ref: main

      - name: Sync upstream changes
        id: sync
        uses: aormsby/Fork-Sync-With-Upstream-action@v3.0
        with:
          target_sync_branch: main
          target_repo_token: ${{ secrets.GITHUB_TOKEN }}
          upstream_sync_branch: master

  {{- end }}
spec:
  endpoints:
    {{- if .Values.tls.enabled }}
    - port: https
      scheme: https
      tlsConfig:
        ca:
          secret:
            name: {{ .Values.tls.certSecret }}
            key: {{ .Values.tls.publicCrt }}
        serverName: {{ template "minio.fullname" . }}
    {{- else }}
    - port: http
      scheme: http
    {{- end }}

import logging
import secrets
import subprocess
from collections import defaultdict
from pathlib import Path
from typing import Any

import httpx
import yaml
from github import Github
from pydantic import BaseModel, SecretStr
from pydantic_settings import BaseSettings

github_graphql_url = "https://api.github.com/graphql"


sponsors_query = """
query Q($after: String) {
  user(login: "tiangolo") {

	"github.com/minio/minio-go/v7"
	"github.com/minio/minio-go/v7/pkg/credentials"
)

func main() {
	s3Client, err := minio.New("minio-server-address:9000", &minio.Options{
		Creds: credentials.NewStaticV4("access-key", "secret-key", ""),
	})
	if err != nil {
		log.Fatalln(err)
	}

	var opts minio.GetObjectOptions

	// Add extract header to request:
	opts.Set("x-minio-extract", "true")

	// Download API.md from the archive

  uid: {{ .Values.securityContext.runAsUser }}
seLinuxContext:
  type: MustRunAs
supplementalGroups:
  type: RunAsAny
volumes:
- configMap
- downwardAPI
- emptyDir
- persistentVolumeClaim
- projected
- secret

    return current_user


def test_security_api_key():
    client = TestClient(app, cookies={"key": "secret"})
    response = client.get("/users/me")
    assert response.status_code == 200, response.text
    assert response.json() == {"username": "secret"}


def test_security_api_key_no_key():
    client = TestClient(app)
    response = client.get("/users/me")

    return current_user


def test_security_api_key():
    client = TestClient(app, cookies={"key": "secret"})
    response = client.get("/users/me")
    assert response.status_code == 200, response.text
    assert response.json() == {"username": "secret"}


def test_security_api_key_no_key():
    client = TestClient(app)
    response = client.get("/users/me")

  set -e ; # fail if we can't read the keys.
  ACCESS=$(cat /config/rootUser) ; SECRET=$(cat /config/rootPassword) ;
  set +e ; # The connections to minio are allowed to fail.
  echo "Connecting to MinIO server: $SCHEME://$MINIO_ENDPOINT:$MINIO_PORT" ;
  MC_COMMAND="${MC} alias set myminio $SCHEME://$MINIO_ENDPOINT:$MINIO_PORT $ACCESS $SECRET" ;
  $MC_COMMAND ;
  STATUS=$? ;
  until [ $STATUS = 0 ]
  do

			Type:        "string",
		},
		config.HelpKV{
			Key:         ClientSecret,
			Description: `secret for the unique public identifier for apps` + defaultHelpPostfix(ClientSecret),
			Sensitive:   true,
			Type:        "string",
			Secret:      true,
		},
		config.HelpKV{
			Key:         RolePolicy,

    runs-on: ubuntu-latest
    steps:
      - name: Send Slack notification about new RCs for manual testing
        id: slack
        uses: slackapi/slack-github-action@v3.0.1
        with:
          webhook: ${{ secrets.IDE_EXPERIENCE_TEAM_SLACK_WEBHOOK_URL }}
          webhook-type: incoming-webhook
          payload: |