func SetPolicyOPAConfig(s config.Config, opaArgs Args) {
	if opaArgs.URL == nil || opaArgs.URL.String() == "" {
		// Do not enable if opaArgs was empty.
		return
	}
	s[config.PolicyOPASubSys][config.Default] = config.KVS{
		config.KV{
			Key:   URL,
			Value: opaArgs.URL.String(),
		},
		config.KV{
			Key:   AuthToken,

func SetStorageClass(s config.Config, cfg Config) {
	if len(cfg.Standard.String()) == 0 && len(cfg.RRS.String()) == 0 {
		// Do not enable storage-class if no settings found.
		return
	}
	s[config.StorageClassSubSys][config.Default] = config.KVS{
		config.KV{
			Key:   ClassStandard,
			Value: cfg.Standard.String(),
		},
		config.KV{

from the certificate files using `kubectl`: ``` kubectl -n minio create secret generic minio-trusted-certs --from-file=public.crt --from-file=keycloak.crt ``` If TLS is not enabled, you would need only the third party CA: ``` kubectl -n minio create secret generic minio-trusted-certs --from-file=keycloak.crt ``` The name of the generated secret can then be passed to Helm using a values file or the `--set` parameter: ``` trustedCertsSecret: "minio-trusted-certs" or --set trustedCertsSecret=minio-trusted-certs...

     */
    void setFullUNCPath(String domain, String server, String fullPath);

    /**
     * Sets whether to resolve this request path in DFS.
     *
     * @param resolve true to enable DFS resolution
     */
    void setResolveInDfs(boolean resolve);

    /**
     * Checks if this request should be resolved in DFS.
     *
     * @return whether to resolve the request path in DFS
     */

/*
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements.  See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership.  The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License.  You may obtain a copy of the License at
 *

    httpClient.close()
  }

  @Test fun get() {
    val request = HttpGet("https://google.com/robots.txt")

    httpClient.execute(request).use { response ->
      assertEquals(200, response.code)
      // TODO enable ALPN later
      assertEquals(HttpVersion.HTTP_1_1, response.version)
    }
  }

export MINIO_ROOT_PASSWORD=minio123
minio server /mnt/export
```

Here are all the available options to configure OpenID connect

```
mc admin config set myminio/ identity_openid

KEY:
identity_openid  enable OpenID SSO support

ARGS:
config_url*   (url)       openid discovery document e.g. "https://accounts.google.com/.well-known/openid-configuration"

func EncryptSinglePart(r io.Reader, key ObjectKey) io.Reader {
	r, err := sio.EncryptReader(r, sio.Config{MinVersion: sio.Version20, Key: key[:]})
	if err != nil {
		logger.CriticalIf(context.Background(), errors.New("Unable to encrypt io.Reader using object key"))
	}
	return r
}

// EncryptMultiPart encrypts an io.Reader which must be the body of
// multi-part PUT request. It derives an unique encryption key from

  }

  @Test
  public void incidentEdgeOrder_stable() {
    graph = ValueGraphBuilder.directed().incidentEdgeOrder(ElementOrder.stable()).build();
    assertThat(graph.incidentEdgeOrder()).isEqualTo(ElementOrder.stable());
  }

  @Test
  public void hasEdgeConnecting_directed_correct() {
    graph = ValueGraphBuilder.directed().build();
    graph.putEdgeValue(1, 2, "A");

 * that will not accept the [TLS_FALLBACK_SCSV] cipher, thus bypassing server-side fallback
 * checks on platforms that support it. Unfortunately this wrapping will disable any
 * reflection-based calls to SSLSocket from Platform.
 */
class FallbackTestClientSocketFactory(
  delegate: SSLSocketFactory,
) : DelegatingSSLSocketFactory(delegate) {