-
Notifications
You must be signed in to change notification settings - Fork 653
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
support IAM credentials to be fully cutomizable not just via ENVs #1910
Merged
harshavardhana
merged 1 commit into
minio:master
from
harshavardhana:support-fully-customizable
Dec 6, 2023
Merged
support IAM credentials to be fully cutomizable not just via ENVs #1910
harshavardhana
merged 1 commit into
minio:master
from
harshavardhana:support-fully-customizable
Dec 6, 2023
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
currently customizing the behavior of credentials.IAM for - Container authorization style - EC2 Metadata service credentials - EKS credentials Was via environment variables, allow this to be changed in a more declarative manner that can be used and remembered in application.
harshavardhana
force-pushed
the
support-fully-customizable
branch
from
December 5, 2023 22:10
7deee13
to
f140f56
Compare
vadmeste
approved these changes
Dec 5, 2023
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
charithe
referenced
this pull request
in cerbos/cerbos
Dec 18, 2023
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/aws/aws-sdk-go](https://togithub.com/aws/aws-sdk-go) | require | minor | `v1.48.16` -> `v1.49.4` | | [github.com/cerbos/cerbos/api/genpb](https://togithub.com/cerbos/cerbos) | require | minor | `v0.0.0-20231208114313-af85ff2df2de` -> `v0.32.0` | | [github.com/google/uuid](https://togithub.com/google/uuid) | require | minor | `v1.4.0` -> `v1.5.0` | | [github.com/minio/minio-go/v7](https://togithub.com/minio/minio-go) | require | patch | `v7.0.65` -> `v7.0.66` | | [github.com/pterm/pterm](https://togithub.com/pterm/pterm) | require | patch | `v0.12.71` -> `v0.12.72` | | [github.com/rogpeppe/go-internal](https://togithub.com/rogpeppe/go-internal) | require | minor | `v1.11.0` -> `v1.12.0` | | golang.org/x/exp | require | digest | `9212866` -> `aacd6d4` | | golang.org/x/tools | require | patch | `v0.16.0` -> `v0.16.1` | | [google.golang.org/genproto/googleapis/api](https://togithub.com/googleapis/go-genproto) | require | digest | `3a041ad` -> `995d672` | | [google.golang.org/grpc](https://togithub.com/grpc/grpc-go) | require | minor | `v1.59.0` -> `v1.60.0` | | [google.golang.org/protobuf](https://togithub.com/protocolbuffers/protobuf-go) | require | digest | `e8baad6` -> `8ed73c7` | | [helm.sh/helm/v3](https://togithub.com/helm/helm) | require | patch | `v3.13.2` -> `v3.13.3` | | [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) | require | minor | `v1.27.0` -> `v1.28.0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>aws/aws-sdk-go (github.com/aws/aws-sdk-go)</summary> ### [`v1.49.4`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v1494-2023-12-15) [Compare Source](https://togithub.com/aws/aws-sdk-go/compare/v1.49.3...v1.49.4) \=== ##### Service Client Updates - `service/cloud9`: Updates service documentation and examples - Updated Cloud9 API documentation for AL2023 release - `service/connect`: Updates service API and documentation - `service/connectcases`: Updates service API - `service/kms`: Updates service documentation - Documentation updates for AWS Key Management Service - `service/rds`: Updates service API, documentation, waiters, paginators, and examples - Updates Amazon RDS documentation by adding code examples - `service/sagemaker`: Updates service API and documentation - This release 1) introduces a new API: DeleteCompilationJob , and 2) adds InfraCheckConfig for Create/Describe training job API ### [`v1.49.3`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v1493-2023-12-14) [Compare Source](https://togithub.com/aws/aws-sdk-go/compare/v1.49.2...v1.49.3) \=== ##### Service Client Updates - `service/appstream`: Updates service API - This release includes support for images of Windows Server 2022 platform. - `service/b2bi`: Updates service documentation and examples - `service/billingconductor`: Updates service API and documentation - `service/connect`: Updates service API and documentation - `service/controltower`: Updates service documentation - `service/firehose`: Updates service API and documentation - This release, 1) adds configurable buffering hints for the Splunk destination, and 2) reduces the minimum configurable buffering interval for supported destinations - `service/gamelift`: Updates service API and documentation - Amazon GameLift adds the ability to add and update the game properties of active game sessions. - `service/iot`: Updates service API and documentation - This release adds the ability to self-manage certificate signing in AWS IoT Core fleet provisioning using the new certificate provider resource. - `service/opensearch`: Updates service documentation - `service/quicksight`: Updates service API and documentation - Update Dashboard Links support; SingleAxisOptions support; Scatterplot Query limit support. - `service/workspaces`: Updates service documentation - Updated note to ensure customers understand running modes. ### [`v1.49.2`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v1492-2023-12-13) [Compare Source](https://togithub.com/aws/aws-sdk-go/compare/v1.49.1...v1.49.2) \=== ##### Service Client Updates - `service/drs`: Updates service API and documentation ### [`v1.49.1`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v1491-2023-12-12) [Compare Source](https://togithub.com/aws/aws-sdk-go/compare/v1.49.0...v1.49.1) \=== ##### Service Client Updates - `service/imagebuilder`: Updates service API, documentation, and paginators - `service/location`: Updates service API and documentation - `service/logs`: Updates service API and documentation - This release introduces the StartLiveTail API to tail ingested logs in near real time. ### [`v1.49.0`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v1490-2023-12-11) [Compare Source](https://togithub.com/aws/aws-sdk-go/compare/v1.48.16...v1.49.0) \=== ##### Service Client Updates - `service/neptune`: Updates service API and documentation - This release adds a new parameter configuration setting to the Neptune cluster related APIs that can be leveraged to switch between the underlying supported storage modes. - `service/pinpoint`: Updates service documentation - This release includes Amazon Pinpoint API documentation updates pertaining to campaign message sending rate limits. - `service/securityhub`: Updates service API and documentation ##### SDK Features - `service/sqs`: BREAKFIX: Revert SQS error constants to original state - Values for SQS error constants were incorrectly changed. This reverts them back. </details> <details> <summary>google/uuid (github.com/google/uuid)</summary> ### [`v1.5.0`](https://togithub.com/google/uuid/releases/tag/v1.5.0) [Compare Source](https://togithub.com/google/uuid/compare/v1.4.0...v1.5.0) ##### Features - Validate UUID without creating new UUID ([#​141](https://togithub.com/google/uuid/issues/141)) ([9ee7366](https://togithub.com/google/uuid/commit/9ee7366e66c9ad96bab89139418a713dc584ae29)) </details> <details> <summary>minio/minio-go (github.com/minio/minio-go/v7)</summary> ### [`v7.0.66`](https://togithub.com/minio/minio-go/releases/tag/v7.0.66): Bugfix release [Compare Source](https://togithub.com/minio/minio-go/compare/v7.0.65...v7.0.66) #### What's Changed - Allow passing custom get query params by [@​ashmrtn](https://togithub.com/ashmrtn) in [https://github.com/minio/minio-go/pull/1905](https://togithub.com/minio/minio-go/pull/1905) - support IAM credentials to be fully cutomizable not just via ENVs by [@​harshavardhana](https://togithub.com/harshavardhana) in [https://github.com/minio/minio-go/pull/1910](https://togithub.com/minio/minio-go/pull/1910) - upgrade all deps by [@​harshavardhana](https://togithub.com/harshavardhana) in [https://github.com/minio/minio-go/pull/1912](https://togithub.com/minio/minio-go/pull/1912) - Add fields to tagging opts for replication by [@​poornas](https://togithub.com/poornas) in [https://github.com/minio/minio-go/pull/1913](https://togithub.com/minio/minio-go/pull/1913) #### New Contributors - [@​ashmrtn](https://togithub.com/ashmrtn) made their first contribution in [https://github.com/minio/minio-go/pull/1905](https://togithub.com/minio/minio-go/pull/1905) **Full Changelog**: minio/minio-go@v7.0.65...v7.0.66 </details> <details> <summary>pterm/pterm (github.com/pterm/pterm)</summary> ### [`v0.12.72`](https://togithub.com/pterm/pterm/releases/tag/v0.12.72) [Compare Source](https://togithub.com/pterm/pterm/compare/v0.12.71...v0.12.72) <!-- Release notes generated using configuration in .github/release.yml at master --> #### What's Changed ##### Fixes 🔧 - fix: exit on `ctrl+c` in interactive printers by default by [@​panbanda](https://togithub.com/panbanda) in [https://github.com/pterm/pterm/pull/593](https://togithub.com/pterm/pterm/pull/593) ##### Other Changes - ci: updated go test command in workflow by [@​MarvinJWendt](https://togithub.com/MarvinJWendt) in [https://github.com/pterm/pterm/pull/594](https://togithub.com/pterm/pterm/pull/594) - examples: refactored and documented all examples by [@​MarvinJWendt](https://togithub.com/MarvinJWendt) in [https://github.com/pterm/pterm/pull/596](https://togithub.com/pterm/pterm/pull/596) - docs: added website to repo by [@​MarvinJWendt](https://togithub.com/MarvinJWendt) in [https://github.com/pterm/pterm/pull/597](https://togithub.com/pterm/pterm/pull/597) #### New Contributors - [@​panbanda](https://togithub.com/panbanda) made their first contribution in [https://github.com/pterm/pterm/pull/593](https://togithub.com/pterm/pterm/pull/593) **Full Changelog**: pterm/pterm@v0.12.71...v0.12.72 </details> <details> <summary>rogpeppe/go-internal (github.com/rogpeppe/go-internal)</summary> ### [`v1.12.0`](https://togithub.com/rogpeppe/go-internal/compare/v1.11.0...v1.12.0) [Compare Source](https://togithub.com/rogpeppe/go-internal/compare/v1.11.0...v1.12.0) </details> <details> <summary>grpc/grpc-go (google.golang.org/grpc)</summary> ### [`v1.60.0`](https://togithub.com/grpc/grpc-go/releases/tag/v1.60.0): Release 1.60.0 [Compare Source](https://togithub.com/grpc/grpc-go/compare/v1.59.0...v1.60.0) ### Security - credentials/tls: if not set, set TLS MinVersion to 1.2 and CipherSuites according to supported suites not forbidden by RFC7540. - This is a behavior change to bring us into better alignment with RFC 7540. ### API Changes - resolver: remove deprecated and experimental `ClientConn.NewServiceConfig` ([#​6784](https://togithub.com/grpc/grpc-go/issues/6784)) - client: remove deprecated `grpc.WithServiceConfig` `DialOption` ([#​6800](https://togithub.com/grpc/grpc-go/issues/6800)) ### Bug Fixes - client: fix race that could cause a deadlock while entering idle mode and receiving a name resolver update ([#​6804](https://togithub.com/grpc/grpc-go/issues/6804)) - client: always enable TCP keepalives with OS defaults ([#​6834](https://togithub.com/grpc/grpc-go/issues/6834)) - credentials/alts: fix a bug preventing ALTS from connecting to the metadata server if the default scheme is overridden ([#​6686](https://togithub.com/grpc/grpc-go/issues/6686)) - Special Thanks: [@​mjamaloney](https://togithub.com/mjamaloney) ### Behavior Changes - server: Do not return from Stop() or GracefulStop() until all resources are released ([#​6489](https://togithub.com/grpc/grpc-go/issues/6489)) - Special Thanks: [@​fho](https://togithub.com/fho) ### Documentation - codes: clarify that only codes defined by this package are valid and that users should not cast other values to `codes.Code` ([#​6701](https://togithub.com/grpc/grpc-go/issues/6701)) </details> <details> <summary>helm/helm (helm.sh/helm/v3)</summary> ### [`v3.13.3`](https://togithub.com/helm/helm/releases/tag/v3.13.3): Helm v3.13.3 [Compare Source](https://togithub.com/helm/helm/compare/v3.13.2...v3.13.3) Helm v3.13.3 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience. The community keeps growing, and we'd love to see you there! - Join the discussion in [Kubernetes Slack](https://kubernetes.slack.com): - for questions and just to hang out - for discussing PRs, code, and bugs - Hang out at the Public Developer Call: Thursday, 9:30 Pacific via [Zoom](https://zoom.us/j/696660622) - Test, debug, and contribute charts: [ArtifactHub/packages](https://artifacthub.io/packages/search?kind=0) #### Installation and Upgrading Download Helm v3.13.3. The common platform binaries are here: - [MacOS amd64](https://get.helm.sh/helm-v3.13.3-darwin-amd64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.13.3-darwin-amd64.tar.gz.sha256sum) / da654c9e0fd4fcb50cc5dba051c1c9cf398e21ffa5064b47ac89a9697e139d39) - [MacOS arm64](https://get.helm.sh/helm-v3.13.3-darwin-arm64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.13.3-darwin-arm64.tar.gz.sha256sum) / 61ba210cd65c53be5c0021c8fc8e0b94f4c122aff32f5ed0e4ea81728108ea20) - [Linux amd64](https://get.helm.sh/helm-v3.13.3-linux-amd64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.13.3-linux-amd64.tar.gz.sha256sum) / bbb6e7c6201458b235f335280f35493950dcd856825ddcfd1d3b40ae757d5c7d) - [Linux arm](https://get.helm.sh/helm-v3.13.3-linux-arm.tar.gz) ([checksum](https://get.helm.sh/helm-v3.13.3-linux-arm.tar.gz.sha256sum) / 0170b15f3951be399e27e0cfdc21edb211d3b6b2698e078f993d9558d9446e3f) - [Linux arm64](https://get.helm.sh/helm-v3.13.3-linux-arm64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.13.3-linux-arm64.tar.gz.sha256sum) / 44aaa094ae24d01e8c36e327e1837fd3377a0f9152626da088384c5bc6d94562) - [Linux i386](https://get.helm.sh/helm-v3.13.3-linux-386.tar.gz) ([checksum](https://get.helm.sh/helm-v3.13.3-linux-386.tar.gz.sha256sum) / a92929ba472ff4d31b83bcdd957f94ebb8c396c371c840afd04fa6a7fba61515) - [Linux ppc64le](https://get.helm.sh/helm-v3.13.3-linux-ppc64le.tar.gz) ([checksum](https://get.helm.sh/helm-v3.13.3-linux-ppc64le.tar.gz.sha256sum) / 85afc540af42ebbb6e6a4fe270b04ce1fa27fa72845cd1d352feea0f55df1ffc) - [Linux s390x](https://get.helm.sh/helm-v3.13.3-linux-s390x.tar.gz) ([checksum](https://get.helm.sh/helm-v3.13.3-linux-s390x.tar.gz.sha256sum) / 19dce0dec6225132b80c3f6dfbc9f804cedd8becdbed5e30d197c4bbf20ce3c0) - [Windows amd64](https://get.helm.sh/helm-v3.13.3-windows-amd64.zip) ([checksum](https://get.helm.sh/helm-v3.13.3-windows-amd64.zip.sha256sum) / abb5e06a3587d8da7cca60c801cfbaa5178f4252c367b2469b3f123da2357cac) This release was signed with ` 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E ` and can be found at [@​mattfarina](https://togithub.com/mattfarina) [keybase account](https://keybase.io/mattfarina). Please use the attached signatures for verifying this release using `gpg`. The [Quickstart Guide](https://helm.sh/docs/intro/quickstart/) will get you going from there. For **upgrade instructions** or detailed installation notes, check the [install guide](https://helm.sh/docs/intro/install/). You can also use a [script to install](https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3) on any system with `bash`. #### What's Next - 3.14.0 is the next feature release and be on January 17, 2024. #### Changelog - Updating Helm libraries for k8s 1.28.4 [`c8b9489`](https://togithub.com/helm/helm/commit/c8b948945e52abba22ff885446a1486cb5fd3474) (Matt Farina) - Remove excessive logging [`2f03d01`](https://togithub.com/helm/helm/commit/2f03d01b7d29d65374838a8376644e2b12066c81) (Sean Mills) - chore(create): indent to spaces [`2e63576`](https://togithub.com/helm/helm/commit/2e6357665a4100eb8472902b693c8dfa50acc5aa) (genofire) </details> <details> <summary>cznic/sqlite (modernc.org/sqlite)</summary> ### [`v1.28.0`](https://gitlab.com/cznic/sqlite/compare/v1.27.0...v1.28.0) [Compare Source](https://gitlab.com/cznic/sqlite/compare/v1.27.0...v1.28.0) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/cerbos/cerbos). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy45My4xIiwidXBkYXRlZEluVmVyIjoiMzcuOTMuMSIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
currently customizing the behavior of credentials.IAM for
Was via environment variables, allow this to be changed in a more declarative manner that can be used and remembered in application.