mirror of https://github.com/minio/minio.git
add missing STS accounts loading (#20279)
PR #20268 missed loading STS accounts map properly
This commit is contained in:
parent
a5702f978e
commit
72cff79c8a
|
@ -802,7 +802,11 @@ func (iamOS *IAMObjectStore) loadAllFromObjStore(ctx context.Context, cache *iam
|
|||
// Store the newly populated map in the iam cache. This takes care of
|
||||
// removing stale entries from the existing map.
|
||||
cache.iamSTSAccountsMap = stsAccountsFromStore
|
||||
cache.iamSTSPolicyMap = stsAccPoliciesFromStore
|
||||
|
||||
stsAccPoliciesFromStore.Range(func(k string, v MappedPolicy) bool {
|
||||
cache.iamSTSPolicyMap.Store(k, v)
|
||||
return true
|
||||
})
|
||||
|
||||
return nil
|
||||
}
|
||||
|
|
|
@ -2865,6 +2865,10 @@ func (store *IAMStoreSys) LoadUser(ctx context.Context, accessKey string) error
|
|||
cache.iamUsersMap[k] = v
|
||||
}
|
||||
|
||||
for k, v := range newCache.iamSTSAccountsMap {
|
||||
cache.iamSTSAccountsMap[k] = v
|
||||
}
|
||||
|
||||
newCache.iamSTSPolicyMap.Range(func(k string, v MappedPolicy) bool {
|
||||
cache.iamSTSPolicyMap.Store(k, v)
|
||||
return true
|
||||
|
|
|
@ -179,7 +179,7 @@ func (sys *IAMSys) initStore(objAPI ObjectLayer, etcdClient *etcd.Client) {
|
|||
|
||||
if etcdClient == nil {
|
||||
var group *singleflight.Group
|
||||
if env.Get("_MINIO_IAM_SINGLE_FLIGHT", config.EnableOff) == config.EnableOn {
|
||||
if env.Get("_MINIO_IAM_SINGLE_FLIGHT", config.EnableOn) == config.EnableOn {
|
||||
group = &singleflight.Group{}
|
||||
}
|
||||
sys.store = &IAMStoreSys{
|
||||
|
|
|
@ -30,6 +30,7 @@ import (
|
|||
"os"
|
||||
"time"
|
||||
|
||||
"github.com/minio/madmin-go/v3"
|
||||
"github.com/minio/minio-go/v7"
|
||||
cr "github.com/minio/minio-go/v7/pkg/credentials"
|
||||
)
|
||||
|
@ -112,6 +113,11 @@ func main() {
|
|||
Secure: stsEndpointURL.Scheme == "https",
|
||||
}
|
||||
|
||||
mopts := &madmin.Options{
|
||||
Creds: li,
|
||||
Secure: stsEndpointURL.Scheme == "https",
|
||||
}
|
||||
|
||||
v, err := li.Get()
|
||||
if err != nil {
|
||||
log.Fatalf("Error retrieving STS credentials: %v", err)
|
||||
|
@ -125,6 +131,18 @@ func main() {
|
|||
return
|
||||
}
|
||||
|
||||
// API requests are secure (HTTPS) if secure=true and insecure (HTTP) otherwise.
|
||||
// New returns an MinIO Admin client object.
|
||||
madmClnt, err := madmin.NewWithOptions(stsEndpointURL.Host, mopts)
|
||||
if err != nil {
|
||||
log.Fatalln(err)
|
||||
}
|
||||
|
||||
err = madmClnt.ServiceRestart(context.Background())
|
||||
if err != nil {
|
||||
log.Fatalln(err)
|
||||
}
|
||||
|
||||
// Use generated credentials to authenticate with MinIO server
|
||||
minioClient, err := minio.New(stsEndpointURL.Host, opts)
|
||||
if err != nil {
|
||||
|
|
Loading…
Reference in New Issue