Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package minio-client for openSUSE:Factory 
checked in at 2024-10-16 23:54:29
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/minio-client (Old)
 and      /work/SRC/openSUSE:Factory/.minio-client.new.19354 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "minio-client"

Wed Oct 16 23:54:29 2024 rev:98 rq:1208485 version:20241008T093726Z

Changes:
--------
--- /work/SRC/openSUSE:Factory/minio-client/minio-client.changes        
2024-10-03 17:45:02.735900750 +0200
+++ /work/SRC/openSUSE:Factory/.minio-client.new.19354/minio-client.changes     
2024-10-16 23:55:02.533725027 +0200
@@ -1,0 +2,8 @@
+Wed Oct 16 15:36:06 UTC 2024 - opensuse_buildserv...@ojkastl.de
+
+- Update to version 20241008T093726Z:
+  * Do not fail mc-admin-policy-attach if policy already
+    attached/detached (#5058)
+  * Add `mc admin accesskey` commands (#5038)
+
+-------------------------------------------------------------------

Old:
----
  minio-client-20241002T082728Z.obscpio

New:
----
  minio-client-20241008T093726Z.obscpio

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ minio-client.spec ++++++
--- /var/tmp/diff_new_pack.kg4zvb/_old  2024-10-16 23:55:05.109832463 +0200
+++ /var/tmp/diff_new_pack.kg4zvb/_new  2024-10-16 23:55:05.113832630 +0200
@@ -19,7 +19,7 @@
 %define __arch_install_post export NO_BRP_STRIP_DEBUG=true
 
 Name:           minio-client
-Version:        20241002T082728Z
+Version:        20241008T093726Z
 Release:        0
 Summary:        Client for MinIO
 License:        AGPL-3.0-only

++++++ _service ++++++
--- /var/tmp/diff_new_pack.kg4zvb/_old  2024-10-16 23:55:05.149834132 +0200
+++ /var/tmp/diff_new_pack.kg4zvb/_new  2024-10-16 23:55:05.149834132 +0200
@@ -5,7 +5,7 @@
     <param name="exclude">.git</param>
     <param name="changesgenerate">enable</param>
     <param name="versionformat">@PARENT_TAG@</param>
-    <param name="revision">RELEASE.2024-10-02T08-27-28Z</param>
+    <param name="revision">RELEASE.2024-10-08T09-37-26Z</param>
     <param name="match-tag">RELEASE.*</param>
     <param 
name="versionrewrite-pattern">RELEASE\.(.*)-(.*)-(.*)-(.*)-(.*)</param>
     <param name="versionrewrite-replacement">\1\2\3\4\5</param>

++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.kg4zvb/_old  2024-10-16 23:55:05.169834966 +0200
+++ /var/tmp/diff_new_pack.kg4zvb/_new  2024-10-16 23:55:05.173835133 +0200
@@ -1,6 +1,6 @@
 <servicedata>
 <service name="tar_scm">
                 <param name="url">https://github.com/minio/mc</param>
-              <param 
name="changesrevision">ce0b4341521de16ae2172d42054bbe054f9c9651</param></service></servicedata>
+              <param 
name="changesrevision">cf128de2cf42e763e7bd30c6df8b749fa94e0c10</param></service></servicedata>
 (No newline at EOF)
 

++++++ minio-client-20241002T082728Z.obscpio -> 
minio-client-20241008T093726Z.obscpio ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/minio-client-20241002T082728Z/cmd/admin-accesskey-create.go 
new/minio-client-20241008T093726Z/cmd/admin-accesskey-create.go
--- old/minio-client-20241002T082728Z/cmd/admin-accesskey-create.go     
1970-01-01 01:00:00.000000000 +0100
+++ new/minio-client-20241008T093726Z/cmd/admin-accesskey-create.go     
2024-10-08 11:37:26.000000000 +0200
@@ -0,0 +1,94 @@
+// Copyright (c) 2015-2024 MinIO, Inc.
+//
+// This file is part of MinIO Object Storage stack
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package cmd
+
+import (
+       "github.com/minio/cli"
+)
+
+var adminAccesskeyCreateFlags = []cli.Flag{
+       cli.StringFlag{
+               Name:  "access-key",
+               Usage: "set an access key for the account",
+       },
+       cli.StringFlag{
+               Name:  "secret-key",
+               Usage: "set a secret key for the  account",
+       },
+       cli.StringFlag{
+               Name:  "policy",
+               Usage: "path to a JSON policy file",
+       },
+       cli.StringFlag{
+               Name:  "name",
+               Usage: "friendly name for the account",
+       },
+       cli.StringFlag{
+               Name:  "description",
+               Usage: "description for the account",
+       },
+       cli.StringFlag{
+               Name:  "expiry-duration",
+               Usage: "duration before the access key expires",
+       },
+       cli.StringFlag{
+               Name:  "expiry",
+               Usage: "expiry date for the access key",
+       },
+}
+
+var adminAccesskeyCreateCmd = cli.Command{
+       Name:         "create",
+       Usage:        "create access key pairs for users",
+       Action:       mainAdminAccesskeyCreate,
+       Before:       setGlobalsFromContext,
+       Flags:        append(adminAccesskeyCreateFlags, globalFlags...),
+       OnUsageError: onUsageError,
+       CustomHelpTemplate: `NAME:
+  {{.HelpName}} - {{.Usage}}
+
+USAGE:
+  {{.HelpName}} [FLAGS] [TARGET]
+
+FLAGS:
+  {{range .VisibleFlags}}{{.}}
+  {{end}}
+EXAMPLES:
+  1. Create a new access key pair with the same policy as the authenticated 
user
+     {{.Prompt}} {{.HelpName}} myminio/
+
+  2. Create a new access key pair with custom access key and secret key
+     {{.Prompt}} {{.HelpName}} myminio/ --access-key myaccesskey --secret-key 
mysecretkey
+
+  3. Create a new access key pair for user 'tester' that expires in 1 day
+     {{.Prompt}} {{.HelpName}} myminio/ tester --expiry-duration 24h
+
+  4. Create a new access key pair for authenticated user that expires on 
2025-01-01
+     {{.Prompt}} {{.HelpName}} --expiry 2025-01-01
+
+  5. Create a new access key pair for user 'tester' with a custom policy
+        {{.Prompt}} {{.HelpName}} myminio/ tester --policy /path/to/policy.json
+
+  6. Create a new access key pair for user 'tester' with a custom name and 
description
+        {{.Prompt}} {{.HelpName}} myminio/ tester --name "Tester's Access Key" 
--description "Access key for tester"
+`,
+}
+
+func mainAdminAccesskeyCreate(ctx *cli.Context) error {
+       return commonAccesskeyCreate(ctx, false)
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/minio-client-20241002T082728Z/cmd/admin-accesskey-disable.go 
new/minio-client-20241008T093726Z/cmd/admin-accesskey-disable.go
--- old/minio-client-20241002T082728Z/cmd/admin-accesskey-disable.go    
1970-01-01 01:00:00.000000000 +0100
+++ new/minio-client-20241008T093726Z/cmd/admin-accesskey-disable.go    
2024-10-08 11:37:26.000000000 +0200
@@ -0,0 +1,48 @@
+// Copyright (c) 2015-2024 MinIO, Inc.
+//
+// This file is part of MinIO Object Storage stack
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package cmd
+
+import (
+       "github.com/minio/cli"
+)
+
+var adminAccesskeyDisableCmd = cli.Command{
+       Name:         "disable",
+       Usage:        "disable an access key",
+       Action:       mainAdminAccesskeyDisable,
+       Before:       setGlobalsFromContext,
+       Flags:        globalFlags,
+       OnUsageError: onUsageError,
+       CustomHelpTemplate: `NAME:
+         {{.HelpName}} - {{.Usage}}
+
+USAGE:
+  {{.HelpName}} [FLAGS] [TARGET]
+
+FLAGS:
+  {{range .VisibleFlags}}{{.}}
+  {{end}}
+EXAMPLES:
+  1. Disable access key
+        {{.Prompt}} {{.HelpName}} myminio myaccesskey
+`,
+}
+
+func mainAdminAccesskeyDisable(ctx *cli.Context) error {
+       return enableDisableAccesskey(ctx, false)
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/minio-client-20241002T082728Z/cmd/admin-accesskey-edit.go 
new/minio-client-20241008T093726Z/cmd/admin-accesskey-edit.go
--- old/minio-client-20241002T082728Z/cmd/admin-accesskey-edit.go       
1970-01-01 01:00:00.000000000 +0100
+++ new/minio-client-20241008T093726Z/cmd/admin-accesskey-edit.go       
2024-10-08 11:37:26.000000000 +0200
@@ -0,0 +1,77 @@
+// Copyright (c) 2015-2024 MinIO, Inc.
+//
+// This file is part of MinIO Object Storage stack
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package cmd
+
+import (
+       "github.com/minio/cli"
+)
+
+var adminAccesskeyEditFlags = []cli.Flag{
+       cli.StringFlag{
+               Name:  "secret-key",
+               Usage: "set a secret key for the  account",
+       },
+       cli.StringFlag{
+               Name:  "policy",
+               Usage: "path to a JSON policy file",
+       },
+       cli.StringFlag{
+               Name:  "name",
+               Usage: "friendly name for the account",
+       },
+       cli.StringFlag{
+               Name:  "description",
+               Usage: "description for the account",
+       },
+       cli.StringFlag{
+               Name:  "expiry-duration",
+               Usage: "duration before the access key expires",
+       },
+       cli.StringFlag{
+               Name:  "expiry",
+               Usage: "expiry date for the access key",
+       },
+}
+
+var adminAccesskeyEditCmd = cli.Command{
+       Name:         "edit",
+       Usage:        "edit existing access keys",
+       Action:       mainAdminAccesskeyEdit,
+       Before:       setGlobalsFromContext,
+       Flags:        append(adminAccesskeyEditFlags, globalFlags...),
+       OnUsageError: onUsageError,
+       CustomHelpTemplate: `NAME:
+  {{.HelpName}} - {{.Usage}}
+
+USAGE:
+  {{.HelpName}} [FLAGS] [TARGET]
+
+FLAGS:
+  {{range .VisibleFlags}}{{.}}
+  {{end}}
+EXAMPLES:
+  1. Change the secret key for the access key "testkey"
+     {{.Prompt}} {{.HelpName}} myminio/ testkey --secret-key 'xxxxxxx'
+  2. Change the expiry duration for the access key "testkey"
+     {{.Prompt}} {{.HelpName}} myminio/ testkey ---expiry-duration 24h
+`,
+}
+
+func mainAdminAccesskeyEdit(ctx *cli.Context) error {
+       return commonAccesskeyEdit(ctx)
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/minio-client-20241002T082728Z/cmd/admin-accesskey-enable.go 
new/minio-client-20241008T093726Z/cmd/admin-accesskey-enable.go
--- old/minio-client-20241002T082728Z/cmd/admin-accesskey-enable.go     
1970-01-01 01:00:00.000000000 +0100
+++ new/minio-client-20241008T093726Z/cmd/admin-accesskey-enable.go     
2024-10-08 11:37:26.000000000 +0200
@@ -0,0 +1,48 @@
+// Copyright (c) 2015-2024 MinIO, Inc.
+//
+// This file is part of MinIO Object Storage stack
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package cmd
+
+import (
+       "github.com/minio/cli"
+)
+
+var adminAccesskeyEnableCmd = cli.Command{
+       Name:         "enable",
+       Usage:        "enable an access key",
+       Action:       mainAdminAccesskeyEnable,
+       Before:       setGlobalsFromContext,
+       Flags:        globalFlags,
+       OnUsageError: onUsageError,
+       CustomHelpTemplate: `NAME:
+  {{.HelpName}} - {{.Usage}}
+
+USAGE:
+  {{.HelpName}} [FLAGS] [TARGET]
+
+FLAGS:
+  {{range .VisibleFlags}}{{.}}
+  {{end}}
+EXAMPLES:
+  1. Enable access key
+        {{.Prompt}} {{.HelpName}} myminio myaccesskey
+`,
+}
+
+func mainAdminAccesskeyEnable(ctx *cli.Context) error {
+       return enableDisableAccesskey(ctx, true)
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/minio-client-20241002T082728Z/cmd/admin-accesskey-info.go 
new/minio-client-20241008T093726Z/cmd/admin-accesskey-info.go
--- old/minio-client-20241002T082728Z/cmd/admin-accesskey-info.go       
1970-01-01 01:00:00.000000000 +0100
+++ new/minio-client-20241008T093726Z/cmd/admin-accesskey-info.go       
2024-10-08 11:37:26.000000000 +0200
@@ -0,0 +1,50 @@
+// Copyright (c) 2015-2023 MinIO, Inc.
+//
+// This file is part of MinIO Object Storage stack
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package cmd
+
+import (
+       "github.com/minio/cli"
+)
+
+var adminAccesskeyInfoCmd = cli.Command{
+       Name:         "info",
+       Usage:        "info about given access key pairs",
+       Action:       mainAdminAccesskeyInfo,
+       Before:       setGlobalsFromContext,
+       Flags:        globalFlags,
+       OnUsageError: onUsageError,
+       CustomHelpTemplate: `NAME:
+  {{.HelpName}} - {{.Usage}}
+
+USAGE:
+  {{.HelpName}} [FLAGS] TARGET ACCESSKEY [ACCESSKEY...]
+
+FLAGS:
+  {{range .VisibleFlags}}{{.}}
+  {{end}}
+EXAMPLES:
+  1. Get info for the access key "testkey"
+        {{.Prompt}} {{.HelpName}} local/ testkey
+  2. Get info for the access keys "testkey" and "testkey2"
+        {{.Prompt}} {{.HelpName}} local/ testkey testkey2
+       `,
+}
+
+func mainAdminAccesskeyInfo(ctx *cli.Context) error {
+       return commonAccesskeyInfo(ctx)
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/minio-client-20241002T082728Z/cmd/admin-accesskey-list.go 
new/minio-client-20241008T093726Z/cmd/admin-accesskey-list.go
--- old/minio-client-20241002T082728Z/cmd/admin-accesskey-list.go       
1970-01-01 01:00:00.000000000 +0100
+++ new/minio-client-20241008T093726Z/cmd/admin-accesskey-list.go       
2024-10-08 11:37:26.000000000 +0200
@@ -0,0 +1,168 @@
+// Copyright (c) 2015-2024 MinIO, Inc.
+//
+// This file is part of MinIO Object Storage stack
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package cmd
+
+import (
+       "strings"
+
+       "github.com/charmbracelet/lipgloss"
+       humanize "github.com/dustin/go-humanize"
+       "github.com/minio/cli"
+       json "github.com/minio/colorjson"
+       "github.com/minio/madmin-go/v3"
+       "github.com/minio/mc/pkg/probe"
+)
+
+var adminAccesskeyListFlags = []cli.Flag{
+       cli.BoolFlag{
+               Name:  "users-only",
+               Usage: "only list user DNs",
+       },
+       cli.BoolFlag{
+               Name:  "temp-only",
+               Usage: "only list temporary access keys",
+       },
+       cli.BoolFlag{
+               Name:  "svcacc-only",
+               Usage: "only list service account access keys",
+       },
+       cli.BoolFlag{
+               Name:  "self",
+               Usage: "list access keys for the authenticated user",
+       },
+       cli.BoolFlag{
+               Name:  "all",
+               Usage: "list all access keys for all builtin users",
+       },
+}
+
+var adminAccesskeyListCmd = cli.Command{
+       Name:         "list",
+       ShortName:    "ls",
+       Usage:        "list access key pairs for builtin users",
+       Action:       mainAdminAccesskeyList,
+       Before:       setGlobalsFromContext,
+       Flags:        append(adminAccesskeyListFlags, globalFlags...),
+       OnUsageError: onUsageError,
+       CustomHelpTemplate: `NAME:
+  {{.HelpName}} - {{.Usage}}
+
+USAGE:
+  {{.HelpName}} [FLAGS] TARGET [DN...]
+
+FLAGS:
+  {{range .VisibleFlags}}{{.}}
+  {{end}}
+EXAMPLES:
+  1. Get list of all builtin users and associated access keys in local server
+        {{.Prompt}} {{.HelpName}} local/ --all
+
+  2. Get list of access keys for the authenticated user in local server
+        {{.Prompt}} {{.HelpName}} local/ --self
+
+  3. Get list of builtin users in local server
+        {{.Prompt}} {{.HelpName}} local/ --all --users-only
+
+  4. Get list of all builtin users and associated temporary access keys in 
play server (if admin)
+        {{.Prompt}} {{.HelpName}} play/ --temp-only
+
+  5. Get list of access keys associated with user 'foobar'
+        {{.Prompt}} {{.HelpName}} play/ foobar
+
+  6. Get list of access keys associated with users 'foobar' and 'tester'
+        {{.Prompt}} {{.HelpName}} play/ foobar tester
+
+  7. Get all users and access keys if admin, else get authenticated user and 
associated access keys
+        {{.Prompt}} {{.HelpName}} local/
+`,
+}
+
+type userAccesskeyList struct {
+       Status          string                      `json:"status"`
+       User            string                      `json:"user"`
+       STSKeys         []madmin.ServiceAccountInfo `json:"stsKeys"`
+       ServiceAccounts []madmin.ServiceAccountInfo `json:"svcaccs"`
+       LDAP            bool                        `json:"ldap,omitempty"`
+}
+
+func (m userAccesskeyList) String() string {
+       labelStyle := lipgloss.NewStyle().Foreground(lipgloss.Color("#04B575"))
+       o := strings.Builder{}
+
+       userStr := "User"
+       if m.LDAP {
+               userStr = "DN"
+       }
+       o.WriteString(iFmt(0, "%s %s\n", labelStyle.Render(userStr+":"), 
m.User))
+       if len(m.STSKeys) > 0 || len(m.ServiceAccounts) > 0 {
+               o.WriteString(iFmt(2, "%s\n", labelStyle.Render("Access 
Keys:")))
+       }
+       for _, k := range m.STSKeys {
+               expiration := "never"
+               if nilExpiry(k.Expiration) != nil {
+                       expiration = humanize.Time(*k.Expiration)
+               }
+               o.WriteString(iFmt(4, "%s, expires: %s, sts: true\n", 
k.AccessKey, expiration))
+       }
+       for _, k := range m.ServiceAccounts {
+               expiration := "never"
+               if nilExpiry(k.Expiration) != nil {
+                       expiration = humanize.Time(*k.Expiration)
+               }
+               o.WriteString(iFmt(4, "%s, expires: %s, sts: false\n", 
k.AccessKey, expiration))
+       }
+
+       return o.String()
+}
+
+func (m userAccesskeyList) JSON() string {
+       jsonMessageBytes, e := json.MarshalIndent(m, "", " ")
+       fatalIf(probe.NewError(e), "Unable to marshal into JSON.")
+
+       return string(jsonMessageBytes)
+}
+
+func mainAdminAccesskeyList(ctx *cli.Context) error {
+       aliasedURL, tentativeAll, users, opts := commonAccesskeyList(ctx)
+
+       // Create a new MinIO Admin Client
+       client, err := newAdminClient(aliasedURL)
+       fatalIf(err, "Unable to initialize admin connection.")
+
+       accessKeysMap, e := client.ListAccessKeysBulk(globalContext, users, 
opts)
+       if e != nil {
+               if e.Error() == "Access Denied." && tentativeAll {
+                       // retry with self
+                       opts.All = false
+                       accessKeysMap, e = 
client.ListAccessKeysBulk(globalContext, users, opts)
+               }
+               fatalIf(probe.NewError(e), "Unable to list access keys.")
+       }
+
+       for user, accessKeys := range accessKeysMap {
+               m := userAccesskeyList{
+                       Status:          "success",
+                       User:            user,
+                       ServiceAccounts: accessKeys.ServiceAccounts,
+                       STSKeys:         accessKeys.STSKeys,
+                       LDAP:            false,
+               }
+               printMsg(m)
+       }
+       return nil
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/minio-client-20241002T082728Z/cmd/admin-accesskey-remove.go 
new/minio-client-20241008T093726Z/cmd/admin-accesskey-remove.go
--- old/minio-client-20241002T082728Z/cmd/admin-accesskey-remove.go     
1970-01-01 01:00:00.000000000 +0100
+++ new/minio-client-20241008T093726Z/cmd/admin-accesskey-remove.go     
2024-10-08 11:37:26.000000000 +0200
@@ -0,0 +1,49 @@
+// Copyright (c) 2015-2024 MinIO, Inc.
+//
+// This file is part of MinIO Object Storage stack
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package cmd
+
+import (
+       "github.com/minio/cli"
+)
+
+var adminAccesskeyRemoveCmd = cli.Command{
+       Name:         "remove",
+       ShortName:    "rm",
+       Usage:        "delete access key pairs for builtin users",
+       Action:       mainAdminAccesskeyRemove,
+       Before:       setGlobalsFromContext,
+       Flags:        globalFlags,
+       OnUsageError: onUsageError,
+       CustomHelpTemplate: `NAME:
+  {{.HelpName}} - {{.Usage}}
+
+USAGE:
+  {{.HelpName}} [FLAGS] TARGET ACCESSKEY
+
+FLAGS:
+  {{range .VisibleFlags}}{{.}}
+  {{end}}
+EXAMPLES:
+  1. Remove the access key "testkey" from local server
+        {{.Prompt}} {{.HelpName}} local/ testkey
+       `,
+}
+
+func mainAdminAccesskeyRemove(ctx *cli.Context) error {
+       return commonAccesskeyRemove(ctx)
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/minio-client-20241002T082728Z/cmd/admin-accesskey.go 
new/minio-client-20241008T093726Z/cmd/admin-accesskey.go
--- old/minio-client-20241002T082728Z/cmd/admin-accesskey.go    1970-01-01 
01:00:00.000000000 +0100
+++ new/minio-client-20241008T093726Z/cmd/admin-accesskey.go    2024-10-08 
11:37:26.000000000 +0200
@@ -0,0 +1,45 @@
+// Copyright (c) 2015-2024 MinIO, Inc.
+//
+// This file is part of MinIO Object Storage stack
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package cmd
+
+import "github.com/minio/cli"
+
+var adminAccesskeySubcommands = []cli.Command{
+       adminAccesskeyListCmd,
+       adminAccesskeyRemoveCmd,
+       adminAccesskeyInfoCmd,
+       adminAccesskeyCreateCmd,
+       adminAccesskeyEditCmd,
+       adminAccesskeyEnableCmd,
+       adminAccesskeyDisableCmd,
+}
+
+var adminAccesskeyCmd = cli.Command{
+       Name:            "accesskey",
+       Usage:           "manage access keys defined in the MinIO server",
+       Action:          mainAdminAccesskey,
+       Before:          setGlobalsFromContext,
+       Flags:           globalFlags,
+       Subcommands:     adminAccesskeySubcommands,
+       HideHelpCommand: true,
+}
+
+func mainAdminAccesskey(ctx *cli.Context) error {
+       commandNotFound(ctx, adminAccesskeySubcommands)
+       return nil
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/minio-client-20241002T082728Z/cmd/admin-main.go 
new/minio-client-20241008T093726Z/cmd/admin-main.go
--- old/minio-client-20241002T082728Z/cmd/admin-main.go 2024-10-02 
10:27:28.000000000 +0200
+++ new/minio-client-20241008T093726Z/cmd/admin-main.go 2024-10-08 
11:37:26.000000000 +0200
@@ -56,6 +56,7 @@
        adminClusterCmd,
        adminRebalanceCmd,
        adminLogsCmd,
+       adminAccesskeyCmd,
 }
 
 var adminCmd = cli.Command{
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/minio-client-20241002T082728Z/cmd/admin-policy-attach.go 
new/minio-client-20241008T093726Z/cmd/admin-policy-attach.go
--- old/minio-client-20241002T082728Z/cmd/admin-policy-attach.go        
2024-10-02 10:27:28.000000000 +0200
+++ new/minio-client-20241008T093726Z/cmd/admin-policy-attach.go        
2024-10-08 11:37:26.000000000 +0200
@@ -23,6 +23,10 @@
        "github.com/minio/mc/pkg/probe"
 )
 
+const (
+       errCodeChangeAlreadyApplied = "XMinioAdminPolicyChangeAlreadyApplied"
+)
+
 var adminAttachPolicyFlags = []cli.Flag{
        cli.StringFlag{
                Name:  "user, u",
@@ -97,7 +101,10 @@
        } else {
                res, e = client.DetachPolicy(globalContext, req)
        }
-       fatalIf(probe.NewError(e), "Unable to make user/group policy 
association")
+
+       if e != nil && madmin.ToErrorResponse(e).Code != 
errCodeChangeAlreadyApplied {
+               fatalIf(probe.NewError(e), "Unable to make user/group policy 
association")
+       }
 
        var emptyResp madmin.PolicyAssociationResp
        if res.UpdatedAt == emptyResp.UpdatedAt {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/minio-client-20241002T082728Z/cmd/auto-complete.go 
new/minio-client-20241008T093726Z/cmd/auto-complete.go
--- old/minio-client-20241002T082728Z/cmd/auto-complete.go      2024-10-02 
10:27:28.000000000 +0200
+++ new/minio-client-20241008T093726Z/cmd/auto-complete.go      2024-10-08 
11:37:26.000000000 +0200
@@ -392,6 +392,16 @@
        "/idp/ldap/accesskey/enable":            aliasCompleter,
        "/idp/ldap/accesskey/disable":           aliasCompleter,
 
+       "/admin/accesskey/create":  aliasCompleter,
+       "/admin/accesskey/list":    aliasCompleter,
+       "/admin/accesskey/ls":      aliasCompleter,
+       "/admin/accesskey/remove":  aliasCompleter,
+       "/admin/accesskey/rm":      aliasCompleter,
+       "/admin/accesskey/info":    aliasCompleter,
+       "/admin/accesskey/edit":    aliasCompleter,
+       "/admin/accesskey/enable":  aliasCompleter,
+       "/admin/accesskey/disable": aliasCompleter,
+
        "/admin/policy/info":     aliasCompleter,
        "/admin/policy/update":   aliasCompleter,
        "/admin/policy/add":      aliasCompleter,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/minio-client-20241002T082728Z/cmd/idp-ldap-accesskey-create.go 
new/minio-client-20241008T093726Z/cmd/idp-ldap-accesskey-create.go
--- old/minio-client-20241002T082728Z/cmd/idp-ldap-accesskey-create.go  
2024-10-02 10:27:28.000000000 +0200
+++ new/minio-client-20241008T093726Z/cmd/idp-ldap-accesskey-create.go  
2024-10-08 11:37:26.000000000 +0200
@@ -98,6 +98,10 @@
 }
 
 func mainIDPLdapAccesskeyCreate(ctx *cli.Context) error {
+       return commonAccesskeyCreate(ctx, true)
+}
+
+func commonAccesskeyCreate(ctx *cli.Context, ldap bool) error {
        if len(ctx.Args()) == 0 || len(ctx.Args()) > 2 {
                showCommandHelpAndExit(ctx, 1) // last argument is exit code
        }
@@ -114,7 +118,13 @@
        client, err := newAdminClient(aliasedURL)
        fatalIf(err, "Unable to initialize admin connection.")
 
-       res, e := client.AddServiceAccountLDAP(globalContext, opts)
+       var res madmin.Credentials
+       var e error
+       if ldap {
+               res, e = client.AddServiceAccountLDAP(globalContext, opts)
+       } else {
+               res, e = client.AddServiceAccount(globalContext, opts)
+       }
        fatalIf(probe.NewError(e), "Unable to add service account.")
 
        m := ldapAccesskeyMessage{
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/minio-client-20241002T082728Z/cmd/idp-ldap-accesskey-edit.go 
new/minio-client-20241008T093726Z/cmd/idp-ldap-accesskey-edit.go
--- old/minio-client-20241002T082728Z/cmd/idp-ldap-accesskey-edit.go    
2024-10-02 10:27:28.000000000 +0200
+++ new/minio-client-20241008T093726Z/cmd/idp-ldap-accesskey-edit.go    
2024-10-08 11:37:26.000000000 +0200
@@ -82,6 +82,10 @@
 }
 
 func mainIDPLdapAccesskeyEdit(ctx *cli.Context) error {
+       return commonAccesskeyEdit(ctx)
+}
+
+func commonAccesskeyEdit(ctx *cli.Context) error {
        if len(ctx.Args()) == 0 || len(ctx.Args()) > 2 {
                showCommandHelpAndExit(ctx, 1) // last argument is exit code
        }
@@ -115,6 +119,10 @@
        description := ctx.String("description")
        expDurVal := ctx.Duration("expiry-duration")
 
+       if name == "" && expVal == "" && expDurVal == 0 && policyPath == "" && 
secretKey == "" && description == "" {
+               fatalIf(probe.NewError(errors.New("At least one property must 
be edited")), "invalid flags")
+       }
+
        if expVal != "" && expDurVal != 0 {
                fatalIf(probe.NewError(errors.New("Only one of --expiry or 
--expiry-duration can be specified")), "invalid flags")
        }
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/minio-client-20241002T082728Z/cmd/idp-ldap-accesskey-info.go 
new/minio-client-20241008T093726Z/cmd/idp-ldap-accesskey-info.go
--- old/minio-client-20241002T082728Z/cmd/idp-ldap-accesskey-info.go    
2024-10-02 10:27:28.000000000 +0200
+++ new/minio-client-20241008T093726Z/cmd/idp-ldap-accesskey-info.go    
2024-10-08 11:37:26.000000000 +0200
@@ -120,6 +120,11 @@
 }
 
 func mainIDPLdapAccesskeyInfo(ctx *cli.Context) error {
+       return commonAccesskeyInfo(ctx)
+}
+
+// currently no difference between ldap and builtin accesskey info
+func commonAccesskeyInfo(ctx *cli.Context) error {
        if len(ctx.Args()) < 2 {
                showCommandHelpAndExit(ctx, 1) // last argument is exit code
        }
@@ -151,9 +156,8 @@
                                        Policy:        
json.RawMessage(tempRes.Policy),
                                        Name:          tempRes.Name,
                                        Description:   tempRes.Description,
-                                       Expiration:    tempRes.Expiration,
+                                       Expiration:    
nilExpiry(tempRes.Expiration),
                                }
-
                                printMsg(m)
                        }
                } else {
@@ -167,12 +171,18 @@
                                Policy:        json.RawMessage(res.Policy),
                                Name:          res.Name,
                                Description:   res.Description,
-                               Expiration:    res.Expiration,
+                               Expiration:    nilExpiry(res.Expiration),
                        }
-
                        printMsg(m)
                }
        }
 
        return nil
 }
+
+func nilExpiry(expiry *time.Time) *time.Time {
+       if expiry != nil && expiry.Equal(timeSentinel) {
+               return nil
+       }
+       return expiry
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/minio-client-20241002T082728Z/cmd/idp-ldap-accesskey-list.go 
new/minio-client-20241008T093726Z/cmd/idp-ldap-accesskey-list.go
--- old/minio-client-20241002T082728Z/cmd/idp-ldap-accesskey-list.go    
2024-10-02 10:27:28.000000000 +0200
+++ new/minio-client-20241008T093726Z/cmd/idp-ldap-accesskey-list.go    
2024-10-08 11:37:26.000000000 +0200
@@ -19,12 +19,8 @@
 
 import (
        "errors"
-       "strings"
 
-       "github.com/charmbracelet/lipgloss"
-       "github.com/dustin/go-humanize"
        "github.com/minio/cli"
-       json "github.com/minio/colorjson"
        "github.com/minio/madmin-go/v3"
        "github.com/minio/mc/pkg/probe"
 )
@@ -70,10 +66,10 @@
   {{range .VisibleFlags}}{{.}}
   {{end}}
 EXAMPLES:
-  1. Get list of all users and associated access keys in local server (if 
admin)
+  1. Get list of all LDAP users and associated access keys in local server (if 
admin)
         {{.Prompt}} {{.HelpName}} local/
 
-  2. Get list of users in local server (if admin)
+  2. Get list of LDAP users in local server (if admin)
         {{.Prompt}} {{.HelpName}} local/ --users-only
 
   3. Get list of all users and associated temporary access keys in play server 
(if admin)
@@ -93,47 +89,37 @@
 `,
 }
 
-type ldapUsersList struct {
-       Status          string                      `json:"status"`
-       DN              string                      `json:"dn"`
-       STSKeys         []madmin.ServiceAccountInfo `json:"stsKeys"`
-       ServiceAccounts []madmin.ServiceAccountInfo `json:"svcaccs"`
-}
+func mainIDPLdapAccesskeyList(ctx *cli.Context) error {
+       aliasedURL, tentativeAll, users, opts := commonAccesskeyList(ctx)
+
+       // Create a new MinIO Admin Client
+       client, err := newAdminClient(aliasedURL)
+       fatalIf(err, "Unable to initialize admin connection.")
 
-func (m ldapUsersList) String() string {
-       labelStyle := lipgloss.NewStyle().Foreground(lipgloss.Color("#04B575"))
-       o := strings.Builder{}
-
-       o.WriteString(iFmt(0, "%s %s\n", labelStyle.Render("DN:"), m.DN))
-       if len(m.STSKeys) > 0 || len(m.ServiceAccounts) > 0 {
-               o.WriteString(iFmt(2, "%s\n", labelStyle.Render("Access 
Keys:")))
-       }
-       for _, k := range m.STSKeys {
-               expiration := "never"
-               if k.Expiration != nil {
-                       expiration = humanize.Time(*k.Expiration)
+       accessKeysMap, e := 
client.ListAccessKeysLDAPBulkWithOpts(globalContext, users, opts)
+       if e != nil {
+               if e.Error() == "Access Denied." && tentativeAll {
+                       // retry with self
+                       opts.All = false
+                       accessKeysMap, e = 
client.ListAccessKeysLDAPBulkWithOpts(globalContext, users, opts)
                }
-               o.WriteString(iFmt(4, "%s, expires: %s, sts: true\n", 
k.AccessKey, expiration))
+               fatalIf(probe.NewError(e), "Unable to list access keys.")
        }
-       for _, k := range m.ServiceAccounts {
-               expiration := "never"
-               if k.Expiration != nil {
-                       expiration = humanize.Time(*k.Expiration)
+
+       for dn, accessKeys := range accessKeysMap {
+               m := userAccesskeyList{
+                       Status:          "success",
+                       User:            dn,
+                       ServiceAccounts: accessKeys.ServiceAccounts,
+                       STSKeys:         accessKeys.STSKeys,
+                       LDAP:            true,
                }
-               o.WriteString(iFmt(4, "%s, expires: %s, sts: false\n", 
k.AccessKey, expiration))
+               printMsg(m)
        }
-
-       return o.String()
-}
-
-func (m ldapUsersList) JSON() string {
-       jsonMessageBytes, e := json.MarshalIndent(m, "", " ")
-       fatalIf(probe.NewError(e), "Unable to marshal into JSON.")
-
-       return string(jsonMessageBytes)
+       return nil
 }
 
-func mainIDPLdapAccesskeyList(ctx *cli.Context) error {
+func commonAccesskeyList(ctx *cli.Context) (aliasedURL string, tentativeAll 
bool, users []string, opts madmin.ListAccessKeysOpts) {
        if len(ctx.Args()) == 0 {
                showCommandHelpAndExit(ctx, 1) // last argument is exit code
        }
@@ -142,18 +128,18 @@
        stsOnly := ctx.Bool("temp-only")
        svcaccOnly := ctx.Bool("svcacc-only")
        selfFlag := ctx.Bool("self")
-       allFlag := ctx.Bool("all")
+       opts.All = ctx.Bool("all")
 
        args := ctx.Args()
-       aliasedURL := args.Get(0)
-       users := args.Tail()
+       aliasedURL = args.Get(0)
+       users = args.Tail()
 
        var e error
        if (usersOnly && svcaccOnly) || (usersOnly && stsOnly) || (svcaccOnly 
&& stsOnly) {
                e = errors.New("only one of --users-only, --temp-only, or 
--permanent-only can be specified")
-       } else if selfFlag && allFlag {
+       } else if selfFlag && opts.All {
                e = errors.New("only one of --self or --all can be specified")
-       } else if (selfFlag || allFlag) && len(users) > 0 {
+       } else if (selfFlag || opts.All) && len(users) > 0 {
                e = errors.New("user DNs cannot be specified with --self or 
--all")
        }
        fatalIf(probe.NewError(e), "Invalid flags.")
@@ -161,45 +147,21 @@
        // If no users/self/all flags are specified, tentatively assume --all
        // If access is denied on tentativeAll, retry with self
        // This is to maintain compatibility with the previous behavior
-       tentativeAll := false
-       if !selfFlag && !allFlag && len(users) == 0 {
+       if !selfFlag && !opts.All && len(users) == 0 {
                tentativeAll = true
-               allFlag = true
+               opts.All = true
        }
 
-       var listType string
        switch {
        case usersOnly:
-               listType = madmin.AccessKeyListUsersOnly
+               opts.ListType = madmin.AccessKeyListUsersOnly
        case stsOnly:
-               listType = madmin.AccessKeyListSTSOnly
+               opts.ListType = madmin.AccessKeyListSTSOnly
        case svcaccOnly:
-               listType = madmin.AccessKeyListSvcaccOnly
+               opts.ListType = madmin.AccessKeyListSvcaccOnly
        default:
-               listType = madmin.AccessKeyListAll
-       }
-
-       // Create a new MinIO Admin Client
-       client, err := newAdminClient(aliasedURL)
-       fatalIf(err, "Unable to initialize admin connection.")
-
-       accessKeysMap, e := client.ListAccessKeysLDAPBulk(globalContext, users, 
listType, allFlag)
-       if e != nil {
-               if e.Error() == "Access Denied." && tentativeAll {
-                       // retry with self
-                       accessKeysMap, e = 
client.ListAccessKeysLDAPBulk(globalContext, users, listType, false)
-               }
-               fatalIf(probe.NewError(e), "Unable to list access keys.")
+               opts.ListType = madmin.AccessKeyListAll
        }
 
-       for dn, accessKeys := range accessKeysMap {
-               m := ldapUsersList{
-                       Status:          "success",
-                       DN:              dn,
-                       ServiceAccounts: accessKeys.ServiceAccounts,
-                       STSKeys:         accessKeys.STSKeys,
-               }
-               printMsg(m)
-       }
-       return nil
+       return aliasedURL, tentativeAll, users, opts
 }
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/minio-client-20241002T082728Z/cmd/idp-ldap-accesskey-remove.go 
new/minio-client-20241008T093726Z/cmd/idp-ldap-accesskey-remove.go
--- old/minio-client-20241002T082728Z/cmd/idp-ldap-accesskey-remove.go  
2024-10-02 10:27:28.000000000 +0200
+++ new/minio-client-20241008T093726Z/cmd/idp-ldap-accesskey-remove.go  
2024-10-08 11:37:26.000000000 +0200
@@ -46,6 +46,11 @@
 }
 
 func mainIDPLdapAccesskeyRemove(ctx *cli.Context) error {
+       return commonAccesskeyRemove(ctx)
+}
+
+// No difference between ldap and builtin accesskey remove for now
+func commonAccesskeyRemove(ctx *cli.Context) error {
        if len(ctx.Args()) != 2 {
                showCommandHelpAndExit(ctx, 1) // last argument is exit code
        }
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/minio-client-20241002T082728Z/functional-tests.sh 
new/minio-client-20241008T093726Z/functional-tests.sh
--- old/minio-client-20241002T082728Z/functional-tests.sh       2024-10-02 
10:27:28.000000000 +0200
+++ new/minio-client-20241008T093726Z/functional-tests.sh       2024-10-08 
11:37:26.000000000 +0200
@@ -967,6 +967,9 @@
        # check that the user can write objects with readwrite policy
        assert_success "$start_time" "${FUNCNAME[0]}" mc_cmd admin policy 
attach "$SERVER_ALIAS" readwrite --user="${username}"
 
+       # verify that re-attaching an already attached policy to a user does 
not result in a failure.
+       assert_success "$start_time" "${FUNCNAME[0]}" mc_cmd admin policy 
attach "$SERVER_ALIAS" readwrite --user="${username}"
+
        # Validate that the correct policy has been added to the user
        "${MC_CMD[@]}" --json admin user list "${SERVER_ALIAS}" | jq -r 
'.policyName' | grep --quiet "^readwrite$"
        rv=$?

++++++ minio-client.obsinfo ++++++
--- /var/tmp/diff_new_pack.kg4zvb/_old  2024-10-16 23:55:05.465847311 +0200
+++ /var/tmp/diff_new_pack.kg4zvb/_new  2024-10-16 23:55:05.469847478 +0200
@@ -1,5 +1,5 @@
 name: minio-client
-version: 20241002T082728Z
-mtime: 1727857648
-commit: ce0b4341521de16ae2172d42054bbe054f9c9651
+version: 20241008T093726Z
+mtime: 1728380246
+commit: cf128de2cf42e763e7bd30c6df8b749fa94e0c10
 

++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/minio-client/vendor.tar.gz 
/work/SRC/openSUSE:Factory/.minio-client.new.19354/vendor.tar.gz differ: char 
5, line 1

Reply via email to