[chore] Bump github.com/minio/minio-go/v7 from 7.0.37 to 7.0.43 (#983)

Bumps [github.com/minio/minio-go/v7](https://github.com/minio/minio-go) from 7.0.37 to 7.0.43. - [Release notes](https://github.com/minio/minio-go/releases) - [Commits](https://github.com/minio/minio-go/compare/v7.0.37...v7.0.43) --- updated-dependencies: - dependency-name: github.com/minio/minio-go/v7 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-03 01:32:26 -06:00 · 2022-11-07 11:20:43 +01:00 · 2022-11-07 11:20:43 +01:00 · 459a5c8d96
commit 459a5c8d96
parent a5f31e5dd3
44 changed files with 1031 additions and 336 deletions
--- a/vendor/github.com/minio/minio-go/v7/pkg/credentials/assume_role.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/credentials/assume_role.go
@ -19,6 +19,7 @@ package credentials

 import (
 	"bytes"
+	"crypto/sha256"
 	"encoding/hex"
 	"encoding/xml"
 	"errors"
@ -31,7 +32,6 @@ import (
 	"time"

 	"github.com/minio/minio-go/v7/pkg/signer"
-	sha256 "github.com/minio/sha256-simd"
 )

 // AssumeRoleResponse contains the result of successful AssumeRole request.
--- a/vendor/github.com/minio/minio-go/v7/pkg/credentials/chain.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/credentials/chain.go
@ -31,18 +31,17 @@ package credentials
 // will cache that Provider for all calls to IsExpired(), until Retrieve is
 // called again after IsExpired() is true.
 //
-//     creds := credentials.NewChainCredentials(
-//         []credentials.Provider{
-//             &credentials.EnvAWSS3{},
-//             &credentials.EnvMinio{},
-//         })
-//
-//     // Usage of ChainCredentials.
-//     mc, err := minio.NewWithCredentials(endpoint, creds, secure, "us-east-1")
-//     if err != nil {
-//          log.Fatalln(err)
-//     }
+//	creds := credentials.NewChainCredentials(
+//	    []credentials.Provider{
+//	        &credentials.EnvAWSS3{},
+//	        &credentials.EnvMinio{},
+//	    })
 //
+//	// Usage of ChainCredentials.
+//	mc, err := minio.NewWithCredentials(endpoint, creds, secure, "us-east-1")
+//	if err != nil {
+//	     log.Fatalln(err)
+//	}
 type Chain struct {
 	Providers []Provider
 	curr      Provider
--- a/vendor/github.com/minio/minio-go/v7/pkg/credentials/credentials.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/credentials/credentials.go
@ -65,10 +65,11 @@ type Provider interface {
 // provider's struct.
 //
 // Example:
-//     type IAMCredentialProvider struct {
-//         Expiry
-//         ...
-//     }
+//
+//	type IAMCredentialProvider struct {
+//	    Expiry
+//	    ...
+//	}
 type Expiry struct {
 	// The date/time when to expire on
 	expiration time.Time
--- a/vendor/github.com/minio/minio-go/v7/pkg/credentials/credentials.json
+++ b/vendor/github.com/minio/minio-go/v7/pkg/credentials/credentials.json
@ -0,0 +1,7 @@
+{
+    "Version": 1,
+    "SessionToken": "token",
+    "AccessKeyId": "accessKey",
+    "SecretAccessKey": "secret",
+    "Expiration": "9999-04-27T16:02:25.000Z"
+}
--- a/vendor/github.com/minio/minio-go/v7/pkg/credentials/credentials.sample
+++ b/vendor/github.com/minio/minio-go/v7/pkg/credentials/credentials.sample
@ -10,3 +10,6 @@ aws_secret_access_key = secret
 [with_colon]
 aws_access_key_id: accessKey
 aws_secret_access_key: secret
+
+[with_process]
+credential_process = /bin/cat credentials.json
--- a/vendor/github.com/minio/minio-go/v7/pkg/credentials/doc.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/credentials/doc.go
@ -28,35 +28,33 @@
 //
 // Example of using the environment variable credentials.
 //
-//     creds := NewFromEnv()
-//     // Retrieve the credentials value
-//     credValue, err := creds.Get()
-//     if err != nil {
-//         // handle error
-//     }
+//	creds := NewFromEnv()
+//	// Retrieve the credentials value
+//	credValue, err := creds.Get()
+//	if err != nil {
+//	    // handle error
+//	}
 //
 // Example of forcing credentials to expire and be refreshed on the next Get().
 // This may be helpful to proactively expire credentials and refresh them sooner
 // than they would naturally expire on their own.
 //
-//     creds := NewFromIAM("")
-//     creds.Expire()
-//     credsValue, err := creds.Get()
-//     // New credentials will be retrieved instead of from cache.
+//	creds := NewFromIAM("")
+//	creds.Expire()
+//	credsValue, err := creds.Get()
+//	// New credentials will be retrieved instead of from cache.
 //
-//
-// Custom Provider
+// # Custom Provider
 //
 // Each Provider built into this package also provides a helper method to generate
 // a Credentials pointer setup with the provider. To use a custom Provider just
 // create a type which satisfies the Provider interface and pass it to the
 // NewCredentials method.
 //
-//     type MyProvider struct{}
-//     func (m *MyProvider) Retrieve() (Value, error) {...}
-//     func (m *MyProvider) IsExpired() bool {...}
-//
-//     creds := NewCredentials(&MyProvider{})
-//     credValue, err := creds.Get()
+//	type MyProvider struct{}
+//	func (m *MyProvider) Retrieve() (Value, error) {...}
+//	func (m *MyProvider) IsExpired() bool {...}
 //
+//	creds := NewCredentials(&MyProvider{})
+//	credValue, err := creds.Get()
 package credentials
--- a/vendor/github.com/minio/minio-go/v7/pkg/credentials/file_aws_credentials.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/credentials/file_aws_credentials.go
@ -18,17 +18,33 @@
 package credentials

 import (
+	"encoding/json"
+	"errors"
 	"os"
+	"os/exec"
 	"path/filepath"
+	"strings"
+	"time"

 	ini "gopkg.in/ini.v1"
 )

+// A externalProcessCredentials stores the output of a credential_process
+type externalProcessCredentials struct {
+	Version         int
+	SessionToken    string
+	AccessKeyID     string `json:"AccessKeyId"`
+	SecretAccessKey string
+	Expiration      time.Time
+}
+
 // A FileAWSCredentials retrieves credentials from the current user's home
 // directory, and keeps track if those credentials are expired.
 //
 // Profile ini file example: $HOME/.aws/credentials
 type FileAWSCredentials struct {
+	Expiry
+
 	// Path to the shared credentials file.
 	//
 	// If empty will look for "AWS_SHARED_CREDENTIALS_FILE" env variable. If the
@ -89,6 +105,33 @@ func (p *FileAWSCredentials) Retrieve() (Value, error) {
 	// Default to empty string if not found.
 	token := iniProfile.Key("aws_session_token")

+	// If credential_process is defined, obtain credentials by executing
+	// the external process
+	credentialProcess := strings.TrimSpace(iniProfile.Key("credential_process").String())
+	if credentialProcess != "" {
+		args := strings.Fields(credentialProcess)
+		if len(args) <= 1 {
+			return Value{}, errors.New("invalid credential process args")
+		}
+		cmd := exec.Command(args[0], args[1:]...)
+		out, err := cmd.Output()
+		if err != nil {
+			return Value{}, err
+		}
+		var externalProcessCredentials externalProcessCredentials
+		err = json.Unmarshal([]byte(out), &externalProcessCredentials)
+		if err != nil {
+			return Value{}, err
+		}
+		p.retrieved = true
+		p.SetExpiration(externalProcessCredentials.Expiration, DefaultExpiryWindow)
+		return Value{
+			AccessKeyID:     externalProcessCredentials.AccessKeyID,
+			SecretAccessKey: externalProcessCredentials.SecretAccessKey,
+			SessionToken:    externalProcessCredentials.SessionToken,
+			SignerType:      SignatureV4,
+		}, nil
+	}
 	p.retrieved = true
 	return Value{
 		AccessKeyID:     id.String(),
@ -98,11 +141,6 @@ func (p *FileAWSCredentials) Retrieve() (Value, error) {
 	}, nil
 }

-// IsExpired returns if the shared credentials have expired.
-func (p *FileAWSCredentials) IsExpired() bool {
-	return !p.retrieved
-}
-
 // loadProfiles loads from the file pointed to by shared credentials filename for profile.
 // The credentials retrieved from the profile will be returned or error. Error will be
 // returned if it fails to read from the file, or the data is invalid.