mirror of
https://github.com/OpenMaxIO/openmaxio-object-browser
synced 2026-07-01 07:41:18 -07:00
Update encryption configuration screen for tenant (#1611)
This commit is contained in:
@@ -57,6 +57,9 @@ type EncryptionConfiguration struct {
|
|||||||
// replicas
|
// replicas
|
||||||
Replicas string `json:"replicas,omitempty"`
|
Replicas string `json:"replicas,omitempty"`
|
||||||
|
|
||||||
|
// secrets to be deleted
|
||||||
|
SecretsToBeDeleted []string `json:"secretsToBeDeleted"`
|
||||||
|
|
||||||
// security context
|
// security context
|
||||||
SecurityContext *SecurityContext `json:"securityContext,omitempty"`
|
SecurityContext *SecurityContext `json:"securityContext,omitempty"`
|
||||||
|
|
||||||
@@ -92,6 +95,8 @@ func (m *EncryptionConfiguration) UnmarshalJSON(raw []byte) error {
|
|||||||
|
|
||||||
Replicas string `json:"replicas,omitempty"`
|
Replicas string `json:"replicas,omitempty"`
|
||||||
|
|
||||||
|
SecretsToBeDeleted []string `json:"secretsToBeDeleted"`
|
||||||
|
|
||||||
SecurityContext *SecurityContext `json:"securityContext,omitempty"`
|
SecurityContext *SecurityContext `json:"securityContext,omitempty"`
|
||||||
|
|
||||||
Server *KeyPairConfiguration `json:"server,omitempty"`
|
Server *KeyPairConfiguration `json:"server,omitempty"`
|
||||||
@@ -116,6 +121,8 @@ func (m *EncryptionConfiguration) UnmarshalJSON(raw []byte) error {
|
|||||||
|
|
||||||
m.Replicas = dataAO1.Replicas
|
m.Replicas = dataAO1.Replicas
|
||||||
|
|
||||||
|
m.SecretsToBeDeleted = dataAO1.SecretsToBeDeleted
|
||||||
|
|
||||||
m.SecurityContext = dataAO1.SecurityContext
|
m.SecurityContext = dataAO1.SecurityContext
|
||||||
|
|
||||||
m.Server = dataAO1.Server
|
m.Server = dataAO1.Server
|
||||||
@@ -149,6 +156,8 @@ func (m EncryptionConfiguration) MarshalJSON() ([]byte, error) {
|
|||||||
|
|
||||||
Replicas string `json:"replicas,omitempty"`
|
Replicas string `json:"replicas,omitempty"`
|
||||||
|
|
||||||
|
SecretsToBeDeleted []string `json:"secretsToBeDeleted"`
|
||||||
|
|
||||||
SecurityContext *SecurityContext `json:"securityContext,omitempty"`
|
SecurityContext *SecurityContext `json:"securityContext,omitempty"`
|
||||||
|
|
||||||
Server *KeyPairConfiguration `json:"server,omitempty"`
|
Server *KeyPairConfiguration `json:"server,omitempty"`
|
||||||
@@ -170,6 +179,8 @@ func (m EncryptionConfiguration) MarshalJSON() ([]byte, error) {
|
|||||||
|
|
||||||
dataAO1.Replicas = m.Replicas
|
dataAO1.Replicas = m.Replicas
|
||||||
|
|
||||||
|
dataAO1.SecretsToBeDeleted = m.SecretsToBeDeleted
|
||||||
|
|
||||||
dataAO1.SecurityContext = m.SecurityContext
|
dataAO1.SecurityContext = m.SecurityContext
|
||||||
|
|
||||||
dataAO1.Server = m.Server
|
dataAO1.Server = m.Server
|
||||||
|
|||||||
585
models/encryption_configuration_response.go
Normal file
585
models/encryption_configuration_response.go
Normal file
@@ -0,0 +1,585 @@
|
|||||||
|
// Code generated by go-swagger; DO NOT EDIT.
|
||||||
|
|
||||||
|
// This file is part of MinIO Console Server
|
||||||
|
// Copyright (c) 2021 MinIO, Inc.
|
||||||
|
//
|
||||||
|
// This program is free software: you can redistribute it and/or modify
|
||||||
|
// it under the terms of the GNU Affero General Public License as published by
|
||||||
|
// the Free Software Foundation, either version 3 of the License, or
|
||||||
|
// (at your option) any later version.
|
||||||
|
//
|
||||||
|
// This program is distributed in the hope that it will be useful,
|
||||||
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
// GNU Affero General Public License for more details.
|
||||||
|
//
|
||||||
|
// You should have received a copy of the GNU Affero General Public License
|
||||||
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
//
|
||||||
|
|
||||||
|
package models
|
||||||
|
|
||||||
|
// This file was generated by the swagger tool.
|
||||||
|
// Editing this file might prove futile when you re-run the swagger generate command
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
|
||||||
|
"github.com/go-openapi/errors"
|
||||||
|
"github.com/go-openapi/strfmt"
|
||||||
|
"github.com/go-openapi/swag"
|
||||||
|
)
|
||||||
|
|
||||||
|
// EncryptionConfigurationResponse encryption configuration response
|
||||||
|
//
|
||||||
|
// swagger:model encryptionConfigurationResponse
|
||||||
|
type EncryptionConfigurationResponse struct {
|
||||||
|
MetadataFields
|
||||||
|
|
||||||
|
// aws
|
||||||
|
Aws *AwsConfiguration `json:"aws,omitempty"`
|
||||||
|
|
||||||
|
// azure
|
||||||
|
Azure *AzureConfiguration `json:"azure,omitempty"`
|
||||||
|
|
||||||
|
// gcp
|
||||||
|
Gcp *GcpConfiguration `json:"gcp,omitempty"`
|
||||||
|
|
||||||
|
// gemalto
|
||||||
|
Gemalto *GemaltoConfigurationResponse `json:"gemalto,omitempty"`
|
||||||
|
|
||||||
|
// image
|
||||||
|
Image string `json:"image,omitempty"`
|
||||||
|
|
||||||
|
// mtls client
|
||||||
|
MtlsClient *CertificateInfo `json:"mtls_client,omitempty"`
|
||||||
|
|
||||||
|
// replicas
|
||||||
|
Replicas string `json:"replicas,omitempty"`
|
||||||
|
|
||||||
|
// security context
|
||||||
|
SecurityContext *SecurityContext `json:"securityContext,omitempty"`
|
||||||
|
|
||||||
|
// server
|
||||||
|
Server *CertificateInfo `json:"server,omitempty"`
|
||||||
|
|
||||||
|
// vault
|
||||||
|
Vault *VaultConfigurationResponse `json:"vault,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// UnmarshalJSON unmarshals this object from a JSON structure
|
||||||
|
func (m *EncryptionConfigurationResponse) UnmarshalJSON(raw []byte) error {
|
||||||
|
// AO0
|
||||||
|
var aO0 MetadataFields
|
||||||
|
if err := swag.ReadJSON(raw, &aO0); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
m.MetadataFields = aO0
|
||||||
|
|
||||||
|
// AO1
|
||||||
|
var dataAO1 struct {
|
||||||
|
Aws *AwsConfiguration `json:"aws,omitempty"`
|
||||||
|
|
||||||
|
Azure *AzureConfiguration `json:"azure,omitempty"`
|
||||||
|
|
||||||
|
Gcp *GcpConfiguration `json:"gcp,omitempty"`
|
||||||
|
|
||||||
|
Gemalto *GemaltoConfigurationResponse `json:"gemalto,omitempty"`
|
||||||
|
|
||||||
|
Image string `json:"image,omitempty"`
|
||||||
|
|
||||||
|
MtlsClient *CertificateInfo `json:"mtls_client,omitempty"`
|
||||||
|
|
||||||
|
Replicas string `json:"replicas,omitempty"`
|
||||||
|
|
||||||
|
SecurityContext *SecurityContext `json:"securityContext,omitempty"`
|
||||||
|
|
||||||
|
Server *CertificateInfo `json:"server,omitempty"`
|
||||||
|
|
||||||
|
Vault *VaultConfigurationResponse `json:"vault,omitempty"`
|
||||||
|
}
|
||||||
|
if err := swag.ReadJSON(raw, &dataAO1); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
m.Aws = dataAO1.Aws
|
||||||
|
|
||||||
|
m.Azure = dataAO1.Azure
|
||||||
|
|
||||||
|
m.Gcp = dataAO1.Gcp
|
||||||
|
|
||||||
|
m.Gemalto = dataAO1.Gemalto
|
||||||
|
|
||||||
|
m.Image = dataAO1.Image
|
||||||
|
|
||||||
|
m.MtlsClient = dataAO1.MtlsClient
|
||||||
|
|
||||||
|
m.Replicas = dataAO1.Replicas
|
||||||
|
|
||||||
|
m.SecurityContext = dataAO1.SecurityContext
|
||||||
|
|
||||||
|
m.Server = dataAO1.Server
|
||||||
|
|
||||||
|
m.Vault = dataAO1.Vault
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// MarshalJSON marshals this object to a JSON structure
|
||||||
|
func (m EncryptionConfigurationResponse) MarshalJSON() ([]byte, error) {
|
||||||
|
_parts := make([][]byte, 0, 2)
|
||||||
|
|
||||||
|
aO0, err := swag.WriteJSON(m.MetadataFields)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
_parts = append(_parts, aO0)
|
||||||
|
var dataAO1 struct {
|
||||||
|
Aws *AwsConfiguration `json:"aws,omitempty"`
|
||||||
|
|
||||||
|
Azure *AzureConfiguration `json:"azure,omitempty"`
|
||||||
|
|
||||||
|
Gcp *GcpConfiguration `json:"gcp,omitempty"`
|
||||||
|
|
||||||
|
Gemalto *GemaltoConfigurationResponse `json:"gemalto,omitempty"`
|
||||||
|
|
||||||
|
Image string `json:"image,omitempty"`
|
||||||
|
|
||||||
|
MtlsClient *CertificateInfo `json:"mtls_client,omitempty"`
|
||||||
|
|
||||||
|
Replicas string `json:"replicas,omitempty"`
|
||||||
|
|
||||||
|
SecurityContext *SecurityContext `json:"securityContext,omitempty"`
|
||||||
|
|
||||||
|
Server *CertificateInfo `json:"server,omitempty"`
|
||||||
|
|
||||||
|
Vault *VaultConfigurationResponse `json:"vault,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
dataAO1.Aws = m.Aws
|
||||||
|
|
||||||
|
dataAO1.Azure = m.Azure
|
||||||
|
|
||||||
|
dataAO1.Gcp = m.Gcp
|
||||||
|
|
||||||
|
dataAO1.Gemalto = m.Gemalto
|
||||||
|
|
||||||
|
dataAO1.Image = m.Image
|
||||||
|
|
||||||
|
dataAO1.MtlsClient = m.MtlsClient
|
||||||
|
|
||||||
|
dataAO1.Replicas = m.Replicas
|
||||||
|
|
||||||
|
dataAO1.SecurityContext = m.SecurityContext
|
||||||
|
|
||||||
|
dataAO1.Server = m.Server
|
||||||
|
|
||||||
|
dataAO1.Vault = m.Vault
|
||||||
|
|
||||||
|
jsonDataAO1, errAO1 := swag.WriteJSON(dataAO1)
|
||||||
|
if errAO1 != nil {
|
||||||
|
return nil, errAO1
|
||||||
|
}
|
||||||
|
_parts = append(_parts, jsonDataAO1)
|
||||||
|
return swag.ConcatJSON(_parts...), nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validate validates this encryption configuration response
|
||||||
|
func (m *EncryptionConfigurationResponse) Validate(formats strfmt.Registry) error {
|
||||||
|
var res []error
|
||||||
|
|
||||||
|
// validation for a type composition with MetadataFields
|
||||||
|
if err := m.MetadataFields.Validate(formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.validateAws(formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.validateAzure(formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.validateGcp(formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.validateGemalto(formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.validateMtlsClient(formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.validateSecurityContext(formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.validateServer(formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.validateVault(formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(res) > 0 {
|
||||||
|
return errors.CompositeValidationError(res...)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *EncryptionConfigurationResponse) validateAws(formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if swag.IsZero(m.Aws) { // not required
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
if m.Aws != nil {
|
||||||
|
if err := m.Aws.Validate(formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("aws")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("aws")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *EncryptionConfigurationResponse) validateAzure(formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if swag.IsZero(m.Azure) { // not required
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
if m.Azure != nil {
|
||||||
|
if err := m.Azure.Validate(formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("azure")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("azure")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *EncryptionConfigurationResponse) validateGcp(formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if swag.IsZero(m.Gcp) { // not required
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
if m.Gcp != nil {
|
||||||
|
if err := m.Gcp.Validate(formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("gcp")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("gcp")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *EncryptionConfigurationResponse) validateGemalto(formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if swag.IsZero(m.Gemalto) { // not required
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
if m.Gemalto != nil {
|
||||||
|
if err := m.Gemalto.Validate(formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("gemalto")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("gemalto")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *EncryptionConfigurationResponse) validateMtlsClient(formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if swag.IsZero(m.MtlsClient) { // not required
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
if m.MtlsClient != nil {
|
||||||
|
if err := m.MtlsClient.Validate(formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("mtls_client")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("mtls_client")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *EncryptionConfigurationResponse) validateSecurityContext(formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if swag.IsZero(m.SecurityContext) { // not required
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
if m.SecurityContext != nil {
|
||||||
|
if err := m.SecurityContext.Validate(formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("securityContext")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("securityContext")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *EncryptionConfigurationResponse) validateServer(formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if swag.IsZero(m.Server) { // not required
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
if m.Server != nil {
|
||||||
|
if err := m.Server.Validate(formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("server")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("server")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *EncryptionConfigurationResponse) validateVault(formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if swag.IsZero(m.Vault) { // not required
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
if m.Vault != nil {
|
||||||
|
if err := m.Vault.Validate(formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("vault")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("vault")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// ContextValidate validate this encryption configuration response based on the context it is used
|
||||||
|
func (m *EncryptionConfigurationResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
var res []error
|
||||||
|
|
||||||
|
// validation for a type composition with MetadataFields
|
||||||
|
if err := m.MetadataFields.ContextValidate(ctx, formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.contextValidateAws(ctx, formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.contextValidateAzure(ctx, formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.contextValidateGcp(ctx, formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.contextValidateGemalto(ctx, formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.contextValidateMtlsClient(ctx, formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.contextValidateSecurityContext(ctx, formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.contextValidateServer(ctx, formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.contextValidateVault(ctx, formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(res) > 0 {
|
||||||
|
return errors.CompositeValidationError(res...)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *EncryptionConfigurationResponse) contextValidateAws(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if m.Aws != nil {
|
||||||
|
if err := m.Aws.ContextValidate(ctx, formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("aws")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("aws")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *EncryptionConfigurationResponse) contextValidateAzure(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if m.Azure != nil {
|
||||||
|
if err := m.Azure.ContextValidate(ctx, formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("azure")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("azure")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *EncryptionConfigurationResponse) contextValidateGcp(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if m.Gcp != nil {
|
||||||
|
if err := m.Gcp.ContextValidate(ctx, formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("gcp")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("gcp")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *EncryptionConfigurationResponse) contextValidateGemalto(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if m.Gemalto != nil {
|
||||||
|
if err := m.Gemalto.ContextValidate(ctx, formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("gemalto")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("gemalto")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *EncryptionConfigurationResponse) contextValidateMtlsClient(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if m.MtlsClient != nil {
|
||||||
|
if err := m.MtlsClient.ContextValidate(ctx, formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("mtls_client")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("mtls_client")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *EncryptionConfigurationResponse) contextValidateSecurityContext(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if m.SecurityContext != nil {
|
||||||
|
if err := m.SecurityContext.ContextValidate(ctx, formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("securityContext")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("securityContext")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *EncryptionConfigurationResponse) contextValidateServer(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if m.Server != nil {
|
||||||
|
if err := m.Server.ContextValidate(ctx, formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("server")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("server")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *EncryptionConfigurationResponse) contextValidateVault(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if m.Vault != nil {
|
||||||
|
if err := m.Vault.ContextValidate(ctx, formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("vault")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("vault")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// MarshalBinary interface implementation
|
||||||
|
func (m *EncryptionConfigurationResponse) MarshalBinary() ([]byte, error) {
|
||||||
|
if m == nil {
|
||||||
|
return nil, nil
|
||||||
|
}
|
||||||
|
return swag.WriteJSON(m)
|
||||||
|
}
|
||||||
|
|
||||||
|
// UnmarshalBinary interface implementation
|
||||||
|
func (m *EncryptionConfigurationResponse) UnmarshalBinary(b []byte) error {
|
||||||
|
var res EncryptionConfigurationResponse
|
||||||
|
if err := swag.ReadJSON(b, &res); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
*m = res
|
||||||
|
return nil
|
||||||
|
}
|
||||||
447
models/gemalto_configuration_response.go
Normal file
447
models/gemalto_configuration_response.go
Normal file
@@ -0,0 +1,447 @@
|
|||||||
|
// Code generated by go-swagger; DO NOT EDIT.
|
||||||
|
|
||||||
|
// This file is part of MinIO Console Server
|
||||||
|
// Copyright (c) 2021 MinIO, Inc.
|
||||||
|
//
|
||||||
|
// This program is free software: you can redistribute it and/or modify
|
||||||
|
// it under the terms of the GNU Affero General Public License as published by
|
||||||
|
// the Free Software Foundation, either version 3 of the License, or
|
||||||
|
// (at your option) any later version.
|
||||||
|
//
|
||||||
|
// This program is distributed in the hope that it will be useful,
|
||||||
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
// GNU Affero General Public License for more details.
|
||||||
|
//
|
||||||
|
// You should have received a copy of the GNU Affero General Public License
|
||||||
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
//
|
||||||
|
|
||||||
|
package models
|
||||||
|
|
||||||
|
// This file was generated by the swagger tool.
|
||||||
|
// Editing this file might prove futile when you re-run the swagger generate command
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
|
||||||
|
"github.com/go-openapi/errors"
|
||||||
|
"github.com/go-openapi/strfmt"
|
||||||
|
"github.com/go-openapi/swag"
|
||||||
|
"github.com/go-openapi/validate"
|
||||||
|
)
|
||||||
|
|
||||||
|
// GemaltoConfigurationResponse gemalto configuration response
|
||||||
|
//
|
||||||
|
// swagger:model gemaltoConfigurationResponse
|
||||||
|
type GemaltoConfigurationResponse struct {
|
||||||
|
|
||||||
|
// keysecure
|
||||||
|
// Required: true
|
||||||
|
Keysecure *GemaltoConfigurationResponseKeysecure `json:"keysecure"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validate validates this gemalto configuration response
|
||||||
|
func (m *GemaltoConfigurationResponse) Validate(formats strfmt.Registry) error {
|
||||||
|
var res []error
|
||||||
|
|
||||||
|
if err := m.validateKeysecure(formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(res) > 0 {
|
||||||
|
return errors.CompositeValidationError(res...)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *GemaltoConfigurationResponse) validateKeysecure(formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if err := validate.Required("keysecure", "body", m.Keysecure); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
if m.Keysecure != nil {
|
||||||
|
if err := m.Keysecure.Validate(formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("keysecure")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("keysecure")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// ContextValidate validate this gemalto configuration response based on the context it is used
|
||||||
|
func (m *GemaltoConfigurationResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
var res []error
|
||||||
|
|
||||||
|
if err := m.contextValidateKeysecure(ctx, formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(res) > 0 {
|
||||||
|
return errors.CompositeValidationError(res...)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *GemaltoConfigurationResponse) contextValidateKeysecure(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if m.Keysecure != nil {
|
||||||
|
if err := m.Keysecure.ContextValidate(ctx, formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("keysecure")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("keysecure")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// MarshalBinary interface implementation
|
||||||
|
func (m *GemaltoConfigurationResponse) MarshalBinary() ([]byte, error) {
|
||||||
|
if m == nil {
|
||||||
|
return nil, nil
|
||||||
|
}
|
||||||
|
return swag.WriteJSON(m)
|
||||||
|
}
|
||||||
|
|
||||||
|
// UnmarshalBinary interface implementation
|
||||||
|
func (m *GemaltoConfigurationResponse) UnmarshalBinary(b []byte) error {
|
||||||
|
var res GemaltoConfigurationResponse
|
||||||
|
if err := swag.ReadJSON(b, &res); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
*m = res
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// GemaltoConfigurationResponseKeysecure gemalto configuration response keysecure
|
||||||
|
//
|
||||||
|
// swagger:model GemaltoConfigurationResponseKeysecure
|
||||||
|
type GemaltoConfigurationResponseKeysecure struct {
|
||||||
|
|
||||||
|
// credentials
|
||||||
|
// Required: true
|
||||||
|
Credentials *GemaltoConfigurationResponseKeysecureCredentials `json:"credentials"`
|
||||||
|
|
||||||
|
// endpoint
|
||||||
|
// Required: true
|
||||||
|
Endpoint *string `json:"endpoint"`
|
||||||
|
|
||||||
|
// tls
|
||||||
|
TLS *GemaltoConfigurationResponseKeysecureTLS `json:"tls,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validate validates this gemalto configuration response keysecure
|
||||||
|
func (m *GemaltoConfigurationResponseKeysecure) Validate(formats strfmt.Registry) error {
|
||||||
|
var res []error
|
||||||
|
|
||||||
|
if err := m.validateCredentials(formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.validateEndpoint(formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.validateTLS(formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(res) > 0 {
|
||||||
|
return errors.CompositeValidationError(res...)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *GemaltoConfigurationResponseKeysecure) validateCredentials(formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if err := validate.Required("keysecure"+"."+"credentials", "body", m.Credentials); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
if m.Credentials != nil {
|
||||||
|
if err := m.Credentials.Validate(formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("keysecure" + "." + "credentials")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("keysecure" + "." + "credentials")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *GemaltoConfigurationResponseKeysecure) validateEndpoint(formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if err := validate.Required("keysecure"+"."+"endpoint", "body", m.Endpoint); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *GemaltoConfigurationResponseKeysecure) validateTLS(formats strfmt.Registry) error {
|
||||||
|
if swag.IsZero(m.TLS) { // not required
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
if m.TLS != nil {
|
||||||
|
if err := m.TLS.Validate(formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("keysecure" + "." + "tls")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("keysecure" + "." + "tls")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// ContextValidate validate this gemalto configuration response keysecure based on the context it is used
|
||||||
|
func (m *GemaltoConfigurationResponseKeysecure) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
var res []error
|
||||||
|
|
||||||
|
if err := m.contextValidateCredentials(ctx, formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.contextValidateTLS(ctx, formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(res) > 0 {
|
||||||
|
return errors.CompositeValidationError(res...)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *GemaltoConfigurationResponseKeysecure) contextValidateCredentials(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if m.Credentials != nil {
|
||||||
|
if err := m.Credentials.ContextValidate(ctx, formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("keysecure" + "." + "credentials")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("keysecure" + "." + "credentials")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *GemaltoConfigurationResponseKeysecure) contextValidateTLS(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if m.TLS != nil {
|
||||||
|
if err := m.TLS.ContextValidate(ctx, formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("keysecure" + "." + "tls")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("keysecure" + "." + "tls")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// MarshalBinary interface implementation
|
||||||
|
func (m *GemaltoConfigurationResponseKeysecure) MarshalBinary() ([]byte, error) {
|
||||||
|
if m == nil {
|
||||||
|
return nil, nil
|
||||||
|
}
|
||||||
|
return swag.WriteJSON(m)
|
||||||
|
}
|
||||||
|
|
||||||
|
// UnmarshalBinary interface implementation
|
||||||
|
func (m *GemaltoConfigurationResponseKeysecure) UnmarshalBinary(b []byte) error {
|
||||||
|
var res GemaltoConfigurationResponseKeysecure
|
||||||
|
if err := swag.ReadJSON(b, &res); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
*m = res
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// GemaltoConfigurationResponseKeysecureCredentials gemalto configuration response keysecure credentials
|
||||||
|
//
|
||||||
|
// swagger:model GemaltoConfigurationResponseKeysecureCredentials
|
||||||
|
type GemaltoConfigurationResponseKeysecureCredentials struct {
|
||||||
|
|
||||||
|
// domain
|
||||||
|
// Required: true
|
||||||
|
Domain *string `json:"domain"`
|
||||||
|
|
||||||
|
// retry
|
||||||
|
Retry int64 `json:"retry,omitempty"`
|
||||||
|
|
||||||
|
// token
|
||||||
|
// Required: true
|
||||||
|
Token *string `json:"token"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validate validates this gemalto configuration response keysecure credentials
|
||||||
|
func (m *GemaltoConfigurationResponseKeysecureCredentials) Validate(formats strfmt.Registry) error {
|
||||||
|
var res []error
|
||||||
|
|
||||||
|
if err := m.validateDomain(formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.validateToken(formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(res) > 0 {
|
||||||
|
return errors.CompositeValidationError(res...)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *GemaltoConfigurationResponseKeysecureCredentials) validateDomain(formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if err := validate.Required("keysecure"+"."+"credentials"+"."+"domain", "body", m.Domain); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *GemaltoConfigurationResponseKeysecureCredentials) validateToken(formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if err := validate.Required("keysecure"+"."+"credentials"+"."+"token", "body", m.Token); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// ContextValidate validates this gemalto configuration response keysecure credentials based on context it is used
|
||||||
|
func (m *GemaltoConfigurationResponseKeysecureCredentials) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// MarshalBinary interface implementation
|
||||||
|
func (m *GemaltoConfigurationResponseKeysecureCredentials) MarshalBinary() ([]byte, error) {
|
||||||
|
if m == nil {
|
||||||
|
return nil, nil
|
||||||
|
}
|
||||||
|
return swag.WriteJSON(m)
|
||||||
|
}
|
||||||
|
|
||||||
|
// UnmarshalBinary interface implementation
|
||||||
|
func (m *GemaltoConfigurationResponseKeysecureCredentials) UnmarshalBinary(b []byte) error {
|
||||||
|
var res GemaltoConfigurationResponseKeysecureCredentials
|
||||||
|
if err := swag.ReadJSON(b, &res); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
*m = res
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// GemaltoConfigurationResponseKeysecureTLS gemalto configuration response keysecure TLS
|
||||||
|
//
|
||||||
|
// swagger:model GemaltoConfigurationResponseKeysecureTLS
|
||||||
|
type GemaltoConfigurationResponseKeysecureTLS struct {
|
||||||
|
|
||||||
|
// ca
|
||||||
|
// Required: true
|
||||||
|
Ca *CertificateInfo `json:"ca"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validate validates this gemalto configuration response keysecure TLS
|
||||||
|
func (m *GemaltoConfigurationResponseKeysecureTLS) Validate(formats strfmt.Registry) error {
|
||||||
|
var res []error
|
||||||
|
|
||||||
|
if err := m.validateCa(formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(res) > 0 {
|
||||||
|
return errors.CompositeValidationError(res...)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *GemaltoConfigurationResponseKeysecureTLS) validateCa(formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if err := validate.Required("keysecure"+"."+"tls"+"."+"ca", "body", m.Ca); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
if m.Ca != nil {
|
||||||
|
if err := m.Ca.Validate(formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("keysecure" + "." + "tls" + "." + "ca")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("keysecure" + "." + "tls" + "." + "ca")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// ContextValidate validate this gemalto configuration response keysecure TLS based on the context it is used
|
||||||
|
func (m *GemaltoConfigurationResponseKeysecureTLS) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
var res []error
|
||||||
|
|
||||||
|
if err := m.contextValidateCa(ctx, formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(res) > 0 {
|
||||||
|
return errors.CompositeValidationError(res...)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *GemaltoConfigurationResponseKeysecureTLS) contextValidateCa(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if m.Ca != nil {
|
||||||
|
if err := m.Ca.ContextValidate(ctx, formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("keysecure" + "." + "tls" + "." + "ca")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("keysecure" + "." + "tls" + "." + "ca")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// MarshalBinary interface implementation
|
||||||
|
func (m *GemaltoConfigurationResponseKeysecureTLS) MarshalBinary() ([]byte, error) {
|
||||||
|
if m == nil {
|
||||||
|
return nil, nil
|
||||||
|
}
|
||||||
|
return swag.WriteJSON(m)
|
||||||
|
}
|
||||||
|
|
||||||
|
// UnmarshalBinary interface implementation
|
||||||
|
func (m *GemaltoConfigurationResponseKeysecureTLS) UnmarshalBinary(b []byte) error {
|
||||||
|
var res GemaltoConfigurationResponseKeysecureTLS
|
||||||
|
if err := swag.ReadJSON(b, &res); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
*m = res
|
||||||
|
return nil
|
||||||
|
}
|
||||||
232
models/update_tenant_encryption_request.go
Normal file
232
models/update_tenant_encryption_request.go
Normal file
@@ -0,0 +1,232 @@
|
|||||||
|
// Code generated by go-swagger; DO NOT EDIT.
|
||||||
|
|
||||||
|
// This file is part of MinIO Console Server
|
||||||
|
// Copyright (c) 2021 MinIO, Inc.
|
||||||
|
//
|
||||||
|
// This program is free software: you can redistribute it and/or modify
|
||||||
|
// it under the terms of the GNU Affero General Public License as published by
|
||||||
|
// the Free Software Foundation, either version 3 of the License, or
|
||||||
|
// (at your option) any later version.
|
||||||
|
//
|
||||||
|
// This program is distributed in the hope that it will be useful,
|
||||||
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
// GNU Affero General Public License for more details.
|
||||||
|
//
|
||||||
|
// You should have received a copy of the GNU Affero General Public License
|
||||||
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
//
|
||||||
|
|
||||||
|
package models
|
||||||
|
|
||||||
|
// This file was generated by the swagger tool.
|
||||||
|
// Editing this file might prove futile when you re-run the swagger generate command
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
"strconv"
|
||||||
|
|
||||||
|
"github.com/go-openapi/errors"
|
||||||
|
"github.com/go-openapi/strfmt"
|
||||||
|
"github.com/go-openapi/swag"
|
||||||
|
)
|
||||||
|
|
||||||
|
// UpdateTenantEncryptionRequest update tenant encryption request
|
||||||
|
//
|
||||||
|
// swagger:model updateTenantEncryptionRequest
|
||||||
|
type UpdateTenantEncryptionRequest struct {
|
||||||
|
|
||||||
|
// auto cert
|
||||||
|
AutoCert bool `json:"autoCert,omitempty"`
|
||||||
|
|
||||||
|
// custom certificates
|
||||||
|
CustomCertificates *UpdateTenantEncryptionRequestCustomCertificates `json:"customCertificates,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validate validates this update tenant encryption request
|
||||||
|
func (m *UpdateTenantEncryptionRequest) Validate(formats strfmt.Registry) error {
|
||||||
|
var res []error
|
||||||
|
|
||||||
|
if err := m.validateCustomCertificates(formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(res) > 0 {
|
||||||
|
return errors.CompositeValidationError(res...)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *UpdateTenantEncryptionRequest) validateCustomCertificates(formats strfmt.Registry) error {
|
||||||
|
if swag.IsZero(m.CustomCertificates) { // not required
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
if m.CustomCertificates != nil {
|
||||||
|
if err := m.CustomCertificates.Validate(formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("customCertificates")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("customCertificates")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// ContextValidate validate this update tenant encryption request based on the context it is used
|
||||||
|
func (m *UpdateTenantEncryptionRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
var res []error
|
||||||
|
|
||||||
|
if err := m.contextValidateCustomCertificates(ctx, formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(res) > 0 {
|
||||||
|
return errors.CompositeValidationError(res...)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *UpdateTenantEncryptionRequest) contextValidateCustomCertificates(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if m.CustomCertificates != nil {
|
||||||
|
if err := m.CustomCertificates.ContextValidate(ctx, formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("customCertificates")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("customCertificates")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// MarshalBinary interface implementation
|
||||||
|
func (m *UpdateTenantEncryptionRequest) MarshalBinary() ([]byte, error) {
|
||||||
|
if m == nil {
|
||||||
|
return nil, nil
|
||||||
|
}
|
||||||
|
return swag.WriteJSON(m)
|
||||||
|
}
|
||||||
|
|
||||||
|
// UnmarshalBinary interface implementation
|
||||||
|
func (m *UpdateTenantEncryptionRequest) UnmarshalBinary(b []byte) error {
|
||||||
|
var res UpdateTenantEncryptionRequest
|
||||||
|
if err := swag.ReadJSON(b, &res); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
*m = res
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// UpdateTenantEncryptionRequestCustomCertificates update tenant encryption request custom certificates
|
||||||
|
//
|
||||||
|
// swagger:model UpdateTenantEncryptionRequestCustomCertificates
|
||||||
|
type UpdateTenantEncryptionRequestCustomCertificates struct {
|
||||||
|
|
||||||
|
// minio
|
||||||
|
Minio []*KeyPairConfiguration `json:"minio"`
|
||||||
|
|
||||||
|
// minio c as
|
||||||
|
MinioCAs []string `json:"minioCAs"`
|
||||||
|
|
||||||
|
// secrets to be deleted
|
||||||
|
SecretsToBeDeleted []string `json:"secretsToBeDeleted"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validate validates this update tenant encryption request custom certificates
|
||||||
|
func (m *UpdateTenantEncryptionRequestCustomCertificates) Validate(formats strfmt.Registry) error {
|
||||||
|
var res []error
|
||||||
|
|
||||||
|
if err := m.validateMinio(formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(res) > 0 {
|
||||||
|
return errors.CompositeValidationError(res...)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *UpdateTenantEncryptionRequestCustomCertificates) validateMinio(formats strfmt.Registry) error {
|
||||||
|
if swag.IsZero(m.Minio) { // not required
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
for i := 0; i < len(m.Minio); i++ {
|
||||||
|
if swag.IsZero(m.Minio[i]) { // not required
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
|
if m.Minio[i] != nil {
|
||||||
|
if err := m.Minio[i].Validate(formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("customCertificates" + "." + "minio" + "." + strconv.Itoa(i))
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("customCertificates" + "." + "minio" + "." + strconv.Itoa(i))
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// ContextValidate validate this update tenant encryption request custom certificates based on the context it is used
|
||||||
|
func (m *UpdateTenantEncryptionRequestCustomCertificates) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
var res []error
|
||||||
|
|
||||||
|
if err := m.contextValidateMinio(ctx, formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(res) > 0 {
|
||||||
|
return errors.CompositeValidationError(res...)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *UpdateTenantEncryptionRequestCustomCertificates) contextValidateMinio(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
for i := 0; i < len(m.Minio); i++ {
|
||||||
|
|
||||||
|
if m.Minio[i] != nil {
|
||||||
|
if err := m.Minio[i].ContextValidate(ctx, formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("customCertificates" + "." + "minio" + "." + strconv.Itoa(i))
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("customCertificates" + "." + "minio" + "." + strconv.Itoa(i))
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// MarshalBinary interface implementation
|
||||||
|
func (m *UpdateTenantEncryptionRequestCustomCertificates) MarshalBinary() ([]byte, error) {
|
||||||
|
if m == nil {
|
||||||
|
return nil, nil
|
||||||
|
}
|
||||||
|
return swag.WriteJSON(m)
|
||||||
|
}
|
||||||
|
|
||||||
|
// UnmarshalBinary interface implementation
|
||||||
|
func (m *UpdateTenantEncryptionRequestCustomCertificates) UnmarshalBinary(b []byte) error {
|
||||||
|
var res UpdateTenantEncryptionRequestCustomCertificates
|
||||||
|
if err := swag.ReadJSON(b, &res); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
*m = res
|
||||||
|
return nil
|
||||||
|
}
|
||||||
494
models/vault_configuration_response.go
Normal file
494
models/vault_configuration_response.go
Normal file
@@ -0,0 +1,494 @@
|
|||||||
|
// Code generated by go-swagger; DO NOT EDIT.
|
||||||
|
|
||||||
|
// This file is part of MinIO Console Server
|
||||||
|
// Copyright (c) 2021 MinIO, Inc.
|
||||||
|
//
|
||||||
|
// This program is free software: you can redistribute it and/or modify
|
||||||
|
// it under the terms of the GNU Affero General Public License as published by
|
||||||
|
// the Free Software Foundation, either version 3 of the License, or
|
||||||
|
// (at your option) any later version.
|
||||||
|
//
|
||||||
|
// This program is distributed in the hope that it will be useful,
|
||||||
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
// GNU Affero General Public License for more details.
|
||||||
|
//
|
||||||
|
// You should have received a copy of the GNU Affero General Public License
|
||||||
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
//
|
||||||
|
|
||||||
|
package models
|
||||||
|
|
||||||
|
// This file was generated by the swagger tool.
|
||||||
|
// Editing this file might prove futile when you re-run the swagger generate command
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
|
||||||
|
"github.com/go-openapi/errors"
|
||||||
|
"github.com/go-openapi/strfmt"
|
||||||
|
"github.com/go-openapi/swag"
|
||||||
|
"github.com/go-openapi/validate"
|
||||||
|
)
|
||||||
|
|
||||||
|
// VaultConfigurationResponse vault configuration response
|
||||||
|
//
|
||||||
|
// swagger:model vaultConfigurationResponse
|
||||||
|
type VaultConfigurationResponse struct {
|
||||||
|
|
||||||
|
// approle
|
||||||
|
// Required: true
|
||||||
|
Approle *VaultConfigurationResponseApprole `json:"approle"`
|
||||||
|
|
||||||
|
// endpoint
|
||||||
|
// Required: true
|
||||||
|
Endpoint *string `json:"endpoint"`
|
||||||
|
|
||||||
|
// engine
|
||||||
|
Engine string `json:"engine,omitempty"`
|
||||||
|
|
||||||
|
// namespace
|
||||||
|
Namespace string `json:"namespace,omitempty"`
|
||||||
|
|
||||||
|
// prefix
|
||||||
|
Prefix string `json:"prefix,omitempty"`
|
||||||
|
|
||||||
|
// status
|
||||||
|
Status *VaultConfigurationResponseStatus `json:"status,omitempty"`
|
||||||
|
|
||||||
|
// tls
|
||||||
|
TLS *VaultConfigurationResponseTLS `json:"tls,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validate validates this vault configuration response
|
||||||
|
func (m *VaultConfigurationResponse) Validate(formats strfmt.Registry) error {
|
||||||
|
var res []error
|
||||||
|
|
||||||
|
if err := m.validateApprole(formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.validateEndpoint(formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.validateStatus(formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.validateTLS(formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(res) > 0 {
|
||||||
|
return errors.CompositeValidationError(res...)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *VaultConfigurationResponse) validateApprole(formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if err := validate.Required("approle", "body", m.Approle); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
if m.Approle != nil {
|
||||||
|
if err := m.Approle.Validate(formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("approle")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("approle")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *VaultConfigurationResponse) validateEndpoint(formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if err := validate.Required("endpoint", "body", m.Endpoint); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *VaultConfigurationResponse) validateStatus(formats strfmt.Registry) error {
|
||||||
|
if swag.IsZero(m.Status) { // not required
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
if m.Status != nil {
|
||||||
|
if err := m.Status.Validate(formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("status")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("status")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *VaultConfigurationResponse) validateTLS(formats strfmt.Registry) error {
|
||||||
|
if swag.IsZero(m.TLS) { // not required
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
if m.TLS != nil {
|
||||||
|
if err := m.TLS.Validate(formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("tls")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("tls")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// ContextValidate validate this vault configuration response based on the context it is used
|
||||||
|
func (m *VaultConfigurationResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
var res []error
|
||||||
|
|
||||||
|
if err := m.contextValidateApprole(ctx, formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.contextValidateStatus(ctx, formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.contextValidateTLS(ctx, formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(res) > 0 {
|
||||||
|
return errors.CompositeValidationError(res...)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *VaultConfigurationResponse) contextValidateApprole(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if m.Approle != nil {
|
||||||
|
if err := m.Approle.ContextValidate(ctx, formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("approle")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("approle")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *VaultConfigurationResponse) contextValidateStatus(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if m.Status != nil {
|
||||||
|
if err := m.Status.ContextValidate(ctx, formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("status")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("status")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *VaultConfigurationResponse) contextValidateTLS(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if m.TLS != nil {
|
||||||
|
if err := m.TLS.ContextValidate(ctx, formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("tls")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("tls")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// MarshalBinary interface implementation
|
||||||
|
func (m *VaultConfigurationResponse) MarshalBinary() ([]byte, error) {
|
||||||
|
if m == nil {
|
||||||
|
return nil, nil
|
||||||
|
}
|
||||||
|
return swag.WriteJSON(m)
|
||||||
|
}
|
||||||
|
|
||||||
|
// UnmarshalBinary interface implementation
|
||||||
|
func (m *VaultConfigurationResponse) UnmarshalBinary(b []byte) error {
|
||||||
|
var res VaultConfigurationResponse
|
||||||
|
if err := swag.ReadJSON(b, &res); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
*m = res
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// VaultConfigurationResponseApprole vault configuration response approle
|
||||||
|
//
|
||||||
|
// swagger:model VaultConfigurationResponseApprole
|
||||||
|
type VaultConfigurationResponseApprole struct {
|
||||||
|
|
||||||
|
// engine
|
||||||
|
Engine string `json:"engine,omitempty"`
|
||||||
|
|
||||||
|
// id
|
||||||
|
// Required: true
|
||||||
|
ID *string `json:"id"`
|
||||||
|
|
||||||
|
// retry
|
||||||
|
Retry int64 `json:"retry,omitempty"`
|
||||||
|
|
||||||
|
// secret
|
||||||
|
// Required: true
|
||||||
|
Secret *string `json:"secret"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validate validates this vault configuration response approle
|
||||||
|
func (m *VaultConfigurationResponseApprole) Validate(formats strfmt.Registry) error {
|
||||||
|
var res []error
|
||||||
|
|
||||||
|
if err := m.validateID(formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.validateSecret(formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(res) > 0 {
|
||||||
|
return errors.CompositeValidationError(res...)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *VaultConfigurationResponseApprole) validateID(formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if err := validate.Required("approle"+"."+"id", "body", m.ID); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *VaultConfigurationResponseApprole) validateSecret(formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if err := validate.Required("approle"+"."+"secret", "body", m.Secret); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// ContextValidate validates this vault configuration response approle based on context it is used
|
||||||
|
func (m *VaultConfigurationResponseApprole) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// MarshalBinary interface implementation
|
||||||
|
func (m *VaultConfigurationResponseApprole) MarshalBinary() ([]byte, error) {
|
||||||
|
if m == nil {
|
||||||
|
return nil, nil
|
||||||
|
}
|
||||||
|
return swag.WriteJSON(m)
|
||||||
|
}
|
||||||
|
|
||||||
|
// UnmarshalBinary interface implementation
|
||||||
|
func (m *VaultConfigurationResponseApprole) UnmarshalBinary(b []byte) error {
|
||||||
|
var res VaultConfigurationResponseApprole
|
||||||
|
if err := swag.ReadJSON(b, &res); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
*m = res
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// VaultConfigurationResponseStatus vault configuration response status
|
||||||
|
//
|
||||||
|
// swagger:model VaultConfigurationResponseStatus
|
||||||
|
type VaultConfigurationResponseStatus struct {
|
||||||
|
|
||||||
|
// ping
|
||||||
|
Ping int64 `json:"ping,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validate validates this vault configuration response status
|
||||||
|
func (m *VaultConfigurationResponseStatus) Validate(formats strfmt.Registry) error {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// ContextValidate validates this vault configuration response status based on context it is used
|
||||||
|
func (m *VaultConfigurationResponseStatus) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// MarshalBinary interface implementation
|
||||||
|
func (m *VaultConfigurationResponseStatus) MarshalBinary() ([]byte, error) {
|
||||||
|
if m == nil {
|
||||||
|
return nil, nil
|
||||||
|
}
|
||||||
|
return swag.WriteJSON(m)
|
||||||
|
}
|
||||||
|
|
||||||
|
// UnmarshalBinary interface implementation
|
||||||
|
func (m *VaultConfigurationResponseStatus) UnmarshalBinary(b []byte) error {
|
||||||
|
var res VaultConfigurationResponseStatus
|
||||||
|
if err := swag.ReadJSON(b, &res); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
*m = res
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// VaultConfigurationResponseTLS vault configuration response TLS
|
||||||
|
//
|
||||||
|
// swagger:model VaultConfigurationResponseTLS
|
||||||
|
type VaultConfigurationResponseTLS struct {
|
||||||
|
|
||||||
|
// ca
|
||||||
|
Ca *CertificateInfo `json:"ca,omitempty"`
|
||||||
|
|
||||||
|
// crt
|
||||||
|
Crt *CertificateInfo `json:"crt,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validate validates this vault configuration response TLS
|
||||||
|
func (m *VaultConfigurationResponseTLS) Validate(formats strfmt.Registry) error {
|
||||||
|
var res []error
|
||||||
|
|
||||||
|
if err := m.validateCa(formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.validateCrt(formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(res) > 0 {
|
||||||
|
return errors.CompositeValidationError(res...)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *VaultConfigurationResponseTLS) validateCa(formats strfmt.Registry) error {
|
||||||
|
if swag.IsZero(m.Ca) { // not required
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
if m.Ca != nil {
|
||||||
|
if err := m.Ca.Validate(formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("tls" + "." + "ca")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("tls" + "." + "ca")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *VaultConfigurationResponseTLS) validateCrt(formats strfmt.Registry) error {
|
||||||
|
if swag.IsZero(m.Crt) { // not required
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
if m.Crt != nil {
|
||||||
|
if err := m.Crt.Validate(formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("tls" + "." + "crt")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("tls" + "." + "crt")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// ContextValidate validate this vault configuration response TLS based on the context it is used
|
||||||
|
func (m *VaultConfigurationResponseTLS) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
var res []error
|
||||||
|
|
||||||
|
if err := m.contextValidateCa(ctx, formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := m.contextValidateCrt(ctx, formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(res) > 0 {
|
||||||
|
return errors.CompositeValidationError(res...)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *VaultConfigurationResponseTLS) contextValidateCa(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if m.Ca != nil {
|
||||||
|
if err := m.Ca.ContextValidate(ctx, formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("tls" + "." + "ca")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("tls" + "." + "ca")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *VaultConfigurationResponseTLS) contextValidateCrt(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
|
||||||
|
if m.Crt != nil {
|
||||||
|
if err := m.Crt.ContextValidate(ctx, formats); err != nil {
|
||||||
|
if ve, ok := err.(*errors.Validation); ok {
|
||||||
|
return ve.ValidateName("tls" + "." + "crt")
|
||||||
|
} else if ce, ok := err.(*errors.CompositeError); ok {
|
||||||
|
return ce.ValidateName("tls" + "." + "crt")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// MarshalBinary interface implementation
|
||||||
|
func (m *VaultConfigurationResponseTLS) MarshalBinary() ([]byte, error) {
|
||||||
|
if m == nil {
|
||||||
|
return nil, nil
|
||||||
|
}
|
||||||
|
return swag.WriteJSON(m)
|
||||||
|
}
|
||||||
|
|
||||||
|
// UnmarshalBinary interface implementation
|
||||||
|
func (m *VaultConfigurationResponseTLS) UnmarshalBinary(b []byte) error {
|
||||||
|
var res VaultConfigurationResponseTLS
|
||||||
|
if err := swag.ReadJSON(b, &res); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
*m = res
|
||||||
|
return nil
|
||||||
|
}
|
||||||
@@ -634,6 +634,41 @@ func init() {
|
|||||||
}
|
}
|
||||||
},
|
},
|
||||||
"/namespaces/{namespace}/tenants/{tenant}/encryption": {
|
"/namespaces/{namespace}/tenants/{tenant}/encryption": {
|
||||||
|
"get": {
|
||||||
|
"tags": [
|
||||||
|
"OperatorAPI"
|
||||||
|
],
|
||||||
|
"summary": "Tenant Encryption Info",
|
||||||
|
"operationId": "TenantEncryptionInfo",
|
||||||
|
"parameters": [
|
||||||
|
{
|
||||||
|
"type": "string",
|
||||||
|
"name": "namespace",
|
||||||
|
"in": "path",
|
||||||
|
"required": true
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"type": "string",
|
||||||
|
"name": "tenant",
|
||||||
|
"in": "path",
|
||||||
|
"required": true
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"responses": {
|
||||||
|
"200": {
|
||||||
|
"description": "A successful response.",
|
||||||
|
"schema": {
|
||||||
|
"$ref": "#/definitions/encryptionConfigurationResponse"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"default": {
|
||||||
|
"description": "Generic error response.",
|
||||||
|
"schema": {
|
||||||
|
"$ref": "#/definitions/error"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
"put": {
|
"put": {
|
||||||
"tags": [
|
"tags": [
|
||||||
"OperatorAPI"
|
"OperatorAPI"
|
||||||
@@ -673,6 +708,38 @@ func init() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
},
|
||||||
|
"delete": {
|
||||||
|
"tags": [
|
||||||
|
"OperatorAPI"
|
||||||
|
],
|
||||||
|
"summary": "Tenant Delete Encryption",
|
||||||
|
"operationId": "TenantDeleteEncryption",
|
||||||
|
"parameters": [
|
||||||
|
{
|
||||||
|
"type": "string",
|
||||||
|
"name": "namespace",
|
||||||
|
"in": "path",
|
||||||
|
"required": true
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"type": "string",
|
||||||
|
"name": "tenant",
|
||||||
|
"in": "path",
|
||||||
|
"required": true
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"responses": {
|
||||||
|
"204": {
|
||||||
|
"description": "A successful response."
|
||||||
|
},
|
||||||
|
"default": {
|
||||||
|
"description": "Generic error response.",
|
||||||
|
"schema": {
|
||||||
|
"$ref": "#/definitions/error"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"/namespaces/{namespace}/tenants/{tenant}/events": {
|
"/namespaces/{namespace}/tenants/{tenant}/events": {
|
||||||
@@ -2013,6 +2080,12 @@ func init() {
|
|||||||
"replicas": {
|
"replicas": {
|
||||||
"type": "string"
|
"type": "string"
|
||||||
},
|
},
|
||||||
|
"secretsToBeDeleted": {
|
||||||
|
"type": "array",
|
||||||
|
"items": {
|
||||||
|
"type": "string"
|
||||||
|
}
|
||||||
|
},
|
||||||
"securityContext": {
|
"securityContext": {
|
||||||
"type": "object",
|
"type": "object",
|
||||||
"$ref": "#/definitions/securityContext"
|
"$ref": "#/definitions/securityContext"
|
||||||
@@ -2029,6 +2102,56 @@ func init() {
|
|||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
"encryptionConfigurationResponse": {
|
||||||
|
"allOf": [
|
||||||
|
{
|
||||||
|
"$ref": "#/definitions/metadataFields"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"type": "object",
|
||||||
|
"properties": {
|
||||||
|
"aws": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/awsConfiguration"
|
||||||
|
},
|
||||||
|
"azure": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/azureConfiguration"
|
||||||
|
},
|
||||||
|
"gcp": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/gcpConfiguration"
|
||||||
|
},
|
||||||
|
"gemalto": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/gemaltoConfigurationResponse"
|
||||||
|
},
|
||||||
|
"image": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"mtls_client": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/certificateInfo"
|
||||||
|
},
|
||||||
|
"replicas": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"securityContext": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/securityContext"
|
||||||
|
},
|
||||||
|
"server": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/certificateInfo"
|
||||||
|
},
|
||||||
|
"vault": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/vaultConfigurationResponse"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
"error": {
|
"error": {
|
||||||
"type": "object",
|
"type": "object",
|
||||||
"required": [
|
"required": [
|
||||||
@@ -2197,6 +2320,57 @@ func init() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"gemaltoConfigurationResponse": {
|
||||||
|
"type": "object",
|
||||||
|
"required": [
|
||||||
|
"keysecure"
|
||||||
|
],
|
||||||
|
"properties": {
|
||||||
|
"keysecure": {
|
||||||
|
"type": "object",
|
||||||
|
"required": [
|
||||||
|
"endpoint",
|
||||||
|
"credentials"
|
||||||
|
],
|
||||||
|
"properties": {
|
||||||
|
"credentials": {
|
||||||
|
"type": "object",
|
||||||
|
"required": [
|
||||||
|
"token",
|
||||||
|
"domain"
|
||||||
|
],
|
||||||
|
"properties": {
|
||||||
|
"domain": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"retry": {
|
||||||
|
"type": "integer",
|
||||||
|
"format": "int64"
|
||||||
|
},
|
||||||
|
"token": {
|
||||||
|
"type": "string"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"endpoint": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"tls": {
|
||||||
|
"type": "object",
|
||||||
|
"required": [
|
||||||
|
"ca"
|
||||||
|
],
|
||||||
|
"properties": {
|
||||||
|
"ca": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/certificateInfo"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
"getDirectCSIDriveListResponse": {
|
"getDirectCSIDriveListResponse": {
|
||||||
"type": "object",
|
"type": "object",
|
||||||
"properties": {
|
"properties": {
|
||||||
@@ -3648,6 +3822,71 @@ func init() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
},
|
||||||
|
"vaultConfigurationResponse": {
|
||||||
|
"type": "object",
|
||||||
|
"required": [
|
||||||
|
"endpoint",
|
||||||
|
"approle"
|
||||||
|
],
|
||||||
|
"properties": {
|
||||||
|
"approle": {
|
||||||
|
"type": "object",
|
||||||
|
"required": [
|
||||||
|
"id",
|
||||||
|
"secret"
|
||||||
|
],
|
||||||
|
"properties": {
|
||||||
|
"engine": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"id": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"retry": {
|
||||||
|
"type": "integer",
|
||||||
|
"format": "int64"
|
||||||
|
},
|
||||||
|
"secret": {
|
||||||
|
"type": "string"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"endpoint": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"engine": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"namespace": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"prefix": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"status": {
|
||||||
|
"type": "object",
|
||||||
|
"properties": {
|
||||||
|
"ping": {
|
||||||
|
"type": "integer",
|
||||||
|
"format": "int64"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"tls": {
|
||||||
|
"type": "object",
|
||||||
|
"properties": {
|
||||||
|
"ca": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/certificateInfo"
|
||||||
|
},
|
||||||
|
"crt": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/certificateInfo"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"securityDefinitions": {
|
"securityDefinitions": {
|
||||||
@@ -4264,6 +4503,41 @@ func init() {
|
|||||||
}
|
}
|
||||||
},
|
},
|
||||||
"/namespaces/{namespace}/tenants/{tenant}/encryption": {
|
"/namespaces/{namespace}/tenants/{tenant}/encryption": {
|
||||||
|
"get": {
|
||||||
|
"tags": [
|
||||||
|
"OperatorAPI"
|
||||||
|
],
|
||||||
|
"summary": "Tenant Encryption Info",
|
||||||
|
"operationId": "TenantEncryptionInfo",
|
||||||
|
"parameters": [
|
||||||
|
{
|
||||||
|
"type": "string",
|
||||||
|
"name": "namespace",
|
||||||
|
"in": "path",
|
||||||
|
"required": true
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"type": "string",
|
||||||
|
"name": "tenant",
|
||||||
|
"in": "path",
|
||||||
|
"required": true
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"responses": {
|
||||||
|
"200": {
|
||||||
|
"description": "A successful response.",
|
||||||
|
"schema": {
|
||||||
|
"$ref": "#/definitions/encryptionConfigurationResponse"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"default": {
|
||||||
|
"description": "Generic error response.",
|
||||||
|
"schema": {
|
||||||
|
"$ref": "#/definitions/error"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
"put": {
|
"put": {
|
||||||
"tags": [
|
"tags": [
|
||||||
"OperatorAPI"
|
"OperatorAPI"
|
||||||
@@ -4303,6 +4577,38 @@ func init() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
},
|
||||||
|
"delete": {
|
||||||
|
"tags": [
|
||||||
|
"OperatorAPI"
|
||||||
|
],
|
||||||
|
"summary": "Tenant Delete Encryption",
|
||||||
|
"operationId": "TenantDeleteEncryption",
|
||||||
|
"parameters": [
|
||||||
|
{
|
||||||
|
"type": "string",
|
||||||
|
"name": "namespace",
|
||||||
|
"in": "path",
|
||||||
|
"required": true
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"type": "string",
|
||||||
|
"name": "tenant",
|
||||||
|
"in": "path",
|
||||||
|
"required": true
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"responses": {
|
||||||
|
"204": {
|
||||||
|
"description": "A successful response."
|
||||||
|
},
|
||||||
|
"default": {
|
||||||
|
"description": "Generic error response.",
|
||||||
|
"schema": {
|
||||||
|
"$ref": "#/definitions/error"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"/namespaces/{namespace}/tenants/{tenant}/events": {
|
"/namespaces/{namespace}/tenants/{tenant}/events": {
|
||||||
@@ -5517,6 +5823,80 @@ func init() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"GemaltoConfigurationResponseKeysecure": {
|
||||||
|
"type": "object",
|
||||||
|
"required": [
|
||||||
|
"endpoint",
|
||||||
|
"credentials"
|
||||||
|
],
|
||||||
|
"properties": {
|
||||||
|
"credentials": {
|
||||||
|
"type": "object",
|
||||||
|
"required": [
|
||||||
|
"token",
|
||||||
|
"domain"
|
||||||
|
],
|
||||||
|
"properties": {
|
||||||
|
"domain": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"retry": {
|
||||||
|
"type": "integer",
|
||||||
|
"format": "int64"
|
||||||
|
},
|
||||||
|
"token": {
|
||||||
|
"type": "string"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"endpoint": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"tls": {
|
||||||
|
"type": "object",
|
||||||
|
"required": [
|
||||||
|
"ca"
|
||||||
|
],
|
||||||
|
"properties": {
|
||||||
|
"ca": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/certificateInfo"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"GemaltoConfigurationResponseKeysecureCredentials": {
|
||||||
|
"type": "object",
|
||||||
|
"required": [
|
||||||
|
"token",
|
||||||
|
"domain"
|
||||||
|
],
|
||||||
|
"properties": {
|
||||||
|
"domain": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"retry": {
|
||||||
|
"type": "integer",
|
||||||
|
"format": "int64"
|
||||||
|
},
|
||||||
|
"token": {
|
||||||
|
"type": "string"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"GemaltoConfigurationResponseKeysecureTLS": {
|
||||||
|
"type": "object",
|
||||||
|
"required": [
|
||||||
|
"ca"
|
||||||
|
],
|
||||||
|
"properties": {
|
||||||
|
"ca": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/certificateInfo"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
"IdpConfigurationActiveDirectory": {
|
"IdpConfigurationActiveDirectory": {
|
||||||
"type": "object",
|
"type": "object",
|
||||||
"required": [
|
"required": [
|
||||||
@@ -6003,6 +6383,50 @@ func init() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"VaultConfigurationResponseApprole": {
|
||||||
|
"type": "object",
|
||||||
|
"required": [
|
||||||
|
"id",
|
||||||
|
"secret"
|
||||||
|
],
|
||||||
|
"properties": {
|
||||||
|
"engine": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"id": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"retry": {
|
||||||
|
"type": "integer",
|
||||||
|
"format": "int64"
|
||||||
|
},
|
||||||
|
"secret": {
|
||||||
|
"type": "string"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"VaultConfigurationResponseStatus": {
|
||||||
|
"type": "object",
|
||||||
|
"properties": {
|
||||||
|
"ping": {
|
||||||
|
"type": "integer",
|
||||||
|
"format": "int64"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"VaultConfigurationResponseTLS": {
|
||||||
|
"type": "object",
|
||||||
|
"properties": {
|
||||||
|
"ca": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/certificateInfo"
|
||||||
|
},
|
||||||
|
"crt": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/certificateInfo"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
"VaultConfigurationStatus": {
|
"VaultConfigurationStatus": {
|
||||||
"type": "object",
|
"type": "object",
|
||||||
"properties": {
|
"properties": {
|
||||||
@@ -6376,6 +6800,12 @@ func init() {
|
|||||||
"replicas": {
|
"replicas": {
|
||||||
"type": "string"
|
"type": "string"
|
||||||
},
|
},
|
||||||
|
"secretsToBeDeleted": {
|
||||||
|
"type": "array",
|
||||||
|
"items": {
|
||||||
|
"type": "string"
|
||||||
|
}
|
||||||
|
},
|
||||||
"securityContext": {
|
"securityContext": {
|
||||||
"type": "object",
|
"type": "object",
|
||||||
"$ref": "#/definitions/securityContext"
|
"$ref": "#/definitions/securityContext"
|
||||||
@@ -6392,6 +6822,56 @@ func init() {
|
|||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
"encryptionConfigurationResponse": {
|
||||||
|
"allOf": [
|
||||||
|
{
|
||||||
|
"$ref": "#/definitions/metadataFields"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"type": "object",
|
||||||
|
"properties": {
|
||||||
|
"aws": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/awsConfiguration"
|
||||||
|
},
|
||||||
|
"azure": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/azureConfiguration"
|
||||||
|
},
|
||||||
|
"gcp": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/gcpConfiguration"
|
||||||
|
},
|
||||||
|
"gemalto": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/gemaltoConfigurationResponse"
|
||||||
|
},
|
||||||
|
"image": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"mtls_client": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/certificateInfo"
|
||||||
|
},
|
||||||
|
"replicas": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"securityContext": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/securityContext"
|
||||||
|
},
|
||||||
|
"server": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/certificateInfo"
|
||||||
|
},
|
||||||
|
"vault": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/vaultConfigurationResponse"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
"error": {
|
"error": {
|
||||||
"type": "object",
|
"type": "object",
|
||||||
"required": [
|
"required": [
|
||||||
@@ -6560,6 +7040,57 @@ func init() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"gemaltoConfigurationResponse": {
|
||||||
|
"type": "object",
|
||||||
|
"required": [
|
||||||
|
"keysecure"
|
||||||
|
],
|
||||||
|
"properties": {
|
||||||
|
"keysecure": {
|
||||||
|
"type": "object",
|
||||||
|
"required": [
|
||||||
|
"endpoint",
|
||||||
|
"credentials"
|
||||||
|
],
|
||||||
|
"properties": {
|
||||||
|
"credentials": {
|
||||||
|
"type": "object",
|
||||||
|
"required": [
|
||||||
|
"token",
|
||||||
|
"domain"
|
||||||
|
],
|
||||||
|
"properties": {
|
||||||
|
"domain": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"retry": {
|
||||||
|
"type": "integer",
|
||||||
|
"format": "int64"
|
||||||
|
},
|
||||||
|
"token": {
|
||||||
|
"type": "string"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"endpoint": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"tls": {
|
||||||
|
"type": "object",
|
||||||
|
"required": [
|
||||||
|
"ca"
|
||||||
|
],
|
||||||
|
"properties": {
|
||||||
|
"ca": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/certificateInfo"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
"getDirectCSIDriveListResponse": {
|
"getDirectCSIDriveListResponse": {
|
||||||
"type": "object",
|
"type": "object",
|
||||||
"properties": {
|
"properties": {
|
||||||
@@ -7864,6 +8395,71 @@ func init() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
},
|
||||||
|
"vaultConfigurationResponse": {
|
||||||
|
"type": "object",
|
||||||
|
"required": [
|
||||||
|
"endpoint",
|
||||||
|
"approle"
|
||||||
|
],
|
||||||
|
"properties": {
|
||||||
|
"approle": {
|
||||||
|
"type": "object",
|
||||||
|
"required": [
|
||||||
|
"id",
|
||||||
|
"secret"
|
||||||
|
],
|
||||||
|
"properties": {
|
||||||
|
"engine": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"id": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"retry": {
|
||||||
|
"type": "integer",
|
||||||
|
"format": "int64"
|
||||||
|
},
|
||||||
|
"secret": {
|
||||||
|
"type": "string"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"endpoint": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"engine": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"namespace": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"prefix": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"status": {
|
||||||
|
"type": "object",
|
||||||
|
"properties": {
|
||||||
|
"ping": {
|
||||||
|
"type": "integer",
|
||||||
|
"format": "int64"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"tls": {
|
||||||
|
"type": "object",
|
||||||
|
"properties": {
|
||||||
|
"ca": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/certificateInfo"
|
||||||
|
},
|
||||||
|
"crt": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/certificateInfo"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"securityDefinitions": {
|
"securityDefinitions": {
|
||||||
|
|||||||
@@ -42,6 +42,8 @@ var (
|
|||||||
errorUnableToGetTenantLogs = errors.New("unable to get tenant logs")
|
errorUnableToGetTenantLogs = errors.New("unable to get tenant logs")
|
||||||
errorUnableToUpdateTenantCertificates = errors.New("unable to update tenant certificates")
|
errorUnableToUpdateTenantCertificates = errors.New("unable to update tenant certificates")
|
||||||
errorUpdatingEncryptionConfig = errors.New("unable to update encryption configuration")
|
errorUpdatingEncryptionConfig = errors.New("unable to update encryption configuration")
|
||||||
|
errorDeletingEncryptionConfig = errors.New("error disabling tenant encryption")
|
||||||
|
errorEncryptionConfigNotFound = errors.New("encryption configuration not found")
|
||||||
errBucketBodyNotInRequest = errors.New("error bucket body not in request")
|
errBucketBodyNotInRequest = errors.New("error bucket body not in request")
|
||||||
errBucketNameNotInRequest = errors.New("error bucket name not in request")
|
errBucketNameNotInRequest = errors.New("error bucket name not in request")
|
||||||
errGroupBodyNotInRequest = errors.New("error group body not in request")
|
errGroupBodyNotInRequest = errors.New("error group body not in request")
|
||||||
|
|||||||
@@ -177,9 +177,15 @@ func NewOperatorAPI(spec *loads.Document) *OperatorAPI {
|
|||||||
OperatorAPITenantAddPoolHandler: operator_api.TenantAddPoolHandlerFunc(func(params operator_api.TenantAddPoolParams, principal *models.Principal) middleware.Responder {
|
OperatorAPITenantAddPoolHandler: operator_api.TenantAddPoolHandlerFunc(func(params operator_api.TenantAddPoolParams, principal *models.Principal) middleware.Responder {
|
||||||
return middleware.NotImplemented("operation operator_api.TenantAddPool has not yet been implemented")
|
return middleware.NotImplemented("operation operator_api.TenantAddPool has not yet been implemented")
|
||||||
}),
|
}),
|
||||||
|
OperatorAPITenantDeleteEncryptionHandler: operator_api.TenantDeleteEncryptionHandlerFunc(func(params operator_api.TenantDeleteEncryptionParams, principal *models.Principal) middleware.Responder {
|
||||||
|
return middleware.NotImplemented("operation operator_api.TenantDeleteEncryption has not yet been implemented")
|
||||||
|
}),
|
||||||
OperatorAPITenantDetailsHandler: operator_api.TenantDetailsHandlerFunc(func(params operator_api.TenantDetailsParams, principal *models.Principal) middleware.Responder {
|
OperatorAPITenantDetailsHandler: operator_api.TenantDetailsHandlerFunc(func(params operator_api.TenantDetailsParams, principal *models.Principal) middleware.Responder {
|
||||||
return middleware.NotImplemented("operation operator_api.TenantDetails has not yet been implemented")
|
return middleware.NotImplemented("operation operator_api.TenantDetails has not yet been implemented")
|
||||||
}),
|
}),
|
||||||
|
OperatorAPITenantEncryptionInfoHandler: operator_api.TenantEncryptionInfoHandlerFunc(func(params operator_api.TenantEncryptionInfoParams, principal *models.Principal) middleware.Responder {
|
||||||
|
return middleware.NotImplemented("operation operator_api.TenantEncryptionInfo has not yet been implemented")
|
||||||
|
}),
|
||||||
OperatorAPITenantSecurityHandler: operator_api.TenantSecurityHandlerFunc(func(params operator_api.TenantSecurityParams, principal *models.Principal) middleware.Responder {
|
OperatorAPITenantSecurityHandler: operator_api.TenantSecurityHandlerFunc(func(params operator_api.TenantSecurityParams, principal *models.Principal) middleware.Responder {
|
||||||
return middleware.NotImplemented("operation operator_api.TenantSecurity has not yet been implemented")
|
return middleware.NotImplemented("operation operator_api.TenantSecurity has not yet been implemented")
|
||||||
}),
|
}),
|
||||||
@@ -323,8 +329,12 @@ type OperatorAPI struct {
|
|||||||
OperatorAPISubscriptionValidateHandler operator_api.SubscriptionValidateHandler
|
OperatorAPISubscriptionValidateHandler operator_api.SubscriptionValidateHandler
|
||||||
// OperatorAPITenantAddPoolHandler sets the operation handler for the tenant add pool operation
|
// OperatorAPITenantAddPoolHandler sets the operation handler for the tenant add pool operation
|
||||||
OperatorAPITenantAddPoolHandler operator_api.TenantAddPoolHandler
|
OperatorAPITenantAddPoolHandler operator_api.TenantAddPoolHandler
|
||||||
|
// OperatorAPITenantDeleteEncryptionHandler sets the operation handler for the tenant delete encryption operation
|
||||||
|
OperatorAPITenantDeleteEncryptionHandler operator_api.TenantDeleteEncryptionHandler
|
||||||
// OperatorAPITenantDetailsHandler sets the operation handler for the tenant details operation
|
// OperatorAPITenantDetailsHandler sets the operation handler for the tenant details operation
|
||||||
OperatorAPITenantDetailsHandler operator_api.TenantDetailsHandler
|
OperatorAPITenantDetailsHandler operator_api.TenantDetailsHandler
|
||||||
|
// OperatorAPITenantEncryptionInfoHandler sets the operation handler for the tenant encryption info operation
|
||||||
|
OperatorAPITenantEncryptionInfoHandler operator_api.TenantEncryptionInfoHandler
|
||||||
// OperatorAPITenantSecurityHandler sets the operation handler for the tenant security operation
|
// OperatorAPITenantSecurityHandler sets the operation handler for the tenant security operation
|
||||||
OperatorAPITenantSecurityHandler operator_api.TenantSecurityHandler
|
OperatorAPITenantSecurityHandler operator_api.TenantSecurityHandler
|
||||||
// OperatorAPITenantUpdateCertificateHandler sets the operation handler for the tenant update certificate operation
|
// OperatorAPITenantUpdateCertificateHandler sets the operation handler for the tenant update certificate operation
|
||||||
@@ -532,9 +542,15 @@ func (o *OperatorAPI) Validate() error {
|
|||||||
if o.OperatorAPITenantAddPoolHandler == nil {
|
if o.OperatorAPITenantAddPoolHandler == nil {
|
||||||
unregistered = append(unregistered, "operator_api.TenantAddPoolHandler")
|
unregistered = append(unregistered, "operator_api.TenantAddPoolHandler")
|
||||||
}
|
}
|
||||||
|
if o.OperatorAPITenantDeleteEncryptionHandler == nil {
|
||||||
|
unregistered = append(unregistered, "operator_api.TenantDeleteEncryptionHandler")
|
||||||
|
}
|
||||||
if o.OperatorAPITenantDetailsHandler == nil {
|
if o.OperatorAPITenantDetailsHandler == nil {
|
||||||
unregistered = append(unregistered, "operator_api.TenantDetailsHandler")
|
unregistered = append(unregistered, "operator_api.TenantDetailsHandler")
|
||||||
}
|
}
|
||||||
|
if o.OperatorAPITenantEncryptionInfoHandler == nil {
|
||||||
|
unregistered = append(unregistered, "operator_api.TenantEncryptionInfoHandler")
|
||||||
|
}
|
||||||
if o.OperatorAPITenantSecurityHandler == nil {
|
if o.OperatorAPITenantSecurityHandler == nil {
|
||||||
unregistered = append(unregistered, "operator_api.TenantSecurityHandler")
|
unregistered = append(unregistered, "operator_api.TenantSecurityHandler")
|
||||||
}
|
}
|
||||||
@@ -803,6 +819,10 @@ func (o *OperatorAPI) initHandlerCache() {
|
|||||||
o.handlers["POST"] = make(map[string]http.Handler)
|
o.handlers["POST"] = make(map[string]http.Handler)
|
||||||
}
|
}
|
||||||
o.handlers["POST"]["/namespaces/{namespace}/tenants/{tenant}/pools"] = operator_api.NewTenantAddPool(o.context, o.OperatorAPITenantAddPoolHandler)
|
o.handlers["POST"]["/namespaces/{namespace}/tenants/{tenant}/pools"] = operator_api.NewTenantAddPool(o.context, o.OperatorAPITenantAddPoolHandler)
|
||||||
|
if o.handlers["DELETE"] == nil {
|
||||||
|
o.handlers["DELETE"] = make(map[string]http.Handler)
|
||||||
|
}
|
||||||
|
o.handlers["DELETE"]["/namespaces/{namespace}/tenants/{tenant}/encryption"] = operator_api.NewTenantDeleteEncryption(o.context, o.OperatorAPITenantDeleteEncryptionHandler)
|
||||||
if o.handlers["GET"] == nil {
|
if o.handlers["GET"] == nil {
|
||||||
o.handlers["GET"] = make(map[string]http.Handler)
|
o.handlers["GET"] = make(map[string]http.Handler)
|
||||||
}
|
}
|
||||||
@@ -810,6 +830,10 @@ func (o *OperatorAPI) initHandlerCache() {
|
|||||||
if o.handlers["GET"] == nil {
|
if o.handlers["GET"] == nil {
|
||||||
o.handlers["GET"] = make(map[string]http.Handler)
|
o.handlers["GET"] = make(map[string]http.Handler)
|
||||||
}
|
}
|
||||||
|
o.handlers["GET"]["/namespaces/{namespace}/tenants/{tenant}/encryption"] = operator_api.NewTenantEncryptionInfo(o.context, o.OperatorAPITenantEncryptionInfoHandler)
|
||||||
|
if o.handlers["GET"] == nil {
|
||||||
|
o.handlers["GET"] = make(map[string]http.Handler)
|
||||||
|
}
|
||||||
o.handlers["GET"]["/namespaces/{namespace}/tenants/{tenant}/security"] = operator_api.NewTenantSecurity(o.context, o.OperatorAPITenantSecurityHandler)
|
o.handlers["GET"]["/namespaces/{namespace}/tenants/{tenant}/security"] = operator_api.NewTenantSecurity(o.context, o.OperatorAPITenantSecurityHandler)
|
||||||
if o.handlers["PUT"] == nil {
|
if o.handlers["PUT"] == nil {
|
||||||
o.handlers["PUT"] = make(map[string]http.Handler)
|
o.handlers["PUT"] = make(map[string]http.Handler)
|
||||||
|
|||||||
@@ -0,0 +1,88 @@
|
|||||||
|
// Code generated by go-swagger; DO NOT EDIT.
|
||||||
|
|
||||||
|
// This file is part of MinIO Console Server
|
||||||
|
// Copyright (c) 2021 MinIO, Inc.
|
||||||
|
//
|
||||||
|
// This program is free software: you can redistribute it and/or modify
|
||||||
|
// it under the terms of the GNU Affero General Public License as published by
|
||||||
|
// the Free Software Foundation, either version 3 of the License, or
|
||||||
|
// (at your option) any later version.
|
||||||
|
//
|
||||||
|
// This program is distributed in the hope that it will be useful,
|
||||||
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
// GNU Affero General Public License for more details.
|
||||||
|
//
|
||||||
|
// You should have received a copy of the GNU Affero General Public License
|
||||||
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
//
|
||||||
|
|
||||||
|
package operator_api
|
||||||
|
|
||||||
|
// This file was generated by the swagger tool.
|
||||||
|
// Editing this file might prove futile when you re-run the generate command
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net/http"
|
||||||
|
|
||||||
|
"github.com/go-openapi/runtime/middleware"
|
||||||
|
|
||||||
|
"github.com/minio/console/models"
|
||||||
|
)
|
||||||
|
|
||||||
|
// TenantDeleteEncryptionHandlerFunc turns a function with the right signature into a tenant delete encryption handler
|
||||||
|
type TenantDeleteEncryptionHandlerFunc func(TenantDeleteEncryptionParams, *models.Principal) middleware.Responder
|
||||||
|
|
||||||
|
// Handle executing the request and returning a response
|
||||||
|
func (fn TenantDeleteEncryptionHandlerFunc) Handle(params TenantDeleteEncryptionParams, principal *models.Principal) middleware.Responder {
|
||||||
|
return fn(params, principal)
|
||||||
|
}
|
||||||
|
|
||||||
|
// TenantDeleteEncryptionHandler interface for that can handle valid tenant delete encryption params
|
||||||
|
type TenantDeleteEncryptionHandler interface {
|
||||||
|
Handle(TenantDeleteEncryptionParams, *models.Principal) middleware.Responder
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewTenantDeleteEncryption creates a new http.Handler for the tenant delete encryption operation
|
||||||
|
func NewTenantDeleteEncryption(ctx *middleware.Context, handler TenantDeleteEncryptionHandler) *TenantDeleteEncryption {
|
||||||
|
return &TenantDeleteEncryption{Context: ctx, Handler: handler}
|
||||||
|
}
|
||||||
|
|
||||||
|
/* TenantDeleteEncryption swagger:route DELETE /namespaces/{namespace}/tenants/{tenant}/encryption OperatorAPI tenantDeleteEncryption
|
||||||
|
|
||||||
|
Tenant Delete Encryption
|
||||||
|
|
||||||
|
*/
|
||||||
|
type TenantDeleteEncryption struct {
|
||||||
|
Context *middleware.Context
|
||||||
|
Handler TenantDeleteEncryptionHandler
|
||||||
|
}
|
||||||
|
|
||||||
|
func (o *TenantDeleteEncryption) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
|
||||||
|
route, rCtx, _ := o.Context.RouteInfo(r)
|
||||||
|
if rCtx != nil {
|
||||||
|
*r = *rCtx
|
||||||
|
}
|
||||||
|
var Params = NewTenantDeleteEncryptionParams()
|
||||||
|
uprinc, aCtx, err := o.Context.Authorize(r, route)
|
||||||
|
if err != nil {
|
||||||
|
o.Context.Respond(rw, r, route.Produces, route, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
if aCtx != nil {
|
||||||
|
*r = *aCtx
|
||||||
|
}
|
||||||
|
var principal *models.Principal
|
||||||
|
if uprinc != nil {
|
||||||
|
principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
|
||||||
|
o.Context.Respond(rw, r, route.Produces, route, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
res := o.Handler.Handle(Params, principal) // actually handle the request
|
||||||
|
o.Context.Respond(rw, r, route.Produces, route, res)
|
||||||
|
|
||||||
|
}
|
||||||
@@ -0,0 +1,112 @@
|
|||||||
|
// Code generated by go-swagger; DO NOT EDIT.
|
||||||
|
|
||||||
|
// This file is part of MinIO Console Server
|
||||||
|
// Copyright (c) 2021 MinIO, Inc.
|
||||||
|
//
|
||||||
|
// This program is free software: you can redistribute it and/or modify
|
||||||
|
// it under the terms of the GNU Affero General Public License as published by
|
||||||
|
// the Free Software Foundation, either version 3 of the License, or
|
||||||
|
// (at your option) any later version.
|
||||||
|
//
|
||||||
|
// This program is distributed in the hope that it will be useful,
|
||||||
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
// GNU Affero General Public License for more details.
|
||||||
|
//
|
||||||
|
// You should have received a copy of the GNU Affero General Public License
|
||||||
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
//
|
||||||
|
|
||||||
|
package operator_api
|
||||||
|
|
||||||
|
// This file was generated by the swagger tool.
|
||||||
|
// Editing this file might prove futile when you re-run the swagger generate command
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net/http"
|
||||||
|
|
||||||
|
"github.com/go-openapi/errors"
|
||||||
|
"github.com/go-openapi/runtime/middleware"
|
||||||
|
"github.com/go-openapi/strfmt"
|
||||||
|
)
|
||||||
|
|
||||||
|
// NewTenantDeleteEncryptionParams creates a new TenantDeleteEncryptionParams object
|
||||||
|
//
|
||||||
|
// There are no default values defined in the spec.
|
||||||
|
func NewTenantDeleteEncryptionParams() TenantDeleteEncryptionParams {
|
||||||
|
|
||||||
|
return TenantDeleteEncryptionParams{}
|
||||||
|
}
|
||||||
|
|
||||||
|
// TenantDeleteEncryptionParams contains all the bound params for the tenant delete encryption operation
|
||||||
|
// typically these are obtained from a http.Request
|
||||||
|
//
|
||||||
|
// swagger:parameters TenantDeleteEncryption
|
||||||
|
type TenantDeleteEncryptionParams struct {
|
||||||
|
|
||||||
|
// HTTP Request Object
|
||||||
|
HTTPRequest *http.Request `json:"-"`
|
||||||
|
|
||||||
|
/*
|
||||||
|
Required: true
|
||||||
|
In: path
|
||||||
|
*/
|
||||||
|
Namespace string
|
||||||
|
/*
|
||||||
|
Required: true
|
||||||
|
In: path
|
||||||
|
*/
|
||||||
|
Tenant string
|
||||||
|
}
|
||||||
|
|
||||||
|
// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
|
||||||
|
// for simple values it will use straight method calls.
|
||||||
|
//
|
||||||
|
// To ensure default values, the struct must have been initialized with NewTenantDeleteEncryptionParams() beforehand.
|
||||||
|
func (o *TenantDeleteEncryptionParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
|
||||||
|
var res []error
|
||||||
|
|
||||||
|
o.HTTPRequest = r
|
||||||
|
|
||||||
|
rNamespace, rhkNamespace, _ := route.Params.GetOK("namespace")
|
||||||
|
if err := o.bindNamespace(rNamespace, rhkNamespace, route.Formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
rTenant, rhkTenant, _ := route.Params.GetOK("tenant")
|
||||||
|
if err := o.bindTenant(rTenant, rhkTenant, route.Formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
if len(res) > 0 {
|
||||||
|
return errors.CompositeValidationError(res...)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// bindNamespace binds and validates parameter Namespace from path.
|
||||||
|
func (o *TenantDeleteEncryptionParams) bindNamespace(rawData []string, hasKey bool, formats strfmt.Registry) error {
|
||||||
|
var raw string
|
||||||
|
if len(rawData) > 0 {
|
||||||
|
raw = rawData[len(rawData)-1]
|
||||||
|
}
|
||||||
|
|
||||||
|
// Required: true
|
||||||
|
// Parameter is provided by construction from the route
|
||||||
|
o.Namespace = raw
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// bindTenant binds and validates parameter Tenant from path.
|
||||||
|
func (o *TenantDeleteEncryptionParams) bindTenant(rawData []string, hasKey bool, formats strfmt.Registry) error {
|
||||||
|
var raw string
|
||||||
|
if len(rawData) > 0 {
|
||||||
|
raw = rawData[len(rawData)-1]
|
||||||
|
}
|
||||||
|
|
||||||
|
// Required: true
|
||||||
|
// Parameter is provided by construction from the route
|
||||||
|
o.Tenant = raw
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
@@ -0,0 +1,113 @@
|
|||||||
|
// Code generated by go-swagger; DO NOT EDIT.
|
||||||
|
|
||||||
|
// This file is part of MinIO Console Server
|
||||||
|
// Copyright (c) 2021 MinIO, Inc.
|
||||||
|
//
|
||||||
|
// This program is free software: you can redistribute it and/or modify
|
||||||
|
// it under the terms of the GNU Affero General Public License as published by
|
||||||
|
// the Free Software Foundation, either version 3 of the License, or
|
||||||
|
// (at your option) any later version.
|
||||||
|
//
|
||||||
|
// This program is distributed in the hope that it will be useful,
|
||||||
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
// GNU Affero General Public License for more details.
|
||||||
|
//
|
||||||
|
// You should have received a copy of the GNU Affero General Public License
|
||||||
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
//
|
||||||
|
|
||||||
|
package operator_api
|
||||||
|
|
||||||
|
// This file was generated by the swagger tool.
|
||||||
|
// Editing this file might prove futile when you re-run the swagger generate command
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net/http"
|
||||||
|
|
||||||
|
"github.com/go-openapi/runtime"
|
||||||
|
|
||||||
|
"github.com/minio/console/models"
|
||||||
|
)
|
||||||
|
|
||||||
|
// TenantDeleteEncryptionNoContentCode is the HTTP code returned for type TenantDeleteEncryptionNoContent
|
||||||
|
const TenantDeleteEncryptionNoContentCode int = 204
|
||||||
|
|
||||||
|
/*TenantDeleteEncryptionNoContent A successful response.
|
||||||
|
|
||||||
|
swagger:response tenantDeleteEncryptionNoContent
|
||||||
|
*/
|
||||||
|
type TenantDeleteEncryptionNoContent struct {
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewTenantDeleteEncryptionNoContent creates TenantDeleteEncryptionNoContent with default headers values
|
||||||
|
func NewTenantDeleteEncryptionNoContent() *TenantDeleteEncryptionNoContent {
|
||||||
|
|
||||||
|
return &TenantDeleteEncryptionNoContent{}
|
||||||
|
}
|
||||||
|
|
||||||
|
// WriteResponse to the client
|
||||||
|
func (o *TenantDeleteEncryptionNoContent) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
|
||||||
|
|
||||||
|
rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
|
||||||
|
|
||||||
|
rw.WriteHeader(204)
|
||||||
|
}
|
||||||
|
|
||||||
|
/*TenantDeleteEncryptionDefault Generic error response.
|
||||||
|
|
||||||
|
swagger:response tenantDeleteEncryptionDefault
|
||||||
|
*/
|
||||||
|
type TenantDeleteEncryptionDefault struct {
|
||||||
|
_statusCode int
|
||||||
|
|
||||||
|
/*
|
||||||
|
In: Body
|
||||||
|
*/
|
||||||
|
Payload *models.Error `json:"body,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewTenantDeleteEncryptionDefault creates TenantDeleteEncryptionDefault with default headers values
|
||||||
|
func NewTenantDeleteEncryptionDefault(code int) *TenantDeleteEncryptionDefault {
|
||||||
|
if code <= 0 {
|
||||||
|
code = 500
|
||||||
|
}
|
||||||
|
|
||||||
|
return &TenantDeleteEncryptionDefault{
|
||||||
|
_statusCode: code,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// WithStatusCode adds the status to the tenant delete encryption default response
|
||||||
|
func (o *TenantDeleteEncryptionDefault) WithStatusCode(code int) *TenantDeleteEncryptionDefault {
|
||||||
|
o._statusCode = code
|
||||||
|
return o
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetStatusCode sets the status to the tenant delete encryption default response
|
||||||
|
func (o *TenantDeleteEncryptionDefault) SetStatusCode(code int) {
|
||||||
|
o._statusCode = code
|
||||||
|
}
|
||||||
|
|
||||||
|
// WithPayload adds the payload to the tenant delete encryption default response
|
||||||
|
func (o *TenantDeleteEncryptionDefault) WithPayload(payload *models.Error) *TenantDeleteEncryptionDefault {
|
||||||
|
o.Payload = payload
|
||||||
|
return o
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetPayload sets the payload to the tenant delete encryption default response
|
||||||
|
func (o *TenantDeleteEncryptionDefault) SetPayload(payload *models.Error) {
|
||||||
|
o.Payload = payload
|
||||||
|
}
|
||||||
|
|
||||||
|
// WriteResponse to the client
|
||||||
|
func (o *TenantDeleteEncryptionDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
|
||||||
|
|
||||||
|
rw.WriteHeader(o._statusCode)
|
||||||
|
if o.Payload != nil {
|
||||||
|
payload := o.Payload
|
||||||
|
if err := producer.Produce(rw, payload); err != nil {
|
||||||
|
panic(err) // let the recovery middleware deal with this
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -0,0 +1,124 @@
|
|||||||
|
// Code generated by go-swagger; DO NOT EDIT.
|
||||||
|
|
||||||
|
// This file is part of MinIO Console Server
|
||||||
|
// Copyright (c) 2021 MinIO, Inc.
|
||||||
|
//
|
||||||
|
// This program is free software: you can redistribute it and/or modify
|
||||||
|
// it under the terms of the GNU Affero General Public License as published by
|
||||||
|
// the Free Software Foundation, either version 3 of the License, or
|
||||||
|
// (at your option) any later version.
|
||||||
|
//
|
||||||
|
// This program is distributed in the hope that it will be useful,
|
||||||
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
// GNU Affero General Public License for more details.
|
||||||
|
//
|
||||||
|
// You should have received a copy of the GNU Affero General Public License
|
||||||
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
//
|
||||||
|
|
||||||
|
package operator_api
|
||||||
|
|
||||||
|
// This file was generated by the swagger tool.
|
||||||
|
// Editing this file might prove futile when you re-run the generate command
|
||||||
|
|
||||||
|
import (
|
||||||
|
"errors"
|
||||||
|
"net/url"
|
||||||
|
golangswaggerpaths "path"
|
||||||
|
"strings"
|
||||||
|
)
|
||||||
|
|
||||||
|
// TenantDeleteEncryptionURL generates an URL for the tenant delete encryption operation
|
||||||
|
type TenantDeleteEncryptionURL struct {
|
||||||
|
Namespace string
|
||||||
|
Tenant string
|
||||||
|
|
||||||
|
_basePath string
|
||||||
|
// avoid unkeyed usage
|
||||||
|
_ struct{}
|
||||||
|
}
|
||||||
|
|
||||||
|
// WithBasePath sets the base path for this url builder, only required when it's different from the
|
||||||
|
// base path specified in the swagger spec.
|
||||||
|
// When the value of the base path is an empty string
|
||||||
|
func (o *TenantDeleteEncryptionURL) WithBasePath(bp string) *TenantDeleteEncryptionURL {
|
||||||
|
o.SetBasePath(bp)
|
||||||
|
return o
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetBasePath sets the base path for this url builder, only required when it's different from the
|
||||||
|
// base path specified in the swagger spec.
|
||||||
|
// When the value of the base path is an empty string
|
||||||
|
func (o *TenantDeleteEncryptionURL) SetBasePath(bp string) {
|
||||||
|
o._basePath = bp
|
||||||
|
}
|
||||||
|
|
||||||
|
// Build a url path and query string
|
||||||
|
func (o *TenantDeleteEncryptionURL) Build() (*url.URL, error) {
|
||||||
|
var _result url.URL
|
||||||
|
|
||||||
|
var _path = "/namespaces/{namespace}/tenants/{tenant}/encryption"
|
||||||
|
|
||||||
|
namespace := o.Namespace
|
||||||
|
if namespace != "" {
|
||||||
|
_path = strings.Replace(_path, "{namespace}", namespace, -1)
|
||||||
|
} else {
|
||||||
|
return nil, errors.New("namespace is required on TenantDeleteEncryptionURL")
|
||||||
|
}
|
||||||
|
|
||||||
|
tenant := o.Tenant
|
||||||
|
if tenant != "" {
|
||||||
|
_path = strings.Replace(_path, "{tenant}", tenant, -1)
|
||||||
|
} else {
|
||||||
|
return nil, errors.New("tenant is required on TenantDeleteEncryptionURL")
|
||||||
|
}
|
||||||
|
|
||||||
|
_basePath := o._basePath
|
||||||
|
if _basePath == "" {
|
||||||
|
_basePath = "/api/v1"
|
||||||
|
}
|
||||||
|
_result.Path = golangswaggerpaths.Join(_basePath, _path)
|
||||||
|
|
||||||
|
return &_result, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Must is a helper function to panic when the url builder returns an error
|
||||||
|
func (o *TenantDeleteEncryptionURL) Must(u *url.URL, err error) *url.URL {
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
if u == nil {
|
||||||
|
panic("url can't be nil")
|
||||||
|
}
|
||||||
|
return u
|
||||||
|
}
|
||||||
|
|
||||||
|
// String returns the string representation of the path with query string
|
||||||
|
func (o *TenantDeleteEncryptionURL) String() string {
|
||||||
|
return o.Must(o.Build()).String()
|
||||||
|
}
|
||||||
|
|
||||||
|
// BuildFull builds a full url with scheme, host, path and query string
|
||||||
|
func (o *TenantDeleteEncryptionURL) BuildFull(scheme, host string) (*url.URL, error) {
|
||||||
|
if scheme == "" {
|
||||||
|
return nil, errors.New("scheme is required for a full url on TenantDeleteEncryptionURL")
|
||||||
|
}
|
||||||
|
if host == "" {
|
||||||
|
return nil, errors.New("host is required for a full url on TenantDeleteEncryptionURL")
|
||||||
|
}
|
||||||
|
|
||||||
|
base, err := o.Build()
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
base.Scheme = scheme
|
||||||
|
base.Host = host
|
||||||
|
return base, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// StringFull returns the string representation of a complete url
|
||||||
|
func (o *TenantDeleteEncryptionURL) StringFull(scheme, host string) string {
|
||||||
|
return o.Must(o.BuildFull(scheme, host)).String()
|
||||||
|
}
|
||||||
@@ -0,0 +1,88 @@
|
|||||||
|
// Code generated by go-swagger; DO NOT EDIT.
|
||||||
|
|
||||||
|
// This file is part of MinIO Console Server
|
||||||
|
// Copyright (c) 2021 MinIO, Inc.
|
||||||
|
//
|
||||||
|
// This program is free software: you can redistribute it and/or modify
|
||||||
|
// it under the terms of the GNU Affero General Public License as published by
|
||||||
|
// the Free Software Foundation, either version 3 of the License, or
|
||||||
|
// (at your option) any later version.
|
||||||
|
//
|
||||||
|
// This program is distributed in the hope that it will be useful,
|
||||||
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
// GNU Affero General Public License for more details.
|
||||||
|
//
|
||||||
|
// You should have received a copy of the GNU Affero General Public License
|
||||||
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
//
|
||||||
|
|
||||||
|
package operator_api
|
||||||
|
|
||||||
|
// This file was generated by the swagger tool.
|
||||||
|
// Editing this file might prove futile when you re-run the generate command
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net/http"
|
||||||
|
|
||||||
|
"github.com/go-openapi/runtime/middleware"
|
||||||
|
|
||||||
|
"github.com/minio/console/models"
|
||||||
|
)
|
||||||
|
|
||||||
|
// TenantEncryptionInfoHandlerFunc turns a function with the right signature into a tenant encryption info handler
|
||||||
|
type TenantEncryptionInfoHandlerFunc func(TenantEncryptionInfoParams, *models.Principal) middleware.Responder
|
||||||
|
|
||||||
|
// Handle executing the request and returning a response
|
||||||
|
func (fn TenantEncryptionInfoHandlerFunc) Handle(params TenantEncryptionInfoParams, principal *models.Principal) middleware.Responder {
|
||||||
|
return fn(params, principal)
|
||||||
|
}
|
||||||
|
|
||||||
|
// TenantEncryptionInfoHandler interface for that can handle valid tenant encryption info params
|
||||||
|
type TenantEncryptionInfoHandler interface {
|
||||||
|
Handle(TenantEncryptionInfoParams, *models.Principal) middleware.Responder
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewTenantEncryptionInfo creates a new http.Handler for the tenant encryption info operation
|
||||||
|
func NewTenantEncryptionInfo(ctx *middleware.Context, handler TenantEncryptionInfoHandler) *TenantEncryptionInfo {
|
||||||
|
return &TenantEncryptionInfo{Context: ctx, Handler: handler}
|
||||||
|
}
|
||||||
|
|
||||||
|
/* TenantEncryptionInfo swagger:route GET /namespaces/{namespace}/tenants/{tenant}/encryption OperatorAPI tenantEncryptionInfo
|
||||||
|
|
||||||
|
Tenant Encryption Info
|
||||||
|
|
||||||
|
*/
|
||||||
|
type TenantEncryptionInfo struct {
|
||||||
|
Context *middleware.Context
|
||||||
|
Handler TenantEncryptionInfoHandler
|
||||||
|
}
|
||||||
|
|
||||||
|
func (o *TenantEncryptionInfo) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
|
||||||
|
route, rCtx, _ := o.Context.RouteInfo(r)
|
||||||
|
if rCtx != nil {
|
||||||
|
*r = *rCtx
|
||||||
|
}
|
||||||
|
var Params = NewTenantEncryptionInfoParams()
|
||||||
|
uprinc, aCtx, err := o.Context.Authorize(r, route)
|
||||||
|
if err != nil {
|
||||||
|
o.Context.Respond(rw, r, route.Produces, route, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
if aCtx != nil {
|
||||||
|
*r = *aCtx
|
||||||
|
}
|
||||||
|
var principal *models.Principal
|
||||||
|
if uprinc != nil {
|
||||||
|
principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
|
||||||
|
o.Context.Respond(rw, r, route.Produces, route, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
res := o.Handler.Handle(Params, principal) // actually handle the request
|
||||||
|
o.Context.Respond(rw, r, route.Produces, route, res)
|
||||||
|
|
||||||
|
}
|
||||||
@@ -0,0 +1,112 @@
|
|||||||
|
// Code generated by go-swagger; DO NOT EDIT.
|
||||||
|
|
||||||
|
// This file is part of MinIO Console Server
|
||||||
|
// Copyright (c) 2021 MinIO, Inc.
|
||||||
|
//
|
||||||
|
// This program is free software: you can redistribute it and/or modify
|
||||||
|
// it under the terms of the GNU Affero General Public License as published by
|
||||||
|
// the Free Software Foundation, either version 3 of the License, or
|
||||||
|
// (at your option) any later version.
|
||||||
|
//
|
||||||
|
// This program is distributed in the hope that it will be useful,
|
||||||
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
// GNU Affero General Public License for more details.
|
||||||
|
//
|
||||||
|
// You should have received a copy of the GNU Affero General Public License
|
||||||
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
//
|
||||||
|
|
||||||
|
package operator_api
|
||||||
|
|
||||||
|
// This file was generated by the swagger tool.
|
||||||
|
// Editing this file might prove futile when you re-run the swagger generate command
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net/http"
|
||||||
|
|
||||||
|
"github.com/go-openapi/errors"
|
||||||
|
"github.com/go-openapi/runtime/middleware"
|
||||||
|
"github.com/go-openapi/strfmt"
|
||||||
|
)
|
||||||
|
|
||||||
|
// NewTenantEncryptionInfoParams creates a new TenantEncryptionInfoParams object
|
||||||
|
//
|
||||||
|
// There are no default values defined in the spec.
|
||||||
|
func NewTenantEncryptionInfoParams() TenantEncryptionInfoParams {
|
||||||
|
|
||||||
|
return TenantEncryptionInfoParams{}
|
||||||
|
}
|
||||||
|
|
||||||
|
// TenantEncryptionInfoParams contains all the bound params for the tenant encryption info operation
|
||||||
|
// typically these are obtained from a http.Request
|
||||||
|
//
|
||||||
|
// swagger:parameters TenantEncryptionInfo
|
||||||
|
type TenantEncryptionInfoParams struct {
|
||||||
|
|
||||||
|
// HTTP Request Object
|
||||||
|
HTTPRequest *http.Request `json:"-"`
|
||||||
|
|
||||||
|
/*
|
||||||
|
Required: true
|
||||||
|
In: path
|
||||||
|
*/
|
||||||
|
Namespace string
|
||||||
|
/*
|
||||||
|
Required: true
|
||||||
|
In: path
|
||||||
|
*/
|
||||||
|
Tenant string
|
||||||
|
}
|
||||||
|
|
||||||
|
// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
|
||||||
|
// for simple values it will use straight method calls.
|
||||||
|
//
|
||||||
|
// To ensure default values, the struct must have been initialized with NewTenantEncryptionInfoParams() beforehand.
|
||||||
|
func (o *TenantEncryptionInfoParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
|
||||||
|
var res []error
|
||||||
|
|
||||||
|
o.HTTPRequest = r
|
||||||
|
|
||||||
|
rNamespace, rhkNamespace, _ := route.Params.GetOK("namespace")
|
||||||
|
if err := o.bindNamespace(rNamespace, rhkNamespace, route.Formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
rTenant, rhkTenant, _ := route.Params.GetOK("tenant")
|
||||||
|
if err := o.bindTenant(rTenant, rhkTenant, route.Formats); err != nil {
|
||||||
|
res = append(res, err)
|
||||||
|
}
|
||||||
|
if len(res) > 0 {
|
||||||
|
return errors.CompositeValidationError(res...)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// bindNamespace binds and validates parameter Namespace from path.
|
||||||
|
func (o *TenantEncryptionInfoParams) bindNamespace(rawData []string, hasKey bool, formats strfmt.Registry) error {
|
||||||
|
var raw string
|
||||||
|
if len(rawData) > 0 {
|
||||||
|
raw = rawData[len(rawData)-1]
|
||||||
|
}
|
||||||
|
|
||||||
|
// Required: true
|
||||||
|
// Parameter is provided by construction from the route
|
||||||
|
o.Namespace = raw
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// bindTenant binds and validates parameter Tenant from path.
|
||||||
|
func (o *TenantEncryptionInfoParams) bindTenant(rawData []string, hasKey bool, formats strfmt.Registry) error {
|
||||||
|
var raw string
|
||||||
|
if len(rawData) > 0 {
|
||||||
|
raw = rawData[len(rawData)-1]
|
||||||
|
}
|
||||||
|
|
||||||
|
// Required: true
|
||||||
|
// Parameter is provided by construction from the route
|
||||||
|
o.Tenant = raw
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
@@ -0,0 +1,133 @@
|
|||||||
|
// Code generated by go-swagger; DO NOT EDIT.
|
||||||
|
|
||||||
|
// This file is part of MinIO Console Server
|
||||||
|
// Copyright (c) 2021 MinIO, Inc.
|
||||||
|
//
|
||||||
|
// This program is free software: you can redistribute it and/or modify
|
||||||
|
// it under the terms of the GNU Affero General Public License as published by
|
||||||
|
// the Free Software Foundation, either version 3 of the License, or
|
||||||
|
// (at your option) any later version.
|
||||||
|
//
|
||||||
|
// This program is distributed in the hope that it will be useful,
|
||||||
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
// GNU Affero General Public License for more details.
|
||||||
|
//
|
||||||
|
// You should have received a copy of the GNU Affero General Public License
|
||||||
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
//
|
||||||
|
|
||||||
|
package operator_api
|
||||||
|
|
||||||
|
// This file was generated by the swagger tool.
|
||||||
|
// Editing this file might prove futile when you re-run the swagger generate command
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net/http"
|
||||||
|
|
||||||
|
"github.com/go-openapi/runtime"
|
||||||
|
|
||||||
|
"github.com/minio/console/models"
|
||||||
|
)
|
||||||
|
|
||||||
|
// TenantEncryptionInfoOKCode is the HTTP code returned for type TenantEncryptionInfoOK
|
||||||
|
const TenantEncryptionInfoOKCode int = 200
|
||||||
|
|
||||||
|
/*TenantEncryptionInfoOK A successful response.
|
||||||
|
|
||||||
|
swagger:response tenantEncryptionInfoOK
|
||||||
|
*/
|
||||||
|
type TenantEncryptionInfoOK struct {
|
||||||
|
|
||||||
|
/*
|
||||||
|
In: Body
|
||||||
|
*/
|
||||||
|
Payload *models.EncryptionConfigurationResponse `json:"body,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewTenantEncryptionInfoOK creates TenantEncryptionInfoOK with default headers values
|
||||||
|
func NewTenantEncryptionInfoOK() *TenantEncryptionInfoOK {
|
||||||
|
|
||||||
|
return &TenantEncryptionInfoOK{}
|
||||||
|
}
|
||||||
|
|
||||||
|
// WithPayload adds the payload to the tenant encryption info o k response
|
||||||
|
func (o *TenantEncryptionInfoOK) WithPayload(payload *models.EncryptionConfigurationResponse) *TenantEncryptionInfoOK {
|
||||||
|
o.Payload = payload
|
||||||
|
return o
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetPayload sets the payload to the tenant encryption info o k response
|
||||||
|
func (o *TenantEncryptionInfoOK) SetPayload(payload *models.EncryptionConfigurationResponse) {
|
||||||
|
o.Payload = payload
|
||||||
|
}
|
||||||
|
|
||||||
|
// WriteResponse to the client
|
||||||
|
func (o *TenantEncryptionInfoOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
|
||||||
|
|
||||||
|
rw.WriteHeader(200)
|
||||||
|
if o.Payload != nil {
|
||||||
|
payload := o.Payload
|
||||||
|
if err := producer.Produce(rw, payload); err != nil {
|
||||||
|
panic(err) // let the recovery middleware deal with this
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/*TenantEncryptionInfoDefault Generic error response.
|
||||||
|
|
||||||
|
swagger:response tenantEncryptionInfoDefault
|
||||||
|
*/
|
||||||
|
type TenantEncryptionInfoDefault struct {
|
||||||
|
_statusCode int
|
||||||
|
|
||||||
|
/*
|
||||||
|
In: Body
|
||||||
|
*/
|
||||||
|
Payload *models.Error `json:"body,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewTenantEncryptionInfoDefault creates TenantEncryptionInfoDefault with default headers values
|
||||||
|
func NewTenantEncryptionInfoDefault(code int) *TenantEncryptionInfoDefault {
|
||||||
|
if code <= 0 {
|
||||||
|
code = 500
|
||||||
|
}
|
||||||
|
|
||||||
|
return &TenantEncryptionInfoDefault{
|
||||||
|
_statusCode: code,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// WithStatusCode adds the status to the tenant encryption info default response
|
||||||
|
func (o *TenantEncryptionInfoDefault) WithStatusCode(code int) *TenantEncryptionInfoDefault {
|
||||||
|
o._statusCode = code
|
||||||
|
return o
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetStatusCode sets the status to the tenant encryption info default response
|
||||||
|
func (o *TenantEncryptionInfoDefault) SetStatusCode(code int) {
|
||||||
|
o._statusCode = code
|
||||||
|
}
|
||||||
|
|
||||||
|
// WithPayload adds the payload to the tenant encryption info default response
|
||||||
|
func (o *TenantEncryptionInfoDefault) WithPayload(payload *models.Error) *TenantEncryptionInfoDefault {
|
||||||
|
o.Payload = payload
|
||||||
|
return o
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetPayload sets the payload to the tenant encryption info default response
|
||||||
|
func (o *TenantEncryptionInfoDefault) SetPayload(payload *models.Error) {
|
||||||
|
o.Payload = payload
|
||||||
|
}
|
||||||
|
|
||||||
|
// WriteResponse to the client
|
||||||
|
func (o *TenantEncryptionInfoDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
|
||||||
|
|
||||||
|
rw.WriteHeader(o._statusCode)
|
||||||
|
if o.Payload != nil {
|
||||||
|
payload := o.Payload
|
||||||
|
if err := producer.Produce(rw, payload); err != nil {
|
||||||
|
panic(err) // let the recovery middleware deal with this
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -0,0 +1,124 @@
|
|||||||
|
// Code generated by go-swagger; DO NOT EDIT.
|
||||||
|
|
||||||
|
// This file is part of MinIO Console Server
|
||||||
|
// Copyright (c) 2021 MinIO, Inc.
|
||||||
|
//
|
||||||
|
// This program is free software: you can redistribute it and/or modify
|
||||||
|
// it under the terms of the GNU Affero General Public License as published by
|
||||||
|
// the Free Software Foundation, either version 3 of the License, or
|
||||||
|
// (at your option) any later version.
|
||||||
|
//
|
||||||
|
// This program is distributed in the hope that it will be useful,
|
||||||
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
// GNU Affero General Public License for more details.
|
||||||
|
//
|
||||||
|
// You should have received a copy of the GNU Affero General Public License
|
||||||
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
//
|
||||||
|
|
||||||
|
package operator_api
|
||||||
|
|
||||||
|
// This file was generated by the swagger tool.
|
||||||
|
// Editing this file might prove futile when you re-run the generate command
|
||||||
|
|
||||||
|
import (
|
||||||
|
"errors"
|
||||||
|
"net/url"
|
||||||
|
golangswaggerpaths "path"
|
||||||
|
"strings"
|
||||||
|
)
|
||||||
|
|
||||||
|
// TenantEncryptionInfoURL generates an URL for the tenant encryption info operation
|
||||||
|
type TenantEncryptionInfoURL struct {
|
||||||
|
Namespace string
|
||||||
|
Tenant string
|
||||||
|
|
||||||
|
_basePath string
|
||||||
|
// avoid unkeyed usage
|
||||||
|
_ struct{}
|
||||||
|
}
|
||||||
|
|
||||||
|
// WithBasePath sets the base path for this url builder, only required when it's different from the
|
||||||
|
// base path specified in the swagger spec.
|
||||||
|
// When the value of the base path is an empty string
|
||||||
|
func (o *TenantEncryptionInfoURL) WithBasePath(bp string) *TenantEncryptionInfoURL {
|
||||||
|
o.SetBasePath(bp)
|
||||||
|
return o
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetBasePath sets the base path for this url builder, only required when it's different from the
|
||||||
|
// base path specified in the swagger spec.
|
||||||
|
// When the value of the base path is an empty string
|
||||||
|
func (o *TenantEncryptionInfoURL) SetBasePath(bp string) {
|
||||||
|
o._basePath = bp
|
||||||
|
}
|
||||||
|
|
||||||
|
// Build a url path and query string
|
||||||
|
func (o *TenantEncryptionInfoURL) Build() (*url.URL, error) {
|
||||||
|
var _result url.URL
|
||||||
|
|
||||||
|
var _path = "/namespaces/{namespace}/tenants/{tenant}/encryption"
|
||||||
|
|
||||||
|
namespace := o.Namespace
|
||||||
|
if namespace != "" {
|
||||||
|
_path = strings.Replace(_path, "{namespace}", namespace, -1)
|
||||||
|
} else {
|
||||||
|
return nil, errors.New("namespace is required on TenantEncryptionInfoURL")
|
||||||
|
}
|
||||||
|
|
||||||
|
tenant := o.Tenant
|
||||||
|
if tenant != "" {
|
||||||
|
_path = strings.Replace(_path, "{tenant}", tenant, -1)
|
||||||
|
} else {
|
||||||
|
return nil, errors.New("tenant is required on TenantEncryptionInfoURL")
|
||||||
|
}
|
||||||
|
|
||||||
|
_basePath := o._basePath
|
||||||
|
if _basePath == "" {
|
||||||
|
_basePath = "/api/v1"
|
||||||
|
}
|
||||||
|
_result.Path = golangswaggerpaths.Join(_basePath, _path)
|
||||||
|
|
||||||
|
return &_result, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Must is a helper function to panic when the url builder returns an error
|
||||||
|
func (o *TenantEncryptionInfoURL) Must(u *url.URL, err error) *url.URL {
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
if u == nil {
|
||||||
|
panic("url can't be nil")
|
||||||
|
}
|
||||||
|
return u
|
||||||
|
}
|
||||||
|
|
||||||
|
// String returns the string representation of the path with query string
|
||||||
|
func (o *TenantEncryptionInfoURL) String() string {
|
||||||
|
return o.Must(o.Build()).String()
|
||||||
|
}
|
||||||
|
|
||||||
|
// BuildFull builds a full url with scheme, host, path and query string
|
||||||
|
func (o *TenantEncryptionInfoURL) BuildFull(scheme, host string) (*url.URL, error) {
|
||||||
|
if scheme == "" {
|
||||||
|
return nil, errors.New("scheme is required for a full url on TenantEncryptionInfoURL")
|
||||||
|
}
|
||||||
|
if host == "" {
|
||||||
|
return nil, errors.New("host is required for a full url on TenantEncryptionInfoURL")
|
||||||
|
}
|
||||||
|
|
||||||
|
base, err := o.Build()
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
base.Scheme = scheme
|
||||||
|
base.Host = host
|
||||||
|
return base, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// StringFull returns the string representation of a complete url
|
||||||
|
func (o *TenantEncryptionInfoURL) StringFull(scheme, host string) string {
|
||||||
|
return o.Must(o.BuildFull(scheme, host)).String()
|
||||||
|
}
|
||||||
@@ -280,6 +280,24 @@ func registerTenantHandlers(api *operations.OperatorAPI) {
|
|||||||
return operator_api.NewTenantUpdateEncryptionCreated()
|
return operator_api.NewTenantUpdateEncryptionCreated()
|
||||||
})
|
})
|
||||||
|
|
||||||
|
// Delete tenant Encryption Configuration
|
||||||
|
api.OperatorAPITenantDeleteEncryptionHandler = operator_api.TenantDeleteEncryptionHandlerFunc(func(params operator_api.TenantDeleteEncryptionParams, session *models.Principal) middleware.Responder {
|
||||||
|
err := getTenantDeleteEncryptionResponse(session, params)
|
||||||
|
if err != nil {
|
||||||
|
return operator_api.NewTenantDeleteEncryptionDefault(int(err.Code)).WithPayload(err)
|
||||||
|
}
|
||||||
|
return operator_api.NewTenantDeleteEncryptionNoContent()
|
||||||
|
})
|
||||||
|
|
||||||
|
// Get Tenant Encryption Configuration
|
||||||
|
api.OperatorAPITenantEncryptionInfoHandler = operator_api.TenantEncryptionInfoHandlerFunc(func(params operator_api.TenantEncryptionInfoParams, session *models.Principal) middleware.Responder {
|
||||||
|
configuration, err := getTenantEncryptionInfoResponse(session, params)
|
||||||
|
if err != nil {
|
||||||
|
return operator_api.NewTenantEncryptionInfoDefault(int(err.Code)).WithPayload(err)
|
||||||
|
}
|
||||||
|
return operator_api.NewTenantEncryptionInfoOK().WithPayload(configuration)
|
||||||
|
})
|
||||||
|
|
||||||
// Get Tenant YAML
|
// Get Tenant YAML
|
||||||
api.OperatorAPIGetTenantYAMLHandler = operator_api.GetTenantYAMLHandlerFunc(func(params operator_api.GetTenantYAMLParams, principal *models.Principal) middleware.Responder {
|
api.OperatorAPIGetTenantYAMLHandler = operator_api.GetTenantYAMLHandlerFunc(func(params operator_api.GetTenantYAMLParams, principal *models.Principal) middleware.Responder {
|
||||||
payload, err := getTenantYAML(principal, params)
|
payload, err := getTenantYAML(principal, params)
|
||||||
@@ -635,6 +653,34 @@ func getTenantDetailsResponse(session *models.Principal, params operator_api.Ten
|
|||||||
return info, nil
|
return info, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func parseCertificate(name string, rawCert []byte) (*models.CertificateInfo, error) {
|
||||||
|
block, _ := pem.Decode(rawCert)
|
||||||
|
if block == nil {
|
||||||
|
return nil, errors.New("certificate failed to decode")
|
||||||
|
}
|
||||||
|
cert, err := x509.ParseCertificate(block.Bytes)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
domains := []string{}
|
||||||
|
// append certificate domain names
|
||||||
|
if len(cert.DNSNames) > 0 {
|
||||||
|
domains = append(domains, cert.DNSNames...)
|
||||||
|
}
|
||||||
|
// append certificate IPs
|
||||||
|
if len(cert.IPAddresses) > 0 {
|
||||||
|
for _, ip := range cert.IPAddresses {
|
||||||
|
domains = append(domains, ip.String())
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return &models.CertificateInfo{
|
||||||
|
SerialNumber: cert.SerialNumber.String(),
|
||||||
|
Name: name,
|
||||||
|
Domains: domains,
|
||||||
|
Expiry: cert.NotAfter.String(),
|
||||||
|
}, nil
|
||||||
|
}
|
||||||
|
|
||||||
// parseTenantCertificates convert public key pem certificates stored in k8s secrets for a given Tenant into x509 certificates
|
// parseTenantCertificates convert public key pem certificates stored in k8s secrets for a given Tenant into x509 certificates
|
||||||
func parseTenantCertificates(ctx context.Context, clientSet K8sClientI, namespace string, secrets []*miniov2.LocalCertificateReference) ([]*models.CertificateInfo, error) {
|
func parseTenantCertificates(ctx context.Context, clientSet K8sClientI, namespace string, secrets []*miniov2.LocalCertificateReference) ([]*models.CertificateInfo, error) {
|
||||||
var certificates []*models.CertificateInfo
|
var certificates []*models.CertificateInfo
|
||||||
@@ -1207,7 +1253,7 @@ func getTenantCreatedResponse(session *models.Principal, params operator_api.Cre
|
|||||||
minInst.Spec.KES.NodeSelector = tenantReq.Encryption.NodeSelector
|
minInst.Spec.KES.NodeSelector = tenantReq.Encryption.NodeSelector
|
||||||
|
|
||||||
if tenantReq.Encryption.SecurityContext != nil {
|
if tenantReq.Encryption.SecurityContext != nil {
|
||||||
sc, err := parseSecurityContext(tenantReq.Encryption.SecurityContext)
|
sc, err := convertModelSCToK8sSC(tenantReq.Encryption.SecurityContext)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, prepareError(err)
|
return nil, prepareError(err)
|
||||||
}
|
}
|
||||||
@@ -1309,7 +1355,7 @@ func getTenantCreatedResponse(session *models.Principal, params operator_api.Cre
|
|||||||
}
|
}
|
||||||
// if security context for logSearch is present, configure it.
|
// if security context for logSearch is present, configure it.
|
||||||
if tenantReq.LogSearchConfiguration.SecurityContext != nil {
|
if tenantReq.LogSearchConfiguration.SecurityContext != nil {
|
||||||
sc, err := parseSecurityContext(tenantReq.LogSearchConfiguration.SecurityContext)
|
sc, err := convertModelSCToK8sSC(tenantReq.LogSearchConfiguration.SecurityContext)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, prepareError(err)
|
return nil, prepareError(err)
|
||||||
}
|
}
|
||||||
@@ -1317,7 +1363,7 @@ func getTenantCreatedResponse(session *models.Principal, params operator_api.Cre
|
|||||||
}
|
}
|
||||||
// if security context for logSearch is present, configure it.
|
// if security context for logSearch is present, configure it.
|
||||||
if tenantReq.LogSearchConfiguration.PostgresSecurityContext != nil {
|
if tenantReq.LogSearchConfiguration.PostgresSecurityContext != nil {
|
||||||
sc, err := parseSecurityContext(tenantReq.LogSearchConfiguration.PostgresSecurityContext)
|
sc, err := convertModelSCToK8sSC(tenantReq.LogSearchConfiguration.PostgresSecurityContext)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, prepareError(err)
|
return nil, prepareError(err)
|
||||||
}
|
}
|
||||||
@@ -1411,7 +1457,7 @@ func getTenantCreatedResponse(session *models.Principal, params operator_api.Cre
|
|||||||
}
|
}
|
||||||
// if security context for prometheus is present, configure it.
|
// if security context for prometheus is present, configure it.
|
||||||
if tenantReq.PrometheusConfiguration != nil && tenantReq.PrometheusConfiguration.SecurityContext != nil {
|
if tenantReq.PrometheusConfiguration != nil && tenantReq.PrometheusConfiguration.SecurityContext != nil {
|
||||||
sc, err := parseSecurityContext(tenantReq.PrometheusConfiguration.SecurityContext)
|
sc, err := convertModelSCToK8sSC(tenantReq.PrometheusConfiguration.SecurityContext)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, prepareError(err)
|
return nil, prepareError(err)
|
||||||
}
|
}
|
||||||
@@ -2550,7 +2596,7 @@ func parseTenantPoolRequest(poolParams *models.Pool) (*miniov2.Pool, error) {
|
|||||||
}
|
}
|
||||||
// if security context for Tenant is present, configure it.
|
// if security context for Tenant is present, configure it.
|
||||||
if poolParams.SecurityContext != nil {
|
if poolParams.SecurityContext != nil {
|
||||||
sc, err := parseSecurityContext(poolParams.SecurityContext)
|
sc, err := convertModelSCToK8sSC(poolParams.SecurityContext)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -22,6 +22,7 @@ import (
|
|||||||
"crypto/tls"
|
"crypto/tls"
|
||||||
"encoding/base64"
|
"encoding/base64"
|
||||||
"encoding/hex"
|
"encoding/hex"
|
||||||
|
"encoding/json"
|
||||||
"fmt"
|
"fmt"
|
||||||
"strconv"
|
"strconv"
|
||||||
"time"
|
"time"
|
||||||
@@ -39,8 +40,8 @@ import (
|
|||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
)
|
)
|
||||||
|
|
||||||
// parseSecurityContext validate and return securityContext for pods
|
// convertModelSCToK8sSC validates and converts from models.SecurityContext to corev1.PodSecurityContext
|
||||||
func parseSecurityContext(sc *models.SecurityContext) (*corev1.PodSecurityContext, error) {
|
func convertModelSCToK8sSC(sc *models.SecurityContext) (*corev1.PodSecurityContext, error) {
|
||||||
if sc == nil {
|
if sc == nil {
|
||||||
return nil, errors.New("invalid security context")
|
return nil, errors.New("invalid security context")
|
||||||
}
|
}
|
||||||
@@ -64,6 +65,19 @@ func parseSecurityContext(sc *models.SecurityContext) (*corev1.PodSecurityContex
|
|||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// convertK8sSCToModelSC validates and converts from corev1.PodSecurityContext to models.SecurityContext
|
||||||
|
func convertK8sSCToModelSC(sc *corev1.PodSecurityContext) *models.SecurityContext {
|
||||||
|
runAsUser := strconv.FormatInt(*sc.RunAsUser, 10)
|
||||||
|
RunAsGroup := strconv.FormatInt(*sc.RunAsGroup, 10)
|
||||||
|
FsGroup := strconv.FormatInt(*sc.FSGroup, 10)
|
||||||
|
return &models.SecurityContext{
|
||||||
|
RunAsUser: &runAsUser,
|
||||||
|
RunAsGroup: &RunAsGroup,
|
||||||
|
RunAsNonRoot: sc.RunAsNonRoot,
|
||||||
|
FsGroup: &FsGroup,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// tenantUpdateCertificates receives the keyPair certificates (public and private keys) for Minio and Console and will try
|
// tenantUpdateCertificates receives the keyPair certificates (public and private keys) for Minio and Console and will try
|
||||||
// to replace the existing kubernetes secrets with the new values, then will restart the affected pods so the new volumes can be mounted
|
// to replace the existing kubernetes secrets with the new values, then will restart the affected pods so the new volumes can be mounted
|
||||||
func tenantUpdateCertificates(ctx context.Context, operatorClient OperatorClientI, clientSet K8sClientI, namespace string, params operator_api.TenantUpdateCertificateParams) error {
|
func tenantUpdateCertificates(ctx context.Context, operatorClient OperatorClientI, clientSet K8sClientI, namespace string, params operator_api.TenantUpdateCertificateParams) error {
|
||||||
@@ -116,6 +130,22 @@ func getTenantUpdateCertificatesResponse(session *models.Principal, params opera
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// tenantDeleteEncryption allow user to disable tenant encryption for a particular tenant
|
||||||
|
func tenantDeleteEncryption(ctx context.Context, operatorClient OperatorClientI, namespace string, params operator_api.TenantDeleteEncryptionParams) error {
|
||||||
|
tenantName := params.Tenant
|
||||||
|
tenant, err := operatorClient.TenantGet(ctx, namespace, tenantName, metav1.GetOptions{})
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
tenant.EnsureDefaults()
|
||||||
|
tenant.Spec.KES = nil
|
||||||
|
_, err = operatorClient.TenantUpdate(ctx, tenant, metav1.UpdateOptions{})
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
// tenantUpdateEncryption allow user to update KES server certificates, KES client certificates (used by MinIO for mTLS) and KES configuration (KMS configuration, credentials, etc)
|
// tenantUpdateEncryption allow user to update KES server certificates, KES client certificates (used by MinIO for mTLS) and KES configuration (KMS configuration, credentials, etc)
|
||||||
func tenantUpdateEncryption(ctx context.Context, operatorClient OperatorClientI, clientSet K8sClientI, namespace string, params operator_api.TenantUpdateEncryptionParams) error {
|
func tenantUpdateEncryption(ctx context.Context, operatorClient OperatorClientI, clientSet K8sClientI, namespace string, params operator_api.TenantUpdateEncryptionParams) error {
|
||||||
tenantName := params.Tenant
|
tenantName := params.Tenant
|
||||||
@@ -125,47 +155,99 @@ func tenantUpdateEncryption(ctx context.Context, operatorClient OperatorClientI,
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
// Check if encryption is enabled for MinIO via KES
|
tenant.EnsureDefaults()
|
||||||
if tenant.HasKESEnabled() {
|
// Initialize KES configuration if not present
|
||||||
// check if KES is deployed with external certificates and user provided new server keypair
|
if !tenant.HasKESEnabled() {
|
||||||
if tenant.KESExternalCert() && body.Server != nil {
|
tenant.Spec.KES = &miniov2.KESConfig{}
|
||||||
kesExternalCertSecretName := fmt.Sprintf("%s-kes-external-cert", secretName)
|
}
|
||||||
// update certificates
|
if tenant.KESExternalCert() {
|
||||||
certificates := []*models.KeyPairConfiguration{body.Server}
|
for _, certificateToBeDeleted := range params.Body.SecretsToBeDeleted {
|
||||||
if _, err := createOrReplaceExternalCertSecrets(ctx, clientSet, namespace, certificates, kesExternalCertSecretName, tenantName); err != nil {
|
if tenant.Spec.KES.ExternalCertSecret.Name == certificateToBeDeleted {
|
||||||
return err
|
tenant.Spec.KES.ExternalCertSecret = nil
|
||||||
|
break
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// check if Tenant is deployed with external client certificates and user provided new client keypaiir
|
}
|
||||||
if tenant.ExternalClientCert() && body.Client != nil {
|
if tenant.ExternalClientCert() {
|
||||||
tenantExternalClientCertSecretName := fmt.Sprintf("%s-tenant-external-client-cert", secretName)
|
for _, certificateToBeDeleted := range params.Body.SecretsToBeDeleted {
|
||||||
// Update certificates
|
if tenant.Spec.ExternalClientCertSecret.Name == certificateToBeDeleted {
|
||||||
certificates := []*models.KeyPairConfiguration{body.Client}
|
tenant.Spec.ExternalClientCertSecret = nil
|
||||||
if _, err := createOrReplaceExternalCertSecrets(ctx, clientSet, namespace, certificates, tenantExternalClientCertSecretName, tenantName); err != nil {
|
break
|
||||||
return err
|
|
||||||
}
|
|
||||||
// Restart MinIO pods to mount the new client secrets
|
|
||||||
err := clientSet.deletePodCollection(ctx, namespace, metav1.DeleteOptions{}, metav1.ListOptions{
|
|
||||||
LabelSelector: fmt.Sprintf("%s=%s", miniov2.TenantLabel, tenantName),
|
|
||||||
})
|
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// update KES identities in kes-configuration.yaml secret
|
}
|
||||||
kesConfigurationSecretName := fmt.Sprintf("%s-kes-configuration", secretName)
|
if body.Server != nil {
|
||||||
kesClientCertSecretName := fmt.Sprintf("%s-kes-client-cert", secretName)
|
kesExternalCertSecretName := fmt.Sprintf("%s-kes-external-cert", secretName)
|
||||||
_, _, err := createOrReplaceKesConfigurationSecrets(ctx, clientSet, namespace, body, kesConfigurationSecretName, kesClientCertSecretName, tenantName)
|
if tenant.KESExternalCert() {
|
||||||
|
kesExternalCertSecretName = tenant.Spec.KES.ExternalCertSecret.Name
|
||||||
|
}
|
||||||
|
// update certificates
|
||||||
|
certificates := []*models.KeyPairConfiguration{body.Server}
|
||||||
|
createdCertificates, err := createOrReplaceExternalCertSecrets(ctx, clientSet, namespace, certificates, kesExternalCertSecretName, tenantName)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
// Restart KES pods to mount the new configuration
|
if len(createdCertificates) > 0 {
|
||||||
err = clientSet.deletePodCollection(ctx, namespace, metav1.DeleteOptions{}, metav1.ListOptions{
|
tenant.Spec.KES.ExternalCertSecret = createdCertificates[0]
|
||||||
LabelSelector: fmt.Sprintf("%s=%s", miniov2.KESInstanceLabel, fmt.Sprintf("%s-kes", tenantName)),
|
}
|
||||||
})
|
}
|
||||||
|
if body.Client != nil {
|
||||||
|
tenantExternalClientCertSecretName := fmt.Sprintf("%s-tenant-external-client-cert", secretName)
|
||||||
|
if tenant.ExternalClientCert() {
|
||||||
|
tenantExternalClientCertSecretName = tenant.Spec.ExternalClientCertSecret.Name
|
||||||
|
}
|
||||||
|
// Update certificates
|
||||||
|
certificates := []*models.KeyPairConfiguration{body.Client}
|
||||||
|
createdCertificates, err := createOrReplaceExternalCertSecrets(ctx, clientSet, namespace, certificates, tenantExternalClientCertSecretName, tenantName)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
if len(createdCertificates) > 0 {
|
||||||
|
tenant.Spec.ExternalClientCertSecret = createdCertificates[0]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// update KES identities in kes-configuration.yaml secret
|
||||||
|
kesConfigurationSecretName := fmt.Sprintf("%s-kes-configuration", secretName)
|
||||||
|
kesClientCertSecretName := fmt.Sprintf("%s-kes-client-cert", secretName)
|
||||||
|
kesConfigurationSecret, kesClientCertSecret, err := createOrReplaceKesConfigurationSecrets(ctx, clientSet, namespace, body, kesConfigurationSecretName, kesClientCertSecretName, tenantName)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
tenant.Spec.KES.Configuration = kesConfigurationSecret
|
||||||
|
tenant.Spec.KES.ClientCertSecret = kesClientCertSecret
|
||||||
|
image := params.Body.Image
|
||||||
|
if image == "" {
|
||||||
|
image = miniov2.DefaultKESImage
|
||||||
|
}
|
||||||
|
tenant.Spec.KES.Image = image
|
||||||
|
i, err := strconv.ParseInt(params.Body.Replicas, 10, 32)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
tenant.Spec.KES.Replicas = int32(i)
|
||||||
|
tenant.Spec.KES.SecurityContext, err = convertModelSCToK8sSC(params.Body.SecurityContext)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
_, err = operatorClient.TenantUpdate(ctx, tenant, metav1.UpdateOptions{})
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// getTenantDeleteEncryptionResponse is a wrapper for tenantDeleteEncryption
|
||||||
|
func getTenantDeleteEncryptionResponse(session *models.Principal, params operator_api.TenantDeleteEncryptionParams) *models.Error {
|
||||||
|
ctx := context.Background()
|
||||||
|
opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken)
|
||||||
|
if err != nil {
|
||||||
|
return prepareError(err, errorDeletingEncryptionConfig)
|
||||||
|
}
|
||||||
|
opClient := operatorClient{
|
||||||
|
client: opClientClientSet,
|
||||||
|
}
|
||||||
|
if err := tenantDeleteEncryption(ctx, &opClient, params.Namespace, params); err != nil {
|
||||||
|
return prepareError(err, errorDeletingEncryptionConfig)
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
@@ -194,6 +276,203 @@ func getTenantUpdateEncryptionResponse(session *models.Principal, params operato
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// tenantEncryptionInfo retrieves encryption information for the current tenant
|
||||||
|
func tenantEncryptionInfo(ctx context.Context, operatorClient OperatorClientI, clientSet K8sClientI, namespace string, params operator_api.TenantEncryptionInfoParams) (*models.EncryptionConfigurationResponse, error) {
|
||||||
|
tenantName := params.Tenant
|
||||||
|
tenant, err := operatorClient.TenantGet(ctx, namespace, tenantName, metav1.GetOptions{})
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
// Check if encryption is enabled for MinIO via KES
|
||||||
|
if tenant.HasKESEnabled() {
|
||||||
|
encryptConfig := &models.EncryptionConfigurationResponse{
|
||||||
|
Image: tenant.Spec.KES.Image,
|
||||||
|
Replicas: fmt.Sprintf("%d", tenant.Spec.KES.Replicas),
|
||||||
|
}
|
||||||
|
if tenant.Spec.KES.Image == "" {
|
||||||
|
encryptConfig.Image = miniov2.GetTenantKesImage()
|
||||||
|
}
|
||||||
|
if tenant.Spec.KES.SecurityContext != nil {
|
||||||
|
encryptConfig.SecurityContext = convertK8sSCToModelSC(tenant.Spec.KES.SecurityContext)
|
||||||
|
}
|
||||||
|
if tenant.KESExternalCert() {
|
||||||
|
kesExternalCerts, err := parseTenantCertificates(ctx, clientSet, tenant.Namespace, []*miniov2.LocalCertificateReference{tenant.Spec.KES.ExternalCertSecret})
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if len(kesExternalCerts) > 0 {
|
||||||
|
encryptConfig.Server = kesExternalCerts[0]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if tenant.ExternalClientCert() {
|
||||||
|
clientCerts, err := parseTenantCertificates(ctx, clientSet, tenant.Namespace, []*miniov2.LocalCertificateReference{tenant.Spec.ExternalClientCertSecret})
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if len(clientCerts) > 0 {
|
||||||
|
encryptConfig.MtlsClient = clientCerts[0]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if tenant.Spec.KES.Configuration != nil {
|
||||||
|
configSecret, err := clientSet.getSecret(ctx, tenant.Namespace, tenant.Spec.KES.Configuration.Name, metav1.GetOptions{})
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if rawConfiguration, ok := configSecret.Data["server-config.yaml"]; ok {
|
||||||
|
kesConfiguration := &kes.ServerConfig{}
|
||||||
|
err := yaml.Unmarshal(rawConfiguration, kesConfiguration)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if kesConfiguration.Keys.Vault != nil {
|
||||||
|
vault := kesConfiguration.Keys.Vault
|
||||||
|
vaultConfig := &models.VaultConfigurationResponse{
|
||||||
|
Prefix: vault.Prefix,
|
||||||
|
Namespace: vault.Namespace,
|
||||||
|
Engine: vault.EnginePath,
|
||||||
|
Endpoint: &vault.Endpoint,
|
||||||
|
}
|
||||||
|
if vault.Status != nil {
|
||||||
|
vaultConfig.Status = &models.VaultConfigurationResponseStatus{
|
||||||
|
Ping: int64(vault.Status.Ping.Seconds()),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if vault.AppRole != nil {
|
||||||
|
vaultConfig.Approle = &models.VaultConfigurationResponseApprole{
|
||||||
|
Engine: vault.AppRole.EnginePath,
|
||||||
|
ID: &vault.AppRole.ID,
|
||||||
|
Retry: int64(vault.AppRole.Retry.Seconds()),
|
||||||
|
Secret: &vault.AppRole.Secret,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if tenant.KESClientCert() {
|
||||||
|
vaultConfig.TLS = &models.VaultConfigurationResponseTLS{}
|
||||||
|
clientSecretName := tenant.Spec.KES.ClientCertSecret.Name
|
||||||
|
keyPair, err := clientSet.getSecret(ctx, namespace, clientSecretName, metav1.GetOptions{})
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
// Extract client public certificate
|
||||||
|
if rawCert, ok := keyPair.Data["client.crt"]; ok {
|
||||||
|
vaultConfig.TLS.Crt, err = parseCertificate(clientSecretName, rawCert)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// Extract client ca certificate
|
||||||
|
if rawCert, ok := keyPair.Data["ca.crt"]; ok {
|
||||||
|
vaultConfig.TLS.Ca, err = parseCertificate(clientSecretName, rawCert)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
encryptConfig.Vault = vaultConfig
|
||||||
|
}
|
||||||
|
if kesConfiguration.Keys.Aws != nil {
|
||||||
|
awsJSON, err := json.Marshal(kesConfiguration.Keys.Aws)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
awsConfig := &models.AwsConfiguration{}
|
||||||
|
err = json.Unmarshal(awsJSON, awsConfig)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
encryptConfig.Aws = awsConfig
|
||||||
|
}
|
||||||
|
if kesConfiguration.Keys.Gcp != nil {
|
||||||
|
gcpJSON, err := json.Marshal(kesConfiguration.Keys.Gcp)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
gcpConfig := &models.GcpConfiguration{}
|
||||||
|
err = json.Unmarshal(gcpJSON, gcpConfig)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
encryptConfig.Gcp = gcpConfig
|
||||||
|
}
|
||||||
|
if kesConfiguration.Keys.Gemalto != nil {
|
||||||
|
gemalto := kesConfiguration.Keys.Gemalto
|
||||||
|
gemaltoConfig := &models.GemaltoConfigurationResponse{
|
||||||
|
Keysecure: &models.GemaltoConfigurationResponseKeysecure{},
|
||||||
|
}
|
||||||
|
if gemalto.KeySecure != nil {
|
||||||
|
gemaltoConfig.Keysecure.Endpoint = &gemalto.KeySecure.Endpoint
|
||||||
|
if gemalto.KeySecure.Credentials != nil {
|
||||||
|
gemaltoConfig.Keysecure.Credentials = &models.GemaltoConfigurationResponseKeysecureCredentials{
|
||||||
|
Domain: &gemalto.KeySecure.Credentials.Domain,
|
||||||
|
Retry: int64(gemalto.KeySecure.Credentials.Retry.Seconds()),
|
||||||
|
Token: &gemalto.KeySecure.Credentials.Token,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if gemalto.KeySecure.TLS != nil {
|
||||||
|
if tenant.KESClientCert() {
|
||||||
|
gemaltoConfig.Keysecure.TLS = &models.GemaltoConfigurationResponseKeysecureTLS{}
|
||||||
|
clientSecretName := tenant.Spec.KES.ClientCertSecret.Name
|
||||||
|
keyPair, err := clientSet.getSecret(ctx, namespace, clientSecretName, metav1.GetOptions{})
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
// Extract client ca certificate
|
||||||
|
if rawCert, ok := keyPair.Data["ca.crt"]; ok {
|
||||||
|
gemaltoConfig.Keysecure.TLS.Ca, err = parseCertificate(clientSecretName, rawCert)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
encryptConfig.Gemalto = gemaltoConfig
|
||||||
|
}
|
||||||
|
if kesConfiguration.Keys.Azure != nil {
|
||||||
|
azureJSON, err := json.Marshal(kesConfiguration.Keys.Azure)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
azureConfig := &models.AzureConfiguration{}
|
||||||
|
err = json.Unmarshal(azureJSON, azureConfig)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
encryptConfig.Azure = azureConfig
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return encryptConfig, nil
|
||||||
|
}
|
||||||
|
return nil, errors.New("encryption configuration not found")
|
||||||
|
}
|
||||||
|
|
||||||
|
// getTenantEncryptionResponse is a wrapper for tenantEncryptionInfo
|
||||||
|
func getTenantEncryptionInfoResponse(session *models.Principal, params operator_api.TenantEncryptionInfoParams) (*models.EncryptionConfigurationResponse, *models.Error) {
|
||||||
|
ctx := context.Background()
|
||||||
|
// get Kubernetes Client
|
||||||
|
clientSet, err := cluster.K8sClient(session.STSSessionToken)
|
||||||
|
if err != nil {
|
||||||
|
return nil, prepareError(err, errorEncryptionConfigNotFound)
|
||||||
|
}
|
||||||
|
k8sClient := k8sClient{
|
||||||
|
client: clientSet,
|
||||||
|
}
|
||||||
|
opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken)
|
||||||
|
if err != nil {
|
||||||
|
return nil, prepareError(err, errorEncryptionConfigNotFound)
|
||||||
|
}
|
||||||
|
opClient := operatorClient{
|
||||||
|
client: opClientClientSet,
|
||||||
|
}
|
||||||
|
configuration, err := tenantEncryptionInfo(ctx, &opClient, &k8sClient, params.Namespace, params)
|
||||||
|
if err != nil {
|
||||||
|
return nil, prepareError(err, errorEncryptionConfigNotFound)
|
||||||
|
}
|
||||||
|
return configuration, nil
|
||||||
|
}
|
||||||
|
|
||||||
// getKESConfiguration will generate the KES server certificate secrets, the tenant client secrets for mTLS authentication between MinIO and KES and the
|
// getKESConfiguration will generate the KES server certificate secrets, the tenant client secrets for mTLS authentication between MinIO and KES and the
|
||||||
// kes-configuration.yaml file used by the KES service (how to connect to the external KMS, eg: Vault, AWS, Gemalto, etc)
|
// kes-configuration.yaml file used by the KES service (how to connect to the external KMS, eg: Vault, AWS, Gemalto, etc)
|
||||||
func getKESConfiguration(ctx context.Context, clientSet K8sClientI, ns string, encryptionCfg *models.EncryptionConfiguration, secretName, tenantName string) (kesConfiguration *miniov2.KESConfig, err error) {
|
func getKESConfiguration(ctx context.Context, clientSet K8sClientI, ns string, encryptionCfg *models.EncryptionConfiguration, secretName, tenantName string) (kesConfiguration *miniov2.KESConfig, err error) {
|
||||||
@@ -410,6 +689,10 @@ func createOrReplaceKesConfigurationSecrets(ctx context.Context, clientSet K8sCl
|
|||||||
mTLSCertificates := map[string][]byte{}
|
mTLSCertificates := map[string][]byte{}
|
||||||
// if encryption is enabled and encryption is configured to use Vault
|
// if encryption is enabled and encryption is configured to use Vault
|
||||||
if encryptionCfg.Vault != nil {
|
if encryptionCfg.Vault != nil {
|
||||||
|
ping := 10 // default ping
|
||||||
|
if encryptionCfg.Vault.Status != nil {
|
||||||
|
ping = int(encryptionCfg.Vault.Status.Ping)
|
||||||
|
}
|
||||||
// Initialize Vault Config
|
// Initialize Vault Config
|
||||||
kesConfig.Keys.Vault = &kes.Vault{
|
kesConfig.Keys.Vault = &kes.Vault{
|
||||||
Endpoint: *encryptionCfg.Vault.Endpoint,
|
Endpoint: *encryptionCfg.Vault.Endpoint,
|
||||||
@@ -417,16 +700,17 @@ func createOrReplaceKesConfigurationSecrets(ctx context.Context, clientSet K8sCl
|
|||||||
Namespace: encryptionCfg.Vault.Namespace,
|
Namespace: encryptionCfg.Vault.Namespace,
|
||||||
Prefix: encryptionCfg.Vault.Prefix,
|
Prefix: encryptionCfg.Vault.Prefix,
|
||||||
Status: &kes.VaultStatus{
|
Status: &kes.VaultStatus{
|
||||||
Ping: 10 * time.Second,
|
Ping: time.Duration(ping) * time.Second,
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
// Vault AppRole credentials
|
// Vault AppRole credentials
|
||||||
if encryptionCfg.Vault.Approle != nil {
|
if encryptionCfg.Vault.Approle != nil {
|
||||||
|
retry := encryptionCfg.Vault.Approle.Retry
|
||||||
kesConfig.Keys.Vault.AppRole = &kes.AppRole{
|
kesConfig.Keys.Vault.AppRole = &kes.AppRole{
|
||||||
EnginePath: encryptionCfg.Vault.Approle.Engine,
|
EnginePath: encryptionCfg.Vault.Approle.Engine,
|
||||||
ID: *encryptionCfg.Vault.Approle.ID,
|
ID: *encryptionCfg.Vault.Approle.ID,
|
||||||
Secret: *encryptionCfg.Vault.Approle.Secret,
|
Secret: *encryptionCfg.Vault.Approle.Secret,
|
||||||
Retry: 15 * time.Second,
|
Retry: time.Duration(retry) * time.Second,
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
return nil, nil, errors.New("approle credentials missing for kes")
|
return nil, nil, errors.New("approle credentials missing for kes")
|
||||||
|
|||||||
140
pkg/kes/kes.go
140
pkg/kes/kes.go
@@ -32,87 +32,87 @@ type TLSProxyHeader struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
type TLSProxy struct {
|
type TLSProxy struct {
|
||||||
Identities *[]Identity `yaml:"identities,omitempty"`
|
Identities *[]Identity `yaml:"identities,omitempty" json:"identities,omitempty"`
|
||||||
Header *TLSProxyHeader `yaml:"header,omitempty"`
|
Header *TLSProxyHeader `yaml:"header,omitempty" json:"header,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type TLS struct {
|
type TLS struct {
|
||||||
KeyPath string `yaml:"key,omitempty"`
|
KeyPath string `yaml:"key,omitempty" json:"key,omitempty"`
|
||||||
CertPath string `yaml:"cert,omitempty"`
|
CertPath string `yaml:"cert,omitempty" json:"cert,omitempty"`
|
||||||
Proxy *TLSProxy `yaml:"proxy,omitempty"`
|
Proxy *TLSProxy `yaml:"proxy,omitempty" json:"proxy,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type Policy struct {
|
type Policy struct {
|
||||||
Paths []string `yaml:"paths,omitempty"`
|
Paths []string `yaml:"paths,omitempty" json:"paths,omitempty"`
|
||||||
Identities []Identity `yaml:"identities,omitempty"`
|
Identities []Identity `yaml:"identities,omitempty" json:"identities,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type Expiry struct {
|
type Expiry struct {
|
||||||
Any time.Duration `yaml:"any,omitempty"`
|
Any time.Duration `yaml:"any,omitempty" json:"any,omitempty"`
|
||||||
Unused time.Duration `yaml:"unused,omitempty"`
|
Unused time.Duration `yaml:"unused,omitempty" json:"unused,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type Cache struct {
|
type Cache struct {
|
||||||
Expiry *Expiry `yaml:"expiry,omitempty"`
|
Expiry *Expiry `yaml:"expiry,omitempty" json:"expiry,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type Log struct {
|
type Log struct {
|
||||||
Error string `yaml:"error,omitempty"`
|
Error string `yaml:"error,omitempty" json:"error,omitempty"`
|
||||||
Audit string `yaml:"audit,omitempty"`
|
Audit string `yaml:"audit,omitempty" json:"audit,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type Fs struct {
|
type Fs struct {
|
||||||
Path string `yaml:"path,omitempty"`
|
Path string `yaml:"path,omitempty" json:"path,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type AppRole struct {
|
type AppRole struct {
|
||||||
EnginePath string `yaml:"engine,omitempty"`
|
EnginePath string `yaml:"engine,omitempty" json:"engine,omitempty"`
|
||||||
ID string `yaml:"id,omitempty"`
|
ID string `yaml:"id,omitempty" json:"id,omitempty"`
|
||||||
Secret string `yaml:"secret,omitempty"`
|
Secret string `yaml:"secret,omitempty" json:"secret,omitempty"`
|
||||||
Retry time.Duration `yaml:"retry,omitempty"`
|
Retry time.Duration `yaml:"retry,omitempty" json:"retry,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type VaultTLS struct {
|
type VaultTLS struct {
|
||||||
KeyPath string `yaml:"key,omitempty"`
|
KeyPath string `yaml:"key,omitempty" json:"key,omitempty"`
|
||||||
CertPath string `yaml:"cert,omitempty"`
|
CertPath string `yaml:"cert,omitempty" json:"cert,omitempty"`
|
||||||
CAPath string `yaml:"ca,omitempty"`
|
CAPath string `yaml:"ca,omitempty" json:"ca,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type VaultStatus struct {
|
type VaultStatus struct {
|
||||||
Ping time.Duration `yaml:"ping,omitempty"`
|
Ping time.Duration `yaml:"ping,omitempty" json:"ping,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type Vault struct {
|
type Vault struct {
|
||||||
Endpoint string `yaml:"endpoint,omitempty"`
|
Endpoint string `yaml:"endpoint,omitempty" json:"endpoint,omitempty"`
|
||||||
EnginePath string `yaml:"engine,omitempty"`
|
EnginePath string `yaml:"engine,omitempty" json:"engine,omitempty"`
|
||||||
Namespace string `yaml:"namespace,omitempty"`
|
Namespace string `yaml:"namespace,omitempty" json:"namespace,omitempty"`
|
||||||
Prefix string `yaml:"prefix,omitempty"`
|
Prefix string `yaml:"prefix,omitempty" json:"prefix,omitempty"`
|
||||||
AppRole *AppRole `yaml:"approle,omitempty"`
|
AppRole *AppRole `yaml:"approle,omitempty" json:"approle,omitempty"`
|
||||||
TLS *VaultTLS `yaml:"tls,omitempty"`
|
TLS *VaultTLS `yaml:"tls,omitempty" json:"tls,omitempty"`
|
||||||
Status *VaultStatus `yaml:"status,omitempty"`
|
Status *VaultStatus `yaml:"status,omitempty" json:"status,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type AwsSecretManagerLogin struct {
|
type AwsSecretManagerLogin struct {
|
||||||
AccessKey string `yaml:"accesskey"`
|
AccessKey string `yaml:"accesskey" json:"accesskey"`
|
||||||
SecretKey string `yaml:"secretkey"`
|
SecretKey string `yaml:"secretkey" json:"secretkey"`
|
||||||
SessionToken string `yaml:"token"`
|
SessionToken string `yaml:"token" json:"token"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type AwsSecretManager struct {
|
type AwsSecretManager struct {
|
||||||
Endpoint string `yaml:"endpoint,omitempty"`
|
Endpoint string `yaml:"endpoint,omitempty" json:"endpoint,omitempty"`
|
||||||
Region string `yaml:"region,omitempty"`
|
Region string `yaml:"region,omitempty" json:"region,omitempty"`
|
||||||
KmsKey string ` yaml:"kmskey,omitempty"`
|
KmsKey string `yaml:"kmskey,omitempty" json:"kmskey,omitempty"`
|
||||||
Login *AwsSecretManagerLogin `yaml:"credentials,omitempty"`
|
Login *AwsSecretManagerLogin `yaml:"credentials,omitempty" json:"credentials,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type Aws struct {
|
type Aws struct {
|
||||||
SecretsManager *AwsSecretManager `yaml:"secretsmanager,omitempty"`
|
SecretsManager *AwsSecretManager `yaml:"secretsmanager,omitempty" json:"secretsmanager,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type GemaltoCredentials struct {
|
type GemaltoCredentials struct {
|
||||||
Token string `yaml:"token,omitempty"`
|
Token string `yaml:"token,omitempty" json:"token,omitempty"`
|
||||||
Domain string `yaml:"domain,omitempty"`
|
Domain string `yaml:"domain,omitempty" json:"domain,omitempty"`
|
||||||
Retry time.Duration `yaml:"retry,omitempty"`
|
Retry time.Duration `yaml:"retry,omitempty" json:"retry,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type GemaltoTLS struct {
|
type GemaltoTLS struct {
|
||||||
@@ -120,64 +120,64 @@ type GemaltoTLS struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
type GemaltoKeySecure struct {
|
type GemaltoKeySecure struct {
|
||||||
Endpoint string `yaml:"endpoint,omitempty"`
|
Endpoint string `yaml:"endpoint,omitempty" json:"endpoint,omitempty"`
|
||||||
Credentials *GemaltoCredentials `yaml:"credentials,omitempty"`
|
Credentials *GemaltoCredentials `yaml:"credentials,omitempty" json:"credentials,omitempty"`
|
||||||
TLS *GemaltoTLS `yaml:"tls,omitempty"`
|
TLS *GemaltoTLS `yaml:"tls,omitempty" json:"tls,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type Gemalto struct {
|
type Gemalto struct {
|
||||||
KeySecure *GemaltoKeySecure `yaml:"keysecure,omitempty"`
|
KeySecure *GemaltoKeySecure `yaml:"keysecure,omitempty" json:"keysecure,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type GcpCredentials struct {
|
type GcpCredentials struct {
|
||||||
ClientEmail string `yaml:"client_email"`
|
ClientEmail string `yaml:"client_email" json:"client_email"`
|
||||||
ClientID string `yaml:"client_id"`
|
ClientID string `yaml:"client_id" json:"client_id"`
|
||||||
PrivateKeyID string `yaml:"private_key_id"`
|
PrivateKeyID string `yaml:"private_key_id" json:"private_key_id"`
|
||||||
PrivateKey string `yaml:"private_key"`
|
PrivateKey string `yaml:"private_key" json:"private_key"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type GcpSecretManager struct {
|
type GcpSecretManager struct {
|
||||||
ProjectID string `yaml:"project_id"`
|
ProjectID string `yaml:"project_id" json:"project_id"`
|
||||||
Endpoint string `yaml:"endpoint,omitempty"`
|
Endpoint string `yaml:"endpoint,omitempty" json:"endpoint,omitempty"`
|
||||||
Credentials *GcpCredentials `yaml:"credentials,omitempty"`
|
Credentials *GcpCredentials `yaml:"credentials,omitempty" json:"credentials,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type Gcp struct {
|
type Gcp struct {
|
||||||
SecretManager *GcpSecretManager `yaml:"secretmanager,omitempty"`
|
SecretManager *GcpSecretManager `yaml:"secretmanager,omitempty" json:"secretmanager,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type AzureCredentials struct {
|
type AzureCredentials struct {
|
||||||
TenantID string `yaml:"tenant_id"`
|
TenantID string `yaml:"tenant_id" json:"tenant_id"`
|
||||||
ClientID string `yaml:"client_id"`
|
ClientID string `yaml:"client_id" json:"client_id"`
|
||||||
ClientSecret string `yaml:"client_secret"`
|
ClientSecret string `yaml:"client_secret" json:"client_secret"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type AzureKeyVault struct {
|
type AzureKeyVault struct {
|
||||||
Endpoint string `yaml:"endpoint,omitempty"`
|
Endpoint string `yaml:"endpoint,omitempty" json:"endpoint,omitempty"`
|
||||||
Credentials *AzureCredentials `yaml:"credentials,omitempty"`
|
Credentials *AzureCredentials `yaml:"credentials,omitempty" json:"credentials,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type Azure struct {
|
type Azure struct {
|
||||||
KeyVault *AzureKeyVault `yaml:"keyvault,omitempty"`
|
KeyVault *AzureKeyVault `yaml:"keyvault,omitempty" json:"keyvault,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type Keys struct {
|
type Keys struct {
|
||||||
Fs *Fs `yaml:"fs,omitempty"`
|
Fs *Fs `yaml:"fs,omitempty" json:"fs,omitempty"`
|
||||||
Vault *Vault `yaml:"vault,omitempty"`
|
Vault *Vault `yaml:"vault,omitempty" json:"vault,omitempty"`
|
||||||
Aws *Aws `yaml:"aws,omitempty"`
|
Aws *Aws `yaml:"aws,omitempty" json:"aws,omitempty"`
|
||||||
Gemalto *Gemalto `yaml:"gemalto,omitempty"`
|
Gemalto *Gemalto `yaml:"gemalto,omitempty" json:"gemalto,omitempty"`
|
||||||
Gcp *Gcp `yaml:"gcp,omitempty"`
|
Gcp *Gcp `yaml:"gcp,omitempty" json:"gcp,omitempty"`
|
||||||
Azure *Azure `yaml:"azure,omitempty"`
|
Azure *Azure `yaml:"azure,omitempty" json:"azure,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type ServerConfig struct {
|
type ServerConfig struct {
|
||||||
Addr string `yaml:"address,omitempty"`
|
Addr string `yaml:"address,omitempty" json:"address,omitempty"`
|
||||||
Root Identity `yaml:"root,omitempty"`
|
Root Identity `yaml:"root,omitempty" json:"root,omitempty"`
|
||||||
TLS TLS `yaml:"tls,omitempty"`
|
TLS TLS `yaml:"tls,omitempty" json:"tls,omitempty"`
|
||||||
Policies map[string]Policy `yaml:"policy,omitempty"`
|
Policies map[string]Policy `yaml:"policy,omitempty" json:"policy,omitempty"`
|
||||||
Cache Cache `yaml:"cache,omitempty"`
|
Cache Cache `yaml:"cache,omitempty" json:"cache,omitempty"`
|
||||||
Log Log `yaml:"log,omitempty"`
|
Log Log `yaml:"log,omitempty" json:"log,omitempty"`
|
||||||
Keys Keys `yaml:"keys,omitempty"`
|
Keys Keys `yaml:"keys,omitempty" json:"keys,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func ParseCertificate(cert []byte) (*x509.Certificate, error) {
|
func ParseCertificate(cert []byte) (*x509.Certificate, error) {
|
||||||
|
|||||||
@@ -185,6 +185,8 @@ export const IAM_PAGES = {
|
|||||||
"/namespaces/:tenantNamespace/tenants/:tenantName/license",
|
"/namespaces/:tenantNamespace/tenants/:tenantName/license",
|
||||||
NAMESPACE_TENANT_SECURITY:
|
NAMESPACE_TENANT_SECURITY:
|
||||||
"/namespaces/:tenantNamespace/tenants/:tenantName/security",
|
"/namespaces/:tenantNamespace/tenants/:tenantName/security",
|
||||||
|
NAMESPACE_TENANT_ENCRYPTION:
|
||||||
|
"/namespaces/:tenantNamespace/tenants/:tenantName/encryption",
|
||||||
NAMESPACE_TENANT_MONITORING:
|
NAMESPACE_TENANT_MONITORING:
|
||||||
"/namespaces/:tenantNamespace/tenants/:tenantName/monitoring",
|
"/namespaces/:tenantNamespace/tenants/:tenantName/monitoring",
|
||||||
NAMESPACE_TENANT_LOGGING:
|
NAMESPACE_TENANT_LOGGING:
|
||||||
|
|||||||
@@ -178,6 +178,38 @@ export interface IEncryptionConfiguration {
|
|||||||
gemalto?: IGemaltoConfig;
|
gemalto?: IGemaltoConfig;
|
||||||
aws?: IAWSConfig;
|
aws?: IAWSConfig;
|
||||||
vault?: IVaultConfig;
|
vault?: IVaultConfig;
|
||||||
|
azure?: IAzureConfig;
|
||||||
|
gcp?: IGCPConfig;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface IGCPCredentials {
|
||||||
|
client_email: string;
|
||||||
|
client_id: string;
|
||||||
|
private_key_id: string;
|
||||||
|
private_key: string;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface IGCPSecretManager {
|
||||||
|
project_id: string;
|
||||||
|
endpoint?: string;
|
||||||
|
credentials?: IGCPCredentials;
|
||||||
|
}
|
||||||
|
export interface IGCPConfig {
|
||||||
|
secretmanager: IGCPSecretManager;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface IAzureCredentials {
|
||||||
|
tenant_id: string;
|
||||||
|
client_id: string;
|
||||||
|
client_secret: string;
|
||||||
|
}
|
||||||
|
export interface IAzureKeyVault {
|
||||||
|
endpoint: string;
|
||||||
|
credentials?: IAzureCredentials;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface IAzureConfig {
|
||||||
|
keyvault: IAzureKeyVault;
|
||||||
}
|
}
|
||||||
|
|
||||||
export interface IVaultConfig {
|
export interface IVaultConfig {
|
||||||
@@ -218,16 +250,16 @@ export interface IVaultStatusConfig {
|
|||||||
export interface IKeysecureConfig {
|
export interface IKeysecureConfig {
|
||||||
endpoint: string;
|
endpoint: string;
|
||||||
credentials: IGemaltoCredentials;
|
credentials: IGemaltoCredentials;
|
||||||
tls: IGemaltoTLS;
|
tls: IGemaltoTLSConfig;
|
||||||
}
|
}
|
||||||
|
|
||||||
export interface IGemaltoCredentials {
|
export interface IGemaltoCredentials {
|
||||||
token: string;
|
token: string;
|
||||||
domain: string;
|
domain: string;
|
||||||
retry?: number;
|
retry?: string;
|
||||||
}
|
}
|
||||||
|
|
||||||
export interface IGemaltoTLS {
|
export interface IGemaltoTLSConfig {
|
||||||
ca: string;
|
ca: string;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -446,6 +446,11 @@ const Console = ({
|
|||||||
path: IAM_PAGES.NAMESPACE_TENANT_SECURITY,
|
path: IAM_PAGES.NAMESPACE_TENANT_SECURITY,
|
||||||
forceDisplay: true,
|
forceDisplay: true,
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
component: TenantDetails,
|
||||||
|
path: IAM_PAGES.NAMESPACE_TENANT_ENCRYPTION,
|
||||||
|
forceDisplay: true,
|
||||||
|
},
|
||||||
{
|
{
|
||||||
component: TenantDetails,
|
component: TenantDetails,
|
||||||
path: IAM_PAGES.NAMESPACE_TENANT_MONITORING,
|
path: IAM_PAGES.NAMESPACE_TENANT_MONITORING,
|
||||||
|
|||||||
@@ -515,7 +515,7 @@ const AddTenant = ({
|
|||||||
};
|
};
|
||||||
}
|
}
|
||||||
let vaultTLS = null;
|
let vaultTLS = null;
|
||||||
if (vaultKeyPair || vaultCA) {
|
if (vaultKeyPair || vaultCAInsert) {
|
||||||
vaultTLS = {
|
vaultTLS = {
|
||||||
tls: {
|
tls: {
|
||||||
...vaultKeyPair,
|
...vaultKeyPair,
|
||||||
|
|||||||
@@ -482,97 +482,6 @@ const Encryption = ({
|
|||||||
</Grid>
|
</Grid>
|
||||||
{encryptionType === "vault" && (
|
{encryptionType === "vault" && (
|
||||||
<Fragment>
|
<Fragment>
|
||||||
<Grid item xs={12}>
|
|
||||||
<FormSwitchWrapper
|
|
||||||
value="enableCustomCertsForKES"
|
|
||||||
id="enableCustomCertsForKES"
|
|
||||||
name="enableCustomCertsForKES"
|
|
||||||
checked={enableCustomCertsForKES || !enableAutoCert}
|
|
||||||
onChange={(e) => {
|
|
||||||
const targetD = e.target;
|
|
||||||
const checked = targetD.checked;
|
|
||||||
|
|
||||||
updateField("enableCustomCertsForKES", checked);
|
|
||||||
}}
|
|
||||||
label={"Custom Certificates"}
|
|
||||||
disabled={!enableAutoCert}
|
|
||||||
/>
|
|
||||||
</Grid>
|
|
||||||
{(enableCustomCertsForKES || !enableAutoCert) && (
|
|
||||||
<Fragment>
|
|
||||||
<Grid container>
|
|
||||||
<Grid item xs={12} style={{ marginBottom: 15 }}>
|
|
||||||
<fieldset className={classes.fieldGroup}>
|
|
||||||
<legend className={classes.descriptionText}>
|
|
||||||
Encryption Service Certificates
|
|
||||||
</legend>
|
|
||||||
<FileSelector
|
|
||||||
onChange={(encodedValue, fileName) => {
|
|
||||||
addFileServerCert("key", fileName, encodedValue);
|
|
||||||
cleanValidation("serverKey");
|
|
||||||
}}
|
|
||||||
accept=".key,.pem"
|
|
||||||
id="serverKey"
|
|
||||||
name="serverKey"
|
|
||||||
label="Key"
|
|
||||||
error={validationErrors["serverKey"] || ""}
|
|
||||||
value={serverCertificate.key}
|
|
||||||
required={!enableAutoCert}
|
|
||||||
/>
|
|
||||||
<FileSelector
|
|
||||||
onChange={(encodedValue, fileName) => {
|
|
||||||
addFileServerCert("cert", fileName, encodedValue);
|
|
||||||
cleanValidation("serverCert");
|
|
||||||
}}
|
|
||||||
accept=".cer,.crt,.cert,.pem"
|
|
||||||
id="serverCert"
|
|
||||||
name="serverCert"
|
|
||||||
label="Cert"
|
|
||||||
error={validationErrors["serverCert"] || ""}
|
|
||||||
value={serverCertificate.cert}
|
|
||||||
required={!enableAutoCert}
|
|
||||||
/>
|
|
||||||
</fieldset>
|
|
||||||
</Grid>
|
|
||||||
</Grid>
|
|
||||||
|
|
||||||
<Grid container style={{ marginBottom: 15 }}>
|
|
||||||
<Grid item xs={12}>
|
|
||||||
<fieldset className={classes.fieldGroup}>
|
|
||||||
<legend className={classes.descriptionText}>
|
|
||||||
Mutual TLS authentication
|
|
||||||
</legend>
|
|
||||||
<FileSelector
|
|
||||||
onChange={(encodedValue, fileName) => {
|
|
||||||
addFileClientCert("key", fileName, encodedValue);
|
|
||||||
cleanValidation("clientKey");
|
|
||||||
}}
|
|
||||||
accept=".key,.pem"
|
|
||||||
id="clientKey"
|
|
||||||
name="clientKey"
|
|
||||||
label="Key"
|
|
||||||
error={validationErrors["clientKey"] || ""}
|
|
||||||
value={clientCertificate.key}
|
|
||||||
required={!enableAutoCert}
|
|
||||||
/>
|
|
||||||
<FileSelector
|
|
||||||
onChange={(encodedValue, fileName) => {
|
|
||||||
addFileClientCert("cert", fileName, encodedValue);
|
|
||||||
cleanValidation("clientCert");
|
|
||||||
}}
|
|
||||||
accept=".cer,.crt,.cert,.pem"
|
|
||||||
id="clientCert"
|
|
||||||
name="clientCert"
|
|
||||||
label="Cert"
|
|
||||||
error={validationErrors["clientCert"] || ""}
|
|
||||||
value={clientCertificate.cert}
|
|
||||||
required={!enableAutoCert}
|
|
||||||
/>
|
|
||||||
</fieldset>
|
|
||||||
</Grid>
|
|
||||||
</Grid>
|
|
||||||
</Fragment>
|
|
||||||
)}
|
|
||||||
<Grid item xs={12} className={classes.formFieldRow}>
|
<Grid item xs={12} className={classes.formFieldRow}>
|
||||||
<InputBoxWrapper
|
<InputBoxWrapper
|
||||||
id="vault_endpoint"
|
id="vault_endpoint"
|
||||||
@@ -1078,6 +987,96 @@ const Encryption = ({
|
|||||||
<div className={classes.headerElement}>
|
<div className={classes.headerElement}>
|
||||||
<h4 className={classes.h3Section}>Additional Configurations</h4>
|
<h4 className={classes.h3Section}>Additional Configurations</h4>
|
||||||
</div>
|
</div>
|
||||||
|
<Grid item xs={12}>
|
||||||
|
<FormSwitchWrapper
|
||||||
|
value="enableCustomCertsForKES"
|
||||||
|
id="enableCustomCertsForKES"
|
||||||
|
name="enableCustomCertsForKES"
|
||||||
|
checked={enableCustomCertsForKES || !enableAutoCert}
|
||||||
|
onChange={(e) => {
|
||||||
|
const targetD = e.target;
|
||||||
|
const checked = targetD.checked;
|
||||||
|
|
||||||
|
updateField("enableCustomCertsForKES", checked);
|
||||||
|
}}
|
||||||
|
label={"Custom Certificates"}
|
||||||
|
disabled={!enableAutoCert}
|
||||||
|
/>
|
||||||
|
</Grid>
|
||||||
|
{(enableCustomCertsForKES || !enableAutoCert) && (
|
||||||
|
<Fragment>
|
||||||
|
<Grid container>
|
||||||
|
<Grid item xs={12} style={{ marginBottom: 15 }}>
|
||||||
|
<fieldset className={classes.fieldGroup}>
|
||||||
|
<legend className={classes.descriptionText}>
|
||||||
|
Encryption Service Certificates
|
||||||
|
</legend>
|
||||||
|
<FileSelector
|
||||||
|
onChange={(encodedValue, fileName) => {
|
||||||
|
addFileServerCert("key", fileName, encodedValue);
|
||||||
|
cleanValidation("serverKey");
|
||||||
|
}}
|
||||||
|
accept=".key,.pem"
|
||||||
|
id="serverKey"
|
||||||
|
name="serverKey"
|
||||||
|
label="Key"
|
||||||
|
error={validationErrors["serverKey"] || ""}
|
||||||
|
value={serverCertificate.key}
|
||||||
|
required={!enableAutoCert}
|
||||||
|
/>
|
||||||
|
<FileSelector
|
||||||
|
onChange={(encodedValue, fileName) => {
|
||||||
|
addFileServerCert("cert", fileName, encodedValue);
|
||||||
|
cleanValidation("serverCert");
|
||||||
|
}}
|
||||||
|
accept=".cer,.crt,.cert,.pem"
|
||||||
|
id="serverCert"
|
||||||
|
name="serverCert"
|
||||||
|
label="Cert"
|
||||||
|
error={validationErrors["serverCert"] || ""}
|
||||||
|
value={serverCertificate.cert}
|
||||||
|
required={!enableAutoCert}
|
||||||
|
/>
|
||||||
|
</fieldset>
|
||||||
|
</Grid>
|
||||||
|
</Grid>
|
||||||
|
<Grid container style={{ marginBottom: 15 }}>
|
||||||
|
<Grid item xs={12}>
|
||||||
|
<fieldset className={classes.fieldGroup}>
|
||||||
|
<legend className={classes.descriptionText}>
|
||||||
|
Mutual TLS authentication with MinIO
|
||||||
|
</legend>
|
||||||
|
<FileSelector
|
||||||
|
onChange={(encodedValue, fileName) => {
|
||||||
|
addFileClientCert("key", fileName, encodedValue);
|
||||||
|
cleanValidation("clientKey");
|
||||||
|
}}
|
||||||
|
accept=".key,.pem"
|
||||||
|
id="clientKey"
|
||||||
|
name="clientKey"
|
||||||
|
label="Key"
|
||||||
|
error={validationErrors["clientKey"] || ""}
|
||||||
|
value={clientCertificate.key}
|
||||||
|
required={!enableAutoCert}
|
||||||
|
/>
|
||||||
|
<FileSelector
|
||||||
|
onChange={(encodedValue, fileName) => {
|
||||||
|
addFileClientCert("cert", fileName, encodedValue);
|
||||||
|
cleanValidation("clientCert");
|
||||||
|
}}
|
||||||
|
accept=".cer,.crt,.cert,.pem"
|
||||||
|
id="clientCert"
|
||||||
|
name="clientCert"
|
||||||
|
label="Cert"
|
||||||
|
error={validationErrors["clientCert"] || ""}
|
||||||
|
value={clientCertificate.cert}
|
||||||
|
required={!enableAutoCert}
|
||||||
|
/>
|
||||||
|
</fieldset>
|
||||||
|
</Grid>
|
||||||
|
</Grid>
|
||||||
|
</Fragment>
|
||||||
|
)}
|
||||||
<Grid item xs={12}>
|
<Grid item xs={12}>
|
||||||
<Grid item xs={12} classes={classes.formFieldRow}>
|
<Grid item xs={12} classes={classes.formFieldRow}>
|
||||||
<InputBoxWrapper
|
<InputBoxWrapper
|
||||||
|
|||||||
@@ -16,7 +16,11 @@
|
|||||||
|
|
||||||
import { SubnetInfo } from "../../License/types";
|
import { SubnetInfo } from "../../License/types";
|
||||||
import { IAffinityModel } from "../../../../common/types";
|
import { IAffinityModel } from "../../../../common/types";
|
||||||
import { NodeMaxAllocatableResources } from "../types";
|
import {
|
||||||
|
ICertificateInfo,
|
||||||
|
ISecurityContext,
|
||||||
|
NodeMaxAllocatableResources,
|
||||||
|
} from "../types";
|
||||||
|
|
||||||
export interface IEvent {
|
export interface IEvent {
|
||||||
namespace: string;
|
namespace: string;
|
||||||
@@ -84,6 +88,33 @@ export interface ITenantStatus {
|
|||||||
usage?: ITenantStatusUsage;
|
usage?: ITenantStatusUsage;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
export interface ITenantEncryptionResponse {
|
||||||
|
image: string;
|
||||||
|
replicas: string;
|
||||||
|
securityContext: ISecurityContext;
|
||||||
|
server: ICertificateInfo[];
|
||||||
|
client: ICertificateInfo[];
|
||||||
|
/*
|
||||||
|
gemalto:
|
||||||
|
type: object
|
||||||
|
$ref: "#/definitions/gemaltoConfiguration"
|
||||||
|
aws:
|
||||||
|
type: object
|
||||||
|
$ref: "#/definitions/awsConfiguration"
|
||||||
|
vault:
|
||||||
|
type: object
|
||||||
|
$ref: "#/definitions/vaultConfiguration"
|
||||||
|
gcp:
|
||||||
|
type: object
|
||||||
|
$ref: "#/definitions/gcpConfiguration"
|
||||||
|
azure:
|
||||||
|
type: object
|
||||||
|
$ref: "#/definitions/azureConfiguration"
|
||||||
|
securityContext:
|
||||||
|
type: object
|
||||||
|
$ref: "#/definitions/securityContext"*/
|
||||||
|
}
|
||||||
|
|
||||||
export interface ITenant {
|
export interface ITenant {
|
||||||
total_size: number;
|
total_size: number;
|
||||||
name: string;
|
name: string;
|
||||||
|
|||||||
@@ -50,6 +50,7 @@ import BackLink from "../../../../common/BackLink";
|
|||||||
import VerticalTabs from "../../Common/VerticalTabs/VerticalTabs";
|
import VerticalTabs from "../../Common/VerticalTabs/VerticalTabs";
|
||||||
import BoxIconButton from "../../Common/BoxIconButton/BoxIconButton";
|
import BoxIconButton from "../../Common/BoxIconButton/BoxIconButton";
|
||||||
import withSuspense from "../../Common/Components/withSuspense";
|
import withSuspense from "../../Common/Components/withSuspense";
|
||||||
|
import { IAM_PAGES } from "../../../../common/SecureComponent/permissions";
|
||||||
|
|
||||||
const TenantYAML = withSuspense(React.lazy(() => import("./TenantYAML")));
|
const TenantYAML = withSuspense(React.lazy(() => import("./TenantYAML")));
|
||||||
const TenantSummary = withSuspense(React.lazy(() => import("./TenantSummary")));
|
const TenantSummary = withSuspense(React.lazy(() => import("./TenantSummary")));
|
||||||
@@ -69,6 +70,9 @@ const TenantVolumes = withSuspense(
|
|||||||
const TenantSecurity = withSuspense(
|
const TenantSecurity = withSuspense(
|
||||||
React.lazy(() => import("./TenantSecurity"))
|
React.lazy(() => import("./TenantSecurity"))
|
||||||
);
|
);
|
||||||
|
const TenantEncryption = withSuspense(
|
||||||
|
React.lazy(() => import("./TenantEncryption"))
|
||||||
|
);
|
||||||
const DeleteTenant = withSuspense(
|
const DeleteTenant = withSuspense(
|
||||||
React.lazy(() => import("../ListTenants/DeleteTenant"))
|
React.lazy(() => import("../ListTenants/DeleteTenant"))
|
||||||
);
|
);
|
||||||
@@ -301,10 +305,10 @@ const TenantDetails = ({
|
|||||||
return health_status === "red"
|
return health_status === "red"
|
||||||
? classes.redState
|
? classes.redState
|
||||||
: health_status === "yellow"
|
: health_status === "yellow"
|
||||||
? classes.yellowState
|
? classes.yellowState
|
||||||
: health_status === "green"
|
: health_status === "green"
|
||||||
? classes.greenState
|
? classes.greenState
|
||||||
: classes.greyState;
|
: classes.greyState;
|
||||||
};
|
};
|
||||||
|
|
||||||
return (
|
return (
|
||||||
@@ -420,59 +424,63 @@ const TenantDetails = ({
|
|||||||
<Router history={history}>
|
<Router history={history}>
|
||||||
<Switch>
|
<Switch>
|
||||||
<Route
|
<Route
|
||||||
path="/namespaces/:tenantNamespace/tenants/:tenantName/summary"
|
path={IAM_PAGES.NAMESPACE_TENANT_SUMMARY}
|
||||||
component={TenantSummary}
|
component={TenantSummary}
|
||||||
/>
|
/>
|
||||||
<Route
|
<Route
|
||||||
path="/namespaces/:tenantNamespace/tenants/:tenantName/metrics"
|
path={IAM_PAGES.NAMESPACE_TENANT_METRICS}
|
||||||
component={TenantMetrics}
|
component={TenantMetrics}
|
||||||
/>
|
/>
|
||||||
<Route
|
<Route
|
||||||
path="/namespaces/:tenantNamespace/tenants/:tenantName/trace"
|
path={IAM_PAGES.NAMESPACE_TENANT_TRACE}
|
||||||
component={TenantTrace}
|
component={TenantTrace}
|
||||||
/>
|
/>
|
||||||
<Route
|
<Route
|
||||||
path="/namespaces/:tenantNamespace/tenants/:tenantName/security"
|
path={IAM_PAGES.NAMESPACE_TENANT_SECURITY}
|
||||||
component={TenantSecurity}
|
component={TenantSecurity}
|
||||||
/>
|
/>
|
||||||
<Route
|
<Route
|
||||||
path="/namespaces/:tenantNamespace/tenants/:tenantName/pools"
|
path={IAM_PAGES.NAMESPACE_TENANT_ENCRYPTION}
|
||||||
|
component={TenantEncryption}
|
||||||
|
/>
|
||||||
|
<Route
|
||||||
|
path={IAM_PAGES.NAMESPACE_TENANT_POOLS}
|
||||||
component={PoolsSummary}
|
component={PoolsSummary}
|
||||||
/>
|
/>
|
||||||
<Route
|
<Route
|
||||||
path="/namespaces/:tenantNamespace/tenants/:tenantName/pods/:podName"
|
path={IAM_PAGES.NAMESPACE_TENANT_PODS}
|
||||||
component={PodDetails}
|
component={PodDetails}
|
||||||
/>
|
/>
|
||||||
<Route
|
<Route
|
||||||
path="/namespaces/:tenantNamespace/tenants/:tenantName/pods"
|
path={IAM_PAGES.NAMESPACE_TENANT_PODS_LIST}
|
||||||
component={PodsSummary}
|
component={PodsSummary}
|
||||||
/>
|
/>
|
||||||
<Route
|
<Route
|
||||||
path="/namespaces/:tenantNamespace/tenants/:tenantName/pvcs/:PVCName"
|
path={IAM_PAGES.NAMESPACE_TENANT_PVCS}
|
||||||
component={TenantVolumes}
|
component={TenantVolumes}
|
||||||
/>
|
/>
|
||||||
<Route
|
<Route
|
||||||
path="/namespaces/:tenantNamespace/tenants/:tenantName/volumes"
|
path={IAM_PAGES.NAMESPACE_TENANT_VOLUMES}
|
||||||
component={VolumesSummary}
|
component={VolumesSummary}
|
||||||
/>
|
/>
|
||||||
<Route
|
<Route
|
||||||
path="/namespaces/:tenantNamespace/tenants/:tenantName/license"
|
path={IAM_PAGES.NAMESPACE_TENANT_LICENSE}
|
||||||
component={TenantLicense}
|
component={TenantLicense}
|
||||||
/>
|
/>
|
||||||
<Route
|
<Route
|
||||||
path="/namespaces/:tenantNamespace/tenants/:tenantName/monitoring"
|
path={IAM_PAGES.NAMESPACE_TENANT_MONITORING}
|
||||||
component={TenantMonitoring}
|
component={TenantMonitoring}
|
||||||
/>
|
/>
|
||||||
<Route
|
<Route
|
||||||
path="/namespaces/:tenantNamespace/tenants/:tenantName/logging"
|
path={IAM_PAGES.NAMESPACE_TENANT_LOGGING}
|
||||||
component={TenantLogging}
|
component={TenantLogging}
|
||||||
/>
|
/>
|
||||||
<Route
|
<Route
|
||||||
path="/namespaces/:tenantNamespace/tenants/:tenantName/events"
|
path={IAM_PAGES.NAMESPACE_TENANT_EVENTS}
|
||||||
component={TenantEvents}
|
component={TenantEvents}
|
||||||
/>
|
/>
|
||||||
<Route
|
<Route
|
||||||
path="/namespaces/:tenantNamespace/tenants/:tenantName"
|
path={IAM_PAGES.NAMESPACE_TENANT}
|
||||||
component={() => (
|
component={() => (
|
||||||
<Redirect
|
<Redirect
|
||||||
to={`/namespaces/${tenantNamespace}/tenants/${tenantName}/summary`}
|
to={`/namespaces/${tenantNamespace}/tenants/${tenantName}/summary`}
|
||||||
@@ -508,6 +516,14 @@ const TenantDetails = ({
|
|||||||
to: getRoutePath("security"),
|
to: getRoutePath("security"),
|
||||||
},
|
},
|
||||||
}}
|
}}
|
||||||
|
{{
|
||||||
|
tabConfig: {
|
||||||
|
label: "Encryption",
|
||||||
|
value: "encryption",
|
||||||
|
component: Link,
|
||||||
|
to: getRoutePath("encryption"),
|
||||||
|
},
|
||||||
|
}}
|
||||||
{{
|
{{
|
||||||
tabConfig: {
|
tabConfig: {
|
||||||
label: "Pools",
|
label: "Pools",
|
||||||
|
|||||||
File diff suppressed because it is too large
Load Diff
@@ -14,7 +14,13 @@
|
|||||||
// You should have received a copy of the GNU Affero General Public License
|
// You should have received a copy of the GNU Affero General Public License
|
||||||
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
import { IErasureCodeCalc } from "../../../common/types";
|
import {
|
||||||
|
IAWSConfig,
|
||||||
|
IAzureConfig,
|
||||||
|
IErasureCodeCalc,
|
||||||
|
IGCPConfig,
|
||||||
|
IGemaltoCredentials,
|
||||||
|
} from "../../../common/types";
|
||||||
import { IResourcesSize, ITenant } from "./ListTenants/types";
|
import { IResourcesSize, ITenant } from "./ListTenants/types";
|
||||||
import { KeyPair, Opts } from "./ListTenants/utils";
|
import { KeyPair, Opts } from "./ListTenants/utils";
|
||||||
import { IntegrationConfiguration } from "./AddTenant/Steps/TenantResources/utils";
|
import { IntegrationConfiguration } from "./AddTenant/Steps/TenantResources/utils";
|
||||||
@@ -87,6 +93,58 @@ export interface ITenantSecurityResponse {
|
|||||||
customCertificates: ICustomCertificates;
|
customCertificates: ICustomCertificates;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
export interface IVaultTLS {
|
||||||
|
crt: ICertificateInfo;
|
||||||
|
ca: ICertificateInfo;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface IVaultAppRole {
|
||||||
|
engine: string;
|
||||||
|
id: string;
|
||||||
|
secret: string;
|
||||||
|
retry: string;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface IVaultStatus {
|
||||||
|
ping: string;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface IVaultConfiguration {
|
||||||
|
endpoint: string;
|
||||||
|
engine: string;
|
||||||
|
namespace: string;
|
||||||
|
prefix: string;
|
||||||
|
approle: IVaultAppRole;
|
||||||
|
status: IVaultStatus;
|
||||||
|
tls: IVaultTLS;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface IGemaltoTLS {
|
||||||
|
ca: ICertificateInfo;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface IKeysecureConfiguration {
|
||||||
|
endpoint: string;
|
||||||
|
credentials: IGemaltoCredentials;
|
||||||
|
tls: IGemaltoTLS;
|
||||||
|
}
|
||||||
|
export interface IGemaltoConfiguration {
|
||||||
|
keysecure: IKeysecureConfiguration;
|
||||||
|
}
|
||||||
|
|
||||||
|
export interface ITenantEncryptionResponse {
|
||||||
|
image: string;
|
||||||
|
replicas: string;
|
||||||
|
securityContext: ISecurityContext;
|
||||||
|
server: ICertificateInfo;
|
||||||
|
mtls_client: ICertificateInfo;
|
||||||
|
vault?: IVaultConfiguration;
|
||||||
|
aws?: IAWSConfig;
|
||||||
|
gemalto?: IGemaltoConfiguration;
|
||||||
|
gcp?: IGCPConfig;
|
||||||
|
azure?: IAzureConfig;
|
||||||
|
}
|
||||||
|
|
||||||
export interface ICreateTenant {
|
export interface ICreateTenant {
|
||||||
page: number;
|
page: number;
|
||||||
validPages: string[];
|
validPages: string[];
|
||||||
|
|||||||
@@ -31,6 +31,7 @@ export const commonFormValidation = (fieldsValidate: IValidation[]) => {
|
|||||||
if (
|
if (
|
||||||
field.required &&
|
field.required &&
|
||||||
typeof field.value !== "undefined" &&
|
typeof field.value !== "undefined" &&
|
||||||
|
field.value.trim &&
|
||||||
field.value.trim() === ""
|
field.value.trim() === ""
|
||||||
) {
|
) {
|
||||||
returnErrors[field.fieldKey] = "Field cannot be empty";
|
returnErrors[field.fieldKey] = "Field cannot be empty";
|
||||||
@@ -40,6 +41,7 @@ export const commonFormValidation = (fieldsValidate: IValidation[]) => {
|
|||||||
if (
|
if (
|
||||||
!field.required &&
|
!field.required &&
|
||||||
typeof field.value !== "undefined" &&
|
typeof field.value !== "undefined" &&
|
||||||
|
field.value.trim &&
|
||||||
field.value.trim() === ""
|
field.value.trim() === ""
|
||||||
) {
|
) {
|
||||||
return;
|
return;
|
||||||
|
|||||||
@@ -844,6 +844,27 @@ paths:
|
|||||||
- OperatorAPI
|
- OperatorAPI
|
||||||
|
|
||||||
/namespaces/{namespace}/tenants/{tenant}/encryption:
|
/namespaces/{namespace}/tenants/{tenant}/encryption:
|
||||||
|
delete:
|
||||||
|
summary: Tenant Delete Encryption
|
||||||
|
operationId: TenantDeleteEncryption
|
||||||
|
parameters:
|
||||||
|
- name: namespace
|
||||||
|
in: path
|
||||||
|
required: true
|
||||||
|
type: string
|
||||||
|
- name: tenant
|
||||||
|
in: path
|
||||||
|
required: true
|
||||||
|
type: string
|
||||||
|
responses:
|
||||||
|
204:
|
||||||
|
description: A successful response.
|
||||||
|
default:
|
||||||
|
description: Generic error response.
|
||||||
|
schema:
|
||||||
|
$ref: "#/definitions/error"
|
||||||
|
tags:
|
||||||
|
- OperatorAPI
|
||||||
put:
|
put:
|
||||||
summary: Tenant Update Encryption
|
summary: Tenant Update Encryption
|
||||||
operationId: TenantUpdateEncryption
|
operationId: TenantUpdateEncryption
|
||||||
@@ -871,6 +892,30 @@ paths:
|
|||||||
tags:
|
tags:
|
||||||
- OperatorAPI
|
- OperatorAPI
|
||||||
|
|
||||||
|
get:
|
||||||
|
summary: Tenant Encryption Info
|
||||||
|
operationId: TenantEncryptionInfo
|
||||||
|
parameters:
|
||||||
|
- name: namespace
|
||||||
|
in: path
|
||||||
|
required: true
|
||||||
|
type: string
|
||||||
|
- name: tenant
|
||||||
|
in: path
|
||||||
|
required: true
|
||||||
|
type: string
|
||||||
|
responses:
|
||||||
|
200:
|
||||||
|
description: A successful response.
|
||||||
|
schema:
|
||||||
|
$ref: "#/definitions/encryptionConfigurationResponse"
|
||||||
|
default:
|
||||||
|
description: Generic error response.
|
||||||
|
schema:
|
||||||
|
$ref: "#/definitions/error"
|
||||||
|
tags:
|
||||||
|
- OperatorAPI
|
||||||
|
|
||||||
/namespaces/{namespace}/tenants/{tenant}/yaml:
|
/namespaces/{namespace}/tenants/{tenant}/yaml:
|
||||||
get:
|
get:
|
||||||
summary: Get the Tenant YAML
|
summary: Get the Tenant YAML
|
||||||
@@ -1622,6 +1667,10 @@ definitions:
|
|||||||
type: string
|
type: string
|
||||||
replicas:
|
replicas:
|
||||||
type: string
|
type: string
|
||||||
|
secretsToBeDeleted:
|
||||||
|
type: array
|
||||||
|
items:
|
||||||
|
type: string
|
||||||
server:
|
server:
|
||||||
type: object
|
type: object
|
||||||
$ref: "#/definitions/keyPairConfiguration"
|
$ref: "#/definitions/keyPairConfiguration"
|
||||||
@@ -1647,6 +1696,40 @@ definitions:
|
|||||||
type: object
|
type: object
|
||||||
$ref: "#/definitions/securityContext"
|
$ref: "#/definitions/securityContext"
|
||||||
|
|
||||||
|
encryptionConfigurationResponse:
|
||||||
|
allOf:
|
||||||
|
- $ref: "#/definitions/metadataFields"
|
||||||
|
- type: object
|
||||||
|
properties:
|
||||||
|
image:
|
||||||
|
type: string
|
||||||
|
replicas:
|
||||||
|
type: string
|
||||||
|
server:
|
||||||
|
type: object
|
||||||
|
$ref: "#/definitions/certificateInfo"
|
||||||
|
mtls_client:
|
||||||
|
type: object
|
||||||
|
$ref: "#/definitions/certificateInfo"
|
||||||
|
gemalto:
|
||||||
|
type: object
|
||||||
|
$ref: "#/definitions/gemaltoConfigurationResponse"
|
||||||
|
aws:
|
||||||
|
type: object
|
||||||
|
$ref: "#/definitions/awsConfiguration"
|
||||||
|
vault:
|
||||||
|
type: object
|
||||||
|
$ref: "#/definitions/vaultConfigurationResponse"
|
||||||
|
gcp:
|
||||||
|
type: object
|
||||||
|
$ref: "#/definitions/gcpConfiguration"
|
||||||
|
azure:
|
||||||
|
type: object
|
||||||
|
$ref: "#/definitions/azureConfiguration"
|
||||||
|
securityContext:
|
||||||
|
type: object
|
||||||
|
$ref: "#/definitions/securityContext"
|
||||||
|
|
||||||
vaultConfiguration:
|
vaultConfiguration:
|
||||||
type: object
|
type: object
|
||||||
required:
|
required:
|
||||||
@@ -1692,6 +1775,51 @@ definitions:
|
|||||||
ca:
|
ca:
|
||||||
type: string
|
type: string
|
||||||
|
|
||||||
|
vaultConfigurationResponse:
|
||||||
|
type: object
|
||||||
|
required:
|
||||||
|
- endpoint
|
||||||
|
- approle
|
||||||
|
properties:
|
||||||
|
endpoint:
|
||||||
|
type: string
|
||||||
|
engine:
|
||||||
|
type: string
|
||||||
|
namespace:
|
||||||
|
type: string
|
||||||
|
prefix:
|
||||||
|
type: string
|
||||||
|
approle:
|
||||||
|
type: object
|
||||||
|
required:
|
||||||
|
- id
|
||||||
|
- secret
|
||||||
|
properties:
|
||||||
|
engine:
|
||||||
|
type: string
|
||||||
|
id:
|
||||||
|
type: string
|
||||||
|
secret:
|
||||||
|
type: string
|
||||||
|
retry:
|
||||||
|
type: integer
|
||||||
|
format: int64
|
||||||
|
status:
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
ping:
|
||||||
|
type: integer
|
||||||
|
format: int64
|
||||||
|
tls:
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
crt:
|
||||||
|
type: object
|
||||||
|
$ref: "#/definitions/certificateInfo"
|
||||||
|
ca:
|
||||||
|
type: object
|
||||||
|
$ref: "#/definitions/certificateInfo"
|
||||||
|
|
||||||
awsConfiguration:
|
awsConfiguration:
|
||||||
type: object
|
type: object
|
||||||
required:
|
required:
|
||||||
@@ -1757,6 +1885,41 @@ definitions:
|
|||||||
ca:
|
ca:
|
||||||
type: string
|
type: string
|
||||||
|
|
||||||
|
gemaltoConfigurationResponse:
|
||||||
|
type: object
|
||||||
|
required:
|
||||||
|
- keysecure
|
||||||
|
properties:
|
||||||
|
keysecure:
|
||||||
|
type: object
|
||||||
|
required:
|
||||||
|
- endpoint
|
||||||
|
- credentials
|
||||||
|
properties:
|
||||||
|
endpoint:
|
||||||
|
type: string
|
||||||
|
credentials:
|
||||||
|
type: object
|
||||||
|
required:
|
||||||
|
- token
|
||||||
|
- domain
|
||||||
|
properties:
|
||||||
|
token:
|
||||||
|
type: string
|
||||||
|
domain:
|
||||||
|
type: string
|
||||||
|
retry:
|
||||||
|
type: integer
|
||||||
|
format: int64
|
||||||
|
tls:
|
||||||
|
type: object
|
||||||
|
required:
|
||||||
|
- ca
|
||||||
|
properties:
|
||||||
|
ca:
|
||||||
|
type: object
|
||||||
|
$ref: "#/definitions/certificateInfo"
|
||||||
|
|
||||||
gcpConfiguration:
|
gcpConfiguration:
|
||||||
type: object
|
type: object
|
||||||
required:
|
required:
|
||||||
|
|||||||
Reference in New Issue
Block a user