[chore]: Bump github.com/minio/minio-go/v7 from 7.0.85 to 7.0.89 (#3977)

Bumps [github.com/minio/minio-go/v7](https://github.com/minio/minio-go) from 7.0.85 to 7.0.89. - [Release notes](https://github.com/minio/minio-go/releases) - [Commits](https://github.com/minio/minio-go/compare/v7.0.85...v7.0.89) --- updated-dependencies: - dependency-name: github.com/minio/minio-go/v7 dependency-version: 7.0.89 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-03 08:32:25 -06:00 · 2025-04-07 11:05:51 +01:00 · 2025-04-07 11:05:51 +01:00 · bce643286c
commit bce643286c
parent e0ea77b730
46 changed files with 1337 additions and 371 deletions
--- a/vendor/github.com/minio/minio-go/v7/pkg/credentials/assume_role.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/credentials/assume_role.go
@ -104,6 +104,8 @@ type STSAssumeRoleOptions struct {
 	RoleARN         string
 	RoleSessionName string
 	ExternalID      string
+
+	TokenRevokeType string // Optional, used for token revokation (MinIO only extension)
 }

 // NewSTSAssumeRole returns a pointer to a new
@ -161,6 +163,9 @@ func getAssumeRoleCredentials(clnt *http.Client, endpoint string, opts STSAssume
 	if opts.ExternalID != "" {
 		v.Set("ExternalId", opts.ExternalID)
 	}
+	if opts.TokenRevokeType != "" {
+		v.Set("TokenRevokeType", opts.TokenRevokeType)
+	}

 	u, err := url.Parse(endpoint)
 	if err != nil {
--- a/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_custom_identity.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_custom_identity.go
@ -69,6 +69,9 @@ type CustomTokenIdentity struct {
 	// RequestedExpiry is to set the validity of the generated credentials
 	// (this value bounded by server).
 	RequestedExpiry time.Duration
+
+	// Optional, used for token revokation
+	TokenRevokeType string
 }

 // RetrieveWithCredContext with Retrieve optionally cred context
@ -98,6 +101,9 @@ func (c *CustomTokenIdentity) RetrieveWithCredContext(cc *CredContext) (value Va
 	if c.RequestedExpiry != 0 {
 		v.Set("DurationSeconds", fmt.Sprintf("%d", int(c.RequestedExpiry.Seconds())))
 	}
+	if c.TokenRevokeType != "" {
+		v.Set("TokenRevokeType", c.TokenRevokeType)
+	}

 	u.RawQuery = v.Encode()

--- a/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_ldap_identity.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_ldap_identity.go
@ -73,6 +73,9 @@ type LDAPIdentity struct {
 	// RequestedExpiry is the configured expiry duration for credentials
 	// requested from LDAP.
 	RequestedExpiry time.Duration
+
+	// Optional, used for token revokation
+	TokenRevokeType string
 }

 // NewLDAPIdentity returns new credentials object that uses LDAP
@ -152,6 +155,9 @@ func (k *LDAPIdentity) RetrieveWithCredContext(cc *CredContext) (value Value, er
 	if k.RequestedExpiry != 0 {
 		v.Set("DurationSeconds", fmt.Sprintf("%d", int(k.RequestedExpiry.Seconds())))
 	}
+	if k.TokenRevokeType != "" {
+		v.Set("TokenRevokeType", k.TokenRevokeType)
+	}

 	req, err := http.NewRequest(http.MethodPost, u.String(), strings.NewReader(v.Encode()))
 	if err != nil {
--- a/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_tls_identity.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_tls_identity.go
@ -80,6 +80,9 @@ type STSCertificateIdentity struct {
 	// Certificate is the client certificate that is used for
 	// STS authentication.
 	Certificate tls.Certificate
+
+	// Optional, used for token revokation
+	TokenRevokeType string
 }

 // NewSTSCertificateIdentity returns a STSCertificateIdentity that authenticates
@ -122,6 +125,9 @@ func (i *STSCertificateIdentity) RetrieveWithCredContext(cc *CredContext) (Value
 	queryValues := url.Values{}
 	queryValues.Set("Action", "AssumeRoleWithCertificate")
 	queryValues.Set("Version", STSVersion)
+	if i.TokenRevokeType != "" {
+		queryValues.Set("TokenRevokeType", i.TokenRevokeType)
+	}
 	endpointURL.RawQuery = queryValues.Encode()

 	req, err := http.NewRequest(http.MethodPost, endpointURL.String(), nil)
--- a/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_web_identity.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_web_identity.go
@ -93,6 +93,9 @@ type STSWebIdentity struct {

 	// roleSessionName is the identifier for the assumed role session.
 	roleSessionName string
+
+	// Optional, used for token revokation
+	TokenRevokeType string
 }

 // NewSTSWebIdentity returns a pointer to a new
@ -135,7 +138,7 @@ func WithPolicy(policy string) func(*STSWebIdentity) {
 }

 func getWebIdentityCredentials(clnt *http.Client, endpoint, roleARN, roleSessionName string, policy string,
-	getWebIDTokenExpiry func() (*WebIdentityToken, error),
+	getWebIDTokenExpiry func() (*WebIdentityToken, error), tokenRevokeType string,
 ) (AssumeRoleWithWebIdentityResponse, error) {
 	idToken, err := getWebIDTokenExpiry()
 	if err != nil {
@ -168,6 +171,9 @@ func getWebIdentityCredentials(clnt *http.Client, endpoint, roleARN, roleSession
 		v.Set("Policy", policy)
 	}
 	v.Set("Version", STSVersion)
+	if tokenRevokeType != "" {
+		v.Set("TokenRevokeType", tokenRevokeType)
+	}

 	u, err := url.Parse(endpoint)
 	if err != nil {
@ -236,7 +242,7 @@ func (m *STSWebIdentity) RetrieveWithCredContext(cc *CredContext) (Value, error)
 		return Value{}, errors.New("STS endpoint unknown")
 	}

-	a, err := getWebIdentityCredentials(client, stsEndpoint, m.RoleARN, m.roleSessionName, m.Policy, m.GetWebIDTokenExpiry)
+	a, err := getWebIdentityCredentials(client, stsEndpoint, m.RoleARN, m.roleSessionName, m.Policy, m.GetWebIDTokenExpiry, m.TokenRevokeType)
 	if err != nil {
 		return Value{}, err
 	}
--- a/vendor/github.com/minio/minio-go/v7/pkg/lifecycle/lifecycle.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/lifecycle/lifecycle.go
@ -192,7 +192,7 @@ func (t Transition) IsDaysNull() bool {

 // IsDateNull returns true if date field is null
 func (t Transition) IsDateNull() bool {
-	return t.Date.Time.IsZero()
+	return t.Date.IsZero()
 }

 // IsNull returns true if no storage-class is set.
@ -323,7 +323,7 @@ type ExpirationDate struct {
 // MarshalXML encodes expiration date if it is non-zero and encodes
 // empty string otherwise
 func (eDate ExpirationDate) MarshalXML(e *xml.Encoder, startElement xml.StartElement) error {
-	if eDate.Time.IsZero() {
+	if eDate.IsZero() {
 		return nil
 	}
 	return e.EncodeElement(eDate.Format(time.RFC3339), startElement)
@ -392,7 +392,7 @@ func (e Expiration) IsDaysNull() bool {

 // IsDateNull returns true if date field is null
 func (e Expiration) IsDateNull() bool {
-	return e.Date.Time.IsZero()
+	return e.Date.IsZero()
 }

 // IsDeleteMarkerExpirationEnabled returns true if the auto-expiration of delete marker is enabled
--- a/vendor/github.com/minio/minio-go/v7/pkg/notification/notification.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/notification/notification.go
@ -283,7 +283,6 @@ func (b *Configuration) AddTopic(topicConfig Config) bool {
 	for _, n := range b.TopicConfigs {
 		// If new config matches existing one
 		if n.Topic == newTopicConfig.Arn.String() && newTopicConfig.Filter == n.Filter {
-
 			existingConfig := set.NewStringSet()
 			for _, v := range n.Events {
 				existingConfig.Add(string(v))
@ -308,7 +307,6 @@ func (b *Configuration) AddQueue(queueConfig Config) bool {
 	newQueueConfig := QueueConfig{Config: queueConfig, Queue: queueConfig.Arn.String()}
 	for _, n := range b.QueueConfigs {
 		if n.Queue == newQueueConfig.Arn.String() && newQueueConfig.Filter == n.Filter {
-
 			existingConfig := set.NewStringSet()
 			for _, v := range n.Events {
 				existingConfig.Add(string(v))
@ -333,7 +331,6 @@ func (b *Configuration) AddLambda(lambdaConfig Config) bool {
 	newLambdaConfig := LambdaConfig{Config: lambdaConfig, Lambda: lambdaConfig.Arn.String()}
 	for _, n := range b.LambdaConfigs {
 		if n.Lambda == newLambdaConfig.Arn.String() && newLambdaConfig.Filter == n.Filter {
-
 			existingConfig := set.NewStringSet()
 			for _, v := range n.Events {
 				existingConfig.Add(string(v))
@ -372,7 +369,7 @@ func (b *Configuration) RemoveTopicByArnEventsPrefixSuffix(arn Arn, events []Eve
 	removeIndex := -1
 	for i, v := range b.TopicConfigs {
 		// if it matches events and filters, mark the index for deletion
-		if v.Topic == arn.String() && v.Config.Equal(events, prefix, suffix) {
+		if v.Topic == arn.String() && v.Equal(events, prefix, suffix) {
 			removeIndex = i
 			break // since we have at most one matching config
 		}
@ -400,7 +397,7 @@ func (b *Configuration) RemoveQueueByArnEventsPrefixSuffix(arn Arn, events []Eve
 	removeIndex := -1
 	for i, v := range b.QueueConfigs {
 		// if it matches events and filters, mark the index for deletion
-		if v.Queue == arn.String() && v.Config.Equal(events, prefix, suffix) {
+		if v.Queue == arn.String() && v.Equal(events, prefix, suffix) {
 			removeIndex = i
 			break // since we have at most one matching config
 		}
@ -428,7 +425,7 @@ func (b *Configuration) RemoveLambdaByArnEventsPrefixSuffix(arn Arn, events []Ev
 	removeIndex := -1
 	for i, v := range b.LambdaConfigs {
 		// if it matches events and filters, mark the index for deletion
-		if v.Lambda == arn.String() && v.Config.Equal(events, prefix, suffix) {
+		if v.Lambda == arn.String() && v.Equal(events, prefix, suffix) {
 			removeIndex = i
 			break // since we have at most one matching config
 		}
--- a/vendor/github.com/minio/minio-go/v7/pkg/replication/replication.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/replication/replication.go
@ -868,8 +868,20 @@ type ReplQNodeStats struct {
 	XferStats    map[MetricName]XferStats            `json:"transferSummary"`
 	TgtXferStats map[string]map[MetricName]XferStats `json:"tgtTransferStats"`

-	QStats   InQueueMetric `json:"queueStats"`
-	MRFStats ReplMRFStats  `json:"mrfStats"`
+	QStats   InQueueMetric  `json:"queueStats"`
+	MRFStats ReplMRFStats   `json:"mrfStats"`
+	Retries  CounterSummary `json:"retries"`
+	Errors   CounterSummary `json:"errors"`
+}
+
+// CounterSummary denotes the stats counter summary
+type CounterSummary struct {
+	// Counted last 1hr
+	Last1hr uint64 `json:"last1hr"`
+	// Counted last 1m
+	Last1m uint64 `json:"last1m"`
+	// Total counted since uptime
+	Total uint64 `json:"total"`
 }

 // ReplQueueStats holds stats for replication queue across nodes
@ -914,8 +926,10 @@ type ReplQStats struct {
 	XferStats    map[MetricName]XferStats            `json:"xferStats"`
 	TgtXferStats map[string]map[MetricName]XferStats `json:"tgtXferStats"`

-	QStats   InQueueMetric `json:"qStats"`
-	MRFStats ReplMRFStats  `json:"mrfStats"`
+	QStats   InQueueMetric  `json:"qStats"`
+	MRFStats ReplMRFStats   `json:"mrfStats"`
+	Retries  CounterSummary `json:"retries"`
+	Errors   CounterSummary `json:"errors"`
 }

 // QStats returns cluster level stats for objects in replication queue
@ -958,6 +972,12 @@ func (q ReplQueueStats) QStats() (r ReplQStats) {
 		r.MRFStats.LastFailedCount += node.MRFStats.LastFailedCount
 		r.MRFStats.TotalDroppedCount += node.MRFStats.TotalDroppedCount
 		r.MRFStats.TotalDroppedBytes += node.MRFStats.TotalDroppedBytes
+		r.Retries.Last1hr += node.Retries.Last1hr
+		r.Retries.Last1m += node.Retries.Last1m
+		r.Retries.Total += node.Retries.Total
+		r.Errors.Last1hr += node.Errors.Last1hr
+		r.Errors.Last1m += node.Errors.Last1m
+		r.Errors.Total += node.Errors.Total
 		r.Uptime += node.Uptime
 	}
 	if len(q.Nodes) > 0 {
@ -968,7 +988,21 @@ func (q ReplQueueStats) QStats() (r ReplQStats) {

 // MetricsV2 represents replication metrics for a bucket.
 type MetricsV2 struct {
-	Uptime       int64          `json:"uptime"`
-	CurrentStats Metrics        `json:"currStats"`
-	QueueStats   ReplQueueStats `json:"queueStats"`
+	Uptime       int64                   `json:"uptime"`
+	CurrentStats Metrics                 `json:"currStats"`
+	QueueStats   ReplQueueStats          `json:"queueStats"`
+	DowntimeInfo map[string]DowntimeInfo `json:"downtimeInfo"`
+}
+
+// DowntimeInfo represents the downtime info
+type DowntimeInfo struct {
+	Duration Stat `json:"duration"`
+	Count    Stat `json:"count"`
+}
+
+// Stat represents the aggregates
+type Stat struct {
+	Total int64 `json:"total"`
+	Avg   int64 `json:"avg"`
+	Max   int64 `json:"max"`
 }
--- a/vendor/github.com/minio/minio-go/v7/pkg/s3utils/utils.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/s3utils/utils.go
@ -218,7 +218,7 @@ func IsAmazonPrivateLinkEndpoint(endpointURL url.URL) bool {
 	if endpointURL == sentinelURL {
 		return false
 	}
-	return amazonS3HostPrivateLink.MatchString(endpointURL.Host)
+	return amazonS3HostPrivateLink.MatchString(endpointURL.Hostname())
 }

 // IsGoogleEndpoint - Match if it is exactly Google cloud storage endpoint.
@ -261,44 +261,6 @@ func QueryEncode(v url.Values) string {
 	return buf.String()
 }

-// TagDecode - decodes canonical tag into map of key and value.
-func TagDecode(ctag string) map[string]string {
-	if ctag == "" {
-		return map[string]string{}
-	}
-	tags := strings.Split(ctag, "&")
-	tagMap := make(map[string]string, len(tags))
-	var err error
-	for _, tag := range tags {
-		kvs := strings.SplitN(tag, "=", 2)
-		if len(kvs) == 0 {
-			return map[string]string{}
-		}
-		if len(kvs) == 1 {
-			return map[string]string{}
-		}
-		tagMap[kvs[0]], err = url.PathUnescape(kvs[1])
-		if err != nil {
-			continue
-		}
-	}
-	return tagMap
-}
-
-// TagEncode - encodes tag values in their URL encoded form. In
-// addition to the percent encoding performed by urlEncodePath() used
-// here, it also percent encodes '/' (forward slash)
-func TagEncode(tags map[string]string) string {
-	if tags == nil {
-		return ""
-	}
-	values := url.Values{}
-	for k, v := range tags {
-		values[k] = []string{v}
-	}
-	return QueryEncode(values)
-}
-
 // if object matches reserved string, no need to encode them
 var reservedObjectNames = regexp.MustCompile("^[a-zA-Z0-9-_.~/]+$")

--- a/vendor/github.com/minio/minio-go/v7/pkg/signer/request-signature-streaming-unsigned-trailer.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/signer/request-signature-streaming-unsigned-trailer.go
@ -212,7 +212,6 @@ func (s *StreamingUSReader) Read(buf []byte) (int, error) {
 				}
 				return 0, err
 			}
-
 		}
 	}
 	return s.buf.Read(buf)
--- a/vendor/github.com/minio/minio-go/v7/pkg/signer/request-signature-streaming.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/signer/request-signature-streaming.go
@ -387,7 +387,6 @@ func (s *StreamingReader) Read(buf []byte) (int, error) {
 				}
 				return 0, err
 			}
-
 		}
 	}
 	return s.buf.Read(buf)
--- a/vendor/github.com/minio/minio-go/v7/pkg/signer/request-signature-v2.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/signer/request-signature-v2.go
@ -148,7 +148,7 @@ func SignV2(req http.Request, accessKeyID, secretAccessKey string, virtualHost b

 	// Prepare auth header.
 	authHeader := new(bytes.Buffer)
-	authHeader.WriteString(fmt.Sprintf("%s %s:", signV2Algorithm, accessKeyID))
+	fmt.Fprintf(authHeader, "%s %s:", signV2Algorithm, accessKeyID)
 	encoder := base64.NewEncoder(base64.StdEncoding, authHeader)
 	encoder.Write(hm.Sum(nil))
 	encoder.Close()
--- a/vendor/github.com/minio/minio-go/v7/pkg/signer/request-signature-v4.go
+++ b/vendor/github.com/minio/minio-go/v7/pkg/signer/request-signature-v4.go
@ -128,8 +128,8 @@ func getCanonicalHeaders(req http.Request, ignoredHeaders map[string]bool) strin
 	for _, k := range headers {
 		buf.WriteString(k)
 		buf.WriteByte(':')
-		switch {
-		case k == "host":
+		switch k {
+		case "host":
 			buf.WriteString(getHostAddr(&req))
 			buf.WriteByte('\n')
 		default: