move madmin to github.com/minio/madmin-go (#12239)

CREDITS

@@ -10317,6 +10317,214 @@ https://github.com/minio/highwayhash
 
 ================================================================
 
+github.com/minio/madmin-go
+https://github.com/minio/madmin-go
+----------------------------------------------------------------
+
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+
+================================================================
+
 github.com/minio/md5-simd
 https://github.com/minio/md5-simd
 ----------------------------------------------------------------
@@ -15668,6 +15876,249 @@ The above copyright notice and this permission notice shall be included in all c
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 ================================================================
 
+github.com/tklauser/go-sysconf
+https://github.com/tklauser/go-sysconf
+----------------------------------------------------------------
+BSD 3-Clause License
+
+Copyright (c) 2018, Tobias Klauser
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+* Redistributions of source code must retain the above copyright notice, this
+  list of conditions and the following disclaimer.
+
+* Redistributions in binary form must reproduce the above copyright notice,
+  this list of conditions and the following disclaimer in the documentation
+  and/or other materials provided with the distribution.
+
+* Neither the name of the copyright holder nor the names of its
+  contributors may be used to endorse or promote products derived from
+  this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+================================================================
+
+github.com/tklauser/numcpus
+https://github.com/tklauser/numcpus
+----------------------------------------------------------------
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "{}"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright {yyyy} Authors of Cilium
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+
+
+================================================================
+
 github.com/tmc/grpc-websocket-proxy
 https://github.com/tmc/grpc-websocket-proxy
 ----------------------------------------------------------------

cmd/admin-bucket-handlers.go

@@ -24,9 +24,9 @@ import (
 	"net/http"
 
 	"github.com/gorilla/mux"
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/cmd/logger"
 	iampolicy "github.com/minio/minio/pkg/iam/policy"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 const (

cmd/admin-handlers-config-kv.go

@@ -27,6 +27,7 @@ import (
 	"strings"
 
 	"github.com/gorilla/mux"
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/cmd/config"
 	"github.com/minio/minio/cmd/config/cache"
 	"github.com/minio/minio/cmd/config/etcd"
@@ -37,7 +38,6 @@ import (
 	"github.com/minio/minio/cmd/logger"
 	"github.com/minio/minio/pkg/auth"
 	iampolicy "github.com/minio/minio/pkg/iam/policy"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 func validateAdminReqConfigKV(ctx context.Context, w http.ResponseWriter, r *http.Request) (auth.Credentials, ObjectLayer) {

cmd/admin-handlers-users.go

@@ -18,6 +18,7 @@
 package cmd
 
 import (
+	"bytes"
 	"context"
 	"encoding/json"
 	"errors"
@@ -27,11 +28,11 @@ import (
 	"sort"
 
 	"github.com/gorilla/mux"
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/cmd/config/dns"
 	"github.com/minio/minio/cmd/logger"
 	"github.com/minio/minio/pkg/auth"
 	iampolicy "github.com/minio/minio/pkg/iam/policy"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 func validateAdminUsersReq(ctx context.Context, w http.ResponseWriter, r *http.Request, action iampolicy.AdminAction) (ObjectLayer, auth.Credentials) {
@@ -533,7 +534,20 @@ func (a adminAPIHandlers) AddServiceAccount(w http.ResponseWriter, r *http.Reque
 		targetGroups = cred.Groups
 	}
 
-	opts := newServiceAccountOpts{sessionPolicy: createReq.Policy, accessKey: createReq.AccessKey, secretKey: createReq.SecretKey}
+	var sp *iampolicy.Policy
+	if len(createReq.Policy) > 0 {
+		sp, err = iampolicy.ParseConfig(bytes.NewReader(createReq.Policy))
+		if err != nil {
+			writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
+			return
+		}
+	}
+
+	opts := newServiceAccountOpts{
+		accessKey:     createReq.AccessKey,
+		secretKey:     createReq.SecretKey,
+		sessionPolicy: sp,
+	}
 	newCred, err := globalIAMSys.NewServiceAccount(ctx, targetUser, targetGroups, opts)
 	if err != nil {
 		writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
@@ -549,7 +563,7 @@ func (a adminAPIHandlers) AddServiceAccount(w http.ResponseWriter, r *http.Reque
 	}
 
 	var createResp = madmin.AddServiceAccountResp{
-		Credentials: auth.Credentials{
+		Credentials: madmin.Credentials{
 			AccessKey: newCred.AccessKey,
 			SecretKey: newCred.SecretKey,
 		},
@@ -632,7 +646,19 @@ func (a adminAPIHandlers) UpdateServiceAccount(w http.ResponseWriter, r *http.Re
 		return
 	}
 
-	opts := updateServiceAccountOpts{sessionPolicy: updateReq.NewPolicy, secretKey: updateReq.NewSecretKey, status: updateReq.NewStatus}
+	var sp *iampolicy.Policy
+	if len(updateReq.NewPolicy) > 0 {
+		sp, err = iampolicy.ParseConfig(bytes.NewReader(updateReq.NewPolicy))
+		if err != nil {
+			writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
+			return
+		}
+	}
+	opts := updateServiceAccountOpts{
+		secretKey:     updateReq.NewSecretKey,
+		status:        updateReq.NewStatus,
+		sessionPolicy: sp,
+	}
 	err = globalIAMSys.UpdateServiceAccount(ctx, accessKey, opts)
 	if err != nil {
 		writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
@@ -988,9 +1014,16 @@ func (a adminAPIHandlers) AccountInfoHandler(w http.ResponseWriter, r *http.Requ
 		return
 	}
 
+	p := globalIAMSys.GetCombinedPolicy(policies...)
+	buf, err := json.Marshal(p)
+	if err != nil {
+		writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
+		return
+	}
+
 	acctInfo := madmin.AccountInfo{
 		AccountName: accountName,
-		Policy:      globalIAMSys.GetCombinedPolicy(policies...),
+		Policy:      buf,
 	}
 
 	for _, bucket := range buckets {

cmd/admin-handlers.go

@@ -37,6 +37,7 @@ import (
 	"time"
 
 	"github.com/gorilla/mux"
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/cmd/config"
 	"github.com/minio/minio/cmd/crypto"
 	xhttp "github.com/minio/minio/cmd/http"
@@ -47,9 +48,7 @@ import (
 	"github.com/minio/minio/pkg/handlers"
 	iampolicy "github.com/minio/minio/pkg/iam/policy"
 	"github.com/minio/minio/pkg/kms"
-	"github.com/minio/minio/pkg/madmin"
 	xnet "github.com/minio/minio/pkg/net"
-	trace "github.com/minio/minio/pkg/trace"
 )
 
 const (
@@ -1061,13 +1060,13 @@ func toAdminAPIErr(ctx context.Context, err error) APIError {
 	return apiErr
 }
 
-// Returns true if the trace.Info should be traced,
+// Returns true if the madmin.TraceInfo should be traced,
 // false if certain conditions are not met.
-// - input entry is not of the type *trace.Info*
+// - input entry is not of the type *madmin.TraceInfo*
 // - errOnly entries are to be traced, not status code 2xx, 3xx.
-// - trace.Info type is asked by opts
+// - madmin.TraceInfo type is asked by opts
 func mustTrace(entry interface{}, opts madmin.ServiceTraceOpts) (shouldTrace bool) {
-	trcInfo, ok := entry.(trace.Info)
+	trcInfo, ok := entry.(madmin.TraceInfo)
 	if !ok {
 		return false
 	}
@@ -1082,11 +1081,11 @@ func mustTrace(entry interface{}, opts madmin.ServiceTraceOpts) (shouldTrace boo
 	if opts.Threshold > 0 {
 		var latency time.Duration
 		switch trcInfo.TraceType {
-		case trace.OS:
+		case madmin.TraceOS:
 			latency = trcInfo.OSStats.Duration
-		case trace.Storage:
+		case madmin.TraceStorage:
 			latency = trcInfo.StorageStats.Duration
-		case trace.HTTP:
+		case madmin.TraceHTTP:
 			latency = trcInfo.CallStats.Latency
 		}
 		if latency < opts.Threshold {
@@ -1094,19 +1093,19 @@ func mustTrace(entry interface{}, opts madmin.ServiceTraceOpts) (shouldTrace boo
 		}
 	}
 
-	if opts.Internal && trcInfo.TraceType == trace.HTTP && HasPrefix(trcInfo.ReqInfo.Path, minioReservedBucketPath+SlashSeparator) {
+	if opts.Internal && trcInfo.TraceType == madmin.TraceHTTP && HasPrefix(trcInfo.ReqInfo.Path, minioReservedBucketPath+SlashSeparator) {
 		return true
 	}
 
-	if opts.S3 && trcInfo.TraceType == trace.HTTP && !HasPrefix(trcInfo.ReqInfo.Path, minioReservedBucketPath+SlashSeparator) {
+	if opts.S3 && trcInfo.TraceType == madmin.TraceHTTP && !HasPrefix(trcInfo.ReqInfo.Path, minioReservedBucketPath+SlashSeparator) {
 		return true
 	}
 
-	if opts.Storage && trcInfo.TraceType == trace.Storage {
+	if opts.Storage && trcInfo.TraceType == madmin.TraceStorage {
 		return true
 	}
 
-	return opts.OS && trcInfo.TraceType == trace.OS
+	return opts.OS && trcInfo.TraceType == madmin.TraceOS
 }
 
 func extractTraceOptions(r *http.Request) (opts madmin.ServiceTraceOpts, err error) {

cmd/admin-handlers_test.go

@@ -30,8 +30,8 @@ import (
 	"testing"
 
 	"github.com/gorilla/mux"
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/pkg/auth"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 // adminErasureTestBed - encapsulates subsystems that need to be setup for

cmd/admin-heal-ops.go

@@ -26,8 +26,8 @@ import (
 	"sync"
 	"time"
 
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/cmd/logger"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 // healStatusSummary - overall short summary of a healing sequence

cmd/admin-router.go

@@ -21,7 +21,7 @@ import (
 	"net/http"
 
 	"github.com/gorilla/mux"
-	"github.com/minio/minio/pkg/madmin"
+	"github.com/minio/madmin-go"
 )
 
 const (

cmd/admin-server-info.go

@@ -23,8 +23,8 @@ import (
 	"runtime"
 	"time"
 
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/cmd/logger"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 // getLocalServerProperty - returns madmin.ServerProperties for only the

cmd/background-heal-ops.go

@@ -21,8 +21,8 @@ import (
 	"context"
 	"time"
 
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/cmd/logger"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 // healTask represents what to heal along with options

cmd/background-newdisks-heal-ops.go

@@ -30,11 +30,11 @@ import (
 	"time"
 
 	"github.com/dustin/go-humanize"
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio-go/v7/pkg/set"
 	"github.com/minio/minio/cmd/logger"
 	"github.com/minio/minio/pkg/color"
 	"github.com/minio/minio/pkg/console"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 const (

cmd/bucket-metadata-sys.go

@@ -24,6 +24,7 @@ import (
 	"fmt"
 	"sync"
 
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio-go/v7/pkg/tags"
 	"github.com/minio/minio/cmd/crypto"
 	"github.com/minio/minio/cmd/logger"
@@ -34,7 +35,6 @@ import (
 	"github.com/minio/minio/pkg/bucket/replication"
 	"github.com/minio/minio/pkg/bucket/versioning"
 	"github.com/minio/minio/pkg/event"
-	"github.com/minio/minio/pkg/madmin"
 	"github.com/minio/minio/pkg/sync/errgroup"
 )
 

cmd/bucket-metadata.go

@@ -29,6 +29,7 @@ import (
 	"path"
 	"time"
 
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio-go/v7/pkg/tags"
 	"github.com/minio/minio/cmd/crypto"
 	"github.com/minio/minio/cmd/logger"
@@ -41,7 +42,6 @@ import (
 	"github.com/minio/minio/pkg/event"
 	"github.com/minio/minio/pkg/fips"
 	"github.com/minio/minio/pkg/kms"
-	"github.com/minio/minio/pkg/madmin"
 	"github.com/minio/sio"
 )
 

cmd/bucket-quota.go

@@ -23,9 +23,9 @@ import (
 	"fmt"
 	"time"
 
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/cmd/logger"
 	"github.com/minio/minio/pkg/event"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 // BucketQuotaSys - map of bucket and quota configuration.

cmd/bucket-replication.go

@@ -26,6 +26,7 @@ import (
 	"sync"
 	"time"
 
+	"github.com/minio/madmin-go"
 	minio "github.com/minio/minio-go/v7"
 	miniogo "github.com/minio/minio-go/v7"
 	"github.com/minio/minio-go/v7/pkg/encrypt"
@@ -38,7 +39,6 @@ import (
 	"github.com/minio/minio/pkg/bucket/replication"
 	"github.com/minio/minio/pkg/event"
 	iampolicy "github.com/minio/minio/pkg/iam/policy"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 // gets replication config associated to a given bucket name.

cmd/bucket-targets.go

@@ -26,13 +26,13 @@ import (
 	"sync"
 	"time"
 
+	"github.com/minio/madmin-go"
 	minio "github.com/minio/minio-go/v7"
 	miniogo "github.com/minio/minio-go/v7"
 	"github.com/minio/minio-go/v7/pkg/credentials"
 	"github.com/minio/minio/cmd/crypto"
 	"github.com/minio/minio/cmd/logger"
 	"github.com/minio/minio/pkg/bucket/versioning"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 const (

cmd/config-current.go

@@ -24,6 +24,7 @@ import (
 	"strings"
 	"sync"
 
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/cmd/config"
 	"github.com/minio/minio/cmd/config/api"
 	"github.com/minio/minio/cmd/config/cache"
@@ -43,7 +44,6 @@ import (
 	"github.com/minio/minio/cmd/logger/target/http"
 	"github.com/minio/minio/pkg/env"
 	"github.com/minio/minio/pkg/kms"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 func initHelp() {

cmd/config-encrypted.go

@@ -25,11 +25,11 @@ import (
 	"time"
 	"unicode/utf8"
 
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/cmd/config"
 	"github.com/minio/minio/cmd/logger"
 	"github.com/minio/minio/pkg/auth"
 	"github.com/minio/minio/pkg/kms"
-	"github.com/minio/minio/pkg/madmin"
 	etcd "go.etcd.io/etcd/clientv3"
 )
 

cmd/config-encrypted_test.go

@@ -21,8 +21,8 @@ import (
 	"bytes"
 	"testing"
 
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/pkg/auth"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 func TestDecryptData(t *testing.T) {

cmd/config-migrate.go

@@ -27,6 +27,7 @@ import (
 	"strings"
 	"unicode/utf8"
 
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/cmd/config"
 	"github.com/minio/minio/cmd/config/cache"
 	"github.com/minio/minio/cmd/config/compress"
@@ -40,7 +41,6 @@ import (
 	"github.com/minio/minio/pkg/event"
 	"github.com/minio/minio/pkg/event/target"
 	"github.com/minio/minio/pkg/kms"
-	"github.com/minio/minio/pkg/madmin"
 	xnet "github.com/minio/minio/pkg/net"
 	"github.com/minio/minio/pkg/quick"
 )

cmd/config.go

@@ -26,9 +26,9 @@ import (
 	"unicode/utf8"
 
 	jsoniter "github.com/json-iterator/go"
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/cmd/config"
 	"github.com/minio/minio/pkg/kms"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 const (

cmd/config/config.go

@@ -24,10 +24,10 @@ import (
 	"regexp"
 	"strings"
 
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio-go/v7/pkg/set"
 	"github.com/minio/minio/pkg/auth"
 	"github.com/minio/minio/pkg/env"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 // Error config error type

cmd/config/config_test.go

@@ -20,7 +20,7 @@ package config
 import (
 	"testing"
 
-	"github.com/minio/minio/pkg/madmin"
+	"github.com/minio/madmin-go"
 )
 
 func TestKVFields(t *testing.T) {

cmd/data-scanner.go

@@ -31,6 +31,7 @@ import (
 	"sync"
 	"time"
 
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/cmd/config/heal"
 	"github.com/minio/minio/cmd/logger"
 	"github.com/minio/minio/cmd/logger/message/audit"
@@ -40,7 +41,6 @@ import (
 	"github.com/minio/minio/pkg/console"
 	"github.com/minio/minio/pkg/event"
 	"github.com/minio/minio/pkg/hash"
-	"github.com/minio/minio/pkg/madmin"
 	"github.com/willf/bloom"
 )
 

cmd/data-usage-cache.go

@@ -30,10 +30,10 @@ import (
 
 	"github.com/cespare/xxhash/v2"
 	"github.com/klauspost/compress/zstd"
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/cmd/logger"
 	"github.com/minio/minio/pkg/bucket/lifecycle"
 	"github.com/minio/minio/pkg/hash"
-	"github.com/minio/minio/pkg/madmin"
 	"github.com/tinylib/msgp/msgp"
 )
 

cmd/data-usage.go

@@ -24,9 +24,9 @@ import (
 	"net/http"
 
 	jsoniter "github.com/json-iterator/go"
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/cmd/logger"
 	"github.com/minio/minio/pkg/hash"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 const (

cmd/erasure-healing-common.go

@@ -22,8 +22,8 @@ import (
 	"context"
 	"time"
 
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/pkg/bucket/lifecycle"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 // commonTime returns a maximally occurring time from a list of time.

cmd/erasure-healing-common_test.go

@@ -26,7 +26,7 @@ import (
 	"testing"
 	"time"
 
-	"github.com/minio/minio/pkg/madmin"
+	"github.com/minio/madmin-go"
 )
 
 // validates functionality provided to find most common

cmd/erasure-healing.go

@@ -26,9 +26,9 @@ import (
 	"sync"
 	"time"
 
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/cmd/logger"
 	"github.com/minio/minio/pkg/bucket/lifecycle"
-	"github.com/minio/minio/pkg/madmin"
 	"github.com/minio/minio/pkg/sync/errgroup"
 )
 

cmd/erasure-healing_test.go

@@ -28,7 +28,7 @@ import (
 	"time"
 
 	"github.com/dustin/go-humanize"
-	"github.com/minio/minio/pkg/madmin"
+	"github.com/minio/madmin-go"
 )
 
 // Tests both object and bucket healing.

cmd/erasure-object.go

@@ -28,6 +28,7 @@ import (
 	"strings"
 	"sync"
 
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio-go/v7/pkg/tags"
 	xhttp "github.com/minio/minio/cmd/http"
 	"github.com/minio/minio/cmd/logger"
@@ -35,7 +36,6 @@ import (
 	"github.com/minio/minio/pkg/bucket/replication"
 	"github.com/minio/minio/pkg/event"
 	"github.com/minio/minio/pkg/hash"
-	"github.com/minio/minio/pkg/madmin"
 	"github.com/minio/minio/pkg/mimedb"
 	"github.com/minio/minio/pkg/sync/errgroup"
 )

cmd/erasure-server-pool.go

@@ -30,11 +30,11 @@ import (
 	"sync"
 	"time"
 
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio-go/v7/pkg/set"
 	"github.com/minio/minio-go/v7/pkg/tags"
 	"github.com/minio/minio/cmd/config/storageclass"
 	"github.com/minio/minio/cmd/logger"
-	"github.com/minio/minio/pkg/madmin"
 	"github.com/minio/minio/pkg/sync/errgroup"
 	"github.com/minio/minio/pkg/wildcard"
 )

cmd/erasure-sets.go

@@ -32,6 +32,7 @@ import (
 	"github.com/dchest/siphash"
 	"github.com/dustin/go-humanize"
 	"github.com/google/uuid"
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio-go/v7/pkg/set"
 	"github.com/minio/minio-go/v7/pkg/tags"
 	"github.com/minio/minio/cmd/logger"
@@ -39,7 +40,6 @@ import (
 	"github.com/minio/minio/pkg/console"
 	"github.com/minio/minio/pkg/dsync"
 	"github.com/minio/minio/pkg/env"
-	"github.com/minio/minio/pkg/madmin"
 	"github.com/minio/minio/pkg/sync/errgroup"
 )
 

cmd/erasure.go

@@ -27,11 +27,11 @@ import (
 	"sync"
 	"time"
 
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/cmd/logger"
 	"github.com/minio/minio/pkg/bpool"
 	"github.com/minio/minio/pkg/color"
 	"github.com/minio/minio/pkg/dsync"
-	"github.com/minio/minio/pkg/madmin"
 	"github.com/minio/minio/pkg/sync/errgroup"
 )
 

cmd/fs-v1.go

@@ -34,6 +34,7 @@ import (
 	"time"
 
 	jsoniter "github.com/json-iterator/go"
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio-go/v7/pkg/s3utils"
 	"github.com/minio/minio-go/v7/pkg/tags"
 	"github.com/minio/minio/cmd/config"
@@ -43,7 +44,6 @@ import (
 	"github.com/minio/minio/pkg/color"
 	xioutil "github.com/minio/minio/pkg/ioutil"
 	"github.com/minio/minio/pkg/lock"
-	"github.com/minio/minio/pkg/madmin"
 	"github.com/minio/minio/pkg/mimedb"
 	"github.com/minio/minio/pkg/mountinfo"
 )

cmd/fs-v1_test.go

@@ -23,7 +23,7 @@ import (
 	"path/filepath"
 	"testing"
 
-	"github.com/minio/minio/pkg/madmin"
+	"github.com/minio/madmin-go"
 )
 
 // Tests for if parent directory is object

cmd/gateway-unsupported.go

@@ -29,7 +29,7 @@ import (
 	"github.com/minio/minio/pkg/bucket/policy"
 	"github.com/minio/minio/pkg/bucket/versioning"
 
-	"github.com/minio/minio/pkg/madmin"
+	"github.com/minio/madmin-go"
 )
 
 // GatewayUnsupported list of unsupported call stubs for gateway.

cmd/gateway/azure/gateway-azure.go

@@ -40,6 +40,7 @@ import (
 	"github.com/Azure/azure-storage-blob-go/azblob"
 	humanize "github.com/dustin/go-humanize"
 	"github.com/minio/cli"
+	"github.com/minio/madmin-go"
 	miniogopolicy "github.com/minio/minio-go/v7/pkg/policy"
 	minio "github.com/minio/minio/cmd"
 	"github.com/minio/minio/cmd/logger"
@@ -47,7 +48,6 @@ import (
 	"github.com/minio/minio/pkg/bucket/policy"
 	"github.com/minio/minio/pkg/bucket/policy/condition"
 	"github.com/minio/minio/pkg/env"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 const (

cmd/gateway/gcs/gateway-gcs.go

@@ -37,6 +37,7 @@ import (
 	"cloud.google.com/go/storage"
 	humanize "github.com/dustin/go-humanize"
 	"github.com/minio/cli"
+	"github.com/minio/madmin-go"
 	miniogopolicy "github.com/minio/minio-go/v7/pkg/policy"
 	minio "github.com/minio/minio/cmd"
 	"github.com/minio/minio/cmd/logger"
@@ -44,7 +45,6 @@ import (
 	"github.com/minio/minio/pkg/bucket/policy"
 	"github.com/minio/minio/pkg/bucket/policy/condition"
 	"github.com/minio/minio/pkg/env"
-	"github.com/minio/minio/pkg/madmin"
 	"google.golang.org/api/googleapi"
 	"google.golang.org/api/iterator"
 	"google.golang.org/api/option"

cmd/gateway/hdfs/gateway-hdfs.go

@@ -38,12 +38,12 @@ import (
 	"github.com/jcmturner/gokrb5/v8/credentials"
 	"github.com/jcmturner/gokrb5/v8/keytab"
 	"github.com/minio/cli"
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio-go/v7/pkg/s3utils"
 	minio "github.com/minio/minio/cmd"
 	"github.com/minio/minio/cmd/logger"
 	"github.com/minio/minio/pkg/auth"
 	"github.com/minio/minio/pkg/env"
-	"github.com/minio/minio/pkg/madmin"
 	xnet "github.com/minio/minio/pkg/net"
 )
 

cmd/gateway/nas/gateway-nas.go

@@ -20,9 +20,9 @@ import (
 	"context"
 
 	"github.com/minio/cli"
+	"github.com/minio/madmin-go"
 	minio "github.com/minio/minio/cmd"
 	"github.com/minio/minio/pkg/auth"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 func init() {

cmd/gateway/s3/gateway-s3.go

@@ -27,6 +27,7 @@ import (
 	"time"
 
 	"github.com/minio/cli"
+	"github.com/minio/madmin-go"
 	miniogo "github.com/minio/minio-go/v7"
 	"github.com/minio/minio-go/v7/pkg/credentials"
 	"github.com/minio/minio-go/v7/pkg/encrypt"
@@ -37,7 +38,6 @@ import (
 	"github.com/minio/minio/cmd/logger"
 	"github.com/minio/minio/pkg/auth"
 	"github.com/minio/minio/pkg/bucket/policy"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 func init() {

cmd/global-heal.go

@@ -24,10 +24,10 @@ import (
 	"sort"
 	"time"
 
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/cmd/logger"
 	"github.com/minio/minio/pkg/color"
 	"github.com/minio/minio/pkg/console"
-	"github.com/minio/minio/pkg/madmin"
 	"github.com/minio/minio/pkg/wildcard"
 )
 

cmd/handler-utils.go

@@ -32,11 +32,11 @@ import (
 	"regexp"
 	"strings"
 
+	"github.com/minio/madmin-go"
 	xhttp "github.com/minio/minio/cmd/http"
 	"github.com/minio/minio/cmd/logger"
 	"github.com/minio/minio/pkg/auth"
 	"github.com/minio/minio/pkg/handlers"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 const (

cmd/healthinfo.go

@@ -25,8 +25,8 @@ import (
 	"sync"
 	"syscall"
 
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/pkg/disk"
-	"github.com/minio/minio/pkg/madmin"
 	cpuhw "github.com/shirou/gopsutil/v3/cpu"
 	memhw "github.com/shirou/gopsutil/v3/mem"
 	"github.com/shirou/gopsutil/v3/process"

cmd/healthinfo_linux.go

@@ -25,7 +25,7 @@ import (
 	"net/http"
 	"strings"
 
-	"github.com/minio/minio/pkg/madmin"
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/pkg/smart"
 	diskhw "github.com/shirou/gopsutil/v3/disk"
 	"github.com/shirou/gopsutil/v3/host"

cmd/healthinfo_nonlinux.go

@@ -24,7 +24,7 @@ import (
 	"net/http"
 	"runtime"
 
-	"github.com/minio/minio/pkg/madmin"
+	"github.com/minio/madmin-go"
 )
 
 func getLocalDiskHwInfo(ctx context.Context, r *http.Request) madmin.ServerDiskHwInfo {

cmd/http-tracer.go

@@ -31,9 +31,9 @@ import (
 	"time"
 
 	"github.com/gorilla/mux"
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/cmd/logger"
 	"github.com/minio/minio/pkg/handlers"
-	trace "github.com/minio/minio/pkg/trace"
 	jsonrpc "github.com/minio/rpc"
 )
 
@@ -111,7 +111,7 @@ func getOpName(name string) (op string) {
 }
 
 // WebTrace gets trace of web request
-func WebTrace(ri *jsonrpc.RequestInfo) trace.Info {
+func WebTrace(ri *jsonrpc.RequestInfo) madmin.TraceInfo {
 	r := ri.Request
 	w := ri.ResponseWriter
 
@@ -126,7 +126,7 @@ func WebTrace(ri *jsonrpc.RequestInfo) trace.Info {
 	}
 
 	now := time.Now().UTC()
-	t := trace.Info{TraceType: trace.HTTP, FuncName: name, Time: now}
+	t := madmin.TraceInfo{TraceType: madmin.TraceHTTP, FuncName: name, Time: now}
 	t.NodeName = r.Host
 	if globalIsDistErasure {
 		t.NodeName = globalLocalNodeName
@@ -143,7 +143,7 @@ func WebTrace(ri *jsonrpc.RequestInfo) trace.Info {
 	}
 
 	vars := mux.Vars(r)
-	rq := trace.RequestInfo{
+	rq := madmin.TraceRequestInfo{
 		Time:     now,
 		Proto:    r.Proto,
 		Method:   r.Method,
@@ -155,7 +155,7 @@ func WebTrace(ri *jsonrpc.RequestInfo) trace.Info {
 
 	rw, ok := w.(*logger.ResponseWriter)
 	if ok {
-		rs := trace.ResponseInfo{
+		rs := madmin.TraceResponseInfo{
 			Time:       time.Now().UTC(),
 			Headers:    rw.Header().Clone(),
 			StatusCode: rw.StatusCode,
@@ -167,7 +167,7 @@ func WebTrace(ri *jsonrpc.RequestInfo) trace.Info {
 		}
 
 		t.RespInfo = rs
-		t.CallStats = trace.CallStats{
+		t.CallStats = madmin.TraceCallStats{
 			Latency:         rs.Time.Sub(rw.StartTime),
 			InputBytes:      int(r.ContentLength),
 			OutputBytes:     rw.Size(),
@@ -180,7 +180,7 @@ func WebTrace(ri *jsonrpc.RequestInfo) trace.Info {
 }
 
 // Trace gets trace of http request
-func Trace(f http.HandlerFunc, logBody bool, w http.ResponseWriter, r *http.Request) trace.Info {
+func Trace(f http.HandlerFunc, logBody bool, w http.ResponseWriter, r *http.Request) madmin.TraceInfo {
 	name := getOpName(runtime.FuncForPC(reflect.ValueOf(f).Pointer()).Name())
 
 	// Setup a http request body recorder
@@ -196,7 +196,7 @@ func Trace(f http.HandlerFunc, logBody bool, w http.ResponseWriter, r *http.Requ
 	r.Body = ioutil.NopCloser(reqBodyRecorder)
 
 	now := time.Now().UTC()
-	t := trace.Info{TraceType: trace.HTTP, FuncName: name, Time: now}
+	t := madmin.TraceInfo{TraceType: madmin.TraceHTTP, FuncName: name, Time: now}
 
 	t.NodeName = r.Host
 	if globalIsDistErasure {
@@ -214,7 +214,7 @@ func Trace(f http.HandlerFunc, logBody bool, w http.ResponseWriter, r *http.Requ
 		}
 	}
 
-	rq := trace.RequestInfo{
+	rq := madmin.TraceRequestInfo{
 		Time:     now,
 		Proto:    r.Proto,
 		Method:   r.Method,
@@ -231,7 +231,7 @@ func Trace(f http.HandlerFunc, logBody bool, w http.ResponseWriter, r *http.Requ
 	// Execute call.
 	f(rw, r)
 
-	rs := trace.ResponseInfo{
+	rs := madmin.TraceResponseInfo{
 		Time:       time.Now().UTC(),
 		Headers:    rw.Header().Clone(),
 		StatusCode: rw.StatusCode,
@@ -248,7 +248,7 @@ func Trace(f http.HandlerFunc, logBody bool, w http.ResponseWriter, r *http.Requ
 	t.ReqInfo = rq
 	t.RespInfo = rs
 
-	t.CallStats = trace.CallStats{
+	t.CallStats = madmin.TraceCallStats{
 		Latency:         rs.Time.Sub(rw.StartTime),
 		InputBytes:      reqBodyRecorder.Size(),
 		OutputBytes:     rw.Size(),

cmd/iam-etcd-store.go

@@ -29,13 +29,13 @@ import (
 	"unicode/utf8"
 
 	jwtgo "github.com/dgrijalva/jwt-go"
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio-go/v7/pkg/set"
 	"github.com/minio/minio/cmd/config"
 	"github.com/minio/minio/cmd/logger"
 	"github.com/minio/minio/pkg/auth"
 	iampolicy "github.com/minio/minio/pkg/iam/policy"
 	"github.com/minio/minio/pkg/kms"
-	"github.com/minio/minio/pkg/madmin"
 	etcd "go.etcd.io/etcd/clientv3"
 	"go.etcd.io/etcd/mvcc/mvccpb"
 )

cmd/iam-object-store.go

@@ -28,12 +28,12 @@ import (
 	"time"
 	"unicode/utf8"
 
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/cmd/config"
 	"github.com/minio/minio/cmd/logger"
 	"github.com/minio/minio/pkg/auth"
 	iampolicy "github.com/minio/minio/pkg/iam/policy"
 	"github.com/minio/minio/pkg/kms"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 // IAMObjectStore implements IAMStorageAPI

cmd/iam.go

@@ -30,11 +30,11 @@ import (
 	"time"
 
 	humanize "github.com/dustin/go-humanize"
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio-go/v7/pkg/set"
 	"github.com/minio/minio/cmd/logger"
 	"github.com/minio/minio/pkg/auth"
 	iampolicy "github.com/minio/minio/pkg/iam/policy"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 // UsersSysType - defines the type of users and groups system that is

cmd/metrics.go

@@ -23,9 +23,9 @@ import (
 	"sync/atomic"
 	"time"
 
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/cmd/logger"
 	iampolicy "github.com/minio/minio/pkg/iam/policy"
-	"github.com/minio/minio/pkg/madmin"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promhttp"
 )

cmd/notification-summary.go

@@ -18,7 +18,7 @@
 package cmd
 
 import (
-	"github.com/minio/minio/pkg/madmin"
+	"github.com/minio/madmin-go"
 )
 
 // GetTotalCapacity gets the total capacity in the cluster.

cmd/notification.go

@@ -33,6 +33,7 @@ import (
 
 	"github.com/cespare/xxhash/v2"
 	"github.com/klauspost/compress/zip"
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio-go/v7/pkg/set"
 	"github.com/minio/minio/cmd/crypto"
 	xhttp "github.com/minio/minio/cmd/http"
@@ -40,7 +41,6 @@ import (
 	bucketBandwidth "github.com/minio/minio/pkg/bucket/bandwidth"
 	"github.com/minio/minio/pkg/bucket/policy"
 	"github.com/minio/minio/pkg/event"
-	"github.com/minio/minio/pkg/madmin"
 	xnet "github.com/minio/minio/pkg/net"
 	"github.com/minio/minio/pkg/sync/errgroup"
 	"github.com/willf/bloom"

cmd/object-api-datatypes.go

@@ -23,9 +23,9 @@ import (
 	"time"
 
 	humanize "github.com/dustin/go-humanize"
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/pkg/bucket/replication"
 	"github.com/minio/minio/pkg/hash"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 // BackendType - represents different backend types.

cmd/object-api-interface.go

@@ -23,10 +23,10 @@ import (
 	"net/http"
 	"time"
 
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio-go/v7/pkg/encrypt"
 	"github.com/minio/minio-go/v7/pkg/tags"
 	"github.com/minio/minio/pkg/bucket/policy"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 // CheckPreconditionFn returns true if precondition check failed.

cmd/os-instrumented.go

@@ -22,8 +22,8 @@ import (
 	"strings"
 	"time"
 
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/pkg/disk"
-	trace "github.com/minio/minio/pkg/trace"
 )
 
 //go:generate stringer -type=osMetric -trimprefix=osMetric $GOFILE
@@ -46,13 +46,13 @@ const (
 	osMetricLast
 )
 
-func osTrace(s osMetric, startTime time.Time, duration time.Duration, path string) trace.Info {
-	return trace.Info{
-		TraceType: trace.OS,
+func osTrace(s osMetric, startTime time.Time, duration time.Duration, path string) madmin.TraceInfo {
+	return madmin.TraceInfo{
+		TraceType: madmin.TraceOS,
 		Time:      startTime,
 		NodeName:  globalLocalNodeName,
 		FuncName:  "os." + s.String(),
-		OSStats: trace.OSStats{
+		OSStats: madmin.TraceOSStats{
 			Duration: duration,
 			Path:     path,
 		},

cmd/peer-rest-client.go

@@ -33,14 +33,13 @@ import (
 	"time"
 
 	"github.com/dustin/go-humanize"
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/cmd/http"
 	xhttp "github.com/minio/minio/cmd/http"
 	"github.com/minio/minio/cmd/logger"
 	"github.com/minio/minio/cmd/rest"
 	"github.com/minio/minio/pkg/event"
-	"github.com/minio/minio/pkg/madmin"
 	xnet "github.com/minio/minio/pkg/net"
-	"github.com/minio/minio/pkg/trace"
 	"github.com/tinylib/msgp/msgp"
 )
 
@@ -740,7 +739,7 @@ func (client *peerRESTClient) doTrace(traceCh chan interface{}, doneCh <-chan st
 
 	dec := gob.NewDecoder(respBody)
 	for {
-		var info trace.Info
+		var info madmin.TraceInfo
 		if err = dec.Decode(&info); err != nil {
 			return
 		}

cmd/peer-rest-server.go

@@ -30,11 +30,10 @@ import (
 	"time"
 
 	"github.com/gorilla/mux"
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/cmd/logger"
 	b "github.com/minio/minio/pkg/bucket/bandwidth"
 	"github.com/minio/minio/pkg/event"
-	"github.com/minio/minio/pkg/madmin"
-	trace "github.com/minio/minio/pkg/trace"
 	"github.com/tinylib/msgp/msgp"
 )
 
@@ -981,7 +980,7 @@ func (s *peerRESTServer) TraceHandler(w http.ResponseWriter, r *http.Request) {
 			}
 			w.(http.Flusher).Flush()
 		case <-keepAliveTicker.C:
-			if err := enc.Encode(&trace.Info{}); err != nil {
+			if err := enc.Encode(&madmin.TraceInfo{}); err != nil {
 				return
 			}
 			w.(http.Flusher).Flush()

cmd/server-main.go

@@ -32,6 +32,7 @@ import (
 	"time"
 
 	"github.com/minio/cli"
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/cmd/config"
 	xhttp "github.com/minio/minio/cmd/http"
 	"github.com/minio/minio/cmd/logger"
@@ -42,7 +43,6 @@ import (
 	"github.com/minio/minio/pkg/color"
 	"github.com/minio/minio/pkg/env"
 	"github.com/minio/minio/pkg/fips"
-	"github.com/minio/minio/pkg/madmin"
 	"github.com/minio/minio/pkg/sync/errgroup"
 )
 

cmd/server-startup-msg.go

@@ -25,10 +25,10 @@ import (
 	"strings"
 
 	humanize "github.com/dustin/go-humanize"
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/cmd/config"
 	"github.com/minio/minio/cmd/logger"
 	color "github.com/minio/minio/pkg/color"
-	"github.com/minio/minio/pkg/madmin"
 	xnet "github.com/minio/minio/pkg/net"
 )
 

cmd/server-startup-msg_test.go

@@ -23,7 +23,7 @@ import (
 	"strings"
 	"testing"
 
-	"github.com/minio/minio/pkg/madmin"
+	"github.com/minio/madmin-go"
 )
 
 // Tests if we generate storage info.

cmd/tier-handlers.go

@@ -23,9 +23,9 @@ import (
 	"net/http"
 
 	"github.com/gorilla/mux"
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/cmd/logger"
 	iampolicy "github.com/minio/minio/pkg/iam/policy"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 var (

cmd/tier.go

@@ -28,8 +28,8 @@ import (
 	"strings"
 	"sync"
 
+	"github.com/minio/madmin-go"
 	"github.com/minio/minio/pkg/hash"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 //go:generate msgp -file $GOFILE

cmd/tier_gen.go

@@ -3,7 +3,7 @@ package cmd
 // Code generated by github.com/tinylib/msgp DO NOT EDIT.
 
 import (
-	"github.com/minio/minio/pkg/madmin"
+	"github.com/minio/madmin-go"
 	"github.com/tinylib/msgp/msgp"
 )
 

cmd/utils.go

@@ -43,12 +43,12 @@ import (
 
 	humanize "github.com/dustin/go-humanize"
 	"github.com/gorilla/mux"
+	"github.com/minio/madmin-go"
 	xhttp "github.com/minio/minio/cmd/http"
 	"github.com/minio/minio/cmd/logger"
 	"github.com/minio/minio/cmd/rest"
 	"github.com/minio/minio/pkg/certs"
 	"github.com/minio/minio/pkg/handlers"
-	"github.com/minio/minio/pkg/madmin"
 	"golang.org/x/net/http2"
 )
 

cmd/warm-backend-azure.go

@@ -28,7 +28,7 @@ import (
 	"strings"
 
 	"github.com/Azure/azure-storage-blob-go/azblob"
-	"github.com/minio/minio/pkg/madmin"
+	"github.com/minio/madmin-go"
 )
 
 type warmBackendAzure struct {

cmd/warm-backend-gcs.go

@@ -23,7 +23,7 @@ import (
 	"io"
 
 	"cloud.google.com/go/storage"
-	"github.com/minio/minio/pkg/madmin"
+	"github.com/minio/madmin-go"
 	"google.golang.org/api/googleapi"
 	"google.golang.org/api/iterator"
 	"google.golang.org/api/option"

cmd/warm-backend-s3.go

@@ -25,10 +25,10 @@ import (
 	"strings"
 	"time"
 
+	"github.com/minio/madmin-go"
 	minio "github.com/minio/minio-go/v7"
 	miniogo "github.com/minio/minio-go/v7"
 	"github.com/minio/minio-go/v7/pkg/credentials"
-	"github.com/minio/minio/pkg/madmin"
 )
 
 type warmBackendS3 struct {

cmd/warm-backend.go

@@ -24,7 +24,7 @@ import (
 	"fmt"
 	"io"
 
-	"github.com/minio/minio/pkg/madmin"
+	"github.com/minio/madmin-go"
 )
 
 // WarmBackendGetOpts is used to express byte ranges within an object. The zero

cmd/xl-storage-disk-id-check.go

@@ -26,7 +26,7 @@ import (
 	"time"
 
 	ewma "github.com/VividCortex/ewma"
-	trace "github.com/minio/minio/pkg/trace"
+	"github.com/minio/madmin-go"
 )
 
 //go:generate stringer -type=storageMetric -trimprefix=storageMetric $GOFILE
@@ -607,13 +607,13 @@ func (p *xlStorageDiskIDCheck) ReadAll(ctx context.Context, volume string, path
 	return p.storage.ReadAll(ctx, volume, path)
 }
 
-func storageTrace(s storageMetric, startTime time.Time, duration time.Duration, path string) trace.Info {
-	return trace.Info{
-		TraceType: trace.Storage,
+func storageTrace(s storageMetric, startTime time.Time, duration time.Duration, path string) madmin.TraceInfo {
+	return madmin.TraceInfo{
+		TraceType: madmin.TraceStorage,
 		Time:      startTime,
 		NodeName:  globalLocalNodeName,
 		FuncName:  "storage." + s.String(),
-		StorageStats: trace.StorageStats{
+		StorageStats: madmin.TraceStorageStats{
 			Duration: duration,
 			Path:     path,
 		},

go.mod

@@ -6,7 +6,6 @@ require (
 	cloud.google.com/go/storage v1.8.0
 	github.com/Azure/azure-pipeline-go v0.2.2
 	github.com/Azure/azure-storage-blob-go v0.10.0
-	github.com/Azure/go-autorest/autorest/adal v0.9.1 // indirect
 	github.com/Shopify/sarama v1.27.2
 	github.com/VividCortex/ewma v1.1.1
 	github.com/alecthomas/participle v0.2.1
@@ -44,14 +43,12 @@ require (
 	github.com/klauspost/reedsolomon v1.9.11
 	github.com/lib/pq v1.9.0
 	github.com/mattn/go-colorable v0.1.8
-	github.com/mattn/go-ieproxy v0.0.1 // indirect
 	github.com/mattn/go-isatty v0.0.12
 	github.com/miekg/dns v1.1.35
-	github.com/minio/argon2 v1.0.0
 	github.com/minio/cli v1.22.0
 	github.com/minio/csvparser v1.0.0
 	github.com/minio/highwayhash v1.0.2
-	github.com/minio/md5-simd v1.1.1 // indirect
+	github.com/minio/madmin-go v1.0.1
 	github.com/minio/minio-go/v7 v7.0.11-0.20210302210017-6ae69c73ce78
 	github.com/minio/parquet-go v1.0.0
 	github.com/minio/rpc v1.0.0
@@ -62,9 +59,7 @@ require (
 	github.com/mitchellh/go-homedir v1.1.0
 	github.com/montanaflynn/stats v0.5.0
 	github.com/nats-io/nats-server/v2 v2.1.9
-	github.com/nats-io/nats-streaming-server v0.21.1 // indirect
 	github.com/nats-io/nats.go v1.10.0
-	github.com/nats-io/nkeys v0.2.0 // indirect
 	github.com/nats-io/stan.go v0.8.3
 	github.com/ncw/directio v1.0.5
 	github.com/nsqio/go-nsq v1.0.8
@@ -78,21 +73,19 @@ require (
 	github.com/rjeczalik/notify v0.9.2
 	github.com/rs/cors v1.7.0
 	github.com/secure-io/sio-go v0.3.1
-	github.com/shirou/gopsutil/v3 v3.21.1
-	github.com/spaolacci/murmur3 v1.1.0 // indirect
+	github.com/shirou/gopsutil/v3 v3.21.3
 	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/streadway/amqp v1.0.0
 	github.com/tinylib/msgp v1.1.3
 	github.com/valyala/tcplisten v0.0.0-20161114210144-ceec8f93295a
-	github.com/willf/bitset v1.1.11 // indirect
 	github.com/willf/bloom v2.0.3+incompatible
 	github.com/xdg/scram v0.0.0-20180814205039-7eeb5667e42c
 	go.etcd.io/etcd v0.0.0-20201125193152-8a03d2e9614b
 	go.uber.org/zap v1.14.1
-	golang.org/x/crypto v0.0.0-20210415154028-4f45737414dc
+	golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b
 	golang.org/x/mod v0.4.0 // indirect
-	golang.org/x/net v0.0.0-20210226172049-e18ecbb05110
-	golang.org/x/sys v0.0.0-20210225134936-a50acf3fe073
+	golang.org/x/net v0.0.0-20210421230115-4e50805a0758
+	golang.org/x/sys v0.0.0-20210420072515-93ed5bcd2bfe
 	golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1 // indirect
 	golang.org/x/tools v0.1.1-0.20210201201750-4d4ee958a9b7 // indirect
 	google.golang.org/api v0.25.0

go.sum

@@ -1,6 +1,7 @@
 cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
 cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
 cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU=
+cloud.google.com/go v0.39.0/go.mod h1:rVLT6fkc8chs9sfPtFc1SBH6em7n+ZoXaG+87tDISts=
 cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU=
 cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY=
 cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc=
@@ -242,6 +243,7 @@ github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8l
 github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
 github.com/golang/snappy v0.0.3 h1:fHPg5GQYlCeLIPB9BZqMVR5nR9A+IM5zcgeTdjMYmLA=
 github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
+github.com/gomodule/redigo v1.8.3/go.mod h1:P9dn9mFrCBvWhGE1wpxx6fgq7BAeLBk+UUUzlpkBYO0=
 github.com/gomodule/redigo v2.0.0+incompatible h1:K/R+8tc58AaqLkqG2Ol3Qk+DR/TlNuhuh457pBFPtt0=
 github.com/gomodule/redigo v2.0.0+incompatible/go.mod h1:B4C85qUVwatsJoIUNIfCRsp7qO0iAmpGFZ4EELWSbC4=
 github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
@@ -378,6 +380,7 @@ github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/klauspost/compress v1.11.0/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=
 github.com/klauspost/compress v1.11.7/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=
+github.com/klauspost/compress v1.11.12/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=
 github.com/klauspost/compress v1.12.2 h1:2KCfW3I9M7nSc5wOqXAlW2v2U6v+w6cbjvbfp+OykW8=
 github.com/klauspost/compress v1.12.2/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg=
 github.com/klauspost/cpuid v1.2.3/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek=
@@ -442,9 +445,12 @@ github.com/minio/csvparser v1.0.0 h1:xJEHcYK8ZAjeW4hNV9Zu30u+/2o4UyPnYgyjWp8b7ZU
 github.com/minio/csvparser v1.0.0/go.mod h1:lKXskSLzPgC5WQyzP7maKH7Sl1cqvANXo9YCto8zbtM=
 github.com/minio/highwayhash v1.0.2 h1:Aak5U0nElisjDCfPSG79Tgzkn2gl66NxOMspRrKnA/g=
 github.com/minio/highwayhash v1.0.2/go.mod h1:BQskDq+xkJ12lmlUUi7U0M5Swg3EWR+dLTk+kldvVxY=
+github.com/minio/madmin-go v1.0.1 h1:6hte9D9Wjv+GvGtk9n4XK2C9YCSQ4L2hOLDn3XZB3r0=
+github.com/minio/madmin-go v1.0.1/go.mod h1:6Hox3cho6WUdTzFt3GjA4Y0abFOs11Axn25sZXiyR9M=
 github.com/minio/md5-simd v1.1.0/go.mod h1:XpBqgZULrMYD3R+M28PcmP0CkI7PEMzB3U77ZrKZ0Gw=
 github.com/minio/md5-simd v1.1.1 h1:9ojcLbuZ4gXbB2sX53MKn8JUZ0sB/2wfwsEcRw+I08U=
 github.com/minio/md5-simd v1.1.1/go.mod h1:XpBqgZULrMYD3R+M28PcmP0CkI7PEMzB3U77ZrKZ0Gw=
+github.com/minio/minio v0.0.0-20210422165109-3455f786faf0/go.mod h1:nFVEfjWoCj2KxWymJnQuVPolrE3/gvFCYm0wZkCIdXw=
 github.com/minio/minio-go/v7 v7.0.10/go.mod h1:td4gW1ldOsj1PbSNS+WYK43j+P1XVhX/8W8awaYlBFo=
 github.com/minio/minio-go/v7 v7.0.11-0.20210302210017-6ae69c73ce78 h1:v7OMbUnWkyRlO2MZ5AuYioELhwXF/BgZEznrQ1drBEM=
 github.com/minio/minio-go/v7 v7.0.11-0.20210302210017-6ae69c73ce78/go.mod h1:mTh2uJuAbEqdhMVl6CMIIZLUeiMiWtJR4JB8/5g2skw=
@@ -595,8 +601,9 @@ github.com/samuel/go-zookeeper v0.0.0-20190923202752-2cc03de413da/go.mod h1:gi+0
 github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc=
 github.com/secure-io/sio-go v0.3.1 h1:dNvY9awjabXTYGsTF1PiCySl9Ltofk9GA3VdWlo7rRc=
 github.com/secure-io/sio-go v0.3.1/go.mod h1:+xbkjDzPjwh4Axd07pRKSNriS9SCiYksWnZqdnfpQxs=
-github.com/shirou/gopsutil/v3 v3.21.1 h1:dA72XXj5WOXIZkAL2iYTKRVcNOOqh4yfLn9Rm7t8BMM=
 github.com/shirou/gopsutil/v3 v3.21.1/go.mod h1:igHnfak0qnw1biGeI2qKQvu0ZkwvEkUcCLlYhZzdr/4=
+github.com/shirou/gopsutil/v3 v3.21.3 h1:wgcdAHZS2H6qy4JFewVTtqfiYxFzCeEJod/mLztdPG8=
+github.com/shirou/gopsutil/v3 v3.21.3/go.mod h1:ghfMypLDrFSWN2c9cDYFLHyynQ+QUht0cv/18ZqVczw=
 github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
 github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
 github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
@@ -632,17 +639,24 @@ github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81P
 github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
 github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/tidwall/gjson v1.6.8/go.mod h1:zeFuBCIqD4sN/gmqBzZ4j7Jd6UcA2Fc56x7QFsv+8fI=
 github.com/tidwall/gjson v1.7.4/go.mod h1:5/xDoumyyDNerp2U36lyolv46b3uF/9Bu6OfyQ9GImk=
 github.com/tidwall/gjson v1.7.5 h1:zmAN/xmX7OtpAkv4Ovfso60r/BiCi5IErCDYGNJu+uc=
 github.com/tidwall/gjson v1.7.5/go.mod h1:5/xDoumyyDNerp2U36lyolv46b3uF/9Bu6OfyQ9GImk=
 github.com/tidwall/match v1.0.3 h1:FQUVvBImDutD8wJLN6c5eMzWtjgONK9MwIBCOrUJKeE=
 github.com/tidwall/match v1.0.3/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM=
+github.com/tidwall/pretty v1.0.2/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk=
 github.com/tidwall/pretty v1.1.0 h1:K3hMW5epkdAVwibsQEfR/7Zj0Qgt4DxtNumTq/VloO8=
 github.com/tidwall/pretty v1.1.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk=
+github.com/tidwall/sjson v1.0.4/go.mod h1:bURseu1nuBkFpIES5cz6zBtjmYeOQmEESshn7VpF15Y=
 github.com/tidwall/sjson v1.1.6 h1:8fDdlahON04OZBlTQCIatW8FstSFJz8oxidj5h0rmSQ=
 github.com/tidwall/sjson v1.1.6/go.mod h1:KN3FZ7odvXIHPbJdhNorK/M9lWweVUbXsXXhrJ/kGOA=
 github.com/tinylib/msgp v1.1.3 h1:3giwAkmtaEDLSV0MdO1lDLuPgklgPzmk8H9+So2BVfA=
 github.com/tinylib/msgp v1.1.3/go.mod h1:+d+yLhGm8mzTaHzB+wgMYrodPfmZrzkirds8fDWklFE=
+github.com/tklauser/go-sysconf v0.3.4 h1:HT8SVixZd3IzLdfs/xlpq0jeSfTX57g1v6wB1EuzV7M=
+github.com/tklauser/go-sysconf v0.3.4/go.mod h1:Cl2c8ZRWfHD5IrfHo9VN+FX9kCFjIOyVklgXycLB6ek=
+github.com/tklauser/numcpus v0.2.1 h1:ct88eFm+Q7m2ZfXJdan1xYoXKlmwsfP+k88q05KvlZc=
+github.com/tklauser/numcpus v0.2.1/go.mod h1:9aU+wOc6WjUIZEwWMP62PL/41d65P+iks1gBkr4QyP8=
 github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8 h1:ndzgwNDnKIqyCvHTXaCqh9KlOWKvBry6nuXMJmonVsE=
 github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
 github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM=
@@ -710,8 +724,9 @@ golang.org/x/crypto v0.0.0-20200709230013-948cd5f35899/go.mod h1:LzIPMQfyMNhhGPh
 golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20201112155050-0c6587e931a9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
-golang.org/x/crypto v0.0.0-20210415154028-4f45737414dc h1:+q90ECDSAQirdykUN6sPEiBXBsp8Csjcca8Oy7bgLTA=
 golang.org/x/crypto v0.0.0-20210415154028-4f45737414dc/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
+golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b h1:7mWr3k41Qtv8XlltBkDkl8LoP3mpSgBW8BUoxtEdbXg=
+golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -780,8 +795,9 @@ golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81R
 golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
 golang.org/x/net v0.0.0-20200904194848-62affa334b73/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
 golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/net v0.0.0-20210226172049-e18ecbb05110 h1:qWPm9rbaAMKs8Bq/9LRpbMqxWRVUAQwMI9fVrssnTfw=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
+golang.org/x/net v0.0.0-20210421230115-4e50805a0758 h1:aEpZnXcAmXkd6AvLb2OPt+EN1Zu/8Ne3pCqPjja5PXY=
+golang.org/x/net v0.0.0-20210421230115-4e50805a0758/go.mod h1:72T/g9IO56b78aLF+1Kcs5dz7/ng1VjMUvfKvpfy+jM=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -848,16 +864,19 @@ golang.org/x/sys v0.0.0-20201024232916-9f70ab9862d5/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210225134936-a50acf3fe073 h1:8qxJSnu+7dRq6upnbntrmriWByIakBuct5OM/MdQC1M=
+golang.org/x/sys v0.0.0-20210217105451-b926d437f341/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210225134936-a50acf3fe073/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210420072515-93ed5bcd2bfe h1:WdX7u8s3yOigWAhHEaDl8r9G+4XwFQEQFtBMYyN+kXQ=
+golang.org/x/sys v0.0.0-20210420072515-93ed5bcd2bfe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
-golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M=
+golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
@@ -911,6 +930,7 @@ golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roY
 golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/tools v0.0.0-20201105001634-bc3cf281b174/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
 golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
+golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0=
 golang.org/x/tools v0.1.1-0.20210201201750-4d4ee958a9b7 h1:/wdPW261t381NDQd8TBo63/FyvACfLICwtH8wMRoHJQ=
 golang.org/x/tools v0.1.1-0.20210201201750-4d4ee958a9b7/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -920,6 +940,7 @@ golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1N
 golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/api v0.3.1/go.mod h1:6wY9I6uQWHQ8EM57III9mq/AjF+i8G65rmVagqKMtkk=
 google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
+google.golang.org/api v0.5.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
 google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M=
 google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
 google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
@@ -947,6 +968,7 @@ google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRn
 google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
 google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
 google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
+google.golang.org/genproto v0.0.0-20190508193815-b515fa19cec8/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
 google.golang.org/genproto v0.0.0-20190530194941-fb225487d101/go.mod h1:z3L6/3dTEVtUr6QSP8miRzeRqwQOioJ9I66odjN4I7s=
 google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
 google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=

pkg/bucket/bandwidth/monitor.go

@@ -22,7 +22,7 @@ import (
 	"sync"
 	"time"
 
-	"github.com/minio/minio/pkg/madmin"
+	"github.com/minio/madmin-go"
 )
 
 // throttleBandwidth gets the throttle for bucket with the configured value

pkg/bucket/bandwidth/monitor_test.go

@@ -23,7 +23,7 @@ import (
 	"testing"
 	"time"
 
-	"github.com/minio/minio/pkg/madmin"
+	"github.com/minio/madmin-go"
 )
 
 const (

pkg/disk/health.go

@@ -24,37 +24,18 @@ import (
 	"time"
 
 	"github.com/dustin/go-humanize"
+	"github.com/minio/madmin-go"
 	"github.com/montanaflynn/stats"
 )
 
-// Latency holds latency information for write operations to the drive
-type Latency struct {
-	Avg          float64 `json:"avg_secs,omitempty"`
-	Percentile50 float64 `json:"percentile50_secs,omitempty"`
-	Percentile90 float64 `json:"percentile90_secs,omitempty"`
-	Percentile99 float64 `json:"percentile99_secs,omitempty"`
-	Min          float64 `json:"min_secs,omitempty"`
-	Max          float64 `json:"max_secs,omitempty"`
-}
-
-// Throughput holds throughput information for write operations to the drive
-type Throughput struct {
-	Avg          float64 `json:"avg_bytes_per_sec,omitempty"`
-	Percentile50 float64 `json:"percentile50_bytes_per_sec,omitempty"`
-	Percentile90 float64 `json:"percentile90_bytes_per_sec,omitempty"`
-	Percentile99 float64 `json:"percentile99_bytes_per_sec,omitempty"`
-	Min          float64 `json:"min_bytes_per_sec,omitempty"`
-	Max          float64 `json:"max_bytes_per_sec,omitempty"`
-}
-
 // GetHealthInfo about the drive
-func GetHealthInfo(ctx context.Context, drive, fsPath string) (Latency, Throughput, error) {
+func GetHealthInfo(ctx context.Context, drive, fsPath string) (madmin.DiskLatency, madmin.DiskThroughput, error) {
 
 	// Create a file with O_DIRECT flag, choose default umask and also make sure
 	// we are exclusively writing to a new file using O_EXCL.
 	w, err := OpenFileDirectIO(fsPath, os.O_CREATE|os.O_WRONLY|os.O_EXCL, 0666)
 	if err != nil {
-		return Latency{}, Throughput{}, err
+		return madmin.DiskLatency{}, madmin.DiskThroughput{}, err
 	}
 
 	defer func() {
@@ -72,13 +53,13 @@ func GetHealthInfo(ctx context.Context, drive, fsPath string) (Latency, Throughp
 
 	for i := 0; i < (fileSize / blockSize); i++ {
 		if ctx.Err() != nil {
-			return Latency{}, Throughput{}, ctx.Err()
+			return madmin.DiskLatency{}, madmin.DiskThroughput{}, ctx.Err()
 		}
 		startTime := time.Now()
 		if n, err := w.Write(data); err != nil {
-			return Latency{}, Throughput{}, err
+			return madmin.DiskLatency{}, madmin.DiskThroughput{}, err
 		} else if n != blockSize {
-			return Latency{}, Throughput{}, fmt.Errorf("Expected to write %d, but only wrote %d", blockSize, n)
+			return madmin.DiskLatency{}, madmin.DiskThroughput{}, fmt.Errorf("Expected to write %d, but only wrote %d", blockSize, n)
 		}
 		latencyInSecs := time.Since(startTime).Seconds()
 		latencies[i] = latencyInSecs
@@ -107,24 +88,24 @@ func GetHealthInfo(ctx context.Context, drive, fsPath string) (Latency, Throughp
 	var maxThroughput float64
 
 	if avgLatency, err = stats.Mean(latencies); err != nil {
-		return Latency{}, Throughput{}, err
+		return madmin.DiskLatency{}, madmin.DiskThroughput{}, err
 	}
 	if percentile50Latency, err = stats.Percentile(latencies, 50); err != nil {
-		return Latency{}, Throughput{}, err
+		return madmin.DiskLatency{}, madmin.DiskThroughput{}, err
 	}
 	if percentile90Latency, err = stats.Percentile(latencies, 90); err != nil {
-		return Latency{}, Throughput{}, err
+		return madmin.DiskLatency{}, madmin.DiskThroughput{}, err
 	}
 	if percentile99Latency, err = stats.Percentile(latencies, 99); err != nil {
-		return Latency{}, Throughput{}, err
+		return madmin.DiskLatency{}, madmin.DiskThroughput{}, err
 	}
 	if maxLatency, err = stats.Max(latencies); err != nil {
-		return Latency{}, Throughput{}, err
+		return madmin.DiskLatency{}, madmin.DiskThroughput{}, err
 	}
 	if minLatency, err = stats.Min(latencies); err != nil {
-		return Latency{}, Throughput{}, err
+		return madmin.DiskLatency{}, madmin.DiskThroughput{}, err
 	}
-	l := Latency{
+	l := madmin.DiskLatency{
 		Avg:          avgLatency,
 		Percentile50: percentile50Latency,
 		Percentile90: percentile90Latency,
@@ -134,25 +115,25 @@ func GetHealthInfo(ctx context.Context, drive, fsPath string) (Latency, Throughp
 	}
 
 	if avgThroughput, err = stats.Mean(throughputs); err != nil {
-		return Latency{}, Throughput{}, err
+		return madmin.DiskLatency{}, madmin.DiskThroughput{}, err
 	}
 	if percentile50Throughput, err = stats.Percentile(throughputs, 50); err != nil {
-		return Latency{}, Throughput{}, err
+		return madmin.DiskLatency{}, madmin.DiskThroughput{}, err
 	}
 	if percentile90Throughput, err = stats.Percentile(throughputs, 90); err != nil {
-		return Latency{}, Throughput{}, err
+		return madmin.DiskLatency{}, madmin.DiskThroughput{}, err
 	}
 	if percentile99Throughput, err = stats.Percentile(throughputs, 99); err != nil {
-		return Latency{}, Throughput{}, err
+		return madmin.DiskLatency{}, madmin.DiskThroughput{}, err
 	}
 	if maxThroughput, err = stats.Max(throughputs); err != nil {
-		return Latency{}, Throughput{}, err
+		return madmin.DiskLatency{}, madmin.DiskThroughput{}, err
 	}
 	if minThroughput, err = stats.Min(throughputs); err != nil {
-		return Latency{}, Throughput{}, err
+		return madmin.DiskLatency{}, madmin.DiskThroughput{}, err
 	}
 
-	t := Throughput{
+	t := madmin.DiskThroughput{
 		Avg:          avgThroughput,
 		Percentile50: percentile50Throughput,
 		Percentile90: percentile90Throughput,

pkg/madmin/README.md

@@ -1,576 +0,0 @@
-# Golang Admin Client API Reference [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
-The MinIO Admin Golang Client SDK provides APIs to manage MinIO services.
-
-This quickstart guide will show you how to install the MinIO Admin client SDK, connect to MinIO admin service, and provide a walkthrough of a simple file uploader.
-
-This document assumes that you have a working [Golang setup](https://golang.org/doc/install).
-
-## Initialize MinIO Admin Client object.
-
-##  MinIO
-
-```go
-
-package main
-
-import (
-    "fmt"
-
-    "github.com/minio/minio/pkg/madmin"
-)
-
-func main() {
-    // Use a secure connection.
-    ssl := true
-
-    // Initialize minio client object.
-    mdmClnt, err := madmin.New("your-minio.example.com:9000", "YOUR-ACCESSKEYID", "YOUR-SECRETKEY", ssl)
-    if err != nil {
-        fmt.Println(err)
-        return
-    }
-
-    // Fetch service status.
-    st, err := mdmClnt.ServerInfo()
-    if err != nil {
-        fmt.Println(err)
-        return
-    }
-	for _, peerInfo := range serversInfo {
-		log.Printf("Node: %s, Info: %v\n", peerInfo.Addr, peerInfo.Data)
-	}
-}
-
-```
-
-| Service operations                  | Info operations                          | Healing operations | Config operations         |
-|:------------------------------------|:-----------------------------------------|:-------------------|:--------------------------|
-| [`ServiceTrace`](#ServiceTrace)     | [`ServerInfo`](#ServerInfo)              | [`Heal`](#Heal)    | [`GetConfig`](#GetConfig) |
-| [`ServiceStop`](#ServiceStop)       | [`StorageInfo`](#StorageInfo)            |                    | [`SetConfig`](#SetConfig) |
-| [`ServiceRestart`](#ServiceRestart) | [`AccountInfo`](#AccountInfo)  |                    |                           |
-
-
-
-| Top operations          | IAM operations                        | Misc                                              | KMS                             |
-|:------------------------|:--------------------------------------|:--------------------------------------------------|:--------------------------------|
-| [`TopLocks`](#TopLocks) | [`AddUser`](#AddUser)                 | [`StartProfiling`](#StartProfiling)               | [`GetKeyStatus`](#GetKeyStatus) |
-|                         | [`SetUserPolicy`](#SetUserPolicy)     | [`DownloadProfilingData`](#DownloadProfilingData) |                                 |
-|                         | [`ListUsers`](#ListUsers)             | [`ServerUpdate`](#ServerUpdate)                   |                                 |
-|                         | [`AddCannedPolicy`](#AddCannedPolicy) |                                                   |                                 |
-
-## 1. Constructor
-<a name="MinIO"></a>
-
-### New(endpoint string, accessKeyID string, secretAccessKey string, ssl bool) (*AdminClient, error)
-Initializes a new admin client object.
-
-__Parameters__
-
-| Param             | Type     | Description                                               |
-|:------------------|:---------|:----------------------------------------------------------|
-| `endpoint`        | _string_ | MinIO endpoint.                                           |
-| `accessKeyID`     | _string_ | Access key for the object storage endpoint.               |
-| `secretAccessKey` | _string_ | Secret key for the object storage endpoint.               |
-| `ssl`             | _bool_   | Set this value to 'true' to enable secure (HTTPS) access. |
-
-## 2. Service operations
-
-<a name="ServiceStatus"></a>
-### ServiceStatus(ctx context.Context) (ServiceStatusMetadata, error)
-Fetch service status, replies disk space used, backend type and total disks offline/online (applicable in distributed mode).
-
-| Param           | Type                    | Description                                                |
-|-----------------|-------------------------|------------------------------------------------------------|
-| `serviceStatus` | _ServiceStatusMetadata_ | Represents current server status info in following format: |
-
-
-| Param                       | Type            | Description                        |
-|-----------------------------|-----------------|------------------------------------|
-| `st.ServerVersion.Version`  | _string_        | Server version.                    |
-| `st.ServerVersion.CommitID` | _string_        | Server commit id.                  |
-| `st.Uptime`                 | _time.Duration_ | Server uptime duration in seconds. |
-
- __Example__
-
- ```go
-
-	st, err := madmClnt.ServiceStatus(context.Background())
-	if err != nil {
-		log.Fatalln(err)
-	}
-	log.Printf("%#v\n", st)
-
- ```
-
-<a name="ServiceRestart"></a>
-### ServiceRestart(ctx context.Context) error
-Sends a service action restart command to MinIO server.
-
- __Example__
-
-```go
-   // To restart the service, restarts all servers in the cluster.
-   err := madmClnt.ServiceRestart(context.Background())
-   if err != nil {
-       log.Fatalln(err)
-   }
-   log.Println("Success")
-```
-
-<a name="ServiceStop"></a>
-### ServiceStop(ctx context.Context) error
-Sends a service action stop command to MinIO server.
-
- __Example__
-
-```go
-   // To stop the service, stops all servers in the cluster.
-   err := madmClnt.ServiceStop(context.Background())
-   if err != nil {
-       log.Fatalln(err)
-   }
-   log.Println("Success")
-```
-
-<a name="ServiceTrace"></a>
-### ServiceTrace(ctx context.Context, allTrace bool, doneCh <-chan struct{}) <-chan TraceInfo
-Enable HTTP request tracing on all nodes in a MinIO cluster
-
-__Example__
-
-``` go
-    doneCh := make(chan struct{})
-    defer close(doneCh)
-    // listen to all trace including internal API calls
-    allTrace := true
-    // Start listening on all trace activity.
-    traceCh := madmClnt.ServiceTrace(context.Background(), allTrace, doneCh)
-    for traceInfo := range traceCh {
-        fmt.Println(traceInfo.String())
-    }
-```
-
-## 3. Info operations
-
-<a name="ServerInfo"></a>
-### ServerInfo(ctx context.Context) ([]ServerInfo, error)
-Fetches information for all cluster nodes, such as server properties, storage information, network statistics, etc.
-
-| Param                            | Type               | Description                                                        |
-|----------------------------------|--------------------|--------------------------------------------------------------------|
-| `si.Addr`                        | _string_           | Address of the server the following information is retrieved from. |
-| `si.ConnStats`                   | _ServerConnStats_  | Connection statistics from the given server.                       |
-| `si.HTTPStats`                   | _ServerHTTPStats_  | HTTP connection statistics from the given server.                  |
-| `si.Properties`                  | _ServerProperties_ | Server properties such as region, notification targets.            |
-
-| Param                       | Type            | Description                                        |
-|-----------------------------|-----------------|----------------------------------------------------|
-| `ServerProperties.Uptime`   | _time.Duration_ | Total duration in seconds since server is running. |
-| `ServerProperties.Version`  | _string_        | Current server version.                            |
-| `ServerProperties.CommitID` | _string_        | Current server commitID.                           |
-| `ServerProperties.Region`   | _string_        | Configured server region.                          |
-| `ServerProperties.SQSARN`   | _[]string_      | List of notification target ARNs.                  |
-
-| Param                              | Type     | Description                         |
-|------------------------------------|----------|-------------------------------------|
-| `ServerConnStats.TotalInputBytes`  | _uint64_ | Total bytes received by the server. |
-| `ServerConnStats.TotalOutputBytes` | _uint64_ | Total bytes sent by the server.     |
-
-| Param                                | Type                    | Description                                             |
-|--------------------------------------|-------------------------|---------------------------------------------------------|
-| `ServerHTTPStats.TotalHEADStats`     | _ServerHTTPMethodStats_ | Total statistics regarding HEAD operations              |
-| `ServerHTTPStats.SuccessHEADStats`   | _ServerHTTPMethodStats_ | Total statistics regarding successful HEAD operations   |
-| `ServerHTTPStats.TotalGETStats`      | _ServerHTTPMethodStats_ | Total statistics regarding GET operations               |
-| `ServerHTTPStats.SuccessGETStats`    | _ServerHTTPMethodStats_ | Total statistics regarding successful GET operations    |
-| `ServerHTTPStats.TotalPUTStats`      | _ServerHTTPMethodStats_ | Total statistics regarding PUT operations               |
-| `ServerHTTPStats.SuccessPUTStats`    | _ServerHTTPMethodStats_ | Total statistics regarding successful PUT operations    |
-| `ServerHTTPStats.TotalPOSTStats`     | _ServerHTTPMethodStats_ | Total statistics regarding POST operations              |
-| `ServerHTTPStats.SuccessPOSTStats`   | _ServerHTTPMethodStats_ | Total statistics regarding successful POST operations   |
-| `ServerHTTPStats.TotalDELETEStats`   | _ServerHTTPMethodStats_ | Total statistics regarding DELETE operations            |
-| `ServerHTTPStats.SuccessDELETEStats` | _ServerHTTPMethodStats_ | Total statistics regarding successful DELETE operations |
-
-| Param                               | Type     | Description                                     |
-|-------------------------------------|----------|-------------------------------------------------|
-| `ServerHTTPMethodStats.Count`       | _uint64_ | Total number of operations.                     |
-| `ServerHTTPMethodStats.AvgDuration` | _string_ | Average duration of Count number of operations. |
-
-| Param                | Type     | Description                                           |
-|----------------------|----------|-------------------------------------------------------|
-| `DriveInfo.UUID`     | _string_ | Unique ID for each disk provisioned by server format. |
-| `DriveInfo.Endpoint` | _string_ | Endpoint location of the remote/local disk.           |
-| `DriveInfo.State`    | _string_ | Current state of the disk at endpoint.                |
-
- __Example__
-
- ```go
-
-	serversInfo, err := madmClnt.ServerInfo(context.Background())
-	if err != nil {
-		log.Fatalln(err)
-	}
-
-	for _, peerInfo := range serversInfo {
-		log.Printf("Node: %s, Info: %v\n", peerInfo.Addr, peerInfo.Data)
-	}
-
- ```
-
-<a name="StorageInfo"></a>
-### StorageInfo(ctx context.Context) (StorageInfo, error)
-
-Fetches Storage information for all cluster nodes.
-
-| Param                   | Type       | Description                                 |
-|-------------------------|------------|---------------------------------------------|
-| `storageInfo.Used`      | _[]int64_  | Used disk spaces.                           |
-| `storageInfo.Total`     | _[]int64_  | Total disk spaces.                          |
-| `storageInfo.Available` | _[]int64_  | Available disk spaces.                      |
-| `StorageInfo.Backend`   | _struct{}_ | Represents backend type embedded structure. |
-
-| Param                      | Type            | Description                                                                                                              |
-|----------------------------|-----------------|--------------------------------------------------------------------------------------------------------------------------|
-| `Backend.Type`             | _BackendType_   | Type of backend used by the server currently only FS or Erasure.                                                         |
-| `Backend.OnlineDisks`      | _BackendDisks_  | Total number of disks online per node (only applies to Erasure backend) represented in map[string]int, is empty for FS.  |
-| `Backend.OfflineDisks`     | _BackendDisks_  | Total number of disks offline per node (only applies to Erasure backend) represented in map[string]int, is empty for FS. |
-| `Backend.StandardSCParity` | _int_           | Parity disks set for standard storage class, is empty for FS.                                                            |
-| `Backend.RRSCParity`       | _int_           | Parity disks set for reduced redundancy storage class, is empty for FS.                                                  |
-| `Backend.Sets`             | _[][]DriveInfo_ | Represents topology of drives in erasure coded sets.                                                                     |
-
-__Example__
-
- ```go
-
-	storageInfo, err := madmClnt.StorageInfo(context.Background())
-	if err != nil {
-		log.Fatalln(err)
-	}
-
-    log.Println(storageInfo)
-
- ```
-
-<a name="AccountInfo"></a>
-
-### AccountInfo(ctx context.Context) (AccountInfo, error)
-
-Fetches accounting usage information for the current authenticated user
-
-| Param                          | Type                 | Description             |
-|--------------------------------|----------------------|-------------------------|
-| `AccountInfo.AccountName` | _string_             | Account name.           |
-| `AccountInfo.Buckets`     | _[]BucketAccessInfo_  | Bucket usage info.      |
-
-
-| Param                      | Type            | Description                             |
-|----------------------------|-----------------|-----------------------------------------|
-| `BucketAccessInfo.Name`     | _string_        | The name of the current bucket
-| `BucketAccessInfo.Size`     | _uint64_        | The total size of the current bucket
-| `BucketAccessInfo.Created`  | _time.Time_     | Bucket creation time
-| `BucketAccessInfo.Access`   | _AccountAccess_ | Type of access of the current account
-
-
-| Param                  | Type    | Description                                                                                                              |
-|------------------------|---------|------------------------------------------------------------------|
-| `AccountAccess.Read`   | _bool_  | Indicate if the bucket is readable by the current account name.  |
-| `AccountAccess.Write`  | _bool_  | Indocate if the bucket is writable by the current account name.  |
-
-
-__Example__
-
-```go
-
-   accountInfo, err := madmClnt.AccountInfo(context.Background())
-   if err != nil {
-	log.Fatalln(err)
-   }
-
-   log.Println(accountInfo)
-
-```
-
-
-
-## 5. Heal operations
-
-<a name="Heal"></a>
-### Heal(ctx context.Context, bucket, prefix string, healOpts HealOpts, clientToken string, forceStart bool, forceStop bool) (start HealStartSuccess, status HealTaskStatus, err error)
-
-Start a heal sequence that scans data under given (possible empty)
-`bucket` and `prefix`. The `recursive` bool turns on recursive
-traversal under the given path. `dryRun` does not mutate on-disk data,
-but performs data validation.
-
-Two heal sequences on overlapping paths may not be initiated.
-
-The progress of a heal should be followed using the same API `Heal`
-by providing the `clientToken` previously obtained from a `Heal`
-API. The server accumulates results of the heal traversal and waits
-for the client to receive and acknowledge them using the status
-request by providing `clientToken`.
-
-__Example__
-
-``` go
-
-    opts := madmin.HealOpts{
-            Recursive: true,
-            DryRun:    false,
-    }
-    forceStart := false
-    forceStop := false
-    healPath, err := madmClnt.Heal(context.Background(), "", "", opts, "", forceStart, forceStop)
-    if err != nil {
-        log.Fatalln(err)
-    }
-    log.Printf("Heal sequence started at %s", healPath)
-
-```
-
-#### HealStartSuccess structure
-
-| Param             | Type        | Description                                                                                                                      |
-|-------------------|-------------|----------------------------------------------------------------------------------------------------------------------------------|
-| `s.ClientToken`   | _string_    | A unique token for a successfully started heal operation, this token is used to request realtime progress of the heal operation. |
-| `s.ClientAddress` | _string_    | Address of the client which initiated the heal operation, the client address has the form "host:port".                           |
-| `s.StartTime`     | _time.Time_ | Time when heal was initially started.                                                                                            |
-
-#### HealTaskStatus structure
-
-| Param             | Type               | Description                                       |
-|-------------------|--------------------|---------------------------------------------------|
-| `s.Summary`       | _string_           | Short status of heal sequence                     |
-| `s.FailureDetail` | _string_           | Error message in case of heal sequence failure    |
-| `s.HealSettings`  | _HealOpts_         | Contains the booleans set in the `HealStart` call |
-| `s.Items`         | _[]HealResultItem_ | Heal records for actions performed by server      |
-
-#### HealResultItem structure
-
-| Param                  | Type           | Description                                                     |
-|------------------------|----------------|-----------------------------------------------------------------|
-| `ResultIndex`          | _int64_        | Index of the heal-result record                                 |
-| `Type`                 | _HealItemType_ | Represents kind of heal operation in the heal record            |
-| `Bucket`               | _string_       | Bucket name                                                     |
-| `Object`               | _string_       | Object name                                                     |
-| `Detail`               | _string_       | Details about heal operation                                    |
-| `DiskInfo.AvailableOn` | _[]int_        | List of disks on which the healed entity is present and healthy |
-| `DiskInfo.HealedOn`    | _[]int_        | List of disks on which the healed entity was restored           |
-
-## 6. Config operations
-
-<a name="GetConfig"></a>
-### GetConfig(ctx context.Context) ([]byte, error)
-Get current `config.json` of a MinIO server.
-
-__Example__
-
-``` go
-    configBytes, err := madmClnt.GetConfig(context.Background())
-    if err != nil {
-        log.Fatalf("failed due to: %v", err)
-    }
-
-    // Pretty-print config received as json.
-    var buf bytes.Buffer
-    err = json.Indent(buf, configBytes, "", "\t")
-    if err != nil {
-        log.Fatalf("failed due to: %v", err)
-    }
-
-    log.Println("config received successfully: ", string(buf.Bytes()))
-```
-
-
-<a name="SetConfig"></a>
-### SetConfig(ctx context.Context, config io.Reader) error
-Set a new `config.json` for a MinIO server.
-
-__Example__
-
-``` go
-    config := bytes.NewReader([]byte(`config.json contents go here`))
-    if err := madmClnt.SetConfig(context.Background(), config); err != nil {
-        log.Fatalf("failed due to: %v", err)
-    }
-    log.Println("SetConfig was successful")
-```
-
-## 7. Top operations
-
-<a name="TopLocks"></a>
-### TopLocks(ctx context.Context) (LockEntries, error)
-Get the oldest locks from MinIO server.
-
-__Example__
-
-``` go
-    locks, err := madmClnt.TopLocks(context.Background())
-    if err != nil {
-        log.Fatalf("failed due to: %v", err)
-    }
-
-    out, err := json.Marshal(locks)
-    if err != nil {
-        log.Fatalf("Marshal failed due to: %v", err)
-    }
-
-    log.Println("TopLocks received successfully: ", string(out))
-```
-
-## 8. IAM operations
-
-<a name="AddCannedPolicy"></a>
-### AddCannedPolicy(ctx context.Context, policyName string, policy *iampolicy.Policy) error
-Create a new canned policy on MinIO server.
-
-__Example__
-
-```
-	policy, err := iampolicy.ParseConfig(strings.NewReader(`{"Version": "2012-10-17","Statement": [{"Action": ["s3:GetObject"],"Effect": "Allow","Resource": ["arn:aws:s3:::my-bucketname/*"],"Sid": ""}]}`))
-    if err != nil {
-        log.Fatalln(err)
-    }
-
-    if err = madmClnt.AddCannedPolicy(context.Background(), "get-only", policy); err != nil {
-		log.Fatalln(err)
-	}
-```
-
-<a name="AddUser"></a>
-### AddUser(ctx context.Context, user string, secret string) error
-Add a new user on a MinIO server.
-
-__Example__
-
-``` go
-	if err = madmClnt.AddUser(context.Background(), "newuser", "newstrongpassword"); err != nil {
-		log.Fatalln(err)
-	}
-```
-
-<a name="SetUserPolicy"></a>
-### SetUserPolicy(ctx context.Context, user string, policyName string) error
-Enable a canned policy `get-only` for a given user on MinIO server.
-
-__Example__
-
-``` go
-	if err = madmClnt.SetUserPolicy(context.Background(), "newuser", "get-only"); err != nil {
-		log.Fatalln(err)
-	}
-```
-
-<a name="ListUsers"></a>
-### ListUsers(ctx context.Context) (map[string]UserInfo, error)
-Lists all users on MinIO server.
-
-__Example__
-
-``` go
-	users, err := madmClnt.ListUsers(context.Background());
-    if err != nil {
-		log.Fatalln(err)
-	}
-    for k, v := range users {
-        fmt.Printf("User %s Status %s\n", k, v.Status)
-    }
-```
-
-## 9. Misc operations
-
-<a name="ServerUpdate"></a>
-### ServerUpdate(ctx context.Context, updateURL string) (ServerUpdateStatus, error)
-Sends a update command to MinIO server, to update MinIO server to latest release. In distributed setup it updates all servers atomically.
-
- __Example__
-
-```go
-   // Updates all servers and restarts all the servers in the cluster.
-   // optionally takes an updateURL, which is used to update the binary.
-   us, err := madmClnt.ServerUpdate(context.Background(), updateURL)
-   if err != nil {
-       log.Fatalln(err)
-   }
-   if us.CurrentVersion != us.UpdatedVersion {
-       log.Printf("Updated server version from %s to %s successfully", us.CurrentVersion, us.UpdatedVersion)
-   }
-```
-
-<a name="StartProfiling"></a>
-### StartProfiling(ctx context.Context, profiler string) error
-Ask all nodes to start profiling using the specified profiler mode
-
-__Example__
-
-``` go
-    startProfilingResults, err = madmClnt.StartProfiling(context.Background(), "cpu")
-    if err != nil {
-            log.Fatalln(err)
-    }
-    for _, result := range startProfilingResults {
-        if !result.Success {
-            log.Printf("Unable to start profiling on node `%s`, reason = `%s`\n", result.NodeName, result.Error)
-        } else {
-            log.Printf("Profiling successfully started on node `%s`\n", result.NodeName)
-        }
-    }
-
-```
-
-<a name="DownloadProfilingData"></a>
-### DownloadProfilingData(ctx context.Context) ([]byte, error)
-Download profiling data of all nodes in a zip format.
-
-__Example__
-
-``` go
-    profilingData, err := madmClnt.DownloadProfilingData(context.Background())
-    if err != nil {
-            log.Fatalln(err)
-    }
-
-    profilingFile, err := os.Create("/tmp/profiling-data.zip")
-    if err != nil {
-            log.Fatal(err)
-    }
-
-    if _, err := io.Copy(profilingFile, profilingData); err != nil {
-            log.Fatal(err)
-    }
-
-    if err := profilingFile.Close(); err != nil {
-            log.Fatal(err)
-    }
-
-    if err := profilingData.Close(); err != nil {
-            log.Fatal(err)
-    }
-
-    log.Println("Profiling data successfully downloaded.")
-```
-
-## 11. KMS
-
-<a name="GetKeyStatus"></a>
-### GetKeyStatus(ctx context.Context, keyID string) (*KMSKeyStatus, error)
-Requests status information about one particular KMS master key
-from a MinIO server. The keyID is optional and the server will
-use the default master key (configured via `MINIO_KMS_VAULT_KEY_NAME`
-or `MINIO_KMS_MASTER_KEY`) if the keyID is empty.
-
-__Example__
-
-``` go
-    keyInfo, err := madmClnt.GetKeyStatus(context.Background(), "my-minio-key")
-    if err != nil {
-       log.Fatalln(err)
-    }
-    if keyInfo.EncryptionErr != "" {
-       log.Fatalf("Failed to perform encryption operation using '%s': %v\n", keyInfo.KeyID, keyInfo.EncryptionErr)
-    }
-    if keyInfo.UpdateErr != "" {
-       log.Fatalf("Failed to perform key re-wrap operation using '%s': %v\n", keyInfo.KeyID, keyInfo.UpdateErr)
-    }
-    if keyInfo.DecryptionErr != "" {
-       log.Fatalf("Failed to perform decryption operation using '%s': %v\n", keyInfo.KeyID, keyInfo.DecryptionErr)
-    }
-```

pkg/madmin/api-error-response.go

@@ -1,111 +0,0 @@
-// Copyright (c) 2015-2021 MinIO, Inc.
-//
-// This file is part of MinIO Object Storage stack
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package madmin
-
-import (
-	"encoding/xml"
-	"fmt"
-	"net/http"
-)
-
-/* **** SAMPLE ERROR RESPONSE ****
-<?xml version="1.0" encoding="UTF-8"?>
-<Error>
-   <Code>AccessDenied</Code>
-   <Message>Access Denied</Message>
-   <BucketName>bucketName</BucketName>
-   <Key>objectName</Key>
-   <RequestId>F19772218238A85A</RequestId>
-   <HostId>GuWkjyviSiGHizehqpmsD1ndz5NClSP19DOT+s2mv7gXGQ8/X1lhbDGiIJEXpGFD</HostId>
-</Error>
-*/
-
-// ErrorResponse - Is the typed error returned by all API operations.
-type ErrorResponse struct {
-	XMLName    xml.Name `xml:"Error" json:"-"`
-	Code       string
-	Message    string
-	BucketName string
-	Key        string
-	RequestID  string `xml:"RequestId"`
-	HostID     string `xml:"HostId"`
-
-	// Region where the bucket is located. This header is returned
-	// only in HEAD bucket and ListObjects response.
-	Region string
-}
-
-// Error - Returns HTTP error string
-func (e ErrorResponse) Error() string {
-	return e.Message
-}
-
-const (
-	reportIssue = "Please report this issue at https://github.com/minio/minio/issues."
-)
-
-// httpRespToErrorResponse returns a new encoded ErrorResponse
-// structure as error.
-func httpRespToErrorResponse(resp *http.Response) error {
-	if resp == nil {
-		msg := "Response is empty. " + reportIssue
-		return ErrInvalidArgument(msg)
-	}
-	var errResp ErrorResponse
-	// Decode the json error
-	err := jsonDecoder(resp.Body, &errResp)
-	if err != nil {
-		return ErrorResponse{
-			Code:    resp.Status,
-			Message: fmt.Sprintf("Failed to parse server response: %s.", err),
-		}
-	}
-	closeResponse(resp)
-	return errResp
-}
-
-// ToErrorResponse - Returns parsed ErrorResponse struct from body and
-// http headers.
-//
-// For example:
-//
-//   import admin "github.com/minio/minio/pkg/madmin"
-//   ...
-//   ...
-//   ss, err := adm.ServiceStatus(...)
-//   if err != nil {
-//      resp := admin.ToErrorResponse(err)
-//   }
-//   ...
-func ToErrorResponse(err error) ErrorResponse {
-	switch err := err.(type) {
-	case ErrorResponse:
-		return err
-	default:
-		return ErrorResponse{}
-	}
-}
-
-// ErrInvalidArgument - Invalid argument response.
-func ErrInvalidArgument(message string) error {
-	return ErrorResponse{
-		Code:      "InvalidArgument",
-		Message:   message,
-		RequestID: "minio",
-	}
-}

pkg/madmin/api-log-entry.go

@@ -1,53 +0,0 @@
-// Copyright (c) 2015-2021 MinIO, Inc.
-//
-// This file is part of MinIO Object Storage stack
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package madmin
-
-// Args - defines the arguments for the API.
-type logArgs struct {
-	Bucket   string            `json:"bucket,omitempty"`
-	Object   string            `json:"object,omitempty"`
-	Metadata map[string]string `json:"metadata,omitempty"`
-}
-
-// Trace - defines the trace.
-type logTrace struct {
-	Message   string            `json:"message,omitempty"`
-	Source    []string          `json:"source,omitempty"`
-	Variables map[string]string `json:"variables,omitempty"`
-}
-
-// API - defines the api type and its args.
-type logAPI struct {
-	Name string   `json:"name,omitempty"`
-	Args *logArgs `json:"args,omitempty"`
-}
-
-// Entry - defines fields and values of each log entry.
-type logEntry struct {
-	DeploymentID string    `json:"deploymentid,omitempty"`
-	Level        string    `json:"level"`
-	LogKind      string    `json:"errKind"`
-	Time         string    `json:"time"`
-	API          *logAPI   `json:"api,omitempty"`
-	RemoteHost   string    `json:"remotehost,omitempty"`
-	Host         string    `json:"host,omitempty"`
-	RequestID    string    `json:"requestID,omitempty"`
-	UserAgent    string    `json:"userAgent,omitempty"`
-	Message      string    `json:"message,omitempty"`
-	Trace        *logTrace `json:"error,omitempty"`
-}

pkg/madmin/api-log.go

@@ -1,81 +0,0 @@
-// Copyright (c) 2015-2021 MinIO, Inc.
-//
-// This file is part of MinIO Object Storage stack
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package madmin
-
-import (
-	"context"
-	"encoding/json"
-	"net/http"
-	"net/url"
-	"strconv"
-)
-
-// LogInfo holds console log messages
-type LogInfo struct {
-	logEntry
-	ConsoleMsg string
-	NodeName   string `json:"node"`
-	Err        error  `json:"-"`
-}
-
-// GetLogs - listen on console log messages.
-func (adm AdminClient) GetLogs(ctx context.Context, node string, lineCnt int, logKind string) <-chan LogInfo {
-	logCh := make(chan LogInfo, 1)
-
-	// Only success, start a routine to start reading line by line.
-	go func(logCh chan<- LogInfo) {
-		defer close(logCh)
-		urlValues := make(url.Values)
-		urlValues.Set("node", node)
-		urlValues.Set("limit", strconv.Itoa(lineCnt))
-		urlValues.Set("logType", logKind)
-		for {
-			reqData := requestData{
-				relPath:     adminAPIPrefix + "/log",
-				queryValues: urlValues,
-			}
-			// Execute GET to call log handler
-			resp, err := adm.executeMethod(ctx, http.MethodGet, reqData)
-			if err != nil {
-				closeResponse(resp)
-				return
-			}
-
-			if resp.StatusCode != http.StatusOK {
-				logCh <- LogInfo{Err: httpRespToErrorResponse(resp)}
-				return
-			}
-			dec := json.NewDecoder(resp.Body)
-			for {
-				var info LogInfo
-				if err = dec.Decode(&info); err != nil {
-					break
-				}
-				select {
-				case <-ctx.Done():
-					return
-				case logCh <- info:
-				}
-			}
-
-		}
-	}(logCh)
-
-	// Returns the log info channel, for caller to start reading from.
-	return logCh
-}

pkg/madmin/api.go

@@ -1,510 +0,0 @@
-// Copyright (c) 2015-2021 MinIO, Inc.
-//
-// This file is part of MinIO Object Storage stack
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package madmin
-
-import (
-	"bytes"
-	"context"
-	"crypto/sha256"
-	"encoding/hex"
-	"errors"
-	"fmt"
-	"io"
-	"io/ioutil"
-	"math/rand"
-	"net/http"
-	"net/http/cookiejar"
-	"net/http/httputil"
-	"net/url"
-	"os"
-	"regexp"
-	"runtime"
-	"strings"
-	"syscall"
-	"time"
-
-	"github.com/minio/minio-go/v7/pkg/credentials"
-	"github.com/minio/minio-go/v7/pkg/s3utils"
-	"github.com/minio/minio-go/v7/pkg/signer"
-	"golang.org/x/net/publicsuffix"
-)
-
-// AdminClient implements Amazon S3 compatible methods.
-type AdminClient struct {
-	///  Standard options.
-
-	// Parsed endpoint url provided by the user.
-	endpointURL *url.URL
-
-	// Holds various credential providers.
-	credsProvider *credentials.Credentials
-
-	// User supplied.
-	appInfo struct {
-		appName    string
-		appVersion string
-	}
-
-	// Indicate whether we are using https or not
-	secure bool
-
-	// Needs allocation.
-	httpClient *http.Client
-
-	random *rand.Rand
-
-	// Advanced functionality.
-	isTraceEnabled bool
-	traceOutput    io.Writer
-}
-
-// Global constants.
-const (
-	libraryName    = "madmin-go"
-	libraryVersion = "0.0.1"
-
-	libraryAdminURLPrefix = "/minio/admin"
-)
-
-// User Agent should always following the below style.
-// Please open an issue to discuss any new changes here.
-//
-//       MinIO (OS; ARCH) LIB/VER APP/VER
-const (
-	libraryUserAgentPrefix = "MinIO (" + runtime.GOOS + "; " + runtime.GOARCH + ") "
-	libraryUserAgent       = libraryUserAgentPrefix + libraryName + "/" + libraryVersion
-)
-
-// Options for New method
-type Options struct {
-	Creds  *credentials.Credentials
-	Secure bool
-	// Add future fields here
-}
-
-// New - instantiate minio admin client
-func New(endpoint string, accessKeyID, secretAccessKey string, secure bool) (*AdminClient, error) {
-	creds := credentials.NewStaticV4(accessKeyID, secretAccessKey, "")
-
-	clnt, err := privateNew(endpoint, creds, secure)
-	if err != nil {
-		return nil, err
-	}
-	return clnt, nil
-}
-
-// NewWithOptions - instantiate minio admin client with options.
-func NewWithOptions(endpoint string, opts *Options) (*AdminClient, error) {
-	clnt, err := privateNew(endpoint, opts.Creds, opts.Secure)
-	if err != nil {
-		return nil, err
-	}
-	return clnt, nil
-}
-
-func privateNew(endpoint string, creds *credentials.Credentials, secure bool) (*AdminClient, error) {
-	// Initialize cookies to preserve server sent cookies if any and replay
-	// them upon each request.
-	jar, err := cookiejar.New(&cookiejar.Options{PublicSuffixList: publicsuffix.List})
-	if err != nil {
-		return nil, err
-	}
-
-	// construct endpoint.
-	endpointURL, err := getEndpointURL(endpoint, secure)
-	if err != nil {
-		return nil, err
-	}
-
-	clnt := new(AdminClient)
-
-	// Save the credentials.
-	clnt.credsProvider = creds
-
-	// Remember whether we are using https or not
-	clnt.secure = secure
-
-	// Save endpoint URL, user agent for future uses.
-	clnt.endpointURL = endpointURL
-
-	// Instantiate http client and bucket location cache.
-	clnt.httpClient = &http.Client{
-		Jar:       jar,
-		Transport: DefaultTransport(secure),
-	}
-
-	// Add locked pseudo-random number generator.
-	clnt.random = rand.New(&lockedRandSource{src: rand.NewSource(time.Now().UTC().UnixNano())})
-
-	// Return.
-	return clnt, nil
-}
-
-// SetAppInfo - add application details to user agent.
-func (adm *AdminClient) SetAppInfo(appName string, appVersion string) {
-	// if app name and version is not set, we do not a new user
-	// agent.
-	if appName != "" && appVersion != "" {
-		adm.appInfo.appName = appName
-		adm.appInfo.appVersion = appVersion
-	}
-}
-
-// SetCustomTransport - set new custom transport.
-func (adm *AdminClient) SetCustomTransport(customHTTPTransport http.RoundTripper) {
-	// Set this to override default transport
-	// ``http.DefaultTransport``.
-	//
-	// This transport is usually needed for debugging OR to add your
-	// own custom TLS certificates on the client transport, for custom
-	// CA's and certs which are not part of standard certificate
-	// authority follow this example :-
-	//
-	//   tr := &http.Transport{
-	//           TLSClientConfig:    &tls.Config{RootCAs: pool},
-	//           DisableCompression: true,
-	//   }
-	//   api.SetTransport(tr)
-	//
-	if adm.httpClient != nil {
-		adm.httpClient.Transport = customHTTPTransport
-	}
-}
-
-// TraceOn - enable HTTP tracing.
-func (adm *AdminClient) TraceOn(outputStream io.Writer) {
-	// if outputStream is nil then default to os.Stdout.
-	if outputStream == nil {
-		outputStream = os.Stdout
-	}
-	// Sets a new output stream.
-	adm.traceOutput = outputStream
-
-	// Enable tracing.
-	adm.isTraceEnabled = true
-}
-
-// TraceOff - disable HTTP tracing.
-func (adm *AdminClient) TraceOff() {
-	// Disable tracing.
-	adm.isTraceEnabled = false
-}
-
-// requestMetadata - is container for all the values to make a
-// request.
-type requestData struct {
-	customHeaders http.Header
-	queryValues   url.Values
-	relPath       string // URL path relative to admin API base endpoint
-	content       []byte
-}
-
-// Filter out signature value from Authorization header.
-func (adm AdminClient) filterSignature(req *http.Request) {
-	/// Signature V4 authorization header.
-
-	// Save the original auth.
-	origAuth := req.Header.Get("Authorization")
-	// Strip out accessKeyID from:
-	// Credential=<access-key-id>/<date>/<aws-region>/<aws-service>/aws4_request
-	regCred := regexp.MustCompile("Credential=([A-Z0-9]+)/")
-	newAuth := regCred.ReplaceAllString(origAuth, "Credential=**REDACTED**/")
-
-	// Strip out 256-bit signature from: Signature=<256-bit signature>
-	regSign := regexp.MustCompile("Signature=([[0-9a-f]+)")
-	newAuth = regSign.ReplaceAllString(newAuth, "Signature=**REDACTED**")
-
-	// Set a temporary redacted auth
-	req.Header.Set("Authorization", newAuth)
-}
-
-// dumpHTTP - dump HTTP request and response.
-func (adm AdminClient) dumpHTTP(req *http.Request, resp *http.Response) error {
-	// Starts http dump.
-	_, err := fmt.Fprintln(adm.traceOutput, "---------START-HTTP---------")
-	if err != nil {
-		return err
-	}
-
-	// Filter out Signature field from Authorization header.
-	adm.filterSignature(req)
-
-	// Only display request header.
-	reqTrace, err := httputil.DumpRequestOut(req, false)
-	if err != nil {
-		return err
-	}
-
-	// Write request to trace output.
-	_, err = fmt.Fprint(adm.traceOutput, string(reqTrace))
-	if err != nil {
-		return err
-	}
-
-	// Only display response header.
-	var respTrace []byte
-
-	// For errors we make sure to dump response body as well.
-	if resp.StatusCode != http.StatusOK &&
-		resp.StatusCode != http.StatusPartialContent &&
-		resp.StatusCode != http.StatusNoContent {
-		respTrace, err = httputil.DumpResponse(resp, true)
-		if err != nil {
-			return err
-		}
-	} else {
-		// WORKAROUND for https://github.com/golang/go/issues/13942.
-		// httputil.DumpResponse does not print response headers for
-		// all successful calls which have response ContentLength set
-		// to zero. Keep this workaround until the above bug is fixed.
-		if resp.ContentLength == 0 {
-			var buffer bytes.Buffer
-			if err = resp.Header.Write(&buffer); err != nil {
-				return err
-			}
-			respTrace = buffer.Bytes()
-			respTrace = append(respTrace, []byte("\r\n")...)
-		} else {
-			respTrace, err = httputil.DumpResponse(resp, false)
-			if err != nil {
-				return err
-			}
-		}
-	}
-	// Write response to trace output.
-	_, err = fmt.Fprint(adm.traceOutput, strings.TrimSuffix(string(respTrace), "\r\n"))
-	if err != nil {
-		return err
-	}
-
-	// Ends the http dump.
-	_, err = fmt.Fprintln(adm.traceOutput, "---------END-HTTP---------")
-	return err
-}
-
-// do - execute http request.
-func (adm AdminClient) do(req *http.Request) (*http.Response, error) {
-	resp, err := adm.httpClient.Do(req)
-	if err != nil {
-		// Handle this specifically for now until future Golang versions fix this issue properly.
-		if urlErr, ok := err.(*url.Error); ok {
-			if strings.Contains(urlErr.Err.Error(), "EOF") {
-				return nil, &url.Error{
-					Op:  urlErr.Op,
-					URL: urlErr.URL,
-					Err: errors.New("Connection closed by foreign host " + urlErr.URL + ". Retry again."),
-				}
-			}
-		}
-		return nil, err
-	}
-
-	// Response cannot be non-nil, report if its the case.
-	if resp == nil {
-		msg := "Response is empty. " // + reportIssue
-		return nil, ErrInvalidArgument(msg)
-	}
-
-	// If trace is enabled, dump http request and response.
-	if adm.isTraceEnabled {
-		err = adm.dumpHTTP(req, resp)
-		if err != nil {
-			return nil, err
-		}
-	}
-	return resp, nil
-}
-
-// List of success status.
-var successStatus = []int{
-	http.StatusOK,
-	http.StatusNoContent,
-	http.StatusPartialContent,
-}
-
-// executeMethod - instantiates a given method, and retries the
-// request upon any error up to maxRetries attempts in a binomially
-// delayed manner using a standard back off algorithm.
-func (adm AdminClient) executeMethod(ctx context.Context, method string, reqData requestData) (res *http.Response, err error) {
-	var reqRetry = MaxRetry // Indicates how many times we can retry the request
-	defer func() {
-		if err != nil {
-			// close idle connections before returning, upon error.
-			adm.httpClient.CloseIdleConnections()
-		}
-	}()
-
-	// Create cancel context to control 'newRetryTimer' go routine.
-	retryCtx, cancel := context.WithCancel(ctx)
-
-	// Indicate to our routine to exit cleanly upon return.
-	defer cancel()
-
-	for range adm.newRetryTimer(retryCtx, reqRetry, DefaultRetryUnit, DefaultRetryCap, MaxJitter) {
-		// Instantiate a new request.
-		var req *http.Request
-		req, err = adm.newRequest(ctx, method, reqData)
-		if err != nil {
-			return nil, err
-		}
-
-		// Initiate the request.
-		res, err = adm.do(req)
-		if err != nil {
-			// Give up right away if it is a connection refused problem
-			if errors.Is(err, syscall.ECONNREFUSED) {
-				return nil, err
-			}
-			if err == context.Canceled || err == context.DeadlineExceeded {
-				return nil, err
-			}
-			// retry all network errors.
-			continue
-		}
-
-		// For any known successful http status, return quickly.
-		for _, httpStatus := range successStatus {
-			if httpStatus == res.StatusCode {
-				return res, nil
-			}
-		}
-
-		// Read the body to be saved later.
-		errBodyBytes, err := ioutil.ReadAll(res.Body)
-		// res.Body should be closed
-		closeResponse(res)
-		if err != nil {
-			return nil, err
-		}
-
-		// Save the body.
-		errBodySeeker := bytes.NewReader(errBodyBytes)
-		res.Body = ioutil.NopCloser(errBodySeeker)
-
-		// For errors verify if its retryable otherwise fail quickly.
-		errResponse := ToErrorResponse(httpRespToErrorResponse(res))
-
-		// Save the body back again.
-		errBodySeeker.Seek(0, 0) // Seek back to starting point.
-		res.Body = ioutil.NopCloser(errBodySeeker)
-
-		// Verify if error response code is retryable.
-		if isS3CodeRetryable(errResponse.Code) {
-			continue // Retry.
-		}
-
-		// Verify if http status code is retryable.
-		if isHTTPStatusRetryable(res.StatusCode) {
-			continue // Retry.
-		}
-
-		break
-	}
-
-	// Return an error when retry is canceled or deadlined
-	if e := retryCtx.Err(); e != nil {
-		return nil, e
-	}
-
-	return res, err
-}
-
-// set User agent.
-func (adm AdminClient) setUserAgent(req *http.Request) {
-	req.Header.Set("User-Agent", libraryUserAgent)
-	if adm.appInfo.appName != "" && adm.appInfo.appVersion != "" {
-		req.Header.Set("User-Agent", libraryUserAgent+" "+adm.appInfo.appName+"/"+adm.appInfo.appVersion)
-	}
-}
-
-func (adm AdminClient) getSecretKey() string {
-	value, err := adm.credsProvider.Get()
-	if err != nil {
-		// Return empty, call will fail.
-		return ""
-	}
-
-	return value.SecretAccessKey
-}
-
-// newRequest - instantiate a new HTTP request for a given method.
-func (adm AdminClient) newRequest(ctx context.Context, method string, reqData requestData) (req *http.Request, err error) {
-	// If no method is supplied default to 'POST'.
-	if method == "" {
-		method = "POST"
-	}
-
-	// Default all requests to ""
-	location := ""
-
-	// Construct a new target URL.
-	targetURL, err := adm.makeTargetURL(reqData)
-	if err != nil {
-		return nil, err
-	}
-
-	// Initialize a new HTTP request for the method.
-	req, err = http.NewRequestWithContext(ctx, method, targetURL.String(), nil)
-	if err != nil {
-		return nil, err
-	}
-
-	value, err := adm.credsProvider.Get()
-	if err != nil {
-		return nil, err
-	}
-
-	var (
-		accessKeyID     = value.AccessKeyID
-		secretAccessKey = value.SecretAccessKey
-		sessionToken    = value.SessionToken
-	)
-
-	adm.setUserAgent(req)
-	for k, v := range reqData.customHeaders {
-		req.Header.Set(k, v[0])
-	}
-	if length := len(reqData.content); length > 0 {
-		req.ContentLength = int64(length)
-	}
-	sum := sha256.Sum256(reqData.content)
-	req.Header.Set("X-Amz-Content-Sha256", hex.EncodeToString(sum[:]))
-	req.Body = ioutil.NopCloser(bytes.NewReader(reqData.content))
-
-	req = signer.SignV4(*req, accessKeyID, secretAccessKey, sessionToken, location)
-	return req, nil
-}
-
-// makeTargetURL make a new target url.
-func (adm AdminClient) makeTargetURL(r requestData) (*url.URL, error) {
-
-	host := adm.endpointURL.Host
-	scheme := adm.endpointURL.Scheme
-
-	urlStr := scheme + "://" + host + libraryAdminURLPrefix + r.relPath
-
-	// If there are any query values, add them to the end.
-	if len(r.queryValues) > 0 {
-		urlStr = urlStr + "?" + s3utils.QueryEncode(r.queryValues)
-	}
-	u, err := url.Parse(urlStr)
-	if err != nil {
-		return nil, err
-	}
-	return u, nil
-}

pkg/madmin/api_test.go

@@ -1,32 +0,0 @@
-// Copyright (c) 2015-2021 MinIO, Inc.
-//
-// This file is part of MinIO Object Storage stack
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-// Package madmin_test
-package madmin_test
-
-import (
-	"testing"
-
-	"github.com/minio/minio/pkg/madmin"
-)
-
-func TestMinioAdminClient(t *testing.T) {
-	_, err := madmin.New("localhost:9000", "food", "food123", true)
-	if err != nil {
-		t.Fatal(err)
-	}
-}

pkg/madmin/bandwidth.go

@@ -1,91 +0,0 @@
-// Copyright (c) 2015-2021 MinIO, Inc.
-//
-// This file is part of MinIO Object Storage stack
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package madmin
-
-import (
-	"context"
-	"encoding/json"
-	"net/http"
-	"net/url"
-	"strings"
-)
-
-// BandwidthDetails for the measured bandwidth
-type BandwidthDetails struct {
-	LimitInBytesPerSecond            int64   `json:"limitInBits"`
-	CurrentBandwidthInBytesPerSecond float64 `json:"currentBandwidth"`
-}
-
-// BucketBandwidthReport captures the details for all buckets.
-type BucketBandwidthReport struct {
-	BucketStats map[string]BandwidthDetails `json:"bucketStats,omitempty"`
-}
-
-// Report includes the bandwidth report or the error encountered.
-type Report struct {
-	Report BucketBandwidthReport `json:"report"`
-	Err    error                 `json:"error,omitempty"`
-}
-
-// GetBucketBandwidth - Gets a channel reporting bandwidth measurements for replication buckets. If no buckets
-// generate replication traffic an empty map is returned in the report until traffic is seen.
-func (adm *AdminClient) GetBucketBandwidth(ctx context.Context, buckets ...string) <-chan Report {
-	queryValues := url.Values{}
-	ch := make(chan Report)
-	if len(buckets) > 0 {
-		queryValues.Set("buckets", strings.Join(buckets, ","))
-	}
-
-	reqData := requestData{
-		relPath:     adminAPIPrefix + "/bandwidth",
-		queryValues: queryValues,
-	}
-	resp, err := adm.executeMethod(ctx, http.MethodGet, reqData)
-	if err != nil {
-		defer closeResponse(resp)
-		ch <- Report{Err: err}
-		return ch
-	}
-	if resp.StatusCode != http.StatusOK {
-		ch <- Report{Err: httpRespToErrorResponse(resp)}
-		return ch
-	}
-
-	dec := json.NewDecoder(resp.Body)
-
-	go func(ctx context.Context, ch chan<- Report, resp *http.Response) {
-		defer func() {
-			closeResponse(resp)
-			close(ch)
-		}()
-		for {
-			var report BucketBandwidthReport
-
-			if err = dec.Decode(&report); err != nil {
-				ch <- Report{Err: err}
-				return
-			}
-			select {
-			case <-ctx.Done():
-				return
-			case ch <- Report{Report: report}:
-			}
-		}
-	}(ctx, ch, resp)
-	return ch
-}

pkg/madmin/config-commands.go

@@ -1,82 +0,0 @@
-// Copyright (c) 2015-2021 MinIO, Inc.
-//
-// This file is part of MinIO Object Storage stack
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package madmin
-
-import (
-	"bytes"
-	"context"
-	"io"
-	"net/http"
-)
-
-// GetConfig - returns the config.json of a minio setup, incoming data is encrypted.
-func (adm *AdminClient) GetConfig(ctx context.Context) ([]byte, error) {
-	// Execute GET on /minio/admin/v3/config to get config of a setup.
-	resp, err := adm.executeMethod(ctx,
-		http.MethodGet,
-		requestData{relPath: adminAPIPrefix + "/config"})
-	defer closeResponse(resp)
-	if err != nil {
-		return nil, err
-	}
-
-	if resp.StatusCode != http.StatusOK {
-		return nil, httpRespToErrorResponse(resp)
-	}
-
-	return DecryptData(adm.getSecretKey(), resp.Body)
-}
-
-// SetConfig - set config supplied as config.json for the setup.
-func (adm *AdminClient) SetConfig(ctx context.Context, config io.Reader) (err error) {
-	const maxConfigJSONSize = 256 * 1024 // 256KiB
-
-	// Read configuration bytes
-	configBuf := make([]byte, maxConfigJSONSize+1)
-	n, err := io.ReadFull(config, configBuf)
-	if err == nil {
-		return bytes.ErrTooLarge
-	}
-	if err != io.ErrUnexpectedEOF {
-		return err
-	}
-	configBytes := configBuf[:n]
-	econfigBytes, err := EncryptData(adm.getSecretKey(), configBytes)
-	if err != nil {
-		return err
-	}
-
-	reqData := requestData{
-		relPath: adminAPIPrefix + "/config",
-		content: econfigBytes,
-	}
-
-	// Execute PUT on /minio/admin/v3/config to set config.
-	resp, err := adm.executeMethod(ctx, http.MethodPut, reqData)
-
-	defer closeResponse(resp)
-	if err != nil {
-		return err
-	}
-
-	if resp.StatusCode != http.StatusOK {
-		return httpRespToErrorResponse(resp)
-	}
-
-	return nil
-}

pkg/madmin/config-help-commands.go

@@ -1,90 +0,0 @@
-// Copyright (c) 2015-2021 MinIO, Inc.
-//
-// This file is part of MinIO Object Storage stack
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package madmin
-
-import (
-	"context"
-	"encoding/json"
-	"net/http"
-	"net/url"
-)
-
-// Help - return sub-system level help
-type Help struct {
-	SubSys          string  `json:"subSys"`
-	Description     string  `json:"description"`
-	MultipleTargets bool    `json:"multipleTargets"`
-	KeysHelp        HelpKVS `json:"keysHelp"`
-}
-
-// HelpKV - implements help messages for keys
-// with value as description of the keys.
-type HelpKV struct {
-	Key             string `json:"key"`
-	Description     string `json:"description"`
-	Optional        bool   `json:"optional"`
-	Type            string `json:"type"`
-	MultipleTargets bool   `json:"multipleTargets"`
-}
-
-// HelpKVS - implement order of keys help messages.
-type HelpKVS []HelpKV
-
-// Keys returns help keys
-func (h Help) Keys() []string {
-	var keys []string
-	for _, kh := range h.KeysHelp {
-		keys = append(keys, kh.Key)
-	}
-	return keys
-}
-
-// HelpConfigKV - return help for a given sub-system.
-func (adm *AdminClient) HelpConfigKV(ctx context.Context, subSys, key string, envOnly bool) (Help, error) {
-	v := url.Values{}
-	v.Set("subSys", subSys)
-	v.Set("key", key)
-	if envOnly {
-		v.Set("env", "")
-	}
-
-	reqData := requestData{
-		relPath:     adminAPIPrefix + "/help-config-kv",
-		queryValues: v,
-	}
-
-	// Execute GET on /minio/admin/v3/help-config-kv
-	resp, err := adm.executeMethod(ctx, http.MethodGet, reqData)
-	if err != nil {
-		return Help{}, err
-	}
-	defer closeResponse(resp)
-
-	if resp.StatusCode != http.StatusOK {
-		return Help{}, httpRespToErrorResponse(resp)
-	}
-
-	var help = Help{}
-	d := json.NewDecoder(resp.Body)
-	d.DisallowUnknownFields()
-	if err = d.Decode(&help); err != nil {
-		return help, err
-	}
-
-	return help, nil
-}

pkg/madmin/config-history-commands.go

@@ -1,127 +0,0 @@
-// Copyright (c) 2015-2021 MinIO, Inc.
-//
-// This file is part of MinIO Object Storage stack
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package madmin
-
-import (
-	"context"
-	"encoding/json"
-	"net/http"
-	"net/url"
-	"strconv"
-	"time"
-)
-
-// ClearConfigHistoryKV - clears the config entry represented by restoreID.
-// optionally allows setting `all` as a special keyword to automatically
-// erase all config set history entires.
-func (adm *AdminClient) ClearConfigHistoryKV(ctx context.Context, restoreID string) (err error) {
-	v := url.Values{}
-	v.Set("restoreId", restoreID)
-	reqData := requestData{
-		relPath:     adminAPIPrefix + "/clear-config-history-kv",
-		queryValues: v,
-	}
-
-	// Execute DELETE on /minio/admin/v3/clear-config-history-kv
-	resp, err := adm.executeMethod(ctx, http.MethodDelete, reqData)
-
-	defer closeResponse(resp)
-	if err != nil {
-		return err
-	}
-
-	if resp.StatusCode != http.StatusOK {
-		return httpRespToErrorResponse(resp)
-	}
-
-	return nil
-}
-
-// RestoreConfigHistoryKV - Restore a previous config set history.
-// Input is a unique id which represents the previous setting.
-func (adm *AdminClient) RestoreConfigHistoryKV(ctx context.Context, restoreID string) (err error) {
-	v := url.Values{}
-	v.Set("restoreId", restoreID)
-	reqData := requestData{
-		relPath:     adminAPIPrefix + "/restore-config-history-kv",
-		queryValues: v,
-	}
-
-	// Execute PUT on /minio/admin/v3/set-config-kv to set config key/value.
-	resp, err := adm.executeMethod(ctx, http.MethodPut, reqData)
-
-	defer closeResponse(resp)
-	if err != nil {
-		return err
-	}
-
-	if resp.StatusCode != http.StatusOK {
-		return httpRespToErrorResponse(resp)
-	}
-
-	return nil
-}
-
-// ConfigHistoryEntry - captures config set history with a unique
-// restore ID and createTime
-type ConfigHistoryEntry struct {
-	RestoreID  string    `json:"restoreId"`
-	CreateTime time.Time `json:"createTime"`
-	Data       string    `json:"data"`
-}
-
-// CreateTimeFormatted is used to print formatted time for CreateTime.
-func (ch ConfigHistoryEntry) CreateTimeFormatted() string {
-	return ch.CreateTime.Format(http.TimeFormat)
-}
-
-// ListConfigHistoryKV - lists a slice of ConfigHistoryEntries sorted by createTime.
-func (adm *AdminClient) ListConfigHistoryKV(ctx context.Context, count int) ([]ConfigHistoryEntry, error) {
-	if count == 0 {
-		count = 10
-	}
-	v := url.Values{}
-	v.Set("count", strconv.Itoa(count))
-
-	// Execute GET on /minio/admin/v3/list-config-history-kv
-	resp, err := adm.executeMethod(ctx,
-		http.MethodGet,
-		requestData{
-			relPath:     adminAPIPrefix + "/list-config-history-kv",
-			queryValues: v,
-		})
-	defer closeResponse(resp)
-	if err != nil {
-		return nil, err
-	}
-	if resp.StatusCode != http.StatusOK {
-		return nil, httpRespToErrorResponse(resp)
-	}
-
-	data, err := DecryptData(adm.getSecretKey(), resp.Body)
-	if err != nil {
-		return nil, err
-	}
-
-	var chEntries []ConfigHistoryEntry
-	if err = json.Unmarshal(data, &chEntries); err != nil {
-		return chEntries, err
-	}
-
-	return chEntries, nil
-}

pkg/madmin/config-kv-commands.go

@@ -1,112 +0,0 @@
-// Copyright (c) 2015-2021 MinIO, Inc.
-//
-// This file is part of MinIO Object Storage stack
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package madmin
-
-import (
-	"context"
-	"net/http"
-	"net/url"
-)
-
-// DelConfigKV - delete key from server config.
-func (adm *AdminClient) DelConfigKV(ctx context.Context, k string) (err error) {
-	econfigBytes, err := EncryptData(adm.getSecretKey(), []byte(k))
-	if err != nil {
-		return err
-	}
-
-	reqData := requestData{
-		relPath: adminAPIPrefix + "/del-config-kv",
-		content: econfigBytes,
-	}
-
-	// Execute DELETE on /minio/admin/v3/del-config-kv to delete config key.
-	resp, err := adm.executeMethod(ctx, http.MethodDelete, reqData)
-
-	defer closeResponse(resp)
-	if err != nil {
-		return err
-	}
-
-	if resp.StatusCode != http.StatusOK {
-		return httpRespToErrorResponse(resp)
-	}
-
-	return nil
-}
-
-const (
-	// ConfigAppliedHeader is the header indicating whether the config was applied without requiring a restart.
-	ConfigAppliedHeader = "x-minio-config-applied"
-
-	// ConfigAppliedTrue is the value set in header if the config was applied.
-	ConfigAppliedTrue = "true"
-)
-
-// SetConfigKV - set key value config to server.
-func (adm *AdminClient) SetConfigKV(ctx context.Context, kv string) (restart bool, err error) {
-	econfigBytes, err := EncryptData(adm.getSecretKey(), []byte(kv))
-	if err != nil {
-		return false, err
-	}
-
-	reqData := requestData{
-		relPath: adminAPIPrefix + "/set-config-kv",
-		content: econfigBytes,
-	}
-
-	// Execute PUT on /minio/admin/v3/set-config-kv to set config key/value.
-	resp, err := adm.executeMethod(ctx, http.MethodPut, reqData)
-
-	defer closeResponse(resp)
-	if err != nil {
-		return false, err
-	}
-
-	if resp.StatusCode != http.StatusOK {
-		return false, httpRespToErrorResponse(resp)
-	}
-
-	return resp.Header.Get(ConfigAppliedHeader) != ConfigAppliedTrue, nil
-}
-
-// GetConfigKV - returns the key, value of the requested key, incoming data is encrypted.
-func (adm *AdminClient) GetConfigKV(ctx context.Context, key string) ([]byte, error) {
-	v := url.Values{}
-	v.Set("key", key)
-
-	// Execute GET on /minio/admin/v3/get-config-kv?key={key} to get value of key.
-	resp, err := adm.executeMethod(ctx,
-		http.MethodGet,
-		requestData{
-			relPath:     adminAPIPrefix + "/get-config-kv",
-			queryValues: v,
-		})
-	defer closeResponse(resp)
-	if err != nil {
-		return nil, err
-	}
-
-	defer closeResponse(resp)
-
-	if resp.StatusCode != http.StatusOK {
-		return nil, httpRespToErrorResponse(resp)
-	}
-
-	return DecryptData(adm.getSecretKey(), resp.Body)
-}

pkg/madmin/encrypt.go

@@ -1,160 +0,0 @@
-// Copyright (c) 2015-2021 MinIO, Inc.
-//
-// This file is part of MinIO Object Storage stack
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package madmin
-
-import (
-	"bytes"
-	"crypto/sha256"
-	"errors"
-	"io"
-	"io/ioutil"
-
-	"github.com/minio/argon2"
-	"github.com/minio/minio/pkg/fips"
-	"github.com/secure-io/sio-go"
-	"github.com/secure-io/sio-go/sioutil"
-	"golang.org/x/crypto/pbkdf2"
-)
-
-// EncryptData encrypts the data with an unique key
-// derived from password using the Argon2id PBKDF.
-//
-// The returned ciphertext data consists of:
-//    salt | AEAD ID | nonce | encrypted data
-//     32      1         8      ~ len(data)
-func EncryptData(password string, data []byte) ([]byte, error) {
-	salt := sioutil.MustRandom(32)
-
-	var (
-		id     byte
-		err    error
-		stream *sio.Stream
-	)
-	if fips.Enabled() {
-		key := pbkdf2.Key([]byte(password), salt, pbkdf2Cost, 32, sha256.New)
-		stream, err = sio.AES_256_GCM.Stream(key)
-		if err != nil {
-			return nil, err
-		}
-		id = pbkdf2AESGCM
-	} else {
-		key := argon2.IDKey([]byte(password), salt, argon2idTime, argon2idMemory, argon2idThreads, 32)
-		if sioutil.NativeAES() {
-			stream, err = sio.AES_256_GCM.Stream(key)
-			if err != nil {
-				return nil, err
-			}
-			id = argon2idAESGCM
-		} else {
-			stream, err = sio.ChaCha20Poly1305.Stream(key)
-			if err != nil {
-				return nil, err
-			}
-			id = argon2idChaCHa20Poly1305
-		}
-	}
-
-	nonce := sioutil.MustRandom(stream.NonceSize())
-
-	// ciphertext = salt || AEAD ID | nonce | encrypted data
-	cLen := int64(len(salt)+1+len(nonce)+len(data)) + stream.Overhead(int64(len(data)))
-	ciphertext := bytes.NewBuffer(make([]byte, 0, cLen)) // pre-alloc correct length
-
-	// Prefix the ciphertext with salt, AEAD ID and nonce
-	ciphertext.Write(salt)
-	ciphertext.WriteByte(id)
-	ciphertext.Write(nonce)
-
-	w := stream.EncryptWriter(ciphertext, nonce, nil)
-	if _, err = w.Write(data); err != nil {
-		return nil, err
-	}
-	if err = w.Close(); err != nil {
-		return nil, err
-	}
-	return ciphertext.Bytes(), nil
-}
-
-// ErrMaliciousData indicates that the stream cannot be
-// decrypted by provided credentials.
-var ErrMaliciousData = sio.NotAuthentic
-
-// DecryptData decrypts the data with the key derived
-// from the salt (part of data) and the password using
-// the PBKDF used in EncryptData. DecryptData returns
-// the decrypted plaintext on success.
-//
-// The data must be a valid ciphertext produced by
-// EncryptData. Otherwise, the decryption will fail.
-func DecryptData(password string, data io.Reader) ([]byte, error) {
-	var (
-		salt  [32]byte
-		id    [1]byte
-		nonce [8]byte // This depends on the AEAD but both used ciphers have the same nonce length.
-	)
-
-	if _, err := io.ReadFull(data, salt[:]); err != nil {
-		return nil, err
-	}
-	if _, err := io.ReadFull(data, id[:]); err != nil {
-		return nil, err
-	}
-	if _, err := io.ReadFull(data, nonce[:]); err != nil {
-		return nil, err
-	}
-
-	var (
-		err    error
-		stream *sio.Stream
-	)
-	switch {
-	case id[0] == argon2idAESGCM:
-		key := argon2.IDKey([]byte(password), salt[:], argon2idTime, argon2idMemory, argon2idThreads, 32)
-		stream, err = sio.AES_256_GCM.Stream(key)
-	case id[0] == argon2idChaCHa20Poly1305:
-		key := argon2.IDKey([]byte(password), salt[:], argon2idTime, argon2idMemory, argon2idThreads, 32)
-		stream, err = sio.ChaCha20Poly1305.Stream(key)
-	case id[0] == pbkdf2AESGCM:
-		key := pbkdf2.Key([]byte(password), salt[:], pbkdf2Cost, 32, sha256.New)
-		stream, err = sio.AES_256_GCM.Stream(key)
-	default:
-		err = errors.New("madmin: invalid encryption algorithm ID")
-	}
-	if err != nil {
-		return nil, err
-	}
-
-	plaintext, err := ioutil.ReadAll(stream.DecryptReader(data, nonce[:], nil))
-	if err != nil {
-		return nil, err
-	}
-	return plaintext, err
-}
-
-const (
-	argon2idAESGCM           = 0x00
-	argon2idChaCHa20Poly1305 = 0x01
-	pbkdf2AESGCM             = 0x02
-)
-
-const (
-	argon2idTime    = 1
-	argon2idMemory  = 64 * 1024
-	argon2idThreads = 4
-	pbkdf2Cost      = 8192
-)

pkg/madmin/encrypt_test.go

@@ -1,97 +0,0 @@
-// Copyright (c) 2015-2021 MinIO, Inc.
-//
-// This file is part of MinIO Object Storage stack
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package madmin
-
-import (
-	"bytes"
-	"encoding/hex"
-	"fmt"
-	"testing"
-)
-
-var encryptDataTests = []struct {
-	Password string
-	Data     []byte
-}{
-	{Password: "", Data: nil},
-	{Password: "", Data: make([]byte, 256)},
-	{Password: `xPl.8/rhR"Q_1xLt`, Data: make([]byte, 32)},
-	{Password: "m69?yz4W-!k+7p0", Data: make([]byte, 1024*1024)},
-	{Password: `7h5oU4$te{;K}fgqlI^]`, Data: make([]byte, 256)},
-}
-
-func TestEncryptData(t *testing.T) {
-	for i, test := range encryptDataTests {
-		i, test := i, test
-		t.Run(fmt.Sprintf("Test-%d", i), func(t *testing.T) {
-			ciphertext, err := EncryptData(test.Password, test.Data)
-			if err != nil {
-				t.Fatalf("Failed to encrypt data: %v", err)
-			}
-
-			plaintext, err := DecryptData(test.Password, bytes.NewReader(ciphertext))
-			if err != nil {
-				t.Fatalf("Failed to decrypt data: %v", err)
-			}
-			if !bytes.Equal(plaintext, test.Data) {
-				t.Fatal("Decrypt plaintext does not match origin data")
-			}
-		})
-	}
-}
-
-var decryptDataTests = []struct {
-	Password string
-	Data     string
-}{
-	{Password: "", Data: "828aa81599df0651c0461adb82283e8b89956baee9f6e719947ef9cddc849028001dc9d3ac0938f66b07bacc9751437e1985f8a9763c240e81"},
-
-	{Password: "", Data: "1793c71df6647860437134073c15688cbb15961dc0758c7ee1225e66e79c724c00d790dba9c671eae89da2c736d858286ac9bd027abacc6443" +
-		"0375cd41b63b67c070c7fba475a8dd66ae65ba905176c48cbe6f734fc74df87343d8ccff54bada4aeb0a04bd021633ebe6c4768e23f5dea142" +
-		"561d4fe3f90ed59d13dc5fb3a585dadec1742325291b9c81692bdd3420b2428127f8195e0ecd9a1c9237712ed67af7339fbbf7ff3ee1c516e1" +
-		"f81e69d933e057b30997e7274a2c9698e07c39f0e8d6818858f34c8191871b5a52bea9061806bd029024bfc1d9c1f230904968d6c9e10fddcb" +
-		"c006ba97356ff243570fd96df07dd6894e215a6b24c4ed730369519289ebd877aff6ccbd2265985e4ab1a2b7930bab9cfb767b97348a639ddf" +
-		"8db81bf5151da7e8f3d9638a1b86eb1dd78cc6a526f10a414c78638f"},
-
-	{Password: `xPl.8/rhR"Q_1xLt`, Data: "b5c016e93b84b473fc8a37af94936563630c36d6df1841d23a86ee51ca161f9e00ac19116b32f643ff6a56a212b265d8c56" +
-		"195bb0d12ce199e13dfdc5272f80c1564da2c6fc2fa18da91d8062de02af5cdafea491c6f3cae1f"},
-
-	{Password: `7h5oU4$te{;K}fgqlI^]`, Data: "c58edf7cfd557b6b655de6f48b1a3049d8d049dadb3a7bfa9ac9ccbb5baf37ec00f83086a26f43b7d6bc9075ad0" +
-		"38bf5741f118d502ebe94165e4072ba7f98535d6b1e3b6ae67a98115d146d9b4d90e4df4ae82df9cfa17ed7cd42" +
-		"465181559f7ddf09c98beec521bb4478e0cb73c4e0827af8688ff4e7a07327a10d5a180035e6ddb16d974a85257" +
-		"981cd9e0360a20f7b4d653190267dfb241148f018ae180568042e864b9e1b5bc05425a3abc2b0324f50c72d5679" +
-		"8f924405dfc0f8523f4bb564ed65af8e1b1c82a7a0640552ecf81985d95d0993d99172592ddc1393dfa63e8f0b3" +
-		"d744b2cc4b73384ca4693f0c1aec0e9b00e85f2937e891105d67da8f59c14ca96608e0425c42f9c1e7c2a8b3413" +
-		"e1381784f9cfe01de7c47cea1f8d7a7d88f5d4aca783cf55332b47f957a6b9a65269d7eb606b877b"},
-}
-
-func TestDecryptData(t *testing.T) {
-	for i, test := range decryptDataTests {
-		i, test := i, test
-		t.Run(fmt.Sprintf("Test-%d", i), func(t *testing.T) {
-			ciphertext, err := hex.DecodeString(test.Data)
-			if err != nil {
-				t.Fatalf("Failed to decode ciphertext data: %v", err)
-			}
-			_, err = DecryptData(test.Password, bytes.NewReader(ciphertext))
-			if err != nil {
-				t.Fatalf("Failed to decrypt data: %v", err)
-			}
-		})
-	}
-}

pkg/madmin/examples/accounting-info.go

@@ -1,46 +0,0 @@
-// +build ignore
-
-// Copyright (c) 2015-2021 MinIO, Inc.
-//
-// This file is part of MinIO Object Storage stack
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package main
-
-import (
-	"context"
-	"log"
-
-	"github.com/minio/minio/pkg/madmin"
-)
-
-func main() {
-	// Note: YOUR-ACCESSKEYID, YOUR-SECRETACCESSKEY and my-bucketname are
-	// dummy values, please replace them with original values.
-
-	// API requests are secure (HTTPS) if secure=true and insecure (HTTPS) otherwise.
-	// New returns an MinIO Admin client object.
-	madmClnt, err := madmin.New("your-minio.example.com:9000", "YOUR-ACCESSKEYID", "YOUR-SECRETACCESSKEY", true)
-	if err != nil {
-		log.Fatalln(err)
-	}
-
-	accountInfo, err := madmClnt.AccountInfo(context.Background())
-	if err != nil {
-		log.Fatalln(err)
-	}
-
-	log.Println(accountInfo)
-}

pkg/madmin/examples/add-user-and-policy.go

@@ -1,69 +0,0 @@
-// +build ignore
-
-// Copyright (c) 2015-2021 MinIO, Inc.
-//
-// This file is part of MinIO Object Storage stack
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package main
-
-import (
-	"context"
-	"log"
-
-	"github.com/minio/minio/pkg/bucket/policy"
-	"github.com/minio/minio/pkg/bucket/policy/condition"
-	iampolicy "github.com/minio/minio/pkg/iam/policy"
-	"github.com/minio/minio/pkg/madmin"
-)
-
-func main() {
-	// Note: YOUR-ACCESSKEYID, YOUR-SECRETACCESSKEY are
-	// dummy values, please replace them with original values.
-
-	// Note: YOUR-ACCESSKEYID, YOUR-SECRETACCESSKEY are
-	// dummy values, please replace them with original values.
-
-	// API requests are secure (HTTPS) if secure=true and insecure (HTTP) otherwise.
-	// New returns an MinIO Admin client object.
-	madmClnt, err := madmin.New("your-minio.example.com:9000", "YOUR-ACCESSKEYID", "YOUR-SECRETACCESSKEY", true)
-	if err != nil {
-		log.Fatalln(err)
-	}
-
-	if err = madmClnt.AddUser(context.Background(), "newuser", "newstrongpassword"); err != nil {
-		log.Fatalln(err)
-	}
-
-	// Create policy
-	p := iampolicy.Policy{
-		Version: iampolicy.DefaultVersion,
-		Statements: []iampolicy.Statement{
-			iampolicy.NewStatement(
-				policy.Allow,
-				iampolicy.NewActionSet(iampolicy.GetObjectAction),
-				iampolicy.NewResourceSet(iampolicy.NewResource("testbucket/*", "")),
-				condition.NewFunctions(),
-			)},
-	}
-
-	if err = madmClnt.AddCannedPolicy(context.Background(), "get-only", &p); err != nil {
-		log.Fatalln(err)
-	}
-
-	if err = madmClnt.SetUserPolicy(context.Background(), "newuser", "get-only"); err != nil {
-		log.Fatalln(err)
-	}
-}

pkg/madmin/examples/bucket-bandwidth.go

@@ -1,50 +0,0 @@
-// Copyright (c) 2015-2021 MinIO, Inc.
-//
-// This file is part of MinIO Object Storage stack
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package main
-
-import (
-	"context"
-	"fmt"
-	"log"
-
-	"github.com/minio/minio/pkg/madmin"
-)
-
-func main() {
-	// Note: YOUR-ACCESSKEYID, YOUR-SECRETACCESSKEY and my-bucketname are
-	// dummy values, please replace them with original values.
-
-	// API requests are secure (HTTPS) if secure=true and insecure (HTTP) otherwise.
-	// New returns an MinIO Admin client object.
-	madminClient, err := madmin.New("your-minio.example.com:9000", "YOUR-ACCESSKEYID", "YOUR-SECRETACCESSKEY", true)
-	if err != nil {
-		log.Fatalln(err)
-	}
-	ctx := context.Background()
-	reportCh := madminClient.GetBucketBandwidth(ctx)
-
-	for i := 0; i < 10; i++ {
-		report := <-reportCh
-		fmt.Printf("Report: %+v\n", report)
-	}
-	reportCh = madminClient.GetBucketBandwidth(ctx, "sourceBucket", "sourceBucket2")
-	for i := 0; i < 10; i++ {
-		report := <-reportCh
-		fmt.Printf("Report: %+v\n", report)
-	}
-}

pkg/madmin/examples/bucket-quota.go

@@ -1,56 +0,0 @@
-// +build ignore
-
-// Copyright (c) 2015-2021 MinIO, Inc.
-//
-// This file is part of MinIO Object Storage stack
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package main
-
-import (
-	"context"
-	"fmt"
-	"log"
-
-	"github.com/minio/minio/pkg/madmin"
-)
-
-func main() {
-	// Note: YOUR-ACCESSKEYID, YOUR-SECRETACCESSKEY and my-bucketname are
-	// dummy values, please replace them with original values.
-
-	// API requests are secure (HTTPS) if secure=true and insecure (HTTP) otherwise.
-	// New returns an MinIO Admin client object.
-	madmClnt, err := madmin.New("your-minio.example.com:9000", "YOUR-ACCESSKEYID", "YOUR-SECRETACCESSKEY", true)
-	if err != nil {
-		log.Fatalln(err)
-	}
-	var kiB int64 = 1 << 10
-	ctx := context.Background()
-	// set bucket quota config
-	if err := madmClnt.SetBucketQuota(ctx, "bucket-name", 64*kiB, HardQuota); err != nil {
-		log.Fatalln(err)
-	}
-	// gets bucket quota config
-	quotaCfg, err := madmClnt.GetBucketQuota(ctx, "bucket-name")
-	if err != nil {
-		log.Fatalln(err)
-	}
-	fmt.Println(quotaCfg)
-	// remove bucket quota config
-	if err := madmClnt.RemoveBucketQuota(ctx, "bucket-name"); err != nil {
-		log.Fatalln(err)
-	}
-}

pkg/madmin/examples/bucket-target.go

@@ -1,80 +0,0 @@
-// +build ignore
-
-// Copyright (c) 2015-2021 MinIO, Inc.
-//
-// This file is part of MinIO Object Storage stack
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package main
-
-import (
-	"context"
-	"fmt"
-	"log"
-
-	"github.com/minio/minio/pkg/auth"
-	"github.com/minio/minio/pkg/madmin"
-)
-
-func main() {
-	// Note: YOUR-ACCESSKEYID, YOUR-SECRETACCESSKEY and my-bucketname are
-	// dummy values, please replace them with original values.
-
-	// API requests are secure (HTTPS) if secure=true and insecure (HTTP) otherwise.
-	// New returns an MinIO Admin client object.
-	madmClnt, err := madmin.New("your-minio.example.com:9000", "YOUR-ACCESSKEYID", "YOUR-SECRETACCESSKEY", true)
-	if err != nil {
-		log.Fatalln(err)
-	}
-	ctx := context.Background()
-	creds, err := auth.CreateCredentials("access-key", "secret-key")
-	if err != nil {
-		log.Fatalln(err)
-	}
-	target := madmin.BucketTarget{Endpoint: "site2:9000", Credentials: creds, TargetBucket: "destbucket", IsSSL: false, Type: madmin.ReplicationArn, BandwidthLimit: 2 * 1024 * 1024}
-	// Set bucket target
-	arn, err := madmClnt.SetBucketTarget(ctx, "srcbucket", &target)
-	if err != nil {
-		log.Fatalln(err)
-	}
-	fmt.Println("replication target ARN is:", arn)
-	// List all bucket target(s)
-	target, err = madmClnt.ListBucketTargets(ctx, "srcbucket", "")
-	if err != nil {
-		log.Fatalln(err)
-	}
-	// Get bucket target for arn type "replica"
-	target, err = madmClnt.ListBucketTargets(ctx, "srcbucket", "replica")
-	if err != nil {
-		log.Fatalln(err)
-	}
-	// update credentials for target
-	creds, err := auth.CreateCredentials("access-key2", "secret-key2")
-	if err != nil {
-		log.Fatalln(err)
-	}
-	target := madmin.BucketTarget{Endpoint: "site2:9000", Credentials: creds, SourceBucket: "srcbucket", TargetBucket: "destbucket", IsSSL: false, Arn: "arn:minio:ilm:us-east-1:3cbe15b8-82b9-44bc-a737-db9051ab359a:srcbucket"}
-	// update credentials on bucket target
-	if _, err := madmClnt.UpdateBucketTarget(ctx, &target); err != nil {
-		log.Fatalln(err)
-	}
-
-	// Remove bucket target
-	arn := "arn:minio:replica::ac66b2cf-dd8f-4e7e-a882-9a64132f0d59:dest"
-	if err := madmClnt.RemoveBucketTarget(ctx, "srcbucket", arn); err != nil {
-		log.Fatalln(err)
-	}
-
-}

pkg/madmin/examples/data-usage-info.go

@@ -1,45 +0,0 @@
-// +build ignore
-
-// Copyright (c) 2015-2021 MinIO, Inc.
-//
-// This file is part of MinIO Object Storage stack
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package main
-
-import (
-	"context"
-	"log"
-
-	"github.com/minio/minio/pkg/madmin"
-)
-
-func main() {
-	// Note: YOUR-ACCESSKEYID, YOUR-SECRETACCESSKEY and my-bucketname are
-	// dummy values, please replace them with original values.
-
-	// API requests are secure (HTTPS) if secure=true and insecure (HTTPS) otherwise.
-	// New returns an MinIO Admin client object.
-	madmClnt, err := madmin.New("your-minio.example.com:9000", "YOUR-ACCESSKEYID", "YOUR-SECRETACCESSKEY", true)
-	if err != nil {
-		log.Fatalln(err)
-	}
-
-	dataUsageInfo, err := madmClnt.DataUsageInfo(context.Background())
-	if err != nil {
-		log.Fatalln(err)
-	}
-	log.Println(dataUsageInfo)
-}

pkg/madmin/examples/heal-bucket.go

@@ -1,56 +0,0 @@
-// +build ignore
-
-// Copyright (c) 2015-2021 MinIO, Inc.
-//
-// This file is part of MinIO Object Storage stack
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package main
-
-import (
-	"context"
-	"log"
-
-	"github.com/minio/minio/pkg/madmin"
-)
-
-func main() {
-	// Note: YOUR-ACCESSKEYID, YOUR-SECRETACCESSKEY are
-	// dummy values, please replace them with original values.
-
-	// API requests are secure (HTTPS) if secure=true and insecure (HTTP) otherwise.
-	// New returns an MinIO Admin client object.
-	madmClnt, err := madmin.New("your-minio.example.com:9000", "YOUR-ACCESSKEYID", "YOUR-SECRETACCESSKEY", true)
-	if err != nil {
-		log.Fatalln(err)
-	}
-
-	// Heal bucket mybucket - dry run
-	isDryRun := true
-	err = madmClnt.HealBucket(context.Background(), "mybucket", isDryRun)
-	if err != nil {
-		log.Fatalln(err)
-
-	}
-
-	// Heal bucket mybucket - for real this time.
-	isDryRun := false
-	err = madmClnt.HealBucket(context.Background(), "mybucket", isDryRun)
-	if err != nil {
-		log.Fatalln(err)
-	}
-
-	log.Println("successfully healed mybucket")
-}

pkg/madmin/examples/heal-format.go

@@ -1,58 +0,0 @@
-// +build ignore
-
-// Copyright (c) 2015-2021 MinIO, Inc.
-//
-// This file is part of MinIO Object Storage stack
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package main
-
-import (
-	"context"
-	"log"
-
-	"github.com/minio/minio/pkg/madmin"
-)
-
-func main() {
-	// Note: YOUR-ACCESSKEYID, YOUR-SECRETACCESSKEY are
-	// dummy values, please replace them with original values.
-
-	// Note: YOUR-ACCESSKEYID, YOUR-SECRETACCESSKEY are
-	// dummy values, please replace them with original values.
-
-	// API requests are secure (HTTPS) if secure=true and insecure (HTTP) otherwise.
-	// New returns an MinIO Admin client object.
-	madmClnt, err := madmin.New("your-minio.example.com:9000", "YOUR-ACCESSKEYID", "YOUR-SECRETACCESSKEY", true)
-	if err != nil {
-		log.Fatalln(err)
-	}
-
-	// Attempt healing format in dry-run mode.
-	isDryRun := true
-	err = madmClnt.HealFormat(context.Background(), isDryRun)
-	if err != nil {
-		log.Fatalln(err)
-	}
-
-	// Perform actual healing of format.
-	isDryRun = false
-	err = madmClnt.HealFormat(context.Background(), isDryRun)
-	if err != nil {
-		log.Fatalln(err)
-	}
-
-	log.Println("successfully healed storage format on available disks.")
-}

pkg/madmin/examples/heal-object.go

@@ -1,58 +0,0 @@
-// +build ignore
-
-// Copyright (c) 2015-2021 MinIO, Inc.
-//
-// This file is part of MinIO Object Storage stack
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package main
-
-import (
-	"context"
-	"log"
-
-	"github.com/minio/minio/pkg/madmin"
-)
-
-func main() {
-	// Note: YOUR-ACCESSKEYID, YOUR-SECRETACCESSKEY are
-	// dummy values, please replace them with original values.
-
-	// Note: YOUR-ACCESSKEYID, YOUR-SECRETACCESSKEY are
-	// dummy values, please replace them with original values.
-
-	// API requests are secure (HTTPS) if secure=true and insecure (HTTP) otherwise.
-	// New returns an MinIO Admin client object.
-	madmClnt, err := madmin.New("your-minio.example.com:9000", "YOUR-ACCESSKEYID", "YOUR-SECRETACCESSKEY", true)
-	if err != nil {
-		log.Fatalln(err)
-	}
-
-	// Heal object mybucket/myobject - dry run.
-	isDryRun := true
-	_, err = madmClnt.HealObject(context.Background(), "mybucket", "myobject", isDryRun)
-	if err != nil {
-		log.Fatalln(err)
-	}
-
-	// Heal object mybucket/myobject - this time for real.
-	isDryRun = false
-	healResult, err := madmClnt.HealObject(context.Background(), "mybucket", "myobject", isDryRun)
-	if err != nil {
-		log.Fatalln(err)
-	}
-
-	log.Printf("heal result: %#v\n", healResult)
-}

pkg/madmin/examples/heal-status.go

@@ -1,48 +0,0 @@
-// +build ignore
-
-// Copyright (c) 2015-2021 MinIO, Inc.
-//
-// This file is part of MinIO Object Storage stack
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package main
-
-import (
-	"context"
-	"encoding/json"
-	"log"
-
-	"github.com/minio/minio/pkg/madmin"
-)
-
-func main() {
-	// Note: YOUR-ACCESSKEYID, YOUR-SECRETACCESSKEY are
-	// dummy values, please replace them with original values.
-
-	// API requests are secure (HTTPS) if secure=true and insecure (HTTP) otherwise.
-	// New returns an MinIO Admin client object.
-	madmClnt, err := madmin.New("your-minio.example.com:9000", "YOUR-ACCESSKEYID", "YOUR-SECRETACCESSKEY", true)
-	if err != nil {
-		log.Fatalln(err)
-	}
-
-	healStatusResult, err := madmClnt.BackgroundHealStatus(context.Background())
-	if err != nil {
-		log.Fatalln(err)
-	}
-	js, _ := json.MarshalIndent(healStatusResult, "", "  ")
-
-	log.Printf("Heal status result: %s\n", string(js))
-}

pkg/madmin/examples/kms-status.go

@@ -1,61 +0,0 @@
-// +build ignore
-
-// Copyright (c) 2015-2021 MinIO, Inc.
-//
-// This file is part of MinIO Object Storage stack
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package main
-
-import (
-	"context"
-	"log"
-
-	"github.com/minio/minio/pkg/madmin"
-)
-
-func main() {
-	// Note: YOUR-ACCESSKEYID, YOUR-SECRETACCESSKEY and my-bucketname are
-	// dummy values, please replace them with original values.
-
-	// API requests are secure (HTTPS) if secure=true and insecure (HTTP) otherwise.
-	// New returns an MinIO Admin client object.
-	madmClnt, err := madmin.New("your-minio.example.com:9000", "YOUR-ACCESSKEYID", "YOUR-SECRETACCESSKEY", true)
-	if err != nil {
-		log.Fatalln(err)
-	}
-
-	status, err := madmClnt.GetKeyStatus(context.Background(), "") // empty string refers to the default master key
-	if err != nil {
-		log.Fatalln(err)
-	}
-
-	log.Printf("Key: %s\n", status.KeyID)
-	if status.EncryptionErr == "" {
-		log.Println("\t • Encryption ✔")
-	} else {
-		log.Printf("\t • Encryption failed: %s\n", status.EncryptionErr)
-	}
-	if status.UpdateErr == "" {
-		log.Println("\t • Re-wrap ✔")
-	} else {
-		log.Printf("\t • Re-wrap failed: %s\n", status.UpdateErr)
-	}
-	if status.DecryptionErr == "" {
-		log.Println("\t • Decryption ✔")
-	} else {
-		log.Printf("\t •  Decryption failed: %s\n", status.DecryptionErr)
-	}
-}