From 98b850a9142d96f5c7b6914d06882181bb977e32 Mon Sep 17 00:00:00 2001 From: Jiaxun Song Date: Thu, 21 Dec 2023 19:04:44 +0000 Subject: [PATCH] revert google.golang.org/api version to v0.153.0 --- go.mod | 2 +- go.sum | 4 +- .../google.golang.org/api/iam/v1/iam-api.json | 6 +-- .../google.golang.org/api/iam/v1/iam-gen.go | 37 +++++++++---------- .../google.golang.org/api/internal/version.go | 2 +- .../api/storage/v1/storage-api.json | 11 +----- .../api/transport/grpc/dial.go | 14 +------ .../api/transport/http/dial.go | 11 ------ vendor/modules.txt | 2 +- 9 files changed, 28 insertions(+), 61 deletions(-) diff --git a/go.mod b/go.mod index 2be9879f4..107279027 100644 --- a/go.mod +++ b/go.mod @@ -16,7 +16,7 @@ require ( github.com/onsi/gomega v1.30.0 golang.org/x/net v0.19.0 golang.org/x/oauth2 v0.15.0 - google.golang.org/api v0.154.0 + google.golang.org/api v0.153.0 google.golang.org/grpc v1.60.1 gopkg.in/yaml.v3 v3.0.1 k8s.io/api v0.28.4 diff --git a/go.sum b/go.sum index 61727b56d..fc7f963b5 100755 --- a/go.sum +++ b/go.sum @@ -500,8 +500,8 @@ google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsb google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.154.0 h1:X7QkVKZBskztmpPKWQXgjJRPA2dJYrL6r+sYPRLj050= -google.golang.org/api v0.154.0/go.mod h1:qhSMkM85hgqiokIYsrRyKxrjfBeIhgl4Z2JmeRkYylc= +google.golang.org/api v0.153.0 h1:N1AwGhielyKFaUqH07/ZSIQR3uNPcV7NVw0vj+j4iR4= +google.golang.org/api v0.153.0/go.mod h1:3qNJX5eOmhiWYc67jRA/3GsDw97UFb5ivv7Y2PrriAY= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= diff --git a/vendor/google.golang.org/api/iam/v1/iam-api.json b/vendor/google.golang.org/api/iam/v1/iam-api.json index 610883ce0..2d8361f33 100644 --- a/vendor/google.golang.org/api/iam/v1/iam-api.json +++ b/vendor/google.golang.org/api/iam/v1/iam-api.json @@ -2850,7 +2850,7 @@ } } }, - "revision": "20231130", + "revision": "20231026", "rootUrl": "https://iam.googleapis.com/", "schemas": { "AccessRestrictions": { @@ -4410,14 +4410,14 @@ "id": "WorkforcePoolProvider", "properties": { "attributeCondition": { - "description": "A [Common Expression Language](https://opensource.google/projects/cel) expression, in plain text, to restrict what otherwise valid authentication credentials issued by the provider should not be accepted. The expression must output a boolean representing whether to allow the federation. The following keywords may be referenced in the expressions: * `assertion`: JSON representing the authentication credential issued by the provider. * `google`: The Google attributes mapped from the assertion in the `attribute_mappings`. `google.profile_photo`, `google.display_name` and `google.posix_username` are not supported. * `attribute`: The custom attributes mapped from the assertion in the `attribute_mappings`. The maximum length of the attribute condition expression is 4096 characters. If unspecified, all valid authentication credentials will be accepted. The following example shows how to only allow credentials with a mapped `google.groups` value of `admins`: ``` \"'admins' in google.groups\" ```", + "description": "A [Common Expression Language](https://opensource.google/projects/cel) expression, in plain text, to restrict what otherwise valid authentication credentials issued by the provider should not be accepted. The expression must output a boolean representing whether to allow the federation. The following keywords may be referenced in the expressions: * `assertion`: JSON representing the authentication credential issued by the provider. * `google`: The Google attributes mapped from the assertion in the `attribute_mappings`. `google.profile_photo` and `google.display_name` are not supported. * `attribute`: The custom attributes mapped from the assertion in the `attribute_mappings`. The maximum length of the attribute condition expression is 4096 characters. If unspecified, all valid authentication credentials will be accepted. The following example shows how to only allow credentials with a mapped `google.groups` value of `admins`: ``` \"'admins' in google.groups\" ```", "type": "string" }, "attributeMapping": { "additionalProperties": { "type": "string" }, - "description": "Required. Maps attributes from the authentication credentials issued by an external identity provider to Google Cloud attributes, such as `subject` and `segment`. Each key must be a string specifying the Google Cloud IAM attribute to map to. The following keys are supported: * `google.subject`: The principal IAM is authenticating. You can reference this value in IAM bindings. This is also the subject that appears in Cloud Logging logs. This is a required field and the mapped subject cannot exceed 127 bytes. * `google.groups`: Groups the authenticating user belongs to. You can grant groups access to resources using an IAM `principalSet` binding; access applies to all members of the group. * `google.display_name`: The name of the authenticated user. This is an optional field and the mapped display name cannot exceed 100 bytes. If not set, `google.subject` will be displayed instead. This attribute cannot be referenced in IAM bindings. * `google.profile_photo`: The URL that specifies the authenticated user's thumbnail photo. This is an optional field. When set, the image will be visible as the user's profile picture. If not set, a generic user icon will be displayed instead. This attribute cannot be referenced in IAM bindings. * `google.posix_username`: The linux username used by OS login. This is an optional field and the mapped posix username cannot exceed 32 characters, The key must match the regex \"^a-zA-Z0-9._{0,31}$\". This attribute cannot be referenced in IAM bindings. You can also provide custom attributes by specifying `attribute.{custom_attribute}`, where {custom_attribute} is the name of the custom attribute to be mapped. You can define a maximum of 50 custom attributes. The maximum length of a mapped attribute key is 100 characters, and the key may only contain the characters [a-z0-9_]. You can reference these attributes in IAM policies to define fine-grained access for a workforce pool to Google Cloud resources. For example: * `google.subject`: `principal://iam.googleapis.com/locations/global/workforcePools/{pool}/subject/{value}` * `google.groups`: `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool}/group/{value}` * `attribute.{custom_attribute}`: `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool}/attribute.{custom_attribute}/{value}` Each value must be a [Common Expression Language] (https://opensource.google/projects/cel) function that maps an identity provider credential to the normalized attribute specified by the corresponding map key. You can use the `assertion` keyword in the expression to access a JSON representation of the authentication credential issued by the provider. The maximum length of an attribute mapping expression is 2048 characters. When evaluated, the total size of all mapped attributes must not exceed 4KB. For OIDC providers, you must supply a custom mapping that includes the `google.subject` attribute. For example, the following maps the `sub` claim of the incoming credential to the `subject` attribute on a Google token: ``` {\"google.subject\": \"assertion.sub\"} ```", + "description": "Required. Maps attributes from the authentication credentials issued by an external identity provider to Google Cloud attributes, such as `subject` and `segment`. Each key must be a string specifying the Google Cloud IAM attribute to map to. The following keys are supported: * `google.subject`: The principal IAM is authenticating. You can reference this value in IAM bindings. This is also the subject that appears in Cloud Logging logs. This is a required field and the mapped subject cannot exceed 127 bytes. * `google.groups`: Groups the authenticating user belongs to. You can grant groups access to resources using an IAM `principalSet` binding; access applies to all members of the group. * `google.display_name`: The name of the authenticated user. This is an optional field and the mapped display name cannot exceed 100 bytes. If not set, `google.subject` will be displayed instead. This attribute cannot be referenced in IAM bindings. * `google.profile_photo`: The URL that specifies the authenticated user's thumbnail photo. This is an optional field. When set, the image will be visible as the user's profile picture. If not set, a generic user icon will be displayed instead. This attribute cannot be referenced in IAM bindings. You can also provide custom attributes by specifying `attribute.{custom_attribute}`, where {custom_attribute} is the name of the custom attribute to be mapped. You can define a maximum of 50 custom attributes. The maximum length of a mapped attribute key is 100 characters, and the key may only contain the characters [a-z0-9_]. You can reference these attributes in IAM policies to define fine-grained access for a workforce pool to Google Cloud resources. For example: * `google.subject`: `principal://iam.googleapis.com/locations/global/workforcePools/{pool}/subject/{value}` * `google.groups`: `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool}/group/{value}` * `attribute.{custom_attribute}`: `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool}/attribute.{custom_attribute}/{value}` Each value must be a [Common Expression Language] (https://opensource.google/projects/cel) function that maps an identity provider credential to the normalized attribute specified by the corresponding map key. You can use the `assertion` keyword in the expression to access a JSON representation of the authentication credential issued by the provider. The maximum length of an attribute mapping expression is 2048 characters. When evaluated, the total size of all mapped attributes must not exceed 4KB. For OIDC providers, you must supply a custom mapping that includes the `google.subject` attribute. For example, the following maps the `sub` claim of the incoming credential to the `subject` attribute on a Google token: ``` {\"google.subject\": \"assertion.sub\"} ```", "type": "object" }, "description": { diff --git a/vendor/google.golang.org/api/iam/v1/iam-gen.go b/vendor/google.golang.org/api/iam/v1/iam-gen.go index 1052db9bc..8d7a992fd 100644 --- a/vendor/google.golang.org/api/iam/v1/iam-gen.go +++ b/vendor/google.golang.org/api/iam/v1/iam-gen.go @@ -3487,14 +3487,14 @@ type WorkforcePoolProvider struct { // keywords may be referenced in the expressions: * `assertion`: JSON // representing the authentication credential issued by the provider. * // `google`: The Google attributes mapped from the assertion in the - // `attribute_mappings`. `google.profile_photo`, `google.display_name` - // and `google.posix_username` are not supported. * `attribute`: The - // custom attributes mapped from the assertion in the - // `attribute_mappings`. The maximum length of the attribute condition - // expression is 4096 characters. If unspecified, all valid - // authentication credentials will be accepted. The following example - // shows how to only allow credentials with a mapped `google.groups` - // value of `admins`: ``` "'admins' in google.groups" ``` + // `attribute_mappings`. `google.profile_photo` and + // `google.display_name` are not supported. * `attribute`: The custom + // attributes mapped from the assertion in the `attribute_mappings`. The + // maximum length of the attribute condition expression is 4096 + // characters. If unspecified, all valid authentication credentials will + // be accepted. The following example shows how to only allow + // credentials with a mapped `google.groups` value of `admins`: ``` + // "'admins' in google.groups" ``` AttributeCondition string `json:"attributeCondition,omitempty"` // AttributeMapping: Required. Maps attributes from the authentication @@ -3515,18 +3515,15 @@ type WorkforcePoolProvider struct { // specifies the authenticated user's thumbnail photo. This is an // optional field. When set, the image will be visible as the user's // profile picture. If not set, a generic user icon will be displayed - // instead. This attribute cannot be referenced in IAM bindings. * - // `google.posix_username`: The linux username used by OS login. This is - // an optional field and the mapped posix username cannot exceed 32 - // characters, The key must match the regex "^a-zA-Z0-9._{0,31}$". This - // attribute cannot be referenced in IAM bindings. You can also provide - // custom attributes by specifying `attribute.{custom_attribute}`, where - // {custom_attribute} is the name of the custom attribute to be mapped. - // You can define a maximum of 50 custom attributes. The maximum length - // of a mapped attribute key is 100 characters, and the key may only - // contain the characters [a-z0-9_]. You can reference these attributes - // in IAM policies to define fine-grained access for a workforce pool to - // Google Cloud resources. For example: * `google.subject`: + // instead. This attribute cannot be referenced in IAM bindings. You can + // also provide custom attributes by specifying + // `attribute.{custom_attribute}`, where {custom_attribute} is the name + // of the custom attribute to be mapped. You can define a maximum of 50 + // custom attributes. The maximum length of a mapped attribute key is + // 100 characters, and the key may only contain the characters + // [a-z0-9_]. You can reference these attributes in IAM policies to + // define fine-grained access for a workforce pool to Google Cloud + // resources. For example: * `google.subject`: // `principal://iam.googleapis.com/locations/global/workforcePools/{pool} // /subject/{value}` * `google.groups`: // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po diff --git a/vendor/google.golang.org/api/internal/version.go b/vendor/google.golang.org/api/internal/version.go index 104a91132..a130609e5 100644 --- a/vendor/google.golang.org/api/internal/version.go +++ b/vendor/google.golang.org/api/internal/version.go @@ -5,4 +5,4 @@ package internal // Version is the current tagged release of the library. -const Version = "0.154.0" +const Version = "0.153.0" diff --git a/vendor/google.golang.org/api/storage/v1/storage-api.json b/vendor/google.golang.org/api/storage/v1/storage-api.json index 2c5bfb5b3..6c89799d5 100644 --- a/vendor/google.golang.org/api/storage/v1/storage-api.json +++ b/vendor/google.golang.org/api/storage/v1/storage-api.json @@ -26,14 +26,7 @@ "description": "Stores and retrieves potentially large, immutable data objects.", "discoveryVersion": "v1", "documentationLink": "https://developers.google.com/storage/docs/json_api/", - "endpoints": [ - { - "description": "Regional Endpoint", - "endpointUrl": "https://storage.me-central2.rep.googleapis.com/", - "location": "me-central2" - } - ], - "etag": "\"3131373432363238303039393730353234383930\"", + "etag": "\"38383938373230313033363637363637353533\"", "icons": { "x16": "https://www.google.com/images/icons/product/cloud_storage-16.png", "x32": "https://www.google.com/images/icons/product/cloud_storage-32.png" @@ -3806,7 +3799,7 @@ } } }, - "revision": "20231202", + "revision": "20231117", "rootUrl": "https://storage.googleapis.com/", "schemas": { "AnywhereCache": { diff --git a/vendor/google.golang.org/api/transport/grpc/dial.go b/vendor/google.golang.org/api/transport/grpc/dial.go index 34f9ba8bd..87a22f758 100644 --- a/vendor/google.golang.org/api/transport/grpc/dial.go +++ b/vendor/google.golang.org/api/transport/grpc/dial.go @@ -18,7 +18,6 @@ import ( "cloud.google.com/go/compute/metadata" "go.opencensus.io/plugin/ocgrpc" - "go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc" "golang.org/x/oauth2" "golang.org/x/time/rate" "google.golang.org/api/internal" @@ -44,9 +43,6 @@ var timeoutDialerOption grpc.DialOption // Log rate limiter var logRateLimiter = rate.Sometimes{Interval: 1 * time.Second} -// Assign to var for unit test replacement -var dialContext = grpc.DialContext - // Dial returns a GRPC connection for use communicating with a Google cloud // service, configured with the given ClientOptions. func Dial(ctx context.Context, opts ...option.ClientOption) (*grpc.ClientConn, error) { @@ -199,13 +195,12 @@ func dial(ctx context.Context, insecure bool, o *internal.DialSettings) (*grpc.C // gRPC stats handler. // This assumes that gRPC options are processed in order, left to right. grpcOpts = addOCStatsHandler(grpcOpts, o) - grpcOpts = addOpenTelemetryStatsHandler(grpcOpts, o) grpcOpts = append(grpcOpts, o.GRPCDialOpts...) if o.UserAgent != "" { grpcOpts = append(grpcOpts, grpc.WithUserAgent(o.UserAgent)) } - return dialContext(ctx, endpoint, grpcOpts...) + return grpc.DialContext(ctx, endpoint, grpcOpts...) } func addOCStatsHandler(opts []grpc.DialOption, settings *internal.DialSettings) []grpc.DialOption { @@ -215,13 +210,6 @@ func addOCStatsHandler(opts []grpc.DialOption, settings *internal.DialSettings) return append(opts, grpc.WithStatsHandler(&ocgrpc.ClientHandler{})) } -func addOpenTelemetryStatsHandler(opts []grpc.DialOption, settings *internal.DialSettings) []grpc.DialOption { - if settings.TelemetryDisabled { - return opts - } - return append(opts, grpc.WithStatsHandler(otelgrpc.NewClientHandler())) -} - // grpcTokenSource supplies PerRPCCredentials from an oauth.TokenSource. type grpcTokenSource struct { oauth.TokenSource diff --git a/vendor/google.golang.org/api/transport/http/dial.go b/vendor/google.golang.org/api/transport/http/dial.go index 7e322a17c..a07362ffd 100644 --- a/vendor/google.golang.org/api/transport/http/dial.go +++ b/vendor/google.golang.org/api/transport/http/dial.go @@ -16,7 +16,6 @@ import ( "time" "go.opencensus.io/plugin/ochttp" - "go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp" "golang.org/x/net/http2" "golang.org/x/oauth2" "google.golang.org/api/googleapi/transport" @@ -70,9 +69,6 @@ func newTransport(ctx context.Context, base http.RoundTripper, settings *interna requestReason: settings.RequestReason, } var trans http.RoundTripper = paramTransport - // Give OpenTelemetry precedence over OpenCensus in case user configuration - // causes both to write the same header (`X-Cloud-Trace-Context`). - trans = addOpenTelemetryTransport(trans, settings) trans = addOCTransport(trans, settings) switch { case settings.NoAuth: @@ -207,13 +203,6 @@ func fallbackBaseTransport() *http.Transport { } } -func addOpenTelemetryTransport(trans http.RoundTripper, settings *internal.DialSettings) http.RoundTripper { - if settings.TelemetryDisabled { - return trans - } - return otelhttp.NewTransport(trans) -} - func addOCTransport(trans http.RoundTripper, settings *internal.DialSettings) http.RoundTripper { if settings.TelemetryDisabled { return trans diff --git a/vendor/modules.txt b/vendor/modules.txt index 6580e8e34..037604e96 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -566,7 +566,7 @@ golang.org/x/tools/go/ast/inspector # gomodules.xyz/jsonpatch/v2 v2.4.0 ## explicit; go 1.20 gomodules.xyz/jsonpatch/v2 -# google.golang.org/api v0.154.0 +# google.golang.org/api v0.153.0 ## explicit; go 1.19 google.golang.org/api/cloudresourcemanager/v1 google.golang.org/api/googleapi