fi

pkill minio
pkill kes
rm -rf /tmp/xl

go install -v github.com/minio/mc@master
cp -a $(go env GOPATH)/bin/mc ./mc

if [ ! -f ./kes ]; then
	wget --quiet -O kes https://github.com/minio/kes/releases/latest/download/kes-linux-amd64 &&
		chmod +x kes
fi

if ! openssl version &>/dev/null; then
	apt install openssl || sudo apt install opensssl
fi

# Start KES Server
(./kes server --dev 2>&1 >kes-server.log) &

    chmod +x /go/bin/mc

RUN if [ "$TARGETARCH" = "amd64" ]; then \
       curl -L -s -q https://github.com/moparisthebest/static-curl/releases/latest/download/curl-${TARGETARCH} -o /go/bin/curl; \
       chmod +x /go/bin/curl; \
    fi

# Verify binary signature using public key "RWTx5Zr1tiHQLwG9keckT0c45M3AGeHD6IvimQHpyRywVWGbP1aVSGavRUN"

  --initial-cluster s1=http://0.0.0.0:2380 \
  --initial-cluster-token tkn \
  --initial-cluster-state new
```

You may also setup etcd with TLS following this documentation [here](https://coreos.com/etcd/docs/latest/op-guide/security.html)

### 3. Setup MinIO with etcd

MinIO server expects environment variable for etcd as `MINIO_ETCD_ENDPOINTS`, this environment variable takes many comma separated entries.

```

## Pydantic `Settings`

Por sorte, o Pydantic possui uma funcionalidade para lidar com essas configurações vindas de variáveis de ambiente utilizando <a href="https://docs.pydantic.dev/latest/usage/pydantic_settings/" class="external-link" target="_blank">Pydantic: Settings management</a>.

### Instalando `pydantic-settings`

Primeiro, instale o pacote `pydantic-settings`:

<div class="termy">

    types:
      - completed

permissions:
  deployments: write
  issues: write
  pull-requests: write
  statuses: write

env:
  UV_SYSTEM_PYTHON: 1

jobs:
  deploy-docs:
    runs-on: ubuntu-latest
    steps:
      - name: Dump GitHub context
        env:
          GITHUB_CONTEXT: ${{ toJson(github) }}
        run: echo "$GITHUB_CONTEXT"
      - uses: actions/checkout@v5
      - name: Set up Python

        type: string
        required: false
        default: ""

env:
  UV_SYSTEM_PYTHON: 1

jobs:
  job:
    if: github.repository_owner == 'fastapi'
    runs-on: ubuntu-latest
    permissions:
      contents: write
    steps:
      - name: Dump GitHub context
        env:
          GITHUB_CONTEXT: ${{ toJson(github) }}
        run: echo "$GITHUB_CONTEXT"

}

// STSErrorCode type of error status.
type STSErrorCode int

//go:generate stringer -type=STSErrorCode -trimprefix=Err $GOFILE

// Error codes, non exhaustive list - http://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoleWithSAML.html
const (
	ErrSTSNone STSErrorCode = iota
	ErrSTSAccessDenied
	ErrSTSMissingParameter
	ErrSTSInvalidParameterValue
	ErrSTSWebIdentityExpiredToken
	ErrSTSClientGrantsExpiredToken

    chmod +x /go/bin/mc

RUN if [ "$TARGETARCH" = "amd64" ]; then \
       curl -L -s -q https://github.com/moparisthebest/static-curl/releases/latest/download/curl-${TARGETARCH} -o /go/bin/curl; \
       chmod +x /go/bin/curl; \
    fi

# Verify binary signature using public key "RWTx5Zr1tiHQLwG9keckT0c45M3AGeHD6IvimQHpyRywVWGbP1aVSGavRUN"

      StrictMode.noteSlowCall("buildTrustRootIndex")

      // From org.conscrypt.TrustManagerImpl, we want the method with this signature:
      // private TrustAnchor findTrustAnchorByIssuerAndSignature(X509Certificate lastCert);
      val method =
        trustManager.javaClass.getDeclaredMethod(
          "findTrustAnchorByIssuerAndSignature",
          X509Certificate::class.java,
        )
      method.isAccessible = true

You can achieve that using <a href="https://docs.pydantic.dev/latest/concepts/validators/#field-after-validator" class="external-link" target="_blank">Pydantic's `AfterValidator`</a> inside of `Annotated`.

/// tip

Pydantic also has <a href="https://docs.pydantic.dev/latest/concepts/validators/#field-before-validator" class="external-link" target="_blank">`BeforeValidator`</a> and others. 🤓