Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow SOPS to use custom AWS KMS and STS Endpoint #1679

Open
wants to merge 32 commits into
base: main
Choose a base branch
from
Open

Allow SOPS to use custom AWS KMS and STS Endpoint #1679

wants to merge 32 commits into from

Conversation

anandavj
Copy link

@anandavj anandavj commented Nov 19, 2024
edited
Loading

There's case when I have custom endpoint for my AWS service, with this changes I could specify STS and KMS endpoint for my AWS service
Example usage:

creation_rules:
  - kms: "kms-arn"
    aws_profile: "default"
    aws_kms_endpoint: "https://kms.us-west-1.customawsendpoint.com"
    aws_sts_endpoint: "https://sts.us-west-1.customawsendpoint.com"

@felixfontein felixfontein added this to the 3.10.0 milestone Dec 1, 2024
felixfontein
felixfontein reviewed Dec 1, 2024
View reviewed changes
Copy link
Contributor

@felixfontein felixfontein left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for your contribution! I can't really comment on the AWS specific things, but as a general note, it looks like you should use gofmt to reformat the changes you made.

keyservice/keyservice.pb.go
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This file is automatically generated, you should not manually modify it, but instead modify the protobuf definition and re-generate it. Right now protobuf regeneration doesn't work (see #1576) though, but I hope that will get fixed soon.

Copy link
Author

@anandavj anandavj Dec 1, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks for the review, I've modify the protobuf definition and re-generate it
I use #1688 makefile but I won't include it on this PR as it's already covered in another PR

@anandavj
Copy link
Author

anandavj commented Dec 1, 2024

Thanks for your contribution! I can't really comment on the AWS specific things, but as a general note, it looks like you should use gofmt to reformat the changes you made.

Thanks for the note, I've ran gofmt and it should be good now

@anandavj
Copy link
Author

I apologize forgot to run the test after merging with main, I've fix the protobuf and finish test it in my local @felixfontein
Screenshot 2024-12-14 212146

anandavj and others added 22 commits December 14, 2024 21:44
@anandavj
Allow SOPS to use custom AWS KMS and STS Endpoint
7f908e6 
Signed-off-by: anandavj <[email protected]>
@dependabot @anandavj
build(deps): Bump github/codeql-action in the ci group
725cb39 
Bumps the ci group with 1 update: [github/codeql-action](https://github.com/github/codeql-action).

Updates `github/codeql-action` from 3.27.1 to 3.27.4
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@4f3212b...ea9e4e3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: anandavj <[email protected]>
@dependabot @anandavj
build(deps): Bump the rust group in /functional-tests with 3 updates
00f1ee7 
Bumps the rust group in /functional-tests with 3 updates: [serde](https://github.com/serde-rs/serde), [serde_json](https://github.com/serde-rs/json) and [serde_derive](https://github.com/serde-rs/serde).

Updates `serde` from 1.0.214 to 1.0.215
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](serde-rs/serde@v1.0.214...v1.0.215)

Updates `serde_json` from 1.0.132 to 1.0.133
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](serde-rs/json@v1.0.132...v1.0.133)

Updates `serde_derive` from 1.0.214 to 1.0.215
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](serde-rs/serde@v1.0.214...v1.0.215)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust
- dependency-name: serde_derive
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust
...

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: anandavj <[email protected]>
@dependabot @anandavj
build(deps): Bump the ci group with 2 updates
5ee78da 
Bumps the ci group with 2 updates: [github/codeql-action](https://github.com/github/codeql-action) and [anchore/sbom-action](https://github.com/anchore/sbom-action).

Updates `github/codeql-action` from 3.27.4 to 3.27.5
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@ea9e4e3...f09c1c0)

Updates `anchore/sbom-action` from 0.17.7 to 0.17.8
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md)
- [Commits](anchore/sbom-action@fc46e51...55dc4ee)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
- dependency-name: anchore/sbom-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: anandavj <[email protected]>
@dependabot @anandavj
build(deps): Bump the go group across 1 directory with 18 updates
5ec3720 
Bumps the go group with 11 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) | `1.45.0` | `1.47.0` |
| [github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys](https://github.com/Azure/azure-sdk-for-go) | `1.2.0` | `1.3.0` |
| [github.com/ProtonMail/go-crypto](https://github.com/ProtonMail/go-crypto) | `1.1.0-beta.0-proton` | `1.1.2` |
| [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) | `1.32.2` | `1.32.5` |
| [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) | `1.28.0` | `1.28.5` |
| [github.com/aws/aws-sdk-go-v2/feature/s3/manager](https://github.com/aws/aws-sdk-go-v2) | `1.17.34` | `1.17.40` |
| [github.com/aws/aws-sdk-go-v2/service/kms](https://github.com/aws/aws-sdk-go-v2) | `1.37.2` | `1.37.6` |
| [github.com/stretchr/testify](https://github.com/stretchr/testify) | `1.9.0` | `1.10.0` |
| [golang.org/x/net](https://github.com/golang/net) | `0.30.0` | `0.31.0` |
| [google.golang.org/api](https://github.com/googleapis/google-api-go-client) | `0.203.0` | `0.209.0` |
| [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.67.1` | `1.68.0` |

Updates `cloud.google.com/go/storage` from 1.45.0 to 1.47.0
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](googleapis/google-cloud-go@pubsub/v1.45.0...spanner/v1.47.0)

Updates `github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys` from 1.2.0 to 1.3.0
- [Release notes](https://github.com/Azure/azure-sdk-for-go/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/documentation/release.md)
- [Commits](Azure/azure-sdk-for-go@v1.2...sdk/azcore/v1.3.0)

Updates `github.com/ProtonMail/go-crypto` from 1.1.0-beta.0-proton to 1.1.2
- [Release notes](https://github.com/ProtonMail/go-crypto/releases)
- [Commits](ProtonMail/go-crypto@v1.1.0-beta.0-proton...v1.1.2)

Updates `github.com/aws/aws-sdk-go-v2` from 1.32.2 to 1.32.5
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@v1.32.2...v1.32.5)

Updates `github.com/aws/aws-sdk-go-v2/config` from 1.28.0 to 1.28.5
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@v1.28.0...config/v1.28.5)

Updates `github.com/aws/aws-sdk-go-v2/credentials` from 1.17.41 to 1.17.46
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@credentials/v1.17.41...credentials/v1.17.46)

Updates `github.com/aws/aws-sdk-go-v2/feature/s3/manager` from 1.17.34 to 1.17.40
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@credentials/v1.17.34...credentials/v1.17.40)

Updates `github.com/aws/aws-sdk-go-v2/service/kms` from 1.37.2 to 1.37.6
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@service/ssm/v1.37.2...service/kms/v1.37.6)

Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.66.1 to 1.68.0
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@service/s3/v1.66.1...service/s3/v1.68.0)

Updates `github.com/aws/aws-sdk-go-v2/service/sts` from 1.32.2 to 1.33.1
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/service/s3/v1.33.1/CHANGELOG.md)
- [Commits](aws/aws-sdk-go-v2@v1.32.2...service/s3/v1.33.1)

Updates `github.com/stretchr/testify` from 1.9.0 to 1.10.0
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](stretchr/testify@v1.9.0...v1.10.0)

Updates `golang.org/x/net` from 0.30.0 to 0.31.0
- [Commits](golang/net@v0.30.0...v0.31.0)

Updates `golang.org/x/sys` from 0.26.0 to 0.27.0
- [Commits](golang/sys@v0.26.0...v0.27.0)

Updates `golang.org/x/term` from 0.25.0 to 0.26.0
- [Commits](golang/term@v0.25.0...v0.26.0)

Updates `google.golang.org/api` from 0.203.0 to 0.209.0
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.203.0...v0.209.0)

Updates `google.golang.org/genproto/googleapis/rpc` from 0.0.0-20241015192408-796eee8c2d53 to 0.0.0-20241113202542-65e8d215514f
- [Commits](https://github.com/googleapis/go-genproto/commits)

Updates `google.golang.org/grpc` from 1.67.1 to 1.68.0
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.67.1...v1.68.0)

Updates `google.golang.org/protobuf` from 1.35.1 to 1.35.2

---
updated-dependencies:
- dependency-name: cloud.google.com/go/storage
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/ProtonMail/go-crypto
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/credentials
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/feature/s3/manager
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/service/kms
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/service/sts
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: golang.org/x/term
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: google.golang.org/genproto/googleapis/rpc
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: google.golang.org/protobuf
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
...

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: anandavj <[email protected]>
@felixfontein @anandavj
Patch harmless parts of go.mod before looking for changes in CI.
214a053 
Signed-off-by: Felix Fontein <[email protected]>
Signed-off-by: anandavj <[email protected]>
@felixfontein @anandavj
Run 'make vendor' in CodeQL build step.
29cffad 
Signed-off-by: Felix Fontein <[email protected]>
Signed-off-by: anandavj <[email protected]>
@felixfontein @anandavj
Move Python patch tool to .github/utils/.
2e12a90 
Signed-off-by: Felix Fontein <[email protected]>
Signed-off-by: anandavj <[email protected]>
@felixfontein @anandavj
Correctly handle comments during JSON serialization.
d755eae 
Signed-off-by: Felix Fontein <[email protected]>
Signed-off-by: anandavj <[email protected]>
@anandavj
gofmt
be3b48a 
Signed-off-by: anandavj <[email protected]>
@anandavj
remove manual update on proto
59d274f 
Signed-off-by: anandavj <[email protected]>
@anandavj
define protobuf definition for aws endpoint and re-generate
afe398e 
Signed-off-by: anandavj <[email protected]>
@felixfontein @anandavj
Patch harmless parts of go.mod before looking for changes in CI.
f895c62 
Signed-off-by: Felix Fontein <[email protected]>
Signed-off-by: anandavj <[email protected]>
@felixfontein @anandavj
Move Python patch tool to .github/utils/.
944ad9f 
Signed-off-by: Felix Fontein <[email protected]>
Signed-off-by: anandavj <[email protected]>
@reneleonhardt @anandavj
chore(deps): Update Rust dependencies
f6a6a10 
Signed-off-by: Rene Leonhardt <[email protected]>
Signed-off-by: anandavj <[email protected]>
@nicklasfrahm @anandavj
fix(config): remove unused variables
a79294e 
Signed-off-by: Nicklas Frahm <[email protected]>
Signed-off-by: anandavj <[email protected]>
@Foxboron @anandavj
keyservice: update protobuf to an recent release
71a1b3c 
Signed-off-by: Morten Linderud <[email protected]>
Signed-off-by: anandavj <[email protected]>
@felixfontein @anandavj
Adjust protoc command line for latest versions of plugins; fix protoc…
3f9c620 
… Go plugin versions and install plugins locally.

Signed-off-by: Felix Fontein <[email protected]>
Signed-off-by: anandavj <[email protected]>
@felixfontein @anandavj
Update go.mod.
35338f7 
Signed-off-by: Felix Fontein <[email protected]>
Signed-off-by: anandavj <[email protected]>
@dependabot @anandavj
build(deps): Bump the go group with 8 updates
d927a74 
Bumps the go group with 8 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/ProtonMail/go-crypto](https://github.com/ProtonMail/go-crypto) | `1.1.2` | `1.1.3` |
| [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) | `1.32.5` | `1.32.6` |
| [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) | `1.28.5` | `1.28.6` |
| [github.com/aws/aws-sdk-go-v2/credentials](https://github.com/aws/aws-sdk-go-v2) | `1.17.46` | `1.17.47` |
| [github.com/aws/aws-sdk-go-v2/feature/s3/manager](https://github.com/aws/aws-sdk-go-v2) | `1.17.40` | `1.17.42` |
| [github.com/aws/aws-sdk-go-v2/service/kms](https://github.com/aws/aws-sdk-go-v2) | `1.37.6` | `1.37.7` |
| [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2) | `1.68.0` | `1.70.0` |
| [github.com/aws/aws-sdk-go-v2/service/sts](https://github.com/aws/aws-sdk-go-v2) | `1.33.1` | `1.33.2` |

Updates `github.com/ProtonMail/go-crypto` from 1.1.2 to 1.1.3
- [Release notes](https://github.com/ProtonMail/go-crypto/releases)
- [Commits](ProtonMail/go-crypto@v1.1.2...v1.1.3)

Updates `github.com/aws/aws-sdk-go-v2` from 1.32.5 to 1.32.6
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@v1.32.5...v1.32.6)

Updates `github.com/aws/aws-sdk-go-v2/config` from 1.28.5 to 1.28.6
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@config/v1.28.5...config/v1.28.6)

Updates `github.com/aws/aws-sdk-go-v2/credentials` from 1.17.46 to 1.17.47
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@credentials/v1.17.46...credentials/v1.17.47)

Updates `github.com/aws/aws-sdk-go-v2/feature/s3/manager` from 1.17.40 to 1.17.42
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@credentials/v1.17.40...credentials/v1.17.42)

Updates `github.com/aws/aws-sdk-go-v2/service/kms` from 1.37.6 to 1.37.7
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@service/kms/v1.37.6...service/kms/v1.37.7)

Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.68.0 to 1.70.0
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@service/s3/v1.68.0...service/s3/v1.70.0)

Updates `github.com/aws/aws-sdk-go-v2/service/sts` from 1.33.1 to 1.33.2
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@service/s3/v1.33.1...service/sfn/v1.33.2)

---
updated-dependencies:
- dependency-name: github.com/ProtonMail/go-crypto
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/credentials
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/feature/s3/manager
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/service/kms
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/service/sts
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
...

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: anandavj <[email protected]>
@felixfontein @anandavj
Bump version to 3.9.2.
43f17a8 
Signed-off-by: Felix Fontein <[email protected]>
Signed-off-by: anandavj <[email protected]>
@felixfontein @anandavj
Add changelog for 3.9.2.
02cb2c0 
Signed-off-by: Felix Fontein <[email protected]>
Signed-off-by: anandavj <[email protected]>
dependabot bot and others added 7 commits December 14, 2024 21:44
@dependabot @anandavj
build(deps): Bump the go group with 10 updates
58607af 
Bumps the go group with 10 updates:

| Package | From | To |
| --- | --- | --- |
| [cloud.google.com/go/kms](https://github.com/googleapis/google-cloud-go) | `1.20.1` | `1.20.2` |
| [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) | `1.47.0` | `1.48.0` |
| [github.com/aws/aws-sdk-go-v2/feature/s3/manager](https://github.com/aws/aws-sdk-go-v2) | `1.17.42` | `1.17.43` |
| [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2) | `1.70.0` | `1.71.0` |
| [golang.org/x/net](https://github.com/golang/net) | `0.31.0` | `0.32.0` |
| [golang.org/x/sys](https://github.com/golang/sys) | `0.27.0` | `0.28.0` |
| [golang.org/x/term](https://github.com/golang/term) | `0.26.0` | `0.27.0` |
| [google.golang.org/api](https://github.com/googleapis/google-api-go-client) | `0.209.0` | `0.210.0` |
| [google.golang.org/genproto/googleapis/rpc](https://github.com/googleapis/go-genproto) | `0.0.0-20241113202542-65e8d215514f` | `0.0.0-20241118233622-e639e219e697` |
| [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.68.0` | `1.68.1` |

Updates `cloud.google.com/go/kms` from 1.20.1 to 1.20.2
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](googleapis/google-cloud-go@kms/v1.20.1...kms/v1.20.2)

Updates `cloud.google.com/go/storage` from 1.47.0 to 1.48.0
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](googleapis/google-cloud-go@spanner/v1.47.0...spanner/v1.48.0)

Updates `github.com/aws/aws-sdk-go-v2/feature/s3/manager` from 1.17.42 to 1.17.43
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@credentials/v1.17.42...credentials/v1.17.43)

Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.70.0 to 1.71.0
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@service/s3/v1.70.0...service/s3/v1.71.0)

Updates `golang.org/x/net` from 0.31.0 to 0.32.0
- [Commits](golang/net@v0.31.0...v0.32.0)

Updates `golang.org/x/sys` from 0.27.0 to 0.28.0
- [Commits](golang/sys@v0.27.0...v0.28.0)

Updates `golang.org/x/term` from 0.26.0 to 0.27.0
- [Commits](golang/term@v0.26.0...v0.27.0)

Updates `google.golang.org/api` from 0.209.0 to 0.210.0
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.209.0...v0.210.0)

Updates `google.golang.org/genproto/googleapis/rpc` from 0.0.0-20241113202542-65e8d215514f to 0.0.0-20241118233622-e639e219e697
- [Commits](https://github.com/googleapis/go-genproto/commits)

Updates `google.golang.org/grpc` from 1.68.0 to 1.68.1
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.68.0...v1.68.1)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/kms
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: cloud.google.com/go/storage
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/feature/s3/manager
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: golang.org/x/term
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: google.golang.org/genproto/googleapis/rpc
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
...

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: anandavj <[email protected]>
@dependabot @anandavj
build(deps): Bump the ci group with 2 updates
0295b78 
Bumps the ci group with 2 updates: [actions/cache](https://github.com/actions/cache) and [github/codeql-action](https://github.com/github/codeql-action).

Updates `actions/cache` from 4.1.2 to 4.2.0
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](actions/cache@6849a64...1bd1e32)

Updates `github/codeql-action` from 3.27.5 to 3.27.6
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@f09c1c0...aa57810)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: anandavj <[email protected]>
@dependabot @anandavj
build(deps): Bump golang.org/x/crypto from 0.30.0 to 0.31.0
2af48ab 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.30.0 to 0.31.0.
- [Commits](golang/crypto@v0.30.0...v0.31.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: anandavj <[email protected]>
@anandavj
Sign Commit
3326e78 
Signed-off-by: vije <[email protected]>
Signed-off-by: anandavj <[email protected]>
@anandavj
Fix Protobuf error on generated
501eb42 
Signed-off-by: anandavj <[email protected]>
@felixfontein @anandavj
Patch harmless parts of go.mod before looking for changes in CI.
c57a49d 
Signed-off-by: Felix Fontein <[email protected]>
@felixfontein @anandavj
Move Python patch tool to .github/utils/.
70eba1e 
Signed-off-by: Felix Fontein <[email protected]>
Signed-off-by: anandavj <[email protected]>
@felixfontein
Copy link
Contributor

You have quite a few commits in this PR that do not belong there. Could you please rebase your PR (instead of adding more merge commits) to get rid of the superfluous commits? Thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@felixfontein felixfontein Awaiting requested review from felixfontein

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
area/keyservice enhancement keyservice/awskms
Projects
None yet
Milestone
3.10.0
Development

Successfully merging this pull request may close these issues.
5 participants
@anandavj @felixfontein @reneleonhardt @nicklasfrahm @Foxboron