Skip to content

Commit

Permalink
Merge pull request #37 from lburgazzoli/dapr-1.12.0
Browse files Browse the repository at this point in the history 
"Update to dapr 1.12 and fix for GO-2023-2102"
  • Loading branch information
@salaboy
salaboy authored Oct 13, 2023
2 parents 1b91c10 + af255c1 commit 8e13369
Show file tree
Hide file tree
Showing 40 changed files with 571 additions and 274 deletions.
2 changes: 1 addition & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ LOCALBIN := $(PROJECT_PATH)/bin

HELM_CHART_REPO ?= https://dapr.github.io/helm-charts
HELM_CHART ?= dapr
HELM_CHART_VERSION ?= 1.11.3
HELM_CHART_VERSION ?= 1.12.0
HELM_CHART_URL ?= https://raw.githubusercontent.com/dapr/helm-charts/master/dapr-$(HELM_CHART_VERSION).tgz

## Tool Versions
Expand Down
26 changes: 16 additions & 10 deletions config/crd/dapr/components.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,15 +12,15 @@ spec:
- name: v1alpha1
schema:
openAPIV3Schema:
description: Component describes an Dapr component type
description: Component describes an Dapr component type.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
auth:
description: Auth represents authentication details for the component
description: Auth represents authentication details for the component.
properties:
secretStore:
type: string
Expand All @@ -39,32 +39,38 @@ spec:
type: string
type: array
spec:
description: ComponentSpec is the spec for a component
description: ComponentSpec is the spec for a component.
properties:
initTimeout:
type: string
ignoreErrors:
type: boolean
initTimeout:
type: string
metadata:
items:
description: MetadataItem is a name/value pair for a metadata
description: NameValuePair is a name/value pair.
properties:
envRef:
description: EnvRef is the name of an environmental variable
to read the value from.
type: string
name:
description: Name of the property.
type: string
secretKeyRef:
description: SecretKeyRef is a reference to a secret holding
the value for the metadata item. Name is the secret name,
and key is the field in the secret.
description: SecretKeyRef is the reference of a value in a secret
store component.
properties:
key:
description: Field in the secret.
type: string
name:
description: Secret name.
type: string
required:
- key
- name
type: object
value:
description: Value of the property, in plaintext.
x-kubernetes-preserve-unknown-fields: true
required:
- name
Expand Down
47 changes: 43 additions & 4 deletions config/crd/dapr/configuration.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.9.2
controller-gen.kubebuilder.io/version: v0.11.3
creationTimestamp: null
name: configurations.dapr.io
labels:
Expand Down Expand Up @@ -224,13 +224,20 @@ spec:
description: Configure API logging.
properties:
enabled:
description: Default value for enabling API logging. Sidecars can always override this by setting `--enable-api-logging` to true or false explicitly. The default value is false.
description: Default value for enabling API logging. Sidecars
can always override this by setting `--enable-api-logging`
to true or false explicitly. The default value is false.
type: boolean
obfuscateURLs:
description: 'When enabled, obfuscates the values of URLs in HTTP API logs, logging the route name rather than the full path being invoked, which could contain PII. Default: false. This option has no effect if API logging is disabled.'
description: 'When enabled, obfuscates the values of URLs
in HTTP API logs, logging the route name rather than the
full path being invoked, which could contain PII. Default:
false. This option has no effect if API logging is disabled.'
type: boolean
omitHealthChecks:
description: 'If true, health checks are not reported in API logs. Default: false. This option has no effect if API logging is disabled.'
description: 'If true, health checks are not reported in API
logs. Default: false. This option has no effect if API logging
is disabled.'
type: boolean
type: object
type: object
Expand Down Expand Up @@ -315,8 +322,34 @@ spec:
properties:
allowedClockSkew:
type: string
controlPlaneTrustDomain:
type: string
enabled:
type: boolean
sentryAddress:
type: string
tokenValidators:
description: Additional token validators to use. When Dapr is
running in Kubernetes mode, this is in addition to the built-in
"kubernetes" validator. In self-hosted mode, enabling a custom
validator will disable the built-in "insecure" validator.
items:
description: ValidatorSpec contains additional token validators
to use.
properties:
name:
description: Name of the validator
enum:
- jwks
type: string
options:
description: Options for the validator, if any
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- name
type: object
type: array
workloadCertTTL:
type: string
required:
Expand Down Expand Up @@ -397,6 +430,12 @@ spec:
required:
- samplingRate
type: object
wasm:
description: WasmSpec describes the security profile for all Dapr Wasm components.
properties:
strictSandbox:
type: boolean
type: object
type: object
type: object
served: true
Expand Down
105 changes: 98 additions & 7 deletions config/crd/dapr/httpendpoints.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,10 +18,14 @@ spec:
- name: v1alpha1
schema:
openAPIV3Schema:
description: HTTPEndpoint describes a Dapr HTTPEndpoint type for external service invocation. This endpoint can be external to Dapr, or external to the environment.
description: HTTPEndpoint describes a Dapr HTTPEndpoint type for external
service invocation. This endpoint can be external to Dapr, or external to
the environment.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
auth:
description: Auth represents authentication details for the component.
Expand All @@ -32,7 +36,9 @@ spec:
- secretStore
type: object
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
Expand All @@ -41,28 +47,113 @@ spec:
type: string
type: array
spec:
description: HTTPEndpointSpec describes an access specification for allowing external service invocations.
description: HTTPEndpointSpec describes an access specification for allowing
external service invocations.
properties:
baseUrl:
type: string
clientTLS:
description: TLS describes how to build client or server TLS configurations.
properties:
certificate:
description: TLSDocument describes and in-line or pointer to a
document to build a TLS configuration.
properties:
secretKeyRef:
description: SecretKeyRef is the reference of a value in a
secret store component.
properties:
key:
description: Field in the secret.
type: string
name:
description: Secret name.
type: string
required:
- name
type: object
value:
description: Value of the property, in plaintext.
x-kubernetes-preserve-unknown-fields: true
type: object
privateKey:
description: TLSDocument describes and in-line or pointer to a
document to build a TLS configuration.
properties:
secretKeyRef:
description: SecretKeyRef is the reference of a value in a
secret store component.
properties:
key:
description: Field in the secret.
type: string
name:
description: Secret name.
type: string
required:
- name
type: object
value:
description: Value of the property, in plaintext.
x-kubernetes-preserve-unknown-fields: true
type: object
renegotiation:
default: Never
description: Renegotiation sets the underlying tls negotiation
strategy for an http channel.
enum:
- Never
- OnceAsClient
- FreelyAsClient
type: string
rootCA:
description: TLSDocument describes and in-line or pointer to a
document to build a TLS configuration.
properties:
secretKeyRef:
description: SecretKeyRef is the reference of a value in a
secret store component.
properties:
key:
description: Field in the secret.
type: string
name:
description: Secret name.
type: string
required:
- name
type: object
value:
description: Value of the property, in plaintext.
x-kubernetes-preserve-unknown-fields: true
type: object
type: object
headers:
items:
description: Header is the name/value pair for a header specification.
description: NameValuePair is a name/value pair.
properties:
envRef:
description: EnvRef is the name of an environmental variable
to read the value from.
type: string
name:
description: Name of the property.
type: string
secretKeyRef:
description: SecretKeyRef is a reference to a secret holding the value for the metadata item. Name is the secret name, and key is the field in the secret.
description: SecretKeyRef is the reference of a value in a secret
store component.
properties:
key:
description: Field in the secret.
type: string
name:
description: Secret name.
type: string
required:
- key
- name
type: object
value:
description: Value of the property, in plaintext.
x-kubernetes-preserve-unknown-fields: true
required:
- name
Expand Down
8 changes: 4 additions & 4 deletions config/crd/dapr/subscription.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,9 +54,9 @@ spec:
deadLetterTopic:
type: string
bulkSubscribe:
description: Represents bulk subscribe properies
description: Represents bulk subscribe properties
properties:
enabled:
enabled:
type: boolean
maxMessagesCount:
type: integer
Expand Down Expand Up @@ -144,9 +144,9 @@ spec:
description: The optional dead letter queue for this topic to send events to.
type: string
bulkSubscribe:
description: Represents bulk subscribe properies
description: Represents bulk subscribe properties
properties:
enabled:
enabled:
type: boolean
maxMessagesCount:
type: integer
Expand Down
8 changes: 4 additions & 4 deletions go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -129,13 +129,13 @@ require (
go.starlark.net v0.0.0-20230814145427-12f4cb8177e4 // indirect
go.uber.org/multierr v1.11.0 // indirect
go.uber.org/zap v1.25.0 // indirect
golang.org/x/crypto v0.13.0 // indirect
golang.org/x/crypto v0.14.0 // indirect
golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect
golang.org/x/net v0.15.0 // indirect
golang.org/x/net v0.17.0 // indirect
golang.org/x/oauth2 v0.12.0 // indirect
golang.org/x/sync v0.3.0 // indirect
golang.org/x/sys v0.12.0 // indirect
golang.org/x/term v0.12.0 // indirect
golang.org/x/sys v0.13.0 // indirect
golang.org/x/term v0.13.0 // indirect
golang.org/x/text v0.13.0 // indirect
gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
google.golang.org/appengine v1.6.8 // indirect
Expand Down
Loading

0 comments on commit 8e13369

Please sign in to comment.