1
0
mirror of https://github.com/minio/minio.git synced 2025-01-18 10:13:16 -05:00

224 Commits

Author SHA1 Message Date
Praveen raj Mani
ecfb18b26a
Freeze the s3 APIs until the notification sub-system initializes completely () 2023-05-19 08:44:48 -07:00
Shireesh Anjal
a3d666356c
fix: error in capturing XFS error config in health report () 2023-05-10 15:20:48 -07:00
Alex
6e24dff26a
Added MINIO_BROWSER_LOGIN_ANIMATION env support for WebUI console ()
Signed-off-by: Benjamin Perez <benjamin@bexsoft.net>
2023-05-03 15:32:50 -07:00
Harshavardhana
02d8f3cdc8
fix: remove active healing on .minio.sys/ during startup () 2023-04-29 02:05:28 -07:00
Harshavardhana
dbd53af369
fix: initialize reverse proxy forwarder with right public certs () 2023-04-25 15:50:32 -07:00
Anis Eleuch
8b4d0255b7
Set Console global Root CAs early to trust provided certs () 2023-03-25 09:58:38 -07:00
Harshavardhana
901887e6bf
feat: add lambda transformation functions target () 2023-03-07 08:12:41 -08:00
ferhat elmas
714283fae2
cleanup ignored static analysis () 2023-03-06 08:56:10 -08:00
Aditya Manthramurthy
9ed4fc9687
Remove globalOpenIDConfig () 2023-02-25 21:01:37 -08:00
Aditya Manthramurthy
e05f3d5d84
Remove globalLDAPConfig () 2023-02-25 08:07:22 +05:30
jiuker
83fe1a2732
log: add more info about BROWSER_URL () 2023-02-22 19:54:05 +05:30
Allan Roger Reid
8bfe972bab
Set meaningful message from minio with env variable KMS_SECRET_KEY () 2023-02-22 07:13:01 +05:30
Andreas Auernhammer
74887c7372
kms: add support for KES API keys and switch to KES Go SDK ()
Signed-off-by: Andreas Auernhammer <hi@aead.dev>
2023-02-14 07:19:20 -08:00
Harshavardhana
e0086c1be7
reduce startup delays on kubernetes () 2023-01-05 02:32:43 -08:00
Anis Elleuch
e57e946206
Do not save credentials in config.json () 2022-12-19 12:27:06 -08:00
Aditya Manthramurthy
2d60bf8c50
Refactor HTTP transports () 2022-12-12 20:31:21 -08:00
Javier Adriel
04ae9058ed
Populate end_session_endpoint () 2022-12-06 16:56:37 -08:00
Aditya Manthramurthy
a30cfdd88f
Bump up madmin-go to v2 () 2022-12-06 13:46:50 -08:00
Andreas Auernhammer
d882ba2cb4
kms: add support for KES enclaves ()
Signed-off-by: Andreas Auernhammer <hi@aead.dev>
2022-12-04 02:34:24 -08:00
Harshavardhana
ec77d28e62
make subnet subsys dynamic and simplify callhome () 2022-10-27 00:20:01 -07:00
Harshavardhana
23b329b9df
remove gateway completely () 2022-10-24 17:44:15 -07:00
Anis Elleuch
58d776daa0
Set CONSOLE_MINIO_SERVER to 127.0.0.1 by default () 2022-10-21 14:42:28 -07:00
Aditya Manthramurthy
85fc7cea97
Pass role ARN for OIDC providers to console () 2022-10-15 12:57:03 -07:00
Aditya Manthramurthy
64cf887b28
use LDAP config from minio/pkg to share with console () 2022-10-07 22:12:36 -07:00
Klaus Post
ff12080ff5
Remove deprecated io/ioutil () 2022-09-19 11:05:16 -07:00
Aditya Manthramurthy
3d94c38ec4
Add env variables to configuration APIs output ()
Config export and config get APIs now include environment 
variables set on the server
2022-08-04 22:21:52 -07:00
Andreas Auernhammer
d774a3309b
kes: automatically reload KES client certificate ()
This commit adds support for automatically reloading
the MinIO client certificate for authentication to KES.

The client certificate will now be reloaded:
 - when the private key / certificate file changes
 - when a SIGHUP signal is received
 - every 15 minutes

Fixes 

Signed-off-by: Andreas Auernhammer <hi@aead.dev>
2022-08-02 16:58:09 -07:00
Harshavardhana
043aaa792d
fix: intrument os.OpenFile differently for Reads and Writes ()
allows us to trace latency for READs or WRITEs
2022-08-01 13:22:43 -07:00
Aditya Manthramurthy
7ac53c07af
fix: passing application configuration to console ()
This is an update to MinIO server after swagger codegen related build
fixes added after issues introduced in 39fd7b0b3bd5e8a3ae251828d48a999ed6bd1982
2022-07-28 18:30:24 -07:00
Aditya Manthramurthy
39fd7b0b3b
Pass multiple IDP config to console ()
This change passes multiple IDP config via a struct 
rather than env variables.
2022-07-22 15:28:02 -07:00
Andreas Auernhammer
242d06274a
kms: add context.Context to KMS API calls ()
This commit adds a `context.Context` to the
the KMS `{Stat, CreateKey, GenerateKey}` API
calls.

The context will be used to terminate external calls
as soon as the client requests gets canceled.

A follow-up PR will add a `context.Context` to
the remaining `DecryptKey` API call.

Signed-off-by: Andreas Auernhammer <hi@aead.dev>
2022-07-18 18:54:27 -07:00
Harshavardhana
913e977c8d
remove auto-port warning for console-address () 2022-07-08 13:36:41 -07:00
Harshavardhana
6722f58668
save MinIO version with each version (8-bytes extra) ()
store MinIO version along with each version in 'xl.meta'
for future purposes, can be used as ways to add specific
code for bug fixes if any.
2022-06-27 03:59:41 -07:00
sota
e2e5bd6f19
fix: cant parse comment without '=' in environment file () 2022-06-21 10:37:15 -07:00
Anis Elleuch
0d00f3a55b
kms: initialize after cli parsing ()
KMS depends on the --certs-dir flag. 

Ensure KMS is initialized after loading the flag.
2022-06-13 13:06:13 -07:00
Harshavardhana
af1944f28d
support reading systemctl config automatically on baremetal setups ()
this allows for customers to use `mc admin service restart`
directly even when performing RPM, DEB upgrades. Upon such 'restart'
after upgrade MinIO will re-read the /etc/default/minio for any
newer environment variables.

As long as `MINIO_CONFIG_ENV_FILE=/etc/default/minio` is set, this
is honored.
2022-06-10 09:59:15 -07:00
Shireesh Anjal
4ce81fd07f
Add periodic callhome functionality ()
* Add periodic callhome functionality

Periodically (every 24hrs by default), fetch callhome information and
upload it to SUBNET.

New config keys under the `callhome` subsystem:

enable - Set to `on` for enabling callhome. Default `off`
frequency - Interval between callhome cycles. Default `24h`

* Improvements based on review comments

- Update `enableCallhome` safely
- Rename pctx to ctx
- Block during execution of callhome
- Store parsed proxy URL in global subnet config
- Store callhome URL(s) in constants
- Use existing global transport
- Pass auth token to subnetPostReq
- Use `config.EnableOn` instead of `"on"`

* Use atomic package instead of lock

* Use uber atomic package

* Use `Cancel` instead of `cancel`

Co-authored-by: Harshavardhana <harsha@minio.io>

Co-authored-by: Harshavardhana <harsha@minio.io>
Co-authored-by: Aditya Manthramurthy <donatello@users.noreply.github.com>
2022-06-06 16:14:52 -07:00
Harshavardhana
f939222942
add support for extra prometheus labels ()
fixes 
2022-05-11 13:04:53 -07:00
Aditya Manthramurthy
0e502899a8
Add support for multiple OpenID providers with role policies ()
- When using multiple providers, claim-based providers are not allowed. All
providers must use role policies.

- Update markdown config to allow `details` HTML element
2022-04-28 18:27:09 -07:00
Daniel Valdivia
b7dd61f6bc
Fix double slash subpath for console ()
Signed-off-by: Daniel Valdivia <18384552+dvaldivia@users.noreply.github.com>
2022-04-25 13:05:56 -07:00
Daniel Valdivia
c526fa9119
Support console UI access at a subpath on a subdomain ()
fixes  

Signed-off-by: Daniel Valdivia <18384552+dvaldivia@users.noreply.github.com>
2022-04-17 16:01:49 -07:00
Lenin Alevski
a3e317773a
Skip commented lines when parsing MinIO configuration file ()
Signed-off-by: Lenin Alevski <alevsk.8772@gmail.com>
2022-04-07 16:02:51 -07:00
Andreas Auernhammer
e955aa7f2a
kes: add support for encrypted private keys ()
This commit adds support for encrypted KES
client private keys.

Now, it is possible to encrypt the KES client
private key (`MINIO_KMS_KES_KEY_FILE`) with
a password.

For example, KES CLI already supports the
creation of encrypted private keys:
```
kes identity new --encrypt --key client.key --cert client.crt MinIO
```

To decrypt an encrypted private key, the password
needs to be provided:
```
MINIO_KMS_KES_KEY_PASSWORD=<password>
```

Signed-off-by: Andreas Auernhammer <hi@aead.dev>
2022-03-29 09:53:33 -07:00
Harshavardhana
01ee49045e
fix: handle race in server setup global CI/CD variable () 2022-03-18 18:21:09 -07:00
Harshavardhana
92a77cc78e
update pkg v1.1.20 to reload certs in k8s always () 2022-03-04 20:34:39 -08:00
Harshavardhana
0e3bafcc54
improve logs, fix banner formatting () 2022-03-03 13:21:16 -08:00
Andreas Auernhammer
b48f719b8e
kes: remove unnecessary error conversion ()
This commit removes some duplicate code that
converts KES API errors.

This code was added since KES `0.18.0` changed
some exported API errors. However, the KES SDK
handles this error conversion itself.
Therefore, it is not necessary to duplicate this
behavior in MinIO.

See: 21555fa624/error.go (L94)

Signed-off-by: Andreas Auernhammer <hi@aead.dev>
2022-03-03 09:42:37 -08:00
Lenin Alevski
289fcbd08c
KES dependency upgrade ()
- Updating KES dependency to v.0.18.0
- Fixing incompatibility issue when checking for errors during KES key creation

Signed-off-by: Lenin Alevski <alevsk.8772@gmail.com>
2022-03-02 23:03:40 -08:00
Harshavardhana
2d78e20120
enable CI environment additionally for MINIO_CI_CD ()
all CI/CD environments set CI=true this is enough
for MinIO to be run inside CI environments, support
it.
2022-02-23 16:01:59 -08:00
Shireesh Anjal
3882da6ac5
Add subnet proxy config ()
Will store the HTTP(S) proxy URL to use for connecting to SUBNET.
2022-02-01 09:52:38 -08:00