add support for additional prometheus labels for query (#1936)

pkg/auth/idp/oauth2/provider.go

@@ -41,7 +41,7 @@ import (
 type Configuration interface {
 	Exchange(ctx context.Context, code string, opts ...xoauth2.AuthCodeOption) (*xoauth2.Token, error)
 	AuthCodeURL(state string, opts ...xoauth2.AuthCodeOption) string
-	PasswordCredentialsToken(ctx context.Context, username string, password string) (*xoauth2.Token, error)
+	PasswordCredentialsToken(ctx context.Context, username, password string) (*xoauth2.Token, error)
 	Client(ctx context.Context, t *xoauth2.Token) *http.Client
 	TokenSource(ctx context.Context, t *xoauth2.Token) xoauth2.TokenSource
 }
@@ -76,7 +76,7 @@ func (ac Config) AuthCodeURL(state string, opts ...xoauth2.AuthCodeOption) strin
 	return ac.AuthCodeURL(state, opts...)
 }
 
-func (ac Config) PasswordCredentialsToken(ctx context.Context, username string, password string) (*xoauth2.Token, error) {
+func (ac Config) PasswordCredentialsToken(ctx context.Context, username, password string) (*xoauth2.Token, error) {
 	return ac.PasswordCredentialsToken(ctx, username, password)
 }
 

pkg/auth/idp/oauth2/provider_test.go

@@ -27,11 +27,13 @@ import (
 
 type Oauth2configMock struct{}
 
-var oauth2ConfigExchangeMock func(ctx context.Context, code string, opts ...oauth2.AuthCodeOption) (*oauth2.Token, error)
-var oauth2ConfigAuthCodeURLMock func(state string, opts ...oauth2.AuthCodeOption) string
-var oauth2ConfigPasswordCredentialsTokenMock func(ctx context.Context, username string, password string) (*oauth2.Token, error)
-var oauth2ConfigClientMock func(ctx context.Context, t *oauth2.Token) *http.Client
-var oauth2ConfigokenSourceMock func(ctx context.Context, t *oauth2.Token) oauth2.TokenSource
+var (
+	oauth2ConfigExchangeMock                 func(ctx context.Context, code string, opts ...oauth2.AuthCodeOption) (*oauth2.Token, error)
+	oauth2ConfigAuthCodeURLMock              func(state string, opts ...oauth2.AuthCodeOption) string
+	oauth2ConfigPasswordCredentialsTokenMock func(ctx context.Context, username, password string) (*oauth2.Token, error)
+	oauth2ConfigClientMock                   func(ctx context.Context, t *oauth2.Token) *http.Client
+	oauth2ConfigokenSourceMock               func(ctx context.Context, t *oauth2.Token) oauth2.TokenSource
+)
 
 func (ac Oauth2configMock) Exchange(ctx context.Context, code string, opts ...oauth2.AuthCodeOption) (*oauth2.Token, error) {
 	return oauth2ConfigExchangeMock(ctx, code, opts...)
@@ -41,7 +43,7 @@ func (ac Oauth2configMock) AuthCodeURL(state string, opts ...oauth2.AuthCodeOpti
 	return oauth2ConfigAuthCodeURLMock(state, opts...)
 }
 
-func (ac Oauth2configMock) PasswordCredentialsToken(ctx context.Context, username string, password string) (*oauth2.Token, error) {
+func (ac Oauth2configMock) PasswordCredentialsToken(ctx context.Context, username, password string) (*oauth2.Token, error) {
 	return oauth2ConfigPasswordCredentialsTokenMock(ctx, username, password)
 }
 

pkg/auth/token.go

@@ -233,7 +233,7 @@ func encrypt(plaintext, associatedData []byte) ([]byte, error) {
 // Decrypts a blob of data using AEAD scheme AES-GCM if the executing CPU
 // provides AES hardware support, otherwise will use ChaCha20-Poly1305with
 // and a pbkdf2 derived key
-func decrypt(ciphertext []byte, associatedData []byte) ([]byte, error) {
+func decrypt(ciphertext, associatedData []byte) ([]byte, error) {
 	var (
 		algorithm [1]byte
 		iv        [16]byte
@@ -257,7 +257,7 @@ func decrypt(ciphertext []byte, associatedData []byte) ([]byte, error) {
 		mac := hmac.New(sha256.New, derivedKey())
 		mac.Write(iv[:])
 		sealingKey := mac.Sum(nil)
-		block, err := aes.NewCipher(sealingKey[:])
+		block, err := aes.NewCipher(sealingKey)
 		if err != nil {
 			return nil, err
 		}

pkg/auth/token_test.go

@@ -29,8 +29,11 @@ var creds = &credentials.Value{
 	SessionToken:    "fakeSessionToken",
 	SignerType:      0,
 }
-var goodToken = ""
-var badToken = "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJkYXRhIjoiRDMwYWE0ekQ1bWtFaFRyWm5yOWM3NWh0Yko0MkROOWNDZVQ5RHVHUkg1U25SR3RyTXZNOXBMdnlFSVJAAAE5eWxxekhYMXllck8xUXpzMlZzRVFKeUF2ZmpOaDkrTVdoUURWZ2FhK2R5emxzSjNpK0k1dUdoeW5DNWswUW83WEY0UWszY0RtUTdUQUVROVFEbWRKdjBkdVB5L25hQk5vM3dIdlRDZHFNRDJZN3kycktJbmVUbUlFNmVveW9EWmprcW5tckVoYmMrTlhTRU81WjZqa1kwZ1E2eXZLaWhUZGxBRS9zS1lBNlc4Q1R1cm1MU0E0b0dIcGtldFZWU0VXMHEzNU9TU1VaczRXNkxHdGMxSTFWVFZLWUo3ZTlHR2REQ3hMWGtiZHQwcjl0RDNMWUhWRndra0dSZit5ZHBzS1Y3L1Jtbkp3SHNqNVVGV0w5WGVHUkZVUjJQclJTN2plVzFXeGZuYitVeXoxNVpOMzZsZ01GNnBlWFd1LzJGcEtrb2Z2QzNpY2x5Rmp0SE45ZkxYTVpVSFhnV2lsQWVSa3oiLCJhdWQiOiJodHRwOi8vbG9jYWxob3N0OjkwMDAiLCJleHAiOjE1ODc1MTY1NzEsInN1YiI6ImZmYmY4YzljLTJlMjYtNGMwYS1iMmI0LTYyMmVhM2I1YjZhYiJ9.P392RUwzsrBeJOO3fS1xMZcF-lWiDvWZ5hM7LZOyFMmoG5QLccDU5eAPSm8obzPoznX1b7eCFLeEmKK-vKgjiQ"
+
+var (
+	goodToken = ""
+	badToken  = "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJkYXRhIjoiRDMwYWE0ekQ1bWtFaFRyWm5yOWM3NWh0Yko0MkROOWNDZVQ5RHVHUkg1U25SR3RyTXZNOXBMdnlFSVJAAAE5eWxxekhYMXllck8xUXpzMlZzRVFKeUF2ZmpOaDkrTVdoUURWZ2FhK2R5emxzSjNpK0k1dUdoeW5DNWswUW83WEY0UWszY0RtUTdUQUVROVFEbWRKdjBkdVB5L25hQk5vM3dIdlRDZHFNRDJZN3kycktJbmVUbUlFNmVveW9EWmprcW5tckVoYmMrTlhTRU81WjZqa1kwZ1E2eXZLaWhUZGxBRS9zS1lBNlc4Q1R1cm1MU0E0b0dIcGtldFZWU0VXMHEzNU9TU1VaczRXNkxHdGMxSTFWVFZLWUo3ZTlHR2REQ3hMWGtiZHQwcjl0RDNMWUhWRndra0dSZit5ZHBzS1Y3L1Jtbkp3SHNqNVVGV0w5WGVHUkZVUjJQclJTN2plVzFXeGZuYitVeXoxNVpOMzZsZ01GNnBlWFd1LzJGcEtrb2Z2QzNpY2x5Rmp0SE45ZkxYTVpVSFhnV2lsQWVSa3oiLCJhdWQiOiJodHRwOi8vbG9jYWxob3N0OjkwMDAiLCJleHAiOjE1ODc1MTY1NzEsInN1YiI6ImZmYmY4YzljLTJlMjYtNGMwYS1iMmI0LTYyMmVhM2I1YjZhYiJ9.P392RUwzsrBeJOO3fS1xMZcF-lWiDvWZ5hM7LZOyFMmoG5QLccDU5eAPSm8obzPoznX1b7eCFLeEmKK-vKgjiQ"
+)
 
 func TestNewJWTWithClaimsForClient(t *testing.T) {
 	funcAssert := assert.New(t)

pkg/auth/utils/utils_test.go

@@ -38,9 +38,9 @@ func TestRandomCharString(t *testing.T) {
 func TestComputeHmac256(t *testing.T) {
 	funcAssert := assert.New(t)
 	// Test-1 : ComputeHmac256() should return the right Hmac256 string based on a derived key
-	var derivedKey = pbkdf2.Key([]byte("secret"), []byte("salt"), 4096, 32, sha1.New)
-	var message = "hello world"
-	var expectedHmac = "5r32q7W+0hcBnqzQwJJUDzVGoVivXGSodTcHSqG/9Q8="
+	derivedKey := pbkdf2.Key([]byte("secret"), []byte("salt"), 4096, 32, sha1.New)
+	message := "hello world"
+	expectedHmac := "5r32q7W+0hcBnqzQwJJUDzVGoVivXGSodTcHSqG/9Q8="
 	hmac := ComputeHmac256(message, derivedKey)
 	funcAssert.Equal(hmac, expectedHmac)
 }

pkg/certs/certs.go

@@ -119,7 +119,7 @@ func ParsePublicCertFile(certFile string) (x509Certs []*x509.Certificate, err er
 
 // MkdirAllIgnorePerm attempts to create all directories, ignores any permission denied errors.
 func MkdirAllIgnorePerm(path string) error {
-	err := os.MkdirAll(path, 0700)
+	err := os.MkdirAll(path, 0o700)
 	if err != nil {
 		// It is possible in kubernetes like deployments this directory
 		// is already mounted and is not writable, ignore any write errors.
@@ -250,7 +250,7 @@ func GetTLSConfig() (x509Certs []*x509.Certificate, manager *xcerts.Manager, err
 		return nil, nil, err
 	}
 
-	//Console has support for multiple certificates. It expects the following structure:
+	// Console has support for multiple certificates. It expects the following structure:
 	// certs/
 	//  │
 	//  ├─ public.crt
@@ -266,8 +266,8 @@ func GetTLSConfig() (x509Certs []*x509.Certificate, manager *xcerts.Manager, err
 	//     └─ private.key
 	//  ...
 	//
-	//Therefore, we read all filenames in the cert directory and check
-	//for each directory whether it contains a public.crt and private.key.
+	// Therefore, we read all filenames in the cert directory and check
+	// for each directory whether it contains a public.crt and private.key.
 	// If so, we try to add it to certificate manager.
 	root, err := os.Open(GlobalCertsDir.Get())
 	if err != nil {

pkg/logger/audit.go

@@ -144,7 +144,7 @@ func GetAuditEntry(ctx context.Context) *audit.Entry {
 		}
 		r = &audit.Entry{
 			Version: audit.Version,
-			//DeploymentID: globalDeploymentID,
+			// DeploymentID: globalDeploymentID,
 			Time: time.Now().UTC(),
 		}
 		SetAuditEntry(ctx, r)

pkg/logger/logger.go

@@ -144,7 +144,7 @@ func uniqueEntries(paths []string) []string {
 // and GOROOT directories. Also append github.com/minio/minio
 // This is done to clean up the filename, when stack trace is
 // displayed when an errors happens.
-func Init(goPath string, goRoot string) {
+func Init(goPath, goRoot string) {
 	var goPathList []string
 	var goRootList []string
 	var defaultgoPathList []string

pkg/logger/message/audit/entry_test.go

@@ -59,7 +59,6 @@ func TestNewEntry(t *testing.T) {
 }
 
 func TestToEntry(t *testing.T) {
-
 	req := httptest.NewRequest(http.MethodGet, "/api/v1/tenants?test=xyz", nil)
 	req.Header.Set("Authorization", "xyz")
 	req.Header.Set("ETag", "\"ABCDE\"")
@@ -91,7 +90,6 @@ func TestToEntry(t *testing.T) {
 			},
 			postFunc: func() {
 				os.Unsetenv("CONSOLE_OPERATOR_MODE")
-
 			},
 			name: "constructs an audit entry from a http request",
 			args: args{

pkg/logger/target/http/http.go

@@ -105,8 +105,7 @@ func (h *Target) Init() error {
 	xhttp.DrainBody(resp.Body)
 
 	if !acceptedResponseStatusCode(resp.StatusCode) {
-		switch resp.StatusCode {
-		case http.StatusForbidden:
+		if resp.StatusCode == http.StatusForbidden {
 			return fmt.Errorf("%s returned '%s', please check if your auth token is correctly set",
 				h.config.Endpoint, resp.Status)
 		}

pkg/subnet/config_test.go

@@ -34,7 +34,6 @@ mr/cKCUyBL7rcAvg0zNq1vcSrUSGlAmY3SEDCu3GOKnjG/U4E7+p957ocWSV+mQU
 )
 
 func TestGetLicenseInfoFromJWT(t *testing.T) {
-
 	mockLicense, _ := GetLicenseInfoFromJWT(license, publicKeys)
 
 	type args struct {

pkg/subnet/const.go

@@ -16,15 +16,13 @@
 
 package subnet
 
-var (
-	OfflinePublicKeys = []string{
-		`-----BEGIN PUBLIC KEY-----
+var OfflinePublicKeys = []string{
+	`-----BEGIN PUBLIC KEY-----
 MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEaK31xujr6/rZ7ZfXZh3SlwovjC+X8wGq
 qkltaKyTLRENd4w3IRktYYCRgzpDLPn/nrf7snV/ERO5qcI7fkEES34IVEr+2Uff
 JkO2PfyyAYEO/5dBlPh1Undu9WQl6J7B
 -----END PUBLIC KEY-----`, // https://subnet.min.io/downloads/license-pubkey.pem
-	}
-)
+}
 
 const (
 	// Constants for subnet configuration

pkg/utils/parity.go

@@ -56,7 +56,7 @@ var isValidSetSize = func(count uint64) bool {
 // input argument patterns, the symmetry calculation is to ensure that
 // we also use uniform number of drives common across all ellipses patterns.
 func possibleSetCountsWithSymmetry(setCounts []uint64, argPatterns []ellipses.ArgPattern) []uint64 {
-	var newSetCounts = make(map[uint64]struct{})
+	newSetCounts := make(map[uint64]struct{})
 	for _, ss := range setCounts {
 		var symmetry bool
 		for _, argPattern := range argPatterns {
@@ -177,7 +177,7 @@ func getTotalSizes(argPatterns []ellipses.ArgPattern) []uint64 {
 	for _, argPattern := range argPatterns {
 		var totalSize uint64 = 1
 		for _, p := range argPattern {
-			totalSize = totalSize * uint64(len(p.Seq))
+			totalSize *= uint64(len(p.Seq))
 		}
 		totalSizes = append(totalSizes, totalSize)
 	}
@@ -206,7 +206,7 @@ func PossibleParityValues(args ...string) ([]string, error) {
 // of endpoints following the ellipses pattern, this is what is used
 // by the object layer for initializing itself.
 func parseEndpointSet(args ...string) (setIndexes [][]uint64, err error) {
-	var argPatterns = make([]ellipses.ArgPattern, len(args))
+	argPatterns := make([]ellipses.ArgPattern, len(args))
 	for i, arg := range args {
 		patterns, err := ellipses.FindEllipsesPatterns(arg)
 		if err != nil {

pkg/utils/parity_test.go

@@ -27,7 +27,8 @@ func TestGetDivisibleSize(t *testing.T) {
 	testCases := []struct {
 		totalSizes []uint64
 		result     uint64
-	}{{[]uint64{24, 32, 16}, 8},
+	}{
+		{[]uint64{24, 32, 16}, 8},
 		{[]uint64{32, 8, 4}, 4},
 		{[]uint64{8, 8, 8}, 8},
 		{[]uint64{24}, 24},
@@ -143,7 +144,7 @@ func TestGetSetIndexes(t *testing.T) {
 	for _, testCase := range testCases {
 		testCase := testCase
 		t.Run("", func(t *testing.T) {
-			var argPatterns = make([]ellipses.ArgPattern, len(testCase.args))
+			argPatterns := make([]ellipses.ArgPattern, len(testCase.args))
 			for i, arg := range testCase.args {
 				patterns, err := ellipses.FindEllipsesPatterns(arg)
 				if err != nil {

pkg/utils/utils.go

@@ -30,10 +30,12 @@ func NewUUID() (string, error) {
 // Key used for Get/SetReqInfo
 type key string
 
-const ContextLogKey = key("console-log")
-const ContextRequestID = key("request-id")
-const ContextRequestUserID = key("request-user-id")
-const ContextRequestUserAgent = key("request-user-agent")
-const ContextRequestHost = key("request-host")
-const ContextRequestRemoteAddr = key("request-remote-addr")
-const ContextAuditKey = key("request-audit-entry")
+const (
+	ContextLogKey            = key("console-log")
+	ContextRequestID         = key("request-id")
+	ContextRequestUserID     = key("request-user-id")
+	ContextRequestUserAgent  = key("request-user-agent")
+	ContextRequestHost       = key("request-host")
+	ContextRequestRemoteAddr = key("request-remote-addr")
+	ContextAuditKey          = key("request-audit-entry")
+)

pkg/utils/version.go

@@ -25,9 +25,7 @@ import (
 	"github.com/minio/console/pkg/http"
 )
 
-var (
-	ErrCantDetermineMinIOImage = errors.New("can't determine MinIO Image")
-)
+var ErrCantDetermineMinIOImage = errors.New("can't determine MinIO Image")
 
 // getLatestMinIOImage returns the latest docker image for MinIO if found on the internet
 func GetLatestMinIOImage(client http.ClientI) (*string, error) {
@@ -41,7 +39,7 @@ func GetLatestMinIOImage(client http.ClientI) (*string, error) {
 	if err != nil {
 		return nil, err
 	}
-	var re = regexp.MustCompile(`minio\.(RELEASE.*?Z)"`)
+	re := regexp.MustCompile(`minio\.(RELEASE.*?Z)"`)
 	// look for a single match
 	matches := re.FindAllStringSubmatch(string(body), 1)
 	for i := range matches {