Merge branch 'master' into 976-security-scan

.codeclimate.yml

@@ -15,3 +15,5 @@ engines:
         enabled: false
       SC2148:
         enabled: false
+  gofmt:
+    enabled: true

NOTICES.txt

@@ -157,9 +157,9 @@ See the License for the specific language governing permissions and
 limitations under the License.
 
 
->>> github.com/cyberark/conjur-authn-k8s-client-0.13.0
+>>> github.com/cyberark/conjur-authn-k8s-client-0.15.0
 
-Copyright [yyyy] [name of copyright owner]
+Copyright (c) 2019 CyberArk Software Ltd. All rights reserved.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.

bin/juxtaposer/formatter/util/util.go

@@ -58,10 +58,10 @@ func GetStandardDeviation(mappedCounts *map[int]int) float64 {
 	mean := GetMean(mappedCounts)
 	var totalDeviation float64
 	for valueAmount, occurrences := range *mappedCounts {
-		deviation := math.Pow(float64(valueAmount) - mean, 2)
+		deviation := math.Pow(float64(valueAmount)-mean, 2)
 		totalDeviation += deviation * float64(occurrences)
 	}
-	standardDeviation := math.Pow(totalDeviation/float64(getMappedDataPointCount(mappedCounts) - 1), 0.5)
+	standardDeviation := math.Pow(totalDeviation/float64(getMappedDataPointCount(mappedCounts)-1), 0.5)
 
 	return standardDeviation
 }

examples/connector_templates/README.md

@@ -1,16 +1,37 @@
-# Using templates to implement Secretless Connector Plugins
-
-We created connector templates to ease the process of adding new connectors to secretless.
-Before using the templates to add new connector plugins, be sure to read the [Secretless Connector Plugins README](https://github.com/cyberark/secretless-broker/blob/master/pkg/secretless/plugin/connector/README.md)
-
-To add a new connector do the following:
-
-1. Copy the relevant template directory (HTTP/TCP) into `internal/plugin/connectors/<connector type>`. 
-If you're not sure which connector type is suitable, please refer to the [connector technical overview](https://github.com/cyberark/secretless-broker/tree/master/pkg/secretless/plugin/connector#technical-overview).
-    1. Inside each template directory you will find the required files & structs implemented, 
-    with instructions in the form of TODOs to fill them with the content of the new connector.
-1.  Add an entry to the `Plugins` map defined in GetInternalPluginsFunc() of
-    [`internal_plugins.go`](../../pkg/secretless/plugin/sharedobj/internal_plugins.go), according to their type (HTTP/TCP)
-1. Copy the [`template_connector_test`](template_connector_test) directory into `test/connector/<connector type>/` and rename it to `<connector_name>`.
-    1. This directory will help you write integration tests for your connector. It contains test scripts & files to help you stand up networked containers with docker-compose. The files give instructions on the steps to set up your test suite in the form of TODOs.
-       The [`Jenkinsfile`](../../Jenkinsfile) is set up to automatically run the integration tests with each project build.
+# Using templates to create Secretless Connector Plugins
+
+We created the templates in this directory to make it easier to add new
+connectors to Secretless.
+
+Before using the templates, be sure to read the [Secretless Connector Plugins
+README](https://github.com/cyberark/secretless-broker/blob/master/pkg/secretless/plugin/connector/README.md)
+
+To create a new Secretless connector plugin, follow these instructions:
+
+1. Copy the relevant template directory (HTTP/TCP) into a folder on your local
+   machine (or to `internal/plugin/connectors/<connector_type>` if you are building
+   an internal connector).
+
+   If you're not sure which connector type is appropriate for your target service,
+   please refer to the [connector technical overview](https://github.com/cyberark/secretless-broker/tree/master/pkg/secretless/plugin/connector#technical-overview) for guidelines.
+
+1. Update the copied files to implement your connector. Each file includes
+   instructions in the form of `TODO`s.
+
+1.  (**Internal Connectors Only**) Add an entry to the `Plugins` map defined in
+    `GetInternalPluginsFunc()` of
+    [`internal_plugins.go`](../../pkg/secretless/plugin/sharedobj/internal_plugins.go),
+    according to your connector type (HTTP/TCP)
+
+1. To test your connector, copy the [`template_connector_test`](template_connector_test)
+   directory onto your local machine.
+
+   If you follow the `TODO`-based instructions included in the files in this directory,
+   you will be able to write integration tests for your connector using `docker-compose`.
+   The included test scripts & files will help you stand up networked containers with
+   `docker-compose`.
+
+   **Note for internal connectors:** The the test directory should be copied
+   into `test/connector/<connector type>/` and renamed to `<connector_name>`.
+   The [`Jenkinsfile`](../../Jenkinsfile) is set up to automatically run the
+   integration tests from this directory with each project build.

examples/connector_templates/http/template/connector.go

@@ -1,4 +1,6 @@
-package template
+package main
+
+// TODO: change the package name to your plugin name if this will be an internal connector
 
 import (
 	gohttp "net/http"

examples/connector_templates/http/template/plugin.go

@@ -1,4 +1,6 @@
-package template
+package main
+
+// TODO: change the package name to your plugin name if this will be an internal connector
 
 import (
 	"github.com/cyberark/secretless-broker/pkg/secretless/plugin/connector"

examples/connector_templates/tcp/template/connector.go

@@ -1,4 +1,6 @@
-package template
+package main
+
+// TODO: change the package name to your plugin name if this will be an internal connector
 
 import (
 	"net"

examples/connector_templates/tcp/template/plugin.go

@@ -1,4 +1,6 @@
-package template
+package main
+
+// TODO: change the package name to your plugin name if this will be an internal connector
 
 import (
 	"net"

examples/connector_templates/template_connector_test/docker-compose.yml

@@ -3,6 +3,9 @@ version: '3.0'
 services:
   # TODO: add a service for the platform you want secretless to connect with
 
+  # TODO: make sure Secretless runs with your plugin
+  # which may mean adding the `.so` file as a volume
+  # and revising the command to pass in the `.so` using the `-p` flag
   secretless:
     image: secretless-broker # this image is built by bin/build
     volumes:

go.mod

@@ -4,10 +4,15 @@ require (
 	github.com/aws/aws-sdk-go v1.15.79
 	github.com/cenkalti/backoff v2.0.0+incompatible
 	github.com/codegangsta/cli v1.20.0
+	github.com/containerd/containerd v1.3.2 // indirect
 	github.com/cyberark/conjur-api-go v0.5.2
-	github.com/cyberark/conjur-authn-k8s-client v0.13.0
+	github.com/cyberark/conjur-authn-k8s-client v0.15.0
 	github.com/cyberark/summon v0.7.0
 	github.com/denisenkom/go-mssqldb v0.0.0-20191001013358-cfbb681360f0
+	github.com/docker/distribution v2.7.1+incompatible // indirect
+	github.com/docker/docker v1.4.2-0.20191231165639-e6f6c35b7902
+	github.com/docker/go-connections v0.4.0 // indirect
+	github.com/docker/go-units v0.4.0 // indirect
 	github.com/fsnotify/fsnotify v1.4.7
 	github.com/go-ozzo/ozzo-validation v3.6.0+incompatible
 	github.com/google/btree v1.0.0 // indirect
@@ -19,6 +24,8 @@ require (
 	github.com/joho/godotenv v1.2.0
 	github.com/json-iterator/go v1.1.8 // indirect
 	github.com/lib/pq v0.0.0-20180123210206-19c8e9ad0095
+	github.com/opencontainers/go-digest v1.0.0-rc1 // indirect
+	github.com/opencontainers/image-spec v1.0.1 // indirect
 	github.com/pkg/errors v0.8.1
 	github.com/pkg/profile v1.2.1
 	github.com/prometheus/client_golang v1.2.1 // indirect

go.sum

@@ -20,14 +20,25 @@ github.com/cenkalti/backoff v2.0.0+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QH
 github.com/cespare/xxhash/v2 v2.1.0/go.mod h1:dgIUBU3pDso/gPgZ1osOZ0iQf77oPR28Tjxl5dIMyVM=
 github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
 github.com/codegangsta/cli v1.20.0/go.mod h1:/qJNoX69yVSKu5o4jLyXAENLRyk1uhi7zkbQ3slBdOA=
+github.com/containerd/containerd v1.3.2 h1:ForxmXkA6tPIvffbrDAcPUIB32QgXkt2XFj+F0UxetA=
+github.com/containerd/containerd v1.3.2/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA=
 github.com/cyberark/conjur-api-go v0.5.2 h1:8ntk07YNRz5bBwjNXkDEAPR70Yr+J2MN8NGlkhaMC3k=
 github.com/cyberark/conjur-api-go v0.5.2/go.mod h1:hwaReWirzgKor+JtH6vbwZaASDXulvd0SzGCloC5uOc=
-github.com/cyberark/conjur-authn-k8s-client v0.13.0 h1:sKh0yS6lSHT34FnMRR738+Q0dP+ebC6N/h4Bm9rhq0A=
-github.com/cyberark/conjur-authn-k8s-client v0.13.0/go.mod h1:JTeGIeRO59J7mMEc5yF6FPtk1QnaAzs4GyZa4WldqZc=
+github.com/cyberark/conjur-authn-k8s-client v0.15.0 h1:HFSkyKtaWkxhOc+Whh2CV3x1HWsYWXu8yR4w6RS3umw=
+github.com/cyberark/conjur-authn-k8s-client v0.15.0/go.mod h1:qacUJXCppU1Rg/C+br9B1jBitTq4yG04oc4a+cfI200=
 github.com/cyberark/secretless-broker v1.4.1-0.20191211191712-251c5ec034af/go.mod h1:+GueI3WCJL5gDYaYa38ZokAR8ceEyCVet7MkuZyjf80=
 github.com/cyberark/summon v0.7.0/go.mod h1:S7grcxHeUxfL1vRTQUyq9jGK8yG6V/tSlLPQ6tHRO4k=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/docker/distribution v2.7.1+incompatible h1:a5mlkVzth6W5A4fOsS3D2EO5BUmsJpcB+cRlLU7cSug=
+github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
+github.com/docker/docker v1.4.2-0.20191231165639-e6f6c35b7902 h1:YC1es6eK8+FAB3/9TUlEGUSl7H+G4FDAAEZulfJFc8I=
+github.com/docker/docker v1.4.2-0.20191231165639-e6f6c35b7902/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
+github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ=
+github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec=
+github.com/docker/go-units v0.4.0 h1:3uh0PgVws3nIA0Q+MwDC8yjEPf9zjRfZZWXZYDct3Tw=
+github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
 github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE=
 github.com/dominikh/go-tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
 github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
@@ -159,14 +170,20 @@ github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRW
 github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA=
 github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
 github.com/onsi/gomega v1.4.1/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA=
+github.com/opencontainers/go-digest v1.0.0-rc1 h1:WzifXhOVOEOuFYOJAW6aQqW0TooG2iki3E3Ii+WN7gQ=
+github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s=
+github.com/opencontainers/image-spec v1.0.1 h1:JMemWkRwHx4Zj+fVxWoMCFm/8sYGGrUVojFA6h/TRcI=
+github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0=
 github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
 github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI=
 github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU=
 github.com/pierrec/lz4 v2.0.5+incompatible h1:2xWsjqPFWcplujydGg4WmhC/6fZqK42wMM8aXeqhl0I=
 github.com/pierrec/lz4 v2.0.5+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY=
 github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/profile v1.2.1/go.mod h1:hJw3o1OdXxsrSjjVksARp5W95eeEaEfptyVZyv6JUPA=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI=
 github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
@@ -204,8 +221,10 @@ github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnIn
 github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
 github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.1.1 h1:2vfRuCMp5sSVIDSqO8oNnWJq7mPa6KVP3iPIwFBuy8A=
 github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
+github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 golang.org/x/crypto v0.0.0-20180621125126-a49355c7e3f8/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
@@ -258,9 +277,11 @@ golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgw
 google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
 google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
 google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
+google.golang.org/genproto v0.0.0-20190404172233-64821d5d2107 h1:xtNn7qFlagY2mQNFHMSRPjT2RkOV4OXM7P5TVy9xATo=
 google.golang.org/genproto v0.0.0-20190404172233-64821d5d2107/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
 google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw=
 google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
+google.golang.org/grpc v1.19.1 h1:TrBcJ1yqAl1G++wO39nD/qtgpsW9/1+QGrluyMGEYgM=
 google.golang.org/grpc v1.19.1/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
 gopkg.in/DATA-DOG/go-sqlmock.v1 v1.3.0/go.mod h1:OdE7CF6DbADk7lN8LIKRzRJTTZXIjtWgA5THM5lhBAw=
 gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U=

internal/plugin/connectors/http/aws/plugin.go

@@ -20,7 +20,7 @@ func PluginInfo() map[string]string {
 // request with authorization data.
 func NewConnector(conRes connector.Resources) http.Connector {
 	return &Connector{
-		logger:   conRes.Logger(),
+		logger: conRes.Logger(),
 	}
 }
 

internal/plugin/connectors/http/generic/config.go

@@ -13,8 +13,8 @@ import (
 
 type config struct {
 	CredentialPatterns map[string]*regexp.Regexp
-	Headers map[string]*template.Template
-	ForceSSL bool
+	Headers            map[string]*template.Template
+	ForceSSL           bool
 }
 
 // validate validates that the given creds satisfy the CredentialValidations of
@@ -71,8 +71,8 @@ func newConfig(cfgYAML *ConfigYAML) (*config, error) {
 
 	cfg := &config{
 		CredentialPatterns: make(map[string]*regexp.Regexp),
-		Headers: make(map[string]*template.Template),
-		ForceSSL: cfgYAML.ForceSSL,
+		Headers:            make(map[string]*template.Template),
+		ForceSSL:           cfgYAML.ForceSSL,
 	}
 
 	// Validate and save regexps

internal/plugin/connectors/ssh/proxy_service.go

@@ -119,7 +119,6 @@ func (proxy *proxyService) Start() error {
 
 		serverConfig.AddHostKey(private)
 
-
 		// TODO: is it possible to use the duplex func to stream ?
 		for !proxy.done {
 			nConn, err := proxy.listener.Accept()

internal/plugin/connectors/sshagent/proxy_service.go

@@ -122,7 +122,6 @@ func (proxy *proxyService) populateKeyring(
 	return proxy.keyring.Add(key)
 }
 
-
 // Start initiates the net.Listener to listen for incoming connections
 func (proxy *proxyService) Start() error {
 	logger := proxy.logger

internal/plugin/connectors/tcp/mssql/connector.go

@@ -90,7 +90,7 @@ Overview of the connection process
 	MsSQL->Driver: Login Response
 	Driver->Secretless: Login success or failure
 	Secretless->Client: Login Response (Premade)
- */
+*/
 
 // SingleUseConnector is used to create an authenticated connection to an MSSQL target
 type SingleUseConnector struct {
@@ -188,10 +188,10 @@ func (connector *SingleUseConnector) Connect(
 		//  working as an implicit lock
 		driverConn, err = driverConnector.Connect(loginContext)
 		connectPhaseFinished <- struct{}{}
-	} ()
+	}()
 
 	// Blocks continuation until we've received the preLoginResponse from the driver
-	preloginResponse := <- preLoginResponseChannel
+	preloginResponse := <-preLoginResponseChannel
 
 	// Since the communication between the client and Secretless must be unencrypted,
 	// we fool the client into thinking that it's talking to a server that does not support
@@ -218,7 +218,7 @@ func (connector *SingleUseConnector) Connect(
 	clientLoginChannel <- *clientLogin
 
 	// Block continuation until driver has completed connection
-	<- connectPhaseFinished
+	<-connectPhaseFinished
 	if err != nil {
 		wrappedError := errors.Wrap(err, "failed to connect to mssql server")
 		connector.sendError(wrappedError)
@@ -242,7 +242,6 @@ func (connector *SingleUseConnector) Connect(
 	return connector.backendConn, nil
 }
 
-
 // TODO: Add ability to receive an MSSQL error and send it to the client (#1013)
 func (connector *SingleUseConnector) sendError(err error) {
 	//NOTE: no need to log, Secretless already does this for every error sent back

internal/plugin/connectors/tcp/mysql/packet.go

@@ -18,4 +18,3 @@ func (pkt *Packet) SequenceID() byte {
 func (pkt *Packet) SetSequenceID(id byte) {
 	(*pkt)[3] = id
 }
-

internal/plugin/connectors/tcp/mysql/protocol/error.go

@@ -63,7 +63,7 @@ func (e Error) Error() string {
 // GetPacket formats an Error into a protocol message.
 // https://dev.mysql.com/doc/internals/en/packet-ERR_Packet.html
 func (e Error) GetPacket() []byte {
-	data := make([]byte, 4, 4 + 1 + 2 + 1 + 5 + len(e.Message))
+	data := make([]byte, 4, 4+1+2+1+5+len(e.Message))
 	data = append(data, 0xff)
 	data = append(data, byte(e.Code), byte(e.Code>>8))
 
@@ -83,4 +83,3 @@ func (e Error) GetPacket() []byte {
 
 	return data
 }
-

internal/plugin/connectors/tcp/mysql/protocol/protocol.go

@@ -73,15 +73,15 @@ func UnpackErrResponse(data []byte) error {
 	pos++
 
 	// Error Number [16 bit uint]
-	errno := binary.LittleEndian.Uint16(data[pos:pos + 2])
+	errno := binary.LittleEndian.Uint16(data[pos : pos+2])
 	pos = pos + 2
 
 	sqlstate := ""
 	// SQL State [optional: # + 5bytes string]
 	if data[pos] == '#' {
 		pos++
 
-		sqlstate = string(data[pos : pos + 5])
+		sqlstate = string(data[pos : pos+5])
 		pos = pos + 5
 	}
 
@@ -191,7 +191,6 @@ type HandshakeV10 struct {
 	Salt               []byte
 }
 
-
 // UnpackHandshakeV10 decodes initial handshake request from server.
 // Basic packet structure shown below.
 // See http://imysql.com/mysql-internal-manual/connection-phase-packets.html#packet-Protocol::HandshakeV10

internal/providers/conjur/provider.go

@@ -97,7 +97,7 @@ func ProviderFactory(options plugin_v1.ProviderOptions) (plugin_v1.Provider, err
 		log.Printf("Info: Conjur provider using Kubernetes authenticator-based authentication")
 
 		// Load the authenticator with the config from the environment, and log in to Conjur
-		if authenticator, err = loadAuthenticator(provider.AuthnURL, provider.Version, authenticatorTokenFile, provider.Config); err != nil {
+		if authenticator, err = loadAuthenticator(provider.AuthnURL, provider.Version, provider.Config); err != nil {
 			return nil, fmt.Errorf("ERROR: Conjur provider could not retrieve access token using the authenticator client: %s", err)
 		}
 		provider.Authenticator = authenticator
@@ -185,16 +185,13 @@ func (p *Provider) GetValue(id string) ([]byte, error) {
 // Currently the deployment manifest for Secretless must also specify
 // MY_POD_NAMESPACE and MY_POD_NAME from the pod metadata, but there is a GH
 // issue logged in the authenticator for doing this via the Kubernetes API
-func loadAuthenticator(authnURL string, version string, tokenFilePath string,
+func loadAuthenticator(authnURL string, version string,
 	providerConfig conjurapi.Config) (*authenticator.Authenticator, error) {
 
 	var err error
 
-	// Set the client cert / token paths
-	clientCertPath := "/etc/conjur/ssl/client.pem"
-
 	// Check that required environment variables are set
-	config, err := authnConfig.NewFromEnv(&clientCertPath, &tokenFilePath)
+	config, err := authnConfig.NewFromEnv()
 	if err != nil {
 		return nil, err
 	}

internal/providers/kubernetessecrets/provider.go

@@ -26,7 +26,7 @@ func ProviderFactory(options plugin_v1.ProviderOptions) (plugin_v1.Provider, err
 	}
 
 	provider := &Provider{
-		Name:   options.Name,
+		Name:          options.Name,
 		SecretsClient: SecretsClient,
 	}