Skip to content

Commit 9ec2a5a

Browse files
authored
Merge pull request #88 from chainguard-dev/create-pull-request/patch
Export mono/sdk: refs/heads/main
2 parents af6af24 + 1f02abf commit 9ec2a5a

File tree

10 files changed

+203
-111
lines changed

10 files changed

+203
-111
lines changed

go.mod

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -3,15 +3,15 @@ module chainguard.dev/sdk
33
go 1.24.0
44

55
require (
6-
chainguard.dev/apko v0.25.3
7-
chainguard.dev/go-grpc-kit v0.17.7
6+
chainguard.dev/apko v0.25.4
7+
chainguard.dev/go-grpc-kit v0.17.8
88
chainguard.dev/go-oidctest v0.4.0
99
cloud.google.com/go/compute/metadata v0.6.0
1010
github.com/aws/aws-sdk-go-v2 v1.36.3
1111
github.com/bits-and-blooms/bitset v1.22.0
1212
github.com/chainguard-dev/clog v1.7.0
1313
github.com/cloudevents/sdk-go/v2 v2.15.2
14-
github.com/coreos/go-oidc/v3 v3.12.0
14+
github.com/coreos/go-oidc/v3 v3.13.0
1515
github.com/go-jose/go-jose/v4 v4.0.5
1616
github.com/google/go-cmp v0.7.0
1717
github.com/google/go-containerregistry v0.20.4-0.20250225234217-098045d5e61f
@@ -22,7 +22,7 @@ require (
2222
github.com/sigstore/sigstore v1.9.1
2323
golang.org/x/exp v0.0.0-20250218142911-aa4b98e5adaa
2424
golang.org/x/oauth2 v0.28.0
25-
google.golang.org/api v0.225.0
25+
google.golang.org/api v0.226.0
2626
google.golang.org/genproto/googleapis/api v0.0.0-20250303144028-a0af3efb3deb
2727
google.golang.org/grpc v1.71.0
2828
google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.5.1
@@ -44,7 +44,7 @@ require (
4444
github.com/cloudflare/circl v1.6.0 // indirect
4545
github.com/cyphar/filepath-securejoin v0.4.1 // indirect
4646
github.com/docker/cli v28.0.1+incompatible // indirect
47-
github.com/docker/docker-credential-helpers v0.9.2 // indirect
47+
github.com/docker/docker-credential-helpers v0.9.3 // indirect
4848
github.com/emirpasic/gods v1.18.1 // indirect
4949
github.com/felixge/httpsnoop v1.0.4 // indirect
5050
github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect

go.sum

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
1-
chainguard.dev/apko v0.25.3 h1:wN8Ki/2s++XwK4E19x6MW1PIWq0I9j5gdZsVlp2NYBQ=
2-
chainguard.dev/apko v0.25.3/go.mod h1:4i/zhP74WpHcGV8t9bQCueokNY27M9QRtocELa3aG8Y=
3-
chainguard.dev/go-grpc-kit v0.17.7 h1:TqHua7er5k8m6WM96y0Tm7IoLLkuZ5vh3+5SR1gruKg=
4-
chainguard.dev/go-grpc-kit v0.17.7/go.mod h1:JroMzTY9mdhKe/bvtyChgfECaNh80+bMZH3HS+TGXHw=
1+
chainguard.dev/apko v0.25.4 h1:QFFCD7QR3q9AT5H+/ZCXQReCNN0CgRn1mkOq1T+FZfQ=
2+
chainguard.dev/apko v0.25.4/go.mod h1:1xdjg538oPqb7VCiDMc4IlNtS5gRfpJqv2VIveR6wIo=
3+
chainguard.dev/go-grpc-kit v0.17.8 h1:w8jqj6bO6nPqOcv+VCARfPJThsS+5c05a7yWaW4nbzY=
4+
chainguard.dev/go-grpc-kit v0.17.8/go.mod h1:8Z+6T39iFdTnkaO1zHdnN3e5gjA9W1HdCzwytDy4aPM=
55
chainguard.dev/go-oidctest v0.4.0 h1:B9YTfoa1WtsrEg0wnFeSP7i9tth0LO+GICm2j8HOgWI=
66
chainguard.dev/go-oidctest v0.4.0/go.mod h1:IIic4S3je1I7Acy3bqPtaSPefGEsQDzUp7NJF35MPV4=
77
cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
@@ -46,8 +46,8 @@ github.com/cloudevents/sdk-go/v2 v2.15.2/go.mod h1:lL7kSWAE/V8VI4Wh0jbL2v/jvqsm6
4646
github.com/cloudflare/circl v1.6.0 h1:cr5JKic4HI+LkINy2lg3W2jF8sHCVTBncJr5gIIq7qk=
4747
github.com/cloudflare/circl v1.6.0/go.mod h1:uddAzsPgqdMAYatqJ0lsjX1oECcQLIlRpzZh3pJrofs=
4848
github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
49-
github.com/coreos/go-oidc/v3 v3.12.0 h1:sJk+8G2qq94rDI6ehZ71Bol3oUHy63qNYmkiSjrc/Jo=
50-
github.com/coreos/go-oidc/v3 v3.12.0/go.mod h1:gE3LgjOgFoHi9a4ce4/tJczr0Ai2/BoDhf0r5lltWI0=
49+
github.com/coreos/go-oidc/v3 v3.13.0 h1:M66zd0pcc5VxvBNM4pB331Wrsanby+QomQYjN8HamW8=
50+
github.com/coreos/go-oidc/v3 v3.13.0/go.mod h1:HaZ3szPaZ0e4r6ebqvsLWlk2Tn+aejfmrfah6hnSYEU=
5151
github.com/cyphar/filepath-securejoin v0.4.1 h1:JyxxyPEaktOD+GAnqIqTf9A8tHyAG22rowi7HkoSU1s=
5252
github.com/cyphar/filepath-securejoin v0.4.1/go.mod h1:Sdj7gXlvMcPZsbhwhQ33GguGLDGQL7h7bg04C/+u9jI=
5353
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@@ -56,8 +56,8 @@ github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1
5656
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
5757
github.com/docker/cli v28.0.1+incompatible h1:g0h5NQNda3/CxIsaZfH4Tyf6vpxFth7PYl3hgCPOKzs=
5858
github.com/docker/cli v28.0.1+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
59-
github.com/docker/docker-credential-helpers v0.9.2 h1:50JF7ADQiHdAVBRtg/vy883Y4U5+5GmPOBNtUU+X+6A=
60-
github.com/docker/docker-credential-helpers v0.9.2/go.mod h1:x+4Gbw9aGmChi3qTLZj8Dfn0TD20M/fuWy0E5+WDeCo=
59+
github.com/docker/docker-credential-helpers v0.9.3 h1:gAm/VtF9wgqJMoxzT3Gj5p4AqIjCBS4wrsOh9yRqcz8=
60+
github.com/docker/docker-credential-helpers v0.9.3/go.mod h1:x+4Gbw9aGmChi3qTLZj8Dfn0TD20M/fuWy0E5+WDeCo=
6161
github.com/elazarl/goproxy v1.7.2 h1:Y2o6urb7Eule09PjlhQRGNsqRfPmYI3KKQLFpCAV3+o=
6262
github.com/elazarl/goproxy v1.7.2/go.mod h1:82vkLNir0ALaW14Rc399OTTjyNREgmdL2cVoIbS6XaE=
6363
github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc=
@@ -329,8 +329,8 @@ golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8T
329329
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
330330
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
331331
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
332-
google.golang.org/api v0.225.0 h1:+4/IVqBQm0MV5S+JW3kdEGC1WtOmM2mXN1LKH1LdNlw=
333-
google.golang.org/api v0.225.0/go.mod h1:WP/0Xm4LVvMOCldfvOISnWquSRWbG2kArDZcg+W2DbY=
332+
google.golang.org/api v0.226.0 h1:9A29y1XUD+YRXfnHkO66KggxHBZWg9LsTGqm7TkUvtQ=
333+
google.golang.org/api v0.226.0/go.mod h1:WP/0Xm4LVvMOCldfvOISnWquSRWbG2kArDZcg+W2DbY=
334334
google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
335335
google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
336336
google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=

proto/capabilities/capabilities.go

Lines changed: 21 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -30,9 +30,16 @@ var (
3030

3131
// Map of Capability to result of Bitify(). Set in initBitifyMap().
3232
bitifiedMap = make(map[Capability]uint32, len(Capability_value))
33-
bitifyOnce sync.Once
33+
// Sorted list of {bit, cap} so we can skip sorting in UnmarshalJSON.
34+
bitCaps = make([]bitcap, 0, len(Capability_value))
35+
bitifyOnce sync.Once
3436
)
3537

38+
type bitcap struct {
39+
bit uint32
40+
cap Capability
41+
}
42+
3643
// We can't do this in init() because init() ordering is hard.
3744
func initBitifyMap() {
3845
for i := range Capability_name {
@@ -47,7 +54,12 @@ func initBitifyMap() {
4754
}
4855

4956
bitifiedMap[capability] = bit
57+
bitCaps = append(bitCaps, bitcap{bit, capability})
5058
}
59+
60+
sort.Slice(bitCaps, func(i int, j int) bool {
61+
return bitCaps[i].cap < bitCaps[j].cap
62+
})
5163
}
5264

5365
// Names returns a slice of all capabilities Stringify'd, sans UNKNOWN.
@@ -214,17 +226,18 @@ func (s *Set) UnmarshalJSON(b []byte) error {
214226
if err := json.Unmarshal(b, &bs); err != nil {
215227
return err
216228
}
217-
for capability, bit := range bitifiedMap {
218-
if bs.Test(uint(bit)) {
219-
*s = append(*s, capability)
229+
230+
*s = make([]Capability, 0, bs.Count())
231+
232+
for _, bitcap := range bitCaps {
233+
if bs.Test(uint(bitcap.bit)) {
234+
*s = append(*s, bitcap.cap)
220235
// This ensures that our unit testing checks that no two
221236
// enumeration values are assigned the same bit.
222-
bs.Clear(uint(bit))
237+
bs.Clear(uint(bitcap.bit))
223238
}
224239
}
225-
sort.Slice(*s, func(i int, j int) bool {
226-
return (*s)[i] < (*s)[j]
227-
})
240+
228241
return nil
229242
}
230243
}

proto/capabilities/capabilities_test.go

Lines changed: 41 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -163,3 +163,44 @@ func TestEncoding(t *testing.T) {
163163
})
164164
}
165165
}
166+
167+
func BenchmarkUnmarshal(b *testing.B) {
168+
caps := Set{
169+
Capability_CAP_IAM_GROUPS_LIST,
170+
171+
Capability_CAP_REPO_LIST,
172+
Capability_CAP_MANIFEST_LIST,
173+
Capability_CAP_TAG_LIST,
174+
Capability_CAP_MANIFEST_METADATA_LIST,
175+
176+
Capability_CAP_TENANT_RECORD_SIGNATURES_LIST,
177+
Capability_CAP_TENANT_SBOMS_LIST,
178+
Capability_CAP_TENANT_VULN_REPORTS_LIST,
179+
180+
Capability_CAP_REPO_CREATE,
181+
Capability_CAP_REPO_UPDATE,
182+
Capability_CAP_REPO_DELETE,
183+
184+
Capability_CAP_MANIFEST_CREATE,
185+
Capability_CAP_MANIFEST_UPDATE,
186+
Capability_CAP_MANIFEST_DELETE,
187+
188+
Capability_CAP_TAG_CREATE,
189+
Capability_CAP_TAG_UPDATE,
190+
Capability_CAP_TAG_DELETE,
191+
192+
// To create nested groups as needed on push.
193+
Capability_CAP_IAM_GROUPS_CREATE,
194+
}
195+
raw, err := json.Marshal(caps)
196+
if err != nil {
197+
b.Fatalf("json.Marshal() = %v", err)
198+
}
199+
200+
for b.Loop() {
201+
var got Set
202+
if err := json.Unmarshal(raw, &got); err != nil {
203+
b.Fatalf("json.Unmarshal() = %v", err)
204+
}
205+
}
206+
}

proto/platform/registry/v1/clients.go

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,7 @@ type Clients interface {
2121
Registry() RegistryClient
2222
Vulnerabilities() VulnerabilitiesClient
2323
Apko() ApkoClient
24+
Entitlements() EntitlementsClient
2425

2526
Close() error
2627
}
@@ -49,6 +50,7 @@ func NewClients(ctx context.Context, addr string, token string) (Clients, error)
4950
registry: NewRegistryClient(conn),
5051
vulnerabilities: NewVulnerabilitiesClient(conn),
5152
apko: NewApkoClient(conn),
53+
entitlements: NewEntitlementsClient(conn),
5254

5355
conn: conn,
5456
}, nil
@@ -59,6 +61,7 @@ func NewClientsFromConnection(conn *grpc.ClientConn) Clients {
5961
registry: NewRegistryClient(conn),
6062
vulnerabilities: NewVulnerabilitiesClient(conn),
6163
apko: NewApkoClient(conn),
64+
entitlements: NewEntitlementsClient(conn),
6265
// conn is not set, this client struct does not own closing it.
6366
}
6467
}
@@ -67,6 +70,7 @@ type clients struct {
6770
registry RegistryClient
6871
vulnerabilities VulnerabilitiesClient
6972
apko ApkoClient
73+
entitlements EntitlementsClient
7074

7175
conn *grpc.ClientConn
7276
}
@@ -83,6 +87,10 @@ func (c *clients) Apko() ApkoClient {
8387
return c.apko
8488
}
8589

90+
func (c *clients) Entitlements() EntitlementsClient {
91+
return c.entitlements
92+
}
93+
8694
func (c *clients) Close() error {
8795
if c.conn != nil {
8896
return c.conn.Close()

0 commit comments

Comments
 (0)