Commit Graph

76 Commits

Author SHA1 Message Date
Andreas Auernhammer 09626d78ff
automatically generate root credentials with KMS (#19025)
With this commit, MinIO generates root credentials automatically
and deterministically if:

 - No root credentials have been set.
 - A KMS (KES) is configured.
 - API access for the root credentials is disabled (lockdown mode).

Before, MinIO defaults to `minioadmin` for both the access and
secret keys. Now, MinIO generates unique root credentials
automatically on startup using the KMS.

Therefore, it uses the KMS HMAC function to generate pseudo-random
values. These values never change as long as the KMS key remains
the same, and the KMS key must continue to exist since all IAM data
is encrypted with it.

Backward compatibility:

This commit should not cause existing deployments to break. It only
changes the root credentials of deployments that have a KMS configured
(KES, not a static key) but have not set any admin credentials. Such
implementations should be rare or not exist at all.

Even if the worst case would be updating root credentials in mc
or other clients used to administer the cluster. Root credentials
are anyway not intended for regular S3 operations.

Signed-off-by: Andreas Auernhammer <github@aead.dev>
2024-03-01 13:09:42 -08:00
Harshavardhana 6fd0b434e2
upgrade all deps (#19041) 2024-02-14 09:51:34 -08:00
Harshavardhana 099e88516d
update all dependencies and console v0.45.0 (#18773) 2024-01-10 23:46:16 -08:00
Harshavardhana bdf4e386cf
update go dependencies (#18662) 2023-12-15 21:35:07 -08:00
Harshavardhana e9babf3dac
(chore): update all our deps (#18525) 2023-11-28 14:44:44 -08:00
Harshavardhana 891c60d83d fix: go mod was point to personal repos with replace remove it 2023-11-21 15:50:39 -08:00
Harshavardhana a79c390cca
update console v0.41.0 (#18385)
Signed-off-by: Harshavardhana <harsha@minio.io>
2023-11-02 18:47:09 -07:00
Shireesh Anjal f6e581ce54
Capture network device info in health report (#18381) 2023-11-02 09:49:49 -07:00
Harshavardhana 0594d37230
update go mod and CREDITS (#18289) 2023-10-25 08:32:59 -07:00
Shireesh Anjal bf1c6edb76
Revert "Capture network device info in health report" (#18241)
Introducing a new version of healthinfo struct for adding this info is
not correct. It needs to be implemented differently without adding a new
version.

This reverts commit 8737025d940f80360ed4b3686b332db5156f6659.
2023-10-13 07:46:36 -07:00
Shireesh Anjal a66a7f3e97
Capture network device info in health report (#18213) 2023-10-12 15:33:31 -07:00
Harshavardhana 5afb459113
upgrade all dependencies (#18085) 2023-09-22 14:45:19 -07:00
Harshavardhana 65939913b4
update all dependencies (#18012) 2023-09-12 13:16:46 -07:00
Harshavardhana 5aa7c38035
update pkg to v2.0.1 to extend admin actions (#18008) 2023-09-12 01:11:52 -07:00
Harshavardhana adb8be069e
tune-kafka targets to ensure timeout triggers on hung brokers (#17898)
hung brokers can cause slowness to the entire system
when many callers are hung, leading to large goroutine
build-up.
2023-08-22 20:26:35 -07:00
Harshavardhana 6c59b33fb1
add community contribution credits and update PR template (#17840) 2023-08-10 22:08:38 -07:00
Harshavardhana 48a3e9bc82
update NTP package to fix ipv6 bug (#17752) 2023-07-29 17:43:50 -07:00
Harshavardhana c2edbfae55
update all deps and add credits (#17740) 2023-07-27 12:43:25 -07:00
Harshavardhana 76510dac8a
upgrade all deps to their latest releases (#17671) 2023-07-17 21:12:48 -07:00
Harshavardhana e37c4efc6e
fix: upon DNS refresh() failure use previous values (#17561)
DNS refresh() in-case of MinIO can safely re-use
the previous values on bare-metal setups, since
bare-metal arrangements do not change DNS in any 
manner commonly.

This PR simplifies that, we only ever need DNS caching
on bare-metal setups.

- On containerized setups do not enable DNS
  caching at all, as it may have adverse effects on
  the overall effectiveness of k8s DNS systems.

  k8s DNS systems are dynamic and expect applications
  to avoid managing DNS caching themselves, instead
  provide a cleaner container native caching
  implementations that must be used.

- update IsDocker() detection, including podman runtime

- move to minio/dnscache fork for a simpler package
2023-07-03 12:30:51 -07:00
Harshavardhana 2a82c15bf1
update all our deps (#17497) 2023-06-26 15:36:56 -07:00
Harshavardhana d1448adbda
use slices package and remove some helpers (#17342) 2023-06-06 10:12:52 -07:00
Harshavardhana fb328b1a64
upgrade all dependencies (#17276) 2023-05-26 16:31:28 -07:00
Harshavardhana dd9ed85e22
implement support for FTP/SFTP server (#16952) 2023-04-15 07:34:02 -07:00
Harshavardhana f3682b6149
allow writes to pools with inconsistent xl.meta (#17008) 2023-04-11 11:17:46 -07:00
Harshavardhana 3fdd574f54
update go dependencies (#16798) 2023-03-15 11:59:17 -07:00
Harshavardhana 4636d3a9c3
upgrade all dependencies (#16753) 2023-03-03 18:22:40 -08:00
Harshavardhana 82dcfd4e10
update dependencies to latest releases (#16651) 2023-02-20 16:05:20 +05:30
Harshavardhana 14cf8f1b22
upgrade deps for minio/pkg v1.6.1 to include groups conditions (#16538) 2023-02-06 09:27:29 -08:00
Harshavardhana 3683673fb0
add missing gorilla/mux migration, update credits (#16461) 2023-01-23 08:46:37 -08:00
Harshavardhana 31b0decd46
migrate to minio/mux from gorilla/mux (#16456) 2023-01-23 16:42:47 +05:30
Harshavardhana be92cf5959
change dependency from amqp -> amqp091 (RabbitMQ) official (#16142) 2022-11-28 16:05:06 -08:00
Harshavardhana 23b329b9df
remove gateway completely (#15929) 2022-10-24 17:44:15 -07:00
Harshavardhana 07b6dce1a5
remove nancy, we rely on vulncheck from now on (#15893) 2022-10-18 10:45:44 -07:00
Harshavardhana 2c68a19dfd
upgrade all deps and update CREDITS (#15650) 2022-09-16 01:59:45 -07:00
Minio Trusted 1ffd063939 update CREDITS for latest deps 2022-08-04 23:30:31 -07:00
Harshavardhana c6ecaf68ed update CREDITS with latest dependencies 2022-07-21 00:49:38 -07:00
Harshavardhana 85f3a9f3b0 Remove Azure gateway implementation (#14418)
refer #14331
2022-04-29 12:51:23 -07:00
Harshavardhana 54a4f93854 update CREDITS 2022-03-30 14:09:39 -07:00
Harshavardhana acdd03f609 update CREDITs file for new dependencies 2022-02-24 12:58:53 -08:00
Harshavardhana 860a1237ab update CREDITS file with latest deps 2022-02-10 12:45:10 -08:00
Harshavardhana f0fc77fded update CREDITS file with new deps 2021-12-03 13:24:49 -08:00
Harshavardhana b1754fc5ff update go.mod and CREDITS 2021-11-06 11:39:17 -07:00
Harshavardhana 19bbf3e142 update CREDITS 2021-11-05 13:53:21 -07:00
Harshavardhana 9694fa8d3a update console to v0.11.0 release 2021-10-22 20:28:24 -07:00
Harshavardhana c25b482301 update console to v0.10.1 2021-09-22 19:42:31 -07:00
Harshavardhana 9c5fd6a776 update CREDITS file with latest 2021-09-07 19:17:18 -07:00
Harshavardhana 9a47d3f860 update CREDITS with latest deps 2021-07-07 18:15:01 -07:00
Harshavardhana f13f3344df update CREDITS file with latest deps 2021-06-23 09:41:46 -07:00
Anis Elleuch e63908c391
Update bloom module (#12383)
To fix dependency import issues when importing madmin-go v0.7.1
2021-05-27 08:02:39 -07:00