update prometheus dependencies (#5520)

Signed-off-by: junot <junotxiang@kubesphere.io>

vendor/github.com/go-openapi/runtime/.gitattributes

@@ -0,0 +1 @@
+*.go text eol=lf

vendor/github.com/go-openapi/runtime/.golangci.yml

@@ -0,0 +1,44 @@
+linters-settings:
+  govet:
+    # Using err repeatedly considered as shadowing.
+    check-shadowing: false
+  golint:
+    min-confidence: 0
+  gocyclo:
+    min-complexity: 30
+  maligned:
+    suggest-new: true
+  dupl:
+    threshold: 100
+  goconst:
+    min-len: 2
+    min-occurrences: 4
+linters:
+  disable:
+    - maligned
+    - lll
+    - gochecknoglobals
+    - godox
+    - gocognit
+    - whitespace
+    - wsl
+    - funlen
+    - gochecknoglobals
+    - gochecknoinits
+    - scopelint
+    - wrapcheck
+    - exhaustivestruct
+    - exhaustive
+    - nlreturn
+    - testpackage
+    - gci
+    - gofumpt
+    - goerr113
+    - gomnd
+    - tparallel
+    - nestif
+    - godot
+    - errorlint
+    - noctx
+    - interfacer
+    - nilerr

vendor/github.com/go-openapi/runtime/.travis.yml

@@ -1,13 +0,0 @@
-after_success:
-- bash <(curl -s https://codecov.io/bash)
-go:
-- 1.13.x
-- 1.14.x
-install:
-- GO111MODULE=off go get -u gotest.tools/gotestsum
-language: go
-notifications:
-  slack:
-    secure: EmObnQuM9Mw8J9vpFaKKHqSMN4Wsr/A9+v7ewAD5cEhA0T1P4m7MbJMiJOhxUhj/X+BFh2DamW+P2lT8mybj5wg8wnkQ2BteKA8Tawi6f9PRw2NRheO8tAi8o/npLnlmet0kc93mn+oLuqHw36w4+j5mkOl2FghkfGiUVhwrhkCP7KXQN+3TU87e+/HzQumlJ3nsE+6terVxkH3PmaUTsS5ONaODZfuxFpfb7RsoEl3skHf6d+tr+1nViLxxly7558Nc33C+W1mr0qiEvMLZ+kJ/CpGWBJ6CUJM3jm6hNe2eMuIPwEK2hxZob8c7n22VPap4K6a0bBRoydoDXaba+2sD7Ym6ivDO/DVyL44VeBBLyIiIBylDGQdZH+6SoWm90Qe/i7tnY/T5Ao5igT8f3cfQY1c3EsTfqmlDfrhmACBmwSlgkdVBLTprHL63JMY24LWmh4jhxsmMRZhCL4dze8su1w6pLN/pD1pGHtKYCEVbdTmaM3PblNRFf12XB7qosmQsgUndH4Vq3bTbU0s1pKjeDhRyLvFzvR0TBbo0pDLEoF1A/i5GVFWa7yLZNUDudQERRh7qv/xBl2excIaQ1sV4DSVm7bAE9l6Kp+yeHQJW2uN6Y3X8wu9gB9nv9l5HBze7wh8KE6PyWAOLYYqZg9/sAtsv/2GcQqXcKFF1zcA=
-script:
-- gotestsum -f short-verbose -- -race -timeout=20m -coverprofile=coverage.txt -covermode=atomic ./...

vendor/github.com/go-openapi/runtime/bytestream.go

@@ -38,7 +38,7 @@ type byteStreamOpts struct {
 	Close bool
 }
 
-// ByteStreamConsumer creates a consmer for byte streams,
+// ByteStreamConsumer creates a consumer for byte streams,
 // takes a Writer/BinaryUnmarshaler interface or binary slice by reference,
 // and reads from the provided reader
 func ByteStreamConsumer(opts ...byteStreamOpt) Consumer {
@@ -58,6 +58,7 @@ func ByteStreamConsumer(opts ...byteStreamOpt) Consumer {
 				close = cl.Close
 			}
 		}
+		//nolint:errcheck // closing a reader wouldn't fail.
 		defer close()
 
 		if wrtr, ok := data.(io.Writer); ok {
@@ -76,6 +77,13 @@ func ByteStreamConsumer(opts ...byteStreamOpt) Consumer {
 			return bu.UnmarshalBinary(b)
 		}
 
+		if data != nil {
+			if str, ok := data.(*string); ok {
+				*str = string(b)
+				return nil
+			}
+		}
+
 		if t := reflect.TypeOf(data); data != nil && t.Kind() == reflect.Ptr {
 			v := reflect.Indirect(reflect.ValueOf(data))
 			if t = v.Type(); t.Kind() == reflect.Slice && t.Elem().Kind() == reflect.Uint8 {
@@ -107,6 +115,7 @@ func ByteStreamProducer(opts ...byteStreamOpt) Producer {
 				close = cl.Close
 			}
 		}
+		//nolint:errcheck // TODO: closing a writer would fail.
 		defer close()
 
 		if rc, ok := data.(io.ReadCloser); ok {
@@ -129,6 +138,11 @@ func ByteStreamProducer(opts ...byteStreamOpt) Producer {
 		}
 
 		if data != nil {
+			if str, ok := data.(string); ok {
+				_, err := writer.Write([]byte(str))
+				return err
+			}
+
 			if e, ok := data.(error); ok {
 				_, err := writer.Write([]byte(e.Error()))
 				return err

vendor/github.com/go-openapi/runtime/client/auth_info.go

@@ -33,7 +33,7 @@ func init() {
 func BasicAuth(username, password string) runtime.ClientAuthInfoWriter {
 	return runtime.ClientAuthInfoWriterFunc(func(r runtime.ClientRequest, _ strfmt.Registry) error {
 		encoded := base64.StdEncoding.EncodeToString([]byte(username + ":" + password))
-		return r.SetHeaderParam("Authorization", "Basic "+encoded)
+		return r.SetHeaderParam(runtime.HeaderAuthorization, "Basic "+encoded)
 	})
 }
 
@@ -56,6 +56,22 @@ func APIKeyAuth(name, in, value string) runtime.ClientAuthInfoWriter {
 // BearerToken provides a header based oauth2 bearer access token auth info writer
 func BearerToken(token string) runtime.ClientAuthInfoWriter {
 	return runtime.ClientAuthInfoWriterFunc(func(r runtime.ClientRequest, _ strfmt.Registry) error {
-		return r.SetHeaderParam("Authorization", "Bearer "+token)
+		return r.SetHeaderParam(runtime.HeaderAuthorization, "Bearer "+token)
+	})
+}
+
+// Compose combines multiple ClientAuthInfoWriters into a single one.
+// Useful when multiple auth headers are needed.
+func Compose(auths ...runtime.ClientAuthInfoWriter) runtime.ClientAuthInfoWriter {
+	return runtime.ClientAuthInfoWriterFunc(func(r runtime.ClientRequest, _ strfmt.Registry) error {
+		for _, auth := range auths {
+			if auth == nil {
+				continue
+			}
+			if err := auth.AuthenticateRequest(r, nil); err != nil {
+				return err
+			}
+		}
+		return nil
 	})
 }

vendor/github.com/go-openapi/runtime/client/keepalive.go

@@ -2,7 +2,6 @@ package client
 
 import (
 	"io"
-	"io/ioutil"
 	"net/http"
 	"sync/atomic"
 )
@@ -46,8 +45,11 @@ func (d *drainingReadCloser) Read(p []byte) (n int, err error) {
 func (d *drainingReadCloser) Close() error {
 	// drain buffer
 	if atomic.LoadUint32(&d.seenEOF) != 1 {
-		//#nosec
-		io.Copy(ioutil.Discard, d.rdr)
+		// If the reader side (a HTTP server) is misbehaving, it still may send
+		// some bytes, but the closer ignores them to keep the underling
+		// connection open.
+		//nolint:errcheck
+		io.Copy(io.Discard, d.rdr)
 	}
 	return d.rdr.Close()
 }

vendor/github.com/go-openapi/runtime/client/opentelemetry.go

@@ -0,0 +1,207 @@
+package client
+
+import (
+	"fmt"
+	"net/http"
+	"strings"
+
+	"github.com/go-openapi/runtime"
+	"github.com/go-openapi/strfmt"
+	"go.opentelemetry.io/otel"
+	"go.opentelemetry.io/otel/attribute"
+	"go.opentelemetry.io/otel/codes"
+	"go.opentelemetry.io/otel/propagation"
+	semconv "go.opentelemetry.io/otel/semconv/v1.12.0"
+	"go.opentelemetry.io/otel/trace"
+)
+
+const (
+	instrumentationVersion = "1.0.0"
+	tracerName             = "go-openapi"
+)
+
+type config struct {
+	Tracer            trace.Tracer
+	Propagator        propagation.TextMapPropagator
+	SpanStartOptions  []trace.SpanStartOption
+	SpanNameFormatter func(*runtime.ClientOperation) string
+	TracerProvider    trace.TracerProvider
+}
+
+type OpenTelemetryOpt interface {
+	apply(*config)
+}
+
+type optionFunc func(*config)
+
+func (o optionFunc) apply(c *config) {
+	o(c)
+}
+
+// WithTracerProvider specifies a tracer provider to use for creating a tracer.
+// If none is specified, the global provider is used.
+func WithTracerProvider(provider trace.TracerProvider) OpenTelemetryOpt {
+	return optionFunc(func(c *config) {
+		if provider != nil {
+			c.TracerProvider = provider
+		}
+	})
+}
+
+// WithPropagators configures specific propagators. If this
+// option isn't specified, then the global TextMapPropagator is used.
+func WithPropagators(ps propagation.TextMapPropagator) OpenTelemetryOpt {
+	return optionFunc(func(c *config) {
+		if ps != nil {
+			c.Propagator = ps
+		}
+	})
+}
+
+// WithSpanOptions configures an additional set of
+// trace.SpanOptions, which are applied to each new span.
+func WithSpanOptions(opts ...trace.SpanStartOption) OpenTelemetryOpt {
+	return optionFunc(func(c *config) {
+		c.SpanStartOptions = append(c.SpanStartOptions, opts...)
+	})
+}
+
+// WithSpanNameFormatter takes a function that will be called on every
+// request and the returned string will become the Span Name.
+func WithSpanNameFormatter(f func(op *runtime.ClientOperation) string) OpenTelemetryOpt {
+	return optionFunc(func(c *config) {
+		c.SpanNameFormatter = f
+	})
+}
+
+func defaultTransportFormatter(op *runtime.ClientOperation) string {
+	if op.ID != "" {
+		return op.ID
+	}
+
+	return fmt.Sprintf("%s_%s", strings.ToLower(op.Method), op.PathPattern)
+}
+
+type openTelemetryTransport struct {
+	transport runtime.ClientTransport
+	host      string
+	tracer    trace.Tracer
+	config    *config
+}
+
+func newOpenTelemetryTransport(transport runtime.ClientTransport, host string, opts []OpenTelemetryOpt) *openTelemetryTransport {
+	tr := &openTelemetryTransport{
+		transport: transport,
+		host:      host,
+	}
+
+	defaultOpts := []OpenTelemetryOpt{
+		WithSpanOptions(trace.WithSpanKind(trace.SpanKindClient)),
+		WithSpanNameFormatter(defaultTransportFormatter),
+		WithPropagators(otel.GetTextMapPropagator()),
+		WithTracerProvider(otel.GetTracerProvider()),
+	}
+
+	c := newConfig(append(defaultOpts, opts...)...)
+	tr.config = c
+
+	return tr
+}
+
+func (t *openTelemetryTransport) Submit(op *runtime.ClientOperation) (interface{}, error) {
+	if op.Context == nil {
+		return t.transport.Submit(op)
+	}
+
+	params := op.Params
+	reader := op.Reader
+
+	var span trace.Span
+	defer func() {
+		if span != nil {
+			span.End()
+		}
+	}()
+
+	op.Params = runtime.ClientRequestWriterFunc(func(req runtime.ClientRequest, reg strfmt.Registry) error {
+		span = t.newOpenTelemetrySpan(op, req.GetHeaderParams())
+		return params.WriteToRequest(req, reg)
+	})
+
+	op.Reader = runtime.ClientResponseReaderFunc(func(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error) {
+		if span != nil {
+			statusCode := response.Code()
+			span.SetAttributes(attribute.Int(string(semconv.HTTPStatusCodeKey), statusCode))
+			span.SetStatus(semconv.SpanStatusFromHTTPStatusCodeAndSpanKind(statusCode, trace.SpanKindClient))
+		}
+
+		return reader.ReadResponse(response, consumer)
+	})
+
+	submit, err := t.transport.Submit(op)
+	if err != nil && span != nil {
+		span.RecordError(err)
+		span.SetStatus(codes.Error, err.Error())
+	}
+
+	return submit, err
+}
+
+func (t *openTelemetryTransport) newOpenTelemetrySpan(op *runtime.ClientOperation, header http.Header) trace.Span {
+	ctx := op.Context
+
+	tracer := t.tracer
+	if tracer == nil {
+		if span := trace.SpanFromContext(ctx); span.SpanContext().IsValid() {
+			tracer = newTracer(span.TracerProvider())
+		} else {
+			tracer = newTracer(otel.GetTracerProvider())
+		}
+	}
+
+	ctx, span := tracer.Start(ctx, t.config.SpanNameFormatter(op), t.config.SpanStartOptions...)
+
+	var scheme string
+	if len(op.Schemes) > 0 {
+		scheme = op.Schemes[0]
+	}
+
+	span.SetAttributes(
+		attribute.String("net.peer.name", t.host),
+		attribute.String(string(semconv.HTTPRouteKey), op.PathPattern),
+		attribute.String(string(semconv.HTTPMethodKey), op.Method),
+		attribute.String("span.kind", trace.SpanKindClient.String()),
+		attribute.String("http.scheme", scheme),
+	)
+
+	carrier := propagation.HeaderCarrier(header)
+	t.config.Propagator.Inject(ctx, carrier)
+
+	return span
+}
+
+func newTracer(tp trace.TracerProvider) trace.Tracer {
+	return tp.Tracer(tracerName, trace.WithInstrumentationVersion(version()))
+}
+
+func newConfig(opts ...OpenTelemetryOpt) *config {
+	c := &config{
+		Propagator: otel.GetTextMapPropagator(),
+	}
+
+	for _, opt := range opts {
+		opt.apply(c)
+	}
+
+	// Tracer is only initialized if manually specified. Otherwise, can be passed with the tracing context.
+	if c.TracerProvider != nil {
+		c.Tracer = newTracer(c.TracerProvider)
+	}
+
+	return c
+}
+
+// Version is the current release version of the go-runtime instrumentation.
+func version() string {
+	return instrumentationVersion
+}

vendor/github.com/go-openapi/runtime/client/opentracing.go

@@ -0,0 +1,99 @@
+package client
+
+import (
+	"fmt"
+	"net/http"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/opentracing/opentracing-go"
+	"github.com/opentracing/opentracing-go/ext"
+	"github.com/opentracing/opentracing-go/log"
+
+	"github.com/go-openapi/runtime"
+)
+
+type tracingTransport struct {
+	transport runtime.ClientTransport
+	host      string
+	opts      []opentracing.StartSpanOption
+}
+
+func newOpenTracingTransport(transport runtime.ClientTransport, host string, opts []opentracing.StartSpanOption,
+) runtime.ClientTransport {
+	return &tracingTransport{
+		transport: transport,
+		host:      host,
+		opts:      opts,
+	}
+}
+
+func (t *tracingTransport) Submit(op *runtime.ClientOperation) (interface{}, error) {
+	if op.Context == nil {
+		return t.transport.Submit(op)
+	}
+
+	params := op.Params
+	reader := op.Reader
+
+	var span opentracing.Span
+	defer func() {
+		if span != nil {
+			span.Finish()
+		}
+	}()
+
+	op.Params = runtime.ClientRequestWriterFunc(func(req runtime.ClientRequest, reg strfmt.Registry) error {
+		span = createClientSpan(op, req.GetHeaderParams(), t.host, t.opts)
+		return params.WriteToRequest(req, reg)
+	})
+
+	op.Reader = runtime.ClientResponseReaderFunc(func(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error) {
+		if span != nil {
+			code := response.Code()
+			ext.HTTPStatusCode.Set(span, uint16(code))
+			if code >= 400 {
+				ext.Error.Set(span, true)
+			}
+		}
+		return reader.ReadResponse(response, consumer)
+	})
+
+	submit, err := t.transport.Submit(op)
+	if err != nil && span != nil {
+		ext.Error.Set(span, true)
+		span.LogFields(log.Error(err))
+	}
+	return submit, err
+}
+
+func createClientSpan(op *runtime.ClientOperation, header http.Header, host string,
+	opts []opentracing.StartSpanOption) opentracing.Span {
+	ctx := op.Context
+	span := opentracing.SpanFromContext(ctx)
+
+	if span != nil {
+		opts = append(opts, ext.SpanKindRPCClient)
+		span, _ = opentracing.StartSpanFromContextWithTracer(
+			ctx, span.Tracer(), operationName(op), opts...)
+
+		ext.Component.Set(span, "go-openapi")
+		ext.PeerHostname.Set(span, host)
+		span.SetTag("http.path", op.PathPattern)
+		ext.HTTPMethod.Set(span, op.Method)
+
+		_ = span.Tracer().Inject(
+			span.Context(),
+			opentracing.HTTPHeaders,
+			opentracing.HTTPHeadersCarrier(header))
+
+		return span
+	}
+	return nil
+}
+
+func operationName(op *runtime.ClientOperation) string {
+	if op.ID != "" {
+		return op.ID
+	}
+	return fmt.Sprintf("%s_%s", op.Method, op.PathPattern)
+}

vendor/github.com/go-openapi/runtime/client/request.go

@@ -93,6 +93,15 @@ func (r *request) BuildHTTP(mediaType, basePath string, producers map[string]run
 func escapeQuotes(s string) string {
 	return strings.NewReplacer("\\", "\\\\", `"`, "\\\"").Replace(s)
 }
+
+func logClose(err error, pw *io.PipeWriter) {
+	log.Println(err)
+	closeErr := pw.CloseWithError(err)
+	if closeErr != nil {
+		log.Println(closeErr)
+	}
+}
+
 func (r *request) buildHTTP(mediaType, basePath string, producers map[string]runtime.Producer, registry strfmt.Registry, auth runtime.ClientAuthInfoWriter) (*http.Request, error) {
 	// build the data
 	if err := r.writer.WriteToRequest(r, registry); err != nil {
@@ -137,8 +146,8 @@ func (r *request) buildHTTP(mediaType, basePath string, producers map[string]run
 			for fn, v := range r.formFields {
 				for _, vi := range v {
 					if err := mp.WriteField(fn, vi); err != nil {
-						pw.CloseWithError(err)
-						log.Println(err)
+						logClose(err, pw)
+						return
 					}
 				}
 			}
@@ -152,18 +161,15 @@ func (r *request) buildHTTP(mediaType, basePath string, producers map[string]run
 			}()
 			for fn, f := range r.fileFields {
 				for _, fi := range f {
-					buf := bytes.NewBuffer([]byte{})
-
 					// Need to read the data so that we can detect the content type
-					_, err := io.Copy(buf, fi)
+					buf := make([]byte, 512)
+					size, err := fi.Read(buf)
 					if err != nil {
-						_ = pw.CloseWithError(err)
-						log.Println(err)
+						logClose(err, pw)
+						return
 					}
-					fileBytes := buf.Bytes()
-					fileContentType := http.DetectContentType(fileBytes)
-
-					newFi := runtime.NamedReader(fi.Name(), buf)
+					fileContentType := http.DetectContentType(buf)
+					newFi := runtime.NamedReader(fi.Name(), io.MultiReader(bytes.NewReader(buf[:size]), fi))
 
 					// Create the MIME headers for the new part
 					h := make(textproto.MIMEHeader)
@@ -174,11 +180,11 @@ func (r *request) buildHTTP(mediaType, basePath string, producers map[string]run
 
 					wrtr, err := mp.CreatePart(h)
 					if err != nil {
-						pw.CloseWithError(err)
-						log.Println(err)
-					} else if _, err := io.Copy(wrtr, newFi); err != nil {
-						pw.CloseWithError(err)
-						log.Println(err)
+						logClose(err, pw)
+						return
+					}
+					if _, err := io.Copy(wrtr, newFi); err != nil {
+						logClose(err, pw)
 					}
 				}
 			}
@@ -211,7 +217,7 @@ func (r *request) buildHTTP(mediaType, basePath string, producers map[string]run
 
 DoneChoosingBodySource:
 
-	if runtime.CanHaveBody(r.method) && body == nil && r.header.Get(runtime.HeaderContentType) == "" {
+	if runtime.CanHaveBody(r.method) && body != nil && r.header.Get(runtime.HeaderContentType) == "" {
 		r.header.Set(runtime.HeaderContentType, mediaType)
 	}
 
@@ -273,12 +279,36 @@ DoneChoosingBodySource:
 		}
 	}
 
+	// In case the basePath or the request pathPattern include static query parameters,
+	// parse those out before constructing the final path. The parameters themselves
+	// will be merged with the ones set by the client, with the priority given first to
+	// the ones set by the client, then the path pattern, and lastly the base path.
+	basePathURL, err := url.Parse(basePath)
+	if err != nil {
+		return nil, err
+	}
+	staticQueryParams := basePathURL.Query()
+
+	pathPatternURL, err := url.Parse(r.pathPattern)
+	if err != nil {
+		return nil, err
+	}
+	for name, values := range pathPatternURL.Query() {
+		if _, present := staticQueryParams[name]; present {
+			staticQueryParams.Del(name)
+		}
+		for _, value := range values {
+			staticQueryParams.Add(name, value)
+		}
+	}
+
 	// create http request
 	var reinstateSlash bool
-	if r.pathPattern != "" && r.pathPattern != "/" && r.pathPattern[len(r.pathPattern)-1] == '/' {
+	if pathPatternURL.Path != "" && pathPatternURL.Path != "/" && pathPatternURL.Path[len(pathPatternURL.Path)-1] == '/' {
 		reinstateSlash = true
 	}
-	urlPath := path.Join(basePath, r.pathPattern)
+
+	urlPath := path.Join(basePathURL.Path, pathPatternURL.Path)
 	for k, v := range r.pathParams {
 		urlPath = strings.Replace(urlPath, "{"+k+"}", url.PathEscape(v), -1)
 	}
@@ -291,6 +321,19 @@ DoneChoosingBodySource:
 		return nil, err
 	}
 
+	originalParams := r.GetQueryParams()
+
+	// Merge the query parameters extracted from the basePath with the ones set by
+	// the client in this struct. In case of conflict, the client wins.
+	for k, v := range staticQueryParams {
+		_, present := originalParams[k]
+		if !present {
+			if err = r.SetQueryParam(k, v...); err != nil {
+				return nil, err
+			}
+		}
+	}
+
 	req.URL.RawQuery = r.query.Encode()
 	req.Header = r.header
 

vendor/github.com/go-openapi/runtime/client/response.go

@@ -23,6 +23,8 @@ import (
 
 var _ runtime.ClientResponse = response{}
 
+func newResponse(resp *http.Response) runtime.ClientResponse { return response{resp: resp} }
+
 type response struct {
 	resp *http.Response
 }
@@ -39,6 +41,10 @@ func (r response) GetHeader(name string) string {
 	return r.resp.Header.Get(name)
 }
 
+func (r response) GetHeaders(name string) []string {
+	return r.resp.Header.Values(name)
+}
+
 func (r response) Body() io.ReadCloser {
 	return r.resp.Body
 }

vendor/github.com/go-openapi/runtime/client/runtime.go

@@ -23,19 +23,21 @@ import (
 	"crypto/x509"
 	"encoding/pem"
 	"fmt"
-	"io/ioutil"
 	"mime"
 	"net/http"
 	"net/http/httputil"
+	"os"
 	"strings"
 	"sync"
 	"time"
 
-	"github.com/go-openapi/strfmt"
+	"github.com/opentracing/opentracing-go"
 
 	"github.com/go-openapi/runtime"
 	"github.com/go-openapi/runtime/logger"
 	"github.com/go-openapi/runtime/middleware"
+	"github.com/go-openapi/runtime/yamlpc"
+	"github.com/go-openapi/strfmt"
 )
 
 // TLSClientOptions to configure client authentication with mutual TLS
@@ -80,7 +82,7 @@ type TLSClientOptions struct {
 	ServerName string
 
 	// InsecureSkipVerify controls whether the certificate chain and hostname presented
-	// by the server are validated. If false, any certificate is accepted.
+	// by the server are validated. If true, any certificate is accepted.
 	InsecureSkipVerify bool
 
 	// VerifyPeerCertificate, if not nil, is called after normal
@@ -162,7 +164,7 @@ func TLSClientAuth(opts TLSClientOptions) (*tls.Config, error) {
 		cfg.RootCAs = caCertPool
 	} else if opts.CA != "" {
 		// load ca cert
-		caCert, err := ioutil.ReadFile(opts.CA)
+		caCert, err := os.ReadFile(opts.CA)
 		if err != nil {
 			return nil, fmt.Errorf("tls client ca: %v", err)
 		}
@@ -179,8 +181,6 @@ func TLSClientAuth(opts TLSClientOptions) (*tls.Config, error) {
 		cfg.ServerName = opts.ServerName
 	}
 
-	cfg.BuildNameToCertificate()
-
 	return cfg, nil
 }
 
@@ -223,7 +223,7 @@ type Runtime struct {
 
 	Transport http.RoundTripper
 	Jar       http.CookieJar
-	//Spec      *spec.Document
+	// Spec      *spec.Document
 	Host     string
 	BasePath string
 	Formats  strfmt.Registry
@@ -235,6 +235,7 @@ type Runtime struct {
 	clientOnce *sync.Once
 	client     *http.Client
 	schemes    []string
+	response   ClientResponseFunc
 }
 
 // New creates a new default runtime for a swagger api runtime.Client
@@ -244,6 +245,7 @@ func New(host, basePath string, schemes []string) *Runtime {
 
 	// TODO: actually infer this stuff from the spec
 	rt.Consumers = map[string]runtime.Consumer{
+		runtime.YAMLMime:    yamlpc.YAMLConsumer(),
 		runtime.JSONMime:    runtime.JSONConsumer(),
 		runtime.XMLMime:     runtime.XMLConsumer(),
 		runtime.TextMime:    runtime.TextConsumer(),
@@ -252,6 +254,7 @@ func New(host, basePath string, schemes []string) *Runtime {
 		runtime.DefaultMime: runtime.ByteStreamConsumer(),
 	}
 	rt.Producers = map[string]runtime.Producer{
+		runtime.YAMLMime:    yamlpc.YAMLProducer(),
 		runtime.JSONMime:    runtime.JSONProducer(),
 		runtime.XMLMime:     runtime.XMLProducer(),
 		runtime.TextMime:    runtime.TextProducer(),
@@ -271,6 +274,7 @@ func New(host, basePath string, schemes []string) *Runtime {
 
 	rt.Debug = logger.DebugEnabled()
 	rt.logger = logger.StandardLogger{}
+	rt.response = newResponse
 
 	if len(schemes) > 0 {
 		rt.schemes = schemes
@@ -289,6 +293,22 @@ func NewWithClient(host, basePath string, schemes []string, client *http.Client)
 	return rt
 }
 
+// WithOpenTracing adds opentracing support to the provided runtime.
+// A new client span is created for each request.
+// If the context of the client operation does not contain an active span, no span is created.
+// The provided opts are applied to each spans - for example to add global tags.
+func (r *Runtime) WithOpenTracing(opts ...opentracing.StartSpanOption) runtime.ClientTransport {
+	return newOpenTracingTransport(r, r.Host, opts)
+}
+
+// WithOpenTelemetry adds opentelemetry support to the provided runtime.
+// A new client span is created for each request.
+// If the context of the client operation does not contain an active span, no span is created.
+// The provided opts are applied to each spans - for example to add global tags.
+func (r *Runtime) WithOpenTelemetry(opts ...OpenTelemetryOpt) runtime.ClientTransport {
+	return newOpenTelemetryTransport(r, r.Host, opts)
+}
+
 func (r *Runtime) pickScheme(schemes []string) string {
 	if v := r.selectScheme(r.schemes); v != "" {
 		return v
@@ -317,6 +337,7 @@ func (r *Runtime) selectScheme(schemes []string) string {
 	}
 	return scheme
 }
+
 func transportOrDefault(left, right http.RoundTripper) http.RoundTripper {
 	if left == nil {
 		return right
@@ -346,26 +367,30 @@ func (r *Runtime) EnableConnectionReuse() {
 	)
 }
 
-// Submit a request and when there is a body on success it will turn that into the result
-// all other things are turned into an api error for swagger which retains the status code
-func (r *Runtime) Submit(operation *runtime.ClientOperation) (interface{}, error) {
-	params, readResponse, auth := operation.Params, operation.Reader, operation.AuthInfo
+// takes a client operation and creates equivalent http.Request
+func (r *Runtime) createHttpRequest(operation *runtime.ClientOperation) (*request, *http.Request, error) {
+	params, _, auth := operation.Params, operation.Reader, operation.AuthInfo
 
 	request, err := newRequest(operation.Method, operation.PathPattern, params)
 	if err != nil {
-		return nil, err
+		return nil, nil, err
 	}
 
 	var accept []string
 	accept = append(accept, operation.ProducesMediaTypes...)
 	if err = request.SetHeaderParam(runtime.HeaderAccept, accept...); err != nil {
-		return nil, err
+		return nil, nil, err
 	}
 
 	if auth == nil && r.DefaultAuthentication != nil {
-		auth = r.DefaultAuthentication
+		auth = runtime.ClientAuthInfoWriterFunc(func(req runtime.ClientRequest, reg strfmt.Registry) error {
+			if req.GetHeaderParams().Get(runtime.HeaderAuthorization) != "" {
+				return nil
+			}
+			return r.DefaultAuthentication.AuthenticateRequest(req, reg)
+		})
 	}
-	//if auth != nil {
+	// if auth != nil {
 	//	if err := auth.AuthenticateRequest(request, r.Formats); err != nil {
 	//		return nil, err
 	//	}
@@ -382,16 +407,33 @@ func (r *Runtime) Submit(operation *runtime.ClientOperation) (interface{}, error
 	}
 
 	if _, ok := r.Producers[cmt]; !ok && cmt != runtime.MultipartFormMime && cmt != runtime.URLencodedFormMime {
-		return nil, fmt.Errorf("none of producers: %v registered. try %s", r.Producers, cmt)
+		return nil, nil, fmt.Errorf("none of producers: %v registered. try %s", r.Producers, cmt)
 	}
 
 	req, err := request.buildHTTP(cmt, r.BasePath, r.Producers, r.Formats, auth)
 	if err != nil {
-		return nil, err
+		return nil, nil, err
 	}
 	req.URL.Scheme = r.pickScheme(operation.Schemes)
 	req.URL.Host = r.Host
 	req.Host = r.Host
+	return request, req, nil
+}
+
+func (r *Runtime) CreateHttpRequest(operation *runtime.ClientOperation) (req *http.Request, err error) {
+	_, req, err = r.createHttpRequest(operation)
+	return
+}
+
+// Submit a request and when there is a body on success it will turn that into the result
+// all other things are turned into an api error for swagger which retains the status code
+func (r *Runtime) Submit(operation *runtime.ClientOperation) (interface{}, error) {
+	_, readResponse, _ := operation.Params, operation.Reader, operation.AuthInfo
+
+	request, req, err := r.createHttpRequest(operation)
+	if err != nil {
+		return nil, err
+	}
 
 	r.clientOnce.Do(func() {
 		r.client = &http.Client{
@@ -438,19 +480,23 @@ func (r *Runtime) Submit(operation *runtime.ClientOperation) (interface{}, error
 	}
 	defer res.Body.Close()
 
+	ct := res.Header.Get(runtime.HeaderContentType)
+	if ct == "" { // this should really really never occur
+		ct = r.DefaultMediaType
+	}
+
 	if r.Debug {
-		b, err2 := httputil.DumpResponse(res, true)
+		printBody := true
+		if ct == runtime.DefaultMime {
+			printBody = false // Spare the terminal from a binary blob.
+		}
+		b, err2 := httputil.DumpResponse(res, printBody)
 		if err2 != nil {
 			return nil, err2
 		}
 		r.logger.Debugf("%s\n", string(b))
 	}
 
-	ct := res.Header.Get(runtime.HeaderContentType)
-	if ct == "" { // this should really really never occur
-		ct = r.DefaultMediaType
-	}
-
 	mt, _, err := mime.ParseMediaType(ct)
 	if err != nil {
 		return nil, fmt.Errorf("parse content type: %s", err)
@@ -463,7 +509,7 @@ func (r *Runtime) Submit(operation *runtime.ClientOperation) (interface{}, error
 			return nil, fmt.Errorf("no consumer: %q", ct)
 		}
 	}
-	return readResponse.ReadResponse(response{res}, cons)
+	return readResponse.ReadResponse(r.response(res), cons)
 }
 
 // SetDebug changes the debug flag.
@@ -479,3 +525,13 @@ func (r *Runtime) SetLogger(logger logger.Logger) {
 	r.logger = logger
 	middleware.Logger = logger
 }
+
+type ClientResponseFunc = func(*http.Response) runtime.ClientResponse
+
+// SetResponseReader changes the response reader implementation.
+func (r *Runtime) SetResponseReader(f ClientResponseFunc) {
+	if f == nil {
+		return
+	}
+	r.response = f
+}

vendor/github.com/go-openapi/runtime/client_request.go

@@ -16,7 +16,6 @@ package runtime
 
 import (
 	"io"
-	"io/ioutil"
 	"net/http"
 	"net/url"
 	"time"
@@ -79,7 +78,7 @@ type NamedReadCloser interface {
 func NamedReader(name string, rdr io.Reader) NamedReadCloser {
 	rc, ok := rdr.(io.ReadCloser)
 	if !ok {
-		rc = ioutil.NopCloser(rdr)
+		rc = io.NopCloser(rdr)
 	}
 	return &namedReadCloser{
 		name: name,
@@ -101,3 +100,53 @@ func (n *namedReadCloser) Read(p []byte) (int, error) {
 func (n *namedReadCloser) Name() string {
 	return n.name
 }
+
+type TestClientRequest struct {
+	Headers http.Header
+	Body    interface{}
+}
+
+func (t *TestClientRequest) SetHeaderParam(name string, values ...string) error {
+	if t.Headers == nil {
+		t.Headers = make(http.Header)
+	}
+	t.Headers.Set(name, values[0])
+	return nil
+}
+
+func (t *TestClientRequest) SetQueryParam(_ string, _ ...string) error { return nil }
+
+func (t *TestClientRequest) SetFormParam(_ string, _ ...string) error { return nil }
+
+func (t *TestClientRequest) SetPathParam(_ string, _ string) error { return nil }
+
+func (t *TestClientRequest) SetFileParam(_ string, _ ...NamedReadCloser) error { return nil }
+
+func (t *TestClientRequest) SetBodyParam(body interface{}) error {
+	t.Body = body
+	return nil
+}
+
+func (t *TestClientRequest) SetTimeout(time.Duration) error {
+	return nil
+}
+
+func (t *TestClientRequest) GetQueryParams() url.Values { return nil }
+
+func (t *TestClientRequest) GetMethod() string { return "" }
+
+func (t *TestClientRequest) GetPath() string { return "" }
+
+func (t *TestClientRequest) GetBody() []byte { return nil }
+
+func (t *TestClientRequest) GetBodyParam() interface{} {
+	return t.Body
+}
+
+func (t *TestClientRequest) GetFileParam() map[string][]NamedReadCloser {
+	return nil
+}
+
+func (t *TestClientRequest) GetHeaderParams() http.Header {
+	return t.Headers
+}

vendor/github.com/go-openapi/runtime/client_response.go

@@ -15,6 +15,7 @@
 package runtime
 
 import (
+	"encoding/json"
 	"fmt"
 	"io"
 )
@@ -25,6 +26,7 @@ type ClientResponse interface {
 	Code() int
 	Message() string
 	GetHeader(string) string
+	GetHeaders(string) []string
 	Body() io.ReadCloser
 }
 
@@ -58,6 +60,51 @@ type APIError struct {
 	Code          int
 }
 
-func (a *APIError) Error() string {
-	return fmt.Sprintf("%s (status %d): %+v ", a.OperationName, a.Code, a.Response)
+func (o *APIError) Error() string {
+	var resp []byte
+	if err, ok := o.Response.(error); ok {
+		resp = []byte("'" + err.Error() + "'")
+	} else {
+		resp, _ = json.Marshal(o.Response)
+	}
+	return fmt.Sprintf("%s (status %d): %s", o.OperationName, o.Code, resp)
+}
+
+func (o *APIError) String() string {
+	return o.Error()
+}
+
+// IsSuccess returns true when this elapse o k response returns a 2xx status code
+func (o *APIError) IsSuccess() bool {
+	return o.Code/100 == 2
+}
+
+// IsRedirect returns true when this elapse o k response returns a 3xx status code
+func (o *APIError) IsRedirect() bool {
+	return o.Code/100 == 3
+}
+
+// IsClientError returns true when this elapse o k response returns a 4xx status code
+func (o *APIError) IsClientError() bool {
+	return o.Code/100 == 4
+}
+
+// IsServerError returns true when this elapse o k response returns a 5xx status code
+func (o *APIError) IsServerError() bool {
+	return o.Code/100 == 5
+}
+
+// IsCode returns true when this elapse o k response returns a 4xx status code
+func (o *APIError) IsCode(code int) bool {
+	return o.Code == code
+}
+
+// A ClientResponseStatus is a common interface implemented by all responses on the generated code
+// You can use this to treat any client response based on status code
+type ClientResponseStatus interface {
+	IsSuccess() bool
+	IsRedirect() bool
+	IsClientError() bool
+	IsServerError() bool
+	IsCode(int) bool
 }

vendor/github.com/go-openapi/runtime/constants.go

@@ -23,6 +23,8 @@ const (
 
 	// HeaderAccept the Accept header
 	HeaderAccept = "Accept"
+	// HeaderAuthorization the Authorization header
+	HeaderAuthorization = "Authorization"
 
 	charsetKey = "charset"
 

vendor/github.com/go-openapi/runtime/file.go

@@ -14,20 +14,6 @@
 
 package runtime
 
-import "mime/multipart"
+import "github.com/go-openapi/swag"
 
-// File represents an uploaded file.
-type File struct {
-	Data   multipart.File
-	Header *multipart.FileHeader
-}
-
-// Read bytes from the file
-func (f *File) Read(p []byte) (n int, err error) {
-	return f.Data.Read(p)
-}
-
-// Close the file
-func (f *File) Close() error {
-	return f.Data.Close()
-}
+type File = swag.File

vendor/github.com/go-openapi/runtime/interfaces.go

@@ -15,6 +15,7 @@
 package runtime
 
 import (
+	"context"
 	"io"
 	"net/http"
 
@@ -101,3 +102,11 @@ type Authorizer interface {
 type Validatable interface {
 	Validate(strfmt.Registry) error
 }
+
+// ContextValidatable types implementing this interface allow customizing their validation
+// this will be used instead of the reflective validation based on the spec document.
+// the implementations are assumed to have been generated by the swagger tool so they should
+// contain all the context validations obtained from the spec
+type ContextValidatable interface {
+	ContextValidate(context.Context, strfmt.Registry) error
+}

vendor/github.com/go-openapi/runtime/middleware/context.go

@@ -195,6 +195,17 @@ func NewRoutableContext(spec *loads.Document, routableAPI RoutableAPI, routes Ro
 	if spec != nil {
 		an = analysis.New(spec.Spec())
 	}
+
+	return NewRoutableContextWithAnalyzedSpec(spec, an, routableAPI, routes)
+}
+
+// NewRoutableContextWithAnalyzedSpec is like NewRoutableContext but takes in input the analysed spec too
+func NewRoutableContextWithAnalyzedSpec(spec *loads.Document, an *analysis.Spec, routableAPI RoutableAPI, routes Router) *Context {
+	// Either there are no spec doc and analysis, or both of them.
+	if !((spec == nil && an == nil) || (spec != nil && an != nil)) {
+		panic(errors.New(http.StatusInternalServerError, "routable context requires either both spec doc and analysis, or none of them"))
+	}
+
 	ctx := &Context{spec: spec, api: routableAPI, analyzer: an, router: routes}
 	return ctx
 }
@@ -435,6 +446,10 @@ func (c *Context) Authorize(request *http.Request, route *MatchedRoute) (interfa
 	}
 	if route.Authorizer != nil {
 		if err := route.Authorizer.Authorize(request, usr); err != nil {
+			if _, ok := err.(errors.Error); ok {
+				return nil, nil, err
+			}
+
 			return nil, nil, errors.New(http.StatusForbidden, err.Error())
 		}
 	}
@@ -494,7 +509,9 @@ func (c *Context) Respond(rw http.ResponseWriter, r *http.Request, produces []st
 
 	if resp, ok := data.(Responder); ok {
 		producers := route.Producers
-		prod, ok := producers[format]
+		// producers contains keys with normalized format, if a format has MIME type parameter such as `text/plain; charset=utf-8`
+		// then you must provide `text/plain` to get the correct producer. HOWEVER, format here is not normalized.
+		prod, ok := producers[normalizeOffer(format)]
 		if !ok {
 			prods := c.api.ProducersFor(normalizeOffers([]string{c.api.DefaultProduces()}))
 			pr, ok := prods[c.api.DefaultProduces()]
@@ -567,6 +584,26 @@ func (c *Context) Respond(rw http.ResponseWriter, r *http.Request, produces []st
 	c.api.ServeErrorFor(route.Operation.ID)(rw, r, errors.New(http.StatusInternalServerError, "can't produce response"))
 }
 
+func (c *Context) APIHandlerSwaggerUI(builder Builder) http.Handler {
+	b := builder
+	if b == nil {
+		b = PassthroughBuilder
+	}
+
+	var title string
+	sp := c.spec.Spec()
+	if sp != nil && sp.Info != nil && sp.Info.Title != "" {
+		title = sp.Info.Title
+	}
+
+	swaggerUIOpts := SwaggerUIOpts{
+		BasePath: c.BasePath(),
+		Title:    title,
+	}
+
+	return Spec("", c.spec.Raw(), SwaggerUI(swaggerUIOpts, c.RoutesHandler(b)))
+}
+
 // APIHandler returns a handler to serve the API, this includes a swagger spec, router and the contract defined in the swagger spec
 func (c *Context) APIHandler(builder Builder) http.Handler {
 	b := builder

vendor/github.com/go-openapi/runtime/middleware/denco/router.go

@@ -20,6 +20,9 @@ const (
 	// SeparatorCharacter separates path segments.
 	SeparatorCharacter = '/'
 
+	// PathParamCharacter indicates a RESTCONF path param
+	PathParamCharacter = '='
+
 	// MaxSize is max size of records and internal slice.
 	MaxSize = (1 << 22) - 1
 )
@@ -426,8 +429,9 @@ func makeRecords(srcs []Record) (statics, params []*record) {
 	termChar := string(TerminationCharacter)
 	paramPrefix := string(SeparatorCharacter) + string(ParamCharacter)
 	wildcardPrefix := string(SeparatorCharacter) + string(WildcardCharacter)
+	restconfPrefix := string(PathParamCharacter) + string(ParamCharacter)
 	for _, r := range srcs {
-		if strings.Contains(r.Key, paramPrefix) || strings.Contains(r.Key, wildcardPrefix) {
+		if strings.Contains(r.Key, paramPrefix) || strings.Contains(r.Key, wildcardPrefix) ||strings.Contains(r.Key, restconfPrefix){
 			r.Key += termChar
 			params = append(params, &record{Record: r})
 		} else {

vendor/github.com/go-openapi/runtime/middleware/header/header.go

@@ -265,13 +265,16 @@ func expectQuality(s string) (q float64, rest string) {
 	case len(s) == 0:
 		return -1, ""
 	case s[0] == '0':
-		q = 0
+		// q is already 0
+		s = s[1:]
 	case s[0] == '1':
+		s = s[1:]
 		q = 1
+	case s[0] == '.':
+		// q is already 0
 	default:
 		return -1, ""
 	}
-	s = s[1:]
 	if !strings.HasPrefix(s, ".") {
 		return q, s
 	}

vendor/github.com/go-openapi/runtime/middleware/parameter.go

@@ -206,7 +206,11 @@ func (p *untypedParamBinder) Bind(request *http.Request, routeParams RouteParams
 		if p.parameter.Type == "file" {
 			file, header, ffErr := request.FormFile(p.parameter.Name)
 			if ffErr != nil {
-				return errors.NewParseError(p.Name, p.parameter.In, "", ffErr)
+				if p.parameter.Required {
+					return errors.NewParseError(p.Name, p.parameter.In, "", ffErr)
+				} else {
+					return nil
+				}
 			}
 			target.Set(reflect.ValueOf(runtime.File{Data: file, Header: header}))
 			return nil
@@ -276,7 +280,7 @@ func (p *untypedParamBinder) setFieldValue(target reflect.Value, defaultValue in
 	}
 
 	if (!hasKey || (!p.parameter.AllowEmptyValue && data == "")) && p.parameter.Required && p.parameter.Default == nil {
-		return errors.Required(p.Name, p.parameter.In)
+		return errors.Required(p.Name, p.parameter.In, data)
 	}
 
 	ok, err := p.tryUnmarshaler(target, defaultValue, data)
@@ -451,7 +455,7 @@ func (p *untypedParamBinder) readFormattedSliceFieldValue(data string, target re
 func (p *untypedParamBinder) setSliceFieldValue(target reflect.Value, defaultValue interface{}, data []string, hasKey bool) error {
 	sz := len(data)
 	if (!hasKey || (!p.parameter.AllowEmptyValue && (sz == 0 || (sz == 1 && data[0] == "")))) && p.parameter.Required && defaultValue == nil {
-		return errors.Required(p.Name, p.parameter.In)
+		return errors.Required(p.Name, p.parameter.In, data)
 	}
 
 	defVal := reflect.Zero(target.Type())

vendor/github.com/go-openapi/runtime/middleware/rapidoc.go

@@ -0,0 +1,90 @@
+package middleware
+
+import (
+	"bytes"
+	"fmt"
+	"html/template"
+	"net/http"
+	"path"
+)
+
+// RapiDocOpts configures the RapiDoc middlewares
+type RapiDocOpts struct {
+	// BasePath for the UI path, defaults to: /
+	BasePath string
+	// Path combines with BasePath for the full UI path, defaults to: docs
+	Path string
+	// SpecURL the url to find the spec for
+	SpecURL string
+	// RapiDocURL for the js that generates the rapidoc site, defaults to: https://cdn.jsdelivr.net/npm/rapidoc/bundles/rapidoc.standalone.js
+	RapiDocURL string
+	// Title for the documentation site, default to: API documentation
+	Title string
+}
+
+// EnsureDefaults in case some options are missing
+func (r *RapiDocOpts) EnsureDefaults() {
+	if r.BasePath == "" {
+		r.BasePath = "/"
+	}
+	if r.Path == "" {
+		r.Path = "docs"
+	}
+	if r.SpecURL == "" {
+		r.SpecURL = "/swagger.json"
+	}
+	if r.RapiDocURL == "" {
+		r.RapiDocURL = rapidocLatest
+	}
+	if r.Title == "" {
+		r.Title = "API documentation"
+	}
+}
+
+// RapiDoc creates a middleware to serve a documentation site for a swagger spec.
+// This allows for altering the spec before starting the http listener.
+//
+func RapiDoc(opts RapiDocOpts, next http.Handler) http.Handler {
+	opts.EnsureDefaults()
+
+	pth := path.Join(opts.BasePath, opts.Path)
+	tmpl := template.Must(template.New("rapidoc").Parse(rapidocTemplate))
+
+	buf := bytes.NewBuffer(nil)
+	_ = tmpl.Execute(buf, opts)
+	b := buf.Bytes()
+
+	return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
+		if r.URL.Path == pth {
+			rw.Header().Set("Content-Type", "text/html; charset=utf-8")
+			rw.WriteHeader(http.StatusOK)
+
+			_, _ = rw.Write(b)
+			return
+		}
+
+		if next == nil {
+			rw.Header().Set("Content-Type", "text/plain")
+			rw.WriteHeader(http.StatusNotFound)
+			_, _ = rw.Write([]byte(fmt.Sprintf("%q not found", pth)))
+			return
+		}
+		next.ServeHTTP(rw, r)
+	})
+}
+
+const (
+	rapidocLatest   = "https://unpkg.com/rapidoc/dist/rapidoc-min.js"
+	rapidocTemplate = `<!doctype html>
+<html>
+<head>
+  <title>{{ .Title }}</title>
+  <meta charset="utf-8"> <!-- Important: rapi-doc uses utf8 charecters -->
+  <script type="module" src="{{ .RapiDocURL }}"></script>
+</head>
+<body>
+  <rapi-doc spec-url="{{ .SpecURL }}"></rapi-doc>
+</body>
+</html>
+`
+)

vendor/github.com/go-openapi/runtime/middleware/router.go

@@ -22,6 +22,7 @@ import (
 	"strings"
 
 	"github.com/go-openapi/runtime/security"
+	"github.com/go-openapi/swag"
 
 	"github.com/go-openapi/analysis"
 	"github.com/go-openapi/errors"
@@ -418,6 +419,15 @@ func (d *defaultRouteBuilder) AddRoute(method, path string, operation *spec.Oper
 		produces := d.analyzer.ProducesFor(operation)
 		parameters := d.analyzer.ParamsFor(method, strings.TrimPrefix(path, bp))
 
+		// add API defaults if not part of the spec
+		if defConsumes := d.api.DefaultConsumes(); defConsumes != "" && !swag.ContainsStringsCI(consumes, defConsumes) {
+			consumes = append(consumes, defConsumes)
+		}
+
+		if defProduces := d.api.DefaultProduces(); defProduces != "" && !swag.ContainsStringsCI(produces, defProduces) {
+			produces = append(produces, defProduces)
+		}
+
 		record := denco.NewRecord(pathConverter.ReplaceAllString(path, ":$1"), &routeEntry{
 			BasePath:       bp,
 			PathPattern:    path,

vendor/github.com/go-openapi/runtime/middleware/swaggerui.go

@@ -0,0 +1,168 @@
+package middleware
+
+import (
+	"bytes"
+	"fmt"
+	"html/template"
+	"net/http"
+	"path"
+)
+
+// SwaggerUIOpts configures the Swaggerui middlewares
+type SwaggerUIOpts struct {
+	// BasePath for the UI path, defaults to: /
+	BasePath string
+	// Path combines with BasePath for the full UI path, defaults to: docs
+	Path string
+	// SpecURL the url to find the spec for
+	SpecURL string
+	// OAuthCallbackURL the url called after OAuth2 login
+	OAuthCallbackURL string
+
+	// The three components needed to embed swagger-ui
+	SwaggerURL       string
+	SwaggerPresetURL string
+	SwaggerStylesURL string
+
+	Favicon32 string
+	Favicon16 string
+
+	// Title for the documentation site, default to: API documentation
+	Title string
+}
+
+// EnsureDefaults in case some options are missing
+func (r *SwaggerUIOpts) EnsureDefaults() {
+	if r.BasePath == "" {
+		r.BasePath = "/"
+	}
+	if r.Path == "" {
+		r.Path = "docs"
+	}
+	if r.SpecURL == "" {
+		r.SpecURL = "/swagger.json"
+	}
+	if r.OAuthCallbackURL == "" {
+		r.OAuthCallbackURL = path.Join(r.BasePath, r.Path, "oauth2-callback")
+	}
+	if r.SwaggerURL == "" {
+		r.SwaggerURL = swaggerLatest
+	}
+	if r.SwaggerPresetURL == "" {
+		r.SwaggerPresetURL = swaggerPresetLatest
+	}
+	if r.SwaggerStylesURL == "" {
+		r.SwaggerStylesURL = swaggerStylesLatest
+	}
+	if r.Favicon16 == "" {
+		r.Favicon16 = swaggerFavicon16Latest
+	}
+	if r.Favicon32 == "" {
+		r.Favicon32 = swaggerFavicon32Latest
+	}
+	if r.Title == "" {
+		r.Title = "API documentation"
+	}
+}
+
+// SwaggerUI creates a middleware to serve a documentation site for a swagger spec.
+// This allows for altering the spec before starting the http listener.
+func SwaggerUI(opts SwaggerUIOpts, next http.Handler) http.Handler {
+	opts.EnsureDefaults()
+
+	pth := path.Join(opts.BasePath, opts.Path)
+	tmpl := template.Must(template.New("swaggerui").Parse(swaggeruiTemplate))
+
+	buf := bytes.NewBuffer(nil)
+	_ = tmpl.Execute(buf, &opts)
+	b := buf.Bytes()
+
+	return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
+		if path.Join(r.URL.Path) == pth {
+			rw.Header().Set("Content-Type", "text/html; charset=utf-8")
+			rw.WriteHeader(http.StatusOK)
+
+			_, _ = rw.Write(b)
+			return
+		}
+
+		if next == nil {
+			rw.Header().Set("Content-Type", "text/plain")
+			rw.WriteHeader(http.StatusNotFound)
+			_, _ = rw.Write([]byte(fmt.Sprintf("%q not found", pth)))
+			return
+		}
+		next.ServeHTTP(rw, r)
+	})
+}
+
+const (
+	swaggerLatest          = "https://unpkg.com/swagger-ui-dist/swagger-ui-bundle.js"
+	swaggerPresetLatest    = "https://unpkg.com/swagger-ui-dist/swagger-ui-standalone-preset.js"
+	swaggerStylesLatest    = "https://unpkg.com/swagger-ui-dist/swagger-ui.css"
+	swaggerFavicon32Latest = "https://unpkg.com/swagger-ui-dist/favicon-32x32.png"
+	swaggerFavicon16Latest = "https://unpkg.com/swagger-ui-dist/favicon-16x16.png"
+	swaggeruiTemplate      = `
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8">
+		<title>{{ .Title }}</title>
+
+    <link rel="stylesheet" type="text/css" href="{{ .SwaggerStylesURL }}" >
+    <link rel="icon" type="image/png" href="{{ .Favicon32 }}" sizes="32x32" />
+    <link rel="icon" type="image/png" href="{{ .Favicon16 }}" sizes="16x16" />
+    <style>
+      html
+      {
+        box-sizing: border-box;
+        overflow: -moz-scrollbars-vertical;
+        overflow-y: scroll;
+      }
+
+      *,
+      *:before,
+      *:after
+      {
+        box-sizing: inherit;
+      }
+
+      body
+      {
+        margin:0;
+        background: #fafafa;
+      }
+    </style>
+  </head>
+
+  <body>
+    <div id="swagger-ui"></div>
+
+    <script src="{{ .SwaggerURL }}"> </script>
+    <script src="{{ .SwaggerPresetURL }}"> </script>
+    <script>
+    window.onload = function() {
+      // Begin Swagger UI call region
+      const ui = SwaggerUIBundle({
+        url: '{{ .SpecURL }}',
+        dom_id: '#swagger-ui',
+        deepLinking: true,
+        presets: [
+          SwaggerUIBundle.presets.apis,
+          SwaggerUIStandalonePreset
+        ],
+        plugins: [
+          SwaggerUIBundle.plugins.DownloadUrl
+        ],
+        layout: "StandaloneLayout",
+		oauth2RedirectUrl: '{{ .OAuthCallbackURL }}'
+      })
+      // End Swagger UI call region
+
+      window.ui = ui
+    }
+  </script>
+  </body>
+</html>
+`
+)

vendor/github.com/go-openapi/runtime/middleware/swaggerui_oauth2.go

@@ -0,0 +1,122 @@
+package middleware
+
+import (
+	"bytes"
+	"fmt"
+	"net/http"
+	"path"
+	"text/template"
+)
+
+func SwaggerUIOAuth2Callback(opts SwaggerUIOpts, next http.Handler) http.Handler {
+	opts.EnsureDefaults()
+
+	pth := opts.OAuthCallbackURL
+	tmpl := template.Must(template.New("swaggeroauth").Parse(swaggerOAuthTemplate))
+
+	buf := bytes.NewBuffer(nil)
+	_ = tmpl.Execute(buf, &opts)
+	b := buf.Bytes()
+
+	return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
+		if path.Join(r.URL.Path) == pth {
+			rw.Header().Set("Content-Type", "text/html; charset=utf-8")
+			rw.WriteHeader(http.StatusOK)
+
+			_, _ = rw.Write(b)
+			return
+		}
+
+		if next == nil {
+			rw.Header().Set("Content-Type", "text/plain")
+			rw.WriteHeader(http.StatusNotFound)
+			_, _ = rw.Write([]byte(fmt.Sprintf("%q not found", pth)))
+			return
+		}
+		next.ServeHTTP(rw, r)
+	})
+}
+
+const (
+	swaggerOAuthTemplate = `
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <title>{{ .Title }}</title>
+</head>
+<body>
+<script>
+    'use strict';
+    function run () {
+        var oauth2 = window.opener.swaggerUIRedirectOauth2;
+        var sentState = oauth2.state;
+        var redirectUrl = oauth2.redirectUrl;
+        var isValid, qp, arr;
+
+        if (/code|token|error/.test(window.location.hash)) {
+            qp = window.location.hash.substring(1).replace('?', '&');
+        } else {
+            qp = location.search.substring(1);
+        }
+
+        arr = qp.split("&");
+        arr.forEach(function (v,i,_arr) { _arr[i] = '"' + v.replace('=', '":"') + '"';});
+        qp = qp ? JSON.parse('{' + arr.join() + '}',
+                function (key, value) {
+                    return key === "" ? value : decodeURIComponent(value);
+                }
+        ) : {};
+
+        isValid = qp.state === sentState;
+
+        if ((
+          oauth2.auth.schema.get("flow") === "accessCode" ||
+          oauth2.auth.schema.get("flow") === "authorizationCode" ||
+          oauth2.auth.schema.get("flow") === "authorization_code"
+        ) && !oauth2.auth.code) {
+            if (!isValid) {
+                oauth2.errCb({
+                    authId: oauth2.auth.name,
+                    source: "auth",
+                    level: "warning",
+                    message: "Authorization may be unsafe, passed state was changed in server. The passed state wasn't returned from auth server."
+                });
+            }
+
+            if (qp.code) {
+                delete oauth2.state;
+                oauth2.auth.code = qp.code;
+                oauth2.callback({auth: oauth2.auth, redirectUrl: redirectUrl});
+            } else {
+                let oauthErrorMsg;
+                if (qp.error) {
+                    oauthErrorMsg = "["+qp.error+"]: " +
+                        (qp.error_description ? qp.error_description+ ". " : "no accessCode received from the server. ") +
+                        (qp.error_uri ? "More info: "+qp.error_uri : "");
+                }
+
+                oauth2.errCb({
+                    authId: oauth2.auth.name,
+                    source: "auth",
+                    level: "error",
+                    message: oauthErrorMsg || "[Authorization failed]: no accessCode received from the server."
+                });
+            }
+        } else {
+            oauth2.callback({auth: oauth2.auth, token: qp, isValid: isValid, redirectUrl: redirectUrl});
+        }
+        window.close();
+    }
+
+    if (document.readyState !== 'loading') {
+        run();
+    } else {
+        document.addEventListener('DOMContentLoaded', function () {
+            run();
+        });
+    }
+</script>
+</body>
+</html>
+`
+)

vendor/github.com/go-openapi/runtime/request.go

@@ -48,7 +48,7 @@ func HasBody(r *http.Request) bool {
 		return true
 	}
 
-	if r.Header.Get(http.CanonicalHeaderKey("content-length")) != "" {
+	if r.Header.Get("content-length") != "" {
 		// in this case, no Transfer-Encoding should be present
 		// we have a header set but it was explicitly set to 0, so we assume no body
 		return false

vendor/github.com/go-openapi/runtime/security/authenticator.go

@@ -220,7 +220,7 @@ func BearerAuth(name string, authenticate ScopedTokenAuthentication) runtime.Aut
 	const prefix = "Bearer "
 	return ScopedAuthenticator(func(r *ScopedAuthRequest) (bool, interface{}, error) {
 		var token string
-		hdr := r.Request.Header.Get("Authorization")
+		hdr := r.Request.Header.Get(runtime.HeaderAuthorization)
 		if strings.HasPrefix(hdr, prefix) {
 			token = strings.TrimPrefix(hdr, prefix)
 		}
@@ -250,7 +250,7 @@ func BearerAuthCtx(name string, authenticate ScopedTokenAuthenticationCtx) runti
 	const prefix = "Bearer "
 	return ScopedAuthenticator(func(r *ScopedAuthRequest) (bool, interface{}, error) {
 		var token string
-		hdr := r.Request.Header.Get("Authorization")
+		hdr := r.Request.Header.Get(runtime.HeaderAuthorization)
 		if strings.HasPrefix(hdr, prefix) {
 			token = strings.TrimPrefix(hdr, prefix)
 		}

vendor/github.com/go-openapi/runtime/text.go

@@ -41,7 +41,6 @@ func TextConsumer() Consumer {
 
 		// If the buffer is empty, no need to unmarshal it, which causes a panic.
 		if len(b) == 0 {
-			data = ""
 			return nil
 		}
 

vendor/github.com/go-openapi/runtime/yamlpc/yaml.go

@@ -0,0 +1,40 @@
+// Copyright 2015 go-swagger maintainers
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//    http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package yamlpc
+
+import (
+	"io"
+
+	"github.com/go-openapi/runtime"
+
+	"gopkg.in/yaml.v2"
+)
+
+// YAMLConsumer creates a consumer for yaml data
+func YAMLConsumer() runtime.Consumer {
+	return runtime.ConsumerFunc(func(r io.Reader, v interface{}) error {
+		dec := yaml.NewDecoder(r)
+		return dec.Decode(v)
+	})
+}
+
+// YAMLProducer creates a producer for yaml data
+func YAMLProducer() runtime.Producer {
+	return runtime.ProducerFunc(func(w io.Writer, v interface{}) error {
+		enc := yaml.NewEncoder(w)
+		defer enc.Close()
+		return enc.Encode(v)
+	})
+}