d.maxSleep = maxWait
	d.cycle = make(chan struct{})
	return nil
}

const (
	// ILMExpiry - audit trail for ILM expiry
	ILMExpiry = "ilm:expiry"
	// ILMFreeVersionDelete - audit trail for ILM free-version delete
	ILMFreeVersionDelete = "ilm:free-version-delete"
	// ILMTransition - audit trail for ILM transitioning.
	ILMTransition = " ilm:transition"
)

	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
	"k8s.io/apiserver/pkg/admission"
	webhooktesting "k8s.io/apiserver/pkg/admission/plugin/webhook/testing"
	auditinternal "k8s.io/apiserver/pkg/apis/audit"
)

// BenchmarkAdmit tests the performance cost of invoking a mutating webhook
func BenchmarkAdmit(b *testing.B) {
	testServerURL := os.Getenv("WEBHOOK_TEST_SERVER_URL")
	if len(testServerURL) == 0 {

		if _, err := xnet.ParseHost(b.String()); err != nil {
			return err
		}
	}
	return nil
}

// Name returns the name of the target
func (h *Target) Name() string {
	return "minio-kafka-audit"
}

// Endpoint - return kafka target
func (h *Target) Endpoint() string {
	return "kafka"
}

// String - kafka string
func (h *Target) String() string {
	return "kafka"
}

	clocktesting "k8s.io/utils/clock/testing"

	"k8s.io/apimachinery/pkg/api/errors"
	webhooktesting "k8s.io/apiserver/pkg/admission/plugin/webhook/testing"
	auditinternal "k8s.io/apiserver/pkg/apis/audit"
)

// BenchmarkValidate tests that ValidatingWebhook#Validate works as expected
func BenchmarkValidate(b *testing.B) {
	testServerURL := os.Getenv("WEBHOOK_TEST_SERVER_URL")
	if len(testServerURL) == 0 {

		lastErr = fmt.Errorf("invalid authorization config: %w", err)
		return
	}
	if s.Authorization != nil && !enablesRBAC {
		genericConfig.DisabledPostStartHooks.Insert(rbacrest.PostStartHookName)
	}

	lastErr = s.Audit.ApplyTo(genericConfig)
	if lastErr != nil {
		return
	}

	if utilfeature.DefaultFeatureGate.Enabled(genericfeatures.AggregatedDiscoveryEndpoint) {

	FastGetObjInfo bool // Only for S3 Head/Get Object calls for now
	NoAuditLog     bool // Only set for decom, rebalance, to avoid double audits.
}

// WalkOptions provides filtering, marker and other Walk() specific options.
type WalkOptions struct {
	Filter       func(info FileInfo) bool // return WalkFilter returns 'true/false'

	// redeclarations at that time).
	//
	// TODO(adonovan): now that each declaration has the correct
	// scopePos, there should be no need for scope squashing.
	// Audit to ensure all lookups honor scopePos and simplify.
	scope := NewScope(check.scope, nopos, nopos, "function body (temp. scope)")
	scopePos := ftyp.End() // all parameters' scopes start after the signature

			}
			traceFn := globalLifecycleSys.trace(oi)
			// Note: NewerNoncurrentVersions action is performed only scanner today
			tags := newLifecycleAuditEvent(lcEventSrc_Scanner, lcEvent).Tags()

			// Send audit for the lifecycle delete operation
			auditLogLifecycle(
				ctx,
				oi,
				ILMExpiry, tags, traceFn)

			evArgs := eventArgs{
				EventName:  event.ObjectRemovedDelete,
				BucketName: bucket,

	// the call to `parseForm` below), but return failure only after we are
	// able to validate that it is a valid STS request, so that we are able
	// to send an appropriate audit log.
	user, apiErrCode := checkAssumeRoleAuth(ctx, r)

	if err := parseForm(r); err != nil {
		writeSTSErrorResponse(ctx, w, ErrSTSInvalidParameterValue, err)
		return
	}

	// redeclarations at that time).
	//
	// TODO(adonovan): now that each declaration has the correct
	// scopePos, there should be no need for scope squashing.
	// Audit to ensure all lookups honor scopePos and simplify.
	scope := NewScope(check.scope, nopos, nopos, "function body (temp. scope)")
	scopePos := syntax.EndPos(ftyp) // all parameters' scopes start after the signature