treewide: switch to gomod and bump everything
This switches version resolution from fietsje to gomod and updates
all Go dependencies. It also bumps rules_go (required by gVisor) and
switches the Gazelle naming convention from go_default_xxx to the
standard Bazel convention of the default target having the package
name.
Since Kubernetes dropped upstream Bazel support and doesn't check in
all generated files I manually pregenerated the OpenAPI spec. This
should be fixed, but because of the already-huge scope of this CL
and the rebase complexity this is not in here.
Change-Id: Iec8ea613d06946882426c2f9fad5bda7e8aaf833
Reviewed-on: https://review.monogon.dev/c/monogon/+/639
Reviewed-by: Sergiusz Bazanski <serge@monogon.tech>
Reviewed-by: Leopold Schabel <leo@nexantic.com>
diff --git a/metropolis/pkg/pki/BUILD.bazel b/metropolis/pkg/pki/BUILD.bazel
index 04f02ae..ec3babe 100644
--- a/metropolis/pkg/pki/BUILD.bazel
+++ b/metropolis/pkg/pki/BUILD.bazel
@@ -1,7 +1,7 @@
load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
go_library(
- name = "go_default_library",
+ name = "pki",
srcs = [
"ca.go",
"certificate.go",
@@ -11,23 +11,24 @@
importpath = "source.monogon.dev/metropolis/pkg/pki",
visibility = ["//visibility:public"],
deps = [
- "//metropolis/node/core/consensus/client:go_default_library",
- "//metropolis/pkg/event:go_default_library",
- "//metropolis/pkg/event/etcd:go_default_library",
- "//metropolis/pkg/fileargs:go_default_library",
- "@io_etcd_go_etcd//clientv3:go_default_library",
+ "//metropolis/node/core/consensus/client",
+ "//metropolis/pkg/event",
+ "//metropolis/pkg/event/etcd",
+ "//metropolis/pkg/fileargs",
+ "@io_etcd_go_etcd_client_v3//:client",
],
)
go_test(
- name = "go_default_test",
+ name = "pki_test",
srcs = [
"certificate_test.go",
"crl_test.go",
],
- embed = [":go_default_library"],
+ embed = [":pki"],
deps = [
- "//metropolis/node/core/consensus/client:go_default_library",
- "@io_etcd_go_etcd//integration:go_default_library",
+ "//metropolis/node/core/consensus/client",
+ "@io_etcd_go_etcd_client_pkg_v3//testutil",
+ "@io_etcd_go_etcd_tests_v3//integration",
],
)
diff --git a/metropolis/pkg/pki/ca.go b/metropolis/pkg/pki/ca.go
index 7c03f9f..29d1335 100644
--- a/metropolis/pkg/pki/ca.go
+++ b/metropolis/pkg/pki/ca.go
@@ -25,7 +25,7 @@
"math/big"
"time"
- "go.etcd.io/etcd/clientv3"
+ clientv3 "go.etcd.io/etcd/client/v3"
)
// Issuer is an entity that can issue certificates. This interface is
diff --git a/metropolis/pkg/pki/certificate.go b/metropolis/pkg/pki/certificate.go
index f6d480a..a423680 100644
--- a/metropolis/pkg/pki/certificate.go
+++ b/metropolis/pkg/pki/certificate.go
@@ -29,7 +29,7 @@
"fmt"
"net"
- "go.etcd.io/etcd/clientv3"
+ clientv3 "go.etcd.io/etcd/client/v3"
"source.monogon.dev/metropolis/pkg/fileargs"
)
diff --git a/metropolis/pkg/pki/certificate_test.go b/metropolis/pkg/pki/certificate_test.go
index da8dee9..d38b559 100644
--- a/metropolis/pkg/pki/certificate_test.go
+++ b/metropolis/pkg/pki/certificate_test.go
@@ -8,17 +8,20 @@
"crypto/x509"
"testing"
- "go.etcd.io/etcd/integration"
+ "go.etcd.io/etcd/client/pkg/v3/testutil"
+ "go.etcd.io/etcd/tests/v3/integration"
)
// TestManaged ensures Managed Certificates work, including re-ensuring
// certificates with the same data and issuing subordinate certificates.
func TestManaged(t *testing.T) {
- cluster := integration.NewClusterV3(nil, &integration.ClusterConfig{
+ tb, cancel := testutil.NewTestingTBProthesis("pki-managed")
+ defer cancel()
+ cluster := integration.NewClusterV3(tb, &integration.ClusterConfig{
Size: 1,
})
cl := cluster.Client(0)
- defer cluster.Terminate(nil)
+ defer cluster.Terminate(tb)
ctx, ctxC := context.WithCancel(context.Background())
defer ctxC()
ns := Namespaced("/test-managed/")
@@ -100,11 +103,13 @@
// re-Ensuring certificates with the same public key, and attempting to re-issue
// the same certificate with a different public key (which should fail).
func TestExternal(t *testing.T) {
- cluster := integration.NewClusterV3(nil, &integration.ClusterConfig{
+ tb, cancel := testutil.NewTestingTBProthesis("pki-managed")
+ defer cancel()
+ cluster := integration.NewClusterV3(tb, &integration.ClusterConfig{
Size: 1,
})
cl := cluster.Client(0)
- defer cluster.Terminate(nil)
+ defer cluster.Terminate(tb)
ctx, ctxC := context.WithCancel(context.Background())
defer ctxC()
ns := Namespaced("/test-external/")
diff --git a/metropolis/pkg/pki/crl.go b/metropolis/pkg/pki/crl.go
index 2627776..8b886bf 100644
--- a/metropolis/pkg/pki/crl.go
+++ b/metropolis/pkg/pki/crl.go
@@ -9,7 +9,7 @@
"math/big"
"time"
- "go.etcd.io/etcd/clientv3"
+ clientv3 "go.etcd.io/etcd/client/v3"
"source.monogon.dev/metropolis/node/core/consensus/client"
"source.monogon.dev/metropolis/pkg/event"
diff --git a/metropolis/pkg/pki/crl_test.go b/metropolis/pkg/pki/crl_test.go
index 39a0b0e..8f9cf5d 100644
--- a/metropolis/pkg/pki/crl_test.go
+++ b/metropolis/pkg/pki/crl_test.go
@@ -5,7 +5,8 @@
"crypto/x509"
"testing"
- "go.etcd.io/etcd/integration"
+ "go.etcd.io/etcd/client/pkg/v3/testutil"
+ "go.etcd.io/etcd/tests/v3/integration"
"source.monogon.dev/metropolis/node/core/consensus/client"
)
@@ -13,11 +14,13 @@
// TestRevoke exercises the CRL revocation and watching functionality of a CA
// certificate.
func TestRevoke(t *testing.T) {
- cluster := integration.NewClusterV3(nil, &integration.ClusterConfig{
+ tb, cancel := testutil.NewTestingTBProthesis("pki-revoke")
+ defer cancel()
+ cluster := integration.NewClusterV3(tb, &integration.ClusterConfig{
Size: 1,
})
cl := client.NewLocal(cluster.Client(0))
- defer cluster.Terminate(nil)
+ defer cluster.Terminate(tb)
ctx, ctxC := context.WithCancel(context.Background())
defer ctxC()
ns := Namespaced("/test-managed/")