Update gitaly client to 1.5 to support tls

go/vendor/gitlab.com/gitlab-org/gitaly/NOTICE

@@ -156,7 +156,7 @@ ISC License
 
 Copyright (c) 2012-2016 Dave Collins <dave@davec.name>
 
-Permission to use, copy, modify, and distribute this software for any
+Permission to use, copy, modify, and/or distribute this software for any
 purpose with or without fee is hereby granted, provided that the above
 copyright notice and this permission notice appear in all copies.
 
@@ -199,10 +199,7 @@ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 LICENSE - gitlab.com/gitlab-org/gitaly/vendor/github.com/golang/protobuf
-Go support for Protocol Buffers - Google's data interchange format
-
 Copyright 2010 The Go Authors.  All rights reserved.
-https://github.com/golang/protobuf
 
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are
@@ -656,6 +653,17 @@ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+LICENSE - gitlab.com/gitlab-org/gitaly/vendor/github.com/konsorten/go-windows-terminal-sequences
+(The MIT License)
+
+Copyright (c) 2017 marvin + konsorten GmbH (open-source@konsorten.de)
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the 'Software'), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 LICENSE - gitlab.com/gitlab-org/gitaly/vendor/github.com/matttproud/golang_protobuf_extensions
                                  Apache License
                            Version 2.0, January 2004
@@ -862,6 +870,31 @@ LICENSE - gitlab.com/gitlab-org/gitaly/vendor/github.com/matttproud/golang_proto
 NOTICE - gitlab.com/gitlab-org/gitaly/vendor/github.com/matttproud/golang_protobuf_extensions
 Copyright 2012 Matt T. Proud (matt.proud@gmail.com)
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+LICENSE - gitlab.com/gitlab-org/gitaly/vendor/github.com/pkg/errors
+Copyright (c) 2015, Dave Cheney <dave@cheney.net>
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+* Redistributions of source code must retain the above copyright notice, this
+  list of conditions and the following disclaimer.
+
+* Redistributions in binary form must reproduce the above copyright notice,
+  this list of conditions and the following disclaimer in the documentation
+  and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 LICENSE - gitlab.com/gitlab-org/gitaly/vendor/github.com/pmezard/go-difflib
 Copyright (c) 2013, Patrick Mezard
 All rights reserved.
@@ -1813,6 +1846,29 @@ furnished to do so, subject to the following conditions:
 The above copyright notice and this permission notice shall be included in
 all copies or substantial portions of the Software.
 
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+LICENSE - gitlab.com/gitlab-org/gitaly/vendor/gitlab.com/gitlab-org/labkit
+The MIT License (MIT)
+
+Copyright (c) 2016-2017 GitLab B.V.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE

go/vendor/gitlab.com/gitlab-org/gitaly/client/address_parser.go

+package client
+
+import (
+	"fmt"
+	"net/url"
+)
+
+func parseAddress(rawAddress string) (canonicalAddress string, err error) {
+	u, err := url.Parse(rawAddress)
+	if err != nil {
+		return "", err
+	}
+
+	// tcp:// addresses are a special case which `grpc.Dial` expects in a
+	// different format
+	if u.Scheme == "tcp" || u.Scheme == "tls" {
+		if u.Path != "" {
+			return "", fmt.Errorf("%s addresses should not have a path", u.Scheme)
+		}
+		return u.Host, nil
+	}
+
+	return u.String(), nil
+}

go/vendor/gitlab.com/gitlab-org/gitaly/client/dial.go

 package client
 
 import (
-	"fmt"
-	"net"
+	"google.golang.org/grpc/credentials"
+
 	"net/url"
-	"strings"
-	"time"
 
 	"google.golang.org/grpc"
 )
 
 // DefaultDialOpts hold the default DialOptions for connection to Gitaly over UNIX-socket
-var DefaultDialOpts = []grpc.DialOption{
-	grpc.WithInsecure(),
-}
+var DefaultDialOpts = []grpc.DialOption{}
 
 // Dial gitaly
 func Dial(rawAddress string, connOpts []grpc.DialOption) (*grpc.ClientConn, error) {
-	network, addr, err := parseAddress(rawAddress)
+	canonicalAddress, err := parseAddress(rawAddress)
 	if err != nil {
 		return nil, err
 	}
 
-	connOpts = append(connOpts,
-		grpc.WithDialer(func(a string, timeout time.Duration) (net.Conn, error) {
-			return net.DialTimeout(network, a, timeout)
-		}))
-	conn, err := grpc.Dial(addr, connOpts...)
+	if isTLS(rawAddress) {
+		certPool, err := systemCertPool()
+		if err != nil {
+			return nil, err
+		}
+
+		creds := credentials.NewClientTLSFromCert(certPool, "")
+		connOpts = append(connOpts, grpc.WithTransportCredentials(creds))
+	} else {
+		connOpts = append(connOpts, grpc.WithInsecure())
+	}
+
+	conn, err := grpc.Dial(canonicalAddress, connOpts...)
 	if err != nil {
 		return nil, err
 	}
@@ -34,28 +38,7 @@ func Dial(rawAddress string, connOpts []grpc.DialOption) (*grpc.ClientConn, erro
 	return conn, nil
 }
 
-func parseAddress(rawAddress string) (network, addr string, err error) {
-	// Parsing unix:// URL's with url.Parse does not give the result we want
-	// so we do it manually.
-	for _, prefix := range []string{"unix://", "unix:"} {
-		if strings.HasPrefix(rawAddress, prefix) {
-			return "unix", strings.TrimPrefix(rawAddress, prefix), nil
-		}
-	}
-
+func isTLS(rawAddress string) bool {
 	u, err := url.Parse(rawAddress)
-	if err != nil {
-		return "", "", err
-	}
-
-	if u.Scheme != "tcp" {
-		return "", "", fmt.Errorf("unknown scheme: %q", rawAddress)
-	}
-	if u.Host == "" {
-		return "", "", fmt.Errorf("network tcp requires host: %q", rawAddress)
-	}
-	if u.Path != "" {
-		return "", "", fmt.Errorf("network tcp should have no path: %q", rawAddress)
-	}
-	return "tcp", u.Host, nil
+	return err == nil && u.Scheme == "tls"
 }

go/vendor/gitlab.com/gitlab-org/gitaly/client/pool-darwin.go

+// +build darwin
+
+package client
+
+import (
+	"crypto/x509"
+	"io/ioutil"
+	"os"
+	"path"
+)
+
+// systemCertPool circumvents the fact that Go on macOS does not support
+// SSL_CERT_{DIR,FILE}.
+func systemCertPool() (*x509.CertPool, error) {
+	var certPem []byte
+	count := 0
+
+	if f := os.Getenv("SSL_CERT_FILE"); len(f) > 0 {
+		pem, err := ioutil.ReadFile(f)
+		if err != nil {
+			return nil, err
+		}
+
+		pem = append(pem, '\n')
+		certPem = append(certPem, pem...)
+		count++
+	}
+
+	if d := os.Getenv("SSL_CERT_DIR"); len(d) > 0 {
+		entries, err := ioutil.ReadDir(d)
+		if err != nil {
+			return nil, err
+		}
+
+		for _, entry := range entries {
+			if entry.IsDir() {
+				continue
+			}
+
+			pem, err := ioutil.ReadFile(path.Join(d, entry.Name()))
+			if err != nil {
+				return nil, err
+			}
+
+			pem = append(pem, '\n')
+			certPem = append(certPem, pem...)
+			count++
+		}
+	}
+
+	pool, err := x509.SystemCertPool()
+	if err != nil {
+		return nil, err
+	}
+
+	pool.AppendCertsFromPEM(certPem)
+	return pool, nil
+}

go/vendor/gitlab.com/gitlab-org/gitaly/client/pool.go

+// +build !darwin
+
+package client
+
+import "crypto/x509"
+
+// systemCertPool has an override on macOS.
+func systemCertPool() (*x509.CertPool, error) { return x509.SystemCertPool() }

go/vendor/gitlab.com/gitlab-org/gitaly/client/receive_pack.go

@@ -3,20 +3,18 @@ package client
 import (
 	"io"
 
+	"gitlab.com/gitlab-org/gitaly-proto/go/gitalypb"
 	"gitlab.com/gitlab-org/gitaly/streamio"
-
-	pb "gitlab.com/gitlab-org/gitaly-proto/go"
-
 	"golang.org/x/net/context"
 	"google.golang.org/grpc"
 )
 
 // ReceivePack proxies an SSH git-receive-pack (git push) session to Gitaly
-func ReceivePack(ctx context.Context, conn *grpc.ClientConn, stdin io.Reader, stdout, stderr io.Writer, req *pb.SSHReceivePackRequest) (int32, error) {
+func ReceivePack(ctx context.Context, conn *grpc.ClientConn, stdin io.Reader, stdout, stderr io.Writer, req *gitalypb.SSHReceivePackRequest) (int32, error) {
 	ctx2, cancel := context.WithCancel(ctx)
 	defer cancel()
 
-	ssh := pb.NewSSHServiceClient(conn)
+	ssh := gitalypb.NewSSHServiceClient(conn)
 	stream, err := ssh.SSHReceivePack(ctx2)
 	if err != nil {
 		return 0, err
@@ -27,7 +25,7 @@ func ReceivePack(ctx context.Context, conn *grpc.ClientConn, stdin io.Reader, st
 	}
 
 	inWriter := streamio.NewWriter(func(p []byte) error {
-		return stream.Send(&pb.SSHReceivePackRequest{Stdin: p})
+		return stream.Send(&gitalypb.SSHReceivePackRequest{Stdin: p})
 	})
 
 	return streamHandler(func() (stdoutStderrResponse, error) {

go/vendor/gitlab.com/gitlab-org/gitaly/client/std_stream.go

@@ -4,11 +4,11 @@ import (
 	"fmt"
 	"io"
 
-	pb "gitlab.com/gitlab-org/gitaly-proto/go"
+	"gitlab.com/gitlab-org/gitaly-proto/go/gitalypb"
 )
 
 type stdoutStderrResponse interface {
-	GetExitStatus() *pb.ExitStatus
+	GetExitStatus() *gitalypb.ExitStatus
 	GetStderr() []byte
 	GetStdout() []byte
 }

go/vendor/gitlab.com/gitlab-org/gitaly/client/upload_archive.go

@@ -3,20 +3,18 @@ package client
 import (
 	"io"
 
+	"gitlab.com/gitlab-org/gitaly-proto/go/gitalypb"
 	"gitlab.com/gitlab-org/gitaly/streamio"
-
-	pb "gitlab.com/gitlab-org/gitaly-proto/go"
-
 	"golang.org/x/net/context"
 	"google.golang.org/grpc"
 )
 
 // UploadArchive proxies an SSH git-upload-archive (git archive --remote) session to Gitaly
-func UploadArchive(ctx context.Context, conn *grpc.ClientConn, stdin io.Reader, stdout, stderr io.Writer, req *pb.SSHUploadArchiveRequest) (int32, error) {
+func UploadArchive(ctx context.Context, conn *grpc.ClientConn, stdin io.Reader, stdout, stderr io.Writer, req *gitalypb.SSHUploadArchiveRequest) (int32, error) {
 	ctx2, cancel := context.WithCancel(ctx)
 	defer cancel()
 
-	ssh := pb.NewSSHServiceClient(conn)
+	ssh := gitalypb.NewSSHServiceClient(conn)
 	stream, err := ssh.SSHUploadArchive(ctx2)
 	if err != nil {
 		return 0, err
@@ -27,7 +25,7 @@ func UploadArchive(ctx context.Context, conn *grpc.ClientConn, stdin io.Reader,
 	}
 
 	inWriter := streamio.NewWriter(func(p []byte) error {
-		return stream.Send(&pb.SSHUploadArchiveRequest{Stdin: p})
+		return stream.Send(&gitalypb.SSHUploadArchiveRequest{Stdin: p})
 	})
 
 	return streamHandler(func() (stdoutStderrResponse, error) {

go/vendor/gitlab.com/gitlab-org/gitaly/client/upload_pack.go

@@ -3,20 +3,18 @@ package client
 import (
 	"io"
 
+	"gitlab.com/gitlab-org/gitaly-proto/go/gitalypb"
 	"gitlab.com/gitlab-org/gitaly/streamio"
-
-	pb "gitlab.com/gitlab-org/gitaly-proto/go"
-
 	"golang.org/x/net/context"
 	"google.golang.org/grpc"
 )
 
 // UploadPack proxies an SSH git-upload-pack (git fetch) session to Gitaly
-func UploadPack(ctx context.Context, conn *grpc.ClientConn, stdin io.Reader, stdout, stderr io.Writer, req *pb.SSHUploadPackRequest) (int32, error) {
+func UploadPack(ctx context.Context, conn *grpc.ClientConn, stdin io.Reader, stdout, stderr io.Writer, req *gitalypb.SSHUploadPackRequest) (int32, error) {
 	ctx2, cancel := context.WithCancel(ctx)
 	defer cancel()
 
-	ssh := pb.NewSSHServiceClient(conn)
+	ssh := gitalypb.NewSSHServiceClient(conn)
 	stream, err := ssh.SSHUploadPack(ctx2)
 	if err != nil {
 		return 0, err
@@ -27,7 +25,7 @@ func UploadPack(ctx context.Context, conn *grpc.ClientConn, stdin io.Reader, std
 	}
 
 	inWriter := streamio.NewWriter(func(p []byte) error {
-		return stream.Send(&pb.SSHUploadPackRequest{Stdin: p})
+		return stream.Send(&gitalypb.SSHUploadPackRequest{Stdin: p})
 	})
 
 	return streamHandler(func() (stdoutStderrResponse, error) {

go/vendor/vendor.json

@@ -67,6 +67,12 @@
 			"version": "v0.112.0",
 			"versionExact": "v0.112.0"
 		},
+		{
+			"path": "gitlab.com/gitlab-org/gitaly-proto/go/gitalypb",
+			"revision": "e3a5c0a6da1c62f406f6b74b281dad43f8b74ea5",
+			"version": "v0.112.0",
+			"versionExact": "v0.112.0"
+		},
 		{
 			"checksumSHA1": "SbYAalNU5azT8lJGerDI4I/Nw84=",
 			"path": "gitlab.com/gitlab-org/gitaly/auth",
@@ -76,12 +82,12 @@
 			"versionExact": "v0.125.0"
 		},
 		{
-			"checksumSHA1": "CsPKG7r/N8ARlHtnHKimJiOnYiY=",
+			"checksumSHA1": "0FMG4FMRxji6+9LSKgWT6snO1FM=",
 			"path": "gitlab.com/gitlab-org/gitaly/client",
-			"revision": "5e2c70a9a670f5d675cf45f880bbbb08a5169ab8",
-			"revisionTime": "2018-03-13T20:33:04Z",
-			"version": "v0.90.0",
-			"versionExact": "v0.90.0"
+			"revision": "3265234b0d281942d8a02fa5654d76c360ace192",
+			"revisionTime": "2018-12-05T15:59:00Z",
+			"version": "=v1.5.0",
+			"versionExact": "v1.5.0"
 		},
 		{
 			"checksumSHA1": "mifcYH0qXpoPkX5KzXoM3mterWQ=",