Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

support IAM credentials to be fully cutomizable not just via ENVs #1910

Merged

Conversation

harshavardhana
Copy link
Member

currently customizing the behavior of credentials.IAM for

  • Container authorization style
  • EC2 Metadata service credentials
  • EKS credentials

Was via environment variables, allow this to be changed in a more declarative manner that can be used and remembered in application.

currently customizing the behavior of credentials.IAM for

- Container authorization style
- EC2 Metadata service credentials
- EKS credentials

Was via environment variables, allow this to be changed in a more
declarative manner that can be used and remembered in application.
@harshavardhana harshavardhana force-pushed the support-fully-customizable branch from 7deee13 to f140f56 Compare December 5, 2023 22:10
Copy link
Member

@vadmeste vadmeste left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@harshavardhana harshavardhana merged commit 6bc93a8 into minio:master Dec 6, 2023
7 checks passed
@harshavardhana harshavardhana deleted the support-fully-customizable branch December 6, 2023 22:33
charithe referenced this pull request in cerbos/cerbos Dec 18, 2023
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [github.com/aws/aws-sdk-go](https://togithub.com/aws/aws-sdk-go) |
require | minor | `v1.48.16` -> `v1.49.4` |
|
[github.com/cerbos/cerbos/api/genpb](https://togithub.com/cerbos/cerbos)
| require | minor | `v0.0.0-20231208114313-af85ff2df2de` -> `v0.32.0` |
| [github.com/google/uuid](https://togithub.com/google/uuid) | require |
minor | `v1.4.0` -> `v1.5.0` |
| [github.com/minio/minio-go/v7](https://togithub.com/minio/minio-go) |
require | patch | `v7.0.65` -> `v7.0.66` |
| [github.com/pterm/pterm](https://togithub.com/pterm/pterm) | require |
patch | `v0.12.71` -> `v0.12.72` |
|
[github.com/rogpeppe/go-internal](https://togithub.com/rogpeppe/go-internal)
| require | minor | `v1.11.0` -> `v1.12.0` |
| golang.org/x/exp | require | digest | `9212866` -> `aacd6d4` |
| golang.org/x/tools | require | patch | `v0.16.0` -> `v0.16.1` |
|
[google.golang.org/genproto/googleapis/api](https://togithub.com/googleapis/go-genproto)
| require | digest | `3a041ad` -> `995d672` |
| [google.golang.org/grpc](https://togithub.com/grpc/grpc-go) | require
| minor | `v1.59.0` -> `v1.60.0` |
|
[google.golang.org/protobuf](https://togithub.com/protocolbuffers/protobuf-go)
| require | digest | `e8baad6` -> `8ed73c7` |
| [helm.sh/helm/v3](https://togithub.com/helm/helm) | require | patch |
`v3.13.2` -> `v3.13.3` |
| [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) | require |
minor | `v1.27.0` -> `v1.28.0` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>aws/aws-sdk-go (github.com/aws/aws-sdk-go)</summary>

###
[`v1.49.4`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v1494-2023-12-15)

[Compare
Source](https://togithub.com/aws/aws-sdk-go/compare/v1.49.3...v1.49.4)

\===

##### Service Client Updates

-   `service/cloud9`: Updates service documentation and examples
    -   Updated Cloud9 API documentation for AL2023 release
-   `service/connect`: Updates service API and documentation
-   `service/connectcases`: Updates service API
-   `service/kms`: Updates service documentation
    -   Documentation updates for AWS Key Management Service
- `service/rds`: Updates service API, documentation, waiters,
paginators, and examples
    -   Updates Amazon RDS documentation by adding code examples
-   `service/sagemaker`: Updates service API and documentation
- This release 1) introduces a new API: DeleteCompilationJob , and 2)
adds InfraCheckConfig for Create/Describe training job API

###
[`v1.49.3`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v1493-2023-12-14)

[Compare
Source](https://togithub.com/aws/aws-sdk-go/compare/v1.49.2...v1.49.3)

\===

##### Service Client Updates

-   `service/appstream`: Updates service API
- This release includes support for images of Windows Server 2022
platform.
-   `service/b2bi`: Updates service documentation and examples
-   `service/billingconductor`: Updates service API and documentation
-   `service/connect`: Updates service API and documentation
-   `service/controltower`: Updates service documentation
-   `service/firehose`: Updates service API and documentation
- This release, 1) adds configurable buffering hints for the Splunk
destination, and 2) reduces the minimum configurable buffering interval
for supported destinations
-   `service/gamelift`: Updates service API and documentation
- Amazon GameLift adds the ability to add and update the game properties
of active game sessions.
-   `service/iot`: Updates service API and documentation
- This release adds the ability to self-manage certificate signing in
AWS IoT Core fleet provisioning using the new certificate provider
resource.
-   `service/opensearch`: Updates service documentation
-   `service/quicksight`: Updates service API and documentation
- Update Dashboard Links support; SingleAxisOptions support; Scatterplot
Query limit support.
-   `service/workspaces`: Updates service documentation
    -   Updated note to ensure customers understand running modes.

###
[`v1.49.2`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v1492-2023-12-13)

[Compare
Source](https://togithub.com/aws/aws-sdk-go/compare/v1.49.1...v1.49.2)

\===

##### Service Client Updates

-   `service/drs`: Updates service API and documentation

###
[`v1.49.1`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v1491-2023-12-12)

[Compare
Source](https://togithub.com/aws/aws-sdk-go/compare/v1.49.0...v1.49.1)

\===

##### Service Client Updates

- `service/imagebuilder`: Updates service API, documentation, and
paginators
-   `service/location`: Updates service API and documentation
-   `service/logs`: Updates service API and documentation
- This release introduces the StartLiveTail API to tail ingested logs in
near real time.

###
[`v1.49.0`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v1490-2023-12-11)

[Compare
Source](https://togithub.com/aws/aws-sdk-go/compare/v1.48.16...v1.49.0)

\===

##### Service Client Updates

-   `service/neptune`: Updates service API and documentation
- This release adds a new parameter configuration setting to the Neptune
cluster related APIs that can be leveraged to switch between the
underlying supported storage modes.
-   `service/pinpoint`: Updates service documentation
- This release includes Amazon Pinpoint API documentation updates
pertaining to campaign message sending rate limits.
-   `service/securityhub`: Updates service API and documentation

##### SDK Features

- `service/sqs`: BREAKFIX: Revert SQS error constants to original state
- Values for SQS error constants were incorrectly changed. This reverts
them back.

</details>

<details>
<summary>google/uuid (github.com/google/uuid)</summary>

### [`v1.5.0`](https://togithub.com/google/uuid/releases/tag/v1.5.0)

[Compare
Source](https://togithub.com/google/uuid/compare/v1.4.0...v1.5.0)

##### Features

- Validate UUID without creating new UUID
([#&#8203;141](https://togithub.com/google/uuid/issues/141))
([9ee7366](https://togithub.com/google/uuid/commit/9ee7366e66c9ad96bab89139418a713dc584ae29))

</details>

<details>
<summary>minio/minio-go (github.com/minio/minio-go/v7)</summary>

###
[`v7.0.66`](https://togithub.com/minio/minio-go/releases/tag/v7.0.66):
Bugfix release

[Compare
Source](https://togithub.com/minio/minio-go/compare/v7.0.65...v7.0.66)

#### What's Changed

- Allow passing custom get query params by
[@&#8203;ashmrtn](https://togithub.com/ashmrtn) in
[https://github.com/minio/minio-go/pull/1905](https://togithub.com/minio/minio-go/pull/1905)
- support IAM credentials to be fully cutomizable not just via ENVs by
[@&#8203;harshavardhana](https://togithub.com/harshavardhana) in
[https://github.com/minio/minio-go/pull/1910](https://togithub.com/minio/minio-go/pull/1910)
- upgrade all deps by
[@&#8203;harshavardhana](https://togithub.com/harshavardhana) in
[https://github.com/minio/minio-go/pull/1912](https://togithub.com/minio/minio-go/pull/1912)
- Add fields to tagging opts for replication by
[@&#8203;poornas](https://togithub.com/poornas) in
[https://github.com/minio/minio-go/pull/1913](https://togithub.com/minio/minio-go/pull/1913)

#### New Contributors

- [@&#8203;ashmrtn](https://togithub.com/ashmrtn) made their first
contribution in
[https://github.com/minio/minio-go/pull/1905](https://togithub.com/minio/minio-go/pull/1905)

**Full Changelog**:
minio/minio-go@v7.0.65...v7.0.66

</details>

<details>
<summary>pterm/pterm (github.com/pterm/pterm)</summary>

### [`v0.12.72`](https://togithub.com/pterm/pterm/releases/tag/v0.12.72)

[Compare
Source](https://togithub.com/pterm/pterm/compare/v0.12.71...v0.12.72)

<!-- Release notes generated using configuration in .github/release.yml
at master -->

#### What's Changed

##### Fixes 🔧

- fix: exit on `ctrl+c` in interactive printers by default by
[@&#8203;panbanda](https://togithub.com/panbanda) in
[https://github.com/pterm/pterm/pull/593](https://togithub.com/pterm/pterm/pull/593)

##### Other Changes

- ci: updated go test command in workflow by
[@&#8203;MarvinJWendt](https://togithub.com/MarvinJWendt) in
[https://github.com/pterm/pterm/pull/594](https://togithub.com/pterm/pterm/pull/594)
- examples: refactored and documented all examples by
[@&#8203;MarvinJWendt](https://togithub.com/MarvinJWendt) in
[https://github.com/pterm/pterm/pull/596](https://togithub.com/pterm/pterm/pull/596)
- docs: added website to repo by
[@&#8203;MarvinJWendt](https://togithub.com/MarvinJWendt) in
[https://github.com/pterm/pterm/pull/597](https://togithub.com/pterm/pterm/pull/597)

#### New Contributors

- [@&#8203;panbanda](https://togithub.com/panbanda) made their first
contribution in
[https://github.com/pterm/pterm/pull/593](https://togithub.com/pterm/pterm/pull/593)

**Full Changelog**:
pterm/pterm@v0.12.71...v0.12.72

</details>

<details>
<summary>rogpeppe/go-internal
(github.com/rogpeppe/go-internal)</summary>

###
[`v1.12.0`](https://togithub.com/rogpeppe/go-internal/compare/v1.11.0...v1.12.0)

[Compare
Source](https://togithub.com/rogpeppe/go-internal/compare/v1.11.0...v1.12.0)

</details>

<details>
<summary>grpc/grpc-go (google.golang.org/grpc)</summary>

### [`v1.60.0`](https://togithub.com/grpc/grpc-go/releases/tag/v1.60.0):
Release 1.60.0

[Compare
Source](https://togithub.com/grpc/grpc-go/compare/v1.59.0...v1.60.0)

### Security

- credentials/tls: if not set, set TLS MinVersion to 1.2 and
CipherSuites according to supported suites not forbidden by RFC7540.
- This is a behavior change to bring us into better alignment with RFC
7540.

### API Changes

- resolver: remove deprecated and experimental
`ClientConn.NewServiceConfig`
([#&#8203;6784](https://togithub.com/grpc/grpc-go/issues/6784))
- client: remove deprecated `grpc.WithServiceConfig` `DialOption`
([#&#8203;6800](https://togithub.com/grpc/grpc-go/issues/6800))

### Bug Fixes

- client: fix race that could cause a deadlock while entering idle mode
and receiving a name resolver update
([#&#8203;6804](https://togithub.com/grpc/grpc-go/issues/6804))
- client: always enable TCP keepalives with OS defaults
([#&#8203;6834](https://togithub.com/grpc/grpc-go/issues/6834))
- credentials/alts: fix a bug preventing ALTS from connecting to the
metadata server if the default scheme is overridden
([#&#8203;6686](https://togithub.com/grpc/grpc-go/issues/6686))
- Special Thanks: [@&#8203;mjamaloney](https://togithub.com/mjamaloney)

### Behavior Changes

- server: Do not return from Stop() or GracefulStop() until all
resources are released
([#&#8203;6489](https://togithub.com/grpc/grpc-go/issues/6489))
    -   Special Thanks: [@&#8203;fho](https://togithub.com/fho)

### Documentation

- codes: clarify that only codes defined by this package are valid and
that users should not cast other values to `codes.Code`
([#&#8203;6701](https://togithub.com/grpc/grpc-go/issues/6701))

</details>

<details>
<summary>helm/helm (helm.sh/helm/v3)</summary>

### [`v3.13.3`](https://togithub.com/helm/helm/releases/tag/v3.13.3):
Helm v3.13.3

[Compare
Source](https://togithub.com/helm/helm/compare/v3.13.2...v3.13.3)

Helm v3.13.3 is a patch release. Users are encouraged to upgrade for the
best experience. Users are encouraged to upgrade for the best
experience.

The community keeps growing, and we'd love to see you there!

- Join the discussion in [Kubernetes
Slack](https://kubernetes.slack.com):
    -   for questions and just to hang out
    -   for discussing PRs, code, and bugs
- Hang out at the Public Developer Call: Thursday, 9:30 Pacific via
[Zoom](https://zoom.us/j/696660622)
- Test, debug, and contribute charts:
[ArtifactHub/packages](https://artifacthub.io/packages/search?kind=0)

#### Installation and Upgrading

Download Helm v3.13.3. The common platform binaries are here:

- [MacOS amd64](https://get.helm.sh/helm-v3.13.3-darwin-amd64.tar.gz)
([checksum](https://get.helm.sh/helm-v3.13.3-darwin-amd64.tar.gz.sha256sum)
/ da654c9e0fd4fcb50cc5dba051c1c9cf398e21ffa5064b47ac89a9697e139d39)
- [MacOS arm64](https://get.helm.sh/helm-v3.13.3-darwin-arm64.tar.gz)
([checksum](https://get.helm.sh/helm-v3.13.3-darwin-arm64.tar.gz.sha256sum)
/ 61ba210cd65c53be5c0021c8fc8e0b94f4c122aff32f5ed0e4ea81728108ea20)
- [Linux amd64](https://get.helm.sh/helm-v3.13.3-linux-amd64.tar.gz)
([checksum](https://get.helm.sh/helm-v3.13.3-linux-amd64.tar.gz.sha256sum)
/ bbb6e7c6201458b235f335280f35493950dcd856825ddcfd1d3b40ae757d5c7d)
- [Linux arm](https://get.helm.sh/helm-v3.13.3-linux-arm.tar.gz)
([checksum](https://get.helm.sh/helm-v3.13.3-linux-arm.tar.gz.sha256sum)
/ 0170b15f3951be399e27e0cfdc21edb211d3b6b2698e078f993d9558d9446e3f)
- [Linux arm64](https://get.helm.sh/helm-v3.13.3-linux-arm64.tar.gz)
([checksum](https://get.helm.sh/helm-v3.13.3-linux-arm64.tar.gz.sha256sum)
/ 44aaa094ae24d01e8c36e327e1837fd3377a0f9152626da088384c5bc6d94562)
- [Linux i386](https://get.helm.sh/helm-v3.13.3-linux-386.tar.gz)
([checksum](https://get.helm.sh/helm-v3.13.3-linux-386.tar.gz.sha256sum)
/ a92929ba472ff4d31b83bcdd957f94ebb8c396c371c840afd04fa6a7fba61515)
- [Linux ppc64le](https://get.helm.sh/helm-v3.13.3-linux-ppc64le.tar.gz)
([checksum](https://get.helm.sh/helm-v3.13.3-linux-ppc64le.tar.gz.sha256sum)
/ 85afc540af42ebbb6e6a4fe270b04ce1fa27fa72845cd1d352feea0f55df1ffc)
- [Linux s390x](https://get.helm.sh/helm-v3.13.3-linux-s390x.tar.gz)
([checksum](https://get.helm.sh/helm-v3.13.3-linux-s390x.tar.gz.sha256sum)
/ 19dce0dec6225132b80c3f6dfbc9f804cedd8becdbed5e30d197c4bbf20ce3c0)
- [Windows amd64](https://get.helm.sh/helm-v3.13.3-windows-amd64.zip)
([checksum](https://get.helm.sh/helm-v3.13.3-windows-amd64.zip.sha256sum)
/ abb5e06a3587d8da7cca60c801cfbaa5178f4252c367b2469b3f123da2357cac)

This release was signed with ` 672C 657B E06B 4B30 969C 4A57 4614 49C2
5E36 B98E ` and can be found at
[@&#8203;mattfarina](https://togithub.com/mattfarina) [keybase
account](https://keybase.io/mattfarina). Please use the attached
signatures for verifying this release using `gpg`.

The [Quickstart Guide](https://helm.sh/docs/intro/quickstart/) will get
you going from there. For **upgrade instructions** or detailed
installation notes, check the [install
guide](https://helm.sh/docs/intro/install/). You can also use a [script
to
install](https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3)
on any system with `bash`.

#### What's Next

-   3.14.0 is the next feature release and be on January 17, 2024.

#### Changelog

- Updating Helm libraries for k8s 1.28.4
[`c8b9489`](https://togithub.com/helm/helm/commit/c8b948945e52abba22ff885446a1486cb5fd3474)
(Matt Farina)
- Remove excessive logging
[`2f03d01`](https://togithub.com/helm/helm/commit/2f03d01b7d29d65374838a8376644e2b12066c81)
(Sean Mills)
- chore(create): indent to spaces
[`2e63576`](https://togithub.com/helm/helm/commit/2e6357665a4100eb8472902b693c8dfa50acc5aa)
(genofire)

</details>

<details>
<summary>cznic/sqlite (modernc.org/sqlite)</summary>

###
[`v1.28.0`](https://gitlab.com/cznic/sqlite/compare/v1.27.0...v1.28.0)

[Compare
Source](https://gitlab.com/cznic/sqlite/compare/v1.27.0...v1.28.0)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 4am on Monday" (UTC),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/cerbos/cerbos).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy45My4xIiwidXBkYXRlZEluVmVyIjoiMzcuOTMuMSIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants