"istio.io/istio/istioctl/pkg/util"
)

// Values should try to use sendmail-style values as in <sysexits.h>
// See e.g. https://man.openbsd.org/sysexits.3
// or `less /usr/includes/sysexits.h` if you're on Linux
//
// Picking the right range is tricky--there are a lot of reserved ones (see
// https://www.tldp.org/LDP/abs/html/exitcodes.html#EXITCODESREF) and then some
// used by convention (see sysexits).
//

	// is not optimal. See: https://github.com/minio/minio/pull/6121
	InsecureSealAlgorithm = "DARE-SHA256"
)

// Type represents an AWS SSE type:
//   - SSE-C
//   - SSE-S3
//   - SSE-KMS
type Type interface {
	fmt.Stringer

	IsRequested(http.Header) bool
	IsEncrypted(map[string]string) bool
}

// IsRequested returns true and the SSE Type if the HTTP headers

)

func buildS3Client(endpoint, accessKey, secretKey string, insecure bool) (*minio.Client, error) {
	u, err := url.Parse(endpoint)
	if err != nil {
		return nil, err
	}

	secure := strings.EqualFold(u.Scheme, "https")
	transport, err := minio.DefaultTransport(secure)
	if err != nil {
		return nil, err
	}
	if insecure {
		// skip TLS verification
		transport.TLSClientConfig.InsecureSkipVerify = true
	}

func writeSuccessNoContent(w http.ResponseWriter) {
	writeResponse(w, http.StatusNoContent, nil, mimeNone)
}

// writeRedirectSeeOther writes Location header with http status 303
func writeRedirectSeeOther(w http.ResponseWriter, location string) {
	w.Header().Set(xhttp.Location, location)
	writeResponse(w, http.StatusSeeOther, nil, mimeNone)
}

func writeSuccessResponseHeadersOnly(w http.ResponseWriter) {

import (
	"context"

	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
	"k8s.io/apimachinery/pkg/types"
	"k8s.io/client-go/kubernetes"
)

// Use UUID of kube-system Namespace as unique identifier for cluster.
// (see https://docs.google.com/document/d/1F__vEKeI41P7PPUCMM9PVPYY34pyrvQI5rbTJVnS5c4)
func clusterUID(client kubernetes.Interface) (types.UID, error) {

// along with this program.  If not, see <http://www.gnu.org/licenses/>.

package init

import (
	"os"

	"github.com/klauspost/cpuid/v2"
)

func init() {
	// All MinIO operations must be under UTC.
	os.Setenv("TZ", "UTC")

	// Temporary workaround for
	// https://github.com/golang/go/issues/49233
	// Keep until upstream has been fixed.

// along with this program.  If not, see <http://www.gnu.org/licenses/>.

//go:build fips
// +build fips

package sha256

import (
	fipssha256 "crypto/sha256"
	"hash"
)

// New returns a new hash.Hash computing the SHA256 checksum.
// The SHA256 implementation is FIPS 140-2 compliant when the
// boringcrypto branch of Go is used.
// Ref: https://github.com/golang/go/tree/dev.boringcrypto

// along with this program.  If not, see <http://www.gnu.org/licenses/>.

package lock

import (
	"fmt"
	"os"
	"path/filepath"
	"syscall"
	"unsafe"

	"golang.org/x/sys/windows"
)

var (
	modkernel32    = windows.NewLazySystemDLL("kernel32.dll")
	procLockFileEx = modkernel32.NewProc("LockFileEx")
)

const (

			Optional:    true,
			Type:        "string",
		},
		config.HelpKV{
			Key:         ConfigURL,
			Description: `openid discovery document e.g. "https://accounts.google.com/.well-known/openid-configuration"` + defaultHelpPostfix(ConfigURL),
			Type:        "url",
		},
		config.HelpKV{
			Key:         ClientID,

		// Recognize "fixed", "removable", "remote" and "ramdisk" drives as proper drives
		// which can be treated as an actual mount-point, rest can be ignored.
		// https://docs.microsoft.com/en-us/windows/desktop/api/fileapi/nf-fileapi-getdrivetypew
		mountPointCache.Store(path, true)
		return true
	}
	mountPointCache.Store(path, false)
	return false