return
		}

		_, sourceReplReq := r.Header[xhttp.MinIOSourceReplicationRequest]
		ssecRepHeaders := []string{
			"X-Minio-Replication-Server-Side-Encryption-Seal-Algorithm",
			"X-Minio-Replication-Server-Side-Encryption-Sealed-Key",
			"X-Minio-Replication-Server-Side-Encryption-Iv",
		}
		ssecRep := false
		for _, header := range ssecRepHeaders {
			if val := r.Header.Get(header); val != "" {
				ssecRep = true

	{Encrypted: false, Metadata: map[string]string{"": ""}},                                        // 7
	{Encrypted: false, Metadata: map[string]string{"X-Minio-Internal-Server-Side-Encryption": ""}}, // 8
}

func TestIsEncrypted(t *testing.T) {
	for i, test := range isEncryptedTests {
		if _, isEncrypted := IsEncrypted(test.Metadata); isEncrypted != test.Encrypted {

          imagePullPolicy: {{ .Values.image.pullPolicy }}
          command: [
            "/bin/sh",
            "-ce",

		}
		return eErr
	}

	if err := target.send(eventData); err != nil {
		return err
	}

	return target.store.Del(key.Name)
}

// Close - closes underneath connections to NATS server.
func (target *NATSTarget) Close() (err error) {
	close(target.quitCh)
	if target.stanConn != nil {
		// closing the streaming connection does not close the provided NATS connection.

		}
		if !vcfg.Enabled() {
			return BucketRemoteTargetNotVersioned{Bucket: tgt.TargetBucket}
		}
	}

	// Check if target is a MinIO server and alive
	hcCtx, cancel := context.WithTimeout(ctx, 3*time.Second)
	scheme := "http"
	if tgt.Secure {
		scheme = "https"
	}
	result := <-sys.hcClient.Alive(hcCtx, madmin.AliveOpts{}, madmin.ServerProperties{

			s3Select.recordReader = json.NewReader(s3Select.progressReader, &s3Select.Input.JSONArgs)
		}

		return nil
	case parquetFormat:
		if !parquetSupport {
			return errors.New("parquet format parsing not enabled on server")
		}
		if offset != 0 || length != -1 {
			// Offsets do not make sense in parquet files.
			return errors.New("parquet format does not support offsets")
		}
		var err error

}

func getClaimsFromTokenWithSecret(token, secret string) (map[string]interface{}, error) {
	// JWT token for x-amz-security-token is signed with admin
	// secret key, temporary credentials become invalid if
	// server admin credentials change. This is done to ensure
	// that clients cannot decode the token using the temp
	// secret keys and generate an entirely new claim by essentially

func (p *xlStorageDiskIDCheck) SetDiskID(id string) {
	p.diskID.Store(&id)
}

func (p *xlStorageDiskIDCheck) checkDiskStale() error {
	if *p.diskID.Load() == emptyDiskID {
		// For empty disk-id we allow the call as the server might be
		// coming up and trying to read format.json or create format.json
		return nil
	}
	storedDiskID, err := p.storage.GetDiskID()
	if err != nil {
		// return any error generated while reading `format.json`

			subrouter.Methods(http.MethodPost).Path(storageRESTVersionPrefix + storageRESTMethodReadVersion).HandlerFunc(h(server.ReadVersionHandler))
			subrouter.Methods(http.MethodPost).Path(storageRESTVersionPrefix + storageRESTMethodReadXL).HandlerFunc(h(server.ReadXLHandler))
			subrouter.Methods(http.MethodPost).Path(storageRESTVersionPrefix + storageRESTMethodCreateFile).HandlerFunc(h(server.CreateFileHandler))

		},
	}

	sshConfig.AddHostKey(private)

	handleSFTPSession := func(channel ssh.Channel, sconn *ssh.ServerConn) {
		server := sftp.NewRequestServer(channel, NewSFTPDriver(sconn.Permissions), sftp.WithRSAllocator())
		defer server.Close()
		server.Serve()
	}

	sftpServer, err := xsftp.NewServer(&xsftp.Options{
		PublicIP: publicIP,
		Port:     port,