✨ Update push builder image dockerfile

go-sigma · Sep 22, 2024 · 63d2f8a · 63d2f8a
1 parent e25e388
commit 63d2f8a
Show file tree

Hide file tree

Showing 9 changed files with 77 additions and 69 deletions.
diff --git a/build/local.Dockerfile b/build/local.Dockerfile
@@ -34,18 +34,6 @@ RUN set -eux && \
 
 FROM alpine:${ALPINE_VERSION}
 
-ARG USE_MIRROR=false
-
-RUN set -eux && \
-  if [ "$USE_MIRROR" = true ]; then sed -i "s/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g" /etc/apk/repositories; fi && \
-  apk add --no-cache curl
-
-RUN adduser --disabled-password -h /home/sigma -s /bin/sh -u 1001 sigma
-
-USER sigma
-
-WORKDIR /home/sigma
-
 COPY --from=fetcher /tmp/skopeo /usr/local/bin/skopeo
 COPY --from=fetcher /usr/local/bin/syft /usr/local/bin/syft
 COPY --from=fetcher /usr/local/bin/trivy /usr/local/bin/trivy
@@ -57,4 +45,11 @@ COPY ./bin/sigma /usr/local/bin/sigma
 VOLUME /var/lib/sigma
 VOLUME /etc/sigma
 
+RUN adduser --disabled-password -h /home/sigma -s /bin/sh -u 1001 sigma && \
+  chown -R 1001:1001 /opt/trivy/
+
+WORKDIR /home/sigma
+
+USER sigma
+
 CMD ["sigma", "server"]
diff --git a/cmd/tools.go b/cmd/tools.go
@@ -50,44 +50,46 @@ var toolsCmd = &cobra.Command{
 }
 
 var toolsForPushBuilderImageCmd = &cobra.Command{
-	Use:   "push-builder-image",
-	Short: "Push builder image to distribution",
+	Use:   "push-builder-images",
+	Short: "Push builder images to distribution",
 	PersistentPreRun: func(_ *cobra.Command, _ []string) {
 		initConfig()
 		logger.SetLevel(viper.GetString("log.level"))
 	},
-	Run: func(_ *cobra.Command, _ []string) {
+	RunE: func(_ *cobra.Command, _ []string) error {
 		err := configs.Initialize()
 		if err != nil {
 			log.Error().Err(err).Msg("initialize configs with error")
-			return
+			return err
 		}
 
 		config := ptr.To(configs.GetConfiguration())
 
 		err = badger.Initialize(context.Background(), config)
 		if err != nil {
 			log.Error().Err(err).Msg("initialize badger with error")
-			return
+			return err
 		}
 
 		err = locker.Initialize(config)
 		if err != nil {
 			log.Error().Err(err).Msg("initialize locker with error")
-			return
+			return err
 		}
 
 		err = dal.Initialize(config)
 		if err != nil {
 			log.Error().Err(err).Msg("initialize database with error")
-			return
+			return err
 		}
 
 		err = initBaseimage(config)
 		if err != nil {
 			log.Error().Err(err).Msg("push builder image with error")
-			return
+			return err
 		}
+
+		return nil
 	},
 }
 

diff --git a/deploy/sigma/templates/configmap.yaml b/deploy/sigma/templates/configmap.yaml
@@ -38,7 +38,7 @@ data:
       type: external
       url: redis://:{{ .Values.redis.auth.password }}@{{ .Release.Name }}-redis-master:{{ .Values.redis.master.service.ports.redis }}/0
     http:
-      internalEndpoint: {{ include "sigma.distribution" . }}:{{ .Values.service.distribution.port }}
+      internalEndpoint: http://{{ include "sigma.distribution" . }}:{{ .Values.service.distribution.port }}
       server: 0.0.0.0:{{.Values.service.server.port}}
       worker: 0.0.0.0:{{.Values.service.worker.port}}
     daemon:

diff --git a/deploy/sigma/templates/post-job.yaml b/deploy/sigma/templates/post-job.yaml
@@ -6,13 +6,15 @@ metadata:
   namespace: {{ .Release.Namespace | quote }}
   labels:
     {{- include "sigma.postJob.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": post-install,post-upgrade
+    "helm.sh/hook-delete-policy": before-hook-creation
 spec:
-  backoffLimit: 6
+  backoffLimit: 1
   template:
     metadata:
-      annotations:
-        rollme: {{ randAlphaNum 5 | quote }}
       {{- with .Values.podAnnotations }}
+      annotations:
         {{- toYaml . | nindent 8 }}
       {{- end }}
       labels:
@@ -23,20 +25,29 @@ spec:
         {{- toYaml .Values.podSecurityContext | nindent 8 }}
       initContainers:
         - name: check-distribution
-          image: {{ printf "%s:%s" .Values.busybox.repository .Values.busybox.tag | quote }}
+          image: {{ printf "%s:%s" .Values.image.osShell.repository .Values.image.osShell.tag | quote }}
           imagePullPolicy: {{ .Values.image.pullPolicy }}
           command:
-            - /bin/sh
-            - -c
-            - 'until nc -z {{ include "sigma.distribution" . }} 80; do echo waiting for {{ include "sigma.distribution" . }}; sleep 3; done;'
+            - "/bin/bash"
+            - "-c"
+            - |-
+              set -e;
+              echo "Waiting for sigma distribution";
+              wait-for-port \
+                --host={{ include "sigma.distribution" . }} \
+                --state=inuse \
+                --timeout=120 \
+                {{ .Values.service.distribution.port }};
+              echo "sigma distribution is available";
       containers:
-        - name: push-images
+        - name: push-builder-images
           image: {{ printf "%s/%s:%s" .Values.image.registry .Values.image.repository .Values.image.tag | quote }}
           imagePullPolicy: {{ .Values.image.pullPolicy }}
           command:
             - sigma
           args:
-            - worker
+            - tools
+            - push-builder-images
             - --config=/etc/sigma/config.yaml
           volumeMounts:
             - name: config

diff --git a/deploy/sigma/templates/server/deployment.yaml b/deploy/sigma/templates/server/deployment.yaml
@@ -59,10 +59,10 @@ spec:
               mountPath: /etc/sigma/config.yaml
               subPath: config.yaml
               readOnly: true
-            {{- if semverCompare ">= 1.31" .Capabilities.KubeVersion.Version }}
-            - name: trivy
-              mountPath: /opt/trivy
-            {{- end }}
+            # {{- if semverCompare ">= 1.31" .Capabilities.KubeVersion.Version }}
+            # - name: trivy
+            #   mountPath: /opt/trivy
+            # {{- end }}
           resources:
             {{- toYaml .Values.resources | nindent 12 }}
       volumes:

diff --git a/deploy/sigma/templates/worker/deployment.yaml b/deploy/sigma/templates/worker/deployment.yaml
@@ -57,10 +57,10 @@ spec:
               mountPath: /etc/sigma/config.yaml
               subPath: config.yaml
               readOnly: true
-            {{- if semverCompare ">= 1.31" .Capabilities.KubeVersion.Version }}
-            - name: trivy
-              mountPath: /opt/trivy
-            {{- end }}
+            # {{- if semverCompare ">= 1.31" .Capabilities.KubeVersion.Version }}
+            # - name: trivy
+            #   mountPath: /opt/trivy
+            # {{- end }}
           resources:
             {{- toYaml .Values.resources | nindent 12 }}
       volumes:

diff --git a/deploy/sigma/values.yaml b/deploy/sigma/values.yaml
@@ -16,10 +16,10 @@ image:
   web:
     repository: go-sigma/sigma-web
     tag: latest
-  ## busybox image used in init-container
-  busybox:
-    repository: busybox
-    tag: 1.36.1-musl
+  ## osShell image used in init-container
+  osShell:
+    repository: bitnami/os-shell
+    tag: 12-debian-12-r30
   pullPolicy: IfNotPresent
 
 imagePullSecrets: []

diff --git a/go.mod b/go.mod
@@ -17,13 +17,13 @@ require (
 	github.com/caarlos0/env/v9 v9.0.0
 	github.com/casbin/casbin/v2 v2.100.0
 	github.com/casbin/gorm-adapter/v3 v3.28.0
-	github.com/containers/podman/v5 v5.2.1
+	github.com/containers/podman/v5 v5.2.2
 	github.com/deckarep/golang-set/v2 v2.6.0
 	github.com/dgraph-io/badger/v4 v4.3.0
 	github.com/distribution/distribution/v3 v3.0.0-beta.1
 	github.com/distribution/reference v0.6.0
-	github.com/docker/cli v27.1.2+incompatible
-	github.com/docker/docker v27.2.1+incompatible
+	github.com/docker/cli v27.3.1+incompatible
+	github.com/docker/docker v27.3.1+incompatible
 	github.com/dustin/go-humanize v1.0.1
 	github.com/fatih/color v1.17.0
 	github.com/glebarez/sqlite v1.11.0
@@ -156,9 +156,9 @@ require (
 	github.com/containerd/platforms v0.2.1 // indirect
 	github.com/containerd/stargz-snapshotter/estargz v0.15.1 // indirect
 	github.com/containerd/typeurl/v2 v2.1.1 // indirect
-	github.com/containers/buildah v1.37.1 // indirect
-	github.com/containers/common v0.60.1 // indirect
-	github.com/containers/image/v5 v5.32.1 // indirect
+	github.com/containers/buildah v1.37.2 // indirect
+	github.com/containers/common v0.60.2 // indirect
+	github.com/containers/image/v5 v5.32.2 // indirect
 	github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 // indirect
 	github.com/containers/ocicrypt v1.2.0 // indirect
 	github.com/containers/psgo v1.9.0 // indirect
@@ -334,7 +334,7 @@ require (
 	github.com/nwaples/rardecode v1.1.3 // indirect
 	github.com/nxadm/tail v1.4.11 // indirect
 	github.com/oklog/ulid v1.3.1 // indirect
-	github.com/open-policy-agent/opa v0.67.1 // indirect
+	github.com/open-policy-agent/opa v0.68.0 // indirect
 	github.com/opencontainers/runc v1.1.14 // indirect
 	github.com/opencontainers/runtime-spec v1.2.0 // indirect
 	github.com/opencontainers/runtime-tools v0.9.1-0.20230914150019-408c51e934dc // indirect
@@ -352,7 +352,7 @@ require (
 	github.com/pkg/sftp v1.13.6 // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/proglottis/gpgme v0.1.3 // indirect
-	github.com/prometheus/client_golang v1.20.1 // indirect
+	github.com/prometheus/client_golang v1.20.2 // indirect
 	github.com/prometheus/client_model v0.6.1 // indirect
 	github.com/prometheus/common v0.55.0 // indirect
 	github.com/prometheus/procfs v0.15.1 // indirect
@@ -442,7 +442,7 @@ require (
 	google.golang.org/genproto v0.0.0-20240730163845-b1a4ccb954bf // indirect
 	google.golang.org/genproto/googleapis/api v0.0.0-20240725223205-93522f1f2a9f // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20240730163845-b1a4ccb954bf // indirect
-	google.golang.org/grpc v1.65.0 // indirect
+	google.golang.org/grpc v1.66.0 // indirect
 	google.golang.org/protobuf v1.34.2 // indirect
 	gopkg.in/go-playground/assert.v1 v1.2.1 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect

diff --git a/go.sum b/go.sum
@@ -557,18 +557,18 @@ github.com/containerd/stargz-snapshotter/estargz v0.15.1 h1:eXJjw9RbkLFgioVaTG+G
 github.com/containerd/stargz-snapshotter/estargz v0.15.1/go.mod h1:gr2RNwukQ/S9Nv33Lt6UC7xEx58C+LHRdoqbEKjz1Kk=
 github.com/containerd/typeurl/v2 v2.1.1 h1:3Q4Pt7i8nYwy2KmQWIw2+1hTvwTE/6w9FqcttATPO/4=
 github.com/containerd/typeurl/v2 v2.1.1/go.mod h1:IDp2JFvbwZ31H8dQbEIY7sDl2L3o3HZj1hsSQlywkQ0=
-github.com/containers/buildah v1.37.1 h1:BZ3vESqzmqGuj9kGqyjitdn9o0hD7owdZM699qtfMTc=
-github.com/containers/buildah v1.37.1/go.mod h1:p/qfxznBMSn9YGYNBh0Sf2k4modfjD3us4rVqvmyeZM=
-github.com/containers/common v0.60.1 h1:hMJNKfDxfXY91zD7mr4t/Ybe8JbAsTq5nkrUaCqTKsA=
-github.com/containers/common v0.60.1/go.mod h1:tB0DRxznmHviECVHnqgWbl+8AVCSMZLA8qe7+U7KD6k=
-github.com/containers/image/v5 v5.32.1 h1:fVa7GxRC4BCPGsfSRs4JY12WyeY26SUYQ0NuANaCFrI=
-github.com/containers/image/v5 v5.32.1/go.mod h1:v1l73VeMugfj/QtKI+jhYbwnwFCFnNGckvbST3rQ5Hk=
+github.com/containers/buildah v1.37.2 h1:KiJ3jVNUvdtGORxDz8fjjLkR81ZHQZIfnGWJWavks40=
+github.com/containers/buildah v1.37.2/go.mod h1:alFCM3X0xfhE6ZjsFQkUlOMyKzOnbv9FL9fe1Ho48PA=
+github.com/containers/common v0.60.2 h1:utcwp2YkO8c0mNlwRxsxfOiqfj157FRrBjxgjR6f+7o=
+github.com/containers/common v0.60.2/go.mod h1:I0upBi1qJX3QmzGbUOBN1LVP6RvkKhd3qQpZbQT+Q54=
+github.com/containers/image/v5 v5.32.2 h1:SzNE2Y6sf9b1GJoC8qjCuMBXwQrACFp4p0RK15+4gmQ=
+github.com/containers/image/v5 v5.32.2/go.mod h1:v1l73VeMugfj/QtKI+jhYbwnwFCFnNGckvbST3rQ5Hk=
 github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 h1:Qzk5C6cYglewc+UyGf6lc8Mj2UaPTHy/iF2De0/77CA=
 github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01/go.mod h1:9rfv8iPl1ZP7aqh9YA68wnZv2NUDbXdcdPHVz0pFbPY=
 github.com/containers/ocicrypt v1.2.0 h1:X14EgRK3xNFvJEfI5O4Qn4T3E25ANudSOZz/sirVuPM=
 github.com/containers/ocicrypt v1.2.0/go.mod h1:ZNviigQajtdlxIZGibvblVuIFBKIuUI2M0QM12SD31U=
-github.com/containers/podman/v5 v5.2.1 h1:EyaLdySOZETVULDLKxbX2R+bxWR1cr8UNMr3fQIgV+8=
-github.com/containers/podman/v5 v5.2.1/go.mod h1:AOwRRDnYEy1TQwAQT4KZW5Oss4QKBvwYtegA6y8009I=
+github.com/containers/podman/v5 v5.2.2 h1:UHDF+CeuRgqQc4EN0MNXrk1Xb45/5td/ClGmAOyiDJ8=
+github.com/containers/podman/v5 v5.2.2/go.mod h1:6RoRmwWUDYzAdDMJnzBWiSxGJF7xJinJG+s4RnczwZw=
 github.com/containers/psgo v1.9.0 h1:eJ74jzSaCHnWt26OlKZROSyUyRcGDf+gYBdXnxrMW4g=
 github.com/containers/psgo v1.9.0/go.mod h1:0YoluUm43Mz2UnBIh1P+6V6NWcbpTL5uRtXyOcH0B5A=
 github.com/containers/storage v1.55.0 h1:wTWZ3YpcQf1F+dSP4KxG9iqDfpQY1otaUXjPpffuhgg=
@@ -637,12 +637,12 @@ github.com/dlclark/regexp2 v1.11.4 h1:rPYF9/LECdNymJufQKmri9gV604RvvABwgOA8un7yA
 github.com/dlclark/regexp2 v1.11.4/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8=
 github.com/dnaeon/go-vcr v1.1.0/go.mod h1:M7tiix8f0r6mKKJ3Yq/kqU1OYf3MnfmBWVbPx/yU9ko=
 github.com/dnaeon/go-vcr v1.2.0/go.mod h1:R4UdLID7HZT3taECzJs4YgbbH6PIGXB6W/sc5OLb6RQ=
-github.com/docker/cli v27.1.2+incompatible h1:nYviRv5Y+YAKx3dFrTvS1ErkyVVunKOhoweCTE1BsnI=
-github.com/docker/cli v27.1.2+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
+github.com/docker/cli v27.3.1+incompatible h1:qEGdFBF3Xu6SCvCYhc7CzaQTlBmqDuzxPDpigSyeKQQ=
+github.com/docker/cli v27.3.1+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
 github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk=
 github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
-github.com/docker/docker v27.2.1+incompatible h1:fQdiLfW7VLscyoeYEBz7/J8soYFDZV1u6VW6gJEjNMI=
-github.com/docker/docker v27.2.1+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
+github.com/docker/docker v27.3.1+incompatible h1:KttF0XoteNTicmUtBO0L2tP+J7FGRFTjaEF4k6WdhfI=
+github.com/docker/docker v27.3.1+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
 github.com/docker/docker-credential-helpers v0.8.2 h1:bX3YxiGzFP5sOXWc3bTPEXdEaZSeVMrFgOr3T+zrFAo=
 github.com/docker/docker-credential-helpers v0.8.2/go.mod h1:P3ci7E3lwkZg6XiHdRKft1KckHiO9a2rNtyFbZ/ry9M=
 github.com/docker/go-connections v0.5.0 h1:USnMq7hx7gwdVZq1L49hLXaFtUdTADjXGp+uj1Br63c=
@@ -1429,8 +1429,8 @@ github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAl
 github.com/onsi/gomega v1.19.0/go.mod h1:LY+I3pBVzYsTBU1AnDwOSxaYi9WoWiqgwooUqq9yPro=
 github.com/onsi/gomega v1.34.1 h1:EUMJIKUjM8sKjYbtxQI9A4z2o+rruxnzNvpknOXie6k=
 github.com/onsi/gomega v1.34.1/go.mod h1:kU1QgUvBDLXBJq618Xvm2LUX6rSAfRaFRTcdOeDLwwY=
-github.com/open-policy-agent/opa v0.67.1 h1:rzy26J6g1X+CKknAcx0Vfbt41KqjuSzx4E0A8DAZf3E=
-github.com/open-policy-agent/opa v0.67.1/go.mod h1:aqKlHc8E2VAAylYE9x09zJYr/fYzGX+JKne89UGqFzk=
+github.com/open-policy-agent/opa v0.68.0 h1:Jl3U2vXRjwk7JrHmS19U3HZO5qxQRinQbJ2eCJYSqJQ=
+github.com/open-policy-agent/opa v0.68.0/go.mod h1:5E5SvaPwTpwt2WM177I9Z3eT7qUpmOGjk1ZdHs+TZ4w=
 github.com/opencontainers/distribution-spec/specs-go v0.0.0-20240919170751-8dba5f1d8dd7 h1:cSQMzWIs23HH3PEiRrlmP0CJfrYGv//npO40/FeAViA=
 github.com/opencontainers/distribution-spec/specs-go v0.0.0-20240919170751-8dba5f1d8dd7/go.mod h1:Va0IMqkjv62YSEytL4sgxrkiD9IzU0T0bX/ZZEtMnSQ=
 github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
@@ -1501,8 +1501,8 @@ github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXP
 github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
 github.com/prometheus/client_golang v1.1.0/go.mod h1:I1FGZT9+L76gKKOs5djB6ezCbFQP1xR9D75/vuwEF3g=
 github.com/prometheus/client_golang v1.4.0/go.mod h1:e9GMxYsXl05ICDXkRhurwBS4Q3OK1iX/F2sw+iXX5zU=
-github.com/prometheus/client_golang v1.20.1 h1:IMJXHOD6eARkQpxo8KkhgEVFlBNm+nkrFUyGlIu7Na8=
-github.com/prometheus/client_golang v1.20.1/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE=
+github.com/prometheus/client_golang v1.20.2 h1:5ctymQzZlyOON1666svgwn3s6IKWgfbjsejTMiXIyjg=
+github.com/prometheus/client_golang v1.20.2/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE=
 github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
 github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
@@ -2518,8 +2518,8 @@ google.golang.org/grpc v1.48.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACu
 google.golang.org/grpc v1.49.0/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI=
 google.golang.org/grpc v1.50.0/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI=
 google.golang.org/grpc v1.50.1/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI=
-google.golang.org/grpc v1.65.0 h1:bs/cUb4lp1G5iImFFd3u5ixQzweKizoZJAwBNLR42lc=
-google.golang.org/grpc v1.65.0/go.mod h1:WgYC2ypjlB0EiQi6wdKixMqukr6lBc0Vo+oOgjrM5ZQ=
+google.golang.org/grpc v1.66.0 h1:DibZuoBznOxbDQxRINckZcUvnCEvrW9pcWIE2yF9r1c=
+google.golang.org/grpc v1.66.0/go.mod h1:s3/l6xSSCURdVfAnL+TqCNMyTDAGN6+lZeVxnZR128Y=
 google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw=
 google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
 google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=