update salrashdi123/oauth2, golang-jwt-tpm

README.md

@@ -175,7 +175,6 @@ r.Handle("/")
 - [Extending the sample](#extending-the-sample)
 - [Using link-local address](#using-link-local-address)
 - [Using domain sockets](#using-domain-sockets)
-- [Running GCP ops-agent](#running-gcp-ops-agent)
 - [Building with Bazel](#building-with-bazel)
 - [Building with Kaniko](#building-with-kaniko)
 * [Testing](#testing)
@@ -698,6 +697,7 @@ This metadata server will hash the value for the body to return and use that as
 
 Note `wait-for-change` value is not supported currently so while you can poll for etag changes, you cannot listen and hold.
 
+Finally, since the etag is just a hash of the node, if you change a value then back again, the same etag will get returned for that node. 
 
 ### Static environment variables
 
@@ -822,81 +822,6 @@ anyway, just for fun, you can pipe a tcp socket to domain using `socat` (or vice
 socat TCP-LISTEN:8080,fork,reuseaddr UNIX-CONNECT:/tmp/metadata.sock
 ```
 
-#### Running GCP Ops Agent
-
-This emulator can also be configured to get called by the [GCP ops-agent](https://cloud.google.com/monitoring/agent/ops-agent) (see [pr/30](https://github.com/salrashid123/gce_metadata_server/pull/30)) which would otherwise only run on GCP VMs.
-
-Note: running the ops-agent on any other platform is really not supported (by definition) and can return unexpected data.  Use with a lot of caution.
-
-One of the main issues with running the ops-agent off GCP is that it is by default expecting to emit data for [resource.type=gce_instance](https://cloud.google.com/monitoring/api/resources#tag_gce_instance) ([here](https://github.com/GoogleCloudPlatform/ops-agent/blob/master/confgenerator/resourcedetector/detector.go#L54)]).  For true support of on-prem instances, it should emit with support for [resource.type=generic_node](https://cloud.google.com/monitoring/api/resources#tag_generic_node) and [resource.type=generice_task](https://cloud.google.com/monitoring/api/resources#tag_generic_task).  Those two resource types indicate arbitrary computing environments.  For background on those types, see  [Writing Developer logs with Google Cloud Logging](https://blog.salrashid.dev/articles/2019/writing_developer_logs/) (again, that article is dated and probably doens't work anymore but the metrics resource types are valid).  It maybe possible with the ops-agent to configure overrides it to define the `resource.type` and `labels` but i have not looked into it...
-
-Anyway, if you are still interested in testing, the following setup demonstrates its usage.  I used qemu and debian 12 as a setup; you can use vagrant, vmware or anything else to create the vm on your laptop
-
-Running ops agent on local VM will require creating a service account key.  
-
-Assign the service account the project you want to use and the iam permissions listed [here](https://cloud.google.com/logging/docs/agent/ops-agent/authorization#create-service-account).  Copy the service account key into the vm.
-
-```bash
-## i used debian12 image
-wget https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-12.5.0-amd64-netinst.iso
-
-## create the disk and VM itself
-qemu-img create -f qcow2 boot.img 40G
-qemu-system-x86_64 -hda boot.img -net nic -net user,hostfwd=tcp::10022-:22 \
-   -cpu host -smp `nproc` -cdrom  debian-12.5.0-amd64-netinst.iso  \
-   --enable-kvm -m 2048 --vga vmware
-
-## ssh in; i created a user called 'sal' so i logged in with that:
-ssh -o UserKnownHostsFile=/dev/null     -o CheckHostIP=no -o StrictHostKeyChecking=no [email protected] -p 10022
-
-# once on the VM,
-su -
-apt-get update
-apt-get install curl git
-
-vi /etc/hosts
-## set 169.254.169.254       metadata metadata.google.internal
-
-# create the link-local interface (note that this should not be necessary but i could not get it to work without this)
-ifconfig lo:0 169.254.169.254 up
-
-## download the metadata server
-git clone https://github.com/salrashid123/gce_metadata_server.git
-cd gce_metadata_server
-
-# edit config.json and set service account, projectID,number
-
-## copy the service account key created earlier and save to /path/to/svcaccount.json
-
-## then start the emulator
-/path/to/gce_metadata_server   -logtostderr   -alsologtostderr -v 40  \
-   -port :80 --interface=169.254.169.254 --configFile=`pwd`/config.json \
-   --serviceAccountFile=/path/to/svcaccount.json
-
-### now install the ops agent
-# https://cloud.google.com/stackdriver/docs/solutions/agents/ops-agent/installation
-
-# install ops-agent
-curl -sSO https://dl.google.com/cloudagents/add-google-cloud-ops-agent-repo.sh
-sudo bash add-google-cloud-ops-agent-repo.sh --also-install
-
-## restart
-systemctl restart google-cloud-ops-agent"*"
-
-systemctl status google-cloud-ops-agent"*"
-```
-
-note,  you should be able to run the emulator on default `127.0.0.1:8080`  if each service  has the following env-var in its config set but i could not get it to work:
-
-```bash
-#export SYSTEMD_EDITOR=/bin/vi
-#systemctl edit google-cloud-ops-agent"*"
-
-# set
-[Service]
-Environment="GCE_METADATA_HOST=localhost:8080"
-```
-
 #### Building with Bazel
 
 If you want to build the server using bazel (eg, [deterministic](https://github.com/salrashid123/go-grpc-bazel-docker)),

go.mod

@@ -11,7 +11,8 @@ require (
 	github.com/google/go-tpm v0.9.0
 	github.com/google/go-tpm-tools v0.4.3
 	github.com/gorilla/mux v1.8.1
-	github.com/salrashid123/golang-jwt-tpm v1.1.2
+	github.com/salrashid123/golang-jwt-tpm v1.2.0
+	github.com/salrashid123/oauth2/tpm v0.0.0-20240401112313-82162ccb793e
 	golang.org/x/net v0.20.0
 	golang.org/x/oauth2 v0.16.0
 	google.golang.org/api v0.157.0
@@ -35,7 +36,6 @@ require (
 	github.com/googleapis/gax-go/v2 v2.12.0 // indirect
 	github.com/pborman/uuid v1.2.1 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
-	github.com/salrashid123/oauth2/tpm v0.0.0-20240327144837-141d9054501b // indirect
 	go.opencensus.io v0.24.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.47.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.47.0 // indirect

go.sum

@@ -93,20 +93,10 @@ github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINE
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
-github.com/salrashid123/golang-jwt-tpm v1.1.2 h1:Arsj8FKUb8TiNFC1bOEqfssSSWkWoNccyDsdAKG2vOg=
-github.com/salrashid123/golang-jwt-tpm v1.1.2/go.mod h1:yipaLDdIYPikIhVhp4PD4x01dxTGYQFBIN3+DwHNESE=
-github.com/salrashid123/oauth2/tpm v0.0.0-20231212134021-bddaa5868c39 h1:9YN49H7zMcaT/OSmDT1s6Wd/DvWro8ZSMh7dS7TXGAM=
-github.com/salrashid123/oauth2/tpm v0.0.0-20231212134021-bddaa5868c39/go.mod h1:/6D4hD7O7jQA85CnIaH9Ol0eZT7oN+nLS7K6y6K6w7w=
-github.com/salrashid123/oauth2/tpm v0.0.0-20240327104110-15131c35bf9d h1:/virey7fY5tFxFFom3KHUAhhtLOnCeH2uNTjl8Gudxo=
-github.com/salrashid123/oauth2/tpm v0.0.0-20240327104110-15131c35bf9d/go.mod h1:/6D4hD7O7jQA85CnIaH9Ol0eZT7oN+nLS7K6y6K6w7w=
-github.com/salrashid123/oauth2/tpm v0.0.0-20240327122313-2a4ca40ece9c h1:HxHfwfeX1N/lOV1/Dfl4TQ7F15d5x8aELsx7LOf7jr8=
-github.com/salrashid123/oauth2/tpm v0.0.0-20240327122313-2a4ca40ece9c/go.mod h1:/6D4hD7O7jQA85CnIaH9Ol0eZT7oN+nLS7K6y6K6w7w=
-github.com/salrashid123/oauth2/tpm v0.0.0-20240327123626-f9ef3cd652dc h1:8D8jpHaqEsMpz/1m/qXPg3058cTu/tuyfV0P3zV4mM0=
-github.com/salrashid123/oauth2/tpm v0.0.0-20240327123626-f9ef3cd652dc/go.mod h1:/6D4hD7O7jQA85CnIaH9Ol0eZT7oN+nLS7K6y6K6w7w=
-github.com/salrashid123/oauth2/tpm v0.0.0-20240327124659-ff42cbc3ff0d h1:qSFT/L1rZ5GRmc/8CWeEOEyxFDXGlvGJIJXT1COEinY=
-github.com/salrashid123/oauth2/tpm v0.0.0-20240327124659-ff42cbc3ff0d/go.mod h1:/6D4hD7O7jQA85CnIaH9Ol0eZT7oN+nLS7K6y6K6w7w=
-github.com/salrashid123/oauth2/tpm v0.0.0-20240327144837-141d9054501b h1:ys/1Qirzigaw+Wl2i7Ymx1y5P7AJGfZdfbbtQPT3Vac=
-github.com/salrashid123/oauth2/tpm v0.0.0-20240327144837-141d9054501b/go.mod h1:/6D4hD7O7jQA85CnIaH9Ol0eZT7oN+nLS7K6y6K6w7w=
+github.com/salrashid123/golang-jwt-tpm v1.2.0 h1:TpcApZXT8ntHid9ty0wyZjkBkih+yymzSpCTDwniKB0=
+github.com/salrashid123/golang-jwt-tpm v1.2.0/go.mod h1:yipaLDdIYPikIhVhp4PD4x01dxTGYQFBIN3+DwHNESE=
+github.com/salrashid123/oauth2/tpm v0.0.0-20240401112313-82162ccb793e h1:4jYltQnxQQ5cNSnnU6sVsTriCkBB44zFg2uHpWnpCDw=
+github.com/salrashid123/oauth2/tpm v0.0.0-20240401112313-82162ccb793e/go.mod h1:c3eO1LqrEUENBBc15rWfOveqm/sQhkMtKwgSUcNg+8c=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
 github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=

repositories.bzl

@@ -73,7 +73,7 @@ def go_repositories():
         sum = "h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA=",
         version = "v1.7.0",
     )
-
+    
     go_repository(
         name = "com_github_go_logr_logr",
         importpath = "github.com/go-logr/logr",
@@ -246,14 +246,14 @@ def go_repositories():
     go_repository(
         name = "com_github_salrashid123_golang_jwt_tpm",
         importpath = "github.com/salrashid123/golang-jwt-tpm",
-        sum = "h1:Arsj8FKUb8TiNFC1bOEqfssSSWkWoNccyDsdAKG2vOg=",
-        version = "v1.1.2",
+        sum = "h1:TpcApZXT8ntHid9ty0wyZjkBkih+yymzSpCTDwniKB0=",
+        version = "v1.2.0",
     )
     go_repository(
         name = "com_github_salrashid123_oauth2_tpm",
         importpath = "github.com/salrashid123/oauth2/tpm",
-        sum = "h1:ys/1Qirzigaw+Wl2i7Ymx1y5P7AJGfZdfbbtQPT3Vac=",
-        version = "v0.0.0-20240327144837-141d9054501b",
+        sum = "h1:4jYltQnxQQ5cNSnnU6sVsTriCkBB44zFg2uHpWnpCDw=",
+        version = "v0.0.0-20240401112313-82162ccb793e",
     )
     go_repository(
         name = "com_github_stretchr_objx",
@@ -1154,4 +1154,4 @@ def go_repositories():
         importpath = "go.uber.org/multierr",
         sum = "h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=",
         version = "v1.11.0",
-    )
+    )