From 4569875a49652a9444ffd9e96e78b0f07c92a687 Mon Sep 17 00:00:00 2001 From: chrislu Date: Sun, 31 Aug 2025 23:23:02 -0700 Subject: [PATCH 1/2] 3.97 --- k8s/charts/seaweedfs/Chart.yaml | 4 ++-- weed/util/version/constants.go | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/k8s/charts/seaweedfs/Chart.yaml b/k8s/charts/seaweedfs/Chart.yaml index 7922aa1d7..cd0f27a00 100644 --- a/k8s/charts/seaweedfs/Chart.yaml +++ b/k8s/charts/seaweedfs/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v1 description: SeaweedFS name: seaweedfs -appVersion: "3.96" +appVersion: "3.97" # Dev note: Trigger a helm chart release by `git tag -a helm-` -version: 4.0.396 +version: 4.0.397 diff --git a/weed/util/version/constants.go b/weed/util/version/constants.go index 39e0a8dbb..d144d4efe 100644 --- a/weed/util/version/constants.go +++ b/weed/util/version/constants.go @@ -8,7 +8,7 @@ import ( var ( MAJOR_VERSION = int32(3) - MINOR_VERSION = int32(96) + MINOR_VERSION = int32(97) VERSION_NUMBER = fmt.Sprintf("%d.%02d", MAJOR_VERSION, MINOR_VERSION) VERSION = util.SizeLimit + " " + VERSION_NUMBER COMMIT = "" From 76452ab593995ab52b75e681de5b221de1e3f006 Mon Sep 17 00:00:00 2001 From: chrislu Date: Sun, 31 Aug 2025 23:31:28 -0700 Subject: [PATCH 2/2] Delete test_utils_test.go --- weed/iam/sts/test_utils_test.go | 53 --------------------------------- 1 file changed, 53 deletions(-) delete mode 100644 weed/iam/sts/test_utils_test.go diff --git a/weed/iam/sts/test_utils_test.go b/weed/iam/sts/test_utils_test.go deleted file mode 100644 index 58de592dc..000000000 --- a/weed/iam/sts/test_utils_test.go +++ /dev/null @@ -1,53 +0,0 @@ -package sts - -import ( - "context" - "fmt" - "strings" - - "github.com/seaweedfs/seaweedfs/weed/iam/providers" -) - -// MockTrustPolicyValidator is a simple mock for testing STS functionality -type MockTrustPolicyValidator struct{} - -// ValidateTrustPolicyForWebIdentity allows valid JWT test tokens for STS testing -func (m *MockTrustPolicyValidator) ValidateTrustPolicyForWebIdentity(ctx context.Context, roleArn string, webIdentityToken string) error { - // Reject non-existent roles for testing - if strings.Contains(roleArn, "NonExistentRole") { - return fmt.Errorf("trust policy validation failed: role does not exist") - } - - // For STS unit tests, allow JWT tokens that look valid (contain dots for JWT structure) - // In real implementation, this would validate against actual trust policies - if len(webIdentityToken) > 20 && strings.Count(webIdentityToken, ".") >= 2 { - // This appears to be a JWT token - allow it for testing - return nil - } - - // Legacy support for specific test tokens during migration - if webIdentityToken == "valid_test_token" || webIdentityToken == "valid-oidc-token" { - return nil - } - - // Reject invalid tokens - if webIdentityToken == "invalid_token" || webIdentityToken == "expired_token" || webIdentityToken == "invalid-token" { - return fmt.Errorf("trust policy denies token") - } - - return nil -} - -// ValidateTrustPolicyForCredentials allows valid test identities for STS testing -func (m *MockTrustPolicyValidator) ValidateTrustPolicyForCredentials(ctx context.Context, roleArn string, identity *providers.ExternalIdentity) error { - // Reject non-existent roles for testing - if strings.Contains(roleArn, "NonExistentRole") { - return fmt.Errorf("trust policy validation failed: role does not exist") - } - - // For STS unit tests, allow test identities - if identity != nil && identity.UserID != "" { - return nil - } - return fmt.Errorf("invalid identity for role assumption") -}