +} + +// nolint: lll +type PackageItemV2Only struct { + SystemsUpdatable int `json:"systems_updatable" csv:"systems_updatable" query:"res.systems_installable" gorm:"column:systems_updatable"` +} + type PackageItemV2 struct { PackageItemCommon - SystemsUpdatable int `json:"systems_updatable" csv:"systems_updatable"` + PackageItemV2Only } type PackagesResponseV2 struct { @@ -187,7 +198,7 @@ func PackageDBLookup2Item(packages []PackageDBLookup) ([]PackageItem, int) { } data := make([]PackageItem, len(packages)) for i, v := range packages { - data[i] = v.PackageItem + data[i] = PackageItem{v.PackageItemCommon, v.PackageItemV3Only} } return data, total } @@ -197,7 +208,7 @@ func packages2PackagesV2(data []PackageItem) []PackageItemV2 { for i, x := range data { v2[i] = PackageItemV2{ PackageItemCommon: x.PackageItemCommon, - SystemsUpdatable: x.SystemsInstallable, + PackageItemV2Only: PackageItemV2Only{x.SystemsInstallable}, } } return v2 From b7d6f088b2fbc10367e7a23db28fce37c6b55643 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Tue, 6 Jun 2023 14:17:51 +0000 Subject: [PATCH 077/268] v3.3.1 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index b299be978..15ee400bd 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.3.0 +v3.3.1 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 50b4aa84a..b1caaecfb 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -545,7 +545,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.3.0} +- {name: IMAGE_TAG_MANAGER, value: v3.3.1} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -568,7 +568,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.3.0} +- {name: IMAGE_TAG_LISTENER, value: v3.3.1} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -587,7 +587,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.0} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.1} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -612,7 +612,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.0} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.1} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -635,7 +635,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.3.0} +- {name: IMAGE_TAG_JOBS, value: v3.3.1} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -681,7 +681,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.0} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.1} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -711,7 +711,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.3.0} +- {name: IMAGE_TAG_ADMIN, value: v3.3.1} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 750dc752c..8f15994a2 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.0" + "version": "v3.3.1" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index f620d43aa..3a8561dcf 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.0" + "version": "v3.3.1" }, "servers": [ { From 91f0c8de490f7562ed11bd2bb64f60e22bebc59f Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Wed, 7 Jun 2023 19:11:27 +0200 Subject: [PATCH 078/268] add ability to profile code with pprof --- base/utils/config.go | 32 ++++++++++- base/utils/http.go | 14 +++++ conf/cdappconfig.json | 26 +++++++++ conf/common.env | 1 + deploy/clowdapp.yaml | 16 ++++-- docker-compose.prod.yml | 4 ++ docker-compose.yml | 4 ++ evaluator/evaluate.go | 3 + listener/listener.go | 3 + manager/manager.go | 3 + manager/routes/routes.go | 6 ++ turnpike/controllers/admin.go | 101 ++++++++++++++++++++++++++++++++++ 12 files changed, 207 insertions(+), 6 deletions(-) diff --git a/base/utils/config.go b/base/utils/config.go index 4efd877c8..5bd631b67 100644 --- a/base/utils/config.go +++ b/base/utils/config.go @@ -57,8 +57,12 @@ type Config struct { NotificationsTopic string // services - VmaasAddress string - RbacAddress string + VmaasAddress string + RbacAddress string + ManagerPrivateAddress string + ListenerPrivateAddress string + EvaluatorUploadPrivateAddress string + EvaluatorRecalcPrivateAddress string // cloudwatch CloudWatchAccessKeyID string @@ -68,6 +72,9 @@ type Config struct { // prometheus pushgateway PrometheusPushGateway string + + // profiler + ProfilerEnabled bool } func init() { @@ -85,6 +92,7 @@ func init() { initKafkaFromEnv() initServicesFromEnv() initPrometheusPushGatewayFromEnv() + initProfilerFromEnv() } func initDBFromEnv() { @@ -212,6 +220,22 @@ func initServicesFromClowder() { Cfg.RbacAddress = (*Endpoint)(&endpoint).buildURL("http") } } + + for _, e := range clowder.LoadedConfig.PrivateEndpoints { + e := e // re-assign iteration variable to use a new memory pointer + if e.App == "patchman" { + switch e.Name { + case "manager": + Cfg.ManagerPrivateAddress = (*Endpoint)(&e).buildURL("http") + case "listener": + Cfg.ListenerPrivateAddress = (*Endpoint)(&e).buildURL("http") + case "evaluator-upload": + Cfg.EvaluatorUploadPrivateAddress = (*Endpoint)(&e).buildURL("http") + case "evaluator-recalc": + Cfg.EvaluatorRecalcPrivateAddress = (*Endpoint)(&e).buildURL("http") + } + } + } } func (e *Endpoint) buildURL(scheme string) string { @@ -242,6 +266,10 @@ func initPrometheusPushGatewayFromEnv() { Cfg.PrometheusPushGateway = Getenv("PROMETHEUS_PUSHGATEWAY", "pushgateway") } +func initProfilerFromEnv() { + Cfg.ProfilerEnabled = GetBoolEnvOrDefault("ENABLE_PROFILER", false) +} + // PrintClowderParams Print Clowder params to export environment variables. func PrintClowderParams() { if clowder.IsClowderEnabled() { diff --git a/base/utils/http.go b/base/utils/http.go index a89f259e2..229a3ddd0 100644 --- a/base/utils/http.go +++ b/base/utils/http.go @@ -9,6 +9,8 @@ import ( "github.com/lestrrat-go/backoff" "github.com/pkg/errors" + + _ "net/http/pprof" //nolint:gosec ) func HTTPCallRetry(ctx context.Context, httpCallFun func() (outputDataPtr interface{}, resp *http.Response, err error), @@ -103,3 +105,15 @@ func statusCodeFound(response *http.Response, statusCodes []int) bool { } return false } + +// run net/http/pprof on privatePort +func RunProfiler() { + if Cfg.ProfilerEnabled { + go func() { + err := http.ListenAndServe(fmt.Sprintf(":%d", Cfg.PrivatePort), nil) //nolint:gosec + if err != nil { + LogWarn("err", err.Error(), "couldn't start profiler") + } + }() + } +} diff --git a/conf/cdappconfig.json b/conf/cdappconfig.json index a80e59211..b1892a882 100644 --- a/conf/cdappconfig.json +++ b/conf/cdappconfig.json @@ -68,6 +68,32 @@ "port": 9001 } ], + "privateEndpoints": [ + { + "app": "patchman", + "hostname": "manager", + "name": "manager", + "port": 9000 + }, + { + "app": "patchman", + "hostname": "listener", + "name": "listener", + "port": 9000 + }, + { + "app": "patchman", + "hostname": "evaluator_upload", + "name": "evaluator-upload", + "port": 9000 + }, + { + "app": "patchman", + "hostname": "evaluator_recalc", + "name": "evaluator-recalc", + "port": 9000 + } + ], "logging": { "cloudwatch": { "accessKeyId": "", diff --git a/conf/common.env b/conf/common.env index 73d573acc..5ddb356ab 100644 --- a/conf/common.env +++ b/conf/common.env @@ -25,3 +25,4 @@ CONSUMER_COUNT=8 # If vmaas is running locally, its available here #VMAAS_ADDRESS=http://vmaas_webapp:8080 ENABLE_MODIFIED_SINCE_SYNC=true +ENABLE_PROFILER=true diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index b1caaecfb..67f93c3d4 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -58,7 +58,7 @@ objects: enabled: true apiPath: patch private: - enabled: false + enabled: true podSpec: image: ${IMAGE}:${IMAGE_TAG_MANAGER} initContainers: @@ -120,6 +120,7 @@ objects: - {name: ENABLE_PACKAGE_CACHE, value: '${ENABLE_PACKAGE_CACHE_MANAGER}'} - {name: RESPONSE_TIMEOUT, value: '${RESPONSE_TIMEOUT}'} - {name: SSL_CERT_DIR, value: '${SSL_CERT_DIR}'} + - {name: ENABLE_PROFILER, value: '${ENABLE_PROFILER_MANAGER}'} resources: limits: {cpu: '${RES_LIMIT_CPU_MANAGER}', memory: '${RES_LIMIT_MEM_MANAGER}'} @@ -131,7 +132,7 @@ objects: public: enabled: true private: - enabled: false + enabled: true metrics: enabled: true podSpec: @@ -166,6 +167,7 @@ objects: - {name: EXCLUDED_REPORTERS, value: '${EXCLUDED_REPORTERS}'} - {name: EXCLUDED_HOST_TYPES, value: '${EXCLUDED_HOST_TYPES}'} - {name: ENABLE_PAYLOAD_TRACKER, value: '${ENABLE_PAYLOAD_TRACKER}'} + - {name: ENABLE_PROFILER, value: '${ENABLE_PROFILER_LISTENER}'} resources: limits: {cpu: '${RES_LIMIT_CPU_LISTENER}', memory: '${RES_LIMIT_MEM_LISTENER}'} @@ -177,7 +179,7 @@ objects: public: enabled: true private: - enabled: false + enabled: true metrics: enabled: true podSpec: @@ -233,6 +235,7 @@ objects: - {name: USE_VMAAS_GO, value: '${USE_VMAAS_GO}'} - {name: SSL_CERT_DIR, value: '${SSL_CERT_DIR}'} - {name: GOGC, value: '${GOGC}'} # set garbage collection limit for go 1.18 + - {name: ENABLE_PROFILER, value: '${ENABLE_PROFILER_EVALUATOR_UPLOAD}'} resources: limits: {cpu: '${RES_LIMIT_CPU_EVALUATOR_UPLOAD}', memory: '${RES_LIMIT_MEM_EVALUATOR_UPLOAD}'} requests: {cpu: '${RES_REQUEST_CPU_EVALUATOR_UPLOAD}', memory: '${RES_REQUEST_MEM_EVALUATOR_UPLOAD}'} @@ -243,7 +246,7 @@ objects: public: enabled: true private: - enabled: false + enabled: true metrics: enabled: true podSpec: @@ -299,6 +302,7 @@ objects: - {name: USE_VMAAS_GO, value: '${USE_VMAAS_GO}'} - {name: SSL_CERT_DIR, value: '${SSL_CERT_DIR}'} - {name: GOGC, value: '${GOGC}'} # set garbage collection limit for go 1.18 + - {name: ENABLE_PROFILER, value: '${ENABLE_PROFILER_EVALUATOR_RECALC}'} resources: limits: {cpu: '${RES_LIMIT_CPU_EVALUATOR_RECALC}', memory: '${RES_LIMIT_MEM_EVALUATOR_RECALC}'} requests: {cpu: '${RES_REQUEST_CPU_EVALUATOR_RECALC}', memory: '${RES_REQUEST_MEM_EVALUATOR_RECALC}'} @@ -565,6 +569,7 @@ parameters: - {name: RES_REQUEST_MEM_MANAGER, value: 256Mi} - {name: RESPONSE_TIMEOUT, value: '60'} - {name: DB_READ_REPLICA_ENABLED, value: 'TRUE'} +- {name: ENABLE_PROFILER_MANAGER, value: 'false'} # Listener - {name: REPLICAS_LISTENER, value: '1'} @@ -580,6 +585,7 @@ parameters: - {name: RES_LIMIT_MEM_LISTENER, value: 256Mi} - {name: RES_REQUEST_CPU_LISTENER, value: 250m} - {name: RES_REQUEST_MEM_LISTENER, value: 256Mi} +- {name: ENABLE_PROFILER_LISTENER, value: 'false'} # Evaluator - {name: USE_VMAAS_GO, value: 'false'} @@ -609,6 +615,7 @@ parameters: - {name: MAX_EVAL_GOROUTINES_UPLOAD, value: '1'} - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} - {name: VMAAS_CACHE_SIZE, value: '10000'} +- {name: ENABLE_PROFILER_EVALUATOR_UPLOAD, value: 'false'} # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} @@ -633,6 +640,7 @@ parameters: - {name: RES_REQUEST_MEM_EVALUATOR_RECALC, value: 1024Mi} - {name: MAX_EVAL_GOROUTINES_RECALC, value: '1'} - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} +- {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS - {name: IMAGE_TAG_JOBS, value: v3.3.1} diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml index 5d6266993..190bc9675 100644 --- a/docker-compose.prod.yml +++ b/docker-compose.prod.yml @@ -121,6 +121,7 @@ services: ports: - 8080:8080 - 9080:9080 # metrics + - 9000:9000 # private port - pprof depends_on: - db - platform @@ -142,6 +143,7 @@ services: ports: - 8081:8080 - 9081:9080 # metrics + - 9002:9000 # private port - pprof depends_on: - db - platform @@ -163,6 +165,7 @@ services: command: ./dev/scripts/docker-compose-entrypoint.sh evaluator ports: - 8082:8080 + - 9003:9000 # private port - pprof depends_on: - db - platform @@ -184,6 +187,7 @@ services: command: ./dev/scripts/docker-compose-entrypoint.sh evaluator ports: - 8084:8080 + - 9004:9000 # private port - pprof depends_on: - db - platform diff --git a/docker-compose.yml b/docker-compose.yml index 42b4d6718..dda8cdd0b 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -121,6 +121,7 @@ services: ports: - 8080:8080 - 9080:9080 # metrics + - 9000:9000 # private port - pprof depends_on: - db - platform @@ -141,6 +142,7 @@ services: ports: - 8081:8080 - 9081:9080 # metrics + - 9002:9000 # private port - pprof depends_on: - db - platform @@ -161,6 +163,7 @@ services: command: ./dev/scripts/docker-compose-entrypoint.sh evaluator ports: - 8082:8080 + - 9003:9000 # private port - pprof depends_on: - db - platform @@ -181,6 +184,7 @@ services: command: ./dev/scripts/docker-compose-entrypoint.sh evaluator ports: - 8084:8080 + - 9004:9000 # private port - pprof depends_on: - db - platform diff --git a/evaluator/evaluate.go b/evaluator/evaluate.go index f799f58b0..7e1c6cdac 100644 --- a/evaluator/evaluate.go +++ b/evaluator/evaluate.go @@ -613,6 +613,9 @@ func run(wg *sync.WaitGroup, readerBuilder mqueue.CreateReader) { func RunEvaluator() { var wg sync.WaitGroup + + go utils.RunProfiler() + run(&wg, mqueue.NewKafkaReaderFromEnv) wg.Wait() utils.LogInfo("evaluator completed") diff --git a/listener/listener.go b/listener/listener.go index 1e07f7957..9ab455a3c 100644 --- a/listener/listener.go +++ b/listener/listener.go @@ -86,6 +86,9 @@ func runReaders(wg *sync.WaitGroup, readerBuilder mqueue.CreateReader) { func RunListener() { var wg sync.WaitGroup + + go utils.RunProfiler() + runReaders(&wg, mqueue.NewKafkaReaderFromEnv) wg.Wait() utils.LogInfo("listener completed") diff --git a/manager/manager.go b/manager/manager.go index ffc5814ce..2219c1f20 100644 --- a/manager/manager.go +++ b/manager/manager.go @@ -58,6 +58,9 @@ func RunManager() { routes.InitAPI(api, endpointsConfig) } + // profiler + go utils.RunProfiler() + go base.TryExposeOnMetricsPort(app) go controllers.PreloadAdvisoryCacheItems() diff --git a/manager/routes/routes.go b/manager/routes/routes.go index 0e11de692..d53e78640 100644 --- a/manager/routes/routes.go +++ b/manager/routes/routes.go @@ -95,4 +95,10 @@ func InitAdmin(app *gin.Engine) { api.GET("/sessions", admin.GetActiveSessionsHandler) api.GET("/sessions/:search", admin.GetActiveSessionsHandler) api.DELETE("/sessions/:pid", admin.TerminateSessionHandler) + + pprof := api.Group("/pprof") + pprof.GET("/evaluator_upload/:param", admin.GetEvaluatorUploadPprof) + pprof.GET("/evaluator_recalc/:param", admin.GetEvaluatorRecalcPprof) + pprof.GET("/listener/:param", admin.GetListenerPprof) + pprof.GET("/manager/:param", admin.GetManagerPprof) } diff --git a/turnpike/controllers/admin.go b/turnpike/controllers/admin.go index 93c03e4b2..e6788104d 100644 --- a/turnpike/controllers/admin.go +++ b/turnpike/controllers/admin.go @@ -6,8 +6,10 @@ import ( "app/tasks/caches" sync "app/tasks/vmaas_sync" "fmt" + "io" "net/http" "strconv" + "time" "github.com/gin-gonic/gin" ) @@ -195,3 +197,102 @@ func TerminateSessionHandler(c *gin.Context) { c.JSON(http.StatusOK, fmt.Sprintf("pid: %s terminated", param)) } + +// @Summary Get profile info +// @Description Get profile info +// @ID getEvaluatorUploadPprof +// @Security RhIdentity +// @Produce application/octet-stream +// @Param param path string false "What to profile" SchemaExample(profile) +// @Success 200 +// @Failure 500 {object} map[string]interface{} +// @Router /pprof/evaluator_upload/{param} [get] +func GetEvaluatorUploadPprof(c *gin.Context) { + param := c.Param("param") + data, err := getPprof(utils.Cfg.EvaluatorUploadPrivateAddress, param) + if err != nil { + c.JSON(http.StatusInternalServerError, gin.H{"err": err.Error()}) + return + } + c.Data(http.StatusOK, "application/octet-stream", data) +} + +// @Summary Get profile info +// @Description Get profile info +// @ID getEvaluatorRecalcPprof +// @Security RhIdentity +// @Produce application/octet-stream +// @Param param path string false "What to profile" SchemaExample(profile) +// @Success 200 +// @Failure 500 {object} map[string]interface{} +// @Router /pprof/evaluator_recalc/{param} [get] +func GetEvaluatorRecalcPprof(c *gin.Context) { + param := c.Param("param") + data, err := getPprof(utils.Cfg.EvaluatorRecalcPrivateAddress, param) + if err != nil { + c.JSON(http.StatusInternalServerError, gin.H{"err": err.Error()}) + return + } + c.Data(http.StatusOK, "application/octet-stream", data) +} + +// @Summary Get profile info +// @Description Get profile info +// @ID getListenerPprof +// @Security RhIdentity +// @Produce application/octet-stream +// @Param param path string false "What to profile" SchemaExample(profile) +// @Success 200 +// @Failure 500 {object} map[string]interface{} +// @Router /pprof/listener/{param} [get] +func GetListenerPprof(c *gin.Context) { + param := c.Param("param") + data, err := getPprof(utils.Cfg.ListenerPrivateAddress, param) + if err != nil { + c.JSON(http.StatusInternalServerError, gin.H{"err": err.Error()}) + return + } + c.Data(http.StatusOK, "application/octet-stream", data) +} + +// @Summary Get profile info +// @Description Get profile info +// @ID getManagerPprof +// @Security RhIdentity +// @Produce application/octet-stream +// @Param param path string false "What to profile" SchemaExample(profile) +// @Success 200 +// @Failure 500 {object} map[string]interface{} +// @Router /pprof/manager/{param} [get] +func GetManagerPprof(c *gin.Context) { + param := c.Param("param") + data, err := getPprof(utils.Cfg.ManagerPrivateAddress, param) + if err != nil { + c.JSON(http.StatusInternalServerError, gin.H{"err": err.Error()}) + return + } + c.Data(http.StatusOK, "application/octet-stream", data) +} + +func getPprof(address, param string) ([]byte, error) { + client := &http.Client{ + Timeout: time.Second * 60, + } + + urlPath := fmt.Sprintf("%s/debug/pprof/%s", address, param) + req, err := http.NewRequest(http.MethodGet, urlPath, nil) + if err != nil { + return nil, err + } + res, err := client.Do(req) + if err != nil { + return nil, err + } + defer res.Body.Close() + + resBody, err := io.ReadAll(res.Body) + if err != nil { + return nil, err + } + return resBody, nil +} From ca103fa8585994706eed89fb2d569a7eb9423a22 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Wed, 7 Jun 2023 19:14:54 +0200 Subject: [PATCH 079/268] simplify buildURL --- base/utils/config.go | 26 ++++++++++++-------------- 1 file changed, 12 insertions(+), 14 deletions(-) diff --git a/base/utils/config.go b/base/utils/config.go index 5bd631b67..fb6772248 100644 --- a/base/utils/config.go +++ b/base/utils/config.go @@ -214,10 +214,10 @@ func initServicesFromClowder() { switch endpoint.App { case "vmaas": if strings.Contains(endpoint.Name, webappName) { - Cfg.VmaasAddress = (*Endpoint)(&endpoint).buildURL("http") + Cfg.VmaasAddress = (*Endpoint)(&endpoint).buildURL() } case "rbac": - Cfg.RbacAddress = (*Endpoint)(&endpoint).buildURL("http") + Cfg.RbacAddress = (*Endpoint)(&endpoint).buildURL() } } @@ -226,30 +226,28 @@ func initServicesFromClowder() { if e.App == "patchman" { switch e.Name { case "manager": - Cfg.ManagerPrivateAddress = (*Endpoint)(&e).buildURL("http") + Cfg.ManagerPrivateAddress = (*Endpoint)(&e).buildURL() case "listener": - Cfg.ListenerPrivateAddress = (*Endpoint)(&e).buildURL("http") + Cfg.ListenerPrivateAddress = (*Endpoint)(&e).buildURL() case "evaluator-upload": - Cfg.EvaluatorUploadPrivateAddress = (*Endpoint)(&e).buildURL("http") + Cfg.EvaluatorUploadPrivateAddress = (*Endpoint)(&e).buildURL() case "evaluator-recalc": - Cfg.EvaluatorRecalcPrivateAddress = (*Endpoint)(&e).buildURL("http") + Cfg.EvaluatorRecalcPrivateAddress = (*Endpoint)(&e).buildURL() } } } } -func (e *Endpoint) buildURL(scheme string) string { - return buildURL(scheme, e.Hostname, e.Port, e.TlsPort) -} - -func buildURL(scheme, host string, port int, tlsPort *int) string { +func (e *Endpoint) buildURL() string { + port := e.Port + scheme := "http" if clowder.LoadedConfig.TlsCAPath != nil { scheme += "s" - if tlsPort != nil { - port = *tlsPort + if e.TlsPort != nil { + port = *e.TlsPort } } - return fmt.Sprintf("%s://%s:%d", scheme, host, port) + return fmt.Sprintf("%s://%s:%d", scheme, e.Hostname, port) } func initCloudwatchFromClowder() { From 1abbc1e4f6fb2405a07afb54fcdcfcb0edd62805 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Wed, 7 Jun 2023 19:24:34 +0200 Subject: [PATCH 080/268] update admin openapi docs --- docs/admin/openapi.json | 168 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 168 insertions(+) diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 8f15994a2..3114175fe 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -63,6 +63,174 @@ ] } }, + "/pprof/evaluator_recalc/{param}": { + "get": { + "summary": "Get profile info", + "description": "Get profile info", + "operationId": "getEvaluatorRecalcPprof", + "parameters": [ + { + "name": "param", + "in": "path", + "description": "What to profile", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "", + "content": {} + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/octet-stream": { + "schema": { + "type": "object", + "additionalProperties": { + "type": "object" + } + } + } + } + } + }, + "security": [ + { + "RhIdentity": [] + } + ] + } + }, + "/pprof/evaluator_upload/{param}": { + "get": { + "summary": "Get profile info", + "description": "Get profile info", + "operationId": "getEvaluatorUploadPprof", + "parameters": [ + { + "name": "param", + "in": "path", + "description": "What to profile", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "", + "content": {} + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/octet-stream": { + "schema": { + "type": "object", + "additionalProperties": { + "type": "object" + } + } + } + } + } + }, + "security": [ + { + "RhIdentity": [] + } + ] + } + }, + "/pprof/listener/{param}": { + "get": { + "summary": "Get profile info", + "description": "Get profile info", + "operationId": "getListenerPprof", + "parameters": [ + { + "name": "param", + "in": "path", + "description": "What to profile", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "", + "content": {} + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/octet-stream": { + "schema": { + "type": "object", + "additionalProperties": { + "type": "object" + } + } + } + } + } + }, + "security": [ + { + "RhIdentity": [] + } + ] + } + }, + "/pprof/manager/{param}": { + "get": { + "summary": "Get profile info", + "description": "Get profile info", + "operationId": "getManagerPprof", + "parameters": [ + { + "name": "param", + "in": "path", + "description": "What to profile", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "", + "content": {} + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/octet-stream": { + "schema": { + "type": "object", + "additionalProperties": { + "type": "object" + } + } + } + } + } + }, + "security": [ + { + "RhIdentity": [] + } + ] + } + }, "/re-calc": { "get": { "summary": "Re-evaluate systems", From 6b0ba97ed0db98d62e4a655fd566f3ebc67e85f0 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Thu, 8 Jun 2023 17:09:45 +0200 Subject: [PATCH 081/268] parse db schema only once for bulk options --- base/database/batch.go | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/base/database/batch.go b/base/database/batch.go index 635cc1047..530f24ea6 100644 --- a/base/database/batch.go +++ b/base/database/batch.go @@ -108,7 +108,7 @@ func statementFromObjects(db *gorm.DB, objects reflect.Value) (*gorm.Statement, }() // Get a map of the first element to calculate field names and number of // placeholders. - firstObjectFields, err := objectToMap(db, firstElem) + firstObjectFields, err := objectToMap(schema, firstElem) if err != nil { return nil, err } @@ -127,7 +127,7 @@ func statementFromObjects(db *gorm.DB, objects reflect.Value) (*gorm.Statement, for i := 0; i < objects.Len(); i++ { // Retrieve ith element as an interface r := objects.Index(i).Interface() - row, err := objectToMap(db, r) + row, err := objectToMap(schema, r) if err != nil { return nil, err } @@ -212,7 +212,7 @@ func parseClause(clauseOnConflict clause.Expression) string { // objectToMap takes any object of type and returns a map with the gorm // field DB name as key and the value as value -func objectToMap(db *gorm.DB, object interface{}) (map[string]interface{}, error) { +func objectToMap(schema *schema.Schema, object interface{}) (map[string]interface{}, error) { attributes := make(map[string]interface{}) now := bulkNow @@ -220,7 +220,6 @@ func objectToMap(db *gorm.DB, object interface{}) (map[string]interface{}, error rv := reflect.ValueOf(object) if rv.Kind() == reflect.Ptr { rv = rv.Elem() - object = rv.Interface() } if rv.Kind() != reflect.Struct { return nil, errors.New("value must be kind of Struct") @@ -230,8 +229,7 @@ func objectToMap(db *gorm.DB, object interface{}) (map[string]interface{}, error now = Db.NowFunc() } - parsedSchema, _ := schema.Parse(object, &sync.Map{}, db.NamingStrategy) - for _, field := range parsedSchema.Fields { + for _, field := range schema.Fields { // Exclude relational record because it's not directly contained in database columns fieldVaule := rv.FieldByName(field.Name).Interface() _, hasForeignKey := field.TagSettings["FOREIGNKEY"] From 54ea4f25b4aafd4b7b698c9ba9edcc8d4236a84c Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Fri, 9 Jun 2023 14:40:51 +0200 Subject: [PATCH 082/268] SPM-2089: check if vmaas_cache is enabled --- evaluator/evaluate.go | 5 ++++- evaluator/vmaas_cache.go | 8 +++++--- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/evaluator/evaluate.go b/evaluator/evaluate.go index 7e1c6cdac..649c4f8a9 100644 --- a/evaluator/evaluate.go +++ b/evaluator/evaluate.go @@ -591,7 +591,10 @@ func loadCache() { memoryPackageCache = NewPackageCache(enablePackageCache, preloadPackageCache, packageCacheSize, packageNameCacheSize) memoryPackageCache.Load() memoryVmaasCache = NewVmaasPackageCache(enableVmaasCache, vmaasCacheSize, vmaasCacheCheckDuration) - go memoryVmaasCache.CheckValidity() + if memoryVmaasCache.enabled { + // no need to check cache validity when cache is not enabled + go memoryVmaasCache.CheckValidity() + } } func run(wg *sync.WaitGroup, readerBuilder mqueue.CreateReader) { diff --git a/evaluator/vmaas_cache.go b/evaluator/vmaas_cache.go index 19405243e..4de62557c 100644 --- a/evaluator/vmaas_cache.go +++ b/evaluator/vmaas_cache.go @@ -66,9 +66,11 @@ func (c *VmaasCache) Add(checksum *string, response *vmaas.UpdatesV2Response) { } func (c *VmaasCache) Reset(ts *types.Rfc3339TimestampWithZ) { - c.data.Purge() - c.validity = ts - vmaasCacheGauge.Set(0) + if c.enabled { + c.data.Purge() + c.validity = ts + vmaasCacheGauge.Set(0) + } } func (c *VmaasCache) CheckValidity() { From 9715ff7c781c96654231d5f48c8305121d81a4d6 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Fri, 9 Jun 2023 14:45:34 +0200 Subject: [PATCH 083/268] use vmaas-go by default --- deploy/clowdapp.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 67f93c3d4..bf10cfe95 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -588,7 +588,7 @@ parameters: - {name: ENABLE_PROFILER_LISTENER, value: 'false'} # Evaluator -- {name: USE_VMAAS_GO, value: 'false'} +- {name: USE_VMAAS_GO, value: 'true'} - {name: GOGC, value: '25'} # Evaluator - upload From 1fc8af277702915f9a299e94a9c8f7e4b008697d Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Fri, 9 Jun 2023 15:38:30 +0200 Subject: [PATCH 084/268] SPM-2090: improve logging in evaluator --- base/models/models.go | 7 +++++++ evaluator/evaluate.go | 40 ++++++++++++++++++++++++++++++---------- 2 files changed, 37 insertions(+), 10 deletions(-) diff --git a/base/models/models.go b/base/models/models.go index f3bb27c82..cb3cae732 100644 --- a/base/models/models.go +++ b/base/models/models.go @@ -72,6 +72,13 @@ func (SystemPlatform) TableName() string { return "system_platform" } +func (s *SystemPlatform) GetInventoryID() string { + if s == nil { + return "" + } + return s.InventoryID +} + type String struct { ID []byte `gorm:"primary_key"` Value string diff --git a/evaluator/evaluate.go b/evaluator/evaluate.go index 649c4f8a9..f92e313fc 100644 --- a/evaluator/evaluate.go +++ b/evaluator/evaluate.go @@ -105,6 +105,8 @@ func configure() { func Evaluate(ctx context.Context, event *mqueue.PlatformEvent, inventoryID, evaluationType string) error { tStart := time.Now() defer utils.ObserveSecondsSince(tStart, evaluationDuration.WithLabelValues(evaluationType)) + + utils.LogInfo("inventoryID", inventoryID, "Evaluating system") if enableBypass { evaluationCnt.WithLabelValues("bypassed").Inc() utils.LogInfo("inventoryID", inventoryID, "Evaluation bypassed") @@ -126,8 +128,10 @@ func Evaluate(ctx context.Context, event *mqueue.PlatformEvent, inventoryID, eva // increment `success` metric only if the system exists // don't count messages from `tryGetSystem` as success evaluationCnt.WithLabelValues("success").Inc() + utils.LogInfo("inventoryID", inventoryID, "evalLabel", evaluationType, "System evaluated successfully") + return nil } - utils.LogInfo("inventoryID", inventoryID, "evalLabel", evaluationType, "system evaluated successfully") + utils.LogInfo("inventoryID", inventoryID, "evalLabel", evaluationType, "System not evaluated") return nil } @@ -173,8 +177,12 @@ func evaluateInDatabase(ctx context.Context, event *mqueue.PlatformEvent, invent // Don't allow requested TX to hang around locking the rows defer tx.Rollback() - system := tryGetSystem(tx, event.AccountID, inventoryID, event.Timestamp) + system, err := tryGetSystem(tx, event.AccountID, inventoryID, event.Timestamp) + if err != nil { + return nil, nil, errors.Wrap(err, "unable to get system") + } if system == nil { + // warning logged in `tryGetSystem` return nil, nil, nil } @@ -183,6 +191,7 @@ func evaluateInDatabase(ctx context.Context, event *mqueue.PlatformEvent, invent return nil, nil, errors.Wrap(err, "unable to get updates data") } if updatesData == nil { + utils.LogWarn("inventoryID", inventoryID, "No vmaas updates") return nil, nil, nil } @@ -207,6 +216,7 @@ func tryGetYumUpdates(system *models.SystemPlatform) (*vmaas.UpdatesV2Response, updatesMap := resp.GetUpdateList() if len(updatesMap) == 0 { // TODO: do we need evaluationCnt.WithLabelValues("error-no-yum-packages").Inc()? + utils.LogWarn("inventoryID", system.GetInventoryID(), "No yum_updates") return nil, nil } @@ -278,6 +288,7 @@ func getVmaasUpdates(ctx context.Context, tx *gorm.DB, } if updatesReq == nil { + // warning logged in `tryGetVmaasRequest` return nil, nil } @@ -304,7 +315,7 @@ func getVmaasUpdates(ctx context.Context, tx *gorm.DB, func tryGetVmaasRequest(system *models.SystemPlatform) (*vmaas.UpdatesV3Request, error) { if system == nil || system.VmaasJSON == nil { evaluationCnt.WithLabelValues("error-parse-vmaas-json").Inc() - utils.LogWarn("inventory_id", system.InventoryID, "system with empty vmaas json") + utils.LogWarn("inventoryID", system.GetInventoryID(), "system with empty vmaas json") // skip the system // don't return error as it will cause panic of evaluator pod return nil, nil @@ -318,35 +329,44 @@ func tryGetVmaasRequest(system *models.SystemPlatform) (*vmaas.UpdatesV3Request, if len(updatesReq.PackageList) == 0 { evaluationCnt.WithLabelValues("error-no-packages").Inc() + utils.LogWarn("inventoryID", system.GetInventoryID(), "Empty package list") return nil, nil } if len(updatesReq.RepositoryList) == 0 { // system without any repositories won't have any advisories evaluated by vmaas evaluationCnt.WithLabelValues("error-no-repositories").Inc() + utils.LogWarn("inventoryID", system.GetInventoryID(), "Empty repository list") return nil, nil } return &updatesReq, nil } func tryGetSystem(tx *gorm.DB, accountID int, inventoryID string, - requested *types.Rfc3339Timestamp) *models.SystemPlatform { + requested *types.Rfc3339Timestamp) (*models.SystemPlatform, error) { system, err := loadSystemData(tx, accountID, inventoryID) - if err != nil || system.ID == 0 { + if err != nil { evaluationCnt.WithLabelValues("error-db-read-inventory-data").Inc() - return nil + return nil, errors.Wrap(err, "error loading system from DB") + } + if system.ID == 0 { + evaluationCnt.WithLabelValues("error-db-read-inventory-data").Inc() + utils.LogWarn("inventoryID", inventoryID, "System not found in DB") + return nil, nil } if system.Stale && !enableStaleSysEval { evaluationCnt.WithLabelValues("skipping-stale").Inc() - return nil + utils.LogWarn("inventoryID", inventoryID, "Skipping stale system") + return nil, nil } if requested != nil && system.LastEvaluation != nil && requested.Time().Before(*system.LastEvaluation) { evaluationCnt.WithLabelValues("skip-old-msg").Inc() - return nil + utils.LogWarn("inventoryID", inventoryID, "Skipping old message") + return nil, nil } - return system + return system, nil } func commitWithObserve(tx *gorm.DB) error { @@ -383,7 +403,7 @@ func evaluateAndStore(tx *gorm.DB, system *models.SystemPlatform, err = publishNewAdvisoriesNotification(tx, system, event, system.RhAccountID, newSystemAdvisories) if err != nil { evaluationCnt.WithLabelValues("error-advisory-notification").Inc() - utils.LogError("orgID", event.GetOrgID(), "inventoryID", system.InventoryID, "err", err.Error(), + utils.LogError("orgID", event.GetOrgID(), "inventoryID", system.GetInventoryID(), "err", err.Error(), "publishing new advisories notification failed") } } From 1886c621885c17b7c07ec5dcf5032f1f9de5c500 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Mon, 12 Jun 2023 08:31:01 +0000 Subject: [PATCH 085/268] v3.3.2 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 15ee400bd..508879b8a 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.3.1 +v3.3.2 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index bf10cfe95..dcdbade46 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -549,7 +549,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.3.1} +- {name: IMAGE_TAG_MANAGER, value: v3.3.2} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled @@ -573,7 +573,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.3.1} +- {name: IMAGE_TAG_LISTENER, value: v3.3.2} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} @@ -593,7 +593,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.1} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.2} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} @@ -619,7 +619,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.1} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.2} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} @@ -643,7 +643,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.3.1} +- {name: IMAGE_TAG_JOBS, value: v3.3.2} - {name: LOG_LEVEL_JOBS, value: debug} - {name: GOMAXPROCS_JOBS, value: '8'} - {name: GOMAXPROCS_PKG_REFRESH, value: '1'} @@ -689,7 +689,7 @@ parameters: # Database admin - {name: GOMAXPROCS_ADMIN, value: '8'} -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.1} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.2} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -719,7 +719,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.3.1} +- {name: IMAGE_TAG_ADMIN, value: v3.3.2} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 3114175fe..674d09299 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.1" + "version": "v3.3.2" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 3a8561dcf..8b9f9856e 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.1" + "version": "v3.3.2" }, "servers": [ { From 6f14df9285218a58edb6d846c4ca94472b20710d Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 12 Jun 2023 11:24:26 +0200 Subject: [PATCH 086/268] profiler usage --- README.md | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/README.md b/README.md index 8c07309ae..05eef584f 100644 --- a/README.md +++ b/README.md @@ -16,6 +16,7 @@ System Patch Manager is one of the applications for [console.redhat.com](https:/ - [Control by private API](#control-by-private-api) - [VMaaS](#vmaas) - [Monitoring](#monitoring) +- [Profiling] (#profiling) ## Development environment @@ -135,5 +136,21 @@ Copy Grafana board json config to the temporary file, e.g. `grafana.json` and ru ./scripts/grafana-json-to-yaml.sh grafana.json > ./dashboards/grafana-dashboard-insights-patchman-engine-general.configmap.yaml ~~~ +## Profiling +App can be profiled using [/net/http/pprof](https://pkg.go.dev/net/http/pprof). Profiler is exposed on app's private port. +### Local development +- set `ENABLE_PROFILE=true` in the `cont/common.env` +- `docker-compose up --build` +- `go tool pprof http://localhost:{port}/debug/pprof/{heap|profile|block|mutex}` +available ports: +- 9000 - manager +- 9002 - listener +- 9003 - evaluator-upload +- 9004 - evaluator-recalc +### Admin API +- set `ENABLE_PROFILE_{container_name}=true` in the ClowdApp +- download the profile file using internal api `/api/patch/admin/pprof/{manager|listener|evaluator_upload|evaluator_recalc}/{heap|profile|block|mutex|trace}` +- `go tool pprof ` + ## Deps backup [patchman-engine-deps](https://github.com/RedHatInsights/patchman-engine-deps) From 0cf597da94dd5a57a38e676e5d69ec56e507a948 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 12 Jun 2023 16:01:14 +0200 Subject: [PATCH 087/268] use gorm error handling --- base/database/utils.go | 19 ++++++------------- manager/controllers/baseline_create.go | 2 +- manager/controllers/baseline_update.go | 2 +- 3 files changed, 8 insertions(+), 15 deletions(-) diff --git a/base/database/utils.go b/base/database/utils.go index ad681bdf2..e6116c0c6 100644 --- a/base/database/utils.go +++ b/base/database/utils.go @@ -4,22 +4,18 @@ import ( "app/base/models" "app/base/types" "app/base/utils" + "errors" "fmt" "os" "strconv" "strings" "time" - "github.com/jackc/pgconn" - log "github.com/sirupsen/logrus" + "gorm.io/driver/postgres" "gorm.io/gorm" ) -const ( - PgErrorDuplicateKey = "23505" -) - func Systems(tx *gorm.DB, accountID int) *gorm.DB { return tx.Table("system_platform sp").Where("sp.rh_account_id = ?", accountID) } @@ -135,13 +131,10 @@ func ExecFile(filename string) error { return err } -func IsPgErrorCode(err error, pgCode string) bool { - switch e := err.(type) { - case *pgconn.PgError: - return e.Code == pgCode - default: - return false - } +// compare the dialect translated errors(like gorm.ErrDuplicatedKey) +func IsPgErrorCode(db *gorm.DB, err error, expectedGormErr error) bool { + translatedErr := db.Dialector.(*postgres.Dialector).Translate(err) + return errors.Is(translatedErr, expectedGormErr) } func logAndWait(query string) { diff --git a/manager/controllers/baseline_create.go b/manager/controllers/baseline_create.go index 5ae77528f..292d1b96a 100644 --- a/manager/controllers/baseline_create.go +++ b/manager/controllers/baseline_create.go @@ -88,7 +88,7 @@ func CreateBaselineHandler(c *gin.Context) { baselineID, err := buildCreateBaselineQuery(db, request, accountID) if err != nil { - if database.IsPgErrorCode(err, database.PgErrorDuplicateKey) { + if database.IsPgErrorCode(db, err, gorm.ErrDuplicatedKey) { LogAndRespBadRequest(c, err, DuplicateBaselineNameErr) return } diff --git a/manager/controllers/baseline_update.go b/manager/controllers/baseline_update.go index d59ca0ba4..dc029a96f 100644 --- a/manager/controllers/baseline_update.go +++ b/manager/controllers/baseline_update.go @@ -109,7 +109,7 @@ func BaselineUpdateHandler(c *gin.Context) { LogAndRespBadRequest(c, err, "Invalid inventory IDs: "+e) return } - if database.IsPgErrorCode(err, database.PgErrorDuplicateKey) { + if database.IsPgErrorCode(db, err, gorm.ErrDuplicatedKey) { LogAndRespBadRequest(c, err, DuplicateBaselineNameErr) return } From b45f24203a15cbfce7d5b08436c18fd248c87ca9 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 12 Jun 2023 16:01:58 +0200 Subject: [PATCH 088/268] update dependencies --- go.mod | 78 ++- go.sum | 1875 +++----------------------------------------------------- 2 files changed, 138 insertions(+), 1815 deletions(-) diff --git a/go.mod b/go.mod index c9f1cfcec..82a9b923d 100644 --- a/go.mod +++ b/go.mod @@ -3,34 +3,33 @@ module app go 1.19 require ( - github.com/aws/aws-sdk-go v1.44.116 + github.com/aws/aws-sdk-go v1.44.280 github.com/ezamriy/gorpm v0.0.0-20160905202458-25f7273cbf51 - github.com/getkin/kin-openapi v0.106.0 + github.com/getkin/kin-openapi v0.118.0 github.com/gin-contrib/gzip v0.0.6 github.com/gin-contrib/timeout v0.0.3 github.com/gin-gonic/gin v1.9.1 - github.com/gocarina/gocsv v0.0.0-20200330101823-46266ca37bd3 // newer version skips some columns - github.com/golang-migrate/migrate/v4 v4.15.2 - github.com/hashicorp/golang-lru/v2 v2.0.2 - github.com/jackc/pgconn v1.13.0 - github.com/joho/godotenv v1.4.0 + github.com/gocarina/gocsv v0.0.0-20230513223533-9ddd7fd60602 + github.com/golang-migrate/migrate/v4 v4.16.2 + github.com/hashicorp/golang-lru/v2 v2.0.3 + github.com/joho/godotenv v1.5.1 github.com/lestrrat-go/backoff v1.0.1 - github.com/lib/pq v1.10.7 + github.com/lib/pq v1.10.9 github.com/pkg/errors v0.9.1 github.com/pmezard/go-difflib v1.0.0 - github.com/prometheus/client_golang v1.13.0 + github.com/prometheus/client_golang v1.15.1 github.com/redhatinsights/app-common-go v1.6.6 github.com/redhatinsights/identity v0.0.0-20220719174832-36a7b1cbeff1 github.com/redhatinsights/platform-go-middlewares v0.20.0 - github.com/segmentio/kafka-go v0.4.35 - github.com/sirupsen/logrus v1.9.0 - github.com/stretchr/testify v1.8.3 - github.com/swaggo/files v0.0.0-20220728132757-551d4a08d97a - github.com/swaggo/gin-swagger v1.5.3 + github.com/segmentio/kafka-go v0.4.40 + github.com/sirupsen/logrus v1.9.3 + github.com/stretchr/testify v1.8.4 + github.com/swaggo/files v1.0.1 + github.com/swaggo/gin-swagger v1.6.0 github.com/zsais/go-gin-prometheus v0.1.0 golang.org/x/net v0.10.0 - gorm.io/driver/postgres v1.4.4 - gorm.io/gorm v1.24.0 + gorm.io/driver/postgres v1.5.2 + gorm.io/gorm v1.25.1 modernc.org/strutil v1.1.3 ) @@ -38,61 +37,58 @@ require ( github.com/KyleBanks/depth v1.2.1 // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/bytedance/sonic v1.9.1 // indirect - github.com/cespare/xxhash/v2 v2.1.2 // indirect + github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/gabriel-vasile/mimetype v1.4.2 // indirect github.com/gin-contrib/sse v0.1.0 // indirect - github.com/go-openapi/jsonpointer v0.19.5 // indirect - github.com/go-openapi/jsonreference v0.20.0 // indirect - github.com/go-openapi/spec v0.20.7 // indirect - github.com/go-openapi/swag v0.22.3 // indirect + github.com/go-openapi/jsonpointer v0.19.6 // indirect + github.com/go-openapi/jsonreference v0.20.2 // indirect + github.com/go-openapi/spec v0.20.9 // indirect + github.com/go-openapi/swag v0.22.4 // indirect github.com/go-playground/locales v0.14.1 // indirect github.com/go-playground/universal-translator v0.18.1 // indirect - github.com/go-playground/validator/v10 v10.14.0 // indirect + github.com/go-playground/validator/v10 v10.14.1 // indirect github.com/goccy/go-json v0.10.2 // indirect - github.com/golang/protobuf v1.5.2 // indirect - github.com/google/go-cmp v0.5.9 // indirect + github.com/golang/protobuf v1.5.3 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect github.com/invopop/yaml v0.2.0 // indirect - github.com/jackc/chunkreader/v2 v2.0.1 // indirect - github.com/jackc/pgio v1.0.0 // indirect github.com/jackc/pgpassfile v1.0.0 // indirect - github.com/jackc/pgproto3/v2 v2.3.1 // indirect - github.com/jackc/pgservicefile v0.0.0-20200714003250-2b9c44734f2b // indirect - github.com/jackc/pgtype v1.12.0 // indirect - github.com/jackc/pgx/v4 v4.17.2 // indirect + github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a // indirect + github.com/jackc/pgx/v5 v5.3.1 // indirect github.com/jinzhu/inflection v1.0.0 // indirect github.com/jinzhu/now v1.1.5 // indirect github.com/jmespath/go-jmespath v0.4.0 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect - github.com/klauspost/compress v1.15.11 // indirect - github.com/klauspost/cpuid/v2 v2.2.4 // indirect + github.com/klauspost/compress v1.16.5 // indirect + github.com/klauspost/cpuid/v2 v2.2.5 // indirect github.com/leodido/go-urn v1.2.4 // indirect github.com/mailru/easyjson v0.7.7 // indirect github.com/mattn/go-isatty v0.0.19 // indirect - github.com/matttproud/golang_protobuf_extensions v1.0.2 // indirect + github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 // indirect github.com/pelletier/go-toml/v2 v2.0.8 // indirect + github.com/perimeterx/marshmallow v1.1.4 // indirect github.com/pierrec/lz4/v4 v4.1.17 // indirect - github.com/prometheus/client_model v0.2.0 // indirect - github.com/prometheus/common v0.37.0 // indirect - github.com/prometheus/procfs v0.8.0 // indirect - github.com/swaggo/swag v1.8.6 // indirect + github.com/prometheus/client_model v0.4.0 // indirect + github.com/prometheus/common v0.44.0 // indirect + github.com/prometheus/procfs v0.10.1 // indirect + github.com/swaggo/swag v1.16.1 // indirect github.com/twitchyliquid64/golang-asm v0.15.1 // indirect github.com/ugorji/go/codec v1.2.11 // indirect - github.com/xdg/scram v1.0.5 // indirect - github.com/xdg/stringprep v1.0.3 // indirect - go.uber.org/atomic v1.10.0 // indirect + github.com/xdg-go/pbkdf2 v1.0.0 // indirect + github.com/xdg-go/scram v1.1.2 // indirect + github.com/xdg-go/stringprep v1.0.4 // indirect + go.uber.org/atomic v1.11.0 // indirect golang.org/x/arch v0.3.0 // indirect golang.org/x/crypto v0.9.0 // indirect golang.org/x/sys v0.8.0 // indirect golang.org/x/text v0.9.0 // indirect - golang.org/x/tools v0.6.0 // indirect + golang.org/x/tools v0.9.3 // indirect google.golang.org/protobuf v1.30.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index 94f896035..5040c72af 100644 --- a/go.sum +++ b/go.sum @@ -1,436 +1,38 @@ -bazil.org/fuse v0.0.0-20160811212531-371fbbdaa898/go.mod h1:Xbm+BRKSBEpa4q4hTSxohYNQpsxXPbPry4JJWOB3LB8= -bazil.org/fuse v0.0.0-20200407214033-5883e5a4b512/go.mod h1:FbcW6z/2VytnFDhZfumh8Ss8zxHE6qpMP5sHTRe0EaM= -cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= -cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= -cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= -cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= -cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= -cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= -cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4= -cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M= -cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc= -cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKVk= -cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs= -cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc= -cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY= -cloud.google.com/go v0.72.0/go.mod h1:M+5Vjvlc2wnp6tjzE102Dw08nGShTscUx2nZMufOKPI= -cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmWk= -cloud.google.com/go v0.78.0/go.mod h1:QjdrLG0uq+YwhjoVOLsS1t7TW8fs36kLs4XO5R5ECHg= -cloud.google.com/go v0.79.0/go.mod h1:3bzgcEeQlzbuEAYu4mrWhKqWjmpprinYgKJLgKHnbb8= -cloud.google.com/go v0.81.0/go.mod h1:mk/AM35KwGk/Nm2YSeZbxXdrNK3KZOYHmLkOqC2V6E0= -cloud.google.com/go v0.83.0/go.mod h1:Z7MJUsANfY0pYPdw0lbnivPx4/vhy/e2FEkSkF7vAVY= -cloud.google.com/go v0.84.0/go.mod h1:RazrYuxIK6Kb7YrzzhPoLmCVzl7Sup4NrbKPg8KHSUM= -cloud.google.com/go v0.87.0/go.mod h1:TpDYlFy7vuLzZMMZ+B6iRiELaY7z/gJPaqbMx6mlWcY= -cloud.google.com/go v0.90.0/go.mod h1:kRX0mNRHe0e2rC6oNakvwQqzyDmg57xJ+SZU1eT2aDQ= -cloud.google.com/go v0.93.3/go.mod h1:8utlLll2EF5XMAV15woO4lSbWQlk8rer9aLOfLh7+YI= -cloud.google.com/go v0.94.1/go.mod h1:qAlAugsXlC+JWO+Bke5vCtc9ONxjQT3drlTTnAplMW4= -cloud.google.com/go v0.97.0/go.mod h1:GF7l59pYBVlXQIBLx3a761cZ41F9bBH3JUlihCt2Udc= -cloud.google.com/go v0.98.0/go.mod h1:ua6Ush4NALrHk5QXDWnjvZHN93OuF0HfuEPq9I1X0cM= -cloud.google.com/go v0.99.0/go.mod h1:w0Xx2nLzqWJPuozYQX+hFfCSI8WioryfRDzkoI/Y2ZA= -cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= -cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= -cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= -cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg= -cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc= -cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= -cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= -cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= -cloud.google.com/go/firestore v1.1.0/go.mod h1:ulACoGHTpvq5r8rxGJ4ddJZBZqakUQqClKRT5SZwBmk= -cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= -cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= -cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= -cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU= -cloud.google.com/go/spanner v1.28.0/go.mod h1:7m6mtQZn/hMbMfx62ct5EWrGND4DNqkXyrmBPRS+OJo= -cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= -cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= -cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= -cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= -cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= -dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= -gioui.org v0.0.0-20210308172011-57750fc8a0a6/go.mod h1:RSH6KIUZ0p2xy5zHDxgAM4zumjgTw83q2ge/PI+yyw8= -github.com/AdaLogics/go-fuzz-headers v0.0.0-20210715213245-6c3934b029d8/go.mod h1:CzsSbkDixRphAF5hS6wbMKq0eI6ccJRb7/A0M6JBnwg= -github.com/Azure/azure-pipeline-go v0.2.3/go.mod h1:x841ezTBIMG6O3lAcl8ATHnsOPVl2bqk7S3ta6S6u4k= -github.com/Azure/azure-sdk-for-go v16.2.1+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/azure-storage-blob-go v0.14.0/go.mod h1:SMqIBi+SuiQH32bvyjngEewEeXoPfKMgWlBDaYf6fck= -github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= -github.com/Azure/go-ansiterm v0.0.0-20210608223527-2377c96fe795/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= -github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOElx5B5HZ4hJQsoJ/PvUvKRhJHDQXO8P8= -github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= -github.com/Azure/go-autorest v10.8.1+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= -github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= -github.com/Azure/go-autorest/autorest v0.11.1/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw= -github.com/Azure/go-autorest/autorest v0.11.18/go.mod h1:dSiJPy22c3u0OtOKDNttNgqpNFY/GeWa7GH/Pz56QRA= -github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg= -github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A= -github.com/Azure/go-autorest/autorest/adal v0.9.13/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M= -github.com/Azure/go-autorest/autorest/adal v0.9.16/go.mod h1:tGMin8I49Yij6AQ+rvV+Xa/zwxYQB5hmsd6DkfAx2+A= -github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= -github.com/Azure/go-autorest/autorest/mocks v0.4.0/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= -github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= -github.com/Azure/go-autorest/logger v0.2.0/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= -github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= -github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= -github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/ClickHouse/clickhouse-go v1.4.3/go.mod h1:EaI/sW7Azgz9UATzd5ZdZHRUhHgv5+JMS9NSr2smCJI= +github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 h1:L/gRVlceqvL25UVaW/CKtUDjefjrs0SPonmDGUVOYP0= github.com/KyleBanks/depth v1.2.1 h1:5h8fQADFrWtarTdtDudMmGsC7GPbOAu6RVB3ffsVFHc= github.com/KyleBanks/depth v1.2.1/go.mod h1:jzSb9d0L43HxTQfT+oSA1EEp2q+ne2uh6XgeJcm8brE= -github.com/Masterminds/semver/v3 v3.1.1 h1:hLg3sBzpNErnxhQtUy/mmLR2I9foDujNK030IGemrRc= -github.com/Masterminds/semver/v3 v3.1.1/go.mod h1:VPu/7SZ7ePZ3QOrcuXROw5FAcLl4a0cBrbBpGY/8hQs= github.com/MichaelMraka/gorpm v0.0.0-20210923131407-e21b5950f175 h1:KkjlVN/HUw3OStvTnsAKt6bzLfWz/qDzfdNKRAo9Ef0= github.com/MichaelMraka/gorpm v0.0.0-20210923131407-e21b5950f175/go.mod h1:R3iHBCKh4OIuNrIzJl+81N08s7dD92MLffdRy+wbtnk= -github.com/Microsoft/go-winio v0.4.11/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA= -github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= -github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5/go.mod h1:tTuCMEN+UleMWgg9dVx4Hu52b1bJo+59jBh3ajtinzw= -github.com/Microsoft/go-winio v0.4.16-0.20201130162521-d1ffc52c7331/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0= -github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0= -github.com/Microsoft/go-winio v0.4.17-0.20210211115548-6eac466e5fa3/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= -github.com/Microsoft/go-winio v0.4.17-0.20210324224401-5516f17a5958/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= -github.com/Microsoft/go-winio v0.4.17/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= -github.com/Microsoft/go-winio v0.5.1/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= -github.com/Microsoft/go-winio v0.5.2 h1:a9IhgEQBCUEk6QCdml9CiJGhAws+YwffDHEMp1VMrpA= -github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY= -github.com/Microsoft/hcsshim v0.8.6/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg= -github.com/Microsoft/hcsshim v0.8.7-0.20190325164909-8abdbb8205e4/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg= -github.com/Microsoft/hcsshim v0.8.7/go.mod h1:OHd7sQqRFrYd3RmSgbgji+ctCwkbq2wbEYNSzOYtcBQ= -github.com/Microsoft/hcsshim v0.8.9/go.mod h1:5692vkUqntj1idxauYlpoINNKeqCiG6Sg38RRsjT5y8= -github.com/Microsoft/hcsshim v0.8.14/go.mod h1:NtVKoYxQuTLx6gEq0L96c9Ju4JbRJ4nY2ow3VK6a9Lg= -github.com/Microsoft/hcsshim v0.8.15/go.mod h1:x38A4YbHbdxJtc0sF6oIz+RG0npwSCAvn69iY6URG00= -github.com/Microsoft/hcsshim v0.8.16/go.mod h1:o5/SZqmR7x9JNKsW3pu+nqHm0MF8vbA+VxGOoXdC600= -github.com/Microsoft/hcsshim v0.8.20/go.mod h1:+w2gRZ5ReXQhFOrvSQeNfhrYB/dg3oDwTOcER2fw4I4= -github.com/Microsoft/hcsshim v0.8.21/go.mod h1:+w2gRZ5ReXQhFOrvSQeNfhrYB/dg3oDwTOcER2fw4I4= -github.com/Microsoft/hcsshim v0.8.23/go.mod h1:4zegtUJth7lAvFyc6cH2gGQ5B3OFQim01nnU2M8jKDg= -github.com/Microsoft/hcsshim v0.9.2/go.mod h1:7pLA8lDk46WKDWlVsENo92gC0XFa8rbKfyFRBqxEbCc= -github.com/Microsoft/hcsshim/test v0.0.0-20201218223536-d3e5debf77da/go.mod h1:5hlzMzRKMLyo42nCZ9oml8AdTlq/0cvIaBv6tK1RehU= -github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3/go.mod h1:mw7qgWloBUl75W/gVH3cQszUg1+gUITj7D6NY7ywVnY= -github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= -github.com/NYTimes/gziphandler v1.1.1/go.mod h1:n/CVRwUEOgIxrgPvAQhUUr9oeUtvrhMomdKFjzJNB0c= -github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= -github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/urlesc v0.0.0-20160726150825-5bd2802263f2/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= -github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:HI8ITrYtUY+O+ZhtlqUnD8+KwNPOyugEhfP9fdUIaEQ= -github.com/agiledragon/gomonkey/v2 v2.3.1/go.mod h1:ap1AmDzcVOAz1YpeJ3TCzIgstoaWLA6jbbgxfB4w2iY= -github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw= -github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= -github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= -github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= -github.com/alexflint/go-filemutex v0.0.0-20171022225611-72bdc8eae2ae/go.mod h1:CgnQgUtFrFz9mxFNtED3jI5tLDjKlOM+oUF/sTk6ps0= -github.com/alexflint/go-filemutex v1.1.0/go.mod h1:7P4iRhttt/nUvUOrYIhcpMzv2G6CY9UnI16Z+UJqRyk= -github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= -github.com/apache/arrow/go/arrow v0.0.0-20210818145353-234c94e4ce64/go.mod h1:2qMFB56yOP3KzkB3PbYZ4AlUFg3a88F67TIx5lB/WwY= -github.com/apache/arrow/go/arrow v0.0.0-20211013220434-5962184e7a30/go.mod h1:Q7yQnSMnLvcXlZ8RV+jwz/6y1rQTqbX6C82SndT52Zs= -github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= -github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= -github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY= -github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= -github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0= -github.com/aws/aws-sdk-go v1.17.7/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= +github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow= github.com/aws/aws-sdk-go v1.38.51/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro= -github.com/aws/aws-sdk-go v1.44.116 h1:NpLIhcvLWXJZAEwvPj3TDHeqp7DleK6ZUVYyW01WNHY= -github.com/aws/aws-sdk-go v1.44.116/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo= -github.com/aws/aws-sdk-go-v2 v1.8.0/go.mod h1:xEFuWz+3TYdlPRuo+CqATbeDWIWyaT5uAPwPaWtgse0= -github.com/aws/aws-sdk-go-v2 v1.9.2/go.mod h1:cK/D0BBs0b/oWPIcX/Z/obahJK1TT7IPVjy53i/mX/4= -github.com/aws/aws-sdk-go-v2/config v1.6.0/go.mod h1:TNtBVmka80lRPk5+S9ZqVfFszOQAGJJ9KbT3EM3CHNU= -github.com/aws/aws-sdk-go-v2/config v1.8.3/go.mod h1:4AEiLtAb8kLs7vgw2ZV3p2VZ1+hBavOc84hqxVNpCyw= -github.com/aws/aws-sdk-go-v2/credentials v1.3.2/go.mod h1:PACKuTJdt6AlXvEq8rFI4eDmoqDFC5DpVKQbWysaDgM= -github.com/aws/aws-sdk-go-v2/credentials v1.4.3/go.mod h1:FNNC6nQZQUuyhq5aE5c7ata8o9e4ECGmS4lAXC7o1mQ= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.4.0/go.mod h1:Mj/U8OpDbcVcoctrYwA2bak8k/HFPdcLzI/vaiXMwuM= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.6.0/go.mod h1:gqlclDEZp4aqJOancXK6TN24aKhT0W0Ae9MHk3wzTMM= -github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.4.0/go.mod h1:eHwXu2+uE/T6gpnYWwBwqoeqRf9IXyCcolyOWDRAErQ= -github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.5.4/go.mod h1:Ex7XQmbFmgFHrjUX6TN3mApKW5Hglyga+F7wZHTtYhA= -github.com/aws/aws-sdk-go-v2/internal/ini v1.2.0/go.mod h1:Q5jATQc+f1MfZp3PDMhn6ry18hGvE0i8yvbXoKbnZaE= -github.com/aws/aws-sdk-go-v2/internal/ini v1.2.4/go.mod h1:ZcBrrI3zBKlhGFNYWvju0I3TR93I7YIgAfy82Fh4lcQ= -github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.2.2/go.mod h1:EASdTcM1lGhUe1/p4gkojHwlGJkeoRjjr1sRCzup3Is= -github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.3.0/go.mod h1:v8ygadNyATSm6elwJ/4gzJwcFhri9RqS8skgHKiwXPU= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.2.2/go.mod h1:NXmNI41bdEsJMrD0v9rUvbGCB5GwdBEpKvUvIY3vTFg= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.3.2/go.mod h1:72HRZDLMtmVQiLG2tLfQcaWLCssELvGl+Zf2WVxMmR8= -github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.5.2/go.mod h1:QuL2Ym8BkrLmN4lUofXYq6000/i5jPjosCNK//t6gak= -github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.7.2/go.mod h1:np7TMuJNT83O0oDOSF8i4dF3dvGqA6hPYYo6YYkzgRA= -github.com/aws/aws-sdk-go-v2/service/s3 v1.12.0/go.mod h1:6J++A5xpo7QDsIeSqPK4UHqMSyPOCopa+zKtqAMhqVQ= -github.com/aws/aws-sdk-go-v2/service/s3 v1.16.1/go.mod h1:CQe/KvWV1AqRc65KqeJjrLzr5X2ijnFTTVzJW0VBRCI= -github.com/aws/aws-sdk-go-v2/service/sso v1.3.2/go.mod h1:J21I6kF+d/6XHVk7kp/cx9YVD2TMD2TbLwtRGVcinXo= -github.com/aws/aws-sdk-go-v2/service/sso v1.4.2/go.mod h1:NBvT9R1MEF+Ud6ApJKM0G+IkPchKS7p7c2YPKwHmBOk= -github.com/aws/aws-sdk-go-v2/service/sts v1.6.1/go.mod h1:hLZ/AnkIKHLuPGjEiyghNEdvJ2PP0MgOxcmv9EBJ4xs= -github.com/aws/aws-sdk-go-v2/service/sts v1.7.2/go.mod h1:8EzeIqfWt2wWT4rJVu3f21TfrhJ8AEMzVybRNSb/b4g= -github.com/aws/smithy-go v1.7.0/go.mod h1:SObp3lf9smib00L/v3U2eAKG8FyQ7iLrJnQiAmR5n+E= -github.com/aws/smithy-go v1.8.0/go.mod h1:SObp3lf9smib00L/v3U2eAKG8FyQ7iLrJnQiAmR5n+E= -github.com/benbjohnson/clock v1.0.3/go.mod h1:bGMdMPoPVvcYyt1gHDf4J2KE153Yf9BuiUKYMaxlTDM= -github.com/beorn7/perks v0.0.0-20160804104726-4c0e84591b9a/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= -github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= -github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= +github.com/aws/aws-sdk-go v1.44.280 h1:UYl/yxhDxP8naok6ftWyQ9/9ZzNwjC9dvEs/j8BkGhw= +github.com/aws/aws-sdk-go v1.44.280/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= -github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= -github.com/bitly/go-hostpool v0.0.0-20171023180738-a3a6125de932/go.mod h1:NOuUCSz6Q9T7+igc/hlvDOUdtWKryOrtFyIVABv/p7k= -github.com/bitly/go-simplejson v0.5.0/go.mod h1:cXHtHw4XUPsvGaxgjIAn8PhEWG9NfngEKAMDJEczWVA= -github.com/bits-and-blooms/bitset v1.2.0/go.mod h1:gIdJ4wp64HaoK2YrL1Q5/N7Y16edYb8uY+O0FJTyyDA= -github.com/bkaradzic/go-lz4 v1.0.0/go.mod h1:0YdlkowM3VswSROI7qDxhRvJ3sLhlFrRRwjwegp5jy4= -github.com/bketelsen/crypt v0.0.3-0.20200106085610-5cbc8cc4026c/go.mod h1:MKsuJmJgSg28kpZDP6UIiPt0e0Oz0kqKNGyRaWEPv84= -github.com/blang/semver v3.1.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= -github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= -github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4= -github.com/boombuler/barcode v1.0.0/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= -github.com/bshuster-repo/logrus-logstash-hook v0.4.1/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk= -github.com/buger/jsonparser v0.0.0-20180808090653-f4dd9f5a6b44/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s= -github.com/buger/jsonparser v1.1.1/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx27UK13J/0= -github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd/go.mod h1:2oa8nejYd4cQ/b0hMIopN0lCRxU0bueqREvZLWFrtK8= -github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b/go.mod h1:obH5gd0BsqsP2LwDJ9aOkm/6J86V6lyAXCoQWGw3K50= -github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE= github.com/bytedance/sonic v1.5.0/go.mod h1:ED5hyg4y6t3/9Ku1R6dU/4KyJ48DZ4jPhfY1O2AihPM= github.com/bytedance/sonic v1.9.1 h1:6iJ6NqdoxCDr6mbY8h18oSO+cShGSMRGCEo7F2h0x8s= github.com/bytedance/sonic v1.9.1/go.mod h1:i736AoUSYt75HyZLoJW9ERYxcy6eaN6h4BZXU064P/U= -github.com/cenkalti/backoff/v4 v4.1.1/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= -github.com/cenkalti/backoff/v4 v4.1.2/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= -github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= -github.com/census-instrumentation/opencensus-proto v0.3.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= -github.com/certifi/gocertifi v0.0.0-20191021191039-0944d244cd40/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= -github.com/certifi/gocertifi v0.0.0-20200922220541-2c3bb06c6054/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= -github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= -github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/cespare/xxhash/v2 v2.1.2 h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE= -github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/checkpoint-restore/go-criu/v4 v4.1.0/go.mod h1:xUQBLp4RLc5zJtWY++yjOoMoB5lihDt7fai+75m+rGw= -github.com/checkpoint-restore/go-criu/v5 v5.0.0/go.mod h1:cfwC0EG7HMUenopBsUf9d89JlCLQIfgVcNsNN0t6T2M= -github.com/checkpoint-restore/go-criu/v5 v5.3.0/go.mod h1:E/eQpaFtUKGOOSEBZgmKAcn+zUUwWxqcaKZlF54wK8E= +github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= +github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chenzhuoyu/base64x v0.0.0-20211019084208-fb5309c8db06/go.mod h1:DH46F32mSOjUmXrMHnKwZdA8wcEefY7UVqBKYGjpdQY= github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 h1:qSGYFH7+jGhDF8vLC+iwCD4WpbV1EBDSzWkJODFLams= github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311/go.mod h1:b583jCggY9gE99b6G5LEC39OIiVsWj+R97kbl5odCEk= -github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= -github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/cilium/ebpf v0.0.0-20200110133405-4032b1d8aae3/go.mod h1:MA5e5Lr8slmEg9bt0VpxxWqJlO4iwu3FBdHUzV7wQVg= -github.com/cilium/ebpf v0.0.0-20200702112145-1c8d4c9ef775/go.mod h1:7cR51M8ViRLIdUjrmSXlK9pkrsDlLHbO8jiB8X8JnOc= -github.com/cilium/ebpf v0.2.0/go.mod h1:To2CFviqOWL/M0gIMsvSMlqe7em/l1ALkX1PyjrX2Qs= -github.com/cilium/ebpf v0.4.0/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJXRs= -github.com/cilium/ebpf v0.6.2/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJXRs= -github.com/cilium/ebpf v0.7.0/go.mod h1:/oI2+1shJiTGAMgl6/RgJr36Eo1jzrRcAWbcXO2usCA= -github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= -github.com/cloudflare/golz4 v0.0.0-20150217214814-ef862a3cdc58/go.mod h1:EOBUe0h4xcZ5GoxqC5SDxFQ8gwyZPKQoEzownBlhI80= -github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= -github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= -github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= -github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= -github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20211130200136-a8f946100490/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cockroachdb/apd v1.1.0 h1:3LFP3629v+1aKXU5Q37mxmRxX/pIu1nijXydLShEq5I= -github.com/cockroachdb/apd v1.1.0/go.mod h1:8Sl8LxpKi29FqWXR16WEFZRNSz3SoPzUzeMeY4+DwBQ= -github.com/cockroachdb/cockroach-go/v2 v2.1.1/go.mod h1:7NtUnP6eK+l6k483WSYNrq3Kb23bWV10IRV1TyeSpwM= -github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8= -github.com/cockroachdb/datadriven v0.0.0-20200714090401-bf6692d28da5/go.mod h1:h6jFvWxBdQXxjopDMZyH2UVceIRfR84bdzbkoKrsWNo= -github.com/cockroachdb/errors v1.2.4/go.mod h1:rQD95gz6FARkaKkQXUksEje/d9a6wBJoCr5oaCLELYA= -github.com/cockroachdb/logtags v0.0.0-20190617123548-eb05cc24525f/go.mod h1:i/u985jwjWRlyHXQbwatDASoW0RMlZ/3i9yJHE2xLkI= -github.com/containerd/aufs v0.0.0-20200908144142-dab0cbea06f4/go.mod h1:nukgQABAEopAHvB6j7cnP5zJ+/3aVcE7hCYqvIwAHyE= -github.com/containerd/aufs v0.0.0-20201003224125-76a6863f2989/go.mod h1:AkGGQs9NM2vtYHaUen+NljV0/baGCAPELGm2q9ZXpWU= -github.com/containerd/aufs v0.0.0-20210316121734-20793ff83c97/go.mod h1:kL5kd6KM5TzQjR79jljyi4olc1Vrx6XBlcyj3gNv2PU= -github.com/containerd/aufs v1.0.0/go.mod h1:kL5kd6KM5TzQjR79jljyi4olc1Vrx6XBlcyj3gNv2PU= -github.com/containerd/btrfs v0.0.0-20201111183144-404b9149801e/go.mod h1:jg2QkJcsabfHugurUvvPhS3E08Oxiuh5W/g1ybB4e0E= -github.com/containerd/btrfs v0.0.0-20210316141732-918d888fb676/go.mod h1:zMcX3qkXTAi9GI50+0HOeuV8LU2ryCE/V2vG/ZBiTss= -github.com/containerd/btrfs v1.0.0/go.mod h1:zMcX3qkXTAi9GI50+0HOeuV8LU2ryCE/V2vG/ZBiTss= -github.com/containerd/cgroups v0.0.0-20190717030353-c4b9ac5c7601/go.mod h1:X9rLEHIqSf/wfK8NsPqxJmeZgW4pcfzdXITDrUSJ6uI= -github.com/containerd/cgroups v0.0.0-20190919134610-bf292b21730f/go.mod h1:OApqhQ4XNSNC13gXIwDjhOQxjWa/NxkwZXJ1EvqT0ko= -github.com/containerd/cgroups v0.0.0-20200531161412-0dbf7f05ba59/go.mod h1:pA0z1pT8KYB3TCXK/ocprsh7MAkoW8bZVzPdih9snmM= -github.com/containerd/cgroups v0.0.0-20200710171044-318312a37340/go.mod h1:s5q4SojHctfxANBDvMeIaIovkq29IP48TKAxnhYRxvo= -github.com/containerd/cgroups v0.0.0-20200824123100-0b889c03f102/go.mod h1:s5q4SojHctfxANBDvMeIaIovkq29IP48TKAxnhYRxvo= -github.com/containerd/cgroups v0.0.0-20210114181951-8a68de567b68/go.mod h1:ZJeTFisyysqgcCdecO57Dj79RfL0LNeGiFUqLYQRYLE= -github.com/containerd/cgroups v1.0.1/go.mod h1:0SJrPIenamHDcZhEcJMNBB85rHcUsw4f25ZfBiPYRkU= -github.com/containerd/cgroups v1.0.3/go.mod h1:/ofk34relqNjSGyqPrmEULrO4Sc8LJhvJmWbUCUKqj8= -github.com/containerd/console v0.0.0-20180822173158-c12b1e7919c1/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw= -github.com/containerd/console v0.0.0-20181022165439-0650fd9eeb50/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw= -github.com/containerd/console v0.0.0-20191206165004-02ecf6a7291e/go.mod h1:8Pf4gM6VEbTNRIT26AyyU7hxdQU3MvAvxVI0sc00XBE= -github.com/containerd/console v1.0.1/go.mod h1:XUsP6YE/mKtz6bxc+I8UiKKTP04qjQL4qcS3XoQ5xkw= -github.com/containerd/console v1.0.2/go.mod h1:ytZPjGgY2oeTkAONYafi2kSj0aYggsf8acV1PGKCbzQ= -github.com/containerd/console v1.0.3/go.mod h1:7LqA/THxQ86k76b8c/EMSiaJ3h1eZkMkXar0TQ1gf3U= -github.com/containerd/containerd v1.2.10/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.0-beta.2.0.20190828155532-0293cbd26c69/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.0/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.1-0.20191213020239-082f7e3aed57/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.2/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.4.0-beta.2.0.20200729163537-40b22ef07410/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.4.1/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.4.3/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.4.9/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.5.0-beta.1/go.mod h1:5HfvG1V2FsKesEGQ17k5/T7V960Tmcumvqn8Mc+pCYQ= -github.com/containerd/containerd v1.5.0-beta.3/go.mod h1:/wr9AVtEM7x9c+n0+stptlo/uBBoBORwEx6ardVcmKU= -github.com/containerd/containerd v1.5.0-beta.4/go.mod h1:GmdgZd2zA2GYIBZ0w09ZvgqEq8EfBp/m3lcVZIvPHhI= -github.com/containerd/containerd v1.5.0-rc.0/go.mod h1:V/IXoMqNGgBlabz3tHD2TWDoTJseu1FGOKuoA4nNb2s= -github.com/containerd/containerd v1.5.1/go.mod h1:0DOxVqwDy2iZvrZp2JUx/E+hS0UNTVn7dJnIOwtYR4g= -github.com/containerd/containerd v1.5.7/go.mod h1:gyvv6+ugqY25TiXxcZC3L5yOeYgEw0QMhscqVp1AR9c= -github.com/containerd/containerd v1.5.8/go.mod h1:YdFSv5bTFLpG2HIYmfqDpSYYTDX+mc5qtSuYx1YUb/s= -github.com/containerd/containerd v1.6.1 h1:oa2uY0/0G+JX4X7hpGCYvkp9FjUancz56kSNnb1sG3o= -github.com/containerd/containerd v1.6.1/go.mod h1:1nJz5xCZPusx6jJU8Frfct988y0NpumIq9ODB0kLtoE= -github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= -github.com/containerd/continuity v0.0.0-20190815185530-f2a389ac0a02/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= -github.com/containerd/continuity v0.0.0-20191127005431-f65d91d395eb/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= -github.com/containerd/continuity v0.0.0-20200710164510-efbc4488d8fe/go.mod h1:cECdGN1O8G9bgKTlLhuPJimka6Xb/Gg7vYzCTNVxhvo= -github.com/containerd/continuity v0.0.0-20201208142359-180525291bb7/go.mod h1:kR3BEg7bDFaEddKm54WSmrol1fKWDU1nKYkgrcgZT7Y= -github.com/containerd/continuity v0.0.0-20210208174643-50096c924a4e/go.mod h1:EXlVlkqNba9rJe3j7w3Xa924itAMLgZH4UD/Q4PExuQ= -github.com/containerd/continuity v0.1.0/go.mod h1:ICJu0PwR54nI0yPEnJ6jcS+J7CZAUXrLh8lPo2knzsM= -github.com/containerd/continuity v0.2.2/go.mod h1:pWygW9u7LtS1o4N/Tn0FoCFDIXZ7rxcMX7HX1Dmibvk= -github.com/containerd/fifo v0.0.0-20180307165137-3d5202aec260/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI= -github.com/containerd/fifo v0.0.0-20190226154929-a9fb20d87448/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI= -github.com/containerd/fifo v0.0.0-20200410184934-f15a3290365b/go.mod h1:jPQ2IAeZRCYxpS/Cm1495vGFww6ecHmMk1YJH2Q5ln0= -github.com/containerd/fifo v0.0.0-20201026212402-0724c46b320c/go.mod h1:jPQ2IAeZRCYxpS/Cm1495vGFww6ecHmMk1YJH2Q5ln0= -github.com/containerd/fifo v0.0.0-20210316144830-115abcc95a1d/go.mod h1:ocF/ME1SX5b1AOlWi9r677YJmCPSwwWnQ9O123vzpE4= -github.com/containerd/fifo v1.0.0/go.mod h1:ocF/ME1SX5b1AOlWi9r677YJmCPSwwWnQ9O123vzpE4= -github.com/containerd/go-cni v1.0.1/go.mod h1:+vUpYxKvAF72G9i1WoDOiPGRtQpqsNW/ZHtSlv++smU= -github.com/containerd/go-cni v1.0.2/go.mod h1:nrNABBHzu0ZwCug9Ije8hL2xBCYh/pjfMb1aZGrrohk= -github.com/containerd/go-cni v1.1.0/go.mod h1:Rflh2EJ/++BA2/vY5ao3K6WJRR/bZKsX123aPk+kUtA= -github.com/containerd/go-cni v1.1.3/go.mod h1:Rflh2EJ/++BA2/vY5ao3K6WJRR/bZKsX123aPk+kUtA= -github.com/containerd/go-runc v0.0.0-20180907222934-5a6d9f37cfa3/go.mod h1:IV7qH3hrUgRmyYrtgEeGWJfWbgcHL9CSRruz2Vqcph0= -github.com/containerd/go-runc v0.0.0-20190911050354-e029b79d8cda/go.mod h1:IV7qH3hrUgRmyYrtgEeGWJfWbgcHL9CSRruz2Vqcph0= -github.com/containerd/go-runc v0.0.0-20200220073739-7016d3ce2328/go.mod h1:PpyHrqVs8FTi9vpyHwPwiNEGaACDxT/N/pLcvMSRA9g= -github.com/containerd/go-runc v0.0.0-20201020171139-16b287bc67d0/go.mod h1:cNU0ZbCgCQVZK4lgG3P+9tn9/PaJNmoDXPpoJhDR+Ok= -github.com/containerd/go-runc v1.0.0/go.mod h1:cNU0ZbCgCQVZK4lgG3P+9tn9/PaJNmoDXPpoJhDR+Ok= -github.com/containerd/imgcrypt v1.0.1/go.mod h1:mdd8cEPW7TPgNG4FpuP3sGBiQ7Yi/zak9TYCG3juvb0= -github.com/containerd/imgcrypt v1.0.4-0.20210301171431-0ae5c75f59ba/go.mod h1:6TNsg0ctmizkrOgXRNQjAPFWpMYRWuiB6dSF4Pfa5SA= -github.com/containerd/imgcrypt v1.1.1-0.20210312161619-7ed62a527887/go.mod h1:5AZJNI6sLHJljKuI9IHnw1pWqo/F0nGDOuR9zgTs7ow= -github.com/containerd/imgcrypt v1.1.1/go.mod h1:xpLnwiQmEUJPvQoAapeb2SNCxz7Xr6PJrXQb0Dpc4ms= -github.com/containerd/imgcrypt v1.1.3/go.mod h1:/TPA1GIDXMzbj01yd8pIbQiLdQxed5ue1wb8bP7PQu4= -github.com/containerd/nri v0.0.0-20201007170849-eb1350a75164/go.mod h1:+2wGSDGFYfE5+So4M5syatU0N0f0LbWpuqyMi4/BE8c= -github.com/containerd/nri v0.0.0-20210316161719-dbaa18c31c14/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= -github.com/containerd/nri v0.1.0/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= -github.com/containerd/stargz-snapshotter/estargz v0.4.1/go.mod h1:x7Q9dg9QYb4+ELgxmo4gBUeJB0tl5dqH1Sdz0nJU1QM= -github.com/containerd/ttrpc v0.0.0-20190828154514-0e0f228740de/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= -github.com/containerd/ttrpc v0.0.0-20190828172938-92c8520ef9f8/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= -github.com/containerd/ttrpc v0.0.0-20191028202541-4f1b8fe65a5c/go.mod h1:LPm1u0xBw8r8NOKoOdNMeVHSawSsltak+Ihv+etqsE8= -github.com/containerd/ttrpc v1.0.1/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y= -github.com/containerd/ttrpc v1.0.2/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y= -github.com/containerd/ttrpc v1.1.0/go.mod h1:XX4ZTnoOId4HklF4edwc4DcqskFZuvXB1Evzy5KFQpQ= -github.com/containerd/typeurl v0.0.0-20180627222232-a93fcdb778cd/go.mod h1:Cm3kwCdlkCfMSHURc+r6fwoGH6/F1hH3S4sg0rLFWPc= -github.com/containerd/typeurl v0.0.0-20190911142611-5eb25027c9fd/go.mod h1:GeKYzf2pQcqv7tJ0AoCuuhtnqhva5LNU3U+OyKxxJpk= -github.com/containerd/typeurl v1.0.1/go.mod h1:TB1hUtrpaiO88KEK56ijojHS1+NeF0izUACaJW2mdXg= -github.com/containerd/typeurl v1.0.2/go.mod h1:9trJWW2sRlGub4wZJRTW83VtbOLS6hwcDZXTn6oPz9s= -github.com/containerd/zfs v0.0.0-20200918131355-0a33824f23a2/go.mod h1:8IgZOBdv8fAgXddBT4dBXJPtxyRsejFIpXoklgxgEjw= -github.com/containerd/zfs v0.0.0-20210301145711-11e8f1707f62/go.mod h1:A9zfAbMlQwE+/is6hi0Xw8ktpL+6glmqZYtevJgaB8Y= -github.com/containerd/zfs v0.0.0-20210315114300-dde8f0fda960/go.mod h1:m+m51S1DvAP6r3FcmYCp54bQ34pyOwTieQDNRIRHsFY= -github.com/containerd/zfs v0.0.0-20210324211415-d5c4544f0433/go.mod h1:m+m51S1DvAP6r3FcmYCp54bQ34pyOwTieQDNRIRHsFY= -github.com/containerd/zfs v1.0.0/go.mod h1:m+m51S1DvAP6r3FcmYCp54bQ34pyOwTieQDNRIRHsFY= -github.com/containernetworking/cni v0.7.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= -github.com/containernetworking/cni v0.8.0/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= -github.com/containernetworking/cni v0.8.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= -github.com/containernetworking/cni v1.0.1/go.mod h1:AKuhXbN5EzmD4yTNtfSsX3tPcmtrBI6QcRV0NiNt15Y= -github.com/containernetworking/plugins v0.8.6/go.mod h1:qnw5mN19D8fIwkqW7oHHYDHVlzhJpcY6TQxn/fUyDDM= -github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRDjeJr6FLK6vuiUwoH7P8= -github.com/containernetworking/plugins v1.0.1/go.mod h1:QHCfGpaTwYTbbH+nZXKVTxNBDZcxSOplJT5ico8/FLE= -github.com/containers/ocicrypt v1.0.1/go.mod h1:MeJDzk1RJHv89LjsH0Sp5KTY3ZYkjXO/C+bKAeWFIrc= -github.com/containers/ocicrypt v1.1.0/go.mod h1:b8AOe0YR67uU8OqfVNcznfFpAzu3rdgUV4GP9qXPfu4= -github.com/containers/ocicrypt v1.1.1/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY= -github.com/containers/ocicrypt v1.1.2/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY= -github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= -github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= -github.com/coreos/etcd v3.3.13+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= -github.com/coreos/go-iptables v0.4.5/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= -github.com/coreos/go-iptables v0.5.0/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= -github.com/coreos/go-iptables v0.6.0/go.mod h1:Qe8Bv2Xik5FyTXwgIbLAnv2sWSBmvWdFETJConOQ//Q= -github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= -github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= -github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= -github.com/coreos/go-systemd v0.0.0-20161114122254-48702e0da86b/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/go-systemd v0.0.0-20190719114852-fd7a80b32e1f/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/go-systemd/v22 v22.0.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk= -github.com/coreos/go-systemd/v22 v22.1.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk= -github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= -github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= -github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= -github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= -github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= -github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= -github.com/creack/pty v1.1.11/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= -github.com/cyphar/filepath-securejoin v0.2.2/go.mod h1:FpkQEhXnPnOthhzymB7CGsFk2G9VLXONKD9G7QGMM+4= -github.com/cyphar/filepath-securejoin v0.2.3/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= -github.com/cznic/mathutil v0.0.0-20180504122225-ca4c9f2c1369/go.mod h1:e6NPNENfs9mPDVNRekM7lKScauxd5kXTr1Mfyig6TDM= -github.com/d2g/dhcp4 v0.0.0-20170904100407-a1d1b6c41b1c/go.mod h1:Ct2BUK8SB0YC1SMSibvLzxjeJLnrYEVLULFNiHY9YfQ= -github.com/d2g/dhcp4client v1.0.0/go.mod h1:j0hNfjhrt2SxUOw55nL0ATM/z4Yt3t2Kd1mW34z5W5s= -github.com/d2g/dhcp4server v0.0.0-20181031114812-7d4a0a7f59a5/go.mod h1:Eo87+Kg/IX2hfWJfwxMzLyuSZyxSoAug2nGa1G2QAi8= -github.com/d2g/hardwareaddr v0.0.0-20190221164911-e7d9fbe030e4/go.mod h1:bMl4RjIciD2oAxI7DmWRx6gbeqrkoLqv3MV0vzNad+I= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/denisenkom/go-mssqldb v0.10.0/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU= -github.com/denverdino/aliyungo v0.0.0-20190125010748-a747050bb1ba/go.mod h1:dV8lFg6daOBZbT6/BDGIz6Y3WFGn8juu6G+CQ6LHtl0= -github.com/dgrijalva/jwt-go v0.0.0-20170104182250-a601269ab70c/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= -github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= -github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= -github.com/dhui/dktest v0.3.10 h1:0frpeeoM9pHouHjhLeZDuDTJ0PqjDTrycaHaMmkJAo8= -github.com/dhui/dktest v0.3.10/go.mod h1:h5Enh0nG3Qbo9WjNFRrwmKUaePEBhXMOygbz3Ww7Sz0= -github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E= -github.com/docker/cli v0.0.0-20191017083524-a8ff7f821017/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= -github.com/docker/distribution v0.0.0-20190905152932-14b96e55d84c/go.mod h1:0+TTO4EOBfRPhZXAeF1Vu+W3hHZ8eLp8PgKVZlcvtFY= -github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/distribution v2.8.1+incompatible h1:Q50tZOPR6T/hjNsyc9g8/syEs6bk8XXApsHjKukMl68= -github.com/docker/distribution v2.8.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/docker v1.4.2-0.20190924003213-a8608b5b67c7/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= -github.com/docker/docker v20.10.13+incompatible h1:5s7uxnKZG+b8hYWlPYUi6x1Sjpq2MSt96d15eLZeHyw= -github.com/docker/docker v20.10.13+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= -github.com/docker/docker-credential-helpers v0.6.3/go.mod h1:WRaJzqw3CTB9bk10avuGsjVBZsD05qeibJ1/TYlvc0Y= +github.com/dhui/dktest v0.3.16 h1:i6gq2YQEtcrjKbeJpBkWjE8MmLZPYllcjOFbTZuPDnw= +github.com/docker/distribution v2.8.2+incompatible h1:T3de5rq0dB1j30rp0sA2rER+m322EBzniBPB6ZIzuh8= +github.com/docker/docker v20.10.24+incompatible h1:Ugvxm7a8+Gz6vqQYQQ2W7GYq5EUPaAiuPgIfVyI3dYE= github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ= -github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= -github.com/docker/go-events v0.0.0-20170721190031-9461782956ad/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= -github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= -github.com/docker/go-metrics v0.0.0-20180209012529-399ea8c73916/go.mod h1:/u0gXw0Gay3ceNrsHubL3BtdOL2fHf93USgMTe0W5dI= -github.com/docker/go-metrics v0.0.1/go.mod h1:cG1hvH2utMXtqgqqYE9plW6lDxS3/5ayHzueweSI3Vw= -github.com/docker/go-units v0.4.0 h1:3uh0PgVws3nIA0Q+MwDC8yjEPf9zjRfZZWXZYDct3Tw= -github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= -github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1/go.mod h1:cyGadeNEkKy96OOhEzfZl+yxihPEzKnqJwvfuSUqbZE= -github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= -github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= -github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= -github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= -github.com/edsrzf/mmap-go v0.0.0-20170320065105-0bce6a688712/go.mod h1:YO35OhQPt3KJa3ryjFM5Bs14WD66h8eGKpfaBNrHW5M= -github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= -github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= -github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= -github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= -github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= -github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= -github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po= -github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= -github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= -github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ= -github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= -github.com/envoyproxy/go-control-plane v0.10.1/go.mod h1:AY7fTTXNdv/aJ2O5jwpxAPOWUZ7hQAEvzN5Pf27BkQQ= -github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/envoyproxy/protoc-gen-validate v0.6.2/go.mod h1:2t7qjJNvHPx8IjnBOzl9E9/baC+qXE/TeeyBRzgJDws= -github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/evanphx/json-patch v4.11.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= -github.com/felixge/httpsnoop v1.0.1/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= -github.com/fogleman/gg v1.2.1-0.20190220221249-0403632d5b90/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k= -github.com/fogleman/gg v1.3.0/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k= -github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= -github.com/form3tech-oss/jwt-go v3.2.3+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= -github.com/form3tech-oss/jwt-go v3.2.5+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= -github.com/frankban/quicktest v1.11.3/go.mod h1:wRf/ReqHper53s+kmmSZizM8NamnL3IM0I9ntUbOk+k= +github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4= github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= -github.com/fsouza/fake-gcs-server v1.17.0/go.mod h1:D1rTE4YCyHFNa99oyJJ5HyclvN/0uQR+pM/VdlL83bw= -github.com/fullsailor/pkcs7 v0.0.0-20190404230743-d7302db945fa/go.mod h1:KnogPXtdwXqoenmZCw6S+25EAm2MkxbG0deNDu4cbSA= -github.com/gabriel-vasile/mimetype v1.3.1/go.mod h1:fA8fi6KUiG7MgQQ+mEWotXoEOvmxRtOJlERCzSmRvr8= -github.com/gabriel-vasile/mimetype v1.4.0/go.mod h1:fA8fi6KUiG7MgQQ+mEWotXoEOvmxRtOJlERCzSmRvr8= github.com/gabriel-vasile/mimetype v1.4.2 h1:w5qFW6JKBz9Y393Y4q372O9A7cUSequkh1Q7OhCmWKU= github.com/gabriel-vasile/mimetype v1.4.2/go.mod h1:zApsH/mKG4w07erKIaJPFiX0Tsq9BFQgN3qGY5GnNgA= -github.com/garyburd/redigo v0.0.0-20150301180006-535138d7bcd7/go.mod h1:NR3MbYisc3/PwhQ00EMzDiPmrwpPxAn5GI05/YaO1SY= -github.com/getkin/kin-openapi v0.106.0 h1:hrqfqJPAvWvuO/V0lCr/xyQOq4Gy21mcr28JJOSRcEI= -github.com/getkin/kin-openapi v0.106.0/go.mod h1:9Dhr+FasATJZjS4iOLvB0hkaxgYdulrNYm2e9epLWOo= -github.com/getsentry/raven-go v0.2.0/go.mod h1:KungGk8q33+aIAZUIVWZDr2OfAEBsO49PX4NzFV5kcQ= -github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= +github.com/getkin/kin-openapi v0.118.0 h1:z43njxPmJ7TaPpMSCQb7PN0dEYno4tyBPQcrFdHoLuM= +github.com/getkin/kin-openapi v0.118.0/go.mod h1:l5e9PaFUo9fyLJCPGQeXI2ML8c3P8BHOEV2VaAVf/pc= github.com/gin-contrib/gzip v0.0.6 h1:NjcunTcGAj5CO1gn4N8jHOSIeRFHIbn51z6K+xaN4d4= github.com/gin-contrib/gzip v0.0.6/go.mod h1:QOJlmV2xmayAjkNS2Y8NQsMneuRShOU/kjovCXNuzzk= github.com/gin-contrib/sse v0.1.0 h1:Y/yl/+YNO8GZSjAhjMsSuLt29uWRFHdHYUb5lYOV9qE= @@ -442,55 +44,20 @@ github.com/gin-gonic/gin v1.8.1/go.mod h1:ji8BvRH1azfM+SYow9zQ6SZMvR8qOMZHmsCuWR github.com/gin-gonic/gin v1.9.1 h1:4idEAncQnU5cB7BeOkPtxjfCSye0AAm1R0RVIqJ+Jmg= github.com/gin-gonic/gin v1.9.1/go.mod h1:hPrL7YrpYKXt5YId3A/Tnip5kqbEAP+KLuI3SUcPTeU= github.com/go-chi/chi v4.0.2+incompatible/go.mod h1:eB3wogJHnLi3x/kFX2A+IbTBlXxmMeXJVKy9tTv1XzQ= -github.com/go-fonts/dejavu v0.1.0/go.mod h1:4Wt4I4OU2Nq9asgDCteaAaWZOV24E+0/Pwo0gppep4g= -github.com/go-fonts/latin-modern v0.2.0/go.mod h1:rQVLdDMK+mK1xscDwsqM5J8U2jrRa3T0ecnM9pNujks= -github.com/go-fonts/liberation v0.1.1/go.mod h1:K6qoJYypsmfVjWg8KOVDQhLc8UDgIK2HYqyqAO9z7GY= -github.com/go-fonts/stix v0.1.0/go.mod h1:w/c1f0ldAUlJmLBvlbkvVXLAD+tAMqobIIQpmnUIzUY= -github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= -github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-ini/ini v1.25.4/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= -github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY= -github.com/go-kit/log v0.2.0/go.mod h1:NwTd00d/i8cPZ3xOwwiv2PO5MOcx78fFErGNcVmBjv0= -github.com/go-latex/latex v0.0.0-20210118124228-b3d85cf34e07/go.mod h1:CO1AlKB2CSIqUrmQPqA0gdRIlnLEY0gK5JGjh37zN5U= -github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= -github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= -github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= -github.com/go-logfmt/logfmt v0.5.1/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs= -github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= -github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= -github.com/go-logr/logr v0.4.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= -github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.1/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/stdr v1.2.0/go.mod h1:YkVgnZu1ZjjL7xTxrfm/LLZBfkhTqSR1ydtm6jTKKwI= -github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= -github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+35s3my2LFTysnkMfxsJBAMHj/DoqoB9knIWoYG/Vk0= -github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonpointer v0.19.5 h1:gZr+CIYByUqjcgeLXnQu2gHYQC9o73G2XUeOFYEICuY= github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonreference v0.0.0-20160704190145-13c6e3589ad9/go.mod h1:W3Z9FmVs9qj+KR4zFKmDPGiLdk1D9Rlm7cyMvf57TTg= -github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= -github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= -github.com/go-openapi/jsonreference v0.19.5/go.mod h1:RdybgQwPxbL4UEjuAruzK1x3nE69AqPYEJeo/TWfEeg= -github.com/go-openapi/jsonreference v0.19.6/go.mod h1:diGHMEHg2IqXZGKxqyvWdfWU/aim5Dprw5bqpKkTvns= -github.com/go-openapi/jsonreference v0.20.0 h1:MYlu0sBgChmCfJxxUKZ8g1cPWFOB37YSZqewK7OKeyA= +github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= +github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= github.com/go-openapi/jsonreference v0.20.0/go.mod h1:Ag74Ico3lPc+zR+qjn4XBUmXymS4zJbYVCZmcgkasdo= -github.com/go-openapi/spec v0.0.0-20160808142527-6aced65f8501/go.mod h1:J8+jY1nAiCcj+friV/PDoE1/3eeccG9LYBs0tYvLOWc= -github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= -github.com/go-openapi/spec v0.20.4/go.mod h1:faYFR1CvsJZ0mNsmsphTMSoRrNV3TEDoAM7FOEWeq8I= -github.com/go-openapi/spec v0.20.7 h1:1Rlu/ZrOCCob0n+JKKJAWhNWMPW8bOZRg8FJaY+0SKI= -github.com/go-openapi/spec v0.20.7/go.mod h1:2OpW+JddWPrpXSCIX8eOx7lZ5iyuWj3RYR6VaaBKcWA= -github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I= -github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= +github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= +github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= +github.com/go-openapi/spec v0.20.9 h1:xnlYNQAwKd2VQRRfwTEI0DcK+2cbuvI/0c7jx3gA8/8= +github.com/go-openapi/spec v0.20.9/go.mod h1:2OpW+JddWPrpXSCIX8eOx7lZ5iyuWj3RYR6VaaBKcWA= github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/swag v0.19.14/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= github.com/go-openapi/swag v0.19.15/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= -github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/go-openapi/swag v0.22.4 h1:QLMzNJnMGPRNDCbySlcj1x01tzU8/9LTTL9hZZZogBU= +github.com/go-openapi/swag v0.22.4/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= github.com/go-playground/assert/v2 v2.0.1/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4= github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s= github.com/go-playground/locales v0.13.0/go.mod h1:taPMhCMXrRLJO55olJkUXHZBHCxTMfnGwq/HNwmWNS8= @@ -503,688 +70,168 @@ github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJn github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY= github.com/go-playground/validator/v10 v10.4.1/go.mod h1:nlOn6nFhuKACm19sB/8EGNn9GlaMV7XkbRSipzJ0Ii4= github.com/go-playground/validator/v10 v10.10.0/go.mod h1:74x4gJWsvQexRdW8Pn3dXSGrTK4nAUsbPlLADvpJkos= -github.com/go-playground/validator/v10 v10.14.0 h1:vgvQWe3XCz3gIeFDm/HnTIbj6UGmg/+t63MyGU2n5js= -github.com/go-playground/validator/v10 v10.14.0/go.mod h1:9iXMNT7sEkjXb0I+enO7QXmzG6QCsPWY4zveKFVRSyU= -github.com/go-sql-driver/mysql v1.4.0/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= -github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= -github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= +github.com/go-playground/validator/v10 v10.14.1 h1:9c50NUPC30zyuKprjL3vNZ0m5oG+jU0zvx4AqHGnv4k= +github.com/go-playground/validator/v10 v10.14.1/go.mod h1:9iXMNT7sEkjXb0I+enO7QXmzG6QCsPWY4zveKFVRSyU= github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= -github.com/gobuffalo/attrs v0.0.0-20190224210810-a9411de4debd/go.mod h1:4duuawTqi2wkkpB4ePgWMaai6/Kc6WEz83bhFwpHzj0= -github.com/gobuffalo/depgen v0.0.0-20190329151759-d478694a28d3/go.mod h1:3STtPUQYuzV0gBVOY3vy6CfMm/ljR4pABfrTeHNLHUY= -github.com/gobuffalo/depgen v0.1.0/go.mod h1:+ifsuy7fhi15RWncXQQKjWS9JPkdah5sZvtHc2RXGlg= -github.com/gobuffalo/envy v1.6.15/go.mod h1:n7DRkBerg/aorDM8kbduw5dN3oXGswK5liaSCx4T5NI= -github.com/gobuffalo/envy v1.7.0/go.mod h1:n7DRkBerg/aorDM8kbduw5dN3oXGswK5liaSCx4T5NI= -github.com/gobuffalo/flect v0.1.0/go.mod h1:d2ehjJqGOH/Kjqcoz+F7jHTBbmDb38yXA598Hb50EGs= -github.com/gobuffalo/flect v0.1.1/go.mod h1:8JCgGVbRjJhVgD6399mQr4fx5rRfGKVzFjbj6RE/9UI= -github.com/gobuffalo/flect v0.1.3/go.mod h1:8JCgGVbRjJhVgD6399mQr4fx5rRfGKVzFjbj6RE/9UI= -github.com/gobuffalo/genny v0.0.0-20190329151137-27723ad26ef9/go.mod h1:rWs4Z12d1Zbf19rlsn0nurr75KqhYp52EAGGxTbBhNk= -github.com/gobuffalo/genny v0.0.0-20190403191548-3ca520ef0d9e/go.mod h1:80lIj3kVJWwOrXWWMRzzdhW3DsrdjILVil/SFKBzF28= -github.com/gobuffalo/genny v0.1.0/go.mod h1:XidbUqzak3lHdS//TPu2OgiFB+51Ur5f7CSnXZ/JDvo= -github.com/gobuffalo/genny v0.1.1/go.mod h1:5TExbEyY48pfunL4QSXxlDOmdsD44RRq4mVZ0Ex28Xk= -github.com/gobuffalo/gitgen v0.0.0-20190315122116-cc086187d211/go.mod h1:vEHJk/E9DmhejeLeNt7UVvlSGv3ziL+djtTr3yyzcOw= -github.com/gobuffalo/gogen v0.0.0-20190315121717-8f38393713f5/go.mod h1:V9QVDIxsgKNZs6L2IYiGR8datgMhB577vzTDqypH360= -github.com/gobuffalo/gogen v0.1.0/go.mod h1:8NTelM5qd8RZ15VjQTFkAW6qOMx5wBbW4dSCS3BY8gg= -github.com/gobuffalo/gogen v0.1.1/go.mod h1:y8iBtmHmGc4qa3urIyo1shvOD8JftTtfcKi+71xfDNE= -github.com/gobuffalo/here v0.6.0/go.mod h1:wAG085dHOYqUpf+Ap+WOdrPTp5IYcDAs/x7PLa8Y5fM= -github.com/gobuffalo/logger v0.0.0-20190315122211-86e12af44bc2/go.mod h1:QdxcLw541hSGtBnhUc4gaNIXRjiDppFGaDqzbrBd3v8= -github.com/gobuffalo/mapi v1.0.1/go.mod h1:4VAGh89y6rVOvm5A8fKFxYG+wIW6LO1FMTG9hnKStFc= -github.com/gobuffalo/mapi v1.0.2/go.mod h1:4VAGh89y6rVOvm5A8fKFxYG+wIW6LO1FMTG9hnKStFc= -github.com/gobuffalo/packd v0.0.0-20190315124812-a385830c7fc0/go.mod h1:M2Juc+hhDXf/PnmBANFCqx4DM3wRbgDvnVWeG2RIxq4= -github.com/gobuffalo/packd v0.1.0/go.mod h1:M2Juc+hhDXf/PnmBANFCqx4DM3wRbgDvnVWeG2RIxq4= -github.com/gobuffalo/packr/v2 v2.0.9/go.mod h1:emmyGweYTm6Kdper+iywB6YK5YzuKchGtJQZ0Odn4pQ= -github.com/gobuffalo/packr/v2 v2.2.0/go.mod h1:CaAwI0GPIAv+5wKLtv8Afwl+Cm78K/I/VCm/3ptBN+0= -github.com/gobuffalo/syncx v0.0.0-20190224160051-33c29581e754/go.mod h1:HhnNqWY95UYwwW3uSASeV7vtgYkT2t16hJgV3AEPUpw= -github.com/gocarina/gocsv v0.0.0-20200330101823-46266ca37bd3 h1:B7k6N+JlLM/u1xrIkpifUfE7GRJsZIYHoHbiAa5cSP4= -github.com/gocarina/gocsv v0.0.0-20200330101823-46266ca37bd3/go.mod h1:5YoVOkjYAQumqlV356Hj3xeYh4BdZuLE0/nRkf2NKkI= +github.com/go-test/deep v1.0.8 h1:TDsG77qcSprGbC6vTN8OuXp5g+J+b5Pcguhf7Zt61VM= +github.com/go-test/deep v1.0.8/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE= +github.com/gocarina/gocsv v0.0.0-20230513223533-9ddd7fd60602 h1:HSpPf+lPYwzoJNup34uegmOQk5Qm83S+wpu8anTDJkg= +github.com/gocarina/gocsv v0.0.0-20230513223533-9ddd7fd60602/go.mod h1:5YoVOkjYAQumqlV356Hj3xeYh4BdZuLE0/nRkf2NKkI= github.com/goccy/go-json v0.9.7/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU= github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= -github.com/gocql/gocql v0.0.0-20210515062232-b7ef815b4556/go.mod h1:DL0ekTmBSTdlNF25Orwt/JMzqIq3EJ4MVa/J/uK64OY= -github.com/godbus/dbus v0.0.0-20151105175453-c7fdd8b5cd55/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= -github.com/godbus/dbus v0.0.0-20180201030542-885f9cc04c9c/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= -github.com/godbus/dbus v0.0.0-20190422162347-ade71ed3457e/go.mod h1:bBOAhwG1umN6/6ZUMtDFBMQR8jRg9O75tm9K00oMsK4= -github.com/godbus/dbus/v5 v5.0.3/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= -github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= -github.com/godbus/dbus/v5 v5.0.6/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= -github.com/gofrs/uuid v3.2.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= -github.com/gofrs/uuid v4.0.0+incompatible h1:1SD/1F5pU8p29ybwgQSwpQk+mwdRrXCYuPhW6m+TnJw= -github.com/gofrs/uuid v4.0.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= -github.com/gogo/googleapis v1.2.0/go.mod h1:Njal3psf3qN6dwBtQfUmBZh2ybovJ0tlu3o/AC7HYjU= -github.com/gogo/googleapis v1.4.0/go.mod h1:5YRNX2z1oM5gXdAkurHa942MDgEJyk02w4OecKY87+c= -github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= -github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= -github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= -github.com/gogo/protobuf v1.3.0/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= -github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= -github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= -github.com/golang-jwt/jwt/v4 v4.1.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= -github.com/golang-migrate/migrate/v4 v4.15.2 h1:vU+M05vs6jWHKDdmE1Ecwj0BznygFc4QsdRe2E/L7kc= -github.com/golang-migrate/migrate/v4 v4.15.2/go.mod h1:f2toGLkYqD3JH+Todi4aZ2ZdbeUNx4sIwiOK96rE9Lw= -github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0= -github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k= -github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= -github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= -github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= -github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= -github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= -github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8= -github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs= -github.com/golang/protobuf v1.0.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang-migrate/migrate/v4 v4.16.2 h1:8coYbMKUyInrFk1lfGfRovTLAW7PhWp8qQDT2iKfuoA= +github.com/golang-migrate/migrate/v4 v4.16.2/go.mod h1:pfcJX4nPHaVdc5nmdCikFBWtm+UBpiZjRNNsyBbp0/o= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= -github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= -github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk= github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= -github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx4u74HPM= -github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/snappy v0.0.0-20170215233205-553a64147049/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= -github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= -github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= -github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= -github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= -github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= -github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9uaxA= -github.com/google/flatbuffers v2.0.0+incompatible/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8= -github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= +github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/go-containerregistry v0.5.1/go.mod h1:Ct15B4yir3PLOP5jsy0GNeYVaIZs/MK/Jz5any1wFW0= -github.com/google/go-github/v39 v39.2.0/go.mod h1:C1s8C5aCC9L+JXIYpJM5GYytdX52vC1bLvHEF1IhBrE= -github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck= -github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= -github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= -github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= -github.com/google/martian/v3 v3.2.1/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk= -github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210122040257-d980be63207e/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= -github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= -github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= -github.com/googleapis/gax-go/v2 v2.1.0/go.mod h1:Q3nei7sK6ybPYH7twZdmQpAd1MKb7pfu6SK+H1/DsU0= -github.com/googleapis/gax-go/v2 v2.1.1/go.mod h1:hddJymUZASv3XPyGkUpKj8pPO47Rmb0eJc8R6ouapiM= -github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg= -github.com/googleapis/gnostic v0.5.1/go.mod h1:6U4PtQXGIEt/Z3h5MAT7FNofLnw9vXk2cUuW7uA/OeU= -github.com/googleapis/gnostic v0.5.5/go.mod h1:7+EbHbldMins07ALC74bsA81Ovc97DwqyJO1AENw9kA= -github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= -github.com/gorilla/handlers v0.0.0-20150720190736-60c7bfde3e33/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ= -github.com/gorilla/handlers v1.4.2/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ= -github.com/gorilla/mux v1.7.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= -github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= -github.com/gorilla/mux v1.7.4/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= -github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= -github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= -github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= -github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= -github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= -github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= -github.com/grpc-ecosystem/go-grpc-middleware v1.3.0/go.mod h1:z0ButlSOZa5vEBq9m2m2hlwIgKw+rp3sdCBRoJY+30Y= -github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= -github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= -github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= -github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= -github.com/hailocab/go-hostpool v0.0.0-20160125115350-e80d13ce29ed/go.mod h1:tMWxXQ9wFIaZeTI9F+hmhFiGpFmhOHzyShyFUhRm0H4= -github.com/hashicorp/consul/api v1.1.0/go.mod h1:VmuI/Lkw1nC05EYQWNKwWGbkg+FbDBtguAZLlVdkD9Q= -github.com/hashicorp/consul/sdk v0.1.1/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8= -github.com/hashicorp/errwrap v0.0.0-20141028054710-7554cd9344ce/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= -github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= -github.com/hashicorp/go-msgpack v0.5.3/go.mod h1:ahLV/dePpqEmjfWmKiqvPkv/twdG7iPBM1vqhUKIvfM= -github.com/hashicorp/go-multierror v0.0.0-20161216184304-ed905158d874/go.mod h1:JMRHfdO9jKNzS/+BTlxCjKNQHg/jZAft8U7LloJvN7I= -github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= -github.com/hashicorp/go-rootcerts v1.0.0/go.mod h1:K6zTfqpRlCUIjkwsN4Z+hiSfzSTQa6eBIzfwKfwNnHU= -github.com/hashicorp/go-sockaddr v1.0.0/go.mod h1:7Xibr9yA9JjQq1JpNB2Vw7kxv8xerXegt+ozgdvDeDU= -github.com/hashicorp/go-syslog v1.0.0/go.mod h1:qPfqrKkXGihmCqbJM2mZgkZGvKG1dFdvsLplgctolz4= -github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= -github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= -github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA0oac0k90= -github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/golang-lru/v2 v2.0.2 h1:Dwmkdr5Nc/oBiXgJS3CDHNhJtIHkuZ3DZF5twqnfBdU= -github.com/hashicorp/golang-lru/v2 v2.0.2/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM= -github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= -github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ= -github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I= -github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc= +github.com/hashicorp/golang-lru/v2 v2.0.3 h1:kmRrRLlInXvng0SmLxmQpQkpbYAvcXm7NPDrgxJa9mE= +github.com/hashicorp/golang-lru/v2 v2.0.3/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= -github.com/iancoleman/strcase v0.2.0/go.mod h1:iwCmte+B7n89clKwxIoIXy/HfoL7AsD47ZCWhYzw7ho= -github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/imdario/mergo v0.3.10/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= -github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= -github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= -github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= -github.com/intel/goresctrl v0.2.0/go.mod h1:+CZdzouYFn5EsxgqAQTEzMfwKwuc0fVdMrT9FCCAVRQ= github.com/invopop/yaml v0.1.0/go.mod h1:2XuRLgs/ouIrW3XNzuNj7J3Nvu/Dig5MXvbCEdiBN3Q= github.com/invopop/yaml v0.2.0 h1:7zky/qH+O0DwAyoobXUqvVBwgBFRxKoQ/3FjcVpjTMY= github.com/invopop/yaml v0.2.0/go.mod h1:2XuRLgs/ouIrW3XNzuNj7J3Nvu/Dig5MXvbCEdiBN3Q= -github.com/j-keck/arping v0.0.0-20160618110441-2cf9dc699c56/go.mod h1:ymszkNOg6tORTn+6F6j+Jc8TOr5osrynvN6ivFWZ2GA= -github.com/j-keck/arping v1.0.2/go.mod h1:aJbELhR92bSk7tp79AWM/ftfc90EfEi2bQJrbBFOsPw= -github.com/jackc/chunkreader v1.0.0/go.mod h1:RT6O25fNZIuasFJRyZ4R/Y2BbhasbmZXF9QQ7T3kePo= -github.com/jackc/chunkreader/v2 v2.0.0/go.mod h1:odVSm741yZoC3dpHEUXIqA9tQRhFrgOHwnPIn9lDKlk= -github.com/jackc/chunkreader/v2 v2.0.1 h1:i+RDz65UE+mmpjTfyz0MoVTnzeYxroil2G82ki7MGG8= -github.com/jackc/chunkreader/v2 v2.0.1/go.mod h1:odVSm741yZoC3dpHEUXIqA9tQRhFrgOHwnPIn9lDKlk= -github.com/jackc/pgconn v0.0.0-20190420214824-7e0022ef6ba3/go.mod h1:jkELnwuX+w9qN5YIfX0fl88Ehu4XC3keFuOJJk9pcnA= -github.com/jackc/pgconn v0.0.0-20190824142844-760dd75542eb/go.mod h1:lLjNuW/+OfW9/pnVKPazfWOgNfH2aPem8YQ7ilXGvJE= -github.com/jackc/pgconn v0.0.0-20190831204454-2fabfa3c18b7/go.mod h1:ZJKsE/KZfsUgOEh9hBm+xYTstcNHg7UPMVJqRfQxq4s= -github.com/jackc/pgconn v1.4.0/go.mod h1:Y2O3ZDF0q4mMacyWV3AstPJpeHXWGEetiFttmq5lahk= -github.com/jackc/pgconn v1.5.0/go.mod h1:QeD3lBfpTFe8WUnPZWN5KY/mB8FGMIYRdd8P8Jr0fAI= -github.com/jackc/pgconn v1.5.1-0.20200601181101-fa742c524853/go.mod h1:QeD3lBfpTFe8WUnPZWN5KY/mB8FGMIYRdd8P8Jr0fAI= -github.com/jackc/pgconn v1.8.0/go.mod h1:1C2Pb36bGIP9QHGBYCjnyhqu7Rv3sGshaQUvmfGIB/o= -github.com/jackc/pgconn v1.9.0/go.mod h1:YctiPyvzfU11JFxoXokUOOKQXQmDMoJL9vJzHH8/2JY= -github.com/jackc/pgconn v1.9.1-0.20210724152538-d89c8390a530/go.mod h1:4z2w8XhRbP1hYxkpTuBjTS3ne3J48K83+u0zoyvg2pI= -github.com/jackc/pgconn v1.13.0 h1:3L1XMNV2Zvca/8BYhzcRFS70Lr0WlDg16Di6SFGAbys= -github.com/jackc/pgconn v1.13.0/go.mod h1:AnowpAqO4CMIIJNZl2VJp+KrkAZciAkhEl0W0JIobpI= -github.com/jackc/pgerrcode v0.0.0-20201024163028-a0d42d470451/go.mod h1:a/s9Lp5W7n/DD0VrVoyJ00FbP2ytTPDVOivvn2bMlds= -github.com/jackc/pgio v1.0.0 h1:g12B9UwVnzGhueNavwioyEEpAmqMe1E/BN9ES+8ovkE= -github.com/jackc/pgio v1.0.0/go.mod h1:oP+2QK2wFfUWgr+gxjoBH9KGBb31Eio69xUb0w5bYf8= -github.com/jackc/pgmock v0.0.0-20190831213851-13a1b77aafa2/go.mod h1:fGZlG77KXmcq05nJLRkk0+p82V8B8Dw8KN2/V9c/OAE= -github.com/jackc/pgmock v0.0.0-20201204152224-4fe30f7445fd/go.mod h1:hrBW0Enj2AZTNpt/7Y5rr2xe/9Mn757Wtb2xeBzPv2c= -github.com/jackc/pgmock v0.0.0-20210724152146-4ad1a8207f65 h1:DadwsjnMwFjfWc9y5Wi/+Zz7xoE5ALHsRQlOctkOiHc= -github.com/jackc/pgmock v0.0.0-20210724152146-4ad1a8207f65/go.mod h1:5R2h2EEX+qri8jOWMbJCtaPWkrrNc7OHwsp2TCqp7ak= github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM= github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg= -github.com/jackc/pgproto3 v1.1.0/go.mod h1:eR5FA3leWg7p9aeAqi37XOTgTIbkABlvcPB3E5rlc78= -github.com/jackc/pgproto3/v2 v2.0.0-alpha1.0.20190420180111-c116219b62db/go.mod h1:bhq50y+xrl9n5mRYyCBFKkpRVTLYJVWeCc+mEAI3yXA= -github.com/jackc/pgproto3/v2 v2.0.0-alpha1.0.20190609003834-432c2951c711/go.mod h1:uH0AWtUmuShn0bcesswc4aBTWGvw0cAxIJp+6OB//Wg= -github.com/jackc/pgproto3/v2 v2.0.0-rc3/go.mod h1:ryONWYqW6dqSg1Lw6vXNMXoBJhpzvWKnT95C46ckYeM= -github.com/jackc/pgproto3/v2 v2.0.0-rc3.0.20190831210041-4c03ce451f29/go.mod h1:ryONWYqW6dqSg1Lw6vXNMXoBJhpzvWKnT95C46ckYeM= -github.com/jackc/pgproto3/v2 v2.0.1/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA= -github.com/jackc/pgproto3/v2 v2.0.6/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA= -github.com/jackc/pgproto3/v2 v2.0.7/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA= -github.com/jackc/pgproto3/v2 v2.1.1/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA= -github.com/jackc/pgproto3/v2 v2.3.1 h1:nwj7qwf0S+Q7ISFfBndqeLwSwxs+4DPsbRFjECT1Y4Y= -github.com/jackc/pgproto3/v2 v2.3.1/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA= -github.com/jackc/pgservicefile v0.0.0-20200307190119-3430c5407db8/go.mod h1:vsD4gTJCa9TptPL8sPkXrLZ+hDuNrZCnj29CQpr4X1E= -github.com/jackc/pgservicefile v0.0.0-20200714003250-2b9c44734f2b h1:C8S2+VttkHFdOOCXJe+YGfa4vHYwlt4Zx+IVXQ97jYg= -github.com/jackc/pgservicefile v0.0.0-20200714003250-2b9c44734f2b/go.mod h1:vsD4gTJCa9TptPL8sPkXrLZ+hDuNrZCnj29CQpr4X1E= -github.com/jackc/pgtype v0.0.0-20190421001408-4ed0de4755e0/go.mod h1:hdSHsc1V01CGwFsrv11mJRHWJ6aifDLfdV3aVjFF0zg= -github.com/jackc/pgtype v0.0.0-20190824184912-ab885b375b90/go.mod h1:KcahbBH1nCMSo2DXpzsoWOAfFkdEtEJpPbVLq8eE+mc= -github.com/jackc/pgtype v0.0.0-20190828014616-a8802b16cc59/go.mod h1:MWlu30kVJrUS8lot6TQqcg7mtthZ9T0EoIBFiJcmcyw= -github.com/jackc/pgtype v1.2.0/go.mod h1:5m2OfMh1wTK7x+Fk952IDmI4nw3nPrvtQdM0ZT4WpC0= -github.com/jackc/pgtype v1.3.1-0.20200510190516-8cd94a14c75a/go.mod h1:vaogEUkALtxZMCH411K+tKzNpwzCKU+AnPzBKZ+I+Po= -github.com/jackc/pgtype v1.3.1-0.20200606141011-f6355165a91c/go.mod h1:cvk9Bgu/VzJ9/lxTO5R5sf80p0DiucVtN7ZxvaC4GmQ= -github.com/jackc/pgtype v1.6.2/go.mod h1:JCULISAZBFGrHaOXIIFiyfzW5VY0GRitRr8NeJsrdig= -github.com/jackc/pgtype v1.8.1-0.20210724151600-32e20a603178/go.mod h1:C516IlIV9NKqfsMCXTdChteoXmwgUceqaLfjg2e3NlM= -github.com/jackc/pgtype v1.12.0 h1:Dlq8Qvcch7kiehm8wPGIW0W3KsCCHJnRacKW0UM8n5w= -github.com/jackc/pgtype v1.12.0/go.mod h1:LUMuVrfsFfdKGLw+AFFVv6KtHOFMwRgDDzBt76IqCA4= -github.com/jackc/pgx/v4 v4.0.0-20190420224344-cc3461e65d96/go.mod h1:mdxmSJJuR08CZQyj1PVQBHy9XOp5p8/SHH6a0psbY9Y= -github.com/jackc/pgx/v4 v4.0.0-20190421002000-1b8f0016e912/go.mod h1:no/Y67Jkk/9WuGR0JG/JseM9irFbnEPbuWV2EELPNuM= -github.com/jackc/pgx/v4 v4.0.0-pre1.0.20190824185557-6972a5742186/go.mod h1:X+GQnOEnf1dqHGpw7JmHqHc1NxDoalibchSk9/RWuDc= -github.com/jackc/pgx/v4 v4.5.0/go.mod h1:EpAKPLdnTorwmPUUsqrPxy5fphV18j9q3wrfRXgo+kA= -github.com/jackc/pgx/v4 v4.6.1-0.20200510190926-94ba730bb1e9/go.mod h1:t3/cdRQl6fOLDxqtlyhe9UWgfIi9R8+8v8GKV5TRA/o= -github.com/jackc/pgx/v4 v4.6.1-0.20200606145419-4e5062306904/go.mod h1:ZDaNWkt9sW1JMiNn0kdYBaLelIhw7Pg4qd+Vk6tw7Hg= -github.com/jackc/pgx/v4 v4.10.1/go.mod h1:QlrWebbs3kqEZPHCTGyxecvzG6tvIsYu+A5b1raylkA= -github.com/jackc/pgx/v4 v4.12.1-0.20210724153913-640aa07df17c/go.mod h1:1QD0+tgSXP7iUjYm9C1NxKhny7lq6ee99u/z+IHFcgs= -github.com/jackc/pgx/v4 v4.17.2 h1:0Ut0rpeKwvIVbMQ1KbMBU4h6wxehBI535LK6Flheh8E= -github.com/jackc/pgx/v4 v4.17.2/go.mod h1:lcxIZN44yMIrWI78a5CpucdD14hX0SBDbNRvjDBItsw= -github.com/jackc/puddle v0.0.0-20190413234325-e4ced69a3a2b/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk= -github.com/jackc/puddle v0.0.0-20190608224051-11cab39313c9/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk= -github.com/jackc/puddle v1.1.0/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk= -github.com/jackc/puddle v1.1.1/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk= -github.com/jackc/puddle v1.1.3/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk= -github.com/jackc/puddle v1.3.0/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk= +github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a h1:bbPeKD0xmW/Y25WS6cokEszi5g+S0QxI/d45PkRi7Nk= +github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM= +github.com/jackc/pgx/v5 v5.3.1 h1:Fcr8QJ1ZeLi5zsPZqQeUZhNhxfkkKBOgJuYkJHoBOtU= +github.com/jackc/pgx/v5 v5.3.1/go.mod h1:t3JDKnCBlYIc0ewLF0Q7B8MXmoIaBOZj/ic7iHozM/8= github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E= github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc= -github.com/jinzhu/now v1.1.1/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8= -github.com/jinzhu/now v1.1.4/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8= github.com/jinzhu/now v1.1.5 h1:/o9tlHleP7gOFmsnYNz3RGnqzefHA47wQpKrrdTIwXQ= github.com/jinzhu/now v1.1.5/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8= -github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= -github.com/jmespath/go-jmespath v0.0.0-20160803190731-bd40a432e4c7/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= -github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= -github.com/jmoiron/sqlx v1.2.0/go.mod h1:1FEQNm3xlJgrMD+FBdI9+xvCksHtbpVBBw5dYhBSsks= -github.com/jmoiron/sqlx v1.3.1/go.mod h1:2BljVx/86SuTyjE+aPYlHCTNvZrnJXghYGpNiXLBMCQ= -github.com/joefitzgerald/rainbow-reporter v0.1.0/go.mod h1:481CNgqmVHQZzdIbN52CupLJyoVwB10FQ/IQlF1pdL8= -github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg= -github.com/joho/godotenv v1.4.0 h1:3l4+N6zfMWnkbPEXKng2o2/MR5mSwTrBih4ZEkkz1lg= -github.com/joho/godotenv v1.4.0/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4= -github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= -github.com/jonboulle/clockwork v0.2.2/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8= +github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0= +github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= -github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4= -github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= -github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= -github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= -github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= -github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= -github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM= -github.com/jung-kurt/gofpdf v1.0.0/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes= -github.com/jung-kurt/gofpdf v1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes= -github.com/k0kubun/colorstring v0.0.0-20150214042306-9440f1994b88/go.mod h1:3w7q1U84EfirKl04SVQ/s7nPm1ZPhiXd34z40TNz36k= -github.com/k0kubun/pp v2.3.0+incompatible/go.mod h1:GWse8YhT0p8pT4ir3ZgBbfZild3tgzSScAn6HmfYukg= -github.com/kardianos/osext v0.0.0-20190222173326-2bc1f35cddc0/go.mod h1:1NbS8ALrpOvjt0rHPNLyCIeMtbizbir8U//inJ+zuB8= -github.com/karrick/godirwalk v1.8.0/go.mod h1:H5KPZjojv4lE+QYImBI8xVtrBRgYrIVsaRPx4tDPEn4= -github.com/karrick/godirwalk v1.10.3/go.mod h1:RoGL9dQei4vP9ilrpETWE8CLOZ1kiN0LhBygSwrAsHA= -github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8= -github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= -github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= -github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/klauspost/compress v1.9.5/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A= -github.com/klauspost/compress v1.11.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= -github.com/klauspost/compress v1.11.13/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= -github.com/klauspost/compress v1.13.1/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= -github.com/klauspost/compress v1.13.4/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= -github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= -github.com/klauspost/compress v1.15.7/go.mod h1:PhcZ0MbTNciWF3rruxRgKxI5NkcHHrHUDtV4Yw2GlzU= -github.com/klauspost/compress v1.15.11 h1:Lcadnb3RKGin4FYM/orgq0qde+nc15E5Cbqg4B9Sx9c= -github.com/klauspost/compress v1.15.11/go.mod h1:QPwzmACJjUTFsnSHH934V6woptycfrDDJnH7hvFVbGM= +github.com/klauspost/compress v1.15.9/go.mod h1:PhcZ0MbTNciWF3rruxRgKxI5NkcHHrHUDtV4Yw2GlzU= +github.com/klauspost/compress v1.16.5 h1:IFV2oUNUzZaz+XyusxpLzpzS8Pt5rh0Z16For/djlyI= +github.com/klauspost/compress v1.16.5/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE= github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= -github.com/klauspost/cpuid/v2 v2.2.4 h1:acbojRNwl3o09bUq+yDCtZFc1aiwaAAxtcn8YkZXnvk= -github.com/klauspost/cpuid/v2 v2.2.4/go.mod h1:RVVoqg1df56z8g3pUjL/3lE5UfnlrJX8tyFgg4nqhuY= -github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= -github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= +github.com/klauspost/cpuid/v2 v2.2.5 h1:0E5MSMDEoAulmXNFquVs//DdoomxaoTY1kUhbc/qbZg= +github.com/klauspost/cpuid/v2 v2.2.5/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= -github.com/kr/pty v1.1.8/go.mod h1:O1sed60cT9XZ5uDucP5qwvh+TE3NnUj51EiZO/lmSfw= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/ktrysmt/go-bitbucket v0.6.4/go.mod h1:9u0v3hsd2rqCHRIpbir1oP7F58uo5dq19sBYvuMoyQ4= github.com/leodido/go-urn v1.2.0/go.mod h1:+8+nEpDfqqsY+g338gtMEUOtuK+4dEMhiQEgxpxOKII= github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ictyFfxY= github.com/leodido/go-urn v1.2.4 h1:XlAE/cm/ms7TE/VMVoduSpNBoyc2dOxHs5MZSwAN63Q= github.com/leodido/go-urn v1.2.4/go.mod h1:7ZrI8mTSeBSHl/UaRyKQW1qZeMgak41ANeCNaVckg+4= github.com/lestrrat-go/backoff v1.0.1 h1:Gphaach0QvvtaHmR9U8hwXNHXWckPyD8V6S+V+D184c= github.com/lestrrat-go/backoff v1.0.1/go.mod h1:5QVJKC49Q5yQvCrpup0ZqzDGHEO/O4H82cnDuYdumkw= -github.com/lib/pq v1.0.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= -github.com/lib/pq v1.1.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= -github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= -github.com/lib/pq v1.3.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= -github.com/lib/pq v1.8.0/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= -github.com/lib/pq v1.10.0/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= -github.com/lib/pq v1.10.2/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= -github.com/lib/pq v1.10.7 h1:p7ZhMD+KsSRozJr34udlUrhboJwWAgCg34+/ZZNvZZw= -github.com/lib/pq v1.10.7/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= -github.com/linuxkit/virtsock v0.0.0-20201010232012-f8cee7dfc7a3/go.mod h1:3r6x7q95whyfWQpmGZTu3gk3v2YkMi05HEzl7Tf7YEo= -github.com/lyft/protoc-gen-star v0.5.3/go.mod h1:V0xaHgaf5oCCqmcxYcWiDfTiKsZsRc87/1qhoTACD8w= -github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= -github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= -github.com/mailru/easyjson v0.0.0-20160728113105-d5b7844b561a/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw= +github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/markbates/oncer v0.0.0-20181203154359-bf2de49a0be2/go.mod h1:Ld9puTsIW75CHf65OeIOkyKbteujpZVXDpWK6YGZbxE= -github.com/markbates/pkger v0.15.1/go.mod h1:0JoVlrol20BSywW79rN3kdFFsE5xYM+rSCQDXbLhiuI= -github.com/markbates/safe v1.0.1/go.mod h1:nAqgmRi7cY2nqMc92/bSEeQA+R4OheNU2T1kNSCBdG0= -github.com/marstr/guid v1.1.0/go.mod h1:74gB1z2wpxxInTG6yaqA7KrtM0NZ+RbrcqDvYHefzho= -github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= -github.com/mattn/go-colorable v0.1.1/go.mod h1:FuOcm+DKB9mbwrcAfNl7/TZVBZ6rcnceauSikq3lYCQ= -github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= -github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= -github.com/mattn/go-ieproxy v0.0.1/go.mod h1:pYabZ6IHcRpFh7vIaLfK7rdcWgFEb3SFJ6/gNWuh88E= -github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= -github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= -github.com/mattn/go-isatty v0.0.5/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= -github.com/mattn/go-isatty v0.0.7/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= -github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= -github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ= github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA= github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= -github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= -github.com/mattn/go-shellwords v1.0.3/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= -github.com/mattn/go-shellwords v1.0.6/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= -github.com/mattn/go-shellwords v1.0.12/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lLtQsUlTZDWQ8Y= -github.com/mattn/go-sqlite3 v1.9.0/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc= -github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= -github.com/mattn/go-sqlite3 v1.14.10/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= -github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= -github.com/matttproud/golang_protobuf_extensions v1.0.2 h1:hAHbPm5IJGijwng3PWk09JkG9WeqChjprR5s9bBZ+OM= -github.com/matttproud/golang_protobuf_extensions v1.0.2/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= -github.com/maxbrunsfeld/counterfeiter/v6 v6.2.2/go.mod h1:eD9eIE7cdwcMi9rYluz88Jz2VyhSmden33/aXg4oVIY= -github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= -github.com/miekg/pkcs11 v1.0.3/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= -github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible/go.mod h1:8AuVvqP/mXw1px98n46wfvcGfQ4ci2FwoAjKYxuo3Z4= -github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= -github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= -github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= -github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= -github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS42BGNg= -github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY= -github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/mitchellh/mapstructure v0.0.0-20180220230111-00c29f56e238/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f/go.mod h1:OkQIRizQZAeMln+1tSwduZz7+Af5oFlKirV/MSYes2A= -github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= -github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= -github.com/moby/sys/mountinfo v0.4.0/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A= -github.com/moby/sys/mountinfo v0.4.1/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A= -github.com/moby/sys/mountinfo v0.5.0/go.mod h1:3bMD3Rg+zkqx8MRYPi7Pyb0Ie97QEBmdxbhnCLlSvSU= -github.com/moby/sys/signal v0.6.0/go.mod h1:GQ6ObYZfqacOwTtlXvcmh9A26dVRul/hbOZn88Kg8Tg= -github.com/moby/sys/symlink v0.1.0/go.mod h1:GGDODQmbFOjFsXvfLVn3+ZRxkch54RkSiGqsZeMYowQ= -github.com/moby/sys/symlink v0.2.0/go.mod h1:7uZVF2dqJjG/NsClqul95CqKOBRQyYSNnJ6BMgR/gFs= -github.com/moby/term v0.0.0-20200312100748-672ec06f55cd/go.mod h1:DdlQx2hp0Ss5/fLikoLlEeIYiATotOjgB//nb973jeo= -github.com/moby/term v0.0.0-20210610120745-9d4ed1856297/go.mod h1:vgPCkQMyxTZ7IDy8SXRufE172gr8+K/JE/7hHFxHW3A= -github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6 h1:dcztxKSvZ4Id8iPpHERQBbIJfabdt4wUm5qy3wOL2Zc= -github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6/go.mod h1:E2VnQOmVuvZB6UYnnDB0qG5Nq/1tD9acaOpo6xmt0Kw= +github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= +github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= +github.com/moby/term v0.5.0 h1:xt8Q1nalod/v7BqbG21f8mQPqH+xAaC9C3N3wfWbVP0= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= -github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 h1:RWengNIwukTxcDr9M+97sNutRR1RKhG96O6jWumTTnw= github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826/go.mod h1:TaXosZuwdSHYgviHp1DAtfrULt5eUgsSMsZf+YrPgl8= -github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe/go.mod h1:wL8QJuTMNUDYhXwkmfOly8iTdp5TEcJFWZD2D7SIkUc= github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A= -github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= -github.com/mrunalp/fileutils v0.5.0/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2QJNHXfbSQ= -github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/mutecomm/go-sqlcipher/v4 v4.4.0/go.mod h1:PyN04SaWalavxRGH9E8ZftG6Ju7rsPrGmQRjrEaVpiY= -github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= -github.com/nakagami/firebirdsql v0.0.0-20190310045651-3c02a58cfed8/go.mod h1:86wM1zFnC6/uDBfZGNwB65O+pR2OFi5q/YQaEUid1qA= -github.com/ncw/swift v1.0.47/go.mod h1:23YIA4yWVnGwv2dQlN4bB7egfYX6YLn0Yo/S6zZO/ZM= -github.com/neo4j/neo4j-go-driver v1.8.1-0.20200803113522-b626aa943eba/go.mod h1:ncO5VaFWh0Nrt+4KT4mOZboaczBZcLuHrG+/sUeP8gI= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= -github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= -github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo= -github.com/onsi/ginkgo v0.0.0-20151202141238-7f8ab55aaf3b/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.8.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.10.1/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.10.3/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.12.0/go.mod h1:oUhWkIvk5aDxtKvDDuw8gItl8pKl42LzjC9KZE0HfGg= github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= -github.com/onsi/ginkgo v1.13.0/go.mod h1:+REjRxOmWfHCjfv9TTWB1jD1Frx4XydAD3zm1lskyM0= -github.com/onsi/ginkgo v1.14.0/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY= github.com/onsi/ginkgo v1.16.4 h1:29JGrr5oVBm5ulCWet69zQkzWipVXIol6ygQUe/EzNc= github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= -github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= -github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= -github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= -github.com/onsi/gomega v1.9.0/go.mod h1:Ho0h+IUsWyvy1OpqCwxlQ/21gkhVunqlU8fDGcoTdcA= github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= -github.com/onsi/gomega v1.10.3/go.mod h1:V9xEwhxec5O8UDM77eCW8vLymOMltsqPVYWrpDsH8xc= -github.com/onsi/gomega v1.15.0/go.mod h1:cIuvLEne0aoVhAgh/O6ac0Op8WWw9H6eYCriF+tEHG0= github.com/onsi/gomega v1.16.0 h1:6gjqkI8iiRHMvdccRJM8rVKjCWk6ZIm6FTm3ddIe4/c= github.com/onsi/gomega v1.16.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= -github.com/opencontainers/go-digest v0.0.0-20170106003457-a6d0ee40d420/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= -github.com/opencontainers/go-digest v0.0.0-20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= -github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= -github.com/opencontainers/go-digest v1.0.0-rc1.0.20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= -github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= -github.com/opencontainers/image-spec v1.0.0/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= -github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= -github.com/opencontainers/image-spec v1.0.2-0.20211117181255-693428a734f5/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/image-spec v1.0.2 h1:9yCKha/T5XdGtO0q9Q9a6T5NUCsTn/DrBg0D7ufOcFM= -github.com/opencontainers/image-spec v1.0.2/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= -github.com/opencontainers/runc v0.0.0-20190115041553-12f6a991201f/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v0.1.1/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v1.0.0-rc8.0.20190926000215-3e425f80a8c9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v1.0.0-rc9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v1.0.0-rc93/go.mod h1:3NOsor4w32B2tC0Zbl8Knk4Wg84SM2ImC1fxBuqJ/H0= -github.com/opencontainers/runc v1.0.2/go.mod h1:aTaHFFwQXuA71CiyxOdFFIorAoemI04suvGRQFzWTD0= -github.com/opencontainers/runc v1.1.0/go.mod h1:Tj1hFw6eFWp/o33uxGf5yF2BX5yz2Z6iptFpuvbbKqc= -github.com/opencontainers/runtime-spec v0.1.2-0.20190507144316-5b71a03e2700/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-spec v1.0.1/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-spec v1.0.2-0.20190207185410-29686dbc5559/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-spec v1.0.2/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-spec v1.0.3-0.20200929063507-e6143ca7d51d/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-tools v0.0.0-20181011054405-1d69bd0f9c39/go.mod h1:r3f7wjNzSs2extwzU3Y+6pKfobzPh+kKFJ3ofN+3nfs= -github.com/opencontainers/selinux v1.6.0/go.mod h1:VVGKuOLlE7v4PJyT6h7mNWvq1rzqiriPsEqVhc+svHE= -github.com/opencontainers/selinux v1.8.0/go.mod h1:RScLhm78qiWa2gbVCcGkC7tCGdgk3ogry1nUQF8Evvo= -github.com/opencontainers/selinux v1.8.2/go.mod h1:MUIHuUEvKB1wtJjQdOyYRgOnLD2xAPP8dBsCoU0KuF8= -github.com/opencontainers/selinux v1.10.0/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI= -github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= -github.com/otiai10/copy v1.7.0/go.mod h1:rmRl6QPdJj6EiUqXQ/4Nn2lLXoNQjFCQbbNrxgc/t3U= -github.com/otiai10/curr v0.0.0-20150429015615-9b4961190c95/go.mod h1:9qAhocn7zKJG+0mI8eUu6xqkFDYS2kb2saOteoSB3cE= -github.com/otiai10/curr v1.0.0/go.mod h1:LskTG5wDwr8Rs+nNQ+1LlxRjAtTZZjtJW4rMXl6j4vs= -github.com/otiai10/mint v1.3.0/go.mod h1:F5AjcsTsWUqX+Na9fpHb52P8pcRX2CI6A3ctIT91xUo= -github.com/otiai10/mint v1.3.3/go.mod h1:/yxELlJQ0ufhjUwhshSj+wFjZ78CnZ48/1wtmBH1OTc= -github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= -github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= -github.com/pelletier/go-toml v1.7.0/go.mod h1:vwGMzjaWMwyfHwgIBhI2YUM4fB6nL6lVAvS1LBMMhTE= -github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrapLU/GW4pbc= -github.com/pelletier/go-toml v1.9.3/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= github.com/pelletier/go-toml/v2 v2.0.1/go.mod h1:r9LEWfGN8R5k0VXJ+0BkIe7MYkRdwZOjgMj2KwnJFUo= github.com/pelletier/go-toml/v2 v2.0.8 h1:0ctb6s9mE31h0/lhu+J6OPmVeDxJn+kYnJc2jZR9tGQ= github.com/pelletier/go-toml/v2 v2.0.8/go.mod h1:vuYfssBdrU2XDZ9bYydBu6t+6a6PYNcZljzZR9VXg+4= -github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= -github.com/phpdave11/gofpdf v1.4.2/go.mod h1:zpO6xFn9yxo3YLyMvW8HcKWVdbNqgIfOOp2dXMnm1mY= -github.com/phpdave11/gofpdi v1.0.12/go.mod h1:vBmVV0Do6hSBHC8uKUQ71JGW+ZGQq74llk/7bXwjDoI= -github.com/pierrec/lz4 v2.0.5+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY= -github.com/pierrec/lz4/v4 v4.1.8/go.mod h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4= +github.com/perimeterx/marshmallow v1.1.4 h1:pZLDH9RjlLGGorbXhcaQLhfuV0pFMNfPO55FuFkxqLw= +github.com/perimeterx/marshmallow v1.1.4/go.mod h1:dsXbUu8CRzfYP5a87xpp0xq9S3u0Vchtcl8we9tYaXw= github.com/pierrec/lz4/v4 v4.1.15/go.mod h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4= github.com/pierrec/lz4/v4 v4.1.17 h1:kV4Ip+/hUBC+8T6+2EgburRtkE9ef4nbY3f4dFhGjMc= github.com/pierrec/lz4/v4 v4.1.17/go.mod h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4= -github.com/pkg/browser v0.0.0-20210706143420-7d21f8c997e2/go.mod h1:HKlIX3XHQyzLZPlr7++PzdhaXEj94dEiJgZDTsxEqUI= -github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8/go.mod h1:HKlIX3XHQyzLZPlr7++PzdhaXEj94dEiJgZDTsxEqUI= github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= -github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pkg/errors v0.8.1-0.20171018195549-f15c970de5b7/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= -github.com/pquerna/cachecontrol v0.0.0-20171018203845-0dec1b30a021/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= -github.com/prometheus/client_golang v0.0.0-20180209125602-c332b6f63c06/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= -github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= -github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso= -github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= -github.com/prometheus/client_golang v1.1.0/go.mod h1:I1FGZT9+L76gKKOs5djB6ezCbFQP1xR9D75/vuwEF3g= -github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= -github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0= -github.com/prometheus/client_golang v1.12.1/go.mod h1:3Z9XVyYiZYEO+YQWt3RD2R3jrbd179Rt297l4aS6nDY= -github.com/prometheus/client_golang v1.13.0 h1:b71QUfeo5M8gq2+evJdTPfZhYMAU0uKPkyPJ7TPsloU= -github.com/prometheus/client_golang v1.13.0/go.mod h1:vTeo+zgvILHsnnj/39Ou/1fPN5nJFOEMgftOUOmlvYQ= -github.com/prometheus/client_model v0.0.0-20171117100541-99fa1f4be8e5/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= -github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= -github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.2.0 h1:uq5h0d+GuxiXLJLNABMgp2qUWDPiLvgCzz2dUR+/W/M= -github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/common v0.0.0-20180110214958-89604d197083/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= -github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= -github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= -github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= -github.com/prometheus/common v0.6.0/go.mod h1:eBmuwkDJBwy6iBfxCBob6t6dR6ENT/y+J+Zk0j9GMYc= -github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= -github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc= -github.com/prometheus/common v0.30.0/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls= -github.com/prometheus/common v0.32.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls= -github.com/prometheus/common v0.37.0 h1:ccBbHCgIiT9uSoFY0vX8H3zsNR5eLt17/RQLUvn8pXE= -github.com/prometheus/common v0.37.0/go.mod h1:phzohg0JFMnBEFGxTDbfu3QyL5GI8gTQJFhYO5B3mfA= -github.com/prometheus/procfs v0.0.0-20180125133057-cb4147076ac7/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/procfs v0.0.0-20190522114515-bc1a522cf7b1/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/procfs v0.0.3/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= -github.com/prometheus/procfs v0.0.5/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= -github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A= -github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= -github.com/prometheus/procfs v0.2.0/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= -github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= -github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= -github.com/prometheus/procfs v0.8.0 h1:ODq8ZFEaYeCaZOJlZZdJA2AbQR98dSHSM1KW/You5mo= -github.com/prometheus/procfs v0.8.0/go.mod h1:z7EfXMXOkbkqb9IINtpCn86r/to3BnA0uaxHdg830/4= -github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= +github.com/prometheus/client_golang v1.15.1 h1:8tXpTmJbyH5lydzFPoxSIJ0J46jdh3tylbvM1xCv0LI= +github.com/prometheus/client_golang v1.15.1/go.mod h1:e9yaBhRPU2pPNsZwE+JdQl0KEt1N9XgF6zxWmaC0xOk= +github.com/prometheus/client_model v0.4.0 h1:5lQXD3cAg1OXBf4Wq03gTrXHeaV0TQvGfUooCfx1yqY= +github.com/prometheus/client_model v0.4.0/go.mod h1:oMQmHW1/JoDwqLtg57MGgP/Fb1CJEYF2imWWhWtMkYU= +github.com/prometheus/common v0.44.0 h1:+5BrQJwiBB9xsMygAB3TNvpQKOwlkc25LbISbrdOOfY= +github.com/prometheus/common v0.44.0/go.mod h1:ofAIvZbQ1e/nugmZGz4/qCb9Ap1VoSTIO7x0VV9VvuY= +github.com/prometheus/procfs v0.10.1 h1:kYK1Va/YMlutzCGazswoHKo//tZVlFpKYh+PymziUAg= +github.com/prometheus/procfs v0.10.1/go.mod h1:nwNm2aOCAYw8uTR/9bWRREkZFxAUcWzPHWJq+XBB/FM= github.com/redhatinsights/app-common-go v1.6.6 h1:daOwCpGtW6IxGd9iO6TY3yoaV/HaHKjo/j/05dV0hHM= github.com/redhatinsights/app-common-go v1.6.6/go.mod h1:6gzRyg8ZyejwMCksukeAhh2ZXOB3uHSmBsbP06fG2PQ= github.com/redhatinsights/identity v0.0.0-20220719174832-36a7b1cbeff1 h1:oCJ53EClFw5LdNWLKYmwGeqkUoYLV0Wy6ZaZlwjDYDY= github.com/redhatinsights/identity v0.0.0-20220719174832-36a7b1cbeff1/go.mod h1:B0Dwuuaghxyqo8ltmLZyLpKQFKU6r8cE2YRrO0bVdXM= github.com/redhatinsights/platform-go-middlewares v0.20.0 h1:qwK9ArGYRlORsZ56PXXLJrGvzTsMe3bk2lR+WN5aIjM= github.com/redhatinsights/platform-go-middlewares v0.20.0/go.mod h1:i5gVDZJ/quCQhs5AW5CwkRPXlz1HfDBvyNtXHnlXZfM= -github.com/remyoudompheng/bigfft v0.0.0-20190728182440-6a916e37a237/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo= github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0 h1:OdAsTTz6OkFY5QxjkYwrChwuRruF69c169dPK26NUlk= -github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo= -github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= -github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= -github.com/rogpeppe/go-internal v1.1.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/rogpeppe/go-internal v1.2.2/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= -github.com/rogpeppe/go-internal v1.8.0 h1:FCbCCtXNOY3UtUuHUYaghJg4y7Fd14rXifAYUAtL9R8= github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE= -github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ= -github.com/rs/zerolog v1.13.0/go.mod h1:YbFCdg8HfsridGWAh22vktObvhZbQsZXe4/zB0OKkWU= -github.com/rs/zerolog v1.15.0/go.mod h1:xYTKnLHcpfU2225ny5qZjxnj9NvkumZYjJHlAThCjNc= -github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/ruudk/golang-pdf417 v0.0.0-20181029194003-1af4ab5afa58/go.mod h1:6lfFZQK844Gfx8o5WFuvpxWRwnSoipWe/p622j1v06w= -github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= -github.com/safchain/ethtool v0.0.0-20190326074333-42ed695e3de8/go.mod h1:Z0q5wiBQGYcxhMZ6gUqHn6pYNLypFAvaL3UvgZLR0U4= -github.com/safchain/ethtool v0.0.0-20210803160452-9aa261dae9b1/go.mod h1:Z0q5wiBQGYcxhMZ6gUqHn6pYNLypFAvaL3UvgZLR0U4= -github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= -github.com/sclevine/agouti v3.0.0+incompatible/go.mod h1:b4WX9W9L1sfQKXeJf1mUTLZKJ48R1S7H23Ji7oFO5Bw= -github.com/sclevine/spec v1.2.0/go.mod h1:W4J29eT/Kzv7/b9IWLB055Z+qvVC9vt0Arko24q7p+U= -github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= -github.com/seccomp/libseccomp-golang v0.9.1/go.mod h1:GbW5+tmTXfcxTToHLXlScSlAvWlF4P2Ca7zGrPiEpWo= -github.com/seccomp/libseccomp-golang v0.9.2-0.20210429002308-3879420cc921/go.mod h1:JA8cRccbGaA1s33RQf7Y1+q9gHmZX1yB/z9WDN1C6fg= -github.com/segmentio/kafka-go v0.4.35 h1:TAsQ7q1SjS39PcFvU0zDJhCuVAxHomy7xOAfbdSuhzs= -github.com/segmentio/kafka-go v0.4.35/go.mod h1:GAjxBQJdQMB5zfNA21AhpaqOB2Mu+w3De4ni3Gbm8y0= -github.com/shopspring/decimal v0.0.0-20180709203117-cd690d0c9e24/go.mod h1:M+9NzErvs504Cn4c5DxATwIqPbtswREoFCre64PpcG4= -github.com/shopspring/decimal v0.0.0-20200227202807-02e2044944cc/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= -github.com/shopspring/decimal v1.2.0 h1:abSATXmQEYyShuxI4/vyW3tV1MrKAJzCZ/0zLUXYbsQ= -github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= -github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= -github.com/sirupsen/logrus v1.0.4-0.20170822132746-89742aefa4b2/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= -github.com/sirupsen/logrus v1.0.6/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= -github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= -github.com/sirupsen/logrus v1.4.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= -github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= -github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= -github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= -github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= +github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= +github.com/segmentio/kafka-go v0.4.40 h1:sszW7c0/uyv7+VcTW5trx2ZC7kMWDTxuR/6Zn8U1bm8= +github.com/segmentio/kafka-go v0.4.40/go.mod h1:naFEZc5MQKdeL3W6NkZIAn48Y6AazqjRFDhnXeg3h94= github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= -github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0= -github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= -github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= -github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= -github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= -github.com/snowflakedb/gosnowflake v1.6.3/go.mod h1:6hLajn6yxuJ4xUHZegMekpq9rnQbGJ7TMwXjgTmA6lg= -github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= -github.com/soheilhy/cmux v0.1.5/go.mod h1:T7TcVDs9LWfQgPlPsdngu6I6QIoyIFZDDC6sNE1GqG0= -github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= -github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= -github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= -github.com/spf13/afero v1.3.3/go.mod h1:5KUK8ByomD5Ti5Artl0RtHeI5pTF7MIDuXL3yY520V4= -github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I= -github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= -github.com/spf13/cobra v0.0.2-0.20171109065643-2da4a54c5cee/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= -github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= -github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE= -github.com/spf13/cobra v1.1.3/go.mod h1:pGADOWyqRD/YMrPZigI/zbliZ2wVD/23d+is3pSWzOo= -github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= -github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.1-0.20171106142849-4c012f6dcd95/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE= -github.com/spf13/viper v1.7.0/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5qpdg= -github.com/stefanberger/go-pkcs11uri v0.0.0-20201008174630-78d3cae3a980/go.mod h1:AO3tvPzVZ/ayst6UlUKUv6rcPQInYe3IknH3jYhAKu8= -github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= -github.com/stretchr/objx v0.0.0-20180129172003-8a3f7159479f/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= +github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= -github.com/stretchr/testify v0.0.0-20180303142811-b89eecf5ca5d/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= @@ -1195,764 +242,140 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY= github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= -github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= -github.com/swaggo/files v0.0.0-20220728132757-551d4a08d97a h1:kAe4YSu0O0UFn1DowNo2MY5p6xzqtJ/wQ7LZynSvGaY= -github.com/swaggo/files v0.0.0-20220728132757-551d4a08d97a/go.mod h1:lKJPbtWzJ9JhsTN1k1gZgleJWY/cqq0psdoMmaThG3w= -github.com/swaggo/gin-swagger v1.5.3 h1:8mWmHLolIbrhJJTflsaFoZzRBYVmEE7JZGIq08EiC0Q= -github.com/swaggo/gin-swagger v1.5.3/go.mod h1:3XJKSfHjDMB5dBo/0rrTXidPmgLeqsX89Yp4uA50HpI= -github.com/swaggo/swag v1.8.1/go.mod h1:ugemnJsPZm/kRwFUnzBlbHRd0JY9zE1M4F+uy2pAaPQ= -github.com/swaggo/swag v1.8.6 h1:2rgOaLbonWu1PLP6G+/rYjSvPg0jQE0HtrEKuE380eg= -github.com/swaggo/swag v1.8.6/go.mod h1:jMLeXOOmYyjk8PvHTsXBdrubsNd9gUJTTCzL5iBnseg= -github.com/syndtr/gocapability v0.0.0-20170704070218-db04d3cc01c8/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= -github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= -github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= -github.com/tchap/go-patricia v2.2.6+incompatible/go.mod h1:bmLyhP68RS6kStMGxByiQ23RP/odRBOTVjwp2cDyi6I= -github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= -github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= -github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= -github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= -github.com/tv42/httpunix v0.0.0-20191220191345-2ba4b9c3382c/go.mod h1:hzIxponao9Kjc7aWznkXaL4U4TWaDSs8zcsY4Ka08nM= +github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/swaggo/files v1.0.1 h1:J1bVJ4XHZNq0I46UU90611i9/YzdrF7x92oX1ig5IdE= +github.com/swaggo/files v1.0.1/go.mod h1:0qXmMNH6sXNf+73t65aKeB+ApmgxdnkQzVTAj2uaMUg= +github.com/swaggo/gin-swagger v1.6.0 h1:y8sxvQ3E20/RCyrXeFfg60r6H0Z+SwpTjMYsMm+zy8M= +github.com/swaggo/gin-swagger v1.6.0/go.mod h1:BG00cCEy294xtVpyIAHG6+e2Qzj/xKlRdOqDkvq0uzo= +github.com/swaggo/swag v1.16.1 h1:fTNRhKstPKxcnoKsytm4sahr8FaYzUcT7i1/3nd/fBg= +github.com/swaggo/swag v1.16.1/go.mod h1:9/LMvHycG3NFHfR6LwvikHv5iFvmPADQ359cKikGxto= github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS4MhqMhdFk5YI= github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08= -github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw= github.com/ugorji/go v1.2.7/go.mod h1:nF9osbDWLy6bDVv/Rtoh6QgnvNDpmCalQV5urGCCS6M= github.com/ugorji/go/codec v1.1.7/go.mod h1:Ax+UKWsSmolVDwsd+7N3ZtXu+yMGCf907BLYF3GoBXY= github.com/ugorji/go/codec v1.2.7/go.mod h1:WGN1fab3R1fzQlVQTkfxVtIBhWDRqOviHU95kRgeqEY= github.com/ugorji/go/codec v1.2.11 h1:BMaWp1Bb6fHwEtbplGBGJ498wD+LKlNSl25MjdZY4dU= github.com/ugorji/go/codec v1.2.11/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZgYf6w6lg= -github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= -github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= -github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= -github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= -github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI= -github.com/vishvananda/netlink v0.0.0-20181108222139-023a6dafdcdf/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk= -github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE= -github.com/vishvananda/netlink v1.1.1-0.20201029203352-d40f9887b852/go.mod h1:twkDnbuQxJYemMlGd4JFIcuhgX83tXhKS2B/PRMpOho= -github.com/vishvananda/netlink v1.1.1-0.20210330154013-f5de75959ad5/go.mod h1:twkDnbuQxJYemMlGd4JFIcuhgX83tXhKS2B/PRMpOho= -github.com/vishvananda/netns v0.0.0-20180720170159-13995c7128cc/go.mod h1:ZjcWmFBXmLKZu9Nxj3WKYEafiSqer2rnvPr0en9UNpI= -github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17pCcGlemwknint6hfoeCVQrEMVwxRLRjXpq+BU= -github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0= -github.com/vishvananda/netns v0.0.0-20210104183010-2eb08e3e575f/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0= -github.com/willf/bitset v1.1.11-0.20200630133818-d5bec3311243/go.mod h1:RjeCKbqT1RxIR/KWY6phxZiaY1IyutSBfGjNPySAYV4= -github.com/willf/bitset v1.1.11/go.mod h1:83CECat5yLh5zVOf4P1ErAgKA5UDvKtgyUABdr3+MjI= -github.com/xanzy/go-gitlab v0.15.0/go.mod h1:8zdQa/ri1dfn8eS3Ir1SyfvOKlw7WBJ8DVThkpGiXrs= +github.com/xdg-go/pbkdf2 v1.0.0 h1:Su7DPu48wXMwC3bs7MCNG+z4FhcyEuz5dlvchbq0B0c= github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI= -github.com/xdg-go/scram v1.0.2/go.mod h1:1WAq6h33pAW+iRreB34OORO2Nf7qel3VV3fjBj+hCSs= -github.com/xdg-go/stringprep v1.0.2/go.mod h1:8F9zXuvzgwmyT5DUm4GUfZGDdT3W+LCvS6+da4O5kxM= -github.com/xdg/scram v1.0.5 h1:TuS0RFmt5Is5qm9Tm2SoD89OPqe4IRiFtyFY4iwWXsw= -github.com/xdg/scram v1.0.5/go.mod h1:lB8K/P019DLNhemzwFU4jHLhdvlE6uDZjXFejJXr49I= -github.com/xdg/stringprep v1.0.3 h1:cmL5Enob4W83ti/ZHuZLuKD/xqJfus4fVPwE+/BDm+4= -github.com/xdg/stringprep v1.0.3/go.mod h1:Jhud4/sHMO4oL310DaZAKk9ZaJ08SJfe+sJh0HrGL1Y= -github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= -github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= -github.com/xeipuuv/gojsonschema v0.0.0-20180618132009-1d523034197f/go.mod h1:5yf86TLmAcydyeJq5YvxkGPE2fm/u4myDekKRoLuqhs= -github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= -github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= -github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d/go.mod h1:rHwXgn7JulP+udvsHwJoVG1YGAP6VLg4y9I5dyZdqmA= -github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/xdg-go/scram v1.1.2 h1:FHX5I5B4i4hKRVRBCFRxq1iQRej7WO3hhBuJf+UUySY= +github.com/xdg-go/scram v1.1.2/go.mod h1:RT/sEzTbU5y00aCK8UOx6R7YryM0iF1N2MOmC3kKLN4= +github.com/xdg-go/stringprep v1.0.4 h1:XLI/Ng3O1Atzq0oBs3TWm+5ZVgkq2aqdlvP9JtoZ6c8= +github.com/xdg-go/stringprep v1.0.4/go.mod h1:mPGuuIYwz7CmR2bT9j4GbQqutWS1zV24gijq1dTyGkM= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -github.com/yuin/goldmark v1.4.0/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX5oPXxHm3bOH+xeAttToC8pqch2ScQN/JoXYupl6xs= -github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA= -github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg= -github.com/zenazn/goji v0.9.0/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q= +github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= github.com/zsais/go-gin-prometheus v0.1.0 h1:bkLv1XCdzqVgQ36ScgRi09MA2UC1t3tAB6nsfErsGO4= github.com/zsais/go-gin-prometheus v0.1.0/go.mod h1:Slirjzuz8uM8Cw0jmPNqbneoqcUtY2GGjn2bEd4NRLY= -gitlab.com/nyarla/go-crypt v0.0.0-20160106005555-d9a5dc2b789b/go.mod h1:T3BPAOm2cqquPa0MKWeNkmOM5RQsRhkrwMWonFMN7fE= -go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= -go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= -go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ= -go.etcd.io/bbolt v1.3.6/go.mod h1:qXsaaIqmgQH0T+OPdb99Bf+PKfBBQVAdyD6TY9G8XM4= -go.etcd.io/etcd v0.5.0-alpha.5.0.20200910180754-dd1b699fc489/go.mod h1:yVHk9ub3CSBatqGNg7GRmsnfLWtoW60w4eDYfh7vHDg= -go.etcd.io/etcd/api/v3 v3.5.0/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs= -go.etcd.io/etcd/client/pkg/v3 v3.5.0/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g= -go.etcd.io/etcd/client/v2 v2.305.0/go.mod h1:h9puh54ZTgAKtEbut2oe9P4L/oqKCVB6xsXlzd7alYQ= -go.etcd.io/etcd/client/v3 v3.5.0/go.mod h1:AIKXXVX/DQXtfTEqBryiLTUXwON+GuvO6Z7lLS/oTh0= -go.etcd.io/etcd/pkg/v3 v3.5.0/go.mod h1:UzJGatBQ1lXChBkQF0AuAtkRQMYnHubxAEYIrC3MSsE= -go.etcd.io/etcd/raft/v3 v3.5.0/go.mod h1:UFOHSIvO/nKwd4lhkwabrTD3cqW5yVyYYf/KlD00Szc= -go.etcd.io/etcd/server/v3 v3.5.0/go.mod h1:3Ah5ruV+M+7RZr0+Y/5mNLwC+eQlni+mQmOVdCRJoS4= -go.mongodb.org/mongo-driver v1.7.0/go.mod h1:Q4oFMbo1+MSNqICAdYMlC/zSTrwCogR4R8NzkI+yfU8= -go.mozilla.org/pkcs7 v0.0.0-20200128120323-432b2356ecb1/go.mod h1:SNgMg+EgDFwmvSmLRTNKC5fegJjB7v23qTQ0XLGUNHk= -go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= -go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= -go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= -go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= -go.opentelemetry.io/contrib v0.20.0/go.mod h1:G/EtFaa6qaN7+LxqfIAT3GiZa7Wv5DTBUzl5H4LY0Kc= -go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.20.0/go.mod h1:oVGt1LRbBOBq1A5BQLlUg9UaU/54aiHw8cgjV3aWZ/E= -go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.28.0/go.mod h1:vEhqr0m4eTc+DWxfsXoXue2GBgV2uUwVznkGIHW/e5w= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.20.0/go.mod h1:2AboqHi0CiIZU0qwhtUfCYD1GeUzvvIXWNkhDt7ZMG4= -go.opentelemetry.io/otel v0.20.0/go.mod h1:Y3ugLH2oa81t5QO+Lty+zXf8zC9L26ax4Nzoxm/dooo= -go.opentelemetry.io/otel v1.3.0/go.mod h1:PWIKzi6JCp7sM0k9yZ43VX+T345uNbAkDKwHVjb2PTs= -go.opentelemetry.io/otel/exporters/otlp v0.20.0/go.mod h1:YIieizyaN77rtLJra0buKiNBOm9XQfkPEKBeuhoMwAM= -go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.3.0/go.mod h1:VpP4/RMn8bv8gNo9uK7/IMY4mtWLELsS+JIP0inH0h4= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.3.0/go.mod h1:hO1KLR7jcKaDDKDkvI9dP/FIhpmna5lkqPUQdEjFAM8= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.3.0/go.mod h1:keUU7UfnwWTWpJ+FWnyqmogPa82nuU5VUANFq49hlMY= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.3.0/go.mod h1:QNX1aly8ehqqX1LEa6YniTU7VY9I6R3X/oPxhGdTceE= -go.opentelemetry.io/otel/metric v0.20.0/go.mod h1:598I5tYlH1vzBjn+BTuhzTCSb/9debfNp6R3s7Pr1eU= -go.opentelemetry.io/otel/oteltest v0.20.0/go.mod h1:L7bgKf9ZB7qCwT9Up7i9/pn0PWIa9FqQ2IQ8LoxiGnw= -go.opentelemetry.io/otel/sdk v0.20.0/go.mod h1:g/IcepuwNsoiX5Byy2nNV0ySUF1em498m7hBWC279Yc= -go.opentelemetry.io/otel/sdk v1.3.0/go.mod h1:rIo4suHNhQwBIPg9axF8V9CA72Wz2mKF1teNrup8yzs= -go.opentelemetry.io/otel/sdk/export/metric v0.20.0/go.mod h1:h7RBNMsDJ5pmI1zExLi+bJK+Dr8NQCh0qGhm1KDnNlE= -go.opentelemetry.io/otel/sdk/metric v0.20.0/go.mod h1:knxiS8Xd4E/N+ZqKmUPf3gTTZ4/0TjTXukfxjzSTpHE= -go.opentelemetry.io/otel/trace v0.20.0/go.mod h1:6GjCW8zgDjwGHGa6GkyeB8+/5vjT16gUEi0Nf1iBdgw= -go.opentelemetry.io/otel/trace v1.3.0/go.mod h1:c/VDhno8888bvQYmbYLqe41/Ldmr/KKunbvWM4/fEjk= -go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= -go.opentelemetry.io/proto/otlp v0.11.0/go.mod h1:QpEjXPrNQzrFDZgoTo49dgHR9RYRSrg3NAKnUGl9YpQ= -go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= -go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= -go.uber.org/atomic v1.6.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= -go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/atomic v1.10.0 h1:9qC72Qh0+3MqyJbAn8YU5xVq1frD8bn3JtD2oXtafVQ= -go.uber.org/atomic v1.10.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= -go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= -go.uber.org/goleak v1.1.12/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= +go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE= +go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= -go.uber.org/multierr v1.3.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4= -go.uber.org/multierr v1.5.0/go.mod h1:FeouvMocqHpRaaGuG9EjoKcStLC43Zu/fmqdUMPcKYU= -go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= -go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9Ejo0C68/HhF8uaILCdgjnY+goOA= -go.uber.org/zap v1.9.1/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= -go.uber.org/zap v1.13.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM= -go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo= golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8= golang.org/x/arch v0.3.0 h1:02VY4/ZcO/gBOH6PUaoiptASxtXU10jazRCP865E97k= golang.org/x/arch v0.3.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8= -golang.org/x/crypto v0.0.0-20171113213409-9f005a07e0d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20181009213950-7c1a557ab941/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190325154230-a5d413f7728c/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190411191339-88737f569e3a/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE= -golang.org/x/crypto v0.0.0-20190422162423-af44ce270edf/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE= -golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190911031432-227b76d455e7/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20200323165209-0ec3e9974c59/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20201203163018-be400aefbc4c/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= -golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= -golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= -golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.9.0 h1:LF6fAI+IutBocDJ2OT0Q1g8plpYljMZ4+lty+dsqw3g= golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0= -golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= -golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= -golang.org/x/exp v0.0.0-20191002040644-a1355ae1e2c3/go.mod h1:NOZ3BPKG0ec/BKJQgnvsSFpcKLM5xXVWnvZS97DWHgE= -golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= -golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= -golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/image v0.0.0-20180708004352-c73c2afc3b81/go.mod h1:ux5Hcp/YLpHSI86hEcLt0YII63i6oz57MZXIpbrjZUs= -golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= -golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= -golang.org/x/image v0.0.0-20190910094157-69e4b8554b2a/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= -golang.org/x/image v0.0.0-20200119044424-58c23975cae1/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= -golang.org/x/image v0.0.0-20200430140353-33d19683fad8/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= -golang.org/x/image v0.0.0-20200618115811-c13761719519/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= -golang.org/x/image v0.0.0-20201208152932-35266b937fa6/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= -golang.org/x/image v0.0.0-20210216034530-4410531fe030/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= -golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= -golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= -golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= -golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= -golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= -golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= -golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= -golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= -golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.5.0/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro= -golang.org/x/mod v0.8.0 h1:LUYupSeNrTNCGzR/hVBk2NHZO4hXcVaW1k4Qx7rjPx8= -golang.org/x/net v0.0.0-20180218175443-cbe0f9307d01/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= +golang.org/x/mod v0.10.0 h1:lFO9qtOdlre5W1jxS3r/4szv2/6iXxScdzjoBMXNhYk= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181011144130-49bb7cea24b1/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181023162649-9b4f9f5ad519/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181108082009-03003ca0c849/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181201002055-351d144fa1fc/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190225153610-fe579d43d832/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190619014844-b5b0513f8c1b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20191004110552-13f9640d40b9/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20191112182307-2180aed22343/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= -golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= -golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= -golang.org/x/net v0.0.0-20201006153459-a7d1128ccaa0/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20201202161906-c7110b5ffcbb/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc= -golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= -golang.org/x/net v0.0.0-20210421230115-4e50805a0758/go.mod h1:72T/g9IO56b78aLF+1Kcs5dz7/ng1VjMUvfKvpfy+jM= golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= -golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20210505024714-0287a6fb4125/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20210520170846-37e1c6afe023/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20210614182718-04defd469f4e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20210825183410-e898025ed96a/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20211209124913-491a49abca63/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20211216030914-fe4d6282115f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20220111093109-d55c255bac03/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220706163947-c90051bbdb60/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= +golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= -golang.org/x/oauth2 v0.0.0-20180227000427-d7d64896b5ff/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.0.0-20181106182150-f42d05182288/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190412183630-56d357773e84/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20180224232135-f6cff0780e54/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181026203630-95b1ffbd15a5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190403152447-81d4e9dc473e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190419153524-e8e3143a4f4a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190514135907-3a4b5fb9f71f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190522044717-8097e1b27ff5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190531175056-4c3a928424d2/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190602015325-4c4f7f33c9ed/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190606203320-7fc4e5ec1444/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190626221950-04f50cda93cb/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190812073006-9eafafc0a87e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191112214154-59a1497f0cea/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191115151921-52ab43148777/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191210023423-ac6580df4449/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200120151820-655fe14d7479/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200124204421-9fbb57f87de9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200217220822-9197077df867/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200622214017-ed371f2e16b4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200728102440-3e129f6d46b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200817155316-9781c653f443/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200828194041-157a740278f4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200831180312-196b9ba8737a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200909081042-eff7692f9009/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200916030750-2334cc1a136f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200922070232-aee5d888a860/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200923182605-d9f96fdee20d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201112073958-5cba982894dd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201117170446-d9b008d0a637/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201126233918-771906719818/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201202213521-69691e467435/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210104204734-6f8348627aad/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210304124612-50617c2ba197/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210324051608-47abb6519492/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210420072515-93ed5bcd2bfe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210426230700-d19ff857e887/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210603125802-9665404d3644/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210616045830-e2b7044e8c71/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210816183151-1e6c022a8912/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210818153620-00dd8d7831e7/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210831042530-f4d43177bf5e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210903071746-97244b99971b/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210906170528-6f6e22806c34/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211116061358-0a5406a5449c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211124211545-fe61309f8881/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211205182925-97ca703d548d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220111092808-5a964db01320/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220317061510-51cd9980dadf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= +golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20220224211638-0e9765cccd65/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20181011042414-1f849cf54d09/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190206041539-40960b6deb8e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= -golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190329151228-23e29df326fe/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190416151739-9c9e1878f421/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190420181800-aa740d480789/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190425163242-31fd60d6bfdc/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190531172133-b3315ee88b7d/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190624222133-a101b041ded4/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190706070813-72ffa07ba3db/go.mod h1:jcCCGcm9btYwXyDqrUWc6MKQKKGJCWEQ3AfLSRIbEuI= -golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20190823170909-c4a336ef6a2f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20190927191325-030b2cf1153e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191112195655-aa38f8e97acc/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200103221440-774c71fcf114/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200227222343-706bc42d1f0d/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= -golang.org/x/tools v0.0.0-20200312045724-11d5b4c81c7d/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= -golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8= -golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200505023115-26f46d2f7ef8/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200616133436-c1934b75d054/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= -golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= -golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= -golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE= -golang.org/x/tools v0.0.0-20200916195026-c9a70fc28ce3/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU= -golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20201124115921-2c860bdd6e78/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= -golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.7/go.mod h1:LGqMHiF4EqQNHR1JncWGqT5BVaXmza+X+BDGol+dOxo= -golang.org/x/tools v0.6.0 h1:BOw41kyTf3PuCW1pVQf8+Cyg8pMlkYB1oo9iJ6D/lKM= -golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/xerrors v0.0.0-20190410155217-1f06c39b4373/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20190513163551-3ee3066db522/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= +golang.org/x/tools v0.9.3 h1:Gn1I8+64MsuTb/HpH+LmQtNas23LhUVr3rYZ0eKuaMM= +golang.org/x/tools v0.9.3/go.mod h1:owI94Op576fPu3cIGQeHs3joujW/2Oc6MtlxbF5dfNc= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -gonum.org/v1/gonum v0.0.0-20180816165407-929014505bf4/go.mod h1:Y+Yx5eoAFn32cQvJDxZx5Dpnq+c3wtXuadVZAcxbbBo= -gonum.org/v1/gonum v0.8.2/go.mod h1:oe/vMfY3deqTw+1EZJhuvEW2iwGF1bW9wwu7XCu0+v0= -gonum.org/v1/gonum v0.9.3/go.mod h1:TZumC3NeyVQskjXqmyWt4S3bINhy7B4eYwW69EbyX+0= -gonum.org/v1/netlib v0.0.0-20190313105609-8cb42192e0e0/go.mod h1:wa6Ws7BG/ESfp6dHfk7C6KdzKA7wR7u/rKwOGE66zvw= -gonum.org/v1/plot v0.0.0-20190515093506-e2840ee46a6b/go.mod h1:Wt8AAjI+ypCyYX3nZBvf6cAIx93T+c/OS2HFAYskSZc= -gonum.org/v1/plot v0.9.0/go.mod h1:3Pcqqmp6RHvJI72kgb8fThyUnav364FOsdDo2aGW5lY= -google.golang.org/api v0.0.0-20160322025152-9bf6e6e569ff/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0= -google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= -google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= -google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= -google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= -google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.19.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= -google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= -google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM= -google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc= -google.golang.org/api v0.35.0/go.mod h1:/XrVsuzM0rZmrsbjJutiuftIzeuTQcEeaYcSk/mQ1dg= -google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34qYtE= -google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8= -google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU= -google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94= -google.golang.org/api v0.47.0/go.mod h1:Wbvgpq1HddcWVtzsVLyfLp8lDg6AA241LmgIL59tHXo= -google.golang.org/api v0.48.0/go.mod h1:71Pr1vy+TAZRPkPs/xlCf5SsU8WjuAWv1Pfjbtukyy4= -google.golang.org/api v0.50.0/go.mod h1:4bNT5pAuq5ji4SRZm+5QIkjny9JAyVD/3gaSihNefaw= -google.golang.org/api v0.51.0/go.mod h1:t4HdrdoNgyN5cbEfm7Lum0lcLDLiise1F8qDKX00sOU= -google.golang.org/api v0.54.0/go.mod h1:7C4bFFOvVDGXjfDTAsgGwDgAxRDeQ4X8NvUedIt6z3k= -google.golang.org/api v0.55.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE= -google.golang.org/api v0.56.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE= -google.golang.org/api v0.57.0/go.mod h1:dVPlbZyBo2/OjBpmvNdpn2GRm6rPy75jyU7bmhdrMgI= -google.golang.org/api v0.61.0/go.mod h1:xQRti5UdCmoCEqFxcz93fTl338AVqDgyaDRuOZ3hg9I= -google.golang.org/api v0.62.0/go.mod h1:dKmwPCydfsad4qCH08MSdgWjfHOyfpd4VtDGgRFdavw= -google.golang.org/appengine v1.0.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= -google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= -google.golang.org/appengine v1.3.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= -google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/cloud v0.0.0-20151119220103-975617b05ea8/go.mod h1:0H1ncTHf11KCFhTc/+EFRbzSCOZx+VUbRMk55Yv5MYk= -google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= -google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190522204451-c2c4e71fbf69/go.mod h1:z3L6/3dTEVtUr6QSP8miRzeRqwQOioJ9I66odjN4I7s= -google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= -google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= -google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= -google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200117163144-32f20d992d24/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA= -google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200228133532-8c2c7df3a383/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200423170343-7949de9c1215/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U= -google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= -google.golang.org/genproto v0.0.0-20200527145253-8367513e4ece/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= -google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= -google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201110150050-8816d57aaa9a/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210222152913-aa3ee6e6a81c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210303154014-9728d6b83eeb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A= -google.golang.org/genproto v0.0.0-20210513213006-bf773b8c8384/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A= -google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= -google.golang.org/genproto v0.0.0-20210604141403-392c879c8b08/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= -google.golang.org/genproto v0.0.0-20210608205507-b6d2f5bf0d7d/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= -google.golang.org/genproto v0.0.0-20210624195500-8bfb893ecb84/go.mod h1:SzzZ/N+nwJDaO1kznhnlzqS8ocJICar6hYhVyhi++24= -google.golang.org/genproto v0.0.0-20210630183607-d20f26d13c79/go.mod h1:yiaVoXHpRzHGyxV3o4DktVWY4mSUErTKaeEOq6C3t3U= -google.golang.org/genproto v0.0.0-20210713002101-d411969a0d9a/go.mod h1:AxrInvYm1dci+enl5hChSFPOmmUF1+uAa/UsgNRWd7k= -google.golang.org/genproto v0.0.0-20210716133855-ce7ef5c701ea/go.mod h1:AxrInvYm1dci+enl5hChSFPOmmUF1+uAa/UsgNRWd7k= -google.golang.org/genproto v0.0.0-20210728212813-7823e685a01f/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48= -google.golang.org/genproto v0.0.0-20210805201207-89edb61ffb67/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48= -google.golang.org/genproto v0.0.0-20210813162853-db860fec028c/go.mod h1:cFeNkxwySK631ADgubI+/XFU/xp8FD5KIVV4rj8UC5w= -google.golang.org/genproto v0.0.0-20210821163610-241b8fcbd6c8/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= -google.golang.org/genproto v0.0.0-20210828152312-66f60bf46e71/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= -google.golang.org/genproto v0.0.0-20210831024726-fe130286e0e2/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= -google.golang.org/genproto v0.0.0-20210903162649-d08c68adba83/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= -google.golang.org/genproto v0.0.0-20210909211513-a8c4777a87af/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= -google.golang.org/genproto v0.0.0-20210924002016-3dee208752a0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20211118181313-81c1377c94b1/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20211129164237-f09f9a12af12/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20211203200212-54befc351ae9/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20211206160659-862468c7d6e0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20220111164026-67b88f271998/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20220314164441-57ef72a4c106 h1:ErU+UA6wxadoU8nWrsy5MZUVBs75K17zUCsUCIfrXCE= -google.golang.org/genproto v0.0.0-20220314164441-57ef72a4c106/go.mod h1:hAL49I2IFola2sVEjAn7MEwsja0xp51I0tlGAf9hz4E= -google.golang.org/grpc v0.0.0-20160317175043-d3ddb4469d5a/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= -google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= -google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= -google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= -google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= -google.golang.org/grpc v1.23.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= -google.golang.org/grpc v1.24.0/go.mod h1:XDChyiUovWa60DnaeDeZmSW86xtLtjtZbwvSiRnRtcA= -google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= -google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKal+60= -google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk= -google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= -google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= -google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= -google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= -google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= -google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA51WJ8= -google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= -google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= -google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= -google.golang.org/grpc v1.37.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= -google.golang.org/grpc v1.37.1/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= -google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= -google.golang.org/grpc v1.39.0/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE= -google.golang.org/grpc v1.39.1/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE= -google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= -google.golang.org/grpc v1.40.1/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= -google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= -google.golang.org/grpc v1.43.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= -google.golang.org/grpc v1.45.0 h1:NEpgUqV3Z+ZjkqMsxMg11IaDrXY4RY6CQukSGK0uI1M= -google.golang.org/grpc v1.45.0/go.mod h1:lN7owxKUQEqMfSyQikvvk5tf/6zMPsrK+ONuO11+0rQ= -google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= -google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= -google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng= google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U= -gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20141024133853-64131543e789/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= -gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= -gopkg.in/gemnasium/logrus-airbrake-hook.v2 v2.1.2/go.mod h1:Xk6kEKp8OKb+X14hQBKWaSkCsqBpgog8nAV2xsGOxlo= -gopkg.in/inconshreveable/log15.v2 v2.0.0-20180818164646-67afb5ed74ec/go.mod h1:aPpfJ7XW+gOuirDoZ8gHhLh3kZ1B08FtV2bbmy7Jv3s= -gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= -gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= -gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= -gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= -gopkg.in/square/go-jose.v2 v2.3.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= -gopkg.in/square/go-jose.v2 v2.5.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= -gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.7/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= @@ -1963,107 +386,11 @@ gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gorm.io/driver/postgres v1.0.8/go.mod h1:4eOzrI1MUfm6ObJU/UcmbXyiHSs8jSwH95G5P5dxcAg= -gorm.io/driver/postgres v1.4.4 h1:zt1fxJ+C+ajparn0SteEnkoPg0BQ6wOWXEQ99bteAmw= -gorm.io/driver/postgres v1.4.4/go.mod h1:whNfh5WhhHs96honoLjBAMwJGYEuA3m1hvgUbNXhPCw= -gorm.io/gorm v1.20.12/go.mod h1:0HFTzE/SqkGTzK6TlDPPQbAYCluiVvhzoA1+aVyzenw= -gorm.io/gorm v1.21.4/go.mod h1:0HFTzE/SqkGTzK6TlDPPQbAYCluiVvhzoA1+aVyzenw= -gorm.io/gorm v1.23.7/go.mod h1:l2lP/RyAtc1ynaTjFksBde/O8v9oOGIApu2/xRitmZk= -gorm.io/gorm v1.24.0 h1:j/CoiSm6xpRpmzbFJsQHYj+I8bGYWLXVHeYEyyKlF74= -gorm.io/gorm v1.24.0/go.mod h1:DVrVomtaYTbqs7gB/x2uVvqnXzv0nqjB396B8cG4dBA= -gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= -gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk= -gotest.tools/v3 v3.0.3/go.mod h1:Z7Lb0S5l+klDB31fvDQX8ss/FlKDxtlFlw3Oa8Ymbl8= -gotest.tools/v3 v3.1.0/go.mod h1:fHy7eyTmJFO5bQbUsEGQ1v4m2J3Jz9eWL54TP2/ZuYQ= -honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= -honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/api v0.20.1/go.mod h1:KqwcCVogGxQY3nBlRpwt+wpAMF/KjaCc7RpywacvqUo= -k8s.io/api v0.20.4/go.mod h1:++lNL1AJMkDymriNniQsWRkMDzRaX2Y/POTUi8yvqYQ= -k8s.io/api v0.20.6/go.mod h1:X9e8Qag6JV/bL5G6bU8sdVRltWKmdHsFUGS3eVndqE8= -k8s.io/api v0.22.5/go.mod h1:mEhXyLaSD1qTOf40rRiKXkc+2iCem09rWLlFwhCEiAs= -k8s.io/apimachinery v0.20.1/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= -k8s.io/apimachinery v0.20.4/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= -k8s.io/apimachinery v0.20.6/go.mod h1:ejZXtW1Ra6V1O5H8xPBGz+T3+4gfkTCeExAHKU57MAc= -k8s.io/apimachinery v0.22.1/go.mod h1:O3oNtNadZdeOMxHFVxOreoznohCpy0z6mocxbZr7oJ0= -k8s.io/apimachinery v0.22.5/go.mod h1:xziclGKwuuJ2RM5/rSFQSYAj0zdbci3DH8kj+WvyN0U= -k8s.io/apiserver v0.20.1/go.mod h1:ro5QHeQkgMS7ZGpvf4tSMx6bBOgPfE+f52KwvXfScaU= -k8s.io/apiserver v0.20.4/go.mod h1:Mc80thBKOyy7tbvFtB4kJv1kbdD0eIH8k8vianJcbFM= -k8s.io/apiserver v0.20.6/go.mod h1:QIJXNt6i6JB+0YQRNcS0hdRHJlMhflFmsBDeSgT1r8Q= -k8s.io/apiserver v0.22.5/go.mod h1:s2WbtgZAkTKt679sYtSudEQrTGWUSQAPe6MupLnlmaQ= -k8s.io/client-go v0.20.1/go.mod h1:/zcHdt1TeWSd5HoUe6elJmHSQ6uLLgp4bIJHVEuy+/Y= -k8s.io/client-go v0.20.4/go.mod h1:LiMv25ND1gLUdBeYxBIwKpkSC5IsozMMmOOeSJboP+k= -k8s.io/client-go v0.20.6/go.mod h1:nNQMnOvEUEsOzRRFIIkdmYOjAZrC8bgq0ExboWSU1I0= -k8s.io/client-go v0.22.5/go.mod h1:cs6yf/61q2T1SdQL5Rdcjg9J1ElXSwbjSrW2vFImM4Y= -k8s.io/code-generator v0.19.7/go.mod h1:lwEq3YnLYb/7uVXLorOJfxg+cUu2oihFhHZ0n9NIla0= -k8s.io/component-base v0.20.1/go.mod h1:guxkoJnNoh8LNrbtiQOlyp2Y2XFCZQmrcg2n/DeYNLk= -k8s.io/component-base v0.20.4/go.mod h1:t4p9EdiagbVCJKrQ1RsA5/V4rFQNDfRlevJajlGwgjI= -k8s.io/component-base v0.20.6/go.mod h1:6f1MPBAeI+mvuts3sIdtpjljHWBQ2cIy38oBIWMYnrM= -k8s.io/component-base v0.22.5/go.mod h1:VK3I+TjuF9eaa+Ln67dKxhGar5ynVbwnGrUiNF4MqCI= -k8s.io/cri-api v0.17.3/go.mod h1:X1sbHmuXhwaHs9xxYffLqJogVsnI+f6cPRcgPel7ywM= -k8s.io/cri-api v0.20.1/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= -k8s.io/cri-api v0.20.4/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= -k8s.io/cri-api v0.20.6/go.mod h1:ew44AjNXwyn1s0U4xCKGodU7J1HzBeZ1MpGrpa5r8Yc= -k8s.io/cri-api v0.23.1/go.mod h1:REJE3PSU0h/LOV1APBrupxrEJqnoxZC8KWzkBUHwrK4= -k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= -k8s.io/gengo v0.0.0-20200428234225-8167cfdcfc14/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= -k8s.io/gengo v0.0.0-20201113003025-83324d819ded/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= -k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= -k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/klog/v2 v2.4.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/klog/v2 v2.9.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec= -k8s.io/klog/v2 v2.30.0/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6/go.mod h1:UuqjUnNftUyPE5H64/qeyjQoUZhGpeFDVdxjTeEVN2o= -k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM= -k8s.io/kube-openapi v0.0.0-20210421082810-95288971da7e/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw= -k8s.io/kube-openapi v0.0.0-20211109043538-20434351676c/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw= -k8s.io/kubernetes v1.13.0/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk= -k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20210819203725-bdf08cb9a70a/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20210930125809-cb0fa318a74b/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -modernc.org/b v1.0.0/go.mod h1:uZWcZfRj1BpYzfN9JTerzlNUnnPsV9O2ZA8JsRcubNg= -modernc.org/cc/v3 v3.32.4/go.mod h1:0R6jl1aZlIl2avnYfbfHBS1QB6/f+16mihBObaBC878= -modernc.org/ccgo/v3 v3.9.2/go.mod h1:gnJpy6NIVqkETT+L5zPsQFj7L2kkhfPMzOghRNv/CFo= -modernc.org/db v1.0.0/go.mod h1:kYD/cO29L/29RM0hXYl4i3+Q5VojL31kTUVpVJDw0s8= -modernc.org/file v1.0.0/go.mod h1:uqEokAEn1u6e+J45e54dsEA/pw4o7zLrA2GwyntZzjw= -modernc.org/fileutil v1.0.0/go.mod h1:JHsWpkrk/CnVV1H/eGlFf85BEpfkrp56ro8nojIq9Q8= -modernc.org/golex v1.0.0/go.mod h1:b/QX9oBD/LhixY6NDh+IdGv17hgB+51fET1i2kPSmvk= -modernc.org/httpfs v1.0.6/go.mod h1:7dosgurJGp0sPaRanU53W4xZYKh14wfzX420oZADeHM= -modernc.org/internal v1.0.0/go.mod h1:VUD/+JAkhCpvkUitlEOnhpVxCgsBI90oTzSCRcqQVSM= -modernc.org/libc v1.7.13-0.20210308123627-12f642a52bb8/go.mod h1:U1eq8YWr/Kc1RWCMFUWEdkTg8OTcfLw2kY8EDwl039w= -modernc.org/libc v1.9.5/go.mod h1:U1eq8YWr/Kc1RWCMFUWEdkTg8OTcfLw2kY8EDwl039w= -modernc.org/lldb v1.0.0/go.mod h1:jcRvJGWfCGodDZz8BPwiKMJxGJngQ/5DrRapkQnLob8= -modernc.org/mathutil v1.0.0/go.mod h1:wU0vUrJsVWBZ4P6e7xtFJEhFSNsfRLJ8H458uRjg03k= -modernc.org/mathutil v1.1.1/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E= -modernc.org/mathutil v1.2.2/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E= +gorm.io/driver/postgres v1.5.2 h1:ytTDxxEv+MplXOfFe3Lzm7SjG09fcdb3Z/c056DTBx0= +gorm.io/driver/postgres v1.5.2/go.mod h1:fmpX0m2I1PKuR7mKZiEluwrP3hbs+ps7JIGMUBpCgl8= +gorm.io/gorm v1.25.1 h1:nsSALe5Pr+cM3V1qwwQ7rOkw+6UeLrX5O4v3llhHa64= +gorm.io/gorm v1.25.1/go.mod h1:L4uxeKpfBml98NYqVqwAdmV1a2nBtAec/cf3fpucW/k= modernc.org/mathutil v1.5.0 h1:rV0Ko/6SfM+8G+yKiyI830l3Wuz1zRutdslNoQ0kfiQ= -modernc.org/memory v1.0.4/go.mod h1:nV2OApxradM3/OVbs2/0OsP6nPfakXpi50C7dcoHXlc= -modernc.org/opt v0.1.1/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0= -modernc.org/ql v1.0.0/go.mod h1:xGVyrLIatPcO2C1JvI/Co8c0sr6y91HKFNy4pt9JXEY= -modernc.org/sortutil v1.1.0/go.mod h1:ZyL98OQHJgH9IEfN71VsamvJgrtRX9Dj2gX+vH86L1k= -modernc.org/sqlite v1.10.6/go.mod h1:Z9FEjUtZP4qFEg6/SiADg9XCER7aYy9a/j7Pg9P7CPs= -modernc.org/strutil v1.1.0/go.mod h1:lstksw84oURvj9y3tn8lGvRxyRC1S2+g5uuIzNfIOBs= modernc.org/strutil v1.1.3 h1:fNMm+oJklMGYfU9Ylcywl0CO5O6nTfaowNsh2wpPjzY= modernc.org/strutil v1.1.3/go.mod h1:MEHNA7PdEnEwLvspRMtWTNnp2nnyvMfkimT1NKNAGbw= -modernc.org/tcl v1.5.2/go.mod h1:pmJYOLgpiys3oI4AeAafkcUfE+TKKilminxNyU/+Zlo= -modernc.org/token v1.0.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM= -modernc.org/z v1.0.1-0.20210308123920-1f282aa71362/go.mod h1:8/SRk5C/HgiQWCgXdfpb+1RvhORdkz5sw72d3jjtyqA= -modernc.org/z v1.0.1/go.mod h1:8/SRk5C/HgiQWCgXdfpb+1RvhORdkz5sw72d3jjtyqA= -modernc.org/zappy v1.0.0/go.mod h1:hHe+oGahLVII/aTTyWK/b53VDHMAGCBYYeZ9sn83HC4= -rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4= -rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= -rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.14/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.15/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.22/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= -sigs.k8s.io/structured-merge-diff/v4 v4.0.1/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= -sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= -sigs.k8s.io/structured-merge-diff/v4 v4.0.3/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= -sigs.k8s.io/structured-merge-diff/v4 v4.1.2/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= -sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= -sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= From 70da2c779a6c6fa928c8329b021271e2c9561c2d Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 12 Jun 2023 17:04:16 +0200 Subject: [PATCH 089/268] use GOMEMLIMIT to set soft memory limit --- deploy/clowdapp.yaml | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index dcdbade46..88cdc9bc0 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -46,6 +46,7 @@ objects: - {name: PACKAGES_PAGE_SIZE, value: '${PACKAGES_PAGE_SIZE}'} - {name: MSG_BATCH_SIZE, value: '${MSG_BATCH_SIZE}'} - {name: ENABLE_TURNPIKE_AUTH, value: '${ENABLE_TURNPIKE_AUTH}'} + - {name: GOMEMLIMIT, value: '${GOMEMLIMIT_DATABASE_ADMIN}'} resources: limits: {cpu: '${RES_LIMIT_CPU_ADMIN}', memory: '${RES_LIMIT_MEM_ADMIN}'} @@ -121,6 +122,7 @@ objects: - {name: RESPONSE_TIMEOUT, value: '${RESPONSE_TIMEOUT}'} - {name: SSL_CERT_DIR, value: '${SSL_CERT_DIR}'} - {name: ENABLE_PROFILER, value: '${ENABLE_PROFILER_MANAGER}'} + - {name: GOMEMLIMIT, value: '${GOMEMLIMIT_MANAGER}'} resources: limits: {cpu: '${RES_LIMIT_CPU_MANAGER}', memory: '${RES_LIMIT_MEM_MANAGER}'} @@ -168,6 +170,7 @@ objects: - {name: EXCLUDED_HOST_TYPES, value: '${EXCLUDED_HOST_TYPES}'} - {name: ENABLE_PAYLOAD_TRACKER, value: '${ENABLE_PAYLOAD_TRACKER}'} - {name: ENABLE_PROFILER, value: '${ENABLE_PROFILER_LISTENER}'} + - {name: GOMEMLIMIT, value: '${GOMEMLIMIT_LISTENER}'} resources: limits: {cpu: '${RES_LIMIT_CPU_LISTENER}', memory: '${RES_LIMIT_MEM_LISTENER}'} @@ -236,6 +239,7 @@ objects: - {name: SSL_CERT_DIR, value: '${SSL_CERT_DIR}'} - {name: GOGC, value: '${GOGC}'} # set garbage collection limit for go 1.18 - {name: ENABLE_PROFILER, value: '${ENABLE_PROFILER_EVALUATOR_UPLOAD}'} + - {name: GOMEMLIMIT, value: '${GOMEMLIMIT_EVALUATOR}'} resources: limits: {cpu: '${RES_LIMIT_CPU_EVALUATOR_UPLOAD}', memory: '${RES_LIMIT_MEM_EVALUATOR_UPLOAD}'} requests: {cpu: '${RES_REQUEST_CPU_EVALUATOR_UPLOAD}', memory: '${RES_REQUEST_MEM_EVALUATOR_UPLOAD}'} @@ -303,6 +307,7 @@ objects: - {name: SSL_CERT_DIR, value: '${SSL_CERT_DIR}'} - {name: GOGC, value: '${GOGC}'} # set garbage collection limit for go 1.18 - {name: ENABLE_PROFILER, value: '${ENABLE_PROFILER_EVALUATOR_RECALC}'} + - {name: GOMEMLIMIT, value: '${GOMEMLIMIT_EVALUATOR}'} resources: limits: {cpu: '${RES_LIMIT_CPU_EVALUATOR_RECALC}', memory: '${RES_LIMIT_MEM_EVALUATOR_RECALC}'} requests: {cpu: '${RES_REQUEST_CPU_EVALUATOR_RECALC}', memory: '${RES_REQUEST_MEM_EVALUATOR_RECALC}'} @@ -352,6 +357,7 @@ objects: - {name: FULL_SYNC_CADENCE,value: '${FULL_SYNC_CADENCE}'} - {name: SSL_CERT_DIR, value: '${SSL_CERT_DIR}'} - {name: USE_VMAAS_GO, value: '${USE_VMAAS_GO}'} + - {name: GOMEMLIMIT, value: '${GOMEMLIMIT_VMAAS_SYNC}'} resources: limits: {cpu: '${RES_LIMIT_CPU_VMAAS_SYNC}', memory: '${RES_LIMIT_MEM_VMAAS_SYNC}'} requests: {cpu: '${RES_REQUEST_CPU_VMAAS_SYNC}', memory: '${RES_REQUEST_MEM_VMAAS_SYNC}'} @@ -570,6 +576,7 @@ parameters: - {name: RESPONSE_TIMEOUT, value: '60'} - {name: DB_READ_REPLICA_ENABLED, value: 'TRUE'} - {name: ENABLE_PROFILER_MANAGER, value: 'false'} +- {name: GOMEMLIMIT_MANAGER, value: '230MiB'} # set to 90% of the default memory limit 256Mi (don't forget `B`) # Listener - {name: REPLICAS_LISTENER, value: '1'} @@ -582,14 +589,16 @@ parameters: - {name: EXCLUDED_REPORTERS, value: 'yupana'} # Comma-separated list of reporters to exclude from processing - {name: EXCLUDED_HOST_TYPES, value: 'edge'} # Comma-separated list of host types to exclude from processing - {name: RES_LIMIT_CPU_LISTENER, value: 250m} -- {name: RES_LIMIT_MEM_LISTENER, value: 256Mi} +- {name: RES_LIMIT_MEM_LISTENER, value: 192Mi} - {name: RES_REQUEST_CPU_LISTENER, value: 250m} -- {name: RES_REQUEST_MEM_LISTENER, value: 256Mi} +- {name: RES_REQUEST_MEM_LISTENER, value: 192Mi} - {name: ENABLE_PROFILER_LISTENER, value: 'false'} +- {name: GOMEMLIMIT_LISTENER, value: '172MiB'} # set to 90% of the default memory limit 192Mi (don't forget `B`) # Evaluator - {name: USE_VMAAS_GO, value: 'true'} -- {name: GOGC, value: '25'} +- {name: GOGC, value: '100'} +- {name: GOMEMLIMIT_EVALUATOR, value: '922MiB'} # set to 90% of the default memory limit 1024Mi (don't forget `B`) # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} @@ -668,6 +677,7 @@ parameters: - {name: RES_REQUEST_CPU_VMAAS_SYNC, value: 500m} - {name: RES_REQUEST_MEM_VMAAS_SYNC, value: 384Mi} - {name: FULL_SYNC_CADENCE, value: '168'} # run full vmaas sync (default: 168h) +- {name: GOMEMLIMIT_VMAAS_SYNC, value: '345MiB'} # set to 90% of the default memory limit 384Mi (don't forget `B`) # Delete unused data - {name: DELETE_UNUSED_SCHEDULE, value: '10 */6 * * *'} # Cronjob schedule definition - {name: DELETE_UNUSED_SUSPEND, value: 'true'} # Disable cronjob execution @@ -702,6 +712,7 @@ parameters: - {name: RES_REQUEST_MEM_DATABASE_ADMIN, value: 128Mi} - {name: UPDATE_USERS, value: 'false'} # set to true if we need to change user or passwords - {name: UPDATE_DB_CONFIG, value: 'false'} # set to true if we need to load new './database_admin/config.sql' +- {name: GOMEMLIMIT_DATABASE_ADMIN, value: '115MiB'} # set to 90% of the default memory limit 128Mi (don't forget `B`) # Common parameters - {name: IMAGE, value: quay.io/cloudservices/patchman-engine-app} From d28a3d9ee309c05cc95ea6d658ec7d6331612215 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Tue, 13 Jun 2023 09:17:13 +0200 Subject: [PATCH 090/268] use automaxprocs to automatically set GOMAXPROCS --- conf/common.env | 1 - deploy/clowdapp.yaml | 17 ----------------- go.mod | 1 + go.sum | 3 +++ main.go | 2 ++ 5 files changed, 6 insertions(+), 18 deletions(-) diff --git a/conf/common.env b/conf/common.env index 5ddb356ab..7a76967af 100644 --- a/conf/common.env +++ b/conf/common.env @@ -1,7 +1,6 @@ LOG_LEVEL=trace LOG_STYLE=plain GIN_MODE=release -GOMAXPROCS=8 ACG_CONFIG=/go/src/app/conf/cdappconfig.json DB_DEBUG=false diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 88cdc9bc0..617cadd02 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -31,7 +31,6 @@ objects: - ./scripts/entrypoint.sh - admin env: - - {name: GOMAXPROCS, value: '${GOMAXPROCS_ADMIN}'} - {name: GIN_MODE, value: '${GIN_MODE}'} - {name: KAFKA_GROUP, value: patchman} - {name: KAFKA_WRITER_MAX_ATTEMPTS, value: '${KAFKA_WRITER_MAX_ATTEMPTS}'} @@ -95,7 +94,6 @@ objects: - manager env: - {name: LOG_LEVEL, value: '${LOG_LEVEL_MANAGER}'} - - {name: GOMAXPROCS, value: '${GOMAXPROCS_MANAGER}'} - {name: GIN_MODE, value: '${GIN_MODE}'} - {name: SHOW_CLOWDER_VARS, value: ''} - {name: DB_DEBUG, value: '${DB_DEBUG_MANAGER}'} @@ -151,7 +149,6 @@ objects: - listener env: - {name: LOG_LEVEL, value: '${LOG_LEVEL_LISTENER}'} - - {name: GOMAXPROCS, value: '${GOMAXPROCS_LISTENER}'} - {name: GIN_MODE, value: '${GIN_MODE}'} - {name: SHOW_CLOWDER_VARS, value: ''} - {name: DB_DEBUG, value: '${DB_DEBUG_LISTENER}'} @@ -199,7 +196,6 @@ objects: - evaluator env: - {name: LOG_LEVEL, value: '${LOG_LEVEL_EVALUATOR_UPLOAD}'} - - {name: GOMAXPROCS, value: '${GOMAXPROCS_EVALUATOR_UPLOAD}'} - {name: GIN_MODE, value: '${GIN_MODE}'} - {name: SHOW_CLOWDER_VARS, value: ''} - {name: DB_DEBUG, value: '${DB_DEBUG_EVALUATOR_UPLOAD}'} @@ -267,7 +263,6 @@ objects: - evaluator env: - {name: LOG_LEVEL, value: '${LOG_LEVEL_EVALUATOR_RECALC}'} - - {name: GOMAXPROCS, value: '${GOMAXPROCS_EVALUATOR_RECALC}'} - {name: GIN_MODE, value: '${GIN_MODE}'} - {name: SHOW_CLOWDER_VARS, value: ''} - {name: DB_DEBUG, value: '${DB_DEBUG_EVALUATOR_RECALC}'} @@ -333,7 +328,6 @@ objects: - vmaas_sync env: - {name: LOG_LEVEL, value: '${LOG_LEVEL_JOBS}'} - - {name: GOMAXPROCS, value: '${GOMAXPROCS_JOBS}'} - {name: GIN_MODE, value: '${GIN_MODE}'} - {name: SHOW_CLOWDER_VARS, value: ''} - {name: DB_DEBUG, value: '${DB_DEBUG_JOBS}'} @@ -382,7 +376,6 @@ objects: - system_culling env: - {name: LOG_LEVEL, value: '${LOG_LEVEL_JOBS}'} - - {name: GOMAXPROCS, value: '${GOMAXPROCS_JOBS}'} - {name: GIN_MODE, value: '${GIN_MODE}'} - {name: DB_DEBUG, value: '${DB_DEBUG_JOBS}'} - {name: DB_USER, value: vmaas_sync} @@ -413,7 +406,6 @@ objects: - packages_cache_refresh env: - {name: LOG_LEVEL, value: '${LOG_LEVEL_JOBS}'} - - {name: GOMAXPROCS, value: '${GOMAXPROCS_PKG_REFRESH}'} - {name: GIN_MODE, value: '${GIN_MODE}'} - {name: DB_DEBUG, value: '${DB_DEBUG_JOBS}'} - {name: DB_USER, value: vmaas_sync} @@ -440,7 +432,6 @@ objects: - advisory_cache_refresh env: - {name: LOG_LEVEL, value: '${LOG_LEVEL_JOBS}'} - - {name: GOMAXPROCS, value: '${GOMAXPROCS_JOBS}'} - {name: GIN_MODE, value: '${GIN_MODE}'} - {name: DB_DEBUG, value: '${DB_DEBUG_JOBS}'} - {name: DB_USER, value: vmaas_sync} @@ -469,7 +460,6 @@ objects: - delete_unused env: - {name: LOG_LEVEL, value: '${LOG_LEVEL_JOBS}'} - - {name: GOMAXPROCS, value: '${GOMAXPROCS_JOBS}'} - {name: GIN_MODE, value: '${GIN_MODE}'} - {name: DB_DEBUG, value: '${DB_DEBUG_JOBS}'} - {name: DB_USER, value: vmaas_sync} @@ -557,7 +547,6 @@ parameters: - {name: REPLICAS_MANAGER, value: '1'} - {name: IMAGE_TAG_MANAGER, value: v3.3.2} - {name: LOG_LEVEL_MANAGER, value: debug} -- {name: GOMAXPROCS_MANAGER, value: '8'} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags - {name: ENABLE_RBAC, value: 'true'} # Enable requesting RBAC service @@ -582,7 +571,6 @@ parameters: - {name: REPLICAS_LISTENER, value: '1'} - {name: IMAGE_TAG_LISTENER, value: v3.3.2} - {name: LOG_LEVEL_LISTENER, value: debug} -- {name: GOMAXPROCS_LISTENER, value: '8'} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} - {name: ENABLE_BYPASS_LISTENER, value: 'false'} # Enable only bypass (fake) messages processing @@ -604,7 +592,6 @@ parameters: - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} - {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.2} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} -- {name: GOMAXPROCS_EVALUATOR_UPLOAD, value: '8'} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} - {name: ENABLE_BYPASS_EVALUATOR_UPLOAD, value: 'false'} # Enable only bypass (fake) messages processing @@ -630,7 +617,6 @@ parameters: - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} - {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.2} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} -- {name: GOMAXPROCS_EVALUATOR_RECALC, value: '8'} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} - {name: ENABLE_BYPASS_EVALUATOR_RECALC, value: 'false'} # Enable only bypass (fake) messages processing @@ -654,8 +640,6 @@ parameters: # JOBS - {name: IMAGE_TAG_JOBS, value: v3.3.2} - {name: LOG_LEVEL_JOBS, value: debug} -- {name: GOMAXPROCS_JOBS, value: '8'} -- {name: GOMAXPROCS_PKG_REFRESH, value: '1'} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs - {name: PROMETHEUS_PUSHGATEWAY, required: true, value: "pushgateway"} @@ -698,7 +682,6 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: GOMAXPROCS_ADMIN, value: '8'} - {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.2} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} diff --git a/go.mod b/go.mod index 82a9b923d..1c5f32de0 100644 --- a/go.mod +++ b/go.mod @@ -27,6 +27,7 @@ require ( github.com/swaggo/files v1.0.1 github.com/swaggo/gin-swagger v1.6.0 github.com/zsais/go-gin-prometheus v0.1.0 + go.uber.org/automaxprocs v1.5.2 golang.org/x/net v0.10.0 gorm.io/driver/postgres v1.5.2 gorm.io/gorm v1.25.1 diff --git a/go.sum b/go.sum index 5040c72af..b421b5b44 100644 --- a/go.sum +++ b/go.sum @@ -206,6 +206,7 @@ github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prashantv/gostub v1.1.0 h1:BTyx3RfQjRHnUWaGF9oQos79AlQ5k8WNktv7VGvVH4g= github.com/prometheus/client_golang v1.15.1 h1:8tXpTmJbyH5lydzFPoxSIJ0J46jdh3tylbvM1xCv0LI= github.com/prometheus/client_golang v1.15.1/go.mod h1:e9yaBhRPU2pPNsZwE+JdQl0KEt1N9XgF6zxWmaC0xOk= github.com/prometheus/client_model v0.4.0 h1:5lQXD3cAg1OXBf4Wq03gTrXHeaV0TQvGfUooCfx1yqY= @@ -272,6 +273,8 @@ github.com/zsais/go-gin-prometheus v0.1.0/go.mod h1:Slirjzuz8uM8Cw0jmPNqbneoqcUt go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE= go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= +go.uber.org/automaxprocs v1.5.2 h1:2LxUOGiR3O6tw8ui5sZa2LAaHnsviZdVOUZw4fvbnME= +go.uber.org/automaxprocs v1.5.2/go.mod h1:eRbA25aqJrxAbsLO0xy5jVwPt7FQnRgjW+efnwa1WM0= go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8= diff --git a/main.go b/main.go index 83e8400ef..1a09b6bd6 100644 --- a/main.go +++ b/main.go @@ -15,6 +15,8 @@ import ( "app/turnpike" "log" "os" + + _ "go.uber.org/automaxprocs" // automatically sets GOMAXPROCS based on the CPU limit ) // nolint: funlen From 65e4e8f73f0cecbc459cf6c0f196f0799152bf27 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Tue, 13 Jun 2023 07:53:43 +0000 Subject: [PATCH 091/268] v3.3.3 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 508879b8a..b8928fe3b 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.3.2 +v3.3.3 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 617cadd02..d243082cb 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -545,7 +545,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.3.2} +- {name: IMAGE_TAG_MANAGER, value: v3.3.3} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -569,7 +569,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.3.2} +- {name: IMAGE_TAG_LISTENER, value: v3.3.3} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -590,7 +590,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.2} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.3} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -615,7 +615,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.2} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.3} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -638,7 +638,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.3.2} +- {name: IMAGE_TAG_JOBS, value: v3.3.3} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -682,7 +682,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.2} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.3} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -713,7 +713,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.3.2} +- {name: IMAGE_TAG_ADMIN, value: v3.3.3} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 674d09299..1deec29f8 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.2" + "version": "v3.3.3" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 8b9f9856e..403eadf80 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.2" + "version": "v3.3.3" }, "servers": [ { From 927cf0ed58ca958475cd1ee70f81cf2303488281 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Wed, 14 Jun 2023 16:10:43 +0200 Subject: [PATCH 092/268] SPM-2094: lock appending/flushing buffer --- listener/upload.go | 33 +++++++++++++++++++++++---------- 1 file changed, 23 insertions(+), 10 deletions(-) diff --git a/listener/upload.go b/listener/upload.go index 8e30d4f91..51bd1e063 100644 --- a/listener/upload.go +++ b/listener/upload.go @@ -17,6 +17,7 @@ import ( "fmt" "net/http" "strings" + "sync" "time" "github.com/pkg/errors" @@ -187,9 +188,15 @@ func sendPayloadStatus(w mqueue.Writer, event mqueue.PayloadTrackerEvent, status // accumulate events and create group PlatformEvents to save some resources var evalBufferSize = 5 * mqueue.BatchSize - -var evalBuffer = make(mqueue.EvalDataSlice, 0, evalBufferSize+1) -var ptBuffer = make(mqueue.PayloadTrackerEvents, 0, evalBufferSize+1) +var eBuffer = struct { + EvalBuffer mqueue.EvalDataSlice + PtBuffer mqueue.PayloadTrackerEvents + Lock sync.Mutex +}{ + EvalBuffer: make(mqueue.EvalDataSlice, 0, evalBufferSize+1), + PtBuffer: make(mqueue.PayloadTrackerEvents, 0, evalBufferSize+1), + Lock: sync.Mutex{}, +} var flushTimer = time.AfterFunc(87600*time.Hour, func() { utils.LogInfo(FlushedTimeoutBuffer) flushEvalEvents() @@ -199,16 +206,20 @@ var flushTimer = time.AfterFunc(87600*time.Hour, func() { func bufferEvalEvents(inventoryID string, rhAccountID int, ptEvent *mqueue.PayloadTrackerEvent) { tStart := time.Now() defer utils.ObserveSecondsSince(tStart, messagePartDuration.WithLabelValues("buffer-eval-events")) + + eBuffer.Lock.Lock() evalData := mqueue.EvalData{ InventoryID: inventoryID, RhAccountID: rhAccountID, OrgID: ptEvent.OrgID, RequestID: *ptEvent.RequestID, } - evalBuffer = append(evalBuffer, evalData) - ptBuffer = append(ptBuffer, *ptEvent) + eBuffer.EvalBuffer = append(eBuffer.EvalBuffer, evalData) + eBuffer.PtBuffer = append(eBuffer.PtBuffer, *ptEvent) + eBuffer.Lock.Unlock() + flushTimer.Reset(uploadEvalTimeout) - if len(evalBuffer) >= evalBufferSize { + if len(eBuffer.EvalBuffer) >= evalBufferSize { utils.LogInfo(FlushedFullBuffer) flushEvalEvents() } @@ -216,19 +227,21 @@ func bufferEvalEvents(inventoryID string, rhAccountID int, ptEvent *mqueue.Paylo func flushEvalEvents() { tStart := time.Now() - err := mqueue.SendMessages(base.Context, evalWriter, evalBuffer) + eBuffer.Lock.Lock() + defer eBuffer.Lock.Unlock() + err := mqueue.SendMessages(base.Context, evalWriter, eBuffer.EvalBuffer) if err != nil { utils.LogError("err", err.Error(), ErrorKafkaSend) } utils.ObserveSecondsSince(tStart, messagePartDuration.WithLabelValues("buffer-sent-evaluator")) - err = mqueue.SendMessages(base.Context, ptWriter, ptBuffer) + err = mqueue.SendMessages(base.Context, ptWriter, eBuffer.PtBuffer) if err != nil { utils.LogWarn("err", err.Error(), WarnPayloadTracker) } utils.ObserveSecondsSince(tStart, messagePartDuration.WithLabelValues("buffer-sent-payload-tracker")) // empty buffer - evalBuffer = evalBuffer[:0] - ptBuffer = ptBuffer[:0] + eBuffer.EvalBuffer = eBuffer.EvalBuffer[:0] + eBuffer.PtBuffer = eBuffer.PtBuffer[:0] } func updateReporterCounter(reporter string) { From d3dc0a4a2721d3563a23332d43de54e1af13c585 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Wed, 14 Jun 2023 14:45:20 +0000 Subject: [PATCH 093/268] v3.3.4 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index b8928fe3b..6c5954721 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.3.3 +v3.3.4 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index d243082cb..746b5a46b 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -545,7 +545,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.3.3} +- {name: IMAGE_TAG_MANAGER, value: v3.3.4} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -569,7 +569,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.3.3} +- {name: IMAGE_TAG_LISTENER, value: v3.3.4} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -590,7 +590,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.3} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.4} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -615,7 +615,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.3} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.4} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -638,7 +638,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.3.3} +- {name: IMAGE_TAG_JOBS, value: v3.3.4} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -682,7 +682,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.3} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.4} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -713,7 +713,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.3.3} +- {name: IMAGE_TAG_ADMIN, value: v3.3.4} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 1deec29f8..7610110ce 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.3" + "version": "v3.3.4" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 403eadf80..19daaac2b 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.3" + "version": "v3.3.4" }, "servers": [ { From 65aa26660cea0e58192788f48ca5f230058855eb Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Mon, 19 Jun 2023 11:55:17 +0200 Subject: [PATCH 094/268] skip rhsm-conduit hosts --- deploy/clowdapp.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 746b5a46b..64664c7b9 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -574,7 +574,7 @@ parameters: - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} - {name: ENABLE_BYPASS_LISTENER, value: 'false'} # Enable only bypass (fake) messages processing -- {name: EXCLUDED_REPORTERS, value: 'yupana'} # Comma-separated list of reporters to exclude from processing +- {name: EXCLUDED_REPORTERS, value: 'yupana,rhsm-conduit'} # Comma-separated list of reporters to exclude from processing - {name: EXCLUDED_HOST_TYPES, value: 'edge'} # Comma-separated list of host types to exclude from processing - {name: RES_LIMIT_CPU_LISTENER, value: 250m} - {name: RES_LIMIT_MEM_LISTENER, value: 192Mi} From 4e0008031bb5ba7a2f577e3bd7b184ed46f072e4 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Mon, 19 Jun 2023 09:57:47 +0000 Subject: [PATCH 095/268] v3.3.5 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 6c5954721..421617be8 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.3.4 +v3.3.5 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 64664c7b9..a38208418 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -545,7 +545,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.3.4} +- {name: IMAGE_TAG_MANAGER, value: v3.3.5} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -569,7 +569,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.3.4} +- {name: IMAGE_TAG_LISTENER, value: v3.3.5} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -590,7 +590,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.4} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.5} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -615,7 +615,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.4} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.5} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -638,7 +638,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.3.4} +- {name: IMAGE_TAG_JOBS, value: v3.3.5} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -682,7 +682,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.4} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.5} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -713,7 +713,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.3.4} +- {name: IMAGE_TAG_ADMIN, value: v3.3.5} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 7610110ce..368faf106 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.4" + "version": "v3.3.5" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 19daaac2b..52238e918 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.4" + "version": "v3.3.5" }, "servers": [ { From 733d71681c76aa9011b8e828e7b4199af269d03b Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 19 Jun 2023 16:40:31 +0200 Subject: [PATCH 096/268] parse query parameters in pprof --- turnpike/controllers/admin.go | 38 +++++++++++++---------------------- 1 file changed, 14 insertions(+), 24 deletions(-) diff --git a/turnpike/controllers/admin.go b/turnpike/controllers/admin.go index e6788104d..599bc1461 100644 --- a/turnpike/controllers/admin.go +++ b/turnpike/controllers/admin.go @@ -208,13 +208,7 @@ func TerminateSessionHandler(c *gin.Context) { // @Failure 500 {object} map[string]interface{} // @Router /pprof/evaluator_upload/{param} [get] func GetEvaluatorUploadPprof(c *gin.Context) { - param := c.Param("param") - data, err := getPprof(utils.Cfg.EvaluatorUploadPrivateAddress, param) - if err != nil { - c.JSON(http.StatusInternalServerError, gin.H{"err": err.Error()}) - return - } - c.Data(http.StatusOK, "application/octet-stream", data) + pprofHandler(c, utils.Cfg.EvaluatorUploadPrivateAddress) } // @Summary Get profile info @@ -227,13 +221,7 @@ func GetEvaluatorUploadPprof(c *gin.Context) { // @Failure 500 {object} map[string]interface{} // @Router /pprof/evaluator_recalc/{param} [get] func GetEvaluatorRecalcPprof(c *gin.Context) { - param := c.Param("param") - data, err := getPprof(utils.Cfg.EvaluatorRecalcPrivateAddress, param) - if err != nil { - c.JSON(http.StatusInternalServerError, gin.H{"err": err.Error()}) - return - } - c.Data(http.StatusOK, "application/octet-stream", data) + pprofHandler(c, utils.Cfg.EvaluatorRecalcPrivateAddress) } // @Summary Get profile info @@ -246,13 +234,7 @@ func GetEvaluatorRecalcPprof(c *gin.Context) { // @Failure 500 {object} map[string]interface{} // @Router /pprof/listener/{param} [get] func GetListenerPprof(c *gin.Context) { - param := c.Param("param") - data, err := getPprof(utils.Cfg.ListenerPrivateAddress, param) - if err != nil { - c.JSON(http.StatusInternalServerError, gin.H{"err": err.Error()}) - return - } - c.Data(http.StatusOK, "application/octet-stream", data) + pprofHandler(c, utils.Cfg.ListenerPrivateAddress) } // @Summary Get profile info @@ -265,20 +247,28 @@ func GetListenerPprof(c *gin.Context) { // @Failure 500 {object} map[string]interface{} // @Router /pprof/manager/{param} [get] func GetManagerPprof(c *gin.Context) { + pprofHandler(c, utils.Cfg.ManagerPrivateAddress) +} + +func pprofHandler(c *gin.Context, address string) { + query := c.Request.URL.RawQuery param := c.Param("param") - data, err := getPprof(utils.Cfg.ManagerPrivateAddress, param) + data, err := getPprof(address, param, query) if err != nil { c.JSON(http.StatusInternalServerError, gin.H{"err": err.Error()}) return } + c.Header("Content-Disposition", fmt.Sprintf("attachment; filename=%s", param)) c.Data(http.StatusOK, "application/octet-stream", data) } -func getPprof(address, param string) ([]byte, error) { +func getPprof(address, param, query string) ([]byte, error) { client := &http.Client{ Timeout: time.Second * 60, } - + if len(query) > 0 { + param = param + "?" + query + } urlPath := fmt.Sprintf("%s/debug/pprof/%s", address, param) req, err := http.NewRequest(http.MethodGet, urlPath, nil) if err != nil { From be43b1332a57794a3cd7d673585eb3c407d7a66c Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Tue, 20 Jun 2023 08:26:33 +0000 Subject: [PATCH 097/268] v3.3.6 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 421617be8..96a1b830f 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.3.5 +v3.3.6 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index a38208418..874a4318b 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -545,7 +545,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.3.5} +- {name: IMAGE_TAG_MANAGER, value: v3.3.6} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -569,7 +569,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.3.5} +- {name: IMAGE_TAG_LISTENER, value: v3.3.6} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -590,7 +590,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.5} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.6} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -615,7 +615,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.5} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.6} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -638,7 +638,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.3.5} +- {name: IMAGE_TAG_JOBS, value: v3.3.6} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -682,7 +682,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.5} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.6} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -713,7 +713,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.3.5} +- {name: IMAGE_TAG_ADMIN, value: v3.3.6} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 368faf106..75166e398 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.5" + "version": "v3.3.6" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 52238e918..2e5af15ba 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.5" + "version": "v3.3.6" }, "servers": [ { From 40b48b2e42a95798da47cfb6c0de9c1125d2eb49 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Tue, 20 Jun 2023 10:59:54 +0200 Subject: [PATCH 098/268] remove extra on conflict clause --- evaluator/evaluate_packages.go | 2 -- 1 file changed, 2 deletions(-) diff --git a/evaluator/evaluate_packages.go b/evaluator/evaluate_packages.go index 2382192d3..05e946d0f 100644 --- a/evaluator/evaluate_packages.go +++ b/evaluator/evaluate_packages.go @@ -308,8 +308,6 @@ func updateSystemPackages(tx *gorm.DB, system *models.SystemPlatform, toStore = append(toStore, *systemPackagePtr) } } - tx = database.OnConflictUpdateMulti(tx, []string{"rh_account_id", "system_id", "package_id"}, "update_data") - // return installed, updatable, errors.Wrap(database.BulkInsert(tx, toStore), "Storing system packages") return installed, updatable, errors.Wrap( database.UnnestInsert(tx, "INSERT INTO system_package (rh_account_id, system_id, package_id, update_data, name_id)"+ From a31b994117ec04aaf5fe641f7caa83f553b93b87 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Tue, 20 Jun 2023 11:29:42 +0200 Subject: [PATCH 099/268] fix gorm model tags make sure correct composite primary keys are used --- base/database/dbtest.go | 2 +- base/models/models.go | 56 ++++++++++++++++++++--------------------- 2 files changed, 29 insertions(+), 29 deletions(-) diff --git a/base/database/dbtest.go b/base/database/dbtest.go index 21c6d85df..fd97d1cc6 100644 --- a/base/database/dbtest.go +++ b/base/database/dbtest.go @@ -1,7 +1,7 @@ package database type TestTable struct { - ID uint `gorm:"primary_key"` + ID uint `gorm:"primaryKey"` Name string `gorm:"unique"` Email string } diff --git a/base/models/models.go b/base/models/models.go index cb3cae732..309a59274 100644 --- a/base/models/models.go +++ b/base/models/models.go @@ -5,7 +5,7 @@ import ( ) type RhAccount struct { - ID int + ID int `gorm:"primaryKey"` Name *string OrgID *string ValidPackageCache bool @@ -16,7 +16,7 @@ func (RhAccount) TableName() string { } type Reporter struct { - ID int + ID int `gorm:"primaryKey"` Name string } @@ -25,8 +25,8 @@ func (Reporter) TableName() string { } type Baseline struct { - ID int64 - RhAccountID int + ID int64 `gorm:"primaryKey"` + RhAccountID int `gorm:"primaryKey"` Name string Config []byte Description *string @@ -41,9 +41,9 @@ func (Baseline) TableName() string { // nolint: maligned type SystemPlatform struct { - ID int64 `gorm:"primary_key"` - InventoryID string `sql:"unique" gorm:"unique"` - RhAccountID int + ID int64 `gorm:"primaryKey"` + InventoryID string `gorm:"unique"` + RhAccountID int `gorm:"primaryKey"` VmaasJSON *string JSONChecksum *string LastUpdated *time.Time `gorm:"default:null"` @@ -80,12 +80,12 @@ func (s *SystemPlatform) GetInventoryID() string { } type String struct { - ID []byte `gorm:"primary_key"` + ID []byte `gorm:"primaryKey"` Value string } type PackageName struct { - ID int64 `json:"id" gorm:"primary_key"` + ID int64 `json:"id" gorm:"primaryKey"` Name string Summary *string } @@ -95,7 +95,7 @@ func (PackageName) TableName() string { } type Package struct { - ID int64 `json:"id" gorm:"primary_key"` + ID int64 `json:"id" gorm:"primaryKey"` NameID int64 EVRA string DescriptionHash *[]byte @@ -111,12 +111,12 @@ func (Package) TableName() string { type PackageSlice []Package type SystemPackage struct { - RhAccountID int `gorm:"primary_key"` - SystemID int64 `gorm:"primary_key"` - PackageID int64 `gorm:"primary_key"` + RhAccountID int `gorm:"primaryKey"` + SystemID int64 `gorm:"primaryKey"` + PackageID int64 `gorm:"primaryKey"` // Will contain json in form of [{ "evra": "...", "advisory": "..."}] UpdateData []byte - NameID int64 `gorm:"primary_key"` + NameID int64 } func (SystemPackage) TableName() string { @@ -148,7 +148,7 @@ func (AdvisorySeverity) TableName() string { } type AdvisoryType struct { - ID int + ID int `gorm:"primaryKey"` Name string Preference int } @@ -160,7 +160,7 @@ func (AdvisoryType) TableName() string { type AdvisoryPackageData []string type AdvisoryMetadata struct { - ID int64 + ID int64 `gorm:"primaryKey"` Name string Description string Synopsis string @@ -185,9 +185,9 @@ func (AdvisoryMetadata) TableName() string { type AdvisoryMetadataSlice []AdvisoryMetadata type SystemAdvisories struct { - RhAccountID int `gorm:"primary_key"` - SystemID int64 `gorm:"primary_key"` - AdvisoryID int64 `gorm:"primary_key"` + RhAccountID int `gorm:"primaryKey"` + SystemID int64 `gorm:"primaryKey"` + AdvisoryID int64 `gorm:"primaryKey"` Advisory AdvisoryMetadata FirstReported *time.Time StatusID int @@ -200,8 +200,8 @@ func (SystemAdvisories) TableName() string { type SystemAdvisoriesSlice []SystemAdvisories type AdvisoryAccountData struct { - AdvisoryID int64 - RhAccountID int + AdvisoryID int64 `gorm:"primaryKey"` + RhAccountID int `gorm:"primaryKey"` SystemsApplicable int SystemsInstallable int Notified *time.Time @@ -213,7 +213,7 @@ func (AdvisoryAccountData) TableName() string { type AdvisoryAccountDataSlice []AdvisoryAccountData type Repo struct { - ID int64 + ID int64 `gorm:"primaryKey"` Name string ThirdParty bool } @@ -225,9 +225,9 @@ func (Repo) TableName() string { type RepoSlice []Repo type SystemRepo struct { - RhAccountID int64 - SystemID int64 - RepoID int64 + RhAccountID int64 `gorm:"primaryKey"` + SystemID int64 `gorm:"primaryKey"` + RepoID int64 `gorm:"primaryKey"` } func (SystemRepo) TableName() string { @@ -237,7 +237,7 @@ func (SystemRepo) TableName() string { type SystemRepoSlice []SystemRepo type TimestampKV struct { - Name string + Name string `gorm:"unique"` Value time.Time } @@ -246,8 +246,8 @@ func (TimestampKV) TableName() string { } type PackageAccountData struct { - AccID int `gorm:"column:rh_account_id"` - PkgNameID int64 `gorm:"column:package_name_id"` + AccID int `gorm:"column:rh_account_id;primaryKey"` + PkgNameID int64 `gorm:"column:package_name_id;primaryKey"` SysInstalled int `gorm:"column:systems_installed"` SysInstallable int `gorm:"column:systems_installable"` SysApplicable int `gorm:"column:systems_applicable"` From fc9170e36cc10910f72f721a56604c1cd970c9a6 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Tue, 20 Jun 2023 10:50:19 +0000 Subject: [PATCH 100/268] v3.3.7 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 96a1b830f..b3386348e 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.3.6 +v3.3.7 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 874a4318b..6d28748b9 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -545,7 +545,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.3.6} +- {name: IMAGE_TAG_MANAGER, value: v3.3.7} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -569,7 +569,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.3.6} +- {name: IMAGE_TAG_LISTENER, value: v3.3.7} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -590,7 +590,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.6} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.7} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -615,7 +615,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.6} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.7} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -638,7 +638,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.3.6} +- {name: IMAGE_TAG_JOBS, value: v3.3.7} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -682,7 +682,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.6} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.7} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -713,7 +713,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.3.6} +- {name: IMAGE_TAG_ADMIN, value: v3.3.7} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 75166e398..55a93f57d 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.6" + "version": "v3.3.7" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 2e5af15ba..c17d1a3a6 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.6" + "version": "v3.3.7" }, "servers": [ { From f16cd970a3dfcb62b0791587dda8822273d5e24e Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Thu, 22 Jun 2023 10:31:26 +0200 Subject: [PATCH 101/268] SPM-2121: update inventory.hosts to the latest version --- dev/create_inventory_hosts.sql | 60 +++++++++++++++++++--------------- dev/test_data.sql | 53 ++++++++++++++++++++---------- 2 files changed, 68 insertions(+), 45 deletions(-) diff --git a/dev/create_inventory_hosts.sql b/dev/create_inventory_hosts.sql index c9f5ccdc1..63d9e1c62 100644 --- a/dev/create_inventory_hosts.sql +++ b/dev/create_inventory_hosts.sql @@ -14,38 +14,44 @@ $$ $$; CREATE TABLE IF NOT EXISTS inventory.hosts_v1_0 ( - id uuid NOT NULL, - insights_id uuid, - account character varying(10) NOT NULL, - display_name character varying(200) NOT NULL, - tags jsonb NOT NULL, - updated timestamp with time zone NOT NULL, - created timestamp with time zone NOT NULL, - stale_timestamp timestamp with time zone NOT NULL, - system_profile jsonb NOT NULL, - PRIMARY KEY (id) + id uuid PRIMARY KEY, + account character varying(10), + display_name character varying(200) NOT NULL, + tags jsonb NOT NULL, + updated timestamp with time zone NOT NULL, + created timestamp with time zone NOT NULL, + stale_timestamp timestamp with time zone NOT NULL, + system_profile jsonb NOT NULL, + insights_id uuid, + reporter character varying(255) NOT NULL, + per_reporter_staleness jsonb NOT NULL, + org_id character varying(36), + groups jsonb ); DELETE FROM inventory.hosts_v1_0; -CREATE INDEX IF NOT EXISTS hosts_v1_0_account_index ON inventory.hosts_v1_0 USING btree (account); -CREATE INDEX IF NOT EXISTS hosts_v1_0_display_name_index ON inventory.hosts_v1_0 USING btree (display_name); +CREATE INDEX IF NOT EXISTS hosts_v1_0_tags_index ON inventory.hosts_v1_0 USING GIN (tags JSONB_PATH_OPS); +CREATE INDEX IF NOT EXISTS hosts_v1_0_insights_reporter_index ON inventory.hosts_v1_0 (reporter); CREATE INDEX IF NOT EXISTS hosts_v1_0_stale_timestamp_index ON inventory.hosts_v1_0 USING btree (stale_timestamp); -CREATE INDEX IF NOT EXISTS hosts_v1_0_system_profile_index ON inventory.hosts_v1_0 USING gin (system_profile jsonb_path_ops); -CREATE INDEX IF NOT EXISTS hosts_v1_0_tags_index ON inventory.hosts_v1_0 USING gin (tags jsonb_path_ops); +CREATE INDEX IF NOT EXISTS hosts_v1_0_groups_index ON inventory.hosts_v1_0 USING GIN (groups JSONB_PATH_OPS); -CREATE OR REPLACE VIEW inventory.hosts AS - SELECT hosts_v1_0.id, - hosts_v1_0.insights_id, - hosts_v1_0.account, - hosts_v1_0.display_name, - hosts_v1_0.created, - hosts_v1_0.updated, - hosts_v1_0.stale_timestamp, - (hosts_v1_0.stale_timestamp + ('1 day'::interval day * '7'::double precision)) AS stale_warning_timestamp, - (hosts_v1_0.stale_timestamp + ('1 day'::interval day * '14'::double precision)) AS culled_timestamp, - hosts_v1_0.tags, - hosts_v1_0.system_profile - FROM inventory.hosts_v1_0; +CREATE OR REPLACE VIEW inventory.hosts AS SELECT + id, + account, + display_name, + created, + updated, + stale_timestamp, + stale_timestamp + INTERVAL '1' DAY * '7'::double precision AS stale_warning_timestamp, + stale_timestamp + INTERVAL '1' DAY * '14'::double precision AS culled_timestamp, + tags, + system_profile, + insights_id, + reporter, + per_reporter_staleness, + org_id, + groups +FROM inventory.hosts_v1_0; GRANT SELECT ON TABLE inventory.hosts TO cyndi_reader; diff --git a/dev/test_data.sql b/dev/test_data.sql index 571112f4d..3b4ec085e 100644 --- a/dev/test_data.sql +++ b/dev/test_data.sql @@ -160,42 +160,59 @@ INSERT INTO system_package (rh_account_id, system_id, package_id, name_id, updat INSERT INTO timestamp_kv (name, value) VALUES ('last_eval_repo_based', '2018-04-05T01:23:45+02:00'); -INSERT INTO inventory.hosts_v1_0 (id, insights_id, account, display_name, tags, updated, created, stale_timestamp, system_profile) VALUES +INSERT INTO inventory.hosts_v1_0 (id, insights_id, account, display_name, tags, updated, created, stale_timestamp, system_profile, reporter, per_reporter_staleness) VALUES ('00000000000000000000000000000001', '00000000-0000-0000-0001-000000000001', '1', '00000000-0000-0000-0000-000000000001', '[{"key": "k1", "value": "val1", "namespace": "ns1"},{"key": "k2", "value": "val2", "namespace": "ns1"}]', -'2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "sap_sids": ["ABC", "DEF", "GHI"], "operating_system": {"name": "RHEL", "major": 8, "minor": 10}, "rhsm": {"version": "8.10"}}'), +'2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "sap_sids": ["ABC", "DEF", "GHI"], "operating_system": {"name": "RHEL", "major": 8, "minor": 10}, "rhsm": {"version": "8.10"}}', + 'puptoo', '{}'), ('00000000000000000000000000000002', '00000000-0000-0000-0002-000000000001', '1', '00000000-0000-0000-0000-000000000002', '[{"key": "k1", "value": "val1", "namespace": "ns1"},{"key": "k2", "value": "val2", "namespace": "ns1"},{"key": "k3", "value": "val3", "namespace": "ns1"}]', - '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "sap_sids": ["ABC"], "operating_system": {"name": "RHEL", "major": 8, "minor": 1}, "rhsm": {"version": "8.1"}}'), + '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "sap_sids": ["ABC"], "operating_system": {"name": "RHEL", "major": 8, "minor": 1}, "rhsm": {"version": "8.1"}}', + 'puptoo', '{}'), ('00000000000000000000000000000003', '00000000-0000-0000-0003-000000000001', '1', '00000000-0000-0000-0000-000000000003', '[{"key": "k1", "value": "val1", "namespace": "ns1"}, {"key": "k3", "value": "val4", "namespace": "ns1"}]', - '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 1}, "rhsm": {"version": "8.0"}}'), + '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 1}, "rhsm": {"version": "8.0"}}', + 'puptoo', '{}'), ('00000000000000000000000000000004', '00000000-0000-0000-0004-000000000001', '1', '00000000-0000-0000-0000-000000000004', '[{"key": "k3", "value": "val4", "namespace": "ns1"}]', - '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 2}, "rhsm": {"version": "8.3"}}'), + '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 2}, "rhsm": {"version": "8.3"}}', + 'puptoo', '{}'), ('00000000000000000000000000000005', '00000000-0000-0000-0005-000000000001', '1', '00000000-0000-0000-0000-000000000005', '[{"key": "k1", "value": "val1", "namespace": "ns1"}]', - '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 3}, "rhsm": {"version": "8.3"}}'), + '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 3}, "rhsm": {"version": "8.3"}}', + 'puptoo', '{}'), ('00000000000000000000000000000006', '00000000-0000-0000-0006-000000000001', '1', '00000000-0000-0000-0000-000000000006', '[{"key": "k1", "value": "val1", "namespace": "ns1"}]', - '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 7, "minor": 3}, "rhsm": {"version": "7.3"}, "mssql": { "version": "15.3.0"}}'), + '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 7, "minor": 3}, "rhsm": {"version": "7.3"}, "mssql": { "version": "15.3.0"}}', + 'puptoo', '{}'), ('00000000000000000000000000000007', '00000000-0000-0000-0007-000000000001', '1', '00000000-0000-0000-0000-000000000007','[{"key": "k1", "value": "val1", "namespace": "ns1"}]', - '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": "x"}, "rhsm": {"version": "8.x"}, "ansible": {"controller_version": "1.0"}}'), + '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": "x"}, "rhsm": {"version": "8.x"}, "ansible": {"controller_version": "1.0"}}', + 'puptoo', '{}'), ('00000000000000000000000000000008', '00000000-0000-0000-0008-000000000001', '1', '00000000-0000-0000-0000-000000000008', '[{"key": "k1", "value": "val1", "namespace": "ns1"}]', - '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 3}, "rhsm": {"version": "8.3"}}'), + '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 3}, "rhsm": {"version": "8.3"}}', + 'puptoo', '{}'), ('00000000000000000000000000000009', '00000000-0000-0000-0009-000000000001', '2', '00000000-0000-0000-0000-000000000009', '[{"key": "k1", "value": "val1", "namespace": "ns1"}]', - '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 1}, "rhsm": {"version": "8.1"}}'), + '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 1}, "rhsm": {"version": "8.1"}}', + 'puptoo', '{}'), ('00000000000000000000000000000010', '00000000-0000-0000-0010-000000000001', '2', '00000000-0000-0000-0000-000000000010', '[{"key": "k1", "value": "val1", "namespace": "ns1"}]', - '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 2}, "rhsm": {"version": "8.2"}}'), + '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 2}, "rhsm": {"version": "8.2"}}', + 'puptoo', '{}'), ('00000000000000000000000000000011', '00000000-0000-0000-0011-000000000001', '2', '00000000-0000-0000-0000-000000000011', '[{"key": "k1", "value": "val1", "namespace": "ns1"}]', - '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 3}, "rhsm": {"version": "8.3"}}'), + '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 3}, "rhsm": {"version": "8.3"}}', + 'puptoo', '{}'), ('00000000000000000000000000000012', '00000000-0000-0000-0012-000000000001', '3', '00000000-0000-0000-0000-000000000012', '[{"key": "k1", "value": "val1", "namespace": "ns1"}]', - '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 1}, "rhsm": {"version": "8.1"}}'), + '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 1}, "rhsm": {"version": "8.1"}}', + 'puptoo', '{}'), ('00000000000000000000000000000013', '00000000-0000-0000-0013-000000000001', '3', '00000000-0000-0000-0000-000000000013', '[{"key": "k1", "value": "val1", "namespace": "ns1"}]', - '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 2}, "rhsm": {"version": "8.2"}}'), + '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 2}, "rhsm": {"version": "8.2"}}', + 'puptoo', '{}'), ('00000000000000000000000000000014', '00000000-0000-0000-0014-000000000001', '3', '00000000-0000-0000-0000-000000000014', '[{"key": "k1", "value": "val1", "namespace": "ns1"}]', - '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 3}}'), + '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 3}}', + 'puptoo', '{}'), ('00000000000000000000000000000015', '00000000-0000-0000-0015-000000000001', '3', '00000000-0000-0000-0000-000000000015', '[{"key": "k3", "value": "val4", "namespace": "ns1"}]', - '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": false, "operating_system": {"name": "RHEL", "major": 8, "minor": 1}, "rhsm": {"version": "8.1"}}'), + '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": false, "operating_system": {"name": "RHEL", "major": 8, "minor": 1}, "rhsm": {"version": "8.1"}}', + 'puptoo', '{}'), ('00000000000000000000000000000016', '00000000-0000-0000-0016-000000000001', '3', '00000000-0000-0000-0000-000000000016', '[]', - '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": false, "operating_system": {"name": "RHEL", "major": 8, "minor": 2}, "rhsm": {"version": "8.2"}}'), + '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": false, "operating_system": {"name": "RHEL", "major": 8, "minor": 2}, "rhsm": {"version": "8.2"}}', + 'puptoo', '{}'), ('00000000000000000000000000000017', '00000000-0000-0000-0017-000000000001', '3', '00000000-0000-0000-0000-000000000017', '[]', '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', - '{"rhsm": {"version": "8.1"}, "operating_system": {"name": "RHEL", "major": 8, "minor": 1}, "ansible": {"controller_version": "1.0", "hub_version": "3.4.1", "catalog_worker_version": "100.387.9846.12", "sso_version": "1.28.3.52641.10000513168495123"}, "mssql": { "version": "15.3.0"}}'); + '{"rhsm": {"version": "8.1"}, "operating_system": {"name": "RHEL", "major": 8, "minor": 1}, "ansible": {"controller_version": "1.0", "hub_version": "3.4.1", "catalog_worker_version": "100.387.9846.12", "sso_version": "1.28.3.52641.10000513168495123"}, "mssql": { "version": "15.3.0"}}', + 'puptoo', '{}'); SELECT refresh_all_cached_counts(); From 534b9e3e2930414ce51f6fe299df49bf315e8262 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Mon, 26 Jun 2023 09:59:06 +0000 Subject: [PATCH 102/268] v3.3.8 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index b3386348e..fe960d58a 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.3.7 +v3.3.8 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 6d28748b9..b7b7bd8d2 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -545,7 +545,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.3.7} +- {name: IMAGE_TAG_MANAGER, value: v3.3.8} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -569,7 +569,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.3.7} +- {name: IMAGE_TAG_LISTENER, value: v3.3.8} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -590,7 +590,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.7} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.8} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -615,7 +615,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.7} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.8} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -638,7 +638,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.3.7} +- {name: IMAGE_TAG_JOBS, value: v3.3.8} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -682,7 +682,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.7} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.8} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -713,7 +713,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.3.7} +- {name: IMAGE_TAG_ADMIN, value: v3.3.8} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 55a93f57d..2c8a97641 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.7" + "version": "v3.3.8" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index c17d1a3a6..d84c8126e 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.7" + "version": "v3.3.8" }, "servers": [ { From 53f7ad65f6e55f15e7b15f777867c26f8bf33d95 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Mon, 12 Jun 2023 14:23:20 +0200 Subject: [PATCH 103/268] SPM-2093: mark functions as immutable --- .../migrations/111_immutable.down.sql | 26 +++++++++++++++++++ .../migrations/111_immutable.up.sql | 26 +++++++++++++++++++ database_admin/schema/create_schema.sql | 8 +++--- 3 files changed, 56 insertions(+), 4 deletions(-) create mode 100644 database_admin/migrations/111_immutable.down.sql create mode 100644 database_admin/migrations/111_immutable.up.sql diff --git a/database_admin/migrations/111_immutable.down.sql b/database_admin/migrations/111_immutable.down.sql new file mode 100644 index 000000000..cc8b44609 --- /dev/null +++ b/database_admin/migrations/111_immutable.down.sql @@ -0,0 +1,26 @@ +CREATE OR REPLACE FUNCTION empty(t TEXT) + RETURNS BOOLEAN as +$empty$ +BEGIN + RETURN t ~ '^[[:space:]]*$'; +END; +$empty$ LANGUAGE 'plpgsql'; + + +CREATE OR REPLACE FUNCTION update_status(update_data jsonb) + RETURNS TEXT as +$$ +DECLARE + len int; +BEGIN + len = jsonb_array_length(update_data); + IF len IS NULL or len = 0 THEN + RETURN 'None'; + END IF; + len = jsonb_array_length(jsonb_path_query_array(update_data, '$ ? (@.status == "Installable")')); + IF len > 0 THEN + RETURN 'Installable'; + END IF; + RETURN 'Applicable'; +END; +$$ LANGUAGE 'plpgsql'; diff --git a/database_admin/migrations/111_immutable.up.sql b/database_admin/migrations/111_immutable.up.sql new file mode 100644 index 000000000..4526f8a24 --- /dev/null +++ b/database_admin/migrations/111_immutable.up.sql @@ -0,0 +1,26 @@ +CREATE OR REPLACE FUNCTION empty(t TEXT) + RETURNS BOOLEAN as +$$ +BEGIN + RETURN t ~ '^[[:space:]]*$'; +END; +$$ LANGUAGE plpgsql IMMUTABLE PARALLEL SAFE; + + +CREATE OR REPLACE FUNCTION update_status(update_data jsonb) + RETURNS TEXT as +$$ +DECLARE + len int; +BEGIN + len = jsonb_array_length(update_data); + IF len IS NULL or len = 0 THEN + RETURN 'None'; + END IF; + len = jsonb_array_length(jsonb_path_query_array(update_data, '$ ? (@.status == "Installable")')); + IF len > 0 THEN + RETURN 'Installable'; + END IF; + RETURN 'Applicable'; +END; +$$ LANGUAGE plpgsql IMMUTABLE PARALLEL SAFE; diff --git a/database_admin/schema/create_schema.sql b/database_admin/schema/create_schema.sql index 1e5eb8c47..75b602dcb 100644 --- a/database_admin/schema/create_schema.sql +++ b/database_admin/schema/create_schema.sql @@ -7,7 +7,7 @@ CREATE TABLE IF NOT EXISTS schema_migrations INSERT INTO schema_migrations -VALUES (110, false); +VALUES (111, false); -- --------------------------------------------------------------------------- -- Functions @@ -20,11 +20,11 @@ CREATE COLLATION IF NOT EXISTS numeric (provider = icu, locale = 'en-u-kn-true') -- empty CREATE OR REPLACE FUNCTION empty(t TEXT) RETURNS BOOLEAN as -$empty$ +$$ BEGIN RETURN t ~ '^[[:space:]]*$'; END; -$empty$ LANGUAGE 'plpgsql'; +$$ LANGUAGE plpgsql IMMUTABLE PARALLEL SAFE; CREATE OR REPLACE FUNCTION ternary(cond BOOL, iftrue ANYELEMENT, iffalse ANYELEMENT) RETURNS ANYELEMENT @@ -616,7 +616,7 @@ BEGIN END IF; RETURN 'Applicable'; END; -$$ LANGUAGE 'plpgsql'; +$$ LANGUAGE plpgsql IMMUTABLE PARALLEL SAFE; -- --------------------------------------------------------------------------- From fc9a94d089aec17bfe4b75c33dfb98d07f4ae1f4 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Mon, 26 Jun 2023 12:29:00 +0000 Subject: [PATCH 104/268] v3.3.9 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index fe960d58a..365a63c18 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.3.8 +v3.3.9 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index b7b7bd8d2..b77e34ddd 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -545,7 +545,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.3.8} +- {name: IMAGE_TAG_MANAGER, value: v3.3.9} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -569,7 +569,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.3.8} +- {name: IMAGE_TAG_LISTENER, value: v3.3.9} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -590,7 +590,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.8} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.9} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -615,7 +615,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.8} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.9} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -638,7 +638,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.3.8} +- {name: IMAGE_TAG_JOBS, value: v3.3.9} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -682,7 +682,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.8} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.9} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -713,7 +713,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.3.8} +- {name: IMAGE_TAG_ADMIN, value: v3.3.9} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 2c8a97641..55cd751bb 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.8" + "version": "v3.3.9" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index d84c8126e..a97a404c6 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.8" + "version": "v3.3.9" }, "servers": [ { From cb17e08c64212b67ac840618b2130b9e4a1cab32 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 26 Jun 2023 14:44:38 +0200 Subject: [PATCH 105/268] SPM-2124: fix extended protocol limited to 65535 --- tasks/caches/refresh_packages_caches.go | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/tasks/caches/refresh_packages_caches.go b/tasks/caches/refresh_packages_caches.go index 102a7a350..fa9bc4f39 100644 --- a/tasks/caches/refresh_packages_caches.go +++ b/tasks/caches/refresh_packages_caches.go @@ -95,10 +95,14 @@ func getCounts(pkgSysCounts *[]models.PackageAccountData, accID *int) error { func updatePackageAccountData(pkgSysCounts []models.PackageAccountData) error { err := tasks.WithTx(func(tx *gorm.DB) error { - tx = database.OnConflictUpdateMulti( - tx, []string{"package_name_id", "rh_account_id"}, "systems_installable", "systems_applicable", "systems_installed", - ) - return database.BulkInsert(tx, pkgSysCounts) + return database.UnnestInsert(tx, + "INSERT INTO package_account_data"+ + " (rh_account_id, package_name_id, systems_installed, systems_installable, systems_applicable)"+ + " (SELECT * FROM unnest($1::int[], $2::bigint[], $3::int[], $4::int[], $5::int[]))"+ + " ON CONFLICT (rh_account_id, package_name_id) DO UPDATE SET"+ + " systems_installable = EXCLUDED.systems_installable,"+ + " systems_applicable = EXCLUDED.systems_applicable,"+ + " systems_installed = EXCLUDED.systems_installed", pkgSysCounts) }) return errors.Wrap(err, "failed to insert to package_account_data") } From 16f6f22d88ceadcd0073738de95496775ab79206 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 26 Jun 2023 16:22:33 +0200 Subject: [PATCH 106/268] SPM-2129: use read replica for selects in package refresh job --- tasks/caches/refresh_packages_caches.go | 4 ++-- tasks/common.go | 24 +++++++++++++++++++++--- 2 files changed, 23 insertions(+), 5 deletions(-) diff --git a/tasks/caches/refresh_packages_caches.go b/tasks/caches/refresh_packages_caches.go index fa9bc4f39..317d72c5e 100644 --- a/tasks/caches/refresh_packages_caches.go +++ b/tasks/caches/refresh_packages_caches.go @@ -57,7 +57,7 @@ func accountsWithoutCache() ([]int, error) { accs := []int{} // order account ids by partition number in system_package (128 partitions) // so that we read data sequentially and not jump from one partition to another and back - err := tasks.WithTx(func(tx *gorm.DB) error { + err := tasks.WithReadReplicaTx(func(tx *gorm.DB) error { return tx.Table("rh_account"). Select("id"). Where("valid_package_cache = FALSE"). @@ -68,7 +68,7 @@ func accountsWithoutCache() ([]int, error) { } func getCounts(pkgSysCounts *[]models.PackageAccountData, accID *int) error { - err := tasks.WithTx(func(tx *gorm.DB) error { + err := tasks.WithReadReplicaTx(func(tx *gorm.DB) error { q := tx.Table("system_platform sp"). Select(` sp.rh_account_id rh_account_id, diff --git a/tasks/common.go b/tasks/common.go index 51afcbd3d..2c1d54e8f 100644 --- a/tasks/common.go +++ b/tasks/common.go @@ -30,12 +30,30 @@ func CancelableDB() *gorm.DB { return database.Db.WithContext(base.Context) } -// Need to run code within a function, because defer can't be used in loops -func WithTx(do func(db *gorm.DB) error) error { - tx := CancelableDB().Begin() +// return read replica (if available) database handler with base context +// which will be properly canceled in case of service shutdown +func CancelableReadReplicaDB() *gorm.DB { + if utils.Cfg.DBReadReplicaEnabled && database.ReadReplicaConfigured() { + return database.DbReadReplica.WithContext(base.Context) + } + return database.Db.WithContext(base.Context) +} + +func withTx(do func(db *gorm.DB) error, cancelableDB func() *gorm.DB) error { + tx := cancelableDB().Begin() defer tx.Rollback() if err := do(tx); err != nil { return err } return errors.Wrap(tx.Commit().Error, "Commit") } + +// Need to run code within a function, because defer can't be used in loops +func WithTx(do func(db *gorm.DB) error) error { + return withTx(do, CancelableDB) +} + +// Need to run code within a function, because defer can't be used in loops +func WithReadReplicaTx(do func(db *gorm.DB) error) error { + return withTx(do, CancelableReadReplicaDB) +} From 0ec488fc036352b06176d3de2c79f4de2cbf18c1 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Tue, 27 Jun 2023 08:42:03 +0000 Subject: [PATCH 107/268] v3.3.10 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 365a63c18..265649dcd 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.3.9 +v3.3.10 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index b77e34ddd..7cd216d28 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -545,7 +545,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.3.9} +- {name: IMAGE_TAG_MANAGER, value: v3.3.10} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -569,7 +569,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.3.9} +- {name: IMAGE_TAG_LISTENER, value: v3.3.10} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -590,7 +590,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.9} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.10} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -615,7 +615,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.9} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.10} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -638,7 +638,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.3.9} +- {name: IMAGE_TAG_JOBS, value: v3.3.10} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -682,7 +682,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.9} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.10} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -713,7 +713,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.3.9} +- {name: IMAGE_TAG_ADMIN, value: v3.3.10} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 55cd751bb..c187fb5c9 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.9" + "version": "v3.3.10" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index a97a404c6..bfaa34481 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.9" + "version": "v3.3.10" }, "servers": [ { From f9dba9a955570eff89e60c5c62e00caf01a17c40 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Tue, 27 Jun 2023 17:16:17 +0200 Subject: [PATCH 108/268] SPM-2126: add metrics for package_refresh job --- deploy/clowdapp.yaml | 1 + tasks/caches/caches.go | 8 ++++++-- tasks/caches/metrics.go | 22 ++++++++++++++++++++++ tasks/caches/refresh_packages_caches.go | 14 ++++++++++++++ 4 files changed, 43 insertions(+), 2 deletions(-) create mode 100644 tasks/caches/metrics.go diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 7cd216d28..22182c532 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -411,6 +411,7 @@ objects: - {name: DB_USER, value: vmaas_sync} - {name: DB_PASSWD, valueFrom: {secretKeyRef: {name: patchman-engine-database-passwords, key: vmaas-sync-database-password}}} + - {name: PROMETHEUS_PUSHGATEWAY,value: '${PROMETHEUS_PUSHGATEWAY}'} - name: advisory-refresh activeDeadlineSeconds: ${{JOBS_TIMEOUT}} diff --git a/tasks/caches/caches.go b/tasks/caches/caches.go index 44b5d261a..49e988a80 100644 --- a/tasks/caches/caches.go +++ b/tasks/caches/caches.go @@ -28,8 +28,12 @@ func RunPackageRefresh() { tasks.HandleContextCancel(tasks.WaitAndExit) configure() utils.LogInfo("Refreshing package cache") - if err := RefreshPackagesCaches(nil); err != nil { - utils.LogError("err", err.Error(), "Refresh account packages caches") + errRefresh := RefreshPackagesCaches(nil) + if err := Metrics().Add(); err != nil { + utils.LogInfo("err", err, "Could not push to pushgateway") + } + if errRefresh != nil { + utils.LogError("err", errRefresh.Error(), "Refresh account packages caches") return } utils.LogInfo("Refreshed account packages caches") diff --git a/tasks/caches/metrics.go b/tasks/caches/metrics.go new file mode 100644 index 000000000..d654b4c70 --- /dev/null +++ b/tasks/caches/metrics.go @@ -0,0 +1,22 @@ +package caches + +import ( + "app/base/utils" + + "github.com/prometheus/client_golang/prometheus" + "github.com/prometheus/client_golang/prometheus/push" +) + +var packageRefreshPartDuration = prometheus.NewHistogramVec(prometheus.HistogramOpts{ + Help: "How long it took particular package refresh part", + Namespace: "patchman_engine", + Subsystem: "caches", + Name: "package_refresh_part_duration_seconds", +}, []string{"part"}) + +func Metrics() *push.Pusher { + registry := prometheus.NewRegistry() + registry.MustRegister(packageRefreshPartDuration) + + return push.New(utils.Cfg.PrometheusPushGateway, "caches").Gatherer(registry) +} diff --git a/tasks/caches/refresh_packages_caches.go b/tasks/caches/refresh_packages_caches.go index 317d72c5e..a81ed73b5 100644 --- a/tasks/caches/refresh_packages_caches.go +++ b/tasks/caches/refresh_packages_caches.go @@ -5,6 +5,7 @@ import ( "app/base/models" "app/base/utils" "app/tasks" + "time" "github.com/pkg/errors" @@ -48,12 +49,15 @@ func RefreshPackagesCaches(accID *int) error { utils.LogError("err", err.Error(), "Refresh failed") continue } + utils.LogDebug("account", acc, "#", i, "Cache refreshed") } return err } func accountsWithoutCache() ([]int, error) { + defer utils.ObserveSecondsSince(time.Now(), packageRefreshPartDuration.WithLabelValues("get-accounts")) + utils.LogDebug("Getting accounts with invalid cache") accs := []int{} // order account ids by partition number in system_package (128 partitions) // so that we read data sequentially and not jump from one partition to another and back @@ -68,6 +72,8 @@ func accountsWithoutCache() ([]int, error) { } func getCounts(pkgSysCounts *[]models.PackageAccountData, accID *int) error { + defer utils.ObserveSecondsSince(time.Now(), packageRefreshPartDuration.WithLabelValues("get-counts")) + utils.LogDebug("Getting counts of installable and applicable systems") err := tasks.WithReadReplicaTx(func(tx *gorm.DB) error { q := tx.Table("system_platform sp"). Select(` @@ -84,8 +90,10 @@ func getCounts(pkgSysCounts *[]models.PackageAccountData, accID *int) error { Group("sp.rh_account_id, spkg.name_id"). Order("sp.rh_account_id, spkg.name_id") if accID != nil { + utils.LogDebug("Getting counts for single account") q.Where("sp.rh_account_id = ?", *accID) } else { + utils.LogDebug("Getting counts for multiple accounts") q.Where("acc.valid_package_cache = FALSE") } return q.Find(pkgSysCounts).Error @@ -94,6 +102,8 @@ func getCounts(pkgSysCounts *[]models.PackageAccountData, accID *int) error { } func updatePackageAccountData(pkgSysCounts []models.PackageAccountData) error { + defer utils.ObserveSecondsSince(time.Now(), packageRefreshPartDuration.WithLabelValues("update-package-account-data")) + utils.LogDebug("count", len(pkgSysCounts), "Inserting/updating package-account pairs") err := tasks.WithTx(func(tx *gorm.DB) error { return database.UnnestInsert(tx, "INSERT INTO package_account_data"+ @@ -108,6 +118,8 @@ func updatePackageAccountData(pkgSysCounts []models.PackageAccountData) error { } func deleteOldCache(pkgSysCounts []models.PackageAccountData, accID *int) error { + defer utils.ObserveSecondsSince(time.Now(), packageRefreshPartDuration.WithLabelValues("delete-old-cache")) + utils.LogDebug("Deleting old packages from package_account_data") seen := make(map[int]bool, len(pkgSysCounts)) accs := make([]int, 0, len(pkgSysCounts)) pkgAcc := make([][]interface{}, 0, len(pkgSysCounts)) @@ -133,6 +145,8 @@ func deleteOldCache(pkgSysCounts []models.PackageAccountData, accID *int) error } func updateCacheValidity(accID *int) error { + defer utils.ObserveSecondsSince(time.Now(), packageRefreshPartDuration.WithLabelValues("update-validity")) + utils.LogDebug("Updating cache validity") err := tasks.WithTx(func(tx *gorm.DB) error { tx = tx.Table("rh_account acc"). Where("valid_package_cache = ?", false) From dbb3df77dbdef5581822f0cfcc935d99dcd7c9b5 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Fri, 30 Jun 2023 08:47:39 +0000 Subject: [PATCH 109/268] v3.3.11 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 265649dcd..b797ac5bc 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.3.10 +v3.3.11 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 22182c532..f72528dbe 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -546,7 +546,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.3.10} +- {name: IMAGE_TAG_MANAGER, value: v3.3.11} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -570,7 +570,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.3.10} +- {name: IMAGE_TAG_LISTENER, value: v3.3.11} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -591,7 +591,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.10} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.11} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -616,7 +616,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.10} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.11} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -639,7 +639,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.3.10} +- {name: IMAGE_TAG_JOBS, value: v3.3.11} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -683,7 +683,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.10} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.11} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -714,7 +714,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.3.10} +- {name: IMAGE_TAG_ADMIN, value: v3.3.11} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index c187fb5c9..3ad3843c6 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.10" + "version": "v3.3.11" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index bfaa34481..d7d6366f1 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.10" + "version": "v3.3.11" }, "servers": [ { From 36823e20536df4a5340afacf5dcdcd006bcefcca Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Wed, 28 Jun 2023 16:55:59 +0200 Subject: [PATCH 110/268] SPM-2133: log uploadEvaluationDelay hosts --- evaluator/evaluate.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/evaluator/evaluate.go b/evaluator/evaluate.go index f92e313fc..62a79d14b 100644 --- a/evaluator/evaluate.go +++ b/evaluator/evaluate.go @@ -504,6 +504,11 @@ func updateSystemPlatform(tx *gorm.DB, system *models.SystemPlatform, data["third_party"] = system.ThirdParty } + now := time.Now() + if system.LastEvaluation.Sub(now) > time.Hour { + // log long evaluating systems + utils.LogWarn("id", system.InventoryID, "lastEvaluation", *system.LastEvaluation, "now", now, "uploadEvaluationDelay") + } return tx.Model(system).Updates(data).Error } From 768de723eee1049948b7971a9232eae802a0c107 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Fri, 30 Jun 2023 08:48:09 +0000 Subject: [PATCH 111/268] v3.3.12 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index b797ac5bc..9ee5a0a77 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.3.11 +v3.3.12 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index f72528dbe..d957aac24 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -546,7 +546,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.3.11} +- {name: IMAGE_TAG_MANAGER, value: v3.3.12} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -570,7 +570,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.3.11} +- {name: IMAGE_TAG_LISTENER, value: v3.3.12} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -591,7 +591,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.11} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.12} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -616,7 +616,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.11} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.12} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -639,7 +639,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.3.11} +- {name: IMAGE_TAG_JOBS, value: v3.3.12} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -683,7 +683,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.11} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.12} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -714,7 +714,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.3.11} +- {name: IMAGE_TAG_ADMIN, value: v3.3.12} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 3ad3843c6..a79875274 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.11" + "version": "v3.3.12" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index d7d6366f1..45554f97e 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.11" + "version": "v3.3.12" }, "servers": [ { From 847293bb0140f3676a37a2c37cba9985d96ef687 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Fri, 30 Jun 2023 13:55:49 +0200 Subject: [PATCH 112/268] SPM-2133: log uploadEvaluationDelay hosts --- evaluator/evaluate.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/evaluator/evaluate.go b/evaluator/evaluate.go index 62a79d14b..ea8e050aa 100644 --- a/evaluator/evaluate.go +++ b/evaluator/evaluate.go @@ -505,9 +505,9 @@ func updateSystemPlatform(tx *gorm.DB, system *models.SystemPlatform, } now := time.Now() - if system.LastEvaluation.Sub(now) > time.Hour { + if system.LastUpload.Sub(now) > time.Hour { // log long evaluating systems - utils.LogWarn("id", system.InventoryID, "lastEvaluation", *system.LastEvaluation, "now", now, "uploadEvaluationDelay") + utils.LogWarn("id", system.InventoryID, "lastUpload", *system.LastUpload, "now", now, "uploadEvaluationDelay") } return tx.Model(system).Updates(data).Error } From 8a9ffd78a99144be0e8db256cbea041fbefc0bfb Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Fri, 30 Jun 2023 12:42:43 +0000 Subject: [PATCH 113/268] v3.3.13 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 9ee5a0a77..ae00af340 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.3.12 +v3.3.13 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index d957aac24..553642da2 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -546,7 +546,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.3.12} +- {name: IMAGE_TAG_MANAGER, value: v3.3.13} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -570,7 +570,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.3.12} +- {name: IMAGE_TAG_LISTENER, value: v3.3.13} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -591,7 +591,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.12} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.13} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -616,7 +616,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.12} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.13} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -639,7 +639,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.3.12} +- {name: IMAGE_TAG_JOBS, value: v3.3.13} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -683,7 +683,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.12} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.13} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -714,7 +714,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.3.12} +- {name: IMAGE_TAG_ADMIN, value: v3.3.13} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index a79875274..69a62b1c0 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.12" + "version": "v3.3.13" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 45554f97e..38dc0db4b 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.12" + "version": "v3.3.13" }, "servers": [ { From 05f666ca141f570e48e7097d83fcfedad9e9ad7f Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Fri, 30 Jun 2023 15:35:22 +0200 Subject: [PATCH 114/268] update schema diagram to schema 111 --- docs/md/database.md | 3 +++ docs/md/graphics/db_diagram.png | Bin 132124 -> 266482 bytes 2 files changed, 3 insertions(+) diff --git a/docs/md/database.md b/docs/md/database.md index b5d369501..62b7b787a 100644 --- a/docs/md/database.md +++ b/docs/md/database.md @@ -6,6 +6,9 @@ Main database tables description: - **advisory_metadata** - stores info about advisories (`description`, `summary`, `solution` etc.). It's synced and stored on trigger by `vmaas_sync` component. It allows to display detail information about the advisory. - **system_advisories** - stores info about advisories evaluated for particular systems (system - advisory M-N mapping table). Contains info when system advisory was firstly reported and patched (if so). Records are created and updated by `evaluator` component. It allows to display list of advisories related to a system. - **advisory_account_data** - stores info about all advisories detected within at least one system that belongs to a given account. So it provides overall statistics about system advisories displayed by the application. +- **package_name** - names of the packages installed on systems +- **package** - list of all packages versions, precisely all EVRAs (epoch-version-release-arch) +- **system_package** - list of packages installed on a system ## Schema ![](graphics/db_diagram.png) diff --git a/docs/md/graphics/db_diagram.png b/docs/md/graphics/db_diagram.png index 0159a8860342b8f105373dc227f1cb1394fcdfc1..6238cf51c2ec736423b9f4917f798fe9925057ac 100644 GIT binary patch literal 266482 zcmeFZWmuGL+cr9gfV7CxjesE1ohqOpr6SVZ-JOck-3A=ws&o7{aWLVn{drsah^x)`+n@)A#asl9)5fI>yf4lSN)Nc`ABqboe)k529_jAApyr=gGe3D=OwJ*!mzmSVex0s+&>Im z0js`Eji+^9SZ4^6pQ+SF{skJZL{jco)IXv>3+0d|dPV#F0q?QKJB2nU@A>xb$wr}} zLy1%Py{8^=XcC{?12+R@nv}$jYeW|BwoOtWi>r5r1R4*Uks(-nM##1o$ zoSbB($}%@ucGUNGyX4<98OPqW83<#y7~5NVVc&hpv-x6;WHPt7m)P0J&Kk+UPfHws zeodd8mfHv_`M2`g|ERu75aGI(^DO?+8R@@Zv$WFiqt~l-oq%gUS3Yn}7A^JWC7Qcr zj$I$xb?x(^f>|vm+C0MNfemlwAy`4JvN08tVhi*03$swO)az@A!JuPywA|Sh*cVJg z`Pb5rThyQI=DaxY6Ks1~4JQZ$ml*Yh21!i^n+U;jmQ$3$f@9L)lRjy^M&zS*)LBN| zS<24F#>CbcBIRge;A~<{=Vsw-PWM_)@vYh?0#XQs4k9Q0;)DCl_Pm?-2i2R~gUSBK zyqjMiKc>fce-At3{=Mc`cR#TI`eikJU1Bn?ss=4ADM6Gp=+)+1ofq2->ma^!6yY#D z`TSw?%LCba7SH{k<80dS@Iob-$s^()TJ~R_yFcMN9n9c`FPzUgNuH)V;eRX~{}lY6 zmn;jJDh9)UULzWBxI+KyP#$aBlm8rH$oP3T=RZe+ol_r#|JRWbi~s*a|18G;Wg+Ty z@V=^7SNaESaEvb8kKuLPIlB?_zE)S27If%F;!el7eRxDqeRy%L#>LK|@Q5DX$*=4y zYasW7?d2NP#icke`84NuE$_*(%Z(L#^QsGci-gr<|XEB6|57{IK`I)yh z&7OjU{WLyplA=6QQJlAqlzwLiA9l!MXoKaX45v=E=C5|lMrW&iZ~xv$y?0OCbI0RZ zUQ}L+P3gkG7WDdqsA6u|JHjs7U`l2}L-&`Qs$YVG4QqpY$Q|5xR}dETe$2PkmO>_pmD6X(3V@;JM2$bBsRH<*Oz-8M-KN52CRpAj;wFJ&KU zXFqg%sURx7hDEG3=wp9=P-QUZqR}U#r&K*4Js80uoal~vDo-^ucHl{6ixYKO>__WnTFtSHs1d9x&My!c-Qe99V>-6$xRyL;~8P}CIY_iVna8^MEi z*88J9S=<-$!dLgSkU*uS85+b*N8)oMhy3z!rizSW$tMoP^>&l4=UC^1mq40~UPsCc+=Z7Dj$ zsa~3+C7nC{%tFdT|HRz(3>sBua7g#_M+Xw7CShiEVlWcBT8FH7_}%M51w232Q@4Yg z!;IpE)4yr3IzFb%v5qGMR8QeN8JKFnibwvZg_LkK(mNS+Hn@MQO`wlxm zbg#}8Vm*WGVOga6V>T*e4=MYUv#yi#ZsDXP;L&pWu6$ZNGA#;Dkojh6=_7cG%0$++XoLZZ+pB&TSZ;n@ zYBKc6(Dr83dlGspa7)SX`8rv+g7afq#%dxmSQ?I-G zG#V@xu@TOXIjX8}&?{f_K4YTs2T_aPI&}$uKlx|O)Vl7p;GMRh0i+uLqpnsJwwGvZ z_^|l3hx?#AX7`snWwm8r)JSYsmJ!{B=3;HMQFi7QXi##36+br%<}8B+u=VFfpmu69VFt-HPdaL1#m#+*26Q7q(} z!!i{|@d_txk?H7yl!(xJ&}`sl0fw?%@X~qKK(?|uxTQsALVU8b>t}JSY=w80VwWA} zBvy~y-dQ4w@%CoJq<*NfPd5?T5%Plc9jN=%j3%oXzEEBpSSpccas2d+I(AS2{o)}I0VFDN3lvU{$AU`mdJ$+2J+}Ow?0w)vT{?KUm&E5 znesKPkUZgGFXgQl6Pg4~iOc8fCimkcHLmY^cLmbW^*Ezcx^_i5<(GG#zIyxq9qc>4 zhBW5o!PWdAQb!B^oM`i6LxD1H&fn~3{2lh zPxW{yIKxC?H5>1BRh0KO>WG$B+Yp5PhHtH(WZCsGpURR?Dw4J42rB%2JH1=amO##U z8S7V-PScVJN)Ap=ECbpMH7dmF_O{+BP&^12ursP$~mT-)5r$1M&!rw!7| zg5Wtf)?ro@@JcIR9*KANb=>4?5}RW!ECAQ*u0~v5?{3J2Z_;+|UUyGbo!-YLdciln z?R^+gnKLwIP!3U_Qv^pN26mUi286H9MhsBPw5sY-G#3*U6_f&@jT+TetIe|!@YT1Y zNfr-e{E?76uc)1w+UiFG{S>S(8JRG7pO_@u!)6_;6efYs)H4*fzUgtb9>5>3I$p0U zNVc@;S890BWo;Uvv=*Yp!uv$vsA{%CluG+@3`>Y=@RT$cfBnYl6)(F)cs2QDJ*YLH zGVEchmA(QC2+ARXg}@mz1M1V4iQZY)NbVp6a@>CPA^g(zc9vyZT>W>t9Qyfj`oWxM z?^^-4{lU(P;(D>03CG`FXJu!bT7MTCS-@EoHNFgz5={j^5z%d(?Hr26nwq{1&^? zK(#)zZr7EVEt{MU79`g=*jAPeC1_i*{k=Hrp_230ouAXE;?v3@1^ezG=KD)K zZGIp3HU^lqxGC_OE_UM`{9n0!Iv)E?zgLJ_Q#Ws;Lr56;a zO_~kOV{qIh$Fo2GXg~;m+YhF4XS;^dpQc(_PzFG=4_HdbR`0!;~!c^Iy%ey9`CJ<`;=CA4jBog{;xAqPMnhPi$bo z116)4+!uAvytK4Sy)^nE9f7A1{p(Eh5))8>Ju%%^;U?d{|NJD56^d3SFpc(?d`Z#2 z7E84nA4Jui)-9b&R9Jzn9$wy?8M(fY)!;v#U>2L3FH2U;+iu}tU|_jm6OVFfghs48 zG=GLD)#Xra?~QLQiXtOd?4N_yLXPn|MW~Lj`Lp){Ut=RhK8TQk@)rO6cEb?61=ldQ zL>m^k{j>#)bbC+cxl{WoRC&&Qh9_eS6$x7MP5Cxu6`+|BV;=uhi{|tqOtjxQL!0As z;UaqBTi56#dcSvcd$6nMB>`0-9jnNfp&NT%+)1;8zVC{B>IiL{Ap|qtQUf-+rcY*8 z?dwL^NA>r;ZH93B?L-SY5Mb2*>^H`_=koIID;Y&}QDjs@2@5n$e;ZX_u2=J9Q^5{1 zeD+3DuPlW4AEh($soU82c7q-`z$h3F2l&Tvb*-(b!k+PI4O~TawsmqASq}if@O6&1 zIJxBF-zMQob14$FNX4~2?hpm4xga;_%pj>+%Yq{Nk|nsN2J;O93Y$ZJvBlf&7K-ElqZ-et)`9x_p`)GY1PZB1L} zlcSAGEvwBtyGtEI78<5JKC@>?^Omr=sq`<_24{nd;_SOD&x}-c0uXxyjRe|6F@r)k z&B#|yzcx5&OP1{|5)j9GgrWi|EfHfRZt(n3W4?w#!o`T=XE3dwu(Ol&aaW^}Kib(K zU87p+i^eM$7g-lK2R|{4RFg*p63=8a=ft#ef4kcFiTz<*VE@wXqy3V)Fz2GzSHy<9 ziw>jY#i(DM%?uZ48a>+w*W?dKyV7qj|2*0zDVlEI+6X%%8DF$8s#$N`dDobs)Tu%w ze5&aib+UK$R@wc&rIrKzpFAT(?Yl&k&cMW)s2$ODt05^ZNzH^8yD>bdKHGb+Eao-o z?0emn#6Ft}1Kj|%1HDp4WP-m?1&Mtz6RS1zx>NgfENITB^B#xdCahU4f}tpg(=WC5 zB7D}=C1T>^y4|_pb3reHVrLcGf;+Oo&I_s@F2l?quJo;ub79X25;@&=QbE#9}sl!#)eX`SyJqu*1XkxhuEUt zGjK)cSCDD=`pv;0IUG~$*)9OTPSrA(rvzyF^SkKm^G$@Ht1QqgE+n5+2pRo(iYv&y zhtTo9>WDzq^kAr9eNYBr2sZYqaJoiUUb*P3 zT0nDZgG99|37syTvi8F?@~@m<@#MsPSFhnuiqQB<#ad`M5>0m1#13wBi2rbCwmn0N zDdFlw52jJ&%UODJi1Ug`Cf|nHk>p9+y@w=f54Pc*K59{>x5KL?9t@h^hl(VO#EkWq zp)m^7Btd{RwS!M@cglFTu%=mc9mB`@MB;2-R{(NFmqkm zBk7p#J3#tlPr$8h@QJ;v8kC(MEdcESLx2|l!&!vB0~2IYiR}4H5r!BKIEO;f+~Q*VH?Z7xp0T$r z`vZUg?hn?jyddr2B7V^9`S#uDQmS!NPWff?`s{gU(FYVJEOdLcv}3?5ERlZeu}eIu z$U$_zyhTaW;g?lMRGEe?$%%U|vu;ey-ZcsH;Lc11oQF4qP>q`$x+5fe49R&qj?!dotHAK|670eyq@^A^5m!_7+TpL)V8*U8vNfA~^FNl_;Tz z>zTW4j!l>P@mS{6x?1V=>PxQ)PWF<=0%Fm%e&T7V7q4h8x=C%i0y`;BdDvKEZ!^RL zs|?DIuyJ##31c<_x=Y}1<(R+~$QEizA>b}c*0X%$I)^xDm)S47tS1psb6lU2_n%h~ zCf;8V6Kl-&=)*!$%uCn_}w}i1;L<>UJ~+xd+jsEjNEL=eW{o`ABbXHrxKmM=(Su4 zH{wQe7x+CS#_G0jYRK%r?kt|T1b~z2QT5$(ub6lC;d;$AW8-H&SHu^DoT( z1u1!O&$G-VZIOeQ`G%)y@-+u@S1$1%CwOe!#aOY4a^WQJ3eHJDo-Q^we;(-*x#J@~ ztz#dKrRUa_29TQf{xOGG|Lz>0376LiDY7fJxa4$4Qd7w$Ac3{rFhxKta~`AnY}`uT zykeTQG#`EfmoNa_&amB!%ST$QMc1_Dd@#KV{xmbR=lo#B4{Bi39)`gydyb^)@)MbQ$LY%`TsM+Dte;fae>{rLKRbj2XpxqM+V&fjjlDXRdtH zDhcE6llQ9{#qA>xm)aA^`!7As3SCKr@_tQ6d;B@R7;Iv=<0Dq@{Xr7*XtTE<1LLaP z!@X+8l)<8O z%QR{u!(`S2pc>UpNl59U9|kCfABY@vwUKK<4--EWFh~!6gD&#M#auHqbh;@v+u1gH zo?_3r9Y66Evmv|HEsq0{q4bD>wBOE;FGeHh0eIJrfK=}Me7HAqC4;5uW`cCHsmVSk z(vyftm?_|e3mp)n9Lx3E7r89%S9U#)C3~cxBSpMdI+Y*#P*}M^@$>MEu~`SF?kElE zzqFxqG{F2XJnz#E2NVS`T^+acvxseKNDoqruK|&1?H?%ts2n`-kv=qUrDr_nlewyZ2V(D5-75NPy_?W=ZH@=E#qN zBj%Nb47pOC7s=(x&VH(cQ5P4UR0KgNm90XZoh)LWv1D?5+#)E2mrJ@`F4rTb+=fZ&d1-j5OG}?^uVOqt-5Kz@P4^mEPk6N6fqBXE zSm1pE69Z|-XAIoG^NoT|@JunKgruZZIQ;d85AkgB;AS{PbZmpG+LyD7s=hSLP*@A3 zon-gOJoYjZxjZ#_FzLrtE{ASWp$V|5A7mdFkHMwyM~MsJI=sSc_SFMSmQ_-+jzm?M zQiEbZ+w&QI!2-wi@Ue-pw;J!1R84-ct=_Q=!Ct)9sqMh`|7OJe-~r9Drr+^ORQa^E zLZ-_zj}-E?-D!`J9n8Qlu{;I^Z0ZfDC1GP@`}H9`wzA){n#b?v%8nBm4WQS2wGOM6~4dU(N6A}_aPfw5L&)IVJxuSw+WMt$X zHa5Muct%kXd+T{wvu?9zea&evOO}4+bh5aY0697N_DnS**MtBc-=r^|b;iR{>6uQ$ zL;uauyh0x7!Ot8?`g~+~MKcY!jq{Odv%O(BHFZE_%j^-d|-t8?OEwqwKCX);TM z-f5|Z%-eR)P7($T2iHcGvMDz-Y1uU=2sM9EhUNR^P+#riClim#M(Wl%NaGjQ)V?P_>h{NPQcCr!-wd!GtM8Gws{8IOSi3g+{->V87wWWMX_BDP|Isj)lbb-PQtGeDq|rw8{ns^kDBz|75>_SkF|2fK3^#G*h1R zDkv<}s4|a<4Ym1u2o(rwZ}V}xN>1NyKElJ#p_7cNeyV0Z6sj%ljeh6g1etgAmxy3v z`-j`h5sarWth7+|a`+R-?b*Too%AqSkK%+N$(ew(-qxqJcoKP8$J5=o?mIu=+!PVg zrG$*`n6PCyI^>Ac2K0#m>3v{c?TW6{$i^T8wY14K~2{H94NVq+xnW;M_N|)UL1?E zX?G-bk!Cec+CX4Z5^1IB0E3tql|MYoFB8OMndAB!utp$s6|y8UzI?gM!^5LqZipd} z7IA%fN=!=HeY826UsAGx9Foif_n9*+Yi#_O*KDw3Xo%3BIo<1YSJBp%V|scTk4h+d zZccj_dh4s^*jQJWJgMsy5k%{I7B3EkYGFYTlci?uf%uRwU%o8C;gh?o8oqV!Ra7(@ zoLS$!dl#ROuxu~HA^Y+wC>yqjIp5;KD?IImjYD8M9azl1SQar>zIErBV>!R^B>@HI zbKMEsq6mC=Gak5pr)9OJnKOM`Tbp|E$I1QtO3&q+woAy>mLSw1pQ+c7GCo|biM~+dUYEj>EISx zT3W=8{zzSIsX-ao*~3p4{h+EINzb%i85%M~i5=cc((@ID)YsRStZ!~^f-TyQ@9o@! z4Gx+Pr1HZDG`#A`uGc+kKiiqvSBpE54jE$~%+u|Rm>M)G+WNxGVx9PFG4=E_#fMB(?wT+LD zuZygV13NIVBV=YMN=Mf^-d-f0nwm-`=FashCkAZD*47qZ|Lq+|Au5G*q2X#mOgysI za-(ht8ISS3%hNqK@g5dN#(;%puhqRhWlv9$_8>x*Cr|GAf0GI_tkx8E{u^yIo1dTW z?%{#k1dd$4R&8a-$$Cb!#uwI;E#8MA3*t%vQ9U#~Px#x?Yj6t1n&H9jtT~C%%@JeygSy z1cgEo>WPtv3#nX(%rgb%I0S#(15yT3tuRb~usA}R?*6~$tPL--uIbCHP7}(_wca&O zLXpMPq<-E`WL!(F23-2BkOA&JF>fKV^sFcZG7VwQHHZgIynU_^_$?F3EL{t=usAyV- zsM{7^(KBX4KrvDtPeCGee`H~ zdHDtCA&pQ!7nfsfgxg~S4xQQj4Snl!(9jJH4WF>FeJ?AE?&*7+$Vfx z55Lv)X{o%on7BSB_j^LEmyhM4mL2kCmMD&+lX~rz)y0Xt@#!EnfN@I*cq#hcoiI77 z*5&JSDvqA^dFyvyWoyTIZm0SZp6Za^@bmK*bF9gT6f&I~)z0elZtsN!2WK}mrO!9I z5mQiv=9$55x9~yv{QUXO;o%|Q;=GLY+5R%SZc}n@?&H3`K3N5YyRF^bK_H|XH@L+t zDi8Ri7NJmfF0SaUElX7Vb_W1-`u+Ro*49>)mLaft;DfF^Go2vhMaH~{(v@G_`j+;A zH+y?~S0Nkgzkg?lq!I4}wH=f$)18@WP?f8^&YHaoVJu`pKf-gBwZ$;%g%xPCLbITf z(kRGxT1=kXBZ(6CBm&#foctUeB-efno95*f z#Kac7dQ(U_t*S29^^FaWj4LgCPB>pMAZKtOW3r1`w7YW5duav&wD-$jX^kY)K^uue|{KxqmlC3@Zm7_N;OeSL2r42+D*9@F#cXyr&QbUWKBsMm7s@&*xVQ#FpHV8p;OH0Gf&_{UGB4gvTe4yxq zmJ*ko{5LhK612qV=xA4)$Nhph#wg|hPU=;=;EfnUE?*AI-1 zeIR+J*>SMiog(aH8q~7rkA|+^)XMd=A>Vb8~Yc z@)XW(5{t|B0^b{d^QTT5=c@T*1>^vf^swJ2spAmI>T~aqd(^xVIn#G1@}odz+K?;n z1M+nmRRxYa%Qqyx zJ{o$qS@#Dzd|%*&ABob}|D6*Yl-z+Ekeww=4ld_OLP;y9UoL+_7dyx^BhM6hBl#yx zdhg8F-Q5FlTdl^M3q(CU)2mFKol3~w-z?K3@LkTsytRG+9Ny{bMs^y0vs-KlrxHFK zvq7s&k>{xYGBu^nPJ%l=J`TG7=g*&m!@>}M;3tSlLOZ+8=kx4$W%BxW-5U^{&)M98`Wnu8 zU4PI;IolNSfQSg~ImoUcc(1&Ig7Mg|cTMLTX=1lmNOrB7aBib6^KLid#jF4a00zg# z#-cMbl|b((q(2Y9BK+CZbXDav*2lUMJZ|Zt{rBaVhE4pKWg-)iFt3Cu@u$q)JRP{C zR+xGX;t4@eK)odS3==eOd}E0-Yj5?r1@${|F?a8eP$Wg^?Y@No(|E+=FXvo7Zv-G62N3#rV#}k&KquWDU`TkN6xPaT^V54>)FyO-^Pxp5+Ip zQwPyt|a~Nk!4}eF2#E-Xe>U^HI-W5O&HCVWX$-40f(EDE*jn`2& z+D5wxlGm9iJXGfF+tAk#*TU(O+a$IJv%t~$4#gZs4+{;NX_;|tfjSmO!#h*ydV?&p zkz9N;S*5)4tadFH&a1zIUF~KUM>F&kquPJb`=coSp?I2r4WMc{s*VSv%91YP_?L|v z{V6#?b;0Roz?3ChI|7>w2r}z%JKq}??TO<)_~aeul>R7%3I43@9v9c|q;JDF){<}A zCN+M{B~!GWpg*GGu%m;UJ1Ic(1ZZZ=uciNbogzSQWs&zt-A+yM`TM1JhFnV*^CiahHXW@SBsCRA^mnHugYlnpjwn6>!p+E6 zVXDE*ut?m4|K}dM+0M83Dv3T15d0%NGRLjRx;Hh(IL9iM4}TY|Q4B^x9{YC#c=~=k>q$hs7u*^O_NWDxb{u z53{ybMftLVoxT3;^Q#)2skTZ12+;2up_gA+m;-8eUZ!X0yPQ|$ zZhN|_(Wp1e|L4sr3JQ3V*PF^fuwhp(^RHd>r6eRI+^vVxfNBh42S|#~{%tfIQ3Cfk z=ZPo=k_ETNp|R)5w%p5?cYt8V`{Kom0y=PXGjZ<2zx;|jwcuJb-uo|r;?M<?-Me?WEJkv}N~{^?6M!Fc#1d{ z+^Wx2w;%}0`JFp=)LXoTlXN{t~b^uM#Lw;VZ%&@kBMGbv-{h&wsD4u zrO0TkwHTM4#YnWxpjopTS4&+??BIY9l3i2q0BC2mrL>qiM0T`#s+sBhU%!4$9xw$F zlHVtUOF$*`yi~VY``~1$EnsbZo!eoh1F0Da=>Hpe`Jw51cQ%DUMCZ=GfB#-qP7X~U zFl_)Wxa^l&i6;QKXQZQB`Z5W~(a=xDv}7I=97sw^3Q)y}iHW5Y6vC~Vzv7a{rl!6z zH~+<^lN*)-`jv$r>|Y8Cuh+>o@q#E=)LtJD)yR75MOw|V(V5@G4lgCSu0uyp)4h+s!qw}R7zt>mqLOL_RX8)+>~8nXn$ql! zs5zgmM?t;9OOu}cC@G0du5-WH??>XvlgpWQab(`i+f9|b;M(r);*p7cfkMv(&_0Pz z)e45)UhXhj&sGt+Ri;=Z=?vOsUNHLl-atAqMdPGAm{cLw3uT$YNy>~a+d>;Y4PP>5 zYaLW)q-ngiqNt|yTJw;Szvs6H2PEq=^dzn**`D^DuV>u0FH3!;lK3ENUB(#@h_^br zUZ{MogVlZXz2;}24#w;KlLLAyH%!9$OWs4rlNb?GDx!D8B0@vFgvy)+PoE0KXUQ8| zUtz--4OfDLL(tR3DJi!QWFn>vx^Fo8G-`aWJwelm*B8SDfE2{sm%zY=2jSvgCmk>t zqA3Z8lF^5Uj!a~n3_3h*XIID}UZXC&k0si2E-w70l_?;8&n+xivwTj-QM+kd z3kXMF^`veX08D@{)Gm02fxRv>XvZulC7qr(Bk);QTk~sH+ z%();Utf$K||CHG?{fUJkZUVCMdl2IO69GidKd^R>&4vvl(O6=}zY6%>y=-o;m27g$2aACkB zY-Ay8{v?jGKECJI0(AqVWiOI8F0MHVT(TP{L@J_Ev}2kcQYm%*I?OnghHS(}7n(Tdp}l)?tClE|qS*`}{Q zSLYC)m>8Rs1mBWAoHoniHtxC4!^;b_#x6j00RaNv2)k~R0TR~YbIAkbkI5Qb9Gt0U zFG1Hv>afn=!9HPnPIxFG3gj-;|h0?#!%j*ZXcyasU4Pn@qr(EQpZS6dVV_ zAgI+qb};RUrY{*10;dIH4iKBcq*G2o;V~VZKeedqpFe;6fkK+|I;v}Oa`IRwkbwG) zsVOs1>;RDfp{WDKwSgRgv8xYel zBO)T2u1{vI7n)Ed9CDwM64n#LSgy_vTE@Yi-)$P04K>&@7i-lA3PR?p0;+$2&uuSJXMf!9e~ryZBg= zDUkAvauPkd+(=YQporx$U%Uxr4ZuF~E-sHGBwCuz`)+ft+{smb4lG4%=*Ewa4|Z&J z)A~FId6(2*7e2Xo?LU)B@iT(Dt;@w~y4(g=DpqCYTBkT7f?cEe6KEtfEvL2{Ltark zTD4rhhaYwu_Rv0h11fpea&`VSQast@a$;c3c#r9c(A4p~ZS%>SiQ)@QtR0VkOUtiu z3ExIH2i4sKjK5eF12UP}@z!|Bm;T-P#*pyv$4{Sz0c{G%mq4gu5D-WN!C);w2~@^8 zpVN7=h*vFVE4ZM?{s#K~ObKGSW=5SQE+YddwN`atQ#Xfmu)r{@3GmI5;rG?m)lC2o zYWp0IKL*N#ws!wqy%RPruIM+GmCYF)3k!=iIGoq>$b7P=u%>4I<8;H*oZ+6cgVpo> zcES`9mjZ-HNmbR+7Z)cdrxXAPnBzk5DFyaBN%go)`^jEKP{@ELBA>`kFCs#rr>7Sh z7AB{x%<}9RKKSMkiPUKJ} zOadatDo7O{AMr3!PG%mS5&rp)u(!MM@ejca6QzKIhV~eo*v-wY#&-SJ5r0g2*JpMWF=g)?QWkBUoVrxM`IzDY!=S%4?PCN#2z0%g! z?4Z-x9p3=3Zoowb1cQ#QuGr}4C6T{iiu_tt^$|#t_@pG2w{KhHSyez%0h9%@8!-E* zNSYXxv#r8X^)mfW2q@U7k1r&F$Ogvg_$tvzHt~~fC~$yw z008Mb6_r)Z1*o6j)pbVuEoj^*EoghH9E@S-=I6oC^;>T4U4JkH2qdK46)6Q0(L*pv z2Pdpzv>zNenT@WJ)qDSJy@+-N}t44{B^|thAwAB=x`8I9F0W7WKL~ zcug+O^{M3>nzpzN4}^ap3uW zY&LCpz;AK3?Zm-3i_CB(UCL}V^)-X4>c`B38{sK2J?Fk(+-DaTV4cZC9V!Usko~5W zM3VaVKy|&otT6voII5itms3|K12~yV*zs=T{2&l9fynNp)4s934oc-GFmqViJ{Gkc zd!p7a_vVcwQ^bsu_}oWIgfSRJ$to$iM!dg=i|Z62Yc010SW`@L@;xChqAswfDJdSm zYeZ&tEv-O@QJf*6rHx8Uqr?pO1P0j4z?!fnj#ym{$jZuk>KB)k^jcdxy>L<=a5XTH z0AjzGn3%b_IUN{_|NP0^Z;G@a_5#C{60w+|AS`i^H!jb%_V)HD-mUHJMMXss0z6T& zPy=f72j4xhhqSbNTg?>I)DfUxfbrU>l0*o{Y(V)s17Ujeca*%J?*LL2HAwlOstQ); z$;y432Pf0 z6>fVAcFJ|Owk7NH^FSQG3*S$Brd7iQ@Vo2Yf+En*3q2)NhS+=QYwMImUko;U55-*2 z)9blJ;Odl$`?^30K(RktYcFZJ{1bNa*kZx^c<%~vtoB#ZoXgMmzyyq{&pL1CMz(4v zMmQu6-2R$7r4$SM-Wi(|^;0pGM=S?CJE$tD*~m4qPN^g^Pf!q7A)qQYtVZs=vCgo= zY=w0v^-Q%;^-RkTW>N#ivZx>xnYh$DFo44H(b4x;R#rgbe9z7O0;Y)_$Os}foo@dSgmH?2z%*M9m#l1Ys10Lw@`}e0GLsh24!Iw4`*l9Ygg?{9qj9wD`ew61REQ^BL_NK=-l z-EMl9w)INKG|I}#TU%p^VksPH`eLe4m}vuDlDFr|ri1Cd(ezTFdK9Ube^;GoU~Fn` z29w~D-4%urkK^Ox+`K$qK=477saF_dg9+zW?-SCaCbYrjAuy=kNYt`zgTa7bVlYlw zVtRAv@ZjJZ*f@n$KDkGWFM#9XE+!@@TK<4IuXaV02>VFqURSv8-C24q*^&{W!f7ym zXac57$F36EHn6Vacv?x1X89IsQfrNSRsPKX^hwCJofDFtmYbWD6xi89;c zH@3H(K4X*PF)bc(yx(G$w(*S*_OrjWWVQ$4gan5hUQRrthRQlPF=L62=5SY>f8v-G zu*q#HAs|#%7AU=ah1H4iAWq1?{Sqmx9UauDA%!!P1khQ935C??csN_;Qp*ZMs zfC>V%+2C3ohsx%ZVN4LIC2J;OiRTxs)5OJUrMg#V-I5ZBosxf=(^#fNBM@s34i1Vp zjIVBPD1giX{1pJloP)iQfAeOl%m7^_Pszo_RinlGoIGi-kug>Crg(WcPsr`|Ps>{n z{{W`}GZ9EOkkU%MAVq4aEVJLZ^AwZFkP&_dF~Tlpxcat8>s~ACQn>K6h{^XZ~U<1vnK3 z1_t=pybHba{?dzz%F3acKe<7s9f-hh=`qZW0mT^WMFSj0cEh!TWnLKWT*9o$?;Jj< z&!u-yE%#jz47It}NS`_|-(U1Y;P<_ePd*)lYIf%nF@_-0p6|9;kGx_cCZ7)iHTvdw zxm(*|pt|YmiWfE2U}X$4JlLm`6bveoV$#0N(K_$G_4=d=OX9Xsz~LVsrxNxK9$sbU zvJZ9&UW;B^w!Sc>cAIxZmqW)a|GRol&EfaKnHCQd-OF`nZHC;!{qk)8#81Lv((8XS z_eov&`;uEr?C)r)q%iqxxq!gZhV926=~xa94(!@>(ZEpD6-7%Z6eQty&`AnJfvU?k zC-|19d#gVhiX?y@4>$#?oq=&77+3r5ug%}3xH|aV4b&zhX-&2E${9s`T9zLWc0LOWxZN@5Dq*jU`!Hly5I$d0Cqsw z0dsmAmnD}me8IU^;D{Kk9Fjn6EqFE1XEV&ttLgcSZ|#1Bas6#*5Si3wSxQIR0`bXu zu|If@qdkqa?D6#-^DCQWTnm?Ie`N z4(U)B*-9C+mz6OjJd(Ld?e4AnDSGBLlw~@t8Y^u2cfW=j`qJilXVX`C_d`L#N}JJF zpkCFT{M2&a&d<}yx;}E^JoqCnX*5(qJ@!EjIS0F43VBVt{q{V->tyX)ch*|*q#nJ~ zDMy#GrJu4Xz?WgAw{byxjcMo@=Z_yVA0V-4R^XC1F$7Dvxo+N)ILMQCexb`i3i0st zeDL7G=k{g$`MEtn?oCWgj(|Z#N_=>*^Vl9JYyelH<|hy!dGG){x`jaKOdi+HyHWy3 zY5*qdb@lbj2m}l$8D1|xmlwNEqLA&`Y805uV-Yhe=!5xb-n^@p31Sx$pP~aaP0)40 zH2NgGmJ|peK<`io%oaojXh0xBQ8X3+YU{Z=BH)q%AR;p}v&0G};d5aRa+`!hTh`rO z2#njPB)pS>l=vX5^E2>L`CJ?cuO5Ove{ejhHwwrj_#kkM?VTt;lzbHMuSpJIf?z&d zEhxPfo~-cGmUR2JdIN%RigLQ{xi@lwl{GnZb9w0PN>jAPvihBjYJCVD$)gQ3CD`p% z?S-EV>PktqlOOZM?`~ca4&E2msv(K5bk!qoB=iw2+8x&LaTuNRV}O4Mu06l4bb}kb z%R0Te&EiGp<=UpJz`nz_66wDbTG#O`g4Ka89emW}wMXwYwCh@muT0&xl3>-KLk>OD8$t#xwm45CJXrep zXcK#=%|X!s=tlR%6A%PoO;SS(apwKE0zdcog+yjQ70qD(@^X4f^KtuTgAv1lW#(n? zkjE~ITtO!8tP^u0}ZilV^2Gaehyqp|8;8?)y#_h880gT|#?CZ6? zPo~WtKYna~wr>D339W2)$KBmspRcC+ld-8OC?el+P!8nt&|=N%tyJ#RVRJyUaVw|i zY@wj(m;2rNf-(=r=DU+X1_vmUiJLoSd)pcU6jh}>Vvq=smr_!_Jw0!i!-AdZ`%-lP zVW0(CV~eHZ!N}dvo_RWc{sf>#L4fl3skD?6s9i1AjlFR!#AIad(+DugN3}CxL?ZGB z&14x!K-$_=pgr#HfT_(Z;65@iFko{=CBv-w#nI+u_%IM!xzYyuQ+VMOJ}U3ut5;h- zYW6$^?kzlkEde_s7jro02!6IK2iaM9KcO5 zrntO{3Na{fK*wTM&g=)0P^mjg z@I%Q^y6(#ur%CX`br>sP?LbEbDW(QhfK5&VGhuYl%=I-F|aAy{N0F1zx2B?(!d=w}xqNu2-9bOEKo#1W2h)@^x zjV7Eytp=#ZAR)JI)b#ZBe20dHqO!B;Qq$5lrz`VtP(#Ac;Cmo#_}66W0SyFjue!yk z&`?LgexPCv&&<4$k_x!I2FoQTE)LAWD9}ts)&tBdbKSr^zJ7I%gczHd0cmk1b5)3y zH6$^S1kA5gi5%OvUA-Eo?AH4db{3+-!g9cD0^lh{UM7YSMVES-aD04x5E-X$iOl8c zFz?<4o;tYiP8cp~mTM2>UhtUqA{kVYzUf4aubj`CKxYTzud1}Bvz2ITB8xpsC$2l` zLJpt7^?;iPlmQ#T&D!ALo_TgUy6pKO=D6PGU#YNlLlEXv;+|v8$-p`_LVA97b|v0( zy5DM9t?Me5H;P@Qi19&P9i-3enH?ig^T2(V2w*Y#k8Tr za}e;w4$9*(E$ckP0bgNr^sMHLbNTBs#T zf!F{PDj_O@)3O+Ot#FyO3$Ovbz_JNE(qQOOZaL2OJtt>84vc=kSaH(TfjJyXkSo(i z`&jrWZ?qRUbr(0C&Mz)TK;F1I@r2Id06dJ6P5_?-LMnVPV;AEVw7JW_j#9b6&L<}; zs}H>Db=n--9HhWX#Qcw}`=@Z%?c&HH{1v0J?~Su5R1F?3Pk3ls9@wbo6x}}Qi{nBX&ey8CRc<0Kp!?hvcKz)IRC#=eVKrG|bL!C~gx3Jn?v4)WQv}L@93LMY7w06ULIQ4e&ZaAzyuF*&uRqPM zB?Kfcs-T~Di82D$I;yJxg9rr$1<1>z?ddp_qxEoyk8C<_T|1HCh_`AKU zikquR>v~Df=R=&dqf<|#R~$zkGN$bFbQ@s6K7C zh<*Fkr=dXw1T?#5X;AwOu<%@no%Z)9u{-e`-&r}i$I;Q%ug>^`*bC?y?}yOKOSNI^ zmzO14|9Pow--P7&GnPFv9+D`GRRh6${QJ`;`#k>teaHU`CO-d7RrP<_F6jT>Ck+oE zC5hVq-h~}`^(Jmixq_qWK_+dN;e*gPiGNP0GVG0&SvxEoF_x}5f|4WKKnf-B^gx8= z?|LqzgK7HrNlAnKq1uM+S@v$oZHQe@=#Q$r*TDnmdpGq(-BJ?xCZW#IDO@MDzV7WY z$acWt$7B*Q4fxUtFq>Uj04o-HQ)By;T4X>cvk@{M%*lX2rAugmpRu&Gq^zRSW0Ohf zi=?Hav1I@sP{;+b5+h{HYqcDt@IU*wxTtA^^U2~VHxdXu15=u@3-?&48@bpTZJ()AS5n8y1`lo*Y*r13m9CC*UkZY(Bxlo zQqt7i0}Km+9I*nbm0JsWXc{pVC-~G%fzLBf;vpHL96=N#W+q3Ef~7&h&dv@Rsj_HY zH6DqWCrJ{Kxu~@@Vqm}!Z__rxj%iCzk8WLk{ibc(O1iBsYiU&{YGxZ-SiA!PlKAes zPq&x}6XaifdnQ4{fFlU?{=+t#N;}D<1+YSc_MP_qqOA@#DTo~MVSIOh4nK^F3alSS zp#)M=pF^vb-RzJOpx3hAU>TYd_+pizys zsK^__3k+*rs$A{Fqs*F;?*KW*ycdw8b?)&zFj$^w?p< zycf75mQ19${R3b`|7~L3jXO@X3fHb(L;u4E z6$mQ%(eZ9FR9gH%n}jXe&SAuc-GKy!R7^;v4jnu8j}A&$)OVLbT19WsZjFlFkC^IH zU_c@obqV8TXE4>24?Bi{ON2W!H9rrGzH$pMFE0gAchuAvq4XX_OBv80AQC0kHoG9t>y)Z0@s4_yS2DU2HD&FO#$NioG_OPSD&i2^nt((*~lo>1v4yh+}9UhJ~F&5cFr@ zhHi==sc6lSgw2`?h$27MbD0aZ8>&qdrxZ{#5tRzEJ~~*U<5)%O^J_%(76+l=R!&Ol^Ljn3$(ay8(|4{j8Ynz;{@Zq^GANPJTs& zZ!I20urCl&GEA!+#G`=MJbwE049Hvn$uE~YxL2;(k2O}ZXx%ihiK)|(2>}hQ_6GnUc zD_ezVd2RG|_-$i3d;a`=*N$K;2$zNNF}875diwtHJxq*@a=;U^6W3I)Xlho0@Ptkt zEI{-)mhaU)ZrpgDZEp#>5{QJCm6iYboK_69juMk<^lFaO_PE6XO#ENlduw!4zPL_m zZe8qf8R341Oa+*?J<0Fx-7gbhf`lU9Ebv$UX`t*o<#5+==@h$m?b^O`=P6*76o_o- z)@_GsUz&Dkqy2r%sbIrJkIK4rJqP3CS8L02w%T$4uwySp=|Vp{F5CEaW&MT?1o}aN zMrpV)DaQ3$5jG8x)$S*N&xnO_h@1Nt*SuFCi^wOlW&wg0P#q<4UO~ZLW}&L8YJ70Y z9}_1$S9GBZ>&~jSHkhQxF=Em=Q|>6BB~&De>F+l$;#^1yzVSd z=oU<#5ebNeN8@+;=`jut$ER^6K6tvEU~wTGuhS8ZsQCU}f1)FIY#u0yW0?s+H}J=@ zd;3j4#K#vG6%|Qcd4rJ^Xye)<9?!;6ka!^uqn*Qq26t9$-06p5s-~@$EH7`8gSDQV zUN(_A@m-{s`sk#WhxSA2)3Pm%0d4H-$~m3c`FT!24hY?)L3=JbIHXH357}fA#WW~} z#2V*gYCHWl=`Fe`cJ>&D3MmMLXte7~bjCT5q#aK<&X2008##-tiyeryw6J|>d3o71 zz1AI-5$5xmeup*efFdEU$z8m-1uv?PRTRWn)KTYuYauDjbN68~TXr-lr$_o(yG6d? z#2MoVnTZSiKbo4#5vN4mmxYk}k(C|Qutb2x1;)k>(g!bx1O@Bcy)>>~Ekgan41yA<1J{o|i{sp2F3fWF^$y}rJ8N_AyOr9U z*mS}DVB>S|DPRlW-(@kz5)a!dk zW`S;sh9E;m>zJzi2`%1qRA^RZ4^e}$irW!7eSU*)yQ(U=IqFL6D$ZzO$r37SqW1dq zsjhv$C{90BG32dG41g3Q)wb+BJi5i1-m(K>Kdm_A~?N9T2F{ZRW&876=>2+7!rY z0NC12SGv2oAv#+!E^7V0ak>F}7a2LjHTpzm`t92kNPO5;PyqQRC-VWBX_2a7j6%*w zHh|I|DYLY*GX_%Ix+LxVO0Qy&G97vAtHn{h;kLPfL++SAU?;AYZpMu7t*T*s7?|R< zIF&T@z{`CXo{b&qGBb$U+{4+bs!pOvkwCh3EJ{b;I2%>+6$#AcY47Sz-z(oe1TR~gH;7-ZftEbir&yW~<@U|}l* zTB(!u&B@u*i{b!54Q1<4 zYX&b^7bxOT(Zd>|z%bPsJ8>a&gqXzOX`DZQ9_8ZAjMiJ`=Jwj2Iy!rQ{P+QsV5X3o zeX`2Z<1sc9#5KUbsJei062!sh&o_6CD=hxJs;J4p#L3A?a0sot3Mdy?pCKPJ1(sI2 z+|)8bOeP9KbQFk|VDb~CH0pIgSi}$!7Yu-SK^o8js)`hsITNCU1LT1!Yy6jg(m~WR zPywL?7`pUI1z^{pUC2CWLB#F{{6!%vCr8kT(BYrIbP1$EM!zBg#Um!eVSI(T6GVv3 zbCwL?dMizfxZVbo}K5+2JOTTA38*Y zfEmlj+07$y^RHH4om<$!!tnl|-Z4YKqL_!HrgWQd?X=C823RajTGZ=sn^8c01C7;w z0fA4a%YY)Wp=THboeW%MfAoltVq!X9jxeLVvdo=h0Kf&-6(*z;Yz>mAUP-HiGTDAQ zTn7(k4(^r*9)&cS1N0X04m4y`Gq*Bc@e=ZPqDCX=U<+-ww7AX3ZhYQ|NiHPV2&UJw zc_%Tx_aMy>g3`7)>Y7L~IwU$oif`bf5@CvsjSV#i+LAU?kNb+xh3w{qhgeJ36%3gq-NYZSg+77uCN9$swJqvT;<%YTf_8zMOZq1 z;Gt%?I`G=3$PM5ID>uUwNA-(}#$x&Y;ADV=5IX<{0|YAotw4m0R%qp!6DKHuDYHQV z45FNs72nl&@|k9Lz3nU!Q1ubG(W|1f$8I2m)ls4d_=nK+K&F~4=L!@c0lga(-YrMKZx>sS6lX05v{|&~~RyQNF zR3`wJn9LvpUP)P}hXZxlnmkc4%a_vd{gDQV-Wj(LVAlL-a}nC)mg9XF7d`{zMo4ok z$xO-K>|bKj7~pcA+`)nO89u99v`%f+QhP#pq4(vH+;sn$LmqGzrA1>){Y7tGnZNBx zG!tL^m@=A!s_hN)o%w)Olz{rSg5YHcJgiP z`4EYS`r$XAIUy9#DBMJiY$J7nPYXCm4@&0IosD3WDPUxTUgN8=5Hbt;-8Q&yH10X# zL0(&kgR!iv?6?5R79#-V7>CdT_^j+FsH8~UAFQ$tqio0A1CSgxv~1KS0tLG4HFePi zQ-tyNBh3Hea3ur?S8ng)>pR_~7yM!GI0xEB@E_y$5`R#)GlBR9e}4WyhTs4DaIu_m z(IujJ;rCTD(wvCIXZIvFlG}WK@HBg{!jTto@T{f8(#w)KdLpsP z+H$5{Z9mfH-reThIq7by*%XsSG1BK^%5~U0r}S*L)U2CaeNC5Xsqg8LtIx6$6g^NQ z6J1$IM=!bBd2w=jw#$z;=%AkQF%^F6-9i^f$}R;t;#=zbomNe$nF7q zWh~j2OZ-^HoX0<{L_co{ov2}3U+~IkoVrW9^Lpi$;7d6JDRs*WJ>g=n7pGzx_>QOX z4&VO~c_?YX$TDfrc-Wa@HGv^ILgZP%zT7FH@FvGmA@WKg!=t>%xQ}k72v*!v9ck^oaVq1A zTl#}Wl~Kcbk}d^<{G~rvUh2s+z(VKCcQB3DGO?qqUaABf!{5G! z?^Y+xZ$yQ1iSU*x!8rAvIPfjY+dQM;bw$!XXB6?NL zv;E5eZcEss7RKA|Nz&^J!X|iMRWy9-z4|yjx*_=ec27KQGwI9U{n>_tUGUAN1HA^NZ6W0C6$GR75%b(mEtVSAl*3n%SsMSZ@r-gnl{7_3ew zsf#LUz4p_#VA&Ree#jyzCDZ4LN63@tB)wnbuNR%do$;=vG~?SoAM9a^5oe7H<$7wb zASq&Lmc5ob&$?dcYx0+LUPbRa*50nYcA3|67n%$PUCn-583r<+xTZf-Kh-4OP0 z7j40$^bXj&U$smB{h;E^Z3=eY=VRuScvBM_;aRnSNNE>xpX0pS)_8h9xYlq^H5u()OVC) z`Rw|cIM2v|=<5C(DT?4ZyKcUaazpaGV!(zL-;Hv`8A%OD*1+F zbF}9p+qA%9-}O7$cl>1V)4ZqNFv^{yYcqAFGyG}w;!A7X@`G5jMuPzZPbWOKxyDhc z`+MV2xH&eI)07;K=A=7&THS4?qTw{Y`@@wEU6&2Db-#70^7ND&MWzbEDBVU*$ulza zReDNG-%sAFUHwa#9~A+2-g*rc6<6w}#yPAG}hHaM~2#p$bbeW6bT zU37%;tJSW3KX6@Cf#V)RyMZf!}m+C*}j_b|RZ0RFQ zH&;-zEa;_591>SAdDA^5&&pQQqu@Ng*R{XeE3RV!|CX13uwSUwFQc*Vi(doo&Sk$K z`&IdawB(wd$D-Mek%Rq)S(xR?Lu^3$9<7|Q>FX2oSZd^^xSlJ?EF<*n=2Z7+cC9)< zaaoJtI@>h)<-&+B8s^(x=XDsCZW~t6wWCdEmu$Y%GEjsJQbY!Ow- z&XOjhvAk2yEX3|L7v0VMb?1jp*US5-DXuS$D2m!lv(g&U49L+2^@g}UYI1+`(>-8v zuXf%__R~>un+Ga>kDp3xcCx#$^RaK4?do?ePR#MYd&tx6%C(X-7XzlfQoP|JW`u9>o# z+Pg1TJ(@2y4DR}|zu>})U`G2u;e|u@tEew5{_yS{VqtC@XEIFrPtVo@xGsFKRI&)j#ZYZp$L zIlQ(G^s6XeFbeL8?vuXz&-M0PR(GB!*82BkC}P+TQNGBlxTIyxthb@W?n`u{;rN%6 z-(!THApAS-7rvd*e09^=O!M)3|Gciy|JvHBo(31mjN*Jvru0;o8h+`vCuL!U{F2hg zo7eKXPn{UDBDr^*iA`NQ(599hEFhZBg&hBg|G+b>!nBpmNltm*2kG6`eDbG%y6+Er z-V!`fz5BdVGCO&VWXKb=S2&!+w)KW&YhKV;f+y|9qa)8-_S6sCq`0l@$P<$aFN@`* zW9})-(=%$brEb3$#8#;e=5`qgOlijnqk-1pG?)Z(e7m(mN&Q^s48h?J9T26S?m2 z3(;A;fqi*9auySAtq#rAh+5^0e)>{YS#P&*{Fco3%#VpF?KKAte)Ta#8(fdE8VF?H zYL{~}t%9_WNyFQrSMPI6FYin31qe#kKlbDI?718iDOol%VNuZ9Q;|fn{%ufZuOSe* zQYSEePD-<)_6r}$-eUtEzXz$><P z9vj>w>3-9`e|8I{CIXI=dP_#3d-@;~!YRMEYrVv=hvw9ZS6Yp;dzMgZ9+pzA%+JjX znpo}JOmUXRIHG8%C+E!Yee=QJbj1}FTL;3UWo|Y3!~|>2MM`T$k8+DveI-xO zkv@OqJ}+W&Ldf9P91@LQniH{bC~h(8zUVbNlH|%8V`i$pcS1L(E~NX1$jANGRV4?y z-%cr?N=k1UDymvClW>~;v|fXxRcg-vqNKjKphL>?eRQH-hX-R%OTrRYd5im#p44BV zV_dkO_dXM;C-#WRaJOZ@D{a85H}MbrIJe$fAbpFHV-kD8SX0eh)z>{$>`Oi6Q)-SB z_bH=GsA7%dj%mgVa;1pCJ^ziby86U8c($HABCU>MQ*nWB-{GLx2}L6t8+P5V>nNNY z6~^Z#dNsIRgQGc*@7w7b=Y3pt_+&Gw!}PYX$FdbC+3MYcl8EW+*-6Q#%kUV!KZ^0B zQhXdzu!Sy_UCf>)bc+L<^cfdjUg^aOZ!EEW$UKYpbl#CFTmQzJ*VDgU%(!V>7S)N` z$!j$p*4o+KO-3^$UDRw_{b|eky?(g{Y0gEmuj;eC9W)VBQab(3=lX{sv*SFBtJeK& z9*bSqwN^;-52}@akWant&t`lVocXL~o~@U9rnJX04TX!xMV0f?Hq&kPz0a@GrxnZn zGc_MPP+My@NbRXnRq-I*lxPUNR&&Cn94=?~8jeYSySng}pZ{=>47pNcoqO(N#tn=2 z(U(+yuHzHY+rBCHR5_}evX|*EJCNd>Y|b9RM*OO;+{vH0HoJ?6{0o)&7B6vydemin zHYbES$!oFW*On-x+piVGG!E!m+M{QxA(QO4i1~!_DnCkFIRvkBL)W7b^NiYaZY#kt z2g@5Hk^)C-UNl9UwP=6m?daTkqVU6v+e&{wg2G7+r|nPE6jnRABwD#AZMa!%f~Y2) zJ2w4Jtn;3}V(Ixz!J=C&UMm_U`iu0JnMGyG`Xl?$1nu0Zb1>;kq^AdWMs-fD(eoOchFOn z>F;rI;-3#`JWhBT#kkYts3U#bCxL9Z5BK=RT)m>ApiC=+J)V;Gd3wA>gIF|fvV5s! zG=0HG9a9Itdb!j#cu#e9swtjP*q?i9O)Ynj$ug-T?N4J$a8#FEaf6MW zrK)y_BHCG|X00ROrBwJ+R_lv3XNTr-qPQOmK&zkI?dCZ!((59(Np3A#|3D6gf&1q*W4uXn4#WS4yl$3j>%{>1K z*1OvBjAfVkl>YDF&X>Qp*ed(m8Km62bBvUc>Y~;OR1=H4=E`xl2iE_3$C7 znt_Whm!+iyqsrdVIj=-f9SAPx9?EqLP%phiMzV$GMw%(aWv$R&7cx-yw{s8DBSYh4a!^`&1ukIE4{=R zqTKvPTiv&z3GOQ=!PULd_dgB@`#&55Hhu!EF?|Dr55P5K`+{P{{+jxN@0Ah}2HW8Af_BAqGRYPDEb^UtSN*d^*;4%XY%{1%8hp8moI0H)%VB$rF zse~;JF*gIK2N4wo!Gwgz8>hnaH|rR848NMK;wA7L8|o&&(V(DEw76I;t*m5>(5w6x zM2gJ?m;g5AI155(54z4@GR9`YMv_2{!4m)`3l1zNxIhFKB-3{A6QJ|zNUNR)UHk<~)4>7Ec(kc!NjqA3pMn z1fv!pbl_>OFTi94b6vVUd$tvD#kidU7a7JV(C_xzi4$fx7&13f{n!Su6&z3kUkB!= zhtJ1AmX4J*{wqoY!+%NknN_gdZ2Dxd1qN;hL`B2!6{eR*k{)A{Z~~L-iJTc4TFFTY zuw#MUCByFmYyv`b&F;C%-?=vK2#3|LAl!g$bOLs>SXz?HL$B}p`GE-vpmlsE@p_8a z%0zw)KwS_i0SS&J#zFQEt!cE&@52CAkE$l>V=^l_RZK_FSnz2UseJ`|fj~^@=xj>{FX*X!=UmC z+&F)kjMcikTVE=}u+)*ZlDC8F_7CIYVY}Zihfe)hd|n}#2pti^Jv~c+mBWw5nSTWD za~E?64)pOg-nfvqW7)d{)+TkgOMur+xlxCwdYz16dHT z5I@F(9B)m?&l!(&U~UH%F$X-nF**e+08Uk}Hov1|XcJ_Ot$gdXeV7vvPWG?0Azo_Y za!a}93db+gGKQD}P`S2Ivlxae#4rRT)y0*St4d0+o}z@hi2}2N|4h+*w=%E$d~gM$ zFhn*C(;Y2Ku|IF9tAnq$l|?v!n2J4lB8%OK$Jo%&Kr<(uV+>*tVFwKgIxGt?3$o>s zPEZ*+?k5=g<_%#N1nNd0d}rRjzXxG~VNG@kvw{3S;1Q%4EqNXnlYJo7 z?)w_E_qB~2?f3jrT#qOJ3q0FIU!A`2Mrm+@mm%a8(MZc!>#uaC|$Zh z#zByR#c&x0g;N-IHGeWdAOgc~a(0$*#=?q$Y=kgDn#dzn9r}aD9b^Io{#&TeKxr(aV!4XjBnxC;8t>#IyB?8(zmu~el!8!~clHdRN! zWN~;5tdD@WEwo1QA3k(9=97-s$dGf6Tphp8;J^O$)cE!6S$&1nBN}g5rucT>n@qJs z4e$pm=Wq;n>~s&s79e4&{(-OWxyJJeg}$TKP`rUK@-yzLEDD=$m@XESI{JaNl{UKQvs#GJ5mrKAsG$7I=CUSi)(X$8qd$ zs_)~0_`e(i(yhirarerjdcbt2?(&maeM$U@h$qR70-K?+KT-4l=j_m|TzYoigPGcv zq}9?_NAtARuPV6F%J`NnT)9b%EJ7F9$@9Dc=K}OR=e0_tIi{c1vIbzJGj?29=rUfb zX`Zn8be=#0X0F%g_kpiak;=aAg^s82K{;B=he9rrFLx-7kBKC$GGTk(4YzGhb>4H0 zUR6sfxu)P{F)dU4I$*qUA3uDAOVkGSR0W@Xnk{cr9%C$CuUja?7uH0g+VuNJYP+y@ zK*(>CkB1M7${H-GjXJO}_%l-OlNu5c-2{uU>Zrp9U0XT5P8FT23j3#^+FtFaimI-F zGoM3?{C6!ab5F&ejVbnXHmCN#I=5RYI*mQo^Vd@R)w0ghmxF7w6BGY<$7SU@)5@G8 zRoFx?lVr4~+`W~w{ic6OJPWn`Rq(T{k+$>p3AfeN)^)w7W_B>YUKLJv21GHPxhe2f ztw^KHl2y+}qHDU1-%fUs;_@aKx8H@Gy;g?`g(MD=yIxh)J3d+&+j)ez<=ig)1{-AO zx)^0vHr1xPjPq(QG8gr@^1Gb#R9PFN3)uX*|0vC)5mVDc+(&YHR;V7;GaYx{aQ<}} zRoAU_K9lLKXBDDPDr>|uBs#O+Gew%)TnY(QePM2#%X=vsZD;dD7^yvUA&<{oT91)9f-!A)C+ST}ip`O>s!_ zGrQc#*d_)zwPa!@ULmGb^dM3oC{*OVE(-Hgay1RMvu0GT7fmP@`*}UjYidU6vWJ)& zTfC1=d%NDd@OEf$4SmLkkB5pn+5(y@{V6MMjqQBE=*p_~xbTD-`3~UN&GSZ`&sIiJ z>wriAPRA$Cd@p)2gP*Oej&|*TgbXnj9Qw=8*68AgoNqZzbgJyv0Um=(qhmp0<-& zzp&9}@a+syoQ7lv`KP}q(ih0o&YmT6WIXRa^`h-)9y?dip6;eX4V2s5B1@7njFGW@ zZe;^1l1^Dc-mxRfVj@ac-dx*sHbmV_?&fj1YKO7IY>_;oF8&iIQ-ba6cko+})4xj1 zu;^=Ru7C23l`D~4P?H_0Ow8N&Hq1JCBK?p79VYIf_Bj0lc2(vR62&BSQiI`XH? z%N&v9n_zLvvz8*S&BQ!R>#^L$#$CJWXrms+tyMhFUY?S}dSg@=AxmU#QEz3vo`BX$ zb7Fjk?Z=Pdg}JL?l6=ZfZRn1Rh-9$P9Oe+|d@o(-SZq>mkS0trb*8N1zOtm@q89Et8l&emnmG>sDXc=Dh=Hu<>7O;ZbKWNQVdztwMW za(O;1VRdLd^{2y4`N5C8PCGfd)cthomGbd+^`+a%P`LC-P-HDSU_)5=E|2yxY2Np5 zGD|9EXbS8THBuF1I&`*M)5(o@blP!pXd)u?bya zby54Cf5@ax-bat5udLsnQBrcg_>AnEk>w&^-RJ6&WEs~5Hq~G5gDd2;`KYP^9@QOp z4;}G(f2gD6fs)>CJ)vI*%pVQZg;)HPkC5gZyEWK2{ASS6(8VL_mWxZ>d6##$>Smc* zl^_3nud_4ol~T^$y}DkTUmZH~LZdHTBza+iwkJ_G=bz&b@?wJJ*g|p}mJ=tIJsMk9 zvZY5>)_7ido3GZpAC?riFX#T{uV&89Jk+*lOh_d9ZEF4LbBlXRFI90K5*n==i+iH< z#z5hq=rOOv>PzA+t;rJW?gc6C6+PCoWz5xS`HOm@~E_ zV)y&qK*iAL=uf?CJ3=UbrzMm%Dg7v@i!c0se$VXN@s+oMa!so3-|6c8_zcf&tVw8_ z&`#Hp-{oIg)=|3_V=>h=+|WvUhKGx%+@pjofMve%%8mB#@k-udd_u}T4tp@(D-Sfv zXti{qEv2RXIn$6xN3mM@YDck;R(s`DVNVxd$AxJ9hn1z|RKETPBia{X&6+uPU4BE# zN!4hML6L}Ho5bA5T!sg>cV{_$u3UCc%gN4&_3O`<68%_XpZBC!=_zrFd0Xbd+cW&U z+!rA9s#DBdanY*dbN%@uj)rI5_ub5e@gX~ooY;{WpC9$qskwhkscg!aj?^4?RQyq~ zD!qE&wkK{T1QtyEoReWqH1F4tW8}&1_YLmYz9aLATa26VI{m`(1kuzXrhAC4HRs&hcd1I6lS4%H z-0if+g#uca#Q$&s>OvJL5nlej6n{>&{rBe&d|;<+-Zr|4FM4Ds>+p)|?SIdKf5U!5 zCOd@o8gY{mNwL|xw$pZa{sw38|qu8ro9B~{>_{Be0>jWY;A9uj)WW4_D-QI z;0t$I{y^B>qUY7pViQ)MU~>cAhrlqvK7$G2T1*U-qmLf#JR8J%UP);OMSFX@Q?6Eg zLv%zhT79UM#rA%StsEK2Oc7=lSHm@adhVL%C!U=vVnE*f_k60hlQ3{C0MfKe=SiFm z3~v|7xey2dpOLk*`%F#+rUJSW_JLg~S;PuwKh(RRGoi#t#?72XIiK03{Zb zVnQ8o#0o3(!r!|TqJHB1`AzB>7H`wi=wX@$?mjBnF8ERmLO{`j)aALTR~5|jxwGgE5i}+in8+E#*vc284$Kup)YC%tOaQ1Rd#j+bWJvmnvVP^ zvB7#GtTRB6gmngF9fa-_Tv`e!ZT%$|ySxduC77_&kW|pIu*6+>T=}Wl3>aJr^q!!8 z)e!bymo7nKs^POAfUwfvXV}LX_x?R$Aq&lABpS^&3lZO&wH+Oo(1c|>jP*d6Q`&C> zH=~#uh-C!GeK_HSAs^%|WBa>9& zjOykliT+5Ef-n+>Zv~;QAlVaG6pmg|gmPaxM)4`9>OnB7KpBN5ETD0O(3}v6O6xq1^sY>2YgR7+3xUiThduCb^*(&{9b9-R zJ-Y}Y0xpmO+|!}ozh6Q2S>ql9X%i4E5aU_578USqg^dtlH~sEiX}%V`B>{?1klgN_ zs6mIPnlw+&uxQWHs)T$RM<(sxx9{X&5HQgT|8_eTpU_dFvt8COWZHm@lPhfs13HKg zfQ^xjpi**@WWyo@1Vg|*F*SZSnMg0|+`+gl8Ma&2PPX=l0rL;~yJ~Xt;LKi|j<+xm zn{>&AV9O6{5(0AKfR#IU?hsH&>v!%QI+8b9i+!d1uCai5b$Kd<^HTI!S5bSFvWggQ z_ITI5z2i}KEAm4VpS&95wYE35R+Q3I+uQBf)3f)$iJE=X;*VW6Z({;O95|fTn&XSg z5~xX+w_dPlO(*=>2ssa`DXpYXMlGkp{M8w$a3OSo*upo6*b5+-+5GIxcmm+`PyvFLwid=T1kOYq7f*&BwK(G&wld?3NFh zWqlQ=liQk?ur7eX&1vf6bW-ZRm%;_}&Duvg@6=EqIwZ6muq}ZC6X2?yoe*2FA8he2 zCdL5M1VytP&Q~xYEgqS(f&2hgGqPB)5W0{U^9Xug(n3X0bB5jHGe+ZjmdMK|FbKDy zQefo|)8^H-YOiy>)w^T^@|OueL`QRzkU%=t^EqrHITrwOKeOv59fm@cR|L zr1+um^T&^u8QlJDI>4YG4-d?ZtTbnxR&Gd}8jUdKl_#V&)Pc*5NiJYnT=S7e*WK|I?I1!H1W%G`G^0L z%KrC1I&+4P?+vHyw5R9dUh1GlUCMR7XRQY`Sjt8sK8QBIpaYcq_h%>3vtdfNlf`b+#dJp_JZs=+bZLprTdwoP3^O2Z8SA)=0sniYlV&tfApM&t@Pni2OGJ5#w+*%G&n!Km>e~v~}B=nJcgY zuPqXn9IABf+L@a-yA4{eg7XV$)Fyv_p~Kag=ehH=-l<#W6K{sBw#krZ$^zIKDjgXWDZBEc zv)OM?tPZ-QKVvgk?Al10GOa(S_~2bpeF?Se(Z&AO)?1E_OMcvB-CqvArFR7^zgo3L zY37hTb{JesTOH~S-^#X2zWK)u($ZXDq-3j2h2FBZXa4OEuj!nY87HP!8{a)#HXBo(q7c^*CI$f=fqzXJrR_A`A9NjZ$Y2I7@VS^{>?7_3sLp3Th^<_qnqgks0 zCP>e;SKFlm&Ifg~lNH&>=FMAuWqmHIT&v8_Nx5G(&Q`X1zvz~&<8&$YnfRtJik()- zKI+6dD63>Gh;<+|;}92bA*(^w2xA(;l!VbdB0T&&6t{r&Ay4Ra$Uc1Rm_B}iLB-?9 z$gRWyHh;z1a_ey>JcrFwC}+RH)H$gsdN-VB5LX!8rJ>n`9tbDNKoNdbTbuAP!;vyY zIBOC{_Y@eTfc6bcv;9ZERM)xyx+^`4<2{FkB25Rqzixh{TZB`v-=@6v=3e<&&K&w( zwUl$F;n`Y1_R(j_FDQZ{OZi{<7Hu5pE)F-m zvO#V#_u$pxNjvL4WvcON3jx2fsnJ&zt3!_LTJufcIlV*kZQ1263D-6^E6j(zbaU-K zKpKompU=!YT5#4b%zwTIx3x*Y}Ip{9z;&dlJKKVE)zu&W!JqujpJ zc<^n%c7NBDi=<|I01HDUJNXuKbfN`Tkie0Bk0!XoOViiNe(GJ3wRnIUlTi0Gn-N-m zI|qkHPo5MbC$1{;Bk^BA>8X{(7*kUQuo~Vp)LpRjJ_vt998PdmUELpUJSg?vrl&sx zU%$S&`8i7}t3>-;fHsfdH+%#g`3w9LxN zD*yIP7s^u7ER^-Ks8oG#5}rZGIM7La+{&Dcg-Ga1Afq4#W60o`ulDDAKJ3__ahv}@ zEoH$6Uj~mk3rhRIgr)>3O|{OoMLL_(gMzLainphZ>bXX*Cbc?0q==x;{w06W&yPN0 zUPx|?YmC??BC`R{HJU$pgLP8wj)71&Ce>}1pL zxZ9mG=@-1}ED*jmk7VijEfg3DKPhIq<(un~Iy2q+e3`=cch8Ng%p43J_RPujVIICO zYR2HPG*4r~qJI8<@Ltnmo!`6F)n*@yVBt>9`A7( z7VAR2xwCcZFgZ&gCR=c#$5UF05j$c(dEO`}+M>^qyhx!p@!+QH>fZHCXZqd|J07k^ zMD$0^=YbOr3AdGZm!kg5I=P5%D+Qt9Aq`lPd@&Xz{EQ&2564W8n0gNX{@nx5qPGwy zBlSZ^eg<6n9Z!>kG;?h?HIJB|fWgHjxl z`kdLiiwHdY(7z)Z4)UfUt?;%#hfD$X<@RHkTh?mc*L<)y~g z+pZOr)r!Hk@#*)KHig8mO>}m}uvL@}CsQW(o;aQsm=M6ucJbVcsH6aeuY=xgn$)+< zP|xPle_<6SO?n^9nH^O{0LmTB^DUX1-Mfgq*07g_1y z2o4nFhdr7xY}8#%MwDqM%6^^s;(zqgy2*+Z@f#B2)?#M=h>f`?u5<`v z_hMU4nCtn=ggKGOm;7F>a@foerV9?E*I&dAUdK&_B`T>OiJ{bDVkuAI!i86HafBF# zJPn5)jJYV7j+^Y#)YK$~c13(p6&^TvP)S>x_5?yrczC$1?5vv~JcyrFS6_k|_sa)g zsG`sbLw2-6Zq0RdOzMYh500F08|b1n2B$$I4)5z3T#RA#23j_GbMpkxC1jShdBDKxh}r(94}&Dop&FP5qQKkU_{e9~My7sBP8WJV6vH8hk$rHF}d zp}qh*V(TC7tv>m34F3JEx~mOSn`5-lx4?d5;`kN9ge17E*YoyKo4Bl>tN|2|2lhh9 zNH~Wev)Dpwx}rVAmAmZ=#p`6RBU3`21 zPRQK_c246+zYn9<&_W(K8=!uWobSu>7(oAzofLv25F8yvBpk=}p&$F>efQEl2EyGP zY;4s~6+S4@?S>f`oD~M1w@5>^^?NQ|Go+Om$-|UyD|SbuwEJ^7d$mpR+GakXWYme2 zxXGm0`S|?#lEYa!T3%5OC@@IT_UHl*ODY%LeIkk?!7Vvs-R&kTM)E?wRC%=b@yJ^i zdW&7r6q>(`PCpNBJWhFfaZ1E+YVPs2oHPTOkNy^GXEJzsB`*w2j5E80CphnECT51gwQ`e?p6+t*1K+B18BND*KN$(9Gk_`%uz?M)q1#E+V3X1R3ffHl^AO%n7!)Lt<6YOFEcE6Ol56Y}(`}DF=+gx6 zw>RF!RTHV_N=jjIa3dS7u?-l~6dCf*oV>Z7H?gB*&?Q@1s+wKqNI&VrYbX7ArUtmQ z4(e>{yzy{YJ2pu#>j`^)UWj0o`S)+dZE3T$w>cEH~!-qnBuuGY?&g=Mp{gh zmRNQG^I5yZ3vWE!yHo%V;9Q`+hdg5!fd0+_me?SGpY`EIkDJ2WTty%NHi#o9Ns?To`k7!FkQN_gc>V^r+_`(}ow_ z+_zB5mq_xUW{^9v5#WsBg{8}9*^#4V{sk`}J`Ce|-wU2WKbo7J>$%EXKP5dFB#(HH zJbKowKj|5r9b;XjyVP;i*^Ea_VDFJ0&$YF6hHtp0Y4f#e(%0nd4Ih--i&z)yc;vbj z+FzXb?=bXU>+JT%pOu&UE@93$+Y=V?K1r-fwr?57$cW5wl8r`al++qaQ*9re3#QF` zxng2zsp{k3b`~I7x0Oc5EGaqnc>;CKCsDy?OT*fv)5XwYsFHh2-XWpndT+2D|tkzBq=YcUt7@=qN*N-{O^sRaI3}K_BFmVzwqsozel$8NT3o%@*Nw}e`yz5fz%*C2YkhyM|nH}KaxkQh109D`o z#Zk%?RIXe(g>;1TD3RRJW}@rg^|wc~neIDJ&?r4-U$ZY|VBha$cblZ_1kHpJH3n+N z$1yR%tz(?9;=-|GSgUqFNW@V^fQFr6>0oSWIS9bI7n>brBp^U|=uTiN*1X0`(TJD{f z>34*fzW(<~aKFG=33$+i$D6pgxKnSSNK=-*X_8JyKQ0d!LBQp{H;FU82)`{h&(*0) ziwqoW2Y(LY=)GFHT{+2)dT_MIA$-IVg;&ZHJk6hjV+w%(!^e*t0On(3Jf6eI2;h<$ zj>{$f4#Y6x_%OKq`xB`YjVV}P%0EJ3uR|O~-3E6Jpn5o>BmiTaf&}_u2^wf( zAu=$00&t8+*3+qt@`uoPzkrn#PJ)6Hp!a9jXLRbTAHRqHf|MKc~Pu=>6lr-M(DTj3g*+AIoF1p~jxcd@Z>1t4g~@DtF3jRTIf zsF2at1^YK?4$e5zF|@bgnuDW%a7Yk&WSegZmixQ6Z+-q4*F<=#Sy?3?Sr!-V%-&G| zvzz4=w>{3eS`;lUElt^umPrLKs|;VGi@_#>BO7XAVtwcqZ^X9Y$?OEd?6R8LdDLvR z^{sPPmc(O%x5#AkX)_M=fAz#+&47$~FTlpu!aPIvHox?dyOwQIDnO~H*GHMy)VFn< z*H4b(i=F#4Lc?t5+Ws?YVr*|?|-4KN1XS6&;goL0s=TQrd(Pnq?jf{@5 zP07vO6I^y$N2iN^Aqw=!D_3@6jpBrmb(qQF;U+n;!2}k(+i=XT&Q!t~#n{yJb#^vO zYV%eYW5*p?zL;l7wQe0U`E<>PC1+IX!0_tftLxz*je`Vm61wJREr5L(;`H_PEqYf2 zfzKIOO-oN-u9*o6qCwyX7%tAd4ErYD&9x883-aDsa%B`poz{@$qt%Zc8QuB+Q1<5W zRPOED@G7NIl!Q!`G?2`R43(k@4U)`5$Q+7{OHmY286s1mB%#dnJY-#;w=XspRc^uo*9x(g07%6TIt?C~=#oi!)$t~EQ zCL_l~w^QTbX8vu=_{7+Se26-TCSR+n2vOq!MpIiy&mst6rDtT|u*o>|3`#Ha{Ru5# zi6hTl>HPK%3z`;-sm_oC+-g{=q9+!|S%vPFe%;6GaApQ6o`D1&A(S5XLu3m5HP}6s zA$dmVBs>-992g&KX(lwm{be7_UD6}Ks6T_KM2I+;rgTrvFFhE*%E5sEW+MWCrskU* z>##P{S?WiwAx=pJU1J;Q0|Ns^a4HD(kAhW=ie=kCfU6)U=Y=)J7msTQ@3UA`t?7?^ zp33sU=ph03f8{2O0tmLZdABsaEnLua5vxwh^CS|;mgLH~7j$#AU=jz}JIH*m45KS^ z2^`~`rCuIvSP*6(g9)o@o`VjL4luTpRWxsF~pI&h@z|T+m=1oRIM003b`&b|( zc=n;C351{Q0Bi*0^t7Sa3=#uGI)KIz@@}{?>^KOpmSDDmn2S9{=pxG6Bq+y#Cj;K_ z*nKhBmCk99aF$cJ|HQbgt(@LskKFqlK@?$dp{4U3U~dcOdr?q)pD_Y3zuE z1T4d9JMh-%0;IzG$t{!AjPN3^y<{Yk0zL!Nj+5J$si{VCKe4(ZFS*C&GEI(MZ^K6| z;tIsS7fiQvvwF}iH=nsAK5P;LbTyjtY)`sqYMfiRtHc^Kb3a*~$a~whmF2~S#y20- zhgy9_ANO1_STU&*60(@;JQx%s{-~t8*wmV42cKJ)fzGClchwTrZs;FmiiiaMM8&SfV0`#U5!Ta}sbGhKh!-9EEKHc!$QgT*M4OdA zNM4tca^SA%=PA^)o=RH@s5yAJ{e@Qw;#1K>f$xt>hWjd_ydykA?-nf!2?up4OkdG{ zyniN5?9l$Laa9*zl}O3hG3|<`a;<5aJZt*pL%!)tu(I7S=79!x&_zn8-aZv*_kg>A zL2~9D}U$uwfFGgNO z@W&48TwMhF8=LogZEcS{JCJaA`D!r~>((3(l@I(z3EAX**q<=Egj}RT)V_WEdp<$L zwX;(bif886hekVcLXqOEj%rw13dChjZ0=ZWpRMil<@tn@yTc^?|JLpLbx*_Z_3N?^ zSHee9Cs?1~81Roc-mI*0I7ak5dfAb>i#97wIpGsydk@G4S9b2*l>QR5*{yQBr6)cJ zA{}KjyYJE9cC@zTdj4J zu6O#T&VQtS@%wXm z)Q(P|c;JkIc9tdsC8}=-@DuWvEoM32K-eM3E;wX+P#hGRrp%^g*92Dd`B7Ohp-nQG93c%}NHq#H**6{eklmN4*X7oMg5LYQIw&yoi> zP&V+`6=mh8NcVWRV!L!xhu{klLl=MH2ZS3FBBn%(2rE355B_o944rca){aE+Xy4_*mjZTCk?Qy=oJ5P_l? zgVs7hZu$(pQ1FD%$bzW(>Pza$Ge-$^NYIyvRRmiILU$5$ofY-xKU$oqd3Vu|^o`|N z?4zXm>HP4tYV00XyD>+J_K6pUH_j}?{LGc$-1eKo_VI!Do>lvDo2;F_#Pl+gw4B2* zwx@7|xu@o*_)2e7fH#BKRP4o(Xiz{9EJZ9A_WOqVZ5I~2Nq2{WxEH{dFj8<*MrMOq z<~Sv)L0xmwtAv`S{jiZnw{XrpRf68P zi7MSho5{Y5u^pifC#%G~4$1{-LZ%q)4D{qn%geh_Jc*LXOWkZwo;{nUW-&A{Nc(tq z^cIkI4_0xA3-3lb#|ReJJ=q)#`|Oo^tlIFl!o1FXTj?-R;*fAiwv>o_`<76@1pBE9i=N2T;ao+CC5ugbWnbz!DA^Si88RVB zV`6CdD`^?sAkfkJ;n}f46G;y8*@yZeHpMxFyB4$+2@Ve$LOuXS#|zk2E{DrTXb}7{ zlz40oQv{#|^eXD|QLS8gMWy8?|JhC6k*NATv=}axuRJwWJQMq*hVG2gEkU^(G^mfu zCMfQUiY} z4#+kM>Sc)Rd1xCfm7n+*A!~*5Hrg2gyilHREg*#Dh}!MtB)7W3^2+am{>c}?!Na5X zc#-d7Pd*6Q+YI|qeas21yp`%_n$i#)wSGC7#Ya^3$i^^uyLa>JqjrrN2stjz zsh`ThC?LT!WZy^7i~tj0N$r8-ZgTQ5s8b?mLqMOSaD>MO(S}7H{U*|NdA_T{A<1%K zfht7A@&F{=005Sj5_mLGfsXrErr044I1_c;Da@jx6$BJwt|1VL=aM<>(jFj=+!<*V z3EnyJsO9eWnx_4*Pk@Fsij(U~ulUAX&(&Cl-|c#SCc(7gY|rkZ1N-MYXw;_0^?u3M z-T8T&<2?IS9_5Ddn^nb@-^AsWbRO^DA+Y~NeEwR)kDPG_n%Crhu4W99aP;V=+i+g) zI!%}D;?nodH*emkKj0|fU3&I=68iwL)gi9KA9qiTmD*~tXiZOf4E9t|N8i%t(8*`a zqxyNj!D(B&cI^W5`|-1rjt7Ap>=PFchIrx#pa7oMgs!WT(|GQpNAK_1PD9ffdeIzq zxmgc0Z$LN|`rV{XfSTLvhhD5)?++0>$~n~Z1CO0l;JG-!BHg9Z&_1Ha%b2H)O3Ew!xU3EW!gbCEPzTRs%a@0P@?5Nj&IdlwekHDHQeP zjB*HuuTW(yv`QeB1GxJ+exC@C#Nt+hi|^k=KFh!(a55UOQECPSp_8LebhNH-+m?(E zZ7ASS*-b=lupJLk)gXE*(49rY(HtftAjjS*$*JhQN@?GCuhr$q<8~pBYX^<|C3SXe zvDAB>GbmN}$xYR}+t;-*jn6A)sN)?n0dNTD8fIJd6{DYNg-#zAOEu$}A8OZHTr?87 z?l84w)Ox^80Vz0Zii+=@U?IRNii(s|>qgKvj%z%Q;k2FtYRM_#uUTlPcEvQLJCak< zK95VniwEl7ouh5_-@o7aHrQ@}n|1u|!1wD^Rq4CYN+rxuAeawGi*dCd5q){&(f#aL zcX#*eS|HP$MI0hn53#XF-{>FxwME9%gH1AoXqzE-UDd}X1Z$#r(o(d=_!zq7C?VJF zL9vpbe_Ae7f@97E*X$RfYkuy!6)dPoJZk| zw3wEbwr2FzhbO9)^RI9}Io9xknu-%+-fiEx+p2V$_L{WTmW`c_Z!M6ag43(d}_X+P$$?2D8+6us4(-!Ghb6CK?Ygz5x(b2Iz_>Llz+iSqUa}*T*%ugL25u zUa+d|Z={x!)1o@?LWWffmK94-{VYMA1e%K!wfJ4!?enPaff$Sm%`ex%Hu60js^dB+ zo;<>9#k`X9FgBO?sUAo;-X`%oRlxP^heI(i#8$HJ476=^-(-M;F6gTWFeHXX4% zQAXgn-476VhDZKiMS0oku>k-YtaiWofO-+J8ecPCFQLmKZ4Ly;%~MlLp(m`5VraV% zN9VCXf*c8A%MD+ij5cWJtXrKAT|IAScLE^IioqEYf^7kEMhv)WVd9j2x>@7j$dr4) zk_25;DQj2n>!~_cCJe4)Dq0ghP+83$aC^m+FB&akRK6?B;Ry+o@2h6o+nZz^R3Z(f z&h$`PC|x>3*&M54%VQ#zpZ!ZO#9zXNPwMo2(_Y8b`1LwrN`ewIk68h!Xa8!~#0mhp zZychz*A6~xy-8H)fw6%f!o#I_6nCWM{kB?^%_?2}Pcr3i2TQv}r`TvBAslzt7|Y+n zGf+tPR{!{_Zy)ROzW>opDY*SeVYx zvqPNx#+_f%1dSb9+$2E5kHLlixHk40%Pu;)>bADw)gve^0aEjb^B^O~u-XF*Lqa(X6uIaYzd0I1Kn01thzbNb zd8btd2w;~2_#c5nylM`wx!2In{;Q-SBxuPYIJk4){?q6<06AtDB;eCP$D6PR1rw-i za-Oh)xDS^=NMHj?4Ycg9)H)VO$nnmV$~)#?lNY~NM3P0SigubV@^nmffQnYooMdzp z#})*-iF_7H1mNYLR#9Qff!W03rGt3p(6s>FwLAre5kny>!G*W@3C{*%^!&x2)L?_H zt(zlZkOKmHvGFlN2^yvw{-XCdF#th8+6X`3s$f(<40Hp+A0(}x6-^i90`JjhKyhh- zS!>{epj5DtFnNi`4$=m?Z4n6x-k{vCIyygmNc2*0wgTKGjHK-CGbNv^0pmt|h0p05 zGz>E{#lphE{NX$StzMiYGou|B=TLb=}62-#@9v@RNB{yuIpN z)1&!xULN|D7VR&XZ*jb$jI6;Zg9Gyiv@XqC>mIv(rN8^JRMyh&;EOz~{Gj^sSfgWY z>KzFLRVQ#~n$@H0vbBO%&-wQIySS0)zLNAA3^l0E5Jf$zKSGcMiwNivF<4Jd1OCCK zF~1o#YZ#dO@H6%uC9f`O+{XQOKkL2=#I5iB@sn8{l^LI3HP;2{HwZYWB{Uq^v&RYB z45X|@RaPhxqa{o@F!lFCRT~QZjc14I0Owr33||}1oQB^}Er}B$;}t*+NC44^Q?%>O zz^#F3ZvA7?!|WD;YBec!%S|!QH_>XI((u8sh=RQv-Ra5=yRvR9#b&iRJ~vBY>s2{b z`b2Sa^zJ8H%`I+tTwlM>f)npd!)sH}n(FE<>aA*3Q=|L;&pimtpX^0p_TTytk=fbpp>jwFwz(FtsT!M__95gp1mz%U zHC#k8&-}K8C7}bAz z8x^%Fqs_CuRbrNEH90jfhr!czYBDBFHyeV~;lPQt zMTnOpmHT5X@C3GYsB+N=8cO3!RN6>Q-4D0-wVF`d$L7Xz+l@`j2(@V(2Y+PThph;S zcG0^7LcQM%lVBzGwY(e?X)sXvNnYatB>#xCzJBDWo<63{n7m5D|Fj|`B&mNS+5Yc` zMmVR|3}6!Ss#4w8@N2HT>>R3CG*noD$cvF>Nc`XX4{Y{Qvvn}0ru{a1_&)4g2~(a%uLlkfBeti7535H zqql%x6RdBJy?eXf_YotGINY$tMjH8PwnI~h;Pb!{Vrrqad;Bvbnpo|}P9X?mJPiv3 zfCJCMQ9MH(q@kq03JEEYMoAboql9e;PFAq|x3Y-(poT@$it{AV38zei!2Nb+<_g$# zC@@&G0R+6Fq_puQdahunN7rp8%zTh??1%9jrtfePFSj7n@`IF0pkrUZ4$xUQ!9x|L z696-u_?u7OxIs_aby41p8?G2wj&0_>;(I7OU;(w~z=6K^{Q#<2Ja!BHdcTe#PJwc> zs9UQ#jxw0kt$za%c_1g~DH1FX!fTTFd z=mYc~xD3)eG8jwMsp>r(cfzeHOWa!ri*8iAa%!E6%K;h}n$x1_K|UuPj+nKz93Az_ zy&bXfh>%Tt+$)|m0n4h2pn!^Cn?8~L+eykKsAdrmG{DesBvjz03GSvs^8n7hoiO!8 zw(j#O4jv=#RG&!~q?&j8)Qf=TVUH()1cYc?fH!c*+`J1aWQFzhet#!XHZ~%*S*%;O zY{5XPm$Nekc6NScr6+h5m>wm}(Qudz+!bYJVM#;Ay{PNI$(*CHr3IQ+-?AMR8N_V` zp@W4bd12m;W|_+E#yUs>5dkp2wDbukc@bgGI2B$^46p*pIss&wbQ0D@U^HNoZ(WkIEVu*EWNLL>946ead%kW5>m>Y4 zR7*<>U|M-1-9xg3uHz)g`CnjAhbI)PdKZkDa)LbL>r00|{?cN{Dlrt~9~j8h!ob92 zcWO~XMWr0T2f&|AXubVz&r+#0-Al>)OxhV3#yW;aG^aQ2JtJwG6#{^B5{3q0b%uk( z!yq)R$Nd6l9GYKyAUs8Q5PCd&HV#KfVc}QE@`>pW^oIsVM*0Au9RNs&G|~blFDOL5 zVwmI^?lZC=`>ARfC1vFuG&H1>@XiCy*}1YfD)a6tk$(|I4PGjX0|$mKL^4wr4-d0Q z6EenoQJrC79;)iyp}OTPHO&Rn>Rbrv~>mFZyo?*HL6PFNW4zDb^xm!}4fuB4(8el_a5VbXnDTa*V|ri2_mf%ba*_*^Es`76t? z#yfmv3cv!ik9vOZ(sru3Er`c-@$AOESos@^qWUY43Zp&33#M#(Gg<^30s^#I>eN%Z z`{Am}rDkl9q|EU-vidfpqA&^kz9SwVq%0oaA0wsmH&gO7HDSp5q0SIr09t2%5Z{y( z9Wyg|>~r7wIlAotsuw`=XyRf2rXR(G5_duSqfmepPg@rb3Hi=#P z^XJ2u7;cCL!Uz&a)mJDs`iw$DtRBPrjJaVkF|r1Xb2a^KAiGWlT7A@Qk0J;9`xBi! zEHXt!MeLD4I8qV5=*Vj1nIts<^$-*7NORuA@mRpIQ{?l{co7vgkMHzma8W$~l|zI~ z)6_0XXvH0&JmWO3O7R*WMZma`7YH_3VVXJBDlwlvVHa02%4m;ZY_@Y4ONv?S{^yQF zgb-k;-?41&-VGYJ%g)aJq>&SXLINvzt}f2;-l?Ia`1mlyLyQW{Y!TbIH+Cz`?UDF= zADUivG)BzBn=iQ5?b@{q=Ty+lGB%N;uy%hq=#QXC9r|{KSc!XGju%x_c%W&%osEsK zY$8l4FTOguej%PAAwC{7%#xOtjE*fsmf|WcO-(R9yWc!HQsu1%^)FuuRuvT$7$xTY z__2co(?NK--8MGvfg)GQ*RO7HB?_6bXQQJ#3mPeMM|)J~gptXGz6hEdujc0sN#lJO|@w6U@A z=cFVKc6O;!MN=aqb^(Eejuu5>VPS0e$R8>Hz&Qp;Qch2=k4GYUMFFV~$PHlLt#RO9E5Oe$$Hgur zM3<%Rg*}TS3}0DGSNE)m3Aeboc-eA7aB%R%d?d~sUz2-x@16;-K2(){TJ?M+<&Wu! ziM5)j3k~`|XNC3Z}HB9gz@)m_{CT;=yAb6v^e0+QN z?CE^CaA)V~B{Req^zQIPp2I^|F0!DoaNQrTC9<)iuBmAy@&z1FdxeGRp)vLD9S1Ih zSR7=@g4XKw6%&1Z8TkE9NFDsM)(Q{fNJ%nk008C^6?GWl9j#%FQaQn6#||7h;sK<@ z-oc?NLlt*h@7wDll&WWuQQ~Ew4@PM)A`D{xOwP2Jp;F5O9}-M-RuTc|AUQm#vFce_ zS&8|wpyZIhi0VFmCxQ0*ouVqz^$iY|g}>57Q$Ya*WHhnfpb)R{UPVcXpz&hapSyI) z=lu^!^3jpOK|a;tXE0S`nWCUW@i|^aUh$S(9+dY7tQ~OJCAFv4aGE14d&y{MyM>pK zWy5{p{8nR|Dfi{FOhzrwiYG6b@`kE2TFSp3GU@UBVp=#)^O%9%1KD>xJmUapMeO@4e9)X$J%)e8IsGce9`PWAykZk|doShT!53Hm zI_>@(dFIvoa}WLV7W_W-_72UR|6C8hR~6jEyZO&6|N3$C_1}5O-|wN9UF-30FL!f4 zutxgdUS4?Cn-u;hp8fUXXV`hCEB|qMkGMzA282$!s%rBLjJP#XDmj zm5RI)x)R0b%SlUIA@wLq=C=()@AkPcoFvy!lnT*m8rLxP{N8ceZObi_sJ!N@6iXBL zYPV9h82Bmh^^{BsW;BqRs` znDBo3&*wMK^LV$}g+}|%LW$%`9vrLu(cFavF+_!l@yO2rLSXI8LAU?!d-F5%9Pwo- zqwr`D;0P&VL}dm>Mn1F?KnCRTW&hVJ&(j+0bzz7AagZ3MM8!jB^a8E5fL@AaId@7> z!>rw1Taw4Kp2#zQ-#DA{mI2gr?^4X1fFP(`bxulf9) z;r!XZA7SC1KaYo@5Y)40(a~H8$;5S#Mf7AobQjHfkY1ln3il0I^7;E3g__6SG$%c} zf4ob)_H}Z-qDZ{{c-yb*XXb6knl_9En>$)wV{ey=*)(hATed@+1~HsqjgyXxi0~nR zO)jY4v!o|+YWhEmQi%BbHg45^X~loiekxRV-8xrZTh&&PS4L(=;b~DX{QC5w1oy^% zmP)(nL&tLK%w>l52YUx>Z5xwkj7Y|bGlg<;3Vz&@7XC{Wf=l^fV`EgB<-!`8ybP5} zrWJ)u-?!aM4O@I^mAZyRAH%43z_2;pwwJW!uhm$%M+kMRw6t@yl2eRmX#wO@HPk@%8QJ1c3mCb>Rk`nk^ys*{P4!OUWRUr;C#Wf}po+uGSx4^8{~ z`;$65J9AOO5?Uxo{4|(LVf6?yIs!aUnv%9QwSZRv0Z-&2rD7DXp&{xd7dbSmio6+m zznyQQM~C=d@BG)xc--_8#)vTZ-}d6Cy|$!a?{cYkHQ zk*Q%1582-TN%h-x>7u-RqCT@L%X&Gw$3ETsRx$U5_?>9utDL2At=|31{n2qW^o*Bs z$KaLg^5v(u7YU-tN9-nrFknM7@GJMz`R>M`MD@dy-*U3tW-lAHFSWRrC2CYHFPm2rf zIUW1&%w5)H#2MKULVkV6>_+k91@FYZmdRga*^TCd{sFV=H@j2!ylEJ!O1<>k$H3#f z{{w5yLnNtSRR(WfXTD7WpOa7IIB8vs^z1z>L&SOew3HxPa6>gd)G_)xG^o&B8cTRZ z@po`b?L$exk9~(eI^hybr0xBfnLbnwq4GmD^4vzo#uZ@t0|a>!9X*;Bg;{-2bbzy> zthnMgJ2tlG_;ICqF$QP%J1qLVBTY%(I7`3(Xmx4WsG*ylr`h>LhLvc-K3)*TEq)dq zxItcQu_3`v*Fg7Md#ze(njNpLJ+q3p@YoLlvX)Dnq<5rTx9f06LQjhO<>)$>v(nep zuAjG-rzV+YPOM#Z93Dj}wtYA2`72s$c3-0+t=do1wcqbukC;C`J{j4W>o}s4_*_2c zW=Uh}lm4u@XH?Uze52C#%M_o#eBsa;Weu^vwTa6+`TJ!J*LUyez*+5D=lY0tJBwwz zE;+@PZZvaR)G%qcwY>bwLT$GN-HxA|6OwDR4RkKHJ-OgXNB^_S+Q#v@M=j@CwND~S z)%o>H%E^5V{Q1=n&9i4bCX%Ie?vA|L5-e`37{PKdCL+$}?&;4I$NGNMJSO&eVbTH2 zrGUW+N;(!lD5b=p2(qbp!YOt#boJ8_JM<|a;#2`#g_H|<=t{so^O!S))2sg1=X+c2 zC%-M>#fX7nHG{-3G@+et4@d6fqM}z-RWCt?M_O9CB1i=Kw}zlJ5eYB$6UbkO8P!2y z*w4ka#ubgGkfeJdG^<>8 zc6RV2ZAvj?L#lEB%x+*`hi^U)%Nd#}{hXZs+CaFnuj!R~QF~WOb_sBh)!AQ6t(ls8 zHCAV@v62U7Z|VLPpOs2^vAtCC_t_Z5@P;9qj#+MX$C=eHJlwve*CNNq?MBy*%?VT` z%st4iD5|gDg)lMy+j(})oc%Z3{C#0S>QBGBTHVr8UNXu}(dnLa9*=Lbba8azH?7zB zN=`@m8xni2N1$n6lJ4jg$KQv{U*z@Z>i@tSQlEIIYDtUQh}_(NDKM|#;;Q|r-dN>v z5zyWyYg$*ovYnT2`xYa7piJX2&5g@uW;~8sS89VlL_~Cwj)t_q(iPveo1HcIm#pkX zVUuQ--)BFhs?UV)k6kkh#Bq_ALhFyr7RhLe`4b`VtU5 zj{W=3Y}(_9ivV3`qNk^yvK1%zJzzr2&CQXX!&v>?Ik$E6MY{C6cbB0((v)n%boA&^ zEUF9df{N}1+fEb;kc+BI2NMUo4_sQC%kze3%ZG%l?x0>DHp${u@#*6R8P?T}m*Xx; z3hll({x-YstGV|M9~)3^6%>7HY8#z`tu|_Hzd|Zo9~&QraA0d}JiKw+mJON{wFY8~ zg*rR?*it(kf_ZH=lM32e`2>U`6T+PsdhnF5TzMqo9*K+h9r{Q5m0FQH&S>*P2J5mW+1 z`L3c8?IQ`x?%oavsiPW0sry-U-u{GP?IBgwg%RO8L!of#XNag2sLHWtP>r=(wU}6Z zF5&>q?@t{d0?ZdS+r3Mc*477sT>+_y`ed0JOW`r2&nPsl@O{{R!x5Wb)YLB~mUo#3 zod|6i&2$}B5gxA$j9c#M(uh<2u()BpoUG)v+&5u)_0Gl`$cpY)=Em|2viyw7!dsfpd^TVX?hcR-3DI#mTPLKKQp$4lv`WD?DTZP;th{Z{D;oY z^=3KMrH)5H%i)>Jh&3JYVLhtX;At|qu;I=gVb>WzMdTgdcb-;de6QD+x;STvs3POO zO?_fQsMt{N?AB`%vjbZr*bE}FV=`8S%-k5YVv|4AzEO1qKby3y^@S-niR> z9J~lT)6{Oy6DY+`#x+brY-L)dufN4WOY0P@6Ts0$FPKX<=22=Z;u2xf0V7&~FOV>l zM|4oAU_9rveQazhtgmp>%1nd)*u;2m_iV?o@TyeJHf%>NS4zN9z4d}O}+Dy#kPO(Av@@~wQc2c+lby+dEs%wAr~ zl_I&woTd2OH$cXEIAqGNe7ci>9{nl*Ff8XCptOwLSL8#RV{KZ=~)7$#k`_VYkU2R6vu-Fds6Y@E50hx}b%NtAy0 z(oJFza9m5x9d_$tF#O4>DDM9yk~@ zYpq|E!qA z_$jx!c{eD4faV)BX3LUP2^J1Iczpo*6&?ylE~tpTy0(05VQwy{{+5c{YEjjq<`k^Y zVXK1v&JJ2K^SXxoe8S=b3tdWEJ511bh4H$)yjPc@*%=vmo}_~^2k7uYY^DaLGBaa0 zUcAO$?D3tSPxDZL@ljdwQxml;v4tYX-boK$nZ7e38uiOB4*WR1RqV$ZWz`Q6nTCq` z3j8=ZG`!5SZuR=r-5bkKmpZOwbYDyTjY8t_=vNK&SFYAnI&V^UNpDtd@9*>UJf+qE zO?}}Gd+$Kg^i4Q@Mdl0d$-ld*WwmKT)AHR}J}cIb`lg8jHK*g2ZZ|j|aQ*^b0L`pc zr0i;&l-ES#wW_b#oA*+R842h((vO}(y`=CbUvx>0{oR&9k4U%a=w|b0y9L)s1O0v~ zCs;0>l!_Z*G2#-s!nV8_l1+l=!PL^5>DrZr-|eKkwyqPMV*}2gR@c ze?Tq@_l!4kcYjs2lFWI{Y^7dKo+-4?wz1m#{($r=lfaeZWM-9BtAnRlw^=w5R{%O7 z_ZNhbdXBb0EX~|w)u~M~CW+C?PwzwB$MWQDDi^PP;=aTu^uqM*UtmwFdTCoGv0k<- zaNb`^K3--Nc=MI=eKq5RcFoi`z52_&0=1lUS+)hbE$<^GS3+_evx8ZK)#W(-%{2<0qV&gW@fqPjUIW|KdsQ6^(H4i*2qcRk#wQREK)|m z+J29fVxNyf{bZbwK|~)LMd!DUsy!7gPfAw2D`-=SyZUaIKlou7vfN|0tBs~K@kMr` z_4HV2-w}z9*LIc5>0EqI2gB_dP0gh2Zcrb#d6&5`O?~(7AZd)nw8}Ckz@wk{1piac z42 zS0^sqOq(RhFB|R?dSKHevz^8k?q)63sYmjjT!f8>sXUNPZTH@3$_HR7N^;% zxNb(Kp5h1bhBLeTx`kU=)#5_Ttl8FSUQHGL=pEy9@a+9HpS4E!j$HD%RhfEnx3Xws zh~+vi0V*p+J*C$MKA*Ci`>e9t?mZuFk|Cv9>usIwIR3Kvy;c42;oN&4sNy;#S*oydcqUH`*fs^- zyrg5aLD*|ckF|gd=cGnf;Mf=_iQ_5*u!!=t`rIb&{Fn^o!rM%o@}U9~Og>f)Bg z>n9dQBWJnTi_MP5bu`?dA666BZ;iC9>qtvJ^%o>$K7Ec7h@RV;s`?*W2et&oGzWMU zH@cas@sKuLh~6}FcfYoa0Eh4NnfdhZ%}w7tgRX|ztCAWul)rItS^a1VFDO)!^^&WS zVG;U6%V+tf_xGaK zXU?77EPTeR)7S33_Itj*8$1rOc)P^?-+KF`k9UoV`oz;d({GFGmuxAHQmo1g@w8u< z6WeDWv}WVyud2Xco0oni+dmNSV6!d(4ooO67LFqJ{1BzfS#V-}h6V zlEM3jyPV3awBmKwXxXut=9d;#xA`dQ7;2xnAi z>WtEmz13Tj!Y5Iv7GTZkZjS9tTad|nHM;Tj&C@BdukP7x9{63&XJ<@eQqOeG*uh>M z8ZMdtHhEX$&DUBHisRoBww!k~*p3@@y>GcTTZ)dv9Q$FzoAfW&HysFB$axe{db2^- zIHJ#MvgFJ7yR*OT79}Jc>{&^E?;SeKzoby^Nl1N}T$yd0m*`xw==){-)*kb#sq~6{ zyTj~*qfCw2qf>t-P75X9i|3f+Rn*%}ym!_1j^9hI!EXL_PE+|7B+-m}zfaW8nssK)-7JIq~~( z2^zzVRb6GaBRS?fuSis8E@T*pt*jh4rq6spB+E^*o!@hlR><+ttz{;Sb{n0R;&+?c ztX#y4_dnsw7CWvlC@1yFX3*V7AXesHeDFO)ANivlt!C=I@(Ysd1_nm9ECg>>vbsCu zWAk{D!K2sH<&L9}h)2FolGyCvu?kt)xy7s}ktXHx6k(EVpLDD8bOe*F_>VOP&+*E8 z)EOQd;reMDO6aKRTvPTF9i$pMfP6|)m z71NllQTdIl=M2a1Zy92`uY6d2H%m}^TKVnJ%&f4rdv}p$FJ<#Tc>bU>@b$u6@>jCq zn%<;u%rOT0np5I5irBA9&X~*%$2wO$oh~TO_obFt;l?oKru{#jm7>2PQ)Ym)vMSVoN*M9lJ+g(1qIIpb|%P*Pm z;bGs*(aw^-YEl}<_1iHO0Yc58n({JMJ$@5EOZ%!3l$Iu2#A^kUy7BHxZ`q(%2X!aB zd^7No^bHfK`5X&MMODwLO};bHo*ndK{;}D!dsxgRt=oC7YT@oX4H=U2nh@3OfUpVC z$IVKY+Zv0#%Y}m#<@C%su2aQ4u!|e}hYP?Eb$$ORm&DM5a&yLE&Nv+fCoY^WKWgiX z+%+PeBkibUWtq)PejIG0+t{Ln@=qxt!>ME?Vf^9jkm|pm%;FzILRbsx+TGC00hriJ zgb>{b#c1?MvX1Dc+?$>lpkMT@63Ax`pzXE4IjcWDWK?=MO>o)d*%qt*(2IH&1NT`{ zvc`Oaj+|EIsF7Y6TM9c*p-1kMn0+VsVwZDqD19-XzH#oGmeK#rckAz=@B8)1fkIN) z)hJ#8fs9+d4(W>wC#dTLgqs5l-g@4!Cr3O<#8G&POWTE(x2XfG$XU)&di(#C=U!#R=~QU*@}Eu}MbMKkyNxWbCD!*{Wz0EgWb!!p9iw5= zg#fFTh|6Kisu322P7N5AsF9cCrX$*A{9nuI62TEdlM6!<-eok}Bu;K_bn_{k@YI07 z0U;s*L*j)%F~ne?u9W|EpyU&p9@O^s_7FtkBDgy@Z>~Wvr!moh*3r=sLpPvcZzHIS z&~y1v=P>F9y`wKFDX%E@xX?Je7z}4YIIw+G zwX&k(Ok~Yl#b}T(DNaV#tkE=XrPqc)&puw>JKyV4&}w}{fWZfYXtX=Wr=|*PYG|Dx z4vdkIe4oRS!e^m^F$7-JI?SN&8l=>dsVSoK}vR6~Do zBbOx=b(`30z6YkD%SR+fJ&Utq?yTW%D&wbyn=?11y$we4arODlQUAzZ&@P%a_-7?`0D7 ztk+oYchQMZ6c{e`iZU>idH0YzuJuWMbI>CmN7=3~%>pBfVNCl{bx-qdv+}DwmXyGr z;*&$3rXX#)!cJtrNMCCOlfP)&v4)y`)4dQOOwJL0k@&E?b+u2F6y&P(W#!R{+lE6w zAHQSM($dS<*-|X9x0ZsIot@vE>%MN0oM*!^iqAvOiXwV^<1PBvge=sZG2GoU*T!Tt z-!)z2AGlj!NcJJ4YWd!gond)r~H7(Wi$>CZtm9nvz*Td;e**Q9UfFBhH z`BQ6AzlvpV#4hL47&^fe&GLweeue)7Z*Ok}&(x97Dq_YL-Ba{^3uKO=PL`IJ*I;&$rh~jH4z39x@*M!AYoi>5w}XvgmOcL%~BPc&LkEj%&bsCkc5XBG-e$%=nv$X`bhVin$mC;=GVF9+*4+&7YuU4-h!|ynt>RUg~oG zDYPh}NGKe}njLDYnYQj^jV?lo=WHn*&d1l+Hu}St-!yc`;}YHzB%yTft>^kJYHVW1CVZWv=m=g*xRc$IgrtUr`o z2}TiEt%>}@1mzFpLadYtEQFetmWyDjVpv=glK^Oz3Bz)N9ubuUPM@zy^=&~y6c(}} zBruH*adV#yufB}25OAk}&SMZxrc{vjry&9=h-85f3?($B0EVK`<`WdCZ{D_^Av`P$ zT31)sdSJ{ATqjQIF3j=}3}&d<;3OuxH^g|Fb=y7qnVA{rVuTW=FLwv8_PX4JkU0=V zti6eP6|?O-ce;RVV3_n8TL}GE*9-5oF_uSA5KoMxI-|p80Va&!k(&rRe7G2WtpbOL zNB~|8yqo0Hc`%n=!~OyO0wG&RLX&nwD0xL>wu78Av5XeuE^cKEMuB*|{*!9jOZX7) z@V&sHpG4De*!RL&$gCjT6IeO^98kJ<+8}Vyd}rEPL3UhEN%2A9@@twrcFPi)!R|up z#qw11OC%EH`(IHD>+Klqu9%RloF8xJ&r0RVW#}qm>WJ7O5yqpLI(m6MK!wQl3?|%* z51%YvjJ83n61BVQ&oFy0YkcUi)(3^L;*V|i*+TRkT{EBV8?H%_-=<@8_3>3=^{&jD z?B+`D|54Xg{^BF$`!luzBJn)A#}DT-IZYe5R;G7ECWn7~>zk6@CMByA$e&u4f8Jqs zaaGw{8o8lL{I<#V@Pq)yp_1m>waLBAT8f|8%-^!^ALib-a?6SDaMni28+Kv#YKO!W z%R91LH#t2D*aV~sx#+%x)cDbxx&Kk3nsl^3>^82FIE~ES~ z!D4BTZFdV=YyHJHcwK90J$f)PHNAoMztE2djD9SEWX}t$9LORRZ z@ndCyR;OiX_%tO&7)iy2)mtEbV+q4uqs{u7mRX#ALs{8Vj8N2k|Nh3OcW^Lj-7vUr zzBX{pg`%Z5x`jwUK=DyhQVN=NL<$3a9;xfsedAe3)6>(;aPkJX2RJ%9K=AJXzg6mN zk(Wa@xcZz!le4q<0xD6o=!SEnVF?M2!>hi2ew>pa)1oU1dBifWR{#U{$tiQKIF1S? zXW0rfnsroRIg&KBKCaPB%@QJ=m|Soa0OmFLYw&uu2FkaUABL^W#^YA?JJ?1xowTs6 zW^70?m0uGqE~@86rCH!^J*6uXQt^wa>xZ?*YxT?9PF{h-DHXR;fYF^F%7=9ogc2vZ ziZ6+#-$f+8I_Y(#tx?)1P9WLu{iUa4`I=4BdwfVk|07e&SI*en{vPY)w#P4* ze(Zaxp1LcubnNZn*@jY3SYg7vX!&o9f$8kG!!EmBBol1y&;-2?>m9$r3uDgprJRdd`2 zS5o4doO}%I;e~gt9~C%_O-vTo(~x&xz8pZwc$fRh$7u;B>jlc;sBG-Xjq zxY%=R*NtEt5FkE6=VJl`2;DtBh2VzZs6wKW)RC~?=`Sw(g&mbVY0v%aAkLGTmKL0x z4U%}!c+*U+z+%)X0hiR~Dt*lDLeiF&k@38(t*CJ89cTW=_XDHp%;x)Hp8?)DEd#?j z2ZyYe$_{Vw=!((TD8MNjbNBQj_d9& z&_E~IV*|h*V`Oo1v7k6W0c>dft59jZ&Y!84Uk^pZ?|9+hh7> zNeOzhr$$0{6$P0)gzK9gmzlgxLJAu~tdUm5<$uE8SpFjaOs9fB3qqbYLmh#yb zz7vyWa_tn(Nj4o@mj4|UT8#hlQhtW4qGI;`1fxR-^ENEBKbLcn-o=t{%5yWa$tj{NZ=5E?m%zvBe}?K zwC^E?^)t*&8e)}S5)&1qwJ~n=4#Rznn=rBm+rEt$tl?wW3d-lqVytpZaaq}BjOQdI zSmp>eYh1l~^9j2DoW7gUUBxhzXz(^JF0Q4eB_d~mh|Nh2vb&s|+y&({8g0#H4BFvL zDsz%U=a8_?FliPXJg0mB+paI0wk*5uHSkJ+(KfX=iGeLMru8`O$^D zmX$oCGA06yXXy&((g*~6@+SWw`GDQs1>!Z~r6Q`2{Z*0(`801=yPQw(?Virk--Q5FBj}h99?SKmlW)6F z*>!>W_mOcc*3&;}*)+a?5mBrW{x!9rltmikYzVjzHMdXcR{G+*Sn;VLIwIy zV)BZ=FGhPStHWh{AIOuBV$_3c$k+V*(`0K_8AdAW|l23|}|@Kb(DcIM)CF@2w$~ zQfU|=4OB8Ko06ogq-fZRkiEAiid4$Z3`q#d-YW^o%Ff<<@AG);`@7CLzw4aqI@kH9 z&xo7*e!s@^`FyN-E`b+beD~frg$ex?{nbRLDXfb(i#|J%v&OQ%G-m7&A|nk( z0t5%B=DCo^hsq0N5C|yTARC7#ltRpP^sZdClij>N`w(LE=|-##7=wvPNd;|f!Eju? z=LCaT_{e3=HW|z>E}GTI^35#e1P0PW7u|`Pm5?|Cut)ailZ1qXgKVa0Ve@h);vB%N0*wU@P((Q&Sfpxrv*FWr~T{4Idy|~bv}oX%h&Mw z;J0`+#ucsHNn1(3Bj({joI|VdbRa0-IA?{k_#K0%zW=IfazRs*lmtI_Em8(Ub-yl07!cRaaA&xGXC~#bUF2 zP~ZGk!^~7~Id~q;F`;XblLMpL!@}3ATJGycJylyU`sUH|O6@iwShw=9=?=yy*j@zSi9z25#q*w#VH|BDL2?fek-T|r67v*=*ED<`@RVkm=5 zB+;S%cjz+sA(zO4r1aXYf3HL-{(B1{UErn|L2C4=6(g^iHXEj1 z?pdD*Q);})2S-`!7bHn^7E8-e!;VAqztU-jo&wSvc+7oCN)nu^cyil_mHaUrhM{Gz zKOcmnWty z1sPIXt>|$Np=ZLf=k$8Ah@uD1b#CaJP=^rFl~9o0bAt4ma6iGkfZ+3^P)1eiY^sK0 z9EB1uNRu`;HpDOha_P5bhEQ-NCMt+VM@2!2R|p0ATRl*R2#qYED}`9IV{q_?s&(r{ zIJ%MuH~UznxItw#1B0PkbC#eC;W(GLrSngu*@2P|CnY$rZ@eG4B!BrrIs_?GwwiO3 zL!1&JW%bA83a?Ir#*52waoXvY*ZM=#(s%=c3l@$igje2>pOesPy&G6tsB$*3v@C9I zCEV!L zG=>GemGBfL`pqk^ z?pKFjB;n)=QceenhVbTxR4yneh=_fJSk}yJhso`@{m|-wCoO={AUc$5$Nw!xW?DjJ zL+%L&9>V++F49ox{jk8e2hRlmSquUjlAv&fRNksbbQ_#5wPB~@02TY6KYs|;E37r) zvxt(K2SP`13ri6PM-ala6JUCAU`?C*MlW)T!`E(=+-JptJQ4 zz141otLLtsyS{1Qo`!~wlXEERd4=lxhi$TvIa(0p6vFFjuHKh1CIpHvj5ykUC8B#H za!(LMS9CHVYeQ&!7fckC0?%;X`Q`y9jgH~rmdF`KVVhU*)d6xqSoq^^)`FhZ%yh;C zW-s9VZ9t2DfMK+wcdY!fdK)}99mWM_Bx6Q$T=;8Xtnbc97c3E35p zVT?~q5N#UlfMERnFOz`m)tfirI#<*d*KXIKMRk70j0FEzLKH>Yx%_x{8Y zPIu1GspXcx^*tEL1}@&h&dS?I`)sG{#)}Fle6t3fFsHL#@XPqoVM1cqQu6woVwLqk z7VFWYSFc?wz`z2nwC|(zmrIf**INIuZ#JdBaps#@Sk7ka2(NqP6V3# z)}xr>zH;9Be7lD6@h8onH=nY~ys%B&jZr+h?(c8!mwj^fCLp3!Tdo?}Ew@gqW_bN@ zoUJdbtR(+S>?hFTV3%r5bM)Bh(|hkTxe%mQ=u#0p1Y4elAgh?hS*%7I1S=wU2!li> z7pIj)vcH|3;&?}pw@;6@E*J$BYfWzVq zerp&Mp@&GGF8rrfx&BXsXY>oM3Gu@fsQ0L5M9;R8xD|YSafSv(ER{Z3+!5ePV0=u=$142jTI7?{80NnqIo? zgnyylz5BeWDUsoqmS!e|7F5NoB_8_WM^45eB|exLCoR+Jxa)g4G1Zff8QZG8`%iCs*n3A=%wBg+&#G6M zoAvms;}cHm&W?(5F}TgE(~($BCNE!ga&@LCD$Kej5x4NX9frgnX#Uhkd@iUQ$8iLN zX53Y58Ezg#jt&f)Ho&9%7$>LvHYti~!*yBTleFjRYl{u=)KQ-pv%2@_2k}b%$KfbK zcsKk>e2jtf@mH~67k4F=G8XD2PgGxGn!q?5gG<8r?5UTR*WOpV!ka;R_zw-u?amLN zJg5ME#VT_i+&OUauRg#4LJ-*2)3~eu(9b6a~+?Z_1UmT+=5>4_=fe$4S#e7 zzV`JkB|M-B{VDvjY~UqFEK#J9T;msaGrI6UwVFkIN8uC-J854`&~ey358t(S@6pXi zp7blNgW5zL)&3oN8M3r20LtXu@QEi=bHk`-VneAw>1_2|GUETZiR-o4lF-W7KizleOb&W*GSjVh5G z)HnE;5bIsAi|<~0@99DPPg0ELRKcP-D*V>ZezrD~QFuN-#^V$!I99!qd0a@f=+{=o z82nX%_9a2p=;#EovIthGj<(HmJ$*^mOZ#(XismA@jJOS?x0kPtA8ub-NcdI$*EW31 zkPlf2tfP4y7cIcY?WWwuJW2ztHJU;af-Mjgk0OT*t!6n6_(t^Wkj8_>Y?&_VxVUTg z?tI`D{=&9A2pA{4j3M{>4J8sBpf|ojmG{ z`z7@xou186BQ?|W9N9~fom!_=xhoorU1Br0kYr~p;e9Nl!?)Ly+&lKxwy~YR{%A#f z$=WT?x5Agh$@;R-gnejN@_zOV?H_&fuVu9MkYDz93(UO~{5>)%=@Hq5OJpWCb5?YN z`m}A}($kl(t}M}tIXNs9 z{+{T9IS?YP@6qzJV#Jw5r}aSpA~TBC~M2Ul4rH$a|lQ`!V^(SLP<19Anf>XRl`OR0s}OHo6fMnr2t zdWLrA@4!HrBMRnLnNSpezybs;2lwJ-plL$-6@?29@tz;=RMJeyV(YG4yY_~T-DS47 z68I}3QZ-N0`9n~0^vh5h0d z9GHNj-ZO#C1EA>RY-}13?q1^pP5Hp>rLs#|tGPnbf;GTo~&tKML zychj~!hP5^v#+6ju!GZiVLNGyT-__@oZau09`z_I8t5Gp$$kEQ;obE!-#&#zw6FBfjNJMiSseW*vBUg!Kp=O3%GR+15gbb)&N-5k zL6DAvf*zjfe1@YV87 zq47}xaWMvISDhGFio5o=%G<~|Z!=387iymm5s}2k z2dI`dA~~ao$Tt zjvF>^T$u23hBHJ&SlIdZR@40ogqJQfjWF!!Noi0cB01Eu?TA!4Sbh-gFRmB@mxB>1 z5mWN@_Q;tA`!d*CBK(z-N@RN1?KmH_^cb?x@|%R($*3FI*^1zjCL9KE_7V0#P~!ND zIg9=)O#@J`SLZrAqfGB^K3rrN#kLLS#Dk`sAD z)Ic4fRzA?w%aKrZ-|XIen*BJ{wi4X7jm~YI_e-4KJo5~XNql`~EVsNiooW}|?u*Hh z?(#}GF&y-KT<%?$cpfBnKNzg4dg^~Q9k6I3PlCw;VL_0lFias*eubD)}aCM_c zMa6!(-oB*%OtIltwCYG(;T?ruoAlR4iDhe<`rWX5 zBkhGhjZc*{Ha?{;O}aIepD8?9yGMmma_4AMeq&9s@bvp=)89jlNu#{qqT)3NgSKR- z%*HS|OO1Uo(c!rH1PN&6eIaF=+ji)s2zKsK?pcxb#-+u?dIm}p&2`Xt>uBnIWgok3_G{Lhe;tY5Vastzo?oA z;#fg7I|*rSL`}+p_Q=)WBxw5TD5Wq(LbZ}^(y<}iZidJ#K{0H(nD=la`qLh)Rgh2A z%(F=-)T3Z{3CHEM3%N#^o?v3P3(hBnD_@SWvc?WQhr1Dey`rM8?c*4yOu$qoDG4kD z@fLAcDyClC&Vyrclhm)#Pj2);dkrHtfPI%Ww=x&04qBMn=gM`l$dYM{f9c@QOq0rY zqt{7Jsb)R#?9C(LPbYuG@GCzLPoE(x!4Y*(#Bt>O^TEJolfR)KliYo4wi(GY>^8Cb z-TApj!>nG*Dn0u~o4)kPod<`7ZdJr=m*vZHNUp0~RjjMM)g0;^&nbA{MrLL^fWPQnHi$n74VqhJ7}d z6DjkoacE)=qj%#^ckRYaGoz0iFp_kv8srR9jLJH6i%UoTFQ z5o7SQ{6U%7Fv>G|AL|6T9hQ%t`O82{UsVZ*1*NxLBSWR`K@T2X5I3Fbx0{U$bY;zV zEclMus<_#by;a6g8jP2Pvg-l$chKy8^TUpzlPK2Agg#@2n}80+ngl54ns z`p?L$fl)I49!_86Jsj4@^A>t61rLrGo5K5tjh+1{C+FA;>d>0%-@iAQRLlg6IS1oz z#GNJdlc?q3l(;aQJeztLofcdj!^`j8=kXUDeo_60d*)7Tom#5QlU;nh`i@*12!9Nu zwSkw1MTeg5@6fEg#H^*WnAGYq}$Twze+GaYgX7dPaK&4dvHw zx9fU)VE1#?EB}7M<%F>>PSuVVi&>Mb%}?y>yHY(E^x<6m`G!`iJj@Ic(L{unV~AN! zB+S5d#~gQ*0H%Siwz09X+;pD(Gj{Cz%ViC#kY4@k7ZSuTCgk#5oV{&)2DW4a1dYRy z4pv>*`)E#CgKZuW$&{G2ecX77?YTH?8__`nrJX_q!z4zmokK$}!r2%eJ%$O2S@Cw$ zEe1wLEI3VwtSC$b^z~0<+t2yPl*E42yYZ#zgS+o85%BdT7}YZ=00S-BB@5m(g}TQ%F70`yyQ z-oC17%;TB3d}01?yE7}ZEybC-cMOZqhOe{EjEOoPY4m|vMUr_pV}(}9@=Mjwx(2Jy z2O5-=HPiSDGV;5BJh9iMuFb5HRi%>jK3U zi8dAVMm+3G;F&>18r?Tj^9@J}kv|QZ#vt1tP$q!5s99(0B-6qjfS4YjU>Io47cW4S+gJfX*Lh~4nBpp8%V(>jn?6H~tgs8_lbG|$veM_Ucch}7+f`|!kmPy0|W zPhBs|me;DcODmUWMR7ZR)YHFbuXgORV+(CvRUn0!qVJN%*Kc2c{eBQ;eP4a=#r&q< z1!c=!n>NjC2$i=v+FVnwaNFX!TA1e7(|5k-eBNrDAgW1N;i7TX>fB-(aK06G9g@`= z7M8`A6G|JzTzHRNBo*zHx!da8e#Gc152IRJZA0A~Z`)U)$X*}?^I4D1#wO88vbpAvBaEsq_>~X%(E)qkd{}y*Q_X`Quy*KNb1L)`nYErZJ zX{?=x`+SCbjQIhCQJ|QuRl3n>n;0`U~Aq7t?IQ{p)!+hIa+%^Xneo*?W;$P%xv=t&-0G z?)gN@8}b5Z;p~c$8}O&JQ8SFP37dKFqu^tQ=BBu+$_q0#YuoJqpb=}UbGZ(4neAYd zKL#WMLb>4kmthxNKamx~xXu@}Llby#VpKoSkkGzwMQ|H)j+5_P{-0=hCX}CuXO+0* zJYfZ@kRNKTolK%X|K?AAlR?|dlH4njmpB}ewN{^d{M7LdzTCAV#w$aXlP?*(3wHBW zw3csKQ)3R|Je6+nvauqxt6G8C}C*q74Ty_$?vC5 zRK=aV*&Rb)zJ1j&JHxB-{VLC#!)^-2y-(8~ULJ1Cczv;bNg=vf?_+{?&7hYa!Zolk zQ0NZ7wI`#X7_Imd!z;DYzw!2+xc;CZDO!=2I1dss*EYUUoFC3krR6g$vFw|fpb9m% zU_Yt8b`p)RvB;`psAFh=Nb^}c6nR37yYhv^H!_!SfKi}a%m@{0J&>n z<&rUbsb*?K-GJLmre6bW_3st-K8-PFM2#6MVAoHojPxASjcF#U zL3@i*;@1$WS<079eKt^b$Kh}DlI_r})cQHh; zX3w(Udm5WNUVRRa_r=OCy6p>Ry=_`fzaML2~k$QwP~U zl~fJ?{FM`|z9hO|^~?BLeecHcakn-Px8=e2JXv2yH?f`!u(8wnBdg10RYG=9>`qnX z@`;_kwc%{zxx5jh&kc_A3B4G;u*ENRej-rqlB4RWF^;wEUZ)mpU2~}0Rc2XPDgx|l zWJ8~(y|bWudTuH%HY7WF>9o*Pte^MZ?{DW5as%UxeDnXnj8ajt#;~F&x$yzw3Oawd zs(HH;z)704~TM7vg$o8#22N;Z7gMT^ms(6>I97A4>>B*Oxfx$Z+zNo$6cL9b#WU!km&G^m*t-{dRJ$ZpQ=UCrhqc`n4Y^A6;mm=+D@Tw zpFWwOjmC^dbTl|t&bd2=N&5VD(?B>2|L5DpTTTgkjM$#-v$v59-6ihu{(pMXVIr(q zyYXs!3(He{mZ@&*?sINNALnZ?U+X+PKQR~IraS&3*T%<$iT9+Mv+Oo(>nCa7SG35r zwO`0?yMWpL?)Q5iV!&!@el{{LA}S-mw%xAZpxw&A;G|_r%Jmy+uc%FZ%f#MXo^bCX zp@;WQ<~3qedouf?xTZ9rP}otMn!;-!f#Z&8{M$E=9O(38i9J}XQP3>r^6`npX}XGi z-%1RDOS{TI#~n;Ge}B z5@TAS=`jzt-_woBxmx-CIB&I(wW!AVj>L!{VW+($)@;TDk71+6LZ@%=%cA3UOlT%;msA$c#nf~Rj*^`-SEM$KQ$j;&VJAX&G5!LvLfwMpg6HwiX`AS6a^v5ZmuPmi zy&&tzp0EELbMQ}c-~s0au_sG@3qA5qA1asX#nf3_N`HD&iMT|@xUbpvZlQd+m6f9? zL{IzK#A>tgHRU^n+U)_Qjl7Y=&F|#Wy!>xbOK!xBb-uiullw4pfS+2<&mgYn40q1P z3^_mOSUD;=tBJfV8CroS{TfWY?LzM1-cOf1OT~^dpLPo~ef{}n&Tv4fMfW(f)+5K- zkqzCwcX_p!r8>ozZ7uRuZU;n8Ee5mmvp;$};Z1vHL{!Ct1>DNh^>vnl#up4d=~O%z z{eJq{_wi^=QkGQuT|&sxkWqQD#-`9itlKkJet0k?yRsIt$Z7v6(wpD32?_GlRbSj| zr2M%q%J~qJc?l}kbyGu;wzbuHJ*x+e5(S|W&%Ed=CWaqa$O-m}rO~+Th%u-OEqi8Z zK=L~?Mz*@z5a}>K+H7OLWK#8Z;B;*RoHZ_j=X~4H{s>9k*|}HjtDk*T>-IeLwfQ{> ztIoNFxa-rY*gt&u=*D{BROq-wPKMZ-x*HBl4+UssNYX}<~odb0Pk-OQ@S?(A6`3fx zJ^||t3KA;e=~4Qp;cO#RkLY&T9q=78Dje=`Pjx=zQ$j9xp!+h$xWtm!`A^%%m=N`8 zn@bF@?o?cHdr8ypM^nY2R|-OpzPzjRD$$s8_sU|Ta}~!=9X=L0|B_Xa%%;A}GQFvs zE4vRo#+dUtEEL-pI`({fAazXm@Ecz>Lneu0RLPa}Yv*F?CV#ZAKCHfbIL(@ZbFJO@ z=G;K(^0@9=#Ar>{W~#|fCiQ!*(M(g*T~yk7`dTx+3{Ngea62!G9BfJT)xPAlhjDjZ zq_%L7smr5f;VegoKWTg$m6ds4^i^mz%*L6KO<#Rl`tqvHFvTxMHV@f@kMjT6x+KPg zF_Jjf&XJO4M?Wn8)U#Z~9^&>>Nys=ASRr{`{P4TJDpMXl*U(=k0%Yqbt@yEZO|Gqw!&YaCp;wlcdz;Jmej3t-4UcOz zwC=Y{k?82@G8{ajU%VibViY`>+(_Wb+&V!)%Zxw!^-F3Rm?C0PLRFS!Y2Qq!XK(Ac zzc!{76`$Y#JT~)^@1okKFU^Li-zc{2h>olKQPy(s^le*@f6~H{Q9sHOX<17=V+++= zhTAQDlpI=vCQb{MInJKgFEV@dbu~A;pK7hS$~=kD{XiwUWIqV_v^dw+JVIW34i zxE1oFvE~@*XU-Z~s7NNaVV|f^&a_ayQ_^!^b%)^O$Y|S%p2+t`rKa3&+C1r#ea@fz zxlVnwmU3W+S; zZWH-t-f1l>O-Dxt<}gim#})OTs$X6ePwBkQF_d0nx~gh_C}CClvHtwRmcJbX7iBH? ziLS05rIgte8k0EjZHtY)Dy0TvQ?8fJi_HffKg7VZ+_#(KuL(aASxJ95SDghyTn=5? zHpwQWDx)Dq6D;b)mvTz?z((fXEBx;QFO<1=U7K%+<=43MSh&mTQoP(QdXwW{?)z>S z_&vkXus9NB`sc&e@LeKqTGk{vkzO0P+hRM5v}J2w`jsiq7N*&upZnbLNN#_#$?D@5 z3*CitALC+rAG$Is1$v6EO@& z)7Q!BefA4%UEhcsUakAQv}}I%^58|IN(E7sg|lbQ)Un$QUuJabv>%*iF1+-2v}3D7 zwJ_Zw)A3y=PI8WyZ5cD|zDiEbBCi;DX=#38B3XT9zt|e-W#7SK4KC97$}zDXU(QuV zCUr5|OoKk0K&d}{}UR~O@SX`o@;1ukVcSvoeG`FXFPUBR?eqfaM z4O2QtdkXV9w7Jx?UJ7}0S?ulLo}f`}{c`$@mZ4t$U8@M?o0|l)bIP0R27>zOsX1By zRf8YjLR(@i?Ar>^C*^hzLH;oOP<`LT$|~p7kkNz0#O~||Gjn=doqozuX2q47=j1=H zvoZ*XGi?6)@X~>w$D*8thrV4-)?&^%&XT>K^Fo#0iQ1MH_EwU6<}1Wr z)2-&j`T3nw_K_J~dRIU5JA*pt^Zm{Ncg>ZoF9QeZlv?fBts|Qji5&_ud0R&PVkIDWeck*`?F3HOq;2xS`l%C>q+M%23!9^vpJBs3(Xovx3u z7IqFn?G(Q^CoLWvL!?oZAhbN^^#~KN7_gasxW8KTudT{CZ*6#)3CVd7lo+#Ph=0Ym z*PQ<#XyZ^VufE&hq1qa}tMxLFN=(fdR$Y+l(%I25kuvIvZUGSnFxOt#NL1-=&4(ea z0}X_PiQWrn>X6f?9IXs&vtdYR2ZbbZixEyPC%2Pu+axr7@Lj|hsP-Nm9UYV`o}2a+ z?`U8KH^xjl@VF-Cz1Yb2x!KnOLR82iBEe2VCKA}wQ>XUO7W@|% zptqv1v5^)bDe%_j2eO3lvWV*M;QH}9uL^^Im#>qo0CP{!di;6rU5OqN!{j3xwv>uo&p0UQS(DMj=AWTjn86&Jh!QCe2SfD4tQxQYW+WPuyAb^7a*3jUK zaRuT!$e?{E91vd=KY}y_krad0>Ch(P=Tz6%KP&7Al@Adm(oxL&Fl;kAc%5RpUHLO-$A>;!ilt>~cvZ#O`BA1Wgwu17)@GaeO$qE!840@4(vxkO; zjWxm*!M4m`6(S{D@y3m(g&qC-f& zYWW}!NR^=&Gh&9k@h=#m(CHDx43LMg1-YTF`l&OuuemwJ-~c}PK@sB7VMD}J6@Y`6 zt7D}NhggE?oRxJD^G3*MGp>&%#KqmK`*Z`rNE1y42_TEvfSa1wJc1y~r^qJSdr@Jo z_5SG}#S=T~tH8WvQ$2Wkf&-ohPB+&#ugQxk#Ibyh2(o4H6k|m4C@6C+#R+Ei?`%=aAiP&ZQ3b;c`0CCf^H0>Js0p1lVBc>;n~fk zyY6;1X4clFSTcY);IfzwA5`NqC)lI;A{LGqf#aY;@M$;bPx<#xCn4vaLnSTG%W3)u zUVxC417TD0t-F63p?tj7qbhqZ67JxHY7*a{Xwo50Siuu$@Qlu%|6t6ZEnGs997eRu z@a8>w=nx4mlS4-GZo!9;42l>)ynP6iGX@>7Sg;~?dzVRo1`OTkv>lKmk#D>A+L|7fRB#3(u$-on|6Ql+rHw8;Ow)v%- z8j-0AOuH9Bq!(rxX_dm)GDw<0nX>B(6pPZ4CAeWp#2Qj0M1S@2MRH9 z1sxQmSUgX1@CgaBvq4-48Fb$~_?U5?5ndJ;`xD_kILZ)waSlifd=T`<6$f=0ESJ8X z#rPM?nhY~1LX4}by2AykTQIDUUe;y8KR!L3W$5pKlLAci%`Tu5b&ZZzB4^WOR&?(r zPrAq)M>+T`)YYXFPJ)aySg3jT?gu-{_e4-DK3YP^j$?K!((I6=rrH*~%lZZQ3y2x6 z4KW0q(ONxV0TPm;x;oWYUG~5Votfay-ri@pe!w3ELjq6~Y6HbJ6V=;eb-*D$wGZKP z$E7AHll%4zPM0V6QiL`QGR5Nmv+sY=RJ!LJG9>E;FoOm&>XUyJ7E*>7+-XzXL(~$8 z3{v=mTiThJe7UW#4e6$UOiD^5E$skJfLqV@JY44qTq8aX5veFiNqbzNBqbQev$NzH zfAb#V#5F@+tHAD7Kg0$`c!^$HL$qyt;q>3X8aT<}%lW3v@_?JC=Z&T8shOF3c`k%n z)xy>m6d1rEP`F})fF6o8G$=R*0?K=OdppO*625&wq)|gw8^o^Asj!33B&o2M7*f%C zG<=$~CV(_>8~+XudxW#$A$t%BSSI}41@q6+Gc#iwC-H-U)9+zqj4$B?iKNaWFCo)u z|L)xn5vh`_<|%mu*#3s5$1V6&^jj4Mb(IHaX+1!dBZ7FKP1t)8&i2nib|yhvVQOi4 z51CiQb*fqT42B10cNULiEkDyc8(6nJAtz_`x#$)U&1*vfan+$9(ya=HOTn*}7KaLY zbb}u8yK;atn7{GRIsB)M|b97 zml51|NV6bL;4=A}Cl}~;&VEZNaWsQ<46RXT?(%zouD{0f0X3CfJQ=99mIL2IY zV1C+nk!Y48e$U(k6Wy`8+l2oQsImyc%Ih!*WqaOqeen&a@@EUd)_qmc_==TGC;%>D z;EG~{!RPhvJDI7mGx;`UI9Q0hTS&JMik8yJZWmQPMutxowWgZoYUN-k`Qxxc^AxoN z#8R#XkQFX2F2;%;u_i!r@3PvCTXU0(Ln(tR%CWr8s|$S$JV`sqH!8)Z6!NCc>kR4o z4vP3Tyx>@gTNK29j0Gyij##KiI$2qQ-Elv;5nSEPc>CH|F<2tVI}?-$D_m#mA+YKh z=shSyKngYSeeChRLK&0mfgQu;pkmj#3ghB}zCp+%V7e!@0`iOks0whvgw+i2TMpLl zJKmv=Lv`!6ZJo#n9{|SrjrB=?P`*YUz6|KB>P(o3sAw>DHsn%O1Yc6b-YR;|9nr)Z zX9Gdxr38ft0tRH@uDzQbn;bK}aN%))z^Ny@!k04Zrv~8p{k^PA6Cw#3Pf6qmBih&4 z*zOJ(mtf{aUkLFC*M*w0Yk6UcK#PD%Lizx9$U6;bDl6M(>QLq1zLY)vrgKtoq=!}m zj5+N)Ms>6aS5K-e{t43TjA3uIfGkX3tGc&Vkt|&6_ zj;>zM7AnT;?ekEj{r>akqtz%aGI8zfG8V}N5kD!rkZo~0PzZr{mAOX?R*Ot?UG0Z<+rat5KOzkfff z&{0f{WZQ-eD!io`>uj}lO?6a_5HWyO-D$!v_<2g_y@`3i~AM zhp17B-TgW2$fcJmyAP)AM!8B{i6}W{k~#TG_lvy1u>|hUV4jtzs3>GM*h*x_gBaPx z#MBvng(LMFb&zGZDX?GA*<kfT92dSx|~0X+ccya7L@KDjh4z&F%M% zUz^A2T0yh|_6E@b{R+Ok(8IkcUU`g<&J$O>Wq%*{@#91oOAOhe%+`3Hr|S>I$jj(G zDjhn1q&FktF+Sj$h{@k`GbIWTF+j=kaQ3?uT%D13M53hOa>0o<0misHys^RRY#cZX zaR8z2gJ(+VgR>BmOF+z%;AT+@MpJK~F%f#CmY@r0QeSWZR|`Q_LTX)g#Zy(-l$5@WI#xTlb8~GYV>=k>5)_jp?EohlxpvF zb#)PBeQccFM_{Hy^Gq~N1!wUn;cpw_NT3$s)LUw%A;ibiP91W{I#W) zO;S=)=wdz5B8XqO5IJraieGMWp)Z7};aiP#e}A|Cl4_KGR^8AFErqqhepl+)B z@1~|j&p9)Y!@k^(YyGy%_aF3lY~?nEX*0@CDrMz{gz2QeldG~uk^fzpaGRx%{_{;k zt91S+{pV%uPN|Vc%SFQoe;nafyn4Ss7?}$<3@P7n3zkS|unye)o%gx^{L(iqtqrQT zc+$s|Z#Vp}8ik?RS$pHen;F7m(IHOH5#(p__)rmpikRZw9-p%@PXD_;!QQ{WJ83># z-t{D-nJf$V!ha$yzZXXA>a_A+@&MGfAHCGAW`dpDkd9r^_#UH>uUGqoK#mJ-{}Q<&a~{P01F8KWCP z*q;|wRCq#byz?Nxi&E@8q%tUvlu85s$V6=|jW3!>PIxEz{NEU>#hsjzCXZTP_&oFx zRiaDmDD;S)u*G?81zH1QietTt$R}F=x6d%63M3p~Krcr^9T5vbbaHf_S*!<$uSiq; z?(L6(jj4Y|6J3GhPfCihy2ynW^6!rx<9Nj6JXSe$=YD+=x6Hu+si_;1!49A#?|~Gd zcqpOF{eblc2oNTaw2LJ|M9teS^!Of2TOT%=y1u3)=AWG>^N3pFUFQD1)Yri za46(ilRi2f6K=opS*k-Pn0I?hnircH#>G8QT~Q~s2xniW6}zR{;IH`fpwL$@po92d z0%?xg(Mz#x+o<~-hN8S0ph1M&(?&2J&z(ExqO$4V2SoEPWy@E=h)d|i;ZIDi+oer0 z5lnu0LE%rZ>0S&{YbWMkGzb*D?j88Q2)xTdPntEkRg7Qk#w5xOm)3}G4RCbh6sgj zy7hTk|3J69Jf60fGVnW2=gA`_M~kUz%6+*nPb^QRh{e``3rdUv@ob96=bb({&FZ>pU?cSiFx+-6x;`}~=>_*sI|b~#6R(v~b4 z=f-eka$7R+mUtbF^5u*mFHT&paxO4R-DrYu#A|$ZnA*{{Txv#M`UH;E&KGmfaV{=q znC1*0B!N+%U#$r^vP|HOWu3M>#rDG|^1Mr)k(12Kll-}zj+!#B3TJ3=z?~Qjne2R1D z<$UbooctRLy)~($xgT_%cG&QUMB(MG3xx24jNk7bZT$y{69u}q4=Un{wBCKbgC!>J zHY&ajTU85vpyKUolh?i=lIy(c`=Id^d0vyeXeSV%$iy&4V|8`4<>F)p zpAhb7$D$_Bkc5qSI?0Ka+H`cD&j#iyvbF4;*M_c%I?NenWjm(n{;;4M9EypL-=NVR zZ;_KZe+MWi^*#n^%NxfybLWMfSGuGb>JzmV46?>ss$xEW%xh@y+Nv0ZI^)k5qaCCz zbE9FC1)C3tFYfl`3YG2w;P8Kd3^xq){(nG*t>3g`9(=iWyY;8Nz4Su0bCRw0rLCL$ z=zET?Ly0XN>u`Q}X^no$hsd$MR{8qLrO0xd$pKwbtw)hpoBGx~`QW892H!p;cdmE| z-qow{eN|LV+i77g9(6%p8U|bocBHf%= z4Cm%4h|^Zv=2+jabiWZCB5vilf?3QD|I3*&bfBsMp> z{U1=oyIq&o6xMFh(Z{C~5aQkCLnOK0-e3BL>8DEfb{hUI^w^RW-QA)`~_1|S)NH1;lYYHy2Ii5UWW`2OZs8~az&bdvqHuR?2TKP3J z?WBeDk;mqg^k>Lj`qNf7%?!$d<w$b9b;DxP#bntZ%rSeA)ak*jDDyZHl zE2(Ng(VN^`F=i&9B3RiSR>&RL3L@Zc?GoZcp;fK0SzOe%IHR4~EZ}cVIaC*rC3J9P zO_ef;-Xk7)7#6mtbuwF@HMTwmj@ooPF6d{)`G{;0FF4P{J6Nl*akes*|9nW6Mr#q2 zV9=4fr7{Va$7*`EpSJE$&jw=f|0L~k3-{wJ75z_0$O|9(p?~LN^4HFxUXSSN%cIH4 z6EB$7UV%Qqtz9Y1=+JHY&9E(R2yu{tt>^8>d#>#op9~2DG&}U`{MiKgdsB?_#Sey$A40sJOf&7MqWg(G`YLc=Pmr+b7lL~RxjDKo>GgjwjXN_ zCc^ zXdknXH!Iyl!*GB}1!6jj_ql6qjh+s>@gsNKhY!eBzGepnkUKLycB)0lo?~sSp(@d^#!hZuu*UL-7#kZq%Z%*BML}`# z!kdeWxqg`%%mCI8J2vkpX?0QatEv>mGc>y~@w;Vpm43uw^T6r|)(_BZWs#Rl2RO7A zViU$Yex#E5i5Tbacy}S;MgI2-OLNr^68~y(nP^lQEgZHqhfFyzE_>ihYrQSC*8c7AB8SE3cHQ-U4G~$6i~s^DnU_QlT(Aa3m{Jmvn%*KrY#)B3qSHZ z2a9FR3v2Fvoi&q?YwhRMzP$N^adQC_YMb>8#3IHeR`=0{IFXTkpkyioeSzdBFt-|O zG`0}3_M~80SgW&3zqw%S6g@nzMO;}@T9CJE23L?;B^Yhq;& zdfRcNG1Gw6PFFXoBEa!N4;Py)MVR9ewiE0cKR)h-KCMj5NrvN<(WmL|ttTpdeuE(z z+4v}&ZGQ92poJQ=Kn@!p6SBs~&3u{`XEs`#vY+5V8FF0YhD%CM{aj(ccKwvsCGx*6 zYa!W7JG}-os6|(^Yp&}^?$fJ1w@2y_GstzXB)Dax=pHBLpONc)^O?^|tvO*zhp+L$ z**0tMtV}g~KKBcqY7Hfc43y*#kMCz76L&kztZ;qTVD``Zrvv=wsQl?Sg}ZAVbqeX5 z(AF^$=nJ;*)vq*`3rov*%upK0f3;2AYbvlUmG0@p5eNUXf-Y%XygaMxz8szPhgSX& z#`d;r%R_4#*N5-tv`z05GW#~(wB;l>o$TOj@my1PW^Jaa z`PzB%!`0O>0tzfTot-C304GnF`lhm>;fhpcb0HYdR-TG-P$P4#H z$JPwc?hCQF5Fe9STHN&Lw$rK}Gp8|sS({?TG=D2Z!(Sd~(Qvkgl4^6trk0H{a(lZ zGPQJ#xWDgShnj>-&!mXE`Ej0@@X`@04(_blo(aO zay;hfGeh^}IM!btfAA?oc2C>4!wU0*gL)_?u_Wl}SBO+n#2l6YG7{`=)&$zY(b4|K0{ zY;|;Oe$+a*oG@+`Fgr?D5y$WdP8FdoQhFioWN(NU2D*ij3h~0RK$$Va6dj9EC;$jGVm(Cl)|zn6EZ9H^Vs+2w?=nm3& zT)moyG0MR3utaQK67-{(4B>|m;~+p6+9|gI1#1rcjs)liyZ&p$ND;;?1p^juFpmHt zQfuz>?j4{seyd>`K-!p^5MC8(30n>!;2V%gmsMs=Lc*okI^Y+1N%zXpmji%(hMyf# zeV<4~O4hAXVk!V?1>+zQ5`IiaSJz`0eBZrwLs>c5YUH+{pkV*N05ka8z(fe)IpK@@ zJ5t)+!{eZdzvn@L$)tt-osyWw{ROt3row?wlw#{vP0R%_w|fK75~3fB?VuA=P*s&R zFgS^O9p)}TwFFE%H_1hNW9ARr(OLmb%+J1;mqV=|R;Q0F>Z3e7dt5NH#DJg3mmIMo zyaZv_N2qr7Q<7|_bWmy{%N`R;_$t(?4*}-#JFT||#%?#`lyX)V4N5#{FTfw>Y@jDH zDB;n7SBGmU3_5@tVLV28F53sgICPaH3_gyqut=VGyuQf$wSiM^+OowQ0$scvpelqT z4V+2vs0dIW=4Rl&A9ybpP3{WEUp*ru$>vu~NA@gQdCWEeRARZzU7mWd zl$4!~ap3GPq;yBg2GU?43vFKqmGk^Y1S}pVarhFd9Ky0JoDGJ$ri44|$cW=bJ=LE* zFEel2=fuaqlowlhi?}N_$C(>&Gq)K|EaeE4H?*q*0b)qrtR+@D2d{K%m#a>IvR8l#N#v6$=U7 z6k>llZta9Yw=Qtb4<9~|vU7i^JTPm0__ncU@>G#0k5&-{U}cQ90AZ_IJ-4F?5Q-+?gD)Cn*u^;K z;GDh8JvJQGUh?rz;Lqs0kf6v|98ArHesMk5HrB6xCiD&?dWjP7vnc zIDBle43}j2xVd*DDj1-GE&i75zOnIGauwlV#L3w=5FJti;XB;-a+W8heK^&fZs@%q zy7Dsfy1f%*{lvqMU|Q*aK6#wHUQ`IfQ=B}+Q^064384kREX#iU5Km};wR$N5Isg2b z6*I!?;>{}0V^GgdK%cY2#43^r7WT))7Ay68Wu;D$+ipOgO}dUd8kv9NY2C=wU0PZq z9)zkY!!MzP0z9|65#pnkKZmPIQu3J~pM-;hFfs}q8Kp3@ClM|Rg@xF-N~!qH*nDBU zK@d!ER&EK!Rs)EZ^2iIbT)^)nEDg4kC$;N86Do7S%9u36JBozR0YVT5qo{Q!EW7Fc za-R!0>%chD7bMICQhsvy8Z+k@BH;i>)J!{$y0kQY66U7+UtC-%AoBhiAFv1uA0z?H z2JQ$t57r9UCIF8Inc|cCvTOUs9vl*7XZL_5p=fiJ)3X^n5db4!zHrTW-GGGWY+zhf z7Bh}{<PkV|sd;3$y3F7tbd&P%|*Z&Gri7wgBGh z!62k$SYGLeZZAui^pZ(T4uI<7N?mjF(wp-i%5f9wE=~^s%fm{AuL|(!POHoV~-gbaVX-#UKEj2cq>{OY~O--b4^+>mAWh(qa?EjKdv11Kv~pEJgfF2_)VVTbPkwWAW);<;e}zMkrO}t3VYY8m z?a9p}`u1bXXM;jQm@qyY9W_E70dhp{p{u8_5`+pM&sF_`oSX>;SBQEK+k zX!(#{R91bky-~EE%m&*+Imif^+W@0=P*MS=*9MmZWQ4^~=zj-)4X>{92erp74`-2l zPsZY2hMmE2Y-}9Wf47LuKNO7aPVrekCN(;HdM=(jM}l$1uyrQ(0nj336I{7+gB2(%DFiWpl*IJ5!vN;vL}gXMtmMo3qUo0oc`t-F5zNGKJjJa&6QW;=6H zY5^h_;jAM%251eJo+m)fyF4?^j0|kvWkqj}NiU8R@%;MAVcpWxG_~RwoqJvM>DQ_c zSVo~96#ogz%@MWe|8;{QBq&G*3P~8mkr1ef1B}yN1xK@FgaU(n`>$Vl;6=srs{*jW zQ8T}kyJpYmylgs}F~ouUwAO%5)PWzYr>n|>gQKHLkE7Alfj$wd`jmjzjvr5d5C9BN z|GFqYKh5KOuF%LPP9+`R^3+{?Z{Q7vC)qIKpzA6HLRIV-q9!!K;1YbVe|z2B=R^HM za?Qq|zyq;$KY%Tvph#;S747>Uti5+wj{W~Xei5>gkxEl&qNucoiiT1Y(oUtVp|ls# z&?F=+ni7T3E|G?omiDB*w0C_UC-3*?`~4lq_xK&ZKYot;zK{Fha&=wj`8r>(=kxJ= z3e)`6{&h3Ep{JGX{K(Bxoiy=@v9a^`);c;m>W@@d#`w%)XHRjsp6I;Q zq(jtxFjK+^wFt8u?zXTAZDL_yrzVaJ40W*M;(SOKDeU#SRRs2-gT9 zo$!i#EtdU)g^LszVZn?MXK(-w58J_mUgS(pUW890>=RQuZ1D{JnVvq(%^i#?xzla> zJPG?7Hudr8KO-u*L#4rt@Jo4KKU7v$c40s?i;m`K#^B(fV!xIj{m>`_4MdG>{QNV| zXsD-f@Pj>s8$qORC?|iduMY#81D_M;JU~V`SfO4qK@tOM|SnI=!bI*C?MxBeM5yHcaf^MxA*BO3u=;a zMg&}`2=htYN^l%;V!s8qazmmZl<)0Ufd3{zR#!?J5D*7TjxK zj3uehPv<*crFUPRrDlM0pV7PsK(0m1ATkul|%9t?l zkDfFA^*zafNBfw~d$Y6S(}uJQbzGy=X0ODQ-)H0eGT_tShQUkKK7*|vYpBjbmu8jP?An^ECH%BUY+stC!12FIk0~G?T2jRsIPYJm9 zK$Qw=7Gl;cL>$kY*@Ss%0@eHfbeDcCig4&@Q}@$)w29U_4hJUgM*`;N>c_>!b^hD0 zvLv`WDAvjE`A~)=NbKYOl&SlVR-W0X5T3R0gOan6?}p?QS;;W(BUen(Hx48kr6Wh%CP;w+R{=q5uUDQ#qQ z1XT)ls(mntsE!u(zklBV9(M#0^Iy*hr70)|q)(PDcd%ALIDlWtN$bwMfTZ>BN7HR! zYxE9Nc@S5ed;QtBQcxtqR0Nl@*Ir~2G+vkq;OV_2Zj3P|akZdF#aRu#F&d}6Ucte; z;A|s@{1gmZVCqeM?5Y>IcqDLM4xzEaE&&4P7tB#Pj~|DD`(yZ>?gK>_n)TEA`rWM4 zwe9UlvaooWnu;xiC~Q(LsQ19q58W_|k1fGW;@`o*15<|J=ZgLLOh!T84i2ICglAP?3CYqeW=2*JHyiN)vb7ZZxnjC&NjIn;O2p<{tXP- zp~1m}qN4OD7(v-Jv$i$?r2%mgDE5gh4}9-@-4O6MM$!w7!JdTi1=M%AMBp;tMwx{Q z7HB@qd_WCY(pChDg2ICY=J1|<`wl<;3&$Av{RLnASdOFVhHKh1%9r=JHvw~+VlFcr zW@ct$>nqdPFc6OE9z&$aV}B%kjiwOMog$Th`sh#egc~_nc0`^Qy8W_@8i@e#2#J6Y{95_VF1f*F zAbbV(GsL#mz%K}^J5aZ;=Gb$B@f;CR4o@mY;!K6t(FX3w5P}JTl`~1aZDw25aARts zv<~5FfxP+(96+=u4L1D{&0BNBd2kpc70|;$?jZP+@EsF>kq$D;HP$Me!nAE*|c04o6&E$~;s_Jw#W6p1hZ zOSzq$ddjTs$j9*TI1b_rgM|a=G9;7};OXGltskJp^(MiC5{GRfOz(BJiQ+<>y@*AE zS{{^26>zIuRtTeXC8aa*wc7Tk(}`2C86XN{$97wo2O^duf&3T6UJwOqO)ssF*^7Yj zOvI;wwTosAnWQ;%XiH(9O#+<=#9vt4g2RY|<$gc_n9yiCX7gxLr*VPu^|qd(!%>Zb z&3z6YnICe}zZtM#?PRpS>iescAGF2iE`{XEy$fi<8~dHUS!WQCoM@6uW?6} zW5g6}Z6~|d4vyHnUonx8dit&aQIs_m)XcwfsfM1&&tk!df9U)vjEq%vw!9wo24!vlMr) zD^ap$DtXn8IVg_pMYycdliIa*mtr#1dGK`QP839<+9&wGh)^nmKqg(}sw;w3 z!~W8vDxccc8dmGjZgLrr;in724qabcE9K~zNmpr`+kyTVj8e~9{$;xqH-14u)Uv21 zhr?s1T{Hbt3+J1lg9w0uAi=Vla6lynTnsca>^5(mr~4&jp4QyV)+R!ph!ZM4euI$P z!U+_FO^*tvN95(?d|UUaL;Um+@2R>~dgr^EnQY043+*$}2GZ1DIJSshjc z6&=>xXf|oqz0+%9)2DFb#@PNo092F^q7V$S&V&76A0`-Rvw9cVNWERq1cSN0y}U%!%J*o*uRLc@a#4DhL;X<%0^Gf_-`WWVvRmO+|H(GUTbZf=nTiNS(re5HMi>Dj zjaZK*PCN)WFaT3HqdsnQMq@gGRT6)fs}=cnNYnHE_Y0ju+#SuR&bWq z**HNZ)>rJ%?;|d2opt&J$94c#CWtJ_o2gTDa&h6kHGB!j71!fmTxi9gU>8Gm1@6}c zG8eKwl<3e@pa*B?;h{vT9Nf0hgX6;x7$o8I(-hxmUS3(biAb!+F$x@#Fw4e~3!mxt z5GDW({V`;JMoum@Rgw}Y(xaU3AKJ#)goQPzo%Rr=LKX$bF5h2T%zOj(B8_?tc!=9+ z>4J<;Pm}BVE9Zs{NQlH0=$_zy%9`>*aK>fSVL3F~ckr>gZV%`_m(`i54NjC*Redw! z1@L*I+YS%Lj(%H&VtwRwxo&bxHVZ z{ccMUrOa-P26poVeUL1!^@|O$>iv~e-VYl7Q9jzj{`nDDAcDvlW~+%P68}~}naBST zdNQA4h^D+rKhKFDR6g}KWJ~*|282q+F0LH&7==Jg?2jRL6S~3+n(8?I`O(0fCt)4PDRy}7vzel!ZemH&>CzCa2CsvbG; zdcsx)6n$-O8UWY?w+(tO^bpio6SxzBbf@lPo73SB0vPf3-;e@p9p#ocii>wv9U>^& zvH&DEx`P8>0WfnBGBy>A0*E}i)YKix^~4|nW{KI|D`@HoEzruSiKJTBQ2@voO05ja zNvi72JEj5imsp)q!(_r~wo!d@YN{8&iXk*wz=pu(-}zi{cUW}vd3*ziRS-u8i6F{H z?A}u-2~HqY#$mMic866do>ABFY+s~cICJ@Hse-o$KfRK^n-{@h$NmU}i(ODK9QqWZ z9K}-w{C;@Y95WI$x42*EBEF+CLWh6}4TzsF)(jdO8qT1T#<}(8iXx1>@Vg{b^lDeH zqC%oX(}1-B%|mm6yC^{4sz^apCu+&c-%R-*Mn)<^qecQgN=PGd6vA><&vW$@CK4|a z5;kFXMPE;#AANnWkGdVlK`6V5>NA>DwX_s*Hjr#>Z6U9azy5DUxD%i;aZ3Qu&gM(P z@W0)*lo5juHDn$-I}>4FL>GW%GhVpv!70R2y$7=ZR5UHHl!A*T%5z?#Mxsd=wD>_z z3n&pDaX17p5_E?0rWxu!d~nvkAp|vcHR9x_ak&BF;!+@HOa?~;Vi22HYpelSM;U|FDQs<((@!7VA+(OekSGsC{-JD6_G$PEF*>knw;5fH;flikuP*ic$A{-^!M|l zz3{D|IU9(BjDy1`y1=~VQ=n_!#UoVL(NTrGfiLQM?%zOzzukFy3~&sQeS6N4AEri2&^&8iW~C&05W%}R@l zLmxcAonjEN_ru^PNhNmIY1}D1Nt<_2gKyT1?FM}y8Yj3^C}H^#lA`j5tiy{?(f}G2 zFwW4Zifpk2XI6&wsK+=l@8VKngvpwK>QYFS{#RNv3;T)Lbf zE+&RJVRE=i@Ipxl+1%~U=h|pBpbkR`0KR#xY1;ThM7wU?x$_7&_pU+4WJ$abKY8n} zU2M1$=w3;X1A%*BgmH`c5^nBk>x2AaV%k-0jX6*3;B^*=Dd8zSL^nXo@X~J2>51Jn zsE?VjPP~?G4~8hY3=w2WYwE~Ew1Ogt;Dlp*e9I_uu!bLI=K$D zot?pP9B{BciA(WZu+EYamMX0$v_#|Ce(4Wo#_U7xV`$|01E$PrckwIE@1gcMUvwX=sHyI)d89u4Eql z3xtoEdkUlvcg*gQfz$sRF);>sR3V_mj)nbts9uo+e#sbZ<8WF)?};rDGRVpM z%n4}yaBLRL=TFS$u39>_;ElI$-`>FT?f*c*4<9+Q$qTNBsa*~@QyY74idkKyhlyflVbK85Dgo+N50s?bfwGyP=iDMk;Eb=%yF#0pb6SL~E#c`q& zlN)2qMsNrdC=15tr~1+nB2Y5|bmJe+-Pn6!(BXTy0gKPxcqtbBtvWSzdT$cmzc_F8 zdUw~u(t*UOulLL{`#xImKijeKK7a{T&bwLX@TmVMIu_zULenuuW0yT>XL7=%(~7`| z5D^Rg0bnU%hta1w`S2GWi};O+eQa#(QY%^l6y-aZas~ph|6!Q{%$YZ9(0X&_c_w=U z_BWzR#U_Md_;W{(Q}MMgtAl?2gTq>(++ z+M3{w;Cv-?h-}JH@@Nsgk_+gEx7?zXMO#Sd7qFLmq5aoCK_rHxwQ63xScD$rc4v$n zF`nY>1;UE))znl4&pvwkHWSvt>3V`Eq6pL%PuyAb$^wzu(6yEa30I_Z{5wF~e?mnr{9x+z5Ohr}G2T|39JJI@5Vc@KG4%sz(6; zg{emOzvL$Ezd6O==dZw+y4Z+!4{e;5MazG=0JQRMZh43hSOrr?KUVoVN(n-t3hWET zTWSF@PXK;GOk&Yp@LpOHyZ^Pv#Nsu$Q4-fk>}+O`ct>@TII zz8HbNg_iu^5QPUt%i}NqI<0$UfiS%xMmtX)MMYHt1W^F3NOE;Zg%heeBBlkh=Kn}H zGItLVp;UOel?KWgCJ+mLLpu$Kk??)aKxe0seev&mQU61+A>F9ZL{7!OIkN}G5(LIv zboTS_>-udKA@$cr`hy3$@U~7*>Y_E2=(Nb_ncz<77RSA*V)%I z`a-Gv0GvxH7DR8uXZ2PxD?cgWvKpegyY~}8u)yjif!f2u$EUXaI%!6P!kCA0rAk+o zwn@X%>7ZnuMelh<>!mCX>g&M|?m$~&tN4J4h)%MyICc5);Ov%--gnYXJtG^>RYlaF zDecTE>G(-uaq?M}(o;9z_JfmeI3zs+pOm;f(iOgwO-B0y}DhGSP(J=`S|8p zZx|~(s$QO)RA}G_@~*Puq-3pC_KjYxZiif95209C;jLQLRBAq7 zb9J4gIigf{@L<`^%Vr;18CFWe+2sSK3}xF-$ZmG+66mv-;{Ef>mA5RAx%!0OVTw1= zZtrI~CagtXj!#!U-1(&Afmh>rw~EEw+&1OaKAL$xu47&kg){2gm4A}{q)t>DTr8p0 zU9+bl4_2QnlI)bbc2+!OrC&{KR%ESaRV~|4o2rw^g=<(#V{!J{T298+!7P8}&OVu~53aFuQIklU)C&c!j^9`BvbB5o>&->C^d;3Dqw1 zvlsR2*O!^rjCq(=X7xBEI(|%itdS4y7u6^a+`i*%)`Up4(!cT}FH3kIx9{Fr>a5SkGJAf8&a1Ez4ToTg&a` z@zORkSqn?uoWz%6)af8GT%DvMrKr3i9lU;Nt98B&rE_Vj(^MZ%!-(5rz0O_A>1#y^ zR~eLPJX;(tQLsrkTC>@)70(EFJu=ZNHJ%un*EIY}w%F)svgi8b;R&bxmxIRCwJDW! zw|Go1MBiPA+&U>}tN%@Hcr|d_j_#DRVe)~W^ydUFT&e%Ud}ZvKdXJg26LIS~|LP?S z%2Lx)*i62LUlj#-V7r@^sxoewnZ>b9iQN^cVVf!H$t_|2P|cCr81>mpNU`c7ofHoIKBQE5EI_|S@Y!~y0rhbF4Ki(JOjIgVrAvQozCYNc{E?ILl~eELud@D<_31X5 z+H~-gKw$W~l>~QYWN$si8Q%qBUGH?!iPd$XtYMN%_(ti~??A6b`S_&kio9`B;P0?E zaY)dRi4CAA? zQ7pTu?nkSFS4)7TWF{>ZVDhU-z>Rk)re9Qlbd7#1f5o<hgvaG67wsSUdM*(29@lV+ z@R9G!2Q@`SHKr%YD+}j6;tXW#uV+j(QFc9u=1&D`vXZy~n1uD(T2t|$H( zty3x~z5Di;yl?>TFOt)2Kz?3+59ybowDYtl&&3eE!ih81UME?ftuMI=mdCr0`7A5G zdTBkBckuI|#V7?E6KCqLb@#kzZaGR99qZlm4_ba*pjt?;ahUAsmnrrkpPH-*pZ@dO zHZLN2K6Cl{`)%)jbbV@2 zX}mh{FlXzRn7DImt6_}CB4hlnTy&cBj#7+a=WLa>_miv|6L_*#vHqi_PygGx<{205 z;{8qDjsgtb!3px;Ewq*r;4cu=BI!(@NzZ@(PI<-W4+-+UK9q);GX_v;+V1Tg ze)Txt+Hver>@k)T&C-`DO-W+;c?z_Wx8up@DuVV4cD(&zvoZB3r^Hja-eUTU=5yLF z{j)CYdm}*Jc0aONw@yBwv8d@Rg_};p=cl{(@%3(0@Si!me7@%0i-W~o#XBmJA5zo% zq)%E)U9t}8JZvJIj=ro;8mVsB5#{O`o#|4E-o}WW6F8UYDUy9&z=x z2>;1HFVU8tCh?hRu1Z|YChl2vTBln-_2oGPo~AKrE16r;O6opTR­XEY|R%tJ|# z*ag2G-=}}c=LgLh917FnZU|ltsaB0r6I;kLM@0; zr|GHfU&-=l_gfxeX%CbV6!KMFuRqN9RLnt$elE6~M=Rt6tL>()*hrTmzIJD2%E4(@ zne;BlsN$FUNg)Bf!3i8LQQQKILM_%V_xfg!x!SU-9Di2UzU`e@#u4vO5?|q>Dg86+ zHEq+H15d_ZOxzH#pIREq#!P|e zE8YVaa$>Yt4_jr5aohuaO2cg@E{pmMLwE&oAGEa&lYV zTb+t*N;6oiTTbVg=#)Ji&FD_E;jM#%d>>6$XSiH`%-wAf4AmV{?F;^0ni85fc4^+o z&;NY?m1wuA_?BoNg<6kxQI?(Yz77{2j|}>C>UtmjIhq)k_L$TEf%_-*Q=j-?$68%b z_sqCtC$mquZ}2Xy%$yqaWtBfG?qLxRX%!N_h1~G1Fw1Dg6FQhOpd>@TJ~LcMxe4ueBiwvq zB6E==oz5Tb%q|E28hcSXxR`lb4^Ik-GhTXfa_%|K)6ucpvO{AZx1Dg;=09o|OgbS} z7G6L5W;iMYKgI2B3JH6!?O_>`(B+N>`q#EXlRqrBO$uJDZunDHGZa@mr6#? zHS_gGp5o9Y<-VIee0L88{+&)1hpOwTRh>}WiiVn&ArM@_mipW;$>HIGL9@4tV^*g+ zThE2EZsM^%Ok$OzoSoBO@$pTjX-q!a&>8fjP4QjM`#aA=JADi$A8fp}9y}+&e}9X0 z*tYzl)1j<)`SxE|kD4!g@Xk`F@X7c0s)yp@-Z{1iJ&a`+yzG{`;=6f|$f5iDbU;EB->4uQ}Zn*1|OKIyLPyeXfA)Wdtd!M_}6)=D<7xrf65

avJUR0gaRoI{M z?%L->U$*tHWRANThgHglwn!Hq$kCds`qS0aG-hIaj$cwUO8Lq#hwN3i4NjhhMSbb< zFM{%ZT~?xHlywXV3!)j4a{f8A)Oqlli}ofJ?x&|^-8N}fb-6GyiCk7RJHMlr#pCr- zqfC^UsiBc6NpfkG4!d{tuj%?SzmV<#8s<0@O7a2B2Ws+4UPYgEb5!20wpaE~3lH<> zHkpubUBv~xd<@HM3r-(iKWS(_q3die!D>PmAdEUzCrR2ogjIKy-&SJR*{mUB# ze|(>RO+0m};Un*%=J3LmX|fMmW5stj>s}TYs{i5BMq%hf`71iMUB)Ebn?_eFq@%~^ zX^3D=N2GsYi|gkiRcyfq&-qme$-Ym{;l*X=5l5cMwfpP+)AL=2oK=(Pb}B`R1wD-S zb((Kf7kXA0+fbSEf&bK0%d++4x6+CFmRe;S)2A+JSqW58-0artYmzPRKRL429hjcz z9V`-)a2_~SurMf|ciuR!Fe3e3e11@kq*H+7+8P>FTds-=`f3|G#FeGV+!s8LX4?HRn%z90Q8*!_86>UlNQt6ahd*B?+5C^7 zv#ojw?cTUMEiNwu^*ldNcs=|syS7%?Wb-;M1|`z7R?8KS%T}?Qb-DXSypu`Iwh4FU z0%o3zSxme;C$YA4B4&#?Wfh&=HD___sIcIQvHsHZwCe-4+h;_MzuR-0;dpxdt9Q}g zeFS2(-UWZT?{aL7O`5FAvT}sN)Ir$Aske`(*&{3JG_y7T{Vz1R!INJs=o{?TyC^en zq9??moe;Rak7mNMK)-qZvC|NbC`bAY7PqGd;**(j{RlmX~5N z^qaYBW%$*wlv-{O5>sW|QyZkzSh z`DxhbX>Z4DmxJ?v=G#Lc~s+lY}{&&j!)RBcsq_vu2{w5+>DQ^t(? z(MFbn%pGrJdp-_O^GUEh8d(1j6Lm*5rMXvYdLi$UN7jk4JM+`uH5crZg(qLI#YDQ^ zsPX$hMT53C?2bq-k7fii2tQC?gb1loc${G0y{)uKU zDiyaEEH)j^BuGeEi@W;95*Pjy?dXg>vA8Qvu2f-zf17G(i?@xZig7W;VfO^dn5EPS z7PFZjH$7cwkA8Y|QM+DB!#n8ZHC@##!6HdXUT=THFWZ>=Wy&LDKSkGjPracTXW`75 zc-!$c@uS#Wou03@@XFx0eSx6k%H|1`HNEtn!3WGGXY@oJM!R9yCrl_^U>gd_PXJFr zS3c-6_{wBZ8&wq{}AaSHi{OI7gD=(!rYtZdaQ@rmGkZEoVK zKz8w~k77^fro(sK5A<6Ywe{TeSe4YWjpkGMePQPj-OAKdJLg-s(k^YaJqtREGyFt} zXuMdElmOm~tIC$^)BtD|7IchMD6bC+@E04Hfk@dO-5&R z{4VXYK%Y)y8~5cm?{=LAJWa&Z0;vOi^cnL?H#r6r47l^b<4 ztpcJCZu3&c?~V)4^rc4fahP)MzF&grg~vglaf3Yzq&v{b98b!W<&lLj4?*%2kdGbH&7(!Kwd^*QE&EZ?645RX z!otW-!!y#laCPo7b5m@paMP@+wss}x$G?+yeaRta`+i4%S&uTlK74e3J48|x975la^Ra)uxQIiq<${GCKt64TIhh+n^lBU6YFgQVrY2K4( zHbm6r%8-g@FAR(1lEe1Q{)Y^~<&(t*_7x;teBiy12xbtdI&jC7NpDJB#yHysSnI#R zs{jnw<^$9m1<~dPCCv-QVL?GZ#47a!y;LMlsFx=eb+V82j zd`VlduQa5#?yAbok`J8@>uGQ7KYV<6(p4hIuGQrHty4%M^Hbm(xbUbj{XW8kBv=K`uxu-D>d9E&bB4%g7JnZPYvfy7FGI1l9v7?ZjC;q{MNrlW?5ftBF*8XoHrxE0i-~|%&I|!(t zMZ_oM1&mV^hSZTXuMII`mWD!VzJ zi&np^cX04X%}|Sqp3*XD(lKFRymjl?)!k>!w%xf+dT}qbol1UVLg+b{Y_m*{bwA;~ z@@Fr6A6Rr+aOxHxaI0Q)t7aeQtXX!uk5P`nyY8{ED#wCpMuO6UCk)w#p!xG!cZy+p zE(|^!W@YeR!)z0*wBnLrT?IV7QFE@?Q~`|YsAvB=2C77SrAjl(;GxRbTMwtO*lnOz7PUUtGq zw^NruZrD|x1h2Mrt(72GhrG`YJY$RsFeWS`GDE>o@a?c-M_dvH@n%y!VBlf8@3q$H z4z=GGBixQ~(r_>fjlJZ#gtP zEdAmFLA>5WP3==_Y6P_|I9&(BE4J<2X#`;pT)0Vpmb=zt!1Pd*I*`#)iO*5WS0m;f z7FO?fD+Od6Fmu2g{i4W|e>W^_A2ut7HS*iF@`xZMta2>{2$}>uo52Wm1Dy(&W&@a| za5w!(b%J?Z$O~Lt@WBzcvkweLTtulpqZ70c>=i?Vf!85x3^TIc$R27inV}#C!T3VE zpw#Y7QoHY3e@=2PS}Cno-Tq2+VPx&*&zhZ|WtPY0jE-51vSlPh7!DND<-ED_T_Ivn zBF+9>!1l80@5KfJAU*m=?X8IV=D5Ko<&#fke(n&jL);~_#K8YcYV~fE-SQuIG_|9$ra5r7Dj2?*`$+?i0sj*7_z$gQgaJr(2bu(Q)I3$}2@2=lW!$bN763kK2O{6N*xU?q`-Q zk68s+nPL0;jr7iMn6H8euj{dR9iGIXR~<&wxmkUZg4FB&eq*Zbo3V<)-{He4#Cdwl zZa6|?26rK~k( zI=N54AA&yAdE`xIf+51>%B!kibq>Y~IHopDI*t?~rN{~6*Fz%*Hs zGaY1LQnq&W2eW!YZNeK72yyit_vJaL6@2!DkioDubohd+t0+(Y%w9}6VG2lC319=p za9{SH3Ka_bg>n^-JJK(9tK?{TNxwJfe&4H@(y8PmyuQX~1;< zVk6^k&xRsN)}@oj8z^`Ntj9B-mYe@F(x5+JLYHDS_E>^)zLr~+^iH$Bfxj;!hQ3}|p&^M6}bj{fESY?V6P&{&O!`6ZT0 zEh=*@5*uXxyk-esIKW97T|`E+`>Mv;jQ7<_V+og$Q&Bn{e&tZ%lO!bqEf%*C3j~-KJ^en4{WRKQKw4A$ON}Kxg z#^A*6i~+uj@9vE>NT~6$o{ZoVW|!A^zmc50R)W6j#vXm>QJ=VY!L%0ok<*}(;lalS z2pa#tZ2_-jT_&hz=({;j2%)2!SR*HgNWq4C;XlQ79f$8Bx99&#< z^|qMOsxscZb&D0EIp|68@Z!m0<>XXojRBPjn=!bZdah}zJ(0gACPJWZAZS}r!fI50 z2e;lixb+K#fM6Y&waNZ;<{Wv~kchG5k!FvaT_07Iy>bs1#n62i?$K+`w4bHaleqZv zoU__|R!vunVb2+jqxtwXs`3Sa&fBpMd{Xk`@&V+(SxyGU7;=0y$ zc?-LJJz;S}rq=Ou2AflvR=9a1c9K87&$&$@N>b~{X4?Jd$c>L{iu7OmzNhvbLua_G zogtYEk9GC_{d-TaY@*40H~VuGfB8k4&vL;s2mW$|lB~gZhWj_|&U~Xz+o4iOnz_~Z z=y%_4KAjIWvUXaVXvuv(?+UHJ(X~oB2yb2R8Y@goB*qQ?|SpVfc++I#N;eUas^WBGHf7Ih}n0h`sE z9t^a-Oiv#G9|rUHLt*7$^+67ybZ+|l^NzkD+?qZ6_unhh*9U)rpfS46HR@D=4o8?X zz&@P_V#Wpyqt8IiH%Y0f0neX5ms-xv&Q>Vm8>D=#yLLVP5*NJP4~dFu<*2|YmF{G$ zY`krmmj+0Upkn{ncmUS{&cG>3g;qLrN5KHZY5v^e0Jv9Gs0xrLewI7DzOC(OWBP+& zdXAc-={LHYK|z8k{b>b-^5;`y`%;rTZX&h(95y+uEQ4{i{~pOlBpGWYX{*-wf*82W zk_z%eBm#oomsowLliNkty5WFL-0Pqb;pHy>_dioT*@F*%Uicgz66V-T%bY(;7b8)C zYLmu_$t94Hk=UmC8Vk=YN1kV!(On(ctE3>`Yw5xLK+Qndu#A;UfGN?NOedO=WVu?J zT4#GDU~_bZ`q()~%GIp?)7Vn+^0+_t0@D+kQWtSog7C>#rceEn{|z7t{$-8gkb!o0)yo{C!hc zMQrl!2kB8$Fk`LrCbz)$;-G{C6ILX=1niZgl^rjKj(s1&tup|@m@p>*u`H#j=P@E3 z2=8ViUNA;?K_0>PGfgKTGLjxWk@p<_lh4KBkO<=9G%Ob$LanT*Sn)iY#TNw>R#x_~ z9df*3bj!bfc!oT%t*tGwd-(Kcr_Ya@M4#mFQ)|ANdu4Ip?LTfm!RS1f_z?ampctPV zwvCV0ORnF;z)%U6Yq8oG^+0#`X@mfPN{eug^HgP9+ZjfisSM1nN@YcJSY;Fr6|Nbb zx-$86?_KMl02jBajs{a6)%g6ulN#C0?J^db5y4D5@~KDOmNIbOc=4u9>E=`VPVQk_ zJ;T_R694yCL|l$}dk&Z~JY^d8X_fLg@2sB6s1TDGdH`9bWfIk&GIdR+RXlFXCVy?K ziNymw_@n3%Cm#D)WpxvF*3DbSo&V&nj-7b33q_htq~{4s(OVx%J1&exG$$NzTj=ld zj}-9!^wanY+j%BCrc;`X`QjZgburU?88gm(aq`~CxuNdQkIeWug>3J>OsPM6JMgqe zuF2c9H09yGK4{3#C4Mm&@^rG`N8L}C;Eqd)ic2QGmJ}KrE1A@30d6F?duEfN*n(l# zjx_+bIl)|Ab3RD1N_q%t7SOi*l-T0a z(?gJIYUT>YE=1=j-{vLlU0n#n?&thle7sGJjIjBi_?_pDpQoy?ny3mhb>EhD$s_uN zZ_UmvoFQXl1nYNaZfF$=_a0nXcry>Y9mv;)T?Mum?HqdrE<#2G6$uI!6hKG@f#erF z->u*-b3Pq~P6TyW;s^K~lwJ;pJpq2y%v`Y8yg!WcamFC9`P{6DewGW$9>g=8PPv44 zAlLaSUmC;)6)ucwU^|{z16{(medE;V1kQqwzQtRL%IDvCBUq`BsQ)lF_>uqkv7kwV z%XcQ;t~;A9yYk~G3CZfRSr^YB5&etBPieTaDIu+%4Ka zl6mzQzu;V^-F4mr9=G=)6c$=OHsxnZYBJ)9XE)cab->$Rd{z9^W%E-#Ve!HrcqrI| zsCl~9QsT6cgu7#FZyAl=N3|-peT-u_3=6nF#_xM`KFC{kYfe`7uQ8g>x5Y&x7({Pr zPnU}3=De7nV;LB{_Po%$eCU@(+{PVE(YeVq9{Z$)^q#VBH{6uDx{wP~8&sVaQ!a5l zJ_qSS!r}~=ZWU10z`K{|5n-~Dfix9Dx&G)JD=379&vLC{y9^U~0xIf3WC0#(hzPys zG~OF+17GaXMwe7cU=Gu87TeY^qVVT&z^}`TAzlB6)G^oR0R~) zmzTJpCIXdq*z=Ew=ybO?<$H+N!QX_Cflx2b3|{06x*ZdEWkLg26ngA3$+HN_)O?b(kKMHM0X77NBou42!6A=mv$Dq z)o5T~$}`^@ne2|KH(+vO>LYSVrDrIxH-1|JD1v`w71wwaTjmS{?TdJFK@QPS5eD! zh}U*h`e-Tlhu##m$>N7UP9~aUwv;tbABY|sd)Z*lz;LPk*2HR=5idhD|4RLmoY2f7 z)2{K3d(tn?42*uMYqYSjAD%GfV`cFVS(~KW@r2SU_D$A0%P#ifC#5yth`-s#OS>6XZgi}0LW*~8^m(_v zfVrF;90w~Fdk{FGcv___TL6H3^Ojt8SLc z%I2iH&yu_?`-*4t<#T7%C?z%bmOLU2Sc^%1WXw14`*6@LK)d0bHe>p@ni|?HY3Yr! z@sk$o0!#Jdc8^XuOkXnRcz3(WdQDQ)=F_LJuZhQh>sZRMd3$Q@ch>4m?v*CHmzw91OHunmLC)uFKf6&O?tf0DB2U{P)PWB2j~v}xU!1HNs&a{>*6M_t1{)U)`f zXNPXnciVTiaxz1}+1$7d6% z?v7Mi3h+U>gIHv)^CpB}1z{S&CDFm{gb7K_;i)wimB$?x8-s zG4M-fKidEO_fWeZgdRh0rI!X`rYRy;g`-Dy9M;OX7SFLsDl4e$>>lC@3hwx*Sq1DJ-tLJR8Da47 zuSJ1a5=3v^l5!9L3|=ZsJpL2z6Rv3A|3imqoBld@HK}*z83x}eEKT(s6ZVH>rv5V!oJr!cz zCC6U%+&!sE?@n%VxV@#J&MBIja05&0ZvaLI6V6WjQZ&*&bTd1uZbh4`Ci=R8J;Svy zL(^BOEc2#pB$fxYXNuY6&Gtu$opZmunKK|9$A-}3Z0oX-$K^%|o%26V4LJ4|`_~nQ zJ$zVjrA23W(6eMYSG4!}Zo3oP@7S2^+aQZ&)AOXh)=&zu<_lQ3(7gQW?`OLc@D)8a zxbVKs&CM6dZbH#SbjSCkPmW4-%^A)ADz6D50_d@*OSEO-^#^S#Jc9iE{62sEDs$=F zwKKen3tJA|lT$u4A$`jH<5K^3UnN;%C8|2>OmS(`zscCKJ@H{$^)BFLQC8Fm*`?jeiH4_a%~eDcr>z_kMYEDCMN5^Zl3(bi+iw+aqt5Jd5XBamu+Ypzb;M>42_Lp zGI9^DavRB(ea});QzN_XG!SeIgh=q6u^Fmkg#jI65Gj$}r%$|fHn*}OOsYze z=$1R4W1)1NAF*s$Byg0Y*-#>SLC%$aeX%`V*zJV3kK(M;^1@U{P^9yyujH`jmew(` z^<2G-K4xp^eitWsVi>84H3UqyBz`k#$yv5bVy)TKJ)q(d8zR~KC8K8b_E3hgo%OJr z!LQ`078>8dq4ECAnw2P?xun{T#-BsaD8poI>}u9Ron2s7c#!k+u;oi_~{^LqQ!ZG&9kSwo8*<7D~fEk z!P%vg$!(2|-ymtj0KcTR_5mcy&z_Y??3~8JB&<|>dTzs@z zQOe7gNME4<*diPM0!25(xgn{erK++>Lqgqsa(#gDT&i9F?{~-Uux-jPuOhQQAi4-+ z0fmx*A<}5;+R601g^fBT$}_sUE8{JCJ4M!FmYGQUT`?Ubw6MEI73H|YGp1sHYTqg- zT<_cbsbE>aC7)gK$(!Ql76l87^%E`oG~^c6zEWP)z9esSiT};M)(oxsUZ@!x>XW{%a<;-gf$Dy)uucjO5!QkuY4MiygF!_;adp5pAR2C z5M$-py9}vVSjf&qX>#o9TM~TdAoe*K^nzx`!7&;tsx#>CucYq3CygYw!_a9%6%Jr% zc6Js+Qv~DL-n{uRxPD|7TEQ2WxDpM0zt^00{%*vJL*W7!;pvFpJmvN4BLV_f%=MEK z5_SWnLHHgKPmA6A_0@M9Bdbc#e8Q&SMP}ywE0^h86=nDq(3#Z%O|Pf8zTfH?;P0ge zVP$=*HJ_Re>;6_LTy#{97AlELtXNp^K2BO0jnJDc4)K(odlxU}RHIWjIp6LmxjySV z&>a3Lz;k)b(`M=SHqB>|3K8NodXk=W+>MkXdKQYFCr)zP(iN`O$J*wNS`P=Quifvk z8tC$vX0~+eRk$CpT_anc+B$DaFlJ%0&}}xVz$Q3$eM(R)Z!y-^{^p@$haS#E$G&rH z+9hD=5|!_|L>4qJ@z$!cFEl)?3Re3wF)^c}G2Y4pm0#!6*^W+oy*wh=+-JumB4Xwj zEn(N}o*T3(J}>6Bq}P5Rm^tZ1(z#X%lNPS14>{LD!pn`6q8JoyJ2|WO|K`1+J4_Lw zd6=_-f-;DVT=AK(R$KX^qE1v{!#7`ci>LH2OgtVj2?l-5s;lI-Hgr`!ULvuB?(v-o zo}GIh%kAE@VUPabs`ij^YINB3Hw+wBy#~|jss1j)saJRRm5*+vuP(W2IylS;mT*s;75-6S zm30GS26&(V)#Nw&3DG}*2G~88>J)&cqN;K}T3HT}Vz)G2CZ?uZ{FqI>#09_*W`Twx z67V#_i*Z)M8;AwQdC)sIn4f~>3Ahz-Qe>YsVt6XY2X8qrZZ2H8B76Qk1(bdms!_N? zWymzt30F+lAD@nn)PG)ew6)#vxxRiM7OeD(&xo|bUe;pCWanl3`Z|B8uC;YKx~6O9 zuTmF6OgxMH<263Gw}kC}USYcF`75L)-ctLdt1S9X<__cbIoiSEi=c;#y^EwWGMl=2`cC~`WU73ziL|rgPRJ3Gfs>b}| zZU*6qfB{9*8v7rjXY9iLN2dh7)8}rmxplL0rvI&reT?$q4pD~8GbA@3~~IhIpj z#Mg8&-!>0CDxi7n$u%;mukLB8DJ7R3koAc(445t9&4g8e`D_3CPfy*O4Sm}L{w($d zeZ1|dC!DZ6#lPjwGd)2S!&5fn74-}%OF(lF=tb0s*a+o<86NcO?1Ty1UpsSi^imhO z9@njep>ah=4ikpY00;qW!4i}2M(c+?>1rvL2sNiv8~?MSeKVAgCQeIm$MQ^Sez(H% z*lo`=&a^!<-NbW=-OQbq2rzA9Wj8cRlOFmMuIFtDc6 z8$JKEsOWZI>J>`of~*vU1ZIh%9iB_#xu2|mEq1LwYaQnDm|xjZXV*XF(%jazUMF`; zqg%_f#rz9dlU-NN?8?|Z$?5Ow1*d1folB~TI+Z3&FAMtBH&%TXO^u|`z3uY{OP%Tdbz`3bNEHy?`dYip3yTtyq@_1x<|_kEw%761S5_Z>c;z4vGD^K0+y@DBF#TFcH@ z7Z@7RQEZu(lN79AF~}7y=p5VgS|zrmu6yhbY(|<%mRZszTy3vE-7#aWjNDb8cWZ79Y+Rnp*4o6fz3@unveVaTm&@6{ zyJ`4myA#7WoEi+&g;ed8dDM`h_1K`I^GDK>@;B9ZJMG4a#ot;k#qKp5_m&hZPV`Jt zA^3$tbShcvooUsfrJO6o!k1#j3zj~FtvfB(u$e!{JK9VNpf`&Bwb5-b9R zZ&L5vR1}?I7JALn-`w0fa`GoLidISk3*U(I+yjSMlGMHk3EwcAVzMvf$@OE`bfy%j zuQTJelwi?VPPUE9W#nOG776gD5ihZ#(p)J$d);p8(Jf;eUZqrj<>nKTawP?;P4RMT zrP=~T24XuHNwJ!`f#*1pDGep0wj5Z+xTs#YaP`{C;66F+r9EPYZy!QAP5H(%Yi#l{ z@6s~Ot4z*9MuzwYpi6;_E|@nQbDp@dhS?yv_{ho6Xn%t%Y~=Ry_$k9+2+M=y&_f(c zgkp5DbQqq7nL4TfXuYt>U0q!-q{{^fKu)y>w?EAKN)Q7GT(xt!t>X&Z1c0%qfq=l8 zLgN7=)MBSaIEy2hAmTh1R1|Eg48r(fGBOVY1Uun!|C)kpvdT$KNlCzXjv;QFQ|E_O z*#5XJ;PZ3iYpSG+f)ZA8B1?w77@95U$B_5you8jCAZnknK!ROAew=M@H~Uu$a1sRw zezkyr0DRl*im2=(0ya!0{%&b(ycZSK7oN4dmDw2u=5wYErMDNuEPrTIC+5xXY%bqg zs^+xpX8gPG;#(!d7#__Zf-VdEXG`~~M&dSMK!;^sbN!4)+SSGh4*4)iOUq3y5{_XD zwZ{(R8Li59SXvdHPt$#+MO;@#eFbA>K={mbZ(sfboy5XGRmqcQ9Q#M8wRHv+)!SN2 z8iXE|&voSI7ryS_Cva5#Lqk>AvfY#%Suh}wF}@?Yx2T-Q^>wD#L#@NK%NFMQEY}2Y z^OEj6p1wO{mAgEDlhMbZ5G@|@kdrIPcNeEgVbc#;lt+VU8m$>NA?O1Kc51Y&lg39YncJnk-e3;9ATX%4&CL%KqjUDTnZV#V zA~VzOs{slb1QvLU#KR{DOA>Tkm*lS2$4mK0BGdI`xS)JV66NOBj#TyLG@G7{77EuG znq3A{28`Qs6*j*xD_S`avKj&`9z}(+leQOj;5!IDTn(5L|NZfS5W8qfgKf=KMox}$ z-P}vthuS1)x`jN>Duf7c0c-$wsDxt$Z_jh7rJJ;|nJ*_8XzE_Qdhh;y<{5M7AmNVE z+SUdgz~f%!oagGYJIuMz0YD73ft{TPK6@sYwp?Spo}pBQK5ecoOp7UHW6J71Ydfgf z8ILSyiK=hDi}g-8ugJG0=H4&h>xs+bm0Si}he0@DGuHn|c2G=SeQd zIA5u7Wb><4LiAzqJcM9zB_Nwo_#*qxXT0?0j30ut@m)Bz&H3he-r?fu zq;`yUJVqJeFSB#46#2U=JC7Q(gOcullbZ*gq^9hC8Rj`Icy)x0&iBJQpf5MUhg&R1ypiUtL%_CDq{CO_!l=W>xd}QRR5P8njRL~OuDhYI9U|;|a`E6X>4{*BL z$n(y~&Xyg3v;M_Pm(H4*jo$0?@$&L-9zb;pF+o>^6C6X=<2YH|GD0d=eBSgNOtQB*_z9 zg@5T?naHcKR#V)L?03-DP=Y)R2q0t*6g*%)WKAikD{)+wzB=XQQ4tHRGhCkm5Fqdd zLVDC#l%pTk@w~%pgclfGiBCowHxB+i7wkuY#J_{ z9&rDwsj0yoe+tbSOs*l;y}-2@PoLywkALB>qK(;)1F{=-L!ECM)PZQ?`@rZAI2L${ z&ydM_#5K0naM*ckkX!+!L_x%EHRZ;@tgv8+4KW2iZ(XdaESnvc z1xzh*io>dkz^_mUuv^hXj1DD&6x5sW0B1THW8Q3desO+=fti6RUW2Fg1&SGbMIa;i6;V-9DY=-ofz2<{fc9C3 zD#q5~nyi8U6!dtQ$f#KY+1?G4v0DxfNFEn>V`OGyQw$S0B!ic@3La<n}hVG2Ug zH7P2}^YP=2h_XnK?8~?{whM{SqKNi^yai5}uUD}_5Lf_ws0n`X2nWaR8TWHppn`Lx zlG0`h{KJ4Q&lbgFxdW4^$t6H!Mn+&%sJ&sMql%Iek%)jOhFBMtkV#NrJCFN^g`c0S znzO;o4skt%?g$JPXk8zd`E(cm5gkd%+g3b)z6fD{&)fUSNZold#{sLaj^(8pSSBJ8 z=Wmt@G2d*3-T_Xvy70h*k|oS#X)b)bK?L(i5bjzuy;14us)N79UfiCy$3d})kJ9UlaqS{1UCN<0&;2!VxN!I@j9&~Koa}C4D@srsk#fkoVkI1 z-D2?DzEJzYeOMW2_h98eUO>g5ZpoT~z$maD$za>z$xGy=Y*^svs_yL4;2c@Xkms$-ln=}`= zMt(KUn_W3Dj%9Z+cZ<2LEtFr!?Pa@rdaxP7^YS$9wY~S?j|S_uu&_M%bQK<`M&FEZ zO_HWGKm;-|j3(TeN3;6ca%jpPod%@x8QdW#Z*Uo^!KxBBX@JZrtT%(o7tCV|hN(ed zME9M?G|JwPWpp>#WU{%l0xT8b?f%e30ko`XYFcv~G)rM&p`tT2uD#l}HaQcMgl}G^ z;Zc{-Jmbnmp>%de2an=~u(gbEJ0K(!dIa)2w-<429uVgZXl~iM6+$V#w?^XuhR#OH`2|Va5K(IIP1R`@#C*^D3K<1rX)KnYvcO$JEmG$2XcU*KdoWwH`Gv9 z_r|dTH&Y6nD@YtTE-zo1F*tg?L6kUx&mugDk&)A>km2<)#YLupjOw!efceprL;v&$ zV?!^F`NL`U%xwc5M@aM_C1kZ--0-(_y8E)ZlqxralnQ=+2njmVynW-wU8|IK?b`Kv zT2fYa9eQ|j&8_`Ro8m%E>n$oPC&xB9XLjSLfB>zbkwPG^q+x`X5o^Y~cMlP#gBMHz z6@9MZ<>;}rU#E>4)(IvO3(uaOPgvzhDhN+YQ)#YmY4M7P=zdrNi6Ak&e}1mU0O3MN z%YauON^aKa7r5II)Q5aBN(?Zk>Nk4&QZKJ9_|9z^gGP5Qq~E=a#D6^|gx^7D~1|c!M)U4RhbuS0BK{ z+d4yhjn!+{vZUk(2e*Xt@Pc!G%lTF@dJl{*p;#Ochl#e)M@JhgD>L-CV2-IHYax`< zYX@KY2do$F&q|2niD>J_R*D^Do@8Ll7;n$W%miI6*iU&Rs5-&!fUt;2qWwkw`oCAA z>fcW6k-Z=NH%|Z3Jx-6-b(29wT%efD*aqnyMW_>q_Ui#);FvZ|_bGbWU>KY((aQzqz1=69WG-sDhxuAD2k!)Kn`uaF?2bk4790ky65w-KF1{|7_QZ_GLIKE@%EZk-L83b8fPw=F~mxG&f z5^@HkX@X1jSopY(geN8{Jor+s$A^WBJhZ22aOS=U|7U#ruM!QNJyOp)V@JC1wxRw} zpE@o0uCi&;Dx0mDaSRO4*>yoDT*5Qq ze99uuzIpRq=?E-C*#|dJ?2(ZT|Y$P>{@Xq0xve-*YJQAZN3FUsEb96R{22SX-2fi?l7l56PbV07#9%@PRU zeSBw4hv6eY8X?Zej=6IP&erG&WGFKrXaaK}tY?o=R$YviF3eTANWVNEt`dvZjV(3N7hkWKPf z=K%d8{5V~z5v%4Gd;=Q!Xiyg~y2%*B%28)G6hQ z(g>X3;K75?MH8WEs-$XydMO63G)x>P}~Mabpg z-dzbpTavhW`dqDka_7&VUtkPzdh=TMZ#viTebA74XVcLxvT>lRn9E$;G8M{y)tlv2Riv6>x$|pi2>$Y2Y!2*tMAWS1Q)rm#Ym_J4IgOEj5(0p^ z(~a&sfvKq<%GW7+ko`Mu;m6{Mf$}4*SBmlz?yYxsUbj)|wR=k`yG?*%^|vCwr*{u? z6wGBsEkpFa5dyhipcQwfH`q*G-7*xq=0ke%srZj|W77i{`FVp34-o(T*49?(7ncWv zCt=`A#JgSH-I2#8ZQ-qtDkxAmX!QqDci^Pa=_w0HH{Pzt*YwV-O5MxWR|Q^_?(>fq z)V2;S`t+TS+hMj2y}*x$QhWON*dA$)8otAR%89B4&$t^#De_QKh74Y zFeU>HBhZyti@jojBJ6@yPgor?PKMy5FP{$i}{qB#mVd8XFrA(R} zPUK66gk8heffe{y1SODhZVVON!aVLtH&sAxYw;3E>K=A5hAhu>ZAQI?L33Pf znGwwe9~uxJ_8IU8wmNI-(&~-_5J2P|ft2wrl*3TudM}i_ci*%*oN#fy$40P*IL6*a zM|Yw!kdCMxMJnt#{?9k-!)pRi_Fw`zH#&h6*5|PCH`l$Jco2vT4($u;1$9MEY`*O#Eo|l>|6hYql7nttw(z>50j8TqtUHY^RaXtsv z_E0y5{NN>4u!{k*|_PW?Q?zJO(6@$WLdoq*HdHe1*wxETL#Eix$DxINkrb6ydh7^Pf*8 z_vv4REVg|lVQ2cjWp)SK?TmE+oD0hr*D0TOb^YY~0ENnqI}cbtuJXBZ)XMwt&ByWr z2zskM`v$N|-vEbL{(wQ2zg#cde8ulliY0Cn(HWGcsI&bCxY`(XLX4u_&WnDx0{pZz!ilR+0b=xNj z+nP0{g7L)PIP3X__RRC2<~_@9q@6L{v6H%d#Pw$~UC#KW!^_it{_3Tde`-j*%ol%D z&J*eo)c>7=-r)8A77^p4p$mm>-mIM^U+y1%eX~PYJIH8hQsTgwb33>j!%81T%+Bt;-A)X^wCT{0`LJ(z9c;;~Z+udd;4}_mjOSJ=-dyH@(qJ&vvjse8g_&MSpCXj$@0*ub&ja z|9;GCkheJ;5j}T_Nj7y6jThi>}dO)zASV6E3XF~dtvk)$50o;Ef@9obPXIy zsY;P~;AK`bpmysQ)wZh2u865$hxP7pE-!U0(-cTZjITeyh!sG&6IF_0abWRcOhNw*Y4_b%qmKOZKafO9NN93Gg>6Xhb@~tqx zc0(mJ_PZ&&M8}#s5z4yrCet+J88!dFR}H`{7rG7?xJmyu~beIPC|_S$sLs+`3c z9}4^#g>n1r&LeeoUo_s`%THK-__SBQS1#2-EGXZ>5kZwhDwc3 zhCe45J4)g*ZD($Y=`_=#&ZJn)##Y?K&ykXvGWpyWsfY|bOAkV>2wEl$u0XDrYp>}F z_o#Ifl=p(4gik*C`FlCqG>xM&DE@UrYCP}q9*T?lR`i#SW@PbMOK%KwoE2Zisi1km z)%@e<^(Ul#sI`?4X(#97(=o>q5b$&buX&k3Ynvwp?_$EGjoLZ)8;#jkdY(3$wxYCV zjLlHH9FJ2)G2z# zI`f1)AIm8|zvmg<2G7K81vdhplwZS!?hx(PyT5$OtviP@Tb>h`?r zo-W+1h>cqu8agRmGTPzd?1T3i>g*W#K6n53#ui(*wh<8S9lwJv!uoQhh*d?d)c`miId-nPb)n5eMG_|$-( zUn<>oq&@vs9sl*yJ2Kt}$KgskR(bjQ>iwp#uZys1sMbc9H;!(g*d{W*xZNmbSCDtB@S6g##xH<=$_x-{{vep8X(Xz%jU{Y9;x`t2$A1%fM-LSwZDz4yE- zE?L1Vekhd4X8Hok?=vx0OjodLnJ;>|^Yik7LeC#X zNL#+?7nsjuV?Gc!Jf$DC0|w@l2c^ zn~&Vk%GOi9p7CJCR#u0+gkHhmiMhon_t%W|7Q5$t5`T{=1UfeykZ1fc(fQkU4wK(^ z_SJ3*7zS;V?=*Ut-@i{MRjpLQ?oME%kcSVGq}drRQ=CNoW1ECjFH~l}=iAyoPeE~r znu^_6_F8?;oO)c$2b1(s;3p;LO&2_T9wLb0 z-jx?Ixw(rTe$SJejL{lrvS3-WMb{Zl+Amt4&2GBdJ;xx=HF48t`pD>nyN+T%QjcR| zX}T5qG_$vR=Po_97UB)LxhMCXhyNBi8SSx-UvyIYEtl7r7tvN5jhW>+Q4go4rInr9 z(slHeVl-HxJpF-q2{mbZorC+vD8KkEE%l`a?5z3YxOT#kh9%%ZhBiaj9kI7YCY<=8 zar{&Lse?n}C+(YFW$Lk4{G4vSd*8n?LwDw;Y9-HdgV(|oPvYdQ#g9$v8ipx@$Yo7^ z`rm9~_1&5Y@~t9;VGf+LmI-6O6SJH}s5j1!Coj*^NzD6ooZ;Anf8OK-pT5+e7yb7? z%={$g@ z1A@MKl2q?o-E^9_I#;D!zGSr^{m|ZiejgXtcR&_MVWV=TqM`qaWEliyK^(8xZo9N# z2VAl;$8LhmD1x@80AH#Sdn$g!QCa|&M=(9u97mqi-Hey;GbntxQ|ipQb5D-?W+V_` zL|=a|p!|_~8$*!9@haUTBbY4CsgZx*Wc)(Z?lD?)sERPoO@Mr0Cn#bckAR%KlbKQK_J@`~F=U>NpHk+x|F`$+26S*co@D&j03rskkAd(7c#POi5OSC>CxKEhDgoAAT3K0a zlHP45bVgo&uduLvfhhPFGMNssBEU3|bo^lGuQ@T`JSJu>Xdy`5fLrChse`>3 zkRA-JO5wuVw5bS+=HGO2@b()Whzf&>9mZ%Sh_;KAeTKL!N-ikfj~odA$pkzd*=y&g zoxqSHQ0J#jDD26I{tYcAnWq2cJR`D=o`xu;5Ci8~bXz8J7i^i(i&Bs|5Af$0&j5G> z{X~GJ!1HsM)9175KhMX<$8^kM4+b>=QgSI!Wcd!kQx2fcyr^pGWjW{tNbDV2DWnDx z;Q>G-(EY^xiVVEAB~&2p*$xSBl#ovXWfr5531Q~bTP-o)RP|f*O_T9ne0tEXc+}V< z+Hhf`3Y`I`e9U3`0LVtwn%|&Rh;9Wk42bAPF;@Q=Gj#xp?|-^lSYGah_MHM*LBNID zjl_mYf(~YVfz0A_Ug@tLTZW0P-LY0PALz>93jiAO1VL~IvY;` zaC(sk-EJ^^YyU=zs~^EV4Z;`G=Qu#s)zxod+@A2yb|aa6OniFxHr^u4tXi5eGX&&F z1WE#22bl)~*3jwCJa7)y*VBXQuN2&3V#dKkAM4&Db?jv55c*ryUJRK$$Oo5$A);$;3YN#79Pz`%KJ@~L8fOi5qlVqTg02zQ0k<6lt(@@gv zhI3D5bb4AE#P|g;;A|Ua!a^Yvng*eE)Zo|Qe@4QHpTp!*E=pD?#`j+Y`dhmvcJF#$ba!UJd zD+RK8MpjlAk{M_Lu#IoQyVq`Mt`Fh>)fb-oZ+fjWPsIx%A|FVX5zpH-GSYr?9%vHe zDL+$fhmo>4i*UjKc_j)dPkIi_#$YYea#vD>h%r@#NmL;<=~v^>A6}f9IhywQG&De5 zT;y;ha4AUB7ZNU-Yf>gTxwy^@OfkZO5vLj^)2Mn2uM2c_cD_^^0ZxK|wHyyXG_MQJBRKnj!$Ba_b2&uF{0=5GZH9tcS%Hpo+=^-#f;3E+Q~m{$k_NGd z0wSf*i6H?@rY~xCTQ4JC&+ z39$j}B~pA<2i19(@XXB`66JxEWNNw=#BR2V$5Wv>511SLDu{ffc%T1)6BE zwYejGU0ru@PZ*}!7)2o15*p=m7%vVh`BG7FttIUy;=Au-9b()w>t9AYJImGN(nkcm{ZjxBmt-?1NAcJu19Z}WdQbvQ5f3>yx`^mpJ3VzWgcS8uDz#y=ZX zH4?n`X%Xff2M&0{8uWsurZ0lz-@QBkd?-69=@CvHWGQB)HXYbnuH4fp)7*8!Q5Ab0 z@)~kzVV?anBz`w;-n{nh?FHzYP#@U0Rb5R2XXKDFbA*KsDuHXi+H)a?n-Y#WA}oA) z;PW-iOT)MoTg*w`(>6Q%;N`?cIxUrGCG4IJ@PPsUg`(m+bUaG-FEqHJ6vShKy6Zk{ z{!P*+psS+4webEu-_e`RA90i>Os;T1@@7_U-?;fKCLwU1PM;~StJ{)#IiB_`8!e76 z;(!AvpIO3L6tl}%YFs5&mX;UqNILa!;-RA|B1|J>ePKlo80ZH_%malP9!HY(kP7N4 z55#U`tGBgZ0i}NP$eVV;qX~96`s3)spjCDSUDLDjiT1|Ew<}jW#IAeRTaGz?+@R0E z7<9wy38V2a#QB*{pP7|)6$Ycnw(=bLYG=DDn#OWCe?Oc8NE&)WRo*mf|Ah4sYh~Im z*ysB$zCoJnOHqIYCd6jvM}wFd&W~7b0jemMGf+K*J5r6$1JKiF^_rN-rYk(Ek?ohs6(J< zGyC!R5v9Z4!6|!;l3;H%vaxFC3`eZMUoB%0fz=eoAn~u`2HHI}FW=%}liNk?N7mDw z>}N2926ndWK?0;MVp)&EMC}xrFJHzSRH@#eb>4mGR`?ue&2ay@SLjm-a~{YQy=T48 z>(i@~y~^BMAW?^u_u4!x_Ksm779#NDed?ai7&?bp=<`r_!tB=}L^mQS>B5?kfxq^V zrlvH)4jRwT?d{pd%EAJlJ(f{7Vq68mT}!&@uZfIjv9M-@393q^*zVm@`(zmy7~)i7 zEi`T(z2et?7nW!w(-)e@v9D4LbhE1r1XyrnUxlnx#;Ko0Q}nAH631~WL_I+e_9h4< zRFyn=5~G~RD#BleC{{9B5ab?JJ$Z5Os;#!*#VxH%GJ1UTpTkfIG$S#GNKI9~;c1oX z#tCa()GZLi4o@E!0d<1ie(elD8O+OnmX@);xRjvJX)1_E=1FfOB$OV#o7E%y6e15YVWiuv2_cu`9K51xdKZ8 zNJ|%J%!hvoD)3Nb5CA?w=g&qA4b%|#X~;iXhRmV9Ys#_X$Lhk63od-j zGy#UGxbr^3nSwf1)B)N!NJq z5t0Lx8tCtYEPky1+T;ZT5;r(tu|w+uJ{u1iR$qx7ISJ6N;2;=<6%e$_V73X>O%-Yj zy(**~MBM_u755=A!rDT|pOF(fy(NW?fx!T5J7JblGofIIXFT&e=jl|fhKdXc)yt}% z0v5UA;^O`ZmRzrDjN1q!y1}YiPRf@y*rVzJlMdAwI<{_{P;Je}VJ<^-B(TT{{M!Ry z?5k{rUqkXi=cwt~jSU{3u67~{_yb}`Rbs0LtdJL=$h^apP;_v@LV=!lW@A zg5&`<6Y(|9hRHMzptU1ceC;O&RZ{PRw%GOPE`-8E}u%)?G$=aGFrS2i5!EI>4?7g)7=jRjrVFIx0RKDgkHaV8RrY(SX&3=+s&X+qF=xRxZ1lZv zUD4~W?&}4={gOEN`t>zUZPX<@(L@iDQ2uhze^WP1SB z7w&7T@=!OK$U)1o=dnpk+ROv)sjolM@Jck#%;)#Xq~=&}J7)2^VW&Ujg7A3ieY*I# zHQh9fFNxQx^7g}^pyuw}h|_-hKr}iAZZYy`Lcystw?4Mc5Y+hC^t3({4Y@Y8E_hE4 zAv@-zGeWQJ{)?fke>M~}v21~p3*w~{YtJ|)W_d_H3kYbdE_!4t4FK7l_&Q?Ob{y?X zM#enqz(9c;kKd1PEO@6=1Yhha>tnqreUYn6gA8Vv3nCYnw3}FBE`D{mE}?{6S3q{zq5LKg`FU%N-ZTe?mqXkw?&dLM!n*=uIZn zyJ*oH`fTvJA(4$7C2`++j~M^{XcG|}q}YaVHTd;;LJKC!7-PKp@!keSW|I{(^xFz> z+aT9~f>>x`C85@|PoH6vaNY(%J@yM)BMJmj6RFsMRoVR01DAHWb0c+w`CoX-JouPZ zKd#&jw#KgJh*$+fD|;&AJ`e(!D#@6cnfcws3z1o04f}i;@U7uqyYr)*{J-E?t2VA9 zs2Zt|VUAKA`vb_wXxaY6Q3&E8kz8dp-D^(6;F{rU6fDe38(0IfXckcFZww|Az~ zlO6o{q@6EB5=eaqsAMj*4Ko3o*x1^JXK{Ne!8e^35{12TK`X83PaopuCZoAPq2Ry- z6Qu6|0g6jYqf3%d#K80B!NwfE=jWhVfp0fJu$>$n?f}l5CsuxiY6e;qIGUV@RD6Va zFx=&deGOW34?>B+AGH@`>p1yOk&fTQ{9inv6)JD^ODjThvvHn63bSkfelNrU zQ^<#j`}{rjA-_p45l20TKZbr1Rzcjb6QF?H?wv`SFtI}`_GK$4-5>6R(U}=l`(r=^ zh%Nw)ktFaqcE?dloRy-`>R4G>jgnyt_!r=#H5xh3uRF8?=mnqMxE}ls@F5o#f4M+B z0IXSYv$3sEq(mITR%66IGz#rj=sL(X>R|i3X zMh9|C3v`T>e!>3!MG&Gq*;#9!tNFajG+Y#2z5Fr3h-yHfv_vPXocBt^vq%#EA4+Ff zpvc}PVYMS~1_~Reo}9=3{vKlb?rUSSZ`FD+O=`}}D(sqrhCrRLLX%O*Qec@Ep};~` zz(?GH0D$q(q43tmM9<<#Z7?8UBs~xb{F8<_6{GZaYf{hUXWQ@ATnhShHM2`s%7AwO zy$fX8YyY5ciXI%cP~EjnkByFo;})wL9vK;dt-7$@!V; zmSOSiVY8imM!~N)-V1J*;*T&B?2p`WG9TD2IznO`e))14HpwmI6<`J6so#b=n23%c zduwZRDsVc~hdv5*A*N~?t*cB;fe3ysFV}^v2JWlC?cfi8HGKwSHP-XlX=!O!T$6FA zl+3rawo-q=U=PIB(=p?EM}xB$+psMUDm278{@Q~M3^$Pnzy>ZcwNt+k9KZR_`t&A) ztaQ7(rpkOYIF|2SshO6V3w*$HMiQUA>#o@v-UpP*Dk@#@^oB?hW5OttaD-7{(~+tG z7d}oV>Qui%?ekk@DM?F7!fo*K%XaOB@H+K!TZF-P+X_=t78Vu+q@VY-UYH%*E|!FK z3MFzeg4zLV0DO~}Eo68yjFttH8i!3=1!9 z@IO`2Ssm=0cvz5|n&x-v_5%G>iB(SUSbswOG#nG2e_pz5l-77_$!$~FHkAk`x&=p_ zMr*OKx<#hWNH%7R@% zl@RDy?kt~XjI!DvnAdbxn;zdIgda#f{Ims%>h!wNB1~UozCF<@jfIVqq2WO86ixXV zo;VH;ao4%(j^%9yHEw@Y4JYmetHC4@B4JSkMhRMr-#p3+!KA!j0|taHC0+ewE3egS zjOgv1CYt|oBkcVK`B=x&v>>X~0B}Q- zxWHzfKnj`smJ%!*v>lO(go+Z}m%91(|5|kz{*P71pMQ!FRXHoJq#5gUCJi z;nVz7uS`vr3h)KQH2A11nHLScTA%LbEfL?_7!+kzUH+|@R52M-E!kboa0^}-RL%cz zHR+7by_WWaO&c%&XIav*F9Z(Q=uNS06*v7RLOE8`oWgZHIj$=E>H2=j%FEMZ&QNiE zdNfWw0$O0_QV_xbEi9>S(IE6V^;L!S;VTm7Um#03KPcW^jz@X^ZLredB;f3i*9Bw> z*Z!%HZuFgLnR#P@iN~0j7#NEKKZ4f-`ff}%APD5i4E$^@e^1^3R^(dgUI_|`>8P<< z`Xs8+W9D5eQNQ3~_>PVSH6$)(1a?rJS5+m-J|qvE^;^JE^yukR5BaE}>EDDsv$j@V zsw^*$fTDAdg3ws|gDW+x+6sn|o+e zDc3xmE8uFw>2?49g~YY5LjKhP+%boD*3XW7(i#xgwa*n5J>Utzv3&3D#u!0FOw0ou zj@SmpxO6Bn#MpyQZ#Qm9h)&T+p-KdZ`m8P67LwWpNe#$u8;nNBYSJ#jo*zhV4;UIW zH}6|)7#SI%rY0#RZEYHdMg_@~DujwezAq#cc<@Tv_rAWy#?hXU0>E*1zpwAL3@R6H)nWAfJnisDHJ%NXb= zYZW9S6B3}7@Wq%Pf{2uNk>c?6n>RJ}^>Dl0j}o{nFEM{f7>8tAr6pb?;Vu~&OTaqJ zw*7MUEb7$8r$DGcmzfYyM^a*L*|N$?+(-ET7u#hue}@eFk!CPdEW2Ui=a9XjKoDhl z1mXL?GX_2aoH~PNHkJep_Mv9?e?-G3l}Nm=9o2KNkk?acB>^_T}1)90sw*qwiNs=nbBS`h>p6B z-;F{ApGge{7bhw%o!z#zzmTu77FQTH7H*@5D>92!_Lht0ceY?E!Hws=$$JP7&OZd6XxC{dxbaODycAp-25pPIQP^4V7PBzM)X^VHVyzGFx zz4LM*rG@OFNul-$**EX`jy+v0sT%#j8tuK7sqEs+xxL&U8EoBr`TK_Ktjl%iLl00D zl()HSi3WcDW?p1&xio#lP)-;6gJBI1rpX24CfdiZ+~9yAWb=EQ%Peom_+YVk)m)W? z=9zPEC8`peO7q16&%6ucTy?E(!K6rBrm}&OSNPqsqjlt1vS97(C%5~wGgCW$o!gSH zk?wiAS6+MRHSgsE!*MMk74ur#RDDCX2|nOtl+(MLNW(Z3JZGk5l0N+BG|eONO_=S* z9lCkzRz9Qp1F#qn{%$&VyE%R_b?$eIrn0j2so@u~rTKM+p> zBAAznmJE89{hEQU7ZVHe%E|#2ORo%eH2fVJISvK@R~tE&6%?u}j|Zs8qI5%j();zL z6l`%2M}^|8sH7z73T+_*gdRRDFbH#!1||-irsJ3&K5`NKQ&6R!+j}vQvKYm9-tWO! zO5G#4ggy~HF*^c-&~jeHi3@SVY6b@4kdN^=v@LIy3Q#QIiiCwMbLt8ugj{l8uR2-;u_`kz9t`UcN<^OP)2+4Hx%uLDEq)7+4?6T_^&O^Hlqhqvb7YAFwei3>c zwfIYj4gh&ipbzKO`}|O{t_j!Cm5!>KX>4fRbcJ+*WNcr5kur!vr@I7CG`upE4rq^jypS{b!*T1fA(gdU{KEYB z$;aK&Nu8FPl&300^YvKd;P-*axe!wt(mCtFu?4h-^p?K_ZI+^nPfp`Sv0!H*`% zrcvmMvckvJ?3!wPAv_8%A}3FX`4_JoE2*2vIB%do@l1>Vh=tJddn;kNgDPokWzS@| z08Ke6kl{RZ-N4o)BNgce(;Z!g>u)zZQr*mdY*ShH!v&6+M7aPv1Jo=h(e?uanw1yZ zD}kX5AQ|F_F9QBSm{9B@?05I->$s^rNzMQO-t8zdfy*+3f&dHhvD1uXmqg!t2L7`P z#SMImx41%a^L=C_VI?Ea7AB^9Z6;AjQG)3OR6k!2I$K5q=YVsCo!km<0`(p^Knp73 zulHu#cmp7k4D)W{qlsx(nJ?Y)FytP`fc*c+^{$-$AGzL@^LOstc^eyhG0l&3-)ZI0URfjeC*bzJ%12os|3 ziJYH}oVT;L=N3~BdGP`xycg}w;Ytm!+yK_M08qefJ3>riA(%^z6@dC|2gcaeb_-+4 z_T27R3W?00e;8D(B27bo?Tgv3O7@4I>(mxpj*gbwiuZ9Qjuf=&b6ma4V9!aX>*>I+ zV?|Ntb5L}&g+Xo3Qz39MIaR4XDBFd7)%-a7{*hO2k^=fPTh7KtQn_L$_AU%v*1Wab zM=N)JmFIYwS+x=Kd__`;&(DPm%Y7A|jic`O#|Ncx(Z22rMX>OrjCaS^mc`8BYG1IM z*h&8*R41cqeX%FKsK)1!xLqm>OYBIw-OJ%OXuAC!?UTeqEet&q{p^BcVXV`X-{We> z8)buU%`Q8ildrZ@;%4HHvkddpw-%4Hw;ocBYqR!VcFea7JGG`$krFWKyoYWlIMgksz*0dtdR`rx_%wbTA< zn^{?9F^vd&II`xzile|n@rR!`P&n(;+NutrSurVqVW@(=VEU`F!x!11H`1qzo0={S z`~=1bIpfHLlbgml5a@tK!nl@)8%ce(^7@O32%1M|Ds!L@EU)bVgEPQnC-o8BS)P zU}O)%;^%yt?W%}F6_#Mh{H(I>I1-nN@yh@@{IolIDj~^$ItrT~3;V*AE3vf8HxYlb zAthTt423@MMkt`JLT&@pYQ}yytXQ~WRTKAu1xEQm#%XcPz_I{hoc&UFdFYgYRPS?P z^(i*VrB1zk5cm%aZMYk5pnzQrHPC9X47cD9u24or^6F|n`ogpG!xMsxA)8)ON>TD| z35ohtLm$47FYDkLvg~Ml^s-Nopt#tFxhzvRKXaYiq7E)ABHX;0COe#`vz9cRlODOg z9684-cxNJ2-%(5>v+?Vl$hPACf=c#xx*iVx(=O}-Hs>NdbqXxSCo9bQ$}aQY9A*;| zxluhNkaAg=`ittb2=_h;E@9Pm$CY!R*Q}eOc%u21)8>f;bzh~Ew3B}aK7)L^Kn~3# zRnpn2i#)SUVE$q{x6~X@l{!aVyEi9v4sJUm^-m$Jr1IrueH-s$w;g01G9O>TWd2Ha z{naFB3elnt*FU=UZg;DREqW>$Pfo8-A8>5nFfoC|V|%V~}N;A~F1kZJ4Qt)}?(+D$>-e-pGaV0uDmR1Ju>G zK_p2OP|$WN+QnEzLt+6|i==cwH-n}Do<~C8$I8pf8dGj;0+E(cBQ+9Y+di=2N!CJd zV@vI3jPYWELqTjxDLvr9Z`7o>ARr()#sFx6{E{e;obk<9!db4q1*QRAo2ugoK^So_iy_ik7&py94~;UQNIwv zc0f>25bA<}C<(XdazL?Iy5gnRF<^mKY%ON6F++Y~?GKjP z>v{1V_ED9I$9*o#ox8`Lum0%dMKAY`xRxR`KAQ8TVz)AEmI5y@bmo;x{} zWVfl&?)5_zSsMAvM_hi7t!RB=z3}U4qR?fvLNqt}G9T0TcP*NCKg*eG&0Ux)S$DfK zlhGyHq)ITXv~p$}k9bu_jjy$c{!-Iz2XVnv=XtjZonN6Hx5w)u>zbL*rMmEM%dTs# z?qirpSXkEbYw8Fl5|BBu30C%rC-sipwD z0*eM;0Nau!W+tlXi%qI3D%?Koe{>KbH5b2V^KungW}6&>QBRp!Ef&vA2IbV7q@)d4 zVAoDHKwAa16ND)^;lF*eIuC#i0gkM3CxBx0Wbc~GrOa?WiuFw2zk}@`qvyjSJ5Y5grL&uE|kdkhDlnDw0R|xDXlMwU^ z+F6|O{Q!wy{SQfmTP8||7L+82h)^^+kD45gHR67?N1{$QoH%5Yt+8e!ypjBg?Bp8s zmM=+r9jdWk&Kg3?k+D;4?9d|U>gt9m=pWhwj2F_<8#jkv?2nI*hG~bd^U!JOxnU@%NXi(lT+4ZX6L$P-H@7z(Mc34 zRJopJDevw~wkp-}hfq^R`chU#22mc_+h-}-hVy64qOsY)#uo4W z^MSYb4^-p;ey*lo4wwXcf@Hu8Dv^1YarQC!6mJ)UYk?G~N~^GWIS|yi&D+L?yIPzV zG~ng|00!(W5J{rgQ@I6OGd(1%19!zbLga`ra&GluxB+Yv4A7Igt-pyq$$wFP_yfMT zbs&bNO?gh)Em$FD;257o8pMG(di9$V98(HaFXFN+V=^p~6`m>B># zmjmDcdb06v7Zs-F+JWo6gX^89)0FbHEy++0(WyOCjZ-TGn{f*=Y6KGip0K(i7taF$ z^=WpeCxDTmp}MUSOT?X!yK@(wGrx(}`TV6z`&OCz_^jPlR+4|o*I(KvDwdz4Z-|R4 zQU9}`7{jJwdfllH_s`vD^5}ic`LM)`=e$K;=z150w497PD1T2-d5ljkn{Y<;x3C9B zDo^Ds_|d+R_SHUnb&rF^gVKF5A8SmC9PZujdv@+qdE4=CXY#ifin|(&D1>Ldbf2bY zb?-S6*AXHmdFhB&&oh5s8z%Op61Tty++$-_90J;0w#!|)v4^~nK;Sx;#WG~u_mGM0 zi^9b>ygDfo_4KUWcbu9~VEavnJp9u?w(fA7JJ_L>Z5@8J<9JKr>k!K$b7AoIfv}J` zJ3=6YYA)hS1P$V>rJ;i)QJSzC!Jh-F73jB{4^P&uL?bu{ToB~~h;`T{mLvY^4oDi9 zJrV{7bTKnFkc7-rDpREyQAk1( znj~pbY1X{oU+#79=eeI}zkYx0z1JVsTBxq;yw3CZ9>-@oY;KL_TN@Z;^i^84JR~ek z!`ylZ7-cudp0FmJ&T{`KV&1BLPJ5IrcVJCg<*KHa6XrjY zldjG>`Qk1Zz;OLBF&j>Mwbkn%b2jKkURs&cV_%E!-5Tre^~z8i)oP2|k%h8yZ`N(z zSpCFqL(A4t)k)i0?~=`tOYDBI?_Vz7%ah8#c5L(y@n5nmdw#tC^4v>lW17OlHicNL zZk#quMRS)LP{YWkOt)8kl%DMPdx_=SNtTqog|WlG$Oe2b54I@%dick>Q^_9RjhZ*B zpGk~gXQ5^A$RaD*=n44F`4oSrM-?$8ax)Q5aM@p@_M@TxgZ0^7DmVRAf#-jK(jxA{y z0t2@#+Oex+{~+1G<>~oRxnY;)?an>;n1FK`#*spsO#xlh&IrxW+cW=7GgRMTG<2#+ zTY!G3Qa2rg;0K zGfrv3R(U3zn9_un7|(%eYux<`=QVy$N`LxO+stpZ<=ZX33X@tLS^X>~cW_hb*um@M zTN++{RSa(Vmb!3KqfNNMcG0(IJPv(b4}|ekdnG&-{NK~QWqiz88I~uWEs6iB zLS*^YyH+*RG-LH+eMYsdY{;zrnU*)-zFy|<8REOR8yXZ&_L}A%FjQD%yM#qo`{&_{!@sG#hRielP`LG* zJh=~fr*ic@Eg|60AGMd2ZTp3&Dj|ZU*xT;T=8c0K^VbP>r;&Lt!%avYjD7Jdv z;$oTpo5J2EKxH_x49viP99}Uyw!ei3;`G?G=|*dL3rqMij6|$A$}sT@2ngsl1A`|e zY0ch4yl(G*ze_bi$^JLKi3Up4zsbO%B-}}!lMJPb`HE<}uV3Gp`2RoIuV@)h)NTn` zy`j0~N2cxer5n!|G?f*a+sqpkG9a*BtM;v@weK(4%DeUR(_dU9(+!f1clX&~_M!Xy zlAyB49k#(`uVQRN&5X+I$^tEuBDQXo4NWldl9_P2>*E<+2bo^nCvotC_9E?@e?_F$ zHBJA}YhUYjUE9Pi{A<~bhJE>ylP6tIuGCog{Phr$Zwg8}_aOs?D=LQdfYf^&{ScbN zMvi=1Xf4#=0_oGe-g{iMkQ*@Exhfj{F@$|li>*5n5le^-xYBggvx;7B;uMDG3-~TD zcVXB-Sjb{Q0S*cf9=#=nmtMEC@IrN8IC(0`*EW@!cxZ5uOjeXN3}%;U9|Vc1Wowk> z1fxX1HSEw6%!D*seXRAove86X*hTSc3f~ zJz@l)Khzfs6(B(+zhD~sldk^jXPj)?+m}<#pa3osElRmLcKmoN7uXQoRU%JQXm;4e zmgQKxhVApI%RR|T{+6KCJeoZ%a4HqJ+>W0-`D{yY^nt{@bxrlvf=OWK#?+MEAz!}! z&hl4kDwrj5N+CyKBih0|%wD?m{e|?j;%dR^3%O}j)w_963^w|V#=;)MdktC>`7wOQ zQ1U{f%@vq&d`Fu|(`um1t+=k$bdYz`W2WR6Dw_CO?*6wp@t|7V@Tg6g5SqR7!135i zv1AOsLJ7m8f2RrqPz#Y30ifu}RAqgG0rUv^~n+_{VO zd*K%9(!D$PM9Q5|EtDzahn;5Oy}o|>(Rcj5>tkbye#*+7eG+Hd+J@CTT3OwTC}XPv za0^@El$JLiYK}5gfjK5*X9s48Kc8@^Z%+?LSy7D+1U+7NJ?{I{KAZYIEf`q4iqHQd za%Ei@W#RFY5HiLm``Y7Q?9M(X9#}{VLMrc}7TFRsR{rp_X;7jTu}z`%zHvDPX%Vlp zvyGaZjkY`;p>;pKL@lZ;0P)n1+AuQTq;9I+a|}qGOOzAM>Ws^8-=w6trWHq*Hb)x@ zrJ)c>1*aXpG|X&8;gl6SGi5q;S{k`7dsFkFJv8QQd0z*yOXYcf|7DkofHH-y(=wFO zs+zu?Z?D=puRs3o8O~kz*bit`Jw3uJ%cAy^+x4MG)u+tWZDpBUS$p!}u&333ADTwm zFLOVLLPdFkQf01Ei#(c01^~o%D0{d=aQ>yO$)5}PhOrZ)?*8=iS-n5SA2D~nbIQZW zp}Y+kE>6du=#Xq|#xobhls3yMPM(cROr+9cfGW59RUPb{Y2gb3;pD78@|4rmwDgm) zvd34*Zd3h73xM@N(C(O!FdCdNeLntSrumE3{Y&p}`J9lDA2Ug@mr$-ebswkYIJt9J z)HAu-7>UbM$4oU?!Hz^|yJ3f>(ahUNEBYk15&OznrFnoB#Z`{aQ{+T>N7>}1PUm_rsf2U4oxt^z$C5D_z=C^w&@0if} z1PDi#9U-wZ&@sETQRptHcT^m)k5nk?86tSdkS?jB*9Z0qj{LoUdUMJU5jbn}^(esciq0ss&Z?fW!#u3F zTU`IE;ygdbecSe4Y-&V_`3Fb)`F-Qerae5C<}*0sL+<7uRFFb^P7Rl%8E-xNARP95nafvA=)osUywgp9=ZA-*I32??eCh@2>l(W9m{K z7?yP@G<4_FE48Te*FkHBtxqS6)w#~c`LTIe;-`@Wjg%){Q+Y94J~5#zR->S{@2Q<% zXZfD)rjnZ@tm|FY z$$a|&p%8$<5#6CXHfDO)HkO*Jk1Vm?X+3*GhO2?@(A^VSW;W>uq~>fH*G+NkfnP6f zVx_g|HB;~Ts=Dm=>-*Lynhjt0W~sAcWRh6x*-!QK!xw+=J2OyvP4KPTr#~+lDlyx6 z)0FQw?bW&b_&3=+2MwQud6*xF8K}H#T#mM051ecajCdgf(woS4 zJLutIO89zH4UpS`gxvm`n$fksmMu;+AaokT4(-*wZUX5GQg>n4OQ}^uWVbH(1+E26 z>G4Y<*VX=O2g&Wk4IoTtXd^#%%$WKn?Tq&H5Hu60u?9V|^RlmZOD=!9B$=Rd=~y2# z)2Byw&s1G9$;xtpJ_-l@ z&#GT(IyYtclN-+qSgFz^HGg8?ol%Oindka)kv*mAbN~SaNP{314o;{iFuB5EUosDdEyT15H?lja>Dtw+ zH%DJ3@EifZ8?q+k*RrOQJbsjng)!pb6qc8j$FZrxf3uq7Z6Z3~~0S&F;%k&s8o96E5Z zgJFecuX%IlevEb2!rB~dn2cQO1*lgn%Ss6Hl=n*DG#m`I`Tl*@p~YxAkpEr0d2`O1 z74B{IsId%Syh=V!a=}fJ1S2!SNV=a$XGCrUGLYm)hX_Q4SeF8R7RPW{I(e8IP%-nn z)o$=F__GfnWFI_uX7s5oTejeEulwx^xt6g!IA&&#Sm0J{R&;FgNXzsO_CFTXxue{z zWL0&iFCpV5nMg}~2-59rp1s#A>(TAA>%;Osw&brkIc}Bx>_hFp%1z4sW-5y75>zfD zgj^pj6n=qqgx});It;UZha*TN4i{R(sj*ReLcxTfkRRKNa*z~reYiOUafcF&vrIT~ zQV)z3Mj}3ZigN5Ctw`&_ZX%FV2-TE*if^UgUpdkNPsK>1n6pBCw|$}=G_Z)V6d!7I zR+eJtNt1Xow-bdfN`jYD)xZm3qo=bwmV1*k55pMEwO+9d%wSJsal#=gj`Xx*JR1iU zwhvcPSy9}?&;Wo&$mhtR`P=v*+aoiPZR$8)i;bF$9$V&nUO9O2(bws<}0B)nu5fi3AH`x4A(U zEn4IPuZ^fg%HDMc-8?(IXod?43-$a`vToy06plHbIU12%2F{$2G{d+}Ka3vpwVkNT z`OoBxow_W=T|i>KHi9STl8MsufSA!<^vRG zBT|J)&9zo{JF1Rl41h7)0u#%?ND9|L8%$eksZm`&PuAA$@=cw69F0TzW_ z1Zy5~A@QbT^avwB$t{#Sx#cXFK&Q&`2cP6A4IU)DR&VLA#(fO)fAG>UY%xMa&xs>R zoAGGFeKu8$IjcLA_aqcLBMlyQ@qRIbrxx?qS`sdr6z_1O?1O4Z`A|E3i1{luznE{a z&1L$OzI6#la*bLNoPFkpyV+%!Z_U;^+iStKsXmsI&W%emlIXYo^T_cJ+jaW;VLMgj z(Y`zmXD8|DEd4R@f$haM_u_ISzWDg}iObzT@7$Pc_k@Jrg!^!$ey9gM!=+&zpe$s1 zPY@0i5uyR6Dwc+DSPYsxIVw9MO@HUa>g_J#Es}>p@a$&Z1W6W(e3t0T9p9K>-s(o1 z`yFJPn@QS*^MIL>*1!RpJT2oq?m7e(QH>ReSX9S(=$`}9ULjRxk(Za3n-_n>5KKx~8 zBscB}?}`cW`#JN(8YjBdl)sX_P|vOC`+7Jwc_xtMG83gBv$`QNp{sshpI$9?))J9cy6fCqoYlRZVp*Zr;ip(N|?BjuQ8wTGx=E=p*@EK?GyGA7Iw+|_%y&z z9GOz5M*NxP?tki}%{mi0)?DJim-ukA>bdryg??zD%o3i>78dy;$;VGkcBURT&%3>P z?#1$&_Txy1C~CZ2x>EF+G9J@;b9-!NG11Hz=wwiTBWpm8CVycxXwprrTkc zd`x5IP>IH-;O3$FJC(jPX*nNE$UWu}p2#4m5!={3GN#^xPNkjV`VEcW9_ufw`gogj z#i5gQtG#;*A3V5UnW%NMWq3?tY-#iSsgGxPcs_fZGJQd+rS<_uT0hGc%sxX04{n1S z^wKa~TdXp;Hl?Fq(grRmQthWMHo;+{R1y;K{{8zq+jFM%m?>C~W5*sdM+7V0d9z8l zrZ|I&?oVT$z$`ZX^ZAs*Z^vdS((GIu)&cb_V0nxQTvgsY@ z@M1O9YN~FOpBcf#nNx1}-Y3Q}e-%zCwjrIx=YFeUq>9Q$ND@|D978xlH&Ob_K%(|| z*X+H5BSdC>Q_hlf5_A(1;GwKc5L=dnXMqV7zgThTQpKRCzkTOlo0`3dp*z6Bu$~@m ziJsoY^UwcGxpR+PsI@s+T2%BTJ6kE*FgU0;%am=q^$*Ia=(*ofMLwwURiX8*w2eSR z7+H#Hm3`(p=AL0aA>((pQ-e^=yTY+U%~)e=2NmiARNslV-}YQPflj8*-=w~I2AJy)`gF@8O`GFyE!&5!pZvNdvU22+ zzM5$U*Afb)?e$fgwT${WYtJ*9df7!c;LGLIFU315*XvmnCe_9|*dB{L1-NrZu9Lcq zy^>6`{ivxr{(f04KPGn9iS87On@OX7NLT?foK38_FA2+DuC-%gAF0(Uo!5WLc^}tM zlu(8_`9kvN72dwSFGM)OyQ}kre}_;erjq~_VplY0>ec5>M@S@sroop?aZa$FMW$eX z>o=*X$v0&8yDB&y}iX`PJTXUu>JJ%FgaxY$rus z88+W9>_)9^NQm#i-8;8`x2wA#sS{V5oAdB&=O3CAJS2x~$QyY%Cg_aGem6Jy*R4!k z4!$jK|NdOix2p2R{D9Z`4hAx(6hB9}g)Z|-n774eiSB{Kpk;0H8s1fO-rdwOP&1>T zVZDlBkKlKa#cSt!O_)m(spSgi6)GF)K|DRb@0T-tSQ?SGdgsIHpHz^`Z#VraTF_l#*3v2c9;hSnFz9uruL&qf6 zr#bD=h+p;fLZDB9K#{c(%rUCDzSwGAmL!lKKV}IFVi=Ez*SbJsW;F6@G7S{Cxl&c1 z4nVJ1K*VK>7}cHSKh%Oggw3?_7hzn_-KaaQ>jE_)f?V7GCF|I0I62_ zjlO;TdRxw>LhB;G`7`wh8S104bH3vp^kFC{ssn>k%?5)evLqEKsHUOk4z*kkG!D{r zV|u(s;-O0(Bzzki9*95jFKl}opKY_V0lrtLfFr(up|ZF9}8Sc_-Q zgO#H9d{G@+GRo)1aE-ZE-{+5u>(nh_@Q@vML(d!@zp?ynZ}Yml`}`b&duNyxTYYUa zPGP@suB%4x==9uYg%w{b?6yZtu9{gp?vT%OW1~hHwdL_Pqn7{BRT+IT&1gmWG_Mrb z)SM^ZtKMw04R|~=T6gW|hsM*Ss?;8|^j;7QX`##U%*5-8dc~&O+n^w2*6g?_?n+zT zQ+~PTWFoQPxbEPVreXGgan9LJ7+!F?<3z9mFkR-nRWS~e9^DB=FMF}G`_kpqY=#OkmjHcYzoiNMapAtq5ni0&;&HR}!L&+yF9^Wv zqy2%X$=UgedI0GG73})!0Rh80u;gqUlWLBT2~dtjW3TYD$JeQE)TDFh(z#|4MPJ@b zU;iiUf;$??$Hm`?i0eV$7)(JuP%U8Nxv}7T14k!DZ7+oFe*u=THe9&Zf#Y@Pp4{Wqxc1LzgFGtcDA#Ix>D09 z&7d^JgR^#@ODPUn=(RQ^vc0V8PrsAi-%NjH#k}kp(^xt{Q&(0l-QI4O;mEOH-I~8N zr(4{*u{pH-{ew-%P3EgbwFIs|;^6o|(k(IZV#>D0%qNyt5;`}{oPjgrf}|B}oqlyb z67Taulxm&{h!jVNoPBkXq-6Y-QN4Tiobbc`m*9Jd9eC+y5kn*M49kYM_l`^n6V^O9 z6FCX|;1K&DtDpuWsu1ik!P6CKYd^ZsJ(jH_705k~`S~S6-Y~@@)&TaLcqOXFZnAKd z0xFRTL_{FqYGUR0ZTLh9pj_nog}`|c=ZE)v{Hf#T&Lt68#0lr6p7j-lmGC0~e6Pq1 zy);bB$k^Uweg)mW?E!{0etREwtLf;(OX+t$lu{T~yin6TEHc~W%)lhlpq>!`&oao9 zBlO!@>H}Gb7T3zE;!YTFw6urHjsWZQ%-aoBr|Wao`)52aPV8pB<@~svleRx}n=m>t z(xOGFx#WoR_q^DKHnH_dE%CYKKP_5{{fP|M>NjlAKIeL)78PfQve+AwozA|ypP#oc zGVTwIcQt#Xw2{^;xay;0+9)YSM|fNs_U(3~MUmC14;x;ezy0XlJCF3dr?V^`X{ox8 z&K=rKQPciS^{tnOXmR$w3h&rn#_LC5yN8*5GRkE%KbTujvF|xKW_6}pNPxF%dYJLg zYLl#rp%%Y>U6OKi>tpQEsp_Oe?#Yu={SGhe?0@}XknO}X&Q4ng++FK5eRY`1qhE<` zxo&?Mx877}^)u)3j-?-LFQ%FON;TBn}} zzlXcTI-52g{Sf|_q)tJJdQ)=mg>TmG7`=XezhLDAzj!a^aOE~lkIvycybbE=H?8#T^~|m9Yd!lQ*LmkUzZw$V;}BJR0P~nJ zdYI!~zeWK0$0L7j*SWI*wT}0%?b2Q~s}<;j_k8~5az^^&?Wei7UA=CpL@yK9iL19< z{9%yLS4Oqf^Uwc;F z`LlDx&4!>KT3Z~-T93WnJMyaPZ)96pC>O+kjULdtuG;hJhfRgy^BT%Z8dJ9W)ToF* zunhhuUqrrZt5{jpo#~mj>suZ-N9QW9?pxZ`&y9H;)&pR=|Iics{r={?ep5Ystw*~( zPOHC^w)wR;*5a{USgW&Y#n?j~0QJdJI0a*bPn{3j)YP=omfg<3;*?ghd*szmfpF1R=*Bqe_T{*HSn{ZDyNp%Qoc-=M{4*#k)Kjg;0iQ#tn)%KrQ?!;u$ zG!m#5f2zb6Yjq~->3ThoI+xo`hO6x+s+r^PLj!s_yW!!l>8MI|g6G}OaCW({;Kz?| zU{H(uaSfKfo4NWAQxJI@K#GZ+;|N3m+FZ=@fCoRz3;XV_0B(UG5>`;a_eqm{;kPBk zo)f~H$TwnuzOx}oLFna$#)!nuUqu1IydCHzv7eS56iEm$AtVQBX!I5in*YT4gz~|d z^`J1Emr@D^@}Y3#!LoWXwF7ZfrFNFLixLJg217D_<^ zlf+3+w+|SeYz3l1Y$6dw@U>sc?Qru6UvTA()~@)M1DKtMnU#{i%X~e+vl#hXz9|YFHeqG6=D51eX~|`xtHMN zd5+hHtp0Rot<;F+xBD@Aqs8Rl613Y&{wB@BNTEwpiLUCVbGd7Q%!7-2t0^* zSIBi&o3Bu(o8WVr!93>gpA3F4)`gPWbWNd$2OEYl&>|~fhc0~#*n!@fHA&?B?)q^z z0rBTWc7lt<+*C8HR(8>b^wWgT(5Ro_cW(*k9$HMK#lqNr)^s79 z5Yx@fZYh|?EM~A4wPVA5uq4JTP_wFl$~EVE9??m$(05G!+i`Pb#Yzb_lA?r{-TGqkBONWc5 zd*qA4t&V(|I(znWmpS7J3qb{2P+jjAlRy^jrOTIha<${P|aavlxx4?=u?*1cV?ek(}rU)tC(*QXB;9euKIqARmi8UW-g1E03g~<#nMc&X>0q$_mzmiy5J#f zcH9;4JcqGmr0(_ZE-3ohq${?Hbr)6VMZK>$^WbjJe@C*)a;8~u9Hf(SZeT|j%d{fq zlRZI#-Hhug<=A2~-qc_p5!=4N!nS5ckdx;IpU$Qtq&_^Bv-$d#I{%h~%qbL_72B$Z znEUfy=ziGC)SpGCG6ga#n2iy9=MlxjTBr-DW~si<$YR6&$l%4(#CT+;t-*uJx#8{S zCkP9#$rbHTiio%dY_=RX==ra?z5#As3;6|*#Fuf7FH0~*^=@gQcUCuljm5^2osp?w zM&eYLJ)*NCJ>oB$-`%Y|x7AF&(_PHJRj+R!R&DoVXMAxqd7MMg*!fQ^VsBo$_9mmfK6YUM>F)>c)`_R;Bo zppXfHO?Vyef13OQnkXW`v)80aNmCWx(sxGU@YYQqSp|=bn^R` zz~EoM5jW(&iy7}|zLAV)iWX9gNq>X_{7rWaQ;|d~6c^C;&mGlX%$qZ(JyqFut22F( zkSbv3tiB(p9|kV|9Lk}r;I5L!P7geQ2ubo@^^_&!;QvVMixSMsZ2gEk|Bn)n^A+U@ zBMo}~y_bd+SqWkZjtFF<6{Yhz5K=Eqd+XQ|8)Q;cUAR=sa06yiRr{(<_^~;(B}ldq zE8NlWjqj%kEyvr~rk#NhYB0D{fatAIslT9C0r@B5k|$2CZ7ZQZ<8W#!x-NUX;nt9h zckiYd8fMXwDzc)KO?^&7KftP#+8updTzwC<9U%JPN5d55;RCKC!OWJKOcekK)NpDd zA*FlQuKl^rrF)qkaq~(5kYf&;(hlb;IcW1i`eKVy{(uA`L>!y#*s)8RO7TU|0)c4G z22@8z&>O0m$3+693&GHw@4sX73}&rfeMVud;0S4LK*x?BJu0Ei+DbYX)Aj2K$F+>i z95;Tv=>B=6#hP*n`VJ8VON+*_My?e&0y)W_c+Y|!U+g$PI89c;Au7tr7U>zVq)04> zr)Y|)C2v0}>g?|bcJCfPYjq43eB=UfdHMQs`)K4%Q~?f!->F5c-L6Tuz^RL_KSr3? z|C6*2QTP;d7FrsStPn(^TBol^x>h8&EH*<7vM{ZHu|g3*Di5J_6Uk%XtN|=rLVg}X zF76Hr1UZ(X!4L#H92)Nim+mTJHrB3Po3>yU$}94bIm|kuwgaw136%pYiOc_vQgDWKLg|K;b zP|?(AachcT7UIiM^lIN%0WM24~jj#JO=V~>(`ZxX92$grE zx>(o=F`c~q^a*W)3;+juw6E6c-iAFj$OO_@(f z*PDjp%Brf16yhgeVDRGQLbyw!Srmcr+}?V<4?)ax)(cH3kou6{xamCpkR&&w%VUV4 zLsy8tnPm?o-(2z2%_SC4c)n5BBhQ>F|mXh(<^N=$C`jqU%coWB| zT5V639-PE!9(UoPv8hA*BI5QA9(;_nXln5L_SR=LyC$dfVr5 z)qBl0Z-&6DWGO>Md~b{2d9ULXQXLoiO*q2UrOBdM5yBU!`Q=S9+yrt)4qe$Q!M`30 zt*&5|Nu!>Fq$Recsf;S67wLzMu7cxTOrN|sY*12w*U;vRf`(YmdKMr5E-Q;B??+li z!Caa-^d)VHsUU|jX^&J}fotAPP>jp7y1OM!nFu~#iV^gS*v&z}8aEVo-H(iLZ&WdS zbR6>tFZ%HHsG?axih!DvMeOcoO^aTvj~otcu@su3!&(pQVxq5iK`Mu~g^ChaXnhZq zxTZ8SkwS_-6bYFqg3E8Oyl7rV+sr-Lj-fusf%*`!YrKiTo#iXRmccZcw74UC@i4MUb#e9?F3UZnO^7UXE*~RxPL#;MJ$6&d zH`3wqw^819Ln1O488Lv|@kyL>I)l6t;=q1?f$r);PgCijL*dlX(*q$L^Y)f{1jU35 zQ$+tQU#>&)6S)$mB+d{z+Wad)YcUbY(`7ZEQhh!$){AZnHjD~1{*G0k`c@`PJ{)nA zP`U)Ajzl^E;rNw1irOqJM?$7bDvkt$KUc@KX4+v-Pu@A^%tMHiPyse7!8c-5omCgL?8*6I*s5}<6e8bqnKhi<$#QNnRH6^ZQci&s>*Zs zOKJzCc2iPXhzi<8EZ9Z|w-$vZA~%ja4oqZn+16*`;^I=5>u`whs>hH^GrkK^UE1^J zB_4gpX-3Ax)r%J;wYOElMuHUP)sE-{XvzOeU{KU zqHxvl4rvwWLTXQaJJuyE5%GBH-Elfzibv8*mOD$(7E&sTCMx|y@OS-R3H~St56{Pf z;jianEzf>eU06IssK04cfriYwH=sV|_EYu=$oAThUCZ78v1VY~#gRe5JYd`uV!aEL zst&`>{{8!lYI%wqzYWzA0-M}}L(hL9#yh^a`c}5mWV@q7&)e;F{^jN@lKmY>k)e>4 zf8G*&m&8&=7eus@7p`49!1G@2s?_LWQ~co=Vtla&D81y=-iK|e!@Q-(KqoW@gXpNo zF!VijzdEb~=tdt*=iF@%RtGBd!6W;X%YmBUf^BD4f@`XM#}67bW7{iwH{Xet1ALU% zEcQ7!#WCXZz}LpAB$@^5yJ@mdfIhn@G4lEI=aMFA2OIS1IfUPm4+XG?F66?5b@$Rs zTx(QIh+dz!aG_Vk?cm_DWj+YZr_c3b4+9S5r7bv#mNf<4zwgb18=^arF`3MTREwsV ztOqdjoKVwB*4A9;Z8=IFALuT@`_cn|_3)Hz)(*Ish=+VTC#~>GhQAhWSXWPrfd`YJ!|fr13yBO5NG?_ENykV_XR`BrVIo z&ZHxNGHx24s2wZu;$-38tP5MSy^@U+-lZL%>%KcRul7L9=uf}N{#Maa(ze#tNB#UX z3aWkn8`DqLnvu;b8BF^0z(m5${GFFvzs6Z`{Rw%~WvZ@LR}`1MG#{jM`EGVc3CnG1 z_Qulh-P*Y@JMvheYXBaQ0JOStzN1J5;`9}}l4k0GBK22R)-CB~WMD8KBVc{EVXV>N zs1cfO;FlipYqrBg#WYsTt1iPI=%m>L8-!?RX+2JwD~rlA?ti1uPvbw}T!h-Z#0Di^ z2HEUFrWR3pvf3zcc|gohv=0hZlfK*Ae57BXuBBKAfBxS$+Rhdu{L;|$5-3t^i3?~6 zq+N5)?3wBockzQ?m3_3r);?RqFYb(t{U9%rZ7yBE?nb-S>W0lj20O{=airTrd5eq< z5{I3>`1hanZEI`Vx5>@Fa;YK&y1zn^okYx><^|P1+UY6OcoDHqzr*3z_Q8O?S=xR& zmvbw@<_kdMp%*i01&R}YQFccTMNWs84HRdYGem-7KODfjuuqh14kSI8Dfz?jN z)YQ~CIScasq(y%n_5YidU*_!ozi{$W|CN&uRG(d*BtV&3Tec@G%l>k3Pf+!v9~>mS zEox^`?-wya?|icTRg7%!B-bl?!UIhNC?h1%x#4kY;ep2G%QEa&^mgrPFIAWASlbtg z4cMb9UeMyuMLpLI`=+QlF4$@5fs~TGY=7MWABW}IceD&B)q>~ir=j5|RC~cj$yAWe zRiW#^cjL`MsJ7W<`|CoAaB>{`@Zm%6ptyRbo~h3h{Y|ba))}+49w=`|Re>HRP#Dnb zbjgRGjrp=G8gu^zBOz$TmhC2l!}tFhG?6#;RMj1|TN%nGX-% z5LsWQb-g%IZrqTtZ)=hn>)f&|LA%RW-NuQlMxN4Fa3Ol*a%kxCCPAc=Qb^6Oy*liW zdgQ9?Z2RaKqtzT(mvxR{{`y*N->_}RL*C1cDQ8!W>`ALH9VOFqg>7Kl@5q7|FJB&y zu2?MYsmqadwp*fdl>DyKWb@M|+^R2AYAIJr^{sdsorg4+c2?vZaWKNw9i1;QpLLMU zXo277`;#zdb9`FCxp`k`Pt064-hdvRrl)sob-wk)J}U!16n|Lj4Kj>vsx@t9K#&@8O_9%@YUX$$ap%(z;~xbD#>nJ;BaWI7+(oTN&{2q= zliku>%fMWj;@>QQSmDFTCEb^gS5tFM$&;N|@s|Efi)}th_ud^L!ee8EryJiq)=`Ol zA%aE4m^%Y0@P0TcQUYn>;xVNvE(g(+VS$ z;^J7PO!Y(<%3&CX(iyF4f8HpA@QXEzGyZZk>0+K0#fr2W0lLq}EyXM*Hoj9KX_|=b z<(AoybOr|F>YY2JmV8nr7H99b`2YR zYwV-v`;M78#4da$^BJP)BGoReooI@*$pCH~ZQL9zjKKJQJR~1k{Ewwigg0Luc6^<;qzrCFmkN^>kj}R1=#=Jjt!1= zQbq9XLf9xQC$#F>+%d3U#DX2Y1_-adiaLebi`)ALdb#lHA zE^y||a9?LPnGfE^XrERzMVEGLXQVuFqTQoM+4P>Sy4{8Xx_OMF?d2BwdDy6N8m=nK z#Mv&E?KpTIgL3_0fdw|_F`EHRcv(roUb0Ygu=i~c)4$33?%(@%o1pCjE>e0A7SM;rXZV*UQB|7TS4Ke5jLmtP*SyMNb1mo5xDbb|Qn zj0+#khi2}Sd#s~0KPD~a>Xva8x^u+qTz7@j5n?)HR%zJ8kD6VL>0{udCPe~+OYfJr z*(YyP6kWA?vSPAht?NjY>jJzizi`y&89a-xu6V;wXAk=G+kCgLS^a_q8~f)9hzsAGM$0^oX#C$=wV#7+I2b>7O@dsq!v!VcV47c&Q=?vFwZ- zdONYy3JcxkUFrbw=@H2RlMrvx)ef0F*&xV3vP$|~dU`s^I?J^ZY1SrA{N;HquDE(J z<$K1Ar)$C|?6Z55_d6j*l4Yd8H{;G^+1`MnAslVV;>GXE>c;`Ntcf^*ikM}Izuh^J z5WipoU|4*cPA=&sVyMr}m4c-c5y!{t{(KUut)v*zML6>kHiD%U&(!MyQbSZ~J`JL< zEm2o`(*_zkl+UF0{`&4`K`Rjlr^{$XBLI3T6}k<=_1^l9U?~_han#4NC2~=Z^=}>s zF9STN*w-PkXxXx7=(Cd@*@Zn;Q`K~}=_#q6u-+-M1c0lyXMB#kU+)2>Mxrw?$jtLyp|oBzcQe@@qxYPmcY=@ zW`Dc4YCCmjyLSDxU9|i4Z{L33QAa=1Q`t(R2kz!$8G8&)}|s}rN2DT zx$jF{GMhJTdZgM3dzr)I6whR~aLfUemZ0Mph@q^lt3j=KboKJ=Z04zfXejv{ZT>PgfI>KKxPbGQ= z;Fw8*XUQ0pg@2QW_gJprRbt{mBpNj201et)J$zh0GtYuIj>T&a0yE1?k=3Ym9eF4! z+o-NULV^I}VXmi!YA06!TY*TT7G}BUEEZ$35oxb*>ZS%eg(Oaf#qwlbsTZaxu_lC0 zzt_a={ctRC@|{PDEJOv6S|B!Ja~Ua&JHrF%JCzfwwld0*WLf!qpqGd^gJclX*lWky z%vk_L^du%=ca1;Yv|5XY6$!70xIUor_tqy0V3A>KC=wUS4cgXD+B6>^HDK=lT7}kY z!q(Fk*>b~Egho2h!tpTAzt|paL^L_$n+T?cix$}%lrxcZmEEj+e)0=;gL$l#k7{Xd z5L;L?oLidI^$ph3vjV?egx6S-c=>)`o)RLAxv>}{!~`IadG2)vF4&QaxW>p_z+yxJ z5cde58MlzIT>@q@pL5^)A~OZ<5>`h)Kk!5`Gf+GIKrn6X?Fg25BBPe!vR0nq#SO5+ z=us@H4Co2k@|hsaG`Z_=DbM$tAcN=@zDqc=sM9foJZ^X4n?M*i?804euGQb~Lg2r% zoLd~RtU<#F2%S&vFP<{d3yNhvMw3EALduy^%f0;@_qn*Z9CliXwsIcX*(~7WlmKrR z;4?@*9r&4R*M^Xj7hW6`i7s8@v(lnKb|T|E=f30!6C1uK)=ItyG8VEL!7zhNXgBRxDHxt|3-EjmiHLO%%_^0L}Ns@x}~!wAFyT z({ZIRX?-lIsl3K=GRAQ!VkYOn%S1%fpS6a@0}K|3ey6xcW+7uBHc9k%&f3PVP_YgG z)D8b2vp>;k4rPdDhtbvv=%|a5Qd!3-=#q1+!Z&T*TD46DwC405CslK=r$>Gwy!cDxR|K zU$nE2R9=|sdIMWKVigxOUF54DLa?OTNw9U)F9<gOUlX|r7 zF12WZqhqv6yF6};d=CyTuq(h}#6?|+yl`@gQMvQ+Ze}HxxhhAW+^=78XBRvGu-GHP zj!wMf3rOtf>=x$}!y%FK(9^M@raDlzbLVT$EzJPmH;(T%Mw3asI)I0;oP|#Q925(E%90OMQ#LF`lI%LP_N2tW^Z{=`$q9g915=m6}& zb-H;^Wh#qp7+P*qtw2cl7;jDE+jZ?4-Yz<*jR|9q?37>q1R#q?qEoLi-_9n|}qy6HKNsVxKcFm1@-rm~=2uCaw#j`=5yI3phE11m>Qf z{lb@3uOt>FG`}|dZmq7dEo@-FjPfwX9p;uy>3exaHs9}l?0S33?p4$hF+)Q32-}Qu zvJ~o4nwUx^UG~_%j+(sl*VPoXQ)-i&n2`i{8nmm4d z^;roMH{J-(5`L!|nXtFz61S!UF$nD)6gSO|Gm{|t0J#5tX*QeMm%dv~!9jB06g ztsxyg^~9*DXvMiuo5ALrBGTjOn?&rN9Va1SQ`}4Yc$;e~YLu5@jsVRdAm?skHT)nq zrrwezaYFx24(6CHpS{OK_n?5qn7h$;BE(p8=js`Q-T-Ez!M^5aUSt)GbA`{Gx?~B8 zkFy|-oTG@w^FlI&a*-N^50J?e!$(cx%WU7k9U7hsp#+y1$O4D^QFXWw9UeivtC%&u zJnXpAvPP=?;b-qQ`@S%((6ruD6Vxay#DRe_ajL_x`B^(n(degujfu*G8Rk5Lyz2Et8pZgM5Vr+Yd%c{FD2+ ze(zvKuY|OU>-X-xTj38Z0%5lER`%FPH|OQ+8NHVq&3lerz?*G)?6i8_b47oocwz&u zj5bwD=w-6+amsP5n}?-`sl=%wpr|@GLjAz9iDOkDIk~89?|<@0D=vAElvvl<_CaV6 zEi62ixGdTQl5wiSBrB^~)rFkeZ?tV<<#deA#`7A=)>*Od*s}*m+58yB@mIWB%wxd8 z>K*Z^KZd)X^Y!I?>kK)`QQ{vqKF|Q{w}Gf76Us9SJXseN_+N_|_bkl)<2);rtzva8 z5TJI$X?HH(cfwT$tEwIq8Dpq5PO4?uxk5>R<|6p~@%~83d{Q)J#qvHBtyhBmEa3KO zS@M(cT}bdy(_b6aesgN7*JC>4G;>hfFYq_SK_U(!#`2!}2DhdtCMHnQXDUwR9kcU$ z(+q}X?(E%jUYgsq73=N8#j!^}h~JHA$oTF``O)iI^N5oTahe?wQvT9MHHH}bPTn()S@4B7J0=8|q)5n=iiv?<#Gq_qr z1wCDNmuLr36@@t#ixiCu1S=e;hmuxSZ5Db}(5wSYxNJn^CK00A zYFQ+VOkv)oP;A=kqe%V$B}bZ1{?MT(W+C zj39I3VOfUl6dG3(iWAH4#3{Y3Vz4@EB*AiHdR{;Z&B-a)xa^5H#X~dTo#y4hz@&zm z8;MkD7$R{jxm3D_>tsx1LrnXTv~R-5DZq2utTe}7spLD6K)U9b`G)~3#D;aWs6ONC zu-~hf*@gJ91$INZQEgrP^aTg+RmQEl>A%@`;7+2u9fq|0T$w|H+F@(_rrat6C4`)rnK@@gZ2d`#*+(drU3h#&!Ux;e z5z}O#evWC<;wH+lN*onq{t0ALz>@@)e6UfNsgEl5oZ=!Dg9<4;z+29i zUiPpue0nS$t)H1+`0B1>Ud4m(=#h;(8m7DCm-hAa4{x|=;B>#S%gmEW4z=G+55yZe zjmWO=Dd!b)((Q$dT+HZce_8Dx*;uLgIm7V$X{~*WBKj{fH^kXQd^f=`jj;N%ewqrrAC>B&?8m+A8aA zLC~^|x=;FF%B}o78V!%pmfHI)SU#Jgt}%9ON^LD=Ts^R3yLQ6KR`y`zh!KgkwJbT3 zAAM=Z7eV^xpEc6hdxUOW#j$W+ep17y2CXGX#Nd=WD4)*>O*hxr_=yMdb;E9o;g21s zki(o$vDch5DLiq`SKbBxNX9FQHXE?MIMx56MRp9cSOr_tF+Dnr@&(gR`tsOSW#Xs9 z?(PO_phHOi&(+AT^Xwpk5NFJYS=2$*a28MROUl-=F8K&!pO|=QUfX*#;GOTNqHp!f z*_#7L?eS^rcTVRIgO>ijrz`d^anYMGXgx_SXje`3Wnsmi+@; zrXFyAKC{Dp{dV{D9rE9m+D$&crMT^@b>ZKqc)J_uH-}E~IuqaXucvJgmURnjYiN{t zC^oygL3QNlG5dT?mRM`MyU#9*(pu7$e_OC2k^;mV4>yYrF;}{J(q_23qW$H@Up7s3 zLuKYI71zgpRJD&#U;X~)Ki}Dc3TngQHObyloP0+f4~w3rt?kkwN4?t1$YIs~H&Pv2 zqTD8g`3(Io+y8y(^;Ue3!u{i39Cn|ra&3+wSL|4T&yZb(y%tow)Af$x6$Quq>y=%Z zV>siR+4VVw%AP}Zy&c5S{ciW>PCEa38UMe3E)tj`7JW;ZZ=7V$y7EY=rR>AU0W3 zCDOKR`TpnQpA}leK7QEz32PoLd1FQ;$Y$eyhv1nrzI~P}C`*{WBfeYjoC3XiRX44R zdzw$rKhR+zH_#M0?(+e01)tiaqdw7SBj2}kTiXoFwmlE$?MNzPv}SYK<>9(Pe*>42 zI%m6j0y8Gyl~$Sq$0KMc4dyLw((tbvOt1WW^JDbWYSl**^R=?Rd{>IrxxYj;FeQs%pZQ)2b!YpO9J(9^wunEK+!D{lz z51cTer;wggwKb8{L0ggwR=zjAfuu^YiVKulU@#n@N6ADH&KP1qKGO-URT zmhpr+5y($;CnReMT+cD(+o2K4${PrpVJPAaB8gf{;TK^=bVQ(nK-wH6iwzBRw{05* zAc(Gg39KzyPKd)W;g~Xfz2K3AsA=cU(BSb`lQsxNFF#EDxqzjqwG-J@&4EbgF~+)Jk$@!`YY(i& zel(R?*#%Mw&ju~91k@Be3Ew{MH^53}wnv8?H>2~feqPxmQ88~sUGBY-8T+O06?m3Q zL_PeqQzE7zLH6UrT6w>gpZ$8*^elfJKiMh5c=&ZQg`u8>n{bSQ5GnzX8D#VTKnv>P z?dsGVWr!~RUre`4xdOH1=)gARx!3M6(}P7T|xE%f(H+E7`dfo8S0 z`9sD65wXFuEf!vFQc}JM7%iRvz+5WV$}sc3VgSzB4m8;r`AgIy%?mk2&5s5r1kzd}oiiyqYfE3Kq@_=;)Rif6X!B#_eriXQWrfNZGJx*b`g6K4|cJ8pULQ(WHB)&J>8SxWvV4lVKh}TeTCpoazc#N<8`@MIsqmOb0py2uW9kD!& zX+>J(7V#K^K07{kQ18jARI0M8U0^Jrbd&g7wE#=KKIJBI88rlP+kVBy# zGPfheAHyt+vg?7{>TAmu&Y5#?_^KJ-6uNZ#=+sn|6Ex7F#d*0^rC0OQtS8=$+nT0y zSopxmziD%|x#Dh< z(;GrQ4;|I5ZSCQws>XSqaSnHyx;SSaZL2+V!N9y_GWkh|IV`dHGm(^jSPm#e(lfS}ej+-m1vCsN|l^}B|^uNx>7rcvheF+ZLy)p6MYKb5}w|Y&l^(woxd)GaWtxQ~>K$_QY*KY(~%X%ar|v z66Jq^rF>6dW2ht!T}X^|JmmMRmFMiOxfki@pV=k~tL&^i6|3>Wb_;6eXC84gu^J~4 z1FXP0fr|y%1+-Lb_3k=+3{A&Q+hU$%@MIbc9^diIC1+}XSS zl1=WLP;g@9d529ywCoF8Rz_DoZ`D**D~^Yr}fp&j@>s| z1U}rF_&D*kpS!^%*_K)>dhVd37RkNhn!-F5Pc@ht9dwxFuhwAdjD0WV=Km=8(3?dj zt5*32k6(|!ft~?T~9ffUQ$z%sM-k~kmD#j89^BAd^wNi#Ie5W@zx0>%xG+@TntN9 zx4JcHMT^OP1bwpU#}Faas;TMYt{Wb0omv(e8s6>bQtq0bTpqNr)!wPiACkAWP+spU zhaC-W%Gbzfyqxwc=WvT#vGDyF!QCKRZJ{Sf6J+7w*;pt~_FgGJ z%p`RCK0a{%ubMyOfONNB3bS33WPQ@7FPPpjF)Yv9@y>(vsDso-33(1BBfEiHAey&q2{60t zvl}T{c;#!2IjrMb>u#`?E)&c8XzPME^Rj>!)yq!b{s&tT-jz zeb3{Z^E=1manG#ly584&JSR!?tq+|m&!^J%Q0t@h%^N&aV>zdtoA*i8`M1WBVkobA zAIz}zRaUud7l_E?)U8JllgoRz6^-Y7DlL>A!5q{J*v+hCu!jnM@!vVH9U%5P?K0M} zCMub_cRY_tqI@$LR3pVA?rlXdvK3W!Kty!epp46|CyZBEJcV?5dCmk)`XJBbWveIs3pZCL`q=&&5nJu>XFKl-F)FU3YOcC3&rp%mf=PTRf`WLZ0EOsd_XG+{r@BOO1w7WTSxX|6OTd#@_v{fE}08=~4l!ZS+#|{~#{| z^gw_fw@u9FNb6%w-V(?@yT1I>Qct%$tZhOEw{f|{H)VWpHSok^r*dt5#bn$<-@Ca{ z=_dh02XSM~sKlz*vDG|gnc#c=)vq!UMy97X$f~|N%IjwR3)mFiD=HdSxThJrw&PQU zhe9@$ioXy22Zig$J+r8N&VI=?wKTi_bt1Ic`Z^N_wGYif8)pr98W- zStzRbAz7%ZA?efezXLtypAf}`y{_)9et|T{wK2@8cYS?yY41+MoI+Pcm+zUa+<^$M zxLtH-j?&slr^(04g9I#7M_08;hJliNhDMN714;XVfH*pg)VT7Japitj_SlBYiyjt+ zO;@+=_83#M-s(LG*?euFZ(9NmjreuZ5rm)pjvcwanykublAZT_S)#>eIqH7Vlt@VE zjAhEt=UJ^Ke`e0WE81kv-TPxy*2)O~fGHOBEQe{mHK=; zKj8ux7}9*Rs_;hL0=@2?B~iygVO`nbebqglrm<#h?kYGzXn5sN#hWwDF7@l(ow)n0;nDKciC=5cRk*dCQH#a&PP23ilPpcr z#MNTIH9${>e9Q_J=f6u{6Whabl_VSG%HmWFVtF+7U3Y;hJ^G z6nr8%`}9A6pFNq|e1ZwWv_NfLz%>R24L--{EC2kE3nxHKFC>_xP9YlFjVNz5->)W$ zx@nTLDtYJrffB!}o5FDmVV7O%6C-sVJSepO-=WDNM;e2U&dxcgXX|?eM`Z>E{r7Wn z1w=<9zq+SU|2i%k{>Q;UvcVf8~jq*WPsRrNB4fjr2pRetmc;!0Y% z5IZa25Jq4UqzIgnb4K87aQ7D#;Ud0QpvYog{Wxe{0q_-!H^9Gune_`4+kjL8@CA>N zeDGudNsg$o7G`rH0~i!K&=Duho(9fXP?|Ih0DlC`E>hqt4`^M5IhKDI@dL<{bFL@T7eB@ugM>rjWb7{gG z)tAe<@6sIfT#Myw<4xsikh?yHmdqdb{f~bZPPHg}VfjkDe zCyA6lt1@t>j&TUv-|$?mIvIsZM1?DeZ;iTvJg8yVLr zm`NV`1wC>xptCAagb4VE9Y^r`Ek_!lEHPLqyCj##+x9Bi8^_JYzRi4j%YJ2)gPcV+ z>hC}v7_hOkX)gx9GCWggMu51EFhdH^HW9p)473HBSBhD9`aO`DxSH(?c4s&A}p=Nsm`I^w;MtijZuA z47w9FqJ)~GdLn$2jyJzi%VP}*Bus7Z3xpKX-ri9OBs6jVaz2!hj$X_R#U#CHSF6LA zlQTtUV6whwx3YJJV8>E#ht}&c)l8Z3LB)!>#aYnswT|&-wx0|%lsFZn{1tFb;s$r*)krhIbL5J-~B;-$#X5Su z!W{~T)JGwyEy!Uw%mgBRKpG25*MR0J#G45FaEG4lBZ&$9(xSF{q7 zP{qR3cir=w#Y#5R;^=ah2Oovv6B<@L5puL?&|#4c!@`RSMRLKlo;3cBnS0RMsvo@~ z4sbdGseh^x;VrL$t_DZqXXWpI!aMQd$C6hxU`}whMHI15Tkt@jP@`Z21Z|Yfsi8np zC$Q8o5?AoI87Sk)L>=lDS)I9LKW;zCC^xy@xaTr~8 zz&SN)&g!RFupC9_>lWd21qKCeP5Kd)x^5XG!r52X?nBVcq3c;3BrYF_OaPROC~yFT zM)>=fLZgfza{c2M^I{ONAR`kTc{y5-SyXgP04EdFq7b(MWbtdrumWw^?-!|i^`JQf zMqS^h1PF(Adib2>QnF_nHB^2Z5cC3*-a3%t&CXkAxa?-6mFZ4eqB(j=i-6jl}bNrX+SAC<;K3)Gn@t`pHeK9@R zXR`iVBfmiGX**(7*#i<#MA!+bTOjNd&y|cCS(%5*7Noru0^L?A_jVFgT1h;@;bH54W_P$PG{`q*whJG%H9yl|jT1{@FMup0`5 zy$F5?xCjmrt%s(oL+u!%7j#}7RV*kGuo`|~Xqe6^?lT z4NXGtx@W{2T+1%po4s&;W8e~rhE~z7o|>B7gt3<|UjoqsqywN4*q@v=Kj!CemEW-k z@J>JgGM`Z(d;I;vetoiu!=?kQ;lDwtf`~-{UWH{Ha$CWf@W<{J6LIw+aEXY;9y(Wk zh+W?T?iYxy>&T%zBHaZ<&mdBLsHD{P)J&W&@+w~_0xN-j67WBefPsPzl(hHc zJ@YcA*1XT)NFNrweY^g4V-}S6!#?&Cf zcpw7+%x?pL#CI2^52g&k0&;C_?SrF<({ZyQ0D3%^x~Tn1jK-iVol@wzT94!u3IK94qpOX``-+$FQu_EQ^NH%2g_~*QN zW_7yfV&g1RS~fk z$f5lt=D4rD-_-F2Kj*05q8cUgnh#aGGwd?BUmJUlTC4{T=h(`f@=8nyRWHK}1Gu>i z^&E}R+t!Fa89_T%cX3@@1r51kJG1=TMzBQG$cw{j0qEwGyH(`~q91;t7QFow%7}kI zssX{YiVBAZF&%7hKmt{xKyu|ut470S>{g-pM2)s}^<3RT>4*&)%2f)HRh2|JBv_}} z8okuMJW&~6iP>h&{_^E`vr=g@H(rk(8W+eE$#n|(|CoP(t!L6*WkFIaKt<+nhilR;4%+vfOlqnk~PCo76%>jb#?0aMaw2 zw_@5}no&|oyGs@cTjO-a1!TL=pkItj?iCMz4eSj+yS>rd=GCl3cNAeWwCw8q{$1Bk z7XH+vHJu-spL))Rj3(P+KJC&=$B&fmA2`-VHD%U#O$uzp38sBBSzVO!Ecm3i%*7=X zoYti}H$%lGOU={8xDOY$nZYY@gk`k9u&VN(%!XLC@>p`8!V) z&T1F)rhlat8WEQur{V1|Gjibi&Hf*$Ms&W^gI9E@0_&&?GnYj%bmGRAT9@7Jot&y0 z3M&F<#R#PsEdm{gt8f4Pd9$~zFwOrZIpZ(P;$I;(c;2jfDskW8mTJRZDTs2i;zR5Q zQOX`0Kl>hQsA_13m3_(k{7Npa-k8aePaOptZ`hT8zMe_R_2Lc&Ygf^%RlYs}X6J^z zR94RHs>w?PpgGfa~#Gs{yE}cEsERX<^8_yIWk=9iO(V%T4i`x z0G}D2!BttN~%%tes-$o zWHWRZ&Jn;#W3Zf(*%f$y^&9+YDslceNzbkjp<4(QJJ}!c_Caz(Lmym{xRE$Nz@rp29%$)$!kF?=7e73Gs+sChjjzm1m%3xqQ&Gs zpQ4T43N0uykKc}`S{VPb-tmxpG~U~Xrl_rX%ClOx(AhtbTg>7L?7@3ja!&5O*qnUP zYSPKzaM*F{usTU=Y&Okwa`3k?4Yuez1j(@PtQD|e3|ph_Mx*NzwOg}ZCG^KnhhFu< zBqxq2{5{SahEi8Hl$KOMduOzU72?gYh!%T-7k$Bj2uG^SUNFH+ZeS_$5}!l!%Bkb@S^CyTJm|l=o9Z-quF#n9Hco)L6&+ z?J<<%pE&Pf9#1$a4)8f_Md@81w4OQIV&P`0r}HxAslD)hzo?R5MN89pygT{wz=;@E zsT9$quQtyjIgPAtOw5k^g@aCgeuLW=F?0Pr9Z7fI1{(;I@kP|t*ptig)1f9Cw50&) zOn-nqa#QG0Cw{wgv6m7til~#a{eD^7y7-!R$0^$cRwMpIN_*8OY+4Vuo5Dn~8y)Db zr!Mvv!_rQD=saC-pJd$s24H20K>s6`j6~n_#K#L~d4?+m+%FP!(l)1wk9PL1S&ObM zoK(6B*zUba=M@}rnW|q|_~iDx(94E0=5vN{>)G|`=@G2`RXTBlnQ^00=XO(Tns`}{ z2V4qW{QS%8)8EiGDjF`po~g%iy2g`Zj?6#~9ddHCwXfuzB@rEl5ZNDX(7W427e8}_ zbM(f>f6^zB`oi?X833F_hrQ3t&x$Zc_8zog?u+b?nC0i$@lAw z{s&uIBe=imt5Bk)myqK=Ct56GcF^_%RU+lDN+NWFczY$sjYioQPcCV1hJF)%+~j}F z^PuxY;HY1GXGJ@~y_tSk$2#(jdNe7O)N`waLMlDZQL$?g?qyQ;i~D9?o8Qgr^h~WC zxmo$*>M~+H-l)pRdO$>czdSr^)bWvMOtqj9>U8vlPwx28%K>~x1x3u#N<`YSJF~-W z+|7;j+x>G_ZX3!lbbFd`7{}O+ce|x~8Uqm5;>RNsLbRZ4#$+9ZD-Jd^n{Jx+W`{Q7 z%ZuHBf#H>mm^xHrx!CqoV64Uo{IL&J;VHe@$4fojEeNN1VaHBz|BO{#@gjfSUC)>p z;}E-Z-(a zwp?`52kV@Htq>|`Z+<_{GZh0uq@>(bH(4_8=)dz`A(eD{{{FCcgI{O&XZI-Yh&NTX zI6Eu%y&f_Fy;A0(?R6BDIn*-DvSwual#ySY=OMQtfRfpzg&~|Ln?*1{i${( zKa||)J*O(DJJ6A_Ahup^FRZ88woO+TI)KmIOn;;C`|P$?*3L?E{|VE@6}oecJaQG& zyDru4f4B~%aLVj#h|iKRP^4Uyh99itaoP6M(Gj!JQSvF2_p(549)jxYSOMBc_&n`!&`yKn9sYb9OR^az$6BEi%og0Jq@V0~B@o6xeWjl=bE097rS&jwrpFXA94Ir|H~r z6+dr)JLrdZ;e2*pL!tCN*jY)Uef@57e9b*nJD2-ij$2+sta0$ypPagy?4vaW^&_|3 z_WPKS!n2teFXNXd?EdEtb@$r7f%1{};*3L-3>=*CKU^I#eNlr~el)edhIvzH=VZ{` z6XR0<QL2YP3g0P_$Al)1?4tv91_2k)knCLOz+#nvbO4IXrajfh1A#%_bmn4wcKI4P$ z`yY1|`}n6U9bzsIjI%#eo)G(ZyfPrX!o$$w_4j>r^2jMT3KOsYVP8Q^c2%Z$Ov)-V z=HyGRM;ZY=EAOixcfJ24CC|pIohde4eFvkAyj);uwJPuN0xPt-BfViad*<1kbFJV0u!dg)*{ve|3Pj~`-01+z2~xk zlj6`D_7j^|a=Vp$QYqt%6Y-V)qY@*WOZbblq$D+OI`-wBKfmUnsO9ZWk0Nm7LtUg6 zyFl?}UVZIAOF$2zl^OUvNvpL5Y+cr@KOa8O-ROStu{0!pfPC-9O5WjPFZAZubG=Od z2QgP^zOFZ1yBLASwC*&pB6+=guW_D{6IYK146*wUu{SuFIsYO6ZJQFE@zC*bd#B}X zZjqabX>4yLV1m)FYlwqYH1(*m8u*=IPJ6fYiyhrh85oP}nHmL5!l(UKf=r!i*2~`R zH>1a8U!h}9*V2YOJQnXDf&c^TboBl=UWTjSp39#nCj8!4-)-$#pasnw9mN{D*lwS0VbA_a zN=ehh*J+&^+IaPIWh2$D&iil=^1M7&JFhmqG;2myHw|x0Fe-@-=4*DL4Vmulp2wMC zHVMfEpK8v*kwxddcjbL?ou!MSxNo|ZB_eDUX?{_e+zd8J*5Ow#g?;0~E7p{ev-FD0y48B?`j6Az zcTd`$v0le*xolbaXkfO*u+s4MyNZoo{8U5{a7CV~E13#sqh6S0a|!*Cg@fTOz4xtL z^CTBXb$6fj4y*e|{%nSksD`ak+&3wOnX_sIMSTYMG|5nQo-Ysff7t0SHT;|K;&X~w9;;mz-|A{4{lmoy8bwaJWualtd>?Z;HP{LaLz8{Luz8+ z6$!s%%6{=sPf4z^#~)iARps(F-2_sl?0Z$ac96$pbb|GmNOER%P4-W;*wyPQ#n)K}31v>Dz;tlo2j%HeLbV zN&9jDZCM!WmcD5)WEh2nM=Yov*oo<#UfX@Q8|NWvRqvAH`#WQ_;W#y)qa_H%8q0TY$`rUKuAxAZ%bG00Yb9|U{HBXNkNiPR?C#|+xOW--uH#t5R z80hOcmRHw^o)M@#$RwU~Me8;A-<(KrH4aSioYzhi)EM~O^qJMZyI=KD(OlXDoyqth zR?Ec~i{t|#j1$7UR(iLH-2`S}9!j5(9I_Oo=+KgGVu& z%`9E7^;H7Wl4vF{W*m}peEYS+>xxq$EDhT}@HK5ZmFO2o;Xcdn1%)2BaQ1wA9ll74;_Q|}u8*!uw2edEBv zK}OsQ$3$4}c#NiMCxNI|r0eI08aeB&5nas(=iE2etscqKUh#6M@2L03{Yv5U;<~37`Rq#EW~+dEjgHgGxTREp%f?cIQ83kfR8bNX ziAcI@j-}|E%JDX%Qcu;{oYV4V!&WGhSuLpU9mmh$8rfKN(Qy0CF<*wv>HCS?7KG9~ zk?RLRbhd}H4>9`#1N-Y^+0W=iS(}LCf2C5ZB_vKQuRc^BDkquW^FP>lbOJ0jd$b_>M~y+acqSloe_%YWMACIc_~73e$&#O zO2qIzr#0c@y8WrgUbU8IqdF7fV&t&IR9StEk6fAxf4(J< zc=7jLbzPDXB68IFaQw~19UNw&EtZzH1l8=mtTa=(EU$(Yyc-5x{?}j#zS2-@D&@;- zZ8F|nAT6_8@tSWTH2fZX*U6Z)^kCACHi_6%bHQ9&ON>gzA%xQ2&>(RY88h^pEUOgc zp|zO=-bebkom&IB*FD%c9lfx`MqPsM=_y{^boxB=}t> zJUjxZdsAFZ9lh;fojVsO)pl1PD%$Xo5nk9;ht8RIbsfVEnP+M6_A2JO^GlI8R(J&8 z)vonj62|QjVC6b{PI!=S1*z!H(4D2zP9&9mxm?Rr;d`M?f5~DQQpS2A;N@L%0wo0+ z7lkO3rfK!8v^yjD&ts+;p71*G(pkyQ=2FK}pe?I?Vh9^U8X`+eYh8p|h0`bJ=LmK~#! zUA8lv^Vn<4m09*2TRqG1>vjP?zK0}cJr>N&%x`t2I#ZK0hrh9ok7@-=V70s1744Ac zen?`(lh9$Rm}j;8HBiwtHl@mU>?|jSB2w6XUe#T`vi0Iip(^8onr$1N^K`S0*X~A2RidSsCqL#uhY)p$sDJ=1xY@8Mvc9--D^i}hy z-yGUm!xdK0$DCY?`#5}yyz*~$&7x``Vez$==0u|}<;#M4uAL;|14(~p!Qds+_H>du zxGlX>1k(a#ttt~A=Vpgk^|Ut5PON_aV>c$+rpU9|lYPRV$X;;hB{%!Y<3CyehmU__ zW~S%4IKKMAcb-itK>vNj(>|0g?0A~?Ujb60|H-?6hmV5da(<)i=WAIWE{O&SdG`)F8Y zGEyAXfk`0M8{-PG3`OSEND(D4GBLvc4I+}z;dfWiUi0748dLC07I;n<4hCX~@(l#a z^jj>O|Nao99os_E9}<%4R!<8}=BVV96sWTjLF8{)S=b~bBr|T1W(MkTAUv)haUvf- zendgU3{uAlkTf98V82H}{A-3vo-*smI5B+x>BYqxERaNWm=07dbgF#?BQi@9@-Pk= zBuBj6{HAimI+7Tg-Yee_I;JHf3y@`+8Nj>dr3X2#kaKLP7k+^UMAl!~bfAYJU!w?7O7rmWK;iU=p%<`oPEJlhRv^VR5XdYC>O-Kj zs;a7Np`O?1>C?}U7mjER!3~X+pn(wpv4=)QDdk%I*>P*Y99n>r^qh}WrXdg*Rn^r< z|1c;;LC3|#aSA^CNsvFtlj^X6ity#jGaVfr5UG^`+D=dyTBA>#X8aVPO$-uVB#H)% zAX7Ii>^d9UMN^B0mFa0nsHX)+?d{vQ;Es_2ClM$wVTORvqh^5LBfj+`_E4LNNX1-8 zDMDg_M#skHI4)&GK`#@M0S@$z5SP7zGmm+=aJENl1q*#AAF0 z-$RcnFU|Kytg)bTxa}}6PkP}TqHF+x3K+4GOa{miwW9)=D+mKNz=pl&LJh`%$w=W< z`fJy)Aax9UzK}J_3Mo=pjUb+YK;2*Fd_YQ0LNe&{udlAP3VZ-kOk{u3Z*X`Rvd_Mo zq+G%^^mGpctbQaG$7WbZ_cCz z?1LTP(vSF707h#)x8F>NB$bVg4T>AV;g0B?;TF)+(n8ineQ#OOqP!mV1-S2HwNp5* zdEh+&0w3wlRKB6i8k=Iyg?U?6#sgkiu-T$sn5SNXm!i5_5Cw+*rvCmo;7U2#H+OdU znD;64xCNMa4CU0CAejv2#-ki*E97dehY>qS=rEk zhNIVPV1CmR4UHgp(~XUdTg~|S`NufYz#j%GawJs&^%ktxpciUAAV(LJS5)LwR8*)6 zLLLFa>g(u)tK?;Yg17mAP)MDX3?#V_qS;qfzpE82YNkY3!NbiB^s3dMJyfqlc0O3Z z_;%0sj;qzAWM@AQa;#147b|swl=`+PI*9H$`ut5Juki5eh(xg5QX!F)4`iId*m@Zh zgbPm%NMDIF%rLtPW~+QFHf)9jCZk3lEJ$$w+1rb-M=0g|J{LE)t7&V;Cnph{HJk%* z4OJ@@BjF(>pzJ|ROHO~Bi^WIkTpfa*99K?^M3m zzvwe^%Umgjdjb~>dMN-`nmzQqku3up7kPtt~EPnXMz4=5eT+(JBjsvhlrCvv341b=}Adc zKl&?`+%wei>`tJWDhgIaqk?6aRuJKrhew^=I*VPC==o?<$IW-_5A+udu6d)~ntOVP zVIqO0^N!Qgs)l4e&03YDXAe z@XOonjGSkXWo{L@{s4(4FtsC{7)ABFSK-crGUru7!qD6%%&*XVh7T*88Y>w@;QryV z-vsI$=}?8C^EM#?i9BOt6GEFo_s}!&T0=fVx*98@GAk}FZoUmGDiWVHVqLq!Lbm{+ zw+ApvVg4mj&QpVB7k*W{FLU5ABBrD3hPJZ2q9O<`!X_st2YV!ov+pJGGMJDfsRf@N zkF~Yovaql~lr1=``4yooCkqBC{HatV^-W(AiQuGBSfjz+kBnW2LPf!j#>~=^k)9p} z(=||iKwP&DN02+%+9KV;tqWse`k_%Uq#!N}0xGB>{jg^VNx6hImXT%h@~q@L*lhIF zQ`wW6!5RSJC*y>@!?vVXBZS0$R7lbiyrYFcvx< z9~=xWDzYh}{Q=QVa6i_#*qNDI_sddJXkag(U%BO7XY-@~(_FVV#v#ZI=D3vIy=l)Y z5;|1S2B^!gPX&FTl}oUbaZ2p(o5%$vo19O;rD3b4V5qWUAyr#EJ>{3GL5x z)m9O;?ha?cECFl!V(JGp?qr)^&M_&hvq&8-Wa`d*LM*S~^HFTa!NIu=nZ?zINLFQ! z&2wYp%iwp>)lJzxaZZIL01D(RbAQ7E{ChWG{|je9eO(YIUXmUD8w^;(678)yfC5<=}}989sZ$$;o+z?Fl^=9E+j(GPt%@80O~J zI)4j`s?KjOVb4I2Vxg=cxxn))$fsP=O%itIfI41y`qVTu2T+`WByxf8icPch!5K#6 zSGGI*`YN)!hQv)12k=q8hDue$-wI+iq^$yU491`(iPzD{MgJ&|$P1BpdGqg;O5b3@ z{^!dUkYEeMt_*?^q!0||{O2Gd6(xMxSD2xP?~@QB@)=pACAOJ1U%+$@U*+`};zbx? zbv%Yl=y%!K0noVDps|!vV20E9bM(Q>zol|LK{9{$>H8sp`&CnG&lEg$Q?O?)kj|&k zyV=sCy{e9UdoahNz5BwNTNst!nQO-DNOuQ#$upF1AiZ{wJSJ1re=FZCziH9@`q^gW zBH@?#iTk(ssW2b580H`H^X_Pj+ZYu)x8s<9U_~k4h<)G5ZfonrWU#K>!Olw)7m{p? zzpL1Vf@MdMrh7`>P>jH_9A)~kU}Js5K3CC6@2+Hk z*&vgdMcFAQct)DYxf;FORrnw>&ErcO)ul@Y$F42G#Pxb>mI|sPha7SCGsv&zISA6Y zn`~^@U@9X+#eQHvM|SmUC`^V_{FaR!9Uq(Bz*PkSn1LWsgiPC)DnpMs3!&T$Ov|?+ zybiJjBf9Ugv$NBDe+vRQ>{Fp=?0+w`@!h>F8u19NG0y_tfKqSXn&M9tO%Jj&Kf}P^9lW@5 zDkV{`n18~+v36TyI}pGq_J2J5BZuMqtq4Pd+iLnr>203yc1xYgz@gq8F18;@w%(kp zDJS@wTlSnH*y_nM&QYQdX6f~D+-q;cXA`bW49xB7xlRclr+n13-J^!mLQQENSJQFb z@T(%PeqeEo^4|JS2NXSFZ%HPg4fnpzl-?W#=%ik zdlP~&pN~mIX}8Wgcz;{>70X&3>iiU9M7g~3oile_!rCd$EhDLw$pdIPY%xq9=dUvuiqW_UP9AU)UVds$WV|g6z7tVNclS^dY3et;hx`k@w9ao z-_PUOb7R|)EDE>^`_mL2Gi&odX^ruk^>JLZa6<<*J@80ns9gz`d`YxMUKZ1w=h2w zB|Z=35DQ4iBPg+351@qzR&&HMj%2#QDHrNDxV!Z0T)08IiW~wU+^7ioCzPilr#wCH z6Gsdr#Fc>;jBw5hqRG86TWN^E)&pX+z?b?poji)_u)ucpmik(>Wd+rgG#jH+M$LrloS2nOP>83k9yow?kec)KhuEd`5hh|v1`Z|yMIyZQCuNAsh;tv@f6CnTOM zki;!%cn8_sMP-}Fxf}$T2u8=BZ7iH!5!r1NfmthIE8m^#QQm(07J8vwNn`s^gz_Rz z>JwYegrMG%ii&jlQ|wdilDY|$OOaJtg2 zlC=j+D4xLDb~+w-xdY&lK}~wwf5IeTj|(*o^4bh{^N?g$i2f;s6AAbVhd!C92JH}0 z-)TfL{vfj6&(H6yP5sUlSh0@}2hhflet{e^^v3(^zX2F=gN zHrFY3Oiqi#_E*E*71?XNmNz($cj!>R2Kq|ojvT2+E92jD8@Y?j=kbf)cy*c-ZQlhm&-X5U89t$2fJb22XmuYdMUY|&gRX|J)2paeHOk~r^zET zglSgrj#!=Wnrcs}4hSrc&aBm~C}}9@mXsc-@E@t@yJgl>LGbcvVaYR{&*8L{*~&NY z@XlYqWhGuMO-L*#Rygu(UWu4){v|plFr}J|n*9S4y3Y4_6Q^NN<3Uyt%?z&K)Y7w_ zxf;n>1&_D(uU~FTp>hIhFHe4q7B_~?5&p`_DAwS}$jtBG4*_mjUA0Q10&I#rH5!MI z5u%=&4*?H(n^;j_d;t&^ILd?n)yTE0s|zW+gPkr!>9<%_ju|hnB6YBJuyKaj&SGDf$E%?v}EClGim^ldVI%HweA$fNkh`CO$d8KP-f zz7>SoTlT|=WJGk7R`RTR$vOZF%v465(80RP=5Z(}QjbHiu%a;ZO&qf+T^ePqqVH{( z^?UbGZoQ|+O(DnEG}`=AQ+z(JdA?Lt)fieE-c#&mU>=;a^Nve;FO|75hj!OH* ze<^4IWz)gVW@>Jkl~+P6cPn3RRik#XWM;U*1G~~Q&(>kDQM|YyB-Ezy?(W){kq!&X z5(NtFI@{DfKH!ww<%~xwXnwK3pC1*T!d0TrNKvpt4U=7VVMSt2E6#<|sM{}oRdJ-n zY#&zS^x}AGE8M+BCH$#Vp>;SaKBKpMnuPT8w>nGKcG;W44p##<|A~2XKvQ;gAF14J;{B5FY}E-iJR9LELA+OL1{*mlL+N z8ScAR$#$>CZrGS94b!2Hc*dd1tPMaF9>dy^;+@c=ttZ$PmcezFOOFARjuNC zpWvboB^kEXQVD!w!tlLMyR~V$me!+tL`v5MXetEnh-8rKb65&{lvLRs$B!2|t?1tv zM)N*7Uc?XF%==h{J?+$yd(w*PDH+8+(**>Q{JK)Wl z#v?5c0OuSAh3+_N_3LD&7i!5_DUdy`aC)E^oS9eRJL@>H>*g+-{n{5`l8Ji1(d%Zw zdFkvJ32EsxpYC4StCF``C5{&DmRdw%5G6EX@CJxJDY(;OTBu091{f_%?QT;~K;AGqSS$!H@yPIZ>6B0!ZlI z(2(ZkeotVw;0)4Zvpi8tm7*wp|Gp@!OgA?N7 z9EUGys6RF^S-b0~j$nfBxY9HBX$4x{o0SvOOQ)XSZ*hvWw-=%B_2fyw1Z->PI5V|% z{&UUnFyT?G!}5)V@9nO8y__4HyG?D~6Z`9=q|_H0^J30Dh@vsEbn+~$qn2jLy%i~G zv%4gVeJ;qhls;{Ko|$RkQ)mdw$bNXPND-VRr zH~stx6)#GF87YcSX-aPE!^{T$A0!+lB;-6yXD;sUF^P$?@QPr+k9v*l@Poas!^>Y8 zNdrm0__1VU*f<0Xu(oKf=CvaoWY2&@MA@W^P4J zPw@)f@fwv>WX%uhRQT-tyB0@h#zGtCnc#qc8k-{bBT1Ad!9u% zI$?-bOtZAO46+mN&tLio01A1DOJs=2RN`_mttxR{NA|wNe4%AbCSN;+T2nhlZ$$>= zC$%x{Ey;Fx&z`Ta9&Mb!Y@a#WTW*yvm|su#6Iow3>PP}FF00X#XQT~SzNFOM*S&Oj z`70`BsfC9*3wttgcMURBdY))V1I#*q<*KFkn-&cB#Jfvf$!zc77?ZMuZvOl;v_CHH z*041Y!Mi8L#8z87-@PA1_#E(YV18aKimPqYyhdt-du%!|eIknU3o%Z%;#1AnU9G;|h96@rQBhhw^6OJEo>a@p{x`_`QqXbVk0);-eY4N zRFc5Q8Tm)Vr~7Lv<2o4bqLVo#5417aM8PrLZe*l<3MMR#6dx8DT6jc~5tQwc z;1WA)r45A**g=GbGMtGHm8z_<$L>Q%B0DY3$!uR)Zrt&gzH$-?NYGIZT8gS`AX)vt zOuV=`>-f~Qu3zEr2XD^OC@koFqrAGbq@0lWbZOGRtajnK)j)sKc@0jRu2eDCzNoy? zhJZD~RKv9p)~n?;6`lf*xPEr04&IC0|Mrd@*6hA9ucMU|==s#8uMX zX>tJka?}poKe!2ae4+b7kWfnD{h&iQVit;JtGIR^vgQ3l2+zp)`f^-NO%z&Br0pIO zV%O4LJB;-(`38F9FmHpVOr^~u@sn(&lz4)C^i1@T*B27Bdm!8vLRi)mugsDNnBVaW zl3HKMvHHsgrzT(Ee;$W5`Rw_3e*=@JI6?+_{MGX#Ue6T>&&@@MxQ2=Qi57UyCPrJJ%yPm@_ufsEA zcnAn~7;VO0D(23_`M1yxC}0fn_a=s1XY2RGPebiUSoW%oQc_&-gLZSB-tx2AGwOdF zVd*(O`6o=#gW~6^HMu)R9-l$58az9an7=bz()dg1v}bU$ zcfWb6-XKMGT35tQl9O-z{j6&(1P=rMko-lX{`s2@_d~9~kkent2cGF$Mhb7FB?|i8 zWzX~kz(!xsWh#KMgq4l0E~6BHQKYs23R>bC|NCX5lUYQqR8Sen3{j~7+5cvVkA-L| zz!b67fxCgYRp7G#7e*BuwGjdz0M+bmQ1(`(16|)>Ni+tNERw#5IBenA!5VuZyL5%- z5u}huMn+zK^3QMXe`z3qk-~-xps>MV%yu+IcZ#sIz5S-+LoQa*3xd%SIxPlVNJ9$v z#cPw(UcCb72=b93V{hiqA65W)|G7ZBv9VX@TcL)@0n*&Sr7Ho^LlDT11d0K#@Q&TJ z0uE15PY5#^(7CrEVhC_h6i_V4aZ6u63YHcm;Sg|EnhI#_YC>vLV5co*U_g)fL4bJ! zBQdbqkmC>CUgu0LHf!B>%)wO*Ni-01j#I9Mq{9Omo&mflR0OI3zXVhWv{C>ebH)~0 zWWg;4TR1>koo`g$f~+&7W&}Jb-4tN}r-J2L3W#B#qpp^u+xF~>7Uy+if27|H5{>R0UrZQ3#5zxWi_j8uR&`bWcUIGwZ6UmAh&k|QfVRo4OZQY zKwO!?L_Z2PFyKOZ!0wzUr3<&4&TIb~lz>5e;UyG;j@K-4SXx;@R1t*ej6-uGDg10; zlaW&QD6zvE0A7G!n+Kq4V6!1eY7&}?r^(U#=O7mGO>FE&m+;!;{Cr?c3<**K4siAz zpa%ardvXdRb;|}&_5eL^KzBT;wr4^^;V{h9x^Xr@PFdO?EM`VsZU24KTJ(S8ZHYlx zf|QO!^8vzJH5nMdu(Dq`Z$}K`1o)MPDsAY%#0`ALL*@UuUze;0@9BXRnM*(bci0?* zP{wI#L_S&tt-Zay``KeKF9WEDG9q~Zd+nK0aSX!*wCF-F9i$IkKwx)8X#eEpSEwj0 z{S066WFBHIH+FV_r+TNx3j4`<;9OAPDV|(hl(DttLc!4wqJxm&ZD4)j`VkvC5XW#n z0OdjL@)LLsGJ8x>NQnzg#LSoyTe%ftG!0XxL-u1_{|PKLE>f4pRGcp*|SbsBX{Jo}6W^|KE zAP~u*+8wa~!*tLD4C|6lpO7&P(NjE77YzHFM>j~3cN{M79Xq$?qenef)j+?z?=weA zQ4u%%$ASVu$Zgj5KH-CR4_z`p1F@erIwr^a8%Re=9SAsJEJ6lq#5dTWS%`>;RDpD$ zb~F{(b_n@mgoyxBiPs^DU<1jke$3`}l{dR~lT&X&#cnACSU3>FfJnqCQA1M`3DE?F z7F<0FdX(Yq&7cC?JB0g(f2V6iN@% zflGIA*ph24U;&od1WsH~#!N+03`@%$VPPW^lc4e3R#lvH?I$GUo+zGEW zQk>D6Qwb~H$1U?=~$^xwnlma7RW)Rw80s$7VeTE^Fz-MuVH8vDZ zk&hs!0%nb0zurL5rEcsj!>9VGKZPDJYd~4l{+jn`7%=fj6GIdX571d4adJAo|CRJz-2H_4HrK~rzM0g` z^N7{px9F6;ebH-a4eA_8lgYKR`z5_Hot{``Ecq@D7S}GEV~cU`d|y)X=p}uN`crfB z!?GRM(@Mu`YEG-kk~`voZo0MHHyHb9jBonN+f1)jaM1Ax}k z-1}dX@2oi}SJK`CsRwE!gr@?U5(QEIhA?R!Z^ol%VHSv`KmX7E=KS3&08{6t zc_jktBX+!gAJAVUr4wjq1nRp?|L<;T(eKS=WM}9Zpj9vrOC%!%mB504R2ab!uY$@Z zN?y}f*fRgl=ZEz0cmNGjf}Nc)41PrC1i~q9(;xK6Xoiv;#ykJ+pn7m0{#8eMhQfCi zKZS5LXoG=kMK&HV@#@D|)tAjqAXMXb{O*U7?p)Wc&%hbF_t)Uy+_AX$9xrfGb?6r% z*mCf*7c+tMkT*1(Qs>+&s2pby7S=w)_CTEFpG!q%L|%*tkf!Iq^1%tMY0pAqV^+0$ zw<@{G;N7&2Up-_dddpdNcX!yS!S2a&qJakRNZ6qR zLyj!5Po8{@W7mGmYjznnA1G=l83m0YY>w=loTPGlA8BcQhZ+v34P@ZrD%LmxSbOOC zW{EDO4Z)HOPY{-`l26O~;V^L{(k18wvbR5?_$=X{`5HFTJvx&Qt3-V!sfh= zPsbC?-erxIn+%7w{R}+yY%qb>Zm!LSgqX5&S?=7$F4vX2zQT}v^5hkl%xC@@jvEaO z7>GG)y~FYi=V`CqA^E>bqsz3Jh6m0_+Gm>te*Q`6Fux!f@}umK%@xY9jahvgvPm(3 z1g^bbfGzaPN8Zp}l7-EkLwiZ`yplVrT5B(026^{jIv!hlWz2UFs(Bul`sU3G2q3{R zKtjX_n)FBk0z}n9vybCyb#|&MBJMV*B*HjtJs1tD`PXW5mOE17zs0J zBMc4OnO<9_`LlusYc3fikN)7&vr<2lEVEaitKPukW`LS{d3y0cM}cdWD#>SuR|juR zjh|>0%?83OV`xe1&Ky?xF~Fp;N!VOP@qx_ALxqJ`0(KXtoAtpPC-50{`9Nm*0~xt> zqjt5?jwA*p0jsPm`x2p`$L=vI-ZMuzD|oG>HUMa)*h=;GT{okK-O7$ zYvxzJShGn!mx7y7Nsv*F)+2B3+~oq6d-tl}HH?r3tj1VBpxz{|uls8kP_%Re~)^50{8e{kB)!j%<7(h;5s z^mIRi1*p+;q6OD*Sp3ucWL}{pCI&E^g8!0t-J<^su(l(zvO)-wB%m0AFAWl#O|k|c z>Ryz-#U&-KC|ugD2bhrkJ2^8W`AK0XJ$(r_1)>~=2|wZa{pwY1Uk=8mvc&;t{lT{7 z&2MaMynxaXEm@lC?txH2GqR`ok0P{N^wx-OW^!^cu|FC}IJmGyz<1|HZ=v!LJ{d?h zIXNj2-+<`M$4N;ua?QDj2tiuO#S0hk(Kc}Ss#p?P%OY1CpB+Sr}*GLLzRWQNc z>94p*FxF<{@=Q!)pvoE9i=ieNkc>x@vd%&d*W?$nhOCQ223RY2uifo zQ#nyp*5W){VvD)u6))zZk|%avx{SAfrct!Lw)j6Ei6$npvx&yGSWj@PeM_GiXxy+>yg^plmv*soFK+K#gRq8=shEX-Yd z>fPZ;j->LK^^B~?w|-H*f9db*8R6?|vOZ8Abf$EUrT1HQKBnRu&VKuGsYPzwNAjGP zccx)^E4t4W5%@!SDaVrS$J2!ChAhP|$;o41@1vPcZMWg9uivX)s(a@SLDJS}O7Q<9EOqME&}GsuKX*zw zr)w)y4G4!-o$$$HyxkZzP97;n&ti`*YzJ2&BjQ%^nm@ z7h3e+WW~{kwpY!Ox1VzjyySZ6lSHJ#n_`LcI&CMLEF+u3JSY|J98z`k`jNF_l&P~CEIsz#S*>a~inj5qTxZM&;;)Qmr{ z27>nOvpF_WL)|g(H1hIk`$U>pMT3y`swxR}S;ZE~`5$++WlHAOZG-%MEp|VW=Y7DW zY;f#2JriG8yx6+aXoNI3XZ{u*!)q=386Tf{O7b!G(_+cMQte_j2b;8KeseR~ql8`T zm!3?Kz5l-r60e07gJ-5Y*R${L-v(DZ=6PIBRBD5{fs%?!%O~1kPfwZnlvq>`EA8#) zQdbv`z)=V_Ay9MJjbYr&JRf=8R5DTv{3!rWFaOe(>G*W7`Izo;^fv3~9hZpf4dtgCL^RJEksT8Z$nYO<%%ovZ5nh`M zPo12h?rd+ex_aZ*Z96)BN4lJwl{3v^+bm-D20eiUXoKd5QzO5dK3zS0_x{HTOYxTF z2U$T+ztG)nDP|Ff9QJ@6D)6F$38Ez>6(K^VLBN3K04p5AkXy<6bvi6PKpL%=$5IK;`*-iYHRis* zt8HN5j-v{u`WQX|cf5oy7;yP@zD2Mgd%C-yT>At^qi28*2v&66LlN7#V^xYRlToLw z#u?G;5>@}`WNQ{=4_v7R`ue5txmQBWDPYQ#=W8;>UDpPk-I9sp^YV}Jlg&D zSIEiaHIxiO#PgzJKUJ<}XL?>N9*(|*Gidg-k?~Cxj`}0QDWp}kjX&Pj+LLS|OWv*@ zA=Yu{ecHz{Psip(-Aezm-j(3?prGM0<;szjM_ed(B0nV@UkuE!^;g|3z_XW{do(2E zQ+({(uM4j>oddOO11&8rpf|NyHxWdh5pf~)Gu)EEsXh(qY;#3&9wL!Q4sx0x%dXAN|p0hpW2tAQ}^C2UIn<(O^p;R?#xu z3$h0M{rjk>vXZfl@0mY=*SL$7xjxI@XyHGtYMv&^vnP+aUK7pg9={vvQ93ONrq`yA zg8E><{=hK$&iinto+lxb7KwLl-+Zc3w`B29a`!e;dC8+wOr165t<;omA2W4^L3829 z;SFSDCL#jPY4Qaau;S!)r(TGh^!*jD4@fR1AJSZ^d3)%0w%6ab zUYOi5+T!>#?YKH2$suc|CzI(F4`yMs@^wLN?5vU3iQ->R+p(xJ* zGYn{~FYN_T1o#A~YNvWEZ0GY4>W9i72P}~as=e-xs_cK9^u6vg_2vbyY!9a*VM15( zj09)@W^5N|Cw~5O1iyR1s%Hl$M9)13O>@q>;;9QE`W#sERygTi{P%pYOQ1}mK z(R*&5^zY;_>h!HZUW51Ksnk|_8V-kA5=)O9HsU|!Gxvp0Z)Lyq*{sj;En;4wJU+Ix zBH#VP<1`mrjHcWLt$6iEPp>Uk=5BmY?%c6_|B$0ye=2IZ;Lj2Cl-?fS%33mut!ejd zCkE@`VfJoMm*=z$4J$sUUxebatmr}RN~OR;n>Mw{?+Ze+78WaJB`qsc^SRlh+6x65 z>V4joD_++*woT1VosT^=QD+0ffg`tVcvRTK0N>4v7^_eIc-JxYBipL1&~{^zh4Ht# zvf!jBxl26QIN3Gt-7A5%NBD{gWJ6JXgvPF?67>7!XO){(R3P?=lr4*?8>T8#quRD@ z8|dy0eIoxd$ZL??B>w@@7i&YE_f%MR6g~ceTo@uU(soxm%qK6A4TG{j~b`<_-|5gWGPAO|$7r z8n=8U&sej`wRcx)R)()#dzbRbufs0P^&08r2?~E-TR)MEZl2>pFzaA)3oTOEaNvUQ zt-@fHZSsdT16vKGJO?t_hhlP;$Auw05|#<))1yMuQwV$wm8Jo61Ys+R8Hx6BQPzw< z$k2AGng5OqHK`_zeQvaH!;v#i*ClJ$SlJPuQu}B8Jb+>MKs%k0uC#R`XZ(}iQL~#W zAMe&_v{>DV&tBnpot=f}QstIF1;`{fi$F8^6+(Kl09hf5C;5ouY{47MP+@vZ2FP#cjxVKr*-- zP|_RRnUJv{8KLW?3HPyMueK2c{lBlz@;a-2v{Gkdc;ry8%NaJx1=Poitd*p&wjdZE4`b6!95}(Vw2)OFa6zul|t(A z*|&qUiO6wh6BJxb-09(eJ%?u1FJE*2@#CI8Z0q6K!rtz~IeXXFgPzd`+}3bDZ%p%o z>CO(5GZASG2iggIvClsEN72#55;FcFlzpqEpsK};!iD0{|gEppO&Az zI}qmrCpEVpLZ3JC<%+v-oH=9S{%B$Vxkv$g19oEJGlByiX6-X;cCz}Z6LO(KHx_L% zwZZ72YhZwbiR0f(;WgqYYQ}JR>(~oE*0y4ocQ9Ygmk>^OvM1)Soa9s=nAkc^d8ka`?1_@>*ci@PMa9bpV zWxQ%3+z|@R`;cLIULk=*CD zn$&ck7?}XoQ8?1IP>ED<9~dC_^F4usNf;s zqLOy@^%WAC^Ef6Dz(q{*FxSH5lL*dEP>x;cFj|2KfQ72tm8%2z$8Uk(~JI zD^xN(_(HHbhD+#h;%eQ}#ILL6;ds|0cQ8Vs3#N7yz~efJrnOKsim(x#Qowno|$Uf0(>BQjuJr+A`+B zEUJ7DE{v^`CMF3d!dtESV5n|6dJ`WXlMT$Hq0D;HX6TP)^bqS6)5|2Q3H2e$f48Ys zsoZkSEW00{-QC?^uEKOykXYQ9c;QcDhtk>dwNQ)o^y#!>(*~$xq0vJ7s`h#>EiGZC zjnozV8pw7h5S&H=$>R}(CliiaqO{)GwX3Ob z-*&n6Krvd3SUg-ewUh@22G^gfZsUCc^LmfJb#b-6PLS%KFIheGYvUR)ckba-t9VQt z)zlkmYc=`zVLs7G*vn(lA3S*Q&9zU2x`@_&^C0CFeC+v~hIo1~1Atu0gJpf87z%O6 z=wB!Q=Ym+1Q?f@sMQPbrv!%Aaj={tI>tPnUdLdG{JDh z%-p;;%yyhWyiqexL!&)~tkbzhF)WpG-OP8~9#Y!=I%tltDo8@l)Lnjz;ol{oOn7iE z(ZpjG(=@KUYPD!QZ4m3|TBs%8uX^9m@I!3unA<5yJJa|`sqfC+yEjRk zJ-dMzPol0R+`;PW(ST&Wyf^@e0r`Ybn|Bk!j1rD;0-TJf{wR`=jL1i5ocsFM(PUs+ zq*GBa;pXAd8xxBwBO^N(#^d^>>OemZoxGYUG=|L(y4q!>*YU=UOVHg{Q zS-G@yu|b?;378*53LFW-D6ch}rK1BP#30NFf$@-HI~DASX95%VKK(sb+d*W3WAhbc zI|5Mo#VTrFqS$17wdp;Z(_oKz2fd$h>f&rBgW&ZW+#F}PS8c21hn&PJ+6I3pIR
=Mc zd^rvrIBUH$1#(9z1~7!4R5_LwVorqZdMd^cQRg`4-ZqSw7#nLME>M(gFDd5n=)L>F z8p$g!-wrM)^!vEuYRx@3Cy?POi(LUQ78L)aq4X}GjIs&~2P>&t?bdr@P7Har}goN%I7>vv=fp>otWIB5-x(7&UKyWCT z*+9h&W^*JYHP^#Ox&O=ENZ6K|>`^o_T3 z$kan<9aQF{kg4W&1S}nUZ`r7k6RFelL-QK6CehJ>102tH?iw_$={x!L>&%Qdb%bI* zgEzaX*(yAA4$ymONi61^pqmem>zmyk`B7oAQeD*mb1?r^lX4STg;P`aKLjr9Z)j1h zTox{ER8}bee8=&__eF<^a>=_I2r zJFk$OJnHpjv$eUNdmgUax)vK6zRYSKaa^9_@0OHV2^TP1@Fp+j`O)B65Os9Xv7;r= zo1IGglKyF#SjBdg@XB9~Ojn10T-o=HujcxeIg6gN57=0Ygg$1mjE)q!Q+u(tkCNvl z@ZHGD(HF=Wmr@V#qsn`?d7kv}7@fbSuDb39$qgd%F$#=_1uMhFno5UCh2EGoPFFAB z$JI_`55J5I(ytkmm-z!fvm1B$7_fo9oU_ z^vgFimVV#sUuBq7a*;j+9xV)_ z5sUHZ^XGGaT~|O`gvUyOeloVDvlzU9>4hTPaAa<3$eJpJAkl%&2-*ligTuZEw$&4m z(BR7sSQkzlbJ42_Fy=9we}G*Z2dZ{b6AmPBMRxApYgO)Ggy}8zPfUWqh{Pu#Sl@n^ zHk*_20T?EooSMozwM5HlH9mhQ{#JD zL;H4NO2m6<>h6Ig>FTQ5qUg|PD@)Ej7q(JsDs|ECQ~CT}YExDF?Sk^b3zt=dxyVFY zsQj+M?kin?TNVB8*%@Qq;;x#9X{UKl*wExUY8?Skx4}Nf7FWQBEw3zzW zfq)lurG?MgVX(#<+`2fXy(?g)Z2r{)e*Hb$!o$y8JilGhfLyzWe8$(dW}$~eCBDhq zQn*#%#7pZy*WG>^y-G&$Q4s~Q+U|b6lkhS!zZuj*7pzIvIbzRoFzwIsIPhmH;_d9~ z?L`L9yG=W})w5i{EI@+{BAkvj4lVeXh=3C`+MK+NoSYm&b`l8~fnejq&A`PyYhxpX z&PzgX{}`MFh%_3Q-k5fM+e~|0*$D^L3DQ)fjtW9Gh(-xa1iRnW(r7ZKzHQ^KYHzPl zG0HB4ei~@@P{Q~K5ogWpxMBhaV}joUvlKY5pklTi^&X$w4m##59Fu5!1+AwK63k7! z@ufFkFe{v<00|Z|K=PQnQWVT4W@c<)Sb5Mx% zN)0V4x39q$mr+aW?hAp)0R!uWunLw(_Vfv7Hbr=$J4xr?(O*8e9I-cddDDT z+VK{fO`(dCDz@b0mn-il`4O(#LRKDkv#k9 zbKF=GD&>>w$qO2G$*BPvVj=k(>3J0d_r9$J9cDm<&kn;m<~59HciM0+^eo4X=Wfy!m#bq!WrdF+TCYwW-g!Z z$)VthD;MVC2**KZ;{Mx}M4SBRuyC(6AO2BzNIoL>@;v-1oY86HmY`P!rHBN6C$};! zj{{_ase>sza!}uSpmPPW1P|(Ugl#^2cp7FuqOUdn)6iYA2QI-VYNJ5GBPA`(dFC5P zMvAe@g#ZCifx?AF^Hea5fHtJXW!Pp_dwD57zhe9FA@YS_?{f&ZR&-8U4pLOV+;UyM zv9U409o?g&tv#pE2Vh9&Ce3WU3H^a=6x)#_u58j?FQB@5E9p%5Hr3SZdQ;Z=sC!vE zwFOjfJ7An;hClzh;sTQt{q4HYd@%ATe-qt)-aV z{76AdIZ2+L3e^k?wP%<3fLC9aZMU_39oMN*?sWatq~h;9R%b;XtH+(bo4d+9@!ss} z29MCOV-vqBRyiteKS;%2aQeIOCY4i4+L?>AXqDqA$!VLV4W7ppLzpbm=zjC_C(ku9 z8)SNRh@E1_DqzqU?^pFaZ*8R3ZsPEQ7M3ZxDa^+X9cc|mEaJ3#WvMH1fVUp7XUn^r zR8xQ3KLWKxs*ke8yh8M`_ z%hHz6GKL<_6!Q?^5J&wk(I2%xxqW+Rf$-kr%I}XE7#S%&`HU0i%u_P8fL|WpiZ23b&6I$M@@2Rn?XnwYTIAl`5;-8j=}G*>gAFyV0IBJIVX5 z&W_a!#0XMg6DSW}@$P@v$ z4v#H%*KOuU?R$y!^ z_3%%ZR)+Ios{LYKrRW_E=e2^(BKrmza3%h&Y7jXhTd8 z;;s`|s0Eho(DP>7g&$ez`sDiAW^u;{Dr)l1p7oFdhRVuLB{M!c@y})s-(H%9 zHVg-D3zd7e7SH0F0^<@ zk-n%YyI=4N%XRU-@ZOQ&l6|{mY<{QS`X$)$Gc|xl{~f9fX*rD-zOpEc)1DoC3d_Sy z*Z}dwY;Rm`$+Y6ed5o({DB`6&U=F8YEsnz)phh^-+YguF`7iG;4{hQ`MUN>=AL&7O z*xW`88XAQcFcgEW9-(7^^`XvRrWMFk0iw1kI|DMAm134H=ZpK6Pa%(sKqQe@_Y{AM~RK?g3P%q5i3OM7lo=8Q2yX_ko=n9r7@H*A3hdy9*Y$E}DfIS9^Mt9X0RxWsg zFmwgfL|pHTw}ITHF)qQc8pioy!iD+o47f7CV_D-D?ue{PPFf)F8 zu8c+do}spe$>st5W9T7Dn%J7a9>#)R=YphoVqui6yq+pL=(8z5fQVD3wb4_&4#MBZ zV0FZYWI{dQ-2{goPi;7O@?QV|5ux2`Isz${UpgZsOBwC|dv~0y6lk6;fAuP1u=a4e zgro1=j&9nTA@fVRlk;Q$2d(nAz-Svm3Y#IKNeD=zaad~Jm%?<^k80>?tEZRUth04$ zcGzl^fwjHlk)wN7lJ+(PVZ5y4sA?9n%TGom_#V61;9R-j+M3si6xthnoK4|JOmaGw z9WIeUjM^Fr8y6D`i#}*D5L1br8itHo;P6`A5C?)q5S;)CH%GNJRafUD&BwmbG@|+k zh6jC4v}Y;l+GJRlQG-6bKmCRCwYS}x%;&LFL;To9yQzFh{=7W8fD0EcbUKT#u;#)~ z=^?D6koU$83kdbSLpArdCD_ z-tQvXUWZFW3vIF&nRLrrwr>3fp8T(S)U3~Pf&FJ^?zn{Jka-lyF zfT)0cOU%tSJMf)ozQs*^ia!8Bn#vC*O>xC*3O}UX)&0G2*(v5GR>ryq_cMVCN3^&! zRumAB<(wrV1Mb`#d$E!8-?u+P!PCAev#p|j)_`Ikqm9Z250jFDYJFR=bC!ae z&QgA?^hF!tdTC$#*z!s{xch%lDW4VSyH zGM^S|wL7sq{KV{IP80P~$*%YR&IViets<$bm&Nh+GzK+u@fNBdKXyJY4l63|mFs%D zVLHVSDCtIyr#@3PdSK2_t97hBlJi4@tO!^flw$EA|vo+#9njAEg#8T8&GZHj5 z7&q3|78|!Dxp92on*(pJ(s7tHrQ2Ce=Dn8 zPpN%d^U;;sv@b8vrlR)iU13hk^zoTLpTD+zJ@#q;{5em?bN}A@ z%d;(%MKT7tcfL`N7dMELWVXp#4;@K~(^e$DuVQl=Dh5< z{etx1tQVuWsSELM67=?V4&Kq6ulH045iDn0pM%g)HiSzsKia!vz{k;+N^h?ciRJy9 zm5n7efe$B+0ZDc(s9EgjSPlBjBKpiXpQI|rQnh`q9pv1D%RSTqL9_dx796;H&rqxI z*CA7~ZM+h9`IWU^{yLp#wU>=uwjjT&Uhll{5I?qr4>{?fV}*71MJ;`fUS<$>i)oTq z^-N9jnyMCiPd%0Qu|YNYvs;GZ*2+^~v@|v!S7fLX+@x~o&mKuEER%+zRMMh_SNwLX z8y{6LG_#SyCjrh4&8Y~Q0Z{j5&X#YZ0ua-D8$v9wDa%a*r!w}o3n zoXq(=39i+C-J4sT=f`}KZn}_uYZ0f3cjIGh$@Oon{jH+z;9gh6Y2fbH5GF-FtkR4w zo{~oKR`Y_nm0Ld$jwKZzSoX4^rDI;tbW=tt`x< zsSx#&GOVeSY zj>Z@Zch2~1_4_Y43(Chm=(^8n8#w;~!-zejo2$-|W!m&se|UA%v%JpyQoCnu_ddpq zO=rY?*vBC`5Tb23&I}u{&Y`i0EDa4McR{;BtLQAtl-owlCT!FaJanG?4!bC`-+!t; zpofXam}FD_TWdh94!sBERr6MNV; z>^yOh@=?I;lF_zw&qrri2Y=gCyn220mVCu~+oU)fvzQuT(}Zb}Gf&I24U0XuP;A#T ztI)3qIm&wXOJMzLU8=qbKRzsk9|bMs>z(<#S(?4)Xe-cI#_%lDHQFb>mXVG*t=9HA zYj5Ag&%rI+FVD6vfiH+5x^7Yl1=~4|^~6tg?a9k)jx75ul*n%u=CPR_2bw!LCEOv= zVWLDk=5uA2pCu+AXWP0Kc5mXZ!Nn+Zct@*4_G!u<`Lo zpDU$5>XfF#$W*&h8A7KT`t=w6pU;f{F{Do~%PQ#hb>0;&q6&APsq7b>@BV(Hvo0!Q zap^T#VQ)+R{cU_#mv;Hfdx@vw-=7)2`p<*%=SKop{$k_*z6b;Rf6iy(N8h*qIm_|R zjqvA$r`0YJq%abysfKJdtGK9Re_#50Xrvz(@%wR=n2J{onFHgP3p{lkP!yP9yBHZo zI_G3s_hF2lk2%eb9i(|MNkdX0gpSc=HgFlu(?!NAGv>ckBp9b*SR)&Cy}qop^rh^c zZd!x;_p|yfQbB0|W6)VDLjJY0lM`&Le_+Z4O8MZlQ9dC}F*1^lRlKgOyj23k#DVfR zDKnNl;JN`b5hTG!GYt6uh?j3Q37(zHxP0Y`g2SHs)~TfeHn!zX?X?>~diq zn2W+(ngpFaFqSL#?|(MWz~xst`{(kKWkFL50iP$jGt3u(`VvA@LN^6=DF$(+8Q~5~ zMOs0OpnuHNSzUDL~s(M(tOi5`kJ3LPk!D|Kgcc2{JY|H28x$ zOvv8v^20DX6tFPB3xua)0zi!P{!qBnTQcnJ>}*<#|NkP%+((aUf!7BI@v7?TGr&fC z*=4S^gOf4vlv)f;=}x~(gkc%9oNce`YHQB{9f!yhBUsRq0(ow40PG<<84U3Btf3(n zI^NTQf)|}z&tPp4>~UD=K!2hbvnQ$PCnnF{xVCvW;tL6u57MU-9<-bShA;&jAGj%D zQVJ=0HBeEw?*dv^^%oMrg_4#ghwR*TB6}|yIzhVC0B|G-rfXA@GuS#`3>t_S=C}|^ zVv&y>__OFYs$>1(CSKYPz|$Q#4#r%_3cvmuEF3}}1+GakWEI93Ut*#~0=xpMbt#PU z4;?y$8^;;Q0yYH^6%M(jFARLSRMYa{QHphbiMSIM1sDD%;k!*CTQ$By2s)onSXu#P+d zdpHm>5VPG2UJb;@b3yr{034Ye7H*>e|8n!#%Ibt82Ob3Y2V$(!?kgweifgf#Tb=NT z0A<8n_~$Zym=8faIEI?Z$^;z^NHr+ur4$akL_|e-|AeBeP)N87>rJ$0{|q|m{^@$u zulo8T^aGdSED!K-v@SUf?2oXA-4y7ui8(!H!*?n|1c~29H1^t*w<8VcW>AZO>UID; zUpS+0#Rr|6=%|G6%&jk)XZ+u$zFT*7ch?5oNKjWnZz#C{f$voI;4V_BP^o9B>Qv9s zcFF3Ow*?RN_4G($K>nw@AQ&(tz_mZCWxmGB$Eb#2EFt8!sGwjY-UN*ABS()O5D{Ud zruJqo!}9%BR_2a-6qy4|(~DU&y0!8A{|;i^$;1>(88|mNxgP>+yvtvRJ!}&h*-^*f za$Vd=I1a-RYB9RSK2;Uo1i)S~myzG#0br$62uLp^TxKws<=o)$zkpybJep!h1~{IQ zTOc6erXJ+yR}ku>nx34zx?vrPMIifFR#hVgyoU~*FHvv@n*mF@G|L9iG47@DRQGwn zT_u&39D;(k(#g2XJCxMb9cs+d-CB&`UJWOTtJc64euDlWyq>KT12^Sos`20e9{k63uT;6ku^-hDEq#b92kx8o2i1>i;1$ zddHK_Q>t&`a?=@qZi5F8vd1%Qp&DuKONKZaEq2v)NAq>Luc1g9@M017YBQ9Mymq93 zFFq2RA3_^2q6VocMAY{6?Skh=CN#tjHq_PmVRp({3P%YNO~`Uf6QNujsTkhfMo_Y% zq6q06_USu~i%jN=g3wvKayI$hue>s@=LUdAlSfs)J+ksK1Z%P(r}M!J$hdDdWOm{A z1JUyQheLcx@Z`f=5!5yaiUBkJy0v-iod&*m@q)|jgxllW4RLB%n%bv=1s&H!q`eq@oYN_3mfbiHa!b32?KcbX zSQzxOyNoB1x03)VZ;AZ{DGzb}0LqG|6v9}j5ET-)#Y9Kr$dS;~4b9BVoNm_Sxq9o? zr&las?m=>%L8*j5S6KeHUA2u@oF5zaE}M^yiz5)XL%W8t3NMk>))DFP{QIV6X0FeD z%F4 zzRFYGT@)d}2e8=!8$D8%Bh0AsTMo)x$(TB=Q^BMcWMujvuEQpNVSoS)WB-7L-yfx7 z6N6L@{**Xhkz-KZckvU(y;H@t!BT^v22O3R5t!op zU}S&j2hy(}_I+3|r5627V^IIO3qkQ`BC6jsjFkNR`Ms@8O?Fb{T;w$$OeJJxz09Rp z%p)4KMbGk1$CCQY&+RT zm?fZoIRU|N$p+kPljWSt%CYsrVRzba$g8LXGj7L)^2F@eW_8T^ouak@`8F}3_gP`I z6J@Ix*HSGUaVLz9+74uH-MY0A2_JG|i|<1YpKa9=3LW<42uj?(lh?$LpMqm{2tcT8k!{JpbkvFYi7kU8>N4A+XaRlt{sv!BPQVvzz9 zPEPV`e~V<3;tK?h^<8b`Kfqcob9hmc5~=}$S}1rI^#V~>i%I_}?8cP|X{7m+f6C|9 zgMod2y-5Cfxq|Fezee8&e`ZzY7n`y>xLk|6YRe;tsOrr(ht}J%?Cq?o( z(YQGXlK1>uQqQd=v=E0Xc4P=Ys2lBfpUnew2NNK$2S74}-2;{lamd1rqh1)(UJ!pl zizVrVj7dRZ_n9+i)JijryEeeE=>zg-GTXc&BG^zAVfK8q4`mu+C&;j)#@&^}tQyRi zLGui*vM9J3fIp&+eD?rQcuXMTh){G~ZmGnFCyEwSeqgjn-ZD&TA`FEBKWPdFRE2OMh=^9|x(qr@PL<740(lwtVP+aK*U zc%rVDU`NS?6Rz%n8%#|P2nhINwOdh${m1&s{!H#R9*5Q02G9(zVQU2u8D4k$PoKtV zRe-*tG2M&I36990Y$7~9I7AA; znLr=}VVi`FFk@63y#gi>eNB4dH%CIMw{fmQ-Z)vsUw za{i&B4rOstJ`RQ!5juffb!>iU5k@<5!@+6)she~y4ATe@RA6XeMpO@3S%w*&dX-^? zI3QrNfzJ}Rg@=;r~bG4e8`U??Fs~II7D0J}7dkP=$5- zRi;$8Hd9HQd$U(OSoG!1B$hFzQ(NUUIt$NhsL?A_eY7^qx5p@XYB(`8Ykk(C=ukkQ ze_-AV61m!=d&nGT+hk+l9)&wX4UuE&!Mul< zDdSm$%T(l_kzO;`7)bwkl6-u9C1ELm3cytJ4_x>C#=Y93v|{2B8!+U5i~TV$uy%txhxvn*NdB!8zdCm+}o#UfF#P_zkN63~1shxLPNS~3AqLdXnp6g)s zl<_9((%~_QrX2v|;UD^{>nXehaCE&do|Tl8^y_SkWUxb5t#dOHIu${|z--(3x#%@q zZ|o{tBw%s@h584Wx56fpi*(C>FU`TP#W9;uwqop$C$u$`h*QMw6sOgW?ht#8Jk|z<)NcHb)PQNa!d>Md8T83*pMy;$|-$Y z9M|lGL83ag+IRnhw+pBd+>T#%EDN0Z7LcElweEgwXTb_-z$uXpAYmORziiz#dor}c zah6K0)G#?^Cc@QqMf3aBIVSP439;7CS@SyMyg5Hb>*>v_J~mC3_MF?i{Kl%Pb4Wk0 zxIAxd*T8~Z*=@Tv&sOoHTZ7vw@?XyUWMc8otoEr)VeF4hwgodUYn>%2Fl1-N%^yN&{uJ=KNwaBdeYd0$3!}#Th6Igq{m9aGGD-giE-tRp0ybPd z!etFTz2BumsBq{{-M{IdqRM%bhKA-5I8NBo3+|sH+|S^mL*TA$h%dYDa15N}L)f#6 zilh+v0G2p>rRLHefbMUTtxmy{^7X4Z!yOo!jGfw+D6ACxbP7fixB*{a!qrX5As*y1Roz2mnY4uuGxF{enR)?$AZE)QR#K1+me0-2Jmm< z7T7p!G%oGgv1y0os_=xTnfI$BIwzBrGhdC381^(WI>vAj}#j z!L7vjwWES{{Jq(mj2zegdP}n9biNw>L=wCXr^C6^sO(8F_(xTXup`*m zTxX^-yNC;k;}vd1$s9O;2vQK{;fTO_f2U@;<>S@Th6^V<95ga^57vCV@w4oT=J>)x zFTWd8zm^$HehCv}sZR zMMXu44y!isQbSSjB1y?b9V@aA2||~iCqi_EU5GG~gBIpc@FF&9@crCztbT2-@Ge60 zm;h=nBO@a+^rT`HYY5W;b!K+op$`LRkvCLWRu*&Fc!yAwG0G^%R8pyI^-4fkO(0;a zv1nrBRw`H6d-k^vcd+u9TIPgh=4u?(mpR2p!Q*haXb(IQ$}M(C>EjXhdIhTFRsS)tib?4hjQV|LoJr_k>j;3X2- zknAmwK*ozDzwFmHUg34Kr7ts_#(qv%!}0#_0AB5z30mmXHbX#+?as1BCnGIw5=@{( z*m9ylfS-^q3=P1fico4n+|w6my>O%gH2xVXOwdgs555H1Fr03`m6T9`=z&X&a& z&%b^$fuMBeJ?1j;E&{5SMam0Tu8dA! z^+%HmSziGPm{*H8;eMc-wCFZkn38fzYn~`_t#^ZB;)Dmvq%_9NCOk?bz3+u9DfhS6s7v z%Xc$?mi~K9%{96mdz|_cS&BAht4&!5OrNd4pxoSiPyZg<#7)8Q2ZBF`TMsaY@_T@D z`Fdsfimb**j@sV*CimGku|nl7)dHAnXv0pjQheRcUxzz)#nit6b^prBfVh%6_suU7 zi_7qXnMi4cLks5yt85A~^=KoQH7QwsQ7l7&W82Eb%KElND5FJsFoc>5AkuTPt<_K4 zb?5OY%?=k+;FK-$W^t^u06B>$a%}B#qvipCw~m=&XGcnBRBcBnx@s=!Cx2yd-KIuy zO$G0JdCZl!kIaX4*6D;&@J~3ZNuWx5|Aj=C9?lX%V17zY8IOn9u3Whxx{Wrjt7%!9 zhPLw}$e;K#gDGAh1x}UpKNaEU@>*Z&IvwU{zn#Shsi15T0m5QoV1p(^4ITr1h)jru z)+{GwNAjifzXWEuH{4<0{> zmW?Nlx-&gfQy*X!l^n0GjBlL#F|_SqxkjT-6UgjE`0w1-I*KD^xdqJo2fFa@wMxrqC6C*El-I$vk|( zX;2)s;Wj&~h1oH*f;KH9|MX@Uiljbk$~55}q}#Rk+t;ogwaP()rb`<@TH{+R-1F#ejxJjb4jlM{Vi4{eXt)3nx0w-ixgNHm}5~`oEeV{b?95oPGWePecg@ zMt{3tWnF-{6BsFN&*gS{VQ`)}o$Z}PdWpYDlhvyTITKaWH8NtWG`xg7NSSpq+8b6sJcPb#|GYEAWZmJp*~iQZ6&62gO0r#-1rpTLSyj7Km(U~ zD(|%2!la7n#?RM2_1?)S;8M>bGE~9CQOeQ--*f*vC>ddV_ry&rkMOsJ7FKP82i(=~ z@&`>MGg)R5>{39Hf6#z;8ZRBQaXly>qH6!Fp1se#@T{$^Fd#LN=^t#z)UyIG8Gs9y zp9OCFb)dNy<>U|_84M*Gi2fLApnST1^{NC$B$%n(M|u#9d;l~Z=H^x!1_t24AmD`( zm4vW7K?MK|KtWNF&^be>gTo#~C19z5dRRF*w;@pz)c;hA<%NacY2GkBAr!*sv>|vx z{iO|ONQnWOQh4|gF17G`g*NNl`SZL$h;XdMEw1$unX%{}!A`wi+L2+w2{SlAC2%4* zfA{X-jh0Ps6k{+1>cRy9H-!d*G-%B-vJ?I%N`x~{UI`pIbm$qHD!}*foOnr9jQmu>k2$#fIb1VwvP;D`Xvo)3ILr%&*$f}SrI&xgCEC* z*VikDUg|p8_>=5;L9^xY)^|@ywS!FZ^N$<4jxjp=-XE2j3tl~x*|F-7&9NBP!No8E zo3LWi76yjm1nmnX8%+y7?87tF?sHfFO}ms%|Ge{O2B%G1*XIDd|6TPwa*0+6r89&!DGZ6(qkR~&FP1e`^6E0*M!m% zaz{eO_b590D58S#_GAd^)r5Q%Ud9^+FF0gl#4Pf=N|JDpfk!t0U_`3%>kArUx$o7m zBSu4bSt9e2SYFWhL#ygZ5RBC_Eq(m_EJ_l&Ie^a;vp9y}S7A=LI2-SX1mUBE>Oy+w zBy`<67*3%i#2Za~!K47dRDH~lzbRS}Q!_JSR_Eg3@qNsa;bJc5gBpNcFkYer?DK8R zGRb`C8ZnrI5;VhaCZC)IS-XWm67D^Cpi}bl5MeVN8XCK6WglQVxIk87_Gjyn*~*BI zN?2@ST!{!NatZ8vK$ZbisdDY*)BU-ho&7mvMubTlzFGiMzi#*^1Cc{*znD+$@Tkp@ zaLgs#Y$5TOjB~fejs+KTE#Q|w!$g-~&M=8PgdDm40n^^|!0+HY4!2)E?IKF-8fX*< zlO1S-=;xO)2qa8IL04Z`nW+TSPVoOBR=}R)xz87P8rC?>4!$G)H4kWd=0PvuCUnA< z#~@^D%e2BMw6RZF)N+&#AQk|QFBT(;VvD`IP!?1IQTO~l1SsFLcL1OmzQh4QOX$cZ zfq*4At~+21V$SO3^5bOsaWZQtw3nhBiNCC#t_PM|O{A&Abe+KAl$G@l=8yn>&j$*E zjg4Frb4N(u1Mt})eI#j|S6!7$;$3FSe2}9}# ztPDKQ;8{cQiTaTtSt0Jj=(b%Rp(9r5s_?XjiJ#6D>h0SPojkdR1j<|DyF*=LE4q4( z2;Rc%8f0Aw>FvQ44ofykGNHU?rx_ugdJK@kk`uz=Ab@y(Va;!bsmQagjv4bUo3Y7; zo5)M3%`wf2d(;}u-K)z7KObGpT8d1Ne25UJnlv%E9FSl}3zfKe`s+9;ED2!t`CZ2N zv~-Y(!P>caWOi6Wm3;@im33CeOw&OK<ipn+#sOhmONqwu(Pk#C0MIOeo zBy_O0#Zw9g(v5Vkxn=ea7HfB*^Omu&pOD_B;XmeJv>~7 zj9+f<$^gP3n}mREP173_b+%yuqD#opdwYL39!$mX8e^C#jrCcLB3rnWt1aC%7YZ%v z2$iYka;O}$)Uap@C2R}9@W4}4c;^JctAN7y!Ij*!#RynaOi8o`5BXoy(5S@fif=gu zxY}GrZlHh|)qBokEyvxAxo%UemB0fN4Z_MBeAwF26O25&Sb_8dQ4|F{k7M1E{v^McSQw6bFe0pxXo|HYda7i0ex8{4tXTAU1lO&xD)0?dOsO zn3MKQOjKf%#g_u(g~7EXC*ySBO&m=450$DoFF%*+8JhI%o0gh)J24NcWVpDrP9dkk zLzxAo7xq=Gibr1GFTr9Gb{|@`ALXTD!>|ggo13?q^B>tpNy)FiytqhT9!&~}1Bkm0 z50O|M%CP-95#k?1 zcsK|;ZzB42wY9b5Q-<)6Nb#Abwm?-7Yv#bGUMoa4exD9v>_?mO4dv$hpauplTkGHjz65BR0^cK=@ zu&}H&7BD@{2pFjP*Dq7G`T^7QE!(&2V3(14ml_*e?qYT0hToL+Zoq7H`jOe$ZG&rF z-;`TX3}9}6f@jhu8;eb2W)23*bmhq^%E~|^a$lC?=~w$m7C~H6kS7FjbpIh{m12j_ z zV(3+^ar&ENw%t5N3w>o(%!7U64#e>KHayq?6M`5sdHMAskr5Bz0lLaN{2N1fwV(3_ zMXP33tS#V>-{YZj2bLnAZzU0-!9DG87AnTHme3=~M(qOB451xY;O-CsBW7X&;o6^O zqyi3^SxXrPBM0?(|BlshD^ywdMkoT67^{Y4AsIObycvU$9+_&`=7t}DYXPxnBA80xCp<2> zqeTp{99oCn!DxfH3M2hgUN>{S^-Sz^4ZqbA;Uw_d%Av8n-J#9l!(f^hxl}f1njVooG-?9o9b`~zGF=Z+T_GnnE0Ws0oUO(XYvmP8*ALl_>m0R zu-ejcW}w63)NQwllT#74yXcsE9Lq;y3=DgU9h;q-Hs#u~ue!~E8x<37lK$ZTV(dM@ zvHbi0;j2i?XlE-*imb9%MI<{(*&)d$JEKiTLJ=~eD2kA*D9K7TAuBuCd-J?bb^m|= z=l(zc<9Hm$_x|2}<8oc+`8hwI_xtsJ4fsRYc75H9XymATDe-Vcp_lU0$-xavj=Fs8 zJ3rR=nhz@zz9x{gN+a(J^@v2}^~Cr~htf(d_mwu@FK=HQ6VQK;u?ShGiAvX2QX-CJILPx%Yx-wWGAx=Ey zagXW_8JV8Sgd5Al1BBHFHa%+0=%2^No?5p(&_jN+?Dp;1=6Q&91Ai|tGO_{$3F|@2 zjEh{v{6^Fi*VE}KdhW+g9qyrctUbnk^*Q#j*76)KfMb=@+kVXXlAEfgrlzcxS@bIG zw{IU?dsfO``0tv@Uyn*+bPcPM8oQ7lD+SiM!#|FE=eq8$slpGA*T->O4 z!ym0%gq8`O6av?^-0jt_`y9;!P4O%i9Map zD}blq^7aGNEDr)w^g~_J;#(C|O=+w7elEW@@;ZE2@}!YF6Uk#`MTX|=K5kpnfbvLA z5$S@EX%Z!K__s&z)ruX5n)C0~s-O0Yl#K8RA}H*+CBsx(eD|48*fV9BS6id5qnXY8 z1}h8H?|^_?|Im83QsIfa=EtoA&;jivr0>MzCQ*qZNCka7+;Q=yQF7Vjw!sZaZzg=& zHIIODhlYlj6L2WB%-ulgjZy|~DbL9cV1cl%@w71_!oBmp1)N4roFbO&t`$< zvtdT9s%Cj}SNHMy2L8UNuuwPlpVPrsWy1UQ;twqbM(&Ka&hH8`N8XHuR~ zU>`h13xyxSS|N5+Y*07>3DW{hoZveKR&6E0_yh4YH8l`v6t?jD1~UYVJ%UFd!M-7c zN52xxL85=08`NJti@S$m4BVs{14^V(`=TD@>w^KEF-D^AGc&ufM*`@Ef-`4GQtzTH zCf9_J90SlVC_$e+v#8hG5g1Vj^c1xL`Ys+9eYhwXB9H*|w58!Y-#hnlaSf#nGV>Xd ze--8Gv`M-2*tZ2I6Rl{d?UhYXVOlXW!FOm?$K;!M> zW7zrS9!{k+pxtPAxi7{2K1IY5z+Q_H-36f`CX7Dqf2+dE1MLk#R6tIA6in>UgA{?s zS^@>3;p4W5>1Z*hhb+s#%28P~;kH<2aR`Y26urJUbmcCZo06eXkh zQ_tmj6$esJ{J66?R`dE_-S)ctmoD0+ZMylj{y1CqCWG|pk!B8d$p^tD)M~DY-nXQK zHg7s7bWTY9({h<1a5`CsQ3Tn52T54NRjX-pu(KCCo2r~S69X;lO(fc3E_nFp@GHBP zX6s814g#njFm|U3F1y=ibqJnUu(CrUJN*0n`@W<8B$_onJ!+zJ#xpB>i3s6B4Ta>4 zDOXP%&*i8){8pM_WoDDDBYNkw)jL9Ah`<|Sk%KKx$8Wp|d>4tzmey8G$5O^~U@v#2 zJS5eknV(4FK=V)~c&q{kO`4nlri)iGzyq}-?`PCHG75VaOTa1&jxgcH6FkV@mEK@hG(6(&m5a5Z zOA+|{wc_^d6*M+}lC*7BLNMNZ3F-}E>8&Og=H`$RWbqMhqXHiH^x!U{mon?q>(49^ z4m=LU@12H3+bk@co|&5Z+Dhwuao57~*Va~KDSLU|nGV;82}U_oSdyNJchn~>yV<*S z$hk>s=um!^ICgd2BMB?A%SK-VN&!F=YXF1_6M~d6*X1i5sfg zIu)}MShU)5=V;6haQBR{CfqPyh^G-iJodj(Mr@f?*?T2Oy*sO$rt`z*_ z$;%l1&ithOJ2E|vCV~++rn_s~M$TN4VCFe+UnEs)Vf9W-ZiTdl^j3$8Vds%|-5sre zI&GSjTq)-J=KsV$aoQ@7@xEhhdFV`I?MvU}cE`qpc1MHij&0ro#3JKKMf95&OGDSp zk}7v@Yt7Sm8W7DgEpW8H;X?P8O$W@sQHDp*H)r*wXihha9k4upPv07gN|*fJ{lR^$ z2bKj3KzB#99zV6$9Rj}7)m1uoZiiK71ndO~l&40UhFScKg+)n<1ZKSGIdLozCgN6^ zb+A=~`vJ}uH;8RPWZwyN8hbqYg*G#4y|=isk_*4t&@cI!)B}0YWSr_eh0fXH=lcg} zaZm_jQ>Lun<10J%dP9Ir|SFjE5Zj7JRcA{ZV+U*HF7<>pcCkLPb9&m#)N*#hdaJsv=)!D&`+{`8%jjTT@!*`QRP1`DyIG8Pvn}xKeLia=y?-#nW%G5jS-f^<_1?z9wxivKL5jkxu@4K)t2nA zsN>^`!B56#?6xdA?yYUAzPWmnBx6OLq9$Ea*FKr9cJVyrv_Qi%;di0G-fd!(%y&O> zSX?yZb2V>bl}7c?t_#1dgFM0vjz?6$S@6L@g^=p{`n$l`Rm8{d*335lckkerU-jR; zlmB*YmK#HSgd!YdPc*hTuuZ-{wXN7(j3yqqd6688y9`hrK&ObD0_Si*FU1JHPQ>}Y zx>U9L)g(PIDCi5&F9+=U2Dwh7CLQ_i#b>T!onqpuW48i{gf09VVq|gtFX%r<WGEJRt2 z{i_$uq}(D!N4J>u__NbN0`(`p7JfUQW+RbFyX~eVx~sKT3ExmF*XwYU^mW4`2Q3=6 z#&fsT*1r2i0DYS!>Fd3@!~gZ4!?k{{^WLILMYL!){^v#7D>rgVTzcSLs;kIy2QT~g ztM=+yULP#wwXZYL|M_;}FWuwGfnEIjnhKkCY}$mPqRhCqX504cTi^e<>#e;H8LOKu ztOdWPT~RWM(zCJ(Ju2x|+qU+34o94RVkcv@(L~orBJBwIzh9Y|`NL7;+xBcGXZyo5 zXNG(Kz6$>Le{1ftiu(Tqj?FNypgY5!J}Md#Cf8pJ&u_r5$8#a22gC~FArM-IgcfN?6StD zwNKM?VLaoKsZFN3UW=lAjP$y|+)B_U=E_t&z5q~^#r%{fe~uLaL#W0$gjs8?If%9x zUzvV&mpgSN9yfmAptaLP8$wVbQGEWIb_LQ8pI=U1*4mV*a`sx7w$fuRDU|UY9%=0e zJI);;2a>ZiDYbgcDpOn2m$-2{PJAcxNsk)@Iq_;JV+o!nDY)z_G5m%_mVwL*eKo3L zNmo#J!^E7pan60T%*1#n5R^N7w(5ureeHQS=tS)~9CLLKJ!stl$PPpfM!+p)#%NXu z5y2Y4-}fhQToKnP4wOkGN?P8VVD4;ZU}(AGjstF}B{KlSzmIx6h;2kw0L_}=n-my} z!aXGwIxwpib?nB zzsUA*>v$I#)}Y7?^f15p-uI{+XR||Ei1n2lW2vtroVVZFlNr&tI;`(90Ot%xuN;+a z*=^G;{tXY6_ zV8wXB{g_19ZTR^3l$Mq4hs7htO~`owge`_?AqvZN$Q~lxAWBP14KVv9?0L-02oqGm z#C|MN`I;^8gSw$8spmY*h+)&OUk2b}>nT9{x;O$kAGP-{TOq+!>Inr7=68Jk$FvfH&;3 zv7phHyM>JbXeS={3_6dzPD*C=?B1)Gx4PXZ4DVT)Swg0Hzz`+Sxa&t@H#cv(XQeUE z3rS5GS0wgtS3^@R@NM%0Z)4-iuiU*XZJOSV-TMV?IkctpTjsaPLM?J3VmYF9qwcrR zq(7gRXV9Wso?Uzt&GE#3uy@Z*4I8;L@VNf&m z!*KSiVQMw3G~f$O;Oy9!apmC$ImH}oL4fWEhBK*-Ik|)hJPxodt>UG0L z-w64TgbvYOlt2ZLI%|kI*&FT5hqy|Z8$y(0j714e4F;F=xbNue&~fu$tz^Vtm}Fo7 zK`XMSTPo01GyO4J?q0l^nkj zCyaQ|NTYhh$j?!M7hF4ZdWFP83uZ5MBCuyQHwzP!hnxC&<`24kNV$zwD?_Pjc`!RS zGRgW%_w(x(B3h@F)Hy#hg&NrBEQQT~zOBH%w?T2KGDyUQVr3mu{}>$Xw|sb0BDHT* z2~=K8PR+-qnkf%aS9gi3RWFh$rurjT(O6X`F)0@0twc3# z@lE&I#}M;IfG{W-I>Eg!>a?)|9XNzr_ZtWZ1jmv))EBHtkQ<~y;{cO|8isv@bO)Ui z)D*M=X6H*DxUYPy`8Wo4@xCKRd?4dQ@ai{s^ZvDWTJ&j|#C&ud8}oKLI(fp?8jv0^ zz=QZ^3>S%cG$Ok(B_Whrgu?XW#5c~y*7vq};>4%x)d8)%1D^#>>=Jq&^H;E|odm3f zXBydIRZjtvcN{`0t>>JVC&>UX&e|(X)hdwOK;VLrAXz zp7WueouDRg!)B5sWZ!YxH4Y?++S+sQw%>RHSp#@hWbMXJ!9fZDI3`Eqv$F}HnwD5? zgGOT0)~#_bUi9P~pbcOY`SNJLG@cYVAtQ_Y4|hxdxHGZ;0O0^F9t)=Q3dq$ zj2k^m;V2v&e-t8ef9Qd_-)Ly`TOH-HF!iS-V2ySC5@(Q{%$c{kQjzjhcv*7dQ@e~( zgUkBcr=HrbN)Ii$?o9Aisc!#KT>6HwSTWq}jrHIHk8oDPHjLt&&mXVrm%JH}(s3{| zH9tAz6U>E|+N72_Nf`|qZrP5zkq$@LYx+gT?Chf6y<_{ml<462`wM6qPkYfAe0VC) zB9yHV+g#P_S>!;&@T4ez=`A|6?y+f&ch<2UEkCS)kO=1wcJg{Ks43F&O zxui&M?=zlLUG)XzVwUxS8RIkY>PvDXeAJ ze!8o(Cv3CrQb~8Ai=EDpMvBv7F%O+n6=l?7XMjsjSby27>(1RT4>CO=7d+0dnsyFHi1XA4=<$Flb}r@D}7 z^dBKL;onzPc25qEE)=PD=|yBnqjoGExD!7w3gHB!j;&5FMEW*kb=X2vo^l90{BQc>YZ!#RA8Mq z*^fa(i=&an01{G5j2rhIJGRrS(6)Ip1(xPsg_m_UVuO)jr)#rv3dq=Z!!BErc-T*2 zHi|=UqiE2B>Oj9wV_F-aPw7Wzj6I&;b;^{<6qSA4-T9XJgn4Nf^FsNVsMp=9*Cf2` z0vyAb(eOB$AHURAy+w~_)KcW_IBEskLkcRvKBmXQcjGqBI9&3O zkrn)5ogV;q(zw_ut_Nj>e$yMg?x}0IM8#C|&g>mA{`qXa*nlg}u6VMfX!Ty>;IKx} zs}J$v6G6wsmxlZOzVXr-9ZE~tr@!|rQ>;N3Su)>~ zVO#ptdA^NXCi1g+oWo{5e^J=mGaV%CcA%xP*Dn4yE#IA;yO$zf0AuD+j&1nyqsv|t z>XLp8<_+4G&MBn*y{8?DgjDGO;A@`Yj{8fl`Z}f zbt#qvgib)!+D!9XtE&yTJYP2HRbe6Mq3prgLxhAO&=Ufq*RZum`cwyO zY-o0z9X45Ic|;g|FE2-m4jmYFph!Uf&3^bWCi+SUUV!Td_S;q~A?O{CGZ!nIJ?rf^ zBwT>23x7~zaIE#hL1L;FBy@+!owUWZ4%cvBV#rtomBoogrs_=(={M~Z$GHhvP3O#$$z z_yfAXH6k2ROd1E#TOO6Yr0Mgv*`gS|1ID06s($$+L<#7aD*~20UbxtS58)hwR;{H- zKJe>XB*EsUH!wRd zT?0y);H&)3s=`Myw0F>+&%OPQ%q;IaS?f6w-Qz+IZ-;8@n__%Bse9?Soj4=2Yxlvc zu8O=Aax!Xm6EXp08B-yi2HVJj&oxDV^8dW8m&NM-{|yrye@z~moieo4$U84)Ce)4qEyr(Oh#g}R_Se5W5;eZoD1Fbe^XjBC$U z&|1Wor|Lp=L4$O8qm|(UI$pPp@EK+0;$Az4u&W?5EX{hZ3IVNc8lK^{C5&U?`atks z4RJ~nmW!D4Jc@`YhXC1}gi(_-=!E_>(Wpq%%o>gm?$b~c;sG`8$bXnPf!Z(B|LA9| z5<>HOA?XRg$@f)@+;&GDN82mV=KA%x8XF$~VX1fuJrC3~a(a4EY6^`Q{}Gn=boB>8 zLn1s|P@PUpiiKYV+zE4w+y*_1Yu7sA2nlW#8i*^3Aah^JyhgA$@EO`ZNTKkBm3ACU zqc3bZko!PKcy!!x_w8XhthTKuv5Ct>mR*Kp8>>4n@7GzuPx)f`ax`1U*(B>#HV%oJ zn!&1p{D54}$lNj$ozP9-n{x{n4>C|kCZKLe^^tuTZEkElM2e5U8${n-H4xr6c)>(h zN#HPisI=aKRY*O2^ke+AKW$`DqrOMw(1w7{e*3O*=U4Ob^Y$r0C)eG&dspt!rz>nm z><;H0o3kC#x$ldem)1Snf3}LB*VeR3ZUJ>*4K-dl-@ElM{wYDD2H}>n zt832q0+j!JD;{7`T)g!tX@}_N0D(`= z=WcBS^(4BDagWK1`+RHyesNc*EJW?1h7Tnk7S~Yde64j#M{uPiZ*$|@kB8IyQU@kg zgx}?o(wk46)e=QvHS6Nu4BNtK*SWfgl2ygcUkZA$N`HGkOC<*~Ro+UY?O zVv{y=bB_c(cF56;)RozKm3EAYfM1YOa;L%MkgKY=t$dk8rMZ)EX_%mI_r{rbX!_n~ zd@%g*G*!z|hRSc$Aq;b(?akdy3q@K?HzPhLZfg~dbfn8?X6o&+e~U z`8ArWsG!JfLOE7Dpk0-3x`g2zo!AxEl$}1L6|(hnxtIz$^)ZX=Xp1OKAx(rcoJRFyHh7Nq@URnQWyCScmZT64dU0U;hQE?f?_# z-`D?t9Cq!8GD{yl-Ig!JvlxFAkumtPV_Sm|?R>?>t{?A+h;XP20p@|P?Co#1+(LEW zf9&$yiTu?Q)OXm(u9=#>{Pp|N%5qi2{LEC~_wQ%d8}twIIDB86Fbr?C6nE06NH3w> z&u&ceAGsiig1aVKsHVrN`^koGSDlf88)88Zt>3g4FtGHm8_Q*Bt9ttQqMozmhIubM zy5cui=YJoNEtVtM{GJl=$h8yOAg5p-vj&U4sIu}Uj{|aO%s*fXXySxP`jNLC7Ss{< zPIpAyYcT9fUy382UknmC5dQPNiN&6+eb$nTD>?HdlI1WniQ@jo>YqOh9XY%HnIy?Af0DLbaHPa4qq_D-G8tg0TAI6}yT}4tZdJt6 zPRS?{tR<^Qf9{(|cDVS_(LMOMShvBV+0#dVwbz_FTGDfX#>6))l!dt@kM6-;@;SPU z-I3HS0@hX0LPOmwED>L;qMv^0p7ra={}i= zJ?eVyvkJ-@_56|o4~0CJwxvEN;}%&}KUV8v`18z>!SK10Diwn+SMTG+<<8 zeChycxZ}9C(|nWvmHWl_*E3~MWe!Q54$jSJalN5c*;Y$&Lgvv{lD^lIudjY_my5Vt z^sq>lPp*z@w(I2XylGq5^=~co{ETwnwH_adf$d0BQLU%jT_&$8yZjG<`}y{hc0IYU z&L$@|(ODWc=_mi7w_tPO zt7|rs<+DQXR*g51d{;g`=t?s)Jhg1Q&}5VOVSJ?jo`slm_}y0q%u!FjjcWF%c8@i4 z6TcX5ccS?`4uKuWnLhe#Yy!&O_2|tU<4R)h?6z@!H0s zv$KJquVtT1WC(Xz(d6V7aUZ-@CqDJ5V{~RkVYMTXJ4Mq%q$#PleNH$)NV0NpqFp;% z%>R=Gn0}S6pLIF(3AK?A~ z(3VgE00TArx`~n6E43YkEVC^Gp z57a)px!A)DbrpWykpd38t(ZR&g)>}`=uqmCAhOER;U+=UIyY6PLc}KkFhSu1#vG(u zG$3Wu5jqmH<(A=DP^mz_MTTokd59Pygg}*9$8q>DCJ6L@H?u(B{=%s*Q^F@f!4+{zkP7EYO^JA=v5`ELn#zF9n zGvF1)bus3b{vD4{12?2#0g2-?n_fc#K?o+o_ArmJ^q5JHrmG_y_c8J*2H)JBq<3Rj zz@+k78I%stRv!SR*^AlL8-_Xv%9O!-B1-o^^{+$Q9s-{X0H3z_Aydnh7Dz+CWBkg& z#YNCvftC=uDzrWLfCPXIKhbq#XcN*QA|auTfq3BrVq~EwgZ28aac4j$D2DH#rNC`2 zhero&9uwfqh1Vy5XAHQ(%Yy8-Ko=p59Ec1HJ^1o#>9Jquj-~Y77_6Zf@){!8*DIe-%RDjZr+9 z$u}~npcll52ce4psGNafvgl*+T_k+l?$GigU~7H@7?t#gzK54dpM!T4+)|8 z4DvW&x`X24trz2=<^&z@@M~wL>0ELnI1d6fF1~XEts&unLs)(TUdhvvgOsadzS0SW zDG>tmab;nUNO=-h3yYxWxaTvZiAAU^HjhvY{LlFDNJ=9ulz7 zx>?r~trr17GEzgMQi&u&IYM!RPXI3bOSmOr4o^4fiDDD;h*U%mLcM(niEzM-U=|bn zSLn4p6FfK0Y>rwvz~CTseXwZ$0^0Q0?CdCi-kUdX$~XSHM~D*-A07xYproe8U?7Tc zwYl=`v7V(ghKYJ9jiy0RKi~)|>mGk+)g}r~*xz~KG1y>`(35-x(Ec5X;x`|L>#VMf zu2w>8g{i@FtOJao;KoHzZ(VS8MBL_h0g1=qy<-3ZrqffA>+$Q4X1;_94InzK1>@jN znbMf_BUCx)IY5TZi@_Yf1Hm^l6SAlf5}w0_V596q2SfJ7lbL!3$}7BC66=d2i+ z;nV6*ez<@CKD|8o|7eB$hb#Yj2HnKy%<7PvqM~1orZysA0q4PiY3kyI|C8KS$N^TR z9|oWxbFX{+cw4qCgkcBqpFrOwE<Wzoy9jNkyu+PHU0EDTRP(|X6={JZzQ@$EHjRwXc%nB+4XK~FuOTCoL@Zp2ba}b zMgbP1cjx`_*X#;jK>i;4)(8wF7#(G;t}Obq#Fh9nlvsN%Y6BTVXG=JuU8_A{)V@`_ zw%I~(1fo&y4mqATFl5GhpvotB8a1q+iE$$NM2 z+TUmwhgw9;Y2-yl#%|2(@fUOwuJ7>}et)@OF!UaR20#FZ;gX1Db@qM-dEZJ_4bUVI z1k!;)$okV?X+2K1em%(LeBmmYnVFa}<};*GVe2CBD`$7O9ARhA{f_Ws%f}r^%m&5B z&!ZWBuF5A*-cpN8jg7qxIf>K!3Gi)g8abC#i#HCajIE50kx}sc6CHN^;Qa2)p}ri%E<$w~Nq z8Ut4e)p0U2Tg$B+;gKM+9|3pEhOL!tkr;3iJb;eXm05pJspSC`TVY1oUP7jtis31N zg-jpzc#bEZFnGb)N+=`>>r|waWMuB%=E{7Fi5o)X2p|VLHDQ{eEu>+$d}(p;em{;X z$V==n-eVY@Us#wxZ$6eFwY(XAijaK%OKEM)TO#lm5L`VLTRO02H*Ma`XLin!9#mMc zM7v?@8H4Q-E|oZ`DNn%9u)iw0ze1>k9Hi{qc$66`jvP{a`dNQvVlPn{06POLg?q&? zsQiDTOT?%c>*O7hLIGESeMk&Okw=9?45!*xt4snZhLRM=XwG_>h0oB^!p#?V6OuX1 zprN9$XeC3*g?*cyptd1x1=B^m6!?R!AVEtA296m2l}4iSX^VF!1kDvDsM#EI3123M z3vOGREcP&mKTbSRssSF$ZgNzt*I=(Tk3l+dMA(W({+(C)U*IR?n9vWNKYv~)wLBFQ z6XKyeFYYwL2!6#t?HjEgM~JFUVQ1?u34pYa2v>&s5D9%mBI=fEs(R~B!-4_=e9mLP ztSUCi1u(b0O>}g0{4hQXo?7jdpEx&i4pQhlci!U+83l13nQ9KrF5=7qeCIS(FmV5j zs?+t^9-J_su zO(%LbMI}xzE-p^KwRRu$nJjzTIXd{OW%kOEZFU-5687C#es*z+Vf-7wnkO{zxJCf* zK%&DUqp*L!#n0P2=FOX-w72FYNScU~(|0dVF&+|3BC#*-HqL&@J#uHe0r&$%?cCJV z#JzkUJ9H4n+F%m+75Mcm5E2$pO7j=~Bymdq(ofpWd4aa#EzcAVBS*SNz2~?E_W62G zv4B7Urxg%_P;jW8Aj$st%Q5#n%nz5ptR`m~(!Urjd9N^X(`f!lJE4 zF~l67>kgO|_Ece$)qeZKYIm{@cjLjv{qA+6JN%%S5yWGPYNTT<{uYh+*v-mqfw`?9 z>C5B11s8}&XSdWv0(`93jR>$hxT9qHPk6DM0|HuPg? zVBld}@QY*1icTt5`?^26v}Y#V$mt(W5Hksi;wrZHvy705Gw?fbo3@)G>kc$ZyS8!s z(0Y~FPcub(evdzctNUu~pJ$@|l8x?(udX*ZbjT527)~dzTseqiT_?-t52@BOlS`tb?YXryxto zEaE7MR`>mmwV-bAmNOoeyVoo{W+USr86qDhZ;_2VnLn{+kl3m`VW~hEarmz+>#v0Q zU9Mp~B5Kpt8*Pa&^>tB8HuL8;hiuDKwe;Ohio8(J*tT!on(IrJzp?jwxQy5`gwZox z6AXLz^ym)1+*kSW;jwLE<5ZL;^)IfG-168$`{F6yYccIKsVw~U2gdE@Tko|9?xdwx z{*zVamOoDROu647Q_O5adX9qp?9I`Wi=6c9ys2hR1lkan=2Yv2a|LUOjIy5=Cq1wK zwx^;qD$!kKNtHdv;uO)=ENiglTGj1+jtPws{ zb=4+MD(9&MnO_wQkPGF7eBU4RH_|q1xFc!wo-BvY?btIL5U19vOz*!GZ_hIqpt1UG z=GoD#+#4}9rgJH)qpN{2t!+H}Wr_~j{W-&T#mk3Q#A8C&vT|?9;48jMXSU3KQR$=l zcsM#l$3Xw|PSW*rcldtyq^l4Y3uBu@JN%Rr(o3@aiAzUM?InHNhGwduc$$SYHgZ2e zzPz+&b!kLs>12?fQ;Nz^B;~^g{X;^BUQ6jKNw;lq;FyZs0Tn6Y#HW6LwEw0g>XCde zLqGE6NNt5~aq(PW3JsT-*kg(pSYU$rs3WuxQ8A8+Y|p zH?0&r*ZHV=y*%?R#}=L{pMmRnp3A?<1=zO+_&?akUaBh!(;Vh~P`Hq9ET5u2<-N}J zE!%#=>}TYe=SrjJ)o;?rcq7D2td%TZW@kWHu2(y6sfYmt~ z7{EXtZv?UyhClaFglvAa&G7T1EwaQ)5?qM>wDPvaNFO||{yS7{QDPS~IB(@ttUp!g zVp@}CRdq!sxE6(XJ)Iy?AhoVkfC!TWAE);6XrIdKubbGP^1edJrOAavro@W`rm#(giZbi<-8 z?atj)|41v)EI`O~LYaL3*Ut+>A=}n=2;zfjX3=rC^_*2RHOuTYs_$qlfykNQZhc2P zjyAFrl2tZL*wN#Q&=J4(0FkS__S3D$TBkIvcB{4+=8f(oT-*s3K4#$0ln?pD!rYAg z(Cux8Cjuir>Y!;E|HhfpT5B2d`0?0Gi*?7;M9cH{?;j&AQo)O6n^QOAKRYa|B=Zlg zvn6nt41=zi`@nAz?`2|^c>xsN8@5Raybt=Dr>EIKs>sda|(;Km?927-pM)#3u&xP%J z?fHIDPX+dU;QX3*hF{j5R>F1asQeqMdi@v#1YClN@qxX!P(Z+9ao=WHTWvhSpeUeQ z%o>@1iRx=lV(^bEhluQhHpIovN{RefU7YX3&L8W}+(gSL-1ar>KD8{>G?R^GN4DkG zk*Fv?dZE{z%kD#))c9naKZE3x*x}M|wdY?*V22uCM>{yOR(_?Yi0}5WV6`8)* ztlX;^7noXiRX<$+bw0qAU6!X%szR6jJmkMx3STPYu4Oq8RKiNtCveG~^p@)IUCiwAV zA`#=Kg43DB4*)8NU=NV~kb#K~4CUDm^Pt*J8v;^HOiU!f|B)EnLJ3HMk`j1bfrViA z$cXZ(Q@0m>5&~inDhM=lI(vGsaVLsx!YBC0o6C51aThRhhj-OGQK3?FTXd3c!qpmW zq0!L+kcJuX@&X$~t=EvHap3|nyoCrEl{vfw0>i?Zk6z9MDV1>N5p^&NDEX<*Lg*LK zrh_r&kF;a72WaiOdwVy0hRXUIs<=4zD`-3jKrZyt(m`;d39}l|L)7*3l+o~`9RQ03 zZH6NLK#;MaK9gFVugc2K9>*+mx~Uko7gi}8w?22;Yy&6@&e+0GLX@7Q79&+iju%+$<5e)gz8KI-)i=XcWnbcl;vnC$1x%-k*^ z>HA#1jAZ{lBaPE(r+S}+YsCk$Q-$($b(0+RA3{vt^ihLS!!&G}Mc4LH+UnN2d2Tp% z^rx0E7q+xS;3BNdl}H7lTL;s&`iUulxq*sTjNoOkc!5*YztGSxzi|#%6-x?`jxbtq zxF84&G-^hG&y8;T_+QS*JLt6k?&^&u=wThrYV%L_UNv)ie-6*w56UaGNVLBm9t ze8Jvm2hv;M+Km7oiG0hJ55%3_jztNimY~MMkD8L-+&iH8}PvO1zHt z_BL=3Ad2tS^DJ%z>?k8Mrm{MvLL#U~L|7*aWUtGTnS{Mdl-mSh+d^0~qe+BwHg0_) zwYocavWu;i0E*#)p%DPUJEO|u&#(ij!)=m^==T7{1NCZmpViG@SulqaRw>$mvWkjc zBCY|n1*qcNJy+fJ;5sqLo?4VAm(&1ss|=*%Fah(BaN#|~=H;xKo%{QpqbRRKle2?5 zor*G};`y5`?l(R7c3C)h5H3kfnktia52Qs;kgsb->j>Ga&({AA6~%(8Hi(2vh5n%?Y*avzTt$+{XUDwFlH`D^iPJFC$bW1swX zB{^+|lg~R9!F90z%8{L>bWr{FXKsMwB_@h zw4_%DgvD={9qaqm*{pGXqB7c}>c!Bdp`%Um+U8r~KDW8<>JBD`j;r6l_fZRaW`z{{ zPB*=|5F{Ia%*0M}x2}5O>HN}W#p~)jsl6g^#u%80Pe@Qw?B(jCMuuV6sR|KBM=>i| zwqtwTXg=NiESbs4-Rpc?+V)sZUCj?4uTUY|vTM)8b!1MQX{>mt%*@ToEus|3`X^UZ z+t%mNNi{&#iJZ#YgCDa-+H9pPjlKyz{P@fa#pl98;{3*hrJ)z_G}^xPa60^kGgQQJ z=;Ei)*`A59qVfh4m=T-ph>^0)d1i{xjmvN>0s*xr+#OqcG+uG=q7WK14#ph7X&Dbgr@il0O*G9?C-E_$9|6X7;rtd zwadrp8=64o+ezCry&ot?IgoL}US$F9#Z~BY@9L$ty{ii8$_*WN{_zsmyv4WKkFA zcO0e*vske?3ee`d##Ld5C612O&a=c{C`7M7!68i&R##KT_nUCfF<0f!RW1FJlR9|d zP137)tnlZ{`jdIPtH!=>T^-CB<`)pON&OH~5;f1K@@ee)M>n^*p>8VJ9QSdL&}V0u z79De2&3-aBryFs8*}hQUc6O?3V6R7Iu#|h)=U=LVDcUWTk<0fsa9#XxJ7IM^npWy) zge8l$>Q*CHb;q7IFB+{YUgGh2c6%I)mr>k#8|)2ZIfx+zVE@E&o%`4<}-u?4h#jnsD5(-p8Hv_2x)B#TF?$tkj+^;bm68x^KwhIQ9 z4NqrEdOPbwuN@C(Sb0bIdsS2n=SYv-7))r_b8?72sae$0`#}IHTR75SiI+L2#kFVt zF@pgndh$5pKp5xWwPxE*^YJUMipR7KW76aiVe2$i)gLELULqq=L{fM&b+Q;=2RKu$+ccb(Ir>kyQBliK$U~{P=>keo<@9!-ArWMk8WzK40M4`f2rrt8N(I zW&Xu2PUp0*Ka8nPHp}esQ`Bk8N&XaPv#x{yv`Jp>>qV(Fyz3$aH zr$#**J4vgfvx$1EW=bK&X__MY*Q#Gjs-le!ZWM7(^ed1y8lM;+o^@m~KAoF?qQ><1 zd###3_6Pjw@2u3$lWz-sCacyN%0W+cZD*R5X$#cNZmHMqEC?T94Z8cjhNL5`{XpMf z6L+$1e?&qG3%cUFl=NIISsgVu7Y`&SCK_UXLMTkkUN&o6=QUVHg7<3`z`($et8sfe z)DI(zTAp2@eNQ$a-1YROd$l%_Ee;Xnvv>@!Ke0n-C#bt+Bz$ zA!zu|43W_Uy94+;W4BXHI+}t+ohn4UWAh~RCTjaa9ySw{(Th_wdlqB7C5MQl7 zj#I$=0aG>m2!;vSh0lO2Q8GEKl$5W2RAdhh*U{MZQaf$z&y1d4!lC6nwSe5*MFGnJ z6)B|n<F5Q*5VvriR$e%Uw(e3}v%8iEMVt^q*a8}(jgZcSpQE7nY)Z?gRub!>0$ z4!a-98_{G7#4nD@O(#-JI=Q;zEW{ns)IFvn|1LvNNPSvKWcQ(zT^yzvq81l8+w(oR zJi0`vJu-aVH|X;p-~S*rIN`F5?en)8_o`0@O6c+Eru-Q*OSaP75rPc?;hkFAT4RH3 z1x@Wge3EKju`BV6*433qAgNQJ;P=2ln`O3aQqkqi*=BB@(UAuy{Vyc#xl^wztTNu1 zd(HBitlBO`e}76JABuh4*T`jQXnbaNrCo2?b51Vcpv(Dq*X18ASRQPL6xI3-EGz}p zCNw1ZmOiW*l0AD81pDag)VwU= z3}*}8=`;m>$3rzwgu#SIL|{shl{2$cRfR$kG#DuAfHEZ!H<1us$-6c)5Qb39{s7yqM$viK{74;Fg zoxW#X)A0QBTe9p$i{1UU*C*{5+9V*LFB1CoZ5rv85eu2QUWYmZ)zFeVv^6fy%^!29 zbi=xH(H2TIDlhr2l|?QTCl)`r%dORWk9x3HZ)5wR0WG7_*I%aL zN=n4ZP5(Az`!%{eD@~ow&R%~{8x9A72D97SKmY3TiEYgZTUMl+ZW@kM)O~l+y%Mb~ zXa7#E2qkA{7lo^C8_Bo}XjxcPpdrI)#f~-+6YfVrweF`XF-Rr!sBk3%UmUYsIC0jG z_DZ1rV1rf?b2JjfyBCtKAna|~tPZ4eVOYft^yc}k_Ge1@G@{)P*D8QT}7!TSjr$*{6TMXgHIdNF%#KA*{ z)YaA5Ze?veyd`T;05R^s>$v$$1t_VGw@Y;_Qn;iZKlUu;8$&5iUa3p)y@?#h{MXip zM85dGxxDVc{Tp^a>Q@tspWZz{J=A>q%-4PPqD+S#KCb>@cSY+RJbym8PYK=sN~P{4 zCRE?pxp&(cbA@B{r|;AhlI0bg0GGAlsL}!*D+QKIirvEx+XTZy@taZSh+PedPLL|-g(vJJTtNoWUJ1+-oW#+KYzFW3QgKMIjCFuB@z@hMw$~Qpy3pQM*Xv^yU#)%VhLkuD z8vnXerM2G9w*Lt*1vu3babKJ7Z_5mnjVmZB>YZ^r{I1Dm{0^s3a(E=;*W2%_7x^Eq zNpH9gJ8>57f&xLjtWSPtB@etqlV~!U%tN$=aWy-(?fSk{a=~V$^^#=A`@qUd z^n7V1l^Xrq#qDgQHs=4l*I*_aSHo{q5a+zOFh0ZLnb1BwpH?Nc{HjIwMPu>`TX({h z>%TwiaWOH?ZQO9oa%8=O@GNTWbWf*su*AOP8`AZs?}ue>-$TbOANmu8-fX7ae5F=8 zy}^a0W4>w?xKdn#zwnIg3*}9vr^L*s6YJpmT>G zGc!)SQ*5l)axPZYi%g1Wx!rWnb-W#mKs&sq(YNo}zp3s^W-i7o7}inj+OW%?BBAh> zvh_X-o8vWw_nngFxQ>e4j5YOEV0Nhx6#c2y{3Q2**Pf$;Gj6?QJD-W3^OL>tGODt{ z^niQU`7PIlj#(8K{#o)3&B#1H>Ci67Ua41YxyeJtt!>Jg_WiPCdxwRDyo;q6XM$WX zW2Zw)*8;kpE#K%bK4t#)efvqLmBo?erv?P40R>5q($P<$!)si^AoHl`z;q<+gD32C8uJRLAo@+tzT~%UcD+1rJ3R(K zLeuvYcKFS1kmvOo41~CUHs%m5&#@N9p~KcMV%|jE7i8e6cu3b2{k(#`9kdVFFl3xn zw&RPDzdgRtv*#sQDPR{MK2z@3#ffn!q#v+>c~y4$CN%3&?la9d@|VF`3Jv~G!ku>3 z9|2>k$wTH(rKl_gf8yL(c{K87-oLLBQ{1|L!Lj2Yt@^oh$ziKw zvLVQR-FG4IUu@df$iDt$OuRx*xNWTK<9@UclfE*p>A$Es_MEJ@;&~ra!s666*{(iX z8^>TDTKn6s_`d_Te+c^~+qwg5BRpcGTEm5}{Tqt?`-ay4%sT&lgH`zd!1Kg^5>h&} zHsSbsq7l|bXckC#DA6+&7^sHwXubD_@jj&d0T+@qqFKb9d4czX;zy8%jE!I9451RV zcXWg~J}8akF^E(c-1<0qkn=peS5XDjuKW9zZ?SJC<{ohDM{&!g^?nm!{0`9ejpWJ) zpz)x$CA)YKUdR3Y$h!8!o{pxQXxUI*VolRQ`9p$wyZ|5tsCWw1f5!`1JyBrmH7O*UI z?vHdLoTBmi&mpizu>{RI;lGT4Uzwx^e&~;YOE(MyxmG)O4!;bw56pGM{bb|pWqAOf z5T0nTnI`BZZm`nuW0s)L)8i@lJFSSNnU%SXEKJA~UkVYEA6R4UxSQL9=}8Za58#J! z7mmhAwpIe826HD={^0Kv!P*Fr1qiEz?;O0>s80ajfa@~>4`RZP90xonRCt^YKt&D& z<}Oj{N5k8ngiEM?=~5Y}MSQfBYfS)rIMD;|Hh2v~yXNA_=3rfs-9+U=|E$hHN1feve#b1#Kan^d^iBJ>r@6geVZ3RVU!K1P)OK`RJF9u8X3irgUj%h z2^cM!f_LNylHDi2VQosgw*tTcgh_q?UQxjVwTJIr`_v4^1b*lM@E%J#ZDIg3$jcM- z;vE*rk#}t2gi8bg!KxqV^K(h-rHP@ew`;jJhr94#6fshvrF=NXd>IuWMjSGGx`BX@=R{#wzsHX1nRM~?)(curh#fr z(~5WhY@QU|8m}8|)MGQPtlHI{MlK(!_kZw0XtA;lp$@a#4ot-mXc*rH2BiU%xo z2W}aA%@!zdm!Z!IoCEY$&{?s2o>Nf?3EKu9`l6eZ=KmW-DrUC2jE!#^qSFcw&dI%h z_T72*E!!r?Uh?N8HCc2pCS&f0>ruTtiJeFSx_G7c0(Rv8k}>^l0@9Q4pMxTh<{qQO z`-0(}2Z_wYRS!C2jM0?&YZY8GgzgO&PD0v@xrT){+@e1fHZqy~>W^@F6r9Bs&30$^lhGYK-=)jmlH*=nz~Yf{e`)74G?1dS z^;vJXx)s(d&LXbuWy@iRF9enA?d?6x83A5lX&$uS7X;}G2&imi!%_2O`NtbO*D2pd z%c*m;%g0`Rc`|3OrDNV{MX5(4M18tmS$>zf=EA?@(UvV#{73v#Cm)d^E@Xy!He|1LIg7@PuH3L7m6udk}DfAcQj`J2w|tLS(@lf^Y~i z9%@6*Ih!Ec1TBjI<;z~4HdH~h4S+e=Na166U%i{S-UDhU6Gx8?bjheeKz9o;2{sWC zb)TCMSz*6KNWtFy`!7O-4~PlSf=!DlS~j509Gz5wMVsh?MGSg$?H8a_AegpvlDjT! z0xQ>z1CfxsJ}mkKAT*byANmQRoCHpJ+z|u9!`p|~3i3OKXIDX)67t{F)IHdj@i8E* z3KSEOd(&cCScUB9N|XL^2os3Fmt~`AfWD|QD>lg@PDQNF7lM{|{EX3fh>M;(J`M1Q z{zh@8D;~oUYO=^W0#3n!OoHp0J{f7Udp6vS$N8e{sT)Ub{_1uz|lxVla%#MgQ zJb72Vm7w}Hr6YLh6~>bo$pCb})}NOb&Ug0k_K3^r-Um!zvztxZz}vMI!Ed9+7yN3p z^{-kqS{vLvo@>F+quU&QrPInNnjk{EUH9;YB1M6?;A z)vpA)IA@?tJPelfQPoU{1>cEMnCL~26waFee1`Um|F)^^hykVt2BP0X^g)aK$ z+U5udi7@40puzcp{~)TVp$8UsS_P5WefRI*2XZup2Aa;Xv1-C)Ab=P$%oRgs!*KK9 z@5TN3b?AcGEVlSn!9lnh>jln>O0ew@3k$^{?O00@LURPBN@y{xdkd zS=ed8j2NDqjP4-6+1W%70jn?x#q*dL8*d>fH&CaP3=F<#ronF^lG4z#^0vRY^`j+v zZp+YO!WY_LJa-^@ZN`0o5&8;T*5?lg z>t7|`>S@ke=&CHtvGB2u_x_w$v#@4)e1l!TLZKdhfNsHnDz?lE7vEE>U6KL|4V=|V zD6So020SWsVPRT9>@(M)C-I&ZoIf?hqZ4(?SUg~Kq zX;Sav6e%k*8q=C~H@ust;#XzBa`(274y&zVnIIimrfIX3ob~=4o!vuaA3pBfwu`Jt zd+d|S1iB|Y?J_>LqS zIn|!vuvqy$v+A!B1ulMxWXJB%us`mJw2Z%e_Li-^3gQ^ILHZ|n1pe1#sp9?rFU} zM3n}2%J8N}VETk40Wi!gqS(XXG~1T1;TOeDbXX&L&A`yGVO8Sd#jfF&X)a5s5x^uQ zOjpIk#%lkS?KYzJ<$BA0Mn>pd6#Ygmj5rJ1A+5l>&afDlSY89ShJzx$KM-}n$B%m< zJFxY;V4HI2ax^q4&{_nbziF*!Zerqc3oQdf5^EX`v8ZrHbW{<$X>V_m<^x_DpXTS- zJtNjARuSMPfxffd5n_J_mm^&K^fkJ>%OdM8>!eK-igEPhw<%uN7>O)xweO(o2ktiO zSTmV!EopD5$5L*nT6=dtYsu1N@^sH)X_!h`*^DcL3^GIJs%Y))Cg<%}7O9B;N;3r6 zpEnk|`XS~mKQ6|V->2P5*d}@vT*|uHB6I+p`OI1?C)LgEI|)!Ye5u@( z$+`7{=xU4RT~p(pNyfrYl*ctc*Z=zBalUkD>0y*xTJJm8&dGjFEpTHa3o|+yc3V0t z!xUbGiMTVaPaofCV&8 zC^@Zcg1yS?Q)z?Gkf%lb@e1?PISCEk9YOi&fzyg{+r4OHAR;t4mMgLDF>WHR#2qeR z{(#8PNN>V56R19qMX!|gVpiahU`idh=2kV@193w~Y>w%TP+8Wx(=8vvt~*Ru@i+7f zojH>%J*S?Cp#v%{gXtJ;Wowb?%*H<-;NFfeXz`V zkj$>(mkzH5+-9(R3Lpf>+&-^H^D4M+pY%@}UsrIE{Wy~F=w9zA=FGd>un4tQ-z zXlNd{%t_{(mqZ32(DFw5A=kAPd!W^F2xj(-`VKD`RA%+l#dUS*<)eSM+iV^r{4*nB z4V5)7mah{?$^QrLw2^QB#iEw-;HZ2}9)pn!ts)|mQw6DlC*0$7BXh0Pd3Z(d=S=rg z({!A!dX6>ea{nwZpIXWM)r*?4=k|tcs5kPS@7epMWokPD_oLZ&2<3;Ly;94ok$1Iz z51kFmjeR@GV%{VJH*d1dq0sQsT8`A4l@AoBo!e$^rSQIj9%=(NDr z@{(@Hqj!G~{+2US5daXpefxNh&2C0IYu&cjDC=vtULES`uSpGf7$&M%*7-WsZgHXg zyUoQ8Pa9{5jlbW`h-w&=qB*^FHEVAfOjSj9R~7tHeS6OjT~~=S@@Vn{mLG zT6zG9WCSFLRXXBEi{Py6cYNv$@eVgEEvK#L2gk;IC8E0|(KEk0Xx-#j$_6YfKqSDD zq5XIOKkWu}MI&Y9V)eFgm^BFI3yo$lFdJn2ZXntpAQ}a!hM$`R0Fy#g<~TVe(KaRo zUQ@38@}(19R|x6~1SxA`d0xZM-JKKlXy?qA+Tq{GRUe{du2)BdX>Q7HTqTdeSo!EZ_CNb;>QAon+gaWMzpqgq2<|{wkjV; z65p;nIT8t?aN1!6CN@R@h7fH*y8RjeI>PFr*mofL905dcE#=8*`MhB^B78&A(&)rP z0@e?`hLN@rzh(9RMW?D|F)0$eTQ|0xGQU(F7nM=6c$#lk&7^B75?)nBP#71i#V(Vt zo!{gm>p5Ru)6>`Y+s53S#q!5K359P_w>ud4@|LN>?I&IDN10hOyl<+vlJr~b3|9{m za`Cpm$s=I@SV9+r|WgHY)@JjY0nDcZzhE)=o|BaVC8rJzVauW*-@%}G(?_P!EjTx*qWZy*6Fm61miO)es&L+qahFGZCfP%x~ zBqbv=WFB!Tm{S+F>6J0tLfqMLIrt2%u%jGz_5Tjd`3NO5S?w;@fEX2K+fwaRtRkW} z^jE&4Z5DYu&`;6z6-$?;x(E$hMjXO~TODf;NGcfi%al)ua9Z3V-fI>zBs6$xBomkv zav0_gHbNFoB$qO{EOd!B`uO_Z0c3|B+OzqgmX|M6An-6dv0q)mnUS8p3UJon=uoPQ zSE%`nLL7<@;kfRriKxK>o|u`rklc6*mlk9Nw2V8)y?J8>$i-!Sxr36Hwh~u%2Q}1t z=o&SpJ?>bW%L2F#IWZBVha0>$TEhS;pgLSiPEN7^%FM)s7E~)(-*Cr0jABRpaX1Eo z*7ViML&)2L3`Sz3Ir-In7u}M*LWN9mXKtn0n&|fWe%W%rW5*$`=Xczu740`I#!v}D zr=-zX%|AQJENSO|`oz5wGllAxOUezunwmV`rEXaNbZFnj!@NuZpzQ#xhPSs{HNRJT zpHM26l0ed3pL)c0#_pyp>&A!Y>*LGQqTQEHlWJ7Fm4%!#s@FLPC0&oCfABfq^%5C!AqhpY2TBmZi-p)g;veh<6qfQ?bd94yNk z)2)an8)jIhB));wW>b9kbadZP?^W9~3`tm%v8a4x3w_bDK{~33YlNp|3!4Yvn9%VP zv8kHI`X07+sl+W~x|nfo;${CbWikpR)HLz%fU6to8D9MbHE>%JA>Fa@dsVWMZ{e6r3y2DTM2w=S=!FQO1YJa zYQ|yHsRP0gjKUJYgIPP%WPt>7aVv*SsnSOTKCBO)v3Y-2hizgp)@NlkKMUW;gW)rG4i*Om+5PouEd-5+mE zzIxt&^Z&|bG7Kzegey$G-(JJ>VKkan`i$cWh=~ivdoZ#(7_Wxtf_DRXjVrolHp-LIQ?;(dQboehxaA(LLXE| z)jfO&7y<`KwMB#B7n(kWpWLoA%|;)rn;8e}=!8df zxdNA<$D{0rW4W7qe8?mZ*w%=@XZmZRgk`L%MqMFvut=8sc`ySTG=+E$Pa1Z0n^eYD zsUKoH^>^nT8q)hSGjo;LMF_roE#hBzfqA9^j2*Cbdz7ojA_6L7nCP_@A%oSfy+CF*v zlP~?{WB>fpF=M{mKir(zA8sx$?0>yAeBS?&2!1k7w5Fqp;lzQ;P4+AQfduY81FW^Q zrG=J?DwuR?L6__g8~e|PWI`kh6CRltr$_-7t}Qhd284!s0bX!L0|R4-!2iir;59u7 zoq*26Y^qlpAXG7bhZEt-K_WW~@=5M{KHTO1N8kVVWp=ZI3z!Cscny9r7`i_L*C2YK zLwN80pf{GxZP;+{tgY=;=l}RxSyy|+){bECTB$5t*@>x0bA74NHg7kT>>U#CtypjO z|I;5?oeC~Q>MCU33*+l+rbqx9x1+5N%^A}e?Xs}l>wUGzj)+mf3$VD9bprwY0E(UK zDoqKV4a}=Z=Tg5($qSJ6)wI=c;tb_#B$J_vg-~dPT3CzW8xU?eN0MY#0 z37QrGwS-F_N_O?}|E|ew+hG%#i%r|-M!xl=>bW{;(g!za-w@&Gm36sLHiYUfEXuT2QBXU4P57H_OM6#2pzN8VnobvF! zJENi|+71LQ~PY_|Pj% zqT{yEmSMB&%Vr%Y;-F~65C=aK&cj1z&d?6foV$s#fP@6X{PbBn6*>Gw9Ow7pS!d2d zRmikOMMaTT^R9)9ojnpPY@$*n!g0XqOC=j`gfJ2Fiv{vB@C$MOz;cdm&^W_a@PA9W zsG!#Re?qw!2y%TwnIciw3dtOi`hfHf3@~^L$OEB9dvFvxQ8o##+&2Fs%z!mD;6kvR zsL|6(aObT=YW(zcbV|xoI4uyDMG#=8PiM5aApPSX)7i}v==!u<9?e?(&E?uO>O^!^ zK%FN{LO^j`T;xQ~HBe40VS=p`8B0eU9KwE}G)9anVouU9?1}mTbZ&!C(+&E$_?D%S z^crM<5&H!mD+Klz0}X7-Fr)(3qN%A#Sj%wFCh{T(7#;Bfg!>2?8rH*c>y_=!?vmEw z+t=5ty?LWg4&}ezICPHw0@v2Mwx_#IsDq!D@OZou$Zay3Ya6*UFIO{OC1ifXmiA1x zmX6ND3tZ={4)2zV^wbX^vG!^9j$K)MYV9q)d)L-)s~T{7G&D3M*l+fNf})>Wq8rKC`Zh697scz)FUNV&@68Y-nrZFQ(JLQY}0txoaERg6NZCzcY6A|wu|>H3hkI5DXA*nnZFE! zv_Yzwexs6=ygc(A`Rn10O(xJmkbQjhGghMdmEc7!l?7enYR;r@dAa-^zZz<*$6Bos zDHrvo?90|-dr>hpNsAEDYdU$-JIwnf)J+V@8h+?xL@O12v+JO>@iqOrIT~md1|lg0aW=umgnEM+K{iA)S6y8(dMJF|-OD3E<%C)hHRX7q zf@De|`fNg^4lc{lm~#kU8GfFqZ_v|YgGbGGsujQs?%qKqipt7VxNv=YbtbEW54J}+ zfPye7mlPGJY3BJMVe^?5V&1YpX0iYIG^u zU6$syv9`W~qXZ;Y&#jtbDINQF82O1hHKq3|XK~fRn(plJ6YJAM%g582Wwcyj=e;_Y zpP%nsQZ5n(SP98?Dk$eO$awiT(F&8gWQd3(ACLxY;a8-4$*heCn;keSCge_|)z#K^ zKBck$a^qsn{4#9Rlw4FAz@Hkw2&=ZibZ{Cy83n z^H_<@ey6iHFX1fPuenar*FI08YHZ5il^z%0lyP@c?3js~+U$i=7xjBnevKN;mOps4 z_ZD&*eOa72pXa8AZk6_-3yTa4dcH(;#_le0QE?p!%}H0{$*VrcjxNW6ml+2SF7skM&0#OOu~1EN4h?F9PpISx@wiP-&9$W^`hgc)6Jw@ z%H^gkzKQB0PAP@Y9|UrcoT%Pb@OpnxmeGS$KaFIN(vNUxvb^XY9=-&ejznHwUiOtx z5M(CDwwH7@lh!plrzRh}Y+FlBcBCn;;8CD_oX%A5S7>`?)8426zhzSh$9KqZHsd+61K1kJlvzoe=P z9m3iO?wy>Nh|I`Pyb%`~N(;d<$ZTv152i12{e&|I@{MON0w6=eE=vgOE6l-DT0lK^ z%#;FW1MmQ|uFqSr^Bv{nWJOvQ7gzFOKg&0%bW&i$$;ilL9;*Ph0cAswn08I;uRkne&83Sz$+z(LUD3_ys*-av(<1!BF+fI$c4EpGawskBu0*RbW=VHyX@ z@6LXuB_&#^Dv)Qu60JF#act`W=-%)cKpaIZ=8a5AzYGQ4kG_2yB)-kuKdvv9hm-FD z=Hu+d?ChZzywmc)4IzzkTJy6NP&K>f?Qv~zWT4ZFyj{m-?kZDR$@jK~ug&uvO5vd) zFN?6qWFDmE=6Vfzo{aq#E?M=?K=)(wsknE-8lR7d4RDC_SlixOHVE*jYfv0%&+#A8 zRp=TWmb`iCR7Ao2f$F5B3(gJs8EGFLm7x4vWl@-hlvKv=z!j&3$N;U8v9az8_D3sS z76SJ$+E&Lg?m2L3wGS;tBjgvtDUnC)W`isMu3uzrRu*+sy{R$^HKRr^y8Wt9OoRLM0>O)o%yLqmavU^qISehuVWk1Yqw1`hgZL_`h96@+gR z`9Zif;6Lbu8P3X!i;D~Bebmm}SZYdvRRx6@aT7%qmK27WKvp@LwPK4$sdSK%D2%I+ zp~=gjo*kZm$*HNUd)*$svW2y6L+*FK-fXT0TaBf+*N?%K64cRPaGEc4)Kinnd3*Qq zd{OtDq-Ed!Zs!JlURVQSJf~%n6?qWb#fuO?0IvQXK_&YWL>s?#c?w}%rut~B9k%)G zHuDx3r#5e%cliiG=r%7pIYY~FW{SA@ipfdxL)x;Y8$1KkcY54?@r+J%vv}*TeN$N` zQN{Wt4OKp#I;Ajc_1H+qylAiT0YK`@c$As*=$2P?ja%4bBt4~Mt3I`4@ppBN4PLyu zB;ZL-#lBs_=i!mSv5@H2BNA-hET)!ZKC@I4lhbigZ$h44*^}+);4=`?qIxs?vT|{^ zWQ2Ik)z??wNkwo!4*0zB;~|rck8`u4uO_61RO!>vNqq~u7j4t&VJq9FE+CkDtT5t? zrDxA$(jt>`-&beGZhWTTZ}pa!?faCeW+1P$XD`oEbN`#6<|gy^Yr`v^=|`&Q4}AOC zzPu1XbA;uzMC&WVZB~s}>RPvairZpsB;?Q)pV_37VOgXfRa{@_m7N~##?tff1>LA~ zam^%$?Ysjd4x+0w*9b>;O!p9?!$z`XFI~D+h$QFGWtOLIhKz(HR!&Y%IYYtuEA{WH zLq5du~RBWNpq_E&s$nq-NtnYw;?3W9{p$NQhpD)i|5?< z>$YERGBHsZA77+Aks=XlZZV%9aE<8eo3k!@SpD?{+zv8cUSC24f_mIOZ^)%_w6jm| zogBBc8#f{A8`ZLMVxo+zIhRmZ+f*yBrN4e|7oeqM&0awr`FUJi;?lBJkqZ-NV{6pE zU}t-yD@QZQW1C59Zew0L8Rf{gda<0vI3r1l4lla3#n~xB7NeGd7wa^BW?TI{kPZS_xPO>+FLfpP*G#MD_8Ai z@Z(I*oi-zHFJoa;WzfX(2!4C@o}H`gqC-1x|HAW2+?g2}T|-0h-@==}e;3EMR7g7s ztttWD%gVmNV28xJS=vIA?71SOHl`rR0QAN7ZQDMfSw2-o;)4PxE}~NoA#RxJpwHT5 zQir_+LSKZ}zLiyj^b!mS-N_q`@Vp{z4|@l!O0Zr>eegj-4WcjLN|U>Nn^|359ctXS z9n;8kfwzZH45J}!16u^5V9zHifwV$kCB%^CIELH#y#QMSAjjc2F**4fmj|%INF3$8 zEt{X0w~dUf5BYf1R=L46$DU(w#nmjPC8NP0|NYAp1YLr$*<*WaZgTQ4#sG-33AJ0j z!D)cscJ}tW9b0iX!_ug$t9uw7eFRQPh}mLjr=?&^!cjZXVF5`Z+(BNTVpv$VK(k(} zPxoiWFZghEMpZpQ+YX8}NS(B}skgol`wK5=6OKBCcISr&rw{B6efB^mM!Tch*eY}W zz^m-+oFBFAg(NZQ(XM+WwN2qerF4Mc6sXxUnny z5Px_?mBh0TY8LDzfL&UXv$obaCkEvFJSMe{PdGZ`M2FOPdBr!dEG5#uy_0@z+>#M?6 zhMuUzM4t@9M(tD;*v|lFvG^Z2aG(rw_ys`ZkSz)b37v!j4YY&1k0FACiL8{Q+%cNk z)7;ljU}QrSkt0zUZw5h3ZLR;CH_T*o0^gSp-^uC$+k!L>KV-9kzyl^v+-F-Gi5y_8 z{b?fi5z{`_KU{L1DdqIw05Ojy=S}Uvy2SwuV>Zg9XeLjKSr1)D-62+;7HWknb~Oa& zOApTyszF>gA+Egq?z(Ka@C$GqyX>9GY}6$sB*=12l`RuJ{UPd#O_I;a`C|fka$JY+ z1$L4>2Y6_LWF9x&?!K^SzVV@BKj}6<&pUc!4%OlBS$UcEUbCet4YoQ$wtJjIyeZ3) zc2cKq>xs>G`7>WDy)&;JHm^6B+_~*d-;6ZL-m7&t)+Y`2)}2JOO3|;MGSXd#?^H7` zh1ayz?Oczf$TVHh{ys|f^77O~Nx9g)2O{>~5ki|Vbapu}TAXctB;;+(8ri2OzhXmOolarx8Az6RG`k+3 zq<&Z=jj{LDK)-9Jm2aL!5j zZNpF{>*U8fuFN6tSFC0m)in+AJl(u{b1vD`Shuo^66QV5snGH}Crw*J4AVGu zvL5$~v7b$Rp!_^e%4`cs;Zm=_ti-88wS8^lZdacej>;O&KM5AeGkon~xfmDQ&L@(f5B!8l9O5F*mbf<}eI6dB3uB z_+$Oo3JX!qRZhRvfg5>l?}T%$L^$Mpj9OBB`^vTgQMfJtQl|a6+Vk~+IQ`_hjv{Tl zmd3=hF&l$aecJ967hSnzX2IedsK`L|KuL5e!P0eZ_J24&D4`~R zV_PAqvf9;kE_uYhRA(Pu)$8)14V7vAb)5v%pS{(SgW;0pWv3jTa#m9%_g{s`03|fL zLe=Q>MG&-h!ezz-LH7JVzvYfIrnOboC1_ggabP>u@EV&Oqs0Nm6=uC_)phhh&tF7d`gFiCOw4CU@X% zDk*VNr=dpxDk#{bNf2=>%EgsNy??*lPu`x|$k=oN^dC{tyjveSwOmKYsrB_RD+ng7;z$2@5x~Hz~t~!ff)8?8%VhrA zX%GSV4|CA?NM=i+o!K#41@A!kVThMvPV3J@q{KaGc^VkKX+6(sM_s@XvsyumoPr?o zEJl`NUqU7Cu%xplKk8W1p&}u#rmhs@diA;b2;1UdrJ%5l-Z667OC>dRL2f_gZ5RZ< zR%+69+A6e3M+S$BbBVZXy1dkh8@8XZH6#gnCHiul>)Y*Tg`~3_^iC-~?Bk{)8$YeD z=x_LX<^IY_gW8(z;PuZdBJ6_p_t))gY5m$>l;xS%TD^3zv$cFZ6;{-{ZoP$V=%tnPh{21ZHTn}ITg6f%FQFXOOsrgM)k~szTWnP%za0P|NPaennS{$ z0yE_)&-h(Go|>)l)Q@(2m5DY#-FJL_)^e9(zn!*;&~&*ZWp|H!+&g!5NrkC?KifLp zv`D3QD)y!acBX4jTHBtDS#nVKTGu(vR+F{sAlu(>(&XRZPB(^#(6ao%p1XWDsl}Il z+NHhX+C6IK=t#Bh$UF-m34KAc{gd0K-?z&)Pq%h^WDn3asa?K!Ns_;7LwL5(-PGn0 z65bEiQ#aPkZT2Z{;^yRgB$gENFf{#nMy{VuMw9*8+Sk=%^df53E6%@}gycj*IFx>r zZJsPjetzP9?drFW1XI?nkFf2}x#!nC4>Pb;IztX_X9vBQK^nN3n-p>|_l zYuIA)e5TG@A<|FmuH+6Ul=v8v-o)g4Ewh$SKYZLnlI^O>9_Qp%*vNWRz#`2-7e&=PO+eM!Q+m+tn*Dj z&z~yaI5A%{Z<+GmjpMOm-dvrdO341=ocx#y3(XOZ-&qN^=6YrNYZLi`0(a@{7Hk2@n&Uh}s6=A-dLGiFB;}_DM)tWp7xB1AsokV%w=uM>dbMzo zBsV|n()`z^cfwhAOm}rQHmN&#k`^{Mt}j|eTx}SLvK+~BNiVH1jmQhEEo#rpnB>+R z<5F&RnQpfk$+uV9dt~Ltte4T%^36vJH@$Dx?i3%q@uPgR`FO7#KK1WyItR`F{j8e) z@xSc`w>0a&Mh8`vpAqthM^nTnvdIrGXjDT|p~TrAgD_ zc^#Fi2jlPZ;PqMd;koBiKd4B#XRUVUB-R#*lB_iLq%Vn#4R`$*pFjUQgXDSx-v+bS zG3wH+;X)nfh6cpd!ssNeoSgSRcCRqF*FN@*xTmMqn;+W%;TPcf441u+P@jVS+8~ChU`1}8K-8{dqP4FR{4#;5|7NH zExeiU)%tM1@cO6Qu`H789v^p;IwZ_A=YA8O%JsV;%H|VO7x*RorFg}F`17@S_lG74 z$qBRQ`-sl0eJkv8w>zn_bvbu5A?c_39j_mE#*go$JM0r{8?9R2E@n+vpCA2sr6u}Q z$TNzvvhzVsdFdfvrK9n{v3oRzsd5yLc_x1p61-aXy{r(yWn6R5C#TYFc@B&2y5~E_kVz+66!o53Sj{@j z)TIBiy(vqiSG7O>9~!E*_ZnLK(&oe%v}IHHT^N!osJ$K7j0=qw8~FAN4g3Bqx}O&v zSFkif%CFaEeWt*BfP!!T^^=@@)b~!!CX$pqnp4_duu{4~UQ=IpN?C_%?%iGeBPETm z4j$bj!=f7!;XdVbkKWB-ZLY~hX?zRFe!#4*9#y-9_|Lc6~R?R-T*V`s{)$=$dHUc#O`K)ItJYDV0 zX#CG=Jd3z{Iewo)xS>+BSfyAs-fFA5)%!MQwS&rL@_p0={9>EVHwd2KqaEWEQavNf zdoVXe#rW4K1#Mqt%eoaKeVd5zbQaf*jE_&==@i@BOm4=OsGX@Iy=%TdKXI!lO1IU0 z$Hku4^uB(fBkesh>K5jhvTeyYK>$7b3QVw03S5^-rSN=IU;zdgwoM_gTRq%cDF+a2?ZYa4j^@g#{+FFwf zj#cdbT|r#rX_J>(NL*LA{e~<#WTk0JA1!c)JKjBC$ob_X>G6fimre$>KHl3W%cO@t z;Wd%AR-Xyoar8``IJSr9Rr0zG2R1EVs@c20x2pT-_Pm_6$dgIT_tLBVmww7`%%72! z-KHaRRRALa+KpPR&v!FJ9&tb?tI}`fOO4#bkyTUD*rCC}k6kejVM$DHI-!TSwxlB& zsy_0z&ILi5&D?@QMd z#4-z*ZWSG??p>MVA$!&^;nm3Zqqgl~u9vT}s{=XDYf;&yuZC9hD!ohvWG>UcWcz$* zE#-ddj$}@(kg~j0oT!-Ew>^oZQ#pbzu3f(`*el9oCP?~4$!uLi1It;8Zq~>KgIawF zjj{#z-TSYr58VDeA{B7HtuWo(Us{7W;9g77(|<{ymtz)fCBN5bxx*yK*{N^r1ZD!8 zrk=oXXT`rf#ey_JIs`gNlo+e}1yS@^%1Wm;P5D zQ=<4cclzId)E)nyf({z~Q_z6{R0|g%=_eX(T;v+>a#P!3+)m0_bznb!ya!I$=aif# z3mHVd`JbWl$<5GjOd{U6?IZoQ8kI+;l|810hCQfu=>lVTkc`aYqti{K?!ub@OMwh` z!9xW6zD@q4v?Lj6&hUaKg1C-?S4x9Lt6#vPcN>Cn4#Pj|NVGbpd#4F4Zan5C>?tOcxcMdRGBQTEf;gOEuefHQF6!#W%;gOi7p8PPe?GBW4l>Sk|tAng`m4JG=#8{wIg2O^Bvfr^vC2ej4DHsp;;Q1T#OTF9*j|5|ZO3o^!o}SPPei_|If7K7?l>0Y z2>=V=*k_*0PLP-)oRNAeTPv@tie%70f0(c56Qd>s%dolZKH3CE?TUXlJmwm<82 zb({E-_6Ot<-p*+Apr-z5se zu#FK42-MBo{_#dycx9q^1(Lu%qC5%o^Osp7(E$E}35bI!2>Vt`OHe-`8{}Ww5n)%5 zU?8oF6pT1Hki!wSNF*-vW2||wWhe1DzOrq z+!WyI?Il;Y0#(NHpc62=hlk_RZ2aG?)PM-j^c2Gy#=e6Nw4;b&cD;qrdoTt^w+D+M z4jY)Y4lfNU$D@JcWe4Bu>tt*Dz*7Pl2hqxhC`|ysaP$B$C-!cZ8-tyl;)vuU;GOaIe2AmSRGh41Ai_dSJ76xe zu~xyD&Un9l)@qvnZFxiR;8?B{7w01VSJ7FPW_*BwYzlYaB?xArhHHd)=KX}HwjB%F z0rxNLaPTP5@>RN+zq3H<2wpV_>?)lwgrF~NDyrsxs%%J4w=Dbx2D!7ppY&dEFcm!e zpnjwTO>kt4*=& z$`_o0LC$r_!Kz&!0giDi2lLBch|FVa_pt2PrPpa95D(#J<(y; z@U-B_5^!0`W~NTQ-`S}J(+oR1yA~o1_EMOax|rD>P-qKcxlhr}G$wSg@8ULdM?4Wk z4FOhZITj58Mbr3zQhJI|d33!4lT_M!5(oJOiFE_2_J6ei5*EE*{15Lu>~^e~I{sHQ z%##f1myyV(-Cl86NUj% z#$xivG9%cAYu5q;E@i9!X&bjeIUEtDxqttDeD^VLdzNxo*1M0PKLUg}Q{e}Qw3oC0_Qzks(_3Ku*S-Yx0z^+Z zv14*@_G&!;kZb3RU`a4&*waH0z=v;Z6Ke%x0&bus4#ylJ+QX(w?Cx;ZMMs|>WNIz1 ztGgy`an5w_TzC9gY+cxu1Q6?mc#b#FFF@kA+dj;>l86u&H~l(?qXTE(<$jYx&R>5P zB|W@U)k5U);N8pE&J`s6I4@$F;+)=O zBtCv(7|bSN(3gQM@Of|dY4k4=IaN4NPtLu|)^^aNe4AmF6Pa?QPaGW)8I~!Zvh6ogfJ^Fh4>T}xoPvu{~N)K`fgdy5R*GTFfzJQ~T zRWKHTSKE}oy&7^M7-hLCOQo)q&stWt<%ff8Qa}iq zYHt$IayxjVYYY15m&!QZn0NhXnnk23U4W!90VM>#G}$tTHpsBLIQ~vJH$<1M!E{PI%o@5?^rOz zQ)s6|`S|a1R8#dn`Qvp=iO*@os{9Tw03Qw7+&>_IsMG|b_>gt$a-Z(K_6t^;Y33=q z?!&i!>80>c%dt`-fB!WUqxj-})4Y$5AL4Jkz<6{hTeLo_nJnu+GxNHts;bW_KH_OY zNK!+xmF-_r{xY(naaILUorB2c$=o|w;c-?Rr*d_1S-aOVGdIVIod7g9K?9Gfz0AwK zj@t{maz7UpZ2$|0sFG)yn0_wbym<-jTi?(8?1KJ$Nu)4&=P1mJuvO8Utvt-ko$=fv;cA5@CBrp z(~h+6jx}{ED)3M<;tLI6{)W~~B+uFhzE4UbELnmP5Rrt5I;-Aj#65xY(g4|F)b#{& z3yZ6B*6f%AiNhbm$M51c?bPoO5?sFgbjrAjc;&}RUWfCCLC^%*QaQ%EpmIzG?%pxk z7Jo^2_QnVbX9(kC4wGj7@d(^&k59n}KhsHniLxE)!qs}3f+ z6^*!6Y7rsE0GHCPKmUdCO06n!u&UzOFmYoT#rPovn+9k3qIcD zR75!QC8WnC=g-k#hqQBWfC%u1>5G8@eaLBlAsrPn0g>Ee-24IiFDomno1kSMQI`wd z1w4tA-U)m7~>bFBi51Ya5k?nR`G`P$`UP*~3Y>Zt9sB_;8g#WD$-!*%0ot2g9u2 zX79EcgXy2N)fe_csCsZ=!36mbk0P`lsKR@UEgt8kJ(NK>L_yCpIL};(VY0?93nvs? z-pr3n_=oUQyCr_ht4C(kBKnEU&CIk0f5Zg)(AVlg%LYsA3!=jlMqD*DwT1Tif^rN6 zH*#$_O!H@-pNvJm*+fbWtuJn~mBCzW_yCCuduQi8Xfh!+UQeO?@#HuWyQZ%GYV)}n z^v%9;dci_$8axzUrRSiv#Bv7_iWt4eh^}#yhk`~MLprX+-UFi93Xmiq?B?+4(?R#{ z;mSU(TgretJTw99Tj;Sd;{KV2OB@lvWosLU&}D=T!2R+2cH23`C?Qc$rY0Z9B6M(q z@Fc^)izf@;5OQR2$2sQFFea-Q1I}pAexjAEp#*J{MqWvT*LxDZ@v{fq>S9tvkrXD9`yDT{{?k+dt zo5rk;#C%UwlX!}8GR&L7Do6y9^hdaA9MrDB1dP__aJ%m9x*u_mvP8xL9<>buRs$3e zm>0a)k4{e~0(UPfDmEnlicbE{guETtrAa6#D2TZlkJW09o>%Cl4i$GG8qo77C9s@4 z8GvM+m>(G!bCAejhF^-=ACDR8d{B_>*tFn{x^UbNG0AV3IdBeN#O$Rt{3GlmzmoN$ zAsw)7vnE97h>)1QB$0zb51L+xH;@1sOn+WimjwzHZ7fUz;6c6#WWYf-Kp3F+sMY5M z^q^Og3c-^y@9-=m-}TGZuLFb9k4TfPj**d1yc#ib8Ci_kNDPIOt<2hMbcD%nr^xG!D9TjyMb2lR&rol@X_{h8 zc0DmcDS=d0)-&Nq^o{m=ny;lfkpM07zdieVuGTyhRQ@DFRfJa?L=Dl3g%aJ<{5 zbKv_jM=bqiX@R7pujI>#y$z>;-C#_x-O#(Z0U$RJ^*`$*fVXZ>U^B?hJUQ@P1c?Z_r1 zGukE4+}Z)?zyvEi@o7^9^%Q;|hZGTn_{8vYRnz^SoL-x|g`m)1LFV%j4vyUl3JUmY zkFS}~Qm$jwB#BgHwV{y#M16GJ9WDTStw zHrpR%>jpjFmu|i)6u#Q;N^cg{ zv7^mKiamkiGrz9uHbs-pnT>suX8rb30a_cya^GFq@?3=^s7MUx{97x@{Dx?|D>?1I z|98wvVNSudjZ+-)hNlTJSgJ~L8+(WWLKwYzj&rSut@ZmA(%J~Zw^98ddgS=K66>dv z3H1gq#`Kxx6`%iTYvR!gt^Rs2-<{2YTtWBwHD!L=8HVuep*Ci_KOiIjoHB!$>Q>XjrIS6~ z(RN)5h04v)-7oaGuD-0Vy>+|f(e(Q2SfQJGf9!6}wA;0GKgztBSdKj_4{nvT)_we= zy|w;}SmMgz7pZ%geRpWpe*3zQL5SPv=FOYO*QZ)f-7b@Ox{u+D&V0xDi#Oh-wY!hK zP{6mbJT?8SJZh7$$JDCO_8|N~T_t1RL)(r!GBUzP{SU9)F72WAF(z4=>u@bysuA6A zsG`w_U6Ws^nKb!}obN7H*6){Y#G+n+@r2{kh09_GWFw?>?LVr$DK@jPDKbgFa>a-` zMTFUcmr{>Qt9xXNfPpp18~K;jB~3e@C@^wu*hhR;*&b3Qku-ET#A(}ESI2E}~oPhRELCj?Ub ze(02XdwBewC|X@v<#J`_uoONu9(HCR$J;nDEFn>Mi9Q|0$y$w>9K!R(_!fgjka78*P?hG&BQLEJ4Ulw@%GmTl<(0(P z)O>d;zKBC2tq%pI*RYPV&s3IIHw>J-+2k7a*tmRHu+iWu!@NzyNtWhN=~@lDT!XtK zBd^o@E6O&%Pm1r1SR2J#bQJsawdqAbbbiBapryX$cFEf*Gi!Kcv^NZ#Hbp|nPE zzUVNC%WAIJWP4~bW}?MaP0hS0>SiN8(N+D^B;)TFy=TmCtc=#UcCJeYm`ed)uAS65 z${}>2wDuexWQmx7q~Cv@uPmmIb%68DtK@v=Vsl;x*7>N@i8fSpT}#Yo6r$NLn&fLI za7N~-#22#bVTDfKLZm)B81s+BSWCzZdz0MOd)yiMF>SM)nH0N%*!+sFpP%OwrW3*& z?+s)NkmLyEx~Vmawc7_~Y1sRx$0^+6b8S=4#W7ql)y`Qp*pv3%^|XsdN8$O5pkRhg zhgd{51t%XnF&=Wt5AQz?R+{6!{q<)Y*tQ;|q}+KgHF1y)xg-$XS8eJ4d%DJ zuy<#scE=~M&CjFXO7~#ZEY;iOGhQ-fNq-*+mOm^`$?5+1x(QR;QnUC}FK0zLyh9mF zN%8{;ucnRfRA;?lk?MF_YEXD$Qa`oXEc^4<8%|EETb3Omvb1&ufOIC;Pd)DT=5N8GLjEM#)Z10bM4Y5h^~rEKa-p5 zIAe0jdDQK7W?injPv5Y0yKi8x+HUAmXMXYSa@)Me!%qaC=f3ajy3X@Bk6;-1)M#E}_L7N{OsgnCB=eZ_ zw$V{3;ijjToK+l-lDy`|qoXsoDe#yhjS)rk`E(W^IkIn89JWS%+9fDxKR41ucE(25 zTrc|h^HU^Sego&A)ep_nfmNqZYkj^23igdX{zp3dneQsaMtyp7uPQ*NYtQr3Y4(0< zSx0)98J-}6=J>AJnP9m+yNQG8k?LwWh2OTQoPmK)Rk~Tc7h5JCwH?)7OB&6dh;2`G z?ib*CnN0n5u)FA#u&^gQ|MV4Pj@c+~4D5~0p6zTp)LbMNT+(vEK6SFp_E*F+-;4}O zy<)%4!QOImKQ3~oEQN6dTu7|+wF{-W^E3i0BIf8cfh)~o+MK4Ik{*1oIT!%Q) zw_5IS(TYE4`eKVj2xI9uvrNZW%^6X3hWDnt#QC_mxP_&L-dwGIy0qFL#ifvPaA>G& zR9REs?wCzY+@WUD+EiD(=u*#izB{{Y zKYx}DvE0J!mPrL+0ZB=8nrp{crk`Duzua)1R%w(U@A{Z?@&fJJXr8-5&wyb?nD_stpbu#~!Ku}HU!Ny4E>IX*$>O)#7SUyWl z{iNp&GwY3{xzIguu$^(cC9k=GwA$x-eOcN6YaXoJyJYW;$cd7aaBsMBw$?*lslxZD zP|d1{bJ)pJZ!ik_;AU9~$r@}~V__G%!D`3V_XpX3JbkxY@K%=7$A&l4!hY6^{p-t- zE8{!X$5V>E6(ZLwY+JvE`~Eci z`1kdzaxX7(v$mMU>i(nbcZL3Sz;7uMFm3vQ2395I_TztfYuG=3-0&wX9$JdrmYds8 zI!@glnKM4cVD9zazD_IgfzxAa|xNL zfUz#16GA&X^t=qPdIXyRmZ{)8~K|gfJ z#AFE+-xs~60`!=jc46vwT1dzr5k~03o;9CFoCAEL5r4X&1Exz-Qk#K-pE0l11os;) zH9B6Hv=b)$81P{=Yjd+u9WlcA1>bZ&&0LPTp{PhCx&hJvvI|Jl zzJWU%%Nd9PMvMHe_NrDP4i3Owaa1>)G#H8@uw`Im#FPVVvRjn3 zK)@^%qJJ>MmX`L)=J5DJhNl7O;g_y{x~${bA@;9YHEsPgUhKJ>+;(-t->fAZB^myz zN%ud!e?QM!*WA3Ek`5FwMj=uj+Em;n*h`ZWd6Ag%LH)cyL|c^Wx*P}O63@Wv*9QUGya%%Z`M`mJwihN%O-$aw z(E;5l-WHx90=tCQrF!k+fx#t!R4p>I;+Orple3<;aHY^3*`~c!`ytiKM|Y_t$u?P5zO8FgN=#QujIvuuz4bXgF7ZjC z?duDYySE;6KEg@%ee0254@Y`f1-n`2*VeYGJ>9*NYH!K%B8DxQ?W;oVq0VFd&YLlB zAR&#yQT0;9!n#cvCc-)W(%#XZl)pf`v9sAy^`V3)MZYRy{l z;jG?F&gAC>`wa84{Jw?0#roP>ZGlj%BSTBB(5yV_-bTd$70Fx)X79(+QY>!$PVRE; zJHAy)|Ikeh`zoZCbw$(VIP0bx7^vdKoxQP}@=xHL{uACvj_;h1g~N|M}ibv-5BR` zp=ab2-7Xv7J8KCOj7LVxBQD(f_m*!Z?=X881AXBy{Z#v+9_vHcazGWrJhw5&SrCiY zX1K0As|6w1HUn26*s{zbCh5E3DBfx&F?tg31%pjct=?e6^D91&Sv$B5b7NWV>uWIK zxP}1_P6zVMJ15ecM5&?UZ<}OQNMkUez@~@PnQaslG5A6FjlkQn#xNW>A}9{NQWxvT zQzZ;#`d-P#jLWJ#!NWL`msqP&GMAyqhsM=VMHtnA-PqE6hGdk0JColE|2B7VYD3i`N_aymx+3O z^JomR>Y)Hl4N%*dop^{RvuDpL3$+lX&65<)t>EwARb@hR`#$f96VI^h2J;km6`C3x)UGxjBz4!@lA`W$+I+haDl32C123Su;(%d+wyXteJ5Mn+`o0H$pCI$M((C?zFz5?+V9Z2k}_y0|%b8 zn#E$VjzX*+((%Bvr;7;GgU2mkX;e8tu8H`Jni{@g2b4)~Q&Og0lwteD!_0d6bc3oH z{On<7O1*pc>+gH0j6B9=NeBrfyXbfyAuOV&$Q@}}Nr@*PS1r-=*Ij0;Zw3;%^lfRn- zfIkR$77Ab!h(e(O)P6pU(aH0mAg|gxdL_>efnBo!gHWg}7b?0zM?iEC=oPo2|2uXZ zY!@W!Qr!hMk2t47C)@Ml@mzPs`GJ@S*a((%4dSy3{mL2cQ;mMfzZA-pwB6TuPuX%C#*XK4@ z&AKS^dG%Jmg*bt|B4M(cx#8|S4L-$D%NMzKI{ENm6WE@!G!#$J9*Dpyq%*?h2~S~* z+wv%h7!H4FH5;!a!7xGx?m&d%k~j=7Hv;jl0ZLvxTo7NrezQCT>%R(6IY=t$CUo{K zmRr#95ECVQm&tv_k|4c}FA@|fNP6)Epfm$X^Th3v-NXip7%&{9qKF2>-4|RwAjU*V zOk=>PgdY*X$XWx?A3u?I9;G0tAEa2hzTTc5(zCFz5jpM+STPt{+cO=*%?4XWUY-IS z$M)<;B^P=sIGsa$Y4`Vf@^rF~;hk<>WzW?U3h<#`b$?_Lp$Z3no~f3$p7JwH-dOy(|pRYKyI& zxzr2<{V(3pYODI&uaE57ngnAaD+}A%VXzx8-orHS8>UDgnmjhUdws$|lrXYwYcD7$fc)9a zYL)t82?p^b!tnwz1Z3bo`Y?*jr4^r|-HFXUoUj2vrm>U{?Vp5~euocRt?fuzCVf19 zERrTB@paP;uR@b|ZKK*1O|32db>37t)D1yd{+&5pWWlLsf}LmGNIh79O}{?xeW9e2 z$|w45rR*4I=32^F@XpN<&hGE$RRq=BCT`C9Rn|||CLM9fbmTD?6ZPeNA0GT!Kh{3y z{GwjVM6trwxq0o*9rj(i{L{shFL`zK_Dj$=N0vq{|Bg0ou-8yEe9hx6Fy8H9#K~r- zsLe+k%$FcCYeuQC>P%H}fF|?8z7-u84&|A_5>;zKlGe!s4nwUMxXONY*7=Jq);>I| zCieOi@$+?5Vkc-jY88~H^WVzi{)f!<95thBdtl#ZDry>k$$#48??IGyPO#O68n>Ou zDnVKGR9VBZuzAB|db1fh;SU3UtspeTn1_0UA%ptx2!h9ttET^slBQ&WP~ZIRdv+1K z5mE;TJ<&K5+g?5ekORRFomLQC3^~ji6_2mr$F*u;k@>Q0~CJ2z5=s8xXb|kwHUVIo{Xu!PgV>l^K@xfjO30^x}g0NoH|0JI4dh$QqKun>{VRd<^^L>X^{% z82n&S&&HIdg2w$z;4$;uof6E$Mt*^`)Z4!?k1?EGnue`nCrDfT0ylK@>l)R~<_PQV^5~Vv_qETuZESWuLAUFd!yIc>WL~(YkAhgQ z(Cv|Oa;<`-BP2<$&3s=ylkEhuBV6A-%HFeOEm!Gn)55T4z>fR>x%{96YvYMu!R)ZB zT0x?>(IAqbA`B)4@xyRIGwt) zL$z{D!;*)G3TZS=_%^?7H8W3Zd)%&YRCpCrvlkghCvCdE9GjaTjg01fklzs=l8N+$ zO*{5~v>jG5|32Rg`YOuKXcU0B>R2K75by?dwD}zGQ>i04PO}7Kir|JIxpE)cp$i9x z&ydwi%=6A`R{L=-vrc+Xl0VwMtz*&erFDl2JDv0NKnQK&yRxt3C(KvPNE{#TWcDtu zTT0(DH~W$xLd~7?Fyir5tOmbO2JZ>U?s*z1{z2;}BTZ0thKCCXyFLjqzP$y?r zT7(toc%}a7?|}+vUK}p?i^5OhTBG}jfx3KiU!t}o4vUIrx}30d$M8PCmokH>tZJuecKJc_>BEB^Lb z?8lFb#nw9<4#_lY6*da=A zn(XI@SI-tV7Gpl%_|u@WO|m$6_xA@QJwZy>#_e=ZzM7c-bnR;E39jO{sKOr}n{@a? zZ+@EnHtEE(abfL*kmvW5OFub`x280+aaae~ek75Y#GTri-=CaoHlI&F7zUz0akxO#fGda#ZCD+%3!fe~`mm@1GuVeg zC;*fhqCRw+^wxX^+YT%Re)BB;1vo@SY;c3c?I962{XYTeu8bNDdL zoSf!m!3bQYtCeA zCWvp~@?mQxv-t8l?BRgGO8=*Aic0lU!|vt%c{?&JjI5lQvdu_2B2rgXl@&7PsIv3e z9{2^BiS*as8lRh3dwX2;gg~Gm^MSIdM4<-Pgm*SRePekQx5xkJjDM|cvlJ3kkC4q+ z@Z7&VsL3y@F<;lRORbGFVoOo<$&)PpcK&BcEB4x+W~`Z7hOg<-9Vx}3t%aZ56iVk$ zmfccPeoW;sr0r4{CraWpqu|y_$$3LVnR5tI1m(667Nx}DjvVYmfKUD<(cT2nxgp&& zG~+@u8eqa7j>vSJ>?$O-f8eA}^JA`NoI+AZ;B^@dX##_Yoev1skidNSEr#)hrA5p@#tSf$sO)s2w_(OFBATbc}+?HUKF6o&;!OPss9=VfT1h zExB-Y;`xnbC#@HzrOR^4;_nQpWJGDN6bKb(Ns}|2R(g_JREQ?(-Rxk=T$l@!qjiLR z!1JKBi~#cDOOJQ$_%^2drszg-j98}VX+7>{>nS>mi>lniR0^K zv0dVL@-rO2M5bN-lSx~s^wq_B_4mWAOl!Q>jHXBKTPS5YpiK+T)21Y4QPNDN=9TOB z=WpnWYPzDPQP^&f)E(|fZ+ohAQvq6j(d`e=$9W{Dr`I)qo?X86QHu=P1w@{Qpjcx6 zVwInAE78DoL{8e4(NDJ7_YcXu?ay^^pdwamwrujf#gr%fc;SS^CQ0sF$rUPPUYFA& z0$n{eElm!d66`Wgwdn00ziO53(N%Z{b$y5NsZ#^_8F5L8)#Wx3^dSM?BF7I{*3HfT zAG`hPqo~ghcYTJ36G7|+mc8Lyl%Kd$TX?s1rC5F3=iY6onh#Xpl$7id)lUs}SPiOw zwwv+X-N>iJBRU@7P3a@oTfwO?rpG&w@80>r+CACT`1a|{VD@}A{ALZb;Diw^7>k4% zYf{c!)ASfaB>pMlpWF8mS7cMs-Fr!+1(umZA?dd{dEA}WV#u{-HQFbN9g<| zqW^tVk24N#hDry~xA!E(+tu<81et&SI?S~4Tb08lbHFHo<{w^w|2N`gp}p{5sKC3z zzo5XsZ~E`Qe*fx!eMj<^>^7?jQ<7%Q!3gxTN~j^Zw@Br)W>G@5Dzx-2Z~u zG_Y$33)a**@7?Ne9%nx+cIdE`fT)EW^B8^W^?T2}BTC;%KR^CPpMv;_zppBtf1g+; zJ{5_(&>etXzTJ~Rj^^KOj3V%hG+|g$!}dx$wQ=uGd;tIPi@JX=l1#iM=-l1?{l(~# zppNP#JXFQR!m(Gz$cDTn5$H$S-M{bZaMhg_$Nq5iLer?kKB4~swUF+##X%_hu3He7 z=$4H7JK`$7t3{FB?JF{-g_J$f)tPFdd&YFjlY;R>hm7}W<6*LoA+xoY@Dn_)+lhN6 z6F&vtBjmDHj=Rl^sBzN}u{!q;AHR0JKPDySQ2u}cKRd2k)t&d=X@5Tt2mC=cBI_A= z8dNh1fKB%8HS&*QscnlScbWP3tN%71{;5gM%WQkTZ-`5XJ8fPu=v^t!!t!2hT)}nt zMOj(drHfm4yf!!&wteDoP;jt}mDNcS%B45pU2lJqCZlol{C(b<_WPxVSAhP!gQ+dy z&1tkREHLmzP+%7ukMfD!Hx<1)r3vef?t&q|78Vw%sG46sOe%#z@3=6aC;$4^9`*X} zNejbqGb_rG;+vhMZ#)O@2G4CvlN;Ii?dyfX7eV{0=TkThsrSokk5LIEYivH_B_H(c zMGJtR#9`&<_H15cN2IPlbAFg}GbC2DU!c=}hEe#O$1#boy;h4bWZJL3Zg2N1CrI+rLS`BC z&Sws8j-twPKa-j~c;@OpFYkET7T%3na=JaGjj4lYP@jd9-m!YJ9X#Cs43!=hqs>sw z;1)46u#?Sm7g_U`YLicd28tW~#7LHKhrWFhVh*@urJ1)!jI|<*gD-7t4I>viUY(7= zf;HWxm`{Ie%W-Ds-0mOvEOOBT*xf{)%56+!^4MK12i6@ZrMW!Bgx3or4j)eQxsM3!vLndjN7OU6E5ra0CX+x_A!UQ7q|M`#yT74|Tf9XWjRiRyU7 zFEL8dt!K2)l2xwFQ7Lh0JS>>B^)C4MXltFpXmr}UUp8#=6No$_SEeEpJ{Yj4P>WavF>asPd> zOt+i*@lyqpg>$_9r|x`+AK)K2xl(a3bL&U;*cZK7PZmscx!Fe_&<5;17ZgmY3AvH$ zC!FD>P{&MmkfTJZ-Vke0C*W&!hA#$=t-DSzndhw?Q2%P%j|i{_lMXx5 zW{s8pq^mn`-kJI0!l1R|T1dNpa7{?3QItd9Crw`SI$5`=RL$M{_LWCQItF}utrg+A z#zJy)DlSjZ%z46DtoES1IH>W|T5SScXAcac5GNK%U4>U!<=^s!Xk%Dg_%!-Lo9x8IoXi=JL|9*WIV#`l3N(2%N zxETM`WZLm2!2FH?f*r;(`|o=0x5PZw00#$tOc;vO56tocEC&zX#XaVDMe8jB+BGzN zh*yQ4#&6y>w0tg{I@uQ33tU3MMR?@vtMsw*$cL*qxzcp713Q-0Q!&w%_Jkh$>`8wYvYZv4Ij;R6;w<4XF5`o{KQrn zz~Gy2cMT<9p63-c-Fs8@)XhAneL+X(I|lnTH@;4Jd;h|8e~Qtn@Dk;LmIUK!o>P|aE|K8Hq>iE@X;>hEP|gvLBpcjjB|{gk5ptMGS;=g-xu#%jyj zx(&Npqj?y`#ze+*ek7HSw4~e{NemqnvFQ;q+O&sCt2gP8X-Ex^XJBI?SL@9)+8*8^ zp;jT8>_KhCs{E|Qn}#Uw^Syr?K>&?$5lmtU{W*mA+ZP}xZI@9p{N73h5ZV{`6-R>?^ymg5h7mP~lHR}|93AZM> zZt-OhE}6Qp4Z&hyG6N~pI1=d=pW{1brUR^Uwz+RqWNq)CY9{9MJ3Z-WeW?llE;lC zW}nbLgA5bXX&oa+FKjb#27^2-U37ogG$k|4S{pC{W6ux@1l$0>$S=JwRS`S@up3jc zlAk}PSZR+OK0MIyDQdnSqg-@#qlw9A+CDiPVU>Q0h>n3o0@Ll|5IG)_ax;OLvQrLmQASm{1ugjZt~jer}`Q39k_UDOs?ov z?``webDeWw}lVVA1+3($(*6b2m@aOlFwZx3J zJBqQ8;4LkQ4fofdUep#4bSgLGLoT?xRDG|-=>u}tHt=0~@p*8J>!a8yasxdUvU_I}*K#fD1&=-xGqZmlxH2)I!twJ`W1cSkp-%q>ms@oKoQGL` zJ3d-m+Ofl;wk~Yec(7LdkuTLQO}617v4m#j?@c)@PwR|mhRS}+zmeSBD4)e+ASY(d zRhqwb<&NUpwYzCCJaVi@9(THJe^^2XpAiBv#7ZJui2pOm#(V>831Zd>rWqoNrtQt9 zM~_Cen&G&yf=XunweG>C<>hYNrq4<72{q)g=1>{~2l46@(Nen?F0ZA#OYl)8|L4Ov6#tT^ z^E1u5UtrmO!8@Z6h|vjJ?x}8D7R*p!kPf>1)q3EY+t`p2+tcE8|%moR^f80_S?L zDpBM)^8!n&)6DG&y`a=PjeC-ET~4?zQFf?ka5swBf3$P9OHE#Fx+s`pHK>C^_hMDv zLRd~?mg=nRGtgITy{jypTTc7gTT}QwHa^M9C~V6zuSF5)Yo%1N%%GViVau)T?c2(p zDL5R&^*X(8SHk_HTWwO}pWvg3LLP6;Q9@ zP%~^!KaMiy7^cL}OC=#+myex(x8KvCnk7i>JJR5d@O=~rC|OYZ;9P?nb^+L6uSWWq zpx=~{*@}Yr2n$Q0$RBwq1v7$Vtsi=MRlhk;h}N@P>w1f$h`wHivo3a>v?m}Scz#i~ ztLbyUz59xUPILN^bW;)BqS%%3g7v9!_niFCf-OJp<_Asr<*gM4NpQ0N7Z)IFbbM{X zJ=lkpxUQyjp@Yw!$y{2mdG1Tq!uqgZ!yzQH)s{2Qb%G4lPWPZhUP%FrhA-!;ee*By zTBu)Uo~~{-+i+lyx|^K{PT=t7j8E3f0;F8o$jf8?N3s|E1RYn~$ET~9-78mk^d}c* z{EVm%{Jf!?EEZ+VEI7G2CEZl7$-NEy_y?lPE0rMcVgvGp}0~;M9V{2UCO~@&cmD2SgKIu-K z09MRVxMu`ux`luVgmF|E(sWB;mE;Ir*ohEXWC#OB8GUI8)RWy zc5(-mMV&wssXtUj-U@8qZ?BwM1mtjD!=)f($=x~Ox%50DKHq9)a`H7%zL1tT*Qgv z%i*dIU(}MMa_DmXKvZ1Ah;@1x8D;M-c1gOKus$D5sE}X%pOBw=wyxcWO~k`y+&3BK z6*enkdKQYHZ@?MH_cTv0{fzh!|a+dtoWMYEjl>6?6!EqPkhnmXV$(U8s=Yt zt>5=;rShL1uyzB_1q)|9TZX%?zWx-Hx6d^Ir#~(7+UsBa4`!?2j7p*_CO)IS%L8>$%QW2uQJ|g`w!*rA5p5l*%*ZXk}3Rc}T{ z`Ttdv@Bb#A_$y&Iao-s>aCO8=dmVnN@@w;^vv?yt41cdjk51<#-wHJq&x1DV!-own z=rNwYGy7YL+s$o1`5UFePTBY2fQbL|N(=sn)BW!-!N1>g@xsu0KbOkuGhz4t$KPo` zg!&wP)uyh!e5Kz1^=nGlS7wvl^=d!d0FJ*I95qmdLg4sBWB}t2xBs^Mhc^EG`(fXq zoJ0uNZSZ7VpsYq`1TzF8k^EH#xk7{*VJ^L#1G`(^m)~5EU)eOZ?(*kpk93kWW;+wq1`OGV)RYi z+x;Z>NN4wS*IX1W1MV1Uv*w-XP;tKOTJTu@a+%zK#hC^f*Uy+`$801p`Tkn zP2C~sG%slJ(s2*bz9*K*qZKyvBT|s$e!S)05}QeY70SsP9M7(+q#06yEod|F`yNP{ z|8X9{^bU11+{wTi^Rr(?_5d-zv$W)8^4kLcHCV0;V8FEb{P}1nw8O+`6d5KMw{*AG zjoM9v0(Hu$>L{uPIO)Lh0**4|cR@^oGX?l=@JzdL8h|O+K3}VtoYl?tYh6^o^rO#I zTvWd^d-BruDc)Cdv?sJqsy@2Y>dzsKQ5aeMq-THM_Ta_(8C*tgj}z$SImRkD`>Ch1nr$u4O|6usi?DX8)&si<3QC^pcyFZ#OhD;4sH&icjoT zvr!ioW{Ca0a{m(@fFl?S=m22=b^00-9>BD-cLZxRUOAbSg~bEg>t5`rpp}B$g}~p3 znEN}{tmWS2HXm)Mh zG~_(gkOQDogsdaM;-h2jwFL3pG&vdJ-X)O?lh>yu{J3+Ls#rz$z$ngCZdai1RCOIY z(5OaL!D{~Kb@m`i2FJkp{(aNpv8wH4K+_`re6Fd^RCDZld@MV8v@ItTmHX5;a!R;_6v5|@PQZi~A2$Z| zH|AkUnSBRf5=3HSXV*ps0g=Rr3Qg3(B1#t$aWJDa(Wc*T9%Y5}93B|JIv0^WKv)Vw zi43zEE6@=4U`~eG5+z1dZY~o%h;Y_{EjMG7tOvA)5Je0P-2od42bXD@3&QgVvpf6| z*ry=Dup;h{Xx>4e$D@k$pZxmzAlS5Il}@KOnj|hofW?lwemgb}5_sy_i96oBVKD@- z4qLmndQ?z!!ZvJh4~U72D`}oOftYHXL&UNnjFxO&a65qsU}F14jhn08FcYYMKaI2_ zU1ZKWcY&08d6#1%p#aQr&w;PRj!BveSpLO}@_Ge`c z*=GDV0s|!_i>(%K)bHNiaAn>?N%5meK7%hq2`&agAB**ree)#_ek`?qZ}H;Pbiw*W zS^Fv(N!j!`XRfS)`yBT#{T-9x!pM_QG&Jy!bSI$^P`sfSX61+`+|i5T#K03?mAtD# zADc{6Ok)*(u-J@NM2yl&G8kVrygef%w0?i;fbUDCQ>Lv{F^MAIzxf{8IfmAa%{g`c z>Zld*$E0i2O}_ZWIr~ zR!Yiaf`av-S~gj&?_y#CA|m8vWp`?8x3{X7;!YY=GJ(hQ;x85Q^v|-AmXE%}=8-;; zc@iXgrQ`hrZ^&Dm+Ic>zByvSe3tjFj*PpQ!BwbOuCVSOQTu^R}4oIKgbpJ=KJ{#7S zHEL3B@YU017EU}KoR)WB1r=wA)NmmO~~9e&2%Eb5N~&Oq=6VR|t6^Yvr6c7WCJ zO0*3q4RKruZUZTp2ZJ)S+eTKQV4~vG$Blb)**7v$Gm4k&&7pjUx3$rb8R5Z*74thK zHePoa$GvuerzN0X0tIq}>9^v&-NQCQM%Koie3LG8K;ky7Qs^#hlF2n^M;b#s zin}M>#Ag^+Y+H3ZK2kA=e~cXBIHt!^$RJ`Be6~OepPy)@=&k4qFKp`RXEL309Ia@Q zYR^BPqq|@`Tw5GU3Vhid`Z*9At3e}8WQyG%(WWB%qo-$T5~++o#D82|;9qhrO&H_~ z;SaxXN+KpLt|P5@ySFb3AIB?oRe^}-#-DFm6cgf9{i;JYrsYNc(ouy zFN)&D{wng3(?hR;e?BO@VIqE|DCnlgiryI0TILK16ZEDAFewg`F<%~*$@zD}^9@Sc zH&9Eca_z^|f;(tOR%@H#%8zf~idvro{3IlG6kg=G0N5IlOe@C}4?Z>F-v*pclxtLsBTx<>P6e2iTzWU*To_I@y(S>A?L>(~Ar`zW>~H63tSSvep#Mwn%8 z-TC(WRe4Dp+0=^ol<%FRR<8H+++S}WalVv&v{7WUE{?)x!G!3aH!lWhxGJoYZvQ`>KlWv|11itVhx)2 zrtIq@vurR;j9t$8Tb(ARRjr$1?}&97mE4g0_U-pj6`M>o3>gUhLu*i;P^UB~w;+o2 zqH}u-lM-A#V8^l-sC6g#6vtML+H=LgBQ&0~1u{keCGL)kMZC}h{6Izf1uUP(Po8Yh zg71%9(HoZj)&n;am7HdW3Q?LOHWpKIf`^J(hRmfqqQTB+-a!dG_VlUaIk3hFw@pw} z+Z`*5e*7ThfUx}{-ZRZXzzs)|m=t82=Z+nZ7iz0&y{dFc%i?@%!Og2@!^=D(BN|o#yb!naqnz(p4Tf6 z;IU+KXB)K3VrMs5xtZsgNv#cE>{tLElSW!zo{f%D^RV8ZdB^y4K&s!}j_d9kUed)>vKPr-IFxy zO1)9X?m4D5+sNz~YQgBD^q)P4ORU{%HS1qn9$&ARHcKQH7gR|wLWS0am?i+L z=MAO*@EoSj1V5W_Tn0JXY5dK?!UC%*PXrQo3kWews)0gOy|JYV%%GFL(G&|)U5e@Z>T`D8~56-gygpy}bmsZQ1FaqmAI<~tma zHc6e+tSMx+fpdS%bi3f%<}(h8e7dY{Ha{cin*O z;F?d+tW0Xz{&I{%XZqf?mf|dvWfh;DGA0F&E`NW#GwuEFJVLPbzt~&prKKk;6w#&d z_`LQ1E2%%vfE3!f#h8=D<+4*dCnD&kMdRFq?4faH< z&bUMggJt^{L6hTo>w%i0i(&VVOMK9gK7Kv7WqehPwV`Mtsq-CcdcMArbVtnJXX{Z| zK(V!(=mSw+?yii+Q9Gg(+*c!n9l#Q&Pf-WdI6|7kOz4z;EsTpC%NZLs=pVY6!S>Ng z>i!B>u+Qct8v+u&A}rOg?}h%AzYM4fQg_aS&w^W%Ao_Xex0Yykr-5yHgFn+Z8hx zLS(;Is-FADb|R1h$^VZzWB+F~$;bneT?h09z}Bd!7W03F2|b7B9>;Ej*KmT2jc_7x zjZNn(jQef=q*=4-^4P*zB~K0>?yHw-!eE2`Zm9ko<}tl=a?8^TP(kwg6sRn=nG5{<1zF zRVOKHXjFhUP@3#E%L(+sFxLoM2N=nO!iMycM^heag0PU(`Q%U!GS(4zQ$yT7o)82L zCCA79M`Ieq%}9i=B{H%tmG<~RQrOem%bxE*MJMKzHs60URiDu5LpnPD8Aj6yO2h2b z_mR*=(2WSiG>{MyF%<^v4gugp`%v^SD18&(y#?rY0^)=7ctd%o@@YZF2HBzhw$&f4 z6Kuil9g_|XDSA6F>o&fcBU!=t_xcn3V}jC+d{S6Q90Ls#c+AxFbcndCFvLl)7$g$p z2^kxR6y7vEtVfOzr69T-XgdoL5spzNQFmk8!x0C|W?suKNutq%cQAfoKVT)CyeHu% z##%WDSPh12UU(59iEAx$^t$@yFUDnm4Q!~HTKmTf(j2b`zPUljXOoSzJoaP zE135I+6*$-BNyY4LHBm8bG-zE28d{4O`F%v$15I0B}|L@x<`!JoYS-kkl!j)dKRV> zWP7;p9sJ3*{S*af*@vAh1%{(vy6Z-2)_8AR*R8EvNnMvMXMSlS^q`lGvm&9Jw;<4h z&FVt$r41XXdOUZRG-g(Z+l({+k^asidjGIv-iNqL60NH<(=L%QOUjY`_V3~|GjICK zJR}_;<@Rs5cbDiW%OfQ;Q6S$qL0gmTzG{5&n!SC7QnE%OBF{HHI2-ul#Q^O8zI3jE zkdX%V`)ByJGEi``vtI;we+}l*jrt$}U(wZ#Iy#uUJXVc1bT5V1XUGm}YiihNcm5o- z8G_~^u&no*t?g%EY)M)t;xIu*&cS(LX94eUB8CfDOMz1O&~Yc=`D<)@t6&0AJ{`($ z{1WHj`?fX>++d^5?;cajt4%3--q8No&W+r}I2(|ZUfL_YK z6Kp$J#WMY6A`q_i#2bP6F=n-Ud$`Yi+e#w!%rDP^1pTvr`aSH4d2$!tLiP-EV0{X~ z#X=r8?OZpM{lczGX%X&gju)h*jlosFm0=c+IyXTpa1r`{kKZ*?(O}=PgQO z#1lqAZ_zU009W=jB-|dyfE~5#9Ye$4m^tx7UK;rFTP*S9}*Cu){xC zjo}FUc2WyD?ju<5i3SmlQcQluEpG55T^%uyc-}s)d~o+~`1gY%AB&YeJchd05H=N; zVxw1i@nnzy=+kPNE5JU$(AJ|nU zTDARYFf+?*=ZUN|5a_yo{d#Rxl~rrK@{JotK;fP|e(bMJ`%2vPD+RN7g3QswdF{#Q zP6jb}e)%`S&C7~xVNqu?> z?#t?!ebLt@eExg`1vISWpKH^mG@8t4WqYDefODiVI;Oqd+~+8zNTk=`T#UBoX}-B4 zc__mog_>=pi05 zSOtI9Dco)i$_ZaTF9$pORlH>wKjJ~=*hfP{`D$eO=eF!DJpC}}fvrp_Za-{>vEA%g zKc3mf;G_8=DM?95=_MXsTRevJb2?-s7YSNV%koY90OGfZ0m9T=4pr0COva}0IU@rr zfL~CMQ$$2Hpr#EdN4<0TJpR~tVWLynbbMq)(aCA)MzQU{?>ECt1%btev_-F7n@t2f z3OdadQ;Dawb?j`;RFdt=Gx!C?VK)z#aE~ao9NVL|iA3`J0@!N^i5|6hlFNm*X}ZqV zp4~OT30eE#JoC`TaEgm-Tn^%fhsz832+`7KQCX6%t~uNq*>R53ee6e$ zoENblQ^fWml)N7TJF9r_moxM8!vGL#u|<4*fbdsRn+)U|6$SlK`^m-M(#D86mcJ z3+dp+q0!MBIEm1aVn=jxcD|viDiT-z`}gnHD6LZE_H5mF^ddC9Oc;i!QCP~U;e<_(wLcBE1036_t5t1nN$_lFud>WiOHySz$w*Hhk5Thz!>99A zXOiKaa4C0Vy+3v|^ug0j-B}lib>sO3y4C?~CATuIqQm54@tEFFQ!^2lz;^zWQA7!{ zr+^l-j0op3q4EeZReu>tbQwTvK0|0>qpADkt5 zcKNgyUrD&#I9uljRvaDV~M zuBWemO_W62rN$jZ=sR*Ii|G3%I#E6b3krxa`Qe=TfMpUG6ojQmoY3%pt^rIP2TJO2 zbdbh192@vi0@sd?jWve%g%fg<_U_ya-Vz@;guQ)zmktCUOM$@`aUER5BLOS(L3}Vf zH`g{}S^0|pGN`5znD)U>NZ&I^P>0r&I8%XH56$PT=fJHe2GaaCi-EZ-%8H8b5D#$W zQPy3m?H<8*x03EUpE*IR=`Ackj z!KGsM_$F3qmXRv_dDD#6MiQz0F;BnZ*MR2HI>`Pm+#``_&*6-5Eq{}Q65;@K%JWMt zupf^Fwi2I?VaP35qjYw4N1P#^f-x%mjwC63`9*9X|IwTKOg?oVOLma{y~?)IlKuNi zMT#gch}XB18}M^~UoWXnZ20%pN1wY?|Gv7bx6$X{S0t_@#M>iYT6APb{(VLIAHQ<{ zg>59#7eN~@So2wr@BR|Tqf;VJhrc(*M*I_FRIb|W4a{$Lf74qkScxRvZO-qsDCxAg zvXxXXDY)f7zwh6B&?*tK8FLkuR}q+ z`JHrx4g|NmuQHMcs|a+c>p07&oN{i#AZ8Oj)W^GjKhXIi$gXWh8h8_LeZBYSH-7CirSrVqU~=*{ThZV(sWDoXSc6Le zO{%JC=Ecij*S)-d&Cl4`5BC^&)u?F3uH`;ES~@t#;cW6|k5o+X^6_vnWev>){Pmg1 z<=&r>S3b;yWuJ}A>o1V|`IF~`^A`nXb9Uwi+Q)IpJnz_~(~g#&;2W4W@3Fa_QNeF- zTr}X2shdz4uHx1au%Q)((j%{)b#{B>mRZmdPmM)AhqFWOp63DVKQa>DnH=2u;$4h4 zjpB_=IStJ)(Sl@(I^kyWrYuwMYbUMw9Oo$acH3|;P{bek{UKPpp7|2PsbB9aDH)$h zu;1kNoBz-s&YjV>Vt7z;WNhSj#S{L%Zq-lgit*|0b?-9fYu+C{rKIOLc_6eaC)zd5 z&O_01;_cDFH{Yoa^l9zhP22-w{m|ZTYTn>9{!}8qC--L4`XBjC&d&Uz-162mT#8{5 zX9LnQtg?J-6xkVk+1@^a(@)Y=(bJ%#rZ?v!x~QcFMoPQye6_hMkflCfsrov`(_8q9 zd-Br#v(dMGs?PfzzouAo#=2Xl)zP&1i$*x(=#wW;s$Sf*=8O3_;8~pMST3@Z@5iKk zr|1l2(NHV%d;QAdfOn_e-->D^GyLII`z=xu`GPC9EOD&D*Lbs!^xXK>J9UOnnUqb; z!2LVGMB`qtT68-6lB|678&~G|G?S#A1z(O7OB|_8zTz(FET3-J{$6QRr1rx`zw@W2 z_wbz()F=oSG^0?C+%}LL8KxX3@iy(t|JKc!MzfiPaeP!;=ae#Lszw#3)mU3%Z`9Jn zl12%YC_^l*iZu~iZ4+zJ(x9jhwR_S?*S znS0Lt@_xAIF3bFalv2?sro0Ku#IJ>VB$%a?{m^T3SHZI8znFtE%G26v*l z5@xNkko=E6t^W~aE2tof&-+A(S$YVx}-Ym|g?&aE`j zp4tDrJtK@~z3u=5jo?KEh(Ma{#}CK09Jfaf^?NgR>KdUWg;RXu{vlzvJIQ7Cv7$)! z@`BNQQf>B$3rQO01ccbYOGM6fcS+ODi}^u^Ie-BsXbN2vYze@FT~P!rs4;Q+LB*PQ zgFmBnZVjPcJ;(8{cs|16RMqw)n@vT+#TH&;K92(WCq)KddKiJ1(%GnM8!d~pl)YFD|`EUr%?2|$fwcM6|H zwy@?n8;=t^^-A!Y<@}T+(Q9^aH*&GOe8Y~tcF{mu(rdD$EU3Ds!o8<@KDjZv?QCO+ zs%;6RyCk{3;#_%gR%0NKdL2~hBM~!IK=H1tf)CMC5jm@>c^dJs>i#n0T5(?_amly2 zjeZ{m_9$E4zJ!`H(XUH-j~khg86L_gHCk_hl5Vt8Skicgrp>U+RT7Y5sHgt2oBMpF zm61f_YW*m+ewba6p{NjS&$y-*Hv;nsZI) z#8p*L&Geh?ngd;*3x7JAmEk;9^kZ+IX5F6LJR~}RO7Kt(lQ;u>=j}6CDTIK70UGMX!~h|Nk3Ly(KOtv zT&%(h;@uT6E=CUL4MM{xg|(TI9~T>;^uXX7yblM6F7+OObhuw7odLNZ6?biCRPqR~ zm&^M%3=PJ{)s;U@(1+I2ZP2e4EIvw*9d%#GaBt_ISx5qyWYOk`6@Wvg7zNJ>b0T z^RV1s84khrQnHJNlTE}739=m!saG=nD)06>?tIo6{{@GEJ+$dn9O)U5oSz+{r{ALM z1{rorglT}37xLScz0+;N37fT(F9*gFV{sQ|7lzU#mVL8-&^_uUiVcG~hv z0KP4JbOWv!e|_+@eu4}>&HbyESPGEAsma2FqQVE0rKzrM%u|sKr7++#3uo!ni)2!DF;_%RCVi-HE~ z4<$r7$W@YsL^-;(+Xl5+2YEiv<8qO`A5kIQ#`sXPh4_Z;)=xb}ja4|w0AGS?CT`rx4WK3ibh02MxX9`Pyzw~f7FOo)X=Yfy74C>z{LWA#!#7f zfByhEenz_c`IGodY>Cqz%Q+hgJEVqyZgtyrRb#gXRTl?Ws#dTxEx>$y*_Uhnq&Z!yeScv~GG_Dw_`n1GvoC@C%vQjYKN|2%o| z{iNvDSZXwjDMLVjT8D1DbL-T1Kr^UGrfw<0N_8OtC2#VSxkhr3jt9R{MzM_9`g&8S zD%08}t+YFRLRf#K@0J2Cu*LlOA8+6UU;1O{Vb;x%*!bV5R)=XMv8fG}YX45p{&Hu75r)~Cau!H{Zu zPiKocOn(FOAXTVrdRcM4Lz(D-XDZj(Ojnn>D#c-m5u#T8^Ry-vOzy%xoGw<{1Ezjp z6hEYPZnH=fM=%4n*l?76KWQ;aR5cXk>Gd4+-r0qs9E>3Pj8}sr6w^YJq@YBKkFXgi zQbl6h>dH=js3De2`woYx^YlPrvVi0Xi3oUJVA4Bq?XdQNa_`1Vt2b}6A+t~p7`oX+ z|HDlwBOo^V=z5>;0Y;FuCU2rdzemZM_`wFBzzf+QqRC zc-b6vkOV~~7CBq8j{Mg!i5@I(%q`3k;^95OV^dpesafSBV9EcG8!^nS#w+dQ1aANS zgOJi_N>aaq?;vvFj(hVtmvSv%Qo7MZyGzJpQ@5D#9@Te(L-b*p$Qt#xV`wDg+-jdf zsj)4hTo{Xzu+?G@saK(+VealJGzWpm?j2svFkA`l2Ur#amp$>*k`W38JJVW7<` zqDo^rcm?q#$@4=<714-q|02*LUi5>d3zQle2x;xkDmAP1wPScf$0_X13FrJ-2b7(V;{lhQ@X$qKKEYbE9;(6Ux@9if7iRaRuFZ<9r0 zi5_y-zm#{)E_x@7Kq&Klg?`P|=roqbLZcUNaoo6fmBAwFg&56qA@X7av4g7AS8=sC zdDOYRR1>dRJM$%4?VG2&*$1UNCUFv9uq=7B*r7$7VVK=&6mxM873X;u17Au z#2zs#)0t6{skD%*uw4Gyg40eN8^^|4u-7?XsZ}bY$yMF+(Lyd%(OkeWJAUw*VRGvK>glhrKz z%EdqXCwEH0l@CfAx^Xshv%N~n6pbY!D*VNpS7l~ZqUx&cagk$_sVDHII`KnBXmvWW zb!5FB%f3+vv+tc~dd` z<*;ojor6a6X{R|XPuB_xusGWcrOUxH2an7WJH!Rt)nEBePrh=g-?_p-9tkC}LhXaaz^rOCn@r@k&{H3rL1bm!ud%MPN%Jzoor>}%umcjyv4pE}Jo zJ{x;GU#jFDBghtv_Hx2hgqyj-%0g|Px)6hE{dXku8p8W+zWt=ZEA!EUPg`%V@w7c! zou|TxET%7~HkFhd%4iLk&EzInOQy$OD7u)pR}My(H|~mE9<|K8aJTojZHh9^2EP!C z?5lmB;AN|qp6Q9Po{8GF>?<-)xrwy~TjLm`FhC;4W_L6VK2jO-YHRy?e@Z1z<|Sjr z;1si;oDM;+R4p_S(Jh&SVi?y6v4jVsPfcx45pYxG@afYSk7;Yf7+mD~g zTK&AxC?w9H4uDap<=13Vu*t75j1IyrsDcEj>ciHIjH z42@CQnbpk>*=1@Sss*%4CrZ)A6Fsc7+nVbj1>B39gQi$_(tqAy5x2z+-Lv?`9$!}*2Ezor!Q`=OMVDoWL!4JAF zA-}>3Y~Bw8X3^xi&cG=q^Y8;A7R-0JqGkt?P-M>O-WZLkg>atiKtOTaGq5T)Txz}C zA&~!(s*JTSVedRCbkaEnJ~y%92@mC4>02p8&O3HI@6iISh175Vj_*L|hHpD$QpC8# zm@x$#b2b(XG`%hy-7VYTjI7XNGWYZ)ZDna_obqVb z29%c>1$~>sf__Baghg6AZLd^zWW@1jZZle2t~$E8Af^-3LsZI4m2xDkR?RI`RLgV9 zU7LciTe522XXUo-K{r@CVhpYv!$9)kfp5z>?=zKKhn>+%L589G^8{#tqxmT0@NL%y zaGt}scOJEuQCW)XX2cl7lVIcZ4V-b;y+R|4461P$=>Zq-_cwXTF&7-SzQsAq3=XYs zP)s6yt+IMK31UO1^7~J>=+D5mx2zTvEDP}8iej~1@V>hmFI67C8OfPrs8_Die-CrU z=fLHV=Sju{8`Drf+q23Y84tYS-En2aw|veAt`B?SmF^NnCrZj2_r#CpYPxxORadKi z2&n9Ab+wlzyil_+bv3nRfuK+8>hhdd8|UDHun$%;cPyZr?<0u2w4l=Fom0mk9v(=- z_JxnH|5`^y<*ZCXV{08!Ao@W~ry-o~^@`Y>Znmqj>=p`8Iyz}*!z8>j$Zv<~5d z{tQd;+;2O+(H2o_?)HzH>nhFgNWcZ7`~~W!#t&QOI+GD@^^Ktg>W(>v#a@{+0HjiJ z#1?%%{V-8c=L*{}Jj0xg$~y3&5ccIZih3urhjuBi>dV4%A0-Jvgnm8Oc-U8avOqqL z5FRL!5z55)t%TG8y!RXVJgj?zSh5GKf1l9+=pFnP&@3+^|1lC;UoSAb|CfQHw4NJc zf>?LViOC*5$)5NdPMw|@Z{V$ocqEpT2!nFDN?+lC@&RyP06z7P*WP8DgG(&Dhtp&l z9bjv1!1}SW5Q^YXck^N9?4rxJR06CIgc7ZqP0xk5jJGv zt@&sisdI4)z9Ovn2_+bMJ)Ca8-4hv4P1DL6782}GJ6#W+*u!~Z`#i(a%ra>(Z2ID? zJ=~UNOrA?It*$~tccQUNd)>0e4KIPP=40-U>){lN5PTNgM!FI2!WCsUCXd)Xt!TG# zdQv5bjbTWW=kn=iMPlaNRf4IBSC$th^GMz}UC&xx_Q|Gh87Bc~6c}D4ZQc-p1=t+$^d1r9ao9-n5?RrO;#XGocIpo=`YcP0FCraAU*$# zsKAIp@*9DwLOl$ zD?a+c=JOC>F`Bqtw{q)*V$<=72)F_Zb9a#~p<8A8ZgzzV^nXuAnmvJe4+P|4K(1ud z4_Z;`Su=J*f5tN)-w*xu4F-mchyGe6vAj>9x-aPpoiLS0fm*Wm+=HDtFN@4G4h$1< zMC=HkC|?b2wSLxO;Lo&&0|HXG)?$Q#9}Nh(k;o5z8-77Pk{zt+?L2rkka#8g$t4Q@ zujj#)2b0!{u2AdH;wskPI@;!N4bQMKkFWnftAw->>G&KY740CanmH9JA|VM?TeW2E z{NjwU89tD%Zt*7F`A|ML+69xGg<|5le=U6-JyBG&v3GS) z5tiawJDbKsdq6Lzm=;+Nf^TEJNY6L^RzGPek{xs;a`AoocYJ2Ivv8$n>FTY*-e1{~ z8If>Z{WluZ*B+yx9E5e9C(j3A%OImH!8KIBSDtk!pq^+kxJ0|+)6~p^7u%v(gD}@( zFn^;U6Sp9qzqJpbnTf&2dHZ|NYpRNC>atl&oP7GU4~=}VCZcfv8W2gpo&SIKTB zb3;l$;)>*1prA9gS}^R)`CB<_PQe zs}bhhbhv*T6)>yzWBHGV!pnuu@$S)>*?1)O`r>%~kig;p<0H?IU{CkQ>Ug{cWBye% z-jsuZIkX24<>3fv9mzWap1r%7{cAjI%|dG5X?xoTdPj6d@#K$`o{Fi#zVBI3FwUN- z8^L|FK>KtOqK*#VZC7_tf+SjCWw4vR;bL-%0~0AE!hF z0BT(E4%e{t!SP$f5=*$@0JH;~D1s9d+a5sVhtD5i9o}B^6aPOJP$&_B+a!a3f@Gpf zA{qi3hZ8|OqoIH{Br}lOXT%=JR9+6I! z2!Q-p@CDRG{E5&bdcB5{2K~c0^6R1;c9l7Ax~3SMG?te1+>*Q_XMzN|QY)+I#?I+$5#usE zGbOCfC%;VMzN0f7sZR#1fSvrIYJ!xNuItO6&)+I*p?}YF;l7yV3YuA2*b;I<`DnKJ z<>JB+bzp8<8(sYKJxy+LM^|ZE+epzFF6K+_HDZxy+*Y2()e;=KEpR)x)A5Kqin8)b zkFUtP8E%HpefqMcqqa~TYT5FxE#=;>)2Elk#Asd77dT3Z%)IyDkYoh*dt)!PL&R!F z$UQ*+YtQXFE@o+cRX057>S4WER+b>1J>XKyDJ9+;K{z58x>B-e?deK4JQ6xQL(k5^ z)7RhF@2oLVs|!_2Uk*7_FmA~`W36-tHfF=qPzL4c&pqaJ=;(CjxXA6}RfpXbB!ZFM z$*P;fmdwoW%E5K`i%)~?(bzsVD_!b%n%^3knXYH#`{bOzBV}csE@3Pib18QjP_bY? zT@{flsk5j<-Rp9&?__#Eil);H zvpKp=Y(ag**_dQ8cSmT9J70Ks=n4@LN1=|SQG}Oo_s+ZV_a7FTN2gqDfIB7a;-*#` zXVp#686qz$EK8}C&pT=oEi9zBD%DMuoliE-%G*~W>)5c7p>!+qo&NI4C+cza^%Jq7 zVR50!?fRlils?^qqX$saAWz}|EFGh%66kh-1b9TJ7h*gJS{ZAGBc57S5ZoETfPK9{ zE*atY8(}V6Zl@qp1VqQVZxIsBk_WS$9;(>$ev@Ldfbg*#>sC!ke)XOW_ zvOshDXOPzdfs+O-u+`G6R!;UeG7?=PjJIJwdMm6c;>VZ%^nY z#(q!7K=qf2C5bB5Kw7EEdf|n&v!3;6KZ8PWvRbY<>4)za}WjVbv*z zwja7DJTqETD9qRZD(6)PX8N0&830Vw4C-jw~;?1q2c=5LOaqejG&1@E0`jF?u zmA>h&Tf&wsJt($C7pm$Vr4t++yN~M$@n;uTUmV@PyLxCd7i4U28-I~o7Upw-ddh-= z8XEoDR9GHsl_zFUQZa=sxY*h7bg5^>XFaD0)60~LI{!S2gvCIh1KiW@?Xe^xo)JJ?MYz-KoHv%{=|k`&wt{Y z2qp&-XY^;``1dbc_2Da0AR*-)`R{0@wZ5rH;%&QSdJ8^@$_sOViFa!?abr!0yn-!4 zxd;q(-x|5^k%D9Y^_|`&Dhf3SWOFD0T=1U;J-mi#|MxYC>$=D>63pabA&}bqT>|0T zN85f{lBmPn;Ds$Aa<{liy@OoDx_za!HCal*)B9loh zc+Nl6yKt$FX-|u#lFpNpw&j z$Aoo+{cr%++yXU}`1$!6qzy^$vZy}2 zQZJJMf%MRs8p^_AoW94%2on%UZ%$`xs?cH|$~_VY=uK4_;khvHXmoD_wo*5YEbV&* zdi}#6A~vu(`jsbw=1(1`XOk%SmI@P@NF2?y_DwQXJETe zI4@XRmBin!LtF0Xajl0@#3Z$3q|x8agui+Zcy;X1(4Ldm?y><1R`tRo+>bV(fEp}=g-V5#Aa*bD#aW6-Br@z!a zzm5~)Q@n>F4U1#}fnH7*sT5fEGsuXkKH%lJ19E%(8ENeC>Z(-=Mgcg@N~b$;ceFKS zb#vM)rM6gAj6GW}^ra~x$Oi1x<`4(-}Ri-5)0Jus4?#0?P?7Ws1K;{m3gMK}x zZW?|Xl9w4tNnc*EIv&QH?9tZWKCGe2QFsFSihjfUvXQ>-IBBbXernP_ux+B$kcD~qxM*-=vOKeE3mkJYo78#td0gqsy3Xsd`I_7YO@5Br_gkQkWEqUN^s(;UJ6|iEP<1)+FmS8YgavMz zA8k&%e)WJZLK#iBv8cptH>d2+jte!`&qn;+W3QkU_JkBDxcSe-^bmkj4SG0*1u z8TGW*jPp^gRI-3fxIfFCgJfl6AE?UB>cXYn*(k?Qaki%TZ8&dY9||Rt1Us%W41-pP zabA3cTZOJ~lmH4}se)LRZ?q%FfU#fx9Kj2EdQ<4EaDDb`^*R34&)q{rr?sUX#4bYl z*x(5nIk}}19C~TZj5pGItkHfumbzzprqNAV9tgb0K&a=FggWXygg9BM(y6u(+;M3q z`b=_2utcZMks_s3HFRvuQl#N(VRoK>86}jvaCu>xe+jGCJM5G>alPEy;5pkl;9;vc z??{~XWk|og*!od_(i6yY(GgwvB>v4VZ#`_9r^5qB8z9l-88aFo7m(;n*yNMdqRdjV zfQvQN0LD69f%d8&cU<b&HpzCi;wYF>LVC+wzjEeS<9?LG{2JI~lf`5z0ZA}`Nb{@}2dZ##N$Up1R|ULk z(4Ef2!fS@usek%XUqb6z|F)v+2ADakf(at-(!qsiFMpagh28DEbsV%I&^Ez z<>268VfV8;vT8^zzX6!O{%jy~FM2QyoROQGS`TeyJ3ii-FWB}@eJ_KDhv(z_Ug>gO z?$amXR>#Bj&`ildR8^-F3aa;y4JEA7dpT@2Q|K&{>cNi*9#z?H%}{zaEs?qQ45@zk zahOJe*4Lf(Qpda+!L0%w&z7nO_F8a`CQ22%fMqNY1l|3)HylUldC3CGq%%EOD_3i5 zIwT|$-mp)){IXyE?GkqmunP=uyxO8a6y)6ES|EX8tZ^85RclBXwLe(Ge!;q zO*}!b0oeew&1u#xE$d0$&K2FuxGm^aYe#p?S)SEV;LovA|71hx# zGWW-D{d$|H#|a4BlqlMU+f4!v=;{dMP$|53+m&ZpV!?V|sD&3^Y3-}HGzas$TUU69*rPegjR zX@I>#Bd|$@{`|Jq->(??kJrWu={anBHU4qk$OY?`2Np5^`Gr=?3gsr_|2TQeUk$?% z5yt;`P3GgVeE^ZjUt{(}+xoEG1|1>*w(=4Z8dvMcvo=iQb)}qw<#1IOwtFBFp>*+C zVyvIHuW$PDMM6{4@_ItPLWoZ-bGpKJAKrd*JCr7hP|t1d3t%h}TO!~*W%<*?>E5eV z|M(Tjo5cI2JJNG@_)47Q?XQoSv(eE7T)*rt+JiR_)RE96t>8wzr@Ye9HCS^X$9=Vk zY7g;9zK}HC$4gkgcGlo%M=DZvc=B#7uF4miY%w}|`?_#@sRVgco^-_fV2 zI2-x?SjWFfrll>5hF9WyEtz-!RbLaAGNu$=X!rZo2M<=EtGgrnNvoWPx15rsOgSnT zUJrn$yC^lp-=I4p+{~@LZUQOb_*95`?XejB9;Eob&nB+ zu}^J^1Ehj`7UA;@ojB1{zxG<+|~uV^hEr94bN!49Uomikn`_p(CHpWXeq-@h@Ti-DZX$vv)utn5@8- z&9|NNg`k%L?Wn=2SxlyulzF6h(vLz{wh~(~jnb2!o+C`Lj%p-%D`c=`53+L*n=$3U zNx^O~l4X!rj&^|da*EBWX%2PavpAT5V9b8e+*z@@yB}0+V;T|X>SP$op8niXGR1T% zENBC04|?ZpAQIE>=oYnV{a%yPkzPqwAy%fu*epaf-fzz{IvDB6$|??ziA0BuzrrUg zr@<4eI+_3gSNv^Ny7R3?wlm{x*EaFf1ZW0|%Ts>M)UaL{_fS)3gQwiz0lE8SgrlB1 ztgnNL+FE6J^C4l<%(#4HTjkTzm&qoX82)QZnCUNTaE0(fENUdqR>g1zHP2h=va%Ey zDXTO)3zcMbVlD*p9;KSPJ>(9yL_3$MWj0PwY!ZwNzyCh!1S=zr!P>#@=NH7&yml1| zYCoh5?gJI#fH-_#v|Ml>5=6>~aSB`CEiSoSXOQIuWXKEJN$$;s{I`#Ps;{%!Uw(TP zj~d8;Mu!@s3+nld|LnYxFj_^%2ne``TT#oIuBKy_UTK)o2~48eM0ODkJ;c#dz>^>M z(Zlsg7HvX(x6hbifsdH;-=_~@R;F~F_$#!3O1d9^3oWu%{_;pc=<}IYiC}lo!4OKp z4B`hO2q)RAXCE*1!IH!h_U#1Cx*X%#{2t>V)HZ(DLAuLO2KE|^MNVv0CSeFgk`yiQ zuNh2aAoRv@>0UTlGS;{?B>4ECEM?p^=YDuN2xWt4LjphV&HnUuA!`M<4-G<{MuwVn z@-*)6s_%HVVjS(X;k139hU`0-|C-V}GoP6nN@Fa23Ff-h5C;&ZDQ_o+;7vDHiDjVJ8woMHCUh?houceB3 z5XA0PC?U_r`XG`Jo^p+9ct}&OfwQq9H!aitCq$zvk^SAJ8N_vyeIm6F^U6}Q^*4T$ z$kcF^4|Vs49ahEjI3A7{vBuwpt?b2Y6`8g-oS4z((U#*of970X?oVcm=Y|%im4!xT zKXG^ZSd+NZoU80eO0~i}xYp8W7tPa#YCQa!<$8iZKmr$}8-^cfQ^5i)`Wwko6=E&9 z9VNAd=DxS8l>gCKbKk$KJE(=Y&8|g)O?i0Cn@M&p?BG!1V^Pw_P+Q^B1G|eFLQ2b% z@aO;2ZZo)rkOdew-hSBJ*&uO%U%)-_F&lG^OsAG{Q?JUtEd&PnOmq9CBM^`H_Z>gw zimDQJXbnSQvg%ezQaS{YAJ{I|;2YIjeK)XJ`rs=sQOCM_CVPeP+~5;Bm?!N!w@Lp( z5gj}dO2)~~ZrPeHSFC%M7GhHW5mE?RAfhy~)bYJ}}MoS$5r0xG-}uvuRRCSOxAKxulY6Mggjb?R&QY z&s0c5pi?PYFh%&BUwLuj&%z$ZW&0iPI&-`j@2PdYET*vC*@nl@3p%; zUt!eYe06H{ad#lq^_e{kfjw)qF_M;}#j1n-F7Vx{sWjKl#C6r8%j9xY>2lYn*wEMXl2VDD z4p!bjgjW>qG+@OX$Lai-)Aqq@-^ru;dtoq+r1vapz(eyaS^E3yle>EO{16Za z6P4QCFWzK8Rcw#}El@PGgMV*lzRf3Bv9{(?L0(>vE_j?eGBgOaEr8h8#w9cgeWt?P zJ>)a&Xe+pDftn$|)^2AmIDPMJsK`4yN#aM{uR&XKSId zvJ&@Y#=d^NI8dNvBcB0k*dIKIUC(yD&2phJj8hzG);KWDm$Qma`%GEZf4v=xVDG)y zB@_Row|cs&4PXh<>+0e-@9Ykt6LK3_wSgriehv*%3S|>88!$0Lu%~UvQIAh9H)NZ0 z+Yuiw$Ptnyw}+7)O;y`&1@^hF^Oz;rZjFV>^a8>iT*Us#fzu-wXYGyk4qpVBA0hFq-U zgzuIAuta0KQu&io25yeK(JjWky6OOd?fbi}YLJ=n&mJrc(=r2q73NO?@Iq{uzFTYi z{d|R7IvN^sMmvVuWTXzO;5hWwvo%#VHnxSPZdTJ#-I4q3YM(L4t(ahOTv+RU= zWEn-z36r5P(nDsQjX4>-Xf%;2F;$>i)?M3PH+MW4hghSFbLU z;_G&@*lXvE49NGUE{u907xS&T(VUe#j&8IS=i~HwnGk_PyeNgBLcAEX?R)jZj!iJz zI1K~!Lm~vweLtizy#5b)5!fqB*dv+}!R1k=FP=Xb3> zt(kEkL3g=uB_HHq;GnF(?cw1;$RRL@DjLo09*1ty*-pav-a=hTdLXIAH}j1H`e_H{ z_(EQLiSI86tVB%lAld&1=+}a`_n5)XDaOS@Pv{)0(V}3HykNcFuC1RPFNmt+iS4{F)KG$@rbQ zs8eID{KQNO+-&tMgk2@B?6S&hk9P-hp1ZpQa9usta~sW5CTIQ@CmHlW=?tZj5H;m92wmO~hra7B=Mj0Q?q;G3zB!}qI z_~Pe&6VQhMvdFptX_E9+CMEfr@9 z5*cHh6T{ZQ#`4pHHP}`Kz=8?|NbWUth0}+JD3R>xp+c!tj84)&{C~UPdAQoois@x!5j>um=~_an`}<)#yBCJx zdDFc(IPt9JUnWenjA8rd6p!qq(UH?>> z!9ljiNQ+Tk%J%IgMFbG4h+XUqPWPK>>)<{Z2@z-od~o0c;zF@|!KbOER#93%q`QA) zxh1@aP8!FWn_6}6b>dMUzc7N326d-&kVI+(jqCnR82P2US5{VPHPz~DC^&qL!U+ot z3+kYWq`PeC@|{|psdZe)%9hV>JzQB^n%N{)pWRnA*8-=2W<5W< zT$<^1KeZXe%!3}%`OUGC5=>~uvykO$J{pKq!kWl>)LOeTx#zW%S81>KWmauiqXR^?ux-lEOZQ07* z-o=y~Y;3fiBz$2oouPWPl=117tF&>Y!>w_0(AWEaaTY0kAYyK(=dL}>bMYJXCrkJS z3rjuG2%q2h1-{uUPuezOa3X5DPugueuIL61)`0j7WKH^?CxC5vat(T8f`JmD&iANi z+myqt*_2-a7WP*L5-U&?R6|0;`-=3O4rq_n_zF-aPTP&&FnBndud_aW=7u)3(7Rtq zZoS9GOSqvi87-G~T71C_*9^dKM;rni5g<>D)#_-t7WX6SZ?kavY)U(<7e&H ztPP|7Kw>D3?+tkb>?F4z0^9LBpd0x&0d)@(Jx@g$sO`WR*pENQ|LioHS6m@lq+k2B z@aq@*3h%vnbbOOs+!bm|GoO#C)S5~jB;FsA2g5RK(l!>-scqmr0*6q+x*EmCy47)pgBEO#L39tp;RNJ zLATCNKZ~TxPG2(d&{Y3gV?Sq|K@7Qn&7ukTjYY?)-0*upixH%W5u86Ln$zafQ@NBv zHlLB=vAm5lzvjz9*?n803a=Y>Cw)M?^o`coEFzffgH;s`Qd(L}tkiu((5P6*S4eI%e?_ zj^TVcP>EpF>&wf@`AbY2#2U-B?%h_0h|E+ZNzQ}9L2@iH*PqF z_L5n9!aH&2L;E7o`Mds&P#0L7+xq=~M2&OUmL&D?6|3y_ZXF5U4l)huSoCx_=jj-{ z6tpwIozK5j^voCtN3@Ur4j7cA>VhVl6gL{TLDZ^2ZjTCHfkPvqHRQiN)P61ZtcLTt zBBb`P8fXu>x^dI%KX3fz+cjA@&v0WG)d0}=au+x#bK{{Bkh)3RjjEd<@;?FYXY0~q zET_)D*i?X){xkmVuZ9-eZt334^aElHGKd5?{(3`eO9T*gHZ_57bO*Hm@D}ueTHvK$ zIE4;S@5ty%+SkSb?@?`hi->ho#i_FH;ez2B0jGkAKKzwLgMMnRi{A0V4A)H?>3rAJprpZ(5VcYX1mr zn@v3cQ~;3epxdZul1kUE_RX)G)A^Ll?%du zyZWF&Dzyq;l7;Ui|NY)$m}y2<)xXJHb8+fWdW!xpBhSwlizip!u*?5F^4UTDTAos- z`oAcvriS|hsMg(BPX^L)MdG735BSwG|F9BHE}klf1LVJ#1Ar=j?7`{E)upOV=KoPS zNdzhWzYpeJyF4tA3tKvuokfH!!=y!2sVOJKYXUG3p zm-%yac-INU1?F~B9VtfGWVLHx)p{yc8O_*QKETzfI?~wD*l0cQ`O%1|ILfQN+yAjq zLms>dgrfWn3HCZ^XiTQFZal`I1LNG;;<#UfkCCf331`5L6G%? z&nf$wi3T`VuE6zzxc1ot2pS}i}hTWSsTdW&;q}kuW8mH>+O?vq=zq(kEA@q zFeLu<>}c~rw8g?lWoO}zIW>zfQ+)+#(Of0?t(9`iQ17Fdnt{$CqSzP9(ig4`K7!_v^uBgB?1l$h-+N zs<1sX8(C_Wr_(E?jxF2o!i@B(_1fg7)`d(hU;F_ja8#Ax?K3xKl{*0vrUfkX{leTcem+pNvv)H zP0ZElOTi{Ot25uHxMhQwwM9#c-QAOI<7d0VBvd2IPEKp5@lUHd2ne{U_v6d$x(kHl zEyi`tI)?@QkN6(jSnaNIIt|rec)Esg)keE$d*aHaDeajH>K5H%d<~hm<49V;JfkxG zq^oNI{_DsPr7f`SjHy2{om=^**5#0m<0ME!xpasq@t%F^QcPLDhu(wCjc52sv(kgXMzWr@n$e*D3U z7t?lJtBY^2CqpKTa9`o$2WdwgrNHEio`$JxsDXixNxU;lr|`2qJc|NP6BDJQ)>ACK zjg`XB3oc5UmL|&(`;5WvjdxK|GRs9pMd?TLScjkI91Y48Y@a%UKH(loafs`$9p?C& z+nC)~`uOuKiWqiJI$-YCfQ)%=jFR=`)K@b>Cf=V!%^7AB)i7I~=h<7#BW%jkD>91M z(E8ymKX&7jT;FjNZ8?*)xpjF7d~&>muh(#A&x_|pt*h!yzyomJK;bGEuZ4Zng@%PJ zU(e~&^U;O3;lX%mxfP}4jWSEiuPk~FEHRr2w8fQmWJkgvy{_*!NfTKl-BR;hipAOL6P6_hzJXt*7Kbq27DBB`(I2<3^f%(MMsU}ucyL!iWOU<~hl&-RI z#b}EYriYIf=_ZNA-C#e8fJdx#?c2|R15|S|3Es}0C#9+DDbcSd&5mx)7WJ=dknQYUOqU$p z#4c>ntKvg^n_>xKl3V>(ey#tS(wrueah3AiAyNa`W0kv9o2=pFT?5X-w&m6LAFBQE zer+_J^{|C+S+4VI3HMz1t@Bl*yA+)yr14K46R8D9v;2`)?M*`H?DvIkk~$!9`m=}n z+mbU%NOJK?_)r)Y?R^WTnt94SJDSV1SxgNKlzj-~A9|+6Vo#7h%0-E8cJ@=fuo3Uv zAFf8(gg`2}wMt{dG1aRicJ(} zW4wh-Qmi&ZdO@O0aR{nTi$f;?kn%bDxnNAh$H_~7fE?F3d`o+&Ir*a*GM!J7ns@Q0 zqg-BMbh#e+qf0fD;*a{HXocZs{5zA3<)M%?ZoG+wC9ywp)idzri@a>U>oUIvO9MxF z?+aCS>!}Qch57{ss?V*XW$lh`0hug4G1}SPERC|2s}IfHE8XNF8LCZ z{?B&qneqQ)JGbTQXF}?F{r>US-H8|8cwxXyO({#4@!y zptQhTL}vi+ID*ZbvC!T;i2frLJ~_ze8Cr39<&A!q}vl+HK5L;xBh8|Bxi#rF0u;ExkcH8t|{(xaF`#ro26;l8O}F zgcujRwXWO2_&Q<|w=}YlAH>eedL&Ggh-!jx9T`&PL928F|XGIfn`~M6|-aR-L&4{_URIAa$9{58cY;;{f~yW&kAH z57gmPygdr)SlHc7bpjAmq@jEOfP%+v!&^tLNeHsL8t;HdjDT+RHxI5+&BNP;K=}n! z_65jDZZd(pUp_trP_W_~AP?fd21mEwLcND;tMDaLhs>Ug~mzQJeg`Rt{!&cnspSu8I$W{*@<&|%b4USLbX z2R8pL9Bm1Szrz|r%lfo#H?8KL-cV&*7{7<8aHcf0Fn`gn1$sen^lgj}{+LHGLT|-! zrFr{Z7?!XHv!>yr>EttQ!WaSqB}&5Q>Z&vy5%!&bo=+|`^(Gnc6<17}h%Hlxp$S)iGl>Q09=GMw8 z;Ug~XK>-WJgF18PCd6B{$}yZZe0+#+$&rm}Bib%2E$KQgxyKE^3vs}$O2hbnPhm$D zasg_WvgHBK;3Y)D?FqP5nrs6pqSUc@|7>0{dx-7bxI3Bid|8OmXog(3(N=JUjeC~E z+RTYm9$oA{txzaC7nzfbdftVcwr|ia_B4V))sf4weMh&HJKFxc>#udKaWjQe_3zx# zPjT1J8m0B$S+6yd)wdS!FKd)?ac1aUgD4KNGziJpADcV2&u4|cYh#hkkOTXoM?~ds zS>O$Kej@y$i*4rGT;L>=BM6~N_l4HauW?9K9@vRk4duwnhOYhh$8Z>$9f~0N#dDRG zw0~-#2>=WyD=sYpJ?Z9cbtI%Xt84x`7XDku9c@?mc59Ve9YXm5ksx0P!b-|Mro1^# z`g*aw(BXS#+$_%~D2wMQ_OIZos5Tbd(=A?637JCvoUde`&7jCfDRnMMI;^p=C`9LvrbRc+=?<2Lt z0|9wd=g`XRLsayIEL1^3*nzyvg1dH z${OkZHZm$Dt3z-iWo@R!63^Q5Zk3il^{NNRljSJFxQBHq zo&y@>34>b4uV+8d2filJAeUq8hR+mlGvykK4jhv=$}c=)WoNgyCgL`jL2e$6?@bek zQF5xfPso&1U1tYBqsYwk%ErpttE_I&x_dp7*i<2=&dH2LqNoB^u+dhcb^1{;a0aX_ zut}Y;_q8$@r+0aj#=J4zI<1Wuew0g~^?#6mRytar?aZf5Bq5ZzZf2+b0SsvYj}Glq zY;FtK2jP*BSN**Um3BwCbw(%qq59GF4hmw?oOhCuGGM=_C}Od zg@NKGe|_A0mcEVe=jFV^x?yRe%QF;x%^W3zA66|RJT&)vvUZANeGbm2A8~iq@cTpp zUp*;4dTk#r;cVw5+TO6S$aaU(oufxtbJaa01p!I?<6FF6HFUAk5({$1{zv$w1xB!6 zyp_6oT0$YD4;$;8Wk$?j^Im{sErpx8wyPu#qsRx);d|7!k=qcDA9q%+H^=E6Di>MX zp{s8j{9ZH<=Y->#myyYWz~R@!WVzIHvdVhYOkUvprMWywY+23bkJ*jts-g+lJ6$L; zd(bJ&H4x8R|lOhJUN)7-xTf=4nZaT7FKGAV0*XHehcni$^qM7np{-4Jmpp=h4vqoxSa^QzN9l6WM!38Q@j@ zEbS~1KxqU7bo_?#tAVm&UKhsIn3G0xa5V8>F(&Ay_bPG8-v*;LhFLlF-X$^QftTjK z_VAy_A?el)1c=podMIqx$#oMzOhr`kJ@b&L-+CLR^ktYcgO`$-)FF^sUisd^G1P3Y zeJXE?b2Bao@7|-}HSaw>VI#!n+6=kx;`Me9TEXc877Wu_mvt-4Cz1 zxq8<+)PI&1{M_A*cd0+FL43D9Yjy}x(Jddr)CBv3;?fFWVF{a;J{R~)6i(-^dk+Uh z-b0PP>{Keh^BJ6pIh^H(Se zVV2i>r4U(JEjO*7w&m%eBZd?Ti)%JUcE2;Vb#yE&FnsROFl@3f)Aheb2hqY@eTq0tY`wr48FmV8 zz8_n1kG&64rB7P_9Tn`^+w2b1t*TY0eM=S{*MonTDtsFB1rr1u-_u@L*GxCT6i$3T zz{3{9&KxY*4E7FQy;g>W*=mgzXA`);yk8vm{W-$N!>J74u2J4KE$sjtem|-U-#d< z65n1%1AzU5vOzBKeW~pMazje=iLZBydpt;7VK)9rrF}WQ>O^k>)W?Zr=H$CARcH54*g~daJ3WU2wctC zH~r!VE89Ok$LD1$+tbopV6T20z2SGwN7$QNoSV`-z`{)bO1Pgtb9^&*-G6<|^bOz9 ztX^JYb4*%IeVX;bx6iVyBn^*XiO3Z`80#ySrzJne0Al2w#${LcHJqT{aCmNSeYmcA z2a|yb-#TnYsWvO+q&EF!M7Xq?4BjW8JazHP2T?)QGv}*9y~Sy~v*_|N!EvoXm(14V z5m2Wp-^6l;IjhOL8EpG4CI}!zUw#7)*KAY!&kD^hzgi`QOX?$o$rXJh!+y5l@sNDS zt`dniWnb|JF4!Izhyk_n1OJQt82pRU@eNsn8)kZgd114md^j4H)`4q`Pz^aK^-uDj~#85+QKv$P!E> zNRZGD4i)&{mKT5AR1gvx)TaI(dduvj3%U*+8uI#c%k>6`RN!SVjUP173Q`6M{PFY|aedngGoVPx&oL+C$4&CGbZn=J_LCG<)B z(?b*sK%TKY-3^ft!cSlk_3_QUUQ2*|$RB^I4&w2a+7&6FN@;0Y!Nac~-CfG5IF8Kp zW)n^g+ab3xyXVhVS!BP@Bq3mjRkwk-5*jvdq*W8D&MQ(zPDm} z4LWW~?c$s{il7K6{W%Ym#?2+ zGU!!$Z0F5#?O^;w@yM=mV+av58kBfx;k`FF71JUJiHq{eF_v?09Q`9x`4-&A8^P-w zB(iryir?}%_1hd{Y%T-f;YMqEF%R3yVgDEmF*XS5Tnh40i?hfwH*bJ$16#{yX>!brMRFuGIdm+QesE#+iezNcm%#(C zuP)vZ$UR3yc>7UYM*r&;i^2OE{nR?zQ5|GId?$fLv&}Z4FZTL?S zF?Z2gmmiv;*99VaM0881Xfu7;d#2Udr+Rum)D%onDNfB5R+PVx&2wGto=-R+CG^NL zP`iy4T4`6sLnyCQ+O$$RErHxU+C|Lh=RfN^CfL~4otib};HxQN~xU%N&p`SO6)G<$W_Ek$h?H^W4xX8LZ zRPW|rB*y+{ZSFXz!`?%skz0GD0$gb*>}If_2Te&)C(2y^tddssISES$@7QYVP`S-%eDh(^p#T6K{k zm6XD9G1Oouw^zA6w|c-67}he(#Z3X4LdR{q8;u$oC}4zQ@vA~oqV=Qiv^tzH-cRg>M!u#@067EudPvA!cC{Jmvj&J`i@J(@E`_D zx_LMyOo_W@7Bu-Mx-R5E2yymIVv-Bp~C6O~e$QAM2bEtbs>hak^4d(*1$lCp%_ z|8DZG;JZHJ9C1!96rDDfZMXtYkz}`1*9e>O{bwFIEm6?|F;VkeSrZRBI?46&IT390+exo1GM<$!&R>mMAMAe0y) zX6q%SC@sTf33Dcid|Hp8CkZCrC z`l6uR?8)5!j);au%ZiITZzl!T5DOE%rl@KnbsaLkqKoUq`bukq+>wW#oG+)?a+6dg z_;tdA{~oyJ`iEicET-}Z^{YwpLT{(>!hB1N&q?TY&wYP@zwZ^zaEBpn!VP0GwXGE! zcZ+t$@IU|t%`ykJ^~1QJ?OIC(EfTI^r@D4-;d<$^FAY(l(|qdDho{g}mzE7|9T}7q zrT!KDyK_S6b*VBZrEE4jbhXRqOq18$JT8JpX(sDy=evUQk8e zg_yJ5!n*bd3Cnrx*1SU+VZr6g;}#-s1>zkm?@7W50e)~i@hE(AIFEe_U*`8p0RtCU z5N6hF=uj;3j(_|#dj9jj10-%3L<>;_R4J*zMuDi(#I{9-h?lbM5lW1|K*kcmU)b*RtVy5SdUbl> z3>DdHUft;I$@!XeDL8#X^|={iOGs8%;j((Iep!pHuQz@_(6O5F%x8kLK7HOa2!Dz3 zc~+L9&sfmsA}33b$6G&-lu7a?a9pug*XlWt$@*H+mZaV9?EE-QM>94=)l6Y3xj}EA ze;)dgbh3P9N%NG%u`i)HyhwPt_%d@K#+)j@kQI$s!UiNhV zlx+4ZJ#wv{{QCFwl0@=^-a2Nz7oXF~iKg$N6IJbky*za3ZYE3-US@el0|QG_wi46f zV4jBCl+Py~8UJfgC2O5r`w$UUvA@D`j@alcRG4{2$m#Lgj(9%zP45dtBd{#G5ttMB zoBUTy&?gsI^^f-nJ2Cjq{OXQ%{&9r2!17GYnnifm5BoS+uqJOHT5gp2 zGL_#s_gk$^)6zu;pF6ZQLl@fcG`MUhlfVUX-YM^`hVxX2t0#}*T_O<=Y!I3_ z1pBQ0uq6z>%N$792vwfi!JL}RMF%!e2-M@W8~Jh4dS{f1RJvt*?pCS=YNF0+3wDip zM0Whj7d(Tn$xRk_iTEwzhfo+oD&6xDSVldSJt=(=-gbt8sq|J1@2KZ2p6xX+xL(_ zjH{id0mzq+$oMB38$^qB8K3LM(!svfSnC$si}&%;;tmLr=0+6O`bP%N8uo-FgrtTS zJ2tr6h^tA(7nd{?YO+Z1nK5W=uJ_}ToaR4NY<*(flG0wclG}P<(txqB+1wwJ!wSYL zxSTsQZIL6qEyS%=Ua}CoXbMRtbt_cL(V?bmlrwVqW3`2TN~&C){K(x6D=};3Hw!?e z>^M)~+x5V6<&LDm-kAaURoLlo?taR>u!TG*As>TyUIlkX)A#4liX$-EA;>3Mm&%RE zY#h1a@~9HFkSoT>`$eg&t@KIa>M0pIs&#*XWfq<-wjMVt&y_72};n_yIZTya)d2_CSf-Q{f-xz4F|dF zv#03bDa9u3ui&=rjZy;O0}9R_0sKgG&Y`!wf+1Tn z0Pv(Xjo)0S5N>pXnCcv!dw45In?Xxj>rneR7izc?VkzyB3G_{)Wu8*ecfX^xdzR}( z3<1KF{mq8h0HOxE0+`ypOiMaQH)#cU8&EgmAFS%}avEhF!dr;8I*32G74S3wl`Hr^ zV}NeBj|@;QBRuetNQ(X^k@OQFd;{>iKl$8y0o&(K^!49N65x%H@8TK}(2(`Oh6PCE*&>;MO_cqw6}I98;P~Af`e&dv-LnSmeq0xe z5JRwAN)J639nzl{wU7aPQVgR2#nw0#JrJ1Y|9lDnf+d&Bc*mEWi=@%=B?}tKJjDOB z;fR^2#?{9K8xYY{;umBD8H}0_E~M%Y+a;l+;Bq-Fn3*7#^|_}c$RHslGv3F9Kvsv- zW>2fCrfaqstF3h^n1WbHJ%*!&gDe=TNa%=dsgL$|`BGnEW467BNNjmKX4VdwmR2b# z%ui?fo{LJNX>jc(lAPA} zTJzaHzu7L~%U;AM#-2AO1%AGtMgp&}mQtrW9yEOPs+J+MP$c5cZz8LY5nvb}u&`>4 z7W#|cV}=bUW1?{G=kWU8GDe3#1mBbfq{b9Y$CLfCSsW&T^_2_VOr2xokCp52t2Ndm zlgGki7^iMc?`qo`bNHzrw5iK?*0CuapDwrU`m&D}Ei=dOX7O%dz)zu8XtR_Lztw2~ zmiCOxP*}*SwO`|o;fFrc_bNOyBns;Y14B&o`Y-K~$Pi1sou)74Gx{v-gdPM4-?AE^>Ky%Yay)}Lgo(t${mKB zvLd^pe)UO+kFJR`6NStR47s!xqmIvU&|9I z2Cp+r#}tadYJQ6-Y_Ih(U)`Bd6aG6_L?1^)4JtgFTd3K8SF7oQbE@lX1?df09a73z|2 z_xJgx6d;ZFUr%RGd5~%QnFB-GD3&w6TWV%wnk`Vh<(P%k)znfvOb}O6kQ_JsjH~# z%cJV_pSu*$W3B>ZL{dLQA%wEo?FKyOLa*~P!<@m90(TR<9hInoiMqBV=vVhxs2-H< zfcq+4K?m8fg%*FOLaah5s+l1^Zh`5v`>c9+hL|@?Xfs@7WC%D!F1ZBH36c@p%0!O) z+&a4RhEL!Ym?UlhwMnz2V|RnJ;`=a)`t2c^!&Zd$mBPkC!MVs#}4%pRYyjMjvy$v>PUmNbcNMt&|jT? z{Upkdz8shRVK=*%`#@pPYMM*OA2qY)cxyJ#Dx4H|<4C?df`Pb0dyPWkit{lM|K!Lz2YzSy9p#1k!gd*d08hn{Fs$-Eu!# zmO8e+E(wSUNObN^&2fz5Tnv*-(vqac_;FQBxEXe}Z@mO!C9&ynxH858X1W=`$UxSF z1ji>LwCLm~(HwP&sf(PMQS9mkX5>z8JV@!(FZE-pF5j5Xp0He5NGb2IEf8OvP(&=+(N8vw2+ZYCNf&K#Et7!V~M;~Aw z^KkJ02VM2wQts1z{*QFx573FaT83~QfpmkF@awAp_MwD&!UcQeZMBsW-mP1EGB9D? zv--q2K0`fWWBc7(-(f&t?!N{L?D`UrWtjtYXR|R0ty>jJmvT9N)5am_LORp~{U+1% zap~%J?61Qqa#Ci*YS}?iTGF)T||#c@;D{A0D*xs%iQB_ z4)Ns%7heBH04D&K=^h`q-m~e2OPr%m=WjL<12DLksgBUKDqhz3?q})|T772V15A`G zU@TN#v%aj(Dh#a(U2px3B+QCQ+hK;yTA7gNNNM#4l@)>0YfVGadkvzv1VVfvo=SA2o#;Z(2V(5GB8i&bwTSAoLbUchO0 zPVHECm=Ea&}evyaDbr6TE()3zpq|fzsn!i7Fzl^g@Lk58lS@Jg@VXEAr8|0(R9Li?X zlhgq>XOxH;AZlB@rLtXZ(&w8}d)oUg18tRalYJ0bRQ%TxU6Ohqa>Mo~c{4_mRhJTN zPPUghW146r#0B0}n|1_Z<74`YKc^y{OwW?NE`r~Nb|?O!RYn;7f&x2qYzU?Omu6`8 zx_LC4q*3aWgW&^%N)b+jRs}Rw_U%HzIiCLJho_2&Q7ovszs!t@(ZhNEQhmie0r~#u zIy$dF`6i0!VnbgK-QSwQ`Cw=Dn7h`iO{k3IN$jkM*A1-RPA}q=ykUGaT`+BPfr`#wpCKkElm(JHoVN9 zjJo8%`Ua1zEouZ7)TWQw=meBYo~Y?$AKfGsy|CO%#$QS;@d`;uyP=Q3;7sJhcYD03 zQEFD+@e~U3F^jV$@4eDx=-$LM!ts~=E@O`5h)LgghIv2gX}4?ROXNJG-;B>JDJ)v# zO$rC#>>qOB7id0zK__Bv@tMa(X+$`hgcWDms+CORI0@0(8C| zE8;%^dLSJXZEXD@Mub!NL!Rs-ff7=#wnDAoRMWXZJHfL#E$@Qp6)Q+rrA*~0k-d~r z#lmB;$8XfM^)eGECJbDXIcGFYm)R9Nzw_~Umsx~QLC&pY13^F=irBHWJb<+5WiX2_ zK4&fkK7;!y`ForS=iosteLvE0fUv=RZ34+^WML7$XJdCvceW|8S>~yc`z}rR`;_bX zY}dI16VZFjdjLj;G1ls-AX5l@*K?qwo}!sS714{B*UeGfem7mo&JtBk+n`f8#a1Xv zK*GX^@kR(faiD(s?F=I5=tYhAbqxi0c%j$`<^)o z?QthgqGvIyvbq1H6IPwH#pK19s+?08(R6Pni7~0AOr18>LW5uM4`JIdN^Z8A)yHF0OU96Du*#964JDzOMDKk7cQG)2?wgf^aWGG|r4r^r*P%=!2V#w`?I< z7YN@!>n{0u%EG{ROrVedv(di$Bxfjqq8|iy9YYI_Hia<}JvijWuhGJr^fj}S3GB)4Z349}I-pEd=tXg^+SCV6J zIm3`ZUu2`SSHAQi$eR9en&X78?d!FbTw zI-;@yt3OaRstjGI2P&qmF=Z5O3Hwu$VL_K)_6`U0boIOAYLRDLz2(f!uK}(aJRv zd!<*F3>{zefW>BY($bR#mybEzJ_~rsjxYYqv=|s!Dxi`Tcj-XkF9zWq7j+G>2|sB$ z7-*ST7r8;@KYiux14UBk()~9(-wJ5Rul#c6z#PPc8wj0+#VtbT>iV-9%c%;hnAi?m}x*1Nc~0U zH3+oy z4J;(+sPsu2+kLG3XFxv1>}wx@5-fTDA5`G~e?*E;KLy0^N0smY!7k8;jQZBaB8Y4Y zuZD4iJ~m>N5o#ZU-@t&i`>eJ2)ns1Irxtx@7xE8cM*9p=iV0lHU*I9z+{S4 zG1cMgp@aEKn)u%?00U3-%hDC&nDYkhU~88d-Zy-5a+arPzY%#jv&TPFCOo~cLb}C) z>@iFhR1vL?+J!DZ(9#RwgQJgi{;oOqpqQ1Xx#)96C7f#SM#9*ii=nUo0sS^8O!glh zfFK%o_yO6P1sr-(0iaya1l5E8TZ+j6PEOgWs=2QXq0oBX42x^rI_IY>J7N2dnk@KAk-O{x<=#0`HsxxgG0S?{x%0}_A0LvW11rcTM(5Z>wPO3r!h(~3GnIGoY53SuJ+yp~v6kszeZqQ%k`43HyXnyky zQ5vkV)N9yZsaH0)cnNrB*3HOJWm`EMG?(F(nQZrT4(tscs{63A#lG%M zW%NEc@RxSwM&!jUJ-yqeW6AbQTxMBC?JvXTh6C9ls1wirXW_rgN{B5pYO$F}riW7p z|4nn@k|2e9mP2N-67iDc!4!(WlzcCN?&|7C6TExG$(4^R5dL6A9g(jQ?F&MeUDUC#y-^{2pRJ9wV<%v#ySh*_bf%qVcnHC_5 zTg=XJIN^j7g#tUgxuDK<(!_MCHGVoY1D!%D)hSd_{q3e}ehJ%KQ z=EP;M{T!wfxK$c04edwDo{$l%taw*t=2rX3BzkA13KxZ+&8TjUgni8b68eohJkQMX zheLbF$s7ST3Q*422crZ6t_t_-SEe9#W1=TKe%6z#%I#}PFxyIq*^vl89OCgjPVM^q zf3P9&->_SraMCEE{1;rN_)iamR-9!FNRlR*@sRNr;qta?%z1KhPr6?!X(=SF5=!CQ z-xh{LhY{e(E}t-ZGJIO&joaNY9l_Vp-A{;cU+(kK71J=SX2V$m(Q0}anGize)eJZo zA;2heyHO&#(oAnui7gIQcdAd!&V`Jv*DTPo#(9PZmf%%)0!rg)1%tPIYWrYtbyI+x z$~>?&L+2_A4w<(azUZv%p$1HQ(ZAU3Hlsf9Q*=8G+awYMGix8k4;K4F$?r`pW@>4q zG+#3a!`ZhVr(B>BP7(YXqjWX>iPZ49ayqYP!Tn!rXHUohYYr5X8094Yg|Ozqokauk+;Am`c1`q_B(F=Vm_~rV43Hy}*Zl0(+;*wp8#wb7h<6Ba*k2 zzN(suqvPx9wLBS&e;FUFjs#!D9Gz{@7mpkX$h*Ta$esu9nHllPQ?3Oce$S~$3y#gL zD8{b%rIsRt2PGpjV(XJdsGy%tTIih=uiDO0d zm!aVz|1XUdr>us(YPw)WNDzjgb%uRU4+!rhFL>s3dCsgcfceBNLbotc1(+BkvzYno zWc=+Rw3sbQ?0q9w6eQlUE~h zpCHKf$yl&P|Jz;RWGu6G%OiN+oNPOEBt8&ClT~tZQxi!+Pf^)yC5xjzU{fcG@UDd^ zLU&ZdOp~)-v_3T&{aV0Iv`AobJT^{8Z$^CbC*8`cdGcvoptjNYzCAZF<@;5E>WEE9 z=ps^;byw9V1sB#AF%uQqh#2mDp=lgCFQ;PCB*N{n=jfV*VRX;a(wK$;x#t7wR&AYaQq9Jj!+)Im;%{y?P^pTBy$x;vA=`g@VgcovI=YTk% zDP?2BXx2A1m-}s;2tkU~oYeG!r^DX5dxz|P**@v?;&IyMpnt?uymf-!c58t1c`;n( zVa?@*>`da+5UoLIDQ}SrxF121B7!R0_{{tidhkFpMR%)dblaMFWNG2FCt+c#=eo@< z4&FL45`?BFe9%t2qHJ7f)tfL4xAqYjegD1<~-yPrW&$AQzOKODzb_yjiLB8Q(RR~+m%i`U4& z1I~kT4ApZFAtHW2DMIh+#FM?+5wi7(=mrRDlm2S&EvRFojMKqm`n$%-yQ|p=i??&7fl#p8E{^sBaD2V)r#v#I+UZS3)^SYBkOkCI839=*Tx2R1$> zbj|Q62ViYAQw^9_F35xTVoS)`UcCKZj3?*+Hl9p;^aN)4|Ap}+prBJSI{HPxAylr* zTwDMlL^un6Ltp0MpX40LtbX!QkVYK4onzoH$-o{q78};{!RD_UKGDo%sH|L>?vzC~ zdd4W61AIxm@>oSnEl^IhsvNC`;fj%qmLn47B`TBWIeYk7z_n&3C){rQ&~u6qnJ2zn zxoq~HOCDUp%X5*3SFR{H`00lU9GMBW@W>UFfVxaj_{q@Jc2XZMe#D1@7oF3j z`}c^+HFpR;$>Xs%2o{XRpgciK2d5z*d78dAYYYiYmz4$E*+i+SO{weom}*)>voNwc z_B|K{{gg98KrG=r7Qunvtx5o)Bzq==mwb9*03)kccOkU%E$%&_SnS{AklebAt2XL7 zuAR#zXWBx(#lT6~%I4{J>;#>5ANfn-7y%tNe>z;&)?P_Doy)H$Xb>q{J8T3}H21l&FJ}6)*>}Qvs|7CIMl9@AaUzn5NVr3m+%{` zvwLVazU2X%6m?9&GHxzeWJ9Kv&P6W>OFn3jFW>>~r9HBCJszzrf*bXvL%l;eB4$^F z#RP2d;WU4(5?=1_N&AS+_>4LYfVh<<=WzV2Z5ix}4EP}`t$9*BWL%)91{cu)U}6b* zrXK?B3*Gdbw2kR4D;nYX(facpgA3kozaPZh>3z(}`%{a*FYoTDOi5ubO%F~x5pCbk zr`;K^)t=A>GUO!m772RM^ic~!g~v|*wHbaPO-eABA94{2bqNy$XRmWSDhuPy4>3Ex zCUD&b0b(o#n0yi&U;4gBsgt*?-Ex+hGFoPYMsE6lRJ_ixL5l?cez8Z3KTr-PtSn5o zxvV}Fjh`>&IGKqqgfk#QQB+ocILi4w_l2;H>AmW6n1um347GeeBoxxU9z?BEkzO*uoOT>%s$VnI8+7pjyCc z!))cui?h!4?PBy=oPjb@eqiSM+Im$1|DADJy=0{8HI1Ul$$q}G#m)^fIjwxO$*lf_ z9;EZ+D92Kk86cSf4Hd`D&{q&vE5QrTDh4;mv#OXCXRday>qf8jGa8Ee72Iq2T*EM9RL!>azYPGsFI=nviCZcWw1Y*<_Sx$ZiiXMtl#LBIYz8husSZHxTF zQ(Ff7@4??ER$;MXB5j-0&6;ra(bkDEb^jKZyjvp0mj26f_UurqH;Q*BIUF@}A)p%q znHT4&RivMiLI5KR-!u#p_3c*pn#w7+tV!dhIBm~v7zX;sc6kyt9f_u#o8!4{lnj&S zh<48>ZSc`Hs`(X6$N}Y z!3_0+K9QS>)N3aY7E#$*Yj2~0+}HMwd~bYa`C6-IWLxK zGP>xT5{erGAL*;dlph_q&G?7>bDYE$D#HkIO1r0raoLwbiwlejy!cXglWo1q4Oix& z9URfzF?#A53gqzQz~8Odf3`R~9^{rehQcvEOa$dao7ZMJvp^z1wn1%v1_bS6(W(6`XpM*M_AOP5^CZfX1u0!L zG;@5YD&3gWsY)j28Fv?D<$PM3{mHhZZp};=oPUm;uD?ejn~*GcsMeRWk<@Vt=xZ*j zIQSe*Bid70mT~}^kjCYq?t!E#YgPJ;4$t zkS#!09FKutk$3LEYBOYz^$naz&*n(*3phBWbj;f^rsbp6>4QZnjv8Xil}@;rf-l{D zOMzy1+Kjg!upDSMY{Ow0D`Ckb^+6bcn!bBEFZ{F1-|f>f9jQx z;0T~ZZX6GMf)$Yc%;sdlEpMY*wypjta>^YI4IMk2`OC!h(A&l%zpOEHIHZorYSa9aJanaj>^z>2m6nEyuA&-6(D@X3J{A!Z_;D(i0C3=T@Tk6X>oz2+BiOJPXo zkXm{0+X?!&Mra;FSw0F6g~F1$PAc{*Qj6{XY+34IK+6QKNkIStkS>biQzf4{X0z_J}oqpW-7+OC^!rQr1|Hv`hH-QjTJM^ax78VAUxx7?84*4zG=<`abt zZ?4Sw5E!!cPBqRfo+0TqCsQm|8$wWe<(h)wEc}Cq9o)Q&Pdz{2C|Ay`Q_#yxbIc z2&0m){T)f(kaZ&i)%{}?ctqZqBBUZ^DtOq_{kkZ%Q^a=oyq~@U7GyA;c;>&7q!b$y zofzA>yn3gzeXf`Gh34JvtNpO-I|TfUo{eQU#djtJ$HMDc6Wvq6xn$EJAD`9tZD-54 zr|h2%JgA|htLBOk*!|ryg~q?)Zorj(TBvW5UMs24SP++eBmFv#nJJv2;=28;p-1gJ zVjHQ--%Tqrt{v?;0;v;+wXG^nJ<^yiS;BK@No#t3s)Fn*i;*K+lmXJIE(=a#AIon0 zT5;>=s7oBHz;bNqfKw>G^FW8n5%2N#B};d`9!1Vz(DdNS%TTbeBS?=R{@FgU~@-tC~6Gamv5|-)??3T3;N|b2xtj z0kn|(h#Z}@JAqRP<}+9{xWGEN49Nld4pZ+V#Oia9G_*o;-dSG&t%@Q0=Mvead5J01 zQB{}J=UUg59z@LS&Zq&QvVU3-$Z_nQZBYLW0ec7`CM&J6J5 z)9~2p&0imrS)1#o4ZLa7dwtZ?)g(_g_AEoB3o3D(Wrcg;iyx@$jevhcS7$SZG=3 zAy?bA+}NXBBKm1J^)gn46Akq+=O2O#%3e_hTm7w52KIO5BNmsloMfC~d%f%;~X6f_5 z?Pz{%*RiD1wyyi(PUnQCNegsg6}V*FBLUq8u)q;d$mQke**P46G)*kVb{;lUVa81t z^~aW0!k*sL^skJMj#F$p4xYiiWX=8^T7e*=G!$hS^>1PEFkq^Yg5(WCYL9I^&Mwwy zbitCaC?<=1{<|FF)(ky7b85eEMy-w`j4V}ikK8x%GD2Tq4vkz96Dp<^rb;PK9Cxx~ zd)5p-Z+?HkLQsxpIVUnU5wnstD^T%16`+OcXlIXe`5bC03$NqPZ%rsYwU;L5nhe6z zU}S@sJkyqp_2$#=y-0+Z+!H)t#%e*!%}=-J#o72B##p8xZ+pv6!WQ`FymVV;Bk zA!L?8);-oY<^!}l6*h5Be>@9&7atd+9Xmi}5rurF7W+bkPFAyTJ*7efWbqoZ1H2_FUYV!UyleMR$|L=|Q`r$otfBbL`rpm2ZqDubklRO- zVfzOc+h%D>$uLm?zRc)lj0=_SC%E+CUn_VES6q`KvU72bbe$A3Q1&BKvwp(oK()Cn`c;9~l zk~DVpA5CZ(0u_Y(w_~G(=`CeS(TSw@!rO&&rEIJ(;37Q+p>dZV^T7aIq(YV*%HKU^ zoJ{`J%moWa_wICe2G}3aUp9Jf4uZ7W#9LoQq9M?RU)j-ypY*n|{+IjLc<`Dju<26% zNzh~og}AUnM8l-S`&xnC18igYf7pTpf*vN>QbOvBOzQKfn#N6&w*3mW(cV>@^ zUzhs(;E=oN6pVDYi$e0YSfi*l|3N4dJs8CStI%u)4M%7L(2a}9_6l6h3dw4__cl2aOtc7i8&K`IhJq;sY}^65fIpB>;7eL z)lDY*WO{S6#dX&(2{|1xtC*+l{Yn98_dtPaz=mKE4vF@MEo9Z4WTR(?Byy4Wk^cX^ z`WepSD-2g4+53(k!gMNyI73f8@+N@Od2EiZSYzxZm+9#@M3wybCbC3l^lMb*5% z@4IJ*U~EMRuun1f1W0B#SG;)YZ^n+oK6Nv-k%us~;f62?SONtG^H->Z=ZSC}?T-pY z2=vvC{54o^YK*EZN}pvG=XdGoPZKn9PgI5u8^X6;IMIPJ0vJsCF@wR6SHc}S96jRh z|GObN`VBv{tmftUB8hhXGoxN)Lx#^gc<;b0~V4Mi+J$a=gXav6h-MbbA zyX9drqFv0@*LRO-=}t{geJ7l=;~AaNCvT;IQxKr_x)%B|g*U#3w(qA*C7qePb^(-= zM~$+X_Fo#M-}p!`Tx8SfzR}5WEm-pOB8}svuiJhw9R=M1R27}0n%+;N~M^>ndUr(^J9sM~!x?LVaP5sUSSfuR!ovUbLSVwj{X2_&iXD^Ac!4gd6cRmjvr`!?)6C0!+LR#|euxU?isVU3FcsHfu+r7GD;0`v zSy9Q7Q}k8e`M$APy7aZAByQ75LwrLY`_puP_8N2nad zPN;eJ_-ybDoW~_(XrkkMLqG`AsraR_Qagc39|{q@K$5Y;$>!IU++^ReewVXGcL715 z(;zHoM51SE)>Rgif-iPKWO;JOh9jS6@(#14>9SVeM}wa&wJ$Wa`Ht1cK5arXGo1EE z7xWeY+YXnxKZMCTE8?4Q8iECVmBJ)t`QXHqqCzMr9NZ*>`ZTd>@grlDDTk)`79Y%)4qVC(7~IY^LQ)^bDVWL!&k3lksZb!(m&`EZHCWcRafrg zU(+gB##WSil>pO@wh(4v&5rYi5B^mYapb)q7vI?bB8|3D63m06j?4p*Z+!mI-FMh}$cac6>LIqQ`d;8{0zh zo%(*Vl-!|?N$MgT2;UIx9eC_*EV6Bz#9!;{V5WT7+HUI{yo`$dJEo8T6zB3Y!LtPR zVS_QOa@ZY&1l~n#pgH9h=C3-_YLuC>>s6t4ZUi{>=Az5psrKL|2ydkM>-{PvOu)0@ z8@_dUB`w|EAl(g%F6pj!qTc)V-uv0l`~LWj@9#X;n)8ZrjX1|S#-)tW8T6$I ztT^sM4^;3W;~(4srFjo|$ZMz7=`kFxZL}@I&8KUlkOr)Ese~8UKzUf8a{19Go{QEi zaAr})F9?=3=aS{iR|=?oC?H$pCCyb0CR`pyzyq*lBil$Q{cE69Q1QXWJQ{Ss3*|_x zZEGP==args8CDr_Sqvb>u{uKpWpw|!?7yo4|B~UU<%fnXR#sSs95c&*po6Y$ zUs*DxEyZlbi?4!@Aa~|Mh=?$>xHigr4O0 z%V|dBj~a${x;4+4br>wW4osKmkP1>aLz&gc*-ARL_FY0r6`H{2PG3@$NOGwq`;ZQ0 z8Af(+`<|-vsltcY7Fk(0zV99+D|RwpoBO|w^;QP=K2a;=)k9fpmf?=3VNw#niQQ}| z=|jYsu6KLJ06JD5T=#pHa+Y`UDG!K9@R{y&W86H0ie_f!ft>(xHE-h0HA{33{0TYspRsn|#bG(gC4=R`nYJ3myvODn ztgLGT1CYDdFn9Hb#Gs^~2o9*3>OpR7hRgcP4X8>^%zoBEmz|?dHhx#{NY_3QNfCu_ z0!adC{@9JZI8Qm1-^~Fq{`dDymW|t!Qf=&|a`y+C70vw4FDH~knXgpYzPekRrkDQ_ z=ky;t4kSVGPf>W>5ekrc7r-E`D1cK--&bVV^k)%#=v3=X`T}mvbmc>-@6AiI9d;Ia zWCIv2jK6IkU4o`FGqC0BdOex7!)Io7>^FOqBRx_Emz2808zoqZ`yxKjCLfXB%!2$NU7vs0JE!(T}pxCHu6|^Yi7)Wuhda^S2 zrEaS8?KuDdGV}sRJ@S_h|3wX{JQJLgTbiA8XMN2`>xGI-=iZV&_~{8-R2kC+i?$sm znsq_KjlrL=*v~?mRqFpsRqepRyo0-hy8K%FnwWur6G;ip#RjMglDL$yJmBmkU<_F4>`%)oFYVvy-Pd)=4!Uk8q zxDeZF4ht9Q7H`R;cPl)KS^UkBbNPfrir!(|wVhpXeQZ}rw~vD}9$yrr5a#lB$ZTzG z;Upz7TQ){M9cok8CahAxHI(Lb1**vn1_c2!urF`oV;$#XpMIfp&gS2%XdWJelJ(^x zij#EwED$C32>>=Tln_^sp<>jqDI&Fbe8f zJPKB4T4GHB}CC{EqHNh$%jiHzI-lE42B{CToI;AxRMSlMbq|9fQ-iol$btZK|nl{0%N z_RU+mWLt~2oA+aO4}`wer&T@Dn|6XzUkYbK@fNN^$BNep;l5N0jQEF8!uN9zK1-z| zaqr)8(d1lj5SWzWs=O#fS;A_wo^x>#`A?Q1InsY&8M^H}Hc})c;c3v|z8E0psk5ON ztEo7e^533jRx~%~;t*^uGe6JhOaFB~6^wgJq^9jhxc1M3C_9XIF3yH*@6F1 zamn*H?|4(c<-It9=iX=L0y+pq0~g76L?-BQDBh^?O%(U8WXj9gnaF(-oRRBXK^LvH z%XZiUWJ?S__~^m=AbN0v0BEp(5@hy`GAnv7Ng^`bWoc)`nZ@YZvqz_b;)qWbFwrgIiSIIBnc5M&FZCQZf>q zcT0JciKAw4NS63bAx+BP%6IG^c+|B-8Cf8`{aJWFYcgNI+7$O zCui291fG7-px$wR!E+$#e2}*VxS4Uf&NAgK813cDfYP#Hij3~_b2xN^{sbHb^V&lx zu8@q$uTeG9bphP=+l%QWwomeN$VOw?65vK#7AU6>S{ zC4v$EQ@m6V>t*JcvLVoCtxn-bCbVc3)ehsG9Y*H^+-s2ybkl->qBI`r+k6z@fHHnO zR7R$*IOna(GGmW@=3nS&wVzW2>5{?14pUL~O#?mMtpYq7F9BOXaHn40`@mheV)r7V z#f_(V`{Q<|KHMsjMPli{IiLI1HO4C@HSkq_X#*_lC2*KKloX^@WU;a%1bCZ;WT<{B z38fKz6xV)Nbpl^L&aNf^D#VuMecVedkA?oc*`FP8=%@&yaDrP`%Xbyp1T^S%NfFTb zPxVM62)}eXdNZgMs1DN3@*<#h8>KUd?sz0d5qE9%DJ-JMbwmCmRsr`^%e9)4f5oUCy}4{Z7-}PTSji|BuR+mNa?qRa65N%C1S?FqvQ7 z3%-h=t@qZ^TiKiSmPA?VystAJbNoz75eo2O;DbI1C7V0?Hf0H@WRsI}t#yl#O9wn- z+mZ|9G8m!l^N)oE;M;))=<;$-S9vl)#LHF4N`gBbnc=|gnL`RiwlNJ@MY(1LlWd-O zvZlCtVoDY0%n+|FnBVxbGXok9(3wGTR`oAVZQyg?jhA5{oc}^(jjQC)6aTvb83}{i zKS`}Xq+Hp5d%xS@uZS{Td+vGni6uwUqegjkz4=2RT(R0}I=XvBO`%54Y>3#bvZlZ_ zE24ST{GPQ%ojJdG=uG6(PoK!2Ys<90c&XZKMD*JF(d;X8)W-s^<6c@*dDO|gCd!oy zfAJCZ%6Y=DhE~4rOg2%+^StV;DBy0q0TPft7Q`sxA}CrbM?_6YDBfr&A6XYYty%wJ za$efMl*we|#hIIt(MV?R8=CUPK`|Q6$%X7U17t>K#d0E}i0Z|r&Z-bn(a;5~dLF{f5hcY#i#of0-UsbOpw#@I16Fbhg@q zBc<(rGl#(r^6WWh*cy9|sKfOl)HTcgLPfI5CsDbvCQXLbNn?h4d3;va+kia;oidr% zJ#T6YU=c1U=s$&APilx<=O1XwioMj|iYRsI&+hM&7C^YAlEo|RASR(qYYa@M5j={}@EZkvi}Ialwmre@W>7}jq)w|drA zTU*=o*=L#*qsnYvRH1zdv^N?AHT9Bud3?YdJ9TU`1 zx1&g8#_WUOqN)M#K#zw`5|kM$ZJ#~DQ1;{!Xb}mzb1Sj;N>{6(bxh0sQ9l)0WaVWx zfqI1ZnRRYazJ$F(M7D=rv=V**_JD+Q={W*z)dUa_uJ>&=QQLaK9eTzF+;fIGA)_x+cOe9w5F?Eek@D|2tR2zYIQ5zvF zq0$f)-faV#79#8I2=fUl^P20$n~*H=$usKsGAAjBMac>K@ZBr^D%{JSOU2ErqVMVg zlqZNum4J^Y(I<51zYl#F3dI<|Gt;{g{!$x>p^+v={*41=Faa)6YCt@vIV7LkBe}b3 zfwAN9sQ$V7{u+o6L+{c;ZKoj!Ck0BJqkd)7oFZ31n4Td-JdV|(-49mp-s%2`27Mss zWy~Fd@*;Z}tfy;)7mFGGhEP0scH=$76*~VLjBSS>Wo*{!^HU-h(f`S77$U8&+RnOFIr~6i+TcAjL>mG+?L7$}xFD5D~2GFQb+t z;kRy6T|YJLiqga({eEnD0A?n+pzWhhtofC+4cV42&6#C9m&L-uRWi8z3ZKnSe*Yb} z0>^kp8V4V}Btn>AZ=~la9nOachq~dzx6Q37hA3UnQ)(}GT7AZ?+XvfXi01a35nf=Y z5>hY9O&~(?J(D%~yzN}KARTuwk;fja81(7g*6codx2%mt6-pC(*Y*KAu`_a_@76YO znY2Iu0y~ei%a48oy=J?@s+U_M1*!vsU}S-y=#5OsOJfr%>q)+QaViNBq`o(v74uwH z9Qv^nsUyu1ke<`C7fjw&>1V zkt*EhdUS_hU4PZV2jjF+6%p3-WVTS(?!>RxHi9h)QtXL}mUXLhkML@&4?P-8%8cJI@fp!+1I^U>mo4C}b}7saJ`pMrU>dwZ4m)J^NKjR$cJ+^!MV&M}_!d@Cwc^iKCKt7MLeE_eB z1fnFK5(dt|2Eh*T+<|O9JIqB0M()NMt_p{%S#=l7xEm=M@)NYFfe|V35lpjP{%o4pPpTO^qUgdX=Jzdc4H@I<$3lX zG=k32`YF)sNvH6Ur{l_Rb9Mar#h=MC9Fky+*E~`-2~diNh)PIwUn}a|c2LX9cTex{ z>5p1N?+FxxJK4Vb4vv{nkV8j8?J2c2!5e3D$xOB#VIKkI+NKj(mHkcS- z;)JND%2BMjS$Q(0>Y^4G>j&@?yt<@*&+n43?g)wKoTWDD8?%~k56S zgb#}CEI)4fLh(0r9eCntGbauYX6fsHB@ct*ucfyhxpzBUQxwb?zUxkzMU=KE(e1?L z`Z6^>Zod{Fcrm$TI$4x9X!t#jJi2EH5fPV*zp+FLW>Z(T`ja9%qK%iqIicI|F4)cs zbRg8(u?>O(vo^ONXkym?K0z2U)sG3#)Xr14ughgANS@ZzSMMnnR_S?hBiz~o_i5Hm z5Tdi(uWZ4bS>83R2ol2hak(8`+#Idhw%t)NGVWR?GE)(r+g&ePRz;T?NC`6UH{DUN zk#4YFrZrO2P*XcVGOZ~TzTfKgw{qd&(~}Ys+!L-^rk&+HR{v;6zX`LNkS(6XeCv7d zxRxi6#cYx8iXzU9tyOhuiX0Yr?bPzIxQUC^;syp-f5a3{*GkBJ;q&XNgQ0Jpv-SFL zH9510`}1`yt^;a%$9EJCLGvLRbso1(_t$MA_Y9Z!g=&}QO~reo;H$qa^DQi(VEJH# zQM=M!hl6O}dqJH*ErDRz-HZ<`&e(aR8WHunc^b2yw>=J*jqQ6LtNrMO)@!>(U`>bI z@$erfLNV6iEe9IZ*?XBa>qNOB?Vb!sA^36&>A8ksfTo~XdALCcR^QrUq4y1%piWk= z0nRrDV>9^O)bBr*O@bkc$%_;Xj$Qs;RJ8Tbz*7J5eGq7u!-4}H^>m*)6*1TKDwGRn zX*5SFLr}2Ji_30)@NK=l*KNLj7$JVd2{BLEHBzGyvndXcHSlz51|v9Jj4aJBfq-`R z0bDp*_pPchuq{5I{vSdY>C+F7wJ84jl$93<$<_=alb<&E=jK3IWa z*FVC>|HS$G8xIerp8XacENpxbNCS-Uq7^rF`e8wTJ}`TNy`<$!1HS-|01!fpK`^k| zh(o&`fJ*xLpz_i0b%BNfNTiBhP@lfR7&&maqW3>M0I7muSf`f7ydAxP+lZSf{#dbx z2VR9F8^d<=hfu3`r9iyrzf4!*;sqLYltnPeI_9l1I zVY#Sn7yRg76B|N84F2+@Nv%|%d-K4kH&I}&Qlt4gM8H;3y-{=?4+M>u`Rd9| zTG_kE)18yg+RE$2+3zjbp9jmVS%MCCTEO@`U>I0l^j~W&bhQTpdzsTJu}W!?A^dY$ zZ-#+|{P{yiFE$?bkcf2xOSF1HQq?*;$iX-KMk}TEDPsn%=oC8DV%Hl1jR6)oE=(Mf z=g80T*qwDDxvGWj8zBfoI#IWTU;0`I&g4-%?JpuTC>~>w8kyMeS&z)6a_f4Qv<1&= zT$4-=vz^(ywIoD#Aw#+Zp1}D8rz9y^Cx3qif_?^9WLZxX=`TgvmuXYOSO=NInj6xW zTdXA;jPQ>n?osYA{870*oUCphoyX|EeI}31qGYw#1}8H;eH2q=KL$DT_Wpaz&xXJ= z+F{*}xFX}j`wGFq&(T8SX!rd@_1*F_ds8Y$8$5<_=djGP*jYh0*7!JD#^wSN;gn1Q zlzlzJ%rk1(ceSGVqGDo5#A32XgV7wuRksb*w}87=i-Vln!Z*q!AYIA-21!J(6tdl` z5Lr>c1d}BwuO1O!9A=QtiN42O&UFX%`s%HYGo+yk+7ZF(;tmr%`bs|X?DFcV8-g#p*}yiT zP!k7r1c%AKy_Y*K-cu|R?6MyRKiVrw9sxAV$uDKw1fb{m)R9hTHzs@{Ha?=`V`)`! zleST@rKI8Lmp#V#%&1NHZppo!7LedXP|1lokCuX!puoRb;Ac*1#=Al zc5znr9lAsRT#rR@uFmCPuJq9wYp=Ow&HN-eQ5zvC^<0S3koU@QPV$>~Pt3bkgSqYJ zCwtsMRxKT^%T&adJx5sPmE6>Ux!XEq{{b* zmLB9y6svnCMZg)J_m&_l9^*#6TUo?Nem8Bm%AkT2jwv4DM{wmM5Kk?Q0M&AP_x;3L z;DB14iG|FY2p4^vTsI9FpT==7mb&}7VKDvkr!G4k@Rmh=#JvG$xG+vQVYT9ax2@968b1|40G5ITdW zvrDLHO3DMd;X1>dXElnnZM=eoVutgh8kQy^`jW9d#d=W7bMsF(B;LJy8M@sJegqYi z4`oIvj^aOBs;A7HxkYb0PN?d*cv|}|-i>W5Xxo19D;%JhNx=zwoLt70v(Wp#{3=!r zLNZzPX7kF54eZz}S}m#q=D4iQTz^fwxHNeKMCCM(6HTU?;c@*HUn1fBn<2r#h;pu| zsPugi>FUD#1`s6xWdnCkn)4JzWTO4Tk(q{>nPLKv*3wE`7$Z-#VI2<5m@gWWkRu_s zgCwkGKPmVH&L|vw3;d#^vxH8c8?l-ll0&)>D_)Pt7Nv>>7fTz-GnAc%9v`SOHA}Y$ z1X_1ZqFC?GW;CR8Dn9{&I#G4-oB34;&)~}9m)~DDzUh^s@ZWjD^vht$QG_L#Z6Qi(4y!S+A;cKAkS24AJ4{twV3V7JuMYoJd zUmTl3Eg1C`lD;|{Up*x6>!;0j4#QEG##Qxj8W2Su&HSr z&KBBfq+Y(Pzybo=lg*2LKmhI@t7pLzL)3y3+y-B4U+qNq#G~eI?756xC$cjR{*bST z2)wI!Mc*;K80<69CGd9Sd#!JyniRf5?s6y94#^!GSQvX(E6@d>wkrZHpY;8^$HOsT`0yeP2?ebXDW4{yP1&~Worl)lN!)v|<_jct z<9SC?i!d5q8waD#*&Luw=o#u`At_B80^P2U_=%!v64@|0h?GGH8@AzgPg!opAWI-l zZZ1GxJYN($ITy(FMiPEW)2N(E%7f0?0Z^Obk}xEkItZ7>Q%7^=>*ARNX>A0C{2y zpUbPLN=r1tF|y~JNmISW^Q%%Hi^<8#_KT1uaz-T%U7WhpnDdZyNB`OvmKtA8Uf}v? zsACcbrN;mOX+R9JRMJi}QIH_@(Zj-coXtW%h6MzI#{T6noZ+T0CeAF~g$c(dMuR{g zT-xR&tReK@f6TTQ+dJ~{_(6}Nn)_2Kfp$wUznr26t-xH-a{D^`rz4mQ{xRp(c#zvt zH@y#1x3H2Kzyo>lK6!BM=1iDRJBZ{cAknX1sr+1qb6z_m3S0tdih~79C z-JiFHSOeWufJNhhuC{fBF&PoEPWc&o01l$UZ~xIkoASp4SY`!G5{(v6EMK1jFT$+< z!^y-osl*XVav0uCj`sb?L>fxm9vb)z?Ku`VdkLgI-U%Mal`lJ&aRp%`ku1Tz(c2!TM>~y%=vHe_U zjRJux;T0D3b7a9z;Qj_m&%24>IVCIi729y{tqzgqw?oPaK*i{#fDnnG}mM?y4Xc!Pk3k_UHyf_H~p^3^%{&iU>I-B#Ge=25P8`?-JD z#uw74k?d);WPF>m+AKIh7;Wq#D}MgfxKQR>cO4@1Tbk`1F-89stU&%_K3W9J)z(w) z00)aiw2#^!jk{j%Sy&X*E;v*yDPoC6Fv#U)BQ$hmx~ovcuAy<0E_|_|<$CiyrWd~7 z-Wb70J20wWWSlkk2HKE)^ZKwq$0Ko*L-H#!diHR>4&ImTv2HU48^BdXsqxg!V9dwgFV+fr)FulqFnVfMR4M$?6^}>*Ehpb*Ym0RXlwrY*@jdU7HMzG|G4mEZrbgY-3sT;y5$I&GfEgoM$F!?oj-tCpj<>Vej?ruA{0 zG@-vCK_Z4ePl2$1z0+*mj-bCWtPBtigE_5&8QO?I?Y8y6ywYM5Go!HpU(R!#qzF3G z=T8t4<_qM6OEG8W_y4r3OOoFgaZ-6&EQ5oGu*xyND;HF8LFSo0NDZsI`Txg)m_S1#d<}K-C zz9oAbb<&1@T_ujkVrkiMiUXonvQp>sXI0D~X__4PXuAEEsUvDzN9Zqel`m|M#Io<7 zc^(hh-52EBSV_k=Hc)4%iR;R(X85<0^-rZ1O7N#($lQWRDH*sR@5-eQemn1?KIzUN5$vwtojJI2z(5*Ghs3G)nqZqYjZd6z_+ z8!-xnD+n5pANdK$Eo|w1m$TGv`lO?#JZ_TO8D^ps{>@4pif7*!_aO3g&1@Vp} za|U#p1lw);Lw$Vjpg)7&+nc@wAakjc=?Om1g1|I$pqJix`NnlOh(Lud3o?r+p z%E6N~x=4dP@m{wD!Z)3DIVcM4g0SAYTq+&_Le6ohAFdm^GoHXl$ALiO5*y_bflL?IPuckzE|EFs<9}YOsHf zg>n;qX$}gy*^4AmH718oJk?eLM6qpH6)c5G1)J;1#$VI5`=V*oq!xAFh$LXGUKA2e zZAy^4rq7|#c*KY)l&`P;BU&C8$)1cTW-T`|Fsr5&#(2e|Ygl?ybDBsu4NP&FHZ ze%uU#RF6QNuGeye%VgwH_k33rW+*Ky;u?Xh*LI50$6wf$iob~!E29`_u-*i4iFZ@p zdDA?afHz=)^<^8h$6CvU4#TQP6!F-S>W#P>m*vgDix2o5F1zX8>4p|id$fUd1E9HriOri*%X(K&bSy;q#<9^!07T(xc{ z7~4C15Zi&3&0dd4S3P9B6)Qf-`rcfb$pRTz25n?8&O%Awpxs11zvbgjQ3{Vb4ajqd@#R%qJbJWaN3FU*6QcD?-w)Fxo zo0Gm3f*$u<>Z%S+?Y=hx&llNpZHRdX? zGqihgAIB8mgdl{ab$opSj^W!|>j)^5V)Ij!thmn>?jv*2A>hiX8-)3V5dD>7WNS_% z2yd^!2yBN7tF?BPj;!3hK3P(PGbp;aVnNXjW`<#P^9*){5uP(c4N-Pg^JS z9ti^*RzkRPb)FwT)*gK-a*`6bc}qZim_*)+#R+& zw7SpKc-hQ36eFYbD~JY-f;}9BLR)W(w0Ny9B0H*{2IuH-j{zXZb1Fe9*l*Y-G@2f> zXRhTKgR#UplNGe5zcjhY86j-w%5s};qfzB7FY-8m3noBezd`mtE5~{3vV-c&6i+6f zjj4{UwGyshgz&yPYqgg>mIfumhz_;Z%}?UQTvD}Nc~qJn%e8Sfff7>lTVUN7iBd@x zd_qk|a5fPRx>P0ed4@gr5@-I6dO#U5dt4FPnFlYe_8d;*{gC*W{zDF|cyiFLBEXUV zh;}(@ypOP2X~<24yyRV*^nw*s?aAR^aED(9ee07;iOp|2g;iJ^dfX)o77yw9Q|O%0 zwz(LVBY<_!dQ%;|({=pzCe(wCubAwC29U=<^17=rbQW@U{W-F6aG(F4DVk&uk-(w= z+16{~6PeMbK!gPWi_7&!@OX6VX$yeTVleoF!n_R{_yi`C6l#w3f3#iE1SlQ%SPJVuME z5_wLbW(qghn9HNPGK$aw;||?R3S>%jjbD}&r0kkdS(c)Z9?%7$*O>?<-0Y~Awb4oz z*QYgsPg{(NPA4$Yu1X-}Y1knR-?nBJh;7mKMdqktJVz6v*PS^EvKNG&8b^UNVp)9m9QznMG=T^4?6CsM!WiFRri0;LHqKB4}$3{ zFkUD*jrC>Z=ktHbmyX=WvU&_SRwpPih2!a26)*y3_^ z13t0*vxu{gzWF@93H+FW?RY4N!-qnW(=J-qY4c+1U3leOFv6M{HS~_Chl@kT6ro8| zfNSGCnq*SVXEMR8-%MP661DtptYVv$5r-&xx%IZW^&f$>BrAW}HlIAGxvG7|v3pV?HJkYt7cC9| z!Vw%6s1*{$(9^eqju3Egqh6Ae5TwePQQiZk~OA?1?OWe;?a~jpH)vW#;IWI6+m> zhjlfrciYJw%S06t`befoI0kU25%U_Q*ei4*!ukSdJx+riX9N|ovGJEI0kq}0)08@z zSWt}aR3SOm9Qio7R#-3A{?51dZd4zY>^g1quMe(1#_t(Qgx0Hrva4wksab-3Gzvy8 ze%VILyE?W;-=;tNJX!ik;M-_^!|vkFl880Lb{{8oBl=M@J7DcRV1;5kpfmIlg-m;) z9YyWEl7;o~Aqp!~*$QTTFrWnrzJBlwDM-X;ff0WeC$*0cAqp-8|64sC6xvPiv1``( z57xu#j;6txhFH-L%>dZc-s}_Dr{g_b>Kn*(J9_Q#u!;Ws2(SKpA)6#9;(3WN4Odes%# zo-V~dUOuEK&Gd!e@@xYO@je0i@k7=T9mqOjG^g4s?@t=pkE)JxHz+zjd&pK+(%WID z&OYUdNMnSDeRx0vWZmfAw=9+3ooECruw*<8z&7Vs4wbJ9JR$*%HQt!#XBrj!Fw|!T zv8OrbhUIaETPX`E>`#8?G+z-QglRtt)9V(8`uLF6gnQUQVf^U%ru%flO-!rH%<78} z(-L0)j~{2<*UvNrLBGGy4&FW;yxzUHoHKHuLh}NkvR^}5&e1w%YL1u#U}7NY>Ej2L z2`zSY4@UfJ9I)I^5{tnxtI$6u^$3Bs8IVyRR|^7MMyZx{Q!nD055Lo?&%eQfVB!=N zwqdXMiD>NL)@)8N`&2u^4>=Hoste`XzWHmj6mJ4yr~iwUgU-9r)C>!KQZzMPvX{|g zrgc`6i(~IUFGo?WQ`B-uUz*c+xIY(yg9YYyK|bXM|BZ;H3SnpwdCOlCK8gf^qQ1YG%qeFYA)VcB!+7ixLBP$4DDc_8ZzC8Fm*B-Gp-^?Z_b1cm8U0hIctQmO`EgB;7F{$^Kl~NL89MvVXbWoL zKO)3S)fv%icp1pQ#edAFMJV{UQn_beu7czeh(zUA$60n%EYZ>Q{UReGjy(&_cBBuf zGp;5CoMXhlP>Kw^;j*n7XG`(fN!~`i+!7%t*U1%ENxiFRQ`=BUQl7MvkdC4X7v)Ee zFQ~399d{8&%qMZAP>8)#A>ft`OUUXTX09!=a&nb=-A84?j73?Uc4?9)9F=BC?9iN& z)E}|N?PmIoCb&6wD}HSALcdltScXIlS!7LF5$`R|Vln(C?A@xkMJ*9kzi6HkrD%}} z(OHY8qOrWOF?qV4vFKe*1nFKwfBM+hJTdxX)RCawh4SknSU_caegujf#B7cqa?laN zm>sXHYR7X|Tq@Sz1H99~1!8yeJ?ii9*M>)Qly@GBq@v+<{M*_0R7Nc>#-F2ImF-}jbH-!gF*Agr|A3{*+QKfr92<-ZNX%^P zkRC`Y{2c&iOny$k{3^51{dvdp<=z}Kd=`0}gE()%S~G-gM_`LEqV(93WyeZ(&s$T! zCq6f8JenpLdbIBt)mQ}8(NE?-(&XLNuX$S&qn{a1oW`(~BQ7{sT*i0mac0}v10d8O zr*kf!jGl|Kax@|Jka{O)@l0(ZS>2{JjP^lLH%U+F_Uspx-28@gxd>w?kyYnHVS-pv z3d`~I(!$!4sH0;+0?!=T>;W)|{@OVAI>q*qAAiGuGAuBK=- zDp|@a0AYXD5x+4|feBwN?Ovuvz?pAC=mX2&@Q^T{FfhKC2sev%VUc^o5@$8^MzlgAB zAi}KlN#C57-PE_9z%x7*y!#I?Zm~-^4i{AGpqBqDIFae7DKax>j4h+h##RxAB2>+`sG>?n<9++8eBXpPq0f_55))KCDvOHbt@^gD{Y-7a!T95wHw;)%)1$lM|zdVB5NC(CxJ$u{9RM z+55BEkeBJQ>kpxDqpV<7_6O zW-b2pLe_+Wy>0&)E3VJyV#cQxn4KbjJ0crt8#6yf(uvUH)01vVp)ONdm%Qf{24Jk3BC; z)BvH~iV`7K^(zqFTrXo%7ZiZNbb|!(&C5r0h&t8hlQ9*s}QK7KnF4m17(k6!Nue_b|^z4s#Zd$&@+nSC)3rI#o#rtwVGK68eS*NTbF$50h-^C)1TE-N?y35j* zQ!x?ar=}rDe)WFr^I%`S0=?|K8~}Q*{DRA4V<2^MsHygwneY|Q&ia7@QRC42L$t=$ zOI3`Tg@Oysiq_&}f`V~}(M7fup5__av*7_kmi$8YmBEnnqDOlip3AGH(-h}9(?yWF&y%0Jsr@v#iNr9^6c%b! zDUJj=N57}kOn6j(Bu~hNNUqQ^I@(Z1mKbv4)-mpinXl-WD|x@IVJ#qSBA7tLNl2{z z1{pmDsc5P!uV=p3#et7$;s2qwqTfO?9zacvm4Y_2UI8LSQa_y&Dw%7-J@A;I_fYk~7SDIIRFZYT8-UTAx$#U)Fp z7DgbCS{tRfO=r#Alz&gpsf1!nF10lsI*AB@aioIyLKD$(%A)ni^ z8SW@?NPALsqjw#EmIk7ku;bPMlK2S;av#=Zm97)E$6V*>$|d%l5O-2q8Q=4dn>Kn? z2w}DUDo>>0f+rY~V(A)+TYM5{as&3!YTe>I$`}POBD9TEO+$3I^fT!-Hba#@OboutOuu%sN4RymWbak{jJy)X&VJh)v8uUDFc&|1`!PSSzTS8BsHFbrrcV;;FaTX%v^RcX1C(p* zDu)DM8TXHW250LN;6}HsJ$ft^m5SJMbdD%ty^*+=zJfWzFn%siPkA$i+Us9DKx4V5 z6&eT$MzxiWJzqLpksSlG7X8l#@o)H6NjEfKQQ~~&9wdokaodJKJ;hS!LgGeLjj*Z$ ziX{wz_Y9`E+n3++IQ9%x{nY8&7++YQBY){+79)#Se6 z6IfX27}pHDjAL4+%rJ1jk$Zv7>E7cXgah|cja}b_oDIe=#OE)FCJv}KzL#1ffath{(XdMt;Mg;mZY1CyQolE$ z+4`T$5_al%{)e)Jt-0$0KUVy|1w+u@izXp26nCM-dJp-8=IT{EPgkKha?e**J2rtB zVuL5)vCCFMZX_ne>>@A{?N|c-ra2NpPZ6I&4*3X4C{+j*G>N(b*9|`3G~aB|r9EoI zCvX_4-ItuhUxeEm023ULcCGML0}gAnnEdlDYw7i5)o`lusAf@eV55zx!T@HqM zKv{oM7KXVP%GDHb3vEpY?PaMpheu=YDx=3Wcx<&k?F28rL7S~Y`eGu1F| zvQ{?M3MYiwBQOZ_K_xy{hPm)4S^Ar+zr^R|^^fuK0NlP@&u@JGEl3kBxgEAsF^Hfc z(Eo(FNIx+2LF^zH46XkHo17tF9_u?PCgjzUpUuq2Lb*ky!GT4lmbxoL4U6s z)NeNZ|F54y0;XMDFotyEFRZbN*1N{qY{!&z!|!M9q=yAO;to%pw->zq!tu0mXhliRk!n}r|T_)1p6Y47D^iuYR8J!Sb&ePk=+iZ_q= z*Qy$fJbf~rJpOwt6IEe0E&WgUjnp1nhdDP@Ac9lD9~_}*S;0S-c?j+ccIqG0e3O<_ z#LQ7|+8`E}mXfiInvG~nw!x_?nNU7o(s#3=w^SEv5mfJhs|2Z~wU6!)vEs4a8^0Ft z3OPJOQ=4?Ff@lXO*KT+%$>3lC#cPxQhq*{2Ce^gffVdgw$l z2go1k!++nwe^(<9v*U%hGIa`_N%w8`3HbSiY2TaPJ;ACC6st}Ub$0c6*uF1Yuqc5A z0Qrj%p9rA6u%b2s113&aikvG{Kt`i{wf%95|!ut-8fQz{u%pC2s=`kX#s3h!UnCzenmj-_1bZU@o> z^qn}2rn95D!+T@^Sz9y{Yk&G1AKYfmB~u-d0p#57umpqmX9osJ3bYAE%BgOahnnQP z_Zf1>>{r-DOro*H{Uz43wX3w$gGl70qw{xM!XlokTk%A_rs62)-8to`%j!UDDGb5}jY!z5H{a=K_(xORTY z^gF{Uk|>3AhpVWmv!_L`@OA0Y?R@dc$6UpY&pJ0Ie7b!)=&%`GS%8i1vEm6;6FIP54==s6cvadNgH+%B! zRcS)d^$~NMWp|!*%x7-jz&t?;?+r#bCPD}nr)6)!Iiu0hv%TC>PJz$=Gj-xjc*DLL zOUzNrZDkPnJD{BI`-_I7cvCvOoOcg}Nzpc7ewmvq3Lh;sbGjy6iP&0tYOddi|Wdw9-iIZYz`EIllA= z%522Mw!^|H&)f_E(KF`N6{%ipa9+-SLSyIt%RfvRTuhgqKXo8atRz;eqg*AsVJL*~ z*=!xK5IxFE+{9wwlB(&>msAt%aSNTV*em;vsBr#wGDQQ{1vV8<5&4w?Z|zLORXW(i zGoB5=*B+=Q#j(k_-pxtlwMqEe>25lOi9zf2-wSj0$I!RW>r zDk*sYA4oE@r8FhTpDPo@B=DpN#6(wT)XA|u^t+PXyZxG zD^dxAWh0>jJ8pM%YYQN)YAg9r_P`hN+oUGWI5KW2XmJW4^k0K=QUkV0M)GAdGdPZ!t) zot&T%d@lgVW1}?SP)A2yC6>{cW=>Or1iV@A1EqwmHo-{iT*>WQl+FmV-;~a2}J_;@HUJ|)p}@yEUi*g(@uv3 z^Wa8F7I%X{BO#VPSD>s$8dTn3JTm1+-xt#X_Il3#l}kj*n5uG(k2In6vD@TB)|a<` z7;CuB8cE9Tuk+@5S6#91F{j~M8)*~XQ9)gNSDo3m0(VgUk-lAl9t?2I96Ep6429{= zgI_EUw=*;i_D^XnLXS&xJ}%QcOFHUK2l$cQaQY=EV;C!1Z3mZY`#W9}q&mrlww>e; z%#5e2=10I$eNu-sf#ER;0>hu8uhLujurx2(InLzF0S<4lKhJMm_5lv~eIeolQeROM z3Ce|!28tj5&t1OW~dBQH*zt3vt@pzD#3uqw76fzhZ06L#R-`;?aq`V zqYK|f=J=VYD}D2k;$@h8_eo-B5}dDl0>QBTScK>UmecK=nKGjPc@VMI3d`FkJ#+4qPj7~l)hXJ$1(U`*4U&<>Fu^dCVXu|6S3B8-RUff!}q8Ki1UyeXtqsxpjE47o8LAQg5~$%3bcE|EIjS&+1d(4!FG(Ub6m7T= znLm`P7;!05sCG(8HI|z%)_rgnTyn$Yht{Z6;OS7&ko}JNtz>k1R5UGm5bO|?`qAs~ zG308_!Z|GzSioU6g>vI&VltI8jKc(=u)KtHb8C5YV>G5Z<>Fk^MI+V%2?wuhChFb` z!+`?_8mYOj=270}ynSk=f^f$-7d!78vj(o+Nd6miCQG~`E)>%kE^6{mK~w>&%iPuI zs-d4Bp<{8ZTR{($ML>_A?2wc}TV}%I@s1-X#k@x8$pJY$4Jnndjz(v8*Nye}r@)9a z?#HUp4Xv!H#>;7`K`y!N!<7vzNLZn|z8+wfH>yTgIs@%4W$ks3IrUmLDlw*W@;7@s zn?P=6PM^HK(U2;S=ahjSNS^#4iFY^-==hlR}F3)j?Y0ro^Mf89@d1S9~r zs~E#2KH(inx@;{+;(ktjHus|5tGs&`sEqZ;th)932%s8BtM}X|o%k+1LYoMBXFl&4 z=*05lj7&w|0D&Q}5MwSBI0_K=h`e@ z2$6j6vHW)NbrHKciCq#u4Ib_wYfziC`KgF)Q3w8wpuy6-612qJ*~$hk{{Mi?YWc74 zYGMStZRPc{C%GXL>mt~yBae6dCd?`pn35A$Yes>UtVzz1hlfe_fM(SD-XB$1{!~}h z@h23GHiZU0w}c+p*EXkCRfF2cS=0m0<}Oq6Ue#2}IpBnuuk3`4x8N+4aUBSh`qxoO zgX-pHC1{O3+Vh7Lm2LuVhcj!%_i~t(Z2JsJ&iD_)!5xOn&iky?%+Na6*{x&U+ zUUdOrUo+^22^{Zfzxeo2>h?6#=IoBWa-p%`)$ms23YgGSaA z*?>Ir);y5}qm^utgdP{AbTgv^!^KLd@7U!sS9%B)a=ByeI3 z#-ZRTBnlH`2n2jS4#VnZ5m2S0)b+`p|I4T63Ah;YkxHn@;Rr}}?CwH3iEz zalk5cesZ6-z-18x%c_Wk?ANl`^(DFpytiBV| z;I!0}a27#|Ai!bJoxrKQC$64ua`1wB95}m0qAh-BFmqOLvK`c|<^E6LsaAA$UBq>f z^AWsrVk#lEf4-8if44JGvYSd;SQzRH;D0Z2HBO`)lFyI@R^#Q?-RdFds0pL^tfAv0 zQTiAjG{n`}oOJ$+*b;M`PSKK*{}X{@)3B%Jey^fkpVq2yfQBU9r}S7 z*z@j=c>ds69S^}XT;#xNgSi9jpTv(h0if3+u<-iWhKTxm0S-&pb4Uejnucf5f%qMH zVFUo}gzeHd2HgHh=DBK$HLvC#V0i}w1pnGh9l%w{upT>it&?s}sm{wFED+8wf6?&( zL}%xCgja};?-9#k0Wc0o2lCga0!mJR{|TOOe=mmdDkB1v(E#Ybe&3(| zE8P`9TJ}qd_WQxmFVWZk;jaSe0N#y@*oeo~bFO4#@FAiL*@|iga9=mz z$Nvcx?T&z+XreSF$$60V@K)zNaqOqdNHVj4VIDVuIR7FFvuQAX9alh*B0y<`^xa

)Z4^11_oPz38CAl9u# z=T?+`_G#38k>GyyMOqG5niqmsObpD@rm=mX4y41wU~pUvmEJKPo_#vQborO}s1_xo zIq)3H`_o3S2yFnXnY9|H>cj}wl#F0kJe77sI8xvy9CO|Fzg@77U@f(U^fq@bXI=bY zK0o#=LlA<~lUDFjU5pnQ&vn46cDF12Zf#^ceRQ{s$(2%BTNTOvszAG;XdDT+b2@Aj zi2z*=b$$HBfG!tYJI1?g(BIj*{@a^mlwS!bROA%`I7bdRt;jm^Y}C-Y&7Cp7In{cy zQv?**(RsIFn=|U8ZTU`gRHi7I;}Rq0+O$jq!0&`0FaWkag+!V-+~lK09NVc$bSEwK zn}YVAwwd2Fknp*nO#iYIMGw8|n7T(YSsR4`bqo;xf{`u+M}d>ARMO@HXNr}k-Sz=? zqHhCXj~dH*-!+Bx|3|ukFW5c|FBAZu(qi(Gb#+DnH8F-fgnHUq`w*!m`%JVoR3spH zHXD3+==m5qwh{IyHYs!vg#@rvy_$Dr4&P#yzsT0uE!7~wp-OP(o77vO(D9};v=oY} zUw?M}Q3B4W?EZv1(*1U2RKj?A4hjq#P(sjXWn(4CTpt|EUl71I+6qM<+@HX>%>s1o zlnB`GcWk0^Cp5)s?&u$-UenYMbno=eiw({5kwtS1Mr+^KzF{WSf#P-W`c?OX?f1GL zsAudee@vraWk1wkhVY+j7eBuYZT!%48q$j1(pP~3hNIDFGHuBt;ZgO-8M*E=WKh(U zh|}~Ck^s$~Q2dKOmrdwi>&>6*3qXq}*E10&unF)ByCYalVlT}wLkbbM!YxpK#28Yk z)g{3k*nwMk;;7+&$fMD3V1YDYC^CSJ(uH1eugf1Q6nO-~?%4M=3(N6O1{7?yVbEG0 z%&nFish!N9tLqE?PpTNZw}bza945D{(p8@+Au)USpYCJ$I!Qixfh#rJJ=&P?)Z6Tj z^^8;4S6m<)zpT%7lCR>KqYoP3VgPl_X>7TO^iTv(;vEj@1);8NBn`IzY)(EH9B?7R zkMCh>ws7MB84(lv#Uj-wFMdiuh5!ivn3P@Y4m@!qsO^qDUyV3*XS9IfZnAL*^iMA_ zi`1d3W|jnZn!S)<`S)xLr=J#upND6D-%4EoZc-po0X~J_bdLR_7noACDfqZJem2KL z2(Py0q$4dfYBXE=ll~F2BNTzh1shxRcN;)9|L_p4G5<`Nd;Gd7$ED(IPiwHekH7w{ z&WZhe;@>?)E4&+##HWK!nmP~3*Ii-qDOTeLL5B^_H zVIanV>;92CV`nA&^kR2UE1_X_`Cy_kp?W^&n>UkPxUPXs%}}l)4|Ms-E73))>+xNX z=5-VE3quCt%Cvje&oQxVYY%D)my)B?_FI1p(6mltNQrss=Fp!7Wc5dQnK5AMtNrcx zU0Xl4Sjq{;_I~i(AHexiWEV|v2(wzW6;eJF_xcN!InNtqpr!;b6S_pw%HuCQ$Yw1i z9fW>(hPQw2 z&wxX_+rL=If5;F=8JbZ=2wMUF#XEFnfOCLB{V(qj)YW$zuR=yyg3w(xifP$>qnI?~TvWyI1rMoU)%7p)iqO3ywmF3vY~7L(3xkqs--Jgz*L7Y_0vhAonWb zPWy$=iwVkfnmvT_O9=GzVL8(iFuBxmPCqbun>>e!fr%tDTv-0q-xlYG= z5qSwCM0!{Nj!M^w2?1w5!lHIIUQmCnQ+f9SsPEa3UtZ(ca{7|C*0R)cDv@k7$z%!v zp`rdA#XUr~O3#}W41Q!T}1BZlC znqAhA>A?5(9axOGd*4fABaz=S5(v>YnM+&7X`eJ3`^|^3&!aJJqc`bx6_9c)V}{M` z&)i_(P;l&<70!)-dJN#%By9p;tWUqwn;s2Lz0Y-z3ZxT_DhfBZ;wfZc-p&t^hj*MY zmiJ9^5rL0JbgF@aL0Tu5VTXLTiK_~{+NjxPJ+|vmq9yo}JthLi;d!JRSW}0Iew@Ti z8{ZWkp3-)}-wBzMly)Szzf^bH_G~dxNQ5V~?6=TNnu6(g0zw+zqYNIEoyFkaI$}b)D(Ktt8&n_MJ=)A zDWp)%we}Cu-f)7nOP*a_AslXXfhz-p%Z)m{iCDBDsQ5g3gFd9qa*Qc~bIvS#l&F}a zIGkWFX1Dt;1Q#EY_OooIjW5TKumh|2KYAw95v(#;3&4eVqrG)Ho)d5$us@2}<96^2 z6gK`KfQaRKDFuAZ#tH;V#I=SAEWg}%NQbXu;#52cq!aE|a^7~-4Fm-y7n%v=3&)oU zC_!0u2_v;f%QzuQTu7Hx#YEQ zoO?n0(kWHZE+W!?)aygMK7$Uy-<|;k@KnrDF!cREFi22f*WQ1&llSY_D3Agg0rVX& zA<{gg4+z*Tw8AKG@GZpaYvtnp<43-}Rz&eXKIhLSP=x+J{bfjCF!Uud#}W$PV)hzH zDeysgk3f4?_mY@!oMP03pX;PA#})dHeJgAZn06EC!d%b2c{3r^7}6L5lx37xyc?fq zTZsN_Y%6q~7k?4NE%6Ta^|sDHcBo4m185;vHp7yg8txFM%Z~)-BmCxkA7#AwAOJ-z zB}&+}+YWZXFO1(57uM*ZgX1@b|1O8M5pG9p_4*{zuJb>P={+RrN{aQ2-qDeFe_B{>u$iiZ+NpnoRi=_> zwI@Or#=Z%9#-+|YbQhszG;ttnht3LTh1gj(4@o(ywwl##sK40|g?kVt~YLyZ!0jFBpwB#G zN&?I{pYhBdAFvvYA*q{@GywrCb#m9HKv*i%=MciH_+zX5rKssg-ktYN3@EF`R!*$J zNhF>jy5swm1o2z^=#HP)P?&5h3j*6%*@VX8Aa9O8<`{!H&HF95F(*6PYaVi6>pE4v z=T3Xrlbz6DG2TzaoFje1F()BWgtO^ zIB_Scm-Xi8jR(Y)f#lJE@(SX~L7`WpOtLiECA2h=dxqjuXxKCGCdcf z>&3qN(tXNCT@PDH_Pzbs8E;l8?u~|wt)(*>Iq!h)HIr;z?1(31=-pS7E1cC?B*Sv2 z*yVYY2}O;bXY>2~%f^{<2}V@6fkUm{{u{=Rav>XE)5z2QsI5VXUB%Iu&WW}IcThFRMHaQR#MwPiFqp@c~3 z3xub%8ZK2WjM>OAzK$fmDv)iea1HA&$i~@Iw5r(UBcqm<0=JkySIRqa;N%D~?Ti+q zrQHfJ&btQ;=^&wG8e5lM1~~YT6QN1R3+VIx+4Y*2yrE!CV1%drTsQE*lD@2%`txfj zp3g2Mpzvj=&syp$BlUI5)<%Mvm2~$#cLc{8)sGPxm+X!x|j$ulJ{SwfUF-V4RyQPAdY zR0_p?Om)mJf|%)Cq{6j69Ij(&PAM^MQE`7NU-hZFv=UW?;8EB1c4|$?x14c4Xq>aq z&ww5v5mnO^ug5zvp^*!b3v;sJF}D-6ZIp2+hrwSem6qag9rk-zJB}SN_wuPJZBloI z3sP*=u)tM^B=;IsY8uwPH!sMIwwRGbU2S6s$WYT*ws@~ccD#^7e1Cz>h?S10gwmxom+&lguBf)1*mM zwKkhcUuH=4u9*_jf=yPxp^uIhX05NG;_V%es69a^4C_rEkXQX-K5-VBcgvyqZS)c{ zUm~G0Vl*wv5uVku{NaaT?)Su;>%*%z%l^oANb@CL1I&kk6<^KS-|O~%VaZP3uni(S zzNE;V{hAMwC-ZDsa8i{#Bqc(M&I<3`D5B)CG0i2fZ03R$7pc_fDMTxWzHzhD$|$KY zRL&mez@eSeHB?e&Z-vK`W6^f+&WwW%YZ!cC%$O%gdaN?j=z46^tY(4FDp8IDicp;2Zw{4aJ z?ja4YC_ToRxh{Ik4)=f{VfB~|TI58{92Tt1#?*9ijV^$5B>4OV=MuItjhQZaG|=^U zeMTM^b^PniCS)yHM1cK?zRO!}^A~tGC9lNFBAo+z4qryku{`Vgmn1>saL9w$`gaJt;zk+4QmriPRp+;54zH@Up+|>8N-dyOY`-=eA`YYo9i4-`g7vC6anF1 zI>LW_nm_XmF(MJDJh(e>c7y=Bw^0u`+o7N@j6~x!(PG z8G}6z7l>$s6nJ1Sx89>+=yGm#*ymZL=OtwO%NccHz-nHX2O%`fr&9sa%TT4mdcKXa zqxjIK$Io9xujqz?Ne|Ed{*87#nP|0qDm8L~CNrVsn!BuGG5ow+VG3#otb>KRDHfWEkG6&{a z=`kq|U-UI3zqFN`F%+6kBvAwUy7FGrF^HfiN83m22oFJ(qXGYmLHVSTvnRsk#=)g) zb>B-OJ7>d#I1Ww+wI1}P*06A+=Uq0kG)|YEO%;eVF5%o>j#IKGuI?Qh@MSAjaOb8^ zZ@GoSSJO7I-j?0$WP}+_s%*`cxugr~KiwU*r29)JFn2g_^LH;>EIIUPJamRgyw1C< z0Nq|u;KR@bK)?CIQ0@TAlMk6nk?ae zJcb{nnS1@3Yy0mdoUv40(dfe{zq~tcIfiDcuSqV!9ixmE#4ZdEX$;30L5`Aet3_EO z3`QGOZTt#|mZ}G7?@HrgE(?Zm2(x$8q-@0;9g?uL!}%RzqvaLFRLxG{-F!z2mbq}a zLd!l?kN9=KZakN1sdZh1Ex%y1seFhBi^ACR%QvNr+Bu{tRs2v zgZii0;2D;$JRc5&FQL?*_cS{bNOlE8Hq3=Tnbhzo@EVg-tG&dT6s(_~dem&>RaV!} zIXtJ=W`yd@D?RSZR=l&Ce7S<_|SjlzP3cAo}d7CHZ`AmSS>IXe4 z9xYz(WRCZJcKYeE8=9IUE$OR8wZ!uoBxCjg({H_!FAkhdO|x!%SkpZelM4OUI4ZK` zWvYvIJPaJ2MmXUugh@-C+u`8MJ3a_d;u$oO^P6<=7TeyKQki6Y8_Ma7BIL{4*Ei2DK zaV#JdH<+Wxw{KWHB3)1doXw6$!{uQz4@7e5etif$a|pptwkz^&K=MpfB*pl8K@y}JQ~c~ z$#A;MPqp6+@RAWH9Jf!HCP*aYFSb40R}1F&e`2#iH9C#A(1LPP^Lok#%&P-iYbH(k zqHPdloMQ!?&Ep0zK46eXuwRo*4wz$q2Pd<(wa{d&)TR>8(SG?-k^qJqYvj9z#07nH z6aGp+lO|h@rIb4wxn8$;#T$`@4++Oju=cHiP9|3kw@^~w8&rc1b8cZ-nj${O3w?3# zOHB|GvQbH$_Y*B~!oQ7o);Acl;_*YCda=hQQxmDE`mWgVp{7;0s{8{D{~%`2Z8Tca zVM9K$Cu(Run>w-NW=J&HIU&=)2!J;I8Q(O0H?{FVi;Rt$&PJcorhWM6 zXfi-T>&t#pCblGrNk|{~XJQUWMF3MMrUjO1{S^Zd@&VriGV`Al!Oc*Hg7@*s^bcat z7S%!G%9_2@EQC+jPgV~E1`+?~votDtDd_MBG01pz0HL5|0&;&qKF0wQsqu#TudLvc zE{Gg}5d4lvWR-!xy@LSr=X`zgkANWo_$hDyOo3w+y?6=fzyE)e$je9p$AbU?nSr7a zb`WIRBFJ>J$^gDDvKR~;%OEoz1dhP{$>Hkh0b@>%mwv0HqBv9fAxx(A8%PV}PrUP2 zY|#M(bl}%Vu=a3Juv4xLtKJPcQ_JMu-HJOZnPxyub)7 zf#AG8fDgnW!~n{Y{>)dXr3<|3`!nNSrtB#FSj#92EuFp$m&W>}Lb~KIi+;1w1Z!89&c~zxO3HyN z$Vh{!4iBUtJl|+#XD#V>7*zSzEh_eT1H9$zg!T-=;2arM=1eUzUgZI|>|W30KcP?u z-*0Aol>_Sp@QeSUflH(bWv?$If zsZ|+YU!K`?WwTRDP4|mV)kDcyCs|G{pTHoQ%TYRxda@Jw5AF7brPK+&YrpDvnw~YI z{iMI|k)OkC?$(NRSlYALvnE!PG` zjq@BH>RG0%P_K)kt2%_;@4~V-Qn-8b7E;rgR`y_2{uepCQIQR^@x)rWB7pFA6Q_$1 z575z>lHCt+P6^bymo?S!rYF!y${Q%KHdwX0%Tz=f?Bh<=DQA8x@ne9C6&XyM?0ZCU$S8}OU|8H}6!Mv$h%v?(J&DcxYdN=0RO$-R; z(+^%PAQC8Xp-$Ly5W-8-m)GgS`}hMH!nZT;(^B0rr(?tQ?fM?j0;@t5;NC*awa9v_ z&u`tW6)}fDS4fpjUAS}*FYmIew+xfM)FLCKaDV+#C~h+ z?&@5ypF)$-%Jq5oWE+r6|4QnaaP<3!(cNxZ>odrk%;d!Xo_`yS??(+WhU=Q7ALas; z)37@m1?m$p`}Rae+ua74ST-0pCj*O7}q`{ z$oR$@;`)`7es8~(yv}4j+ID}ttcB~F^y^03CUNU#$;=Ky^qQI%^vy#N5&f^TbCQ<- z`|OuJ@@S?2?43>_MA^hfp#=0avT~vJh?DXUSNTru>*USfL5}l*98%Kt$CI|= zVZs9)Y7dugzB^qGaFR?YELo__bq%}9mt1d$Z@}TawS8NW*9^iGSApvdCOy4;c`rXQ zve+AA9i~5dz#tB5IYegA#IRjTe%uto4yb(n4Xz%&nw^Owj4R2L&ziYJuzG-?4hGoAWMAqXusKCOXe`PD5)i%g$j_ zJ7ReX2Oa}LqWwq^RlbVQ(E5x>eZMW8LFoqcu7mHRG^`hx?!Y^&iK*9#%=07h1+Yni zteT)$AKrr0>(A)>mIJN$d{>u-886d(q394karACd^g?h|0j;SsS6C_t-=+^ti?sil z-Amr)#^;7FM&R=_m7Y9|p2* zC8L;GvB)&^*2La*xk>)^T+np)Jpzi_R2#cq-L&)1$(KgnuzhryQ3yC`*-_WuXL9Wp zTIGs1fd;;&)WMVP)cuub>phSfnY=^KHFJhfgtHmp(_?U z&y_>wQ7tMgom)Vw4Poz!xVjT;oJ31{$4*M2I=r=qwi&$gy2ySTHS6E}uM=&K<*&)% z=rA$n$xV6QM?|2Qyv9^@{GnwDv9>|W&P&hw-H2$$ng<%))pZFbV4{lza9oYYX<6RN zUP>i1wfz}{+K5?k>Gr|bCiD_uy73Ukx=d8B^ct)OPVCh16Tn^DFiRSn`Sy)(5 z;H~bK*0`U(GuDSKNje7Tw-0`S#eBZp+}0Kp7|m$c>FNzLDJ4cQwrl9e;CO6*Hs3@I z)kYE6DKyy36^-EO%;f2GJ{O(s%W(I>Nn$&Yw$JvvnkKJ9xm?&d{?2X}Y3)}puvMt0 za9IJp*1sD4S-+Yc7L(><8#1ZI=oDROhF6Q=ooG18d;F&(tm*#erw7>`@(kBQ3YNWu zVe$aDyRZym(eEH!PAt}w8R;*IU{0$oJnd(_di5~lm9W#YcZgeL*@K!eNQ~J*WV5bS z8!hJwyN9CG9ATWwF1STGQ(tgx9GG04AhN>Mn5gs*?0d%#9%gJ?`J(O|@qC5$O4+=4 z2zFW^RO%ere5DB92PnsD6;;a@C~6$ERgdyj5!J&)I)59_RrR*V)ZZ4;Z2oLHlGXfS z{#O7X^^z3RCR3NgGh()Z$3hc32jtLeu?8lQBSs{~Y3&BM_OopFu(vwcKo+7Hke%cR z+6jaLE#i3geW)I2)L~A5sBAlH>Fr3sOC{@&Nr|dXI-^`nKy3=hj0NfrQs7n@Xk}_ z=@9X-csxFS+h^Dx<8(TqR&V=2W(3s);qi3EgXeI4vcl>zIL+XR^#JfI=wk`RYPY$& z%xW76bEAF<9~m9BsW|{S?^$D@M@BzC4}Vux6*$(OX#;u^!FaE*01BY95cF&CT)Y|g zAc5&TI!rhdGJF=8jjpvDy*%sa;C$PYl$O9w)pi;J(gPrNc!kz z1g0rZ+8#mNv9YmVRiw+*>(klr;NwFuX!rtNw#kp8i1f5cCkW5OkOC0a`bqt|iCakB z`APf1CfFz!9#7l~De3{kh(Cu-E`{K8jqf{`i;;Sx(bO+3f^AWV!v2#}Q}_YK21Z84 z#yNu(!)bd3BE;a%kGE&CIsTr{cMpjRGNs5>D%4dV0^jHk=lHpoFLqcd1{3FvwKcCf z?!US`7#G^k(T*=3SBz?WrLm#XZV9=WVA2riX?6TA%#<{%eEOy{lOYkBv5vg$Chz@& z(Z>7S@cqiEw*G|JcPw;c&XSr5$yB zbZo-nh)i2DBj$nJ|8jD;aMF>QbCW)w)2So$q5j7c{8D^GxPWC(lr#@m;5X+s zuZ*H8wR@3!r@9ViK6qAic@x6x!a5ID-?L=hqm%ZC{CVKIE6iXzp5FB}l? z3IaqpgmdkcojX4~p9cKNvD(pKzF4)AJ_yA&D0-0(4hHtFeLm$vd>vM#bgh@|fU6tr z&M@wTxKm}kw&nS|=oi%ch}r~DD0sbjk)Dp;k-P+|&Mh~3l2LU80QlgN^dSqs8zcZOMp}q2_rh#0FMMiTC>HvIv*3VM` zK8Qk$D`mi&maG3!0Ku^~FG@Bb?RY)joDy}my(ynG;nPH{I(=eqz^p4Z>vJHKD|(0K|uoT4X4ukT}1r}Nc%7D zWR#1Q%65RANTe7!LlZDQcn(`!ohkxBDR{;1rV0k%0Kw4Hd)-;>1K&?$@?JjrZEwc{ zuKV>9Dpf2|LM@S?O(uEW1+g%0)R_wDGYpXV8(5omqMCaL2zx2x#F#xE!Gt%OPg^5; zDHFP65d^qVnT>`C@JRbvw^49Z@!O)rmnnI-X(n!CN(*|!Kd1i)`%d$k!npSgl8Qec zZql5GxwB;f;Rm2bxhIDdf7mJz$-WcN)7u1WwvNM1EY=<)z97prJN&|ixj?dp0U%%q zY?_z!k%RV8939^4yp$bwdxwEzX0^#Zu7@|!Ind#^E2kKAcT}RupWAGA%)@!o_+A?WFEQ0@!5fV*@9{w15D_49!Rl~ly#)Gv2utYd zA!v880uHP7*>ecv65Et3fUME}00pNIPahX&Sj;koKJAE*(9rgHk$LmtaK;?3>5G@$ zmI2#|5;4v8JB>Q`M*UJ-yl`8uui~+#n#~w@*C{H^P5f;GJGSZrGQ!a37~75#3&DFrPpb>8#?}LES<$MVcSDP{M;a{-+XWXJq1xP{rNG&P;UXvny9FXB=3Zmm z54e4$<_D7t0J+LMc$4MLb6}x1=PGzGr7y@O0RWgFzfvyHBA}zg?>TaS#bJNU^Z6oU zrDWX!uqz>DTwGi{wC>JMb!@}s0#WSz7Q6m!jTp_~shCpC-hk}-8b_u5wl^IbmE4db zP5?Y-g6(oa7X$WrQq4hk1Aq^pRyH*tbr)+AdQhP6Kiv(+0m3Q3|LSbs2UZ>eilD#E zz;)P$;^rl;?B4y*s@o;B`6=&xigW3v_KU;TDXI`)%RzxB_V#nf<v>*IAY_Au?Q6em5%jBX zeOY0OM&%_ zd|Bh3#7aajtpw_w95|la!EARj$pBD>_#H3LI33K7m*>+LGU=rIjR1lq2{QZ2)=wKg ztJme!3XpNE%&cpzZcdxIJfvhNpAFnjXmu|Wx!h1VIXI*;W^FvtH&hbrfbTY?;Uo}{ zch1QYy&kqgxfQR0WW2nAhn@Hl#|zqkviA@bl$G0md~;?xeB>ZAI;b+Fp`j^6g2(FG z^uWE7h!vm&eDoJ4oNTQm&YP_W9_)ul0_c@ZIlzTt*wdrAJgv8LdE$Ue-O;numszAB z7?iRQO~3>}x5Zx`+6&JY9ggNoRmJh1(Ndn4Zk_FKr9G+~y91Fg$vs3peHe5nNfdnC zyGXH9o~Gq3E`jfi=v;zF4ypOt!m!RbcVna(GThI5Fv;Jp$qW?Aw(osPenZ6m?H`ml!a>n%-3U*XkDs<*r?vBNB$3IquL1>M4L)m{FQ zN$+Q*qexc4U9TlZLt^?QKOcN)f4-tKpQW~^I)nlbRrN4jx;ScqY^@^}K zUDc>HW45XMY;%sb8TH|Ek97@C2<08+{agx5tLcGzU{hP0NAIvIa@5!(w{8vpwF5Amtc-(R7SVa_1OHN>J-z_AEI_=)rUNsM+fXRb{w?L` zMdzMT=5m(|KO4c(LA8wfWGu*y#s@y{TbA0ecb{?a%Ww_4POgh7Ds6w z6F?2t{Cl3_ou7&lR`17H-}kR_xP!h5>59ZCDR~hS{oKq!e<>6HsuY8R`^cQ}4g2TVg8Vmd#lrG4 zv8nHd!z{ooR=9&KdNHhIrmdE-JB*1M8B8`YkN068+o z$0)$}r%DWaV9lR|E46CIRxP84)0Iz}yO`Y7ghu3-w2uDY4+sH}8C3@Rz-!=yv9rkP zo>-FMQ2X@#4a=@wr);a-4Im{MO!-Qa*usfvZMbk{sg(XM7Hiz~8t=hF-*+D@pZM_+ zxarO29?*TpFI66>ugplnCy2j|03GQXJ&2G-Ol!#0&%rYt@4fQz@eD*+`giZel-U9C zBG%(8V}Bh!|7vY5N?yn`#f%V;n*XT#dgLWd?D0r__VW$(t1n&@6Tco#=jOIjVG8I8 z!eKYP$KX4pNm;g)^-_tEtF(I_f@aWQVYOPWq4{`M26<9YC-Rk8b*XQtgAr8RC@y#Bc$9^h#A!&XDja*65Rbz;$RkUVRx?iTJ~#{CzJC?Vmh^f}cT z;h+OEGS&I6tLdcB{BMc>(1qFK*bOHLv0gZrGV+GI#1hQ^xb zE!3sEE?MDV466t!g6QG{t84Qt<8hSjFrJRp1g)Axs5gU1q94zrjW!K_syF6}#bLKy z7ABblg&cg3u7@D6U__0$gG137f62G_8MT0$T}ULeTh2T7=j(%_Rv67?AHLk9q=^wD z|L8ui87x^@yfFt#3(_1LlE45+_{Hwr)4!GiSNN__mCW`VhBEF#jN1MEHuDmTC+YmaTD`Lvldn*OM!F50ovhMN zTuYMZKc;?xZatJ=6lKq0e7F~^6zxnHsJVCtlOh$NR%*sl7gru+JZ^fKcoT8Jk?fM9 zhsAVluyF%Xa%W6Bt`9)Y)H)AcU+|gVe+}1}Rdh0>4j8ZNM(U9L4VuqOtpv31?jxc6++R ztWh5l*@I3=uDVTP)I+=1u@3)wZpUpZWbQL@Wvh}7xOe*;#UyYx@B@^YeehxyRfYl&UbG_+PM*bFh(-({n21M_?I>W7r^8m(Z(kDOqV zUa_M0Pf7BBSitGf30+>uT`&t(>krr=(%7wv)&o_P0R?`?JcKh^T9G7c0lLL^!=BqpKd zzQw6tI-zRe&=d|IE=TFz&&NW`m1pXqw>aVz`AN{~q)yO0$E2kc0k%9Eq=C7@?C=b^nYf;?*o|8-+ei^=5$Dy(Qy1oS=3znw)qh=E(cY4Y595->DNKtzc;|2$8fsv28@COnRh>)F`QvKCFP?}?3jI)%u=8!9uiWzS$H(MQ!$kxff6?=a0$ zj~&^)6qVgk#(2fPcj$I%NPXuFux07{YV6^>z3z+=#(v&q;2xIeG?mJFUV9B~U%-e9 zBbCF$nfy|j9@0Hj_}LWz{%RLj4~sb$E*h9P^lxz&9ha!@c0CZAc`XZggX3_2ss zYfa;Y$M-KA914D*Cr%C<;*r$kf41wkC^|!G@;)Ft{a~|7D?VNGyLe0Q?dcm;rz^7m z78~ap{R10s7yd_VY&-Y=3LE!~{|5D!h1XNl|;sKOK38g!vyOHkh?iP{mPU%Lvq(Qp7ySp3C!ngch_1k-&bFOptkNq3g zTF)GF%rWjU=6%mOEllf4xQqBP>Ay`KwgA*8%t0O$BeqF%RR?k_y86pddpJZEl`7G_N3-d6@t_Cdo@Qc=+W;{rS@Jwg6%D^SF2@<<`ZOV0+Lw-V_uHGg zeDIoYT?G(?aIv(nLiRKRX0nYciwc;mqkRV8MHn0&c2{}?)kvoYlfN^v)bwo{ptEUo zuZh*MWS>e-IZOj*1sl-GGbG6p`oEO`VOW7E;s{>Go*5F=bD@$Ylv--cqp9mgsvId$ zpltyBF;1TD@`RO$ovpWT>T!IwNQts?BT7bQu+N|q#jBlY9Ydu4&AY0>#-Ko{)1=9t}qDEJrs3Qb_fsNIz(+`#2@4;c>2E0$WzX~{{AywnVx^4*XpF3YaJ zv!Ji$akKpm)0+~w(u!4A8d$eV;a_$ORd%XeHclTqH~D>wv#%=rW~tF`jb4w+x85f= zLz`mY(ml937elOgjKBL;#(hk#jeXk6T@q#O#$od3^L%f!%C$|npmdquSk-$37G~3{OhhQW z0Nt}MNIt*TA~CDk31*JwhxWA08+1M|7t||x5;<69s?mRW^6br|3DwaMt?Hy#*|8XS zDu*Zr;=bxz@~Cdm;n0$qW#uwrQ}LbshSE8<0$z=;tQ+b=%O6uwP7<_`k8y}lfQy0G z{S(&z&leVeq1^t3)3Bc;M_~XU$O=9GM#7lCYF^?s6R8 zjVN{8lCdwXFO|?U0h(cPwUNmYfRUKHJ&GBd^Gv6ZRV~qE;7ku*LPb_4$sao`T~9`( zz;a9=as9oEs`rP~TO!J}ZlO*M=l$$>Sr+;813Qnf44Lz9w`iPtDCdUK4y;KZ>@i3+ zOGM7Sc2!a+NOFU_(gj&H!btP77p7d4mf1)fRpBRpU)e~2Lv*(4t#BmmDbKx`d!@wU z$Cbt3(_O)Kf`&l2y(N+HH!JE_b>ZLKCsct+M|qw{0ir-=EEL`i~KrR{EU zHv|R-q%r{Ia0BuWrp?dgWxNuUfQ6!HsvSX1-Nw*iGJMD@m?*g(^E&mGC9)PDz7mC* zm=6Y4b{#8~Q-NI8PuZWL;tv2Crw4u2&tRq!U^Gu`DxGd!?bjYEN>lfKeYb$>&UugW zy8;s`?Lj`Z$n}Q|=x4b69}=ox6>C4xh<+X%_W#DU^Phc!-wk|C4qO*4H_=zf{s^a% zuy^8$?*}#3`c15IDT(b2`vq3Cm{!o`P&SF%cGNA+BOK@7mfB6ztnG-K)#dmPdOb*B z*WjmW9@gPMI8c-Hh!t_itMRI;)NX5^{e&!U!3ig62WUb&-jF(Yub+ORfCMcusSVGAHUkXc%@w@sTU7-SvHtxN7nCb(HxA?HTIeIW*$0 z=}qi8bSkW0odmgGGia_PW8n487bgs-L6pV8J}R9E9!@q72|bV-z3rh)+r@NxHlWwX zd^es zOvN9u9z#ZA51VBCN+mTp_GvuH8rrY)XrW%E`&%ooxsPZ}oqU=B;*nqj8Vzkin81aP z_p@SUN--+(dcD1=R)GyX8=GQ!@z>}F>3;b&d@je{2{WkmocJj>;r^n~SYnsm7iyFYxwQl0)&0mR3eYyYL&@Wwbx#PKW_PF7eMN z*-FvN)v~Dua|oY-i@z4n`#M$N(f~aWJ8}B8M>|wRH!Y%n{Yf|00rNy%iD95fR4a;K zctji2xKeF%>OYdR=;=Bv2tb4S%Z>_U_5&^HZU&$wH3cM>Ew(UlIJoU~3$x$#?MS%4 z<6zz_fZ!25TuaG}X<0A0^sCev9uZ(pq&chz5-c3hm1G#+_t_uhDBgQLjJMH2_|7VZ9!%(*lh zCc5Y2c{|N!Kqw76+gIt6-l+b$Bz7x1%i7Bi*u%u-C#Ri86()B=U&0&A4kPqYqdHbG z+o`Qp=bSWQQ7OrM#OAuD32shSL*Z7sKQxTXg%cntTdSN}ItBzHJ@d3)_2y&KEv!){ zN6r))T_v&;boPFr3i9hGG^~ zo!=-_F~abx|FuH=tFUhGTr1g)30)VK2nWV+43Q_J7fqwB3QZtP$;h zv(aNA48`ACqjlGX7_}-FO0BVNr3)L#mPY({#DJ()^asd0r%9H*9bkqOix4#G3xQVE#r4 zHR1nDI#bva%Kv#fQ+nOM>eANIU)H5dGyjk3()%&xe*H#>4dXW3PsOKUQk0?CX3Gqk z2hf8aOZl%7{q4ujo(19yUVD8esjQ;`=%Ij|{1-?aS_qtdM-ei?(;7>1NTaYx?_1^y z;_|_6kQsL514jfel$BaI)L^+ELC^g6cel^~n-iqFs-g3OJ z9Vhu<;uxl_IujeSn7F9;hX$sBL(^p31{2b2*$wJhEH*I(a1azhx93afq%5y>yAa&_r(>Yx1XX$}UIzDf73uG}N3@F)IbZbVaL z7uU6TCiVt9JG(a7<=30ODDSPAX*4EvV{d?)v3ZsY9HiW@wq^;Q(?Zi|d^>ABN6=oc zi0kMFcl=!IXxph=dpjBnTR~*H>Th?*9`_Np?Yj=i`pxa1R2i_%AE`3y+eQB&?MbDd ze315ZWZ^0EAhW17_Kz4)+@k$Y3wZ2dnBrUZP_=z`urkwj(<%Mi0kpM3q?csE10gc+ zEEf7&jAi_miSq{O?>hASF&snrQaWLMdU}~v@|R(4d79L5;cobixIxSnH=~Rkn~42g+Ius80+wB(JR2Ju$U34>Fhd zMHIeh%Ny#37nJ{W42R z3%NS()Eu>fd{WelRev65K|c{2<>5~aPxz!0C_;%3c?BU1bgwr3nd7G{-pJe3F%!_p zruIax=as@w-Q|Pl=J|D5S-cB73CPWp?Ze7B#>wl?3y~;mXl-*=AY%&H2icSwu5aPq zQA(6VY|T|Q0I_9B)r35_JsfEtf>$JJ)AdUoY}qRC17m4@NkpFMprI+(ni+kCfttvB zf&IIpZ@Q73a{+&VmmHFe8zTo2=kb3*-hVWwfm4SbKMjd{1hw(o+K-{~DfM#$I^Vg# zjk7|r_WNkgLY$FDPy(W!5GTJaKb1B}Id@J99BppTXYC7~WG-{6AN+PV(mUXxSbV|% zyZrTkip4*RMdyrD56%5!5v;&k!2$v|*hdg9S%2@i-sJ-On}5k=Xu=vmzn%R`pe&cm zPgRGE=FcAlDCp=8br!> z3jNkk0c9I4_8eY+It^dn#mRx#AcGRSlhaktZ0GJ83iBk35%Cv&+HWDTug>lv0D9JF`E$wYU!5UfN%BzN|L2hh%3-l?-2q)jSXAh0 z4SAL7K*iJbA}*l4cVe2YBT!6vZ*25B5>oQbf*-+F&8t?$@c-aYfkhTyrifET7nmTqLuP|EBTBQ8|h#S=rXkAs*3{~eJlchZ|49)K=x1xHSffJz`^78 z>AqSgo;8gc$1-jUt#c=o*YOYt4Be?WVp+~a*-5)+BLq_kho?`HiA8PswAeppR9HN)Y=Vw(2!YAg(kkIUM~mYv3kFC6)xPEX3HB zSHeXjlR3lWh1P{MU>=RG1HffjqNa634D0#Ejfmj!d5-jUs0x?mL?fH2tOX z9txO;ds~qd3Cjg8wRXj^@XOz6incI|m&fw@Tjtu9^l1C_7uYh}>pU6^W8s-DjQu4S zT6hdIiz3i9vgq~6Xe~drKAdiIz^?DUOHNO{LKPetr{hi;)e#YqUoY%(Yy};s{9kY_ zu}|!M+1;x_v8MU?Tm2ScEj_a$E0_0=A5LsKTL+UywXr(^y%#-p;PqqN#ks>#_kIyi zMa5)WIs2($j5j3Bi079ySbvkyCg;n8AO`}?_i)UCeZTI#*C;`@PJa!LthQtE|H9EaRrkyVEB3}JuJdftBG*OqbLp}3!iZ>l6&hN=c3gE6u z7kgbgR*zHrMSDm4<{ckYr$~$`zoo=zLshw+a{EB=B(oU9ny%a?uc)N_kDk~lffk4h z2lwDySolM@`HNkqP_&e8EBACJOyGcN%W z*R~rjc$bpcvXmRZz^=RzIbQ2fpEa?0f8otmy$9^@F9uom4t67yetpmtZ03$TIJm_- za2?bc>BmaH{X)WGOi@b&h#DW?l(dn}+nn#Wuf+_yWEPnOuWz~h2=QNEiDMr7@X7^( z1T#`r=yTL&w9k&WFh3KhO3c7ul-IVYbzm+aj^Mr97m~Q&1488cUz@IR*BJzi$<@pG z-Qt_7ETpK%quU%mH?|{PAd$>j)O^TTQrtE+KQ?Qbi@&%*${lz68N85RL)))d)FVjS z0{qb7KYqZ)Vlh(Po!8Hs9g_@=1i{BPF(r^!Px~2AalM?LYJ6xgK_}s265>8hda9i# z9ti`FYl***QewuQ>UOyX4^7fLbG1KyXPK9RV}7{q1;}1Zr`JyE)CRI7&U4OjW!-N-?vt#-&xmodrHpf)mUAI)j7B{Oa_|oL z5#Ug>cjAKq-uE#yWRkAw?YWWLsUY~B&8Ae2%-V@d@biOh*<|k7tS*hm4Z5iAOOHqA z{`N}e{o%w~+gp0qi{Tlyx`XD6@T?uP!dmmi=491`o4ijQm&X{!6IG$l)6d;5iQ?Wf zA~?HsN1e~P-G>g3XrCvsHTZ(CkS}|(=SenB9c3&pk5(1jVnLU{`Fa~~CMTI%J>I#Z zT(5dSF1L$wdcz=s6pzLW=>f^bErr{4{Ia+nV}8{s{0pl6PcL8jU+k<3e%^pOOCOMg z_{cZ1!fVON}p&Vq#u&WE3^r!H_$wC-w%Y zz18wz_ZJ!(8p3sOspny;E{TQ@8#Ky#V9mn7*WY{Iz>r__HLi{iO0U(*5UgV}b>cak zZ{w$p(^}O_z~$f5P7T*z2M0~n+Rd+!Nw?o<>?oPl1!_E(++(CVG8=A7rZXC6Yg^+1 zgeA8MYHIV_r+ycuc!g(JhI%K!Jc6ATfq~t>ka7AurXAFY4{ARaRl{X>CJhzR`grrr zm_DsvKh-N8`AR}cs#%kb7j9_0P~{zp|Jaz^38ss8CXcMFY%sHrZQ9@`cBE_PLRFJ0 zi)H9s8pj^I0cR*t%`!AJ{Vpk|wH|_LW39Qbm*{ZU>m2tE*Jmd5>zhvJdu%1Mfqc@O zBSEE32uN~{NATdiQE~-}qRwYW=@KUpPEs4$v88uIGtTE-qj~y%^g3I@di_Z>u_DrH zj+^mj2x(8V>13)*rfvP(Je7H~%w^IXcxqPnS1-?GCgY(&YD{V4Vw-lWTwePP`1c-N z^)Eu)K&CXw%Da;1&f8?2PPaByyhR3URT3efrFNUc`|yLT^UjoxAxu&9w*P-OujxF$ZzKV_`-TjS&(S1~C*E85$<}`q}Qh zo%&)y09+kj(n~)uA&&a;>svd@xULjLZ~oxaPQSDns1Im}^{0;zNqBjv+)2EHxC2p= z)m&^Avyxr-obR^sipC3-g4yw5T+xs>&EwmbQC3YEJ|iEP*U!FM!YAiAO63}t!oC_I zdk8eoC)5TSJ-h1JN{F($i2+w@@E``#T5x>?IeO1?R~ zoG1alvt^Y3`x-IfM@l5fwS%d|`GaX0(H%qL*7l8oA*<^msJkH5GvyT9w|zheP6 zTh9{4b4$29R=bJAKk_5x&*H1nE1J(bCXzkN{)VXjlVOo-vzL*W?*2@5vyU*z)RFaqCg^+U_Vj{@tTzMIUr8}t^TRA2{xANODw(S zyO~6kzy2ddq}-u_EpYr3ufcA=We7(Pz_q+VX+oH>aSvZ}|6)a)W^8!cd~N#=15?$ST0 z@qmfvj{C|38klT^V(D&7{i}8J{_Er2oFf7%EJF6$#%nQ$k@l`f(2HSokBP6~$*gO9kUydCAZACz=(;Q!Qrd3i}`&B0Y; zR+%q)dpz7FiwbRxT1CFV`HGTpX=tyuY|1aS;!{=m)KrNO=VM_WWF)9)TS&<$us2&a z<3^RFv*eyHzTw_yNlARj6?&{7Kn@(YJnti(u_cqZj%q{RPnCuK%$`C~lK}T1#VPF* zu0|mre4PF5&2j%ScMH9l*w)q-x9ohiRhHx_ZCuEpR#0@*lDCanQD$?EF_IdO=75_Y z^E>hY8n~={jcjhS*G%+}%Iy}81^L-c-kdIr4s)^V@2BVtv;;6p4nUuEx?kMi^rOHB z;}v*UoIRcF#dE`9TjP+Hwp%0vd2rITz_@T4YHQcqe*WD3-V3|2MgCM zxOXvkUu#kfCTT>H;P#Swr0r2*I!kXUgP$axVhpD9V$toQCI8}r*FQSjO%MYO?Q_|3 zW0O}a&P`t3=g;6wq!Ai7bCZ|_r&p&&WgCF%I#e=z2jqHg=6ct9e4eeFQ@F=GrR(bI zaU}v+B$>87^N#R22%Gohu@#+AbnEtNcXYN&c6!S`PJ0k++x{FESwwAnLkiOcn=o?) z#yq}>h6=ra&M)j?vVXzDbY$Qk8pJT=r5ruS^`kl5dY?VVjF3Q8c+4#4VC5j$h_wW zuw*ahYy{tGO@Wct(0Ji0UlX)p$2vInR^K@8xi#<9)@vAwV3Bm4finafFUB$_L1~qD z-@5pXHfRyxv7Sj`1$9R<8$c!%ARH{Bsy1?GyE z)mZCXUtMGYNoFB$yl|0bf2R64S*!gvyzZUx&WKKT^fJtFeNls41G?KR;G*LN*Xd*4 zQnq_HZiS|22o1-#3>-JOCq9UHVpm1_KJ!dhmoN#87SGfU$6q&%U!TLk_@u_-%f1<96LLXQp2tb& z;*v+A9)*5SGOAc>yNio~g?_M4AP>N_uQK8K7W;WJu~V15qQo0ZGs_3Qw*#)dRkZ)PPE70{LGnldGxYBW{fK2$=SRuZmix#_JT|5d}G(+9ma-@A) zfJV33z|8FGd~)%IIr76tZ{du}nwpyC=9XX_!FNytV*@>{t)gsfY@{+HA4*3@lSw&5 zH|JERfZ!SOKD{sH9<>g38g#BxMLgO+d=6T|;~pdJvo5F%6RLb7%VT~yF3g9k z6oLE$`qID}r6n!xlz9tJypVBRPk ztNqJlnAX(gf*FB~Drx#AL+z-!Ub@qBorq%g-z8G#jpnYm%!-nNO_7c~O(PZkRsKTs0 z3lYTpRsS$dJXikkF1!vB+1Ak!nq95C?U`4FJm~8I35Z@GDNj@2KH>#h1zG+noDm&d z3y1#m+yQLiAfT~+PsR7HmzjM~2eqtiq@kUT2+>OyB=Z<1yL+6$M13vrKHRV%F3#%W z1Sro0_A7U&#u>utsfJc>qqZDUTt9Es=W)On|21Ujw;XBhH(3usn!xwk%^{jnB{x4G z4gulCQ|Dq^kOeic4n8LZ5TjEml&~>jCJS1B)@nZ*%#_GV|`Bou|^xv$uH&I z&;rHpSJhn3@)}NCDvrAq8ZP0__uX!tlu5~**$uI9Rn0CxmqlOU-SaRF4@Q0Vyx%Uz zp?+9Q$S-U?iTrWOG$bk!OPoXR{m~)mMqc=SW#WX%uC)+&X@;PVnlAISmq}HTS);jC zJU3cIi?l>I&q*wuGR^H@c#M$3!lV zanwv>y2KY>1(Fn1r^4ekL8 z8iD;U@$_{O!TgSz=0+u60q#f+J>c_BS`V-lQ-Akw1yeiLZx*>t^IL89f9v zo#6lqkFe1zaxXQ>6oe989{YEO`)W6B*bv5}3~+zgtaa)1sfwS0Ux?UVC zUY$BNaZFa0l{u$cKWjZgd&LI@&Bw!+(@*Fzo=QZ&#Hamz%&q+#_pFq(#>ZMBVc_8?(CrGT?gU7g)oV<6|f;ob4kCSt9Y7Z{$ zYiUDfG`1CA1m3MH&y)n6k8NOfI2(}US8g8 zCmcrmkOxb^!^3xQeNH-X($gy&+a50(Ouate=jRhGvAdXUxV%K^_f3tZ}h=gzuZu$_g5Nh&9G0UhE z1Zlwmri%U94(1`JSYFdxY#pyGNd33!_+L0qp=}dg8(kp<-s|#xW?2hNzQV5CqpqQO z%WNMGfiUp$;&MHC-0gBTEJL^xHYT8rz6)9$WSgC9cMX;G5y(yAS;icQ@5pD)eujN-li2d5yzuWBs)UZ zigBnnfIk`uXts`7s-1hbR0%{0G8s#z7HY`@IWR`f#=TlnF1(`PZu*Ctf~mitzPgSWY>G!UcX#jA`0iH(7kAhD4Uk}sOVvQk ztUiZuKW%Q^mxkbjF_UTphoJX?PeMrP3;<)|j8K@XCxZ6iM9+gcF9I$wG=56#n*5CV zyYC@=VKP3j1{2kNv;fA1-;Dvx@tFG3IT?7G7X#S>7nS@7|j5+XmUGsYnT^q*sa*i-wdx#lcrMqCUKi zaQ~MfztF;vhNCCWBd?Sam&+=0s~A4rTmj3dmThhgmoJON%>D0=gTZ9`Lq7880j^wg zFKGJ36u57J8Dy1HNy%?lw?-l-nf3)0Ce?>m?nep;Pl@#c7fQ>LH{m3TDB5oc@4J^f zg*2r_MaaDlIyyhGEM8`=xwvw?f)?wp^DQ8%3oD`Pn{N?ZSVAcwrhzY*j=)@Hb`&WK z4xi6=z|M4Hu7x3q_Rnt0HtgYuWH#_@C=K`W;y?Hx3Z)=r;47jyBT?~^y`yt*l16v7 z=RHFYctzAVm=CYBjoX%cI4U}9xVJ(pDw<)hzrkG8R3E5}7EPo>2kQzMK9lEns9~I_ zg$WWTXC;^IjVRv{hdWX!b!+=-j>kcTanCC_PG=lGB_fLEVJr%`jgpt|eAc4?gt_zw ze?!1#1#yOBdRTz)--5UqYJP~g%osr(vhaG0MkqFF9MuXnfZ6$U)D<#UVx)7{qWsBSN z%yxv~Yl*BSa?UR*WfkAYa}W$rTU5^>6P$p$=Ga70@UR;!mD~z6t`@yG`KG+cUcp(?H}xj!2FW zo>p{Wtx{P&eP6YBQV!w#NQAC*W2Yjt{*`p-u>l*Coy@>G8U;}q(P1+o3@KYJ;|QH% zHWnNYf>7BAovzzjZ-Br#@3fKAeq<+%ci)%dM!aw7qe z4YIYSeqLSRLcAp7LCBqVU+w82l=Q9F^wlWskhyCN9cGsWa)?I>`>go$ifz*uz6ENmG83srM zGQi9#1#^5tAx{)5AekD|i_^}PUmNxYS|m3Fj)A{quzBIM*JEzBQzE4%Pg38X>6bbd zhDqSLcCLCrc4-*;Y7MNoMraxG8%2&O1*zg5yT*E`D~hm#DG8mu!76u;?3wBg`3?P; zYZn7kWjfJ?Y>Mydik@p&h2XRZDp>i;AzRK0{NF9n#tj4{j3X8K55s)OLD>{0<2>i9 z4lE6DIMur%`x%iZM4^x(PmUA{*rBTkN6f~aj7o8f#!3>xY-Bcp3sDvLTHwVi#`@3R zjh9@*s;RAjg(_k1f=J{{j^$i56SRsTBLr=W;2(=nimPs-Bsdmwh~+}=Bo?8wI>1qj zn7~m#&Wrd;=>Qj!8C!-X8SR;``nx3rJ_^1?Y8d8-O+$XE$2;9W;+HAS_gH%63s&>LTv3ViH%?L{Vw&uh|Gq6p7D88WC>78P%3ebB4IeXDl^g^ZrxhRR7NCl;~4*MlPn>O{?ksyGtJR6-4j94X z&z1MXpYWL)tp^1`yrQ)>p(0^lTU~m_qy2LHue!@XlT33iHi9o~kUtTsoMpiSR)4I0 z`aN*|@O>{LW=;dsNb18CG!vbCska7$mmn^7BPpc}qLGX;ENi!|V$oMfjGRavTi<=< zxk>7uDI^94*4mx^72C{I%C&T`iK0g%xF@F^)%OslkJ9$1Ke0-H@OR73ct2A&QLZNN_~`q0ZbUTGkt`HNvNPL(Z!=o8H^m=pqNUFzI;IsZ~|vtR~Mvm z0mWj*uKD5awxI2erS0uaY(|Q6V$qP?T!S+blY_G9bPB-&??J%k5PzoNG*Q$)k?XO# zF-(lzQHSE8_l%r@hRIz3XXQrPY1`Y*IV%2|K3034p(v$#A^~*1#_&>jI7C%0D(EIYfA^rzJnNH*8bcY{7FFZNh=1*$Da@P?&MEja z8ej@hD&NjzTnOT|w%q+xtb`zxLDZX?LqPnxVPH&8k`#g3EmXR(89u8B4Jl1_NH{MI zha_D^J{BkP^h)`CN-ioBXBJfT<*kN*f1fG#X6;*9&z-T(>NHRGBK^U&BFFJ9SXE-S zt6uHvP8g^5=hqd2G~x7wfe6&CE`iUJtF1ERi>`rVI28x?#7`l34!lgI>(c2uQ4tO< zV##ejGmVIO2)j_MIvo~DDx(X3NzF|vYeJ+#=t23SFymfC6qwG7A3`CJlO3HP!a-ql zkrE;ijX?f8=MO2W4Pmp>tzxk4{aloXGOs7iD{0gjfXsF5M0FA2T;5SWUaSrzFeRy3 zMTxQ*m*zf#5Amt&uriK1dRrx5idBOs>(fx)4u`~s%2Bo|OYD~?Hk)bfW;usj2`hT4 zLB+jiSC0@^tfQULbF`4wn2erFW564*9wab1C>b-W2((ZoZvKdLEj-kl4ln2z$T`H! zc_cEbI5mUyV(L~9`_CCv2!V`{|0E}pfQ4=IWe?iG3ka(8lo_eTx2nBq^1UOxw>pl6 z4AGg%)w2RNzTYvx50MB+E)lAVD9h~h=+p$c`*G3x6(RPc>xr&z@DOZY0cP?m9= zKqBrH(C+GERD(0%h3clnj*&bM`YS8wQS+qNF_n-OtuO@i6hyt@_hK9ab)+O$V$96|dLt{u#WO7O{+h`3T>t^@2-gI-~GBWr|<%5wl zI4S06m$h>5swArYb};ce=$*vLRqKU59(yo60+M!ZDsv;8#bv48vkdMb2l<3(wKI{R zUY|FdV2v6-0Ed8WFbcVnk0!8eo+CwcPzuE#+rgK-7WZr8@FGOGzZGp?hYRRKxa{;> zjN+(|ukxzm(07}99)QyeOgNata=<)H5wDH=stJQd*7@RWb#A_AR5DP*adQ0ZwI;=3 zg0NJe$9BQ0Rtm>NDfmW12aKHD=fW>XK=@YzuV3OU91Yu0iHjhAnZPN^D4%^#nRnre zrwsM9L`M>|Fv(Kq!Zm4gCo)!?DG#ja6uch*lE(^Ifp|$&9X7;n;_bKn+zl7r5BaA` zi$O%w4OrR03B039vlRRyzQYi7JqTZJztIEPd5~Wd*#K@JyhV3foP988wd5!YUaJ}i zB^9q`an$Qp9x(#O`VnR2&w+ayOJth6bKH#_eC9vOOSHv%*bRXJvt!|f4j(C(9c$kY7zP~pSCnfdpY%?J2Y6=(d)!vpL@CQ)fD zNlD)}(8(aBxz_*qrQ`~p6&Cf2#*g?1h$Y+MgP?_^5vsLs?F-z)Ma)>)o39H1pvFo3 z?0c)~2cH1oQNB2zox3o)2nh~;+}(f|JP(pMZ*zC{{8NEmIWGJVi=PnIpI^W?fD4HW zaD4>e2>7D!rTh;#!kwhnfWN|nQ!cHmi}jtpo{^n`Tj%$xx5H260#ge0s5M(2_9!ulyv$B~XY0}R-=rXTFe zSpr+ajv0f+odxFcS`FIv-?;X#$LGkxz`(w!Bj8LJ3Hx04d-uAYVID>7Jvf=<_;#v!zF{i{r5|v`1JJF z?cAC4jg1NKX<`82-N-t?+_#0AP|+lMtS!31xw?8n#E#_e7bj&i z{eLk{{mO0xCACdicqrU>*QK_XlQaG86e1#w5wQuyER-X@Et)JnlHV}Crhg&3($iksDs;16{BzC-gDbl}ldc2qe-=X~C`)s;Y% z#B%vcdy5bw#iXFua{nY7E)?>Chh&pA&O^33+Dzt5KW$-fIf|&VG{UJ3#&4WgAb+lY zbcM!_L(iZur|Tf*B0TEPP*>@*7_S5S5;j@WYNezXB~*I(YR}MkM=5c;Qt~3L>jmj5 z-Q}Zf94-CyH150gS@$}-@bP9@fNY_!V2LlfK?nc{oLEu>?sO% zC~nY9Z&9XTZx`NLHsTJF{1{eaW57V<$k+{r7k@vJnmj3c%$( zQiEGl$49MHCXIuXTIB&g2W3hh5FRvt?=oLaUpc|Xzi!O(e<41D%n_&0pyOE zSdd@qh&)-L85e92x++t5@08K0^beaQS<%gI7Nsry95yJJ%;6-25Adad!2F(y2^?@I z|%57HVT zv4%)zFah6qN=LD)?(P~4hMALhdDo2p_`vUCu^9$Sjh^~|oztYrOXNi&4*r!{QXgqf zQCsqpbjp7ss<4&&fA%=!2)>6&8JLTsw#Zo)6!iY&k9VmC+7N=9bkFv{1Zg5?>F8KU zpsJ5{6Ifr$8TZXB^zULrwuT+m`c(EG*eo8iai>aucrpy5D&PyBe>m|Pz1_ve5yo{e zGY&?YRZu(;kA7-;vMH$B${OA`F<#Q?N&mIeR9h;=o5i^xXWaQwvmQ^-^)zz_v=o~_ zTd7Mah%x)6&xK3BtjC~VSd=!srk4@;y05K{Ile zJ_a0a11Mwm1aCD>o#7~HZ*$W;;!=j0Ir#)8t%~)DliO?+6L z3Z4Jb$+3FE0;J;X!sY^*wK~^27N#mViM77JNN9feL?Jx(7)TLPbZ#Z!x zC1x$8`|vv6Wkj+{_`%>^Q$ahv)=yO`mvhszt95rpl0#J1{o~#efJh3eon5-u0SPc~ zHHOqXPkQIs%%*q^1Zs%|+|mmfU~7jww+=YI=7_>3J_hn+{gP6+-h;d5MkirB#s$Mq z+r-E2BMYzbbq!D=R^U^1u#x8##wfN)05I_T2nDs=M^3H?q(SPln>rBm@%zYFBoQO0 z?D%D`u3?>aDmb}cqf?RBg*h5we&YHY5eN7-;+Mo(yGvW7?N1EG-;DdzHuZZ$jgWr? z8X^D$k%1AYK@5pgb<;kQO(7&h8+WTxv$+q3JUKy|S!g%@2R;4SE8GfGos6w{ZJZyS z=D)x3Xmm7kqUYbcH<$nOyEmfokZ?z$uc-*v224?`+zDI`G&|67l@^}YFDnVIdLo^_ zm)s}H2l^>*lz zBO=ry=3cI3tuCUy-GVT#@n3}9dhfRXHD{$Wpd-AP(53Vi0x8>vOUPn&@u$)!vV^yL zc;Ol^FCo7`LH9%dQON(L12P4EFB@+n#7=*RrMISpgdidw@UOB3-lQf`G$y@n-~77I z9yBy8cQSE4Ho%Z_a9}}nr~8$S0Xz;OaoYV3L1*Y9qI}6vcFckC3izy91)i5Bu520yewoqnqLU6X8ncc#}f=_S74aC3v#V>!O9*gF0+Swj1Pahs9 z?Et8}`~OA#WD3}L=7fFMKlJ5uF>F2tQ{F6gY1#FtHlrPUD!(uEnn@vO%Gfn`S%R>C zk^=wYJzyq3`56UIg6I7o@@WJV@LPe%l&rN11^cPUHDMfLb?BEtQx)up1-@@!r0dJ$9B5FyVy%R}u1$PmUx7t3F5huBe)TFkNxLc(~Le!zJ_&z9zTI z@VR{(qUuG6_D_1?EovcXflL6t1(FZnH(_t)JJc8hjNdUzW_N=(6ekG&AF{-RpR$-0 zep4EMe?zYerMC9DkK`u`PLjiXaD7i?`^t@3@2&#OB9SD*YS}ccHQK(iQEzief0EuM z_66_jm8&9?tr&8R=zvIFvKx+L{K{e0%ORS#}@y5-La#yzT0{9C`|TB z(p^Ryb|^L~kEC=l+}F3pDs4F7wbpeyKAHaadC}?wJ;uu++qT6K%8C_~D)9JZ1oO z>h0bRqQBfQF&ApTu65&tezVzU37SQkW`)!m1ML@~9V@kh1JhM5`%PziU6xWgUF>PA zJ*K^F0^7UFJ{+afccnZ!dK9-f1b%&&-#*j3m6zZqcD$(tJ70xro?IItA>ORjonu{N zz<&U$%Ij*qNlZM|)<1=i(5o)`zw}6+h$!b_!0Aa}N>AA}>COg(mfhb+*#!GwOA_Zg za0Dr*6V~wsPK+W>yL?Y}TTrDw;R2#-tZaBb%ccwY;(DXnR-LQ1p`Bo<9~dRI%i#D@O+_-gWaYY9wj?~)HcEh4CF^|6 z!h$o{3W>`F^N`qmTfDJlixhrr>P8{-0cDG*ET+NzE0W*9tAuEk6!}HD^A*X%yc{`= zNZ#Nf1Fn8vcQHaS5)F~FwjNtmfyE+N`yC8D{~y=;}-)gPZ) zX+2mIdwR_AnQOA_m}$dTyEAZ~;WDY$Up6}`b>QB0uI-19Kzz?z@al(T8Ee1kj!oHu zf<4NJ z2oJP6qW{Wq8R?`GkLFZS7sHHSZ&}_9Rfu+$`;8Mr@nLairv_}d^{lGIA%v_uj&mu( z`gCKU0;D{wwh_!KnedxG=V-b>&GS3zFTfHJHY%`8!CCUYPTjdk5Awp>Q_E)irQ)F@ z)y%<={_z)dI-CyO<4*kd+2x?K_2__I!x&w^R1b0MLrem9AMlSXP1<_d#ljoaeCOu5K9bQwzlho39A4FP-?TImT*>TCN9_k0otE;vn4Qv)b)oq zlg_n$l_{NU{daBm!xwN}E<%kaO~19bQ27pU_Xy%&?TJb!csj9$I&FH$;YJ2@ z&Mt;*^e-PAM42LIn;o?5j1ZXaiC=UL zucUU>J0p#si+fra|BF8V>Y(I$jvdlmCh;B9e7{1kc^rr!#6K08d3j+6B(Nr8I=;lQ z52;UoH~wwc{`|8tYvL+;S&8`A6g92Neyeubwe3aCIrSj8zp2OxPudD}BfgMPx zQ+Qw93ypR|N0Au>Ux8 z30Z6?sB5^>o{6C#N^;uL(tnALdmtlTZawXOhz6BV=E>~-b5_vp~i zjKlvio-EVjF177^u-~E&i}R;BD7vF9H`m^j>DX>O_pn&RToM^);+2rkmB!ls671-B zEj^vEz-5-9?Jf=eR7pZQHyb{*3cd+eDb@8*6FH1T10Udg3_7-3n+<)DTFuL=T|U2r zctkW$fFOyYb@u~vWB@V&fXFixF@I=Xd(ZHNfc*EY#Z9zDVQy}YPL>O;@w(7B7C#HH zEsaA+Ucbl^dSdbPoPPq~F}+E_c3gs=r9jZd>ZcTc(eY{+E&)i5B5~mIMKFr^PCp|= z-d^uRn|sTspbE8yf-{NzM>ObizTc&_ClqtwuZmSBQauwG5WaS5D0u;sT!L3Y@}_s) zEvZ6L0lU0&CH0S8kj^*oBN(rl^nR5;0=p2C^9{Mhp(b!>Vq@M(Dj6CtgtyuQp-xMw z3bsnTk63%7Pg+3VYjziQ3Ao&$OWhfl3b-e}CN0s2}dqWh>oifH6_vzP$(sGxDZWSxBH zX6vAQdM{En<~?WiDi?@G?IX%yJWWg@sDDumTU!utjr(R&k@LatA78^so}Hc1$^D;8 z*0gAe8%%> z%jolQWhsoP0Nay5cuQ^znKNddI#N`FEPXgz!HlGg1Y65-SAt(yPZR`5PGC51 zOwjZD;zV6MS-%$>Y?{9gUXR^5ouEcoF8hQNo5ukLmCVPc++Pj!oMFPQbvEQsb4N9~ z3&lYt4j|1E3CENVLE6;1hIYe@lHJafso;2l3;iCiNK!*DmeQnC)Jnojj)<9$%s)NZ zu|MGv`GHO}3RWOa*e=ff9ec(YG?&SFV14PI<=v{zi#;9?j-TmKx}5uF?Y^Ti)* z$UK+bJx5#}KlolrQ(Yrg@Wvh2z&Kw$c8Q-LVr=yN&Itc61NjLYxyUugVdHzhl;m|E z73PUB#!Uke@+vV$4(V{w&@^XgUY0#2$$;8G62wm++}AP|RxSU@=WoFzsnye3Niv$M zU1aVTf)Rgss0)7RBjSCl_zxa4C! zEb+5G8LZv_Z5_cRIDhfTt_S;#XEt(R!^Ni)j>LY7-z10QBt|RT_zY^&`e?)e7t9Vo%e}B{-|D;E)8d-P{QfGY@CpL}SF3Z=QTj z9)8n`cOV701;Z{Mf86wc!M|};o@}g)igz!5=5ly!ZH%UNRNM@WLZq79KoWd!{ro&h`KiC5SEWke*_~c3c5QdjU!_YA-0g4C*dO zyzp0!8EinRMXq;f!~MO5woY4m|60(zb-EM|`m8qS*a=45X)$K6EoExJ`bB_7DklDZ zyU4~%-WTiUlw=$4bL*j8AXInV^%~gmOc^!oqhI5FTxg(;>)UV?agUBka?`uN7=I&6 z(Y25{&_vaqa@x7V{vRjzHSRRdf8;NENc%EpXgm|I@oJLg$)v9i+JKVc*k5!eXHV`s z4OGf$4uj)P0Kw~`JVbhd&kuXJ7u|k?;FX5Eazh()I!LBJdg3SjFZ-q)sIbi2aqYa3 zPcEb5BlpHi(3h@?>aP#DX1v~H-!V%rPl`0#2|HEnZct76D;}F&ete&(kCAZSWiW%q zqV5L)%wFU_h2x)a!+U&TC-8j%OP1J!1`92j<=)Qs#`=yx@6V$rc6wz;v5aMVztF?8 zU+BRZ=|gsdD*IP}cF@u^-=s?D2>ToPtFQjg0v9ZK?) z&6TF(%Vtu7l~n9w=)>-^(WV-0zc~G=B2^fAvMK6LdpQ{r>>F zxRL7WzFf?&#AWFA#u({8$k$2$-fGC~glYiPm<&FGa?2(>{E`D&A_iSp#iXMZioUVSVYzru%7tQP2sI8IY3S2?0n`z$Qa<#Edv8 zG6M6)cDz(=utE*(!1lO`$|)=n;}Hcs<}lg}kS*tv&8!{qWNg6xkzdfx>nWaCMoi%M zSFX&FYHtzcGS`lPaxFJ~ZjF}bizPO&{R&B#K91=BEdD2<eXBlY?;xX6@S+;Fn>n z+w7!^cVxP7{%yOxLHbY$Yf=-;2YSO*ipz__+qF0631rJzB?A)@;_4ZQ3`Lwrp!?6A z`nf`bj=_JUv+6XL41)at#gJLe*|N^WqiI@+0BQQo*?# z-^O*+l;QG4lOB=Z^b5WKfl60TaMT5KHVwu!+A7vkKxIY}A8Tuf06=?=U7^+WP>opb zrGO-NY_@0yi&)T2=)P#Hs8#u{sF=s`wUNyB*Z^8Yac*>UM*m*s+qPblyY1TA-&^vZ zkQk6>B8|RW?{(k`efi;pbOm}}AO^PoLNFJ*BPffh{*&zVjHO2pDEi4KrzFQy?7q5F z-+69he_S7x4nM!6lzGJ>C;b{<8`@iTgocHAdP-AjLiu7Mv z2>=i#$->UJkNQWHFO5@1%(6oPA6r>-GUDs!v-UohQ^Y|Wq9rSDrFln*MF&2Dmr?&k z5~>cC5yNP@|4`+C&r1NBrTIgZA3^fzD_>w-OqqN6e0oyl**S|!d;}H0eZjvbQo^3< zt`)#d07neaxmjM;Cc*ecTZV7`zNLPte6FYRbiBoLINjcJ*J43_Ql!c!fOv=h{oRNi zn0>?#19k)MqfJ%RjUw+@w)c};z6HfHt$$+$8>Hn4_(}PI+4f8&;rCE}2M#p-Ezwrl z9fer>J0p&jDi|C+e0OH~%l94Ai`{O=rT+p66tP(#;8Jfrk$BEA`M+ z2QIvR$W-0omlAy{t|F6%==<#cZ*}+%80(K*nO}>x)3|*{p`5kNo*=KGS8@xHQQHmm zFw&tSo8={1ii_4IqQaEM5*~76VST-tehfgiFg#eC8cHHtLJraCLDoC1YPfnRLish9 z|0S^Fwg!5}44V}vlr=fjWhe)G=qMYGYx##q&(;!T;=*G{`rr851egpqDxP}%ViEs+ z00}c0$np`DL(+W`2DTzMsi41=5_IU1XFuZ8%eA?o)WyWHyooZOz(` zP+jJ8ooC4^nv!Q5XrdHstfva|E_$r$93bMOTGn{TzHwg8ac2t<7{4z9jKO4qgH*>ycR2mYnz zeU!VU_GrP%tem=*3L2m_elY~qz}3c#CN=v;Bg0M;7gox;9qMb@RH$7v>iTVvF6WqnN7;)RVyMT z{tSEvagEvY-GV)Z~-YVUj*pKtk3R6Xs>OzOWFyn)>l zd2Lg5jUzhRrE7ab24egYeUAx5j8F0ym(wM`=gp z4z}&^wf;-5_HRO<1=mO$MvYC%E$;miQIP*KiJmI`-Kvm<^lO83w?_1FNOuLE@d{!m z6Ftug&n|}(oHv~I8zEmJlzDuhP^o*Qcxwr|M^g^5m?^4u%wl_~&np9k)O6Y!aj&_X z3K!#GxGrk!ja*Oh@)sN&kStS|ciT2yd<1h}pyVVTQ_6h(ugEq8!XHx`5Ry2&^4Z0q zoXz8x?b2i~n=m&w&HQ*0%_kN%)k($Eh(1vGOE}a2`S<$2q)<%OF@{N0_Wq1I$0t|sK*8;OJf0!$Y!ETJ04cMP+9 z#!g3`by*8~CksDYAtRI-juDxw{&$Tl7iy~xv<6td5#AD!f~$!}@&+$?kauu)RC7kd zMvR2JTZZ9)CK7?*qx2>%tXE6fLrg1%@HG|n zJD^u9*DkimdpBE`&c&DW8xjJsl&5e~`&DK^6)M^y;jB=xUv zU00k$D-rMLDMPtWf&o1XO@rI55ai8Ef#gH|pUXa$LqR}nS737j_rj!@R+qy|OfdWT zQc(z`>9S(&DNMQ-bD41gYW}WJNRPX^!db=?~f+(Jyfe%y&MqXnfD8-T{wh$dlQ; z?C5wU-OX#&&`gIOqfmLN<MJh3lRQNG5In}L@d@Bc{5JrBT&Wjqu;_3+YhIoT4wRU0q`m)aj}#27 zMYV&v8~xHV?3*$NJ6g1ftGL&Ssx}wl=d;Qpg4sB`F`5NKY8CW8en8&;kE{ckowv)_ zD|eSNa-L2|TpSH~bUbm*=6C&G0~>z(ZyYF{@$mrvuf`gC)WN`wWf&W~4e>fBJN+`< zmO5l~YAS2(YXwvpX>Dirg2&?HPmYFw0Zpk#n?4&kv(Uw)u}|B-GT}z1e{G=E#eTF- zV}U0}p8XjkT>HWB*8_fwa24=2g~gw*$|T-B9=l3v7!2T-RYe7018d{DvU0QIn#_`_};5FWg5iSwN54K}im@>lxqC!b_GpEq%sA*jrO7xHBYPi<;SQ zo3{SS=Cq4+I%oN7lW*Jp_Bk}#t^9HbVe}o2rFhK*b^ia%jH<%oo~&2WqcBLlDSa3q zVG(GTTCQU!SCK=8H@i$PWghr($B*YzRG4#lwOo^6vqKY}3Cr0> zuDPkGcFC=C$NtJ&5YxM>d}TE?m!=ZG&T&qoNVjkn;<9xG1!?cCu8bba*EDEtGkkA~ zi(9p?tPEp4ZMLam$oYb9(q%ogd{gI`dXK(MgV6r1$5#cw=O3ra(n}<}X#5bM3d6!m z6TMPWsWUD4`n}Ny60Q=O)6FgCEkqNoUgGnscO9dVPAVM^3(Fk|_!`~R4epX&=e?uZ zDjC)97qg=@o1&<`-!{EXOigxJAFN_izrR)LlSb$+Y%oXDSDw&HQK~68)*(wMrn>oJ z$r0~fuca_$_#^g6Hq;R^*f9imB=3$${hPnxP<^mSH^om95t&iJA_lDm8teLg28tvWXQ*hhRK&svUb+#^C+ei4E;UpwF3yUai9^@na~_Ic2PjS*@R&6u zu*Ss-X-z3rB=9!3$8fBaRXX)5zqOzLJ-#9}`C84qg%6$xm<-0kaLi;|&vSf*_fYFO z_#Q?AW)`v~G=bh>uMPS0<<4QygT_ z9$fDl*lHNFE;(t-pPSnY(#>AMzT8!eiBnKNmA<4h>9sjMEe~DC=ZT3-u|DZHO)l&V zOeVy$E;hQ+wRe_vqp^5#Yap&Mwh2%7dC%4A?$dbP;N&>kHCc+CM&4kLsZ3+IlMJk= zn-6E1bwiLpD9xFsK#@2ZNnGed_!`W{Y1yj`G}{o~9qb?SAkDl%Zq?gd14->&xqn#U z0G_3_PxI!SOSiuI@W1AxNT$abvwm(u)Dh;d&=PE5Pn_fOnqhT?Y!BaU}2}4`R`=3{~3iLaOhtcv8YU4 zS5#pDO)Y8I4DU)@VQMK1GmT>|?bEzjW8gcF>nStNN2NIt4BR72l~KWR>hmr8td69v zFWtE2qy0RmQ7%c{QOzC}t0?Nk7nFbX3B*7tP;k(`yK}PFFw@1RK&w1Lfu{dz9x`Tb zugbMIh4U<&`T4iA#~KGZDaj-k{FX=GB%ZgvgzYUYOH17ZnTVW6_V+FW83-%3_ zT}nkWfsHtY<3J%$B(gsM{h^KKbDN|E7AhL?Yf;hH&_$}2=U>vup(9CBY7Q$@z7ZyB z(Gy5q+{P~^wdy&f&JVoL9f~z%`((MEo3p-6h1ze2qe7~zq8OVPp<$Kl;63O!_h{z$ zO>Pj|L0unHia;#}+yT?O*1Ov%ea3)YIRwedF#x&2IRI(nFq`P>3V2Zhh;UYd@Nln} z^byvzCRfkC<`?M=u!~cx)IX}O7S}w>_uNjMOq5KCy#$GS#dmE85+sICx^*E$DdT3|bbTS!WpmRX9(}6Y{v~f=T}*5O-}w9;Bw}g%2s+el z47-7;qS4eD!8L%;C8(6v5Df6k<{ad$#)jTF_0)}+1isQ zFnyp-4-)x1f_a|U9$DGLWcMGR?Qh%|bi&yQKo7-NLr9xwcGe*?`m2p4rP61z{AE;Z zkM9-}k4_E2HT_QJ%f$wLr(`$JK9Ck)>GTcSM+#7sYt6lpPcEW*thw&D^?Xwivp-#9 z?S^xD8n=F1%nke&BnM>uftsOVN|$h|Ugyw@tUS-Ds#$r3#l1LuDgTB>J23$ol5(@; zm_{cT&%ht@o`i+W7-TuI#s~ITJ*pG5^Yevh`{*e18pmA&SWKr^@nxr~DU=kua%8rH z$%&cxQES~UOdq8uozz1VIIp0|B?l}_NR+>)-)C?thFh0C+Isd=Zk))&t3ZFQmru9iBa)-+i#w9 zgGz&0Osp%F7q)xe+!E`g49L%OL_iF+iSj*z#$>MXo{#slvq}GgQ=n;AVy5^UpU`Hn4!ecR=@S}GqF(0>2oZ3uCA>%_D;K2Wq$;o^uEEnat z*C3Eh=`EXlFBbJl5E$%g4@rE(k3&xSp122zP)R~xaAuW4vlrf1V*QZ4WejJeH1RCU zmw&d$mcIP?J>sjn`1m3cTKt`^Vbf##vhal|(>zP-JezcI#8)uw z=Q*iw+Kcugj=#5R2W|vDmFBAC0bqDaaV%&b-jyfRNbj zrFi|daJucwM*BA%fj`*2{)JccvsAR z*;{&GYHXBTeN$p-hMp~iA<2%XC5Q)O1|!MC;4Ju7hoN0d( zGu8sLFy#PK>*kBo?OBnIB6Uf)AfD57tJUb6mamN z2{rq>KDd!k&zWGmagzOT4Hiu3x`Q>32TgV3YC5GgPJ*L&2p90rnea*FgoT`9A#Np& zxIs7MZck0>*tk>%=Ja)4*TWkt55l(lsu!s*;f@s1k(a_^L;v1k?acH1C!aP<{J+6J zmX=1i%;Leb_^hw~Jo=jaWp;&%Hc{n4MYP#a5Z7bO3tXD};hAgnS7`RNbzLBex&%ec zhxvA{^&m{zValjI6^%C=N1cc16VB^P>!SN(Bvg~D-mY}Q8u{9fLAGkH9r~H32kJD9 zHzLjT}VHwPgcXvJEN;SZ(~P4C3LL`v_UYJ zFa1jMJrGxec+dCDC)}%*w)gSr`8Z+VJ0AbmGz5_BgEH{S4^zmHKm4t?wMqj|nt`@{ zlk)m--2AjFLAZKCzaWD0R*!m&4iylnNq)B}m~R`doK@gj(=ngw)pw!bre)$OirP@5 z(BSZSp-VefUC<0ghW zenW?ENCxzM(~4B8&~y zyAumRBUE5+NvBr7WMog{Aof0rEw>|a+8@%l0%&*R9%_iq!HYrOStH#-XX_V2Ff_9s zqdGfIN2joaI+Tvq2X2uA&Z<>%?=pyY%LhLVOq+pjWGJ|*^*eoJdgAg=SNo*Y_Pc~? z)(b9a-MCoav6Hh?S{%gs7r0386Fn^aAaT0v4!xadM8_Smq_Nr+kRW#O%aC=06g-;IVi{coW~r8WjANv1&= za_MpujD1o()!dIPkcl4R=ed<#XaUg1<(#>7<3HUgnh7Lh!ouQQsvFuzW5hQPY(oi!uG0vnF_oLd;^rksXT_p^S`!koNY<(eQi*KiPSEW%SS>ESzwu#g z?P}n~z&uZ2jM<}4`e)_u3Z$ZF1wk{|_tm`Lfo*zgwyQ#Zor2;*Jf|~^%B5fpw0Sxz_kC0$CTp_*%{YF@;r8pRzg|M$SZ{TU3xQ{@%T2FLv^7nZ z;!!jMg0PC*h?>(2(m84Fq&>5?OkEz)1ZA}g17;=F4SBzz%fF*s2^_6Y0c}^mC?nq* z_`w_GHZ6wp8uhw!Ci-xY)KW%a44gY7$!hCmCrf^9)J1o_gs~kvYv3mrrFRj!BUR64 z9j+h@Bkk_-sCJAj)3DBXSRl394t}!z#Lao$Y>`e*|CeYV;oG?mDw<|8swz{yB-F=QDDb zn=1M`&NjyS*8&wiCr5TF;vc5*`&C)%tFwt2Bs1$4^($4*9Cj3lt;4@d)Swrly~UW> z>0z{UFyB>A?r0i#7#Oe7;IO|<_tI1CYd;B~R!K=uxM(uI)fwskqNe__g()&FtKaBg z>r(sNE+)EnR1zuv-i$n~P{F?gW4F70-*+r4GIyZ=;gU=507vVCu+%9Jlw?~0f3_%9 z?R@iTeKDgQF!0fv1H-;*iaoszD_{eI+Z>P7c%H?&vZcKcol|C`j@k7{eCn`iww@(scuX{*x4eh zlT!Zhi1Vtdx=obx&72^!Z>DPfgbhYqv`h*XLxk6^>LDRqtoHFFOM_nA)|^lK1F)3M zX@0ZvpwV$rwK@xi2xs5HHV@v;?cryzuF(CWF`IfX2)56NgO7X2-p(iDg82yiLXWH5 zS?X=f^Kd5a^DP+fIve?*xa)4l5~ZpdQ?(%v91K3$H>OgRTodp~_LZJLq8ChinqvA= zF89R_PhMtqC~bUC=}~R}{u<17nm?{p=3!FVp>;5pvdE$$T}SRPYaDaH5tObpR9cm*ZAD&^XV|b z0Hd$4B>fiDM5yW9kUrtG+W%&~M_lcUM?F_6D^D$qCRKAK4N1_=AfeYqu z)3erbZqIagIjHabnasDTZ2qcX?JTJRVNwZ_jFHq`b-Bb*Elfq%l|LqJDlcb+^BH!Y*diCW_0 zy))`t$$-q}e4PWovr3miKl-Dx+C?_oZGsKylu|gWy@S(YxS!^MDIiPFc$CeqGV0)q zQXY%O`+jU%oRnU@aA|$>0g#^w!j?#OpKvA7eMw52@k1Z(dEq*;#Zn1>~Qq7K`UI&KrK=so*cqc(>`S zDP3b9Yl<9E>G76lznbkIJJ*3AtV4Z!#%$+D(;r1*LS{W8|l zFKd9=b3omiC+eB?OY$l#C6)}uh)(E7FDlX@ASN*Gp7XsyyO7O~0j@F(-BWp_?sES* z7AG_k(66d)xm~%liwjk>UJhl(@qRjVSVyzaNW}rqUxviwbdbnc6|w7!zFA=>vilYNN7p_X@X5TN(47 zW9H$GjqMAiWQw60h*8z=F@}{>seHC-tbt8cV#$<4@A_()Cr8sMqH>Ka$I8WOE5xGN zub|`9C$X>1CQMGGV>$TbCe*I;jh$}bVVH15VtN#n#@BPQFy^-B(@qI5d9m>_qE0*2 zmEZcJbjPe)SbH(noj4z&xb;8ZxAl~ivh}P3{>{x_5YDYTpo?GBI*^?^TfVe$+R(lZe@!j(E~q)SxL z`Z(Pf$)laF^-S+oAtQg-c+lv+6J8Xs9rRo3D67rEP`fmy+mw#`s*b!g07ZrC;N@&I zJkT_p18E?2L&AsbZyVzyzfyV`GM6`lC4szw&4tx}4wXE#FiwJxKHcuWS&jIXXK){Z zTcCr7W)4fsYzLDl#PQkM!v~*R({RIn`2>+i+&0(m87-5cER$+<`|%jvNz9av=`-%i zvk=og6N*Q-T>Z*DKZ@t>0$nZJhEn$z7&oiFf)i4C9X1VUVsW(!EuF0Sx__W)noZYP z*pLgc;y6s@?XuT}5c5&m97qfG+MHjY4fn5^Yd&M%y6gy(VEqebfj0UcI=Epm*&haq zT;4C-j-LqaHrYEP{v3EfutSw*Ts4H2Q{da1*{3M51ob233Z|eCm>W@q>+e?X%@0F; zCQf;Vppsq3&d~VLwq#Uvq8zk+piyL06Ss8{z-uuP7vD7$lstK&Af^(_8L#VL5#lZr zL3B7k&!fI+&mp(Hgp$V00?v>AT;_WbxT7G{+3_$0$ygZICrzOz7O+--+dnurP8kuQ z*Lzao)@*6RsTW(ZoSt|#dsX_h>1>6J>gS)JNH$)AFIdfsST}kU)^qVeiE$;4!^9-G z9uGJK4mFL&-G9li2An-klQd}2#BPs*?ZHzvHJifnMZ*J}N{@ZQ(+QOE%Sb3eFYCnj zaaiQ=uDg?~dxyjGw1);Wt*1C&h#<>Xr78?~#5`Bv)a>U;FT`>;;eI~Nl%qD?+ykFTa=V|XdCAZ54-QKgp4z5&s=AoU2n<*Zr@(91Cj$cx0ERCbX!oD>9WbG|oioxTbfg&gvm9Xq86H&1o=E zKF*tESi|9VnKN5eyZ*`jAHXVpRtEe}@{v_?q0z1<)R)?ILGADVLa*ruspD$NJ~P0H z>W--voXim_Bv#4ju7#a9g>F~3$-C9mV?FNO*RvRq#m0iZ-bT$TBUoXO*V$R3VH6^- z5u>7+a@2!klVM=L6HyG_{At&b3ayn?eY~0^qOBrDVPKt(A_$Cfs#g3KZ;33 zkdpS;_KI8Zlv&OR9J*@@47ncsfd<<5wJ!h8i{0znM@mhvzvy$VHb+pnhaIH!>3Qc} zO3gM0cwWz+TK2nH_K*4Lg`8k95gb)EfQ|jQff7Z7j8A%?4(GO|Yo*-sabN)KqO%WF zA=J4QlfE+Vtf%%^c<~k*OmqmCR$CWfcG86oniw`mPy7A*_>vIbRxL)jm8M>odgLEY zktIKmi(Dq=Q_HB1TWIxp2NLK z=ZEyt4rhvKq8d%H4I12@^_%z_AoR|9Yev9fulW{V%ZY6i5pUylgEVmXud4_W9W-6T zT45k_O12>(;y@dK80qt)U&Wo>{B|X60l3aF(4ud&AI<@|ljL;-G#PT}t>DbT6+3sb z^x)2rbF+h;oSv0cf0AM|#-2{o2S%%zVd0H8f^;>jj6^?pXlO+?)t{JdtNS8_8c=1` zC9lMTp}X(DzPOxxcSli^O1%?}_Fs^Vx6|X|U`EI+Jau-)rTH|u2oiazMd*KGw}6@s z=pqpow@|`(JY}<_A9J4dK8=vksQ{`9o23wzo$fyw`f$UO)bjxILSk_-S>zc`_=jgW zCw~J^2U-rNw^TTAVRv)7seLO_c8CWiqqlc!{jn z2G}Mnxryf!9Ua@7GoZ*Rjcy$BLmhEee2i~atFm-{uhutZwit(E zvh%BVuN*XJnl9&$y zLWA#_AV35~Jt3B0fxm%pgoJwyAVosp!W4YKdw^JisewBRtfv|j(g-g&nMZfX>zys< zQN)kKB0z?*q#Cbl7`J`wc4>_w*Xs3^niF zKRFvTSCc}gTl5>|)l$6q>%$OOAq~*cHNmpxP9}S-*d-d1_1}Ra5^d*s)sYMuGC=^+ zSLhcI53hi~@Wg2N=o#WXV$40^>a@JgD;AFbT`BjN%55QSu5{(RY#A6>-FLbDDYxM} zwd=;#ZCw11X%E}v)_Yy{>V|!nbV+PHCZB7GWsq65HyY?rMh;azvP$?Te&vdIKp{kz z4cAm=JPvAdv#Rnzh8c)>)V7<=h-Pv=m~VV=@JcAbnXTbuWn|ZDQ!5NX+gBmueTP_Vqb z#L+Wfw*?l+dh_Fa47i^c#J4T| zeB#82!D?4P5aK17_%jM(zA<`qHpt$wuQlM0tTST(1BpTOV`p@(% zA>B+^X}QnI;M_6rn8V-khIw#Kly6l_qRK;Bn&4hZL90)23vFht^2kajY&V}+} zQbwC>uAxPTs_UwJ4le?BRr9gxUiRS9 z?=O&-6B}orbp68>3#UH%0Qh2Yx{Tg*1j$|EARH6aW-#UyUgznq@__*_A~+eX5m~Me z^Obf9@Vy?P6mUi?maN_XOfUt;|C%7^i$&@2_SWKKLU8XY^y-jQ2uI)-Ees08^A8wo zSser{^XeT|tbw<&1Ul8qU1$7v|C;B(G;(3#$Et6TLqxYa#GjqKe%GHK(DbpLQ~?q5 ztgp;e=O?Bjib}uTuszCOk!y<)c8r9iZ{>SVHY$(Z7fg4!9szwWY{zXRRPU_j5>HQW z(Yy2I*(Ay3ea0p%U1V$*0ACEw_t7y?t#b5gJj5Fs_C_zD5^7&`W*8)*jM5>q=*+O6mP| z|0g?aALDI7tceTf$BYuc$4PLBBZAnwUYO|bmez=X=Fn9vI<%zDy=rfT`fNpuoN7xd z^xH2l;*0~#_fQerUp*D@tGNe88JmCxh~)h86S)8&6!eP`j==RG26@~7%%Y4i@R&bJ z#)YZBC^xVC|4aXG_QVzoR_dFtefv_Bv?b6>v+nwwUch(-M9$h^+t%gFgwA~H%O@Ho z=!A!e`vRXn0pVW9Q|)g_Q)4M%i1sJ(KOqCI{Z2uUo*p8erLM2QjNv%nhg)hEhfdz?4+~wlI$@|lsN=oBX?rK??f4$ZyH!%sK5F@;M zucFogrq3r}o_bDe|1EEure*@}*9f;c= z;>Gvyr5;f6>+4l}oxP}{XTRh1-w6KEOZLo!>62-f{krNnk|&P8HY}ChGLHNjMeL7> z>JS^VvzO;Ma_ndT&l%skr7@!urJrD~5w1x4+(+&)sC#pV#P2jaYkku+wN@e*Qi`}m69&E$(t-1KO5uWLoqIDmPweA7^2CQYS=`hLZw-m0N*8$MoE z?LC(kt1}kgN(mc=7&dx-&8!>DRY_`G7~8zIA(j>EhZmv$EQv%ZwXT$_CAz|`^Zj86 z=f`P!c2`s6)Dc3|pgaE-=g(QzNH4+tT50^In9Zm$4(XHCoJ*I~xz`vw^>K8_X#F?)N-V7v^CTqd&p8i;QW04bW6wR^!ZHmGd8r(elzK1 zWy=w!?i=2y!Qezu43)535o?`@pUhMk#;`Ub8G}Zx>>#fykxo>`47PG84%ES!`qx)N zZ8_F44|FP);llHD+EiyfWAW;z(|i5tqiIY{&pyo)+XmqzlrF+O5gPc&E zFGZtX_n{BqC$0E)Cxx|+R|$&NBR#zOqg4(@`OJ;_ZBu!A{UoPSRN`=K=LYj#elN`- zF73;k3_p_m;xJ{?F?fvRADW8(eD-cy064_F4cP?NI~al3X`NaQA0-5K^3=7NAQ+QC z{v#v~dLrhnHOCz!;7zWxqvPlf@8E>TiPsPgVX0L96K5;TVnja{^OP#11ZRjazjYZ? zQ)TF!hS->zddx_gBK2i9ZD5+B&@4r z59{RjjggsO@LbD}=lT8o=RQXo@Wh)d2EXYRPZ1d2nny+D`Dm>8P3fn7Y#LnQc$is$ zd^MUCYknu8hC>Tusgv)Fjqfim7z%YnL;LhlzXi>h>yrr`cD(#p*Jiy&UX%C9|K8v_ zli5_BwMBx(;CXl}kN4_x*aJJI5i$qq|H@>r3934`43LI5D<{Z5iu2#inu`#kE zBe0t3q5ji;NhN@$&qcQMdWSXZ#QnO~1X=?_6ZTHr(8caOB!1^^7R|)Bc^Yzc zr?ykUAN%EjGzV;gIa6X}N^3HNJXr6JM&ByNs6KNIH zZdxPaxl%w2b@!bbO>+~RfSsBgMGGr#%Ei>17RJ5DE;HOe%oK9r*adxyynISup}VJk zqnD|MwuZWF@@+is(Zr*J9U7aQMrwXkAY!W3)f@Z$O<6^~DrW0}RtFc~F8y``;f0=_ z#H-5*dTl+^;d&CDe;RcW`2gF2 zm)G(_T4A@0lDkD7jy~V207n6wgsCXKgvE6(FP&VN>!@H;t>2`B5USCYQEn|H>8Rr> zLC7k_tSylAyNc)8cqwmpxxu^|@CuX@HXU8N%LjM)Q^%TNvB}j_n?6qDPUu@uyLaG# zs4oIJIg>S6N1otzNER5U8>@H9xw6b+bEHF!971FpZpBY|>eE>Xd*dyh_(1eL8r^lL zCF)Nn(}}xe?${>7-hD@4J$nUBsQXw$L&kNY^BJKwiVKgcXl1OyaWJ-1B`~cGv2r%@bT%6V&H^hhI%Q+JvUBgi4-gcjtsn>TB+CB#)oZCqPjs@M)+pR)q?#YSqTi(d-D{&cL{;sOtK0NO3aua>0FwF)thG{ zwIOD5I7;A5vh;dCjXi;ql8l(ob+;5=f7UnxcpNTh9gCppD z+86e8pI==KykN23z~=5utk;pBTH|d1-e5Px#>0QRKRnM#qw1&ii=BY6ZH!q}lI&{V zyE3m(Ss0>JSRsoD^F&2eWFcck01$M^gB^f5g+KAgTQ;n)8SBQaq@BPXg#ReK5m8dI z=SCHNY%?#;nM_4VC1~G`^t_jCe%9C!-3NHq0)KslSFHBfduQs8wyS?W=08PKQrJW; zKwkyh;4L724t^jm^V0tq?imrzI^F5{1GM3uhyH*;y`#8CAM&vHy#CkG;eXm5`*(y- zdxO+bbft2SkL^Q*CCPGs<((W6l-uPxHu!=AQE~VsrGr8mjg{Ft2&tr68&7z5(*>Z( z2M}$3+@CNPpt}?zttThDVmTh@8g%)(H+MN>^Hv(NKxZtFCET^ z`1QE~j(aT0NK?`754a1f$Box{0(=#!YN4QP(ze0Npo^0BSe<{us;ZXMbsH|i(3Da5 zm7A4vsOmMay$vI)t!Vi8n_{=(&%aKd~rQDmU`i7ZBv;^;roH zS2h&RiYrYaxv(9b-m>bt#jw2ILB1feVe_oesonw85krx@PSs9=g&}|6=fqY7#ZG;WFr93wW2XDzJ8Lea6|5rg$U0 znQ+nH-L~}fkQ0tEn|bM5pn_(S(9{03x%nE1NgR@uXdmFe!k7}8^9l+tSXWf&kvKR*QU-DJ{yjI zdR+0jg^u+?+GRn3NCLHBLGq6`OP`3aywkt)X`U{N5ngqSD3uNBfM;H4Jm{(uu8J5$ z^+I2eg)R)}*t*y$fK3u*oZ($o6-%2#1<~Wuhir-%ZbW;ZX1-$aJ|+7&OTmgb)npts z!}m?6{TLyQciN0b#kTH&F#S=&=3>+j`cH?qlff*V>cDvJn5sg^j|?y1KEm2{u~X^3 zi3K;;uJvPYX!ZVSnlZ?Ry0kwR1Z>|_fEuXc)RN8)! zfo88h?ef^)-_%Wn`w2(jFEUYb-8mt?3aEyfB$JjVFKa8b>uH1=-YG%zjGIIy)t4k% zTuvEDJkej?eycmNBQpK9xW(GjLctP2F=W&>NI1pR^tn~YZEt+gwUGBdY%bD>L1N=9 zZ3-%J`G~^K1=b>_BddqMsJwnGI^O~WZ?vAZ?c(0yx@%~c8+tf=m4Qwk&>XEnK3TBD zaN-jLy(DIgh4fhk*bJCs)UrzSg|7Zk6)l~a*~JDscXX~myD_d2Hp_kniRv+s0@YOb zc-$RX@Q;1;0l;1sjqfHC(j4c_vy+oLquB8BnvFLp>(r|FVsYyP+<4+pKM7N~_v#Jlm9{Mn_Lz`@DnMNmzwW(7Hs%2@7db?E>L zn*KGNgRhS|>WQra_?l-CAfV~_r1(I@%HuZP)+2;-fSK8GpiE-Hpl%A`Y|kkY*`Vip zL+HRIdCP?)f8JB_C+7*52iWyFiuB38uOq&H<&%WGjy5}s96{l6d0gmoiU6s=qep6L zNrl}=+|(Y!d$f^G8=G&4S0zTXckR<!c2XVnlD$V<0`&KR-pi*Vdi z7KweX|78Z+YcQSj(}5ZqVA~d-jU02R?x>*Ly(i2kv#|4L1x8DQi8LODAP7Gej6qnSv=kjd-6cADOPk> z9|iIjI0`0A*A6n@6NIO@=WCjC6;_A` z5ri;zoO~$;S{z}}^+AXF^J(tWqLQTKCLSFdFT!-!CYu3I0oANBeW4H-!u-KWN*APu zA?O*?u5xy#3h(NP(B{(8cm72x8AL5MaQH;YZvBMyjMQzYcP1~7m3d`lNLZ5Q_>;^b zn*2BVZYy}`tw~Gm{6E5)4pk=9lUXlKwC&HO8wKW2eQpj3yAz)cdWZ$^`v1Z5cHs|Z z%?O{hF9sQfkR+0k+V+krSxo_qH+t8s3TsO`g(^5 zDMdOu&Z0mHqGFeq7=Kc?s|WY&0877ruKO((NSzUD0|Z!MQLA#;*>tFL&1^Pp2cug( zA{-CKa33`BEtg~R)wDTM-t3hwerw+2?tv-aT{iiVg#+aG>=&Q#=G1R-RurJM9>&ta z8e?F5E-v4xs@e?2fWHS?&1QQke=Ea_K%ek1eqQ&u8$l4%JTDemeRwTn>EEZCXpJ_t zvUzHd!Ho}A3F#zXVPk)xvt;wt&J}Gt<50CJ(yg-mnv7=*kpP>mbszdan6kq7iK}$X z4bwLb)R)U2KqYu8R_uqy;iexE?k{wyV{O7G;a7QivU1Bl(%jFg8|=ch;zse`+oe|SoJO$U0V3TEPDHt^^5!(9AEtaaH zx{mwqJsrlluIOhhEtb58X(LGv#Ad7mp|FC!)ZZ$?qj=j5rak9>fw2DXF>BLRA!Bsn zHC3y1rXPUhg3hi?46B^>qCRynme(!P{(hpPPxL_NR-E2` zGW8|ob%?5cmrPRXOlj@7efs(hA+jrk8l8P^Q0SoT#|u=IUXp{gfi0bJr1MJ!3>NKb zP17yq0yrOcPn-Kw^(m;RG7~_Ef?qoIi0{u?ZX^ zrA{yLccSzHb>qJKi`N8@D=*NKks!6d@uaN)#|rfK-*{J`F$;`M$%Hw7hD|F)^Zx-~ zA?08H0$e!9{{b}of&B8?u#T5eRk$0SPm~`=NP0Id^ zkTL{j>nF}j2~wA@j&IRn0b=HErmfpQX`&0x7ih`~;_nFzeyTsm58!%%HWUC>Lan!; z@7R*uplDKPT_n!bOVG%$t}q=8+T5Q7Q28Is>#dN098 z5+PQrD;f0Cq672PB5kQ!e}5*&p-l$&@+H}po-=MW*Uf??ACs)me*i{XPd~!D|8=TB zqjt7e_e2OvlT=Y|~)wbN7$*x9`=lVMWan0fT}y%;?8H>_C)GVt{qt9ULPCkNYWnx68(Fo-$# zGm{o2^yRZ!$x<*F3}Ix2IH|-;ZTR@<2D>J9LiY5l=-79U?cpCYfQ15((@o^xdww~B zUP3*#HKhWKB(E_XRF-@<_t_Y--mI3^IguLsFCp8-i;%5S)T24Z9}(M$?o0n3vAPI= z7XT&x-W_ssdID}|&MGo1h3PcQn4sm3oS20hJ&avn2F+RU%>B7+B6%m(A@R9ir#87K z*iM99Ss}G@W;uEx!@=*b+U=W>)&twlWl!QXYS+|2W>^`aci zcA_z!w_;X{gm9~yo{@zoQTT+?Ld8<2KxBF^V!ZDycAb386Q8oM50mzCN}plgo$vJ}WnHT&gv5BZxc77)C>@vYY2;1xFiw21 z6JpUOvKIOPTfc}xujl3LmJ78sP8#wz|4H~WU#xF0z(F7SJ8fcDUEofF;4A2lTR!1B zl;WYdP4Ny@LIlBV2ggDaCS2~;eVe45#6eOu^1@S$65C@Am4KpIzm7$wTan4au-MvR zv^o{@fFmH2ZY23*pKsmJRUE|^;I>9-M5hY4yMCyJ!{W3;gf=TTIGeA&m|j3_cq|TT z`vcv{EV_EiFXR-qEuz-zc}E>otOld5vU)n|@N+US^YkS=>sBd%C-TA<e>@vEiQg?fXo{dY49cC^!a_H#zVUD_2D(-(XG6l!hDG{gJH4z87QT;D1p29ua zifnANwze77UheboCt2e0*6sHrzgyims%DGyg4 zj`N?3V40}?uW8v>-Ti)QDTVE|?RfS4&c`fo*uatc?rGx*Ka;XYK8s!mU}@#||9b-1 zCDIE86KLzVAKnxKqMj-hsr5(aUhC?>K+?b$Nzt=_Ks)v=r9;FT;~$c|UYU0r<>hCa z&C>EOKW8o4p@odwkRW$pUj^RH$r2`!4g^b@EV79wSNl3f47$G%YwwtW+MY+ho0R~2 zxO9IoFY=e`v#+QR+fP`u`XNYAmQ*XteYN{ImJ^?=Zw*=^)q8ilzi`UZ z#Dv}$1u_c0IZD-QvOX>c)Jv><(uZ+puQnd!i6=mk>6H{AsOXp}FB3#3#f$X?d)UVq$$ z8U!deqm5Mp!km+W9_pMcn-xvT9uY5%{>O`zTyh}^5LzeDcs5gA~w4H z;`#nU!HJcE&nzpS5OFzb%jb#m=_I-J0&wttQ7|>W_PcMyNf-I?y?}X%GVA=ncGfdP zBr9IhZ=-W1*eIQZEWQ`wXTV7QK2Oc=jLAN0KZ4Fb6xp}w9#ZRj`y)|*>JxU`9#ui zLGb&<>x7=u(VPn6u7%UKnLQJ^QBKksxnEX}UGo6>qK%$B!60uU+CU~r+CNV@r<sdEKaNS;3%<{{BJQe%-+QwW<+x%L?veQ&~iVkserCGO=v>QBA%7 zv>+CQ#F;RS)3ib}SwTw+VV;YXR-=%Vs;}A+(j|l@cxr5Fuz70ymw@h~iZA)sfGt7l zA_#2n3FJOKc@)&ul#Xe;NfZws_@x5{dVbY6iBsv`@YfeWq_uwfp_8ezMLgjn&UiABciA{M=<0BPGr zJ#o#EgtI(oil>$FnUch)D(+h?10Ux@0|0&UE*#%D%Lb6x5zGP-yD*2BWuj`n;(`)H zcWRbj6}-r7s__#&4~Em{x?flAOTl4NXUb1ZUOaJ1Sp?OU9x4Qwk$TD~Ae>)?tt|Hw zb!t=!ShIJhWajoVKBoJz);zeH|8W`$hw5Zh_Yvs}qT4s2Zr;HwNtC-^SR&)_`v0b< zdv5rUgzz;!I~+#EoEg9QHnLmIaMisCc`ttk1sWXcxq&b0@`G@R^t}FYBA!VjCe3fm z&ZKcfIx5;F8AyouvU-+^GsO4jQ6}QW2K7+wdlT%8ClA444FaMEE-9mtZa)@J)2n|W zPrj?vDQF5xy5N3rr-3^`^wzDPeLL6h{Z@aq5@8frbLwf^2Z?_taUU=A6S=>gCERKE z*OMQLY}QCOoP0>E7|;gke;ki7b}UgppL}j6?*!q!4^Gw4a#{r=8q%Pnb%;w7|LUpm zYxZ@hsJB|vj^ zp*jW%4fBPD>W7-{p{FDEhoT~38|}xBho`2d1_$RoLVPJ@`0~OpbXg$KX|gun*7+G4 zbLfvb+*{Uw8TudZn2$2N#U5{5RoKvndF@YB*_4!?pVep;@g?_0$KOa&4ofIpK@txX+hSF z>RmcCuuoS@;c`&3I5`>fUHWk+4UH(%gnMp%quUJuyR^b>6r~Ul2&V%4=%MC=mud5t zYrMVBPF%}*%mmtdX_&G9Xm2S#9hR8)LAM!qRb^#_k2E%UkPtGkEu1>aR)#yZ#e}vD z<>1XhR}h{}vr{oI{qj*;k#_0%ra$H`C&XoFX6C#`w9cUR`KSARtp;y-ANtjL?lKZYk-}~(;t|x%^gYVu7dCdR;feUE`0~@~8I_wVQDA50YHZ3qcIx*n|j0(Y*dMK2V z@D##wLhwo>|K!n`yAi6}!;bv6HiC8T+bv<1H2g@Abj zUxK%^C!q;cJjm|swc;)3tf!Z#@m4UTFN(Okvy-d!N7n>scNF1zpn542b14hnnz8R> zn!W&9!Yd#UMcs~>Y4k;hi=WfbMj&}1ALN)#9Kz|3gK^s@#ONQD)ffqh!%=Re1F?ps z?v<_!owrr+`tQSKP2x?zMXuqI&v6(wc&kTM)b@c^9(03~RR|K#Rd z^GzMs;}MGQ^|*z4jO|j#Ffa(D2K$7DhMIX2B+E(A-D;0alw&pByy`la44USU(kd+} zaXXDd@&fN#rV%AJr*ycq}u9Y$al>6_rw>+FKDOe(3TX_R

w)WEvED2?~V`D^nFtTSRqv!K;eB+e!uj? fG5xnMwP0{~5`37N)MWQB9t4(FepDj)^yU8ny~3m- From 2c6ed20d391fe5483f96d8bc8d3f21edd3b960b5 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Fri, 30 Jun 2023 15:11:03 +0000 Subject: [PATCH 115/268] v3.3.14 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index ae00af340..82491390f 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.3.13 +v3.3.14 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 553642da2..c7014fb16 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -546,7 +546,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.3.13} +- {name: IMAGE_TAG_MANAGER, value: v3.3.14} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -570,7 +570,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.3.13} +- {name: IMAGE_TAG_LISTENER, value: v3.3.14} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -591,7 +591,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.13} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.14} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -616,7 +616,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.13} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.14} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -639,7 +639,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.3.13} +- {name: IMAGE_TAG_JOBS, value: v3.3.14} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -683,7 +683,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.13} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.14} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -714,7 +714,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.3.13} +- {name: IMAGE_TAG_ADMIN, value: v3.3.14} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 69a62b1c0..af850a081 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.13" + "version": "v3.3.14" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 38dc0db4b..b17fbb3d1 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.13" + "version": "v3.3.14" }, "servers": [ { From c6dca18aa76c0ebf975e231e024507e9b11818b6 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Fri, 30 Jun 2023 15:52:50 +0200 Subject: [PATCH 116/268] SPM-2126: add grafana graph for package refresh metrics --- ...hts-patchman-engine-general.configmap.yaml | 289 ++++++++++++------ 1 file changed, 202 insertions(+), 87 deletions(-) diff --git a/dashboards/grafana-dashboard-insights-patchman-engine-general.configmap.yaml b/dashboards/grafana-dashboard-insights-patchman-engine-general.configmap.yaml index 53897bb00..3413fe888 100644 --- a/dashboards/grafana-dashboard-insights-patchman-engine-general.configmap.yaml +++ b/dashboards/grafana-dashboard-insights-patchman-engine-general.configmap.yaml @@ -134,7 +134,7 @@ data: }, "textMode": "auto" }, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "targets": [ { "datasource": { @@ -222,7 +222,7 @@ data: }, "textMode": "auto" }, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "targets": [ { "datasource": { @@ -309,7 +309,7 @@ data: }, "textMode": "auto" }, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "targets": [ { "datasource": { @@ -396,7 +396,7 @@ data: }, "textMode": "auto" }, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "targets": [ { "datasource": { @@ -483,7 +483,7 @@ data: }, "textMode": "auto" }, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "targets": [ { "datasource": { @@ -570,7 +570,7 @@ data: }, "textMode": "auto" }, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "targets": [ { "datasource": { @@ -657,7 +657,7 @@ data: }, "textMode": "auto" }, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "targets": [ { "datasource": { @@ -743,7 +743,7 @@ data: }, "textMode": "auto" }, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "targets": [ { "datasource": { @@ -832,7 +832,7 @@ data: }, "textMode": "auto" }, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "targets": [ { "datasource": { @@ -919,7 +919,7 @@ data: }, "textMode": "auto" }, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "targets": [ { "datasource": { @@ -1007,7 +1007,7 @@ data: }, "textMode": "auto" }, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "targets": [ { "datasource": { @@ -1097,7 +1097,7 @@ data: }, "textMode": "auto" }, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "targets": [ { "datasource": { @@ -1186,7 +1186,7 @@ data: }, "textMode": "auto" }, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "targets": [ { "datasource": { @@ -1273,7 +1273,7 @@ data: }, "textMode": "auto" }, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "targets": [ { "datasource": { @@ -1361,7 +1361,7 @@ data: }, "textMode": "auto" }, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "targets": [ { "datasource": { @@ -1448,7 +1448,7 @@ data: }, "textMode": "auto" }, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "targets": [ { "datasource": { @@ -1858,7 +1858,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -1970,7 +1970,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -2110,7 +2110,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -2222,7 +2222,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -2480,7 +2480,7 @@ data: "unit": "short" } }, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "targets": [ { "datasource": { @@ -2802,7 +2802,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -2874,6 +2874,7 @@ data: "dashLength": 10, "dashes": false, "datasource": { + "type": "prometheus", "uid": "$datasource" }, "description": "The number of messages per second received by result in Listener.", @@ -2916,7 +2917,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -3032,7 +3033,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -3173,7 +3174,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -3327,7 +3328,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -3445,7 +3446,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -3565,7 +3566,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -3677,7 +3678,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -3827,7 +3828,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -3976,7 +3977,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -4124,7 +4125,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -4663,7 +4664,7 @@ data: "refId": "A" } ], - "title": "VMaaS sync", + "title": "Jobs", "type": "row" }, { @@ -4674,9 +4675,10 @@ data: "dashLength": 10, "dashes": false, "datasource": { + "type": "prometheus", "uid": "$datasource" }, - "description": "The number of culled systems per second which were deleted.", + "description": "The median value of duration of particular evaluation part.", "fieldConfig": { "defaults": { "links": [ @@ -4696,7 +4698,7 @@ data: "y": 91 }, "hiddenSeries": false, - "id": 76, + "id": 97, "legend": { "avg": false, "current": false, @@ -4716,7 +4718,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -4729,24 +4731,135 @@ data: "targets": [ { "datasource": { + "type": "prometheus", "uid": "$datasource" }, - "expr": "sum(increase(patchman_engine_vmaas_sync_deleted_culled_systems{}[$interval]))", + "editorMode": "code", + "expr": "histogram_quantile(0.5, sum(rate(patchman_engine_caches_package_refresh_part_duration_seconds_bucket[$interval])) by (part, le))", + "hide": false, + "legendFormat": "__auto", + "range": true, + "refId": "C" + } + ], + "thresholds": [ + + ], + "timeRegions": [ + + ], + "title": "Package refresh part duration median", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "$$hashKey": "object:447", + "format": "short", + "label": "Median of duration", + "logBase": 1, + "show": true + }, + { + "$$hashKey": "object:448", + "format": "short", + "logBase": 1, + "show": true + } + ], + "yaxis": { + "align": false + } + }, + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": { + "uid": "$datasource" + }, + "description": "The number of external services calls and their result.", + "fieldConfig": { + "defaults": { + "links": [ + + ] + }, + "overrides": [ + + ] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 6, + "w": 12, + "x": 12, + "y": 91 + }, + "hiddenSeries": false, + "id": 40, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "9.3.8", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "datasource": { + "uid": "$datasource" + }, + "expr": "sum(increase(patchman_engine_vmaas_sync_vmaas_call{}[$interval])) by (type)", "format": "time_series", - "interval": "", "intervalFactor": 1, - "legendFormat": "deleted systems", + "legendFormat": "VMaaS Sync - {{type}}", "refId": "A" }, { "datasource": { "uid": "$datasource" }, - "expr": "sum(increase(patchman_engine_vmaas_sync_stale_systems_marked{}[$interval]))", + "expr": "sum(increase(patchman_engine_manager_dependency_call{name=\"rbac\"}[$interval])) by (name, status)", "format": "time_series", - "interval": "", "intervalFactor": 1, - "legendFormat": "marked stale systems", + "legendFormat": "{{name}} - {{status}}", "refId": "B" } ], @@ -4756,7 +4869,7 @@ data: "timeRegions": [ ], - "title": "System culling", + "title": "Vmaas sync - external services", "tooltip": { "shared": true, "sort": 0, @@ -4772,14 +4885,14 @@ data: }, "yaxes": [ { - "$$hashKey": "object:1244", + "$$hashKey": "object:1297", "format": "none", - "label": "Systems/s", + "label": "Calls/s", "logBase": 1, "show": true }, { - "$$hashKey": "object:1245", + "$$hashKey": "object:1298", "format": "short", "logBase": 1, "show": true @@ -4799,7 +4912,7 @@ data: "datasource": { "uid": "$datasource" }, - "description": "The number of external services calls and their result.", + "description": "The number of culled systems per second which were deleted.", "fieldConfig": { "defaults": { "links": [ @@ -4815,11 +4928,11 @@ data: "gridPos": { "h": 6, "w": 12, - "x": 12, - "y": 91 + "x": 0, + "y": 97 }, "hiddenSeries": false, - "id": 40, + "id": 76, "legend": { "avg": false, "current": false, @@ -4839,7 +4952,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -4854,20 +4967,22 @@ data: "datasource": { "uid": "$datasource" }, - "expr": "sum(increase(patchman_engine_vmaas_sync_vmaas_call{}[$interval])) by (type)", + "expr": "sum(increase(patchman_engine_vmaas_sync_deleted_culled_systems{}[$interval]))", "format": "time_series", + "interval": "", "intervalFactor": 1, - "legendFormat": "VMaaS Sync - {{type}}", + "legendFormat": "deleted systems", "refId": "A" }, { "datasource": { "uid": "$datasource" }, - "expr": "sum(increase(patchman_engine_manager_dependency_call{name=\"rbac\"}[$interval])) by (name, status)", + "expr": "sum(increase(patchman_engine_vmaas_sync_stale_systems_marked{}[$interval]))", "format": "time_series", + "interval": "", "intervalFactor": 1, - "legendFormat": "{{name}} - {{status}}", + "legendFormat": "marked stale systems", "refId": "B" } ], @@ -4877,7 +4992,7 @@ data: "timeRegions": [ ], - "title": "External services", + "title": "System culling", "tooltip": { "shared": true, "sort": 0, @@ -4893,14 +5008,14 @@ data: }, "yaxes": [ { - "$$hashKey": "object:1297", + "$$hashKey": "object:1244", "format": "none", - "label": "Calls/s", + "label": "Systems/s", "logBase": 1, "show": true }, { - "$$hashKey": "object:1298", + "$$hashKey": "object:1245", "format": "short", "logBase": 1, "show": true @@ -4920,7 +5035,7 @@ data: "h": 1, "w": 24, "x": 0, - "y": 97 + "y": 103 }, "id": 69, "panels": [ @@ -4969,7 +5084,7 @@ data: "h": 6, "w": 12, "x": 0, - "y": 98 + "y": 104 }, "hiddenSeries": false, "id": 51, @@ -4992,7 +5107,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -5095,7 +5210,7 @@ data: "h": 6, "w": 12, "x": 12, - "y": 98 + "y": 104 }, "hiddenSeries": false, "id": 42, @@ -5118,7 +5233,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -5221,7 +5336,7 @@ data: "h": 6, "w": 12, "x": 0, - "y": 104 + "y": 110 }, "hiddenSeries": false, "id": 73, @@ -5244,7 +5359,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -5336,7 +5451,7 @@ data: "h": 6, "w": 12, "x": 12, - "y": 104 + "y": 110 }, "hiddenSeries": false, "id": 78, @@ -5359,7 +5474,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -5463,7 +5578,7 @@ data: "h": 6, "w": 12, "x": 0, - "y": 110 + "y": 116 }, "hiddenSeries": false, "id": 58, @@ -5486,7 +5601,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -5621,7 +5736,7 @@ data: "h": 6, "w": 12, "x": 12, - "y": 110 + "y": 116 }, "hiddenSeries": false, "id": 59, @@ -5644,7 +5759,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -5715,7 +5830,7 @@ data: "h": 1, "w": 24, "x": 0, - "y": 116 + "y": 122 }, "id": 71, "panels": [ @@ -5766,7 +5881,7 @@ data: "h": 6, "w": 12, "x": 0, - "y": 117 + "y": 123 }, "hiddenSeries": false, "id": 53, @@ -5789,7 +5904,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -5882,7 +5997,7 @@ data: "h": 6, "w": 12, "x": 12, - "y": 117 + "y": 123 }, "hiddenSeries": false, "id": 52, @@ -5905,7 +6020,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -6008,7 +6123,7 @@ data: "h": 6, "w": 12, "x": 0, - "y": 123 + "y": 129 }, "hiddenSeries": false, "id": 54, @@ -6031,7 +6146,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -6154,7 +6269,7 @@ data: "h": 6, "w": 12, "x": 12, - "y": 123 + "y": 129 }, "hiddenSeries": false, "id": 55, @@ -6177,7 +6292,7 @@ data: "alertThreshold": true }, "percentage": false, - "pluginVersion": "9.4.3", + "pluginVersion": "9.3.8", "pointradius": 5, "points": false, "renderer": "flot", @@ -6260,7 +6375,7 @@ data: ], "refresh": "", "revision": 1, - "schemaVersion": 38, + "schemaVersion": 37, "style": "dark", "tags": [ @@ -6407,7 +6522,7 @@ data: }, { "current": { - "selected": false, + "selected": true, "text": "crcs02ue1-prometheus", "value": "crcs02ue1-prometheus" }, @@ -6428,7 +6543,7 @@ data: }, { "current": { - "selected": false, + "selected": true, "text": "app-sre-stage-01-prometheus", "value": "app-sre-stage-01-prometheus" }, @@ -6487,8 +6602,8 @@ data: { "current": { "selected": false, - "text": "GET/api/patch/v2/packages/", - "value": "GET/api/patch/v2/packages/" + "text": "GET/api/patch/v2/advisories", + "value": "GET/api/patch/v2/advisories" }, "datasource": { "type": "prometheus", @@ -6546,7 +6661,7 @@ data: "timezone": "", "title": "patchman-engine", "uid": "patch", - "version": 2, + "version": 3, "weekStart": "" } kind: ConfigMap From 97b1e56cfc02719b2df8df750b77c8835fb3f8f8 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Tue, 4 Jul 2023 09:46:49 +0000 Subject: [PATCH 117/268] v3.3.15 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 82491390f..c5d7eb2e0 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.3.14 +v3.3.15 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index c7014fb16..1e35e4d6b 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -546,7 +546,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.3.14} +- {name: IMAGE_TAG_MANAGER, value: v3.3.15} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -570,7 +570,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.3.14} +- {name: IMAGE_TAG_LISTENER, value: v3.3.15} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -591,7 +591,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.14} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.15} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -616,7 +616,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.14} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.15} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -639,7 +639,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.3.14} +- {name: IMAGE_TAG_JOBS, value: v3.3.15} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -683,7 +683,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.14} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.15} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -714,7 +714,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.3.14} +- {name: IMAGE_TAG_ADMIN, value: v3.3.15} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index af850a081..a030bca98 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.14" + "version": "v3.3.15" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index b17fbb3d1..c8133ccb2 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.14" + "version": "v3.3.15" }, "servers": [ { From 8eb334b6c0b8aa0963199d85c490aa0c3287ece8 Mon Sep 17 00:00:00 2001 From: Viliam Krizan Date: Mon, 3 Jul 2023 16:25:04 +0200 Subject: [PATCH 118/268] fix(listener): use releasever in vmaas_req Utilize relelasever from a system profile if RHSM version isn't set. This should improve reporting from RHUI systems. SPM-2137 --- base/inventory/inventory.go | 1 + listener/upload.go | 3 +++ 2 files changed, 4 insertions(+) diff --git a/base/inventory/inventory.go b/base/inventory/inventory.go index 92fac5832..a086e94a5 100644 --- a/base/inventory/inventory.go +++ b/base/inventory/inventory.go @@ -8,6 +8,7 @@ type SystemProfile struct { DnfModules *[]DnfModule `json:"dnf_modules,omitempty"` OperatingSystem OperatingSystem `json:"operating_system,omitempty"` Rhsm Rhsm `json:"rhsm,omitempty"` + Releasever *string `json:"releasever,omitempty"` } func (t *SystemProfile) GetInstalledPackages() []string { diff --git a/listener/upload.go b/listener/upload.go index 51bd1e063..9a389b155 100644 --- a/listener/upload.go +++ b/listener/upload.go @@ -555,6 +555,9 @@ func processUpload(host *Host, yumUpdates []byte) (*models.SystemPlatform, error // use rhsm version if set releasever := systemProfile.Rhsm.Version + if releasever == "" && systemProfile.Releasever != nil { + releasever = *systemProfile.Releasever + } if len(releasever) > 0 { updatesReq.SetReleasever(releasever) } From ac7a906905b9f877c75eb999373d43132de1d8e7 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Tue, 4 Jul 2023 11:17:11 +0000 Subject: [PATCH 119/268] v3.3.16 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index c5d7eb2e0..b4e93319b 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.3.15 +v3.3.16 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 1e35e4d6b..08e19008d 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -546,7 +546,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.3.15} +- {name: IMAGE_TAG_MANAGER, value: v3.3.16} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -570,7 +570,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.3.15} +- {name: IMAGE_TAG_LISTENER, value: v3.3.16} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -591,7 +591,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.15} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.16} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -616,7 +616,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.15} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.16} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -639,7 +639,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.3.15} +- {name: IMAGE_TAG_JOBS, value: v3.3.16} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -683,7 +683,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.15} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.16} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -714,7 +714,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.3.15} +- {name: IMAGE_TAG_ADMIN, value: v3.3.16} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index a030bca98..9a4c1211a 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.15" + "version": "v3.3.16" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index c8133ccb2..294d7d709 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.15" + "version": "v3.3.16" }, "servers": [ { From b64009ad00b8c0e179d1cb011311d712fe9574b7 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Tue, 4 Jul 2023 16:24:10 +0200 Subject: [PATCH 120/268] SPM-2135: fix sap system test --- manager/controllers/packages_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manager/controllers/packages_test.go b/manager/controllers/packages_test.go index f44cfe5f7..7c209f2d3 100644 --- a/manager/controllers/packages_test.go +++ b/manager/controllers/packages_test.go @@ -58,7 +58,7 @@ func TestPackagesFilterSummary(t *testing.T) { } func TestPackagesFilterSAP(t *testing.T) { - output := doTestPackages(t, "/?filter[system_profile][is_sap][eq]=true") + output := doTestPackages(t, "/?filter[system_profile][sap_system]=true") assert.Equal(t, 4, len(output.Data)) assert.Equal(t, "kernel", output.Data[3].Name) assert.Equal(t, 2, output.Data[3].SystemsInstalled) From 7921f5b959154e9c7eebd253b23a0a4f1043435d Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Tue, 4 Jul 2023 16:38:42 +0200 Subject: [PATCH 121/268] SPM-2135: add baseline_id and osversion into /package/systems --- docs/admin/openapi.json | 8 ++++---- docs/v3/openapi.json | 9 +++++++++ manager/controllers/package_systems.go | 2 ++ 3 files changed, 15 insertions(+), 4 deletions(-) diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 9a4c1211a..b4bc73899 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -81,7 +81,7 @@ ], "responses": { "200": { - "description": "", + "description": "OK", "content": {} }, "500": { @@ -123,7 +123,7 @@ ], "responses": { "200": { - "description": "", + "description": "OK", "content": {} }, "500": { @@ -165,7 +165,7 @@ ], "responses": { "200": { - "description": "", + "description": "OK", "content": {} }, "500": { @@ -207,7 +207,7 @@ ], "responses": { "200": { - "description": "", + "description": "OK", "content": {} }, "500": { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 294d7d709..9653125c4 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -6066,6 +6066,9 @@ "available_evra": { "type": "string" }, + "baseline_id": { + "type": "integer" + }, "baseline_name": { "type": "string" }, @@ -6081,6 +6084,12 @@ "installed_evra": { "type": "string" }, + "os": { + "type": "string" + }, + "rhsm": { + "type": "string" + }, "tags": { "type": "array", "items": { diff --git a/manager/controllers/package_systems.go b/manager/controllers/package_systems.go index 94155671f..61b186f08 100644 --- a/manager/controllers/package_systems.go +++ b/manager/controllers/package_systems.go @@ -40,6 +40,8 @@ type PackageSystemItemV2 struct { //nolint:lll type PackageSystemItemV3 struct { PackageSystemItemCommon + BaselineIDAttr + OSAttributes UpdateStatus string `json:"update_status" csv:"update_status" query:"update_status(spkg.update_data)" gorm:"column:update_status"` } From b1b2f5918faba39640e69721ee9fa0e60216feb7 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Tue, 4 Jul 2023 16:40:42 +0200 Subject: [PATCH 122/268] SPM-2135: update tests for /package/systems --- dev/test_data.sql | 9 +++++++-- manager/controllers/package_systems_export_test.go | 10 +++++----- manager/controllers/package_systems_test.go | 4 ++-- manager/controllers/packages_export_test.go | 2 +- manager/controllers/systems_auth_test.go | 2 +- manager/controllers/systems_ids_test.go | 2 +- manager/controllers/systems_test.go | 2 +- tasks/system_culling/system_culling_test.go | 2 +- tasks/vmaas_sync/metrics_test.go | 2 +- 9 files changed, 20 insertions(+), 15 deletions(-) diff --git a/dev/test_data.sql b/dev/test_data.sql index 3b4ec085e..a9a6b7a62 100644 --- a/dev/test_data.sql +++ b/dev/test_data.sql @@ -19,7 +19,8 @@ INSERT INTO rh_account (id, name, org_id) VALUES INSERT INTO baseline (id, rh_account_id, name, config, description) VALUES (1, 1, 'baseline_1-1', '{"to_time": "2010-09-22T00:00:00+00:00"}', 'desc'), (2, 1, 'baseline_1-2', '{"to_time": "2021-01-01T00:00:00+00:00"}', NULL), -(3, 1, 'baseline_1-3', '{"to_time": "2000-01-01T00:00:00+00:00"}', NULL); +(3, 1, 'baseline_1-3', '{"to_time": "2000-01-01T00:00:00+00:00"}', NULL), +(4, 3, 'baseline_3-4', '{"to_time": "2000-01-01T00:00:00+00:00"}', NULL); INSERT INTO system_platform (id, inventory_id, display_name, rh_account_id, reporter_id, vmaas_json, json_checksum, last_evaluation, last_upload, packages_installed, packages_updatable, third_party, baseline_id, baseline_uptodate) VALUES (1, '00000000-0000-0000-0000-000000000001','00000000-0000-0000-0000-000000000001', 1, 1, '{ "package_list": [ "kernel-2.6.32-696.20.1.el6.x86_64" ], "repository_list": [ "rhel-6-server-rpms" ] }', '1', '2018-09-22 12:00:00-04', '2020-09-22 12:00:00-04',0,0, true, 1, true), @@ -45,6 +46,9 @@ INSERT INTO system_platform (id, inventory_id, display_name, rh_account_id, vma (15, '00000000-0000-0000-0000-000000000015','00000000-0000-0000-0000-000000000015', 3, '{ "package_list": [ "kernel-2.6.32-696.20.1.el6.x86_64" ], "repository_list": [ "rhel-6-server-rpms" ] }', '1', '2018-09-22 12:00:00-04', '2018-01-22 12:00:00-04', 0,0, '{"update_list": {"suricata-6.0.3-2.fc35.i686": {"available_updates": [{"erratum": "RHSA-2021:3801", "basearch": "i686", "releasever": "ser1", "repository": "group_oisf:suricata-6.0", "package": "suricata-6.0.4-2.fc35.i686"}]}}, "basearch": "i686", "releasever": "ser1"}'); +INSERT INTO system_platform (id, inventory_id, display_name, rh_account_id, vmaas_json, json_checksum, last_evaluation, last_upload, packages_installed, packages_updatable, yum_updates, baseline_id) VALUES +(16, '00000000-0000-0000-0000-000000000016','00000000-0000-0000-0000-000000000016', 3, '{ "package_list": [ "kernel-2.6.32-696.20.1.el6.x86_64" ], "repository_list": [ "rhel-6-server-rpms" ] }', '1', '2018-09-22 12:00:00-04', '2018-01-22 12:00:00-04', 1,0, NULL, 4); + INSERT INTO advisory_metadata (id, name, description, synopsis, summary, solution, advisory_type_id, public_date, modified_date, url, severity_id, cve_list, release_versions) VALUES (1, 'RH-1', 'adv-1-des', 'adv-1-syn', 'adv-1-sum', 'adv-1-sol', 1, '2016-09-22 12:00:00-04', '2017-09-22 12:00:00-04', 'url1', NULL, NULL, '["7.0","7Server"]'), @@ -155,7 +159,8 @@ INSERT INTO system_package (rh_account_id, system_id, package_id, name_id, updat (3, 13, 1, 101, null), (3, 13, 2, 102, '[{"evra": "76.0.1-1.fc31.x86_64", "advisory": "RH-2", "status": "Installable"},{"evra": "77.0.1-1.fc31.x86_64", "advisory": "RH-1", "status": "Applicable"}]'), (3, 13, 3, 103, null), -(3, 13, 4, 104, null); +(3, 13, 4, 104, null), +(3, 16, 1, 101, '[{"evra": "5.10.13-200.fc31.x86_64", "advisory": "RH-100", "status": "Installable"}]'); INSERT INTO timestamp_kv (name, value) VALUES ('last_eval_repo_based', '2018-04-05T01:23:45+02:00'); diff --git a/manager/controllers/package_systems_export_test.go b/manager/controllers/package_systems_export_test.go index 8657675b0..efb03ccd3 100644 --- a/manager/controllers/package_systems_export_test.go +++ b/manager/controllers/package_systems_export_test.go @@ -17,7 +17,7 @@ func TestPackageSystemsExportHandlerJSON(t *testing.T) { var output []PackageSystemItemV3 CheckResponse(t, w, http.StatusOK, &output) - assert.Equal(t, 2, len(output)) + assert.Equal(t, 3, len(output)) assert.Equal(t, "00000000-0000-0000-0000-000000000012", output[0].ID) assert.Equal(t, "5.6.13-200.fc31.x86_64", output[0].InstalledEVRA) assert.Equal(t, "5.10.13-200.fc31.x86_64", output[0].AvailableEVRA) @@ -35,15 +35,15 @@ func TestPackageSystemsExportHandlerCSV(t *testing.T) { body := w.Body.String() lines := strings.Split(body, "\n") - assert.Equal(t, 4, len(lines)) + assert.Equal(t, 5, len(lines)) assert.Equal(t, "id,display_name,installed_evra,available_evra,updatable,tags,"+ - "baseline_name,baseline_uptodate,update_status", lines[0]) + "baseline_name,baseline_uptodate,baseline_id,os,rhsm,update_status", lines[0]) assert.Equal(t, "00000000-0000-0000-0000-000000000012,00000000-0000-0000-0000-000000000012,"+ "5.6.13-200.fc31.x86_64,5.10.13-200.fc31.x86_64,true,"+ - "\"[{'key':'k1','namespace':'ns1','value':'val1'}]\",,,Installable", + "\"[{'key':'k1','namespace':'ns1','value':'val1'}]\",,,0,RHEL 8.1,8.1,Installable", lines[1]) assert.Equal(t, "00000000-0000-0000-0000-000000000013,00000000-0000-0000-0000-000000000013,"+ - "5.6.13-200.fc31.x86_64,,false,\"[{'key':'k1','namespace':'ns1','value':'val1'}]\",,,None", lines[2]) + "5.6.13-200.fc31.x86_64,,false,\"[{'key':'k1','namespace':'ns1','value':'val1'}]\",,,0,RHEL 8.2,8.2,None", lines[2]) } func TestPackageSystemsExportInvalidName(t *testing.T) { diff --git a/manager/controllers/package_systems_test.go b/manager/controllers/package_systems_test.go index 7a7968272..67e1a97a8 100644 --- a/manager/controllers/package_systems_test.go +++ b/manager/controllers/package_systems_test.go @@ -12,7 +12,7 @@ import ( func TestPackageSystems(t *testing.T) { output := testPackageSystems(t, "/kernel/systems?sort=id", 3) - assert.Equal(t, 2, len(output.Data)) + assert.Equal(t, 3, len(output.Data)) assert.Equal(t, "00000000-0000-0000-0000-000000000012", output.Data[0].ID) assert.Equal(t, "00000000-0000-0000-0000-000000000012", output.Data[0].DisplayName) assert.Equal(t, "5.6.13-200.fc31.x86_64", output.Data[0].InstalledEVRA) @@ -24,7 +24,7 @@ func TestPackageSystems(t *testing.T) { func TestPackageIDsSystems(t *testing.T) { output := testPackageIDsSystems(t, "/kernel/systems?sort=id", 3) - assert.Equal(t, 2, len(output.IDs)) + assert.Equal(t, 3, len(output.IDs)) assert.Equal(t, "00000000-0000-0000-0000-000000000012", output.IDs[0]) } diff --git a/manager/controllers/packages_export_test.go b/manager/controllers/packages_export_test.go index 8bf0f096f..ea2882a1d 100644 --- a/manager/controllers/packages_export_test.go +++ b/manager/controllers/packages_export_test.go @@ -30,5 +30,5 @@ func TestPackageExportCSV(t *testing.T) { assert.Equal(t, 6, len(lines)) assert.Equal(t, "name,summary,systems_installed,systems_installable,systems_applicable", lines[0]) - assert.Equal(t, "kernel,The Linux kernel,2,1,1", lines[1]) + assert.Equal(t, "kernel,The Linux kernel,3,2,2", lines[1]) } diff --git a/manager/controllers/systems_auth_test.go b/manager/controllers/systems_auth_test.go index 0e639d507..7ad9984e2 100644 --- a/manager/controllers/systems_auth_test.go +++ b/manager/controllers/systems_auth_test.go @@ -21,6 +21,6 @@ func TestMissingAccount(t *testing.T) { testAccountSystemCounts(t, 0, 0) testAccountSystemCounts(t, 1, 8) testAccountSystemCounts(t, 2, 3) - testAccountSystemCounts(t, 3, 4) + testAccountSystemCounts(t, 3, 5) testAccountSystemCounts(t, 4, 0) } diff --git a/manager/controllers/systems_ids_test.go b/manager/controllers/systems_ids_test.go index faba9811d..73d13e086 100644 --- a/manager/controllers/systems_ids_test.go +++ b/manager/controllers/systems_ids_test.go @@ -94,7 +94,7 @@ func TestSystemsIDsWorkloads3(t *testing.T) { func TestSystemsIDsPackagesCount(t *testing.T) { output := testSystemsIDs(t, "/?sort=-packages_installed,id", 3) - assert.Equal(t, 4, len(output.IDs)) + assert.Equal(t, 5, len(output.IDs)) assert.Equal(t, "00000000-0000-0000-0000-000000000012", output.IDs[0]) } diff --git a/manager/controllers/systems_test.go b/manager/controllers/systems_test.go index ab627c674..847ade431 100644 --- a/manager/controllers/systems_test.go +++ b/manager/controllers/systems_test.go @@ -133,7 +133,7 @@ func TestSystemsWorkloads3(t *testing.T) { func TestSystemsPackagesCount(t *testing.T) { output := testSystems(t, "/?sort=-packages_installed,id", 3) - assert.Equal(t, 4, len(output.Data)) + assert.Equal(t, 5, len(output.Data)) assert.Equal(t, "00000000-0000-0000-0000-000000000012", output.Data[0].ID) assert.Equal(t, "system", output.Data[0].Type) assert.Equal(t, "00000000-0000-0000-0000-000000000012", output.Data[0].Attributes.DisplayName) diff --git a/tasks/system_culling/system_culling_test.go b/tasks/system_culling/system_culling_test.go index 1470d3eb9..1d395715f 100644 --- a/tasks/system_culling/system_culling_test.go +++ b/tasks/system_culling/system_culling_test.go @@ -90,7 +90,7 @@ func TestMarkSystemsStale(t *testing.T) { } nMarked, err := markSystemsStale(database.Db, 500) assert.Nil(t, err) - assert.Equal(t, 15, nMarked) + assert.Equal(t, 16, nMarked) assert.NoError(t, database.Db.Find(&systems).Error) for i, s := range systems { diff --git a/tasks/vmaas_sync/metrics_test.go b/tasks/vmaas_sync/metrics_test.go index 0297793ae..3356cbf43 100644 --- a/tasks/vmaas_sync/metrics_test.go +++ b/tasks/vmaas_sync/metrics_test.go @@ -29,7 +29,7 @@ func TestSystemsCounts(t *testing.T) { assert.Equal(t, 2, counts[systemsCntLabels{staleOff, lastUploadLast1D}]) assert.Equal(t, 5, counts[systemsCntLabels{staleOff, lastUploadLast7D}]) assert.Equal(t, 8, counts[systemsCntLabels{staleOff, lastUploadLast30D}]) - assert.Equal(t, 15, counts[systemsCntLabels{staleOff, lastUploadAll}]) + assert.Equal(t, 16, counts[systemsCntLabels{staleOff, lastUploadAll}]) assert.Equal(t, 0, counts[systemsCntLabels{staleOn, lastUploadLast1D}]) assert.Equal(t, 0, counts[systemsCntLabels{staleOn, lastUploadLast7D}]) assert.Equal(t, 0, counts[systemsCntLabels{staleOn, lastUploadLast30D}]) From c1a8cbb53bc38b32db922841d3eb912aae98f204 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Mon, 10 Jul 2023 14:38:47 +0000 Subject: [PATCH 123/268] v3.3.17 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index b4e93319b..03eba87ef 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.3.16 +v3.3.17 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 08e19008d..e8c02d0f4 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -546,7 +546,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.3.16} +- {name: IMAGE_TAG_MANAGER, value: v3.3.17} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -570,7 +570,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.3.16} +- {name: IMAGE_TAG_LISTENER, value: v3.3.17} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -591,7 +591,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.16} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.17} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -616,7 +616,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.16} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.17} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -639,7 +639,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.3.16} +- {name: IMAGE_TAG_JOBS, value: v3.3.17} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -683,7 +683,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.16} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.17} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -714,7 +714,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.3.16} +- {name: IMAGE_TAG_ADMIN, value: v3.3.17} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index b4bc73899..139f2d349 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.16" + "version": "v3.3.17" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 9653125c4..7c7fcf8af 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.16" + "version": "v3.3.17" }, "servers": [ { From b97fcf53f252907ff39719b3941199550de066f6 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 10 Jul 2023 12:28:33 +0200 Subject: [PATCH 124/268] SPM-2130: update gin-gonic --- go.mod | 14 +++++++------- go.sum | 28 ++++++++++++++-------------- 2 files changed, 21 insertions(+), 21 deletions(-) diff --git a/go.mod b/go.mod index 1c5f32de0..531c925ae 100644 --- a/go.mod +++ b/go.mod @@ -28,7 +28,7 @@ require ( github.com/swaggo/gin-swagger v1.6.0 github.com/zsais/go-gin-prometheus v0.1.0 go.uber.org/automaxprocs v1.5.2 - golang.org/x/net v0.10.0 + golang.org/x/net v0.12.0 gorm.io/driver/postgres v1.5.2 gorm.io/gorm v1.25.1 modernc.org/strutil v1.1.3 @@ -37,7 +37,7 @@ require ( require ( github.com/KyleBanks/depth v1.2.1 // indirect github.com/beorn7/perks v1.0.1 // indirect - github.com/bytedance/sonic v1.9.1 // indirect + github.com/bytedance/sonic v1.9.2 // indirect github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 // indirect github.com/davecgh/go-spew v1.1.1 // indirect @@ -85,12 +85,12 @@ require ( github.com/xdg-go/scram v1.1.2 // indirect github.com/xdg-go/stringprep v1.0.4 // indirect go.uber.org/atomic v1.11.0 // indirect - golang.org/x/arch v0.3.0 // indirect - golang.org/x/crypto v0.9.0 // indirect - golang.org/x/sys v0.8.0 // indirect - golang.org/x/text v0.9.0 // indirect + golang.org/x/arch v0.4.0 // indirect + golang.org/x/crypto v0.11.0 // indirect + golang.org/x/sys v0.10.0 // indirect + golang.org/x/text v0.11.0 // indirect golang.org/x/tools v0.9.3 // indirect - google.golang.org/protobuf v1.30.0 // indirect + google.golang.org/protobuf v1.31.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index b421b5b44..715989615 100644 --- a/go.sum +++ b/go.sum @@ -10,8 +10,8 @@ github.com/aws/aws-sdk-go v1.44.280/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8 github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/bytedance/sonic v1.5.0/go.mod h1:ED5hyg4y6t3/9Ku1R6dU/4KyJ48DZ4jPhfY1O2AihPM= -github.com/bytedance/sonic v1.9.1 h1:6iJ6NqdoxCDr6mbY8h18oSO+cShGSMRGCEo7F2h0x8s= -github.com/bytedance/sonic v1.9.1/go.mod h1:i736AoUSYt75HyZLoJW9ERYxcy6eaN6h4BZXU064P/U= +github.com/bytedance/sonic v1.9.2 h1:GDaNjuWSGu09guE9Oql0MSTNhNCLlWwO8y/xM5BzcbM= +github.com/bytedance/sonic v1.9.2/go.mod h1:i736AoUSYt75HyZLoJW9ERYxcy6eaN6h4BZXU064P/U= github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chenzhuoyu/base64x v0.0.0-20211019084208-fb5309c8db06/go.mod h1:DH46F32mSOjUmXrMHnKwZdA8wcEefY7UVqBKYGjpdQY= @@ -278,15 +278,15 @@ go.uber.org/automaxprocs v1.5.2/go.mod h1:eRbA25aqJrxAbsLO0xy5jVwPt7FQnRgjW+efnw go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8= -golang.org/x/arch v0.3.0 h1:02VY4/ZcO/gBOH6PUaoiptASxtXU10jazRCP865E97k= -golang.org/x/arch v0.3.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8= +golang.org/x/arch v0.4.0 h1:A8WCeEWhLwPBKNbFi5Wv5UTCBx5zzubnXDlMOFAzFMc= +golang.org/x/arch v0.4.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.9.0 h1:LF6fAI+IutBocDJ2OT0Q1g8plpYljMZ4+lty+dsqw3g= -golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0= +golang.org/x/crypto v0.11.0 h1:6Ewdq3tDic1mg5xRO4milcWCfMVQhI4NkqWWvqejpuA= +golang.org/x/crypto v0.11.0/go.mod h1:xgJhtzW8F9jGdVFWZESrid1U1bjeNy4zgy5cRr/CIio= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.10.0 h1:lFO9qtOdlre5W1jxS3r/4szv2/6iXxScdzjoBMXNhYk= @@ -301,8 +301,8 @@ golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M= -golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= +golang.org/x/net v0.12.0 h1:cfawfvKITfUsFCeJIHJrbSxpeu/E81khclypR0GVT50= +golang.org/x/net v0.12.0/go.mod h1:zEVYFnQC7m/vmpQFELhcD1EWkZlX69l4oqgmer6hfKA= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -330,8 +330,8 @@ golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU= -golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.10.0 h1:SqMFp9UcQJZa+pmYuAKjd9xq1f0j5rLcDIk0mj4qAsA= +golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= @@ -344,8 +344,8 @@ golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE= -golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= +golang.org/x/text v0.11.0 h1:LAntKIrcmeSKERyiOh0XMV39LXS8IE9UL2yP7+f5ij4= +golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= @@ -365,8 +365,8 @@ google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng= -google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= +google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= From a7e18c0311d1b2deb918a82c8e6c8070cecff945 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Tue, 11 Jul 2023 09:21:59 +0000 Subject: [PATCH 125/268] v3.3.18 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 03eba87ef..33dda67f6 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.3.17 +v3.3.18 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index e8c02d0f4..4b1afecd0 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -546,7 +546,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.3.17} +- {name: IMAGE_TAG_MANAGER, value: v3.3.18} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -570,7 +570,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.3.17} +- {name: IMAGE_TAG_LISTENER, value: v3.3.18} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -591,7 +591,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.17} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.18} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -616,7 +616,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.17} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.18} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -639,7 +639,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.3.17} +- {name: IMAGE_TAG_JOBS, value: v3.3.18} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -683,7 +683,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.17} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.18} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -714,7 +714,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.3.17} +- {name: IMAGE_TAG_ADMIN, value: v3.3.18} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 139f2d349..598c2762a 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.17" + "version": "v3.3.18" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 7c7fcf8af..ebb4058e4 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.17" + "version": "v3.3.18" }, "servers": [ { From 3f4478dd13e69ea2bbcd1e10e498fce68840940e Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Tue, 11 Jul 2023 11:51:29 +0200 Subject: [PATCH 126/268] RHINENG-1162: add missing read replica envs for package refresh job --- deploy/clowdapp.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 4b1afecd0..88067d343 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -411,6 +411,11 @@ objects: - {name: DB_USER, value: vmaas_sync} - {name: DB_PASSWD, valueFrom: {secretKeyRef: {name: patchman-engine-database-passwords, key: vmaas-sync-database-password}}} + - {name: DB_HOST_READ_REPLICA, valueFrom: {secretKeyRef: {key: db.host, + name: patchman-db-readonly}}} + - {name: DB_PORT_READ_REPLICA, valueFrom: {secretKeyRef: {key: db.port, + name: patchman-db-readonly}}} + - {name: DB_READ_REPLICA_ENABLED, value: '${DB_READ_REPLICA_ENABLED_JOBS}'} - {name: PROMETHEUS_PUSHGATEWAY,value: '${PROMETHEUS_PUSHGATEWAY}'} - name: advisory-refresh @@ -644,6 +649,7 @@ parameters: - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs - {name: PROMETHEUS_PUSHGATEWAY, required: true, value: "pushgateway"} +- {name: DB_READ_REPLICA_ENABLED_JOBS, value: 'TRUE'} # VMaaS sync - {name: VMAAS_SYNC_SCHEDULE, value: '*/5 * * * *'} # Cronjob schedule definition From 4ad914a5e2f9327a927e91499a8352fa582d77af Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Tue, 11 Jul 2023 12:22:28 +0200 Subject: [PATCH 127/268] run package refresh less often --- deploy/clowdapp.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 88067d343..6df854bd7 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -681,7 +681,7 @@ parameters: - {name: ENABLE_CULLED_SYSTEM_DELETE, value: 'true'} # Enable deleting part of culling method - {name: ENABLE_SYSTEM_STALING, value: 'true'} # Enable marking systems stale of culling method # Cache refresh -- {name: PKG_REFRESH_SCHEDULE, value: '5 11-22 * * *'} # Cronjob schedule definition +- {name: PKG_REFRESH_SCHEDULE, value: '5 11-20/2 * * *'} # Cronjob schedule definition - {name: PKG_REFRESH_SUSPEND, value: 'false'} # Disable cronjob execution - {name: ADVISORY_REFRESH_SCHEDULE, value: '*/15 * * * *'} # Cronjob schedule definition - {name: ADVISORY_REFRESH_SUSPEND, value: 'false'} # Disable cronjob execution From 3a9df7a103c89b55f64197848bb9112a200cc939 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Tue, 11 Jul 2023 13:09:02 +0200 Subject: [PATCH 128/268] log long evaluating systems including db udpate --- evaluator/evaluate.go | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/evaluator/evaluate.go b/evaluator/evaluate.go index ea8e050aa..ae36224dc 100644 --- a/evaluator/evaluate.go +++ b/evaluator/evaluate.go @@ -504,12 +504,14 @@ func updateSystemPlatform(tx *gorm.DB, system *models.SystemPlatform, data["third_party"] = system.ThirdParty } + err := tx.Model(system).Updates(data).Error + now := time.Now() if system.LastUpload.Sub(now) > time.Hour { // log long evaluating systems utils.LogWarn("id", system.InventoryID, "lastUpload", *system.LastUpload, "now", now, "uploadEvaluationDelay") } - return tx.Model(system).Updates(data).Error + return err } func callVMaas(ctx context.Context, request *vmaas.UpdatesV3Request) (*vmaas.UpdatesV2Response, error) { From b611252405f2e27493028b68eddd63bf84e51f9c Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Wed, 12 Jul 2023 20:37:44 +0000 Subject: [PATCH 129/268] v3.3.19 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 33dda67f6..6029c6236 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.3.18 +v3.3.19 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 6df854bd7..63f38ee5f 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -551,7 +551,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.3.18} +- {name: IMAGE_TAG_MANAGER, value: v3.3.19} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -575,7 +575,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.3.18} +- {name: IMAGE_TAG_LISTENER, value: v3.3.19} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -596,7 +596,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.18} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.19} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -621,7 +621,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.18} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.19} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -644,7 +644,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.3.18} +- {name: IMAGE_TAG_JOBS, value: v3.3.19} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -689,7 +689,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.18} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.19} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -720,7 +720,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.3.18} +- {name: IMAGE_TAG_ADMIN, value: v3.3.19} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 598c2762a..517bac371 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.18" + "version": "v3.3.19" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index ebb4058e4..54426bbbf 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.18" + "version": "v3.3.19" }, "servers": [ { From 94799990f47b177d13e25238cff526fffa2a8a66 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Tue, 11 Jul 2023 19:57:53 +0200 Subject: [PATCH 130/268] ESSNTL-4817: set inventory groups to gin context --- base/rbac/rbac.go | 21 ++++++++++- manager/middlewares/rbac.go | 48 ++++++++++++++++++++++- manager/middlewares/rbac_test.go | 65 ++++++++++++++++++++++++++++++++ 3 files changed, 132 insertions(+), 2 deletions(-) diff --git a/base/rbac/rbac.go b/base/rbac/rbac.go index 1f0875515..52beb4cb0 100644 --- a/base/rbac/rbac.go +++ b/base/rbac/rbac.go @@ -1,9 +1,28 @@ package rbac +const KeyGrouped = "grouped" +const KeyUngrouped = "ungrouped" + type AccessPagination struct { Data []Access `json:"data"` } type Access struct { - Permission string `json:"permission"` + Permission string `json:"permission"` + ResourceDefinitions []ResourceDefinition `json:"resourceDefinitions"` +} + +type ResourceDefinition struct { + AttributeFilter AttributeFilter `json:"attributeFilter"` +} + +type AttributeFilter struct { + Key string `json:"key"` + Value []*string `json:"value"` +} + +type InventoryGroupID struct { + ID string `json:"id"` } + +type InventoryGroup []InventoryGroupID diff --git a/manager/middlewares/rbac.go b/manager/middlewares/rbac.go index 1b96b4dbf..74a16699c 100644 --- a/manager/middlewares/rbac.go +++ b/manager/middlewares/rbac.go @@ -5,6 +5,8 @@ import ( "app/base/api" "app/base/rbac" "app/base/utils" + "encoding/json" + "fmt" "net/http" "os" "strconv" @@ -20,6 +22,7 @@ var ( ) const xRHIdentity = "x-rh-identity" +const KeyInventoryGroups = "inventoryGroups" var allPerms = "patch:*:*" var readPerms = map[string]bool{allPerms: true, "patch:*:read": true} @@ -110,7 +113,50 @@ func isAccessGranted(c *gin.Context) bool { nameSplitted := strings.Split(c.HandlerName(), ".") handlerName := nameSplitted[len(nameSplitted)-1] - return checkPermissions(&access, handlerName, c.Request.Method) + granted := checkPermissions(&access, handlerName, c.Request.Method) + if granted { + // collect inventory groups + c.Set(KeyInventoryGroups, findInventoryGroups(&access)) + } + return granted +} + +func findInventoryGroups(access *rbac.AccessPagination) map[string]string { + res := make(map[string]string) + + if len(access.Data) == 0 { + return res + } + groups := []string{} + for _, a := range access.Data { + if a.Permission != "inventory:hosts:read" { + continue + } + + for _, rd := range a.ResourceDefinitions { + if rd.AttributeFilter.Key != "group.id" { + continue + } + for _, v := range rd.AttributeFilter.Value { + if v == nil { + res[rbac.KeyUngrouped] = "[]" + continue + } + group := rbac.InventoryGroup{{ID: *v}} + groupJSON, err := json.Marshal(&group) + if err != nil { + utils.LogError("group", group, "err", err.Error(), "Cannot Marshal Inventory group") + continue + } + groups = append(groups, strconv.Quote(string(groupJSON))) + } + } + } + + if len(groups) > 0 { + res[rbac.KeyGrouped] = fmt.Sprintf("{%s}", strings.Join(groups, ",")) + } + return res } func RBAC() gin.HandlerFunc { diff --git a/manager/middlewares/rbac_test.go b/manager/middlewares/rbac_test.go index 91c18e222..fb7133198 100644 --- a/manager/middlewares/rbac_test.go +++ b/manager/middlewares/rbac_test.go @@ -224,3 +224,68 @@ func TestPermissionsRead(t *testing.T) { } assert.False(t, checkPermissions(&access, handler, "GET")) } + +func TestFindInventoryGroupsGrouped(t *testing.T) { + group1 := "df57820e-965c-49a6-b0bc-797b7dd60581" + access := &rbac.AccessPagination{ + Data: []rbac.Access{{ + Permission: "inventory:hosts:read", + ResourceDefinitions: []rbac.ResourceDefinition{{ + AttributeFilter: rbac.AttributeFilter{ + Key: "group.id", + Value: []*string{&group1}, + }, + }}, + }}, + } + groups := findInventoryGroups(access) + assert.Equal(t, + `{"[{\"id\":\"df57820e-965c-49a6-b0bc-797b7dd60581\"}]"}`, + groups[rbac.KeyGrouped], + ) + val, ok := groups[rbac.KeyUngrouped] + assert.Equal(t, "", val) + assert.Equal(t, false, ok) +} + +func TestFindInventoryGroupsUnrouped(t *testing.T) { + access := &rbac.AccessPagination{ + Data: []rbac.Access{{ + Permission: "inventory:hosts:read", + ResourceDefinitions: []rbac.ResourceDefinition{{ + AttributeFilter: rbac.AttributeFilter{ + Key: "group.id", + Value: []*string{nil}, + }, + }}, + }}, + } + groups := findInventoryGroups(access) + val, ok := groups[rbac.KeyGrouped] + assert.Equal(t, "", val) + assert.Equal(t, false, ok) + assert.Equal(t, "[]", groups[rbac.KeyUngrouped]) +} + +// nolint:lll +func TestFindInventoryGroups(t *testing.T) { + group1 := "df57820e-965c-49a6-b0bc-797b7dd60581" + group2 := "df3f0efd-c853-41b5-80a1-86881d5343d1" + access := &rbac.AccessPagination{ + Data: []rbac.Access{{ + Permission: "inventory:hosts:read", + ResourceDefinitions: []rbac.ResourceDefinition{{ + AttributeFilter: rbac.AttributeFilter{ + Key: "group.id", + Value: []*string{&group1, &group2, nil}, + }, + }}, + }}, + } + groups := findInventoryGroups(access) + assert.Equal(t, + `{"[{\"id\":\"df57820e-965c-49a6-b0bc-797b7dd60581\"}]","[{\"id\":\"df3f0efd-c853-41b5-80a1-86881d5343d1\"}]"}`, + groups[rbac.KeyGrouped], + ) + assert.Equal(t, "[]", groups[rbac.KeyUngrouped]) +} From 5970c35b4278e0b366639110d863156bf383882e Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Thu, 13 Jul 2023 12:13:58 +0200 Subject: [PATCH 131/268] ESSNTL-4817: use inventory groups in queries --- base/database/utils.go | 32 ++++++++++++++----- manager/controllers/advisories.go | 12 ++++--- manager/controllers/advisories_export.go | 3 +- manager/controllers/advisory_systems.go | 9 +++--- .../controllers/advisory_systems_export.go | 6 ++-- manager/controllers/baseline_systems.go | 23 +++++++------ .../controllers/baseline_systems_export.go | 3 +- manager/controllers/baselines.go | 9 +++--- manager/controllers/package_systems.go | 9 +++--- manager/controllers/package_systems_export.go | 3 +- manager/controllers/package_versions.go | 7 ++-- manager/controllers/packages.go | 9 +++--- manager/controllers/packages_export.go | 3 +- manager/controllers/system_advisories.go | 7 ++-- .../controllers/system_advisories_export.go | 3 +- manager/controllers/system_detail.go | 4 +-- manager/controllers/system_packages.go | 7 ++-- manager/controllers/system_packages_export.go | 3 +- manager/controllers/systems.go | 8 ++--- .../controllers/systems_advisories_view.go | 18 +++++++---- manager/controllers/systems_export.go | 3 +- manager/controllers/systemtags.go | 4 +-- 22 files changed, 112 insertions(+), 73 deletions(-) diff --git a/base/database/utils.go b/base/database/utils.go index e6116c0c6..15a773503 100644 --- a/base/database/utils.go +++ b/base/database/utils.go @@ -2,6 +2,7 @@ package database import ( "app/base/models" + "app/base/rbac" "app/base/types" "app/base/utils" "errors" @@ -16,12 +17,13 @@ import ( "gorm.io/gorm" ) -func Systems(tx *gorm.DB, accountID int) *gorm.DB { - return tx.Table("system_platform sp").Where("sp.rh_account_id = ?", accountID) +func Systems(tx *gorm.DB, accountID int, groups map[string]string) *gorm.DB { + tx = tx.Table("system_platform sp").Where("sp.rh_account_id = ?", accountID) + return InventoryHostsJoin(tx, groups) } -func SystemAdvisories(tx *gorm.DB, accountID int) *gorm.DB { - return Systems(tx, accountID). +func SystemAdvisories(tx *gorm.DB, accountID int, groups map[string]string) *gorm.DB { + return Systems(tx, accountID, groups). Joins("JOIN system_advisories sa on sa.system_id = sp.id AND sa.rh_account_id = ?", accountID) } @@ -30,8 +32,8 @@ func SystemPackagesShort(tx *gorm.DB, accountID int) *gorm.DB { Where("spkg.rh_account_id = ?", accountID) } -func SystemPackages(tx *gorm.DB, accountID int) *gorm.DB { - return Systems(tx, accountID). +func SystemPackages(tx *gorm.DB, accountID int, groups map[string]string) *gorm.DB { + return Systems(tx, accountID, groups). Joins("JOIN system_package spkg on spkg.system_id = sp.id AND spkg.rh_account_id = ?", accountID). Joins("JOIN package p on p.id = spkg.package_id"). Joins("JOIN package_name pn on pn.id = spkg.name_id") @@ -49,8 +51,8 @@ func PackageByName(tx *gorm.DB, pkgName string) *gorm.DB { return Packages(tx).Where("pn.name = ?", pkgName) } -func SystemAdvisoriesByInventoryID(tx *gorm.DB, accountID int, inventoryID string) *gorm.DB { - return SystemAdvisories(tx, accountID).Where("sp.inventory_id = ?::uuid", inventoryID) +func SystemAdvisoriesByInventoryID(tx *gorm.DB, accountID int, groups map[string]string, inventoryID string) *gorm.DB { + return SystemAdvisories(tx, accountID, groups).Where("sp.inventory_id = ?::uuid", inventoryID) } func SystemAdvisoriesBySystemID(tx *gorm.DB, accountID int, systemID int64) *gorm.DB { @@ -216,3 +218,17 @@ func DBWait(waitForDB string) { func ReadReplicaConfigured() bool { return len(utils.Cfg.DBReadReplicaHost) > 0 && utils.Cfg.DBReadReplicaPort != 0 } + +func InventoryHostsJoin(tx *gorm.DB, groups map[string]string) *gorm.DB { + tx = tx.Joins("JOIN inventory.hosts ih ON ih.id = sp.inventory_id") + if _, ok := groups[rbac.KeyGrouped]; !ok { + // return query without WHERE if there are no groups + return tx + } + + tx = tx.Where("ih.groups @> ANY (?::jsonb[])", groups[rbac.KeyGrouped]) + if _, ok := groups[rbac.KeyUngrouped]; ok { + tx = tx.Or("ih.groups = '[]'") + } + return tx.Where(tx) +} diff --git a/manager/controllers/advisories.go b/manager/controllers/advisories.go index 0139a77a6..f78177656 100644 --- a/manager/controllers/advisories.go +++ b/manager/controllers/advisories.go @@ -119,6 +119,7 @@ type AdvisoriesResponseV3 struct { func advisoriesCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error) { db := middlewares.DBFromContext(c) account := c.GetInt(middlewares.KeyAccount) + groups := c.GetStringMapString(middlewares.KeyInventoryGroups) var query *gorm.DB filters, err := ParseTagsFilters(c) if err != nil { @@ -126,7 +127,7 @@ func advisoriesCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error) { } if disableCachedCounts || HasTags(c) { var err error - query = buildQueryAdvisoriesTagged(db, filters, account) + query = buildQueryAdvisoriesTagged(db, filters, account, groups) if err != nil { return nil, nil, nil, err } // Error handled in method itself @@ -262,8 +263,8 @@ func buildQueryAdvisories(db *gorm.DB, account int) *gorm.DB { return query } -func buildAdvisoryAccountDataQuery(db *gorm.DB, account int) *gorm.DB { - query := database.SystemAdvisories(db, account). +func buildAdvisoryAccountDataQuery(db *gorm.DB, account int, groups map[string]string) *gorm.DB { + query := database.SystemAdvisories(db, account, groups). Select(`sa.advisory_id, sp.rh_account_id as rh_account_id, count(sp.*) filter (where sa.status_id = 0) as systems_installable, count(sp.*) as systems_applicable`). @@ -273,8 +274,9 @@ func buildAdvisoryAccountDataQuery(db *gorm.DB, account int) *gorm.DB { return query } -func buildQueryAdvisoriesTagged(db *gorm.DB, filters map[string]FilterData, account int) *gorm.DB { - subq := buildAdvisoryAccountDataQuery(db, account) +func buildQueryAdvisoriesTagged(db *gorm.DB, filters map[string]FilterData, account int, groups map[string]string, +) *gorm.DB { + subq := buildAdvisoryAccountDataQuery(db, account, groups) subq, _ = ApplyTagsFilter(filters, subq, "sp.inventory_id") query := db.Table("advisory_metadata am"). diff --git a/manager/controllers/advisories_export.go b/manager/controllers/advisories_export.go index d6c14b2c4..e318e838f 100644 --- a/manager/controllers/advisories_export.go +++ b/manager/controllers/advisories_export.go @@ -28,6 +28,7 @@ import ( // @Router /export/advisories [get] func AdvisoriesExportHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) + groups := c.GetStringMapString(middlewares.KeyInventoryGroups) filters, err := ParseTagsFilters(c) if err != nil { return @@ -36,7 +37,7 @@ func AdvisoriesExportHandler(c *gin.Context) { var query *gorm.DB if disableCachedCounts || HasTags(c) { var err error - query = buildQueryAdvisoriesTagged(db, filters, account) + query = buildQueryAdvisoriesTagged(db, filters, account, groups) if err != nil { return } // Error handled in method itself diff --git a/manager/controllers/advisory_systems.go b/manager/controllers/advisory_systems.go index c599058d6..09dd6a15f 100644 --- a/manager/controllers/advisory_systems.go +++ b/manager/controllers/advisory_systems.go @@ -35,6 +35,7 @@ var AdvisorySystemOpts = ListOpts{ func advisorySystemsCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error) { account := c.GetInt(middlewares.KeyAccount) apiver := c.GetInt(middlewares.KeyApiver) + groups := c.GetStringMapString(middlewares.KeyInventoryGroups) advisoryName := c.Param("advisory_id") if advisoryName == "" { @@ -56,7 +57,7 @@ func advisorySystemsCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error return nil, nil, nil, err } - query := buildAdvisorySystemsQuery(db, account, advisoryName, apiver) + query := buildAdvisorySystemsQuery(db, account, groups, advisoryName, apiver) filters, err := ParseTagsFilters(c) if err != nil { return nil, nil, nil, err @@ -205,15 +206,15 @@ func AdvisorySystemsListIDsHandler(c *gin.Context) { c.JSON(http.StatusOK, &resp) } -func buildAdvisorySystemsQuery(db *gorm.DB, account int, advisoryName string, apiver int) *gorm.DB { +func buildAdvisorySystemsQuery(db *gorm.DB, account int, groups map[string]string, advisoryName string, apiver int, +) *gorm.DB { selectQuery := AdvisorySystemsSelect if apiver < 3 { selectQuery = SystemsSelectV2 } - query := database.SystemAdvisories(db, account). + query := database.SystemAdvisories(db, account, groups). Select(selectQuery). Joins("JOIN advisory_metadata am ON am.id = sa.advisory_id"). - Joins("JOIN inventory.hosts ih ON ih.id = sp.inventory_id"). Joins("LEFT JOIN status st ON sa.status_id = st.id"). Joins("LEFT JOIN baseline bl ON sp.baseline_id = bl.id AND sp.rh_account_id = bl.rh_account_id"). Where("am.name = ?", advisoryName). diff --git a/manager/controllers/advisory_systems_export.go b/manager/controllers/advisory_systems_export.go index 9f0d449ff..e60cdbcf7 100644 --- a/manager/controllers/advisory_systems_export.go +++ b/manager/controllers/advisory_systems_export.go @@ -38,8 +38,10 @@ import ( // @Router /export/advisories/{advisory_id}/systems [get] func AdvisorySystemsExportHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) - advisoryName := c.Param("advisory_id") apiver := c.GetInt(middlewares.KeyApiver) + groups := c.GetStringMapString(middlewares.KeyInventoryGroups) + + advisoryName := c.Param("advisory_id") if advisoryName == "" { c.JSON(http.StatusBadRequest, utils.ErrorResponse{Error: "advisory_id param not found"}) return @@ -57,7 +59,7 @@ func AdvisorySystemsExportHandler(c *gin.Context) { return } - query := buildAdvisorySystemsQuery(db, account, advisoryName, apiver) + query := buildAdvisorySystemsQuery(db, account, groups, advisoryName, apiver) filters, err := ParseTagsFilters(c) if err != nil { return diff --git a/manager/controllers/baseline_systems.go b/manager/controllers/baseline_systems.go index 818e85a2a..b7296b564 100644 --- a/manager/controllers/baseline_systems.go +++ b/manager/controllers/baseline_systems.go @@ -85,7 +85,7 @@ type BaselineSystemsResponse struct { Meta ListMeta `json:"meta"` } -func queryBaselineSystems(c *gin.Context, account, apiver int) (*gorm.DB, error) { +func queryBaselineSystems(c *gin.Context, account, apiver int, groups map[string]string) (*gorm.DB, error) { baselineID := c.Param("baseline_id") id, err := strconv.ParseInt(baselineID, 10, 64) if err != nil { @@ -106,7 +106,7 @@ func queryBaselineSystems(c *gin.Context, account, apiver int) (*gorm.DB, error) return nil, err } - query := buildQueryBaselineSystems(db, account, id, apiver) + query := buildQueryBaselineSystems(db, account, groups, id, apiver) filters, err := ParseTagsFilters(c) if err != nil { return nil, err @@ -115,8 +115,9 @@ func queryBaselineSystems(c *gin.Context, account, apiver int) (*gorm.DB, error) return query, nil } -func baselineSystemsCommon(c *gin.Context, account, apiver int) (*gorm.DB, *ListMeta, []string, error) { - query, err := queryBaselineSystems(c, account, apiver) +func baselineSystemsCommon(c *gin.Context, account, apiver int, groups map[string]string, +) (*gorm.DB, *ListMeta, []string, error) { + query, err := queryBaselineSystems(c, account, apiver, groups) if err != nil { return nil, nil, nil, err } // Error handled in method itself @@ -159,8 +160,9 @@ func baselineSystemsCommon(c *gin.Context, account, apiver int) (*gorm.DB, *List func BaselineSystemsListHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) apiver := c.GetInt(middlewares.KeyApiver) + groups := c.GetStringMapString(middlewares.KeyInventoryGroups) - query, meta, params, err := baselineSystemsCommon(c, account, apiver) + query, meta, params, err := baselineSystemsCommon(c, account, apiver, groups) if err != nil { return } // Error handled in method itself @@ -213,12 +215,13 @@ func BaselineSystemsListHandler(c *gin.Context) { func BaselineSystemsListIDsHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) apiver := c.GetInt(middlewares.KeyApiver) + groups := c.GetStringMapString(middlewares.KeyInventoryGroups) if apiver < 3 { c.AbortWithStatus(404) return } - query, meta, _, err := baselineSystemsCommon(c, account, apiver) + query, meta, _, err := baselineSystemsCommon(c, account, apiver, groups) if err != nil { return } // Error handled in method itself @@ -238,10 +241,10 @@ func BaselineSystemsListIDsHandler(c *gin.Context) { c.JSON(http.StatusOK, &resp) } -func buildQueryBaselineSystems(db *gorm.DB, account int, baselineID int64, apiver int) *gorm.DB { - query := db.Table("system_platform AS sp"). - Joins("JOIN inventory.hosts ih ON ih.id = sp.inventory_id"). - Where("sp.rh_account_id = ? AND sp.baseline_id = ?", account, baselineID) +func buildQueryBaselineSystems(db *gorm.DB, account int, groups map[string]string, baselineID int64, apiver int, +) *gorm.DB { + query := database.Systems(db, account, groups). + Where("sp.baseline_id = ?", baselineID) if apiver < 3 { query.Select(BaselineSystemSelectV2) } else { diff --git a/manager/controllers/baseline_systems_export.go b/manager/controllers/baseline_systems_export.go index 3873d569e..e1b19cfae 100644 --- a/manager/controllers/baseline_systems_export.go +++ b/manager/controllers/baseline_systems_export.go @@ -34,13 +34,14 @@ import ( func BaselineSystemsExportHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) apiver := c.GetInt(middlewares.KeyApiver) + groups := c.GetStringMapString(middlewares.KeyInventoryGroups) if apiver < 3 { err := fmt.Errorf("endpoint does not exist in v%d API, use API >= v3", apiver) LogAndRespNotFound(c, err, err.Error()) return } - query, err := queryBaselineSystems(c, account, apiver) + query, err := queryBaselineSystems(c, account, apiver, groups) if err != nil { return } // Error handled in method itself diff --git a/manager/controllers/baselines.go b/manager/controllers/baselines.go index 71e061e88..1ca81f65d 100644 --- a/manager/controllers/baselines.go +++ b/manager/controllers/baselines.go @@ -83,13 +83,14 @@ type BaselinesResponse struct { func BaselinesListHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) apiver := c.GetInt(middlewares.KeyApiver) + groups := c.GetStringMapString(middlewares.KeyInventoryGroups) filters, err := ParseTagsFilters(c) if err != nil { return } db := middlewares.DBFromContext(c) - query := buildQueryBaselines(db, filters, account) + query := buildQueryBaselines(db, filters, account, groups) if err != nil { return } // Error handled in method itself @@ -128,11 +129,9 @@ func BaselinesListHandler(c *gin.Context) { c.JSON(http.StatusOK, &resp) } -func buildQueryBaselines(db *gorm.DB, filters map[string]FilterData, account int) *gorm.DB { - subq := db.Table("system_platform sp"). +func buildQueryBaselines(db *gorm.DB, filters map[string]FilterData, account int, groups map[string]string) *gorm.DB { + subq := database.Systems(db, account, groups). Select("sp.baseline_id, count(sp.inventory_id) as systems"). - Joins("JOIN inventory.hosts ih ON ih.id = sp.inventory_id"). - Where("sp.rh_account_id = ?", account). Group("sp.baseline_id") subq, _ = ApplyTagsFilter(filters, subq, "sp.inventory_id") diff --git a/manager/controllers/package_systems.go b/manager/controllers/package_systems.go index 61b186f08..230bf19c9 100644 --- a/manager/controllers/package_systems.go +++ b/manager/controllers/package_systems.go @@ -69,10 +69,10 @@ func packagesByNameQuery(db *gorm.DB, pkgName string) *gorm.DB { Where("pn.name = ?", pkgName) } -func packageSystemsQuery(db *gorm.DB, acc int, packageName string, packageIDs []int) *gorm.DB { - query := database.SystemPackages(db, acc). +func packageSystemsQuery(db *gorm.DB, acc int, groups map[string]string, packageName string, packageIDs []int, +) *gorm.DB { + query := database.SystemPackages(db, acc, groups). Select(PackageSystemsSelect). - Joins("JOIN inventory.hosts ih ON ih.id = sp.inventory_id"). Joins("LEFT JOIN baseline bl ON sp.baseline_id = bl.id AND sp.rh_account_id = bl.rh_account_id"). Where("sp.stale = false"). Where("pn.name = ?", packageName). @@ -83,6 +83,7 @@ func packageSystemsQuery(db *gorm.DB, acc int, packageName string, packageIDs [] func packageSystemsCommon(db *gorm.DB, c *gin.Context) (*gorm.DB, *ListMeta, []string, error) { account := c.GetInt(middlewares.KeyAccount) + groups := c.GetStringMapString(middlewares.KeyInventoryGroups) var filters map[string]FilterData packageName := c.Param("package_name") @@ -102,7 +103,7 @@ func packageSystemsCommon(db *gorm.DB, c *gin.Context) (*gorm.DB, *ListMeta, []s return nil, nil, nil, errors.New("package not found") } - query := packageSystemsQuery(db, account, packageName, packageIDs) + query := packageSystemsQuery(db, account, groups, packageName, packageIDs) filters, err := ParseTagsFilters(c) if err != nil { return nil, nil, nil, err diff --git a/manager/controllers/package_systems_export.go b/manager/controllers/package_systems_export.go index 6a440bc7e..ea55bdc26 100644 --- a/manager/controllers/package_systems_export.go +++ b/manager/controllers/package_systems_export.go @@ -32,6 +32,7 @@ import ( func PackageSystemsExportHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) apiver := c.GetInt(middlewares.KeyApiver) + groups := c.GetStringMapString(middlewares.KeyInventoryGroups) packageName := c.Param("package_name") if packageName == "" { @@ -51,7 +52,7 @@ func PackageSystemsExportHandler(c *gin.Context) { return } - query := packageSystemsQuery(db, account, packageName, packageIDs) + query := packageSystemsQuery(db, account, groups, packageName, packageIDs) filters, err := ParseTagsFilters(c) if err != nil { return diff --git a/manager/controllers/package_versions.go b/manager/controllers/package_versions.go index 804e80956..c9ef686e2 100644 --- a/manager/controllers/package_versions.go +++ b/manager/controllers/package_versions.go @@ -45,8 +45,8 @@ func packagesNameID(db *gorm.DB, pkgName string) *gorm.DB { Where("pn.name = ?", pkgName) } -func packageVersionsQuery(db *gorm.DB, acc int, packageNameIDs []int) *gorm.DB { - query := database.SystemPackages(db, acc). +func packageVersionsQuery(db *gorm.DB, acc int, groups map[string]string, packageNameIDs []int) *gorm.DB { + query := database.SystemPackages(db, acc, groups). Distinct(PackageVersionSelect). Where("sp.stale = false"). Where("spkg.name_id in (?)", packageNameIDs) @@ -69,6 +69,7 @@ func packageVersionsQuery(db *gorm.DB, acc int, packageNameIDs []int) *gorm.DB { // @Router /packages/{package_name}/versions [get] func PackageVersionsListHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) + groups := c.GetStringMapString(middlewares.KeyInventoryGroups) packageName := c.Param("package_name") if packageName == "" { @@ -88,7 +89,7 @@ func PackageVersionsListHandler(c *gin.Context) { return } - query := packageVersionsQuery(db, account, packageNameIDs) + query := packageVersionsQuery(db, account, groups, packageNameIDs) // we don't support tags and filters for this endpoint query, meta, params, err := ListCommon(query, c, nil, PackageVersionsOpts) if err != nil { diff --git a/manager/controllers/packages.go b/manager/controllers/packages.go index 31b9a8d38..1695441fd 100644 --- a/manager/controllers/packages.go +++ b/manager/controllers/packages.go @@ -83,7 +83,7 @@ type queryItem struct { var queryItemSelect = database.MustGetSelect(&queryItem{}) -func packagesQuery(db *gorm.DB, filters map[string]FilterData, acc int) *gorm.DB { +func packagesQuery(db *gorm.DB, filters map[string]FilterData, acc int, groups map[string]string) *gorm.DB { var validCache bool err := db.Table("rh_account"). Select("valid_package_cache"). @@ -97,8 +97,8 @@ func packagesQuery(db *gorm.DB, filters map[string]FilterData, acc int) *gorm.DB Where("rh_account_id = ?", acc) return q } - systemsWithPkgsInstalledQ := database.Systems(db, acc). - Select("id"). + systemsWithPkgsInstalledQ := database.Systems(db, acc, groups). + Select("sp.id"). Where("sp.stale = false AND sp.packages_installed > 0") // We need to apply tag filtering on subquery @@ -146,6 +146,7 @@ func PackagesListHandler(c *gin.Context) { var filters map[string]FilterData account := c.GetInt(middlewares.KeyAccount) apiver := c.GetInt(middlewares.KeyApiver) + groups := c.GetStringMapString(middlewares.KeyInventoryGroups) filters, err := ParseTagsFilters(c) if err != nil { @@ -153,7 +154,7 @@ func PackagesListHandler(c *gin.Context) { } db := middlewares.DBFromContext(c) - query := packagesQuery(db, filters, account) + query := packagesQuery(db, filters, account, groups) if err != nil { return } // Error handled in method itself diff --git a/manager/controllers/packages_export.go b/manager/controllers/packages_export.go index 3d4425be8..3cd7634d0 100644 --- a/manager/controllers/packages_export.go +++ b/manager/controllers/packages_export.go @@ -25,13 +25,14 @@ import ( func PackagesExportHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) apiver := c.GetInt(middlewares.KeyApiver) + groups := c.GetStringMapString(middlewares.KeyInventoryGroups) filters, err := ParseTagsFilters(c) if err != nil { return } db := middlewares.DBFromContext(c) - query := packagesQuery(db, filters, account) + query := packagesQuery(db, filters, account, groups) if err != nil { return } diff --git a/manager/controllers/system_advisories.go b/manager/controllers/system_advisories.go index 6c86d1f8d..b56fc4429 100644 --- a/manager/controllers/system_advisories.go +++ b/manager/controllers/system_advisories.go @@ -63,6 +63,7 @@ func (v RelList) String() string { func systemAdvisoriesCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error) { account := c.GetInt(middlewares.KeyAccount) + groups := c.GetStringMapString(middlewares.KeyInventoryGroups) inventoryID := c.Param("inventory_id") if inventoryID == "" { @@ -90,7 +91,7 @@ func systemAdvisoriesCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, erro return nil, nil, nil, err } - query := buildSystemAdvisoriesQuery(db, account, inventoryID) + query := buildSystemAdvisoriesQuery(db, account, groups, inventoryID) query, meta, params, err := ListCommon(query, c, nil, SystemAdvisoriesOpts) // Error handling and setting of result code & content is done in ListCommon return query, meta, params, err @@ -192,8 +193,8 @@ func SystemAdvisoriesIDsHandler(c *gin.Context) { c.JSON(http.StatusOK, &resp) } -func buildSystemAdvisoriesQuery(db *gorm.DB, account int, inventoryID string) *gorm.DB { - query := database.SystemAdvisoriesByInventoryID(db, account, inventoryID). +func buildSystemAdvisoriesQuery(db *gorm.DB, account int, groups map[string]string, inventoryID string) *gorm.DB { + query := database.SystemAdvisoriesByInventoryID(db, account, groups, inventoryID). Joins("JOIN advisory_metadata am on am.id = sa.advisory_id"). Joins("JOIN advisory_type at ON am.advisory_type_id = at.id"). Joins("JOIN status ON sa.status_id = status.id"). diff --git a/manager/controllers/system_advisories_export.go b/manager/controllers/system_advisories_export.go index b31706765..f52c0b083 100644 --- a/manager/controllers/system_advisories_export.go +++ b/manager/controllers/system_advisories_export.go @@ -33,6 +33,7 @@ import ( // @Router /export/systems/{inventory_id}/advisories [get] func SystemAdvisoriesExportHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) + groups := c.GetStringMapString(middlewares.KeyInventoryGroups) inventoryID := c.Param("inventory_id") if inventoryID == "" { @@ -58,7 +59,7 @@ func SystemAdvisoriesExportHandler(c *gin.Context) { return } - query := buildSystemAdvisoriesQuery(db, account, inventoryID) + query := buildSystemAdvisoriesQuery(db, account, groups, inventoryID) query = query.Order("id") query, err = ExportListCommon(query, c, SystemAdvisoriesOpts) if err != nil { diff --git a/manager/controllers/system_detail.go b/manager/controllers/system_detail.go index 997245d26..455bffeb4 100644 --- a/manager/controllers/system_detail.go +++ b/manager/controllers/system_detail.go @@ -41,6 +41,7 @@ type SystemDetailLookup struct { func SystemDetailHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) apiver := c.GetInt(middlewares.KeyApiver) + groups := c.GetStringMapString(middlewares.KeyInventoryGroups) inventoryID := c.Param("inventory_id") if inventoryID == "" { @@ -59,9 +60,8 @@ func SystemDetailHandler(c *gin.Context) { var systemDetail SystemDetailLookup db := middlewares.DBFromContext(c) - query := database.Systems(db, account). + query := database.Systems(db, account, groups). Select(database.MustGetSelect(&systemDetail)). - Joins("JOIN inventory.hosts ih ON ih.id = inventory_id"). Joins("LEFT JOIN baseline bl ON sp.baseline_id = bl.id AND sp.rh_account_id = bl.rh_account_id"). Where("sp.inventory_id = ?::uuid", inventoryID) diff --git a/manager/controllers/system_packages.go b/manager/controllers/system_packages.go index 85a1c0a4f..348a5852e 100644 --- a/manager/controllers/system_packages.go +++ b/manager/controllers/system_packages.go @@ -72,8 +72,8 @@ type SystemPackageDBLoad struct { MetaTotalHelper } -func systemPackageQuery(db *gorm.DB, account int, inventoryID string) *gorm.DB { - query := database.SystemPackages(db, account). +func systemPackageQuery(db *gorm.DB, account int, groups map[string]string, inventoryID string) *gorm.DB { + query := database.SystemPackages(db, account, groups). Joins("LEFT JOIN strings AS descr ON p.description_hash = descr.id"). Joins("LEFT JOIN strings AS sum ON p.summary_hash = sum.id"). Select(SystemPackagesSelect). @@ -105,6 +105,7 @@ func systemPackageQuery(db *gorm.DB, account int, inventoryID string) *gorm.DB { func SystemPackagesHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) apiver := c.GetInt(middlewares.KeyApiver) + groups := c.GetStringMapString(middlewares.KeyInventoryGroups) inventoryID := c.Param("inventory_id") if inventoryID == "" { @@ -119,7 +120,7 @@ func SystemPackagesHandler(c *gin.Context) { var loaded []SystemPackageDBLoad db := middlewares.DBFromContext(c) - q := systemPackageQuery(db, account, inventoryID) + q := systemPackageQuery(db, account, groups, inventoryID) q, meta, params, err := ListCommon(q, c, nil, SystemPackagesOpts) if err != nil { return diff --git a/manager/controllers/system_packages_export.go b/manager/controllers/system_packages_export.go index 49ad83659..247b17ce1 100644 --- a/manager/controllers/system_packages_export.go +++ b/manager/controllers/system_packages_export.go @@ -45,6 +45,7 @@ type SystemPackageInlineV3 struct { func SystemPackagesExportHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) apiver := c.GetInt(middlewares.KeyApiver) + groups := c.GetStringMapString(middlewares.KeyInventoryGroups) inventoryID := c.Param("inventory_id") if inventoryID == "" { @@ -59,7 +60,7 @@ func SystemPackagesExportHandler(c *gin.Context) { var loaded []SystemPackageDBLoad db := middlewares.DBFromContext(c) - q := systemPackageQuery(db, account, inventoryID) + q := systemPackageQuery(db, account, groups, inventoryID) q, err := ExportListCommon(q, c, SystemPackagesOpts) if err != nil { // Error handling and setting of result code & content is done in ListCommon diff --git a/manager/controllers/systems.go b/manager/controllers/systems.go index dd42d07d6..fbbb8d7fe 100644 --- a/manager/controllers/systems.go +++ b/manager/controllers/systems.go @@ -156,8 +156,9 @@ type SystemsResponseV3 struct { func systemsCommon(c *gin.Context, apiver int) (*gorm.DB, *ListMeta, []string, error) { var err error account := c.GetInt(middlewares.KeyAccount) + groups := c.GetStringMapString(middlewares.KeyInventoryGroups) db := middlewares.DBFromContext(c) - query := querySystems(db, account, apiver) + query := querySystems(db, account, apiver, groups) filters, err := ParseTagsFilters(c) if err != nil { return nil, nil, nil, err @@ -302,9 +303,8 @@ func SystemsListIDsHandler(c *gin.Context) { c.JSON(http.StatusOK, &resp) } -func querySystems(db *gorm.DB, account, apiver int) *gorm.DB { - q := database.Systems(db, account). - Joins("JOIN inventory.hosts ih ON ih.id = sp.inventory_id"). +func querySystems(db *gorm.DB, account, apiver int, groups map[string]string) *gorm.DB { + q := database.Systems(db, account, groups). Joins("LEFT JOIN baseline bl ON sp.baseline_id = bl.id AND sp.rh_account_id = bl.rh_account_id") if apiver < 3 { return q.Select(SystemsSelectV2) diff --git a/manager/controllers/systems_advisories_view.go b/manager/controllers/systems_advisories_view.go index 2b105b9aa..dc25e8221 100644 --- a/manager/controllers/systems_advisories_view.go +++ b/manager/controllers/systems_advisories_view.go @@ -2,6 +2,7 @@ package controllers import ( "app/base/database" + "app/base/utils" "app/manager/middlewares" "fmt" "net/http" @@ -42,9 +43,9 @@ func totalItems(tx *gorm.DB, cols string) (int, error) { return int(count), err } -func systemsAdvisoriesQuery(db *gorm.DB, acc int, systems []SystemID, advisories []AdvisoryName, - limit, offset *int, apiver int) (*gorm.DB, int, int, int, error) { - sysq := database.Systems(db, acc). +func systemsAdvisoriesQuery(db *gorm.DB, acc int, groups map[string]string, systems []SystemID, + advisories []AdvisoryName, limit, offset *int, apiver int) (*gorm.DB, int, int, int, error) { + sysq := database.Systems(db, acc, groups). Distinct("sp.rh_account_id, sp.id, sp.inventory_id"). // we need to join system_advisories to make `limit` work properly // without this join it can happen that we display less items on some pages @@ -85,8 +86,10 @@ func systemsAdvisoriesQuery(db *gorm.DB, acc int, systems []SystemID, advisories return query, total, lim, off, nil } -func advisoriesSystemsQuery(db *gorm.DB, acc int, systems []SystemID, advisories []AdvisoryName, - limit, offset *int, apiver int) (*gorm.DB, int, int, int, error) { +func advisoriesSystemsQuery(db *gorm.DB, acc int, groups map[string]string, systems []SystemID, + advisories []AdvisoryName, limit, offset *int, apiver int) (*gorm.DB, int, int, int, error) { + // TODO: inventory groups check + utils.LogWarn("groups", groups, "TODO: USE INVENTORY GROUPS!") advq := db.Table("advisory_metadata am"). Distinct("am.id, am.name"). // we need to join system_advisories to make `limit` work properly @@ -145,14 +148,15 @@ func queryDB(c *gin.Context, endpoint string) ([]systemsAdvisoriesDBLoad, *ListM } acc := c.GetInt(middlewares.KeyAccount) apiver := c.GetInt(middlewares.KeyApiver) + groups := c.GetStringMapString(middlewares.KeyInventoryGroups) db := middlewares.DBFromContext(c) switch endpoint { case "SystemsAdvisories": q, total, limit, offset, err = systemsAdvisoriesQuery( - db, acc, req.Systems, req.Advisories, req.Limit, req.Offset, apiver) + db, acc, groups, req.Systems, req.Advisories, req.Limit, req.Offset, apiver) case "AdvisoriesSystems": q, total, limit, offset, err = advisoriesSystemsQuery( - db, acc, req.Systems, req.Advisories, req.Limit, req.Offset, apiver) + db, acc, groups, req.Systems, req.Advisories, req.Limit, req.Offset, apiver) default: return nil, nil, fmt.Errorf("unknown endpoint '%s'", endpoint) } diff --git a/manager/controllers/systems_export.go b/manager/controllers/systems_export.go index 2e8afd1a0..c7416321e 100644 --- a/manager/controllers/systems_export.go +++ b/manager/controllers/systems_export.go @@ -38,8 +38,9 @@ import ( func SystemsExportHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) apiver := c.GetInt(middlewares.KeyApiver) + groups := c.GetStringMapString(middlewares.KeyInventoryGroups) db := middlewares.DBFromContext(c) - query := querySystems(db, account, apiver) + query := querySystems(db, account, apiver, groups) filters, err := ParseTagsFilters(c) if err != nil { return diff --git a/manager/controllers/systemtags.go b/manager/controllers/systemtags.go index ba4e42015..3335c92dd 100644 --- a/manager/controllers/systemtags.go +++ b/manager/controllers/systemtags.go @@ -64,11 +64,11 @@ var SystemTagsOpts = ListOpts{ func SystemTagListHandler(c *gin.Context) { var err error account := c.GetInt(middlewares.KeyAccount) + groups := c.GetStringMapString(middlewares.KeyInventoryGroups) db := middlewares.DBFromContext(c) // https://stackoverflow.com/questions/33474778/how-to-group-result-by-array-column-in-postgres - sq := database.Systems(db, account). - Joins("JOIN inventory.hosts ih ON ih.id = sp.inventory_id"). + sq := database.Systems(db, account, groups). Select("jsonb_array_elements(ih.tags) AS tag") query := db.Table("(?) AS sq", sq). From 3d0ea1cffc2bbe1ddd8fd368ca229e379b95d028 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Thu, 13 Jul 2023 12:14:23 +0200 Subject: [PATCH 132/268] ESSNTL-4817: return inventory groups in rbac mock --- platform/rbac.go | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/platform/rbac.go b/platform/rbac.go index 966f40abf..6a19d5a3f 100644 --- a/platform/rbac.go +++ b/platform/rbac.go @@ -10,10 +10,21 @@ import ( var rbacPermissions = utils.Getenv("RBAC_PERMISSIONS", "patch:*:read") +var inventoryGroup = "inventory-group-1" + func rbacHandler(c *gin.Context) { c.JSON(http.StatusOK, rbac.AccessPagination{ Data: []rbac.Access{ {Permission: rbacPermissions}, + { + Permission: "inventory:hosts:read", + ResourceDefinitions: []rbac.ResourceDefinition{{ + AttributeFilter: rbac.AttributeFilter{ + Key: "group.id", + Value: []*string{&inventoryGroup, nil}, + }, + }}, + }, }, }) } From 605eaf7ccfda8f8b09a58aae40c8c702e708be3f Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Thu, 13 Jul 2023 12:29:20 +0200 Subject: [PATCH 133/268] ESSNTL-4817: update inventory.hosts test data --- dev/test_data.sql | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/dev/test_data.sql b/dev/test_data.sql index a9a6b7a62..c8767154a 100644 --- a/dev/test_data.sql +++ b/dev/test_data.sql @@ -165,59 +165,59 @@ INSERT INTO system_package (rh_account_id, system_id, package_id, name_id, updat INSERT INTO timestamp_kv (name, value) VALUES ('last_eval_repo_based', '2018-04-05T01:23:45+02:00'); -INSERT INTO inventory.hosts_v1_0 (id, insights_id, account, display_name, tags, updated, created, stale_timestamp, system_profile, reporter, per_reporter_staleness) VALUES +INSERT INTO inventory.hosts_v1_0 (id, insights_id, account, display_name, tags, updated, created, stale_timestamp, system_profile, reporter, per_reporter_staleness, org_id, groups) VALUES ('00000000000000000000000000000001', '00000000-0000-0000-0001-000000000001', '1', '00000000-0000-0000-0000-000000000001', '[{"key": "k1", "value": "val1", "namespace": "ns1"},{"key": "k2", "value": "val2", "namespace": "ns1"}]', '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "sap_sids": ["ABC", "DEF", "GHI"], "operating_system": {"name": "RHEL", "major": 8, "minor": 10}, "rhsm": {"version": "8.10"}}', - 'puptoo', '{}'), + 'puptoo', '{}', 'org_1', '[{"id": "inventory-group-1", "name": "group1"}]'), ('00000000000000000000000000000002', '00000000-0000-0000-0002-000000000001', '1', '00000000-0000-0000-0000-000000000002', '[{"key": "k1", "value": "val1", "namespace": "ns1"},{"key": "k2", "value": "val2", "namespace": "ns1"},{"key": "k3", "value": "val3", "namespace": "ns1"}]', '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "sap_sids": ["ABC"], "operating_system": {"name": "RHEL", "major": 8, "minor": 1}, "rhsm": {"version": "8.1"}}', - 'puptoo', '{}'), + 'puptoo', '{}', 'org_1', '[{"id": "inventory-group-1", "name": "group1"}]'), ('00000000000000000000000000000003', '00000000-0000-0000-0003-000000000001', '1', '00000000-0000-0000-0000-000000000003', '[{"key": "k1", "value": "val1", "namespace": "ns1"}, {"key": "k3", "value": "val4", "namespace": "ns1"}]', '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 1}, "rhsm": {"version": "8.0"}}', - 'puptoo', '{}'), + 'puptoo', '{}', 'org_1', '[{"id": "inventory-group-1", "name": "group1"}]'), ('00000000000000000000000000000004', '00000000-0000-0000-0004-000000000001', '1', '00000000-0000-0000-0000-000000000004', '[{"key": "k3", "value": "val4", "namespace": "ns1"}]', '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 2}, "rhsm": {"version": "8.3"}}', - 'puptoo', '{}'), + 'puptoo', '{}', 'org_1', '[{"id": "inventory-group-1", "name": "group1"}]'), ('00000000000000000000000000000005', '00000000-0000-0000-0005-000000000001', '1', '00000000-0000-0000-0000-000000000005', '[{"key": "k1", "value": "val1", "namespace": "ns1"}]', '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 3}, "rhsm": {"version": "8.3"}}', - 'puptoo', '{}'), + 'puptoo', '{}', 'org_1', '[{"id": "inventory-group-1", "name": "group1"}]'), ('00000000000000000000000000000006', '00000000-0000-0000-0006-000000000001', '1', '00000000-0000-0000-0000-000000000006', '[{"key": "k1", "value": "val1", "namespace": "ns1"}]', '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 7, "minor": 3}, "rhsm": {"version": "7.3"}, "mssql": { "version": "15.3.0"}}', - 'puptoo', '{}'), + 'puptoo', '{}', 'org_1', '[{"id": "inventory-group-1", "name": "group1"}]'), ('00000000000000000000000000000007', '00000000-0000-0000-0007-000000000001', '1', '00000000-0000-0000-0000-000000000007','[{"key": "k1", "value": "val1", "namespace": "ns1"}]', '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": "x"}, "rhsm": {"version": "8.x"}, "ansible": {"controller_version": "1.0"}}', - 'puptoo', '{}'), + 'puptoo', '{}', 'org_1', '[{"id": "inventory-group-2", "name": "group1"}]'), ('00000000000000000000000000000008', '00000000-0000-0000-0008-000000000001', '1', '00000000-0000-0000-0000-000000000008', '[{"key": "k1", "value": "val1", "namespace": "ns1"}]', '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 3}, "rhsm": {"version": "8.3"}}', - 'puptoo', '{}'), + 'puptoo', '{}', 'org_1', '[{"id": "inventory-group-2", "name": "group1"}]'), ('00000000000000000000000000000009', '00000000-0000-0000-0009-000000000001', '2', '00000000-0000-0000-0000-000000000009', '[{"key": "k1", "value": "val1", "namespace": "ns1"}]', '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 1}, "rhsm": {"version": "8.1"}}', - 'puptoo', '{}'), + 'puptoo', '{}', 'org_2', NULL), ('00000000000000000000000000000010', '00000000-0000-0000-0010-000000000001', '2', '00000000-0000-0000-0000-000000000010', '[{"key": "k1", "value": "val1", "namespace": "ns1"}]', '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 2}, "rhsm": {"version": "8.2"}}', - 'puptoo', '{}'), + 'puptoo', '{}', 'org_2', NULL), ('00000000000000000000000000000011', '00000000-0000-0000-0011-000000000001', '2', '00000000-0000-0000-0000-000000000011', '[{"key": "k1", "value": "val1", "namespace": "ns1"}]', '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 3}, "rhsm": {"version": "8.3"}}', - 'puptoo', '{}'), + 'puptoo', '{}', 'org_2', '[]'), ('00000000000000000000000000000012', '00000000-0000-0000-0012-000000000001', '3', '00000000-0000-0000-0000-000000000012', '[{"key": "k1", "value": "val1", "namespace": "ns1"}]', '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 1}, "rhsm": {"version": "8.1"}}', - 'puptoo', '{}'), + 'puptoo', '{}', 'org_3', '[]'), ('00000000000000000000000000000013', '00000000-0000-0000-0013-000000000001', '3', '00000000-0000-0000-0000-000000000013', '[{"key": "k1", "value": "val1", "namespace": "ns1"}]', '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 2}, "rhsm": {"version": "8.2"}}', - 'puptoo', '{}'), + 'puptoo', '{}', 'org_3', '[]'), ('00000000000000000000000000000014', '00000000-0000-0000-0014-000000000001', '3', '00000000-0000-0000-0000-000000000014', '[{"key": "k1", "value": "val1", "namespace": "ns1"}]', '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 3}}', - 'puptoo', '{}'), + 'puptoo', '{}', 'org_3', '[]'), ('00000000000000000000000000000015', '00000000-0000-0000-0015-000000000001', '3', '00000000-0000-0000-0000-000000000015', '[{"key": "k3", "value": "val4", "namespace": "ns1"}]', '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": false, "operating_system": {"name": "RHEL", "major": 8, "minor": 1}, "rhsm": {"version": "8.1"}}', - 'puptoo', '{}'), + 'puptoo', '{}', 'org_3', '[]'), ('00000000000000000000000000000016', '00000000-0000-0000-0016-000000000001', '3', '00000000-0000-0000-0000-000000000016', '[]', '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": false, "operating_system": {"name": "RHEL", "major": 8, "minor": 2}, "rhsm": {"version": "8.2"}}', - 'puptoo', '{}'), + 'puptoo', '{}', 'org_3', '[]'), ('00000000000000000000000000000017', '00000000-0000-0000-0017-000000000001', '3', '00000000-0000-0000-0000-000000000017', '[]', '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"rhsm": {"version": "8.1"}, "operating_system": {"name": "RHEL", "major": 8, "minor": 1}, "ansible": {"controller_version": "1.0", "hub_version": "3.4.1", "catalog_worker_version": "100.387.9846.12", "sso_version": "1.28.3.52641.10000513168495123"}, "mssql": { "version": "15.3.0"}}', - 'puptoo', '{}'); + 'puptoo', '{}', 'org_3', '[]'); SELECT refresh_all_cached_counts(); From 8e2fe4fb843830ec0c74e06cdf6d2556dea6b30a Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Thu, 13 Jul 2023 17:53:23 +0200 Subject: [PATCH 134/268] ESSNTL-4817: test InventoryHostsJoin --- base/database/utils_test.go | 47 +++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 base/database/utils_test.go diff --git a/base/database/utils_test.go b/base/database/utils_test.go new file mode 100644 index 000000000..fc27579f4 --- /dev/null +++ b/base/database/utils_test.go @@ -0,0 +1,47 @@ +package database + +import ( + "app/base/rbac" + "app/base/utils" + "testing" + + "github.com/stretchr/testify/assert" +) + +var ( + // counts of systems from system_platform JOIN inventory.hosts + nGroup1 int64 = 6 + nGroup2 int64 = 2 + nUngrouped int64 = 6 + nAll int64 = 16 +) + +// nolint: lll +var testCases = []map[int64]map[string]string{ + {nGroup1: {rbac.KeyGrouped: `{"[{\"id\":\"inventory-group-1\"}]"}`}}, + {nGroup2: {rbac.KeyGrouped: `{"[{\"id\":\"inventory-group-2\"}]"}`}}, + {nGroup1 + nGroup2: {rbac.KeyGrouped: `{"[{\"id\":\"inventory-group-1\"}]","[{\"id\":\"inventory-group-2\"}]"}`}}, + {nGroup1 + nUngrouped: { + rbac.KeyGrouped: `{"[{\"id\":\"inventory-group-1\"}]"}`, + rbac.KeyUngrouped: "[]", + }}, + {nUngrouped: { + rbac.KeyGrouped: `{"[{\"id\":\"non-existing-group\"}]"}`, + rbac.KeyUngrouped: "[]", + }}, + {0: {rbac.KeyGrouped: `{"[{\"id\":\"non-existing-group\"}]"}`}}, + {nAll: {}}, +} + +func TestInventoryHostsJoin(t *testing.T) { + utils.SkipWithoutDB(t) + Configure() + + for _, tc := range testCases { + for expectedCount, groups := range tc { + var count int64 + InventoryHostsJoin(Db.Table("system_platform sp"), groups).Count(&count) + assert.Equal(t, expectedCount, count) + } + } +} From b3e2e9afbead26df36dd52101238446ff4f301a5 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Fri, 14 Jul 2023 12:29:57 +0200 Subject: [PATCH 135/268] ESSNTL-4817: use inventory join in /views/advisories/systems --- manager/controllers/systems_advisories_view.go | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/manager/controllers/systems_advisories_view.go b/manager/controllers/systems_advisories_view.go index dc25e8221..46bbcb6b8 100644 --- a/manager/controllers/systems_advisories_view.go +++ b/manager/controllers/systems_advisories_view.go @@ -2,7 +2,6 @@ package controllers import ( "app/base/database" - "app/base/utils" "app/manager/middlewares" "fmt" "net/http" @@ -88,13 +87,13 @@ func systemsAdvisoriesQuery(db *gorm.DB, acc int, groups map[string]string, syst func advisoriesSystemsQuery(db *gorm.DB, acc int, groups map[string]string, systems []SystemID, advisories []AdvisoryName, limit, offset *int, apiver int) (*gorm.DB, int, int, int, error) { - // TODO: inventory groups check - utils.LogWarn("groups", groups, "TODO: USE INVENTORY GROUPS!") - advq := db.Table("advisory_metadata am"). + // get all advisories for all systems in the account (with inventory.hosts join) + advq := database.Systems(db, acc, groups). Distinct("am.id, am.name"). // we need to join system_advisories to make `limit` work properly // without this join it can happen that we display less items on some pages - Joins("JOIN system_advisories sa ON am.id = sa.advisory_id AND sa.rh_account_id = ?", acc). + Joins("JOIN system_advisories sa ON sp.id = sa.system_id AND sa.rh_account_id = ?", acc). + Joins("JOIN advisory_metadata am ON am.id = sa.advisory_id"). Order("am.name, am.id") if len(advisories) > 0 { advq = advq.Where("am.name in (?)", advisories) From 45b02c7987f5a5bb4a4ddc683b8dfcc5e9b4e05f Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Fri, 14 Jul 2023 11:39:48 +0000 Subject: [PATCH 136/268] v3.3.20 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 6029c6236..e0b671e30 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.3.19 +v3.3.20 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 63f38ee5f..24044c250 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -551,7 +551,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.3.19} +- {name: IMAGE_TAG_MANAGER, value: v3.3.20} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -575,7 +575,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.3.19} +- {name: IMAGE_TAG_LISTENER, value: v3.3.20} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -596,7 +596,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.19} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.20} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -621,7 +621,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.19} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.20} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -644,7 +644,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.3.19} +- {name: IMAGE_TAG_JOBS, value: v3.3.20} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -689,7 +689,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.19} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.20} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -720,7 +720,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.3.19} +- {name: IMAGE_TAG_ADMIN, value: v3.3.20} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 517bac371..ab0b1b49a 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.19" + "version": "v3.3.20" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 54426bbbf..8c10e555e 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.19" + "version": "v3.3.20" }, "servers": [ { From 877785023a7a1ff5f82daa225ae7cc66651bcd51 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Fri, 14 Jul 2023 17:11:21 +0200 Subject: [PATCH 137/268] fix group name in test_data --- dev/test_data.sql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dev/test_data.sql b/dev/test_data.sql index c8767154a..c47b49db6 100644 --- a/dev/test_data.sql +++ b/dev/test_data.sql @@ -186,10 +186,10 @@ INSERT INTO inventory.hosts_v1_0 (id, insights_id, account, display_name, tags, 'puptoo', '{}', 'org_1', '[{"id": "inventory-group-1", "name": "group1"}]'), ('00000000000000000000000000000007', '00000000-0000-0000-0007-000000000001', '1', '00000000-0000-0000-0000-000000000007','[{"key": "k1", "value": "val1", "namespace": "ns1"}]', '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": "x"}, "rhsm": {"version": "8.x"}, "ansible": {"controller_version": "1.0"}}', - 'puptoo', '{}', 'org_1', '[{"id": "inventory-group-2", "name": "group1"}]'), + 'puptoo', '{}', 'org_1', '[{"id": "inventory-group-2", "name": "group2"}]'), ('00000000000000000000000000000008', '00000000-0000-0000-0008-000000000001', '1', '00000000-0000-0000-0000-000000000008', '[{"key": "k1", "value": "val1", "namespace": "ns1"}]', '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 3}, "rhsm": {"version": "8.3"}}', - 'puptoo', '{}', 'org_1', '[{"id": "inventory-group-2", "name": "group1"}]'), + 'puptoo', '{}', 'org_1', '[{"id": "inventory-group-2", "name": "group2"}]'), ('00000000000000000000000000000009', '00000000-0000-0000-0009-000000000001', '2', '00000000-0000-0000-0000-000000000009', '[{"key": "k1", "value": "val1", "namespace": "ns1"}]', '2018-09-22 12:00:00-04', '2018-08-26 12:00:00-04', '2018-08-26 12:00:00-04', '{"sap_system": true, "operating_system": {"name": "RHEL", "major": 8, "minor": 1}, "rhsm": {"version": "8.1"}}', 'puptoo', '{}', 'org_2', NULL), From fd6d6918be254915e19f25c5ea7b8ce5ed1a4752 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Fri, 14 Jul 2023 18:07:10 +0200 Subject: [PATCH 138/268] ESSNTL-4817: generalize marshaling for inventory group id and name --- base/rbac/rbac.go | 7 ++++--- base/utils/core.go | 12 ++++++++++++ manager/middlewares/rbac.go | 8 +++----- 3 files changed, 19 insertions(+), 8 deletions(-) diff --git a/base/rbac/rbac.go b/base/rbac/rbac.go index 52beb4cb0..0fa279c70 100644 --- a/base/rbac/rbac.go +++ b/base/rbac/rbac.go @@ -21,8 +21,9 @@ type AttributeFilter struct { Value []*string `json:"value"` } -type InventoryGroupID struct { - ID string `json:"id"` +type inventoryGroup struct { + ID *string `json:"id,omitempty"` + Name *string `json:"name,omitempty"` } -type InventoryGroup []InventoryGroupID +type InventoryGroup []inventoryGroup diff --git a/base/utils/core.go b/base/utils/core.go index 4b96a483d..99bf4c67c 100644 --- a/base/utils/core.go +++ b/base/utils/core.go @@ -1,7 +1,9 @@ package utils import ( + "app/base/rbac" "bytes" + "encoding/json" "fmt" "math" "os" @@ -163,3 +165,13 @@ func GetGorutineID() uint64 { n, _ := strconv.ParseUint(string(b), 10, 64) return n } + +func ParseInventoryGroup(id *string, name *string) (string, error) { + group := rbac.InventoryGroup{{ID: id, Name: name}} + groupJSON, err := json.Marshal(&group) + if err != nil { + LogError("group", group, "err", err.Error(), "Cannot Marshal Inventory group") + return "", err + } + return strconv.Quote(string(groupJSON)), nil +} diff --git a/manager/middlewares/rbac.go b/manager/middlewares/rbac.go index 74a16699c..d17a118b5 100644 --- a/manager/middlewares/rbac.go +++ b/manager/middlewares/rbac.go @@ -5,7 +5,6 @@ import ( "app/base/api" "app/base/rbac" "app/base/utils" - "encoding/json" "fmt" "net/http" "os" @@ -142,13 +141,12 @@ func findInventoryGroups(access *rbac.AccessPagination) map[string]string { res[rbac.KeyUngrouped] = "[]" continue } - group := rbac.InventoryGroup{{ID: *v}} - groupJSON, err := json.Marshal(&group) + group, err := utils.ParseInventoryGroup(v, nil) if err != nil { - utils.LogError("group", group, "err", err.Error(), "Cannot Marshal Inventory group") + // couldn't marshal inventory group to json continue } - groups = append(groups, strconv.Quote(string(groupJSON))) + groups = append(groups, group) } } } From 6d95f040991aaf09588faf82948a5229fe04e247 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Fri, 14 Jul 2023 18:14:46 +0200 Subject: [PATCH 139/268] ESSNTL-4817: unify naming for tags and system_profile filter functions --- manager/controllers/advisories.go | 6 ++-- manager/controllers/advisories_export.go | 4 +-- manager/controllers/advisory_systems.go | 4 +-- .../controllers/advisory_systems_export.go | 4 +-- manager/controllers/baseline_systems.go | 4 +-- manager/controllers/baselines.go | 4 +-- manager/controllers/package_systems.go | 4 +-- manager/controllers/package_systems_export.go | 4 +-- manager/controllers/packages.go | 4 +-- manager/controllers/packages_export.go | 2 +- manager/controllers/systems.go | 4 +-- manager/controllers/systems_export.go | 4 +-- manager/controllers/utils.go | 28 +++++++++---------- 13 files changed, 38 insertions(+), 38 deletions(-) diff --git a/manager/controllers/advisories.go b/manager/controllers/advisories.go index f78177656..af5737f6c 100644 --- a/manager/controllers/advisories.go +++ b/manager/controllers/advisories.go @@ -121,11 +121,11 @@ func advisoriesCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error) { account := c.GetInt(middlewares.KeyAccount) groups := c.GetStringMapString(middlewares.KeyInventoryGroups) var query *gorm.DB - filters, err := ParseTagsFilters(c) + filters, err := ParseInventoryFilters(c) if err != nil { return nil, nil, nil, err } - if disableCachedCounts || HasTags(c) { + if disableCachedCounts || HasInventoryFilter(c) { var err error query = buildQueryAdvisoriesTagged(db, filters, account, groups) if err != nil { @@ -277,7 +277,7 @@ func buildAdvisoryAccountDataQuery(db *gorm.DB, account int, groups map[string]s func buildQueryAdvisoriesTagged(db *gorm.DB, filters map[string]FilterData, account int, groups map[string]string, ) *gorm.DB { subq := buildAdvisoryAccountDataQuery(db, account, groups) - subq, _ = ApplyTagsFilter(filters, subq, "sp.inventory_id") + subq, _ = ApplyInventoryFilter(filters, subq, "sp.inventory_id") query := db.Table("advisory_metadata am"). Select(AdvisoriesSelectV3). diff --git a/manager/controllers/advisories_export.go b/manager/controllers/advisories_export.go index e318e838f..2f905ec35 100644 --- a/manager/controllers/advisories_export.go +++ b/manager/controllers/advisories_export.go @@ -29,13 +29,13 @@ import ( func AdvisoriesExportHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) groups := c.GetStringMapString(middlewares.KeyInventoryGroups) - filters, err := ParseTagsFilters(c) + filters, err := ParseInventoryFilters(c) if err != nil { return } db := middlewares.DBFromContext(c) var query *gorm.DB - if disableCachedCounts || HasTags(c) { + if disableCachedCounts || HasInventoryFilter(c) { var err error query = buildQueryAdvisoriesTagged(db, filters, account, groups) if err != nil { diff --git a/manager/controllers/advisory_systems.go b/manager/controllers/advisory_systems.go index 09dd6a15f..b706e8256 100644 --- a/manager/controllers/advisory_systems.go +++ b/manager/controllers/advisory_systems.go @@ -58,11 +58,11 @@ func advisorySystemsCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error } query := buildAdvisorySystemsQuery(db, account, groups, advisoryName, apiver) - filters, err := ParseTagsFilters(c) + filters, err := ParseInventoryFilters(c) if err != nil { return nil, nil, nil, err } // Error handled in method itself - query, _ = ApplyTagsFilter(filters, query, "sp.inventory_id") + query, _ = ApplyInventoryFilter(filters, query, "sp.inventory_id") opts := AdvisorySystemOptsV3 if apiver < 3 { opts = AdvisorySystemOpts diff --git a/manager/controllers/advisory_systems_export.go b/manager/controllers/advisory_systems_export.go index e60cdbcf7..eac764f51 100644 --- a/manager/controllers/advisory_systems_export.go +++ b/manager/controllers/advisory_systems_export.go @@ -60,11 +60,11 @@ func AdvisorySystemsExportHandler(c *gin.Context) { } query := buildAdvisorySystemsQuery(db, account, groups, advisoryName, apiver) - filters, err := ParseTagsFilters(c) + filters, err := ParseInventoryFilters(c) if err != nil { return } // Error handled in method itself - query, _ = ApplyTagsFilter(filters, query, "sp.inventory_id") + query, _ = ApplyInventoryFilter(filters, query, "sp.inventory_id") query = query.Order("sp.id") query, err = ExportListCommon(query, c, AdvisorySystemOpts) diff --git a/manager/controllers/baseline_systems.go b/manager/controllers/baseline_systems.go index b7296b564..c9e399c80 100644 --- a/manager/controllers/baseline_systems.go +++ b/manager/controllers/baseline_systems.go @@ -107,11 +107,11 @@ func queryBaselineSystems(c *gin.Context, account, apiver int, groups map[string } query := buildQueryBaselineSystems(db, account, groups, id, apiver) - filters, err := ParseTagsFilters(c) + filters, err := ParseInventoryFilters(c) if err != nil { return nil, err } // Error handled in method itself - query, _ = ApplyTagsFilter(filters, query, "sp.inventory_id") + query, _ = ApplyInventoryFilter(filters, query, "sp.inventory_id") return query, nil } diff --git a/manager/controllers/baselines.go b/manager/controllers/baselines.go index 1ca81f65d..aae347908 100644 --- a/manager/controllers/baselines.go +++ b/manager/controllers/baselines.go @@ -84,7 +84,7 @@ func BaselinesListHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) apiver := c.GetInt(middlewares.KeyApiver) groups := c.GetStringMapString(middlewares.KeyInventoryGroups) - filters, err := ParseTagsFilters(c) + filters, err := ParseInventoryFilters(c) if err != nil { return } @@ -134,7 +134,7 @@ func buildQueryBaselines(db *gorm.DB, filters map[string]FilterData, account int Select("sp.baseline_id, count(sp.inventory_id) as systems"). Group("sp.baseline_id") - subq, _ = ApplyTagsFilter(filters, subq, "sp.inventory_id") + subq, _ = ApplyInventoryFilter(filters, subq, "sp.inventory_id") query := db.Table("baseline as bl"). Select(BaselineSelect). diff --git a/manager/controllers/package_systems.go b/manager/controllers/package_systems.go index 230bf19c9..65197ed5d 100644 --- a/manager/controllers/package_systems.go +++ b/manager/controllers/package_systems.go @@ -104,11 +104,11 @@ func packageSystemsCommon(db *gorm.DB, c *gin.Context) (*gorm.DB, *ListMeta, []s } query := packageSystemsQuery(db, account, groups, packageName, packageIDs) - filters, err := ParseTagsFilters(c) + filters, err := ParseInventoryFilters(c) if err != nil { return nil, nil, nil, err } // Error handled in method itself - query, _ = ApplyTagsFilter(filters, query, "sp.inventory_id") + query, _ = ApplyInventoryFilter(filters, query, "sp.inventory_id") query, meta, params, err := ListCommon(query, c, filters, PackageSystemsOpts) // Error handled in method itself return query, meta, params, err diff --git a/manager/controllers/package_systems_export.go b/manager/controllers/package_systems_export.go index ea55bdc26..045d9173b 100644 --- a/manager/controllers/package_systems_export.go +++ b/manager/controllers/package_systems_export.go @@ -53,11 +53,11 @@ func PackageSystemsExportHandler(c *gin.Context) { } query := packageSystemsQuery(db, account, groups, packageName, packageIDs) - filters, err := ParseTagsFilters(c) + filters, err := ParseInventoryFilters(c) if err != nil { return } // Error handled in method itself - query, _ = ApplyTagsFilter(filters, query, "sp.inventory_id") + query, _ = ApplyInventoryFilter(filters, query, "sp.inventory_id") query, err = ExportListCommon(query, c, PackageSystemsOpts) if err != nil { return diff --git a/manager/controllers/packages.go b/manager/controllers/packages.go index 1695441fd..1ea08cc3d 100644 --- a/manager/controllers/packages.go +++ b/manager/controllers/packages.go @@ -102,7 +102,7 @@ func packagesQuery(db *gorm.DB, filters map[string]FilterData, acc int, groups m Where("sp.stale = false AND sp.packages_installed > 0") // We need to apply tag filtering on subquery - systemsWithPkgsInstalledQ, _ = ApplyTagsFilter(filters, systemsWithPkgsInstalledQ, "sp.inventory_id") + systemsWithPkgsInstalledQ, _ = ApplyInventoryFilter(filters, systemsWithPkgsInstalledQ, "sp.inventory_id") subQ := database.SystemPackagesShort(db, acc). Select(queryItemSelect). Where("spkg.system_id IN (?)", systemsWithPkgsInstalledQ). @@ -148,7 +148,7 @@ func PackagesListHandler(c *gin.Context) { apiver := c.GetInt(middlewares.KeyApiver) groups := c.GetStringMapString(middlewares.KeyInventoryGroups) - filters, err := ParseTagsFilters(c) + filters, err := ParseInventoryFilters(c) if err != nil { return } diff --git a/manager/controllers/packages_export.go b/manager/controllers/packages_export.go index 3cd7634d0..5f942c166 100644 --- a/manager/controllers/packages_export.go +++ b/manager/controllers/packages_export.go @@ -26,7 +26,7 @@ func PackagesExportHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) apiver := c.GetInt(middlewares.KeyApiver) groups := c.GetStringMapString(middlewares.KeyInventoryGroups) - filters, err := ParseTagsFilters(c) + filters, err := ParseInventoryFilters(c) if err != nil { return } diff --git a/manager/controllers/systems.go b/manager/controllers/systems.go index fbbb8d7fe..f967103ca 100644 --- a/manager/controllers/systems.go +++ b/manager/controllers/systems.go @@ -159,11 +159,11 @@ func systemsCommon(c *gin.Context, apiver int) (*gorm.DB, *ListMeta, []string, e groups := c.GetStringMapString(middlewares.KeyInventoryGroups) db := middlewares.DBFromContext(c) query := querySystems(db, account, apiver, groups) - filters, err := ParseTagsFilters(c) + filters, err := ParseInventoryFilters(c) if err != nil { return nil, nil, nil, err } // Error handled method itself - query, _ = ApplyTagsFilter(filters, query, "sp.inventory_id") + query, _ = ApplyInventoryFilter(filters, query, "sp.inventory_id") query, meta, params, err := ListCommon(query, c, filters, SystemOpts) // Error handled method itself return query, meta, params, err diff --git a/manager/controllers/systems_export.go b/manager/controllers/systems_export.go index c7416321e..b3200832b 100644 --- a/manager/controllers/systems_export.go +++ b/manager/controllers/systems_export.go @@ -41,11 +41,11 @@ func SystemsExportHandler(c *gin.Context) { groups := c.GetStringMapString(middlewares.KeyInventoryGroups) db := middlewares.DBFromContext(c) query := querySystems(db, account, apiver, groups) - filters, err := ParseTagsFilters(c) + filters, err := ParseInventoryFilters(c) if err != nil { return } // Error handled in method itself - query, _ = ApplyTagsFilter(filters, query, "sp.inventory_id") + query, _ = ApplyInventoryFilter(filters, query, "sp.inventory_id") var systems SystemDBLookupSlice diff --git a/manager/controllers/utils.go b/manager/controllers/utils.go index 12e6e4293..2442e4375 100644 --- a/manager/controllers/utils.go +++ b/manager/controllers/utils.go @@ -28,7 +28,7 @@ var tagRegex = regexp.MustCompile(`([^/=]+)/([^/=]+)(=([^/=]+))?`) var enableCyndiTags = utils.GetBoolEnvOrDefault("ENABLE_CYNDI_TAGS", false) var disableCachedCounts = utils.GetBoolEnvOrDefault("DISABLE_CACHE_COUNTS", false) -var validFilters = map[string]bool{ +var validSystemProfileFilters = map[string]bool{ "sap_sids": true, "sap_system": true, "mssql": true, @@ -294,23 +294,23 @@ type Tag struct { Value *string } -func HasTags(c *gin.Context) bool { +func HasInventoryFilter(c *gin.Context) bool { if !enableCyndiTags { return false } - hasTags := false + hasFilter := false if len(c.QueryArray("tags")) > 0 { - hasTags = true + hasFilter = true } // If we have the `system_profile` filter item, then we have tags spQuery := NestedQueryMap(c, "filter").Path("system_profile") if spQuery != nil { spQuery.Visit(func(path []string, val string) { - hasTags = true + hasFilter = true }) } - return hasTags + return hasFilter } func trimQuotes(s string) string { @@ -367,7 +367,7 @@ func (t *Tag) ApplyTag(tx *gorm.DB) *gorm.DB { return tx.Where("ih.tags @> ?::jsonb", query) } -func ParseTagsFilters(c *gin.Context) (map[string]FilterData, error) { +func ParseInventoryFilters(c *gin.Context) (map[string]FilterData, error) { filters := Filters{} err := parseTagsFromCtx(c, filters) @@ -446,7 +446,7 @@ func parseFiltersFromCtx(c *gin.Context, filters Filters) { } // Filter systems by tags with subquery -func ApplyTagsFilter(filters map[string]FilterData, tx *gorm.DB, systemIDExpr string) (*gorm.DB, bool) { +func ApplyInventoryFilter(filters map[string]FilterData, tx *gorm.DB, systemIDExpr string) (*gorm.DB, bool) { if !enableCyndiTags { return tx, false } @@ -455,7 +455,7 @@ func ApplyTagsFilter(filters map[string]FilterData, tx *gorm.DB, systemIDExpr st Table("inventory.hosts ih"). Select("ih.id") - subq, applied := ApplyTagsWhere(filters, subq) + subq, applied := ApplyInventoryWhere(filters, subq) // Don't add the subquery if we don't have to if !applied { @@ -465,7 +465,7 @@ func ApplyTagsFilter(filters map[string]FilterData, tx *gorm.DB, systemIDExpr st } // Apply Where clause with tags filter -func ApplyTagsWhere(filters map[string]FilterData, tx *gorm.DB) (*gorm.DB, bool) { +func ApplyInventoryWhere(filters map[string]FilterData, tx *gorm.DB) (*gorm.DB, bool) { applied := false for key, val := range filters { if strings.Contains(key, "/") { @@ -476,9 +476,9 @@ func ApplyTagsWhere(filters map[string]FilterData, tx *gorm.DB) (*gorm.DB, bool) continue } - if validFilters[key] { + if validSystemProfileFilters[key] { values := strings.Join(val.Values, ",") - q := buildQuery(key, values) + q := buildSystemProfileQuery(key, values) // Builds array of values if len(val.Values) > 1 { @@ -499,9 +499,9 @@ func ApplyTagsWhere(filters map[string]FilterData, tx *gorm.DB) (*gorm.DB, bool) // Builds system_profile sub query in generic way. // Example: -// buildQuery("mssql->version", "1.0") +// buildSystemProfileQuery("mssql->version", "1.0") // returns "(ih.system_profile -> 'mssql' ->> 'version')::text = 1.0" -func buildQuery(key string, val string) string { +func buildSystemProfileQuery(key string, val string) string { var cmp string switch key { From 41bb7f76a6c4521719ab177756448a0572105ec4 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Fri, 14 Jul 2023 18:17:34 +0200 Subject: [PATCH 140/268] ESSNTL-4817: process group_name filter --- manager/controllers/utils.go | 104 +++++++++++++++++++++++++---------- 1 file changed, 76 insertions(+), 28 deletions(-) diff --git a/manager/controllers/utils.go b/manager/controllers/utils.go index 2442e4375..32c0c7cdf 100644 --- a/manager/controllers/utils.go +++ b/manager/controllers/utils.go @@ -37,6 +37,11 @@ var validSystemProfileFilters = map[string]bool{ "ansible->controller_version": true, } +var multiValueFilters = map[string]bool{ + "sap_sids": true, + "group_name": true, +} + func LogAndRespError(c *gin.Context, err error, respMsg string) { utils.LogError("err", err.Error(), respMsg) c.AbortWithStatusJSON(http.StatusInternalServerError, utils.ErrorResponse{Error: respMsg}) @@ -101,8 +106,8 @@ func ApplySort(c *gin.Context, tx *gorm.DB, fieldExprs database.AttrMap, func validateFilters(q QueryMap, allowedFields database.AttrMap) error { for key := range q { - // system_profile is hadled by tags, so it can be skipped - if key == "system_profile" { + // system_profile and group_name are handled by tags, so it can be skipped + if key == "system_profile" || key == "group_name" { continue } if _, ok := allowedFields[key]; !ok { @@ -310,6 +315,13 @@ func HasInventoryFilter(c *gin.Context) bool { hasFilter = true }) } + + groupsQuery := NestedQueryMap(c, "filter").Path("group_name") + if groupsQuery != nil { + groupsQuery.Visit(func(path []string, val string) { + hasFilter = true + }) + } return hasFilter } @@ -413,36 +425,52 @@ func parseTagsFromCtx(c *gin.Context, filters Filters) error { } func parseFiltersFromCtx(c *gin.Context, filters Filters) { - filter := NestedQueryMap(c, "filter").Path("system_profile") - if filter == nil { - return - } - - filter.Visit(func(path []string, val string) { - // Specific filter keys - if len(path) >= 1 && path[0] == "sap_sids" { - val = strconv.Quote(val) - var op string - if op = "eq"; len(path) > 1 { - op = path[1] + var filterItems []QueryItem + filter := NestedQueryMap(c, "filter") + + if item, ok := filter.GetPath("system_profile"); ok { + // filter nested under "system_profile" + filterItems = append(filterItems, item) + } + if _, ok := filter.GetPath("group_name"); ok { + // "group_name" filter + filterItems = append(filterItems, filter) + } + + for _, filter := range filterItems { + filter.Visit(func(path []string, val string) { + // Specific filter keys + if len(path) >= 1 && multiValueFilters[path[0]] { + val = strconv.Quote(val) + var op string + if op = "eq"; len(path) > 1 { + op = path[1] + } + appendFilterData(filters, path[0], op, val) + + return } - appendFilterData(filters, "sap_sids", op, val) - return - } + // [group_name] filter can be processed only with Specific filter keys + if f, ok := filter.(QueryMap); ok { + if _, has := f.GetPath("group_name"); has { + return + } + } - // Generic filter keys - var key string - // Builds key in following format path[0]->path[1]->path[2]... - for i, s := range path { - if i == 0 { - key = path[0] - continue + // Generic [system_profile] filter keys + var key string + // Builds key in following format path[0]->path[1]->path[2]... + for i, s := range path { + if i == 0 { + key = path[0] + continue + } + key = fmt.Sprintf("%s->%s", key, s) } - key = fmt.Sprintf("%s->%s", key, s) - } - appendFilterData(filters, key, "eq", val) - }) + appendFilterData(filters, key, "eq", val) + }) + } } // Filter systems by tags with subquery @@ -492,6 +520,26 @@ func ApplyInventoryWhere(filters map[string]FilterData, tx *gorm.DB) (*gorm.DB, } applied = true + continue + } + + if strings.Contains(key, "group_name") { + groups := []string{} + for _, v := range val.Values { + name, err := strconv.Unquote(v) + if err != nil { + name = v + } + group, err := utils.ParseInventoryGroup(nil, &name) + if err != nil { + // couldn't marshal inventory group to json + continue + } + groups = append(groups, group) + } + jsonq := fmt.Sprintf("{%s}", strings.Join(groups, ",")) + tx = tx.Where("ih.groups @> ANY (?::jsonb[])", jsonq) + applied = true } } return tx, applied From c4eddb004ae72eff2b20b18023204328b9ff18ab Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Fri, 14 Jul 2023 18:26:17 +0200 Subject: [PATCH 141/268] ESSNTL-4817: add group_name filter to spec --- docs/v3/openapi.json | 112 ++++++++++++++++++ manager/controllers/advisories.go | 2 + manager/controllers/advisory_systems.go | 2 + .../controllers/advisory_systems_export.go | 1 + manager/controllers/baseline_systems.go | 1 + .../controllers/baseline_systems_export.go | 1 + manager/controllers/package_systems.go | 2 + manager/controllers/package_systems_export.go | 1 + manager/controllers/packages.go | 1 + manager/controllers/systems.go | 2 + manager/controllers/systems_export.go | 1 + 11 files changed, 126 insertions(+) diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 8c10e555e..78a91b8f1 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -140,6 +140,14 @@ } } }, + { + "name": "filter[group_name][in]", + "in": "query", + "description": "Filter systems by inventory groups", + "schema": { + "type": "string" + } + }, { "name": "filter[system_profile][sap_system]", "in": "query", @@ -425,6 +433,14 @@ } } }, + { + "name": "filter[group_name][in]", + "in": "query", + "description": "Filter systems by inventory groups", + "schema": { + "type": "string" + } + }, { "name": "filter[system_profile][sap_system]", "in": "query", @@ -1068,6 +1084,14 @@ } } }, + { + "name": "filter[group_name][in]", + "in": "query", + "description": "Filter systems by inventory groups", + "schema": { + "type": "string" + } + }, { "name": "filter[system_profile][sap_system]", "in": "query", @@ -1357,6 +1381,14 @@ "type": "string" } }, + { + "name": "filter[group_name][in]", + "in": "query", + "description": "Filter systems by inventory groups", + "schema": { + "type": "string" + } + }, { "name": "filter[system_profile][sap_system]", "in": "query", @@ -1574,6 +1606,14 @@ } } }, + { + "name": "filter[group_name][in]", + "in": "query", + "description": "Filter systems by inventory groups", + "schema": { + "type": "string" + } + }, { "name": "filter[system_profile][sap_system]", "in": "query", @@ -1854,6 +1894,14 @@ "type": "string" } }, + { + "name": "filter[group_name][in]", + "in": "query", + "description": "Filter systems by inventory groups", + "schema": { + "type": "string" + } + }, { "name": "filter[system_profile][sap_system]", "in": "query", @@ -2069,6 +2117,14 @@ "type": "string" } }, + { + "name": "filter[group_name][in]", + "in": "query", + "description": "Filter systems by inventory groups", + "schema": { + "type": "string" + } + }, { "name": "filter[system_profile][sap_system]", "in": "query", @@ -2639,6 +2695,14 @@ } } }, + { + "name": "filter[group_name][in]", + "in": "query", + "description": "Filter systems by inventory groups", + "schema": { + "type": "string" + } + }, { "name": "filter[system_profile][sap_system]", "in": "query", @@ -2957,6 +3021,14 @@ } } }, + { + "name": "filter[group_name][in]", + "in": "query", + "description": "Filter systems by inventory groups", + "schema": { + "type": "string" + } + }, { "name": "filter[system_profile][sap_system]", "in": "query", @@ -3244,6 +3316,14 @@ } } }, + { + "name": "filter[group_name][in]", + "in": "query", + "description": "Filter systems by inventory groups", + "schema": { + "type": "string" + } + }, { "name": "filter[system_profile][sap_system]", "in": "query", @@ -3530,6 +3610,14 @@ } } }, + { + "name": "filter[group_name][in]", + "in": "query", + "description": "Filter systems by inventory groups", + "schema": { + "type": "string" + } + }, { "name": "filter[system_profile][sap_system]", "in": "query", @@ -3881,6 +3969,14 @@ } } }, + { + "name": "filter[group_name][in]", + "in": "query", + "description": "Filter systems by inventory groups", + "schema": { + "type": "string" + } + }, { "name": "filter[system_profile][sap_system]", "in": "query", @@ -4093,6 +4189,14 @@ } } }, + { + "name": "filter[group_name][in]", + "in": "query", + "description": "Filter systems by inventory groups", + "schema": { + "type": "string" + } + }, { "name": "filter[system_profile][sap_system]", "in": "query", @@ -4468,6 +4572,14 @@ } } }, + { + "name": "filter[group_name][in]", + "in": "query", + "description": "Filter systems by inventory groups", + "schema": { + "type": "string" + } + }, { "name": "filter[system_profile][sap_system]", "in": "query", diff --git a/manager/controllers/advisories.go b/manager/controllers/advisories.go index af5737f6c..ea74205db 100644 --- a/manager/controllers/advisories.go +++ b/manager/controllers/advisories.go @@ -160,6 +160,7 @@ func advisoriesCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error) { // @Param filter[installable_systems] query string false "Filter" // @Param filter[applicable_systems] query string false "Filter" // @Param tags query []string false "Tag filter" +// @Param filter[group_name][in] query string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" // @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" @@ -227,6 +228,7 @@ func AdvisoriesListHandler(c *gin.Context) { // @Param filter[installable_systems] query string false "Filter" // @Param filter[applicable_systems] query string false "Filter" // @Param tags query []string false "Tag filter" +// @Param filter[group_name][in] query string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" // @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" diff --git a/manager/controllers/advisory_systems.go b/manager/controllers/advisory_systems.go index b706e8256..f377273fd 100644 --- a/manager/controllers/advisory_systems.go +++ b/manager/controllers/advisory_systems.go @@ -91,6 +91,7 @@ func advisorySystemsCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error // @Param filter[template] query string false "Filter" // @Param filter[os] query string false "Filter OS version" // @Param tags query []string false "Tag filter" +// @Param filter[group_name][in] query string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" // @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" @@ -170,6 +171,7 @@ func advisorySystemsListHandler(c *gin.Context) { // @Param filter[osmajor] query string false "Filter" // @Param filter[os] query string false "Filter OS version" // @Param tags query []string false "Tag filter" +// @Param filter[group_name][in] query string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" // @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" diff --git a/manager/controllers/advisory_systems_export.go b/manager/controllers/advisory_systems_export.go index eac764f51..c94a5ee1a 100644 --- a/manager/controllers/advisory_systems_export.go +++ b/manager/controllers/advisory_systems_export.go @@ -22,6 +22,7 @@ import ( // @Param filter[id] query string false "Filter" // @Param filter[display_name] query string false "Filter" // @Param filter[stale] query string false "Filter" +// @Param filter[group_name][in] query string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" // @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" diff --git a/manager/controllers/baseline_systems.go b/manager/controllers/baseline_systems.go index c9e399c80..4182533aa 100644 --- a/manager/controllers/baseline_systems.go +++ b/manager/controllers/baseline_systems.go @@ -146,6 +146,7 @@ func baselineSystemsCommon(c *gin.Context, account, apiver int, groups map[strin // @Param filter[display_name] query string false "Filter" // @Param filter[os] query string false "Filter" // @Param tags query []string false "Tag filter" +// @Param filter[group_name][in] query string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" // @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" diff --git a/manager/controllers/baseline_systems_export.go b/manager/controllers/baseline_systems_export.go index e1b19cfae..a1317020e 100644 --- a/manager/controllers/baseline_systems_export.go +++ b/manager/controllers/baseline_systems_export.go @@ -19,6 +19,7 @@ import ( // @Param filter[display_name] query string false "Filter" // @Param filter[os] query string false "Filter" // @Param tags query []string false "Tag filter" +// @Param filter[group_name][in] query string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" // @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" diff --git a/manager/controllers/package_systems.go b/manager/controllers/package_systems.go index 65197ed5d..3539e18ca 100644 --- a/manager/controllers/package_systems.go +++ b/manager/controllers/package_systems.go @@ -125,6 +125,7 @@ func packageSystemsCommon(db *gorm.DB, c *gin.Context) (*gorm.DB, *ListMeta, []s // @Param offset query int false "Offset for paging" // @Param package_name path string true "Package name" // @Param tags query []string false "Tag filter" +// @Param filter[group_name][in] query string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" // @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" @@ -189,6 +190,7 @@ func PackageSystemsListHandler(c *gin.Context) { // @Param offset query int false "Offset for paging" // @Param package_name path string true "Package name" // @Param tags query []string false "Tag filter" +// @Param filter[group_name][in] query string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" // @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" diff --git a/manager/controllers/package_systems_export.go b/manager/controllers/package_systems_export.go index 045d9173b..793200dad 100644 --- a/manager/controllers/package_systems_export.go +++ b/manager/controllers/package_systems_export.go @@ -16,6 +16,7 @@ import ( // @Accept json // @Produce json // @Param package_name path string true "Package name" +// @Param filter[group_name][in] query string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" // @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" diff --git a/manager/controllers/packages.go b/manager/controllers/packages.go index 1ea08cc3d..adbf1db33 100644 --- a/manager/controllers/packages.go +++ b/manager/controllers/packages.go @@ -131,6 +131,7 @@ func packagesQuery(db *gorm.DB, filters map[string]FilterData, acc int, groups m // @Param filter[systems_applicable] query string false "Filter" // @Param filter[summary] query string false "Filter" // @Param tags query []string false "Tag filter" +// @Param filter[group_name][in] query string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" // @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" diff --git a/manager/controllers/systems.go b/manager/controllers/systems.go index f967103ca..fbd2c190c 100644 --- a/manager/controllers/systems.go +++ b/manager/controllers/systems.go @@ -196,6 +196,7 @@ func systemsCommon(c *gin.Context, apiver int) (*gorm.DB, *ListMeta, []string, e // @Param filter[baseline_name] query string false "Filter" // @Param filter[os] query string false "Filter OS version" // @Param tags query []string false "Tag filter" +// @Param filter[group_name][in] query string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" // @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" @@ -271,6 +272,7 @@ func SystemsListHandler(c *gin.Context) { // @Param filter[baseline_name] query string false "Filter" // @Param filter[os] query string false "Filter OS version" // @Param tags query []string false "Tag filter" +// @Param filter[group_name][in] query string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" // @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" diff --git a/manager/controllers/systems_export.go b/manager/controllers/systems_export.go index b3200832b..ba2a6a266 100644 --- a/manager/controllers/systems_export.go +++ b/manager/controllers/systems_export.go @@ -22,6 +22,7 @@ import ( // @Param filter[other_count] query string false "Filter" // @Param filter[stale] query string false "Filter" // @Param filter[packages_installed] query string false "Filter" +// @Param filter[group_name][in] query string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" // @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" From c8aecee28b2c35354ebbded5df4652a8c13a4d7d Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Fri, 14 Jul 2023 18:58:53 +0200 Subject: [PATCH 142/268] ESSNTL-4817: test group_name inventory filter --- manager/controllers/utils_test.go | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/manager/controllers/utils_test.go b/manager/controllers/utils_test.go index ae15a5c3e..9673270f6 100644 --- a/manager/controllers/utils_test.go +++ b/manager/controllers/utils_test.go @@ -1,10 +1,16 @@ package controllers import ( + "app/base/database" + "app/base/rbac" + "app/base/utils" + "net/http" + "net/http/httptest" "reflect" "testing" "time" + "github.com/gin-gonic/gin" "github.com/stretchr/testify/assert" ) @@ -48,3 +54,26 @@ func TestNestedQueryInvalidKey(t *testing.T) { case <-done: } } + +func TestGroupNameFilter(t *testing.T) { + utils.SkipWithoutDB(t) + database.Configure() + + c, _ := gin.CreateTestContext(httptest.NewRecorder()) + c.Request, _ = http.NewRequest("GET", "/?filter[group_name][in]=group2", nil) + + filters, err := ParseInventoryFilters(c) + assert.Nil(t, err) + + var systems []SystemsID + groups := map[string]string{ + rbac.KeyGrouped: `{"[{\"id\":\"inventory-group-1\"}]","[{\"id\":\"inventory-group-2\"}]"}`, + } + tx := database.Systems(database.Db, 1, groups) + tx, _ = ApplyInventoryFilter(filters, tx, "sp.inventory_id") + tx.Scan(&systems) + + assert.Equal(t, 2, len(systems)) // 2 systems with `group2` in test_data + assert.Equal(t, "00000000-0000-0000-0000-000000000007", systems[0].ID) + assert.Equal(t, "00000000-0000-0000-0000-000000000008", systems[1].ID) +} From 6d5b7b6906028fb189ef52d642006189d504056f Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 17 Jul 2023 19:09:11 +0200 Subject: [PATCH 143/268] fix inventory filters with `in` operator --- manager/controllers/utils.go | 133 +++++++++++++++++++++--------- manager/controllers/utils_test.go | 25 +++++- 2 files changed, 116 insertions(+), 42 deletions(-) diff --git a/manager/controllers/utils.go b/manager/controllers/utils.go index 32c0c7cdf..95397ae83 100644 --- a/manager/controllers/utils.go +++ b/manager/controllers/utils.go @@ -134,19 +134,23 @@ func ParseFilters(q QueryMap, allowedFields database.AttrMap, // nolint: scopelint for f := range allowedFields { if elem := q.Path(f); elem != nil { - elem.Visit(func(path []string, val string) { + err := elem.Visit(func(path []string, val string) error { // If we encountered error in previous element, skip processing others if err != nil { - return + return err } // the filter[a][eq]=b syntax was not yet implemented if len(path) > 0 { err = errors.New(InvalidNestedFilter) - return + return err } filters[f], err = ParseFilterValue(val) + return err }) + if err != nil { + return filters, err + } } } @@ -311,15 +315,19 @@ func HasInventoryFilter(c *gin.Context) bool { // If we have the `system_profile` filter item, then we have tags spQuery := NestedQueryMap(c, "filter").Path("system_profile") if spQuery != nil { - spQuery.Visit(func(path []string, val string) { + // nolint: errcheck + spQuery.Visit(func(path []string, val string) error { hasFilter = true + return nil }) } groupsQuery := NestedQueryMap(c, "filter").Path("group_name") if groupsQuery != nil { - groupsQuery.Visit(func(path []string, val string) { + // nolint: errcheck + groupsQuery.Visit(func(path []string, val string) error { hasFilter = true + return nil }) } return hasFilter @@ -387,7 +395,9 @@ func ParseInventoryFilters(c *gin.Context) (map[string]FilterData, error) { return nil, err } - parseFiltersFromCtx(c, filters) + if err := parseFiltersFromCtx(c, filters); err != nil { + return nil, errors.Wrap(err, "cannot parse inventory filters") + } return filters, nil } @@ -424,7 +434,7 @@ func parseTagsFromCtx(c *gin.Context, filters Filters) error { return nil } -func parseFiltersFromCtx(c *gin.Context, filters Filters) { +func parseFiltersFromCtx(c *gin.Context, filters Filters) error { var filterItems []QueryItem filter := NestedQueryMap(c, "filter") @@ -438,39 +448,55 @@ func parseFiltersFromCtx(c *gin.Context, filters Filters) { } for _, filter := range filterItems { - filter.Visit(func(path []string, val string) { + err := filter.Visit(func(path []string, val string) error { // Specific filter keys if len(path) >= 1 && multiValueFilters[path[0]] { - val = strconv.Quote(val) - var op string - if op = "eq"; len(path) > 1 { - op = path[1] - } - appendFilterData(filters, path[0], op, val) - - return + return visitMultiValueFilters(filters, path, val) } // [group_name] filter can be processed only with Specific filter keys if f, ok := filter.(QueryMap); ok { if _, has := f.GetPath("group_name"); has { - return + return nil } } // Generic [system_profile] filter keys - var key string - // Builds key in following format path[0]->path[1]->path[2]... - for i, s := range path { - if i == 0 { - key = path[0] - continue - } - key = fmt.Sprintf("%s->%s", key, s) - } - appendFilterData(filters, key, "eq", val) + return visitSystemProfileFilters(filters, path, val) }) + if err != nil { + LogAndRespBadRequest(c, err, err.Error()) + return err + } + } + return nil +} + +func visitMultiValueFilters(filters Filters, path []string, val string) error { + val = strconv.Quote(val) + var op string + if op = "eq"; len(path) > 1 { + op = path[1] + } + err := appendFilterData(filters, path[0], op, val) + if err != nil { + return errors.Wrapf(err, "invalid filter value: %s", val) + } + return nil +} + +// Builds key in following format path[0]->path[1]->path[2]... +func visitSystemProfileFilters(filters Filters, path []string, val string) error { + var key string + for i, s := range path { + if i == 0 { + key = path[0] + continue + } + key = fmt.Sprintf("%s->%s", key, s) } + err := appendFilterData(filters, key, "eq", val) + return errors.Wrapf(err, "invalid filter value: %s", val) } // Filter systems by tags with subquery @@ -579,37 +605,45 @@ func buildSystemProfileQuery(key string, val string) string { type QueryItem interface { IsQuery() - Visit(visitor func(path []string, val string), pathPrefix ...string) + Visit(visitor func(path []string, val string) error, pathPrefix ...string) error } type QueryArr []string func (QueryArr) IsQuery() {} -func (q QueryArr) Visit(visitor func(path []string, val string), pathPrefix ...string) { +func (q QueryArr) Visit(visitor func(path []string, val string) error, pathPrefix ...string) error { for _, item := range q { - visitor(pathPrefix, item) + if err := visitor(pathPrefix, item); err != nil { + return err + } } + return nil } type QueryMap map[string]QueryItem func (QueryMap) IsQuery() {} -func (q QueryMap) Visit(visitor func(path []string, val string), pathPrefix ...string) { +func (q QueryMap) Visit(visitor func(path []string, val string) error, pathPrefix ...string) error { for k, v := range q { newPath := make([]string, len(pathPrefix)) copy(newPath, pathPrefix) newPath = append(newPath, k) switch val := v.(type) { case QueryMap: - val.Visit(visitor, newPath...) + if err := val.Visit(visitor, newPath...); err != nil { + return err + } case QueryArr: // Inlined code here to avoid calling interface method in struct receiver (low perf) for _, item := range val { - visitor(newPath, item) + if err := visitor(newPath, item); err != nil { + return err + } } } } + return nil } func (q QueryMap) GetPath(keys ...string) (QueryItem, bool) { @@ -886,16 +920,33 @@ func mergeMaps(first map[string]FilterData, second map[string]FilterData) { } } -func appendFilterData(filters Filters, key string, op, val string) { - if fd, ok := filters[key]; ok { - fd.Values = append(fd.Values, val) - filters[key] = fd - } else { - filters[key] = FilterData{ - Operator: op, - Values: strings.Split(val, ","), +func appendFilterData(filters Filters, key string, op, val string) error { + if _, ok := filters[key]; !ok { + filters[key] = FilterData{} + } + + values, err := splitValues(op, val) + if err != nil { + return err + } + + filters[key] = FilterData{ + Operator: op, + Values: append(filters[key].Values, values...), + } + return nil +} + +// Split comma delimited string values for IN operator +func splitValues(op, val string) ([]string, error) { + if op == "in" && strings.Contains(val, ",") { + val, err := strconv.Unquote(val) + if err != nil { + return []string{}, errors.Wrap(err, "cannot unquote value") } + return strings.Split(val, ","), nil } + return []string{val}, nil } // Pagination query for handlers where ListCommon is not used diff --git a/manager/controllers/utils_test.go b/manager/controllers/utils_test.go index 9673270f6..5bb0c0342 100644 --- a/manager/controllers/utils_test.go +++ b/manager/controllers/utils_test.go @@ -24,7 +24,8 @@ func TestNestedQueryParse(t *testing.T) { "filter": {}, } res := nestedQueryImpl(q1, "filter") - res.Visit(func(keys []string, val string) { + // nolint: errcheck + res.Visit(func(keys []string, val string) error { if reflect.DeepEqual([]string{"abc", "efg", "eq"}, keys) { assert.Equal(t, "a", val) } @@ -32,6 +33,7 @@ func TestNestedQueryParse(t *testing.T) { if reflect.DeepEqual([]string{"a"}, keys) { assert.Contains(t, []string{"b", "c"}, val) } + return nil }) } @@ -77,3 +79,24 @@ func TestGroupNameFilter(t *testing.T) { assert.Equal(t, "00000000-0000-0000-0000-000000000007", systems[0].ID) assert.Equal(t, "00000000-0000-0000-0000-000000000008", systems[1].ID) } + +func TestGroupNameFilter2(t *testing.T) { + utils.SkipWithoutDB(t) + database.Configure() + + c, _ := gin.CreateTestContext(httptest.NewRecorder()) + c.Request, _ = http.NewRequest("GET", "/?filter[group_name][in]=group1,group2", nil) + + filters, err := ParseInventoryFilters(c) + assert.Nil(t, err) + + var systems []SystemsID + groups := map[string]string{ + rbac.KeyGrouped: `{"[{\"id\":\"inventory-group-1\"}]","[{\"id\":\"inventory-group-2\"}]"}`, + } + tx := database.Systems(database.Db, 1, groups) + tx, _ = ApplyInventoryFilter(filters, tx, "sp.inventory_id") + tx.Scan(&systems) + + assert.Equal(t, 8, len(systems)) // 2 systems with `group2`, 6 with `group1` in test_data +} From 4de7681f9f1b5fb6027fa22113007581878f7d12 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Tue, 18 Jul 2023 09:14:48 +0000 Subject: [PATCH 144/268] v3.3.21 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index e0b671e30..aff86bbd0 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.3.20 +v3.3.21 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 24044c250..571e25b29 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -551,7 +551,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.3.20} +- {name: IMAGE_TAG_MANAGER, value: v3.3.21} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -575,7 +575,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.3.20} +- {name: IMAGE_TAG_LISTENER, value: v3.3.21} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -596,7 +596,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.20} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.21} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -621,7 +621,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.20} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.21} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -644,7 +644,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.3.20} +- {name: IMAGE_TAG_JOBS, value: v3.3.21} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -689,7 +689,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.20} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.21} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -720,7 +720,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.3.20} +- {name: IMAGE_TAG_ADMIN, value: v3.3.21} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index ab0b1b49a..b1c6fba1a 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.20" + "version": "v3.3.21" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 78a91b8f1..0f511a924 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.20" + "version": "v3.3.21" }, "servers": [ { From bca3b8b761c1da605058b33a05ac3c46ef48c289 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 17 Jul 2023 13:15:23 +0200 Subject: [PATCH 145/268] ESSNTL-4817: don't use advisory_account_data with inventory groups --- manager/controllers/advisories.go | 3 ++- manager/controllers/advisories_export.go | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/manager/controllers/advisories.go b/manager/controllers/advisories.go index ea74205db..59e7b5067 100644 --- a/manager/controllers/advisories.go +++ b/manager/controllers/advisories.go @@ -2,6 +2,7 @@ package controllers import ( "app/base/database" + "app/base/rbac" "app/manager/middlewares" "net/http" "time" @@ -125,7 +126,7 @@ func advisoriesCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error) { if err != nil { return nil, nil, nil, err } - if disableCachedCounts || HasInventoryFilter(c) { + if disableCachedCounts || HasInventoryFilter(c) || len(groups[rbac.KeyGrouped]) != 0 { var err error query = buildQueryAdvisoriesTagged(db, filters, account, groups) if err != nil { diff --git a/manager/controllers/advisories_export.go b/manager/controllers/advisories_export.go index 2f905ec35..b43c8f424 100644 --- a/manager/controllers/advisories_export.go +++ b/manager/controllers/advisories_export.go @@ -1,6 +1,7 @@ package controllers import ( + "app/base/rbac" "app/manager/middlewares" "github.com/gin-gonic/gin" @@ -35,7 +36,7 @@ func AdvisoriesExportHandler(c *gin.Context) { } db := middlewares.DBFromContext(c) var query *gorm.DB - if disableCachedCounts || HasInventoryFilter(c) { + if disableCachedCounts || HasInventoryFilter(c) || len(groups[rbac.KeyGrouped]) != 0 { var err error query = buildQueryAdvisoriesTagged(db, filters, account, groups) if err != nil { From db665a89a8c052c2df4e9ccd74a8c5e111e6347e Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 17 Jul 2023 13:17:58 +0200 Subject: [PATCH 146/268] ESSNTL-4817: don't use package_account_data with inventory groups /minor --- manager/controllers/packages.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/manager/controllers/packages.go b/manager/controllers/packages.go index adbf1db33..b66777a7d 100644 --- a/manager/controllers/packages.go +++ b/manager/controllers/packages.go @@ -2,6 +2,7 @@ package controllers import ( "app/base/database" + "app/base/rbac" "app/base/utils" "app/manager/middlewares" "net/http" @@ -89,7 +90,7 @@ func packagesQuery(db *gorm.DB, filters map[string]FilterData, acc int, groups m Select("valid_package_cache"). Where("id = ?", acc). Scan(&validCache).Error - if err == nil && validCache && len(filters) == 0 && enabledPackageCache { + if err == nil && validCache && len(filters) == 0 && enabledPackageCache && len(groups[rbac.KeyGrouped]) == 0 { // use cache only when tag filter is not used q := db.Table("package_account_data res"). Select(PackagesSelect). From 65e7df9c0952e11451964bb2251a48fcf24c0d7e Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Tue, 18 Jul 2023 09:26:51 +0000 Subject: [PATCH 147/268] v3.4.0 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index aff86bbd0..c219f7237 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.3.21 +v3.4.0 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 571e25b29..c2c6e9d91 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -551,7 +551,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.3.21} +- {name: IMAGE_TAG_MANAGER, value: v3.4.0} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -575,7 +575,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.3.21} +- {name: IMAGE_TAG_LISTENER, value: v3.4.0} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -596,7 +596,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.3.21} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.0} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -621,7 +621,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.3.21} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.0} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -644,7 +644,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.3.21} +- {name: IMAGE_TAG_JOBS, value: v3.4.0} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -689,7 +689,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.3.21} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.0} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -720,7 +720,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.3.21} +- {name: IMAGE_TAG_ADMIN, value: v3.4.0} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index b1c6fba1a..5446eea31 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.21" + "version": "v3.4.0" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 0f511a924..db9e3b741 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.3.21" + "version": "v3.4.0" }, "servers": [ { From b0a4fcfc865ade60f3a7290b204cfb94255a4861 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Wed, 19 Jul 2023 10:57:32 +0200 Subject: [PATCH 148/268] ESSNTL-4817: add common attributes for groups --- manager/controllers/common_attributes.go | 10 ++++++++++ manager/controllers/structures.go | 5 +++++ 2 files changed, 15 insertions(+) diff --git a/manager/controllers/common_attributes.go b/manager/controllers/common_attributes.go index 1409f5591..91d8568e1 100644 --- a/manager/controllers/common_attributes.go +++ b/manager/controllers/common_attributes.go @@ -6,6 +6,7 @@ import "time" type SystemsMetaTagTotal struct { MetaTotalHelper TagsStrHelper + GroupsStrHelper } type TagsStrHelper struct { @@ -13,6 +14,11 @@ type TagsStrHelper struct { TagsStr string `json:"-" csv:"-" query:"ih.tags" gorm:"column:tags_str"` } +type GroupsStrHelper struct { + // Just helper field to get Groups from db in plain string, then parsed to "Groups" attr., excluded from output data. + GroupsStr string `json:"-" csv:"-" query:"ih.groups" gorm:"column:groups_str"` +} + type MetaTotalHelper struct { // a helper to get total number of systems Total int `json:"-" csv:"-" query:"count(*) over ()" gorm:"column:total"` @@ -34,6 +40,10 @@ type SystemTags struct { Tags SystemTagsList `json:"tags" csv:"tags" gorm:"-"` } +type SystemGroups struct { + Groups SystemGroupsList `json:"groups" csv:"groups" gorm:"-"` +} + type BaselineAttributes struct { BaselineNameAttr BaselineUpToDateAttr diff --git a/manager/controllers/structures.go b/manager/controllers/structures.go index c76ef352a..b748d4b75 100644 --- a/manager/controllers/structures.go +++ b/manager/controllers/structures.go @@ -48,3 +48,8 @@ type IDsStatusResponse struct { // TODO: delete later once UI is using only the new `data` field IDsResponse } + +type SystemGroup struct { + ID string `json:"id"` + Name string `json:"name"` +} From 270fbe274893d34ea1921287ebc8af74e867767a Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Wed, 19 Jul 2023 10:58:46 +0200 Subject: [PATCH 149/268] ESSNTL-4817: add groups to systems response --- manager/controllers/advisory_systems_v3.go | 7 ++++-- manager/controllers/baseline_systems.go | 8 ++++--- manager/controllers/package_systems.go | 8 ++++--- manager/controllers/system_detail.go | 8 +++++-- manager/controllers/systems.go | 27 ++++++++++++++------- manager/controllers/utils.go | 28 ++++++++++++---------- 6 files changed, 56 insertions(+), 30 deletions(-) diff --git a/manager/controllers/advisory_systems_v3.go b/manager/controllers/advisory_systems_v3.go index 58ce1a023..836454e16 100644 --- a/manager/controllers/advisory_systems_v3.go +++ b/manager/controllers/advisory_systems_v3.go @@ -39,6 +39,7 @@ type AdvisorySystemItemAttributes struct { OSAttributes SystemTimestamps SystemTags + SystemGroups BaselineIDAttr BaselineNameAttr SystemAdvisoryStatus @@ -98,10 +99,12 @@ func buildAdvisorySystemsData(fields []AdvisorySystemDBLookup) ([]AdvisorySystem } data := make([]AdvisorySystemItem, len(fields)) for i, as := range fields { - as.AdvisorySystemItemAttributes.Tags, err = parseSystemTags(as.TagsStr) - if err != nil { + if err = parseSystemItems(as.TagsStr, &as.AdvisorySystemItemAttributes.Tags); err != nil { utils.LogDebug("err", err.Error(), "inventory_id", as.ID, "system tags parsing failed") } + if err = parseSystemItems(as.GroupsStr, &as.AdvisorySystemItemAttributes.Groups); err != nil { + utils.LogDebug("err", err.Error(), "inventory_id", as.ID, "system groups parsing failed") + } data[i] = AdvisorySystemItem{ Attributes: as.AdvisorySystemItemAttributes, ID: as.ID, diff --git a/manager/controllers/baseline_systems.go b/manager/controllers/baseline_systems.go index 4182533aa..22d58c3ee 100644 --- a/manager/controllers/baseline_systems.go +++ b/manager/controllers/baseline_systems.go @@ -51,6 +51,7 @@ type BaselineSystemAttributes struct { InstallableAdvisories ApplicableAdvisories SystemTags + SystemGroups SystemLastUpload } @@ -256,16 +257,17 @@ func buildQueryBaselineSystems(db *gorm.DB, account int, groups map[string]strin func buildBaselineSystemData(baselineSystems []BaselineSystemsDBLookup) ([]BaselineSystemItem, int) { var total int - var err error if len(baselineSystems) > 0 { total = baselineSystems[0].Total } data := make([]BaselineSystemItem, len(baselineSystems)) for i := 0; i < len(baselineSystems); i++ { - baselineSystems[i].Tags, err = parseSystemTags(baselineSystems[i].TagsStr) - if err != nil { + if err := parseSystemItems(baselineSystems[i].TagsStr, &baselineSystems[i].Tags); err != nil { utils.LogDebug("err", err.Error(), "inventory_id", baselineSystems[i].ID, "system tags parsing failed") } + if err := parseSystemItems(baselineSystems[i].GroupsStr, &baselineSystems[i].Groups); err != nil { + utils.LogDebug("err", err.Error(), "inventory_id", baselineSystems[i].ID, "system groups parsing failed") + } data[i] = BaselineSystemItem{ Attributes: baselineSystems[i].BaselineSystemAttributes, BaselineSystemItemCommon: BaselineSystemItemCommon{ diff --git a/manager/controllers/package_systems.go b/manager/controllers/package_systems.go index 3539e18ca..a9a30b3df 100644 --- a/manager/controllers/package_systems.go +++ b/manager/controllers/package_systems.go @@ -43,6 +43,7 @@ type PackageSystemItemV3 struct { BaselineIDAttr OSAttributes UpdateStatus string `json:"update_status" csv:"update_status" query:"update_status(spkg.update_data)" gorm:"column:update_status"` + SystemGroups } type PackageSystemDBLookup struct { @@ -234,12 +235,13 @@ func packageSystemDBLookups2PackageSystemItemsV3(systems []PackageSystemDBLookup total = systems[0].Total } data := make([]PackageSystemItemV3, len(systems)) - var err error for i, system := range systems { - system.PackageSystemItemV3.Tags, err = parseSystemTags(system.TagsStr) - if err != nil { + if err := parseSystemItems(system.TagsStr, &system.PackageSystemItemV3.Tags); err != nil { utils.LogDebug("err", err.Error(), "inventory_id", system.ID, "system tags parsing failed") } + if err := parseSystemItems(system.GroupsStr, &system.PackageSystemItemV3.Groups); err != nil { + utils.LogDebug("err", err.Error(), "inventory_id", system.ID, "system groups parsing failed") + } data[i] = system.PackageSystemItemV3 } return data, total diff --git a/manager/controllers/system_detail.go b/manager/controllers/system_detail.go index 455bffeb4..2d8a41120 100644 --- a/manager/controllers/system_detail.go +++ b/manager/controllers/system_detail.go @@ -23,6 +23,7 @@ type SystemDetailResponse struct { type SystemDetailLookup struct { SystemItemAttributesAll TagsStrHelper + GroupsStrHelper } // nolint: funlen @@ -76,11 +77,14 @@ func SystemDetailHandler(c *gin.Context) { return } - systemDetail.Tags, err = parseSystemTags(systemDetail.TagsStr) - if err != nil { + if err := parseSystemItems(systemDetail.TagsStr, &systemDetail.Tags); err != nil { utils.LogDebug("err", err.Error(), "inventory_id", inventoryID, "system tags parsing failed") } + if err := parseSystemItems(systemDetail.GroupsStr, &systemDetail.Groups); err != nil { + utils.LogDebug("err", err.Error(), "inventory_id", inventoryID, "system groups parsing failed") + } + if apiver < 3 { resp := SystemDetailResponseV2{ Data: SystemItemV2{ diff --git a/manager/controllers/systems.go b/manager/controllers/systems.go index fbd2c190c..1d0b3cb57 100644 --- a/manager/controllers/systems.go +++ b/manager/controllers/systems.go @@ -94,6 +94,7 @@ type SystemItemAttributesV2Only struct { type SystemItemAttributesV3Only struct { BaselineIDAttr + SystemGroups } type SystemItemAttributesV2 struct { @@ -113,9 +114,21 @@ type SystemItemAttributesAll struct { } type SystemTagsList []SystemTag +type SystemGroupsList []SystemGroup +type SystemInventoryItemList[T SystemTagsList | SystemGroupsList] struct { + SystemInventoryItems T +} func (v SystemTagsList) String() string { - b, err := json.Marshal(v) + return SystemInventoryItemList[SystemTagsList]{v}.String() +} + +func (v SystemGroupsList) String() string { + return SystemInventoryItemList[SystemGroupsList]{v}.String() +} + +func (v SystemInventoryItemList[T]) String() string { + b, err := json.Marshal(v.SystemInventoryItems) if err != nil { utils.LogError("err", err.Error(), "Unable to convert tags struct to json") } @@ -314,17 +327,15 @@ func querySystems(db *gorm.DB, account, apiver int, groups map[string]string) *g return q.Select(SystemsSelectV3) } -func parseSystemTags(jsonStr string) ([]SystemTag, error) { +func parseSystemItems(jsonStr string, res interface{}) error { js := json.RawMessage(jsonStr) b, err := json.Marshal(js) if err != nil { - return nil, err + return err } - var systemTags []SystemTag - err = json.Unmarshal(b, &systemTags) - if err != nil { - return nil, err + if err := json.Unmarshal(b, res); err != nil { + return err } - return systemTags, nil + return nil } diff --git a/manager/controllers/utils.go b/manager/controllers/utils.go index 95397ae83..5286c9994 100644 --- a/manager/controllers/utils.go +++ b/manager/controllers/utils.go @@ -740,7 +740,6 @@ func OutputExportData(c *gin.Context, data interface{}) { func systemDBLookups2SystemItems(systems []SystemDBLookup) ([]SystemItem, int, map[string]int) { data := make([]SystemItem, len(systems)) - var err error var total int subtotals := map[string]int{ "patched": 0, @@ -755,10 +754,12 @@ func systemDBLookups2SystemItems(systems []SystemDBLookup) ([]SystemItem, int, m } for i, system := range systems { - system.Tags, err = parseSystemTags(system.TagsStr) - if err != nil { + if err := parseSystemItems(system.TagsStr, &system.Tags); err != nil { utils.LogDebug("err", err.Error(), "inventory_id", system.ID, "system tags parsing failed") } + if err := parseSystemItems(system.GroupsStr, &system.Groups); err != nil { + utils.LogDebug("err", err.Error(), "inventory_id", system.ID, "system groups parsing failed") + } data[i] = SystemItem{ Attributes: system.SystemItemAttributesAll, ID: system.ID, @@ -850,36 +851,39 @@ type BaselineSystemsDBLookupSlice []BaselineSystemsDBLookup // Parse tags from TagsStr string attribute to Tags SystemTag array attribute. // It's used in /*systems endpoints as we can not map this attribute directly from database query result. func (s *SystemDBLookupSlice) ParseAndFillTags() { - var err error for i, system := range *s { - (*s)[i].Tags, err = parseSystemTags(system.TagsStr) - if err != nil { + if err := parseSystemItems(system.TagsStr, &(*s)[i].Tags); err != nil { utils.LogDebug("err", err.Error(), "inventory_id", system.ID, "system tags to export parsing failed") } + if err := parseSystemItems(system.GroupsStr, &(*s)[i].Groups); err != nil { + utils.LogDebug("err", err.Error(), "inventory_id", system.ID, "system groups to export parsing failed") + } } } // Parse tags from TagsStr string attribute to Tags SystemTag array attribute. // It's used in /*systems endpoints as we can not map this attribute directly from database query result. func (s *AdvisorySystemDBLookupSlice) ParseAndFillTags() { - var err error for i, system := range *s { - (*s)[i].Tags, err = parseSystemTags(system.TagsStr) - if err != nil { + if err := parseSystemItems(system.TagsStr, &(*s)[i].Tags); err != nil { utils.LogDebug("err", err.Error(), "inventory_id", system.ID, "system tags to export parsing failed") } + if err := parseSystemItems(system.GroupsStr, &(*s)[i].Groups); err != nil { + utils.LogDebug("err", err.Error(), "inventory_id", system.ID, "system groups to export parsing failed") + } } } // Parse tags from TagsStr string attribute to Tags SystemTag array attribute. // It's used in /*systems endpoints as we can not map this attribute directly from database query result. func (s *BaselineSystemsDBLookupSlice) ParseAndFillTags() { - var err error for i, system := range *s { - (*s)[i].Tags, err = parseSystemTags(system.TagsStr) - if err != nil { + if err := parseSystemItems(system.TagsStr, &(*s)[i].Tags); err != nil { utils.LogDebug("err", err.Error(), "inventory_id", system.ID, "system tags to export parsing failed") } + if err := parseSystemItems(system.GroupsStr, &(*s)[i].Groups); err != nil { + utils.LogDebug("err", err.Error(), "inventory_id", system.ID, "system groups to export parsing failed") + } } } From 29b341b89bb48ab4f5389088efb4f074fe9a3658 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Wed, 19 Jul 2023 10:59:39 +0200 Subject: [PATCH 150/268] ESSNTL-4817: update tests --- manager/controllers/advisory_systems_export_test.go | 5 +++-- manager/controllers/baseline_systems_export_test.go | 7 ++++--- manager/controllers/package_systems_export_test.go | 7 ++++--- manager/controllers/systems_export_test.go | 6 +++--- 4 files changed, 14 insertions(+), 11 deletions(-) diff --git a/manager/controllers/advisory_systems_export_test.go b/manager/controllers/advisory_systems_export_test.go index 724ac3d31..1156af1d3 100644 --- a/manager/controllers/advisory_systems_export_test.go +++ b/manager/controllers/advisory_systems_export_test.go @@ -32,10 +32,11 @@ func TestAdvisorySystemsExportCSV(t *testing.T) { assert.Equal(t, 8, len(lines)) assert.Equal(t, "display_name,last_upload,stale,os,rhsm,stale_timestamp,stale_warning_timestamp,culled_timestamp,created,tags,"+ - "baseline_id,baseline_name,status,id", lines[0]) + "groups,baseline_id,baseline_name,status,id", lines[0]) assert.Equal(t, "00000000-0000-0000-0000-000000000001,2020-09-22T16:00:00Z,false,RHEL 8.10,8.10,2018-08-26T16:00:00Z,"+ "2018-09-02T16:00:00Z,2018-09-09T16:00:00Z,2018-08-26T16:00:00Z,\"[{'key':'k1','namespace':'ns1','value':'val1'},"+ - "{'key':'k2','namespace':'ns1','value':'val2'}]\",1,baseline_1-1,Installable,00000000-0000-0000-0000-000000000001", + "{'key':'k2','namespace':'ns1','value':'val2'}]\",\"[{'id':'inventory-group-1','name':'group1'}]\","+ + "1,baseline_1-1,Installable,00000000-0000-0000-0000-000000000001", lines[1]) } diff --git a/manager/controllers/baseline_systems_export_test.go b/manager/controllers/baseline_systems_export_test.go index d65d1f474..04939323f 100644 --- a/manager/controllers/baseline_systems_export_test.go +++ b/manager/controllers/baseline_systems_export_test.go @@ -49,12 +49,13 @@ func TestBaselineSystemsExportCSV(t *testing.T) { assert.Equal(t, "id,display_name,os,rhsm,installable_rhsa_count,installable_rhba_count,installable_rhea_count,"+ "installable_other_count,applicable_rhsa_count,applicable_rhba_count,applicable_rhea_count,"+ - "applicable_other_count,tags,last_upload", + "applicable_other_count,tags,groups,last_upload", lines[0]) assert.Equal(t, "00000000-0000-0000-0000-000000000001,00000000-0000-0000-0000-000000000001,RHEL 8.10,"+ "8.10,2,2,1,0,2,3,3,0,\"[{'key':'k1','namespace':'ns1','value':'val1'},"+ - "{'key':'k2','namespace':'ns1','value':'val2'}]\",2020-09-22T16:00:00Z", + "{'key':'k2','namespace':'ns1','value':'val2'}]\","+ + "\"[{'id':'inventory-group-1','name':'group1'}]\",2020-09-22T16:00:00Z", lines[1]) } @@ -80,7 +81,7 @@ func TestBaselineSystemsExportCSVFilter(t *testing.T) { assert.Equal(t, "id,display_name,os,rhsm,installable_rhsa_count,installable_rhba_count,installable_rhea_count,"+ "installable_other_count,applicable_rhsa_count,applicable_rhba_count,applicable_rhea_count,"+ - "applicable_other_count,tags,last_upload", + "applicable_other_count,tags,groups,last_upload", lines[0]) assert.Equal(t, "", lines[1]) } diff --git a/manager/controllers/package_systems_export_test.go b/manager/controllers/package_systems_export_test.go index efb03ccd3..5aa100fe0 100644 --- a/manager/controllers/package_systems_export_test.go +++ b/manager/controllers/package_systems_export_test.go @@ -37,13 +37,14 @@ func TestPackageSystemsExportHandlerCSV(t *testing.T) { assert.Equal(t, 5, len(lines)) assert.Equal(t, "id,display_name,installed_evra,available_evra,updatable,tags,"+ - "baseline_name,baseline_uptodate,baseline_id,os,rhsm,update_status", lines[0]) + "baseline_name,baseline_uptodate,baseline_id,os,rhsm,update_status,groups", lines[0]) assert.Equal(t, "00000000-0000-0000-0000-000000000012,00000000-0000-0000-0000-000000000012,"+ "5.6.13-200.fc31.x86_64,5.10.13-200.fc31.x86_64,true,"+ - "\"[{'key':'k1','namespace':'ns1','value':'val1'}]\",,,0,RHEL 8.1,8.1,Installable", + "\"[{'key':'k1','namespace':'ns1','value':'val1'}]\",,,0,RHEL 8.1,8.1,Installable,[]", lines[1]) assert.Equal(t, "00000000-0000-0000-0000-000000000013,00000000-0000-0000-0000-000000000013,"+ - "5.6.13-200.fc31.x86_64,,false,\"[{'key':'k1','namespace':'ns1','value':'val1'}]\",,,0,RHEL 8.2,8.2,None", lines[2]) + "5.6.13-200.fc31.x86_64,,false,\"[{'key':'k1','namespace':'ns1','value':'val1'}]\",,,"+ + "0,RHEL 8.2,8.2,None,[]", lines[2]) } func TestPackageSystemsExportInvalidName(t *testing.T) { diff --git a/manager/controllers/systems_export_test.go b/manager/controllers/systems_export_test.go index 62f314c3b..98e873526 100644 --- a/manager/controllers/systems_export_test.go +++ b/manager/controllers/systems_export_test.go @@ -48,13 +48,13 @@ func TestSystemsExportCSV(t *testing.T) { assert.Equal(t, 10, len(lines)) assert.Equal(t, "id,display_name,os,rhsm,tags,rhsa_count,rhba_count,rhea_count,other_count,packages_installed,baseline_name,"+ - "last_upload,stale_timestamp,stale_warning_timestamp,culled_timestamp,created,stale,baseline_id", + "last_upload,stale_timestamp,stale_warning_timestamp,culled_timestamp,created,stale,baseline_id,groups", lines[0]) assert.Equal(t, "00000000-0000-0000-0000-000000000001,00000000-0000-0000-0000-000000000001,RHEL 8.10,8.10,"+ "\"[{'key':'k1','namespace':'ns1','value':'val1'},{'key':'k2','namespace':'ns1','value':'val2'}]\","+ "2,2,1,0,0,baseline_1-1,2020-09-22T16:00:00Z,2018-08-26T16:00:00Z,2018-09-02T16:00:00Z,2018-09-09T16:00:00Z,"+ - "2018-08-26T16:00:00Z,false,1", + "2018-08-26T16:00:00Z,false,1,\"[{'id':'inventory-group-1','name':'group1'}]\"", lines[1]) } @@ -76,7 +76,7 @@ func TestSystemsExportCSVFilter(t *testing.T) { assert.Equal(t, 2, len(lines)) assert.Equal(t, "id,display_name,os,rhsm,tags,rhsa_count,rhba_count,rhea_count,other_count,packages_installed,baseline_name,"+ - "last_upload,stale_timestamp,stale_warning_timestamp,culled_timestamp,created,stale,baseline_id", + "last_upload,stale_timestamp,stale_warning_timestamp,culled_timestamp,created,stale,baseline_id,groups", lines[0]) assert.Equal(t, "", lines[1]) } From d95936d461ceafe2dcc5e7a86a27a441623b127c Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Wed, 19 Jul 2023 10:59:54 +0200 Subject: [PATCH 151/268] ESSNTL-4817: update openapi spec --- docs/v3/openapi.json | 59 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 59 insertions(+) diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index db9e3b741..95294351b 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -5501,6 +5501,12 @@ "display_name": { "type": "string" }, + "groups": { + "type": "array", + "items": { + "$ref": "#/components/schemas/controllers.SystemGroup" + } + }, "id": { "type": "string" }, @@ -5565,6 +5571,12 @@ "display_name": { "type": "string" }, + "groups": { + "type": "array", + "items": { + "$ref": "#/components/schemas/controllers.SystemGroup" + } + }, "last_upload": { "type": "string" }, @@ -5735,6 +5747,12 @@ "description": "Baseline system display name", "example": "my-baselined-system" }, + "groups": { + "type": "array", + "items": { + "$ref": "#/components/schemas/controllers.SystemGroup" + } + }, "installable_other_count": { "type": "integer" }, @@ -5802,6 +5820,12 @@ "description": "Baseline system display name", "example": "my-baselined-system" }, + "groups": { + "type": "array", + "items": { + "$ref": "#/components/schemas/controllers.SystemGroup" + } + }, "id": { "type": "string" }, @@ -6190,6 +6214,12 @@ "display_name": { "type": "string" }, + "groups": { + "type": "array", + "items": { + "$ref": "#/components/schemas/controllers.SystemGroup" + } + }, "id": { "type": "string" }, @@ -6400,6 +6430,12 @@ "display_name": { "type": "string" }, + "groups": { + "type": "array", + "items": { + "$ref": "#/components/schemas/controllers.SystemGroup" + } + }, "id": { "type": "string" }, @@ -6452,6 +6488,17 @@ } } }, + "controllers.SystemGroup": { + "type": "object", + "properties": { + "id": { + "type": "string" + }, + "name": { + "type": "string" + } + } + }, "controllers.SystemItem": { "type": "object", "properties": { @@ -6487,6 +6534,12 @@ "display_name": { "type": "string" }, + "groups": { + "type": "array", + "items": { + "$ref": "#/components/schemas/controllers.SystemGroup" + } + }, "insights_id": { "type": "string" }, @@ -6567,6 +6620,12 @@ "display_name": { "type": "string" }, + "groups": { + "type": "array", + "items": { + "$ref": "#/components/schemas/controllers.SystemGroup" + } + }, "last_upload": { "type": "string" }, From d61aeec3ee9c53ebb742ad74f874bed7fb140416 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Wed, 19 Jul 2023 09:49:41 +0000 Subject: [PATCH 152/268] v3.4.1 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index c219f7237..3d67a549d 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.0 +v3.4.1 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index c2c6e9d91..c7a87214e 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -551,7 +551,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.0} +- {name: IMAGE_TAG_MANAGER, value: v3.4.1} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -575,7 +575,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.0} +- {name: IMAGE_TAG_LISTENER, value: v3.4.1} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -596,7 +596,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.0} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.1} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -621,7 +621,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.0} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.1} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -644,7 +644,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.0} +- {name: IMAGE_TAG_JOBS, value: v3.4.1} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -689,7 +689,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.0} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.1} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -720,7 +720,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.0} +- {name: IMAGE_TAG_ADMIN, value: v3.4.1} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 5446eea31..9608ad89d 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.0" + "version": "v3.4.1" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 95294351b..9afd85541 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.0" + "version": "v3.4.1" }, "servers": [ { From 0b74310b9c08557a8dff1d7f789477f162c8b54b Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Tue, 18 Jul 2023 16:23:45 +0200 Subject: [PATCH 153/268] SPM-2101: run advisory refresh only for accounts with invalid cache --- base/models/models.go | 9 +++---- .../112_advisory_cache_valid.down.sql | 1 + .../112_advisory_cache_valid.up.sql | 1 + database_admin/schema/create_schema.sql | 3 ++- evaluator/evaluate.go | 8 +++---- manager/controllers/advisories.go | 13 +++++++++- manager/controllers/advisories_export.go | 13 +++++++++- tasks/caches/refresh_advisory_caches.go | 24 +++++++++++++++++-- tasks/caches/refresh_packages_caches.go | 4 ++-- 9 files changed, 61 insertions(+), 15 deletions(-) create mode 100644 database_admin/migrations/112_advisory_cache_valid.down.sql create mode 100644 database_admin/migrations/112_advisory_cache_valid.up.sql diff --git a/base/models/models.go b/base/models/models.go index 309a59274..da9b9fab3 100644 --- a/base/models/models.go +++ b/base/models/models.go @@ -5,10 +5,11 @@ import ( ) type RhAccount struct { - ID int `gorm:"primaryKey"` - Name *string - OrgID *string - ValidPackageCache bool + ID int `gorm:"primaryKey"` + Name *string + OrgID *string + ValidPackageCache bool + ValidAdvisoryCache bool } func (RhAccount) TableName() string { diff --git a/database_admin/migrations/112_advisory_cache_valid.down.sql b/database_admin/migrations/112_advisory_cache_valid.down.sql new file mode 100644 index 000000000..f995fcf05 --- /dev/null +++ b/database_admin/migrations/112_advisory_cache_valid.down.sql @@ -0,0 +1 @@ +ALTER TABLE rh_account DROP valid_advisory_cache; diff --git a/database_admin/migrations/112_advisory_cache_valid.up.sql b/database_admin/migrations/112_advisory_cache_valid.up.sql new file mode 100644 index 000000000..0bff488bb --- /dev/null +++ b/database_admin/migrations/112_advisory_cache_valid.up.sql @@ -0,0 +1 @@ +ALTER TABLE rh_account ADD COLUMN valid_advisory_cache BOOLEAN NOT NULL DEFAULT FALSE; diff --git a/database_admin/schema/create_schema.sql b/database_admin/schema/create_schema.sql index 75b602dcb..d95d6ce27 100644 --- a/database_admin/schema/create_schema.sql +++ b/database_admin/schema/create_schema.sql @@ -7,7 +7,7 @@ CREATE TABLE IF NOT EXISTS schema_migrations INSERT INTO schema_migrations -VALUES (111, false); +VALUES (112, false); -- --------------------------------------------------------------------------- -- Functions @@ -630,6 +630,7 @@ CREATE TABLE IF NOT EXISTS rh_account name TEXT UNIQUE CHECK (NOT empty(name)), org_id TEXT UNIQUE CHECK (NOT empty(org_id)), valid_package_cache BOOLEAN NOT NULL DEFAULT FALSE, + valid_advisory_cache BOOLEAN NOT NULL DEFAULT FALSE, CHECK (name IS NOT NULL OR org_id IS NOT NULL), PRIMARY KEY (id) ) TABLESPACE pg_default; diff --git a/evaluator/evaluate.go b/evaluator/evaluate.go index ae36224dc..b3cb67354 100644 --- a/evaluator/evaluate.go +++ b/evaluator/evaluate.go @@ -558,10 +558,10 @@ func parseVmaasJSON(system *models.SystemPlatform) (vmaas.UpdatesV3Request, erro return updatesReq, err } -func invalidatePkgCache(orgID string) error { +func invalidateCaches(orgID string) error { err := database.Db.Model(models.RhAccount{}). Where("org_id = ?", orgID). - Update("valid_package_cache", false). + Updates(models.RhAccount{ValidPackageCache: false, ValidAdvisoryCache: false}). Error return err } @@ -599,8 +599,8 @@ func evaluateHandler(event mqueue.PlatformEvent) error { } wg.Wait() - if cacheErr := invalidatePkgCache(event.GetOrgID()); cacheErr != nil { - utils.LogError("err", err.Error(), "org_id", event.GetOrgID(), "Couldn't invalidate pkg cache") + if cacheErr := invalidateCaches(event.GetOrgID()); cacheErr != nil { + utils.LogError("err", err.Error(), "org_id", event.GetOrgID(), "Couldn't invalidate caches") } // send kafka message to payload tracker diff --git a/manager/controllers/advisories.go b/manager/controllers/advisories.go index 59e7b5067..d9576a218 100644 --- a/manager/controllers/advisories.go +++ b/manager/controllers/advisories.go @@ -126,7 +126,18 @@ func advisoriesCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error) { if err != nil { return nil, nil, nil, err } - if disableCachedCounts || HasInventoryFilter(c) || len(groups[rbac.KeyGrouped]) != 0 { + + var validCache bool + if !disableCachedCounts { + err = db.Table("rh_account"). + Select("valid_advisory_cache"). + Where("id = ?", account). + Scan(&validCache).Error + if err != nil { + validCache = false + } + } + if !validCache || HasInventoryFilter(c) || len(groups[rbac.KeyGrouped]) != 0 { var err error query = buildQueryAdvisoriesTagged(db, filters, account, groups) if err != nil { diff --git a/manager/controllers/advisories_export.go b/manager/controllers/advisories_export.go index b43c8f424..3518e5146 100644 --- a/manager/controllers/advisories_export.go +++ b/manager/controllers/advisories_export.go @@ -36,7 +36,18 @@ func AdvisoriesExportHandler(c *gin.Context) { } db := middlewares.DBFromContext(c) var query *gorm.DB - if disableCachedCounts || HasInventoryFilter(c) || len(groups[rbac.KeyGrouped]) != 0 { + var validCache bool + + if !disableCachedCounts { + err = db.Table("rh_account"). + Select("valid_advisory_cache"). + Where("id = ?", account). + Scan(&validCache).Error + if err != nil { + validCache = false + } + } + if !validCache || HasInventoryFilter(c) || len(groups[rbac.KeyGrouped]) != 0 { var err error query = buildQueryAdvisoriesTagged(db, filters, account, groups) if err != nil { diff --git a/tasks/caches/refresh_advisory_caches.go b/tasks/caches/refresh_advisory_caches.go index 9e77d83b1..779b831a9 100644 --- a/tasks/caches/refresh_advisory_caches.go +++ b/tasks/caches/refresh_advisory_caches.go @@ -1,11 +1,11 @@ package caches import ( - "app/base/database" "app/base/utils" "app/tasks" "sync" + "github.com/pkg/errors" "gorm.io/gorm" ) @@ -21,7 +21,12 @@ func RefreshAdvisoryCaches() { func refreshAdvisoryCachesPerAccounts(wg *sync.WaitGroup) { var rhAccountIDs []int - err := database.Db.Table("rh_account").Order("hash_partition_id(id, 32), id").Pluck("id", &rhAccountIDs).Error + err := tasks.WithReadReplicaTx(func(tx *gorm.DB) error { + return tx.Table("rh_account"). + Where("valid_advisory_cache = FALSE"). + Order("hash_partition_id(id, 128), id"). + Pluck("id", &rhAccountIDs).Error + }) if skipNAccountsRefresh > 0 { utils.LogInfo("n", skipNAccountsRefresh, "Skipping refresh of first N accounts") rhAccountIDs = rhAccountIDs[skipNAccountsRefresh:] @@ -53,7 +58,22 @@ func refreshAdvisoryCachesPerAccounts(wg *sync.WaitGroup) { "Refreshed account advisory caches") return } + if err := updateAdvisoryCacheValidity(rhAccountID); err != nil { + utils.LogError("err", err.Error(), "rh_account_id", rhAccountID, "Refresh failed") + return + } utils.LogInfo("i", i, "rh_account_id", rhAccountID, "Refreshed account advisory cache") }(i, rhAccountID) } } + +func updateAdvisoryCacheValidity(accID int) error { + utils.LogDebug("Updating cache validity") + err := tasks.WithTx(func(tx *gorm.DB) error { + return tx.Table("rh_account"). + Where("valid_advisory_cache = ?", false). + Where("id = ?", accID). + Update("valid_advisory_cache", true).Error + }) + return errors.Wrap(err, "failed to update valid_advisory_cache") +} diff --git a/tasks/caches/refresh_packages_caches.go b/tasks/caches/refresh_packages_caches.go index a81ed73b5..ed27b0f9f 100644 --- a/tasks/caches/refresh_packages_caches.go +++ b/tasks/caches/refresh_packages_caches.go @@ -45,7 +45,7 @@ func RefreshPackagesCaches(accID *int) error { continue } - if err = updateCacheValidity(&acc); err != nil { + if err = updatePkgCacheValidity(&acc); err != nil { utils.LogError("err", err.Error(), "Refresh failed") continue } @@ -144,7 +144,7 @@ func deleteOldCache(pkgSysCounts []models.PackageAccountData, accID *int) error return errors.Wrap(err, "failed to insert to package_account_data") } -func updateCacheValidity(accID *int) error { +func updatePkgCacheValidity(accID *int) error { defer utils.ObserveSecondsSince(time.Now(), packageRefreshPartDuration.WithLabelValues("update-validity")) utils.LogDebug("Updating cache validity") err := tasks.WithTx(func(tx *gorm.DB) error { From 0d7a3c717b997d188e34ee8d58de25d0a2cca5e4 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Fri, 21 Jul 2023 09:25:21 +0000 Subject: [PATCH 154/268] v3.4.2 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 3d67a549d..56bde7a6a 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.1 +v3.4.2 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index c7a87214e..2ea41a24b 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -551,7 +551,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.1} +- {name: IMAGE_TAG_MANAGER, value: v3.4.2} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -575,7 +575,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.1} +- {name: IMAGE_TAG_LISTENER, value: v3.4.2} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -596,7 +596,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.1} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.2} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -621,7 +621,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.1} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.2} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -644,7 +644,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.1} +- {name: IMAGE_TAG_JOBS, value: v3.4.2} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -689,7 +689,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.1} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.2} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -720,7 +720,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.1} +- {name: IMAGE_TAG_ADMIN, value: v3.4.2} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 9608ad89d..0b5359f52 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.1" + "version": "v3.4.2" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 9afd85541..e98195606 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.1" + "version": "v3.4.2" }, "servers": [ { From e0b99e8cc146ef1874b7cedfc31ae8376ede4d9a Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Thu, 20 Jul 2023 17:27:27 +0200 Subject: [PATCH 155/268] RHINENG-1291: use kafka KRaft mode in docker-compose https://docs.confluent.io/platform/current/kafka-metadata/kraft.html --- conf/kafka.env | 18 ++++++++++-------- dev/kafka/Dockerfile | 2 +- dev/kafka/entrypoint.sh | 11 ----------- docker-compose.prod.yml | 14 -------------- docker-compose.test.yml | 14 -------------- docker-compose.yml | 14 -------------- 6 files changed, 11 insertions(+), 62 deletions(-) diff --git a/conf/kafka.env b/conf/kafka.env index a5adcf9cb..c20ec6fb7 100644 --- a/conf/kafka.env +++ b/conf/kafka.env @@ -2,9 +2,9 @@ # https://github.com/confluentinc/examples/blob/b8a68d8e41572cf1cb51e5b63f54e14b379c2ec4/cp-all-in-one/docker-compose.yml KAFKA_BROKER_ID=1 -KAFKA_ZOOKEEPER_CONNECT=zookeeper:2181 -KAFKA_LISTENER_SECURITY_PROTOCOL_MAP=PLAINTEXT:PLAINTEXT,PLAINTEXT_HOST:PLAINTEXT,SSL:SSL,SSL_HOST:SSL +KAFKA_LISTENER_SECURITY_PROTOCOL_MAP=PLAINTEXT:PLAINTEXT,CONTROLLER:PLAINTEXT,PLAINTEXT_HOST:PLAINTEXT,SSL:SSL,SSL_HOST:SSL KAFKA_ADVERTISED_LISTENERS=PLAINTEXT://kafka:9092,SSL://kafka:9093,PLAINTEXT_HOST://localhost:29092,SSL_HOST://localhost:29093 +KAFKA_LISTENERS=PLAINTEXT://kafka:9092,SSL://kafka:9093,CONTROLLER://kafka:29094,PLAINTEXT_HOST://localhost:29092,SSL_HOST://localhost:29093 # secrets from /etc/kafka/secrets KAFKA_SSL_KEYSTORE_CREDENTIALS=broker_creds @@ -14,13 +14,15 @@ KAFKA_SSL_KEYSTORE_FILENAME=kafka.broker.keystore.jks KAFKA_SSL_TRUSTSTORE_FILENAME=kafka.broker.truststore.jks KAFKA_SSL_CLIENT_AUTH=none -KAFKA_METRIC_REPORTERS=io.confluent.metrics.reporter.ConfluentMetricsReporter +# KRaft mode settings +# https://docs.confluent.io/platform/current/installation/docker/config-reference.html#cp-kakfa-example +KAFKA_PROCESS_ROLES=broker,controller +KAFKA_CONTROLLER_QUORUM_VOTERS=1@kafka:29094 +KAFKA_INTER_BROKER_LISTENER_NAME=PLAINTEXT +KAFKA_CONTROLLER_LISTENER_NAMES=CONTROLLER +CLUSTER_ID=ok340dKtTOWc4eOxrdavLA + KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR=1 KAFKA_TRANSACTION_STATE_LOG_MIN_ISR=1 KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR=1 KAFKA_GROUP_INITIAL_REBALANCE_DELAY_MS=0 -CONFLUENT_METRICS_REPORTER_BOOTSTRAP_SERVERS=kafka:9092 -CONFLUENT_METRICS_REPORTER_ZOOKEEPER_CONNECT=zookeeper:2181 -CONFLUENT_METRICS_REPORTER_TOPIC_REPLICAS=1 -CONFLUENT_METRICS_ENABLE=true -CONFLUENT_SUPPORT_CUSTOMER_ID=anonymous diff --git a/dev/kafka/Dockerfile b/dev/kafka/Dockerfile index 12669bdcd..824ac10bd 100644 --- a/dev/kafka/Dockerfile +++ b/dev/kafka/Dockerfile @@ -1,4 +1,4 @@ -FROM docker.io/confluentinc/cp-enterprise-kafka:7.0.5 +FROM docker.io/confluentinc/cp-kafka ADD /dev/kafka/entrypoint.sh /app/entrypoint.sh ADD /dev/kafka/setup.sh /app/setup.sh diff --git a/dev/kafka/entrypoint.sh b/dev/kafka/entrypoint.sh index 8ca2151a3..fda337410 100755 --- a/dev/kafka/entrypoint.sh +++ b/dev/kafka/entrypoint.sh @@ -1,16 +1,5 @@ #!/bin/sh -#wait until zookeeper is ready -IFS=: read zooserver zooport <<<"$KAFKA_ZOOKEEPER_CONNECT" -while : ; do - STATUS=$(nc $zooserver $zooport <<<"ruok" 2>/dev/null) - if [[ $STATUS == 'imok' ]] ; then - break - fi - >&2 echo "Waiting until zookeeper is running" - sleep 1 -done - /app/setup.sh 2>&1 | grep -v '^WARNING: Due to limitations in metric names' & exec /etc/confluent/docker/run 2>&1 \ diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml index 190bc9675..b2c7a23e7 100644 --- a/docker-compose.prod.yml +++ b/docker-compose.prod.yml @@ -57,18 +57,6 @@ services: security_opt: - label=disable - zookeeper: - image: docker.io/confluentinc/cp-zookeeper:7.0.5 - container_name: zookeeper - env_file: - - ./conf/zookeeper.env - ports: - - 2181:2181 - command: sh -c " - echo 'admin.enableServer=false' >> /etc/confluent/docker/zookeeper.properties.template && - echo '4lw.commands.whitelist=*' >> /etc/confluent/docker/zookeeper.properties.template && - /etc/confluent/docker/run" - kafka: container_name: kafka build: @@ -77,8 +65,6 @@ services: image: patchman-engine-kafka env_file: - ./conf/kafka.env - depends_on: - - zookeeper volumes: - ./dev/kafka/secrets:/etc/kafka/secrets - ./dev/kafka:/app diff --git a/docker-compose.test.yml b/docker-compose.test.yml index b410bfc52..20b32ccfc 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -12,18 +12,6 @@ services: env_file: - ./conf/database.env - zookeeper: - image: docker.io/confluentinc/cp-zookeeper:7.0.5 - container_name: zookeeper - env_file: - - ./conf/zookeeper.env - ports: - - 2181:2181 - command: sh -c " - echo 'admin.enableServer=false' >> /etc/confluent/docker/zookeeper.properties.template && - echo '4lw.commands.whitelist=*' >> /etc/confluent/docker/zookeeper.properties.template && - /etc/confluent/docker/run" - kafka: container_name: kafka build: @@ -32,8 +20,6 @@ services: image: patchman-engine-kafka env_file: - ./conf/kafka.env - depends_on: - - zookeeper volumes: - ./dev/kafka/secrets:/etc/kafka/secrets - ./dev/kafka:/app diff --git a/docker-compose.yml b/docker-compose.yml index dda8cdd0b..355267df1 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -55,18 +55,6 @@ services: security_opt: - label=disable - zookeeper: - image: docker.io/confluentinc/cp-zookeeper:7.0.5 - container_name: zookeeper - env_file: - - ./conf/zookeeper.env - ports: - - 2181:2181 - command: sh -c " - echo 'admin.enableServer=false' >> /etc/confluent/docker/zookeeper.properties.template && - echo '4lw.commands.whitelist=*' >> /etc/confluent/docker/zookeeper.properties.template && - /etc/confluent/docker/run" - kafka: container_name: kafka build: @@ -75,8 +63,6 @@ services: image: patchman-engine-kafka env_file: - ./conf/kafka.env - depends_on: - - zookeeper volumes: - ./dev/kafka/secrets:/etc/kafka/secrets - ./dev/kafka:/app From 37ccc5d1836d4693a59ba9a4b71e5f1e3ed40089 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Fri, 21 Jul 2023 09:41:38 +0000 Subject: [PATCH 156/268] v3.4.3 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 56bde7a6a..fb6e94bca 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.2 +v3.4.3 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 2ea41a24b..1630b0e8d 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -551,7 +551,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.2} +- {name: IMAGE_TAG_MANAGER, value: v3.4.3} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -575,7 +575,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.2} +- {name: IMAGE_TAG_LISTENER, value: v3.4.3} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -596,7 +596,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.2} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.3} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -621,7 +621,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.2} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.3} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -644,7 +644,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.2} +- {name: IMAGE_TAG_JOBS, value: v3.4.3} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -689,7 +689,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.2} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.3} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -720,7 +720,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.2} +- {name: IMAGE_TAG_ADMIN, value: v3.4.3} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 0b5359f52..1940680de 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.2" + "version": "v3.4.3" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index e98195606..471d42d16 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.2" + "version": "v3.4.3" }, "servers": [ { From 84871b2d4e277ad07e8f65ae00f7ecb01f7efb6b Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Fri, 21 Jul 2023 11:59:59 +0200 Subject: [PATCH 157/268] ESSNTL-4817: fix ungrouped hosts --- base/database/utils.go | 4 ++++ base/database/utils_test.go | 1 + 2 files changed, 5 insertions(+) diff --git a/base/database/utils.go b/base/database/utils.go index 15a773503..7db9f2e88 100644 --- a/base/database/utils.go +++ b/base/database/utils.go @@ -222,6 +222,10 @@ func ReadReplicaConfigured() bool { func InventoryHostsJoin(tx *gorm.DB, groups map[string]string) *gorm.DB { tx = tx.Joins("JOIN inventory.hosts ih ON ih.id = sp.inventory_id") if _, ok := groups[rbac.KeyGrouped]; !ok { + if _, ok := groups[rbac.KeyUngrouped]; ok { + // show only systems with '[]' group + return tx.Where("ih.groups = '[]'") + } // return query without WHERE if there are no groups return tx } diff --git a/base/database/utils_test.go b/base/database/utils_test.go index fc27579f4..db757b2cd 100644 --- a/base/database/utils_test.go +++ b/base/database/utils_test.go @@ -30,6 +30,7 @@ var testCases = []map[int64]map[string]string{ rbac.KeyUngrouped: "[]", }}, {0: {rbac.KeyGrouped: `{"[{\"id\":\"non-existing-group\"}]"}`}}, + {nUngrouped: {rbac.KeyUngrouped: "[]"}}, {nAll: {}}, } From 61f88f3d636d4251257985b83e6c71d342136e82 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Fri, 21 Jul 2023 11:49:38 +0000 Subject: [PATCH 158/268] v3.4.4 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index fb6e94bca..98bd4339c 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.3 +v3.4.4 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 1630b0e8d..bc8c9b147 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -551,7 +551,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.3} +- {name: IMAGE_TAG_MANAGER, value: v3.4.4} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -575,7 +575,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.3} +- {name: IMAGE_TAG_LISTENER, value: v3.4.4} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -596,7 +596,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.3} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.4} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -621,7 +621,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.3} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.4} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -644,7 +644,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.3} +- {name: IMAGE_TAG_JOBS, value: v3.4.4} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -689,7 +689,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.3} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.4} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -720,7 +720,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.3} +- {name: IMAGE_TAG_ADMIN, value: v3.4.4} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 1940680de..02cfd2735 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.3" + "version": "v3.4.4" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 471d42d16..0a9f4b4c7 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.3" + "version": "v3.4.4" }, "servers": [ { From e43cf63bed8f05441d50be150d28df646445469b Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Fri, 21 Jul 2023 13:40:26 +0200 Subject: [PATCH 159/268] update default org in dev scripts --- dev/scripts/advisories_list.sh | 2 +- dev/scripts/identity.sh | 2 +- dev/scripts/systems_list.sh | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/dev/scripts/advisories_list.sh b/dev/scripts/advisories_list.sh index ccf546ca2..b2eaf06b9 100755 --- a/dev/scripts/advisories_list.sh +++ b/dev/scripts/advisories_list.sh @@ -2,4 +2,4 @@ IDENTITY="$($(dirname "$0")/identity.sh)" -curl -v -H "x-rh-identity: $IDENTITY" http://localhost:8080/api/patch/v2/advisories/ | python3 -m json.tool +curl -v -H "x-rh-identity: $IDENTITY" http://localhost:8080/api/patch/v2/advisories | python3 -m json.tool diff --git a/dev/scripts/identity.sh b/dev/scripts/identity.sh index 0b2bd030c..13f826fd3 100755 --- a/dev/scripts/identity.sh +++ b/dev/scripts/identity.sh @@ -1,7 +1,7 @@ #!/bin/bash # This identity contains account_name = "0" -ACCOUNT_NUMBER=${1:-"0"} +ACCOUNT_NUMBER=${1:-"org_1"} encode() { local input=$( Date: Fri, 21 Jul 2023 13:22:55 +0000 Subject: [PATCH 160/268] v3.4.5 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 98bd4339c..f119207e3 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.4 +v3.4.5 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index bc8c9b147..32e7664d1 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -551,7 +551,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.4} +- {name: IMAGE_TAG_MANAGER, value: v3.4.5} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -575,7 +575,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.4} +- {name: IMAGE_TAG_LISTENER, value: v3.4.5} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -596,7 +596,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.4} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.5} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -621,7 +621,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.4} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.5} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -644,7 +644,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.4} +- {name: IMAGE_TAG_JOBS, value: v3.4.5} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -689,7 +689,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.4} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.5} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -720,7 +720,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.4} +- {name: IMAGE_TAG_ADMIN, value: v3.4.5} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 02cfd2735..e19eb286f 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.4" + "version": "v3.4.5" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 0a9f4b4c7..30dfda339 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.4" + "version": "v3.4.5" }, "servers": [ { From a76dede7c5b87041a4f4e476fd3febc70c0634b0 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Fri, 21 Jul 2023 15:25:57 +0200 Subject: [PATCH 161/268] RHINENG-1198: endpoints to show vmaas_json and yum_updates --- base/utils/vmaas.go | 8 + docs/v3/openapi.json | 267 +++++++++++++++++++++++++++ evaluator/evaluate.go | 5 +- manager/controllers/system_detail.go | 109 +++++++++++ manager/routes/routes.go | 2 + 5 files changed, 387 insertions(+), 4 deletions(-) diff --git a/base/utils/vmaas.go b/base/utils/vmaas.go index 69849eb0b..db753d9fc 100644 --- a/base/utils/vmaas.go +++ b/base/utils/vmaas.go @@ -1,7 +1,9 @@ package utils import ( + "app/base/models" "app/base/vmaas" + "encoding/json" ) // Merge update data from vmaasDataB into vmaasDataA without duplicating. @@ -121,3 +123,9 @@ func RemoveNonLatestPackages(updates *vmaas.UpdatesV2Response) error { updates.UpdateList = &updateList return nil } + +func ParseVmaasJSON(system *models.SystemPlatform) (vmaas.UpdatesV3Request, error) { + var updatesReq vmaas.UpdatesV3Request + err := json.Unmarshal([]byte(*system.VmaasJSON), &updatesReq) + return updatesReq, err +} diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 30dfda339..ebf0374f0 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -5084,6 +5084,136 @@ ] } }, + "/systems/{inventory_id}/vmaas_json": { + "get": { + "summary": "Show me system's json request for VMaaS", + "description": "Show me system's json request for VMaaS", + "operationId": "systemVmaasJson", + "parameters": [ + { + "name": "inventory_id", + "in": "path", + "description": "Inventory ID", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/controllers.SystemVmaasJSONResponse" + } + } + } + }, + "400": { + "description": "Bad Request", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/utils.ErrorResponse" + } + } + } + }, + "404": { + "description": "Not Found", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/utils.ErrorResponse" + } + } + } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/utils.ErrorResponse" + } + } + } + } + }, + "security": [ + { + "RhIdentity": [] + } + ] + } + }, + "/systems/{inventory_id}/yum_updates": { + "get": { + "summary": "Show me system's yum_updates (client side evaluation data)", + "description": "Show me system's yum_updates (client side evaluation data)", + "operationId": "systemYumUpdates", + "parameters": [ + { + "name": "inventory_id", + "in": "path", + "description": "Inventory ID", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/controllers.SystemYumUpdatesResponse" + } + } + } + }, + "400": { + "description": "Bad Request", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/utils.ErrorResponse" + } + } + } + }, + "404": { + "description": "Not Found", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/utils.ErrorResponse" + } + } + } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/utils.ErrorResponse" + } + } + } + } + }, + "security": [ + { + "RhIdentity": [] + } + ] + } + }, "/tags": { "get": { "summary": "Show me systems tags applicable to this application", @@ -6798,6 +6928,22 @@ } } }, + "controllers.SystemVmaasJSONResponse": { + "type": "object", + "properties": { + "data": { + "$ref": "#/components/schemas/vmaas.UpdatesV3Request" + } + } + }, + "controllers.SystemYumUpdatesResponse": { + "type": "object", + "properties": { + "data": { + "$ref": "#/components/schemas/vmaas.UpdatesV2Response" + } + } + }, "controllers.SystemsAdvisoriesRequest": { "type": "object", "properties": { @@ -6910,6 +7056,127 @@ "type": "string" } } + }, + "vmaas.UpdatesV2Response": { + "type": "object", + "properties": { + "basearch": { + "type": "string" + }, + "last_change": { + "type": "string" + }, + "modules_list": { + "type": "array", + "items": { + "$ref": "#/components/schemas/vmaas.UpdatesV3RequestModulesList" + } + }, + "releasever": { + "type": "string" + }, + "repository_list": { + "type": "array", + "items": { + "type": "string" + } + }, + "update_list": { + "type": "object", + "additionalProperties": { + "$ref": "#/components/schemas/vmaas.UpdatesV2ResponseUpdateList" + } + } + } + }, + "vmaas.UpdatesV2ResponseAvailableUpdates": { + "type": "object", + "properties": { + "basearch": { + "type": "string" + }, + "erratum": { + "type": "string" + }, + "package": { + "type": "string" + }, + "releasever": { + "type": "string" + }, + "repository": { + "type": "string" + } + } + }, + "vmaas.UpdatesV2ResponseUpdateList": { + "type": "object", + "properties": { + "available_updates": { + "type": "array", + "items": { + "$ref": "#/components/schemas/vmaas.UpdatesV2ResponseAvailableUpdates" + } + } + } + }, + "vmaas.UpdatesV3Request": { + "type": "object", + "properties": { + "basearch": { + "type": "string" + }, + "epoch_required": { + "type": "boolean", + "description": "VMaaS will check package_list and return error if we provide package_list without epochs" + }, + "latest_only": { + "type": "boolean" + }, + "modules_list": { + "type": "array", + "items": { + "$ref": "#/components/schemas/vmaas.UpdatesV3RequestModulesList" + } + }, + "optimistic_updates": { + "type": "boolean", + "description": "Search for updates of unknown package EVRAs." + }, + "package_list": { + "type": "array", + "items": { + "type": "string" + } + }, + "releasever": { + "type": "string" + }, + "repository_list": { + "type": "array", + "items": { + "type": "string" + } + }, + "security_only": { + "type": "boolean" + }, + "third_party": { + "type": "boolean", + "description": "Include content from \\\"third party\\\" repositories into the response, disabled by default." + } + } + }, + "vmaas.UpdatesV3RequestModulesList": { + "type": "object", + "properties": { + "module_name": { + "type": "string" + }, + "module_stream": { + "type": "string" + } + } } }, "securitySchemes": { diff --git a/evaluator/evaluate.go b/evaluator/evaluate.go index b3cb67354..45b18c15a 100644 --- a/evaluator/evaluate.go +++ b/evaluator/evaluate.go @@ -552,10 +552,7 @@ func loadSystemData(tx *gorm.DB, accountID int, inventoryID string) (*models.Sys func parseVmaasJSON(system *models.SystemPlatform) (vmaas.UpdatesV3Request, error) { tStart := time.Now() defer utils.ObserveSecondsSince(tStart, evaluationPartDuration.WithLabelValues("parse-vmaas-json")) - - var updatesReq vmaas.UpdatesV3Request - err := json.Unmarshal([]byte(*system.VmaasJSON), &updatesReq) - return updatesReq, err + return utils.ParseVmaasJSON(system) } func invalidateCaches(orgID string) error { diff --git a/manager/controllers/system_detail.go b/manager/controllers/system_detail.go index 2d8a41120..590c6a8b3 100644 --- a/manager/controllers/system_detail.go +++ b/manager/controllers/system_detail.go @@ -2,8 +2,11 @@ package controllers import ( "app/base/database" + "app/base/models" "app/base/utils" + "app/base/vmaas" "app/manager/middlewares" + "encoding/json" "errors" "net/http" @@ -26,6 +29,14 @@ type SystemDetailLookup struct { GroupsStrHelper } +type SystemVmaasJSONResponse struct { + Data vmaas.UpdatesV3Request `json:"data"` +} + +type SystemYumUpdatesResponse struct { + Data vmaas.UpdatesV2Response `json:"data"` +} + // nolint: funlen // @Summary Show me details about a system by given inventory id // @Description Show me details about a system by given inventory id @@ -106,3 +117,101 @@ func SystemDetailHandler(c *gin.Context) { }} c.JSON(http.StatusOK, &resp) } + +// @Summary Show me system's json request for VMaaS +// @Description Show me system's json request for VMaaS +// @ID systemVmaasJson +// @Security RhIdentity +// @Accept json +// @Produce json +// @Param inventory_id path string true "Inventory ID" +// @Success 200 {object} SystemVmaasJSONResponse +// @Failure 400 {object} utils.ErrorResponse +// @Failure 404 {object} utils.ErrorResponse +// @Failure 500 {object} utils.ErrorResponse +// @Router /systems/{inventory_id}/vmaas_json [get] +func SystemVmaasJSONHandler(c *gin.Context) { + system := systemJSONsCommon(c, "sp.vmaas_json") + if system == nil { + return // abort handled by `systemJSONsCommon` + } + data, err := utils.ParseVmaasJSON(system) + if err != nil { + LogAndRespError(c, err, "couldn't parse vmaas json") + return + } + + resp := SystemVmaasJSONResponse{data} + c.JSON(http.StatusOK, &resp) +} + +// @Summary Show me system's yum_updates (client side evaluation data) +// @Description Show me system's yum_updates (client side evaluation data) +// @ID systemYumUpdates +// @Security RhIdentity +// @Accept json +// @Produce json +// @Param inventory_id path string true "Inventory ID" +// @Success 200 {object} SystemYumUpdatesResponse +// @Failure 400 {object} utils.ErrorResponse +// @Failure 404 {object} utils.ErrorResponse +// @Failure 500 {object} utils.ErrorResponse +// @Router /systems/{inventory_id}/yum_updates [get] +func SystemYumUpdatesHandler(c *gin.Context) { + system := systemJSONsCommon(c, "sp.yum_updates") + if system == nil { + return // abort handled by `systemJSONsCommon` + } + + var resp SystemYumUpdatesResponse + if system.YumUpdates == nil { + c.JSON(http.StatusOK, &resp) + return + } + + err := json.Unmarshal(system.YumUpdates, &resp.Data) + if err != nil { + LogAndRespError(c, err, "unable to unmarshall yum updates") + return + } + + c.JSON(http.StatusOK, &resp) +} + +func systemJSONsCommon(c *gin.Context, column string) *models.SystemPlatform { + account := c.GetInt(middlewares.KeyAccount) + groups := c.GetStringMapString(middlewares.KeyInventoryGroups) + + inventoryID := c.Param("inventory_id") + if inventoryID == "" { + c.JSON(http.StatusBadRequest, utils.ErrorResponse{Error: "inventory_id param not found"}) + return nil + } + + if !utils.IsValidUUID(inventoryID) { + LogAndRespBadRequest(c, errors.New("bad request"), "incorrect inventory_id format") + return nil + } + + if !isFilterInURLValid(c) { + return nil + } + + var system models.SystemPlatform + db := middlewares.DBFromContext(c) + query := database.Systems(db, account, groups). + Select(column). + Where("sp.inventory_id = ?::uuid", inventoryID) + + err := query.Take(&system).Error + if errors.Is(err, gorm.ErrRecordNotFound) { + LogAndRespNotFound(c, err, "inventory not found") + return nil + } + + if err != nil { + LogAndRespError(c, err, "database error") + return nil + } + return &system +} diff --git a/manager/routes/routes.go b/manager/routes/routes.go index d53e78640..82b4c6a0f 100644 --- a/manager/routes/routes.go +++ b/manager/routes/routes.go @@ -38,6 +38,8 @@ func InitAPI(api *gin.RouterGroup, config docs.EndpointsConfig) { // nolint: fun systems.GET("/:inventory_id", controllers.SystemDetailHandler) systems.GET("/:inventory_id/advisories", controllers.SystemAdvisoriesHandler) systems.GET("/:inventory_id/packages", controllers.SystemPackagesHandler) + systems.GET("/:inventory_id/vmaas_json", controllers.SystemVmaasJSONHandler) + systems.GET("/:inventory_id/yum_updates", controllers.SystemYumUpdatesHandler) systems.DELETE("/:inventory_id", controllers.SystemDeleteHandler) api.GET("/tags", controllers.SystemTagListHandler) From d613aeef646a5cbb6110c670064e86c2c6911753 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Mon, 24 Jul 2023 10:03:33 +0000 Subject: [PATCH 162/268] v3.4.6 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index f119207e3..d0ec26c79 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.5 +v3.4.6 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 32e7664d1..9793a1394 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -551,7 +551,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.5} +- {name: IMAGE_TAG_MANAGER, value: v3.4.6} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -575,7 +575,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.5} +- {name: IMAGE_TAG_LISTENER, value: v3.4.6} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -596,7 +596,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.5} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.6} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -621,7 +621,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.5} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.6} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -644,7 +644,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.5} +- {name: IMAGE_TAG_JOBS, value: v3.4.6} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -689,7 +689,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.5} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.6} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -720,7 +720,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.5} +- {name: IMAGE_TAG_ADMIN, value: v3.4.6} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index e19eb286f..e4ab954bf 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.5" + "version": "v3.4.6" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index ebf0374f0..0ca24b490 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.5" + "version": "v3.4.6" }, "servers": [ { From 287452097177a6a21643eb2b204a553ee0b75a86 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 24 Jul 2023 12:38:14 +0200 Subject: [PATCH 163/268] SPM-2149: add update_status filter to docs --- docs/v3/openapi.json | 8 ++++++++ manager/controllers/system_packages.go | 1 + 2 files changed, 9 insertions(+) diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 0ca24b490..227c5ab94 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -5033,6 +5033,14 @@ "schema": { "type": "boolean" } + }, + { + "name": "filter[update_status]", + "in": "query", + "description": "Filter", + "schema": { + "type": "string" + } } ], "responses": { diff --git a/manager/controllers/system_packages.go b/manager/controllers/system_packages.go index 348a5852e..95b117257 100644 --- a/manager/controllers/system_packages.go +++ b/manager/controllers/system_packages.go @@ -97,6 +97,7 @@ func systemPackageQuery(db *gorm.DB, account int, groups map[string]string, inve // @Param filter[evra] query string false "Filter" // @Param filter[summary] query string false "Filter" // @Param filter[updatable] query bool false "Filter" +// @Param filter[update_status] query string false "Filter" // @Success 200 {object} SystemPackageResponseV3 // @Failure 400 {object} utils.ErrorResponse // @Failure 404 {object} utils.ErrorResponse From 1c2f751de7f03c52431251a22271f4c1a6c2ee0e Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Mon, 24 Jul 2023 16:36:40 +0000 Subject: [PATCH 164/268] v3.4.7 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index d0ec26c79..a76336b5a 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.6 +v3.4.7 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 9793a1394..3f6e3c9fd 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -551,7 +551,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.6} +- {name: IMAGE_TAG_MANAGER, value: v3.4.7} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -575,7 +575,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.6} +- {name: IMAGE_TAG_LISTENER, value: v3.4.7} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -596,7 +596,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.6} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.7} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -621,7 +621,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.6} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.7} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -644,7 +644,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.6} +- {name: IMAGE_TAG_JOBS, value: v3.4.7} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -689,7 +689,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.6} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.7} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -720,7 +720,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.6} +- {name: IMAGE_TAG_ADMIN, value: v3.4.7} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index e4ab954bf..cce7bd948 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.6" + "version": "v3.4.7" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 227c5ab94..447f0e334 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.6" + "version": "v3.4.7" }, "servers": [ { From 264523de39ca8ef8fa981dee477040c6b85af959 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 24 Jul 2023 15:52:21 +0200 Subject: [PATCH 165/268] SPM-2120: rename structs for vmaas response --- base/utils/vmaas.go | 12 +++++------ base/utils/vmaas_test.go | 4 ++-- base/vmaas/vmaas.go | 30 +++++++++++++-------------- evaluator/evaluate.go | 24 ++++++++++----------- evaluator/evaluate_advisories.go | 4 ++-- evaluator/evaluate_advisories_test.go | 14 ++++++------- evaluator/evaluate_baseline.go | 4 ++-- evaluator/evaluate_baseline_test.go | 2 +- evaluator/evaluate_packages.go | 16 +++++++------- evaluator/evaluate_packages_test.go | 14 ++++++------- evaluator/evaluate_test.go | 2 +- evaluator/remediations.go | 8 +++---- evaluator/remediations_test.go | 8 +++---- evaluator/vmaas_cache.go | 8 +++---- listener/common_test.go | 4 ++-- listener/upload.go | 6 +++--- manager/controllers/system_detail.go | 2 +- platform/platform.go | 2 +- 18 files changed, 82 insertions(+), 82 deletions(-) diff --git a/base/utils/vmaas.go b/base/utils/vmaas.go index db753d9fc..8eef8be23 100644 --- a/base/utils/vmaas.go +++ b/base/utils/vmaas.go @@ -8,8 +8,8 @@ import ( // Merge update data from vmaasDataB into vmaasDataA without duplicating. // Requires sorted update input and returns sorted output. -func MergeVMaaSResponses(vmaasDataA *vmaas.UpdatesV2Response, - vmaasDataB *vmaas.UpdatesV2Response) (*vmaas.UpdatesV2Response, error) { +func MergeVMaaSResponses(vmaasDataA *vmaas.UpdatesV3Response, + vmaasDataB *vmaas.UpdatesV3Response) (*vmaas.UpdatesV3Response, error) { if vmaasDataA == nil { return vmaasDataB, nil } @@ -39,9 +39,9 @@ func MergeVMaaSResponses(vmaasDataA *vmaas.UpdatesV2Response, return vmaasDataA, nil } -func mergeUpdates(listA, listB vmaas.UpdatesV2ResponseUpdateList) (*vmaas.UpdatesV2ResponseUpdateList, error) { +func mergeUpdates(listA, listB vmaas.UpdatesV3ResponseUpdateList) (*vmaas.UpdatesV3ResponseUpdateList, error) { updatesA, updatesB := listA.GetAvailableUpdates(), listB.GetAvailableUpdates() - newUpdates := make([]vmaas.UpdatesV2ResponseAvailableUpdates, 0) + newUpdates := make([]vmaas.UpdatesV3ResponseAvailableUpdates, 0) a, b := 0, 0 for a < len(updatesA) && b < len(updatesB) { nevraA, err := ParseNevra(updatesA[a].GetPackage()) @@ -78,13 +78,13 @@ func mergeUpdates(listA, listB vmaas.UpdatesV2ResponseUpdateList) (*vmaas.Update if b <= len(updatesB)-1 { newUpdates = append(newUpdates, updatesB[b:]...) } - return &vmaas.UpdatesV2ResponseUpdateList{ + return &vmaas.UpdatesV3ResponseUpdateList{ AvailableUpdates: &newUpdates, }, nil } // Keep only updates for the latest package in update list -func RemoveNonLatestPackages(updates *vmaas.UpdatesV2Response) error { +func RemoveNonLatestPackages(updates *vmaas.UpdatesV3Response) error { var toDel []string type nevraStruct struct { nameString string diff --git a/base/utils/vmaas_test.go b/base/utils/vmaas_test.go index a1fed67eb..00cb13c4d 100644 --- a/base/utils/vmaas_test.go +++ b/base/utils/vmaas_test.go @@ -10,7 +10,7 @@ import ( ) func compareUpdatesMerge(t *testing.T, jsonA, jsonB, merged []byte) { - var listA, listB vmaas.UpdatesV2ResponseUpdateList + var listA, listB vmaas.UpdatesV3ResponseUpdateList err := json.Unmarshal(jsonA, &listA) assert.Nil(t, err) err = json.Unmarshal(jsonB, &listB) @@ -51,7 +51,7 @@ func TestMergeDifferentAttrs(t *testing.T) { } func compareResponseMerge(t *testing.T, jsonA, jsonB, merged []byte) { - var respA, respB vmaas.UpdatesV2Response + var respA, respB vmaas.UpdatesV3Response err := json.Unmarshal(jsonA, &respA) assert.Nil(t, err) diff --git a/base/vmaas/vmaas.go b/base/vmaas/vmaas.go index db5fb7d87..f04184247 100644 --- a/base/vmaas/vmaas.go +++ b/base/vmaas/vmaas.go @@ -39,8 +39,8 @@ func (o *UpdatesV3Request) SetReleasever(v string) { o.Releasever = &v } -type UpdatesV2Response struct { - UpdateList *map[string]UpdatesV2ResponseUpdateList `json:"update_list,omitempty"` +type UpdatesV3Response struct { + UpdateList *map[string]UpdatesV3ResponseUpdateList `json:"update_list,omitempty"` RepositoryList *[]string `json:"repository_list,omitempty"` ModulesList *[]UpdatesV3RequestModulesList `json:"modules_list,omitempty"` Releasever *string `json:"releasever,omitempty"` @@ -49,21 +49,21 @@ type UpdatesV2Response struct { } // GetUpdateList returns the UpdateList field value if set, zero value otherwise. -func (o *UpdatesV2Response) GetUpdateList() map[string]UpdatesV2ResponseUpdateList { +func (o *UpdatesV3Response) GetUpdateList() map[string]UpdatesV3ResponseUpdateList { if o == nil || o.UpdateList == nil { - var ret map[string]UpdatesV2ResponseUpdateList + var ret map[string]UpdatesV3ResponseUpdateList return ret } return *o.UpdateList } -type UpdatesV2ResponseUpdateList struct { - AvailableUpdates *[]UpdatesV2ResponseAvailableUpdates `json:"available_updates,omitempty"` +type UpdatesV3ResponseUpdateList struct { + AvailableUpdates *[]UpdatesV3ResponseAvailableUpdates `json:"available_updates,omitempty"` } -func (o *UpdatesV2ResponseUpdateList) GetAvailableUpdates() []UpdatesV2ResponseAvailableUpdates { +func (o *UpdatesV3ResponseUpdateList) GetAvailableUpdates() []UpdatesV3ResponseAvailableUpdates { if o == nil || o.AvailableUpdates == nil { - var ret []UpdatesV2ResponseAvailableUpdates + var ret []UpdatesV3ResponseAvailableUpdates return ret } updates := *o.AvailableUpdates @@ -85,7 +85,7 @@ func (o *UpdatesV2ResponseUpdateList) GetAvailableUpdates() []UpdatesV2ResponseA return updates } -type UpdatesV2ResponseAvailableUpdates struct { +type UpdatesV3ResponseAvailableUpdates struct { Repository *string `json:"repository,omitempty"` Releasever *string `json:"releasever,omitempty"` Basearch *string `json:"basearch,omitempty"` @@ -95,7 +95,7 @@ type UpdatesV2ResponseAvailableUpdates struct { StatusID int `json:"-"` } -func (o *UpdatesV2ResponseAvailableUpdates) GetPackage() string { +func (o *UpdatesV3ResponseAvailableUpdates) GetPackage() string { if o == nil || o.Package == nil { var ret string return ret @@ -103,7 +103,7 @@ func (o *UpdatesV2ResponseAvailableUpdates) GetPackage() string { return *o.Package } -func (o *UpdatesV2ResponseAvailableUpdates) GetErratum() string { +func (o *UpdatesV3ResponseAvailableUpdates) GetErratum() string { if o == nil || o.Erratum == nil { var ret string return ret @@ -111,7 +111,7 @@ func (o *UpdatesV2ResponseAvailableUpdates) GetErratum() string { return *o.Erratum } -func (o *UpdatesV2ResponseAvailableUpdates) GetBasearch() string { +func (o *UpdatesV3ResponseAvailableUpdates) GetBasearch() string { if o == nil || o.Basearch == nil { var ret string return ret @@ -119,7 +119,7 @@ func (o *UpdatesV2ResponseAvailableUpdates) GetBasearch() string { return *o.Basearch } -func (o *UpdatesV2ResponseAvailableUpdates) GetReleasever() string { +func (o *UpdatesV3ResponseAvailableUpdates) GetReleasever() string { if o == nil || o.Releasever == nil { var ret string return ret @@ -127,7 +127,7 @@ func (o *UpdatesV2ResponseAvailableUpdates) GetReleasever() string { return *o.Releasever } -func (o *UpdatesV2ResponseAvailableUpdates) GetRepository() string { +func (o *UpdatesV3ResponseAvailableUpdates) GetRepository() string { if o == nil || o.Repository == nil { var ret string return ret @@ -135,7 +135,7 @@ func (o *UpdatesV2ResponseAvailableUpdates) GetRepository() string { return *o.Repository } -func (o *UpdatesV2ResponseAvailableUpdates) Cmp(b *UpdatesV2ResponseAvailableUpdates) int { +func (o *UpdatesV3ResponseAvailableUpdates) Cmp(b *UpdatesV3ResponseAvailableUpdates) int { if cmp := strings.Compare(o.GetPackage(), b.GetPackage()); cmp != 0 { return cmp } diff --git a/evaluator/evaluate.go b/evaluator/evaluate.go index 45b18c15a..35c07a435 100644 --- a/evaluator/evaluate.go +++ b/evaluator/evaluate.go @@ -172,7 +172,7 @@ func runEvaluate( } func evaluateInDatabase(ctx context.Context, event *mqueue.PlatformEvent, inventoryID string) ( - *models.SystemPlatform, *vmaas.UpdatesV2Response, error) { + *models.SystemPlatform, *vmaas.UpdatesV3Response, error) { tx := database.Db.WithContext(base.Context).Begin() // Don't allow requested TX to hang around locking the rows defer tx.Rollback() @@ -203,12 +203,12 @@ func evaluateInDatabase(ctx context.Context, event *mqueue.PlatformEvent, invent return system, vmaasData, nil } -func tryGetYumUpdates(system *models.SystemPlatform) (*vmaas.UpdatesV2Response, error) { +func tryGetYumUpdates(system *models.SystemPlatform) (*vmaas.UpdatesV3Response, error) { if system.YumUpdates == nil { return nil, nil } - var resp vmaas.UpdatesV2Response + var resp vmaas.UpdatesV3Response err := json.Unmarshal(system.YumUpdates, &resp) if err != nil { return nil, errors.Wrap(err, "unable to unmarshall yum updates") @@ -223,8 +223,8 @@ func tryGetYumUpdates(system *models.SystemPlatform) (*vmaas.UpdatesV2Response, return &resp, nil } -func evaluateWithVmaas(tx *gorm.DB, updatesData *vmaas.UpdatesV2Response, - system *models.SystemPlatform, event *mqueue.PlatformEvent) (*vmaas.UpdatesV2Response, error) { +func evaluateWithVmaas(tx *gorm.DB, updatesData *vmaas.UpdatesV3Response, + system *models.SystemPlatform, event *mqueue.PlatformEvent) (*vmaas.UpdatesV3Response, error) { if enableBaselineEval { err := limitVmaasToBaseline(tx, system, updatesData) if err != nil { @@ -246,8 +246,8 @@ func evaluateWithVmaas(tx *gorm.DB, updatesData *vmaas.UpdatesV2Response, } func getUpdatesData(ctx context.Context, tx *gorm.DB, system *models.SystemPlatform) ( - *vmaas.UpdatesV2Response, error) { - var yumUpdates *vmaas.UpdatesV2Response + *vmaas.UpdatesV3Response, error) { + var yumUpdates *vmaas.UpdatesV3Response var yumErr error if enableYumUpdatesEval { yumUpdates, yumErr = tryGetYumUpdates(system) @@ -276,7 +276,7 @@ func getUpdatesData(ctx context.Context, tx *gorm.DB, system *models.SystemPlatf } func getVmaasUpdates(ctx context.Context, tx *gorm.DB, - system *models.SystemPlatform) (*vmaas.UpdatesV2Response, error) { + system *models.SystemPlatform) (*vmaas.UpdatesV3Response, error) { // first check if we have data in cache vmaasData, ok := memoryVmaasCache.Get(system.JSONChecksum) if ok { @@ -381,7 +381,7 @@ func commitWithObserve(tx *gorm.DB) error { } func evaluateAndStore(tx *gorm.DB, system *models.SystemPlatform, - vmaasData *vmaas.UpdatesV2Response, event *mqueue.PlatformEvent) error { + vmaasData *vmaas.UpdatesV3Response, event *mqueue.PlatformEvent) error { newSystemAdvisories, err := analyzeAdvisories(tx, system, vmaasData) if err != nil { return errors.Wrap(err, "Advisory analysis failed") @@ -514,13 +514,13 @@ func updateSystemPlatform(tx *gorm.DB, system *models.SystemPlatform, return err } -func callVMaas(ctx context.Context, request *vmaas.UpdatesV3Request) (*vmaas.UpdatesV2Response, error) { +func callVMaas(ctx context.Context, request *vmaas.UpdatesV3Request) (*vmaas.UpdatesV3Response, error) { tStart := time.Now() defer utils.ObserveSecondsSince(tStart, evaluationPartDuration.WithLabelValues("vmaas-updates-call")) vmaasCallFunc := func() (interface{}, *http.Response, error) { utils.LogTrace("request", *request, "vmaas /updates request") - vmaasData := vmaas.UpdatesV2Response{} + vmaasData := vmaas.UpdatesV3Response{} resp, err := vmaasClient.Request(&ctx, http.MethodPost, vmaasUpdatesURL, request, &vmaasData) utils.LogDebug("status_code", utils.TryGetStatusCode(resp), "vmaas /updates call") utils.LogTrace("response", resp, "vmaas /updates response") @@ -532,7 +532,7 @@ func callVMaas(ctx context.Context, request *vmaas.UpdatesV3Request) (*vmaas.Upd if err != nil { return nil, errors.Wrap(err, "vmaas /v3/updates API call failed") } - return vmaasDataPtr.(*vmaas.UpdatesV2Response), nil + return vmaasDataPtr.(*vmaas.UpdatesV3Response), nil } func loadSystemData(tx *gorm.DB, accountID int, inventoryID string) (*models.SystemPlatform, error) { diff --git a/evaluator/evaluate_advisories.go b/evaluator/evaluate_advisories.go index 1f12308be..e5605f787 100644 --- a/evaluator/evaluate_advisories.go +++ b/evaluator/evaluate_advisories.go @@ -12,7 +12,7 @@ import ( "gorm.io/gorm/clause" ) -func analyzeAdvisories(tx *gorm.DB, system *models.SystemPlatform, vmaasData *vmaas.UpdatesV2Response) ( +func analyzeAdvisories(tx *gorm.DB, system *models.SystemPlatform, vmaasData *vmaas.UpdatesV3Response) ( SystemAdvisoryMap, error) { if !enableAdvisoryAnalysis { utils.LogInfo("advisory analysis disabled, skipping") @@ -36,7 +36,7 @@ func analyzeAdvisories(tx *gorm.DB, system *models.SystemPlatform, vmaasData *vm // Changes data stored in system_advisories, in order to match newest evaluation // Before this methods stores the entries into the system_advisories table, it locks // advisory_account_data table, so other evaluations don't interfere with this one -func processSystemAdvisories(tx *gorm.DB, system *models.SystemPlatform, vmaasData *vmaas.UpdatesV2Response) ( +func processSystemAdvisories(tx *gorm.DB, system *models.SystemPlatform, vmaasData *vmaas.UpdatesV3Response) ( []int64, []int64, []int64, error) { tStart := time.Now() defer utils.ObserveSecondsSince(tStart, evaluationPartDuration.WithLabelValues("advisories-processing")) diff --git a/evaluator/evaluate_advisories_test.go b/evaluator/evaluate_advisories_test.go index 11fcb8c5e..025d1740e 100644 --- a/evaluator/evaluate_advisories_test.go +++ b/evaluator/evaluate_advisories_test.go @@ -38,18 +38,18 @@ func TestGetReportedAdvisories1(t *testing.T) { } func TestGetReportedAdvisories2(t *testing.T) { - aUpdates := []vmaas.UpdatesV2ResponseAvailableUpdates{ + aUpdates := []vmaas.UpdatesV3ResponseAvailableUpdates{ {Erratum: utils.PtrString("ER1")}, {Erratum: utils.PtrString("ER2")}} - bUpdates := []vmaas.UpdatesV2ResponseAvailableUpdates{ + bUpdates := []vmaas.UpdatesV3ResponseAvailableUpdates{ {Erratum: utils.PtrString("ER2")}, {Erratum: utils.PtrString("ER3")}} - cUpdates := []vmaas.UpdatesV2ResponseAvailableUpdates{ + cUpdates := []vmaas.UpdatesV3ResponseAvailableUpdates{ {Erratum: utils.PtrString("ER3")}, {Erratum: utils.PtrString("ER4")}} - updateList := map[string]vmaas.UpdatesV2ResponseUpdateList{ + updateList := map[string]vmaas.UpdatesV3ResponseUpdateList{ "pkg-a": {AvailableUpdates: &aUpdates}, "pkg-b": {AvailableUpdates: &bUpdates}, "pkg-c": {AvailableUpdates: &cUpdates}, } - vmaasData := vmaas.UpdatesV2Response{UpdateList: &updateList} + vmaasData := vmaas.UpdatesV3Response{UpdateList: &updateList} advisories := getReportedAdvisories(&vmaasData) assert.Equal(t, 4, len(advisories)) } @@ -126,9 +126,9 @@ func TestEnsureSystemAdvisories(t *testing.T) { database.DeleteSystemAdvisories(t, systemID, advisoryIDs) } -func getVMaaSUpdates(t *testing.T) vmaas.UpdatesV2Response { +func getVMaaSUpdates(t *testing.T) vmaas.UpdatesV3Response { ctx := context.Background() - vmaasData := vmaas.UpdatesV2Response{} + vmaasData := vmaas.UpdatesV3Response{} resp, err := vmaasClient.Request(&ctx, http.MethodPost, vmaasUpdatesURL, nil, &vmaasData) assert.Nil(t, err) assert.Equal(t, http.StatusOK, resp.StatusCode) diff --git a/evaluator/evaluate_baseline.go b/evaluator/evaluate_baseline.go index c8afa98c4..18b3c12e8 100644 --- a/evaluator/evaluate_baseline.go +++ b/evaluator/evaluate_baseline.go @@ -9,7 +9,7 @@ import ( "gorm.io/gorm" ) -func limitVmaasToBaseline(tx *gorm.DB, system *models.SystemPlatform, vmaasData *vmaas.UpdatesV2Response) error { +func limitVmaasToBaseline(tx *gorm.DB, system *models.SystemPlatform, vmaasData *vmaas.UpdatesV3Response) error { baselineConfig := database.GetBaselineConfig(tx, system) if baselineConfig == nil { return nil // no baseline config, nothing to change @@ -36,7 +36,7 @@ func limitVmaasToBaseline(tx *gorm.DB, system *models.SystemPlatform, vmaasData } updateList := vmaasData.GetUpdateList() - modifiedUpdateList := make(map[string]vmaas.UpdatesV2ResponseUpdateList, len(updateList)) + modifiedUpdateList := make(map[string]vmaas.UpdatesV3ResponseUpdateList, len(updateList)) for pkg, updates := range updateList { availableUpdates := updates.GetAvailableUpdates() for i := range availableUpdates { diff --git a/evaluator/evaluate_baseline_test.go b/evaluator/evaluate_baseline_test.go index 007e79862..aa9ad44c2 100644 --- a/evaluator/evaluate_baseline_test.go +++ b/evaluator/evaluate_baseline_test.go @@ -41,7 +41,7 @@ func TestLimitVmaasToBaseline(t *testing.T) { assert.Equal(t, []string{"RH-1", "RH-2"}, errataInVmaasData(vmaasData, APPLICABLE)) } -func errataInVmaasData(vmaasData vmaas.UpdatesV2Response, status int) []string { +func errataInVmaasData(vmaasData vmaas.UpdatesV3Response, status int) []string { errata := make([]string, 0) for _, updates := range vmaasData.GetUpdateList() { availableUpdates := updates.GetAvailableUpdates() diff --git a/evaluator/evaluate_packages.go b/evaluator/evaluate_packages.go index 05e946d0f..21948cf05 100644 --- a/evaluator/evaluate_packages.go +++ b/evaluator/evaluate_packages.go @@ -15,7 +15,7 @@ import ( "gorm.io/gorm/clause" ) -func analyzePackages(tx *gorm.DB, system *models.SystemPlatform, vmaasData *vmaas.UpdatesV2Response) ( +func analyzePackages(tx *gorm.DB, system *models.SystemPlatform, vmaasData *vmaas.UpdatesV3Response) ( installed, updatable int, err error) { if !enablePackageAnalysis { return 0, 0, nil @@ -42,7 +42,7 @@ func analyzePackages(tx *gorm.DB, system *models.SystemPlatform, vmaasData *vmaa } // Add unknown EVRAs into the db if needed -func lazySavePackages(tx *gorm.DB, vmaasData *vmaas.UpdatesV2Response) error { +func lazySavePackages(tx *gorm.DB, vmaasData *vmaas.UpdatesV3Response) error { if !enableLazyPackageSave { return nil } @@ -58,7 +58,7 @@ func lazySavePackages(tx *gorm.DB, vmaasData *vmaas.UpdatesV2Response) error { } // Get packages with known name but version missing in db/cache -func getMissingPackages(tx *gorm.DB, vmaasData *vmaas.UpdatesV2Response) models.PackageSlice { +func getMissingPackages(tx *gorm.DB, vmaasData *vmaas.UpdatesV3Response) models.PackageSlice { updates := vmaasData.GetUpdateList() packages := make(models.PackageSlice, 0, len(updates)) for nevra := range updates { @@ -150,7 +150,7 @@ func updatePackageCache(missing models.PackageSlice) { // Find relevant package data based on vmaas results func loadPackages(tx *gorm.DB, system *models.SystemPlatform, - vmaasData *vmaas.UpdatesV2Response) (*map[string]namedPackage, error) { + vmaasData *vmaas.UpdatesV3Response) (*map[string]namedPackage, error) { defer utils.ObserveSecondsSince(time.Now(), evaluationPartDuration.WithLabelValues("packages-load")) packages, err := loadSystemNEVRAsFromDB(tx, system, vmaasData) @@ -179,7 +179,7 @@ func packages2NevraMap(packages []namedPackage) map[string]namedPackage { } func loadSystemNEVRAsFromDB(tx *gorm.DB, system *models.SystemPlatform, - vmaasData *vmaas.UpdatesV2Response) ([]namedPackage, error) { + vmaasData *vmaas.UpdatesV3Response) ([]namedPackage, error) { updates := vmaasData.GetUpdateList() numUpdates := len(updates) packageIDs := make([]int64, 0, numUpdates) @@ -257,7 +257,7 @@ func updateDataChanged(currentNamedPackage *namedPackage, updateDataJSON []byte) } func createSystemPackage(nevra string, - updateData vmaas.UpdatesV2ResponseUpdateList, + updateData vmaas.UpdatesV3ResponseUpdateList, system *models.SystemPlatform, packagesByNEVRA *map[string]namedPackage) (systemPackagePtr *models.SystemPackage, updatesChanged bool) { updateDataJSON, err := vmaasResponse2UpdateDataJSON(&updateData) @@ -284,7 +284,7 @@ func createSystemPackage(nevra string, func updateSystemPackages(tx *gorm.DB, system *models.SystemPlatform, packagesByNEVRA *map[string]namedPackage, - vmaasData *vmaas.UpdatesV2Response) (installed, updatable int, err error) { + vmaasData *vmaas.UpdatesV3Response) (installed, updatable int, err error) { defer utils.ObserveSecondsSince(time.Now(), evaluationPartDuration.WithLabelValues("packages-store")) updates := vmaasData.GetUpdateList() @@ -316,7 +316,7 @@ func updateSystemPackages(tx *gorm.DB, system *models.SystemPlatform, "Storing system packages") } -func vmaasResponse2UpdateDataJSON(updateData *vmaas.UpdatesV2ResponseUpdateList) ([]byte, error) { +func vmaasResponse2UpdateDataJSON(updateData *vmaas.UpdatesV3ResponseUpdateList) ([]byte, error) { var latestInstallable models.PackageUpdate var latestApplicable models.PackageUpdate uniqUpdates := make(map[models.PackageUpdate]bool) diff --git a/evaluator/evaluate_packages_test.go b/evaluator/evaluate_packages_test.go index b167c1aed..d4ec76d4e 100644 --- a/evaluator/evaluate_packages_test.go +++ b/evaluator/evaluate_packages_test.go @@ -23,13 +23,13 @@ func TestAnalyzePackages(t *testing.T) { database.CheckEVRAsInDB(t, 0, "12.0.1-1.fc31.x86_64") // lazy added package // we send request with zero epoch and expect response with zero epoch // so we have to test with zero epoch - vmaasData := vmaas.UpdatesV2Response{UpdateList: &map[string]vmaas.UpdatesV2ResponseUpdateList{ - "kernel-0:5.6.13-200.fc31.x86_64": {AvailableUpdates: &[]vmaas.UpdatesV2ResponseAvailableUpdates{}}, - "firefox-0:12.0.1-1.fc31.x86_64": {AvailableUpdates: &[]vmaas.UpdatesV2ResponseAvailableUpdates{{ + vmaasData := vmaas.UpdatesV3Response{UpdateList: &map[string]vmaas.UpdatesV3ResponseUpdateList{ + "kernel-0:5.6.13-200.fc31.x86_64": {AvailableUpdates: &[]vmaas.UpdatesV3ResponseAvailableUpdates{}}, + "firefox-0:12.0.1-1.fc31.x86_64": {AvailableUpdates: &[]vmaas.UpdatesV3ResponseAvailableUpdates{{ Package: utils.PtrString("firefox-0:77.0.1-1.fc31.x86_64"), }}}, // this custom-package will NOT be ignored - "custom-package-0:1.2.3-1.fc33.x86_64": {AvailableUpdates: &[]vmaas.UpdatesV2ResponseAvailableUpdates{{}}}}} + "custom-package-0:1.2.3-1.fc33.x86_64": {AvailableUpdates: &[]vmaas.UpdatesV3ResponseAvailableUpdates{{}}}}} installed, updatable, err := analyzePackages(database.Db, &system, &vmaasData) assert.Nil(t, err) @@ -51,12 +51,12 @@ func TestLazySavePackages(t *testing.T) { names := []string{"kernel", "firefox", "custom-package"} evras := []string{"1-0.el7.x86_64", "1-1.1.el7.x86_64", "11-1.el7.x86_64"} - updateList := make(map[string]vmaas.UpdatesV2ResponseUpdateList, len(names)) + updateList := make(map[string]vmaas.UpdatesV3ResponseUpdateList, len(names)) for i, name := range names { nevra := fmt.Sprintf("%s-%s", name, evras[i]) - updateList[nevra] = vmaas.UpdatesV2ResponseUpdateList{} + updateList[nevra] = vmaas.UpdatesV3ResponseUpdateList{} } - vmaasData := vmaas.UpdatesV2Response{UpdateList: &updateList} + vmaasData := vmaas.UpdatesV3Response{UpdateList: &updateList} database.CheckEVRAsInDB(t, 0, evras...) err := lazySavePackages(database.Db, &vmaasData) assert.Nil(t, err) diff --git a/evaluator/evaluate_test.go b/evaluator/evaluate_test.go index 7bb675f9a..d8694c5dc 100644 --- a/evaluator/evaluate_test.go +++ b/evaluator/evaluate_test.go @@ -176,7 +176,7 @@ func TestVMaaSUpdatesCall(t *testing.T) { PackageList: []string{"curl-7.29.0-51.el7_6.3.x86_64"}, } - resp := vmaas.UpdatesV2Response{} + resp := vmaas.UpdatesV3Response{} ctx := context.Background() httpResp, err := vmaasClient.Request(&ctx, http.MethodPost, vmaasUpdatesURL, &req, &resp) // nolint: bodyclose assert.Nil(t, err) diff --git a/evaluator/remediations.go b/evaluator/remediations.go index e4b81f56f..8ea58e4f8 100644 --- a/evaluator/remediations.go +++ b/evaluator/remediations.go @@ -25,7 +25,7 @@ type RemediationsState struct { Issues []string `json:"issues"` } -func createRemediationsStateMsg(id string, response *vmaas.UpdatesV2Response) *RemediationsState { +func createRemediationsStateMsg(id string, response *vmaas.UpdatesV3Response) *RemediationsState { advisories := getReportedAdvisories(response) packages := getReportedPackageUpdates(response) var state RemediationsState @@ -41,7 +41,7 @@ func createRemediationsStateMsg(id string, response *vmaas.UpdatesV2Response) *R return &state } -func getReportedAdvisories(vmaasData *vmaas.UpdatesV2Response) map[string]int { +func getReportedAdvisories(vmaasData *vmaas.UpdatesV3Response) map[string]int { updateList := vmaasData.GetUpdateList() advisories := make(map[string]int, len(updateList)) for _, updates := range updateList { @@ -52,7 +52,7 @@ func getReportedAdvisories(vmaasData *vmaas.UpdatesV2Response) map[string]int { return advisories } -func getReportedPackageUpdates(vmaasData *vmaas.UpdatesV2Response) map[string]bool { +func getReportedPackageUpdates(vmaasData *vmaas.UpdatesV3Response) map[string]bool { updateList := vmaasData.GetUpdateList() packages := make(map[string]bool, len(updateList)) for _, updates := range updateList { @@ -63,7 +63,7 @@ func getReportedPackageUpdates(vmaasData *vmaas.UpdatesV2Response) map[string]bo return packages } -func publishRemediationsState(system *models.SystemPlatform, response *vmaas.UpdatesV2Response) error { +func publishRemediationsState(system *models.SystemPlatform, response *vmaas.UpdatesV3Response) error { if remediationsPublisher == nil { return nil } diff --git a/evaluator/remediations_test.go b/evaluator/remediations_test.go index bd55554b7..b13c74d5d 100644 --- a/evaluator/remediations_test.go +++ b/evaluator/remediations_test.go @@ -8,17 +8,17 @@ import ( "github.com/stretchr/testify/assert" ) -var testFfUpdates = []vmaas.UpdatesV2ResponseAvailableUpdates{ +var testFfUpdates = []vmaas.UpdatesV3ResponseAvailableUpdates{ {Repository: utils.PtrString("repo1"), Releasever: utils.PtrString("ser1"), Basearch: utils.PtrString("i686"), Erratum: utils.PtrString("RH-1"), Package: utils.PtrString("firefox-0:77.0.1-1.fc31.x86_64")}, {Repository: utils.PtrString("repo1"), Releasever: utils.PtrString("ser1"), Basearch: utils.PtrString("i686"), Erratum: utils.PtrString("RH-2"), Package: utils.PtrString("firefox-1:76.0.1-1.fc31.x86_64")}, } -var testKUpdates = []vmaas.UpdatesV2ResponseAvailableUpdates{ +var testKUpdates = []vmaas.UpdatesV3ResponseAvailableUpdates{ {Repository: utils.PtrString("repo1"), Releasever: utils.PtrString("ser1"), Basearch: utils.PtrString("i686"), Erratum: utils.PtrString("RH-100"), Package: utils.PtrString("kernel-5.10.13-200.fc31.x86_64")}, } -var testUpdateList = map[string]vmaas.UpdatesV2ResponseUpdateList{ +var testUpdateList = map[string]vmaas.UpdatesV3ResponseUpdateList{ "firefox-76.0.1-1.fc31.x86_64": { AvailableUpdates: &testFfUpdates, }, @@ -27,7 +27,7 @@ var testUpdateList = map[string]vmaas.UpdatesV2ResponseUpdateList{ }, } var testModuleList = []vmaas.UpdatesV3RequestModulesList{} -var testVmaasResponse = vmaas.UpdatesV2Response{ +var testVmaasResponse = vmaas.UpdatesV3Response{ UpdateList: &testUpdateList, RepositoryList: utils.PtrSliceString([]string{"repo1"}), ModulesList: &testModuleList, diff --git a/evaluator/vmaas_cache.go b/evaluator/vmaas_cache.go index 4de62557c..eff525dfa 100644 --- a/evaluator/vmaas_cache.go +++ b/evaluator/vmaas_cache.go @@ -18,7 +18,7 @@ type VmaasCache struct { currentSize int validity *types.Rfc3339TimestampWithZ checkDuration time.Duration - data *lru.TwoQueueCache[string, *vmaas.UpdatesV2Response] + data *lru.TwoQueueCache[string, *vmaas.UpdatesV3Response] } func NewVmaasPackageCache(enabled bool, size int, checkDuration time.Duration) *VmaasCache { @@ -33,7 +33,7 @@ func NewVmaasPackageCache(enabled bool, size int, checkDuration time.Duration) * if c.enabled { var err error - c.data, err = lru.New2Q[string, *vmaas.UpdatesV2Response](c.size) + c.data, err = lru.New2Q[string, *vmaas.UpdatesV3Response](c.size) if err != nil { panic(err) } @@ -42,7 +42,7 @@ func NewVmaasPackageCache(enabled bool, size int, checkDuration time.Duration) * return c } -func (c *VmaasCache) Get(checksum *string) (*vmaas.UpdatesV2Response, bool) { +func (c *VmaasCache) Get(checksum *string) (*vmaas.UpdatesV3Response, bool) { if c.enabled && checksum != nil { val, ok := c.data.Get(*checksum) if ok { @@ -55,7 +55,7 @@ func (c *VmaasCache) Get(checksum *string) (*vmaas.UpdatesV2Response, bool) { return nil, false } -func (c *VmaasCache) Add(checksum *string, response *vmaas.UpdatesV2Response) { +func (c *VmaasCache) Add(checksum *string, response *vmaas.UpdatesV3Response) { if c.enabled && checksum != nil { c.data.Add(*checksum, response) if c.currentSize <= c.size { diff --git a/listener/common_test.go b/listener/common_test.go index 3131b95e7..c00454688 100644 --- a/listener/common_test.go +++ b/listener/common_test.go @@ -135,8 +135,8 @@ func assertYumUpdatesInDB(t *testing.T, inventoryID string, yumUpdates []byte) { var system models.SystemPlatform assert.NoError(t, database.Db.Where("inventory_id = ?::uuid", inventoryID).Find(&system).Error) assert.Equal(t, system.InventoryID, inventoryID) - var systemYumUpdatesParsed vmaas.UpdatesV2Response - var yumUpdatesParsed vmaas.UpdatesV2Response + var systemYumUpdatesParsed vmaas.UpdatesV3Response + var yumUpdatesParsed vmaas.UpdatesV3Response err := json.Unmarshal(system.YumUpdates, &systemYumUpdatesParsed) assert.Nil(t, err) err = json.Unmarshal(yumUpdates, &yumUpdatesParsed) diff --git a/listener/upload.go b/listener/upload.go index 9a389b155..3f5755117 100644 --- a/listener/upload.go +++ b/listener/upload.go @@ -588,7 +588,7 @@ func processUpload(host *Host, yumUpdates []byte) (*models.SystemPlatform, error } func getYumUpdates(event HostEvent, client *api.Client) ([]byte, error) { - var parsed vmaas.UpdatesV2Response + var parsed vmaas.UpdatesV3Response yumUpdates := event.PlatformMetadata.CustomMetadata.YumUpdates yumUpdatesURL := event.PlatformMetadata.CustomMetadata.YumUpdatesS3URL @@ -602,7 +602,7 @@ func getYumUpdates(event HostEvent, client *api.Client) ([]byte, error) { } } - if (parsed == vmaas.UpdatesV2Response{}) { + if (parsed == vmaas.UpdatesV3Response{}) { utils.LogWarn("yum_updates_s3url", yumUpdatesURL, "No yum updates on S3, getting legacy yum_updates field") err := json.Unmarshal(yumUpdates, &parsed) if err != nil { @@ -619,7 +619,7 @@ func getYumUpdates(event HostEvent, client *api.Client) ([]byte, error) { installedPkgs := event.Host.SystemProfile.GetInstalledPackages() for _, pkg := range installedPkgs { if _, has := updatesMap[pkg]; !has { - updatesMap[pkg] = vmaas.UpdatesV2ResponseUpdateList{} + updatesMap[pkg] = vmaas.UpdatesV3ResponseUpdateList{} } } parsed.UpdateList = &updatesMap diff --git a/manager/controllers/system_detail.go b/manager/controllers/system_detail.go index 590c6a8b3..8660beab8 100644 --- a/manager/controllers/system_detail.go +++ b/manager/controllers/system_detail.go @@ -34,7 +34,7 @@ type SystemVmaasJSONResponse struct { } type SystemYumUpdatesResponse struct { - Data vmaas.UpdatesV2Response `json:"data"` + Data vmaas.UpdatesV3Response `json:"data"` } // nolint: funlen diff --git a/platform/platform.go b/platform/platform.go index fd403ace1..b77b0afb4 100644 --- a/platform/platform.go +++ b/platform/platform.go @@ -232,7 +232,7 @@ func mockToggleUpload(c *gin.Context) { func mockYumUpdatesS3(c *gin.Context) { utils.LogInfo("Mocking S3 for providing yum updates") - updates := vmaas.UpdatesV2Response{} + updates := vmaas.UpdatesV3Response{} if err := json.Unmarshal([]byte(yumUpdates), &updates); err != nil { c.JSON(http.StatusInternalServerError, err.Error()) return From 6d043108cdd0f9c971a475c4a2df52a6fddd61bf Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 24 Jul 2023 15:56:32 +0200 Subject: [PATCH 166/268] SPM-2120: get evra from vmaas --- base/vmaas/vmaas.go | 28 +++++++++++++++++++++++----- evaluator/evaluate_packages.go | 10 +++++----- evaluator/evaluate_packages_test.go | 1 + 3 files changed, 29 insertions(+), 10 deletions(-) diff --git a/base/vmaas/vmaas.go b/base/vmaas/vmaas.go index f04184247..8af91d66e 100644 --- a/base/vmaas/vmaas.go +++ b/base/vmaas/vmaas.go @@ -86,11 +86,13 @@ func (o *UpdatesV3ResponseUpdateList) GetAvailableUpdates() []UpdatesV3ResponseA } type UpdatesV3ResponseAvailableUpdates struct { - Repository *string `json:"repository,omitempty"` - Releasever *string `json:"releasever,omitempty"` - Basearch *string `json:"basearch,omitempty"` - Erratum *string `json:"erratum,omitempty"` - Package *string `json:"package,omitempty"` + Repository *string `json:"repository,omitempty"` + Releasever *string `json:"releasever,omitempty"` + Basearch *string `json:"basearch,omitempty"` + Erratum *string `json:"erratum,omitempty"` + Package *string `json:"package,omitempty"` + PackageName *string `json:"package_name,omitempty"` + EVRA *string `json:"evra,omitempty"` // helper column to diferentiate installable/applicable StatusID int `json:"-"` } @@ -103,6 +105,22 @@ func (o *UpdatesV3ResponseAvailableUpdates) GetPackage() string { return *o.Package } +func (o *UpdatesV3ResponseAvailableUpdates) GetPackageName() string { + if o == nil || o.PackageName == nil { + var ret string + return ret + } + return *o.PackageName +} + +func (o *UpdatesV3ResponseAvailableUpdates) GetEVRA() string { + if o == nil || o.EVRA == nil { + var ret string + return ret + } + return *o.EVRA +} + func (o *UpdatesV3ResponseAvailableUpdates) GetErratum() string { if o == nil || o.Erratum == nil { var ret string diff --git a/evaluator/evaluate_packages.go b/evaluator/evaluate_packages.go index 21948cf05..c65329c34 100644 --- a/evaluator/evaluate_packages.go +++ b/evaluator/evaluate_packages.go @@ -322,15 +322,15 @@ func vmaasResponse2UpdateDataJSON(updateData *vmaas.UpdatesV3ResponseUpdateList) uniqUpdates := make(map[models.PackageUpdate]bool) pkgUpdates := make([]models.PackageUpdate, 0, len(updateData.GetAvailableUpdates())) for _, upData := range updateData.GetAvailableUpdates() { - upNevra, err := utils.ParseNevra(upData.GetPackage()) - // Skip invalid nevras in updates list - if err != nil { - utils.LogWarn("nevra", upData.Package, "Invalid nevra") + if len(upData.GetPackage()) == 0 { + // no update continue } + // before we used nevra.EVRAString() function which shows only non zero epoch, keep it consistent + evra := strings.TrimPrefix(upData.GetEVRA(), "0:") // Keep only unique entries for each update in the list pkgUpdate := models.PackageUpdate{ - EVRA: upNevra.EVRAString(), Advisory: upData.GetErratum(), Status: STATUS[upData.StatusID], + EVRA: evra, Advisory: upData.GetErratum(), Status: STATUS[upData.StatusID], } if !uniqUpdates[pkgUpdate] { pkgUpdates = append(pkgUpdates, pkgUpdate) diff --git a/evaluator/evaluate_packages_test.go b/evaluator/evaluate_packages_test.go index d4ec76d4e..0d0daaa02 100644 --- a/evaluator/evaluate_packages_test.go +++ b/evaluator/evaluate_packages_test.go @@ -27,6 +27,7 @@ func TestAnalyzePackages(t *testing.T) { "kernel-0:5.6.13-200.fc31.x86_64": {AvailableUpdates: &[]vmaas.UpdatesV3ResponseAvailableUpdates{}}, "firefox-0:12.0.1-1.fc31.x86_64": {AvailableUpdates: &[]vmaas.UpdatesV3ResponseAvailableUpdates{{ Package: utils.PtrString("firefox-0:77.0.1-1.fc31.x86_64"), + EVRA: utils.PtrString("0:77.0.1-1.fc31.x86_64"), }}}, // this custom-package will NOT be ignored "custom-package-0:1.2.3-1.fc33.x86_64": {AvailableUpdates: &[]vmaas.UpdatesV3ResponseAvailableUpdates{{}}}}} From 6e295b86c7a3230a2a8f56b5172e6a49c2126215 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 24 Jul 2023 16:01:48 +0200 Subject: [PATCH 167/268] SPM-2120: add package_name, evra to vmaas mock response --- platform/vmaas.go | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/platform/vmaas.go b/platform/vmaas.go index 133c7ad1b..84adf7a37 100644 --- a/platform/vmaas.go +++ b/platform/vmaas.go @@ -22,14 +22,18 @@ func updatesHandler(c *gin.Context) { "erratum": "RH-1", "package": "firefox-0:77.0.1-1.fc31.x86_64", "releasever": "ser1", - "repository": "repo1" + "repository": "repo1", + "package_name": "firefox", + "evra": "0:77.0.1-1.fc31.x86_64" }, { "basearch": "i686", "erratum": "RH-2", "package": "firefox-1:76.0.1-1.fc31.x86_64", "releasever": "ser1", - "repository": "repo1" + "repository": "repo1", + "package_name": "firefox", + "evra": "1:76.0.1-1.fc31.x86_64" } ] }, @@ -40,7 +44,9 @@ func updatesHandler(c *gin.Context) { "erratum": "RH-100", "package": "kernel-0:5.10.13-200.fc31.x86_64", "releasever": "ser1", - "repository": "repo1" + "repository": "repo1", + "package_name": "kernel", + "evra": "0:5.10.13-200.fc31.x86_64" } ] } From 536f826e45b6dde6d5b5937299265c9167ab2de6 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 24 Jul 2023 18:12:15 +0200 Subject: [PATCH 168/268] SPM-2120: parse and set EVRA in yum_updates --- evaluator/evaluate.go | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/evaluator/evaluate.go b/evaluator/evaluate.go index 35c07a435..a76330a6b 100644 --- a/evaluator/evaluate.go +++ b/evaluator/evaluate.go @@ -220,6 +220,29 @@ func tryGetYumUpdates(system *models.SystemPlatform) (*vmaas.UpdatesV3Response, return nil, nil } + // set EVRA and package name + for k, v := range updatesMap { + updates := make([]vmaas.UpdatesV3ResponseAvailableUpdates, 0, len(v.GetAvailableUpdates())) + for _, u := range v.GetAvailableUpdates() { + nevra, err := utils.ParseNevra(u.GetPackage()) + if err != nil { + utils.LogWarn("package", u.GetPackage(), "Cannot parse package") + continue + } + updates = append(updates, vmaas.UpdatesV3ResponseAvailableUpdates{ + Repository: u.Repository, + Releasever: u.Releasever, + Basearch: u.Basearch, + Erratum: u.Erratum, + Package: u.Package, + PackageName: utils.PtrString(nevra.Name), + EVRA: utils.PtrString(nevra.EVRAString()), + }) + } + updatesMap[k] = vmaas.UpdatesV3ResponseUpdateList{ + AvailableUpdates: &updates, + } + } return &resp, nil } From 93595d41c8e23e9d5458b2eb6176ffc9a29b94df Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 24 Jul 2023 18:34:32 +0200 Subject: [PATCH 169/268] SPM-2120: update openapi spec --- docs/v3/openapi.json | 122 +++++++++++++++++++++++-------------------- 1 file changed, 64 insertions(+), 58 deletions(-) diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 447f0e334..b9745e721 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -6948,7 +6948,7 @@ "type": "object", "properties": { "data": { - "$ref": "#/components/schemas/vmaas.UpdatesV2Response" + "$ref": "#/components/schemas/vmaas.UpdatesV3Response" } } }, @@ -7065,14 +7065,18 @@ } } }, - "vmaas.UpdatesV2Response": { + "vmaas.UpdatesV3Request": { "type": "object", "properties": { "basearch": { "type": "string" }, - "last_change": { - "type": "string" + "epoch_required": { + "type": "boolean", + "description": "VMaaS will check package_list and return error if we provide package_list without epochs" + }, + "latest_only": { + "type": "boolean" }, "modules_list": { "type": "array", @@ -7080,6 +7084,16 @@ "$ref": "#/components/schemas/vmaas.UpdatesV3RequestModulesList" } }, + "optimistic_updates": { + "type": "boolean", + "description": "Search for updates of unknown package EVRAs." + }, + "package_list": { + "type": "array", + "items": { + "type": "string" + } + }, "releasever": { "type": "string" }, @@ -7089,57 +7103,34 @@ "type": "string" } }, - "update_list": { - "type": "object", - "additionalProperties": { - "$ref": "#/components/schemas/vmaas.UpdatesV2ResponseUpdateList" - } + "security_only": { + "type": "boolean" + }, + "third_party": { + "type": "boolean", + "description": "Include content from \\\"third party\\\" repositories into the response, disabled by default." } } }, - "vmaas.UpdatesV2ResponseAvailableUpdates": { + "vmaas.UpdatesV3RequestModulesList": { "type": "object", "properties": { - "basearch": { - "type": "string" - }, - "erratum": { - "type": "string" - }, - "package": { - "type": "string" - }, - "releasever": { + "module_name": { "type": "string" }, - "repository": { + "module_stream": { "type": "string" } } }, - "vmaas.UpdatesV2ResponseUpdateList": { - "type": "object", - "properties": { - "available_updates": { - "type": "array", - "items": { - "$ref": "#/components/schemas/vmaas.UpdatesV2ResponseAvailableUpdates" - } - } - } - }, - "vmaas.UpdatesV3Request": { + "vmaas.UpdatesV3Response": { "type": "object", "properties": { "basearch": { "type": "string" }, - "epoch_required": { - "type": "boolean", - "description": "VMaaS will check package_list and return error if we provide package_list without epochs" - }, - "latest_only": { - "type": "boolean" + "last_change": { + "type": "string" }, "modules_list": { "type": "array", @@ -7147,16 +7138,6 @@ "$ref": "#/components/schemas/vmaas.UpdatesV3RequestModulesList" } }, - "optimistic_updates": { - "type": "boolean", - "description": "Search for updates of unknown package EVRAs." - }, - "package_list": { - "type": "array", - "items": { - "type": "string" - } - }, "releasever": { "type": "string" }, @@ -7166,23 +7147,48 @@ "type": "string" } }, - "security_only": { - "type": "boolean" - }, - "third_party": { - "type": "boolean", - "description": "Include content from \\\"third party\\\" repositories into the response, disabled by default." + "update_list": { + "type": "object", + "additionalProperties": { + "$ref": "#/components/schemas/vmaas.UpdatesV3ResponseUpdateList" + } } } }, - "vmaas.UpdatesV3RequestModulesList": { + "vmaas.UpdatesV3ResponseAvailableUpdates": { "type": "object", "properties": { - "module_name": { + "basearch": { "type": "string" }, - "module_stream": { + "erratum": { + "type": "string" + }, + "evra": { "type": "string" + }, + "package": { + "type": "string" + }, + "package_name": { + "type": "string" + }, + "releasever": { + "type": "string" + }, + "repository": { + "type": "string" + } + } + }, + "vmaas.UpdatesV3ResponseUpdateList": { + "type": "object", + "properties": { + "available_updates": { + "type": "array", + "items": { + "$ref": "#/components/schemas/vmaas.UpdatesV3ResponseAvailableUpdates" + } } } } From 8b9da0a44063b421198de31e11300bfd764155e8 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Tue, 25 Jul 2023 10:28:06 +0200 Subject: [PATCH 170/268] spaces for indentation vmaas.go --- platform/vmaas.go | 134 +++++++++++++++++++++++----------------------- 1 file changed, 67 insertions(+), 67 deletions(-) diff --git a/platform/vmaas.go b/platform/vmaas.go index 84adf7a37..46d33eeb2 100644 --- a/platform/vmaas.go +++ b/platform/vmaas.go @@ -8,50 +8,50 @@ import ( func updatesHandler(c *gin.Context) { data := `{ - "basearch": "i686", - "modules_list": [], - "releasever": "ser1", - "repository_list": [ - "repo1" - ], - "update_list": { - "firefox-0:76.0.1-1.fc31.x86_64": { - "available_updates": [ - { - "basearch": "i686", - "erratum": "RH-1", - "package": "firefox-0:77.0.1-1.fc31.x86_64", - "releasever": "ser1", - "repository": "repo1", + "basearch": "i686", + "modules_list": [], + "releasever": "ser1", + "repository_list": [ + "repo1" + ], + "update_list": { + "firefox-0:76.0.1-1.fc31.x86_64": { + "available_updates": [ + { + "basearch": "i686", + "erratum": "RH-1", + "package": "firefox-0:77.0.1-1.fc31.x86_64", + "releasever": "ser1", + "repository": "repo1", "package_name": "firefox", "evra": "0:77.0.1-1.fc31.x86_64" - }, - { - "basearch": "i686", - "erratum": "RH-2", - "package": "firefox-1:76.0.1-1.fc31.x86_64", - "releasever": "ser1", - "repository": "repo1", + }, + { + "basearch": "i686", + "erratum": "RH-2", + "package": "firefox-1:76.0.1-1.fc31.x86_64", + "releasever": "ser1", + "repository": "repo1", "package_name": "firefox", "evra": "1:76.0.1-1.fc31.x86_64" - } - ] - }, - "kernel-0:5.6.13-200.fc31.x86_64": { - "available_updates": [ - { - "basearch": "i686", - "erratum": "RH-100", - "package": "kernel-0:5.10.13-200.fc31.x86_64", - "releasever": "ser1", - "repository": "repo1", + } + ] + }, + "kernel-0:5.6.13-200.fc31.x86_64": { + "available_updates": [ + { + "basearch": "i686", + "erratum": "RH-100", + "package": "kernel-0:5.10.13-200.fc31.x86_64", + "releasever": "ser1", + "repository": "repo1", "package_name": "kernel", "evra": "0:5.10.13-200.fc31.x86_64" - } - ] - } - } - }` + } + ] + } + } + }` c.Data(http.StatusOK, gin.MIMEJSON, []byte(data)) } @@ -148,38 +148,38 @@ func pkgListHandler(c *gin.Context) { "page_size": 8, "pages": 1, "package_list": [{ - "nevra": "firefox-76.0.1-1.fc31.x86_64", - "summary": "Mozilla Firefox Web browser", - "description": "Mozilla Firefox is an open-source web browser..." + "nevra": "firefox-76.0.1-1.fc31.x86_64", + "summary": "Mozilla Firefox Web browser", + "description": "Mozilla Firefox is an open-source web browser..." + },{ + "nevra": "kernel-5.6.13-200.fc31.x86_64", + "summary": "The Linux kernel", + "description": "The kernel meta package" + },{ + "nevra": "firefox-0:77.0.1-1.fc31.x86_64", + "summary": "Mozilla Firefox Web browser", + "description": "Mozilla Firefox is an open-source web browser..." },{ - "nevra": "kernel-5.6.13-200.fc31.x86_64", - "summary": "The Linux kernel", - "description": "The kernel meta package" + "nevra": "kernel-5.7.13-200.fc31.x86_64", + "summary": "The Linux kernel", + "description": "The kernel meta package" },{ - "nevra": "firefox-0:77.0.1-1.fc31.x86_64", - "summary": "Mozilla Firefox Web browser", - "description": "Mozilla Firefox is an open-source web browser..." - },{ - "nevra": "kernel-5.7.13-200.fc31.x86_64", - "summary": "The Linux kernel", - "description": "The kernel meta package" - },{ "nevra": "firefox-0:77.0.1-1.fc31.src", - "summary": null, - "description": null - },{ - "nevra": "kernel-5.7.13-200.fc31.src", - "summary": null, - "description": null - },{ - "nevra": "curl-999-1.x86_64", - "summary": "curl newest summary", - "description": "curl newest description" - },{ - "nevra": "bash-999-2.x86_64", - "summary": "bash newest summary", - "description": "bash newest description" - } + "summary": null, + "description": null + },{ + "nevra": "kernel-5.7.13-200.fc31.src", + "summary": null, + "description": null + },{ + "nevra": "curl-999-1.x86_64", + "summary": "curl newest summary", + "description": "curl newest description" + },{ + "nevra": "bash-999-2.x86_64", + "summary": "bash newest summary", + "description": "bash newest description" + } ], "last_change": "2021-04-09T04:52:06.999732+00:00"}` c.Data(http.StatusOK, gin.MIMEJSON, []byte(data)) From cea545e52e8cc1693fed4423731635c16364329c Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Tue, 25 Jul 2023 08:29:35 +0000 Subject: [PATCH 171/268] v3.4.8 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index a76336b5a..55252f62f 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.7 +v3.4.8 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 3f6e3c9fd..dacf034a2 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -551,7 +551,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.7} +- {name: IMAGE_TAG_MANAGER, value: v3.4.8} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -575,7 +575,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.7} +- {name: IMAGE_TAG_LISTENER, value: v3.4.8} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -596,7 +596,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.7} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.8} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -621,7 +621,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.7} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.8} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -644,7 +644,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.7} +- {name: IMAGE_TAG_JOBS, value: v3.4.8} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -689,7 +689,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.7} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.8} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -720,7 +720,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.7} +- {name: IMAGE_TAG_ADMIN, value: v3.4.8} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index cce7bd948..0032a8180 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.7" + "version": "v3.4.8" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index b9745e721..e3e8c9b47 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.7" + "version": "v3.4.8" }, "servers": [ { From 923028ce9751e69bb53e6a0da0659c835af3e7b2 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Tue, 25 Jul 2023 14:24:02 +0200 Subject: [PATCH 172/268] SPM-2119: remove package parsing where not needed --- base/utils/rpm.go | 7 +++++++ evaluator/evaluate_packages.go | 8 +------- evaluator/package_cache.go | 8 +------- 3 files changed, 9 insertions(+), 14 deletions(-) diff --git a/base/utils/rpm.go b/base/utils/rpm.go index 46d51cb51..5697ee149 100644 --- a/base/utils/rpm.go +++ b/base/utils/rpm.go @@ -66,6 +66,13 @@ func ParseNameEVRA(name, evra string) (*Nevra, error) { return ParseNevra(fmt.Sprintf("%s-%s", name, evra)) } +func NEVRAStringE(name, evra string, showEpoch bool) string { + if showEpoch && !strings.Contains(evra, ":") { + evra = fmt.Sprintf("0:%s", evra) + } + return fmt.Sprintf("%s-%s", name, evra) +} + func (n Nevra) StringE(showEpoch bool) string { if n.Epoch != 0 || showEpoch { return fmt.Sprintf("%s-%d:%s-%s.%s", n.Name, n.Epoch, n.Version, n.Release, n.Arch) diff --git a/evaluator/evaluate_packages.go b/evaluator/evaluate_packages.go index c65329c34..7d0ee4750 100644 --- a/evaluator/evaluate_packages.go +++ b/evaluator/evaluate_packages.go @@ -166,13 +166,7 @@ func packages2NevraMap(packages []namedPackage) map[string]namedPackage { pkgByNevra := make(map[string]namedPackage, len(packages)) for _, p := range packages { // make sure nevra contains epoch even if epoch==0 - nevra, err := utils.ParseNameEVRA(p.Name, p.EVRA) - if err != nil { - utils.LogWarn("package_id", p.PackageID, "name_id", p.NameID, "name", p.Name, "evra", p.EVRA, - "packages2NevraMap: cannot parse evra") - continue - } - nevraString := nevra.StringE(true) + nevraString := utils.NEVRAStringE(p.Name, p.EVRA, true) pkgByNevra[nevraString] = p } return pkgByNevra diff --git a/evaluator/package_cache.go b/evaluator/package_cache.go index 10872c16c..34460e661 100644 --- a/evaluator/package_cache.go +++ b/evaluator/package_cache.go @@ -222,13 +222,7 @@ func (c *PackageCache) addByID(pkg *PackageCacheMetadata) { func (c *PackageCache) addByNevra(pkg *PackageCacheMetadata) { // make sure nevra contains epoch even if epoch==0 - nevra, err := utils.ParseNameEVRA(pkg.Name, pkg.Evra) - if err != nil { - utils.LogWarn("id", pkg.ID, "name_id", pkg.NameID, "name", pkg.Name, "evra", pkg.Evra, - "PackageCache.addByNevra: cannot parse evra") - return - } - nevraString := nevra.StringE(true) + nevraString := utils.NEVRAStringE(pkg.Name, pkg.Evra, true) evicted := c.byNevra.Add(nevraString, pkg) if !evicted { packageCacheGauge.WithLabelValues("nevra").Inc() From a98b44116ab4defd5eb050b12c74fee062ece0b4 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Tue, 25 Jul 2023 15:20:37 +0000 Subject: [PATCH 173/268] v3.4.9 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 55252f62f..7fb4c6aaa 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.8 +v3.4.9 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index dacf034a2..7d35b5be5 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -551,7 +551,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.8} +- {name: IMAGE_TAG_MANAGER, value: v3.4.9} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -575,7 +575,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.8} +- {name: IMAGE_TAG_LISTENER, value: v3.4.9} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -596,7 +596,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.8} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.9} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -621,7 +621,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.8} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.9} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -644,7 +644,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.8} +- {name: IMAGE_TAG_JOBS, value: v3.4.9} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -689,7 +689,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.8} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.9} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -720,7 +720,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.8} +- {name: IMAGE_TAG_ADMIN, value: v3.4.9} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 0032a8180..ddca31ee3 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.8" + "version": "v3.4.9" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index e3e8c9b47..42e464286 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.8" + "version": "v3.4.9" }, "servers": [ { From 3adec2642266abfcfe4c0e83ee0a370a4f03b346 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Tue, 18 Jul 2023 10:58:35 +0200 Subject: [PATCH 174/268] show debug messages in local tests --- conf/test.env | 1 + 1 file changed, 1 insertion(+) diff --git a/conf/test.env b/conf/test.env index ab3ed1feb..ce271028d 100644 --- a/conf/test.env +++ b/conf/test.env @@ -1,5 +1,6 @@ GIN_MODE=release LOG_LEVEL=DEBUG +DB_DEBUG=true USE_TESTING_DB=1 From 81cdad648a1359a612f222adbc7fa9a65be6c072 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Tue, 18 Jul 2023 11:33:14 +0200 Subject: [PATCH 175/268] ESSNTL-4817: remove redundant check it's already verified in checkValueCount() --- manager/controllers/filter.go | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/manager/controllers/filter.go b/manager/controllers/filter.go index 75bcdad8e..8e795c64b 100644 --- a/manager/controllers/filter.go +++ b/manager/controllers/filter.go @@ -3,9 +3,10 @@ package controllers import ( "app/base/database" "fmt" + "strings" + "github.com/pkg/errors" "gorm.io/gorm" - "strings" ) type FilterData struct { @@ -88,9 +89,6 @@ func (t *FilterData) ToWhere(fieldName string, attributes database.AttrMap) (str case "leq": return fmt.Sprintf("%s <= ? ", attributes[fieldName].DataQuery), values, nil case "between": - if len(transformedValues) != 2 { - return "", []interface{}{}, errors.New("the `between` filter needs 2 values") - } return fmt.Sprintf("%s BETWEEN ? AND ? ", attributes[fieldName].DataQuery), values, nil case "in": return fmt.Sprintf("%s IN (?) ", attributes[fieldName].DataQuery), []interface{}{values}, nil From 1d527e25ba85403d305c39325bccbcf6d4de4386 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Thu, 20 Jul 2023 10:49:50 +0200 Subject: [PATCH 176/268] ESSNTL-4817: remove nonfuctional test we never supported this syntax it returns empty list so any test on it passes --- manager/controllers/advisories_test.go | 8 -------- 1 file changed, 8 deletions(-) diff --git a/manager/controllers/advisories_test.go b/manager/controllers/advisories_test.go index dcbb7a04c..be4ae2d70 100644 --- a/manager/controllers/advisories_test.go +++ b/manager/controllers/advisories_test.go @@ -186,14 +186,6 @@ func TestAdvisoriesFilterTypeID4(t *testing.T) { } func TestAdvisoriesFilterTypeID5(t *testing.T) { - output := testAdvisories(t, "/?filter[advisory_type_name]!=other") - assert.Equal(t, 4, len(output.Data)) - for _, advisory := range output.Data { - assert.NotContains(t, "bugfix enhancement security", advisory.Attributes.AdvisoryTypeName) - } -} - -func TestAdvisoriesFilterTypeID6(t *testing.T) { output := testAdvisories(t, "/?filter[advisory_type_name]=in:other,bugfix") assert.Equal(t, 7, len(output.Data)) for _, advisory := range output.Data { From f87eed83c2a9b751db542bee5e7405c712eec31f Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Thu, 20 Jul 2023 11:45:45 +0200 Subject: [PATCH 177/268] ESSNTL-4817: remove tests for unsupported syntax --- manager/controllers/systems_ids_test.go | 6 ------ manager/controllers/systems_test.go | 6 ------ 2 files changed, 12 deletions(-) diff --git a/manager/controllers/systems_ids_test.go b/manager/controllers/systems_ids_test.go index 73d13e086..7ad3739c8 100644 --- a/manager/controllers/systems_ids_test.go +++ b/manager/controllers/systems_ids_test.go @@ -156,12 +156,6 @@ func TestSystemsIDsFilterOS(t *testing.T) { assert.Equal(t, output.Data[2].ID, outputIDs.IDs[2]) } -func TestSystemsIDsFilterInvalidSyntax(t *testing.T) { - statusCode, errResp := testSystemsIDsError(t, "/?filter[os][in]=RHEL 8.1,RHEL 7.3") - assert.Equal(t, http.StatusBadRequest, statusCode) - assert.Equal(t, InvalidNestedFilter, errResp.Error) -} - func TestSystemsIDsOrderOS(t *testing.T) { output := testSystems(t, `/?sort=os`, 1) outputIDs := testSystemsIDs(t, `/?sort=os`, 1) diff --git a/manager/controllers/systems_test.go b/manager/controllers/systems_test.go index 847ade431..9d6a494ed 100644 --- a/manager/controllers/systems_test.go +++ b/manager/controllers/systems_test.go @@ -185,12 +185,6 @@ func TestSystemsFilterOS(t *testing.T) { assert.Equal(t, "RHEL 8.1", output.Data[2].Attributes.OS) } -func TestSystemsFilterInvalidSyntax(t *testing.T) { - statusCode, errResp := testSystemsError(t, "/?filter[os][in]=RHEL 8.1,RHEL 7.3") - assert.Equal(t, http.StatusBadRequest, statusCode) - assert.Equal(t, InvalidNestedFilter, errResp.Error) -} - func TestSystemsOrderOS(t *testing.T) { output := testSystems(t, `/?sort=os`, 1) assert.Equal(t, "RHEL 7.3", output.Data[0].Attributes.OS) From 5c7ae1866b1682da8ff73581bcfd469ad935189a Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Thu, 20 Jul 2023 13:56:54 +0200 Subject: [PATCH 178/268] ESSNTL-4817: reimplement filter parsing --- manager/controllers/filter.go | 8 +++++ manager/controllers/utils.go | 60 +++++++++++++++++++++++++++++++---- 2 files changed, 61 insertions(+), 7 deletions(-) diff --git a/manager/controllers/filter.go b/manager/controllers/filter.go index 8e795c64b..9e1b8b83e 100644 --- a/manager/controllers/filter.go +++ b/manager/controllers/filter.go @@ -149,3 +149,11 @@ func (t Filters) Apply(tx *gorm.DB, fields database.AttrMap) (*gorm.DB, error) { } return tx, nil } + +func (t Filters) Update(key string, value string) { + data := ParseFilterValue(value) + if fdata, ok := t[key]; ok { + data.Values = append(data.Values, fdata.Values...) + } + t[key] = data +} diff --git a/manager/controllers/utils.go b/manager/controllers/utils.go index 5286c9994..1b2aff5fa 100644 --- a/manager/controllers/utils.go +++ b/manager/controllers/utils.go @@ -20,6 +20,7 @@ import ( ) const InvalidOffsetMsg = "Invalid offset" +const InvalidFilter = "Invalid filter field: %v" const InvalidTagMsg = "Invalid tag '%s'. Use 'namespace/key=val format'" const InvalidNestedFilter = "Nested operators not yet implemented for standard filters" const FilterNotSupportedMsg = "filtering not supported on this endpoint" @@ -111,7 +112,7 @@ func validateFilters(q QueryMap, allowedFields database.AttrMap) error { continue } if _, ok := allowedFields[key]; !ok { - return errors.Errorf("Invalid filter field: %v", key) + return errors.Errorf(InvalidFilter, key) } } return nil @@ -166,6 +167,54 @@ func ParseFilters(q QueryMap, allowedFields database.AttrMap, return filters, err } +type NestedFilterMap map[string]string + +var nestedFilters = NestedFilterMap{ + "group_name][in": "group_name", + "system_profile][sap_system": "sap_system", + "system_profile][sap_sids][": "sap_sids", + "system_profile][sap_sids][in": "sap_sids", + "system_profile][sap_sids][in][": "sap_sids", + "system_profile][ansible": "ansible", + "system_profile][ansible][controller_version": "ansible->controller_version", + "system_profile][mssql": "mssql", + "system_profile][mssql][version": "mssql->version", +} + +func ParseFilters3(c *gin.Context, allowedFields database.AttrMap, + defaultFilters map[string]FilterData, apiver int) (Filters, Filters, error) { + filters := Filters{} + inventoryFilters := Filters{} + + params := c.Request.URL.Query() // map[string][]string + for name, values := range params { + if strings.HasPrefix(name, "filter[") { + subject := name[7 : len(name)-1] // strip key from "filter[...]" + for _, v := range values { + if _, ok := nestedFilters[subject]; ok { + nested := nestedFilters[subject] + inventoryFilters.Update(nested, v) + continue + } + if _, ok := allowedFields[subject]; !ok { + return Filters{}, Filters{}, errors.Errorf(InvalidFilter, subject) + } + + filters.Update(subject, v) + } + } + } + + // Apply default filters if there isn't such filter already + for n, v := range defaultFilters { + if _, ok := filters[n]; !ok { + filters[n] = v + } + } + + return filters, inventoryFilters, nil +} + type ListOpts struct { Fields database.AttrMap DefaultFilters map[string]FilterData @@ -175,9 +224,8 @@ type ListOpts struct { } func ExportListCommon(tx *gorm.DB, c *gin.Context, opts ListOpts) (*gorm.DB, error) { - query := NestedQueryMap(c, "filter") apiver := c.GetInt(middlewares.KeyApiver) - filters, err := ParseFilters(query, opts.Fields, opts.DefaultFilters, apiver) + filters, _, err := ParseFilters3(c, opts.Fields, opts.DefaultFilters, apiver) if err != nil { LogAndRespBadRequest(c, err, err.Error()) return nil, errors.Wrap(err, "filters parsing failed") @@ -213,9 +261,7 @@ func ListCommon(tx *gorm.DB, c *gin.Context, tagFilter map[string]FilterData, op } tx, searchQ := ApplySearch(c, tx, opts.SearchFields...) - query := NestedQueryMap(c, "filter") - - filters, err := ParseFilters(query, opts.Fields, opts.DefaultFilters, apiver) + filters, _, err := ParseFilters3(c, opts.Fields, opts.DefaultFilters, apiver) if err != nil { LogAndRespBadRequest(c, err, err.Error()) return nil, nil, nil, errors.Wrap(err, "filters parsing failed") @@ -531,7 +577,7 @@ func ApplyInventoryWhere(filters map[string]FilterData, tx *gorm.DB) (*gorm.DB, } if validSystemProfileFilters[key] { - values := strings.Join(val.Values, ",") + values := fmt.Sprintf(`"%s"`, strings.Join(val.Values, `","`)) q := buildSystemProfileQuery(key, values) // Builds array of values From 159028ab4551d416516a8feb736cf74b8dde6705 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Thu, 20 Jul 2023 14:01:21 +0200 Subject: [PATCH 179/268] ESSNTL-4817: remove unused err value --- manager/controllers/filter.go | 4 ++-- manager/controllers/filter_test.go | 12 ++++-------- manager/controllers/utils.go | 4 ++-- 3 files changed, 8 insertions(+), 12 deletions(-) diff --git a/manager/controllers/filter.go b/manager/controllers/filter.go index 9e1b8b83e..13c9c6f10 100644 --- a/manager/controllers/filter.go +++ b/manager/controllers/filter.go @@ -17,7 +17,7 @@ type FilterData struct { type Filters map[string]FilterData // Parse a filter from field name and field value specification -func ParseFilterValue(val string) (FilterData, error) { +func ParseFilterValue(val string) FilterData { idx := strings.Index(val, ":") var operator string @@ -36,7 +36,7 @@ func ParseFilterValue(val string) (FilterData, error) { return FilterData{ Operator: operator, Values: values, - }, nil + } } func checkValueCount(operator string, nValues int) bool { diff --git a/manager/controllers/filter_test.go b/manager/controllers/filter_test.go index c3368bb24..b4422b934 100644 --- a/manager/controllers/filter_test.go +++ b/manager/controllers/filter_test.go @@ -34,8 +34,7 @@ func TestFilterParse(t *testing.T) { } for i, f := range testFilters { - filter, err := ParseFilterValue(f) - assert.Equal(t, nil, err) + filter := ParseFilterValue(f) assert.Equal(t, operators[i], filter.Operator) assert.Equal(t, values[i], filter.Values) } @@ -52,8 +51,7 @@ func TestFilterToSql(t *testing.T) { } for i, f := range testFilters { - filter, err := ParseFilterValue(f) - assert.Equal(t, nil, err) + filter := ParseFilterValue(f) attrMap := database.AttrMap{"test": {DataQuery: "test", OrderQuery: "test", Parser: dummyParser}} query, _, err := filter.ToWhere("test", attrMap) @@ -73,8 +71,7 @@ func TestFilterToSqlAdvanced(t *testing.T) { } for i, f := range testFilters { - filter, err := ParseFilterValue(f) - assert.Equal(t, nil, err) + filter := ParseFilterValue(f) attrMap := database.AttrMap{"test": {DataQuery: "(NOT test)", OrderQuery: "(NOT test)", Parser: dummyParser}} query, _, err := filter.ToWhere("test", attrMap) assert.Equal(t, nil, err) @@ -84,8 +81,7 @@ func TestFilterToSqlAdvanced(t *testing.T) { // Filter out null characters func TestFilterInvalidValue(t *testing.T) { - filter, err := ParseFilterValue("eq:aa\u0000aa") - assert.NoError(t, err) + filter := ParseFilterValue("eq:aa\u0000aa") attrMap, _, err := database.GetQueryAttrs(struct{ V string }{""}) assert.NoError(t, err) _, value, err := filter.ToWhere("V", attrMap) diff --git a/manager/controllers/utils.go b/manager/controllers/utils.go index 1b2aff5fa..8081b8758 100644 --- a/manager/controllers/utils.go +++ b/manager/controllers/utils.go @@ -146,8 +146,8 @@ func ParseFilters(q QueryMap, allowedFields database.AttrMap, err = errors.New(InvalidNestedFilter) return err } - filters[f], err = ParseFilterValue(val) - return err + filters[f] = ParseFilterValue(val) + return nil }) if err != nil { return filters, err From 7ce91bdfcaa2f5ee279e24730b6b705c4e2d975f Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Fri, 21 Jul 2023 15:25:14 +0200 Subject: [PATCH 180/268] ESSNTL-4817: replace parseFiltersFromCtx() with ParseFilters3() --- manager/controllers/advisories.go | 4 +- manager/controllers/advisories_export.go | 4 +- manager/controllers/advisory_systems.go | 10 +-- .../controllers/advisory_systems_export.go | 2 +- manager/controllers/baseline_systems.go | 2 +- manager/controllers/baselines.go | 2 +- manager/controllers/package_systems.go | 2 +- manager/controllers/package_systems_export.go | 2 +- manager/controllers/packages.go | 2 +- manager/controllers/packages_export.go | 2 +- manager/controllers/systems.go | 2 +- manager/controllers/systems_export.go | 2 +- manager/controllers/utils.go | 78 ++++++++----------- manager/controllers/utils_test.go | 4 +- 14 files changed, 51 insertions(+), 67 deletions(-) diff --git a/manager/controllers/advisories.go b/manager/controllers/advisories.go index d9576a218..6e4ac234a 100644 --- a/manager/controllers/advisories.go +++ b/manager/controllers/advisories.go @@ -122,7 +122,7 @@ func advisoriesCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error) { account := c.GetInt(middlewares.KeyAccount) groups := c.GetStringMapString(middlewares.KeyInventoryGroups) var query *gorm.DB - filters, err := ParseInventoryFilters(c) + filters, err := ParseInventoryFilters(c, AdvisoriesOpts) if err != nil { return nil, nil, nil, err } @@ -137,7 +137,7 @@ func advisoriesCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error) { validCache = false } } - if !validCache || HasInventoryFilter(c) || len(groups[rbac.KeyGrouped]) != 0 { + if !validCache || HasInventoryFilter(filters) || len(groups[rbac.KeyGrouped]) != 0 { var err error query = buildQueryAdvisoriesTagged(db, filters, account, groups) if err != nil { diff --git a/manager/controllers/advisories_export.go b/manager/controllers/advisories_export.go index 3518e5146..fe0d69d50 100644 --- a/manager/controllers/advisories_export.go +++ b/manager/controllers/advisories_export.go @@ -30,7 +30,7 @@ import ( func AdvisoriesExportHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) groups := c.GetStringMapString(middlewares.KeyInventoryGroups) - filters, err := ParseInventoryFilters(c) + filters, err := ParseInventoryFilters(c, SystemOpts) if err != nil { return } @@ -47,7 +47,7 @@ func AdvisoriesExportHandler(c *gin.Context) { validCache = false } } - if !validCache || HasInventoryFilter(c) || len(groups[rbac.KeyGrouped]) != 0 { + if !validCache || HasInventoryFilter(filters) || len(groups[rbac.KeyGrouped]) != 0 { var err error query = buildQueryAdvisoriesTagged(db, filters, account, groups) if err != nil { diff --git a/manager/controllers/advisory_systems.go b/manager/controllers/advisory_systems.go index f377273fd..d918a2c43 100644 --- a/manager/controllers/advisory_systems.go +++ b/manager/controllers/advisory_systems.go @@ -58,15 +58,15 @@ func advisorySystemsCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error } query := buildAdvisorySystemsQuery(db, account, groups, advisoryName, apiver) - filters, err := ParseInventoryFilters(c) - if err != nil { - return nil, nil, nil, err - } // Error handled in method itself - query, _ = ApplyInventoryFilter(filters, query, "sp.inventory_id") opts := AdvisorySystemOptsV3 if apiver < 3 { opts = AdvisorySystemOpts } + filters, err := ParseInventoryFilters(c, opts) + if err != nil { + return nil, nil, nil, err + } // Error handled in method itself + query, _ = ApplyInventoryFilter(filters, query, "sp.inventory_id") query, meta, params, err := ListCommon(query, c, filters, opts) // Error handled in method itself return query, meta, params, err diff --git a/manager/controllers/advisory_systems_export.go b/manager/controllers/advisory_systems_export.go index c94a5ee1a..cfae0f12a 100644 --- a/manager/controllers/advisory_systems_export.go +++ b/manager/controllers/advisory_systems_export.go @@ -61,7 +61,7 @@ func AdvisorySystemsExportHandler(c *gin.Context) { } query := buildAdvisorySystemsQuery(db, account, groups, advisoryName, apiver) - filters, err := ParseInventoryFilters(c) + filters, err := ParseInventoryFilters(c, AdvisorySystemOpts) if err != nil { return } // Error handled in method itself diff --git a/manager/controllers/baseline_systems.go b/manager/controllers/baseline_systems.go index 22d58c3ee..134643b8c 100644 --- a/manager/controllers/baseline_systems.go +++ b/manager/controllers/baseline_systems.go @@ -108,7 +108,7 @@ func queryBaselineSystems(c *gin.Context, account, apiver int, groups map[string } query := buildQueryBaselineSystems(db, account, groups, id, apiver) - filters, err := ParseInventoryFilters(c) + filters, err := ParseInventoryFilters(c, BaselineSystemOpts) if err != nil { return nil, err } // Error handled in method itself diff --git a/manager/controllers/baselines.go b/manager/controllers/baselines.go index aae347908..0aeddb233 100644 --- a/manager/controllers/baselines.go +++ b/manager/controllers/baselines.go @@ -84,7 +84,7 @@ func BaselinesListHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) apiver := c.GetInt(middlewares.KeyApiver) groups := c.GetStringMapString(middlewares.KeyInventoryGroups) - filters, err := ParseInventoryFilters(c) + filters, err := ParseInventoryFilters(c, BaselineOpts) if err != nil { return } diff --git a/manager/controllers/package_systems.go b/manager/controllers/package_systems.go index a9a30b3df..e32a8498c 100644 --- a/manager/controllers/package_systems.go +++ b/manager/controllers/package_systems.go @@ -105,7 +105,7 @@ func packageSystemsCommon(db *gorm.DB, c *gin.Context) (*gorm.DB, *ListMeta, []s } query := packageSystemsQuery(db, account, groups, packageName, packageIDs) - filters, err := ParseInventoryFilters(c) + filters, err := ParseInventoryFilters(c, PackageSystemsOpts) if err != nil { return nil, nil, nil, err } // Error handled in method itself diff --git a/manager/controllers/package_systems_export.go b/manager/controllers/package_systems_export.go index 793200dad..9a14c292d 100644 --- a/manager/controllers/package_systems_export.go +++ b/manager/controllers/package_systems_export.go @@ -54,7 +54,7 @@ func PackageSystemsExportHandler(c *gin.Context) { } query := packageSystemsQuery(db, account, groups, packageName, packageIDs) - filters, err := ParseInventoryFilters(c) + filters, err := ParseInventoryFilters(c, PackageSystemsOpts) if err != nil { return } // Error handled in method itself diff --git a/manager/controllers/packages.go b/manager/controllers/packages.go index b66777a7d..881c8c912 100644 --- a/manager/controllers/packages.go +++ b/manager/controllers/packages.go @@ -150,7 +150,7 @@ func PackagesListHandler(c *gin.Context) { apiver := c.GetInt(middlewares.KeyApiver) groups := c.GetStringMapString(middlewares.KeyInventoryGroups) - filters, err := ParseInventoryFilters(c) + filters, err := ParseInventoryFilters(c, PackagesOpts) if err != nil { return } diff --git a/manager/controllers/packages_export.go b/manager/controllers/packages_export.go index 5f942c166..45181253e 100644 --- a/manager/controllers/packages_export.go +++ b/manager/controllers/packages_export.go @@ -26,7 +26,7 @@ func PackagesExportHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) apiver := c.GetInt(middlewares.KeyApiver) groups := c.GetStringMapString(middlewares.KeyInventoryGroups) - filters, err := ParseInventoryFilters(c) + filters, err := ParseInventoryFilters(c, PackagesOpts) if err != nil { return } diff --git a/manager/controllers/systems.go b/manager/controllers/systems.go index 1d0b3cb57..559c5c63e 100644 --- a/manager/controllers/systems.go +++ b/manager/controllers/systems.go @@ -172,7 +172,7 @@ func systemsCommon(c *gin.Context, apiver int) (*gorm.DB, *ListMeta, []string, e groups := c.GetStringMapString(middlewares.KeyInventoryGroups) db := middlewares.DBFromContext(c) query := querySystems(db, account, apiver, groups) - filters, err := ParseInventoryFilters(c) + filters, err := ParseInventoryFilters(c, SystemOpts) if err != nil { return nil, nil, nil, err } // Error handled method itself diff --git a/manager/controllers/systems_export.go b/manager/controllers/systems_export.go index ba2a6a266..727110a58 100644 --- a/manager/controllers/systems_export.go +++ b/manager/controllers/systems_export.go @@ -42,7 +42,7 @@ func SystemsExportHandler(c *gin.Context) { groups := c.GetStringMapString(middlewares.KeyInventoryGroups) db := middlewares.DBFromContext(c) query := querySystems(db, account, apiver, groups) - filters, err := ParseInventoryFilters(c) + filters, err := ParseInventoryFilters(c, SystemOpts) if err != nil { return } // Error handled in method itself diff --git a/manager/controllers/utils.go b/manager/controllers/utils.go index 8081b8758..e7a076f97 100644 --- a/manager/controllers/utils.go +++ b/manager/controllers/utils.go @@ -212,6 +212,15 @@ func ParseFilters3(c *gin.Context, allowedFields database.AttrMap, } } + // backward compatibility for v2 api and applicable_systems filter + if apiver < 3 { + if _, ok := filters["applicable_systems"]; ok { + // replace with `installable_systems` + filters["installable_systems"] = filters["applicable_systems"] + delete(filters, "applicable_systems") + } + } + return filters, inventoryFilters, nil } @@ -349,34 +358,11 @@ type Tag struct { Value *string } -func HasInventoryFilter(c *gin.Context) bool { +func HasInventoryFilter(filters Filters) bool { if !enableCyndiTags { return false } - hasFilter := false - if len(c.QueryArray("tags")) > 0 { - hasFilter = true - } - - // If we have the `system_profile` filter item, then we have tags - spQuery := NestedQueryMap(c, "filter").Path("system_profile") - if spQuery != nil { - // nolint: errcheck - spQuery.Visit(func(path []string, val string) error { - hasFilter = true - return nil - }) - } - - groupsQuery := NestedQueryMap(c, "filter").Path("group_name") - if groupsQuery != nil { - // nolint: errcheck - groupsQuery.Visit(func(path []string, val string) error { - hasFilter = true - return nil - }) - } - return hasFilter + return len(filters) > 0 } func trimQuotes(s string) string { @@ -433,7 +419,7 @@ func (t *Tag) ApplyTag(tx *gorm.DB) *gorm.DB { return tx.Where("ih.tags @> ?::jsonb", query) } -func ParseInventoryFilters(c *gin.Context) (map[string]FilterData, error) { +func ParseInventoryFilters(c *gin.Context, opts ListOpts) (map[string]FilterData, error) { filters := Filters{} err := parseTagsFromCtx(c, filters) @@ -441,10 +427,15 @@ func ParseInventoryFilters(c *gin.Context) (map[string]FilterData, error) { return nil, err } - if err := parseFiltersFromCtx(c, filters); err != nil { - return nil, errors.Wrap(err, "cannot parse inventory filters") + apiver := c.GetInt(middlewares.KeyApiver) + _, inventoryFilters, err := ParseFilters3(c, opts.Fields, opts.DefaultFilters, apiver) + if err != nil { + err = errors.Wrap(err, "cannot parse inventory filters") + LogAndRespBadRequest(c, err, err.Error()) + return nil, err } + mergeMaps(filters, inventoryFilters) return filters, nil } @@ -577,19 +568,7 @@ func ApplyInventoryWhere(filters map[string]FilterData, tx *gorm.DB) (*gorm.DB, } if validSystemProfileFilters[key] { - values := fmt.Sprintf(`"%s"`, strings.Join(val.Values, `","`)) - q := buildSystemProfileQuery(key, values) - - // Builds array of values - if len(val.Values) > 1 { - values = fmt.Sprintf("[%s]", values) - } - - if values == "not_nil" { - tx = tx.Where(q) - } else { - tx = tx.Where(q, values) - } + tx = buildSystemProfileQuery(tx, key, val.Values) applied = true continue @@ -598,10 +577,7 @@ func ApplyInventoryWhere(filters map[string]FilterData, tx *gorm.DB) (*gorm.DB, if strings.Contains(key, "group_name") { groups := []string{} for _, v := range val.Values { - name, err := strconv.Unquote(v) - if err != nil { - name = v - } + name := v group, err := utils.ParseInventoryGroup(nil, &name) if err != nil { // couldn't marshal inventory group to json @@ -621,14 +597,17 @@ func ApplyInventoryWhere(filters map[string]FilterData, tx *gorm.DB) (*gorm.DB, // Example: // buildSystemProfileQuery("mssql->version", "1.0") // returns "(ih.system_profile -> 'mssql' ->> 'version')::text = 1.0" -func buildSystemProfileQuery(key string, val string) string { +func buildSystemProfileQuery(tx *gorm.DB, key string, values []string) *gorm.DB { var cmp string + var val string switch key { case "sap_sids": cmp = "::jsonb @> ?::jsonb" + val = fmt.Sprintf(`["%s"]`, strings.Join(values, `","`)) default: cmp = "::text = ?" + val = values[0] } if val == "not_nil" { @@ -646,7 +625,12 @@ func buildSystemProfileQuery(key string, val string) string { } } - return fmt.Sprintf("%s%s", subq, cmp) + subq = fmt.Sprintf("%s%s", subq, cmp) + if val == "not_nil" { + return tx.Where(subq) + } + + return tx.Where(subq, val) } type QueryItem interface { diff --git a/manager/controllers/utils_test.go b/manager/controllers/utils_test.go index 5bb0c0342..805e87ad5 100644 --- a/manager/controllers/utils_test.go +++ b/manager/controllers/utils_test.go @@ -64,7 +64,7 @@ func TestGroupNameFilter(t *testing.T) { c, _ := gin.CreateTestContext(httptest.NewRecorder()) c.Request, _ = http.NewRequest("GET", "/?filter[group_name][in]=group2", nil) - filters, err := ParseInventoryFilters(c) + filters, err := ParseInventoryFilters(c, ListOpts{}) assert.Nil(t, err) var systems []SystemsID @@ -87,7 +87,7 @@ func TestGroupNameFilter2(t *testing.T) { c, _ := gin.CreateTestContext(httptest.NewRecorder()) c.Request, _ = http.NewRequest("GET", "/?filter[group_name][in]=group1,group2", nil) - filters, err := ParseInventoryFilters(c) + filters, err := ParseInventoryFilters(c, ListOpts{}) assert.Nil(t, err) var systems []SystemsID From 7131d78ac837f92ad58e3afd39825911d64318eb Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Fri, 21 Jul 2023 16:11:06 +0200 Subject: [PATCH 181/268] ESSNTL-4817: update tests to new filter parsing --- manager/controllers/systems_ids_test.go | 2 +- manager/controllers/systems_test.go | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/manager/controllers/systems_ids_test.go b/manager/controllers/systems_ids_test.go index 7ad3739c8..a8db8e8b2 100644 --- a/manager/controllers/systems_ids_test.go +++ b/manager/controllers/systems_ids_test.go @@ -136,7 +136,7 @@ func TestSystemsIDsFilterBaseline(t *testing.T) { func TestSystemsIDsFilterNotExisting(t *testing.T) { statusCode, errResp := testSystemsIDsError(t, "/?filter[not-existing]=1") assert.Equal(t, http.StatusBadRequest, statusCode) - assert.Equal(t, "Invalid filter field: not-existing", errResp.Error) + assert.Equal(t, "cannot parse inventory filters: Invalid filter field: not-existing", errResp.Error) } func TestSystemsIDsFilterPartialOS(t *testing.T) { diff --git a/manager/controllers/systems_test.go b/manager/controllers/systems_test.go index 9d6a494ed..00a80ebfc 100644 --- a/manager/controllers/systems_test.go +++ b/manager/controllers/systems_test.go @@ -174,7 +174,7 @@ func TestSystemsFilterBaseline(t *testing.T) { func TestSystemsFilterNotExisting(t *testing.T) { statusCode, errResp := testSystemsError(t, "/?filter[not-existing]=1") assert.Equal(t, http.StatusBadRequest, statusCode) - assert.Equal(t, "Invalid filter field: not-existing", errResp.Error) + assert.Equal(t, "cannot parse inventory filters: Invalid filter field: not-existing", errResp.Error) } func TestSystemsFilterOS(t *testing.T) { @@ -234,7 +234,7 @@ func TestSAPSystemMeta1(t *testing.T) { url := "/?filter[system_profile][sap_sids][]=ABC" output := testSystems(t, url, 1) testMap := map[string]FilterData{ - "sap_sids": {"eq", []string{`"ABC"`}}, + "sap_sids": {"eq", []string{"ABC"}}, "stale": {"eq", []string{"false"}}, } assert.Equal(t, testMap, output.Meta.Filter) @@ -244,7 +244,7 @@ func TestSAPSystemMeta2(t *testing.T) { url := "/?filter[system_profile][sap_sids][in][]=ABC" output := testSystems(t, url, 1) testMap := map[string]FilterData{ - "sap_sids": {"in", []string{`"ABC"`}}, + "sap_sids": {"eq", []string{"ABC"}}, "stale": {"eq", []string{"false"}}, } assert.Equal(t, testMap, output.Meta.Filter) @@ -255,7 +255,7 @@ func TestSAPSystemMeta3(t *testing.T) { output := testSystems(t, url, 1) testMap := map[string]FilterData{ "sap_system": {"eq", []string{"true"}}, - "sap_sids": {"eq", []string{`"ABC"`}}, + "sap_sids": {"eq", []string{"ABC"}}, "stale": {"eq", []string{"false"}}, } assert.Equal(t, testMap, output.Meta.Filter) @@ -265,7 +265,7 @@ func TestSAPSystemMeta4(t *testing.T) { url := "/?filter[system_profile][sap_sids][in]=ABC&filter[system_profile][sap_sids][in]=GHI" output := testSystems(t, url, 1) testMap := map[string]FilterData{ - "sap_sids": {"in", []string{`"ABC"`, `"GHI"`}}, + "sap_sids": {"eq", []string{"GHI", "ABC"}}, "stale": {"eq", []string{"false"}}, } assert.Equal(t, testMap, output.Meta.Filter) From 3c8b227a5e9ad7480905fbf9e10938228ccc5537 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Mon, 24 Jul 2023 14:08:54 +0200 Subject: [PATCH 182/268] ESSNTL-4817: remove unused obsoleted functions --- manager/controllers/utils.go | 274 ------------------------------ manager/controllers/utils_test.go | 45 ----- 2 files changed, 319 deletions(-) diff --git a/manager/controllers/utils.go b/manager/controllers/utils.go index e7a076f97..2fa83fa72 100644 --- a/manager/controllers/utils.go +++ b/manager/controllers/utils.go @@ -38,11 +38,6 @@ var validSystemProfileFilters = map[string]bool{ "ansible->controller_version": true, } -var multiValueFilters = map[string]bool{ - "sap_sids": true, - "group_name": true, -} - func LogAndRespError(c *gin.Context, err error, respMsg string) { utils.LogError("err", err.Error(), respMsg) c.AbortWithStatusJSON(http.StatusInternalServerError, utils.ErrorResponse{Error: respMsg}) @@ -105,68 +100,6 @@ func ApplySort(c *gin.Context, tx *gorm.DB, fieldExprs database.AttrMap, return tx, appliedFields, nil } -func validateFilters(q QueryMap, allowedFields database.AttrMap) error { - for key := range q { - // system_profile and group_name are handled by tags, so it can be skipped - if key == "system_profile" || key == "group_name" { - continue - } - if _, ok := allowedFields[key]; !ok { - return errors.Errorf(InvalidFilter, key) - } - } - return nil -} - -func ParseFilters(q QueryMap, allowedFields database.AttrMap, - defaultFilters map[string]FilterData, apiver int) (Filters, error) { - filters := Filters{} - var err error - - if err = validateFilters(q, allowedFields); err != nil { - return filters, err - } - - // Apply default filters - for n, v := range defaultFilters { - filters[n] = v - } - - // nolint: scopelint - for f := range allowedFields { - if elem := q.Path(f); elem != nil { - err := elem.Visit(func(path []string, val string) error { - // If we encountered error in previous element, skip processing others - if err != nil { - return err - } - - // the filter[a][eq]=b syntax was not yet implemented - if len(path) > 0 { - err = errors.New(InvalidNestedFilter) - return err - } - filters[f] = ParseFilterValue(val) - return nil - }) - if err != nil { - return filters, err - } - } - } - - // backward compatibility for v2 api and applicable_systems filter - if apiver < 3 { - if _, ok := filters["applicable_systems"]; ok { - // replace with `installable_systems` - filters["installable_systems"] = filters["applicable_systems"] - delete(filters, "applicable_systems") - } - } - - return filters, err -} - type NestedFilterMap map[string]string var nestedFilters = NestedFilterMap{ @@ -471,71 +404,6 @@ func parseTagsFromCtx(c *gin.Context, filters Filters) error { return nil } -func parseFiltersFromCtx(c *gin.Context, filters Filters) error { - var filterItems []QueryItem - filter := NestedQueryMap(c, "filter") - - if item, ok := filter.GetPath("system_profile"); ok { - // filter nested under "system_profile" - filterItems = append(filterItems, item) - } - if _, ok := filter.GetPath("group_name"); ok { - // "group_name" filter - filterItems = append(filterItems, filter) - } - - for _, filter := range filterItems { - err := filter.Visit(func(path []string, val string) error { - // Specific filter keys - if len(path) >= 1 && multiValueFilters[path[0]] { - return visitMultiValueFilters(filters, path, val) - } - - // [group_name] filter can be processed only with Specific filter keys - if f, ok := filter.(QueryMap); ok { - if _, has := f.GetPath("group_name"); has { - return nil - } - } - - // Generic [system_profile] filter keys - return visitSystemProfileFilters(filters, path, val) - }) - if err != nil { - LogAndRespBadRequest(c, err, err.Error()) - return err - } - } - return nil -} - -func visitMultiValueFilters(filters Filters, path []string, val string) error { - val = strconv.Quote(val) - var op string - if op = "eq"; len(path) > 1 { - op = path[1] - } - err := appendFilterData(filters, path[0], op, val) - if err != nil { - return errors.Wrapf(err, "invalid filter value: %s", val) - } - return nil -} - -// Builds key in following format path[0]->path[1]->path[2]... -func visitSystemProfileFilters(filters Filters, path []string, val string) error { - var key string - for i, s := range path { - if i == 0 { - key = path[0] - continue - } - key = fmt.Sprintf("%s->%s", key, s) - } - err := appendFilterData(filters, key, "eq", val) - return errors.Wrapf(err, "invalid filter value: %s", val) -} - // Filter systems by tags with subquery func ApplyInventoryFilter(filters map[string]FilterData, tx *gorm.DB, systemIDExpr string) (*gorm.DB, bool) { if !enableCyndiTags { @@ -633,119 +501,6 @@ func buildSystemProfileQuery(tx *gorm.DB, key string, values []string) *gorm.DB return tx.Where(subq, val) } -type QueryItem interface { - IsQuery() - Visit(visitor func(path []string, val string) error, pathPrefix ...string) error -} -type QueryArr []string - -func (QueryArr) IsQuery() {} - -func (q QueryArr) Visit(visitor func(path []string, val string) error, pathPrefix ...string) error { - for _, item := range q { - if err := visitor(pathPrefix, item); err != nil { - return err - } - } - return nil -} - -type QueryMap map[string]QueryItem - -func (QueryMap) IsQuery() {} - -func (q QueryMap) Visit(visitor func(path []string, val string) error, pathPrefix ...string) error { - for k, v := range q { - newPath := make([]string, len(pathPrefix)) - copy(newPath, pathPrefix) - newPath = append(newPath, k) - switch val := v.(type) { - case QueryMap: - if err := val.Visit(visitor, newPath...); err != nil { - return err - } - case QueryArr: - // Inlined code here to avoid calling interface method in struct receiver (low perf) - for _, item := range val { - if err := visitor(newPath, item); err != nil { - return err - } - } - } - } - return nil -} - -func (q QueryMap) GetPath(keys ...string) (QueryItem, bool) { - var item QueryItem - item, has := q, true - - for has && item != nil && len(keys) > 0 { - switch itemMap := item.(type) { - case QueryMap: - item, has = itemMap[keys[0]] - keys = keys[1:] - - default: - break - } - } - return item, has -} - -func (q QueryMap) Path(keys ...string) QueryItem { - v, _ := q.GetPath(keys...) - return v -} - -func NestedQueryMap(c *gin.Context, key string) QueryMap { - return nestedQueryImpl(c.Request.URL.Query(), key) -} - -func (q *QueryMap) appendValue(steps []string, value []string) { - res := *q - for i, v := range steps { - if i == len(steps)-1 { - res[v] = QueryArr(value) - } else { - if _, has := res[v]; !has { - res[v] = QueryMap{} - } - res = res[v].(QueryMap) - } - } -} - -// nolint: gocognit -func nestedQueryImpl(values map[string][]string, key string) QueryMap { - root := QueryMap{} - - for name, value := range values { - var steps []string - var i int - var j int - for len(name) > 0 && i >= 0 && j >= 0 { - if i = strings.IndexByte(name, '['); i >= 0 { - if name[0:i] == key || len(steps) > 0 { - // if j is 0 here, that means we received []as a part of query param name, should indicate an array - if j = strings.IndexByte(name[i+1:], ']'); j >= 0 { - // Skip [] in param names - if len(name[i+1:][:j]) > 0 { - steps = append(steps, name[i+1:][:j]) - } - name = name[i+j+2:] - } - } else if name[0:i] != key && steps == nil { - // Invalid key for the context - abort. - return root - } - } - } - root.appendValue(steps, value) - } - return root -} - func Csv(ctx *gin.Context, code int, res interface{}) { ctx.Status(http.StatusOK) ctx.Header("Content-Type", "text/csv") @@ -954,35 +709,6 @@ func mergeMaps(first map[string]FilterData, second map[string]FilterData) { } } -func appendFilterData(filters Filters, key string, op, val string) error { - if _, ok := filters[key]; !ok { - filters[key] = FilterData{} - } - - values, err := splitValues(op, val) - if err != nil { - return err - } - - filters[key] = FilterData{ - Operator: op, - Values: append(filters[key].Values, values...), - } - return nil -} - -// Split comma delimited string values for IN operator -func splitValues(op, val string) ([]string, error) { - if op == "in" && strings.Contains(val, ",") { - val, err := strconv.Unquote(val) - if err != nil { - return []string{}, errors.Wrap(err, "cannot unquote value") - } - return strings.Split(val, ","), nil - } - return []string{val}, nil -} - // Pagination query for handlers where ListCommon is not used func Paginate(tx *gorm.DB, limit *int, offset *int) (int, int, error) { var total int64 diff --git a/manager/controllers/utils_test.go b/manager/controllers/utils_test.go index 805e87ad5..4efa20742 100644 --- a/manager/controllers/utils_test.go +++ b/manager/controllers/utils_test.go @@ -6,57 +6,12 @@ import ( "app/base/utils" "net/http" "net/http/httptest" - "reflect" "testing" - "time" "github.com/gin-gonic/gin" "github.com/stretchr/testify/assert" ) -func TestNestedQueryParse(t *testing.T) { - q1 := map[string][]string{ - "filter[abc][efg][eq]": {"a"}, - "filter[a][]": {"b", "c"}, - // Check that we stop after we encountered invalid filter syntax - "filter[]]]]]": {}, - "filter[[[[[": {}, - "filter": {}, - } - res := nestedQueryImpl(q1, "filter") - // nolint: errcheck - res.Visit(func(keys []string, val string) error { - if reflect.DeepEqual([]string{"abc", "efg", "eq"}, keys) { - assert.Equal(t, "a", val) - } - // We need to be able to parse multi-value elems - if reflect.DeepEqual([]string{"a"}, keys) { - assert.Contains(t, []string{"b", "c"}, val) - } - return nil - }) -} - -func TestNestedQueryInvalidKey(t *testing.T) { - timeout := time.After(5 * time.Second) - done := make(chan bool) - - go func() { - q := map[string][]string{ - "filter[abc][efg][eq]": {"a"}, - } - res := nestedQueryImpl(q, "filte") - assert.Equal(t, res, QueryMap{}) - done <- true - }() - - select { - case <-timeout: - t.Fatal("Timeout exceeded - probably infinite loop in nested query") - case <-done: - } -} - func TestGroupNameFilter(t *testing.T) { utils.SkipWithoutDB(t) database.Configure() From c4602d186b0abc5cb8a1d508525f62ad654d1086 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Mon, 24 Jul 2023 14:13:14 +0200 Subject: [PATCH 183/268] ESSNTL-4817: rename ParseFilters3 to ParseFilters --- manager/controllers/utils.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/manager/controllers/utils.go b/manager/controllers/utils.go index 2fa83fa72..114282365 100644 --- a/manager/controllers/utils.go +++ b/manager/controllers/utils.go @@ -114,7 +114,7 @@ var nestedFilters = NestedFilterMap{ "system_profile][mssql][version": "mssql->version", } -func ParseFilters3(c *gin.Context, allowedFields database.AttrMap, +func ParseFilters(c *gin.Context, allowedFields database.AttrMap, defaultFilters map[string]FilterData, apiver int) (Filters, Filters, error) { filters := Filters{} inventoryFilters := Filters{} @@ -167,7 +167,7 @@ type ListOpts struct { func ExportListCommon(tx *gorm.DB, c *gin.Context, opts ListOpts) (*gorm.DB, error) { apiver := c.GetInt(middlewares.KeyApiver) - filters, _, err := ParseFilters3(c, opts.Fields, opts.DefaultFilters, apiver) + filters, _, err := ParseFilters(c, opts.Fields, opts.DefaultFilters, apiver) if err != nil { LogAndRespBadRequest(c, err, err.Error()) return nil, errors.Wrap(err, "filters parsing failed") @@ -203,7 +203,7 @@ func ListCommon(tx *gorm.DB, c *gin.Context, tagFilter map[string]FilterData, op } tx, searchQ := ApplySearch(c, tx, opts.SearchFields...) - filters, _, err := ParseFilters3(c, opts.Fields, opts.DefaultFilters, apiver) + filters, _, err := ParseFilters(c, opts.Fields, opts.DefaultFilters, apiver) if err != nil { LogAndRespBadRequest(c, err, err.Error()) return nil, nil, nil, errors.Wrap(err, "filters parsing failed") @@ -361,7 +361,7 @@ func ParseInventoryFilters(c *gin.Context, opts ListOpts) (map[string]FilterData } apiver := c.GetInt(middlewares.KeyApiver) - _, inventoryFilters, err := ParseFilters3(c, opts.Fields, opts.DefaultFilters, apiver) + _, inventoryFilters, err := ParseFilters(c, opts.Fields, opts.DefaultFilters, apiver) if err != nil { err = errors.Wrap(err, "cannot parse inventory filters") LogAndRespBadRequest(c, err, err.Error()) From 174c152eef83741c85c969aa205ffa3030715d36 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Mon, 24 Jul 2023 15:48:48 +0200 Subject: [PATCH 184/268] ESSNTL-4817: parse filters only once remove second parsing from ListCommon() --- manager/controllers/advisories.go | 8 ++++---- manager/controllers/advisories_export.go | 6 +++--- manager/controllers/advisory_systems.go | 6 +++--- .../controllers/advisory_systems_export.go | 4 ++-- manager/controllers/baseline_systems.go | 11 +++++++--- manager/controllers/baselines.go | 6 +++--- manager/controllers/package_systems.go | 6 +++--- manager/controllers/package_systems_export.go | 4 ++-- manager/controllers/package_versions.go | 2 +- manager/controllers/packages.go | 6 +++--- manager/controllers/packages_export.go | 4 ++-- manager/controllers/system_advisories.go | 2 +- manager/controllers/system_packages.go | 8 ++++++-- manager/controllers/systems.go | 6 +++--- manager/controllers/systems_export.go | 4 ++-- manager/controllers/systemtags.go | 2 +- manager/controllers/utils.go | 20 +++++++++---------- manager/controllers/utils_test.go | 8 ++++---- 18 files changed, 60 insertions(+), 53 deletions(-) diff --git a/manager/controllers/advisories.go b/manager/controllers/advisories.go index 6e4ac234a..f70b53cda 100644 --- a/manager/controllers/advisories.go +++ b/manager/controllers/advisories.go @@ -122,7 +122,7 @@ func advisoriesCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error) { account := c.GetInt(middlewares.KeyAccount) groups := c.GetStringMapString(middlewares.KeyInventoryGroups) var query *gorm.DB - filters, err := ParseInventoryFilters(c, AdvisoriesOpts) + filters, inventoryFilters, err := ParseInventoryFilters(c, AdvisoriesOpts) if err != nil { return nil, nil, nil, err } @@ -137,9 +137,9 @@ func advisoriesCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error) { validCache = false } } - if !validCache || HasInventoryFilter(filters) || len(groups[rbac.KeyGrouped]) != 0 { + if !validCache || HasInventoryFilter(inventoryFilters) || len(groups[rbac.KeyGrouped]) != 0 { var err error - query = buildQueryAdvisoriesTagged(db, filters, account, groups) + query = buildQueryAdvisoriesTagged(db, inventoryFilters, account, groups) if err != nil { return nil, nil, nil, err } // Error handled in method itself @@ -147,7 +147,7 @@ func advisoriesCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error) { query = buildQueryAdvisories(db, account) } - query, meta, params, err := ListCommon(query, c, filters, AdvisoriesOpts) + query, meta, params, err := ListCommon(query, c, filters, inventoryFilters, AdvisoriesOpts) // Error handling and setting of result code & content is done in ListCommon return query, meta, params, err } diff --git a/manager/controllers/advisories_export.go b/manager/controllers/advisories_export.go index fe0d69d50..83b429dbd 100644 --- a/manager/controllers/advisories_export.go +++ b/manager/controllers/advisories_export.go @@ -30,7 +30,7 @@ import ( func AdvisoriesExportHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) groups := c.GetStringMapString(middlewares.KeyInventoryGroups) - filters, err := ParseInventoryFilters(c, SystemOpts) + _, inventoryFilters, err := ParseInventoryFilters(c, SystemOpts) if err != nil { return } @@ -47,9 +47,9 @@ func AdvisoriesExportHandler(c *gin.Context) { validCache = false } } - if !validCache || HasInventoryFilter(filters) || len(groups[rbac.KeyGrouped]) != 0 { + if !validCache || HasInventoryFilter(inventoryFilters) || len(groups[rbac.KeyGrouped]) != 0 { var err error - query = buildQueryAdvisoriesTagged(db, filters, account, groups) + query = buildQueryAdvisoriesTagged(db, inventoryFilters, account, groups) if err != nil { return } // Error handled in method itself diff --git a/manager/controllers/advisory_systems.go b/manager/controllers/advisory_systems.go index d918a2c43..d40f752f6 100644 --- a/manager/controllers/advisory_systems.go +++ b/manager/controllers/advisory_systems.go @@ -62,12 +62,12 @@ func advisorySystemsCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error if apiver < 3 { opts = AdvisorySystemOpts } - filters, err := ParseInventoryFilters(c, opts) + filters, inventoryFilters, err := ParseInventoryFilters(c, opts) if err != nil { return nil, nil, nil, err } // Error handled in method itself - query, _ = ApplyInventoryFilter(filters, query, "sp.inventory_id") - query, meta, params, err := ListCommon(query, c, filters, opts) + query, _ = ApplyInventoryFilter(inventoryFilters, query, "sp.inventory_id") + query, meta, params, err := ListCommon(query, c, filters, inventoryFilters, opts) // Error handled in method itself return query, meta, params, err } diff --git a/manager/controllers/advisory_systems_export.go b/manager/controllers/advisory_systems_export.go index cfae0f12a..8a029bf35 100644 --- a/manager/controllers/advisory_systems_export.go +++ b/manager/controllers/advisory_systems_export.go @@ -61,11 +61,11 @@ func AdvisorySystemsExportHandler(c *gin.Context) { } query := buildAdvisorySystemsQuery(db, account, groups, advisoryName, apiver) - filters, err := ParseInventoryFilters(c, AdvisorySystemOpts) + _, inventoryFilters, err := ParseInventoryFilters(c, AdvisorySystemOpts) if err != nil { return } // Error handled in method itself - query, _ = ApplyInventoryFilter(filters, query, "sp.inventory_id") + query, _ = ApplyInventoryFilter(inventoryFilters, query, "sp.inventory_id") query = query.Order("sp.id") query, err = ExportListCommon(query, c, AdvisorySystemOpts) diff --git a/manager/controllers/baseline_systems.go b/manager/controllers/baseline_systems.go index 134643b8c..d9841772c 100644 --- a/manager/controllers/baseline_systems.go +++ b/manager/controllers/baseline_systems.go @@ -108,11 +108,11 @@ func queryBaselineSystems(c *gin.Context, account, apiver int, groups map[string } query := buildQueryBaselineSystems(db, account, groups, id, apiver) - filters, err := ParseInventoryFilters(c, BaselineSystemOpts) + _, inventoryFilters, err := ParseInventoryFilters(c, BaselineSystemOpts) if err != nil { return nil, err } // Error handled in method itself - query, _ = ApplyInventoryFilter(filters, query, "sp.inventory_id") + query, _ = ApplyInventoryFilter(inventoryFilters, query, "sp.inventory_id") return query, nil } @@ -123,7 +123,12 @@ func baselineSystemsCommon(c *gin.Context, account, apiver int, groups map[strin return nil, nil, nil, err } // Error handled in method itself - query, meta, params, err := ListCommon(query, c, nil, BaselineSystemOpts) + filters, inventoryFilters, err := ParseInventoryFilters(c, PackageSystemsOpts) + if err != nil { + // Error handled in method itself + return nil, nil, nil, err + } + query, meta, params, err := ListCommon(query, c, filters, inventoryFilters, BaselineSystemOpts) if err != nil { // Error handling and setting of result code & content is done in ListCommon return nil, nil, nil, err diff --git a/manager/controllers/baselines.go b/manager/controllers/baselines.go index 0aeddb233..8993ada09 100644 --- a/manager/controllers/baselines.go +++ b/manager/controllers/baselines.go @@ -84,18 +84,18 @@ func BaselinesListHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) apiver := c.GetInt(middlewares.KeyApiver) groups := c.GetStringMapString(middlewares.KeyInventoryGroups) - filters, err := ParseInventoryFilters(c, BaselineOpts) + filters, inventoryFilters, err := ParseInventoryFilters(c, BaselineOpts) if err != nil { return } db := middlewares.DBFromContext(c) - query := buildQueryBaselines(db, filters, account, groups) + query := buildQueryBaselines(db, inventoryFilters, account, groups) if err != nil { return } // Error handled in method itself - query, meta, params, err := ListCommon(query, c, filters, BaselineOpts) + query, meta, params, err := ListCommon(query, c, filters, inventoryFilters, BaselineOpts) if err != nil { // Error handling and setting of result code & content is done in ListCommon return diff --git a/manager/controllers/package_systems.go b/manager/controllers/package_systems.go index e32a8498c..87f3710e5 100644 --- a/manager/controllers/package_systems.go +++ b/manager/controllers/package_systems.go @@ -105,12 +105,12 @@ func packageSystemsCommon(db *gorm.DB, c *gin.Context) (*gorm.DB, *ListMeta, []s } query := packageSystemsQuery(db, account, groups, packageName, packageIDs) - filters, err := ParseInventoryFilters(c, PackageSystemsOpts) + filters, inventoryFilters, err := ParseInventoryFilters(c, PackageSystemsOpts) if err != nil { return nil, nil, nil, err } // Error handled in method itself - query, _ = ApplyInventoryFilter(filters, query, "sp.inventory_id") - query, meta, params, err := ListCommon(query, c, filters, PackageSystemsOpts) + query, _ = ApplyInventoryFilter(inventoryFilters, query, "sp.inventory_id") + query, meta, params, err := ListCommon(query, c, filters, inventoryFilters, PackageSystemsOpts) // Error handled in method itself return query, meta, params, err } diff --git a/manager/controllers/package_systems_export.go b/manager/controllers/package_systems_export.go index 9a14c292d..3a276797b 100644 --- a/manager/controllers/package_systems_export.go +++ b/manager/controllers/package_systems_export.go @@ -54,11 +54,11 @@ func PackageSystemsExportHandler(c *gin.Context) { } query := packageSystemsQuery(db, account, groups, packageName, packageIDs) - filters, err := ParseInventoryFilters(c, PackageSystemsOpts) + _, inventoryFilters, err := ParseInventoryFilters(c, PackageSystemsOpts) if err != nil { return } // Error handled in method itself - query, _ = ApplyInventoryFilter(filters, query, "sp.inventory_id") + query, _ = ApplyInventoryFilter(inventoryFilters, query, "sp.inventory_id") query, err = ExportListCommon(query, c, PackageSystemsOpts) if err != nil { return diff --git a/manager/controllers/package_versions.go b/manager/controllers/package_versions.go index c9ef686e2..09ce3fa21 100644 --- a/manager/controllers/package_versions.go +++ b/manager/controllers/package_versions.go @@ -91,7 +91,7 @@ func PackageVersionsListHandler(c *gin.Context) { query := packageVersionsQuery(db, account, groups, packageNameIDs) // we don't support tags and filters for this endpoint - query, meta, params, err := ListCommon(query, c, nil, PackageVersionsOpts) + query, meta, params, err := ListCommon(query, c, nil, nil, PackageVersionsOpts) if err != nil { return } // Error handled in method itself diff --git a/manager/controllers/packages.go b/manager/controllers/packages.go index 881c8c912..e6221f6a3 100644 --- a/manager/controllers/packages.go +++ b/manager/controllers/packages.go @@ -150,17 +150,17 @@ func PackagesListHandler(c *gin.Context) { apiver := c.GetInt(middlewares.KeyApiver) groups := c.GetStringMapString(middlewares.KeyInventoryGroups) - filters, err := ParseInventoryFilters(c, PackagesOpts) + filters, inventoryFilters, err := ParseInventoryFilters(c, PackagesOpts) if err != nil { return } db := middlewares.DBFromContext(c) - query := packagesQuery(db, filters, account, groups) + query := packagesQuery(db, inventoryFilters, account, groups) if err != nil { return } // Error handled in method itself - query, meta, params, err := ListCommon(query, c, filters, PackagesOpts) + query, meta, params, err := ListCommon(query, c, filters, inventoryFilters, PackagesOpts) if err != nil { return } // Error handled in method itself diff --git a/manager/controllers/packages_export.go b/manager/controllers/packages_export.go index 45181253e..13c4257d0 100644 --- a/manager/controllers/packages_export.go +++ b/manager/controllers/packages_export.go @@ -26,13 +26,13 @@ func PackagesExportHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) apiver := c.GetInt(middlewares.KeyApiver) groups := c.GetStringMapString(middlewares.KeyInventoryGroups) - filters, err := ParseInventoryFilters(c, PackagesOpts) + _, inventoryfilters, err := ParseInventoryFilters(c, PackagesOpts) if err != nil { return } db := middlewares.DBFromContext(c) - query := packagesQuery(db, filters, account, groups) + query := packagesQuery(db, inventoryfilters, account, groups) if err != nil { return } diff --git a/manager/controllers/system_advisories.go b/manager/controllers/system_advisories.go index b56fc4429..12de05224 100644 --- a/manager/controllers/system_advisories.go +++ b/manager/controllers/system_advisories.go @@ -92,7 +92,7 @@ func systemAdvisoriesCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, erro } query := buildSystemAdvisoriesQuery(db, account, groups, inventoryID) - query, meta, params, err := ListCommon(query, c, nil, SystemAdvisoriesOpts) + query, meta, params, err := ListCommon(query, c, nil, nil, SystemAdvisoriesOpts) // Error handling and setting of result code & content is done in ListCommon return query, meta, params, err } diff --git a/manager/controllers/system_packages.go b/manager/controllers/system_packages.go index 95b117257..dda79ca10 100644 --- a/manager/controllers/system_packages.go +++ b/manager/controllers/system_packages.go @@ -118,11 +118,15 @@ func SystemPackagesHandler(c *gin.Context) { LogAndRespBadRequest(c, errors.New("bad request"), "incorrect inventory_id format") return } - + filters, inventoryFilters, err := ParseInventoryFilters(c, PackageSystemsOpts) + if err != nil { + // Error handled in method itself + return + } var loaded []SystemPackageDBLoad db := middlewares.DBFromContext(c) q := systemPackageQuery(db, account, groups, inventoryID) - q, meta, params, err := ListCommon(q, c, nil, SystemPackagesOpts) + q, meta, params, err := ListCommon(q, c, filters, inventoryFilters, SystemPackagesOpts) if err != nil { return } diff --git a/manager/controllers/systems.go b/manager/controllers/systems.go index 559c5c63e..3dbf25d21 100644 --- a/manager/controllers/systems.go +++ b/manager/controllers/systems.go @@ -172,12 +172,12 @@ func systemsCommon(c *gin.Context, apiver int) (*gorm.DB, *ListMeta, []string, e groups := c.GetStringMapString(middlewares.KeyInventoryGroups) db := middlewares.DBFromContext(c) query := querySystems(db, account, apiver, groups) - filters, err := ParseInventoryFilters(c, SystemOpts) + filters, inventoryFilters, err := ParseInventoryFilters(c, SystemOpts) if err != nil { return nil, nil, nil, err } // Error handled method itself - query, _ = ApplyInventoryFilter(filters, query, "sp.inventory_id") - query, meta, params, err := ListCommon(query, c, filters, SystemOpts) + query, _ = ApplyInventoryFilter(inventoryFilters, query, "sp.inventory_id") + query, meta, params, err := ListCommon(query, c, filters, inventoryFilters, SystemOpts) // Error handled method itself return query, meta, params, err } diff --git a/manager/controllers/systems_export.go b/manager/controllers/systems_export.go index 727110a58..ce91521ef 100644 --- a/manager/controllers/systems_export.go +++ b/manager/controllers/systems_export.go @@ -42,11 +42,11 @@ func SystemsExportHandler(c *gin.Context) { groups := c.GetStringMapString(middlewares.KeyInventoryGroups) db := middlewares.DBFromContext(c) query := querySystems(db, account, apiver, groups) - filters, err := ParseInventoryFilters(c, SystemOpts) + _, inventoryFilters, err := ParseInventoryFilters(c, SystemOpts) if err != nil { return } // Error handled in method itself - query, _ = ApplyInventoryFilter(filters, query, "sp.inventory_id") + query, _ = ApplyInventoryFilter(inventoryFilters, query, "sp.inventory_id") var systems SystemDBLookupSlice diff --git a/manager/controllers/systemtags.go b/manager/controllers/systemtags.go index 3335c92dd..ac33c38e9 100644 --- a/manager/controllers/systemtags.go +++ b/manager/controllers/systemtags.go @@ -75,7 +75,7 @@ func SystemTagListHandler(c *gin.Context) { Select(SystemTagSelect). Group("sq.tag") - tx, meta, params, err := ListCommon(query, c, nil, SystemTagsOpts) + tx, meta, params, err := ListCommon(query, c, nil, nil, SystemTagsOpts) if !checkSortMeta(meta.Sort) { LogAndRespBadRequest(c, errors.New("invalid sort field(s)"), "invalid sort") return diff --git a/manager/controllers/utils.go b/manager/controllers/utils.go index 114282365..a09dd43e9 100644 --- a/manager/controllers/utils.go +++ b/manager/controllers/utils.go @@ -192,10 +192,9 @@ func extractTagsQueryString(c *gin.Context) string { } // nolint: funlen, lll -func ListCommon(tx *gorm.DB, c *gin.Context, tagFilter map[string]FilterData, opts ListOpts, params ...string) ( +func ListCommon(tx *gorm.DB, c *gin.Context, filters Filters, tagFilter Filters, opts ListOpts, params ...string) ( *gorm.DB, *ListMeta, []string, error) { hasSystems := true - apiver := c.GetInt(middlewares.KeyApiver) limit, offset, err := utils.LoadLimitOffset(c, core.DefaultLimit) if err != nil { LogAndRespBadRequest(c, err, err.Error()) @@ -203,7 +202,6 @@ func ListCommon(tx *gorm.DB, c *gin.Context, tagFilter map[string]FilterData, op } tx, searchQ := ApplySearch(c, tx, opts.SearchFields...) - filters, _, err := ParseFilters(c, opts.Fields, opts.DefaultFilters, apiver) if err != nil { LogAndRespBadRequest(c, err, err.Error()) return nil, nil, nil, errors.Wrap(err, "filters parsing failed") @@ -352,24 +350,24 @@ func (t *Tag) ApplyTag(tx *gorm.DB) *gorm.DB { return tx.Where("ih.tags @> ?::jsonb", query) } -func ParseInventoryFilters(c *gin.Context, opts ListOpts) (map[string]FilterData, error) { - filters := Filters{} +func ParseInventoryFilters(c *gin.Context, opts ListOpts) (Filters, Filters, error) { + tagFilters := Filters{} - err := parseTagsFromCtx(c, filters) + err := parseTagsFromCtx(c, tagFilters) if err != nil { - return nil, err + return nil, nil, err } apiver := c.GetInt(middlewares.KeyApiver) - _, inventoryFilters, err := ParseFilters(c, opts.Fields, opts.DefaultFilters, apiver) + filters, inventoryFilters, err := ParseFilters(c, opts.Fields, opts.DefaultFilters, apiver) if err != nil { err = errors.Wrap(err, "cannot parse inventory filters") LogAndRespBadRequest(c, err, err.Error()) - return nil, err + return nil, nil, err } - mergeMaps(filters, inventoryFilters) - return filters, nil + mergeMaps(tagFilters, inventoryFilters) + return filters, tagFilters, nil } func parseTagsFromCtx(c *gin.Context, filters Filters) error { diff --git a/manager/controllers/utils_test.go b/manager/controllers/utils_test.go index 4efa20742..00a06fad6 100644 --- a/manager/controllers/utils_test.go +++ b/manager/controllers/utils_test.go @@ -19,7 +19,7 @@ func TestGroupNameFilter(t *testing.T) { c, _ := gin.CreateTestContext(httptest.NewRecorder()) c.Request, _ = http.NewRequest("GET", "/?filter[group_name][in]=group2", nil) - filters, err := ParseInventoryFilters(c, ListOpts{}) + _, inventoryFilters, err := ParseInventoryFilters(c, ListOpts{}) assert.Nil(t, err) var systems []SystemsID @@ -27,7 +27,7 @@ func TestGroupNameFilter(t *testing.T) { rbac.KeyGrouped: `{"[{\"id\":\"inventory-group-1\"}]","[{\"id\":\"inventory-group-2\"}]"}`, } tx := database.Systems(database.Db, 1, groups) - tx, _ = ApplyInventoryFilter(filters, tx, "sp.inventory_id") + tx, _ = ApplyInventoryFilter(inventoryFilters, tx, "sp.inventory_id") tx.Scan(&systems) assert.Equal(t, 2, len(systems)) // 2 systems with `group2` in test_data @@ -42,7 +42,7 @@ func TestGroupNameFilter2(t *testing.T) { c, _ := gin.CreateTestContext(httptest.NewRecorder()) c.Request, _ = http.NewRequest("GET", "/?filter[group_name][in]=group1,group2", nil) - filters, err := ParseInventoryFilters(c, ListOpts{}) + _, inventoryFilters, err := ParseInventoryFilters(c, ListOpts{}) assert.Nil(t, err) var systems []SystemsID @@ -50,7 +50,7 @@ func TestGroupNameFilter2(t *testing.T) { rbac.KeyGrouped: `{"[{\"id\":\"inventory-group-1\"}]","[{\"id\":\"inventory-group-2\"}]"}`, } tx := database.Systems(database.Db, 1, groups) - tx, _ = ApplyInventoryFilter(filters, tx, "sp.inventory_id") + tx, _ = ApplyInventoryFilter(inventoryFilters, tx, "sp.inventory_id") tx.Scan(&systems) assert.Equal(t, 8, len(systems)) // 2 systems with `group2`, 6 with `group1` in test_data From 1cd75c99d3f2f1390309ce9fdec06fd92286aae0 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Tue, 25 Jul 2023 10:59:51 +0200 Subject: [PATCH 185/268] ESSNTL-4817: remove redundant [in] from filters --- docs/v3/openapi.json | 154 +++++++++++++----- manager/controllers/advisories.go | 8 +- manager/controllers/advisory_systems.go | 8 +- .../controllers/advisory_systems_export.go | 4 +- manager/controllers/baseline_systems.go | 4 +- .../controllers/baseline_systems_export.go | 4 +- .../baseline_systems_export_test.go | 2 +- manager/controllers/package_systems.go | 8 +- manager/controllers/package_systems_export.go | 4 +- manager/controllers/packages.go | 4 +- manager/controllers/systems.go | 8 +- manager/controllers/systems_export.go | 4 +- manager/controllers/systems_export_test.go | 2 +- manager/controllers/systems_ids_test.go | 2 +- manager/controllers/systems_test.go | 10 +- manager/controllers/utils.go | 10 +- manager/controllers/utils_test.go | 4 +- 17 files changed, 156 insertions(+), 84 deletions(-) diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 42e464286..0c1da90a1 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -141,11 +141,16 @@ } }, { - "name": "filter[group_name][in]", + "name": "filter[group_name]", "in": "query", "description": "Filter systems by inventory groups", + "style": "form", + "explode": true, "schema": { - "type": "string" + "type": "array", + "items": { + "type": "string" + } } }, { @@ -157,7 +162,7 @@ } }, { - "name": "filter[system_profile][sap_sids][in]", + "name": "filter[system_profile][sap_sids]", "in": "query", "description": "Filter systems by their SAP SIDs", "style": "form", @@ -434,11 +439,16 @@ } }, { - "name": "filter[group_name][in]", + "name": "filter[group_name]", "in": "query", "description": "Filter systems by inventory groups", + "style": "form", + "explode": true, "schema": { - "type": "string" + "type": "array", + "items": { + "type": "string" + } } }, { @@ -450,7 +460,7 @@ } }, { - "name": "filter[system_profile][sap_sids][in]", + "name": "filter[system_profile][sap_sids]", "in": "query", "description": "Filter systems by their SAP SIDs", "style": "form", @@ -1085,11 +1095,16 @@ } }, { - "name": "filter[group_name][in]", + "name": "filter[group_name]", "in": "query", "description": "Filter systems by inventory groups", + "style": "form", + "explode": true, "schema": { - "type": "string" + "type": "array", + "items": { + "type": "string" + } } }, { @@ -1101,7 +1116,7 @@ } }, { - "name": "filter[system_profile][sap_sids][in]", + "name": "filter[system_profile][sap_sids]", "in": "query", "description": "Filter systems by their SAP SIDs", "style": "form", @@ -1382,11 +1397,16 @@ } }, { - "name": "filter[group_name][in]", + "name": "filter[group_name]", "in": "query", "description": "Filter systems by inventory groups", + "style": "form", + "explode": true, "schema": { - "type": "string" + "type": "array", + "items": { + "type": "string" + } } }, { @@ -1398,7 +1418,7 @@ } }, { - "name": "filter[system_profile][sap_sids][in]", + "name": "filter[system_profile][sap_sids]", "in": "query", "description": "Filter systems by their SAP SIDs", "style": "form", @@ -1607,11 +1627,16 @@ } }, { - "name": "filter[group_name][in]", + "name": "filter[group_name]", "in": "query", "description": "Filter systems by inventory groups", + "style": "form", + "explode": true, "schema": { - "type": "string" + "type": "array", + "items": { + "type": "string" + } } }, { @@ -1623,7 +1648,7 @@ } }, { - "name": "filter[system_profile][sap_sids][in]", + "name": "filter[system_profile][sap_sids]", "in": "query", "description": "Filter systems by their SAP SIDs", "style": "form", @@ -1895,11 +1920,16 @@ } }, { - "name": "filter[group_name][in]", + "name": "filter[group_name]", "in": "query", "description": "Filter systems by inventory groups", + "style": "form", + "explode": true, "schema": { - "type": "string" + "type": "array", + "items": { + "type": "string" + } } }, { @@ -1911,7 +1941,7 @@ } }, { - "name": "filter[system_profile][sap_sids][in]", + "name": "filter[system_profile][sap_sids]", "in": "query", "description": "Filter systems by their SAP SIDs", "style": "form", @@ -2118,11 +2148,16 @@ } }, { - "name": "filter[group_name][in]", + "name": "filter[group_name]", "in": "query", "description": "Filter systems by inventory groups", + "style": "form", + "explode": true, "schema": { - "type": "string" + "type": "array", + "items": { + "type": "string" + } } }, { @@ -2134,7 +2169,7 @@ } }, { - "name": "filter[system_profile][sap_sids][in]", + "name": "filter[system_profile][sap_sids]", "in": "query", "description": "Filter systems by their SAP SIDs", "style": "form", @@ -2696,11 +2731,16 @@ } }, { - "name": "filter[group_name][in]", + "name": "filter[group_name]", "in": "query", "description": "Filter systems by inventory groups", + "style": "form", + "explode": true, "schema": { - "type": "string" + "type": "array", + "items": { + "type": "string" + } } }, { @@ -2712,7 +2752,7 @@ } }, { - "name": "filter[system_profile][sap_sids][in]", + "name": "filter[system_profile][sap_sids]", "in": "query", "description": "Filter systems by their SAP SIDs", "style": "form", @@ -3022,11 +3062,16 @@ } }, { - "name": "filter[group_name][in]", + "name": "filter[group_name]", "in": "query", "description": "Filter systems by inventory groups", + "style": "form", + "explode": true, "schema": { - "type": "string" + "type": "array", + "items": { + "type": "string" + } } }, { @@ -3038,7 +3083,7 @@ } }, { - "name": "filter[system_profile][sap_sids][in]", + "name": "filter[system_profile][sap_sids]", "in": "query", "description": "Filter systems by their SAP SIDs", "style": "form", @@ -3317,11 +3362,16 @@ } }, { - "name": "filter[group_name][in]", + "name": "filter[group_name]", "in": "query", "description": "Filter systems by inventory groups", + "style": "form", + "explode": true, "schema": { - "type": "string" + "type": "array", + "items": { + "type": "string" + } } }, { @@ -3333,7 +3383,7 @@ } }, { - "name": "filter[system_profile][sap_sids][in]", + "name": "filter[system_profile][sap_sids]", "in": "query", "description": "Filter systems by their SAP SIDs", "style": "form", @@ -3611,11 +3661,16 @@ } }, { - "name": "filter[group_name][in]", + "name": "filter[group_name]", "in": "query", "description": "Filter systems by inventory groups", + "style": "form", + "explode": true, "schema": { - "type": "string" + "type": "array", + "items": { + "type": "string" + } } }, { @@ -3627,7 +3682,7 @@ } }, { - "name": "filter[system_profile][sap_sids][in]", + "name": "filter[system_profile][sap_sids]", "in": "query", "description": "Filter systems by their SAP SIDs", "style": "form", @@ -3970,11 +4025,16 @@ } }, { - "name": "filter[group_name][in]", + "name": "filter[group_name]", "in": "query", "description": "Filter systems by inventory groups", + "style": "form", + "explode": true, "schema": { - "type": "string" + "type": "array", + "items": { + "type": "string" + } } }, { @@ -3986,7 +4046,7 @@ } }, { - "name": "filter[system_profile][sap_sids][in]", + "name": "filter[system_profile][sap_sids]", "in": "query", "description": "Filter systems by their SAP SIDs", "style": "form", @@ -4190,11 +4250,16 @@ } }, { - "name": "filter[group_name][in]", + "name": "filter[group_name]", "in": "query", "description": "Filter systems by inventory groups", + "style": "form", + "explode": true, "schema": { - "type": "string" + "type": "array", + "items": { + "type": "string" + } } }, { @@ -4206,7 +4271,7 @@ } }, { - "name": "filter[system_profile][sap_sids][in]", + "name": "filter[system_profile][sap_sids]", "in": "query", "description": "Filter systems by their SAP SIDs", "style": "form", @@ -4573,11 +4638,16 @@ } }, { - "name": "filter[group_name][in]", + "name": "filter[group_name]", "in": "query", "description": "Filter systems by inventory groups", + "style": "form", + "explode": true, "schema": { - "type": "string" + "type": "array", + "items": { + "type": "string" + } } }, { @@ -4589,7 +4659,7 @@ } }, { - "name": "filter[system_profile][sap_sids][in]", + "name": "filter[system_profile][sap_sids]", "in": "query", "description": "Filter systems by their SAP SIDs", "style": "form", diff --git a/manager/controllers/advisories.go b/manager/controllers/advisories.go index f70b53cda..74979558b 100644 --- a/manager/controllers/advisories.go +++ b/manager/controllers/advisories.go @@ -172,9 +172,9 @@ func advisoriesCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error) { // @Param filter[installable_systems] query string false "Filter" // @Param filter[applicable_systems] query string false "Filter" // @Param tags query []string false "Tag filter" -// @Param filter[group_name][in] query string false "Filter systems by inventory groups" +// @Param filter[group_name] query []string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" -// @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" +// @Param filter[system_profile][sap_sids] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" // @Param filter[system_profile][ansible][controller_version] query string false "Filter systems by ansible version" // @Param filter[system_profile][mssql] query string false "Filter systems by mssql version" @@ -240,9 +240,9 @@ func AdvisoriesListHandler(c *gin.Context) { // @Param filter[installable_systems] query string false "Filter" // @Param filter[applicable_systems] query string false "Filter" // @Param tags query []string false "Tag filter" -// @Param filter[group_name][in] query string false "Filter systems by inventory groups" +// @Param filter[group_name] query []string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" -// @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" +// @Param filter[system_profile][sap_sids] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" // @Param filter[system_profile][ansible][controller_version] query string false "Filter systems by ansible version" // @Param filter[system_profile][mssql] query string false "Filter systems by mssql version" diff --git a/manager/controllers/advisory_systems.go b/manager/controllers/advisory_systems.go index d40f752f6..31c5f366c 100644 --- a/manager/controllers/advisory_systems.go +++ b/manager/controllers/advisory_systems.go @@ -91,9 +91,9 @@ func advisorySystemsCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error // @Param filter[template] query string false "Filter" // @Param filter[os] query string false "Filter OS version" // @Param tags query []string false "Tag filter" -// @Param filter[group_name][in] query string false "Filter systems by inventory groups" +// @Param filter[group_name] query []string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" -// @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" +// @Param filter[system_profile][sap_sids] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" // @Param filter[system_profile][ansible][controller_version] query string false "Filter systems by ansible version" // @Param filter[system_profile][mssql] query string false "Filter systems by mssql version" @@ -171,9 +171,9 @@ func advisorySystemsListHandler(c *gin.Context) { // @Param filter[osmajor] query string false "Filter" // @Param filter[os] query string false "Filter OS version" // @Param tags query []string false "Tag filter" -// @Param filter[group_name][in] query string false "Filter systems by inventory groups" +// @Param filter[group_name] query []string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" -// @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" +// @Param filter[system_profile][sap_sids] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" // @Param filter[system_profile][ansible][controller_version] query string false "Filter systems by ansible version" // @Param filter[system_profile][mssql] query string false "Filter systems by mssql version" diff --git a/manager/controllers/advisory_systems_export.go b/manager/controllers/advisory_systems_export.go index 8a029bf35..a39b3ffad 100644 --- a/manager/controllers/advisory_systems_export.go +++ b/manager/controllers/advisory_systems_export.go @@ -22,9 +22,9 @@ import ( // @Param filter[id] query string false "Filter" // @Param filter[display_name] query string false "Filter" // @Param filter[stale] query string false "Filter" -// @Param filter[group_name][in] query string false "Filter systems by inventory groups" +// @Param filter[group_name] query []string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" -// @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" +// @Param filter[system_profile][sap_sids] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" // @Param filter[system_profile][ansible][controller_version] query string false "Filter systems by ansible version" // @Param filter[system_profile][mssql] query string false "Filter systems by mssql version" diff --git a/manager/controllers/baseline_systems.go b/manager/controllers/baseline_systems.go index d9841772c..21e7ac4a2 100644 --- a/manager/controllers/baseline_systems.go +++ b/manager/controllers/baseline_systems.go @@ -152,9 +152,9 @@ func baselineSystemsCommon(c *gin.Context, account, apiver int, groups map[strin // @Param filter[display_name] query string false "Filter" // @Param filter[os] query string false "Filter" // @Param tags query []string false "Tag filter" -// @Param filter[group_name][in] query string false "Filter systems by inventory groups" +// @Param filter[group_name] query []string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" -// @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" +// @Param filter[system_profile][sap_sids] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" // @Param filter[system_profile][ansible][controller_version] query string false "Filter systems by ansible version" // @Param filter[system_profile][mssql] query string false "Filter systems by mssql version" diff --git a/manager/controllers/baseline_systems_export.go b/manager/controllers/baseline_systems_export.go index a1317020e..a5eee0ff3 100644 --- a/manager/controllers/baseline_systems_export.go +++ b/manager/controllers/baseline_systems_export.go @@ -19,9 +19,9 @@ import ( // @Param filter[display_name] query string false "Filter" // @Param filter[os] query string false "Filter" // @Param tags query []string false "Tag filter" -// @Param filter[group_name][in] query string false "Filter systems by inventory groups" +// @Param filter[group_name] query []string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" -// @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" +// @Param filter[system_profile][sap_sids] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" // @Param filter[system_profile][ansible][controller_version] query string false "Filter systems by ansible version" // @Param filter[system_profile][mssql] query string false "Filter systems by mssql version" diff --git a/manager/controllers/baseline_systems_export_test.go b/manager/controllers/baseline_systems_export_test.go index 04939323f..58a568567 100644 --- a/manager/controllers/baseline_systems_export_test.go +++ b/manager/controllers/baseline_systems_export_test.go @@ -112,7 +112,7 @@ func TestBaselineSystemsExportWorkloads(t *testing.T) { core.SetupTest(t) w := CreateRequestRouterWithPath( "GET", - "/1/systems?filter[system_profile][sap_system]=true&filter[system_profile][sap_sids][in][]=ABC", + "/1/systems?filter[system_profile][sap_system]=true&filter[system_profile][sap_sids]=ABC", nil, "application/json", BaselineSystemsExportHandler, diff --git a/manager/controllers/package_systems.go b/manager/controllers/package_systems.go index 87f3710e5..547fadc7f 100644 --- a/manager/controllers/package_systems.go +++ b/manager/controllers/package_systems.go @@ -126,9 +126,9 @@ func packageSystemsCommon(db *gorm.DB, c *gin.Context) (*gorm.DB, *ListMeta, []s // @Param offset query int false "Offset for paging" // @Param package_name path string true "Package name" // @Param tags query []string false "Tag filter" -// @Param filter[group_name][in] query string false "Filter systems by inventory groups" +// @Param filter[group_name] query []string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" -// @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" +// @Param filter[system_profile][sap_sids] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" // @Param filter[system_profile][ansible][controller_version] query string false "Filter systems by ansible version" // @Param filter[system_profile][mssql] query string false "Filter systems by mssql version" @@ -191,9 +191,9 @@ func PackageSystemsListHandler(c *gin.Context) { // @Param offset query int false "Offset for paging" // @Param package_name path string true "Package name" // @Param tags query []string false "Tag filter" -// @Param filter[group_name][in] query string false "Filter systems by inventory groups" +// @Param filter[group_name] query []string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" -// @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" +// @Param filter[system_profile][sap_sids] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" // @Param filter[system_profile][ansible][controller_version] query string false "Filter systems by ansible version" // @Param filter[system_profile][mssql] query string false "Filter systems by mssql version" diff --git a/manager/controllers/package_systems_export.go b/manager/controllers/package_systems_export.go index 3a276797b..1896750b7 100644 --- a/manager/controllers/package_systems_export.go +++ b/manager/controllers/package_systems_export.go @@ -16,9 +16,9 @@ import ( // @Accept json // @Produce json // @Param package_name path string true "Package name" -// @Param filter[group_name][in] query string false "Filter systems by inventory groups" +// @Param filter[group_name] query []string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" -// @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" +// @Param filter[system_profile][sap_sids] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" // @Param filter[system_profile][ansible][controller_version] query string false "Filter systems by ansible version" // @Param filter[system_profile][mssql] query string false "Filter systems by mssql version" diff --git a/manager/controllers/packages.go b/manager/controllers/packages.go index e6221f6a3..aa44e6860 100644 --- a/manager/controllers/packages.go +++ b/manager/controllers/packages.go @@ -132,9 +132,9 @@ func packagesQuery(db *gorm.DB, filters map[string]FilterData, acc int, groups m // @Param filter[systems_applicable] query string false "Filter" // @Param filter[summary] query string false "Filter" // @Param tags query []string false "Tag filter" -// @Param filter[group_name][in] query string false "Filter systems by inventory groups" +// @Param filter[group_name] query []string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" -// @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" +// @Param filter[system_profile][sap_sids] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" // @Param filter[system_profile][ansible][controller_version] query string false "Filter systems by ansible version" // @Param filter[system_profile][mssql] query string false "Filter systems by mssql version" diff --git a/manager/controllers/systems.go b/manager/controllers/systems.go index 3dbf25d21..ab9c53b5d 100644 --- a/manager/controllers/systems.go +++ b/manager/controllers/systems.go @@ -209,9 +209,9 @@ func systemsCommon(c *gin.Context, apiver int) (*gorm.DB, *ListMeta, []string, e // @Param filter[baseline_name] query string false "Filter" // @Param filter[os] query string false "Filter OS version" // @Param tags query []string false "Tag filter" -// @Param filter[group_name][in] query string false "Filter systems by inventory groups" +// @Param filter[group_name] query []string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" -// @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" +// @Param filter[system_profile][sap_sids] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" // @Param filter[system_profile][ansible][controller_version] query string false "Filter systems by ansible version" // @Param filter[system_profile][mssql] query string false "Filter systems by mssql version" @@ -285,9 +285,9 @@ func SystemsListHandler(c *gin.Context) { // @Param filter[baseline_name] query string false "Filter" // @Param filter[os] query string false "Filter OS version" // @Param tags query []string false "Tag filter" -// @Param filter[group_name][in] query string false "Filter systems by inventory groups" +// @Param filter[group_name] query []string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" -// @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" +// @Param filter[system_profile][sap_sids] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" // @Param filter[system_profile][ansible][controller_version] query string false "Filter systems by ansible version" // @Param filter[system_profile][mssql] query string false "Filter systems by mssql version" diff --git a/manager/controllers/systems_export.go b/manager/controllers/systems_export.go index ce91521ef..98b16fee1 100644 --- a/manager/controllers/systems_export.go +++ b/manager/controllers/systems_export.go @@ -22,9 +22,9 @@ import ( // @Param filter[other_count] query string false "Filter" // @Param filter[stale] query string false "Filter" // @Param filter[packages_installed] query string false "Filter" -// @Param filter[group_name][in] query string false "Filter systems by inventory groups" +// @Param filter[group_name] query []string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" -// @Param filter[system_profile][sap_sids][in] query []string false "Filter systems by their SAP SIDs" +// @Param filter[system_profile][sap_sids] query []string false "Filter systems by their SAP SIDs" // @Param filter[system_profile][ansible] query string false "Filter systems by ansible" // @Param filter[system_profile][ansible][controller_version] query string false "Filter systems by ansible version" // @Param filter[system_profile][mssql] query string false "Filter systems by mssql version" diff --git a/manager/controllers/systems_export_test.go b/manager/controllers/systems_export_test.go index 98e873526..6cd2bdfcb 100644 --- a/manager/controllers/systems_export_test.go +++ b/manager/controllers/systems_export_test.go @@ -101,7 +101,7 @@ func TestExportSystemsTagsInvalid(t *testing.T) { func TestSystemsExportWorkloads(t *testing.T) { w := makeRequest( t, - "/?filter[system_profile][sap_system]=true&filter[system_profile][sap_sids][in][]=ABC", + "/?filter[system_profile][sap_system]=true&filter[system_profile][sap_sids]=ABC", "application/json", ) diff --git a/manager/controllers/systems_ids_test.go b/manager/controllers/systems_ids_test.go index a8db8e8b2..bf5198dfc 100644 --- a/manager/controllers/systems_ids_test.go +++ b/manager/controllers/systems_ids_test.go @@ -74,7 +74,7 @@ func TestSystemsIDsTagsInvalid(t *testing.T) { } func TestSystemsIDsWorkloads1(t *testing.T) { - url := "/?filter[system_profile][sap_system]=true&filter[system_profile][sap_sids][in][]=ABC" + url := "/?filter[system_profile][sap_system]=true&filter[system_profile][sap_sids]=ABC" output := testSystemsIDs(t, url, 1) assert.Equal(t, 2, len(output.IDs)) assert.Equal(t, "00000000-0000-0000-0000-000000000001", output.IDs[0]) diff --git a/manager/controllers/systems_test.go b/manager/controllers/systems_test.go index 00a80ebfc..eee80ead8 100644 --- a/manager/controllers/systems_test.go +++ b/manager/controllers/systems_test.go @@ -10,7 +10,7 @@ import ( "github.com/stretchr/testify/assert" ) -const sapABCFilter = "/?filter[system_profile][sap_system]=true&filter[system_profile][sap_sids][]=ABC" +const sapABCFilter = "/?filter[system_profile][sap_system]=true&filter[system_profile][sap_sids]=ABC" func TestSystemsDefault(t *testing.T) { output := testSystems(t, `/`, 1) @@ -113,7 +113,7 @@ func TestSystemsTagsInvalid(t *testing.T) { } func TestSystemsWorkloads1(t *testing.T) { - url := "/?filter[system_profile][sap_system]=true&filter[system_profile][sap_sids][in][]=ABC" + url := "/?filter[system_profile][sap_system]=true&filter[system_profile][sap_sids]=ABC" output := testSystems(t, url, 1) assert.Equal(t, 2, len(output.Data)) assert.Equal(t, "00000000-0000-0000-0000-000000000001", output.Data[0].ID) @@ -231,7 +231,7 @@ func TestSystemsTagsInMetadata(t *testing.T) { } func TestSAPSystemMeta1(t *testing.T) { - url := "/?filter[system_profile][sap_sids][]=ABC" + url := "/?filter[system_profile][sap_sids]=ABC" output := testSystems(t, url, 1) testMap := map[string]FilterData{ "sap_sids": {"eq", []string{"ABC"}}, @@ -241,7 +241,7 @@ func TestSAPSystemMeta1(t *testing.T) { } func TestSAPSystemMeta2(t *testing.T) { - url := "/?filter[system_profile][sap_sids][in][]=ABC" + url := "/?filter[system_profile][sap_sids]=ABC" output := testSystems(t, url, 1) testMap := map[string]FilterData{ "sap_sids": {"eq", []string{"ABC"}}, @@ -262,7 +262,7 @@ func TestSAPSystemMeta3(t *testing.T) { } func TestSAPSystemMeta4(t *testing.T) { - url := "/?filter[system_profile][sap_sids][in]=ABC&filter[system_profile][sap_sids][in]=GHI" + url := "/?filter[system_profile][sap_sids]=ABC&filter[system_profile][sap_sids]=GHI" output := testSystems(t, url, 1) testMap := map[string]FilterData{ "sap_sids": {"eq", []string{"GHI", "ABC"}}, diff --git a/manager/controllers/utils.go b/manager/controllers/utils.go index a09dd43e9..d71da1b5b 100644 --- a/manager/controllers/utils.go +++ b/manager/controllers/utils.go @@ -103,11 +103,13 @@ func ApplySort(c *gin.Context, tx *gorm.DB, fieldExprs database.AttrMap, type NestedFilterMap map[string]string var nestedFilters = NestedFilterMap{ - "group_name][in": "group_name", + "group_name": "group_name", + "group_name][in": "group_name", // obsoleted, backward compatible "system_profile][sap_system": "sap_system", - "system_profile][sap_sids][": "sap_sids", - "system_profile][sap_sids][in": "sap_sids", - "system_profile][sap_sids][in][": "sap_sids", + "system_profile][sap_sids": "sap_sids", + "system_profile][sap_sids][": "sap_sids", // obsoleted, backward compatible + "system_profile][sap_sids][in": "sap_sids", // obsoleted, backward compatible + "system_profile][sap_sids][in][": "sap_sids", // obsoleted, backward compatible "system_profile][ansible": "ansible", "system_profile][ansible][controller_version": "ansible->controller_version", "system_profile][mssql": "mssql", diff --git a/manager/controllers/utils_test.go b/manager/controllers/utils_test.go index 00a06fad6..cd5254bd5 100644 --- a/manager/controllers/utils_test.go +++ b/manager/controllers/utils_test.go @@ -17,7 +17,7 @@ func TestGroupNameFilter(t *testing.T) { database.Configure() c, _ := gin.CreateTestContext(httptest.NewRecorder()) - c.Request, _ = http.NewRequest("GET", "/?filter[group_name][in]=group2", nil) + c.Request, _ = http.NewRequest("GET", "/?filter[group_name]=group2", nil) _, inventoryFilters, err := ParseInventoryFilters(c, ListOpts{}) assert.Nil(t, err) @@ -40,7 +40,7 @@ func TestGroupNameFilter2(t *testing.T) { database.Configure() c, _ := gin.CreateTestContext(httptest.NewRecorder()) - c.Request, _ = http.NewRequest("GET", "/?filter[group_name][in]=group1,group2", nil) + c.Request, _ = http.NewRequest("GET", "/?filter[group_name]=group1,group2", nil) _, inventoryFilters, err := ParseInventoryFilters(c, ListOpts{}) assert.Nil(t, err) From 34d3ec7f82e4476aeb1aede602bda1a490d467fd Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Tue, 25 Jul 2023 13:28:12 +0200 Subject: [PATCH 186/268] ESSNTL-4817: send valid json to sql --- conf/local.env | 1 + conf/test.env | 1 - manager/controllers/systems_test.go | 31 +++++++++++++++++++++++++++++ manager/controllers/utils.go | 23 +++++++-------------- 4 files changed, 39 insertions(+), 17 deletions(-) diff --git a/conf/local.env b/conf/local.env index bf34084df..6ac69592d 100644 --- a/conf/local.env +++ b/conf/local.env @@ -1,5 +1,6 @@ GIN_MODE=release LOG_LEVEL=DEBUG +DB_DEBUG=true USE_TESTING_DB=1 ACG_CONFIG=./conf/cdappconfig.json diff --git a/conf/test.env b/conf/test.env index ce271028d..ab3ed1feb 100644 --- a/conf/test.env +++ b/conf/test.env @@ -1,6 +1,5 @@ GIN_MODE=release LOG_LEVEL=DEBUG -DB_DEBUG=true USE_TESTING_DB=1 diff --git a/manager/controllers/systems_test.go b/manager/controllers/systems_test.go index eee80ead8..d93ab8048 100644 --- a/manager/controllers/systems_test.go +++ b/manager/controllers/systems_test.go @@ -112,6 +112,26 @@ func TestSystemsTagsInvalid(t *testing.T) { assert.Equal(t, fmt.Sprintf(InvalidTagMsg, "invalidTag"), errResp.Error) } +func TestSystemsTagsEscaping1(t *testing.T) { + output := testSystems(t, `/?tags=ns1/k3=val4&tags="ns/key=quote"`, 1) + assert.Equal(t, 0, len(output.Data)) +} + +func TestSystemsTagsEscaping2(t *testing.T) { + output := testSystems(t, `/?tags=ns1/k3=val4&tags='ns/key=singlequote'`, 1) + assert.Equal(t, 0, len(output.Data)) +} + +func TestSystemsTagsEscaping3(t *testing.T) { + output := testSystems(t, `/?tags=ns1/k3=val4&tags='ns/key=inside""quote'`, 1) + assert.Equal(t, 0, len(output.Data)) +} + +func TestSystemsTagsEscaping4(t *testing.T) { + output := testSystems(t, `/?tags=ns1/k3=val4&tags=ne/key="{{malformed json}}"`, 1) + assert.Equal(t, 0, len(output.Data)) +} + func TestSystemsWorkloads1(t *testing.T) { url := "/?filter[system_profile][sap_system]=true&filter[system_profile][sap_sids]=ABC" output := testSystems(t, url, 1) @@ -131,6 +151,17 @@ func TestSystemsWorkloads3(t *testing.T) { assert.Equal(t, 0, len(output.Data)) } +func TestSystemsWorkloadEscaping1(t *testing.T) { + url := "/?filter[system_profile][sap_sids]='singlequote'" + output := testSystems(t, url, 1) + assert.Equal(t, 0, len(output.Data)) +} + +func TestSystemsWorkloadEscaping2(t *testing.T) { + url := `/?filter[system_profile][sap_sids]="{{malformed json}}"` + output := testSystems(t, url, 1) + assert.Equal(t, 0, len(output.Data)) +} func TestSystemsPackagesCount(t *testing.T) { output := testSystems(t, "/?sort=-packages_installed,id", 3) assert.Equal(t, 5, len(output.Data)) diff --git a/manager/controllers/utils.go b/manager/controllers/utils.go index d71da1b5b..8b8efff32 100644 --- a/manager/controllers/utils.go +++ b/manager/controllers/utils.go @@ -286,9 +286,9 @@ func ApplySearch(c *gin.Context, tx *gorm.DB, searchColumns ...string) (*gorm.DB } type Tag struct { - Namespace *string - Key string - Value *string + Namespace *string `json:"namespace,omitempty"` + Key string `json:"key"` + Value *string `json:"value,omitempty"` } func HasInventoryFilter(filters Filters) bool { @@ -338,18 +338,8 @@ func (t *Tag) ApplyTag(tx *gorm.DB) *gorm.DB { return tx } - ns := "" - if t.Namespace != nil { - ns = fmt.Sprintf(`"namespace": "%s",`, *t.Namespace) - } - - v := "" - if t.Value != nil { - v = fmt.Sprintf(`, "value":"%s"`, *t.Value) - } - - query := fmt.Sprintf(`[{%s "key": "%s" %s}]`, ns, t.Key, v) - return tx.Where("ih.tags @> ?::jsonb", query) + tagStr, _ := json.Marshal([]Tag{*t}) + return tx.Where("ih.tags @> ?::jsonb", tagStr) } func ParseInventoryFilters(c *gin.Context, opts ListOpts) (Filters, Filters, error) { @@ -472,7 +462,8 @@ func buildSystemProfileQuery(tx *gorm.DB, key string, values []string) *gorm.DB switch key { case "sap_sids": cmp = "::jsonb @> ?::jsonb" - val = fmt.Sprintf(`["%s"]`, strings.Join(values, `","`)) + bval, _ := json.Marshal(values) + val = string(bval) default: cmp = "::text = ?" val = values[0] From 3e79cc3e4a3d37020c0cc7f947f056d2bf4d2eaf Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Fri, 28 Jul 2023 14:52:25 +0000 Subject: [PATCH 187/268] v3.4.10 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 7fb4c6aaa..f3e54e5bd 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.9 +v3.4.10 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 7d35b5be5..2a944a184 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -551,7 +551,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.9} +- {name: IMAGE_TAG_MANAGER, value: v3.4.10} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -575,7 +575,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.9} +- {name: IMAGE_TAG_LISTENER, value: v3.4.10} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -596,7 +596,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.9} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.10} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -621,7 +621,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.9} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.10} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -644,7 +644,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.9} +- {name: IMAGE_TAG_JOBS, value: v3.4.10} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -689,7 +689,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.9} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.10} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -720,7 +720,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.9} +- {name: IMAGE_TAG_ADMIN, value: v3.4.10} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index ddca31ee3..cfef03baa 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.9" + "version": "v3.4.10" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 0c1da90a1..64d398b65 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.9" + "version": "v3.4.10" }, "servers": [ { From 716506bc187c77d52953a9bb82aa5d8f829b2de4 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 31 Jul 2023 16:13:18 +0200 Subject: [PATCH 188/268] SPM-2163: fix cache invalidation after upload --- evaluator/evaluate.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/evaluator/evaluate.go b/evaluator/evaluate.go index a76330a6b..12919f328 100644 --- a/evaluator/evaluate.go +++ b/evaluator/evaluate.go @@ -581,7 +581,8 @@ func parseVmaasJSON(system *models.SystemPlatform) (vmaas.UpdatesV3Request, erro func invalidateCaches(orgID string) error { err := database.Db.Model(models.RhAccount{}). Where("org_id = ?", orgID). - Updates(models.RhAccount{ValidPackageCache: false, ValidAdvisoryCache: false}). + // use map because struct updates only non-zero values and we need to update it to `false` + Updates(map[string]interface{}{"valid_package_cache": false, "valid_advisory_cache": false}). Error return err } From 472d60db255546e85af852a8c488216498192591 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Tue, 1 Aug 2023 07:47:40 +0000 Subject: [PATCH 189/268] v3.4.11 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index f3e54e5bd..2aa78a23d 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.10 +v3.4.11 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 2a944a184..c657e80ff 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -551,7 +551,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.10} +- {name: IMAGE_TAG_MANAGER, value: v3.4.11} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -575,7 +575,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.10} +- {name: IMAGE_TAG_LISTENER, value: v3.4.11} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -596,7 +596,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.10} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.11} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -621,7 +621,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.10} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.11} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -644,7 +644,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.10} +- {name: IMAGE_TAG_JOBS, value: v3.4.11} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -689,7 +689,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.10} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.11} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -720,7 +720,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.10} +- {name: IMAGE_TAG_ADMIN, value: v3.4.11} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index cfef03baa..af5bea2be 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.10" + "version": "v3.4.11" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 64d398b65..8169c51ce 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.10" + "version": "v3.4.11" }, "servers": [ { From 9a22132789f56afa14c80501f80293ab3b25c6cb Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Thu, 27 Jul 2023 16:16:38 +0200 Subject: [PATCH 190/268] RHINENG-1363: return only latest installable / applicable version of the package --- base/models/models.go | 2 +- docs/v3/openapi.json | 3 --- manager/controllers/system_packages.go | 10 +++++++--- manager/controllers/system_packages_export.go | 19 ++++++++++++------- 4 files changed, 20 insertions(+), 14 deletions(-) diff --git a/base/models/models.go b/base/models/models.go index da9b9fab3..145dde8af 100644 --- a/base/models/models.go +++ b/base/models/models.go @@ -126,7 +126,7 @@ func (SystemPackage) TableName() string { type PackageUpdate struct { EVRA string `json:"evra"` - Advisory string `json:"advisory"` + Advisory string `json:"-"` // don't show it in API, we can probably remove it completely later Status string `json:"status"` } diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 8169c51ce..9f8e762e5 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -7116,9 +7116,6 @@ "models.PackageUpdate": { "type": "object", "properties": { - "advisory": { - "type": "string" - }, "evra": { "type": "string" }, diff --git a/manager/controllers/system_packages.go b/manager/controllers/system_packages.go index dda79ca10..0128ae1d9 100644 --- a/manager/controllers/system_packages.go +++ b/manager/controllers/system_packages.go @@ -5,7 +5,6 @@ import ( "app/base/models" "app/base/utils" "app/manager/middlewares" - "encoding/json" "errors" "net/http" @@ -177,8 +176,13 @@ func buildSystemPackageData(loaded []SystemPackageDBLoad) (int, []SystemPackageD if sp.Updates == nil { continue } - if err := json.Unmarshal(sp.Updates, &data[i].Updates); err != nil { - panic(err) + // keep only latest installable and applicable + installable, applicable := findLatestEVRA(sp) + if installable.EVRA != sp.EVRA { + data[i].Updates = append(data[i].Updates, installable) + } + if applicable.EVRA != sp.EVRA { + data[i].Updates = append(data[i].Updates, applicable) } } return total, data diff --git a/manager/controllers/system_packages_export.go b/manager/controllers/system_packages_export.go index 247b17ce1..6e15fa8b8 100644 --- a/manager/controllers/system_packages_export.go +++ b/manager/controllers/system_packages_export.go @@ -87,9 +87,11 @@ func SystemPackagesExportHandler(c *gin.Context) { OutputExportData(c, data) } -func findLatestEVRA(pkg SystemPackageDBLoad) (installable string, applicable string) { - installable = pkg.SystemPackagesAttrsV3.EVRA - applicable = pkg.SystemPackagesAttrsV3.EVRA +func findLatestEVRA(pkg SystemPackageDBLoad) (installable models.PackageUpdate, applicable models.PackageUpdate) { + installable = models.PackageUpdate{ + EVRA: pkg.EVRA, + } + applicable = installable if pkg.Updates == nil { return } @@ -99,10 +101,10 @@ func findLatestEVRA(pkg SystemPackageDBLoad) (installable string, applicable str } nUpdates := len(updates) if nUpdates > 0 { - applicable = updates[nUpdates-1].EVRA + applicable = updates[nUpdates-1] for i := nUpdates - 1; i >= 0; i-- { if updates[i].Status == "Installable" { - installable = updates[i].EVRA + installable = updates[i] break } } @@ -114,7 +116,8 @@ func buildSystemPackageInlineV2(pkgs []SystemPackageDBLoad) []SystemPackageInlin data := make([]SystemPackageInlineV2, len(pkgs)) for i, v := range pkgs { data[i].SystemPackagesAttrsCommon = v.SystemPackagesAttrsCommon - data[i].LatestEVRA, _ = findLatestEVRA(v) + installable, _ := findLatestEVRA(v) + data[i].LatestEVRA = installable.EVRA } return data } @@ -123,7 +126,9 @@ func buildSystemPackageInlineV3(pkgs []SystemPackageDBLoad) []SystemPackageInlin data := make([]SystemPackageInlineV3, len(pkgs)) for i, v := range pkgs { data[i].SystemPackagesAttrsV3 = v.SystemPackagesAttrsV3 - data[i].LatestInstallable, data[i].LatestApplicable = findLatestEVRA(v) + latestInstallable, latestApplicable := findLatestEVRA(v) + data[i].LatestInstallable = latestInstallable.EVRA + data[i].LatestApplicable = latestApplicable.EVRA } return data } From 64dbbfc0287aac9bfb26bbcf0ba980122eb5bb26 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Fri, 28 Jul 2023 10:14:13 +0200 Subject: [PATCH 191/268] RHINENG-1363: more developer script to check APIs --- dev/scripts/advisory_systems.sh | 6 ++++++ dev/scripts/kafka-send-message.sh | 6 ++++++ dev/scripts/system_packages.sh | 6 ++++++ 3 files changed, 18 insertions(+) create mode 100755 dev/scripts/advisory_systems.sh create mode 100755 dev/scripts/kafka-send-message.sh create mode 100755 dev/scripts/system_packages.sh diff --git a/dev/scripts/advisory_systems.sh b/dev/scripts/advisory_systems.sh new file mode 100755 index 000000000..778b345c0 --- /dev/null +++ b/dev/scripts/advisory_systems.sh @@ -0,0 +1,6 @@ +#!/bin/bash + +IDENTITY="$($(dirname "$0")/identity.sh)" +ADVISORY=${1:-RH-1} + +curl -v -H "x-rh-identity: $IDENTITY" http://localhost:8080/api/patch/v1/advisories/$ADVISORY/systems | python3 -m json.tool diff --git a/dev/scripts/kafka-send-message.sh b/dev/scripts/kafka-send-message.sh new file mode 100755 index 000000000..429ec64a2 --- /dev/null +++ b/dev/scripts/kafka-send-message.sh @@ -0,0 +1,6 @@ +#!/bin/sh + +# send message from stdin to kafka topic + +TOPIC=${1:-platform.inventory.events} +podman exec -i kafka sh -c " tr '\n' ' ' | kafka-console-producer --topic $TOPIC --broker-list localhost:9092 " diff --git a/dev/scripts/system_packages.sh b/dev/scripts/system_packages.sh new file mode 100755 index 000000000..111157451 --- /dev/null +++ b/dev/scripts/system_packages.sh @@ -0,0 +1,6 @@ +#!/bin/bash + +IDENTITY="$($(dirname "$0")/identity.sh)" +UUID=${1:-00000000-0000-0000-0000-000000000002} + +curl -v -H "x-rh-identity: $IDENTITY" http://localhost:8080/api/patch/v2/systems/$UUID/packages | python3 -m json.tool From 1790976fadceacb3c3e7e39dcb61ee0634adef43 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Fri, 28 Jul 2023 16:28:08 +0200 Subject: [PATCH 192/268] RHINENG-1363: fix test data --- dev/test_data.sql | 10 +++++----- manager/controllers/system_packages_export_test.go | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/dev/test_data.sql b/dev/test_data.sql index c47b49db6..f4c6786f0 100644 --- a/dev/test_data.sql +++ b/dev/test_data.sql @@ -142,7 +142,7 @@ INSERT INTO strings(id, value) VALUES INSERT INTO package(id, name_id, evra, description_hash, summary_hash, advisory_id, synced) VALUES (1, 101, '5.6.13-200.fc31.x86_64', '11', '1', 1, true), -- kernel (2, 102, '76.0.1-1.fc31.x86_64', '22', '2', 1, true), -- firefox -(3, 103, '4.4.19-8.el8_0.x86_64', '33', '3', 3, true), -- bas +(3, 103, '4.4.19-8.el8_0.x86_64', '33', '3', 3, true), -- bash (4, 104, '7.61.1-8.el8.x86_64', '44', '4', 4, true), -- curl (5, 105, '1.30-4.el8.x86_64', '55', '5', 5, true), -- tar (6, 106, '239-13.el8_0.5.x86_64', '66', '6', 6, true), -- systemd @@ -154,13 +154,13 @@ INSERT INTO package(id, name_id, evra, description_hash, summary_hash, advisory_ (12, 102, '76.0.1-2.fc31.x86_64', '22', '2', null, true); -- firefox INSERT INTO system_package (rh_account_id, system_id, package_id, name_id, update_data) VALUES -(3, 12, 1, 101, '[{"evra": "5.10.13-200.fc31.x86_64", "advisory": "RH-100", "status": "Installable"}]'), -(3, 12, 2, 102, '[{"evra": "77.0.1-1.fc31.x86_64", "advisory": "RH-1", "status": "Installable"}, {"evra": "76.0.1-1.fc31.x86_64", "advisory": "RH-2", "status": "Installable"}]'), +(3, 12, 1, 101, '[{"evra": "5.10.13-201.fc31.x86_64", "advisory": "RH-100", "status": "Installable"}]'), +(3, 12, 2, 102, '[{"evra": "77.0.1-1.fc31.x86_64", "advisory": "RH-1", "status": "Installable"}, {"evra": "76.0.1-2.fc31.x86_64", "advisory": "RH-2", "status": "Installable"}]'), (3, 13, 1, 101, null), -(3, 13, 2, 102, '[{"evra": "76.0.1-1.fc31.x86_64", "advisory": "RH-2", "status": "Installable"},{"evra": "77.0.1-1.fc31.x86_64", "advisory": "RH-1", "status": "Applicable"}]'), +(3, 13, 2, 102, '[{"evra": "76.0.1-2.fc31.x86_64", "advisory": "RH-2", "status": "Installable"},{"evra": "77.0.1-1.fc31.x86_64", "advisory": "RH-1", "status": "Applicable"}]'), (3, 13, 3, 103, null), (3, 13, 4, 104, null), -(3, 16, 1, 101, '[{"evra": "5.10.13-200.fc31.x86_64", "advisory": "RH-100", "status": "Installable"}]'); +(3, 16, 1, 101, '[{"evra": "5.10.13-201.fc31.x86_64", "advisory": "RH-100", "status": "Installable"}]'); INSERT INTO timestamp_kv (name, value) VALUES ('last_eval_repo_based', '2018-04-05T01:23:45+02:00'); diff --git a/manager/controllers/system_packages_export_test.go b/manager/controllers/system_packages_export_test.go index 31cba7448..4918e8f53 100644 --- a/manager/controllers/system_packages_export_test.go +++ b/manager/controllers/system_packages_export_test.go @@ -39,7 +39,7 @@ func TestSystemPackagesExportHandlerCSV(t *testing.T) { assert.Equal(t, "kernel,5.6.13-200.fc31.x86_64,The Linux kernel,The kernel meta package,false,"+ "None,5.6.13-200.fc31.x86_64,5.6.13-200.fc31.x86_64", lines[1]) assert.Equal(t, "firefox,76.0.1-1.fc31.x86_64,Mozilla Firefox Web browser,Mozilla Firefox is an "+ - "open-source web browser...,true,Installable,76.0.1-1.fc31.x86_64,77.0.1-1.fc31.x86_64", lines[2]) + "open-source web browser...,true,Installable,76.0.1-2.fc31.x86_64,77.0.1-1.fc31.x86_64", lines[2]) } func TestSystemPackagesExportUnknown(t *testing.T) { From a9fa31f400a4b296df8d112fd33a620a925e78e5 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Tue, 1 Aug 2023 08:10:07 +0000 Subject: [PATCH 193/268] v3.4.12 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 2aa78a23d..806300faa 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.11 +v3.4.12 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index c657e80ff..f4e2fe569 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -551,7 +551,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.11} +- {name: IMAGE_TAG_MANAGER, value: v3.4.12} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -575,7 +575,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.11} +- {name: IMAGE_TAG_LISTENER, value: v3.4.12} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -596,7 +596,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.11} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.12} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -621,7 +621,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.11} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.12} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -644,7 +644,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.11} +- {name: IMAGE_TAG_JOBS, value: v3.4.12} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -689,7 +689,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.11} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.12} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -720,7 +720,7 @@ parameters: - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.11} +- {name: IMAGE_TAG_ADMIN, value: v3.4.12} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index af5bea2be..632865cb7 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.11" + "version": "v3.4.12" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 9f8e762e5..18c7c28d3 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.11" + "version": "v3.4.12" }, "servers": [ { From 268e75ad4e1f3696e70b55c8be81cb08f7f68c3c Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 31 Jul 2023 15:58:37 +0200 Subject: [PATCH 194/268] SPM-2134: use work_mem for packages queries --- base/utils/config.go | 2 ++ deploy/clowdapp.yaml | 3 +++ manager/controllers/packages.go | 36 ++++++++++++++++++------- manager/controllers/packages_export.go | 8 +++++- tasks/caches/refresh_packages_caches.go | 3 +++ 5 files changed, 42 insertions(+), 10 deletions(-) diff --git a/base/utils/config.go b/base/utils/config.go index fb6772248..94c2948a2 100644 --- a/base/utils/config.go +++ b/base/utils/config.go @@ -29,6 +29,7 @@ type Config struct { DBReadReplicaHost string DBReadReplicaPort int DBReadReplicaEnabled bool + DBWorkMem int // API PublicPort int @@ -111,6 +112,7 @@ func initDBFromEnv() { Cfg.DBReadReplicaHost = Getenv("DB_HOST_READ_REPLICA", "") Cfg.DBReadReplicaPort = GetIntEnvOrDefault("DB_PORT_READ_REPLICA", 0) } + Cfg.DBWorkMem = GetIntEnvOrDefault("DB_WORK_MEM", 4096) // 4MB is DB default } func initKafkaFromEnv() { diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index f4e2fe569..e01e01ed8 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -105,6 +105,7 @@ objects: - {name: DB_PORT_READ_REPLICA, valueFrom: {secretKeyRef: {key: db.port, name: patchman-db-readonly}}} - {name: DB_READ_REPLICA_ENABLED, value: '${DB_READ_REPLICA_ENABLED}'} + - {name: DB_WORK_MEM, value: '${DB_WORK_MEM}'} - {name: ENABLE_CYNDI_TAGS, value: '${ENABLE_CYNDI_TAGS}'} - {name: ENABLE_RBAC, value: '${ENABLE_RBAC}'} - {name: DISABLE_CACHE_COUNTS, value: '${DISABLE_CACHE_COUNTS}'} @@ -416,6 +417,7 @@ objects: - {name: DB_PORT_READ_REPLICA, valueFrom: {secretKeyRef: {key: db.port, name: patchman-db-readonly}}} - {name: DB_READ_REPLICA_ENABLED, value: '${DB_READ_REPLICA_ENABLED_JOBS}'} + - {name: DB_WORK_MEM, value: '${DB_WORK_MEM}'} - {name: PROMETHEUS_PUSHGATEWAY,value: '${PROMETHEUS_PUSHGATEWAY}'} - name: advisory-refresh @@ -718,6 +720,7 @@ parameters: - {name: MSG_BATCH_SIZE, value: '4000'} # BatchSize for PlatformEvent message - {name: ENABLE_PAYLOAD_TRACKER, value: 'true'} # Send status messages to payload tracker - {name: SSL_CERT_DIR, value: '/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/cdapp/certs'} +- {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike - {name: IMAGE_TAG_ADMIN, value: v3.4.12} diff --git a/manager/controllers/packages.go b/manager/controllers/packages.go index aa44e6860..cff5dc4c9 100644 --- a/manager/controllers/packages.go +++ b/manager/controllers/packages.go @@ -84,14 +84,9 @@ type queryItem struct { var queryItemSelect = database.MustGetSelect(&queryItem{}) -func packagesQuery(db *gorm.DB, filters map[string]FilterData, acc int, groups map[string]string) *gorm.DB { - var validCache bool - err := db.Table("rh_account"). - Select("valid_package_cache"). - Where("id = ?", acc). - Scan(&validCache).Error - if err == nil && validCache && len(filters) == 0 && enabledPackageCache && len(groups[rbac.KeyGrouped]) == 0 { - // use cache only when tag filter is not used +// nolint: lll +func packagesQuery(db *gorm.DB, filters map[string]FilterData, acc int, groups map[string]string, useCache bool) *gorm.DB { + if useCache { q := db.Table("package_account_data res"). Select(PackagesSelect). Joins("JOIN package_name pn ON res.package_name_id = pn.id"). @@ -156,7 +151,13 @@ func PackagesListHandler(c *gin.Context) { } db := middlewares.DBFromContext(c) - query := packagesQuery(db, inventoryFilters, account, groups) + useCache := shouldUseCache(db, account, inventoryFilters, groups) + if !useCache { + db.Exec("SET work_mem TO ?", utils.Cfg.DBWorkMem) + defer db.Exec("RESET work_mem") + } + + query := packagesQuery(db, inventoryFilters, account, groups, useCache) if err != nil { return } // Error handled in method itself @@ -216,3 +217,20 @@ func packages2PackagesV2(data []PackageItem) []PackageItemV2 { } return v2 } + +// use cache only when tag filter is not used, there are no inventory groups and cache is valid +func shouldUseCache(db *gorm.DB, acc int, inventoryFilters map[string]FilterData, groups map[string]string) bool { + if !enabledPackageCache { + return false + } + if len(inventoryFilters) != 0 || len(groups[rbac.KeyGrouped]) != 0 { + return false + } + + var validCache bool + err := db.Table("rh_account"). + Select("valid_package_cache"). + Where("id = ?", acc). + Scan(&validCache).Error + return err == nil && validCache +} diff --git a/manager/controllers/packages_export.go b/manager/controllers/packages_export.go index 13c4257d0..458cd02c3 100644 --- a/manager/controllers/packages_export.go +++ b/manager/controllers/packages_export.go @@ -1,6 +1,7 @@ package controllers import ( + "app/base/utils" "app/manager/middlewares" "github.com/gin-gonic/gin" @@ -32,7 +33,12 @@ func PackagesExportHandler(c *gin.Context) { } db := middlewares.DBFromContext(c) - query := packagesQuery(db, inventoryfilters, account, groups) + useCache := shouldUseCache(db, account, inventoryfilters, groups) + if !useCache { + db.Exec("SET work_mem TO ?", utils.Cfg.DBWorkMem) + defer db.Exec("RESET work_mem") + } + query := packagesQuery(db, inventoryfilters, account, groups, useCache) if err != nil { return } diff --git a/tasks/caches/refresh_packages_caches.go b/tasks/caches/refresh_packages_caches.go index ed27b0f9f..a36b0edf2 100644 --- a/tasks/caches/refresh_packages_caches.go +++ b/tasks/caches/refresh_packages_caches.go @@ -75,6 +75,9 @@ func getCounts(pkgSysCounts *[]models.PackageAccountData, accID *int) error { defer utils.ObserveSecondsSince(time.Now(), packageRefreshPartDuration.WithLabelValues("get-counts")) utils.LogDebug("Getting counts of installable and applicable systems") err := tasks.WithReadReplicaTx(func(tx *gorm.DB) error { + tx.Exec("SET work_mem TO ?", utils.Cfg.DBWorkMem) + defer tx.Exec("RESET work_mem") + q := tx.Table("system_platform sp"). Select(` sp.rh_account_id rh_account_id, From 44e74fcb8a9307065995cc63dd2f8e5b6635869e Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Tue, 1 Aug 2023 08:19:24 +0000 Subject: [PATCH 195/268] v3.4.13 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 806300faa..b71925d7a 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.12 +v3.4.13 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index e01e01ed8..6b33352f5 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -553,7 +553,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.12} +- {name: IMAGE_TAG_MANAGER, value: v3.4.13} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -577,7 +577,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.12} +- {name: IMAGE_TAG_LISTENER, value: v3.4.13} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -598,7 +598,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.12} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.13} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -623,7 +623,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.12} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.13} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -646,7 +646,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.12} +- {name: IMAGE_TAG_JOBS, value: v3.4.13} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -691,7 +691,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.12} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.13} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -723,7 +723,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.12} +- {name: IMAGE_TAG_ADMIN, value: v3.4.13} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 632865cb7..5cf733799 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.12" + "version": "v3.4.13" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 18c7c28d3..d600bbea8 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.12" + "version": "v3.4.13" }, "servers": [ { From e252d8c6852ae4db0cd22aabdc702b1a6b6b5afc Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Wed, 2 Aug 2023 17:14:33 +0200 Subject: [PATCH 196/268] SPM-2163: fix syntax error while setting work_mem --- manager/controllers/packages.go | 2 +- manager/controllers/packages_export.go | 2 +- tasks/caches/refresh_packages_caches.go | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/manager/controllers/packages.go b/manager/controllers/packages.go index cff5dc4c9..eb54848d4 100644 --- a/manager/controllers/packages.go +++ b/manager/controllers/packages.go @@ -153,7 +153,7 @@ func PackagesListHandler(c *gin.Context) { db := middlewares.DBFromContext(c) useCache := shouldUseCache(db, account, inventoryFilters, groups) if !useCache { - db.Exec("SET work_mem TO ?", utils.Cfg.DBWorkMem) + db.Exec("SET work_mem TO '?'", utils.Cfg.DBWorkMem) defer db.Exec("RESET work_mem") } diff --git a/manager/controllers/packages_export.go b/manager/controllers/packages_export.go index 458cd02c3..28b57e2ba 100644 --- a/manager/controllers/packages_export.go +++ b/manager/controllers/packages_export.go @@ -35,7 +35,7 @@ func PackagesExportHandler(c *gin.Context) { db := middlewares.DBFromContext(c) useCache := shouldUseCache(db, account, inventoryfilters, groups) if !useCache { - db.Exec("SET work_mem TO ?", utils.Cfg.DBWorkMem) + db.Exec("SET work_mem TO '?'", utils.Cfg.DBWorkMem) defer db.Exec("RESET work_mem") } query := packagesQuery(db, inventoryfilters, account, groups, useCache) diff --git a/tasks/caches/refresh_packages_caches.go b/tasks/caches/refresh_packages_caches.go index a36b0edf2..6d21e8e8c 100644 --- a/tasks/caches/refresh_packages_caches.go +++ b/tasks/caches/refresh_packages_caches.go @@ -75,7 +75,7 @@ func getCounts(pkgSysCounts *[]models.PackageAccountData, accID *int) error { defer utils.ObserveSecondsSince(time.Now(), packageRefreshPartDuration.WithLabelValues("get-counts")) utils.LogDebug("Getting counts of installable and applicable systems") err := tasks.WithReadReplicaTx(func(tx *gorm.DB) error { - tx.Exec("SET work_mem TO ?", utils.Cfg.DBWorkMem) + tx.Exec("SET work_mem TO '?'", utils.Cfg.DBWorkMem) defer tx.Exec("RESET work_mem") q := tx.Table("system_platform sp"). From 3d949d1b47fa637a5be69887454e6afdc06ba0db Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Wed, 2 Aug 2023 17:14:55 +0200 Subject: [PATCH 197/268] SPM-2163: add tests for refresh package cache --- tasks/caches/refresh_packages_caches_test.go | 61 ++++++++++++++++++++ 1 file changed, 61 insertions(+) create mode 100644 tasks/caches/refresh_packages_caches_test.go diff --git a/tasks/caches/refresh_packages_caches_test.go b/tasks/caches/refresh_packages_caches_test.go new file mode 100644 index 000000000..05509d49f --- /dev/null +++ b/tasks/caches/refresh_packages_caches_test.go @@ -0,0 +1,61 @@ +package caches + +import ( + "app/base/core" + "app/base/database" + "app/base/models" + "app/base/utils" + "testing" + + "github.com/stretchr/testify/assert" +) + +// save counts from getCounts as global for other tests +var ( + _counts = make([]models.PackageAccountData, 0) + _acc = 3 +) + +func TestAccountsWithoutCache(t *testing.T) { + utils.SkipWithoutDB(t) + core.SetupTestEnvironment() + + accs, err := accountsWithoutCache() + assert.Nil(t, err) + // there are only 4 account in test_data but other tests are creating new accounts + assert.Equal(t, 10, len(accs)) +} + +func TestGetCounts(t *testing.T) { + utils.SkipWithoutDB(t) + core.SetupTestEnvironment() + + err := getCounts(&_counts, &_acc) + assert.Nil(t, err) + assert.Equal(t, 4, len(_counts)) +} + +func TestUpdatePackageAccountData(t *testing.T) { + utils.SkipWithoutDB(t) + core.SetupTestEnvironment() + + err := updatePackageAccountData(_counts) + assert.Nil(t, err) + + // delete old cache data, just check it does not return error + err = deleteOldCache(_counts, &_acc) + assert.Nil(t, err) +} + +func TestUpdatePkgCacheValidity(t *testing.T) { + utils.SkipWithoutDB(t) + core.SetupTestEnvironment() + + err := updatePkgCacheValidity(&_acc) + assert.Nil(t, err) + + // set back to false + database.Db.Table("rh_account"). + Where("id = ?", _acc). + Update("valid_package_cache = ?", false) +} From 15ba363d2e6ec721f77806b636a7754db72fee2e Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Fri, 4 Aug 2023 07:36:46 +0000 Subject: [PATCH 198/268] v3.4.14 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index b71925d7a..a5d1d3644 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.13 +v3.4.14 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 6b33352f5..88e38fa6d 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -553,7 +553,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.13} +- {name: IMAGE_TAG_MANAGER, value: v3.4.14} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -577,7 +577,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.13} +- {name: IMAGE_TAG_LISTENER, value: v3.4.14} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -598,7 +598,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.13} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.14} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -623,7 +623,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.13} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.14} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -646,7 +646,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.13} +- {name: IMAGE_TAG_JOBS, value: v3.4.14} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -691,7 +691,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.13} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.14} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -723,7 +723,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.13} +- {name: IMAGE_TAG_ADMIN, value: v3.4.14} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 5cf733799..c44c16c88 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.13" + "version": "v3.4.14" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index d600bbea8..42ea3fd74 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.13" + "version": "v3.4.14" }, "servers": [ { From c04136a268a5a9ef133ca6cae2d8335106ec8e59 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Mon, 31 Jul 2023 14:23:57 +0200 Subject: [PATCH 199/268] RHINENG-1197: let filter remember its type --- manager/controllers/filter.go | 20 ++++++++++++++----- manager/controllers/utils.go | 36 +++++++++++++++++------------------ 2 files changed, 32 insertions(+), 24 deletions(-) diff --git a/manager/controllers/filter.go b/manager/controllers/filter.go index 13c9c6f10..fea0bb7c2 100644 --- a/manager/controllers/filter.go +++ b/manager/controllers/filter.go @@ -9,15 +9,24 @@ import ( "gorm.io/gorm" ) +type FilterType int8 + +const ( + ColumnFilter FilterType = iota + InventoryFilter + TagFilter +) + type FilterData struct { - Operator string `json:"op"` - Values []string `json:"values"` + Type FilterType `json:"-"` + Operator string `json:"op"` + Values []string `json:"values"` } type Filters map[string]FilterData // Parse a filter from field name and field value specification -func ParseFilterValue(val string) FilterData { +func ParseFilterValue(ftype FilterType, val string) FilterData { idx := strings.Index(val, ":") var operator string @@ -34,6 +43,7 @@ func ParseFilterValue(val string) FilterData { values := strings.Split(value, ",") return FilterData{ + Type: ftype, Operator: operator, Values: values, } @@ -150,8 +160,8 @@ func (t Filters) Apply(tx *gorm.DB, fields database.AttrMap) (*gorm.DB, error) { return tx, nil } -func (t Filters) Update(key string, value string) { - data := ParseFilterValue(value) +func (t Filters) Update(ftype FilterType, key string, value string) { + data := ParseFilterValue(ftype, value) if fdata, ok := t[key]; ok { data.Values = append(data.Values, fdata.Values...) } diff --git a/manager/controllers/utils.go b/manager/controllers/utils.go index 8b8efff32..f5ae006cf 100644 --- a/manager/controllers/utils.go +++ b/manager/controllers/utils.go @@ -116,11 +116,8 @@ var nestedFilters = NestedFilterMap{ "system_profile][mssql][version": "mssql->version", } -func ParseFilters(c *gin.Context, allowedFields database.AttrMap, - defaultFilters map[string]FilterData, apiver int) (Filters, Filters, error) { - filters := Filters{} - inventoryFilters := Filters{} - +func ParseFilters(c *gin.Context, filters Filters, allowedFields database.AttrMap, + defaultFilters map[string]FilterData, apiver int) error { params := c.Request.URL.Query() // map[string][]string for name, values := range params { if strings.HasPrefix(name, "filter[") { @@ -128,14 +125,14 @@ func ParseFilters(c *gin.Context, allowedFields database.AttrMap, for _, v := range values { if _, ok := nestedFilters[subject]; ok { nested := nestedFilters[subject] - inventoryFilters.Update(nested, v) + filters.Update(InventoryFilter, nested, v) continue } if _, ok := allowedFields[subject]; !ok { - return Filters{}, Filters{}, errors.Errorf(InvalidFilter, subject) + return errors.Errorf(InvalidFilter, subject) } - filters.Update(subject, v) + filters.Update(ColumnFilter, subject, v) } } } @@ -156,7 +153,7 @@ func ParseFilters(c *gin.Context, allowedFields database.AttrMap, } } - return filters, inventoryFilters, nil + return nil } type ListOpts struct { @@ -169,7 +166,8 @@ type ListOpts struct { func ExportListCommon(tx *gorm.DB, c *gin.Context, opts ListOpts) (*gorm.DB, error) { apiver := c.GetInt(middlewares.KeyApiver) - filters, _, err := ParseFilters(c, opts.Fields, opts.DefaultFilters, apiver) + filters := Filters{} + err := ParseFilters(c, filters, opts.Fields, opts.DefaultFilters, apiver) if err != nil { LogAndRespBadRequest(c, err, err.Error()) return nil, errors.Wrap(err, "filters parsing failed") @@ -342,27 +340,26 @@ func (t *Tag) ApplyTag(tx *gorm.DB) *gorm.DB { return tx.Where("ih.tags @> ?::jsonb", tagStr) } -func ParseInventoryFilters(c *gin.Context, opts ListOpts) (Filters, Filters, error) { - tagFilters := Filters{} +func ParseAllFilters(c *gin.Context, opts ListOpts) (Filters, error) { + filters := Filters{} - err := parseTagsFromCtx(c, tagFilters) + err := parseTags(c, filters) if err != nil { - return nil, nil, err + return nil, err } apiver := c.GetInt(middlewares.KeyApiver) - filters, inventoryFilters, err := ParseFilters(c, opts.Fields, opts.DefaultFilters, apiver) + err = ParseFilters(c, filters, opts.Fields, opts.DefaultFilters, apiver) if err != nil { err = errors.Wrap(err, "cannot parse inventory filters") LogAndRespBadRequest(c, err, err.Error()) - return nil, nil, err + return nil, err } - mergeMaps(tagFilters, inventoryFilters) - return filters, tagFilters, nil + return filters, nil } -func parseTagsFromCtx(c *gin.Context, filters Filters) error { +func parseTags(c *gin.Context, filters Filters) error { tags := c.QueryArray("tags") for _, t := range tags { tag, err := ParseTag(t) @@ -386,6 +383,7 @@ func parseTagsFromCtx(c *gin.Context, filters Filters) error { value = strings.Split(val, ",") } filters[key] = FilterData{ + Type: TagFilter, Operator: "eq", Values: value, } From 51dea2a3726d73157c637010d76a097dcb2ef470 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Mon, 31 Jul 2023 15:15:02 +0200 Subject: [PATCH 200/268] RHINENG-1197: rename ParseInventoryFilters() to ParseAllFilters() --- manager/controllers/advisories.go | 2 +- manager/controllers/advisories_export.go | 2 +- manager/controllers/advisory_systems.go | 2 +- manager/controllers/advisory_systems_export.go | 2 +- manager/controllers/baseline_systems.go | 4 ++-- manager/controllers/baselines.go | 2 +- manager/controllers/package_systems.go | 2 +- manager/controllers/package_systems_export.go | 2 +- manager/controllers/packages.go | 2 +- manager/controllers/packages_export.go | 2 +- manager/controllers/system_packages.go | 2 +- manager/controllers/systems.go | 2 +- manager/controllers/systems_export.go | 2 +- manager/controllers/utils_test.go | 4 ++-- 14 files changed, 16 insertions(+), 16 deletions(-) diff --git a/manager/controllers/advisories.go b/manager/controllers/advisories.go index 74979558b..871d6ec00 100644 --- a/manager/controllers/advisories.go +++ b/manager/controllers/advisories.go @@ -122,7 +122,7 @@ func advisoriesCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error) { account := c.GetInt(middlewares.KeyAccount) groups := c.GetStringMapString(middlewares.KeyInventoryGroups) var query *gorm.DB - filters, inventoryFilters, err := ParseInventoryFilters(c, AdvisoriesOpts) + filters, err := ParseAllFilters(c, AdvisoriesOpts) if err != nil { return nil, nil, nil, err } diff --git a/manager/controllers/advisories_export.go b/manager/controllers/advisories_export.go index 83b429dbd..0a1387fa9 100644 --- a/manager/controllers/advisories_export.go +++ b/manager/controllers/advisories_export.go @@ -30,7 +30,7 @@ import ( func AdvisoriesExportHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) groups := c.GetStringMapString(middlewares.KeyInventoryGroups) - _, inventoryFilters, err := ParseInventoryFilters(c, SystemOpts) + filters, err := ParseAllFilters(c, SystemOpts) if err != nil { return } diff --git a/manager/controllers/advisory_systems.go b/manager/controllers/advisory_systems.go index 31c5f366c..9a03f0f8b 100644 --- a/manager/controllers/advisory_systems.go +++ b/manager/controllers/advisory_systems.go @@ -62,7 +62,7 @@ func advisorySystemsCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error if apiver < 3 { opts = AdvisorySystemOpts } - filters, inventoryFilters, err := ParseInventoryFilters(c, opts) + filters, err := ParseAllFilters(c, opts) if err != nil { return nil, nil, nil, err } // Error handled in method itself diff --git a/manager/controllers/advisory_systems_export.go b/manager/controllers/advisory_systems_export.go index a39b3ffad..f3a012c9e 100644 --- a/manager/controllers/advisory_systems_export.go +++ b/manager/controllers/advisory_systems_export.go @@ -61,7 +61,7 @@ func AdvisorySystemsExportHandler(c *gin.Context) { } query := buildAdvisorySystemsQuery(db, account, groups, advisoryName, apiver) - _, inventoryFilters, err := ParseInventoryFilters(c, AdvisorySystemOpts) + filters, err := ParseAllFilters(c, AdvisorySystemOpts) if err != nil { return } // Error handled in method itself diff --git a/manager/controllers/baseline_systems.go b/manager/controllers/baseline_systems.go index 21e7ac4a2..a16037728 100644 --- a/manager/controllers/baseline_systems.go +++ b/manager/controllers/baseline_systems.go @@ -108,7 +108,7 @@ func queryBaselineSystems(c *gin.Context, account, apiver int, groups map[string } query := buildQueryBaselineSystems(db, account, groups, id, apiver) - _, inventoryFilters, err := ParseInventoryFilters(c, BaselineSystemOpts) + filters, err := ParseAllFilters(c, BaselineSystemOpts) if err != nil { return nil, err } // Error handled in method itself @@ -123,7 +123,7 @@ func baselineSystemsCommon(c *gin.Context, account, apiver int, groups map[strin return nil, nil, nil, err } // Error handled in method itself - filters, inventoryFilters, err := ParseInventoryFilters(c, PackageSystemsOpts) + filters, err := ParseAllFilters(c, PackageSystemsOpts) if err != nil { // Error handled in method itself return nil, nil, nil, err diff --git a/manager/controllers/baselines.go b/manager/controllers/baselines.go index 8993ada09..eb5384ba4 100644 --- a/manager/controllers/baselines.go +++ b/manager/controllers/baselines.go @@ -84,7 +84,7 @@ func BaselinesListHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) apiver := c.GetInt(middlewares.KeyApiver) groups := c.GetStringMapString(middlewares.KeyInventoryGroups) - filters, inventoryFilters, err := ParseInventoryFilters(c, BaselineOpts) + filters, err := ParseAllFilters(c, BaselineOpts) if err != nil { return } diff --git a/manager/controllers/package_systems.go b/manager/controllers/package_systems.go index 547fadc7f..ed0f4154d 100644 --- a/manager/controllers/package_systems.go +++ b/manager/controllers/package_systems.go @@ -105,7 +105,7 @@ func packageSystemsCommon(db *gorm.DB, c *gin.Context) (*gorm.DB, *ListMeta, []s } query := packageSystemsQuery(db, account, groups, packageName, packageIDs) - filters, inventoryFilters, err := ParseInventoryFilters(c, PackageSystemsOpts) + filters, err := ParseAllFilters(c, PackageSystemsOpts) if err != nil { return nil, nil, nil, err } // Error handled in method itself diff --git a/manager/controllers/package_systems_export.go b/manager/controllers/package_systems_export.go index 1896750b7..1d223fae7 100644 --- a/manager/controllers/package_systems_export.go +++ b/manager/controllers/package_systems_export.go @@ -54,7 +54,7 @@ func PackageSystemsExportHandler(c *gin.Context) { } query := packageSystemsQuery(db, account, groups, packageName, packageIDs) - _, inventoryFilters, err := ParseInventoryFilters(c, PackageSystemsOpts) + filters, err := ParseAllFilters(c, PackageSystemsOpts) if err != nil { return } // Error handled in method itself diff --git a/manager/controllers/packages.go b/manager/controllers/packages.go index eb54848d4..929f413cd 100644 --- a/manager/controllers/packages.go +++ b/manager/controllers/packages.go @@ -145,7 +145,7 @@ func PackagesListHandler(c *gin.Context) { apiver := c.GetInt(middlewares.KeyApiver) groups := c.GetStringMapString(middlewares.KeyInventoryGroups) - filters, inventoryFilters, err := ParseInventoryFilters(c, PackagesOpts) + filters, err := ParseAllFilters(c, PackagesOpts) if err != nil { return } diff --git a/manager/controllers/packages_export.go b/manager/controllers/packages_export.go index 28b57e2ba..86ff8d71e 100644 --- a/manager/controllers/packages_export.go +++ b/manager/controllers/packages_export.go @@ -27,7 +27,7 @@ func PackagesExportHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) apiver := c.GetInt(middlewares.KeyApiver) groups := c.GetStringMapString(middlewares.KeyInventoryGroups) - _, inventoryfilters, err := ParseInventoryFilters(c, PackagesOpts) + filters, err := ParseAllFilters(c, PackagesOpts) if err != nil { return } diff --git a/manager/controllers/system_packages.go b/manager/controllers/system_packages.go index 0128ae1d9..305155fd8 100644 --- a/manager/controllers/system_packages.go +++ b/manager/controllers/system_packages.go @@ -117,7 +117,7 @@ func SystemPackagesHandler(c *gin.Context) { LogAndRespBadRequest(c, errors.New("bad request"), "incorrect inventory_id format") return } - filters, inventoryFilters, err := ParseInventoryFilters(c, PackageSystemsOpts) + filters, err := ParseAllFilters(c, PackageSystemsOpts) if err != nil { // Error handled in method itself return diff --git a/manager/controllers/systems.go b/manager/controllers/systems.go index ab9c53b5d..6c5480db2 100644 --- a/manager/controllers/systems.go +++ b/manager/controllers/systems.go @@ -172,7 +172,7 @@ func systemsCommon(c *gin.Context, apiver int) (*gorm.DB, *ListMeta, []string, e groups := c.GetStringMapString(middlewares.KeyInventoryGroups) db := middlewares.DBFromContext(c) query := querySystems(db, account, apiver, groups) - filters, inventoryFilters, err := ParseInventoryFilters(c, SystemOpts) + filters, err := ParseAllFilters(c, SystemOpts) if err != nil { return nil, nil, nil, err } // Error handled method itself diff --git a/manager/controllers/systems_export.go b/manager/controllers/systems_export.go index 98b16fee1..d7a23a726 100644 --- a/manager/controllers/systems_export.go +++ b/manager/controllers/systems_export.go @@ -42,7 +42,7 @@ func SystemsExportHandler(c *gin.Context) { groups := c.GetStringMapString(middlewares.KeyInventoryGroups) db := middlewares.DBFromContext(c) query := querySystems(db, account, apiver, groups) - _, inventoryFilters, err := ParseInventoryFilters(c, SystemOpts) + filters, err := ParseAllFilters(c, SystemOpts) if err != nil { return } // Error handled in method itself diff --git a/manager/controllers/utils_test.go b/manager/controllers/utils_test.go index cd5254bd5..8ec23e3a1 100644 --- a/manager/controllers/utils_test.go +++ b/manager/controllers/utils_test.go @@ -19,7 +19,7 @@ func TestGroupNameFilter(t *testing.T) { c, _ := gin.CreateTestContext(httptest.NewRecorder()) c.Request, _ = http.NewRequest("GET", "/?filter[group_name]=group2", nil) - _, inventoryFilters, err := ParseInventoryFilters(c, ListOpts{}) + filters, err := ParseAllFilters(c, ListOpts{}) assert.Nil(t, err) var systems []SystemsID @@ -42,7 +42,7 @@ func TestGroupNameFilter2(t *testing.T) { c, _ := gin.CreateTestContext(httptest.NewRecorder()) c.Request, _ = http.NewRequest("GET", "/?filter[group_name]=group1,group2", nil) - _, inventoryFilters, err := ParseInventoryFilters(c, ListOpts{}) + filters, err := ParseAllFilters(c, ListOpts{}) assert.Nil(t, err) var systems []SystemsID From a1569945a4398f4f0b4d510c5eb681d8b27f45cb Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Mon, 31 Jul 2023 15:19:24 +0200 Subject: [PATCH 201/268] RHINENG-1197: update HasInventoryFilters() to new Filters type --- manager/controllers/advisories.go | 2 +- manager/controllers/advisories_export.go | 2 +- manager/controllers/utils.go | 7 ++++++- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/manager/controllers/advisories.go b/manager/controllers/advisories.go index 871d6ec00..dc794a9dd 100644 --- a/manager/controllers/advisories.go +++ b/manager/controllers/advisories.go @@ -137,7 +137,7 @@ func advisoriesCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error) { validCache = false } } - if !validCache || HasInventoryFilter(inventoryFilters) || len(groups[rbac.KeyGrouped]) != 0 { + if !validCache || HasInventoryFilter(filters) || len(groups[rbac.KeyGrouped]) != 0 { var err error query = buildQueryAdvisoriesTagged(db, inventoryFilters, account, groups) if err != nil { diff --git a/manager/controllers/advisories_export.go b/manager/controllers/advisories_export.go index 0a1387fa9..cc9da7f8c 100644 --- a/manager/controllers/advisories_export.go +++ b/manager/controllers/advisories_export.go @@ -47,7 +47,7 @@ func AdvisoriesExportHandler(c *gin.Context) { validCache = false } } - if !validCache || HasInventoryFilter(inventoryFilters) || len(groups[rbac.KeyGrouped]) != 0 { + if !validCache || HasInventoryFilter(filters) || len(groups[rbac.KeyGrouped]) != 0 { var err error query = buildQueryAdvisoriesTagged(db, inventoryFilters, account, groups) if err != nil { diff --git a/manager/controllers/utils.go b/manager/controllers/utils.go index f5ae006cf..c2400789e 100644 --- a/manager/controllers/utils.go +++ b/manager/controllers/utils.go @@ -293,7 +293,12 @@ func HasInventoryFilter(filters Filters) bool { if !enableCyndiTags { return false } - return len(filters) > 0 + for _, data := range filters { + if data.Type == InventoryFilter { + return true + } + } + return false } func trimQuotes(s string) string { From 4b747112e9d0e161a55f575a632abf0da334ebcd Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Mon, 31 Jul 2023 15:35:20 +0200 Subject: [PATCH 202/268] RHINENG-1197: update ApplyInventoryFilter() to new Filters type --- manager/controllers/advisories.go | 2 +- manager/controllers/advisories_export.go | 2 +- manager/controllers/advisory_systems.go | 2 +- manager/controllers/advisory_systems_export.go | 2 +- manager/controllers/baseline_systems.go | 2 +- manager/controllers/baselines.go | 2 +- manager/controllers/package_systems.go | 2 +- manager/controllers/package_systems_export.go | 2 +- manager/controllers/packages.go | 10 +++++----- manager/controllers/packages_export.go | 4 ++-- manager/controllers/systems.go | 2 +- manager/controllers/systems_export.go | 2 +- manager/controllers/utils.go | 2 +- manager/controllers/utils_test.go | 4 ++-- 14 files changed, 20 insertions(+), 20 deletions(-) diff --git a/manager/controllers/advisories.go b/manager/controllers/advisories.go index dc794a9dd..48d17c55c 100644 --- a/manager/controllers/advisories.go +++ b/manager/controllers/advisories.go @@ -139,7 +139,7 @@ func advisoriesCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error) { } if !validCache || HasInventoryFilter(filters) || len(groups[rbac.KeyGrouped]) != 0 { var err error - query = buildQueryAdvisoriesTagged(db, inventoryFilters, account, groups) + query = buildQueryAdvisoriesTagged(db, filters, account, groups) if err != nil { return nil, nil, nil, err } // Error handled in method itself diff --git a/manager/controllers/advisories_export.go b/manager/controllers/advisories_export.go index cc9da7f8c..acc5f4f99 100644 --- a/manager/controllers/advisories_export.go +++ b/manager/controllers/advisories_export.go @@ -49,7 +49,7 @@ func AdvisoriesExportHandler(c *gin.Context) { } if !validCache || HasInventoryFilter(filters) || len(groups[rbac.KeyGrouped]) != 0 { var err error - query = buildQueryAdvisoriesTagged(db, inventoryFilters, account, groups) + query = buildQueryAdvisoriesTagged(db, filters, account, groups) if err != nil { return } // Error handled in method itself diff --git a/manager/controllers/advisory_systems.go b/manager/controllers/advisory_systems.go index 9a03f0f8b..ca00bd930 100644 --- a/manager/controllers/advisory_systems.go +++ b/manager/controllers/advisory_systems.go @@ -66,7 +66,7 @@ func advisorySystemsCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error if err != nil { return nil, nil, nil, err } // Error handled in method itself - query, _ = ApplyInventoryFilter(inventoryFilters, query, "sp.inventory_id") + query, _ = ApplyInventoryFilter(filters, query, "sp.inventory_id") query, meta, params, err := ListCommon(query, c, filters, inventoryFilters, opts) // Error handled in method itself return query, meta, params, err diff --git a/manager/controllers/advisory_systems_export.go b/manager/controllers/advisory_systems_export.go index f3a012c9e..9edcfb202 100644 --- a/manager/controllers/advisory_systems_export.go +++ b/manager/controllers/advisory_systems_export.go @@ -65,7 +65,7 @@ func AdvisorySystemsExportHandler(c *gin.Context) { if err != nil { return } // Error handled in method itself - query, _ = ApplyInventoryFilter(inventoryFilters, query, "sp.inventory_id") + query, _ = ApplyInventoryFilter(filters, query, "sp.inventory_id") query = query.Order("sp.id") query, err = ExportListCommon(query, c, AdvisorySystemOpts) diff --git a/manager/controllers/baseline_systems.go b/manager/controllers/baseline_systems.go index a16037728..cb90337f8 100644 --- a/manager/controllers/baseline_systems.go +++ b/manager/controllers/baseline_systems.go @@ -112,7 +112,7 @@ func queryBaselineSystems(c *gin.Context, account, apiver int, groups map[string if err != nil { return nil, err } // Error handled in method itself - query, _ = ApplyInventoryFilter(inventoryFilters, query, "sp.inventory_id") + query, _ = ApplyInventoryFilter(filters, query, "sp.inventory_id") return query, nil } diff --git a/manager/controllers/baselines.go b/manager/controllers/baselines.go index eb5384ba4..ea5c2f5ed 100644 --- a/manager/controllers/baselines.go +++ b/manager/controllers/baselines.go @@ -90,7 +90,7 @@ func BaselinesListHandler(c *gin.Context) { } db := middlewares.DBFromContext(c) - query := buildQueryBaselines(db, inventoryFilters, account, groups) + query := buildQueryBaselines(db, filters, account, groups) if err != nil { return } // Error handled in method itself diff --git a/manager/controllers/package_systems.go b/manager/controllers/package_systems.go index ed0f4154d..e8bb52fb7 100644 --- a/manager/controllers/package_systems.go +++ b/manager/controllers/package_systems.go @@ -109,7 +109,7 @@ func packageSystemsCommon(db *gorm.DB, c *gin.Context) (*gorm.DB, *ListMeta, []s if err != nil { return nil, nil, nil, err } // Error handled in method itself - query, _ = ApplyInventoryFilter(inventoryFilters, query, "sp.inventory_id") + query, _ = ApplyInventoryFilter(filters, query, "sp.inventory_id") query, meta, params, err := ListCommon(query, c, filters, inventoryFilters, PackageSystemsOpts) // Error handled in method itself return query, meta, params, err diff --git a/manager/controllers/package_systems_export.go b/manager/controllers/package_systems_export.go index 1d223fae7..f07bf9db5 100644 --- a/manager/controllers/package_systems_export.go +++ b/manager/controllers/package_systems_export.go @@ -58,7 +58,7 @@ func PackageSystemsExportHandler(c *gin.Context) { if err != nil { return } // Error handled in method itself - query, _ = ApplyInventoryFilter(inventoryFilters, query, "sp.inventory_id") + query, _ = ApplyInventoryFilter(filters, query, "sp.inventory_id") query, err = ExportListCommon(query, c, PackageSystemsOpts) if err != nil { return diff --git a/manager/controllers/packages.go b/manager/controllers/packages.go index 929f413cd..caac27561 100644 --- a/manager/controllers/packages.go +++ b/manager/controllers/packages.go @@ -151,17 +151,17 @@ func PackagesListHandler(c *gin.Context) { } db := middlewares.DBFromContext(c) - useCache := shouldUseCache(db, account, inventoryFilters, groups) + useCache := shouldUseCache(db, account, filters, groups) if !useCache { db.Exec("SET work_mem TO '?'", utils.Cfg.DBWorkMem) defer db.Exec("RESET work_mem") } - query := packagesQuery(db, inventoryFilters, account, groups, useCache) + query := packagesQuery(db, filters, account, groups, useCache) if err != nil { return } // Error handled in method itself - query, meta, params, err := ListCommon(query, c, filters, inventoryFilters, PackagesOpts) + query, meta, params, err := ListCommon(query, c, filters, filters, PackagesOpts) if err != nil { return } // Error handled in method itself @@ -219,11 +219,11 @@ func packages2PackagesV2(data []PackageItem) []PackageItemV2 { } // use cache only when tag filter is not used, there are no inventory groups and cache is valid -func shouldUseCache(db *gorm.DB, acc int, inventoryFilters map[string]FilterData, groups map[string]string) bool { +func shouldUseCache(db *gorm.DB, acc int, filters map[string]FilterData, groups map[string]string) bool { if !enabledPackageCache { return false } - if len(inventoryFilters) != 0 || len(groups[rbac.KeyGrouped]) != 0 { + if HasInventoryFilter(filters) || len(groups[rbac.KeyGrouped]) != 0 { return false } diff --git a/manager/controllers/packages_export.go b/manager/controllers/packages_export.go index 86ff8d71e..ac1547b19 100644 --- a/manager/controllers/packages_export.go +++ b/manager/controllers/packages_export.go @@ -33,12 +33,12 @@ func PackagesExportHandler(c *gin.Context) { } db := middlewares.DBFromContext(c) - useCache := shouldUseCache(db, account, inventoryfilters, groups) + useCache := shouldUseCache(db, account, filters, groups) if !useCache { db.Exec("SET work_mem TO '?'", utils.Cfg.DBWorkMem) defer db.Exec("RESET work_mem") } - query := packagesQuery(db, inventoryfilters, account, groups, useCache) + query := packagesQuery(db, filters, account, groups, useCache) if err != nil { return } diff --git a/manager/controllers/systems.go b/manager/controllers/systems.go index 6c5480db2..62e239555 100644 --- a/manager/controllers/systems.go +++ b/manager/controllers/systems.go @@ -176,7 +176,7 @@ func systemsCommon(c *gin.Context, apiver int) (*gorm.DB, *ListMeta, []string, e if err != nil { return nil, nil, nil, err } // Error handled method itself - query, _ = ApplyInventoryFilter(inventoryFilters, query, "sp.inventory_id") + query, _ = ApplyInventoryFilter(filters, query, "sp.inventory_id") query, meta, params, err := ListCommon(query, c, filters, inventoryFilters, SystemOpts) // Error handled method itself return query, meta, params, err diff --git a/manager/controllers/systems_export.go b/manager/controllers/systems_export.go index d7a23a726..f920b9388 100644 --- a/manager/controllers/systems_export.go +++ b/manager/controllers/systems_export.go @@ -46,7 +46,7 @@ func SystemsExportHandler(c *gin.Context) { if err != nil { return } // Error handled in method itself - query, _ = ApplyInventoryFilter(inventoryFilters, query, "sp.inventory_id") + query, _ = ApplyInventoryFilter(filters, query, "sp.inventory_id") var systems SystemDBLookupSlice diff --git a/manager/controllers/utils.go b/manager/controllers/utils.go index c2400789e..33518228a 100644 --- a/manager/controllers/utils.go +++ b/manager/controllers/utils.go @@ -420,7 +420,7 @@ func ApplyInventoryFilter(filters map[string]FilterData, tx *gorm.DB, systemIDEx func ApplyInventoryWhere(filters map[string]FilterData, tx *gorm.DB) (*gorm.DB, bool) { applied := false for key, val := range filters { - if strings.Contains(key, "/") { + if val.Type == TagFilter { tagString := key + "=" + strings.Join(val.Values, ",") tag, _ := ParseTag(tagString) tx = tag.ApplyTag(tx) diff --git a/manager/controllers/utils_test.go b/manager/controllers/utils_test.go index 8ec23e3a1..ae6a2be37 100644 --- a/manager/controllers/utils_test.go +++ b/manager/controllers/utils_test.go @@ -27,7 +27,7 @@ func TestGroupNameFilter(t *testing.T) { rbac.KeyGrouped: `{"[{\"id\":\"inventory-group-1\"}]","[{\"id\":\"inventory-group-2\"}]"}`, } tx := database.Systems(database.Db, 1, groups) - tx, _ = ApplyInventoryFilter(inventoryFilters, tx, "sp.inventory_id") + tx, _ = ApplyInventoryFilter(filters, tx, "sp.inventory_id") tx.Scan(&systems) assert.Equal(t, 2, len(systems)) // 2 systems with `group2` in test_data @@ -50,7 +50,7 @@ func TestGroupNameFilter2(t *testing.T) { rbac.KeyGrouped: `{"[{\"id\":\"inventory-group-1\"}]","[{\"id\":\"inventory-group-2\"}]"}`, } tx := database.Systems(database.Db, 1, groups) - tx, _ = ApplyInventoryFilter(inventoryFilters, tx, "sp.inventory_id") + tx, _ = ApplyInventoryFilter(filters, tx, "sp.inventory_id") tx.Scan(&systems) assert.Equal(t, 8, len(systems)) // 2 systems with `group2`, 6 with `group1` in test_data From e6b42d9c79c99cd59ddaf154086e5eb0525ac779 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Mon, 31 Jul 2023 15:47:51 +0200 Subject: [PATCH 203/268] RHINENG-1197: update ListCommon() to new Filters type --- manager/controllers/advisories.go | 2 +- manager/controllers/advisory_systems.go | 2 +- manager/controllers/baseline_systems.go | 2 +- manager/controllers/baselines.go | 2 +- manager/controllers/filter.go | 3 +++ manager/controllers/package_systems.go | 2 +- manager/controllers/package_versions.go | 2 +- manager/controllers/packages.go | 2 +- manager/controllers/system_advisories.go | 2 +- manager/controllers/system_packages.go | 2 +- manager/controllers/systems.go | 2 +- manager/controllers/systemtags.go | 2 +- manager/controllers/utils.go | 9 +-------- 13 files changed, 15 insertions(+), 19 deletions(-) diff --git a/manager/controllers/advisories.go b/manager/controllers/advisories.go index 48d17c55c..dbaf9c4cd 100644 --- a/manager/controllers/advisories.go +++ b/manager/controllers/advisories.go @@ -147,7 +147,7 @@ func advisoriesCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error) { query = buildQueryAdvisories(db, account) } - query, meta, params, err := ListCommon(query, c, filters, inventoryFilters, AdvisoriesOpts) + query, meta, params, err := ListCommon(query, c, filters, AdvisoriesOpts) // Error handling and setting of result code & content is done in ListCommon return query, meta, params, err } diff --git a/manager/controllers/advisory_systems.go b/manager/controllers/advisory_systems.go index ca00bd930..e6d73fba7 100644 --- a/manager/controllers/advisory_systems.go +++ b/manager/controllers/advisory_systems.go @@ -67,7 +67,7 @@ func advisorySystemsCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error return nil, nil, nil, err } // Error handled in method itself query, _ = ApplyInventoryFilter(filters, query, "sp.inventory_id") - query, meta, params, err := ListCommon(query, c, filters, inventoryFilters, opts) + query, meta, params, err := ListCommon(query, c, filters, opts) // Error handled in method itself return query, meta, params, err } diff --git a/manager/controllers/baseline_systems.go b/manager/controllers/baseline_systems.go index cb90337f8..1ebe10f7c 100644 --- a/manager/controllers/baseline_systems.go +++ b/manager/controllers/baseline_systems.go @@ -128,7 +128,7 @@ func baselineSystemsCommon(c *gin.Context, account, apiver int, groups map[strin // Error handled in method itself return nil, nil, nil, err } - query, meta, params, err := ListCommon(query, c, filters, inventoryFilters, BaselineSystemOpts) + query, meta, params, err := ListCommon(query, c, filters, BaselineSystemOpts) if err != nil { // Error handling and setting of result code & content is done in ListCommon return nil, nil, nil, err diff --git a/manager/controllers/baselines.go b/manager/controllers/baselines.go index ea5c2f5ed..a0ee51345 100644 --- a/manager/controllers/baselines.go +++ b/manager/controllers/baselines.go @@ -95,7 +95,7 @@ func BaselinesListHandler(c *gin.Context) { return } // Error handled in method itself - query, meta, params, err := ListCommon(query, c, filters, inventoryFilters, BaselineOpts) + query, meta, params, err := ListCommon(query, c, filters, BaselineOpts) if err != nil { // Error handling and setting of result code & content is done in ListCommon return diff --git a/manager/controllers/filter.go b/manager/controllers/filter.go index fea0bb7c2..3f854cfa7 100644 --- a/manager/controllers/filter.go +++ b/manager/controllers/filter.go @@ -151,6 +151,9 @@ func (t Filters) ToQueryParams() string { func (t Filters) Apply(tx *gorm.DB, fields database.AttrMap) (*gorm.DB, error) { for name, f := range t { + if f.Type != ColumnFilter { + continue + } query, args, err := f.ToWhere(name, fields) if err != nil { return nil, err diff --git a/manager/controllers/package_systems.go b/manager/controllers/package_systems.go index e8bb52fb7..e85c8c647 100644 --- a/manager/controllers/package_systems.go +++ b/manager/controllers/package_systems.go @@ -110,7 +110,7 @@ func packageSystemsCommon(db *gorm.DB, c *gin.Context) (*gorm.DB, *ListMeta, []s return nil, nil, nil, err } // Error handled in method itself query, _ = ApplyInventoryFilter(filters, query, "sp.inventory_id") - query, meta, params, err := ListCommon(query, c, filters, inventoryFilters, PackageSystemsOpts) + query, meta, params, err := ListCommon(query, c, filters, PackageSystemsOpts) // Error handled in method itself return query, meta, params, err } diff --git a/manager/controllers/package_versions.go b/manager/controllers/package_versions.go index 09ce3fa21..c9ef686e2 100644 --- a/manager/controllers/package_versions.go +++ b/manager/controllers/package_versions.go @@ -91,7 +91,7 @@ func PackageVersionsListHandler(c *gin.Context) { query := packageVersionsQuery(db, account, groups, packageNameIDs) // we don't support tags and filters for this endpoint - query, meta, params, err := ListCommon(query, c, nil, nil, PackageVersionsOpts) + query, meta, params, err := ListCommon(query, c, nil, PackageVersionsOpts) if err != nil { return } // Error handled in method itself diff --git a/manager/controllers/packages.go b/manager/controllers/packages.go index caac27561..c3b5efaf8 100644 --- a/manager/controllers/packages.go +++ b/manager/controllers/packages.go @@ -161,7 +161,7 @@ func PackagesListHandler(c *gin.Context) { if err != nil { return } // Error handled in method itself - query, meta, params, err := ListCommon(query, c, filters, filters, PackagesOpts) + query, meta, params, err := ListCommon(query, c, filters, PackagesOpts) if err != nil { return } // Error handled in method itself diff --git a/manager/controllers/system_advisories.go b/manager/controllers/system_advisories.go index 12de05224..b56fc4429 100644 --- a/manager/controllers/system_advisories.go +++ b/manager/controllers/system_advisories.go @@ -92,7 +92,7 @@ func systemAdvisoriesCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, erro } query := buildSystemAdvisoriesQuery(db, account, groups, inventoryID) - query, meta, params, err := ListCommon(query, c, nil, nil, SystemAdvisoriesOpts) + query, meta, params, err := ListCommon(query, c, nil, SystemAdvisoriesOpts) // Error handling and setting of result code & content is done in ListCommon return query, meta, params, err } diff --git a/manager/controllers/system_packages.go b/manager/controllers/system_packages.go index 305155fd8..c74a88d5a 100644 --- a/manager/controllers/system_packages.go +++ b/manager/controllers/system_packages.go @@ -125,7 +125,7 @@ func SystemPackagesHandler(c *gin.Context) { var loaded []SystemPackageDBLoad db := middlewares.DBFromContext(c) q := systemPackageQuery(db, account, groups, inventoryID) - q, meta, params, err := ListCommon(q, c, filters, inventoryFilters, SystemPackagesOpts) + q, meta, params, err := ListCommon(q, c, filters, SystemPackagesOpts) if err != nil { return } diff --git a/manager/controllers/systems.go b/manager/controllers/systems.go index 62e239555..4697deb78 100644 --- a/manager/controllers/systems.go +++ b/manager/controllers/systems.go @@ -177,7 +177,7 @@ func systemsCommon(c *gin.Context, apiver int) (*gorm.DB, *ListMeta, []string, e return nil, nil, nil, err } // Error handled method itself query, _ = ApplyInventoryFilter(filters, query, "sp.inventory_id") - query, meta, params, err := ListCommon(query, c, filters, inventoryFilters, SystemOpts) + query, meta, params, err := ListCommon(query, c, filters, SystemOpts) // Error handled method itself return query, meta, params, err } diff --git a/manager/controllers/systemtags.go b/manager/controllers/systemtags.go index ac33c38e9..3335c92dd 100644 --- a/manager/controllers/systemtags.go +++ b/manager/controllers/systemtags.go @@ -75,7 +75,7 @@ func SystemTagListHandler(c *gin.Context) { Select(SystemTagSelect). Group("sq.tag") - tx, meta, params, err := ListCommon(query, c, nil, nil, SystemTagsOpts) + tx, meta, params, err := ListCommon(query, c, nil, SystemTagsOpts) if !checkSortMeta(meta.Sort) { LogAndRespBadRequest(c, errors.New("invalid sort field(s)"), "invalid sort") return diff --git a/manager/controllers/utils.go b/manager/controllers/utils.go index 33518228a..d9797631b 100644 --- a/manager/controllers/utils.go +++ b/manager/controllers/utils.go @@ -192,7 +192,7 @@ func extractTagsQueryString(c *gin.Context) string { } // nolint: funlen, lll -func ListCommon(tx *gorm.DB, c *gin.Context, filters Filters, tagFilter Filters, opts ListOpts, params ...string) ( +func ListCommon(tx *gorm.DB, c *gin.Context, filters Filters, opts ListOpts, params ...string) ( *gorm.DB, *ListMeta, []string, error) { hasSystems := true limit, offset, err := utils.LoadLimitOffset(c, core.DefaultLimit) @@ -237,7 +237,6 @@ func ListCommon(tx *gorm.DB, c *gin.Context, filters Filters, tagFilter Filters, tagQ := extractTagsQueryString(c) params = append(params, filters.ToQueryParams(), sortQ, tagQ, searchQ) - mergeMaps(meta.Filter, tagFilter) if limit != -1 { tx = tx.Limit(limit) @@ -697,12 +696,6 @@ func isFilterInURLValid(c *gin.Context) bool { return true } -func mergeMaps(first map[string]FilterData, second map[string]FilterData) { - for key, val := range second { - first[key] = val - } -} - // Pagination query for handlers where ListCommon is not used func Paginate(tx *gorm.DB, limit *int, offset *int) (int, int, error) { var total int64 From 06447b3b66087e2218762526852920136bf41de6 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Mon, 31 Jul 2023 15:59:12 +0200 Subject: [PATCH 204/268] RHINENG-1197: update tests to new Filters type --- manager/controllers/advisories_test.go | 6 +-- manager/controllers/advisory_systems_test.go | 6 +-- manager/controllers/filter_test.go | 8 ++-- manager/controllers/package_systems_test.go | 4 +- manager/controllers/packages_test.go | 4 +- manager/controllers/systems_test.go | 40 ++++++++++---------- 6 files changed, 34 insertions(+), 34 deletions(-) diff --git a/manager/controllers/advisories_test.go b/manager/controllers/advisories_test.go index be4ae2d70..527f20a87 100644 --- a/manager/controllers/advisories_test.go +++ b/manager/controllers/advisories_test.go @@ -308,9 +308,9 @@ func TestAdvisoryTagsInMetadata(t *testing.T) { CheckResponse(t, w, http.StatusOK, &output) testMap := map[string]FilterData{ - "ns1/k1": {"eq", []string{"val1"}}, - "ns1/k3": {"eq", []string{"val4"}}, - "applicable_systems": {"gt", []string{"0"}}, + "ns1/k1": {Operator: "eq", Values: []string{"val1"}}, + "ns1/k3": {Operator: "eq", Values: []string{"val4"}}, + "applicable_systems": {Operator: "gt", Values: []string{"0"}}, } assert.Equal(t, testMap, output.Meta.Filter) } diff --git a/manager/controllers/advisory_systems_test.go b/manager/controllers/advisory_systems_test.go index 27b250c54..eceb70129 100644 --- a/manager/controllers/advisory_systems_test.go +++ b/manager/controllers/advisory_systems_test.go @@ -151,9 +151,9 @@ func TestAdvisorySystemsTagsInMetadata(t *testing.T) { CheckResponse(t, w, http.StatusOK, &output) testMap := map[string]FilterData{ - "ns1/k1": {"eq", []string{"val1"}}, - "ns1/k3": {"eq", []string{"val4"}}, - "stale": {"eq", []string{"false"}}, + "ns1/k1": {Operator: "eq", Values: []string{"val1"}}, + "ns1/k3": {Operator: "eq", Values: []string{"val4"}}, + "stale": {Operator: "eq", Values: []string{"false"}}, } assert.Equal(t, testMap, output.Meta.Filter) } diff --git a/manager/controllers/filter_test.go b/manager/controllers/filter_test.go index b4422b934..d219c203f 100644 --- a/manager/controllers/filter_test.go +++ b/manager/controllers/filter_test.go @@ -34,7 +34,7 @@ func TestFilterParse(t *testing.T) { } for i, f := range testFilters { - filter := ParseFilterValue(f) + filter := ParseFilterValue(ColumnFilter, f) assert.Equal(t, operators[i], filter.Operator) assert.Equal(t, values[i], filter.Values) } @@ -51,7 +51,7 @@ func TestFilterToSql(t *testing.T) { } for i, f := range testFilters { - filter := ParseFilterValue(f) + filter := ParseFilterValue(ColumnFilter, f) attrMap := database.AttrMap{"test": {DataQuery: "test", OrderQuery: "test", Parser: dummyParser}} query, _, err := filter.ToWhere("test", attrMap) @@ -71,7 +71,7 @@ func TestFilterToSqlAdvanced(t *testing.T) { } for i, f := range testFilters { - filter := ParseFilterValue(f) + filter := ParseFilterValue(ColumnFilter, f) attrMap := database.AttrMap{"test": {DataQuery: "(NOT test)", OrderQuery: "(NOT test)", Parser: dummyParser}} query, _, err := filter.ToWhere("test", attrMap) assert.Equal(t, nil, err) @@ -81,7 +81,7 @@ func TestFilterToSqlAdvanced(t *testing.T) { // Filter out null characters func TestFilterInvalidValue(t *testing.T) { - filter := ParseFilterValue("eq:aa\u0000aa") + filter := ParseFilterValue(ColumnFilter, "eq:aa\u0000aa") attrMap, _, err := database.GetQueryAttrs(struct{ V string }{""}) assert.NoError(t, err) _, value, err := filter.ToWhere("V", attrMap) diff --git a/manager/controllers/package_systems_test.go b/manager/controllers/package_systems_test.go index 67e1a97a8..40433c1fc 100644 --- a/manager/controllers/package_systems_test.go +++ b/manager/controllers/package_systems_test.go @@ -83,8 +83,8 @@ func TestPackageSystemsTagsInMetadata(t *testing.T) { ParseResponseBody(t, w.Body.Bytes(), &output) testMap := map[string]FilterData{ - "ns1/k1": {"eq", []string{"val1"}}, - "ns1/k3": {"eq", []string{"val4"}}, + "ns1/k1": {Operator: "eq", Values: []string{"val1"}}, + "ns1/k3": {Operator: "eq", Values: []string{"val4"}}, } assert.Equal(t, testMap, output.Meta.Filter) } diff --git a/manager/controllers/packages_test.go b/manager/controllers/packages_test.go index 7c209f2d3..87a263872 100644 --- a/manager/controllers/packages_test.go +++ b/manager/controllers/packages_test.go @@ -95,8 +95,8 @@ func TestPackageTagsInMetadata(t *testing.T) { CheckResponse(t, w, http.StatusOK, &output) testMap := map[string]FilterData{ - "ns1/k1": {"eq", []string{"val1"}}, - "ns1/k3": {"eq", []string{"val4"}}, + "ns1/k1": {Operator: "eq", Values: []string{"val1"}}, + "ns1/k3": {Operator: "eq", Values: []string{"val4"}}, } assert.Equal(t, testMap, output.Meta.Filter) } diff --git a/manager/controllers/systems_test.go b/manager/controllers/systems_test.go index d93ab8048..5129a6f82 100644 --- a/manager/controllers/systems_test.go +++ b/manager/controllers/systems_test.go @@ -254,9 +254,9 @@ func TestSystemsTagsInMetadata(t *testing.T) { ParseResponseBody(t, w.Body.Bytes(), &output) testMap := map[string]FilterData{ - "ns1/k1": {"eq", []string{"val1"}}, - "ns1/k3": {"eq", []string{"val4"}}, - "stale": {"eq", []string{"false"}}, + "ns1/k1": {Operator: "eq", Values: []string{"val1"}}, + "ns1/k3": {Operator: "eq", Values: []string{"val4"}}, + "stale": {Operator: "eq", Values: []string{"false"}}, } assert.Equal(t, testMap, output.Meta.Filter) } @@ -265,8 +265,8 @@ func TestSAPSystemMeta1(t *testing.T) { url := "/?filter[system_profile][sap_sids]=ABC" output := testSystems(t, url, 1) testMap := map[string]FilterData{ - "sap_sids": {"eq", []string{"ABC"}}, - "stale": {"eq", []string{"false"}}, + "sap_sids": {Operator: "eq", Values: []string{"ABC"}}, + "stale": {Operator: "eq", Values: []string{"false"}}, } assert.Equal(t, testMap, output.Meta.Filter) } @@ -275,8 +275,8 @@ func TestSAPSystemMeta2(t *testing.T) { url := "/?filter[system_profile][sap_sids]=ABC" output := testSystems(t, url, 1) testMap := map[string]FilterData{ - "sap_sids": {"eq", []string{"ABC"}}, - "stale": {"eq", []string{"false"}}, + "sap_sids": {Operator: "eq", Values: []string{"ABC"}}, + "stale": {Operator: "eq", Values: []string{"false"}}, } assert.Equal(t, testMap, output.Meta.Filter) } @@ -285,9 +285,9 @@ func TestSAPSystemMeta3(t *testing.T) { url := sapABCFilter output := testSystems(t, url, 1) testMap := map[string]FilterData{ - "sap_system": {"eq", []string{"true"}}, - "sap_sids": {"eq", []string{"ABC"}}, - "stale": {"eq", []string{"false"}}, + "sap_system": {Operator: "eq", Values: []string{"true"}}, + "sap_sids": {Operator: "eq", Values: []string{"ABC"}}, + "stale": {Operator: "eq", Values: []string{"false"}}, } assert.Equal(t, testMap, output.Meta.Filter) } @@ -296,8 +296,8 @@ func TestSAPSystemMeta4(t *testing.T) { url := "/?filter[system_profile][sap_sids]=ABC&filter[system_profile][sap_sids]=GHI" output := testSystems(t, url, 1) testMap := map[string]FilterData{ - "sap_sids": {"eq", []string{"GHI", "ABC"}}, - "stale": {"eq", []string{"false"}}, + "sap_sids": {Operator: "eq", Values: []string{"GHI", "ABC"}}, + "stale": {Operator: "eq", Values: []string{"false"}}, } assert.Equal(t, testMap, output.Meta.Filter) } @@ -306,8 +306,8 @@ func TestAAPSystemMeta(t *testing.T) { url := `/?filter[system_profile][ansible][controller_version]=1.0` output := testSystems(t, url, 1) testMap := map[string]FilterData{ - "ansible->controller_version": {"eq", []string{"1.0"}}, - "stale": {"eq", []string{"false"}}, + "ansible->controller_version": {Operator: "eq", Values: []string{"1.0"}}, + "stale": {Operator: "eq", Values: []string{"false"}}, } assert.Equal(t, testMap, output.Meta.Filter) } @@ -316,8 +316,8 @@ func TestAAPSystemMeta2(t *testing.T) { url := `/?filter[system_profile][ansible]=not_nil` output := testSystems(t, url, 1) testMap := map[string]FilterData{ - "ansible": {"eq", []string{"not_nil"}}, - "stale": {"eq", []string{"false"}}, + "ansible": {Operator: "eq", Values: []string{"not_nil"}}, + "stale": {Operator: "eq", Values: []string{"false"}}, } assert.Equal(t, testMap, output.Meta.Filter) } @@ -337,8 +337,8 @@ func TestMSSQLSystemMeta(t *testing.T) { url := `/?filter[system_profile][mssql][version]=15.3.0` output := testSystems(t, url, 1) testMap := map[string]FilterData{ - "mssql->version": {"eq", []string{"15.3.0"}}, - "stale": {"eq", []string{"false"}}, + "mssql->version": {Operator: "eq", Values: []string{"15.3.0"}}, + "stale": {Operator: "eq", Values: []string{"false"}}, } assert.Equal(t, testMap, output.Meta.Filter) } @@ -347,8 +347,8 @@ func TestMSSQLSystemMeta2(t *testing.T) { url := `/?filter[system_profile][mssql]=not_nil` output := testSystems(t, url, 1) testMap := map[string]FilterData{ - "mssql": {"eq", []string{"not_nil"}}, - "stale": {"eq", []string{"false"}}, + "mssql": {Operator: "eq", Values: []string{"not_nil"}}, + "stale": {Operator: "eq", Values: []string{"false"}}, } assert.Equal(t, testMap, output.Meta.Filter) } From c297c25bb1939c4d59af92a7bfd8cb3ff1b8e0a0 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Tue, 1 Aug 2023 10:28:28 +0200 Subject: [PATCH 205/268] RHINENG-1197: unify generation of tags for meta section --- manager/controllers/filter.go | 6 +++++- manager/controllers/utils.go | 13 +------------ 2 files changed, 6 insertions(+), 13 deletions(-) diff --git a/manager/controllers/filter.go b/manager/controllers/filter.go index 3f854cfa7..d09816039 100644 --- a/manager/controllers/filter.go +++ b/manager/controllers/filter.go @@ -144,7 +144,11 @@ func (t Filters) ToQueryParams() string { parts := make([]string, 0, len(t)) for name, v := range t { values := strings.Join(v.Values, ",") - parts = append(parts, fmt.Sprintf("filter[%s]=%s:%s", name, v.Operator, values)) + if v.Type == TagFilter { + parts = append(parts, fmt.Sprintf("tags=%s=%s", name, values)) + } else { + parts = append(parts, fmt.Sprintf("filter[%s]=%s:%s", name, v.Operator, values)) + } } return strings.Join(parts, "&") } diff --git a/manager/controllers/utils.go b/manager/controllers/utils.go index d9797631b..f069dd280 100644 --- a/manager/controllers/utils.go +++ b/manager/controllers/utils.go @@ -182,15 +182,6 @@ func ExportListCommon(tx *gorm.DB, c *gin.Context, opts ListOpts) (*gorm.DB, err return tx, nil } -func extractTagsQueryString(c *gin.Context) string { - var tagQ string - var tags = c.QueryArray("tags") - for _, t := range tags { - tagQ = fmt.Sprintf("tags=%s&%s", t, tagQ) - } - return strings.TrimSuffix(tagQ, "&") -} - // nolint: funlen, lll func ListCommon(tx *gorm.DB, c *gin.Context, filters Filters, opts ListOpts, params ...string) ( *gorm.DB, *ListMeta, []string, error) { @@ -234,9 +225,7 @@ func ListCommon(tx *gorm.DB, c *gin.Context, filters Filters, opts ListOpts, par HasSystems: &hasSystems, } - tagQ := extractTagsQueryString(c) - - params = append(params, filters.ToQueryParams(), sortQ, tagQ, searchQ) + params = append(params, filters.ToQueryParams(), sortQ, searchQ) if limit != -1 { tx = tx.Limit(limit) From 3dd87bdbda0c469962761d54c05ad8800ab68f14 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Tue, 1 Aug 2023 11:42:50 +0200 Subject: [PATCH 206/268] RHINENG-1197: update tests to new meta section --- manager/controllers/advisories_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manager/controllers/advisories_test.go b/manager/controllers/advisories_test.go index 527f20a87..463df7ad6 100644 --- a/manager/controllers/advisories_test.go +++ b/manager/controllers/advisories_test.go @@ -274,7 +274,7 @@ func TestAdvisoriesTags(t *testing.T) { assert.Equal(t, 8, len(output.Data)) assert.Equal(t, 1, output.Data[0].Attributes.InstallableSystems) assert.Equal(t, 2, output.Data[0].Attributes.ApplicableSystems) - assert.Equal(t, "/?offset=0&limit=20&filter[applicable_systems]=gt:0&sort=id&tags=ns1/k2=val2", output.Links.First) + assert.Equal(t, "/?offset=0&limit=20&tags=ns1/k2=val2&filter[applicable_systems]=gt:0&sort=id", output.Links.First) } func TestListAdvisoriesTagsInvalid(t *testing.T) { From 1494ec5dbb0cd24d48cbff81880e2320c69230ef Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Tue, 1 Aug 2023 13:21:21 +0200 Subject: [PATCH 207/268] RHINENG-1197: move group_name handling into buildInventoryQuery() --- manager/controllers/utils.go | 49 ++++++++++++++---------------------- 1 file changed, 19 insertions(+), 30 deletions(-) diff --git a/manager/controllers/utils.go b/manager/controllers/utils.go index f069dd280..946233279 100644 --- a/manager/controllers/utils.go +++ b/manager/controllers/utils.go @@ -29,15 +29,6 @@ var tagRegex = regexp.MustCompile(`([^/=]+)/([^/=]+)(=([^/=]+))?`) var enableCyndiTags = utils.GetBoolEnvOrDefault("ENABLE_CYNDI_TAGS", false) var disableCachedCounts = utils.GetBoolEnvOrDefault("DISABLE_CACHE_COUNTS", false) -var validSystemProfileFilters = map[string]bool{ - "sap_sids": true, - "sap_system": true, - "mssql": true, - "mssql->version": true, - "ansible": true, - "ansible->controller_version": true, -} - func LogAndRespError(c *gin.Context, err error, respMsg string) { utils.LogError("err", err.Error(), respMsg) c.AbortWithStatusJSON(http.StatusInternalServerError, utils.ErrorResponse{Error: respMsg}) @@ -416,37 +407,35 @@ func ApplyInventoryWhere(filters map[string]FilterData, tx *gorm.DB) (*gorm.DB, continue } - if validSystemProfileFilters[key] { - tx = buildSystemProfileQuery(tx, key, val.Values) - + if val.Type == InventoryFilter { + tx = buildInventoryQuery(tx, key, val.Values) applied = true continue } - - if strings.Contains(key, "group_name") { - groups := []string{} - for _, v := range val.Values { - name := v - group, err := utils.ParseInventoryGroup(nil, &name) - if err != nil { - // couldn't marshal inventory group to json - continue - } - groups = append(groups, group) - } - jsonq := fmt.Sprintf("{%s}", strings.Join(groups, ",")) - tx = tx.Where("ih.groups @> ANY (?::jsonb[])", jsonq) - applied = true - } } return tx, applied } -// Builds system_profile sub query in generic way. +// Builds inventory sub query in generic way. // Example: // buildSystemProfileQuery("mssql->version", "1.0") // returns "(ih.system_profile -> 'mssql' ->> 'version')::text = 1.0" -func buildSystemProfileQuery(tx *gorm.DB, key string, values []string) *gorm.DB { +func buildInventoryQuery(tx *gorm.DB, key string, values []string) *gorm.DB { + if strings.Contains(key, "group_name") { + groups := []string{} + for _, v := range values { + name := v + group, err := utils.ParseInventoryGroup(nil, &name) + if err != nil { + // couldn't marshal inventory group to json + continue + } + groups = append(groups, group) + } + jsonq := fmt.Sprintf("{%s}", strings.Join(groups, ",")) + return tx.Where("ih.groups @> ANY (?::jsonb[])", jsonq) + } + var cmp string var val string From 425d9a18aad254cb4ff305881e7ac8ee830a0a28 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Tue, 1 Aug 2023 15:16:50 +0200 Subject: [PATCH 208/268] RHINENG-1197: keep canonical name of filters so we can put them back into links in meta section --- manager/controllers/utils.go | 46 ++++++++++++++++-------------------- 1 file changed, 21 insertions(+), 25 deletions(-) diff --git a/manager/controllers/utils.go b/manager/controllers/utils.go index 946233279..a26272cc1 100644 --- a/manager/controllers/utils.go +++ b/manager/controllers/utils.go @@ -96,15 +96,15 @@ type NestedFilterMap map[string]string var nestedFilters = NestedFilterMap{ "group_name": "group_name", "group_name][in": "group_name", // obsoleted, backward compatible - "system_profile][sap_system": "sap_system", - "system_profile][sap_sids": "sap_sids", - "system_profile][sap_sids][": "sap_sids", // obsoleted, backward compatible - "system_profile][sap_sids][in": "sap_sids", // obsoleted, backward compatible - "system_profile][sap_sids][in][": "sap_sids", // obsoleted, backward compatible - "system_profile][ansible": "ansible", - "system_profile][ansible][controller_version": "ansible->controller_version", - "system_profile][mssql": "mssql", - "system_profile][mssql][version": "mssql->version", + "system_profile][sap_system": "system_profile][sap_system", + "system_profile][sap_sids": "system_profile][sap_sids", + "system_profile][sap_sids][": "system_profile][sap_sids", // obsoleted, backward compatible + "system_profile][sap_sids][in": "system_profile][sap_sids", // obsoleted, backward compatible + "system_profile][sap_sids][in][": "system_profile][sap_sids", // obsoleted, backward compatible + "system_profile][ansible": "system_profile][ansible", + "system_profile][ansible][controller_version": "system_profile][ansible][controller_version", + "system_profile][mssql": "system_profile][mssql", + "system_profile][mssql][version": "system_profile][mssql][version", } func ParseFilters(c *gin.Context, filters Filters, allowedFields database.AttrMap, @@ -437,31 +437,27 @@ func buildInventoryQuery(tx *gorm.DB, key string, values []string) *gorm.DB { } var cmp string - var val string + val := values[0] - switch key { - case "sap_sids": + switch { + case val == "not_nil": + cmp = " is not null" + case strings.Contains(key, "[sap_sids"): cmp = "::jsonb @> ?::jsonb" bval, _ := json.Marshal(values) val = string(bval) default: cmp = "::text = ?" - val = values[0] } - if val == "not_nil" { - cmp = " is not null" + sbkeys := strings.Split(key, "][") + subq := fmt.Sprintf("(ih.%s", sbkeys[0]) + nSbkeys := len(sbkeys) + if nSbkeys > 2 { + subq = fmt.Sprintf("%s -> '%s'", subq, strings.Join(sbkeys[1:nSbkeys-1], "' -> '")) } - - subq := "(ih.system_profile" - sbkeys := strings.Split(key, "->") - for i, sbkey := range sbkeys { - sbkey = fmt.Sprintf("'%s'", sbkey) - if i == len(sbkeys)-1 { - subq = fmt.Sprintf("%s ->> %s)", subq, sbkey) - } else { - subq = fmt.Sprintf("%s -> %s", subq, sbkey) - } + if nSbkeys > 1 { + subq = fmt.Sprintf("%s ->> '%s')", subq, sbkeys[nSbkeys-1]) } subq = fmt.Sprintf("%s%s", subq, cmp) From 70902dc6484729e7633c7701452af438075b2126 Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Tue, 1 Aug 2023 15:41:59 +0200 Subject: [PATCH 209/268] RHINENG-1197: update test for canonical filter names --- manager/controllers/systems_test.go | 34 ++++++++++++++--------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/manager/controllers/systems_test.go b/manager/controllers/systems_test.go index 5129a6f82..4087a48a7 100644 --- a/manager/controllers/systems_test.go +++ b/manager/controllers/systems_test.go @@ -265,8 +265,8 @@ func TestSAPSystemMeta1(t *testing.T) { url := "/?filter[system_profile][sap_sids]=ABC" output := testSystems(t, url, 1) testMap := map[string]FilterData{ - "sap_sids": {Operator: "eq", Values: []string{"ABC"}}, - "stale": {Operator: "eq", Values: []string{"false"}}, + "system_profile][sap_sids": {Operator: "eq", Values: []string{"ABC"}}, + "stale": {Operator: "eq", Values: []string{"false"}}, } assert.Equal(t, testMap, output.Meta.Filter) } @@ -275,8 +275,8 @@ func TestSAPSystemMeta2(t *testing.T) { url := "/?filter[system_profile][sap_sids]=ABC" output := testSystems(t, url, 1) testMap := map[string]FilterData{ - "sap_sids": {Operator: "eq", Values: []string{"ABC"}}, - "stale": {Operator: "eq", Values: []string{"false"}}, + "system_profile][sap_sids": {Operator: "eq", Values: []string{"ABC"}}, + "stale": {Operator: "eq", Values: []string{"false"}}, } assert.Equal(t, testMap, output.Meta.Filter) } @@ -285,9 +285,9 @@ func TestSAPSystemMeta3(t *testing.T) { url := sapABCFilter output := testSystems(t, url, 1) testMap := map[string]FilterData{ - "sap_system": {Operator: "eq", Values: []string{"true"}}, - "sap_sids": {Operator: "eq", Values: []string{"ABC"}}, - "stale": {Operator: "eq", Values: []string{"false"}}, + "system_profile][sap_system": {Operator: "eq", Values: []string{"true"}}, + "system_profile][sap_sids": {Operator: "eq", Values: []string{"ABC"}}, + "stale": {Operator: "eq", Values: []string{"false"}}, } assert.Equal(t, testMap, output.Meta.Filter) } @@ -296,8 +296,8 @@ func TestSAPSystemMeta4(t *testing.T) { url := "/?filter[system_profile][sap_sids]=ABC&filter[system_profile][sap_sids]=GHI" output := testSystems(t, url, 1) testMap := map[string]FilterData{ - "sap_sids": {Operator: "eq", Values: []string{"GHI", "ABC"}}, - "stale": {Operator: "eq", Values: []string{"false"}}, + "system_profile][sap_sids": {Operator: "eq", Values: []string{"GHI", "ABC"}}, + "stale": {Operator: "eq", Values: []string{"false"}}, } assert.Equal(t, testMap, output.Meta.Filter) } @@ -306,8 +306,8 @@ func TestAAPSystemMeta(t *testing.T) { url := `/?filter[system_profile][ansible][controller_version]=1.0` output := testSystems(t, url, 1) testMap := map[string]FilterData{ - "ansible->controller_version": {Operator: "eq", Values: []string{"1.0"}}, - "stale": {Operator: "eq", Values: []string{"false"}}, + "system_profile][ansible][controller_version": {Operator: "eq", Values: []string{"1.0"}}, + "stale": {Operator: "eq", Values: []string{"false"}}, } assert.Equal(t, testMap, output.Meta.Filter) } @@ -316,8 +316,8 @@ func TestAAPSystemMeta2(t *testing.T) { url := `/?filter[system_profile][ansible]=not_nil` output := testSystems(t, url, 1) testMap := map[string]FilterData{ - "ansible": {Operator: "eq", Values: []string{"not_nil"}}, - "stale": {Operator: "eq", Values: []string{"false"}}, + "system_profile][ansible": {Operator: "eq", Values: []string{"not_nil"}}, + "stale": {Operator: "eq", Values: []string{"false"}}, } assert.Equal(t, testMap, output.Meta.Filter) } @@ -337,8 +337,8 @@ func TestMSSQLSystemMeta(t *testing.T) { url := `/?filter[system_profile][mssql][version]=15.3.0` output := testSystems(t, url, 1) testMap := map[string]FilterData{ - "mssql->version": {Operator: "eq", Values: []string{"15.3.0"}}, - "stale": {Operator: "eq", Values: []string{"false"}}, + "system_profile][mssql][version": {Operator: "eq", Values: []string{"15.3.0"}}, + "stale": {Operator: "eq", Values: []string{"false"}}, } assert.Equal(t, testMap, output.Meta.Filter) } @@ -347,8 +347,8 @@ func TestMSSQLSystemMeta2(t *testing.T) { url := `/?filter[system_profile][mssql]=not_nil` output := testSystems(t, url, 1) testMap := map[string]FilterData{ - "mssql": {Operator: "eq", Values: []string{"not_nil"}}, - "stale": {Operator: "eq", Values: []string{"false"}}, + "system_profile][mssql": {Operator: "eq", Values: []string{"not_nil"}}, + "stale": {Operator: "eq", Values: []string{"false"}}, } assert.Equal(t, testMap, output.Meta.Filter) } From 2ac3882af86fd0f17a8935d3f56649a1cd5ca84f Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Fri, 4 Aug 2023 08:13:15 +0000 Subject: [PATCH 210/268] v3.4.15 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index a5d1d3644..67a97489f 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.14 +v3.4.15 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 88e38fa6d..ffa73b12b 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -553,7 +553,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.14} +- {name: IMAGE_TAG_MANAGER, value: v3.4.15} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -577,7 +577,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.14} +- {name: IMAGE_TAG_LISTENER, value: v3.4.15} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -598,7 +598,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.14} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.15} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -623,7 +623,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.14} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.15} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -646,7 +646,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.14} +- {name: IMAGE_TAG_JOBS, value: v3.4.15} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -691,7 +691,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.14} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.15} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -723,7 +723,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.14} +- {name: IMAGE_TAG_ADMIN, value: v3.4.15} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index c44c16c88..1ee3d6561 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.14" + "version": "v3.4.15" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 42ea3fd74..2e145eb10 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.14" + "version": "v3.4.15" }, "servers": [ { From 696b9b45accbfced2f3f7433b66b901f8359fc66 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 7 Aug 2023 17:00:52 +0200 Subject: [PATCH 211/268] SPM-2167: fix filters in system_advisories --- manager/controllers/system_advisories.go | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/manager/controllers/system_advisories.go b/manager/controllers/system_advisories.go index b56fc4429..740a8c395 100644 --- a/manager/controllers/system_advisories.go +++ b/manager/controllers/system_advisories.go @@ -76,9 +76,14 @@ func systemAdvisoriesCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, erro return nil, nil, nil, errors.New("incorrect inventory_id format") } + filters, err := ParseAllFilters(c, SystemAdvisoriesOpts) + if err != nil { + return nil, nil, nil, err + } // Error handled method itself + db := middlewares.DBFromContext(c) var exists int64 - err := db.Model(&models.SystemPlatform{}).Where("inventory_id = ?::uuid ", inventoryID). + err = db.Model(&models.SystemPlatform{}).Where("inventory_id = ?::uuid ", inventoryID). Count(&exists).Error if err != nil { @@ -92,7 +97,7 @@ func systemAdvisoriesCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, erro } query := buildSystemAdvisoriesQuery(db, account, groups, inventoryID) - query, meta, params, err := ListCommon(query, c, nil, SystemAdvisoriesOpts) + query, meta, params, err := ListCommon(query, c, filters, SystemAdvisoriesOpts) // Error handling and setting of result code & content is done in ListCommon return query, meta, params, err } From e64debafe85721e18ba359951a917b1300292086 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Mon, 7 Aug 2023 16:08:23 +0000 Subject: [PATCH 212/268] v3.4.16 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 67a97489f..b2db0a1b8 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.15 +v3.4.16 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index ffa73b12b..721e64fbf 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -553,7 +553,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.15} +- {name: IMAGE_TAG_MANAGER, value: v3.4.16} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -577,7 +577,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.15} +- {name: IMAGE_TAG_LISTENER, value: v3.4.16} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -598,7 +598,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.15} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.16} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -623,7 +623,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.15} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.16} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -646,7 +646,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.15} +- {name: IMAGE_TAG_JOBS, value: v3.4.16} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -691,7 +691,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.15} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.16} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -723,7 +723,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.15} +- {name: IMAGE_TAG_ADMIN, value: v3.4.16} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 1ee3d6561..9b896439a 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.15" + "version": "v3.4.16" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 2e145eb10..5c7cc2ba3 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.15" + "version": "v3.4.16" }, "servers": [ { From eabbcfb2c3778dde7a354d458c41a3b4214f53f9 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Tue, 8 Aug 2023 14:56:31 +0000 Subject: [PATCH 213/268] RHINENG-1488: return error in http client for non 2xx status code --- base/utils/http.go | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/base/utils/http.go b/base/utils/http.go index 229a3ddd0..a86633bc9 100644 --- a/base/utils/http.go +++ b/base/utils/http.go @@ -56,6 +56,12 @@ func CallAPI(client *http.Client, request *http.Request, debugEnabled bool) (*ht return resp, err } + if resp.StatusCode < http.StatusOK || resp.StatusCode > 299 { + // we got non 2xx status code, return error + // return also the response which is used for request retry + return resp, fmt.Errorf("received non 2xx status code, status code: %d", resp.StatusCode) + } + if debugEnabled { dump, err := httputil.DumpResponse(resp, true) if err != nil { From f69407435d7371194a0c7a06c3d19747863423eb Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Tue, 8 Aug 2023 15:47:06 +0000 Subject: [PATCH 214/268] v3.4.17 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index b2db0a1b8..5b2e1e734 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.16 +v3.4.17 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 721e64fbf..aacaddc70 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -553,7 +553,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.16} +- {name: IMAGE_TAG_MANAGER, value: v3.4.17} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -577,7 +577,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.16} +- {name: IMAGE_TAG_LISTENER, value: v3.4.17} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -598,7 +598,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.16} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.17} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -623,7 +623,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.16} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.17} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -646,7 +646,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.16} +- {name: IMAGE_TAG_JOBS, value: v3.4.17} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -691,7 +691,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.16} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.17} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -723,7 +723,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.16} +- {name: IMAGE_TAG_ADMIN, value: v3.4.17} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 9b896439a..8ef2ba949 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.16" + "version": "v3.4.17" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 5c7cc2ba3..2d6103f7d 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.16" + "version": "v3.4.17" }, "servers": [ { From afd0593d6dba21fd420dc72d4024378ee5393bde Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Tue, 8 Aug 2023 16:56:09 +0200 Subject: [PATCH 215/268] RHINENG-1495: fix system_packages filters --- manager/controllers/system_packages.go | 2 +- manager/controllers/system_packages_test.go | 11 +++++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/manager/controllers/system_packages.go b/manager/controllers/system_packages.go index c74a88d5a..7c9fbe133 100644 --- a/manager/controllers/system_packages.go +++ b/manager/controllers/system_packages.go @@ -117,7 +117,7 @@ func SystemPackagesHandler(c *gin.Context) { LogAndRespBadRequest(c, errors.New("bad request"), "incorrect inventory_id format") return } - filters, err := ParseAllFilters(c, PackageSystemsOpts) + filters, err := ParseAllFilters(c, SystemPackagesOpts) if err != nil { // Error handled in method itself return diff --git a/manager/controllers/system_packages_test.go b/manager/controllers/system_packages_test.go index d015248c7..cc8da3c90 100644 --- a/manager/controllers/system_packages_test.go +++ b/manager/controllers/system_packages_test.go @@ -57,6 +57,17 @@ func TestSystemPackagesUpdatableOnly(t *testing.T) { assert.Equal(t, output.Data[0].Name, "firefox") } +func TestSystemPackagesName(t *testing.T) { + core.SetupTest(t) + w := CreateRequestRouterWithParams("GET", "/00000000-0000-0000-0000-000000000013/packages?filter[name]=firefox", + nil, "", SystemPackagesHandler, 3, "GET", "/:inventory_id/packages") + + var output SystemPackageResponseV3 + CheckResponse(t, w, http.StatusOK, &output) + assert.Len(t, output.Data, 1) + assert.Equal(t, output.Data[0].Name, "firefox") +} + func TestSystemPackagesNonUpdatableOnly(t *testing.T) { core.SetupTest(t) w := CreateRequestRouterWithParams("GET", From 9d761af9274bbf9921c7d7079caced72f86092df Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Tue, 8 Aug 2023 16:49:12 +0000 Subject: [PATCH 216/268] RHINENG-1496: fix advisories_export filter opts --- manager/controllers/advisories_export.go | 2 +- manager/controllers/advisories_export_test.go | 17 ++++++++++------- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/manager/controllers/advisories_export.go b/manager/controllers/advisories_export.go index acc5f4f99..15c186037 100644 --- a/manager/controllers/advisories_export.go +++ b/manager/controllers/advisories_export.go @@ -30,7 +30,7 @@ import ( func AdvisoriesExportHandler(c *gin.Context) { account := c.GetInt(middlewares.KeyAccount) groups := c.GetStringMapString(middlewares.KeyInventoryGroups) - filters, err := ParseAllFilters(c, SystemOpts) + filters, err := ParseAllFilters(c, AdvisoriesOpts) if err != nil { return } diff --git a/manager/controllers/advisories_export_test.go b/manager/controllers/advisories_export_test.go index a7878fa83..c14df717b 100644 --- a/manager/controllers/advisories_export_test.go +++ b/manager/controllers/advisories_export_test.go @@ -53,15 +53,18 @@ func TestAdvisoriesExportWrongFormat(t *testing.T) { func TestAdvisoriesExportCSVFilter(t *testing.T) { core.SetupTest(t) - w := CreateRequest("GET", "/?filter[id]=RH-1", nil, "text/csv", AdvisoriesExportHandler) - assert.Equal(t, http.StatusOK, w.Code) - body := w.Body.String() - lines := strings.Split(body, "\n") + for _, URL := range []string{"/?filter[id]=RH-1", "/?filter[synopsis]=adv-1-syn"} { + w := CreateRequest("GET", URL, nil, "text/csv", AdvisoriesExportHandler) + + assert.Equal(t, http.StatusOK, w.Code) + body := w.Body.String() + lines := strings.Split(body, "\n") - assert.Equal(t, 3, len(lines)) - assert.Equal(t, "RH-1,adv-1-des,2016-09-22T16:00:00Z,adv-1-syn,enhancement,,0,false,\"7.0,7Server\",4,6", lines[1]) - assert.Equal(t, "", lines[2]) + assert.Equal(t, 3, len(lines)) + assert.Equal(t, "RH-1,adv-1-des,2016-09-22T16:00:00Z,adv-1-syn,enhancement,,0,false,\"7.0,7Server\",4,6", lines[1]) + assert.Equal(t, "", lines[2]) + } } func TestAdvisoriesExportTagsInvalid(t *testing.T) { From c6a2715bf53c3418bf1ee3df55cd9593cb445ce4 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Wed, 9 Aug 2023 07:26:39 +0000 Subject: [PATCH 217/268] v3.4.18 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 5b2e1e734..2d7fd1323 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.17 +v3.4.18 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index aacaddc70..e7560ba9f 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -553,7 +553,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.17} +- {name: IMAGE_TAG_MANAGER, value: v3.4.18} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -577,7 +577,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.17} +- {name: IMAGE_TAG_LISTENER, value: v3.4.18} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -598,7 +598,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.17} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.18} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -623,7 +623,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.17} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.18} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -646,7 +646,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.17} +- {name: IMAGE_TAG_JOBS, value: v3.4.18} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -691,7 +691,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.17} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.18} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -723,7 +723,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.17} +- {name: IMAGE_TAG_ADMIN, value: v3.4.18} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 8ef2ba949..341a8f1a7 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.17" + "version": "v3.4.18" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 2d6103f7d..c8a23d768 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.17" + "version": "v3.4.18" }, "servers": [ { From bcf291be26588381182974b93b13885627b00129 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Wed, 9 Aug 2023 15:21:24 +0000 Subject: [PATCH 218/268] fix platform_upload --- conf/platform.env | 1 + platform/platform.go | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/conf/platform.env b/conf/platform.env index 93afde6ef..445055d4a 100644 --- a/conf/platform.env +++ b/conf/platform.env @@ -1 +1,2 @@ +ACG_CONFIG=/go/src/app/conf/cdappconfig.json #KAFKA_ADDRESS=kafka:9092 diff --git a/platform/platform.go b/platform/platform.go index b77b0afb4..f7e7cde57 100644 --- a/platform/platform.go +++ b/platform/platform.go @@ -23,7 +23,7 @@ const uploadEvent = `{ "type": "created", "host": { "id": "00000000-0000-0000-0000-000000000100", - "account": "TEST-0000", + "org_id": "org_1", "reporter": "puptoo", "tags": [ { @@ -169,8 +169,8 @@ func platformMock() { func mockIdentity() string { ident := identity.Identity{ - Type: "User", - AccountNumber: "0", + Type: "User", + OrgID: "org_1", } js, err := json.Marshal(&ident) if err != nil { From 5b72f6cf107ac3c6370cb6b9a07176281c07a26f Mon Sep 17 00:00:00 2001 From: Michael Mraka Date: Thu, 10 Aug 2023 09:21:07 +0200 Subject: [PATCH 219/268] fix platform_upload --- docker-compose.test.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docker-compose.test.yml b/docker-compose.test.yml index 20b32ccfc..5f9e6de96 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -49,9 +49,13 @@ services: restart: unless-stopped ports: - 9001:9001 + volumes: + - ./conf/cdappconfig.json:/go/src/app/conf/cdappconfig.json depends_on: - kafka - db + security_opt: + - label=disable test: container_name: test From db2ca2e194326336a223288bbc25b4367d9ea577 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Thu, 10 Aug 2023 09:16:47 +0000 Subject: [PATCH 220/268] v3.4.19 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 2d7fd1323..5478ea5ff 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.18 +v3.4.19 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index e7560ba9f..096be193f 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -553,7 +553,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.18} +- {name: IMAGE_TAG_MANAGER, value: v3.4.19} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -577,7 +577,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.18} +- {name: IMAGE_TAG_LISTENER, value: v3.4.19} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -598,7 +598,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.18} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.19} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -623,7 +623,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.18} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.19} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -646,7 +646,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.18} +- {name: IMAGE_TAG_JOBS, value: v3.4.19} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -691,7 +691,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.18} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.19} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -723,7 +723,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.18} +- {name: IMAGE_TAG_ADMIN, value: v3.4.19} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 341a8f1a7..4f5b89e6c 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.18" + "version": "v3.4.19" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index c8a23d768..b04670bbe 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.18" + "version": "v3.4.19" }, "servers": [ { From 317e188900beb2c5dc4e9e850d787e804568156a Mon Sep 17 00:00:00 2001 From: yungbender Date: Thu, 10 Aug 2023 11:44:33 +0200 Subject: [PATCH 221/268] SPM-2103: store satellite_managed flag to db --- base/inventory/inventory.go | 1 + base/models/models.go | 1 + .../migrations/113_satellite_managed.down.sql | 1 + .../migrations/113_satellite_managed.up.sql | 1 + database_admin/schema/create_schema.sql | 3 ++- listener/upload.go | 2 ++ listener/upload_test.go | 16 +++++++++++----- 7 files changed, 19 insertions(+), 6 deletions(-) create mode 100644 database_admin/migrations/113_satellite_managed.down.sql create mode 100644 database_admin/migrations/113_satellite_managed.up.sql diff --git a/base/inventory/inventory.go b/base/inventory/inventory.go index a086e94a5..24e0dfa6e 100644 --- a/base/inventory/inventory.go +++ b/base/inventory/inventory.go @@ -9,6 +9,7 @@ type SystemProfile struct { OperatingSystem OperatingSystem `json:"operating_system,omitempty"` Rhsm Rhsm `json:"rhsm,omitempty"` Releasever *string `json:"releasever,omitempty"` + SatelliteManaged bool `json:"satellite_managed,omitempty"` } func (t *SystemProfile) GetInstalledPackages() []string { diff --git a/base/models/models.go b/base/models/models.go index 145dde8af..456fa32e2 100644 --- a/base/models/models.go +++ b/base/models/models.go @@ -67,6 +67,7 @@ type SystemPlatform struct { BaselineID *int64 BaselineUpToDate *bool `gorm:"column:baseline_uptodate"` YumUpdates []byte `gorm:"column:yum_updates"` + SatelliteManaged bool `gorm:"column:satellite_managed"` } func (SystemPlatform) TableName() string { diff --git a/database_admin/migrations/113_satellite_managed.down.sql b/database_admin/migrations/113_satellite_managed.down.sql new file mode 100644 index 000000000..7a08782b8 --- /dev/null +++ b/database_admin/migrations/113_satellite_managed.down.sql @@ -0,0 +1 @@ +ALTER TABLE system_platform DROP COLUMN satellite_managed; diff --git a/database_admin/migrations/113_satellite_managed.up.sql b/database_admin/migrations/113_satellite_managed.up.sql new file mode 100644 index 000000000..1d16d4b95 --- /dev/null +++ b/database_admin/migrations/113_satellite_managed.up.sql @@ -0,0 +1 @@ +ALTER TABLE system_platform ADD COLUMN satellite_managed BOOLEAN NOT NULL DEFAULT FALSE; diff --git a/database_admin/schema/create_schema.sql b/database_admin/schema/create_schema.sql index d95d6ce27..86320c2cb 100644 --- a/database_admin/schema/create_schema.sql +++ b/database_admin/schema/create_schema.sql @@ -7,7 +7,7 @@ CREATE TABLE IF NOT EXISTS schema_migrations INSERT INTO schema_migrations -VALUES (112, false); +VALUES (113, false); -- --------------------------------------------------------------------------- -- Functions @@ -709,6 +709,7 @@ CREATE TABLE IF NOT EXISTS system_platform applicable_advisory_enh_count_cache INT NOT NULL DEFAULT 0, applicable_advisory_bug_count_cache INT NOT NULL DEFAULT 0, applicable_advisory_sec_count_cache INT NOT NULL DEFAULT 0, + satellite_managed BOOLEAN NOT NULL DEFAULT FALSE, PRIMARY KEY (rh_account_id, id), UNIQUE (rh_account_id, inventory_id), CONSTRAINT reporter_id FOREIGN KEY (reporter_id) REFERENCES reporter (id), diff --git a/listener/upload.go b/listener/upload.go index 3f5755117..d7f12fe67 100644 --- a/listener/upload.go +++ b/listener/upload.go @@ -276,6 +276,7 @@ func updateSystemPlatform(tx *gorm.DB, inventoryID string, accountID int, host * "stale_timestamp", "stale_warning_timestamp", "culled_timestamp", + "satellite_managed", } now := time.Now() @@ -299,6 +300,7 @@ func updateSystemPlatform(tx *gorm.DB, inventoryID string, accountID int, host * Stale: staleWarning != nil && staleWarning.Before(time.Now()), ReporterID: getReporterID(host.Reporter), YumUpdates: yumUpdates, + SatelliteManaged: host.SystemProfile.SatelliteManaged, } var oldChecksums map[string]string diff --git a/listener/upload_test.go b/listener/upload_test.go index 03739e05a..c4c2f93e5 100644 --- a/listener/upload_test.go +++ b/listener/upload_test.go @@ -83,6 +83,7 @@ func TestUpdateSystemPlatform(t *testing.T) { assert.Equal(t, sys1.ID, sys2.ID) assert.Equal(t, sys1.InventoryID, sys2.InventoryID) assert.Equal(t, sys1.Stale, sys2.Stale) + assert.Equal(t, sys1.SatelliteManaged, sys2.SatelliteManaged) assert.NotNil(t, sys1.StaleTimestamp) assert.Nil(t, sys1.StaleWarningTimestamp) assert.Nil(t, sys1.CulledTimestamp) @@ -314,13 +315,14 @@ func TestStoreOrUpdateSysPlatform(t *testing.T) { database.Db.Model(&models.SystemPlatform{}).Select("count(*)").Find(&oldCount) database.Db.Raw("select nextval('system_platform_id_seq')").Find(&nextval) - colsToUpdate := []string{"vmaas_json", "json_checksum", "reporter_id"} + colsToUpdate := []string{"vmaas_json", "json_checksum", "reporter_id", "satellite_managed"} json := "this_is_json" inStore := models.SystemPlatform{ - InventoryID: "99990000-0000-0000-0000-000000000001", - RhAccountID: 1, - VmaasJSON: &json, - DisplayName: "display_name", + InventoryID: "99990000-0000-0000-0000-000000000001", + RhAccountID: 1, + VmaasJSON: &json, + DisplayName: "display_name", + SatelliteManaged: false, } // insert new row err := storeOrUpdateSysPlatform(database.Db, &inStore, colsToUpdate) @@ -333,6 +335,7 @@ func TestStoreOrUpdateSysPlatform(t *testing.T) { assert.Equal(t, inStore.InventoryID, outStore.InventoryID) assert.Equal(t, inStore.RhAccountID, outStore.RhAccountID) assert.Equal(t, *inStore.VmaasJSON, *outStore.VmaasJSON) + assert.Equal(t, inStore.SatelliteManaged, outStore.SatelliteManaged) updateJSON := "updated_json" reporter := 2 @@ -341,6 +344,8 @@ func TestStoreOrUpdateSysPlatform(t *testing.T) { inUpdate.JSONChecksum = &updateJSON inUpdate.ReporterID = &reporter inUpdate.DisplayName = "should_not_be_updated" + inUpdate.SatelliteManaged = true + // update row err = storeOrUpdateSysPlatform(database.Db, &inUpdate, colsToUpdate) assert.Nil(t, err) @@ -352,6 +357,7 @@ func TestStoreOrUpdateSysPlatform(t *testing.T) { assert.Equal(t, *inUpdate.VmaasJSON, *outUpdate.VmaasJSON) assert.Equal(t, *inUpdate.JSONChecksum, *outUpdate.JSONChecksum) assert.Equal(t, *inUpdate.ReporterID, *outUpdate.ReporterID) + assert.Equal(t, inUpdate.SatelliteManaged, outUpdate.SatelliteManaged) // it should update the row assert.Equal(t, outStore.ID, outUpdate.ID) // DisplayName is not in colsToUpdate, it should not be updated From b57180a97b45e9efc6ad92a977b7aea21b206521 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Thu, 10 Aug 2023 11:03:33 +0000 Subject: [PATCH 222/268] v3.4.20 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 5478ea5ff..a7e57efe2 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.19 +v3.4.20 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 096be193f..26db93ba8 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -553,7 +553,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.19} +- {name: IMAGE_TAG_MANAGER, value: v3.4.20} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -577,7 +577,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.19} +- {name: IMAGE_TAG_LISTENER, value: v3.4.20} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -598,7 +598,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.19} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.20} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -623,7 +623,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.19} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.20} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -646,7 +646,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.19} +- {name: IMAGE_TAG_JOBS, value: v3.4.20} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -691,7 +691,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.19} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.20} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -723,7 +723,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.19} +- {name: IMAGE_TAG_ADMIN, value: v3.4.20} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 4f5b89e6c..13741bbef 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.19" + "version": "v3.4.20" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index b04670bbe..e6f1c598d 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.19" + "version": "v3.4.20" }, "servers": [ { From 768e3d2a7810bd8d3fcea7d6585b97e45f4f4ee3 Mon Sep 17 00:00:00 2001 From: yungbender Date: Thu, 10 Aug 2023 15:56:50 +0200 Subject: [PATCH 223/268] SPM-2105: store in DB if system was uploaded with cache refreshed --- base/models/models.go | 1 + base/vmaas/vmaas.go | 9 ++++ .../migrations/114_built_pkgcache.down.sql | 1 + .../migrations/114_built_pkgcache.up.sql | 1 + database_admin/schema/create_schema.sql | 3 +- docs/v3/openapi.json | 3 ++ listener/common_test.go | 5 ++- listener/upload.go | 45 +++++++++++++++---- listener/upload_test.go | 2 +- platform/platform.go | 1 + 10 files changed, 59 insertions(+), 12 deletions(-) create mode 100644 database_admin/migrations/114_built_pkgcache.down.sql create mode 100644 database_admin/migrations/114_built_pkgcache.up.sql diff --git a/base/models/models.go b/base/models/models.go index 456fa32e2..8aa673d9e 100644 --- a/base/models/models.go +++ b/base/models/models.go @@ -68,6 +68,7 @@ type SystemPlatform struct { BaselineUpToDate *bool `gorm:"column:baseline_uptodate"` YumUpdates []byte `gorm:"column:yum_updates"` SatelliteManaged bool `gorm:"column:satellite_managed"` + BuiltPkgcache bool `gorm:"column:built_pkgcache"` } func (SystemPlatform) TableName() string { diff --git a/base/vmaas/vmaas.go b/base/vmaas/vmaas.go index 8af91d66e..b301c3b3d 100644 --- a/base/vmaas/vmaas.go +++ b/base/vmaas/vmaas.go @@ -46,6 +46,7 @@ type UpdatesV3Response struct { Releasever *string `json:"releasever,omitempty"` Basearch *string `json:"basearch,omitempty"` LastChange *string `json:"last_change,omitempty"` + BuildPkgcache *bool `json:"build_pkgcache,omitempty"` } // GetUpdateList returns the UpdateList field value if set, zero value otherwise. @@ -57,6 +58,14 @@ func (o *UpdatesV3Response) GetUpdateList() map[string]UpdatesV3ResponseUpdateLi return *o.UpdateList } +// GetBuildPkgcache returns the boolean value for the `build_pkgcache` field of yum_updates +func (o *UpdatesV3Response) GetBuildPkgcache() bool { + if o == nil || o.BuildPkgcache == nil { + return false + } + return *o.BuildPkgcache +} + type UpdatesV3ResponseUpdateList struct { AvailableUpdates *[]UpdatesV3ResponseAvailableUpdates `json:"available_updates,omitempty"` } diff --git a/database_admin/migrations/114_built_pkgcache.down.sql b/database_admin/migrations/114_built_pkgcache.down.sql new file mode 100644 index 000000000..5bf912eb1 --- /dev/null +++ b/database_admin/migrations/114_built_pkgcache.down.sql @@ -0,0 +1 @@ +ALTER TABLE system_platform DROP COLUMN built_pkgcache; diff --git a/database_admin/migrations/114_built_pkgcache.up.sql b/database_admin/migrations/114_built_pkgcache.up.sql new file mode 100644 index 000000000..37d7805f6 --- /dev/null +++ b/database_admin/migrations/114_built_pkgcache.up.sql @@ -0,0 +1 @@ +ALTER TABLE system_platform ADD COLUMN built_pkgcache BOOLEAN NOT NULL DEFAULT FALSE; diff --git a/database_admin/schema/create_schema.sql b/database_admin/schema/create_schema.sql index 86320c2cb..fdff8fda5 100644 --- a/database_admin/schema/create_schema.sql +++ b/database_admin/schema/create_schema.sql @@ -7,7 +7,7 @@ CREATE TABLE IF NOT EXISTS schema_migrations INSERT INTO schema_migrations -VALUES (113, false); +VALUES (114, false); -- --------------------------------------------------------------------------- -- Functions @@ -710,6 +710,7 @@ CREATE TABLE IF NOT EXISTS system_platform applicable_advisory_bug_count_cache INT NOT NULL DEFAULT 0, applicable_advisory_sec_count_cache INT NOT NULL DEFAULT 0, satellite_managed BOOLEAN NOT NULL DEFAULT FALSE, + built_pkgcache BOOLEAN NOT NULL DEFAULT FALSE, PRIMARY KEY (rh_account_id, id), UNIQUE (rh_account_id, inventory_id), CONSTRAINT reporter_id FOREIGN KEY (reporter_id) REFERENCES reporter (id), diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index e6f1c598d..0fdd4ca9f 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -7196,6 +7196,9 @@ "basearch": { "type": "string" }, + "build_pkgcache": { + "type": "boolean" + }, "last_change": { "type": "string" }, diff --git a/listener/common_test.go b/listener/common_test.go index c00454688..18928eb40 100644 --- a/listener/common_test.go +++ b/listener/common_test.go @@ -131,7 +131,7 @@ func assertSystemReposInDB(t *testing.T, systemID int64, repos []string) { assert.Equal(t, c, int64(len(repos))) } -func assertYumUpdatesInDB(t *testing.T, inventoryID string, yumUpdates []byte) { +func assertYumUpdatesInDB(t *testing.T, inventoryID string, yumUpdates *YumUpdates) { var system models.SystemPlatform assert.NoError(t, database.Db.Where("inventory_id = ?::uuid", inventoryID).Find(&system).Error) assert.Equal(t, system.InventoryID, inventoryID) @@ -139,7 +139,8 @@ func assertYumUpdatesInDB(t *testing.T, inventoryID string, yumUpdates []byte) { var yumUpdatesParsed vmaas.UpdatesV3Response err := json.Unmarshal(system.YumUpdates, &systemYumUpdatesParsed) assert.Nil(t, err) - err = json.Unmarshal(yumUpdates, &yumUpdatesParsed) + err = json.Unmarshal(yumUpdates.RawParsed, &yumUpdatesParsed) assert.Nil(t, err) assert.Equal(t, systemYumUpdatesParsed, yumUpdatesParsed) + assert.Equal(t, yumUpdates.BuiltPkgcache, system.BuiltPkgcache) } diff --git a/listener/upload.go b/listener/upload.go index d7f12fe67..c203cad41 100644 --- a/listener/upload.go +++ b/listener/upload.go @@ -77,6 +77,27 @@ type HostCustomMetadata struct { YumUpdatesS3URL *string `json:"yum_updates_s3url,omitempty"` } +type YumUpdates struct { + RawParsed json.RawMessage + BuiltPkgcache bool +} + +// GetRawParsed returns prepared parsed raw yumupdates +func (y *YumUpdates) GetRawParsed() json.RawMessage { + if y == nil { + return nil + } + return y.RawParsed +} + +// GetBuiltPkgcache returns boolean for build_pkgcache from yum_updates +func (y *YumUpdates) GetBuiltPkgcache() bool { + if y == nil { + return false + } + return y.BuiltPkgcache +} + //nolint:funlen func HandleUpload(event HostEvent) error { tStart := time.Now() @@ -126,7 +147,7 @@ func HandleUpload(event HostEvent) error { // don't fail, use vmaas evaluation utils.LogError("err", err, "Could not get yum updates") } - utils.LogTrace("inventoryID", event.Host.ID, "yum_updates", string(yumUpdates)) + utils.LogTrace("inventoryID", event.Host.ID, "yum_updates", string(yumUpdates.GetRawParsed())) if len(event.Host.SystemProfile.GetInstalledPackages()) == 0 && yumUpdates == nil { utils.LogWarn("inventoryID", event.Host.ID, WarnSkippingNoPackages) @@ -256,7 +277,7 @@ func updateReporterCounter(reporter string) { // nolint: funlen // Stores or updates base system profile, returing internal system id func updateSystemPlatform(tx *gorm.DB, inventoryID string, accountID int, host *Host, - yumUpdates []byte, updatesReq *vmaas.UpdatesV3Request) (*models.SystemPlatform, error) { + yumUpdates *YumUpdates, updatesReq *vmaas.UpdatesV3Request) (*models.SystemPlatform, error) { tStart := time.Now() defer utils.ObserveSecondsSince(tStart, messagePartDuration.WithLabelValues("update-system-platform")) updatesReqJSON, err := json.Marshal(updatesReq) @@ -266,7 +287,7 @@ func updateSystemPlatform(tx *gorm.DB, inventoryID string, accountID int, host * hash := sha256.Sum256(updatesReqJSON) jsonChecksum := hex.EncodeToString(hash[:]) - hash = sha256.Sum256(yumUpdates) + hash = sha256.Sum256(yumUpdates.GetRawParsed()) yumChecksum := hex.EncodeToString(hash[:]) var colsToUpdate = []string{ @@ -277,6 +298,7 @@ func updateSystemPlatform(tx *gorm.DB, inventoryID string, accountID int, host * "stale_warning_timestamp", "culled_timestamp", "satellite_managed", + "built_pkgcache", } now := time.Now() @@ -299,8 +321,9 @@ func updateSystemPlatform(tx *gorm.DB, inventoryID string, accountID int, host * CulledTimestamp: host.CulledTimestamp.Time(), Stale: staleWarning != nil && staleWarning.Before(time.Now()), ReporterID: getReporterID(host.Reporter), - YumUpdates: yumUpdates, + YumUpdates: yumUpdates.GetRawParsed(), SatelliteManaged: host.SystemProfile.SatelliteManaged, + BuiltPkgcache: yumUpdates.GetBuiltPkgcache(), } var oldChecksums map[string]string @@ -535,7 +558,7 @@ func processModules(systemProfile *inventory.SystemProfile) *[]vmaas.UpdatesV3Re } // We have received new upload, update stored host data, and re-evaluate the host against VMaaS -func processUpload(host *Host, yumUpdates []byte) (*models.SystemPlatform, error) { +func processUpload(host *Host, yumUpdates *YumUpdates) (*models.SystemPlatform, error) { tStart := time.Now() defer utils.ObserveSecondsSince(tStart, messagePartDuration.WithLabelValues("upload-processing")) // Ensure we have account stored @@ -589,8 +612,9 @@ func processUpload(host *Host, yumUpdates []byte) (*models.SystemPlatform, error return sys, nil } -func getYumUpdates(event HostEvent, client *api.Client) ([]byte, error) { +func getYumUpdates(event HostEvent, client *api.Client) (*YumUpdates, error) { var parsed vmaas.UpdatesV3Response + res := &YumUpdates{} yumUpdates := event.PlatformMetadata.CustomMetadata.YumUpdates yumUpdatesURL := event.PlatformMetadata.CustomMetadata.YumUpdatesS3URL @@ -615,7 +639,9 @@ func getYumUpdates(event HostEvent, client *api.Client) ([]byte, error) { updatesMap := parsed.GetUpdateList() if len(updatesMap) == 0 { // system does not have any yum updates - return yumUpdates, nil + res.RawParsed = yumUpdates + res.BuiltPkgcache = parsed.GetBuildPkgcache() + return res, nil } // we need to get all packages to show up-to-date packages installedPkgs := event.Host.SystemProfile.GetInstalledPackages() @@ -633,7 +659,10 @@ func getYumUpdates(event HostEvent, client *api.Client) ([]byte, error) { if err != nil { return nil, errors.Wrap(err, "unable to marshall yum updates") } - return yumUpdates, nil + res.RawParsed = yumUpdates + res.BuiltPkgcache = parsed.GetBuildPkgcache() + + return res, nil } func (host *Host) GetOrgID() string { diff --git a/listener/upload_test.go b/listener/upload_test.go index c4c2f93e5..0d100c648 100644 --- a/listener/upload_test.go +++ b/listener/upload_test.go @@ -296,7 +296,7 @@ func TestUpdateSystemPlatformYumUpdates(t *testing.T) { assertYumUpdatesInDB(t, id, yumUpdates) // check that yumUpdates has been updated - yumUpdates = []byte("{}") + yumUpdates.RawParsed = []byte("{}") _, err = updateSystemPlatform(database.Db, id, accountID1, createTestInvHost(t), yumUpdates, &req) assert.Nil(t, err) assertYumUpdatesInDB(t, id, yumUpdates) diff --git a/platform/platform.go b/platform/platform.go index f7e7cde57..8c200d785 100644 --- a/platform/platform.go +++ b/platform/platform.go @@ -142,6 +142,7 @@ var yumUpdates = `{ ] } }, + "build_pkgcache": false, "metadata_time": "2022-05-30T14:00:25Z" }` From db3dbeb6db1cd5941e2b485bf7ee23cf8b166cb4 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Fri, 11 Aug 2023 16:14:11 +0000 Subject: [PATCH 224/268] v3.4.21 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index a7e57efe2..b819d7943 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.20 +v3.4.21 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 26db93ba8..87a412a7c 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -553,7 +553,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.20} +- {name: IMAGE_TAG_MANAGER, value: v3.4.21} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -577,7 +577,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.20} +- {name: IMAGE_TAG_LISTENER, value: v3.4.21} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -598,7 +598,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.20} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.21} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -623,7 +623,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.20} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.21} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -646,7 +646,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.20} +- {name: IMAGE_TAG_JOBS, value: v3.4.21} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -691,7 +691,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.20} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.21} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -723,7 +723,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.20} +- {name: IMAGE_TAG_ADMIN, value: v3.4.21} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 13741bbef..b3841bd3d 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.20" + "version": "v3.4.21" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 0fdd4ca9f..8dd72926d 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.20" + "version": "v3.4.21" }, "servers": [ { From 538150caaf460ede2f2078ef54ff45096765a27c Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Fri, 11 Aug 2023 15:47:58 +0000 Subject: [PATCH 225/268] RHINENG-1536: rely on sorted availableUpdates from vmaas --- base/vmaas/vmaas.go | 19 +------------------ 1 file changed, 1 insertion(+), 18 deletions(-) diff --git a/base/vmaas/vmaas.go b/base/vmaas/vmaas.go index b301c3b3d..9537982ed 100644 --- a/base/vmaas/vmaas.go +++ b/base/vmaas/vmaas.go @@ -2,7 +2,6 @@ package vmaas import ( "app/base/types" - "sort" "strings" ) @@ -75,23 +74,7 @@ func (o *UpdatesV3ResponseUpdateList) GetAvailableUpdates() []UpdatesV3ResponseA var ret []UpdatesV3ResponseAvailableUpdates return ret } - updates := *o.AvailableUpdates - sort.Slice(updates, func(i, j int) bool { - // `less` function - updatesI := updates[i] - updatesJ := updates[j] - if updatesI.Package == nil && updatesJ.Package != nil { - return true - } - if updatesJ.Package == nil && updatesI.Package != nil { - return false - } - if updatesJ.Package == nil && updatesI.Package == nil { - return true - } - return *updatesI.Package < *updatesJ.Package - }) - return updates + return *o.AvailableUpdates } type UpdatesV3ResponseAvailableUpdates struct { From 096d2f06373f1e446896e7e5f4b8628be4dba980 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Mon, 14 Aug 2023 09:23:55 +0000 Subject: [PATCH 226/268] v3.4.22 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index b819d7943..3929e2a98 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.21 +v3.4.22 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 87a412a7c..e07f27ec9 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -553,7 +553,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.21} +- {name: IMAGE_TAG_MANAGER, value: v3.4.22} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -577,7 +577,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.21} +- {name: IMAGE_TAG_LISTENER, value: v3.4.22} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -598,7 +598,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.21} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.22} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -623,7 +623,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.21} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.22} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -646,7 +646,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.21} +- {name: IMAGE_TAG_JOBS, value: v3.4.22} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -691,7 +691,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.21} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.22} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -723,7 +723,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.21} +- {name: IMAGE_TAG_ADMIN, value: v3.4.22} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index b3841bd3d..8262d3043 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.21" + "version": "v3.4.22" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 8dd72926d..490b028f9 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.21" + "version": "v3.4.22" }, "servers": [ { From 829d8bf1b7bf5ee01c0cece449ab72dc2602b112 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 14 Aug 2023 10:46:53 +0200 Subject: [PATCH 227/268] ESSNTL-4817: request inventory permissions --- manager/middlewares/rbac.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manager/middlewares/rbac.go b/manager/middlewares/rbac.go index d17a118b5..c3c6bac3a 100644 --- a/manager/middlewares/rbac.go +++ b/manager/middlewares/rbac.go @@ -48,7 +48,7 @@ func makeClient(identity string) *api.Client { DefaultHeaders: map[string]string{xRHIdentity: identity}, } if rbacURL == "" { - rbacURL = utils.FailIfEmpty(utils.Cfg.RbacAddress, "RBAC_ADDRESS") + base.RBACApiPrefix + "/access/?application=patch" + rbacURL = utils.FailIfEmpty(utils.Cfg.RbacAddress, "RBAC_ADDRESS") + base.RBACApiPrefix + "/access/?application=patch,inventory" } return &client } From a7e1b408aec42acdc1052cb03a69e78a9e331e24 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 14 Aug 2023 11:02:18 +0200 Subject: [PATCH 228/268] ESSNTL-4817: require inventory read permission --- manager/middlewares/rbac.go | 84 +++++++++++++++++++------------- manager/middlewares/rbac_test.go | 22 +++++++++ 2 files changed, 73 insertions(+), 33 deletions(-) diff --git a/manager/middlewares/rbac.go b/manager/middlewares/rbac.go index c3c6bac3a..68ebd43d5 100644 --- a/manager/middlewares/rbac.go +++ b/manager/middlewares/rbac.go @@ -26,6 +26,12 @@ const KeyInventoryGroups = "inventoryGroups" var allPerms = "patch:*:*" var readPerms = map[string]bool{allPerms: true, "patch:*:read": true} var writePerms = map[string]bool{allPerms: true, "patch:*:write": true} +var inventoryReadPerms = map[string]bool{ + "inventory:*:*": true, + "inventory:*:read": true, + "inventory:hosts:*": true, + "inventory:hosts:read": true, +} // handlerName to permissions mapping var granularPerms = map[string]struct { @@ -48,48 +54,60 @@ func makeClient(identity string) *api.Client { DefaultHeaders: map[string]string{xRHIdentity: identity}, } if rbacURL == "" { - rbacURL = utils.FailIfEmpty(utils.Cfg.RbacAddress, "RBAC_ADDRESS") + base.RBACApiPrefix + "/access/?application=patch,inventory" + rbacURL = utils.FailIfEmpty(utils.Cfg.RbacAddress, "RBAC_ADDRESS") + base.RBACApiPrefix + + "/access/?application=patch,inventory" } return &client } func checkPermissions(access *rbac.AccessPagination, handlerName, method string) bool { - granted := false + grantedPatch := false + grantedInventory := false for _, a := range access.Data { - if granted { - return true - } - if p, has := granularPerms[handlerName]; has { - // API handler requires granular permissions - if a.Permission == p.Permission { - // the required permission is present, e.g. patch:template:write - return true - } - if p.Read && !p.Write && readPerms[a.Permission] { - // required permission is read permission - // check whether we have either patch:*:read or patch:*:* - return true - } - if p.Write && !p.Read && writePerms[a.Permission] { - // required permission is write permission - // check whether we have either patch:*:write or patch:*:* - return true + switch { + case !grantedPatch: + if p, has := granularPerms[handlerName]; has { + // API handler requires granular permissions + if a.Permission == p.Permission { + // the required permission is present, e.g. patch:template:write + grantedPatch = true + continue + } + if p.Read && !p.Write && readPerms[a.Permission] { + // required permission is read permission + // check whether we have either patch:*:read or patch:*:* + grantedPatch = true + continue + } + if p.Write && !p.Read && writePerms[a.Permission] { + // required permission is write permission + // check whether we have either patch:*:write or patch:*:* + grantedPatch = true + continue + } + // we need both read and write permissions - patch:*:* + grantedPatch = (a.Permission == allPerms) + } else { + // not granular + // require read permissions for GET and POST + // require write permissions for PUT and DELETE + switch method { + case "GET", "POST": + grantedPatch = readPerms[a.Permission] + case "PUT", "DELETE": + grantedPatch = writePerms[a.Permission] + } } - // we need both read and write permissions - patch:*:* - granted = (a.Permission == allPerms) - } else { - // not granular - // require read permissions for GET and POST - // require write permissions for PUT and DELETE - switch method { - case "GET", "POST": - granted = readPerms[a.Permission] - case "PUT", "DELETE": - granted = writePerms[a.Permission] + case !grantedInventory: + if inventoryReadPerms[a.Permission] { + grantedInventory = true + continue } + case grantedPatch && grantedInventory: + return true } } - return granted + return grantedPatch && grantedInventory } func isAccessGranted(c *gin.Context) bool { @@ -128,7 +146,7 @@ func findInventoryGroups(access *rbac.AccessPagination) map[string]string { } groups := []string{} for _, a := range access.Data { - if a.Permission != "inventory:hosts:read" { + if !inventoryReadPerms[a.Permission] { continue } diff --git a/manager/middlewares/rbac_test.go b/manager/middlewares/rbac_test.go index fb7133198..8d51cfe84 100644 --- a/manager/middlewares/rbac_test.go +++ b/manager/middlewares/rbac_test.go @@ -46,6 +46,7 @@ func TestPermissionsSingleWrite(t *testing.T) { access := rbac.AccessPagination{ Data: []rbac.Access{ {Permission: "patch:*:*"}, + {Permission: "inventory:*:*"}, }, } assert.True(t, checkPermissions(&access, handler, "PUT")) @@ -53,6 +54,7 @@ func TestPermissionsSingleWrite(t *testing.T) { access = rbac.AccessPagination{ Data: []rbac.Access{ {Permission: "patch:*:write"}, + {Permission: "inventory:*:*"}, }, } assert.True(t, checkPermissions(&access, handler, "PUT")) @@ -60,6 +62,7 @@ func TestPermissionsSingleWrite(t *testing.T) { access = rbac.AccessPagination{ Data: []rbac.Access{ {Permission: "patch:template:write"}, + {Permission: "inventory:*:*"}, }, } assert.True(t, checkPermissions(&access, handler, "PUT")) @@ -74,6 +77,7 @@ func TestPermissionsSingleWrite(t *testing.T) { access = rbac.AccessPagination{ Data: []rbac.Access{ {Permission: "patch:asdf:read"}, + {Permission: "inventory:*:*"}, }, } assert.False(t, checkPermissions(&access, handler, "PUT")) @@ -81,6 +85,7 @@ func TestPermissionsSingleWrite(t *testing.T) { access = rbac.AccessPagination{ Data: []rbac.Access{ {Permission: "patch:*:read"}, + {Permission: "inventory:*:*"}, }, } assert.False(t, checkPermissions(&access, handler, "PUT")) @@ -97,6 +102,7 @@ func TestPermissionsSingleRead(t *testing.T) { access := rbac.AccessPagination{ Data: []rbac.Access{ {Permission: "patch:*:*"}, + {Permission: "inventory:*:*"}, }, } assert.True(t, checkPermissions(&access, handler, "GET")) @@ -104,6 +110,7 @@ func TestPermissionsSingleRead(t *testing.T) { access = rbac.AccessPagination{ Data: []rbac.Access{ {Permission: "patch:*:read"}, + {Permission: "inventory:*:*"}, }, } assert.True(t, checkPermissions(&access, handler, "GET")) @@ -111,6 +118,7 @@ func TestPermissionsSingleRead(t *testing.T) { access = rbac.AccessPagination{ Data: []rbac.Access{ {Permission: "patch:single:read"}, + {Permission: "inventory:*:*"}, }, } assert.True(t, checkPermissions(&access, handler, "GET")) @@ -118,6 +126,7 @@ func TestPermissionsSingleRead(t *testing.T) { access = rbac.AccessPagination{ Data: []rbac.Access{ {Permission: "patch:asdf:read"}, + {Permission: "inventory:*:*"}, }, } assert.False(t, checkPermissions(&access, handler, "GET")) @@ -125,6 +134,7 @@ func TestPermissionsSingleRead(t *testing.T) { access = rbac.AccessPagination{ Data: []rbac.Access{ {Permission: "patch:asdf:write"}, + {Permission: "inventory:*:*"}, }, } assert.False(t, checkPermissions(&access, handler, "GET")) @@ -132,11 +142,13 @@ func TestPermissionsSingleRead(t *testing.T) { access = rbac.AccessPagination{ Data: []rbac.Access{ {Permission: "patch:*:write"}, + {Permission: "inventory:*:*"}, }, } assert.False(t, checkPermissions(&access, handler, "GET")) } +// nolint:funlen func TestPermissionsSingleReadWrite(t *testing.T) { // handler needs `patch:single:read` handler := "SingleReadWrite" @@ -148,6 +160,7 @@ func TestPermissionsSingleReadWrite(t *testing.T) { access := rbac.AccessPagination{ Data: []rbac.Access{ {Permission: "patch:*:*"}, + {Permission: "inventory:*:*"}, }, } assert.True(t, checkPermissions(&access, handler, "PUT")) @@ -155,6 +168,7 @@ func TestPermissionsSingleReadWrite(t *testing.T) { access = rbac.AccessPagination{ Data: []rbac.Access{ {Permission: "patch:single:*"}, + {Permission: "inventory:*:*"}, }, } assert.True(t, checkPermissions(&access, handler, "PUT")) @@ -162,6 +176,7 @@ func TestPermissionsSingleReadWrite(t *testing.T) { access = rbac.AccessPagination{ Data: []rbac.Access{ {Permission: "patch:*:read"}, + {Permission: "inventory:*:*"}, }, } assert.False(t, checkPermissions(&access, handler, "PUT")) @@ -169,6 +184,7 @@ func TestPermissionsSingleReadWrite(t *testing.T) { access = rbac.AccessPagination{ Data: []rbac.Access{ {Permission: "patch:single:read"}, + {Permission: "inventory:*:*"}, }, } assert.False(t, checkPermissions(&access, handler, "PUT")) @@ -176,6 +192,7 @@ func TestPermissionsSingleReadWrite(t *testing.T) { access = rbac.AccessPagination{ Data: []rbac.Access{ {Permission: "patch:asdf:read"}, + {Permission: "inventory:*:*"}, }, } assert.False(t, checkPermissions(&access, handler, "PUT")) @@ -183,6 +200,7 @@ func TestPermissionsSingleReadWrite(t *testing.T) { access = rbac.AccessPagination{ Data: []rbac.Access{ {Permission: "patch:asdf:write"}, + {Permission: "inventory:*:*"}, }, } assert.False(t, checkPermissions(&access, handler, "PUT")) @@ -190,6 +208,7 @@ func TestPermissionsSingleReadWrite(t *testing.T) { access = rbac.AccessPagination{ Data: []rbac.Access{ {Permission: "patch:*:write"}, + {Permission: "inventory:*:*"}, }, } assert.False(t, checkPermissions(&access, handler, "PUT")) @@ -206,6 +225,7 @@ func TestPermissionsRead(t *testing.T) { access := rbac.AccessPagination{ Data: []rbac.Access{ {Permission: "patch:*:*"}, + {Permission: "inventory:*:*"}, }, } assert.True(t, checkPermissions(&access, handler, "GET")) @@ -213,6 +233,7 @@ func TestPermissionsRead(t *testing.T) { access = rbac.AccessPagination{ Data: []rbac.Access{ {Permission: "patch:*:read"}, + {Permission: "inventory:*:*"}, }, } assert.True(t, checkPermissions(&access, handler, "GET")) @@ -220,6 +241,7 @@ func TestPermissionsRead(t *testing.T) { access = rbac.AccessPagination{ Data: []rbac.Access{ {Permission: "patch:*:write"}, + {Permission: "inventory:*:*"}, }, } assert.False(t, checkPermissions(&access, handler, "GET")) From 71a126a8b6a623c1b136bc98058f400676054f87 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Mon, 14 Aug 2023 12:21:39 +0000 Subject: [PATCH 229/268] v3.4.23 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 3929e2a98..433a81c6e 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.22 +v3.4.23 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index e07f27ec9..94cb205cf 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -553,7 +553,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.22} +- {name: IMAGE_TAG_MANAGER, value: v3.4.23} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -577,7 +577,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.22} +- {name: IMAGE_TAG_LISTENER, value: v3.4.23} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -598,7 +598,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.22} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.23} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -623,7 +623,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.22} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.23} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -646,7 +646,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.22} +- {name: IMAGE_TAG_JOBS, value: v3.4.23} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -691,7 +691,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.22} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.23} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -723,7 +723,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.22} +- {name: IMAGE_TAG_ADMIN, value: v3.4.23} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 8262d3043..e7f075691 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.22" + "version": "v3.4.23" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 490b028f9..71efc069e 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.22" + "version": "v3.4.23" }, "servers": [ { From 7aa09fef2b09c9a0f7116a819523aa152bc3f1c5 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 14 Aug 2023 15:31:31 +0200 Subject: [PATCH 230/268] ESSNTL-4817: fix rbac with multiple inventory and patch permissions --- manager/middlewares/rbac.go | 18 +++++++++--------- manager/middlewares/rbac_test.go | 30 ++++++++++++++++++++++++++++++ 2 files changed, 39 insertions(+), 9 deletions(-) diff --git a/manager/middlewares/rbac.go b/manager/middlewares/rbac.go index 68ebd43d5..dba9a34c2 100644 --- a/manager/middlewares/rbac.go +++ b/manager/middlewares/rbac.go @@ -64,8 +64,15 @@ func checkPermissions(access *rbac.AccessPagination, handlerName, method string) grantedPatch := false grantedInventory := false for _, a := range access.Data { - switch { - case !grantedPatch: + if grantedPatch && grantedInventory { + return true + } + + if !grantedInventory { + grantedInventory = inventoryReadPerms[a.Permission] + } + + if !grantedPatch { if p, has := granularPerms[handlerName]; has { // API handler requires granular permissions if a.Permission == p.Permission { @@ -98,13 +105,6 @@ func checkPermissions(access *rbac.AccessPagination, handlerName, method string) grantedPatch = writePerms[a.Permission] } } - case !grantedInventory: - if inventoryReadPerms[a.Permission] { - grantedInventory = true - continue - } - case grantedPatch && grantedInventory: - return true } } return grantedPatch && grantedInventory diff --git a/manager/middlewares/rbac_test.go b/manager/middlewares/rbac_test.go index 8d51cfe84..ddc6fe1a7 100644 --- a/manager/middlewares/rbac_test.go +++ b/manager/middlewares/rbac_test.go @@ -311,3 +311,33 @@ func TestFindInventoryGroups(t *testing.T) { ) assert.Equal(t, "[]", groups[rbac.KeyUngrouped]) } + +func TestMultiplePermissions(t *testing.T) { + handler := "MultiplePermissions" + access := rbac.AccessPagination{ + Data: []rbac.Access{ + {Permission: "inventory:*:read"}, + {Permission: "inventory:hosts:write"}, + {Permission: "inventory:hosts:read"}, + {Permission: "inventory:groups:write"}, + {Permission: "inventory:groups:read"}, + {Permission: "patch:*:*"}, + {Permission: "patch:*:read"}, + }, + } + assert.True(t, checkPermissions(&access, handler, "GET")) + assert.True(t, checkPermissions(&access, handler, "DELETE")) + + access = rbac.AccessPagination{ + Data: []rbac.Access{ + {Permission: "inventory:*:read"}, + {Permission: "inventory:hosts:write"}, + {Permission: "inventory:groups:write"}, + {Permission: "patch:*:read"}, + {Permission: "inventory:hosts:read"}, + {Permission: "inventory:groups:read"}, + }, + } + assert.True(t, checkPermissions(&access, handler, "GET")) + assert.False(t, checkPermissions(&access, handler, "DELETE")) +} From f7bd3f99ec08a8d3fc441e6b286a9d9d87e6657f Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Mon, 14 Aug 2023 14:01:59 +0000 Subject: [PATCH 231/268] v3.4.24 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 433a81c6e..bdb5f382d 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.23 +v3.4.24 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 94cb205cf..5d63a7ec0 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -553,7 +553,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.23} +- {name: IMAGE_TAG_MANAGER, value: v3.4.24} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -577,7 +577,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.23} +- {name: IMAGE_TAG_LISTENER, value: v3.4.24} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -598,7 +598,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.23} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.24} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -623,7 +623,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.23} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.24} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -646,7 +646,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.23} +- {name: IMAGE_TAG_JOBS, value: v3.4.24} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -691,7 +691,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.23} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.24} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -723,7 +723,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.23} +- {name: IMAGE_TAG_ADMIN, value: v3.4.24} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index e7f075691..c2b5abd92 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.23" + "version": "v3.4.24" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 71efc069e..a8e20bcbd 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.23" + "version": "v3.4.24" }, "servers": [ { From 97e5ff20d2071dd3d742299f6f8f6b1c42ca3e02 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Tue, 15 Aug 2023 11:32:58 +0200 Subject: [PATCH 232/268] RHINENG-1602: use invalid advisory_account_data for advisories api query for advisories api without filters is usable only if run from cache, we need to use advisories_account_data even if it has invalid cache (fix it in separate task by optimizing advisory query without aad) --- manager/controllers/advisories.go | 12 +----------- manager/controllers/advisories_export.go | 12 +----------- 2 files changed, 2 insertions(+), 22 deletions(-) diff --git a/manager/controllers/advisories.go b/manager/controllers/advisories.go index dbaf9c4cd..cfdef4c75 100644 --- a/manager/controllers/advisories.go +++ b/manager/controllers/advisories.go @@ -127,17 +127,7 @@ func advisoriesCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error) { return nil, nil, nil, err } - var validCache bool - if !disableCachedCounts { - err = db.Table("rh_account"). - Select("valid_advisory_cache"). - Where("id = ?", account). - Scan(&validCache).Error - if err != nil { - validCache = false - } - } - if !validCache || HasInventoryFilter(filters) || len(groups[rbac.KeyGrouped]) != 0 { + if disableCachedCounts || HasInventoryFilter(filters) || len(groups[rbac.KeyGrouped]) != 0 { var err error query = buildQueryAdvisoriesTagged(db, filters, account, groups) if err != nil { diff --git a/manager/controllers/advisories_export.go b/manager/controllers/advisories_export.go index 15c186037..e3ca77cb2 100644 --- a/manager/controllers/advisories_export.go +++ b/manager/controllers/advisories_export.go @@ -36,18 +36,8 @@ func AdvisoriesExportHandler(c *gin.Context) { } db := middlewares.DBFromContext(c) var query *gorm.DB - var validCache bool - if !disableCachedCounts { - err = db.Table("rh_account"). - Select("valid_advisory_cache"). - Where("id = ?", account). - Scan(&validCache).Error - if err != nil { - validCache = false - } - } - if !validCache || HasInventoryFilter(filters) || len(groups[rbac.KeyGrouped]) != 0 { + if disableCachedCounts || HasInventoryFilter(filters) || len(groups[rbac.KeyGrouped]) != 0 { var err error query = buildQueryAdvisoriesTagged(db, filters, account, groups) if err != nil { From 7db4757eda2b5f7c3e5c121c5a3be52f9a59419f Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Tue, 15 Aug 2023 17:57:53 +0200 Subject: [PATCH 233/268] RHINENG-1602: invalidate cache only when cache = true --- evaluator/evaluate.go | 1 + 1 file changed, 1 insertion(+) diff --git a/evaluator/evaluate.go b/evaluator/evaluate.go index 12919f328..4f47942d9 100644 --- a/evaluator/evaluate.go +++ b/evaluator/evaluate.go @@ -581,6 +581,7 @@ func parseVmaasJSON(system *models.SystemPlatform) (vmaas.UpdatesV3Request, erro func invalidateCaches(orgID string) error { err := database.Db.Model(models.RhAccount{}). Where("org_id = ?", orgID). + Where("valid_package_cache = true OR valid_advisory_cache = true"). // use map because struct updates only non-zero values and we need to update it to `false` Updates(map[string]interface{}{"valid_package_cache": false, "valid_advisory_cache": false}). Error From 22dd42c4766e8f612e892751d0ff4fb4dd46a920 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Tue, 15 Aug 2023 18:33:00 +0200 Subject: [PATCH 234/268] RHINENG-1602: don't restart pod when vmaas responds with 400 --- evaluator/evaluate.go | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/evaluator/evaluate.go b/evaluator/evaluate.go index 4f47942d9..0a2f4ad25 100644 --- a/evaluator/evaluate.go +++ b/evaluator/evaluate.go @@ -58,6 +58,7 @@ var ( enableYumUpdatesEval bool nEvalGoroutines int enableInstantNotifications bool + errVmaasBadRequest = errors.New("vmaas bad request") ) const WarnPayloadTracker = "unable to send message to payload tracker" @@ -282,6 +283,13 @@ func getUpdatesData(ctx context.Context, tx *gorm.DB, system *models.SystemPlatf vmaasData, vmaasErr := getVmaasUpdates(ctx, tx, system) if vmaasErr != nil { + if errors.Is(vmaasErr, errVmaasBadRequest) { + // vmaas bad request means we either created wrong vmaas request + // or more likely we received package_list without epochs + // either way, we should skip this system and not fail hard which will cause pod to restart + utils.LogWarn("Vmaas response error - bad request, skipping system", vmaasErr.Error()) + return nil, nil + } // if there's no yum update fail hard otherwise only log warning and use yum data if yumUpdates == nil { return nil, errors.Wrap(vmaasErr, vmaasErr.Error()) @@ -545,8 +553,12 @@ func callVMaas(ctx context.Context, request *vmaas.UpdatesV3Request) (*vmaas.Upd utils.LogTrace("request", *request, "vmaas /updates request") vmaasData := vmaas.UpdatesV3Response{} resp, err := vmaasClient.Request(&ctx, http.MethodPost, vmaasUpdatesURL, request, &vmaasData) - utils.LogDebug("status_code", utils.TryGetStatusCode(resp), "vmaas /updates call") + statusCode := utils.TryGetStatusCode(resp) + utils.LogDebug("status_code", statusCode, "vmaas /updates call") utils.LogTrace("response", resp, "vmaas /updates response") + if err != nil && statusCode == 400 { + err = errors.Wrap(errVmaasBadRequest, err.Error()) + } return &vmaasData, resp, err } From e49b75f3669da1950962aad840fedc2636bd7433 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Tue, 15 Aug 2023 19:26:42 +0200 Subject: [PATCH 235/268] RHINENG-1602: fix HasInventoryFilter - tags are invntory filters --- manager/controllers/utils.go | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/manager/controllers/utils.go b/manager/controllers/utils.go index a26272cc1..9f44f09d9 100644 --- a/manager/controllers/utils.go +++ b/manager/controllers/utils.go @@ -273,7 +273,10 @@ func HasInventoryFilter(filters Filters) bool { return false } for _, data := range filters { - if data.Type == InventoryFilter { + switch data.Type { + case InventoryFilter: + return true + case TagFilter: return true } } From be3b71d4c789d363ea0c5eecc11b4f163aaa81ab Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Tue, 15 Aug 2023 17:50:45 +0000 Subject: [PATCH 236/268] v3.4.25 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index bdb5f382d..a1e27e41c 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.24 +v3.4.25 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 5d63a7ec0..318716caf 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -553,7 +553,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.24} +- {name: IMAGE_TAG_MANAGER, value: v3.4.25} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -577,7 +577,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.24} +- {name: IMAGE_TAG_LISTENER, value: v3.4.25} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -598,7 +598,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.24} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.25} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -623,7 +623,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.24} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.25} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -646,7 +646,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.24} +- {name: IMAGE_TAG_JOBS, value: v3.4.25} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -691,7 +691,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.24} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.25} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -723,7 +723,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.24} +- {name: IMAGE_TAG_ADMIN, value: v3.4.25} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index c2b5abd92..2832ee0b0 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.24" + "version": "v3.4.25" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index a8e20bcbd..48364873b 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.24" + "version": "v3.4.25" }, "servers": [ { From c5c69e0af055fc34d0bf17711e641d309f0b2ebe Mon Sep 17 00:00:00 2001 From: yungbender Date: Thu, 17 Aug 2023 16:49:26 +0200 Subject: [PATCH 237/268] SPM-2111: dont evaluate baselines for satellite systems --- evaluator/evaluate.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/evaluator/evaluate.go b/evaluator/evaluate.go index 0a2f4ad25..382a4a20f 100644 --- a/evaluator/evaluate.go +++ b/evaluator/evaluate.go @@ -249,7 +249,7 @@ func tryGetYumUpdates(system *models.SystemPlatform) (*vmaas.UpdatesV3Response, func evaluateWithVmaas(tx *gorm.DB, updatesData *vmaas.UpdatesV3Response, system *models.SystemPlatform, event *mqueue.PlatformEvent) (*vmaas.UpdatesV3Response, error) { - if enableBaselineEval { + if enableBaselineEval && !system.SatelliteManaged { err := limitVmaasToBaseline(tx, system, updatesData) if err != nil { return nil, errors.Wrap(err, "Failed to evaluate baseline") From 73a1ab51b449efbea58b970ffdf7f32609e1da5c Mon Sep 17 00:00:00 2001 From: yungbender Date: Thu, 17 Aug 2023 16:49:55 +0200 Subject: [PATCH 238/268] RHINENG-1502: evaluate advisories for satellite systems --- base/utils/vmaas.go | 7 +- base/utils/vmaas_test.go | 2 +- base/vmaas/vmaas.go | 34 ++++-- evaluator/evaluate.go | 14 +-- evaluator/evaluate_advisories_test.go | 2 +- evaluator/evaluate_baseline.go | 2 +- evaluator/evaluate_packages.go | 4 +- evaluator/evaluate_packages_test.go | 6 +- evaluator/evaluate_test.go | 142 ++++++++++++++++++++++++++ evaluator/remediations_test.go | 2 +- listener/upload.go | 2 +- 11 files changed, 188 insertions(+), 29 deletions(-) diff --git a/base/utils/vmaas.go b/base/utils/vmaas.go index 8eef8be23..84008a7ba 100644 --- a/base/utils/vmaas.go +++ b/base/utils/vmaas.go @@ -8,8 +8,7 @@ import ( // Merge update data from vmaasDataB into vmaasDataA without duplicating. // Requires sorted update input and returns sorted output. -func MergeVMaaSResponses(vmaasDataA *vmaas.UpdatesV3Response, - vmaasDataB *vmaas.UpdatesV3Response) (*vmaas.UpdatesV3Response, error) { +func MergeVMaaSResponses(vmaasDataA, vmaasDataB *vmaas.UpdatesV3Response) (*vmaas.UpdatesV3Response, error) { if vmaasDataA == nil { return vmaasDataB, nil } @@ -26,7 +25,7 @@ func MergeVMaaSResponses(vmaasDataA *vmaas.UpdatesV3Response, if err != nil { return nil, err } - mergedList[nevraB] = *merged + mergedList[nevraB] = merged } else { mergedList[nevraB] = updateListB } @@ -39,7 +38,7 @@ func MergeVMaaSResponses(vmaasDataA *vmaas.UpdatesV3Response, return vmaasDataA, nil } -func mergeUpdates(listA, listB vmaas.UpdatesV3ResponseUpdateList) (*vmaas.UpdatesV3ResponseUpdateList, error) { +func mergeUpdates(listA, listB *vmaas.UpdatesV3ResponseUpdateList) (*vmaas.UpdatesV3ResponseUpdateList, error) { updatesA, updatesB := listA.GetAvailableUpdates(), listB.GetAvailableUpdates() newUpdates := make([]vmaas.UpdatesV3ResponseAvailableUpdates, 0) a, b := 0, 0 diff --git a/base/utils/vmaas_test.go b/base/utils/vmaas_test.go index 00cb13c4d..890fc12e2 100644 --- a/base/utils/vmaas_test.go +++ b/base/utils/vmaas_test.go @@ -16,7 +16,7 @@ func compareUpdatesMerge(t *testing.T, jsonA, jsonB, merged []byte) { err = json.Unmarshal(jsonB, &listB) assert.Nil(t, err) - listMerged, err := mergeUpdates(listA, listB) + listMerged, err := mergeUpdates(&listA, &listB) assert.Nil(t, err) res, err := json.Marshal(listMerged) diff --git a/base/vmaas/vmaas.go b/base/vmaas/vmaas.go index 9537982ed..b5587b7fb 100644 --- a/base/vmaas/vmaas.go +++ b/base/vmaas/vmaas.go @@ -39,19 +39,19 @@ func (o *UpdatesV3Request) SetReleasever(v string) { } type UpdatesV3Response struct { - UpdateList *map[string]UpdatesV3ResponseUpdateList `json:"update_list,omitempty"` - RepositoryList *[]string `json:"repository_list,omitempty"` - ModulesList *[]UpdatesV3RequestModulesList `json:"modules_list,omitempty"` - Releasever *string `json:"releasever,omitempty"` - Basearch *string `json:"basearch,omitempty"` - LastChange *string `json:"last_change,omitempty"` - BuildPkgcache *bool `json:"build_pkgcache,omitempty"` + UpdateList *map[string]*UpdatesV3ResponseUpdateList `json:"update_list,omitempty"` + RepositoryList *[]string `json:"repository_list,omitempty"` + ModulesList *[]UpdatesV3RequestModulesList `json:"modules_list,omitempty"` + Releasever *string `json:"releasever,omitempty"` + Basearch *string `json:"basearch,omitempty"` + LastChange *string `json:"last_change,omitempty"` + BuildPkgcache *bool `json:"build_pkgcache,omitempty"` } // GetUpdateList returns the UpdateList field value if set, zero value otherwise. -func (o *UpdatesV3Response) GetUpdateList() map[string]UpdatesV3ResponseUpdateList { +func (o *UpdatesV3Response) GetUpdateList() map[string]*UpdatesV3ResponseUpdateList { if o == nil || o.UpdateList == nil { - var ret map[string]UpdatesV3ResponseUpdateList + var ret map[string]*UpdatesV3ResponseUpdateList return ret } return *o.UpdateList @@ -77,6 +77,15 @@ func (o *UpdatesV3ResponseUpdateList) GetAvailableUpdates() []UpdatesV3ResponseA return *o.AvailableUpdates } +func (o *UpdatesV3ResponseUpdateList) SetUpdatesInstallability(status int) { + if o == nil || o.AvailableUpdates == nil { + return + } + for index := range *o.AvailableUpdates { + (*o.AvailableUpdates)[index].SetInstallability(status) + } +} + type UpdatesV3ResponseAvailableUpdates struct { Repository *string `json:"repository,omitempty"` Releasever *string `json:"releasever,omitempty"` @@ -145,6 +154,13 @@ func (o *UpdatesV3ResponseAvailableUpdates) GetRepository() string { return *o.Repository } +func (o *UpdatesV3ResponseAvailableUpdates) SetInstallability(status int) { + if o == nil { + return + } + o.StatusID = status +} + func (o *UpdatesV3ResponseAvailableUpdates) Cmp(b *UpdatesV3ResponseAvailableUpdates) int { if cmp := strings.Compare(o.GetPackage(), b.GetPackage()); cmp != 0 { return cmp diff --git a/evaluator/evaluate.go b/evaluator/evaluate.go index 382a4a20f..12ddaac6d 100644 --- a/evaluator/evaluate.go +++ b/evaluator/evaluate.go @@ -240,7 +240,7 @@ func tryGetYumUpdates(system *models.SystemPlatform) (*vmaas.UpdatesV3Response, EVRA: utils.PtrString(nevra.EVRAString()), }) } - updatesMap[k] = vmaas.UpdatesV3ResponseUpdateList{ + updatesMap[k] = &vmaas.UpdatesV3ResponseUpdateList{ AvailableUpdates: &updates, } } @@ -297,13 +297,15 @@ func getUpdatesData(ctx context.Context, tx *gorm.DB, system *models.SystemPlatf utils.LogWarn("Vmaas response error, continuing with yum updates only", vmaasErr.Error()) } - // Try to merge YumUpdates and VMaaS updates - updatesData, err := utils.MergeVMaaSResponses(vmaasData, yumUpdates) - if err != nil { - return nil, err + if system.SatelliteManaged { + // satellite managed systems has vmaas updates APPLICABLE instead of INSTALLABLE + mergedUpdateList := vmaasData.GetUpdateList() + for nevra := range mergedUpdateList { + (*mergedUpdateList[nevra]).SetUpdatesInstallability(APPLICABLE) + } } - return updatesData, nil + return utils.MergeVMaaSResponses(yumUpdates, vmaasData) } func getVmaasUpdates(ctx context.Context, tx *gorm.DB, diff --git a/evaluator/evaluate_advisories_test.go b/evaluator/evaluate_advisories_test.go index 025d1740e..a9dd671ff 100644 --- a/evaluator/evaluate_advisories_test.go +++ b/evaluator/evaluate_advisories_test.go @@ -44,7 +44,7 @@ func TestGetReportedAdvisories2(t *testing.T) { {Erratum: utils.PtrString("ER2")}, {Erratum: utils.PtrString("ER3")}} cUpdates := []vmaas.UpdatesV3ResponseAvailableUpdates{ {Erratum: utils.PtrString("ER3")}, {Erratum: utils.PtrString("ER4")}} - updateList := map[string]vmaas.UpdatesV3ResponseUpdateList{ + updateList := map[string]*vmaas.UpdatesV3ResponseUpdateList{ "pkg-a": {AvailableUpdates: &aUpdates}, "pkg-b": {AvailableUpdates: &bUpdates}, "pkg-c": {AvailableUpdates: &cUpdates}, diff --git a/evaluator/evaluate_baseline.go b/evaluator/evaluate_baseline.go index 18b3c12e8..6b3990c3b 100644 --- a/evaluator/evaluate_baseline.go +++ b/evaluator/evaluate_baseline.go @@ -36,7 +36,7 @@ func limitVmaasToBaseline(tx *gorm.DB, system *models.SystemPlatform, vmaasData } updateList := vmaasData.GetUpdateList() - modifiedUpdateList := make(map[string]vmaas.UpdatesV3ResponseUpdateList, len(updateList)) + modifiedUpdateList := make(map[string]*vmaas.UpdatesV3ResponseUpdateList, len(updateList)) for pkg, updates := range updateList { availableUpdates := updates.GetAvailableUpdates() for i := range availableUpdates { diff --git a/evaluator/evaluate_packages.go b/evaluator/evaluate_packages.go index 7d0ee4750..9079e023c 100644 --- a/evaluator/evaluate_packages.go +++ b/evaluator/evaluate_packages.go @@ -251,10 +251,10 @@ func updateDataChanged(currentNamedPackage *namedPackage, updateDataJSON []byte) } func createSystemPackage(nevra string, - updateData vmaas.UpdatesV3ResponseUpdateList, + updateData *vmaas.UpdatesV3ResponseUpdateList, system *models.SystemPlatform, packagesByNEVRA *map[string]namedPackage) (systemPackagePtr *models.SystemPackage, updatesChanged bool) { - updateDataJSON, err := vmaasResponse2UpdateDataJSON(&updateData) + updateDataJSON, err := vmaasResponse2UpdateDataJSON(updateData) if err != nil { utils.LogError("nevra", nevra, "VMaaS updates response parsing failed") return nil, false diff --git a/evaluator/evaluate_packages_test.go b/evaluator/evaluate_packages_test.go index 0d0daaa02..5784e0556 100644 --- a/evaluator/evaluate_packages_test.go +++ b/evaluator/evaluate_packages_test.go @@ -23,7 +23,7 @@ func TestAnalyzePackages(t *testing.T) { database.CheckEVRAsInDB(t, 0, "12.0.1-1.fc31.x86_64") // lazy added package // we send request with zero epoch and expect response with zero epoch // so we have to test with zero epoch - vmaasData := vmaas.UpdatesV3Response{UpdateList: &map[string]vmaas.UpdatesV3ResponseUpdateList{ + vmaasData := vmaas.UpdatesV3Response{UpdateList: &map[string]*vmaas.UpdatesV3ResponseUpdateList{ "kernel-0:5.6.13-200.fc31.x86_64": {AvailableUpdates: &[]vmaas.UpdatesV3ResponseAvailableUpdates{}}, "firefox-0:12.0.1-1.fc31.x86_64": {AvailableUpdates: &[]vmaas.UpdatesV3ResponseAvailableUpdates{{ Package: utils.PtrString("firefox-0:77.0.1-1.fc31.x86_64"), @@ -52,10 +52,10 @@ func TestLazySavePackages(t *testing.T) { names := []string{"kernel", "firefox", "custom-package"} evras := []string{"1-0.el7.x86_64", "1-1.1.el7.x86_64", "11-1.el7.x86_64"} - updateList := make(map[string]vmaas.UpdatesV3ResponseUpdateList, len(names)) + updateList := make(map[string]*vmaas.UpdatesV3ResponseUpdateList, len(names)) for i, name := range names { nevra := fmt.Sprintf("%s-%s", name, evras[i]) - updateList[nevra] = vmaas.UpdatesV3ResponseUpdateList{} + updateList[nevra] = &vmaas.UpdatesV3ResponseUpdateList{} } vmaasData := vmaas.UpdatesV3Response{UpdateList: &updateList} database.CheckEVRAsInDB(t, 0, evras...) diff --git a/evaluator/evaluate_test.go b/evaluator/evaluate_test.go index d8694c5dc..9a713e58d 100644 --- a/evaluator/evaluate_test.go +++ b/evaluator/evaluate_test.go @@ -8,6 +8,7 @@ import ( "app/base/utils" "app/base/vmaas" "context" + "encoding/json" "net/http" "os" "sync" @@ -219,3 +220,144 @@ func TestGetYumUpdates(t *testing.T) { assert.NotNil(t, updates) assert.Equal(t, 2, len(updateList.GetAvailableUpdates())) } + +// nolint:funlen +func TestSatelliteSystemAdvisories(t *testing.T) { + utils.SkipWithoutDB(t) + utils.SkipWithoutPlatform(t) + core.SetupTestEnvironment() + + ogYumUpdatesEval := enableYumUpdatesEval + enableYumUpdatesEval = true + defer func() { enableYumUpdatesEval = ogYumUpdatesEval }() + + configure() + loadCache() + mockWriter := mqueue.MockKafkaWriter{} + remediationsPublisher = &mockWriter + + vmaasJSON := ` + { + "package_list": [ + "git-2.30.1-1.el8_8.x86_64", + "sqlite-3.21.0-1.el8_6.x86_64" + ], + "repository_list": [ + "rhel-8-for-x86_64-appstream-rpms" + ], + "releasever": "8", + "basearch": "x86_64", + "latest_only": true + } + ` + // this satellite system has 2 git and 1 sqlite advisories reported by vmaas (APPLICABLE) + vmaasDataResp := ` + { + "update_list": { + "git-2.30.1-1.el8_8.x86_64": { + "available_updates": [ + { + "erratum": "RHSA-2023:3246", + "basearch": "x86_64", + "releasever": "8", + "repository": "rhel-8-for-x86_64-appstream-rpms", + "package": "git-2.39.3-1.el8_8.x86_64" + }, + { + "erratum": "RHSA-2023:3240", + "basearch": "x86_64", + "releasever": "8", + "repository": "rhel-8-for-x86_64-appstream-rpms", + "package": "git-2.39.4-1.el8_8.x86_64" + } + ] + }, + "sqlite-3.21.0-1.el8_6.x86_64": { + "available_updates": [ + { + "erratum": "RHSA-2022:7100", + "basearch": "x86_64", + "releasever": "8", + "repository": "rhel-8-for-x86_64-appstream-rpms", + "package": "sqlite-3.26.0-16.el8_6.x86_64" + } + ] + } + } + } + ` + + var vmaasData vmaas.UpdatesV3Response + err := json.Unmarshal([]byte(vmaasDataResp), &vmaasData) + assert.Nil(t, err) + + // lets add the checksum to the cache, so we do not actually call vmaas + vmaasJSONChecksum := "1337" + memoryVmaasCache.Add(&vmaasJSONChecksum, &vmaasData) + + // this satellite system has 1 git installable advisory which is the same as the applicable one from vmaas + // and 1 sqlite different installable advisory + yumUpdatesRaw := []byte(` + { + "update_list": { + "git-2.30.1-1.el8_8.x86_64": { + "available_updates": [ + { + "erratum": "RHSA-2023:3246", + "basearch": "x86_64", + "releasever": "8", + "repository": "rhel-8-for-x86_64-appstream-rpms", + "package": "git-2.39.3-1.el8_8.x86_64" + } + ] + }, + "sqlite-3.21.0-1.el8_6.x86_64": { + "available_updates": [ + { + "erratum": "RHSA-2022:7108", + "basearch": "x86_64", + "releasever": "8", + "repository": "rhel-8-for-x86_64-appstream-rpms", + "package": "sqlite-3.26.0-16.el8_6.x86_64" + } + ] + } + } + } + `) + + system := models.SystemPlatform{ + InventoryID: "99999999-0000-0000-0000-000000000015", + JSONChecksum: &vmaasJSONChecksum, + VmaasJSON: &vmaasJSON, + YumUpdates: yumUpdatesRaw, + DisplayName: "satellite_system_test1", + RhAccountID: 1, + BuiltPkgcache: true, + SatelliteManaged: true, + } + tx := database.Db.Create(&system) + assert.Nil(t, tx.Error) + + result, err := getUpdatesData(context.Background(), database.Db, &system) + assert.Nil(t, err) + + // result should have 2 git advisories, 1 is installable (taken from yum updates and vmaas, merged) + // 1 is applicable (taken from vmaas) + // 2 sqlite advisories, 1 is installable (taken from yum updates) + // 1 is applicable (taken from vmaas) + var installableCnt, applicableCnt int + for _, updates := range result.GetUpdateList() { + for _, update := range updates.GetAvailableUpdates() { + if update.StatusID == INSTALLABLE { + installableCnt++ + } else if update.StatusID == APPLICABLE { + applicableCnt++ + } + } + } + assert.Equal(t, 2, installableCnt) + assert.Equal(t, 2, applicableCnt) + + database.Db.Delete(system) +} diff --git a/evaluator/remediations_test.go b/evaluator/remediations_test.go index b13c74d5d..86e5803cc 100644 --- a/evaluator/remediations_test.go +++ b/evaluator/remediations_test.go @@ -18,7 +18,7 @@ var testKUpdates = []vmaas.UpdatesV3ResponseAvailableUpdates{ {Repository: utils.PtrString("repo1"), Releasever: utils.PtrString("ser1"), Basearch: utils.PtrString("i686"), Erratum: utils.PtrString("RH-100"), Package: utils.PtrString("kernel-5.10.13-200.fc31.x86_64")}, } -var testUpdateList = map[string]vmaas.UpdatesV3ResponseUpdateList{ +var testUpdateList = map[string]*vmaas.UpdatesV3ResponseUpdateList{ "firefox-76.0.1-1.fc31.x86_64": { AvailableUpdates: &testFfUpdates, }, diff --git a/listener/upload.go b/listener/upload.go index c203cad41..79aeea946 100644 --- a/listener/upload.go +++ b/listener/upload.go @@ -647,7 +647,7 @@ func getYumUpdates(event HostEvent, client *api.Client) (*YumUpdates, error) { installedPkgs := event.Host.SystemProfile.GetInstalledPackages() for _, pkg := range installedPkgs { if _, has := updatesMap[pkg]; !has { - updatesMap[pkg] = vmaas.UpdatesV3ResponseUpdateList{} + updatesMap[pkg] = &vmaas.UpdatesV3ResponseUpdateList{} } } parsed.UpdateList = &updatesMap From 9f5315fa33ee78e4a9228fd315a9866e0cbfd791 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Mon, 21 Aug 2023 11:02:01 +0000 Subject: [PATCH 239/268] v3.4.26 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index a1e27e41c..753a7cf0b 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.25 +v3.4.26 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 318716caf..8a918fecc 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -553,7 +553,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.25} +- {name: IMAGE_TAG_MANAGER, value: v3.4.26} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -577,7 +577,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.25} +- {name: IMAGE_TAG_LISTENER, value: v3.4.26} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -598,7 +598,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.25} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.26} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -623,7 +623,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.25} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.26} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -646,7 +646,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.25} +- {name: IMAGE_TAG_JOBS, value: v3.4.26} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -691,7 +691,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.25} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.26} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -723,7 +723,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.25} +- {name: IMAGE_TAG_ADMIN, value: v3.4.26} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 2832ee0b0..cf2907861 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.25" + "version": "v3.4.26" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 48364873b..1a5d6e593 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.25" + "version": "v3.4.26" }, "servers": [ { From 7961af4de0b12e71c3e36a00608c24022e995dcc Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Wed, 16 Aug 2023 16:29:07 +0200 Subject: [PATCH 240/268] ESSNTL-4817: access to all systems when resourceDefinitions=[] --- base/database/utils_test.go | 1 + base/rbac/rbac.go | 2 +- manager/middlewares/rbac.go | 4 +++ manager/middlewares/rbac_test.go | 54 ++++++++++++++++++++++++++++++-- 4 files changed, 57 insertions(+), 4 deletions(-) diff --git a/base/database/utils_test.go b/base/database/utils_test.go index db757b2cd..191a97517 100644 --- a/base/database/utils_test.go +++ b/base/database/utils_test.go @@ -32,6 +32,7 @@ var testCases = []map[int64]map[string]string{ {0: {rbac.KeyGrouped: `{"[{\"id\":\"non-existing-group\"}]"}`}}, {nUngrouped: {rbac.KeyUngrouped: "[]"}}, {nAll: {}}, + {nAll: nil}, } func TestInventoryHostsJoin(t *testing.T) { diff --git a/base/rbac/rbac.go b/base/rbac/rbac.go index 0fa279c70..c83eba35b 100644 --- a/base/rbac/rbac.go +++ b/base/rbac/rbac.go @@ -13,7 +13,7 @@ type Access struct { } type ResourceDefinition struct { - AttributeFilter AttributeFilter `json:"attributeFilter"` + AttributeFilter AttributeFilter `json:"attributeFilter,omitempty"` } type AttributeFilter struct { diff --git a/manager/middlewares/rbac.go b/manager/middlewares/rbac.go index dba9a34c2..a691d73a2 100644 --- a/manager/middlewares/rbac.go +++ b/manager/middlewares/rbac.go @@ -150,6 +150,10 @@ func findInventoryGroups(access *rbac.AccessPagination) map[string]string { continue } + if len(a.ResourceDefinitions) == 0 { + // access to all groups + return nil + } for _, rd := range a.ResourceDefinitions { if rd.AttributeFilter.Key != "group.id" { continue diff --git a/manager/middlewares/rbac_test.go b/manager/middlewares/rbac_test.go index ddc6fe1a7..3ea666029 100644 --- a/manager/middlewares/rbac_test.go +++ b/manager/middlewares/rbac_test.go @@ -10,6 +10,11 @@ import ( "github.com/stretchr/testify/assert" ) +var ( + group1 = "df57820e-965c-49a6-b0bc-797b7dd60581" + group2 = "df3f0efd-c853-41b5-80a1-86881d5343d1" +) + func okHandler(c *gin.Context) { c.JSON(http.StatusOK, nil) } @@ -248,7 +253,6 @@ func TestPermissionsRead(t *testing.T) { } func TestFindInventoryGroupsGrouped(t *testing.T) { - group1 := "df57820e-965c-49a6-b0bc-797b7dd60581" access := &rbac.AccessPagination{ Data: []rbac.Access{{ Permission: "inventory:hosts:read", @@ -291,8 +295,6 @@ func TestFindInventoryGroupsUnrouped(t *testing.T) { // nolint:lll func TestFindInventoryGroups(t *testing.T) { - group1 := "df57820e-965c-49a6-b0bc-797b7dd60581" - group2 := "df3f0efd-c853-41b5-80a1-86881d5343d1" access := &rbac.AccessPagination{ Data: []rbac.Access{{ Permission: "inventory:hosts:read", @@ -312,6 +314,52 @@ func TestFindInventoryGroups(t *testing.T) { assert.Equal(t, "[]", groups[rbac.KeyUngrouped]) } +func TestFindInventoryGroupsOverwrite(t *testing.T) { + access := &rbac.AccessPagination{ + Data: []rbac.Access{ + { + Permission: "inventory:hosts:read", + ResourceDefinitions: []rbac.ResourceDefinition{{ + AttributeFilter: rbac.AttributeFilter{ + Key: "group.id", + Value: []*string{&group1, nil}, + }, + }}, + }, + { + Permission: "inventory:hosts:read", + ResourceDefinitions: []rbac.ResourceDefinition{}, + }, + }, + } + groups := findInventoryGroups(access) + // we expect access to all groups (empty map) + assert.Equal(t, 0, len(groups)) +} + +func TestFindInventoryGroupsOverwrite2(t *testing.T) { + access := &rbac.AccessPagination{ + Data: []rbac.Access{ + { + Permission: "inventory:hosts:read", + ResourceDefinitions: []rbac.ResourceDefinition{}, + }, + { + Permission: "inventory:hosts:read", + ResourceDefinitions: []rbac.ResourceDefinition{{ + AttributeFilter: rbac.AttributeFilter{ + Key: "group.id", + Value: []*string{&group1, nil}, + }, + }}, + }, + }, + } + groups := findInventoryGroups(access) + // we expect access to all groups (empty map) + assert.Equal(t, 0, len(groups)) +} + func TestMultiplePermissions(t *testing.T) { handler := "MultiplePermissions" access := rbac.AccessPagination{ From 68a49d4e8644b8447f870558ffed82a6797e9022 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Mon, 21 Aug 2023 15:22:18 +0000 Subject: [PATCH 241/268] v3.4.27 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 753a7cf0b..2d7521279 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.26 +v3.4.27 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 8a918fecc..839b7a846 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -553,7 +553,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.26} +- {name: IMAGE_TAG_MANAGER, value: v3.4.27} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -577,7 +577,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.26} +- {name: IMAGE_TAG_LISTENER, value: v3.4.27} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -598,7 +598,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.26} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.27} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -623,7 +623,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.26} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.27} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -646,7 +646,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.26} +- {name: IMAGE_TAG_JOBS, value: v3.4.27} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -691,7 +691,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.26} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.27} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -723,7 +723,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.26} +- {name: IMAGE_TAG_ADMIN, value: v3.4.27} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index cf2907861..c6c2cba51 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.26" + "version": "v3.4.27" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 1a5d6e593..ebc35f397 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.26" + "version": "v3.4.27" }, "servers": [ { From 140d7283eb93d6ea2d9a56b90de1b631bd96690e Mon Sep 17 00:00:00 2001 From: yungbender Date: Tue, 22 Aug 2023 11:05:59 +0200 Subject: [PATCH 242/268] SPM-2112: disable baseline for satellite migrated system --- evaluator/evaluate.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/evaluator/evaluate.go b/evaluator/evaluate.go index 12ddaac6d..5ef926636 100644 --- a/evaluator/evaluate.go +++ b/evaluator/evaluate.go @@ -537,6 +537,11 @@ func updateSystemPlatform(tx *gorm.DB, system *models.SystemPlatform, data["third_party"] = system.ThirdParty } + if system.SatelliteManaged && system.BaselineID != nil { + data["baseline_id"] = nil + data["baseline_uptodate"] = nil + } + err := tx.Model(system).Updates(data).Error now := time.Now() From 99e4b5bb1172326afa34f946059a250ae0fe368e Mon Sep 17 00:00:00 2001 From: yungbender Date: Tue, 22 Aug 2023 11:53:48 +0200 Subject: [PATCH 243/268] SPM-2112: add satellite functionality feature flag --- deploy/clowdapp.yaml | 3 +++ evaluator/evaluate.go | 14 +++++++++----- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 839b7a846..1734d4a73 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -237,6 +237,7 @@ objects: - {name: GOGC, value: '${GOGC}'} # set garbage collection limit for go 1.18 - {name: ENABLE_PROFILER, value: '${ENABLE_PROFILER_EVALUATOR_UPLOAD}'} - {name: GOMEMLIMIT, value: '${GOMEMLIMIT_EVALUATOR}'} + - {name: ENABLE_SATELLITE_FUNCTIONALITY, value: '${ENABLE_SATELLITE_FUNCTIONALITY}'} resources: limits: {cpu: '${RES_LIMIT_CPU_EVALUATOR_UPLOAD}', memory: '${RES_LIMIT_MEM_EVALUATOR_UPLOAD}'} requests: {cpu: '${RES_REQUEST_CPU_EVALUATOR_UPLOAD}', memory: '${RES_REQUEST_MEM_EVALUATOR_UPLOAD}'} @@ -304,6 +305,7 @@ objects: - {name: GOGC, value: '${GOGC}'} # set garbage collection limit for go 1.18 - {name: ENABLE_PROFILER, value: '${ENABLE_PROFILER_EVALUATOR_RECALC}'} - {name: GOMEMLIMIT, value: '${GOMEMLIMIT_EVALUATOR}'} + - {name: ENABLE_SATELLITE_FUNCTIONALITY, value: '${ENABLE_SATELLITE_FUNCTIONALITY}'} resources: limits: {cpu: '${RES_LIMIT_CPU_EVALUATOR_RECALC}', memory: '${RES_LIMIT_MEM_EVALUATOR_RECALC}'} requests: {cpu: '${RES_REQUEST_CPU_EVALUATOR_RECALC}', memory: '${RES_REQUEST_MEM_EVALUATOR_RECALC}'} @@ -620,6 +622,7 @@ parameters: - {name: ENABLE_INSTANT_NOTIFICATIONS, value: 'true'} - {name: VMAAS_CACHE_SIZE, value: '10000'} - {name: ENABLE_PROFILER_EVALUATOR_UPLOAD, value: 'false'} +- {name: ENABLE_SATELLITE_FUNCTIONALITY, value: 'false'} # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} diff --git a/evaluator/evaluate.go b/evaluator/evaluate.go index 5ef926636..f85b1fb12 100644 --- a/evaluator/evaluate.go +++ b/evaluator/evaluate.go @@ -58,6 +58,7 @@ var ( enableYumUpdatesEval bool nEvalGoroutines int enableInstantNotifications bool + enableSatelliteFunctionality bool errVmaasBadRequest = errors.New("vmaas bad request") ) @@ -98,6 +99,7 @@ func configure() { enableYumUpdatesEval = utils.GetBoolEnvOrDefault("ENABLE_YUM_UPDATES_EVAL", true) nEvalGoroutines = utils.GetIntEnvOrDefault("MAX_EVAL_GOROUTINES", 1) enableInstantNotifications = utils.GetBoolEnvOrDefault("ENABLE_INSTANT_NOTIFICATIONS", true) + enableSatelliteFunctionality = utils.GetBoolEnvOrDefault("ENABLE_SATELLITE_FUNCTIONALITY", true) configureRemediations() configureNotifications() configureStatus() @@ -249,10 +251,12 @@ func tryGetYumUpdates(system *models.SystemPlatform) (*vmaas.UpdatesV3Response, func evaluateWithVmaas(tx *gorm.DB, updatesData *vmaas.UpdatesV3Response, system *models.SystemPlatform, event *mqueue.PlatformEvent) (*vmaas.UpdatesV3Response, error) { - if enableBaselineEval && !system.SatelliteManaged { - err := limitVmaasToBaseline(tx, system, updatesData) - if err != nil { - return nil, errors.Wrap(err, "Failed to evaluate baseline") + if enableBaselineEval { + if !system.SatelliteManaged || (system.SatelliteManaged && !enableSatelliteFunctionality) { + err := limitVmaasToBaseline(tx, system, updatesData) + if err != nil { + return nil, errors.Wrap(err, "Failed to evaluate baseline") + } } } @@ -537,7 +541,7 @@ func updateSystemPlatform(tx *gorm.DB, system *models.SystemPlatform, data["third_party"] = system.ThirdParty } - if system.SatelliteManaged && system.BaselineID != nil { + if enableSatelliteFunctionality && system.SatelliteManaged && system.BaselineID != nil { data["baseline_id"] = nil data["baseline_uptodate"] = nil } From 26cf6b60fb577d758cda1cef319ae3e6c23f724b Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Wed, 23 Aug 2023 11:24:50 +0000 Subject: [PATCH 244/268] v3.4.28 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 2d7521279..704dfe148 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.27 +v3.4.28 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 1734d4a73..31abcc471 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -555,7 +555,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.27} +- {name: IMAGE_TAG_MANAGER, value: v3.4.28} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -579,7 +579,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.27} +- {name: IMAGE_TAG_LISTENER, value: v3.4.28} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -600,7 +600,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.27} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.28} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -626,7 +626,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.27} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.28} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -649,7 +649,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.27} +- {name: IMAGE_TAG_JOBS, value: v3.4.28} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -694,7 +694,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.27} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.28} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -726,7 +726,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.27} +- {name: IMAGE_TAG_ADMIN, value: v3.4.28} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index c6c2cba51..e410bac27 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.27" + "version": "v3.4.28" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index ebc35f397..0077b16de 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.27" + "version": "v3.4.28" }, "servers": [ { From 5f52a6a480155f9818e00410466f614135531339 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Fri, 25 Aug 2023 16:32:11 +0200 Subject: [PATCH 245/268] RHINENG-1602: fix pod restart when vmaas responds with 400 --- base/api/client.go | 2 +- base/vmaas/vmaas.go | 2 ++ evaluator/evaluate_test.go | 26 ++++++++++++++++++++++++++ platform/vmaas.go | 11 +++++++++++ 4 files changed, 40 insertions(+), 1 deletion(-) diff --git a/base/api/client.go b/base/api/client.go index 4544b1b84..96f8d81a1 100644 --- a/base/api/client.go +++ b/base/api/client.go @@ -36,7 +36,7 @@ func (o *Client) Request(ctx *context.Context, method, url string, httpResp, err := utils.CallAPI(o.HTTPClient, httpReq, o.Debug) if err != nil { - return nil, errors.Wrap(err, "Request failed") + return httpResp, errors.Wrap(err, "Request failed") } bodyBytes, err := io.ReadAll(httpResp.Body) diff --git a/base/vmaas/vmaas.go b/base/vmaas/vmaas.go index b5587b7fb..b51ee8318 100644 --- a/base/vmaas/vmaas.go +++ b/base/vmaas/vmaas.go @@ -19,6 +19,8 @@ type UpdatesV3Request struct { OptimisticUpdates *bool `json:"optimistic_updates,omitempty"` // VMaaS will check package_list and return error if we provide package_list without epochs EpochRequired *bool `json:"epoch_required,omitempty"` + // helper for tests to get different status code from VMaaS mock + TestReturnStatus int `swaggerignore:"true" json:"return_status,omitempty"` } type UpdatesV3RequestModulesList struct { diff --git a/evaluator/evaluate_test.go b/evaluator/evaluate_test.go index 9a713e58d..c88152938 100644 --- a/evaluator/evaluate_test.go +++ b/evaluator/evaluate_test.go @@ -361,3 +361,29 @@ func TestSatelliteSystemAdvisories(t *testing.T) { database.Db.Delete(system) } + +func TestCallVmaas400(t *testing.T) { + utils.SkipWithoutDB(t) + utils.SkipWithoutPlatform(t) + configure() + req := vmaas.UpdatesV3Request{TestReturnStatus: 400} + _, err := callVMaas(context.Background(), &req) + assert.ErrorIs(t, err, errVmaasBadRequest) +} + +func TestGetUpdatesDataVmaas400(t *testing.T) { + utils.SkipWithoutDB(t) + utils.SkipWithoutPlatform(t) + configure() + loadCache() + req := vmaas.UpdatesV3Request{ + TestReturnStatus: 400, PackageList: []string{"pkg"}, RepositoryList: []string{"repo"}, + } + reqJSON, _ := json.Marshal(req) + reqString := string(reqJSON) + sp := models.SystemPlatform{VmaasJSON: &reqString} + res, err := getUpdatesData(context.Background(), database.Db, &sp) + // response and error should be nil, system is skipped due to VMaaS 400 + assert.Nil(t, err) + assert.Nil(t, res) +} diff --git a/platform/vmaas.go b/platform/vmaas.go index 46d33eeb2..aebda688b 100644 --- a/platform/vmaas.go +++ b/platform/vmaas.go @@ -1,12 +1,23 @@ package platform import ( + "encoding/json" + "io" "net/http" "github.com/gin-gonic/gin" ) func updatesHandler(c *gin.Context) { + var body struct { + ReturnStatus int `json:"return_status"` + } + jsonData, _ := io.ReadAll(c.Request.Body) + json.Unmarshal(jsonData, &body) // nolint:errcheck + if body.ReturnStatus > 200 { + c.AbortWithStatus(body.ReturnStatus) + return + } data := `{ "basearch": "i686", "modules_list": [], From 97cf29bd0f29a9749624780a94e6fb575508bdf7 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Fri, 25 Aug 2023 15:38:09 +0000 Subject: [PATCH 246/268] v3.4.29 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 704dfe148..8c88503cf 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.28 +v3.4.29 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 31abcc471..a98222c80 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -555,7 +555,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.28} +- {name: IMAGE_TAG_MANAGER, value: v3.4.29} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -579,7 +579,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.28} +- {name: IMAGE_TAG_LISTENER, value: v3.4.29} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -600,7 +600,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.28} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.29} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -626,7 +626,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.28} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.29} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -649,7 +649,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.28} +- {name: IMAGE_TAG_JOBS, value: v3.4.29} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -694,7 +694,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.28} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.29} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -726,7 +726,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.28} +- {name: IMAGE_TAG_ADMIN, value: v3.4.29} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index e410bac27..7fd0f000d 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.28" + "version": "v3.4.29" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 0077b16de..ebf8a6dce 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.28" + "version": "v3.4.29" }, "servers": [ { From a739db37e59b57cca7fd22fec9c65ea88b499338 Mon Sep 17 00:00:00 2001 From: yungbender Date: Fri, 25 Aug 2023 16:29:13 +0200 Subject: [PATCH 247/268] SPM-2110: return 400 if user adds satellite system to baseline --- docs/v3/openapi.json | 4 +- manager/controllers/baseline_create.go | 41 ++++++++++++++------- manager/controllers/baseline_create_test.go | 31 ++++++++++++++++ manager/controllers/baseline_update.go | 10 +++-- manager/controllers/baseline_update_test.go | 33 +++++++++++++++++ manager/controllers/utils.go | 1 + 6 files changed, 101 insertions(+), 19 deletions(-) diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index ebf8a6dce..b83ab9870 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -678,7 +678,7 @@ }, "put": { "summary": "Create a baseline for my set of systems", - "description": "Create a baseline for my set of systems", + "description": "Create a baseline for my set of systems. System cannot be satellite managed.", "operationId": "createBaseline", "requestBody": { "description": "Request body", @@ -867,7 +867,7 @@ }, "put": { "summary": "Update a baseline for my set of systems", - "description": "Update a baseline for my set of systems", + "description": "Update a baseline for my set of systems. System cannot be satellite managed.", "operationId": "updateBaseline", "parameters": [ { diff --git a/manager/controllers/baseline_create.go b/manager/controllers/baseline_create.go index 292d1b96a..d192dd1f4 100644 --- a/manager/controllers/baseline_create.go +++ b/manager/controllers/baseline_create.go @@ -38,8 +38,13 @@ type CreateBaselineResponse struct { BaselineID int64 `json:"baseline_id" example:"1"` // Updated baseline unique ID, it can not be changed } +type SystemBaselineDBLookup struct { + InventoryID string `query:"sp.inventory_id"` + SatelliteManaged bool `query:"sp.satellite_managed"` +} + // @Summary Create a baseline for my set of systems -// @Description Create a baseline for my set of systems +// @Description Create a baseline for my set of systems. System cannot be satellite managed. // @ID createBaseline // @Security RhIdentity // @Accept json @@ -74,13 +79,17 @@ func CreateBaselineHandler(c *gin.Context) { request.Description = utils.EmptyToNil(request.Description) db := middlewares.DBFromContext(c) - missingIDs, err := checkInventoryIDs(db, accountID, request.InventoryIDs) + missingIDs, satelliteManagedIDs, err := checkInventoryIDs(db, accountID, request.InventoryIDs) if err != nil { LogAndRespError(c, err, "Database error") return } - if len(missingIDs) > 0 { + if enableSatelliteFunctionality && len(satelliteManagedIDs) > 0 { + msg := fmt.Sprintf("Attempting to add satellite managed systems to baseline: %v", satelliteManagedIDs) + LogAndRespBadRequest(c, errors.New(msg), msg) + return + } else if len(missingIDs) > 0 { msg := fmt.Sprintf("Missing inventory_ids: %v", missingIDs) LogAndRespNotFound(c, errors.New(msg), msg) return @@ -141,22 +150,23 @@ func buildCreateBaselineQuery(db *gorm.DB, request CreateBaselineRequest, accoun return baseline.ID, err } -func checkInventoryIDs(db *gorm.DB, accountID int, inventoryIDs []string) (missingIDs []string, err error) { - var containingIDs []string +func checkInventoryIDs(db *gorm.DB, accountID int, inventoryIDs []string, +) (missingIDs, satelliteManagedIDs []string, err error) { + var containingSystems []SystemBaselineDBLookup err = db.Table("system_platform sp"). Where("rh_account_id = ? AND inventory_id::text IN (?)", accountID, inventoryIDs). - Pluck("sp.inventory_id", &containingIDs).Error + Scan(&containingSystems).Error if err != nil { - return nil, err + return nil, nil, err } - if len(inventoryIDs) == len(containingIDs) { - return []string{}, nil // all inventoryIDs found in database - } + containingIDsMap := make(map[string]bool, len(containingSystems)) + for _, containingSystem := range containingSystems { + containingIDsMap[containingSystem.InventoryID] = true - containingIDsMap := make(map[string]bool, len(containingIDs)) - for _, containingID := range containingIDs { - containingIDsMap[containingID] = true + if containingSystem.SatelliteManaged { + satelliteManagedIDs = append(satelliteManagedIDs, containingSystem.InventoryID) + } } for _, inventoryID := range inventoryIDs { @@ -164,6 +174,9 @@ func checkInventoryIDs(db *gorm.DB, accountID int, inventoryIDs []string) (missi missingIDs = append(missingIDs, inventoryID) } } + sort.Strings(missingIDs) - return missingIDs, nil + sort.Strings(satelliteManagedIDs) + + return missingIDs, satelliteManagedIDs, nil } diff --git a/manager/controllers/baseline_create_test.go b/manager/controllers/baseline_create_test.go index bbe6a5f2c..2f7f4b119 100644 --- a/manager/controllers/baseline_create_test.go +++ b/manager/controllers/baseline_create_test.go @@ -3,6 +3,7 @@ package controllers import ( "app/base/core" "app/base/database" + "app/base/models" "app/base/utils" "bytes" "net/http" @@ -108,3 +109,33 @@ func TestCreateBaselineDescriptionSpaces(t *testing.T) { var err utils.ErrorResponse CheckResponse(t, w, http.StatusBadRequest, &err) } + +func TestCreateBaselineSatelliteSystem(t *testing.T) { + core.SetupTest(t) + + system := models.SystemPlatform{ + InventoryID: "99999999-0000-0000-0000-000000000015", + DisplayName: "satellite_system_test", + RhAccountID: 1, + BuiltPkgcache: true, + SatelliteManaged: true, + } + tx := database.Db.Create(&system) + assert.Nil(t, tx.Error) + defer database.Db.Delete(system) + + data := `{ + "name": "baseline_satellite", + "inventory_ids": [ + "00000000-0000-0000-0000-000000000005", + "99999999-0000-0000-0000-000000000015" + ], + "config": {"to_time": "2022-12-31T12:00:00-04:00"}, + "description": "desc" + }` + + w := CreateRequestRouterWithParams("PUT", "/", bytes.NewBufferString(data), "", + CreateBaselineHandler, 1, "PUT", "/") + var err utils.ErrorResponse + CheckResponse(t, w, http.StatusBadRequest, &err) +} diff --git a/manager/controllers/baseline_update.go b/manager/controllers/baseline_update.go index dc029a96f..e15a253fe 100644 --- a/manager/controllers/baseline_update.go +++ b/manager/controllers/baseline_update.go @@ -38,7 +38,7 @@ type UpdateBaselineResponse struct { // nolint: funlen // @Summary Update a baseline for my set of systems -// @Description Update a baseline for my set of systems +// @Description Update a baseline for my set of systems. System cannot be satellite managed. // @ID updateBaseline // @Security RhIdentity // @Accept json @@ -90,13 +90,17 @@ func BaselineUpdateHandler(c *gin.Context) { } inventoryIDsList := map2list(req.InventoryIDs) - missingIDs, err := checkInventoryIDs(db, account, inventoryIDsList) + missingIDs, satelliteManagedIDs, err := checkInventoryIDs(db, account, inventoryIDsList) if err != nil { LogAndRespError(c, err, "Database error") return } - if len(missingIDs) > 0 { + if enableSatelliteFunctionality && len(satelliteManagedIDs) > 0 { + msg := fmt.Sprintf("Attempting to add satellite managed systems to baseline: %v", satelliteManagedIDs) + LogAndRespBadRequest(c, errors.New(msg), msg) + return + } else if len(missingIDs) > 0 { msg := fmt.Sprintf("Missing inventory_ids: %v", missingIDs) LogAndRespNotFound(c, errors.New(msg), msg) return diff --git a/manager/controllers/baseline_update_test.go b/manager/controllers/baseline_update_test.go index f055357a3..4cc498254 100644 --- a/manager/controllers/baseline_update_test.go +++ b/manager/controllers/baseline_update_test.go @@ -3,6 +3,7 @@ package controllers import ( "app/base/core" "app/base/database" + "app/base/models" "app/base/utils" "bytes" "fmt" @@ -269,3 +270,35 @@ func TestUpdateBaselineSpacesDescription(t *testing.T) { var err utils.ErrorResponse CheckResponse(t, w, http.StatusBadRequest, &err) } + +func TestUpdateBaselineSatelliteSystem(t *testing.T) { + core.SetupTestEnvironment() + + baselineName := "baseline_satellite" + desc := "satellite baseline" + baselineID := database.CreateBaseline(t, baselineName, []string{}, &desc) + defer database.DeleteBaseline(t, baselineID) + + system := models.SystemPlatform{ + InventoryID: "99999999-0000-0000-0000-000000000015", + DisplayName: "satellite_system_test", + RhAccountID: 1, + BuiltPkgcache: true, + SatelliteManaged: true, + } + tx := database.Db.Create(&system) + assert.Nil(t, tx.Error) + defer database.Db.Delete(system) + + data := `{ + "inventory_ids": { + "00000000-0000-0000-0000-000000000001": true, + "99999999-0000-0000-0000-000000000015": true + } + }` + + w := CreateRequestRouterWithParams("PUT", fmt.Sprintf("/%v", baselineID), bytes.NewBufferString(data), "", + BaselineUpdateHandler, 1, "PUT", "/:baseline_id") + var err utils.ErrorResponse + CheckResponse(t, w, http.StatusBadRequest, &err) +} diff --git a/manager/controllers/utils.go b/manager/controllers/utils.go index 9f44f09d9..9587a43c7 100644 --- a/manager/controllers/utils.go +++ b/manager/controllers/utils.go @@ -28,6 +28,7 @@ const FilterNotSupportedMsg = "filtering not supported on this endpoint" var tagRegex = regexp.MustCompile(`([^/=]+)/([^/=]+)(=([^/=]+))?`) var enableCyndiTags = utils.GetBoolEnvOrDefault("ENABLE_CYNDI_TAGS", false) var disableCachedCounts = utils.GetBoolEnvOrDefault("DISABLE_CACHE_COUNTS", false) +var enableSatelliteFunctionality = utils.GetBoolEnvOrDefault("ENABLE_SATELLITE_FUNCTIONALITY", true) func LogAndRespError(c *gin.Context, err error, respMsg string) { utils.LogError("err", err.Error(), respMsg) From ab36b378db71c35cac387d0e3af29d1746b8a7c7 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Fri, 25 Aug 2023 16:08:44 +0000 Subject: [PATCH 248/268] v3.4.30 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 8c88503cf..69f0fc42b 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.29 +v3.4.30 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index a98222c80..bc1602d16 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -555,7 +555,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.29} +- {name: IMAGE_TAG_MANAGER, value: v3.4.30} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -579,7 +579,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.29} +- {name: IMAGE_TAG_LISTENER, value: v3.4.30} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -600,7 +600,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.29} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.30} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -626,7 +626,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.29} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.30} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -649,7 +649,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.29} +- {name: IMAGE_TAG_JOBS, value: v3.4.30} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -694,7 +694,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.29} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.30} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -726,7 +726,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.29} +- {name: IMAGE_TAG_ADMIN, value: v3.4.30} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 7fd0f000d..7c83d7826 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.29" + "version": "v3.4.30" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index b83ab9870..1b4eef74f 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.29" + "version": "v3.4.30" }, "servers": [ { From e8c72cae21fcb720942322718076cde52d9d9f36 Mon Sep 17 00:00:00 2001 From: Michaela Parilova Date: Fri, 25 Aug 2023 12:18:03 +0200 Subject: [PATCH 249/268] SPM-2104: show satellite_managed in API --- docs/v3/openapi.json | 35 ++++++++++++++++++- manager/controllers/advisory_systems.go | 3 +- .../advisory_systems_export_test.go | 4 +-- manager/controllers/advisory_systems_test.go | 1 + manager/controllers/advisory_systems_v3.go | 1 + manager/controllers/common_attributes.go | 4 +++ manager/controllers/systems.go | 4 ++- manager/controllers/systems_export_test.go | 8 +++-- manager/controllers/systems_test.go | 1 + 9 files changed, 53 insertions(+), 8 deletions(-) diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 1b4eef74f..3eb49cc9a 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -2892,6 +2892,7 @@ "rhba_count", "rhea_count", "other_count", + "satellite_managed", "stale" ] } @@ -2976,6 +2977,14 @@ "type": "string" } }, + { + "name": "filter[satellite_managed]", + "in": "query", + "description": "Filter", + "schema": { + "type": "string" + } + }, { "name": "filter[stale]", "in": "query", @@ -3515,7 +3524,8 @@ "other_count", "stale", "packages_installed", - "baseline_name" + "baseline_name", + "satellite_managed" ] } }, @@ -3647,6 +3657,14 @@ "type": "string" } }, + { + "name": "filter[satellite_managed]", + "in": "query", + "description": "Filter", + "schema": { + "type": "string" + } + }, { "name": "tags", "in": "query", @@ -5727,6 +5745,9 @@ "rhsm": { "type": "string" }, + "satellite_managed": { + "type": "boolean" + }, "stale": { "type": "boolean" }, @@ -5794,6 +5815,9 @@ "rhsm": { "type": "string" }, + "satellite_managed": { + "type": "boolean" + }, "stale": { "type": "boolean" }, @@ -6671,6 +6695,9 @@ "rhsm": { "type": "string" }, + "satellite_managed": { + "type": "boolean" + }, "stale": { "type": "boolean" }, @@ -6790,6 +6817,9 @@ "rhsm": { "type": "string" }, + "satellite_managed": { + "type": "boolean" + }, "stale": { "type": "boolean" }, @@ -6858,6 +6888,9 @@ "rhsm": { "type": "string" }, + "satellite_managed": { + "type": "boolean" + }, "stale": { "type": "boolean" }, diff --git a/manager/controllers/advisory_systems.go b/manager/controllers/advisory_systems.go index e6d73fba7..4a13534ba 100644 --- a/manager/controllers/advisory_systems.go +++ b/manager/controllers/advisory_systems.go @@ -150,7 +150,7 @@ func advisorySystemsListHandler(c *gin.Context) { // @Param advisory_id path string true "Advisory ID" // @Param limit query int false "Limit for paging, set -1 to return all" // @Param offset query int false "Offset for paging" -// @Param sort query string false "Sort field" Enums(id,display_name,last_evaluation,last_upload,rhsa_count,rhba_count,rhea_count,other_count,stale) +// @Param sort query string false "Sort field" Enums(id,display_name,last_evaluation,last_upload,rhsa_count,rhba_count,rhea_count,other_count,satellite_managed,stale) // @Param search query string false "Find matching text" // @Param filter[id] query string false "Filter" // @Param filter[insights_id] query string false "Filter" @@ -161,6 +161,7 @@ func advisorySystemsListHandler(c *gin.Context) { // @Param filter[rhba_count] query string false "Filter" // @Param filter[rhea_count] query string false "Filter" // @Param filter[other_count] query string false "Filter" +// @Param filter[satellite_managed] query string false "Filter" // @Param filter[stale] query string false "Filter" // @Param filter[stale_timestamp] query string false "Filter" // @Param filter[stale_warning_timestamp] query string false "Filter" diff --git a/manager/controllers/advisory_systems_export_test.go b/manager/controllers/advisory_systems_export_test.go index 1156af1d3..11da76ffc 100644 --- a/manager/controllers/advisory_systems_export_test.go +++ b/manager/controllers/advisory_systems_export_test.go @@ -32,11 +32,11 @@ func TestAdvisorySystemsExportCSV(t *testing.T) { assert.Equal(t, 8, len(lines)) assert.Equal(t, "display_name,last_upload,stale,os,rhsm,stale_timestamp,stale_warning_timestamp,culled_timestamp,created,tags,"+ - "groups,baseline_id,baseline_name,status,id", lines[0]) + "groups,baseline_id,baseline_name,status,satellite_managed,id", lines[0]) assert.Equal(t, "00000000-0000-0000-0000-000000000001,2020-09-22T16:00:00Z,false,RHEL 8.10,8.10,2018-08-26T16:00:00Z,"+ "2018-09-02T16:00:00Z,2018-09-09T16:00:00Z,2018-08-26T16:00:00Z,\"[{'key':'k1','namespace':'ns1','value':'val1'},"+ "{'key':'k2','namespace':'ns1','value':'val2'}]\",\"[{'id':'inventory-group-1','name':'group1'}]\","+ - "1,baseline_1-1,Installable,00000000-0000-0000-0000-000000000001", + "1,baseline_1-1,Installable,false,00000000-0000-0000-0000-000000000001", lines[1]) } diff --git a/manager/controllers/advisory_systems_test.go b/manager/controllers/advisory_systems_test.go index eceb70129..273cdfdc2 100644 --- a/manager/controllers/advisory_systems_test.go +++ b/manager/controllers/advisory_systems_test.go @@ -30,6 +30,7 @@ func TestAdvisorySystemsDefault(t *testing.T) { //nolint:dupl assert.Equal(t, SystemTagsList{{"k1", "ns1", "val1"}, {"k2", "ns1", "val2"}}, output.Data[0].Attributes.Tags) assert.Equal(t, "baseline_1-1", output.Data[0].Attributes.BaselineName) assert.Equal(t, int64(1), output.Data[0].Attributes.BaselineID) + assert.False(t, output.Data[0].Attributes.SatelliteManaged) } func TestAdvisorySystemsIDsDefault(t *testing.T) { //nolint:dupl diff --git a/manager/controllers/advisory_systems_v3.go b/manager/controllers/advisory_systems_v3.go index 836454e16..2a1f4304b 100644 --- a/manager/controllers/advisory_systems_v3.go +++ b/manager/controllers/advisory_systems_v3.go @@ -43,6 +43,7 @@ type AdvisorySystemItemAttributes struct { BaselineIDAttr BaselineNameAttr SystemAdvisoryStatus + SystemSatelliteManaged } type SystemsStatusID struct { diff --git a/manager/controllers/common_attributes.go b/manager/controllers/common_attributes.go index 91d8568e1..e7837fb93 100644 --- a/manager/controllers/common_attributes.go +++ b/manager/controllers/common_attributes.go @@ -81,6 +81,10 @@ type SystemAdvisoryStatus struct { Status string `json:"status" csv:"status" query:"st.name" gorm:"column:status"` } +type SystemSatelliteManaged struct { + SatelliteManaged bool `json:"satellite_managed" csv:"satellite_managed" query:"sp.satellite_managed" gorm:"column:satellite_managed"` +} + // nolint: lll type InstallableAdvisories struct { InstallableRhsaCount int `json:"installable_rhsa_count" csv:"installable_rhsa_count" query:"sp.installable_advisory_sec_count_cache" gorm:"column:installable_rhsa_count"` diff --git a/manager/controllers/systems.go b/manager/controllers/systems.go index 4697deb78..5203aad6d 100644 --- a/manager/controllers/systems.go +++ b/manager/controllers/systems.go @@ -77,6 +77,7 @@ type SystemItemAttributesCommon struct { SystemLastUpload SystemTimestamps SystemStale + SystemSatelliteManaged } // nolint: lll @@ -267,7 +268,7 @@ func SystemsListHandler(c *gin.Context) { // @Produce json // @Param limit query int false "Limit for paging, set -1 to return all" // @Param offset query int false "Offset for paging" -// @Param sort query string false "Sort field" Enums(id,display_name,last_upload,rhsa_count,rhba_count,rhea_count,other_count,stale,packages_installed,baseline_name) +// @Param sort query string false "Sort field" Enums(id,display_name,last_upload,rhsa_count,rhba_count,rhea_count,other_count,stale,packages_installed,baseline_name,satellite_managed) // @Param search query string false "Find matching text" // @Param filter[id] query string false "Filter" // @Param filter[display_name] query string false "Filter" @@ -284,6 +285,7 @@ func SystemsListHandler(c *gin.Context) { // @Param filter[created] query string false "Filter" // @Param filter[baseline_name] query string false "Filter" // @Param filter[os] query string false "Filter OS version" +// @Param filter[satellite_managed] query string false "Filter" // @Param tags query []string false "Tag filter" // @Param filter[group_name] query []string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" diff --git a/manager/controllers/systems_export_test.go b/manager/controllers/systems_export_test.go index 6cd2bdfcb..60367cec1 100644 --- a/manager/controllers/systems_export_test.go +++ b/manager/controllers/systems_export_test.go @@ -48,13 +48,14 @@ func TestSystemsExportCSV(t *testing.T) { assert.Equal(t, 10, len(lines)) assert.Equal(t, "id,display_name,os,rhsm,tags,rhsa_count,rhba_count,rhea_count,other_count,packages_installed,baseline_name,"+ - "last_upload,stale_timestamp,stale_warning_timestamp,culled_timestamp,created,stale,baseline_id,groups", + "last_upload,stale_timestamp,stale_warning_timestamp,culled_timestamp,created,stale,satellite_managed,"+ + "baseline_id,groups", lines[0]) assert.Equal(t, "00000000-0000-0000-0000-000000000001,00000000-0000-0000-0000-000000000001,RHEL 8.10,8.10,"+ "\"[{'key':'k1','namespace':'ns1','value':'val1'},{'key':'k2','namespace':'ns1','value':'val2'}]\","+ "2,2,1,0,0,baseline_1-1,2020-09-22T16:00:00Z,2018-08-26T16:00:00Z,2018-09-02T16:00:00Z,2018-09-09T16:00:00Z,"+ - "2018-08-26T16:00:00Z,false,1,\"[{'id':'inventory-group-1','name':'group1'}]\"", + "2018-08-26T16:00:00Z,false,false,1,\"[{'id':'inventory-group-1','name':'group1'}]\"", lines[1]) } @@ -76,7 +77,8 @@ func TestSystemsExportCSVFilter(t *testing.T) { assert.Equal(t, 2, len(lines)) assert.Equal(t, "id,display_name,os,rhsm,tags,rhsa_count,rhba_count,rhea_count,other_count,packages_installed,baseline_name,"+ - "last_upload,stale_timestamp,stale_warning_timestamp,culled_timestamp,created,stale,baseline_id,groups", + "last_upload,stale_timestamp,stale_warning_timestamp,culled_timestamp,created,stale,satellite_managed,"+ + "baseline_id,groups", lines[0]) assert.Equal(t, "", lines[1]) } diff --git a/manager/controllers/systems_test.go b/manager/controllers/systems_test.go index 4087a48a7..ec61c253c 100644 --- a/manager/controllers/systems_test.go +++ b/manager/controllers/systems_test.go @@ -33,6 +33,7 @@ func TestSystemsDefault(t *testing.T) { assert.Equal(t, SystemTagsList{{"k1", "ns1", "val1"}, {"k2", "ns1", "val2"}}, output.Data[0].Attributes.Tags) assert.Equal(t, "baseline_1-1", output.Data[0].Attributes.BaselineName) assert.Equal(t, int64(1), output.Data[0].Attributes.BaselineID) + assert.False(t, output.Data[0].Attributes.SatelliteManaged) // links assert.Equal(t, "/?offset=0&limit=20&filter[stale]=eq:false&sort=-last_upload", output.Links.First) From d08c72dc61f14f67863e2de6e062ec2ef87b3372 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Fri, 25 Aug 2023 16:14:54 +0000 Subject: [PATCH 250/268] v3.4.31 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 69f0fc42b..33ee08de7 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.30 +v3.4.31 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index bc1602d16..57a2ada4d 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -555,7 +555,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.30} +- {name: IMAGE_TAG_MANAGER, value: v3.4.31} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -579,7 +579,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.30} +- {name: IMAGE_TAG_LISTENER, value: v3.4.31} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -600,7 +600,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.30} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.31} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -626,7 +626,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.30} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.31} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -649,7 +649,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.30} +- {name: IMAGE_TAG_JOBS, value: v3.4.31} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -694,7 +694,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.30} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.31} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -726,7 +726,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.30} +- {name: IMAGE_TAG_ADMIN, value: v3.4.31} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 7c83d7826..3d669944e 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.30" + "version": "v3.4.31" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 3eb49cc9a..fc9361f7a 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.30" + "version": "v3.4.31" }, "servers": [ { From 3a9ea57d1d4597b0054fa389bd38b31c8b4ade17 Mon Sep 17 00:00:00 2001 From: Michaela Parilova Date: Fri, 25 Aug 2023 15:28:00 +0200 Subject: [PATCH 251/268] SPM-2106: show in API whether satellite system was uploaded with cache /minor --- docs/v3/openapi.json | 37 ++++++++++++++++++- manager/controllers/advisory_systems.go | 3 +- .../advisory_systems_export_test.go | 4 +- manager/controllers/advisory_systems_test.go | 1 + manager/controllers/advisory_systems_v3.go | 1 + manager/controllers/common_attributes.go | 4 ++ manager/controllers/systems.go | 4 +- manager/controllers/systems_export_test.go | 6 +-- manager/controllers/systems_test.go | 1 + 9 files changed, 52 insertions(+), 9 deletions(-) diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index fc9361f7a..2b45150d8 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -2893,7 +2893,8 @@ "rhea_count", "other_count", "satellite_managed", - "stale" + "stale", + "built_pkgcache" ] } }, @@ -3057,6 +3058,14 @@ "type": "string" } }, + { + "name": "filter[built_pkgcache]", + "in": "query", + "description": "Filter", + "schema": { + "type": "string" + } + }, { "name": "tags", "in": "query", @@ -3525,7 +3534,8 @@ "stale", "packages_installed", "baseline_name", - "satellite_managed" + "satellite_managed", + "built_pkgcache" ] } }, @@ -3665,6 +3675,14 @@ "type": "string" } }, + { + "name": "filter[built_pkgcache]", + "in": "query", + "description": "Filter", + "schema": { + "type": "string" + } + }, { "name": "tags", "in": "query", @@ -5718,6 +5736,9 @@ "baseline_name": { "type": "string" }, + "built_pkgcache": { + "type": "boolean" + }, "created": { "type": "string" }, @@ -5791,6 +5812,9 @@ "baseline_name": { "type": "string" }, + "built_pkgcache": { + "type": "boolean" + }, "created": { "type": "string" }, @@ -6653,6 +6677,9 @@ "baseline_name": { "type": "string" }, + "built_pkgcache": { + "type": "boolean" + }, "created": { "type": "string" }, @@ -6760,6 +6787,9 @@ "baseline_uptodate": { "type": "boolean" }, + "built_pkgcache": { + "type": "boolean" + }, "created": { "type": "string" }, @@ -6849,6 +6879,9 @@ "baseline_name": { "type": "string" }, + "built_pkgcache": { + "type": "boolean" + }, "created": { "type": "string" }, diff --git a/manager/controllers/advisory_systems.go b/manager/controllers/advisory_systems.go index 4a13534ba..d535678d3 100644 --- a/manager/controllers/advisory_systems.go +++ b/manager/controllers/advisory_systems.go @@ -150,7 +150,7 @@ func advisorySystemsListHandler(c *gin.Context) { // @Param advisory_id path string true "Advisory ID" // @Param limit query int false "Limit for paging, set -1 to return all" // @Param offset query int false "Offset for paging" -// @Param sort query string false "Sort field" Enums(id,display_name,last_evaluation,last_upload,rhsa_count,rhba_count,rhea_count,other_count,satellite_managed,stale) +// @Param sort query string false "Sort field" Enums(id,display_name,last_evaluation,last_upload,rhsa_count,rhba_count,rhea_count,other_count,satellite_managed,stale,built_pkgcache) // @Param search query string false "Find matching text" // @Param filter[id] query string false "Filter" // @Param filter[insights_id] query string false "Filter" @@ -171,6 +171,7 @@ func advisorySystemsListHandler(c *gin.Context) { // @Param filter[osminor] query string false "Filter" // @Param filter[osmajor] query string false "Filter" // @Param filter[os] query string false "Filter OS version" +// @Param filter[built_pkgcache] query string false "Filter" // @Param tags query []string false "Tag filter" // @Param filter[group_name] query []string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" diff --git a/manager/controllers/advisory_systems_export_test.go b/manager/controllers/advisory_systems_export_test.go index 11da76ffc..02a480b88 100644 --- a/manager/controllers/advisory_systems_export_test.go +++ b/manager/controllers/advisory_systems_export_test.go @@ -32,11 +32,11 @@ func TestAdvisorySystemsExportCSV(t *testing.T) { assert.Equal(t, 8, len(lines)) assert.Equal(t, "display_name,last_upload,stale,os,rhsm,stale_timestamp,stale_warning_timestamp,culled_timestamp,created,tags,"+ - "groups,baseline_id,baseline_name,status,satellite_managed,id", lines[0]) + "groups,baseline_id,baseline_name,status,satellite_managed,built_pkgcache,id", lines[0]) assert.Equal(t, "00000000-0000-0000-0000-000000000001,2020-09-22T16:00:00Z,false,RHEL 8.10,8.10,2018-08-26T16:00:00Z,"+ "2018-09-02T16:00:00Z,2018-09-09T16:00:00Z,2018-08-26T16:00:00Z,\"[{'key':'k1','namespace':'ns1','value':'val1'},"+ "{'key':'k2','namespace':'ns1','value':'val2'}]\",\"[{'id':'inventory-group-1','name':'group1'}]\","+ - "1,baseline_1-1,Installable,false,00000000-0000-0000-0000-000000000001", + "1,baseline_1-1,Installable,false,false,00000000-0000-0000-0000-000000000001", lines[1]) } diff --git a/manager/controllers/advisory_systems_test.go b/manager/controllers/advisory_systems_test.go index 273cdfdc2..8ed10f1da 100644 --- a/manager/controllers/advisory_systems_test.go +++ b/manager/controllers/advisory_systems_test.go @@ -31,6 +31,7 @@ func TestAdvisorySystemsDefault(t *testing.T) { //nolint:dupl assert.Equal(t, "baseline_1-1", output.Data[0].Attributes.BaselineName) assert.Equal(t, int64(1), output.Data[0].Attributes.BaselineID) assert.False(t, output.Data[0].Attributes.SatelliteManaged) + assert.False(t, output.Data[0].Attributes.BuiltPkgcache) } func TestAdvisorySystemsIDsDefault(t *testing.T) { //nolint:dupl diff --git a/manager/controllers/advisory_systems_v3.go b/manager/controllers/advisory_systems_v3.go index 2a1f4304b..e24326def 100644 --- a/manager/controllers/advisory_systems_v3.go +++ b/manager/controllers/advisory_systems_v3.go @@ -44,6 +44,7 @@ type AdvisorySystemItemAttributes struct { BaselineNameAttr SystemAdvisoryStatus SystemSatelliteManaged + SystemBuiltPkgcache } type SystemsStatusID struct { diff --git a/manager/controllers/common_attributes.go b/manager/controllers/common_attributes.go index e7837fb93..a5458a2c3 100644 --- a/manager/controllers/common_attributes.go +++ b/manager/controllers/common_attributes.go @@ -85,6 +85,10 @@ type SystemSatelliteManaged struct { SatelliteManaged bool `json:"satellite_managed" csv:"satellite_managed" query:"sp.satellite_managed" gorm:"column:satellite_managed"` } +type SystemBuiltPkgcache struct { + BuiltPkgcache bool `json:"built_pkgcache" csv:"built_pkgcache" query:"sp.built_pkgcache" gorm:"column:built_pkgcache"` +} + // nolint: lll type InstallableAdvisories struct { InstallableRhsaCount int `json:"installable_rhsa_count" csv:"installable_rhsa_count" query:"sp.installable_advisory_sec_count_cache" gorm:"column:installable_rhsa_count"` diff --git a/manager/controllers/systems.go b/manager/controllers/systems.go index 5203aad6d..ec2b11860 100644 --- a/manager/controllers/systems.go +++ b/manager/controllers/systems.go @@ -78,6 +78,7 @@ type SystemItemAttributesCommon struct { SystemTimestamps SystemStale SystemSatelliteManaged + SystemBuiltPkgcache } // nolint: lll @@ -268,7 +269,7 @@ func SystemsListHandler(c *gin.Context) { // @Produce json // @Param limit query int false "Limit for paging, set -1 to return all" // @Param offset query int false "Offset for paging" -// @Param sort query string false "Sort field" Enums(id,display_name,last_upload,rhsa_count,rhba_count,rhea_count,other_count,stale,packages_installed,baseline_name,satellite_managed) +// @Param sort query string false "Sort field" Enums(id,display_name,last_upload,rhsa_count,rhba_count,rhea_count,other_count,stale,packages_installed,baseline_name,satellite_managed,built_pkgcache) // @Param search query string false "Find matching text" // @Param filter[id] query string false "Filter" // @Param filter[display_name] query string false "Filter" @@ -286,6 +287,7 @@ func SystemsListHandler(c *gin.Context) { // @Param filter[baseline_name] query string false "Filter" // @Param filter[os] query string false "Filter OS version" // @Param filter[satellite_managed] query string false "Filter" +// @Param filter[built_pkgcache] query string false "Filter" // @Param tags query []string false "Tag filter" // @Param filter[group_name] query []string false "Filter systems by inventory groups" // @Param filter[system_profile][sap_system] query string false "Filter only SAP systems" diff --git a/manager/controllers/systems_export_test.go b/manager/controllers/systems_export_test.go index 60367cec1..b8dfdc0d3 100644 --- a/manager/controllers/systems_export_test.go +++ b/manager/controllers/systems_export_test.go @@ -49,13 +49,13 @@ func TestSystemsExportCSV(t *testing.T) { assert.Equal(t, "id,display_name,os,rhsm,tags,rhsa_count,rhba_count,rhea_count,other_count,packages_installed,baseline_name,"+ "last_upload,stale_timestamp,stale_warning_timestamp,culled_timestamp,created,stale,satellite_managed,"+ - "baseline_id,groups", + "built_pkgcache,baseline_id,groups", lines[0]) assert.Equal(t, "00000000-0000-0000-0000-000000000001,00000000-0000-0000-0000-000000000001,RHEL 8.10,8.10,"+ "\"[{'key':'k1','namespace':'ns1','value':'val1'},{'key':'k2','namespace':'ns1','value':'val2'}]\","+ "2,2,1,0,0,baseline_1-1,2020-09-22T16:00:00Z,2018-08-26T16:00:00Z,2018-09-02T16:00:00Z,2018-09-09T16:00:00Z,"+ - "2018-08-26T16:00:00Z,false,false,1,\"[{'id':'inventory-group-1','name':'group1'}]\"", + "2018-08-26T16:00:00Z,false,false,false,1,\"[{'id':'inventory-group-1','name':'group1'}]\"", lines[1]) } @@ -78,7 +78,7 @@ func TestSystemsExportCSVFilter(t *testing.T) { assert.Equal(t, "id,display_name,os,rhsm,tags,rhsa_count,rhba_count,rhea_count,other_count,packages_installed,baseline_name,"+ "last_upload,stale_timestamp,stale_warning_timestamp,culled_timestamp,created,stale,satellite_managed,"+ - "baseline_id,groups", + "built_pkgcache,baseline_id,groups", lines[0]) assert.Equal(t, "", lines[1]) } diff --git a/manager/controllers/systems_test.go b/manager/controllers/systems_test.go index ec61c253c..e4ee7a78f 100644 --- a/manager/controllers/systems_test.go +++ b/manager/controllers/systems_test.go @@ -34,6 +34,7 @@ func TestSystemsDefault(t *testing.T) { assert.Equal(t, "baseline_1-1", output.Data[0].Attributes.BaselineName) assert.Equal(t, int64(1), output.Data[0].Attributes.BaselineID) assert.False(t, output.Data[0].Attributes.SatelliteManaged) + assert.False(t, output.Data[0].Attributes.BuiltPkgcache) // links assert.Equal(t, "/?offset=0&limit=20&filter[stale]=eq:false&sort=-last_upload", output.Links.First) From cef212b338e22943b9774097b2cb6ac22518612c Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Mon, 28 Aug 2023 11:17:21 +0000 Subject: [PATCH 252/268] v3.5.0 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 33ee08de7..c0c4025db 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.4.31 +v3.5.0 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 57a2ada4d..5d63be891 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -555,7 +555,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.4.31} +- {name: IMAGE_TAG_MANAGER, value: v3.5.0} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -579,7 +579,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.4.31} +- {name: IMAGE_TAG_LISTENER, value: v3.5.0} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -600,7 +600,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.4.31} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.5.0} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -626,7 +626,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.4.31} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.5.0} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -649,7 +649,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.4.31} +- {name: IMAGE_TAG_JOBS, value: v3.5.0} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -694,7 +694,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.4.31} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.5.0} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -726,7 +726,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.4.31} +- {name: IMAGE_TAG_ADMIN, value: v3.5.0} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 3d669944e..6c92478c0 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.31" + "version": "v3.5.0" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 2b45150d8..d668ff3e1 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.4.31" + "version": "v3.5.0" }, "servers": [ { From a4c76347234aee378511ddfd5ecef0aafca02331 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Tue, 29 Aug 2023 16:19:55 +0200 Subject: [PATCH 253/268] RHINENG-1502: fix installable satellite advisories by always using epoch --- base/vmaas/vmaas.go | 8 ++++++++ evaluator/evaluate.go | 2 +- evaluator/evaluate_test.go | 14 ++++++++++---- 3 files changed, 19 insertions(+), 5 deletions(-) diff --git a/base/vmaas/vmaas.go b/base/vmaas/vmaas.go index b51ee8318..851763e8e 100644 --- a/base/vmaas/vmaas.go +++ b/base/vmaas/vmaas.go @@ -101,6 +101,14 @@ type UpdatesV3ResponseAvailableUpdates struct { } func (o *UpdatesV3ResponseAvailableUpdates) GetPackage() string { + // `package` does not contain epoch if epoch=0 + // get epoch from `evra` if it exists (not available in yum_updates) + name := o.GetPackageName() + evra := o.GetEVRA() + if len(name) > 0 && len(evra) > 0 { + return strings.Join([]string{name, evra}, "-") + } + // get value from `package` if `package_name` or `evra` is empty if o == nil || o.Package == nil { var ret string return ret diff --git a/evaluator/evaluate.go b/evaluator/evaluate.go index f85b1fb12..a4850c193 100644 --- a/evaluator/evaluate.go +++ b/evaluator/evaluate.go @@ -239,7 +239,7 @@ func tryGetYumUpdates(system *models.SystemPlatform) (*vmaas.UpdatesV3Response, Erratum: u.Erratum, Package: u.Package, PackageName: utils.PtrString(nevra.Name), - EVRA: utils.PtrString(nevra.EVRAString()), + EVRA: utils.PtrString(nevra.EVRAStringE(true)), }) } updatesMap[k] = &vmaas.UpdatesV3ResponseUpdateList{ diff --git a/evaluator/evaluate_test.go b/evaluator/evaluate_test.go index c88152938..bda7adbea 100644 --- a/evaluator/evaluate_test.go +++ b/evaluator/evaluate_test.go @@ -261,14 +261,18 @@ func TestSatelliteSystemAdvisories(t *testing.T) { "basearch": "x86_64", "releasever": "8", "repository": "rhel-8-for-x86_64-appstream-rpms", - "package": "git-2.39.3-1.el8_8.x86_64" + "package": "git-2.39.3-1.el8_8.x86_64", + "package_name": "git", + "evra": "0:2.39.3-1.el8_8.x86_64" }, { "erratum": "RHSA-2023:3240", "basearch": "x86_64", "releasever": "8", "repository": "rhel-8-for-x86_64-appstream-rpms", - "package": "git-2.39.4-1.el8_8.x86_64" + "package": "git-2.39.4-1.el8_8.x86_64", + "package_name": "git", + "evra": "0:2.39.4-1.el8_8.x86_64" } ] }, @@ -279,7 +283,9 @@ func TestSatelliteSystemAdvisories(t *testing.T) { "basearch": "x86_64", "releasever": "8", "repository": "rhel-8-for-x86_64-appstream-rpms", - "package": "sqlite-3.26.0-16.el8_6.x86_64" + "package": "sqlite-3.26.0-16.el8_6.x86_64", + "package_name": "sqlite", + "evra": "0:3.26.0-16.el8_6.x86_64" } ] } @@ -307,7 +313,7 @@ func TestSatelliteSystemAdvisories(t *testing.T) { "basearch": "x86_64", "releasever": "8", "repository": "rhel-8-for-x86_64-appstream-rpms", - "package": "git-2.39.3-1.el8_8.x86_64" + "package": "git-0:2.39.3-1.el8_8.x86_64" } ] }, From 8d61fecf578e493ace0856e1a84d613835a88853 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Tue, 29 Aug 2023 15:55:56 +0000 Subject: [PATCH 254/268] v3.5.1 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index c0c4025db..d2613df37 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.5.0 +v3.5.1 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 5d63be891..6feb84d30 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -555,7 +555,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.5.0} +- {name: IMAGE_TAG_MANAGER, value: v3.5.1} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -579,7 +579,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.5.0} +- {name: IMAGE_TAG_LISTENER, value: v3.5.1} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -600,7 +600,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.5.0} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.5.1} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -626,7 +626,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.5.0} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.5.1} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -649,7 +649,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.5.0} +- {name: IMAGE_TAG_JOBS, value: v3.5.1} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -694,7 +694,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.5.0} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.5.1} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -726,7 +726,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.5.0} +- {name: IMAGE_TAG_ADMIN, value: v3.5.1} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 6c92478c0..e49d41841 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.5.0" + "version": "v3.5.1" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index d668ff3e1..94f71a21e 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.5.0" + "version": "v3.5.1" }, "servers": [ { From 52dd7f6d95d85077b6d74ebcd26dedf3c3f53c54 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 4 Sep 2023 12:34:13 +0200 Subject: [PATCH 255/268] RHINENG-1715: use gotestsum to collect test summary --- Dockerfile | 1 + scripts/go_test.sh | 2 +- scripts/go_test_db.sh | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index bfb3cb44f..d05a0bc0e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -33,6 +33,7 @@ RUN go mod download RUN if [ "$INSTALL_TOOLS" == "yes" ] ; then \ go install github.com/swaggo/swag/cmd/swag@v1.8.7 && \ + go install gotest.tools/gotestsum@v1.10.1 && \ curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh \ | sh -s -- -b $(go env GOPATH)/bin v1.50.0 ; \ fi diff --git a/scripts/go_test.sh b/scripts/go_test.sh index e36d1d08f..07426aa6f 100755 --- a/scripts/go_test.sh +++ b/scripts/go_test.sh @@ -8,4 +8,4 @@ TEST_DIRS=${1:-./...} # Run go test and colorize output (PASS - green, FAIL - red). # Set "-p 1" to run test sequentially to avoid parallel changes in testing database. -go test -v -p 1 -coverprofile=coverage.txt -covermode=atomic $TEST_DIRS +gotestsum --format=standard-verbose -- -v -p 1 -coverprofile=coverage.txt -covermode=atomic $TEST_DIRS diff --git a/scripts/go_test_db.sh b/scripts/go_test_db.sh index 3fdba8d10..e227aa882 100755 --- a/scripts/go_test_db.sh +++ b/scripts/go_test_db.sh @@ -9,7 +9,7 @@ go run ./scripts/feed_db.go inventory_hosts go run main.go migrate $MIGRATION_FILES # Run database test, destroys and recreates database -go test -v app/database_admin +gotestsum --format=standard-verbose -- -v app/database_admin # Fill database with testing data WAIT_FOR_DB=full go run ./scripts/feed_db.go feed From 102331dcafb683efada45503ab39203f96afdfc3 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Mon, 4 Sep 2023 15:37:50 +0000 Subject: [PATCH 256/268] v3.5.2 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index d2613df37..ccedee9e7 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.5.1 +v3.5.2 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 6feb84d30..35bb231af 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -555,7 +555,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.5.1} +- {name: IMAGE_TAG_MANAGER, value: v3.5.2} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -579,7 +579,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.5.1} +- {name: IMAGE_TAG_LISTENER, value: v3.5.2} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -600,7 +600,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.5.1} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.5.2} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -626,7 +626,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.5.1} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.5.2} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -649,7 +649,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.5.1} +- {name: IMAGE_TAG_JOBS, value: v3.5.2} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -694,7 +694,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.5.1} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.5.2} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -726,7 +726,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.5.1} +- {name: IMAGE_TAG_ADMIN, value: v3.5.2} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index e49d41841..af0a7c2bb 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.5.1" + "version": "v3.5.2" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 94f71a21e..5a796873c 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.5.1" + "version": "v3.5.2" }, "servers": [ { From 4b660cf45e301c337ffb0e5baf53d6414d038bdc Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Tue, 5 Sep 2023 10:27:05 +0200 Subject: [PATCH 257/268] RHINENG-1638: fix flaky unit tests --- manager/controllers/advisories_test.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/manager/controllers/advisories_test.go b/manager/controllers/advisories_test.go index 463df7ad6..71c6fc970 100644 --- a/manager/controllers/advisories_test.go +++ b/manager/controllers/advisories_test.go @@ -274,7 +274,11 @@ func TestAdvisoriesTags(t *testing.T) { assert.Equal(t, 8, len(output.Data)) assert.Equal(t, 1, output.Data[0].Attributes.InstallableSystems) assert.Equal(t, 2, output.Data[0].Attributes.ApplicableSystems) - assert.Equal(t, "/?offset=0&limit=20&tags=ns1/k2=val2&filter[applicable_systems]=gt:0&sort=id", output.Links.First) + assert.Equal(t, 76, len(output.Links.First)) + assert.Contains(t, output.Links.First, "?offset=0&limit=20") + assert.Contains(t, output.Links.First, "tags=ns1/k2=val2") + assert.Contains(t, output.Links.First, "filter[applicable_systems]=gt:0") + assert.Contains(t, output.Links.First, "sort=id") } func TestListAdvisoriesTagsInvalid(t *testing.T) { From 8a536670b99a2130e7e01dee5591ae4a5bdd71b6 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Wed, 6 Sep 2023 15:57:33 +0000 Subject: [PATCH 258/268] v3.5.3 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index ccedee9e7..5c2545ff5 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.5.2 +v3.5.3 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 35bb231af..8b902c822 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -555,7 +555,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.5.2} +- {name: IMAGE_TAG_MANAGER, value: v3.5.3} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -579,7 +579,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.5.2} +- {name: IMAGE_TAG_LISTENER, value: v3.5.3} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -600,7 +600,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.5.2} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.5.3} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -626,7 +626,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.5.2} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.5.3} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -649,7 +649,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.5.2} +- {name: IMAGE_TAG_JOBS, value: v3.5.3} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -694,7 +694,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.5.2} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.5.3} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -726,7 +726,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.5.2} +- {name: IMAGE_TAG_ADMIN, value: v3.5.3} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index af0a7c2bb..a2c75622c 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.5.2" + "version": "v3.5.3" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 5a796873c..4dbe8c363 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.5.2" + "version": "v3.5.3" }, "servers": [ { From 47cc09259fe2f6e3c6cc38bc2f8bc9f0edb1879f Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Wed, 6 Sep 2023 18:31:34 +0200 Subject: [PATCH 259/268] RHINENG-1604: remove duplicated insert/update to system_platform --- listener/upload.go | 5 ----- 1 file changed, 5 deletions(-) diff --git a/listener/upload.go b/listener/upload.go index 79aeea946..24fec8352 100644 --- a/listener/upload.go +++ b/listener/upload.go @@ -348,11 +348,6 @@ func updateSystemPlatform(tx *gorm.DB, inventoryID string, accountID int, host * colsToUpdate = append(colsToUpdate, "yum_updates") } - if err := database.OnConflictUpdateMulti(tx, []string{"rh_account_id", "inventory_id"}, colsToUpdate...). - Save(&systemPlatform).Error; err != nil { - return nil, errors.Wrap(err, "Unable to save or update system in database") - } - if err := storeOrUpdateSysPlatform(tx, &systemPlatform, colsToUpdate); err != nil { return nil, errors.Wrap(err, "Unable to save or update system in database") } From 46ab44c04fe5e5f3f988fd7dba1485acdeaac222 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Mon, 11 Sep 2023 14:54:28 +0200 Subject: [PATCH 260/268] RHINENG-1604: return updated system_platform record --- listener/upload.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/listener/upload.go b/listener/upload.go index 24fec8352..b07b691b2 100644 --- a/listener/upload.go +++ b/listener/upload.go @@ -377,6 +377,9 @@ func storeOrUpdateSysPlatform(tx *gorm.DB, system *models.SystemPlatform, colsTo utils.LogWarn("err", errSelect, "couldn't find system for update") } + // return system_platform record after update + tx = tx.Clauses(clause.Returning{}) + if system.ID != 0 { // update system err = tx.Select(colsToUpdate).Updates(system).Error From 2c5ee0a74eac020a8f36edc7e179607285fd0dfc Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Mon, 11 Sep 2023 13:27:10 +0000 Subject: [PATCH 261/268] v3.5.4 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 5c2545ff5..34bbc9654 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.5.3 +v3.5.4 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 8b902c822..b364afde0 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -555,7 +555,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.5.3} +- {name: IMAGE_TAG_MANAGER, value: v3.5.4} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -579,7 +579,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.5.3} +- {name: IMAGE_TAG_LISTENER, value: v3.5.4} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -600,7 +600,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.5.3} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.5.4} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -626,7 +626,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.5.3} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.5.4} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -649,7 +649,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.5.3} +- {name: IMAGE_TAG_JOBS, value: v3.5.4} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -694,7 +694,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.5.3} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.5.4} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -726,7 +726,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.5.3} +- {name: IMAGE_TAG_ADMIN, value: v3.5.4} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index a2c75622c..27c712090 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.5.3" + "version": "v3.5.4" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 4dbe8c363..816223f55 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.5.3" + "version": "v3.5.4" }, "servers": [ { From 642778bd19fbafc67344b0e48cf1223817748e12 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Tue, 12 Sep 2023 12:57:52 +0200 Subject: [PATCH 262/268] RHINENG-1604: return only necessary columns after system_platform update --- listener/upload.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/listener/upload.go b/listener/upload.go index b07b691b2..2131dbe00 100644 --- a/listener/upload.go +++ b/listener/upload.go @@ -378,7 +378,12 @@ func storeOrUpdateSysPlatform(tx *gorm.DB, system *models.SystemPlatform, colsTo } // return system_platform record after update - tx = tx.Clauses(clause.Returning{}) + tx = tx.Clauses(clause.Returning{ + Columns: []clause.Column{ + {Name: "id"}, {Name: "inventory_id"}, {Name: "rh_account_id"}, + {Name: "unchanged_since"}, {Name: "last_evaluation"}, + }, + }) if system.ID != 0 { // update system From 575f2c9c8d6e9c640ff192121a47041d4f4214d4 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Tue, 12 Sep 2023 12:07:16 +0000 Subject: [PATCH 263/268] v3.5.5 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 34bbc9654..8bcc8b307 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.5.4 +v3.5.5 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index b364afde0..504d4cc59 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -555,7 +555,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.5.4} +- {name: IMAGE_TAG_MANAGER, value: v3.5.5} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -579,7 +579,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.5.4} +- {name: IMAGE_TAG_LISTENER, value: v3.5.5} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -600,7 +600,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.5.4} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.5.5} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -626,7 +626,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.5.4} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.5.5} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -649,7 +649,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.5.4} +- {name: IMAGE_TAG_JOBS, value: v3.5.5} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -694,7 +694,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.5.4} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.5.5} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -726,7 +726,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.5.4} +- {name: IMAGE_TAG_ADMIN, value: v3.5.5} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 27c712090..1592d38af 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.5.4" + "version": "v3.5.5" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 816223f55..1d06c00ae 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.5.4" + "version": "v3.5.5" }, "servers": [ { From 6c12a396e87536ad93f656a9ad152f255623b6ef Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Wed, 13 Sep 2023 10:52:52 +0200 Subject: [PATCH 264/268] RHINENG-2173: add missing satellite feature flag to manager --- deploy/clowdapp.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index 504d4cc59..ba8e582ce 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -122,6 +122,7 @@ objects: - {name: SSL_CERT_DIR, value: '${SSL_CERT_DIR}'} - {name: ENABLE_PROFILER, value: '${ENABLE_PROFILER_MANAGER}'} - {name: GOMEMLIMIT, value: '${GOMEMLIMIT_MANAGER}'} + - {name: ENABLE_SATELLITE_FUNCTIONALITY, value: '${ENABLE_SATELLITE_FUNCTIONALITY}'} resources: limits: {cpu: '${RES_LIMIT_CPU_MANAGER}', memory: '${RES_LIMIT_MEM_MANAGER}'} From 490048e153894ccbe7067e91a9d48fc451f4a6d1 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Wed, 13 Sep 2023 13:00:30 +0000 Subject: [PATCH 265/268] v3.5.6 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 8bcc8b307..6864723d2 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.5.5 +v3.5.6 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index ba8e582ce..bb41a138b 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -556,7 +556,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.5.5} +- {name: IMAGE_TAG_MANAGER, value: v3.5.6} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -580,7 +580,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.5.5} +- {name: IMAGE_TAG_LISTENER, value: v3.5.6} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -601,7 +601,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.5.5} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.5.6} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -627,7 +627,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.5.5} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.5.6} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -650,7 +650,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.5.5} +- {name: IMAGE_TAG_JOBS, value: v3.5.6} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -695,7 +695,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.5.5} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.5.6} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -727,7 +727,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.5.5} +- {name: IMAGE_TAG_ADMIN, value: v3.5.6} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 1592d38af..5f6b132bd 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.5.5" + "version": "v3.5.6" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 1d06c00ae..5fbfbe508 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.5.5" + "version": "v3.5.6" }, "servers": [ { From 6d1d850365408f6f30a52f720e85ae01ffc7ef47 Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Thu, 14 Sep 2023 11:58:57 +0200 Subject: [PATCH 266/268] RHINENG-1835: use lowercase when translating struct field to column name --- base/database/query.go | 5 +++-- manager/controllers/advisories_test.go | 2 +- manager/controllers/filter_test.go | 2 +- manager/controllers/system_advisories_test.go | 2 +- 4 files changed, 6 insertions(+), 5 deletions(-) diff --git a/base/database/query.go b/base/database/query.go index 39edabb28..0bbd8b086 100644 --- a/base/database/query.go +++ b/base/database/query.go @@ -4,12 +4,13 @@ import ( "app/base" "app/base/utils" "fmt" - "github.com/pkg/errors" "reflect" "regexp" "strconv" "strings" "time" + + "github.com/pkg/errors" ) type AttrParser func(string) (interface{}, error) @@ -91,7 +92,7 @@ func getQueryFromTags(v reflect.Type) (AttrMap, []AttrName, error) { res[k] = v } } else { - columnName := field.Name + columnName := strings.ToLower(field.Name) if expr, has := field.Tag.Lookup("gorm"); has { match := ColumnNameRe.FindStringSubmatch(expr) if len(match) > 0 { diff --git a/manager/controllers/advisories_test.go b/manager/controllers/advisories_test.go index 71c6fc970..42b50d09c 100644 --- a/manager/controllers/advisories_test.go +++ b/manager/controllers/advisories_test.go @@ -211,7 +211,7 @@ func TestAdvisoriesPossibleSorts(t *testing.T) { core.SetupTest(t) for sort := range AdvisoriesFields { - if sort == "ReleaseVersions" { + if sort == "releaseversions" { // this fiesd is not sortable, skip it continue } diff --git a/manager/controllers/filter_test.go b/manager/controllers/filter_test.go index d219c203f..e9177016f 100644 --- a/manager/controllers/filter_test.go +++ b/manager/controllers/filter_test.go @@ -84,7 +84,7 @@ func TestFilterInvalidValue(t *testing.T) { filter := ParseFilterValue(ColumnFilter, "eq:aa\u0000aa") attrMap, _, err := database.GetQueryAttrs(struct{ V string }{""}) assert.NoError(t, err) - _, value, err := filter.ToWhere("V", attrMap) + _, value, err := filter.ToWhere("v", attrMap) assert.NoError(t, err) assert.Equal(t, []interface{}{"aaaa"}, value) } diff --git a/manager/controllers/system_advisories_test.go b/manager/controllers/system_advisories_test.go index 0236b89ee..e8ea738c2 100644 --- a/manager/controllers/system_advisories_test.go +++ b/manager/controllers/system_advisories_test.go @@ -100,7 +100,7 @@ func TestSystemAdvisoriesPossibleSorts(t *testing.T) { core.SetupTest(t) for sort := range SystemAdvisoriesFields { - if sort == "ReleaseVersions" { + if sort == "releaseversions" { // this field is not sortable, skip it continue } From bea71f5928d3d7334df689c0cc47c085e17fdf4c Mon Sep 17 00:00:00 2001 From: Patrik Segedy Date: Thu, 14 Sep 2023 11:59:48 +0200 Subject: [PATCH 267/268] RHINENG-1835: groups sorting by first groups in a list --- docs/v3/openapi.json | 9 ++++++--- manager/controllers/advisory_systems.go | 2 +- manager/controllers/baseline_systems.go | 2 +- manager/controllers/common_attributes.go | 2 +- manager/controllers/systems.go | 2 +- 5 files changed, 10 insertions(+), 7 deletions(-) diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index 5fbfbe508..c08ede458 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -365,7 +365,8 @@ "last_upload", "stale", "status", - "template" + "template", + "groups" ] } }, @@ -1053,7 +1054,8 @@ "applicable_rhba_count", "applicable_rhea_count", "applicable_other_count", - "last_upload" + "last_upload", + "groups" ] } }, @@ -4528,7 +4530,8 @@ "other_count", "stale", "packages_installed", - "baseline_name" + "baseline_name", + "groups" ] } }, diff --git a/manager/controllers/advisory_systems.go b/manager/controllers/advisory_systems.go index d535678d3..89c1e256a 100644 --- a/manager/controllers/advisory_systems.go +++ b/manager/controllers/advisory_systems.go @@ -82,7 +82,7 @@ func advisorySystemsCommon(c *gin.Context) (*gorm.DB, *ListMeta, []string, error // @Param advisory_id path string true "Advisory ID" // @Param limit query int false "Limit for paging, set -1 to return all" // @Param offset query int false "Offset for paging" -// @Param sort query string false "Sort field" Enums(id,display_name,last_evaluation,last_upload,stale,status,template) +// @Param sort query string false "Sort field" Enums(id,display_name,last_evaluation,last_upload,stale,status,template,groups) // @Param search query string false "Find matching text" // @Param filter[id] query string false "Filter" // @Param filter[display_name] query string false "Filter" diff --git a/manager/controllers/baseline_systems.go b/manager/controllers/baseline_systems.go index 1ebe10f7c..430738cab 100644 --- a/manager/controllers/baseline_systems.go +++ b/manager/controllers/baseline_systems.go @@ -147,7 +147,7 @@ func baselineSystemsCommon(c *gin.Context, account, apiver int, groups map[strin // @Param baseline_id path int true "Baseline ID" // @Param limit query int false "Limit for paging, set -1 to return all" // @Param offset query int false "Offset for paging" -// @Param sort query string false "Sort field" Enums(id,display_name,os,installable_rhsa_count,installable_rhba_count,installable_rhea_count,installable_other_count,applicable_rhsa_count,applicable_rhba_count,applicable_rhea_count,applicable_other_count,last_upload) +// @Param sort query string false "Sort field" Enums(id,display_name,os,installable_rhsa_count,installable_rhba_count,installable_rhea_count,installable_other_count,applicable_rhsa_count,applicable_rhba_count,applicable_rhea_count,applicable_other_count,last_upload,groups) // @Param search query string false "Find matching text" // @Param filter[display_name] query string false "Filter" // @Param filter[os] query string false "Filter" diff --git a/manager/controllers/common_attributes.go b/manager/controllers/common_attributes.go index a5458a2c3..181d9a2ab 100644 --- a/manager/controllers/common_attributes.go +++ b/manager/controllers/common_attributes.go @@ -41,7 +41,7 @@ type SystemTags struct { } type SystemGroups struct { - Groups SystemGroupsList `json:"groups" csv:"groups" gorm:"-"` + Groups SystemGroupsList `json:"groups" csv:"groups" gorm:"-" order_query:"ih.groups->>0"` } type BaselineAttributes struct { diff --git a/manager/controllers/systems.go b/manager/controllers/systems.go index ec2b11860..d3a3ef5f3 100644 --- a/manager/controllers/systems.go +++ b/manager/controllers/systems.go @@ -193,7 +193,7 @@ func systemsCommon(c *gin.Context, apiver int) (*gorm.DB, *ListMeta, []string, e // @Produce json // @Param limit query int false "Limit for paging, set -1 to return all" // @Param offset query int false "Offset for paging" -// @Param sort query string false "Sort field" Enums(id,display_name,last_upload,rhsa_count,rhba_count,rhea_count,other_count,stale,packages_installed,baseline_name) +// @Param sort query string false "Sort field" Enums(id,display_name,last_upload,rhsa_count,rhba_count,rhea_count,other_count,stale,packages_installed,baseline_name,groups) // @Param search query string false "Find matching text" // @Param filter[id] query string false "Filter" // @Param filter[display_name] query string false "Filter" From dfa57472af224e7a4e410651d456d7f35e03bb14 Mon Sep 17 00:00:00 2001 From: semantic-release <> Date: Thu, 14 Sep 2023 11:50:38 +0000 Subject: [PATCH 268/268] v3.5.7 --- VERSION | 2 +- deploy/clowdapp.yaml | 14 +++++++------- docs/admin/openapi.json | 2 +- docs/v3/openapi.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION b/VERSION index 6864723d2..9a07e665a 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.5.6 +v3.5.7 diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index bb41a138b..9b3a13028 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -556,7 +556,7 @@ objects: parameters: # Manager - {name: REPLICAS_MANAGER, value: '1'} -- {name: IMAGE_TAG_MANAGER, value: v3.5.6} +- {name: IMAGE_TAG_MANAGER, value: v3.5.7} - {name: LOG_LEVEL_MANAGER, value: debug} - {name: DB_DEBUG_MANAGER, value: 'false'} # Log database queries if enabled - {name: ENABLE_CYNDI_TAGS, value: 'true'} # Enable filtering with Cyndi tags @@ -580,7 +580,7 @@ parameters: # Listener - {name: REPLICAS_LISTENER, value: '1'} -- {name: IMAGE_TAG_LISTENER, value: v3.5.6} +- {name: IMAGE_TAG_LISTENER, value: v3.5.7} - {name: LOG_LEVEL_LISTENER, value: debug} - {name: DB_DEBUG_LISTENER, value: 'false'} - {name: CONSUMER_COUNT_LISTENER, value: '8'} @@ -601,7 +601,7 @@ parameters: # Evaluator - upload - {name: REPLICAS_EVALUATOR_UPLOAD, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.5.6} +- {name: IMAGE_TAG_EVALUATOR_UPLOAD, value: v3.5.7} - {name: LOG_LEVEL_EVALUATOR_UPLOAD, value: debug} - {name: DB_DEBUG_EVALUATOR_UPLOAD, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_UPLOAD, value: '8'} @@ -627,7 +627,7 @@ parameters: # Evaluator - recalc - {name: REPLICAS_EVALUATOR_RECALC, value: '1'} -- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.5.6} +- {name: IMAGE_TAG_EVALUATOR_RECALC, value: v3.5.7} - {name: LOG_LEVEL_EVALUATOR_RECALC, value: debug} - {name: DB_DEBUG_EVALUATOR_RECALC, value: 'false'} - {name: CONSUMER_COUNT_EVALUATOR_RECALC, value: '8'} @@ -650,7 +650,7 @@ parameters: - {name: ENABLE_PROFILER_EVALUATOR_RECALC, value: 'false'} # JOBS -- {name: IMAGE_TAG_JOBS, value: v3.5.6} +- {name: IMAGE_TAG_JOBS, value: v3.5.7} - {name: LOG_LEVEL_JOBS, value: debug} - {name: DB_DEBUG_JOBS, value: 'false'} - {name: JOBS_TIMEOUT, value: '1800'} # 30 min timeout for jobs @@ -695,7 +695,7 @@ parameters: - {name: SKIP_N_ACCOUNTS_REFRESH, value: '0'} # Skip advisory cache refresh for N first accounts in case the previous refresh didn't finish # Database admin -- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.5.6} +- {name: IMAGE_TAG_DATABASE_ADMIN, value: v3.5.7} - {name: LOG_LEVEL_DATABASE_ADMIN, value: debug} - {name: DB_DEBUG_DATABASE_ADMIN, value: 'false'} - {name: SCHEMA_MIGRATION, value: '-1'} # Set specific database schema version or use the last schema version (-1) @@ -727,7 +727,7 @@ parameters: - {name: DB_WORK_MEM, value: '512000'} # How much memory can query use (used for packages queries) in kB - 500MB, postgres default is 4MB # Turnpike -- {name: IMAGE_TAG_ADMIN, value: v3.5.6} +- {name: IMAGE_TAG_ADMIN, value: v3.5.7} - {name: ENABLE_TURNPIKE_AUTH, value: 'true'} # Enable Turnpike authentication for internal API (manual sync, re-calc) - {name: REPLICAS_ADMIN, value: '1'} - {name: RES_LIMIT_CPU_ADMIN, value: 100m} diff --git a/docs/admin/openapi.json b/docs/admin/openapi.json index 5f6b132bd..c03669076 100644 --- a/docs/admin/openapi.json +++ b/docs/admin/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.5.6" + "version": "v3.5.7" }, "servers": [ { diff --git a/docs/v3/openapi.json b/docs/v3/openapi.json index c08ede458..c089574aa 100644 --- a/docs/v3/openapi.json +++ b/docs/v3/openapi.json @@ -8,7 +8,7 @@ "name": "GPLv3", "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" }, - "version": "v3.5.6" + "version": "v3.5.7" }, "servers": [ {