From 982ff0da5ecf286902039746110dba00f2224e9a Mon Sep 17 00:00:00 2001 From: Daniel Valdivia <18384552+dvaldivia@users.noreply.github.com> Date: Mon, 19 Jul 2021 11:48:50 -0700 Subject: [PATCH] Split Operator and Management API into different Swagger files (#875) * Split Operator and Management API into different Swagger files Signed-off-by: Daniel Valdivia <18384552+dvaldivia@users.noreply.github.com> * Linting Signed-off-by: Daniel Valdivia <18384552+dvaldivia@users.noreply.github.com> --- Makefile | 17 +- cmd/console/main.go | 1 + cmd/console/operator.go | 246 + cmd/console/server.go | 33 +- operatorapi/config.go | 76 + operatorapi/configure_operator.go | 174 + operatorapi/consts.go | 75 + operatorapi/doc.go | 35 + operatorapi/embedded_spec.go | 10340 ++++++++++++++++ operatorapi/error.go | 184 + {restapi => operatorapi}/integrations.go | 2 +- {restapi => operatorapi}/k8s_client.go | 2 +- operatorapi/logs.go | 76 + .../minio_operator_mock.go | 2 +- operatorapi/operations/operator_api.go | 793 ++ .../operator_api}/create_namespace.go | 4 +- .../create_namespace_parameters.go | 2 +- .../create_namespace_responses.go | 2 +- .../create_namespace_urlbuilder.go | 2 +- .../operations/operator_api}/create_tenant.go | 4 +- .../operator_api}/create_tenant_parameters.go | 2 +- .../operator_api}/create_tenant_responses.go | 2 +- .../operator_api}/create_tenant_urlbuilder.go | 2 +- .../operations/operator_api}/delete_pod.go | 4 +- .../operator_api}/delete_pod_parameters.go | 2 +- .../operator_api}/delete_pod_responses.go | 2 +- .../operator_api}/delete_pod_urlbuilder.go | 2 +- .../operations/operator_api}/delete_tenant.go | 4 +- .../operator_api}/delete_tenant_parameters.go | 2 +- .../operator_api}/delete_tenant_responses.go | 2 +- .../operator_api}/delete_tenant_urlbuilder.go | 2 +- .../direct_c_s_i_format_drive.go | 4 +- .../direct_c_s_i_format_drive_parameters.go | 2 +- .../direct_c_s_i_format_drive_responses.go | 2 +- .../direct_c_s_i_format_drive_urlbuilder.go | 2 +- .../get_direct_c_s_i_drive_list.go | 4 +- .../get_direct_c_s_i_drive_list_parameters.go | 2 +- .../get_direct_c_s_i_drive_list_responses.go | 2 +- .../get_direct_c_s_i_drive_list_urlbuilder.go | 2 +- .../get_direct_c_s_i_volume_list.go | 4 +- ...get_direct_c_s_i_volume_list_parameters.go | 2 +- .../get_direct_c_s_i_volume_list_responses.go | 2 +- ...get_direct_c_s_i_volume_list_urlbuilder.go | 2 +- .../operator_api}/get_max_allocatable_mem.go | 4 +- .../get_max_allocatable_mem_parameters.go | 2 +- .../get_max_allocatable_mem_responses.go | 2 +- .../get_max_allocatable_mem_urlbuilder.go | 2 +- .../operations/operator_api}/get_parity.go | 4 +- .../operator_api}/get_parity_parameters.go | 2 +- .../operator_api}/get_parity_responses.go | 2 +- .../operator_api}/get_parity_urlbuilder.go | 2 +- .../operator_api}/get_pod_events.go | 4 +- .../get_pod_events_parameters.go | 2 +- .../operator_api}/get_pod_events_responses.go | 2 +- .../get_pod_events_urlbuilder.go | 2 +- .../operations/operator_api}/get_pod_logs.go | 4 +- .../operator_api}/get_pod_logs_parameters.go | 2 +- .../operator_api}/get_pod_logs_responses.go | 2 +- .../operator_api}/get_pod_logs_urlbuilder.go | 2 +- .../operator_api}/get_resource_quota.go | 4 +- .../get_resource_quota_parameters.go | 2 +- .../get_resource_quota_responses.go | 2 +- .../get_resource_quota_urlbuilder.go | 2 +- .../operator_api}/get_tenant_pods.go | 4 +- .../get_tenant_pods_parameters.go | 2 +- .../get_tenant_pods_responses.go | 2 +- .../get_tenant_pods_urlbuilder.go | 2 +- .../operator_api}/get_tenant_usage.go | 4 +- .../get_tenant_usage_parameters.go | 2 +- .../get_tenant_usage_responses.go | 2 +- .../get_tenant_usage_urlbuilder.go | 2 +- .../operator_api}/get_tenant_y_a_m_l.go | 4 +- .../get_tenant_y_a_m_l_parameters.go | 2 +- .../get_tenant_y_a_m_l_responses.go | 2 +- .../get_tenant_y_a_m_l_urlbuilder.go | 2 +- .../operator_api}/list_all_tenants.go | 4 +- .../list_all_tenants_parameters.go | 2 +- .../list_all_tenants_responses.go | 2 +- .../list_all_tenants_urlbuilder.go | 2 +- .../operator_api/list_node_labels.go | 0 .../list_node_labels_parameters.go | 0 .../list_node_labels_responses.go | 0 .../list_node_labels_urlbuilder.go | 0 .../operations/operator_api}/list_p_v_cs.go | 4 +- .../operator_api}/list_p_v_cs_parameters.go | 2 +- .../operator_api}/list_p_v_cs_responses.go | 2 +- .../operator_api}/list_p_v_cs_urlbuilder.go | 2 +- .../operations/operator_api}/list_tenants.go | 4 +- .../operator_api}/list_tenants_parameters.go | 2 +- .../operator_api}/list_tenants_responses.go | 2 +- .../operator_api}/list_tenants_urlbuilder.go | 2 +- .../operator_api}/put_tenant_y_a_m_l.go | 4 +- .../put_tenant_y_a_m_l_parameters.go | 2 +- .../put_tenant_y_a_m_l_responses.go | 2 +- .../put_tenant_y_a_m_l_urlbuilder.go | 2 +- .../operator_api}/subscription_activate.go | 4 +- .../subscription_activate_parameters.go | 2 +- .../subscription_activate_responses.go | 2 +- .../subscription_activate_urlbuilder.go | 2 +- .../operator_api/subscription_info.go | 88 + .../subscription_info_parameters.go | 63 + .../subscription_info_responses.go | 133 + .../subscription_info_urlbuilder.go | 104 + .../operator_api/subscription_refresh.go | 32 +- .../subscription_refresh_parameters.go | 63 + .../subscription_refresh_responses.go | 60 +- .../subscription_refresh_urlbuilder.go | 88 +- .../operator_api/subscription_validate.go | 88 + .../subscription_validate_parameters.go | 94 +- .../subscription_validate_responses.go | 133 + .../subscription_validate_urlbuilder.go | 104 + .../operator_api}/tenant_add_pool.go | 4 +- .../tenant_add_pool_parameters.go | 2 +- .../tenant_add_pool_responses.go | 2 +- .../tenant_add_pool_urlbuilder.go | 2 +- .../operator_api}/tenant_details.go | 4 +- .../tenant_details_parameters.go | 2 +- .../operator_api}/tenant_details_responses.go | 2 +- .../tenant_details_urlbuilder.go | 2 +- .../operator_api}/tenant_security.go | 4 +- .../tenant_security_parameters.go | 2 +- .../tenant_security_responses.go | 2 +- .../tenant_security_urlbuilder.go | 2 +- .../tenant_update_certificate.go | 4 +- .../tenant_update_certificate_parameters.go | 2 +- .../tenant_update_certificate_responses.go | 2 +- .../tenant_update_certificate_urlbuilder.go | 2 +- .../operator_api}/tenant_update_encryption.go | 4 +- .../tenant_update_encryption_parameters.go | 2 +- .../tenant_update_encryption_responses.go | 2 +- .../tenant_update_encryption_urlbuilder.go | 2 +- .../operator_api}/tenant_update_pools.go | 4 +- .../tenant_update_pools_parameters.go | 2 +- .../tenant_update_pools_responses.go | 2 +- .../tenant_update_pools_urlbuilder.go | 2 +- .../operations/operator_api}/update_tenant.go | 4 +- .../operator_api}/update_tenant_parameters.go | 2 +- .../operator_api}/update_tenant_responses.go | 2 +- .../operator_api}/update_tenant_security.go | 4 +- .../update_tenant_security_parameters.go | 2 +- .../update_tenant_security_responses.go | 2 +- .../update_tenant_security_urlbuilder.go | 2 +- .../operator_api}/update_tenant_urlbuilder.go | 2 +- operatorapi/operations/user_api/login.go | 73 + .../operations/user_api/login_detail.go | 73 + .../user_api/login_detail_parameters.go | 63 + .../user_api/login_detail_responses.go | 133 + .../user_api/login_detail_urlbuilder.go | 104 + .../operations/user_api/login_oauth2_auth.go | 73 + .../user_api/login_oauth2_auth_parameters.go | 102 + .../user_api/login_oauth2_auth_responses.go | 133 + .../user_api/login_oauth2_auth_urlbuilder.go | 104 + .../operations/user_api/login_operator.go | 73 + .../user_api/login_operator_parameters.go | 102 + .../user_api/login_operator_responses.go | 133 + .../user_api/login_operator_urlbuilder.go | 104 + .../operations/user_api/login_parameters.go | 102 + .../operations/user_api/login_responses.go | 62 +- .../operations/user_api/login_urlbuilder.go | 104 + .../operations/user_api/logout.go | 32 +- .../operations/user_api/logout_parameters.go | 63 + .../operations/user_api/logout_responses.go | 113 + .../operations/user_api/logout_urlbuilder.go | 104 + .../operations/user_api/session_check.go | 88 + .../user_api/session_check_parameters.go | 63 + .../user_api/session_check_responses.go | 133 + .../user_api/session_check_urlbuilder.go | 46 +- {restapi => operatorapi}/operator_client.go | 2 +- .../operator_direct_csi.go | 43 +- operatorapi/operator_login.go | 241 + .../operator_namespaces.go | 22 +- .../operator_namespaces_test.go | 2 +- .../operator_nodes.go | 24 +- .../operator_nodes_test.go | 2 +- .../operator_parity.go | 22 +- .../operator_parity_test.go | 2 +- operatorapi/operator_session.go | 57 + operatorapi/operator_subscription.go | 362 + .../operator_subscription_test.go | 2 +- .../operator_tenants.go | 335 +- .../operator_tenants_helper.go | 27 +- .../operator_tenants_helper_test.go | 25 +- .../operator_tenants_test.go | 35 +- .../operator_volumes.go | 19 +- {restapi => operatorapi}/resource_quota.go | 22 +- .../resource_quota_test.go | 2 +- operatorapi/server.go | 528 + portal-ui/src/common/utils.ts | 27 +- restapi/admin_arns.go | 8 +- restapi/admin_config.go | 24 +- restapi/admin_groups.go | 48 +- restapi/admin_info.go | 18 +- restapi/admin_info_test.go | 4 +- restapi/admin_notification_endpoints.go | 16 +- restapi/admin_policies.go | 78 +- restapi/admin_profiling.go | 18 +- restapi/admin_profiling_test.go | 4 +- restapi/admin_remote_buckets.go | 34 +- restapi/admin_service.go | 8 +- restapi/admin_subscription.go | 372 +- restapi/admin_tiers.go | 32 +- restapi/admin_users.go | 76 +- restapi/admin_users_test.go | 2 +- restapi/client-admin.go | 166 +- restapi/client.go | 32 +- restapi/config.go | 59 +- restapi/configure_console.go | 53 +- restapi/consts.go | 7 - restapi/embedded_spec.go | 5407 +------- restapi/error.go | 43 +- .../tenant_widget_details_parameters.go | 241 - restapi/operations/console_api.go | 373 - restapi/operator_info.go | 138 - restapi/user_account.go | 20 +- restapi/user_bucket_quota.go | 18 +- restapi/user_buckets.go | 74 +- restapi/user_buckets_events.go | 12 +- restapi/user_buckets_lifecycle.go | 8 +- restapi/user_buckets_test.go | 4 +- restapi/user_log_search.go | 6 +- restapi/user_login.go | 79 +- restapi/user_logout.go | 4 +- restapi/user_objects.go | 38 +- restapi/user_service_accounts.go | 24 +- restapi/user_session.go | 2 +- restapi/ws_handle.go | 4 +- swagger-console.yml | 3668 ++++++ swagger.yml => swagger-operator.yml | 2109 +--- 228 files changed, 20846 insertions(+), 9852 deletions(-) create mode 100644 cmd/console/operator.go create mode 100644 operatorapi/config.go create mode 100644 operatorapi/configure_operator.go create mode 100644 operatorapi/consts.go create mode 100644 operatorapi/doc.go create mode 100644 operatorapi/embedded_spec.go create mode 100644 operatorapi/error.go rename {restapi => operatorapi}/integrations.go (99%) rename {restapi => operatorapi}/k8s_client.go (99%) create mode 100644 operatorapi/logs.go rename {restapi => operatorapi}/minio_operator_mock.go (97%) create mode 100644 operatorapi/operations/operator_api.go rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/create_namespace.go (96%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/create_namespace_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/create_namespace_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/create_namespace_urlbuilder.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/create_tenant.go (96%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/create_tenant_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/create_tenant_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/create_tenant_urlbuilder.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/delete_pod.go (97%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/delete_pod_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/delete_pod_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/delete_pod_urlbuilder.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/delete_tenant.go (97%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/delete_tenant_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/delete_tenant_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/delete_tenant_urlbuilder.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/direct_c_s_i_format_drive.go (98%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/direct_c_s_i_format_drive_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/direct_c_s_i_format_drive_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/direct_c_s_i_format_drive_urlbuilder.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_direct_c_s_i_drive_list.go (96%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_direct_c_s_i_drive_list_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_direct_c_s_i_drive_list_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_direct_c_s_i_drive_list_urlbuilder.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_direct_c_s_i_volume_list.go (98%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_direct_c_s_i_volume_list_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_direct_c_s_i_volume_list_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_direct_c_s_i_volume_list_urlbuilder.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_max_allocatable_mem.go (97%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_max_allocatable_mem_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_max_allocatable_mem_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_max_allocatable_mem_urlbuilder.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_parity.go (98%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_parity_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_parity_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_parity_urlbuilder.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_pod_events.go (97%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_pod_events_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_pod_events_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_pod_events_urlbuilder.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_pod_logs.go (97%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_pod_logs_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_pod_logs_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_pod_logs_urlbuilder.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_resource_quota.go (97%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_resource_quota_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_resource_quota_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_resource_quota_urlbuilder.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_tenant_pods.go (97%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_tenant_pods_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_tenant_pods_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_tenant_pods_urlbuilder.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_tenant_usage.go (97%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_tenant_usage_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_tenant_usage_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_tenant_usage_urlbuilder.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_tenant_y_a_m_l.go (97%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_tenant_y_a_m_l_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_tenant_y_a_m_l_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/get_tenant_y_a_m_l_urlbuilder.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/list_all_tenants.go (96%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/list_all_tenants_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/list_all_tenants_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/list_all_tenants_urlbuilder.go (99%) rename {restapi => operatorapi}/operations/operator_api/list_node_labels.go (100%) rename {restapi => operatorapi}/operations/operator_api/list_node_labels_parameters.go (100%) rename {restapi => operatorapi}/operations/operator_api/list_node_labels_responses.go (100%) rename {restapi => operatorapi}/operations/operator_api/list_node_labels_urlbuilder.go (100%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/list_p_v_cs.go (97%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/list_p_v_cs_parameters.go (98%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/list_p_v_cs_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/list_p_v_cs_urlbuilder.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/list_tenants.go (98%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/list_tenants_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/list_tenants_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/list_tenants_urlbuilder.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/put_tenant_y_a_m_l.go (97%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/put_tenant_y_a_m_l_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/put_tenant_y_a_m_l_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/put_tenant_y_a_m_l_urlbuilder.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/subscription_activate.go (96%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/subscription_activate_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/subscription_activate_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/subscription_activate_urlbuilder.go (99%) create mode 100644 operatorapi/operations/operator_api/subscription_info.go create mode 100644 operatorapi/operations/operator_api/subscription_info_parameters.go create mode 100644 operatorapi/operations/operator_api/subscription_info_responses.go create mode 100644 operatorapi/operations/operator_api/subscription_info_urlbuilder.go rename restapi/operations/admin_api/tenant_widget_details.go => operatorapi/operations/operator_api/subscription_refresh.go (62%) create mode 100644 operatorapi/operations/operator_api/subscription_refresh_parameters.go rename restapi/operations/admin_api/tenant_widget_details_responses.go => operatorapi/operations/operator_api/subscription_refresh_responses.go (52%) rename restapi/operations/admin_api/tenant_widget_details_urlbuilder.go => operatorapi/operations/operator_api/subscription_refresh_urlbuilder.go (53%) create mode 100644 operatorapi/operations/operator_api/subscription_validate.go rename restapi/operations/admin_api/tenant_info_parameters.go => operatorapi/operations/operator_api/subscription_validate_parameters.go (50%) create mode 100644 operatorapi/operations/operator_api/subscription_validate_responses.go create mode 100644 operatorapi/operations/operator_api/subscription_validate_urlbuilder.go rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/tenant_add_pool.go (97%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/tenant_add_pool_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/tenant_add_pool_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/tenant_add_pool_urlbuilder.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/tenant_details.go (97%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/tenant_details_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/tenant_details_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/tenant_details_urlbuilder.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/tenant_security.go (97%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/tenant_security_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/tenant_security_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/tenant_security_urlbuilder.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/tenant_update_certificate.go (97%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/tenant_update_certificate_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/tenant_update_certificate_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/tenant_update_certificate_urlbuilder.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/tenant_update_encryption.go (97%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/tenant_update_encryption_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/tenant_update_encryption_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/tenant_update_encryption_urlbuilder.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/tenant_update_pools.go (97%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/tenant_update_pools_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/tenant_update_pools_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/tenant_update_pools_urlbuilder.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/update_tenant.go (98%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/update_tenant_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/update_tenant_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/update_tenant_security.go (97%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/update_tenant_security_parameters.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/update_tenant_security_responses.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/update_tenant_security_urlbuilder.go (99%) rename {restapi/operations/admin_api => operatorapi/operations/operator_api}/update_tenant_urlbuilder.go (99%) create mode 100644 operatorapi/operations/user_api/login.go create mode 100644 operatorapi/operations/user_api/login_detail.go create mode 100644 operatorapi/operations/user_api/login_detail_parameters.go create mode 100644 operatorapi/operations/user_api/login_detail_responses.go create mode 100644 operatorapi/operations/user_api/login_detail_urlbuilder.go create mode 100644 operatorapi/operations/user_api/login_oauth2_auth.go create mode 100644 operatorapi/operations/user_api/login_oauth2_auth_parameters.go create mode 100644 operatorapi/operations/user_api/login_oauth2_auth_responses.go create mode 100644 operatorapi/operations/user_api/login_oauth2_auth_urlbuilder.go create mode 100644 operatorapi/operations/user_api/login_operator.go create mode 100644 operatorapi/operations/user_api/login_operator_parameters.go create mode 100644 operatorapi/operations/user_api/login_operator_responses.go create mode 100644 operatorapi/operations/user_api/login_operator_urlbuilder.go create mode 100644 operatorapi/operations/user_api/login_parameters.go rename restapi/operations/admin_api/tenant_info_responses.go => operatorapi/operations/user_api/login_responses.go (52%) create mode 100644 operatorapi/operations/user_api/login_urlbuilder.go rename restapi/operations/admin_api/tenant_info.go => operatorapi/operations/user_api/logout.go (65%) create mode 100644 operatorapi/operations/user_api/logout_parameters.go create mode 100644 operatorapi/operations/user_api/logout_responses.go create mode 100644 operatorapi/operations/user_api/logout_urlbuilder.go create mode 100644 operatorapi/operations/user_api/session_check.go create mode 100644 operatorapi/operations/user_api/session_check_parameters.go create mode 100644 operatorapi/operations/user_api/session_check_responses.go rename restapi/operations/admin_api/tenant_info_urlbuilder.go => operatorapi/operations/user_api/session_check_urlbuilder.go (66%) rename {restapi => operatorapi}/operator_client.go (99%) rename restapi/admin_direct_csi.go => operatorapi/operator_direct_csi.go (83%) create mode 100644 operatorapi/operator_login.go rename restapi/admin_namespaces.go => operatorapi/operator_namespaces.go (69%) rename restapi/admin_namespaces_test.go => operatorapi/operator_namespaces_test.go (98%) rename restapi/admin_nodes.go => operatorapi/operator_nodes.go (87%) rename restapi/admin_nodes_test.go => operatorapi/operator_nodes_test.go (99%) rename restapi/admin_parity.go => operatorapi/operator_parity.go (65%) rename restapi/admin_parity_test.go => operatorapi/operator_parity_test.go (99%) create mode 100644 operatorapi/operator_session.go create mode 100644 operatorapi/operator_subscription.go rename restapi/admin_subscription_test.go => operatorapi/operator_subscription_test.go (99%) rename restapi/admin_tenants.go => operatorapi/operator_tenants.go (85%) rename restapi/admin_tenants_helper.go => operatorapi/operator_tenants_helper.go (96%) rename restapi/admin_tenants_helper_test.go => operatorapi/operator_tenants_helper_test.go (97%) rename restapi/admin_tenants_test.go => operatorapi/operator_tenants_test.go (97%) rename restapi/admin_volumes.go => operatorapi/operator_volumes.go (77%) rename {restapi => operatorapi}/resource_quota.go (81%) rename {restapi => operatorapi}/resource_quota_test.go (99%) create mode 100644 operatorapi/server.go delete mode 100644 restapi/operations/admin_api/tenant_widget_details_parameters.go delete mode 100644 restapi/operator_info.go create mode 100644 swagger-console.yml rename swagger.yml => swagger-operator.yml (62%) diff --git a/Makefile b/Makefile index afacbb590..4e27fd4d1 100644 --- a/Makefile +++ b/Makefile @@ -43,11 +43,22 @@ install: console @mkdir -p $(GOPATH)/bin && cp -f $(PWD)/console $(GOPATH)/bin/console @echo "Installation successful. To learn more, try \"console --help\"." -swagger-gen: - @echo "Generating swagger server code from yaml" +swagger-gen: clean-swagger swagger-console swagger-operator + @echo "Done Generating swagger server code from yaml" + +clean-swagger: + @echo "cleaning" @rm -rf models @rm -rf restapi/operations - @swagger generate server -A console --main-package=console --exclude-main -P models.Principal -f ./swagger.yml -r NOTICE + @rm -rf operatorapi/operations + +swagger-console: + @echo "Generating swagger server code from yaml" + @swagger generate server -A console --main-package=management --server-package=restapi --exclude-main -P models.Principal -f ./swagger-console.yml -r NOTICE + +swagger-operator: + @echo "Generating swagger server code from yaml" + @swagger generate server -A operator --main-package=operator --server-package=operatorapi --exclude-main -P models.Principal -f ./swagger-operator.yml -r NOTICE assets: @(cd portal-ui; yarn install; make build-static; yarn prettier --write . --loglevel warn; cd ..) diff --git a/cmd/console/main.go b/cmd/console/main.go index 9b6f72cfe..96ac1c90c 100644 --- a/cmd/console/main.go +++ b/cmd/console/main.go @@ -53,6 +53,7 @@ VERSION: var appCmds = []cli.Command{ serverCmd, updateCmd, + operatorCmd, } func newApp(name string) *cli.App { diff --git a/cmd/console/operator.go b/cmd/console/operator.go new file mode 100644 index 000000000..d7cd481e6 --- /dev/null +++ b/cmd/console/operator.go @@ -0,0 +1,246 @@ +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . + +package main + +import ( + "fmt" + "io/ioutil" + "path/filepath" + "strconv" + "time" + + "github.com/minio/console/restapi" + + "github.com/go-openapi/loads" + "github.com/jessevdk/go-flags" + "github.com/minio/cli" + "github.com/minio/console/operatorapi" + "github.com/minio/console/operatorapi/operations" + "github.com/minio/console/pkg/certs" +) + +// starts the server +var operatorCmd = cli.Command{ + Name: "operator", + Aliases: []string{"opr"}, + Usage: "Start MinIO Operator UI server", + Action: startOperatorServer, + Flags: []cli.Flag{ + cli.StringFlag{ + Name: "host", + Value: restapi.GetHostname(), + Usage: "bind to a specific HOST, HOST can be an IP or hostname", + }, + cli.IntFlag{ + Name: "port", + Value: restapi.GetPort(), + Usage: "bind to specific HTTP port", + }, + // This is kept here for backward compatibility, + // hostname's do not have HTTP or HTTPs + // hostnames are opaque so using --host + // works for both HTTP and HTTPS setup. + cli.StringFlag{ + Name: "tls-host", + Value: restapi.GetHostname(), + Hidden: true, + }, + cli.StringFlag{ + Name: "certs-dir", + Value: certs.GlobalCertsCADir.Get(), + Usage: "path to certs directory", + }, + cli.IntFlag{ + Name: "tls-port", + Value: restapi.GetTLSPort(), + Usage: "bind to specific HTTPS port", + }, + cli.StringFlag{ + Name: "tls-redirect", + Value: restapi.GetTLSRedirect(), + Usage: "toggle HTTP->HTTPS redirect", + }, + cli.StringFlag{ + Name: "tls-certificate", + Value: "", + Usage: "path to TLS public certificate", + Hidden: true, + }, + cli.StringFlag{ + Name: "tls-key", + Value: "", + Usage: "path to TLS private key", + Hidden: true, + }, + cli.StringFlag{ + Name: "tls-ca", + Value: "", + Usage: "path to TLS Certificate Authority", + Hidden: true, + }, + }, +} + +func buildOperatorServer() (*operatorapi.Server, error) { + swaggerSpec, err := loads.Embedded(operatorapi.SwaggerJSON, operatorapi.FlatSwaggerJSON) + if err != nil { + return nil, err + } + + api := operations.NewOperatorAPI(swaggerSpec) + api.Logger = operatorapi.LogInfo + server := operatorapi.NewServer(api) + + parser := flags.NewParser(server, flags.Default) + parser.ShortDescription = "MinIO Console Server" + parser.LongDescription = swaggerSpec.Spec().Info.Description + + server.ConfigureFlags() + + // register all APIs + server.ConfigureAPI() + + for _, optsGroup := range api.CommandLineOptionsGroups { + _, err := parser.AddGroup(optsGroup.ShortDescription, optsGroup.LongDescription, optsGroup.Options) + if err != nil { + return nil, err + } + } + + if _, err := parser.Parse(); err != nil { + return nil, err + } + + return server, nil +} + +func loadOperatorAllCerts(ctx *cli.Context) error { + var err error + // Set all certs and CAs directories path + certs.GlobalCertsDir, _, err = certs.NewConfigDirFromCtx(ctx, "certs-dir", certs.DefaultCertsDir.Get) + if err != nil { + return err + } + + certs.GlobalCertsCADir = &certs.ConfigDir{Path: filepath.Join(certs.GlobalCertsDir.Get(), certs.CertsCADir)} + // check if certs and CAs directories exists or can be created + if err = certs.MkdirAllIgnorePerm(certs.GlobalCertsCADir.Get()); err != nil { + return fmt.Errorf("unable to create certs CA directory at %s: failed with %w", certs.GlobalCertsCADir.Get(), err) + } + + // load the certificates and the CAs + operatorapi.GlobalRootCAs, operatorapi.GlobalPublicCerts, operatorapi.GlobalTLSCertsManager, err = certs.GetAllCertificatesAndCAs() + if err != nil { + return fmt.Errorf("unable to load certificates at %s: failed with %w", certs.GlobalCertsDir.Get(), err) + } + + { + // TLS flags from swagger server, used to support VMware vsphere operator version. + swaggerServerCertificate := ctx.String("tls-certificate") + swaggerServerCertificateKey := ctx.String("tls-key") + swaggerServerCACertificate := ctx.String("tls-ca") + // load tls cert and key from swagger server tls-certificate and tls-key flags + if swaggerServerCertificate != "" && swaggerServerCertificateKey != "" { + if err = operatorapi.GlobalTLSCertsManager.AddCertificate(swaggerServerCertificate, swaggerServerCertificateKey); err != nil { + return err + } + x509Certs, err := certs.ParsePublicCertFile(swaggerServerCertificate) + if err == nil { + operatorapi.GlobalPublicCerts = append(operatorapi.GlobalPublicCerts, x509Certs...) + } + } + + // load ca cert from swagger server tls-ca flag + if swaggerServerCACertificate != "" { + caCert, caCertErr := ioutil.ReadFile(swaggerServerCACertificate) + if caCertErr == nil { + operatorapi.GlobalRootCAs.AppendCertsFromPEM(caCert) + } + } + } + + return nil +} + +// StartServer starts the console service +func startOperatorServer(ctx *cli.Context) error { + if err := loadOperatorAllCerts(ctx); err != nil { + // Log this as a warning and continue running console without TLS certificates + operatorapi.LogError("Unable to load certs: %v", err) + } + + var rctx operatorapi.Context + if err := rctx.Load(ctx); err != nil { + operatorapi.LogError("argument validation failed: %v", err) + return err + } + + server, err := buildOperatorServer() + if err != nil { + operatorapi.LogError("Unable to initialize console server: %v", err) + return err + } + + server.Host = rctx.Host + server.Port = rctx.HTTPPort + // set conservative timesout for uploads + server.ReadTimeout = 1 * time.Hour + // no timeouts for response for downloads + server.WriteTimeout = 0 + operatorapi.Port = strconv.Itoa(server.Port) + operatorapi.Hostname = server.Host + + if len(operatorapi.GlobalPublicCerts) > 0 { + // If TLS certificates are provided enforce the HTTPS schema, meaning console will redirect + // plain HTTP connections to HTTPS server + server.EnabledListeners = []string{"http", "https"} + server.TLSPort = rctx.HTTPSPort + // Need to store tls-port, tls-host un config variables so secure.middleware can read from there + operatorapi.TLSPort = strconv.Itoa(server.TLSPort) + operatorapi.Hostname = rctx.Host + operatorapi.TLSRedirect = rctx.TLSRedirect + } + + defer server.Shutdown() + + // subnet license refresh process + go func() { + // start refreshing subnet license after 5 seconds.. + time.Sleep(time.Second * 5) + + failedAttempts := 0 + for { + if err := operatorapi.RefreshLicense(); err != nil { + operatorapi.LogError("Refreshing subnet license failed: %v", err) + failedAttempts++ + // end license refresh after 3 consecutive failed attempts + if failedAttempts >= 3 { + return + } + // wait 5 minutes and retry again + time.Sleep(time.Minute * 5) + continue + } + // if license refreshed successfully reset the counter + failedAttempts = 0 + // try to refresh license every 24 hrs + time.Sleep(time.Hour * 24) + } + }() + + return server.Serve() +} diff --git a/cmd/console/server.go b/cmd/console/server.go index 559643f32..507215915 100644 --- a/cmd/console/server.go +++ b/cmd/console/server.go @@ -19,6 +19,7 @@ package main import ( "fmt" "io/ioutil" + "os" "path/filepath" "strconv" "time" @@ -156,7 +157,8 @@ func loadAllCerts(ctx *cli.Context) error { if err = restapi.GlobalTLSCertsManager.AddCertificate(swaggerServerCertificate, swaggerServerCertificateKey); err != nil { return err } - if x509Certs, err := certs.ParsePublicCertFile(swaggerServerCertificate); err == nil { + x509Certs, err := certs.ParsePublicCertFile(swaggerServerCertificate) + if err == nil { restapi.GlobalPublicCerts = append(restapi.GlobalPublicCerts, x509Certs...) } } @@ -175,6 +177,10 @@ func loadAllCerts(ctx *cli.Context) error { // StartServer starts the console service func StartServer(ctx *cli.Context) error { + if os.Getenv("CONSOLE_OPERATOR_MODE") != "" && os.Getenv("CONSOLE_OPERATOR_MODE") == "on" { + return startOperatorServer(ctx) + } + if err := loadAllCerts(ctx); err != nil { // Log this as a warning and continue running console without TLS certificates restapi.LogError("Unable to load certs: %v", err) @@ -214,30 +220,5 @@ func StartServer(ctx *cli.Context) error { defer server.Shutdown() - // subnet license refresh process - go func() { - // start refreshing subnet license after 5 seconds.. - time.Sleep(time.Second * 5) - - failedAttempts := 0 - for { - if err := restapi.RefreshLicense(); err != nil { - restapi.LogError("Refreshing subnet license failed: %v", err) - failedAttempts++ - // end license refresh after 3 consecutive failed attempts - if failedAttempts >= 3 { - return - } - // wait 5 minutes and retry again - time.Sleep(time.Minute * 5) - continue - } - // if license refreshed successfully reset the counter - failedAttempts = 0 - // try to refresh license every 24 hrs - time.Sleep(time.Hour * 24) - } - }() - return server.Serve() } diff --git a/operatorapi/config.go b/operatorapi/config.go new file mode 100644 index 000000000..27637e9ce --- /dev/null +++ b/operatorapi/config.go @@ -0,0 +1,76 @@ +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . + +package operatorapi + +import ( + "crypto/x509" + "io/ioutil" + "time" + + xcerts "github.com/minio/pkg/certs" + + "github.com/minio/pkg/env" +) + +var ( + // Port console default port + Port = "9090" + + // Hostname console hostname + // avoid listening on 0.0.0.0 by default + // instead listen on all IPv4 and IPv6 + // - Hostname should be empty. + Hostname = "" + + // TLSPort console tls port + TLSPort = "9443" + + // TLSRedirect console tls redirect rule + TLSRedirect = "on" + + // SessionDuration cookie validity duration + SessionDuration = 45 * time.Minute + + // LicenseKey in memory license key used by console ui + LicenseKey = "" + + // GlobalRootCAs is CA root certificates, a nil value means system certs pool will be used + GlobalRootCAs *x509.CertPool + // GlobalPublicCerts has certificates Console will use to serve clients + GlobalPublicCerts []*x509.Certificate + // GlobalTLSCertsManager custom TLS Manager for SNI support + GlobalTLSCertsManager *xcerts.Manager +) + +var consoleImage string + +func init() { + consoleImage = env.Get(ConsoleOperatorConsoleImage, ConsoleImageDefaultVersion) +} + +// getK8sSAToken assumes the plugin is running inside a k8s pod and extract the current service account from the +// /var/run/secrets/kubernetes.io/serviceaccount/token file +func getK8sSAToken() string { + dat, err := ioutil.ReadFile("/var/run/secrets/kubernetes.io/serviceaccount/token") + if err != nil { + return env.Get(ConsoleOperatorSAToken, "") + } + return string(dat) +} +func getConsoleImage() string { + return consoleImage +} diff --git a/operatorapi/configure_operator.go b/operatorapi/configure_operator.go new file mode 100644 index 000000000..f74862df8 --- /dev/null +++ b/operatorapi/configure_operator.go @@ -0,0 +1,174 @@ +// This file is safe to edit. Once it exists it will not be overwritten + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package operatorapi + +import ( + "crypto/tls" + "net/http" + + "github.com/minio/console/restapi" + "github.com/unrolled/secure" + + "github.com/minio/console/pkg/auth" + + "github.com/go-openapi/swag" + + "github.com/go-openapi/errors" + + "github.com/minio/console/models" + "github.com/minio/console/operatorapi/operations" +) + +//go:generate swagger generate server --target ../../console --name Operator --spec ../swagger-operator.yml --server-package operatorapi --principal models.Principal --exclude-main + +var additionalServerFlags = struct { + CertsDir string `long:"certs-dir" description:"path to certs directory" env:"CONSOLE_CERTS_DIR"` +}{} + +func configureFlags(api *operations.OperatorAPI) { + api.CommandLineOptionsGroups = []swag.CommandLineOptionsGroup{ + { + ShortDescription: "additional server flags", + Options: &additionalServerFlags, + }, + } +} + +func configureAPI(api *operations.OperatorAPI) http.Handler { + + // Applies when the "x-token" header is set + api.KeyAuth = func(token string, scopes []string) (*models.Principal, error) { + // we are validating the session token by decrypting the claims inside, if the operation succeed that means the jwt + // was generated and signed by us in the first place + claims, err := auth.SessionTokenAuthenticate(token) + if err != nil { + api.Logger("Unable to validate the session token %s: %v", token, err) + return nil, errors.New(401, "incorrect api key auth") + } + return &models.Principal{ + STSAccessKeyID: claims.STSAccessKeyID, + Actions: claims.Actions, + STSSecretAccessKey: claims.STSSecretAccessKey, + STSSessionToken: claims.STSSessionToken, + AccountAccessKey: claims.AccountAccessKey, + }, nil + } + + // Register login handlers + registerLoginHandlers(api) + registerSessionHandlers(api) + + // Operator Console + // Register tenant handlers + registerTenantHandlers(api) + // Register ResourceQuota handlers + registerResourceQuotaHandlers(api) + // Register Nodes' handlers + registerNodesHandlers(api) + // Register Parity' handlers + registerParityHandlers(api) + + // Direct CSI handlers + registerDirectCSIHandlers(api) + // Volumes handlers + registerVolumesHandlers(api) + // Namespaces handlers + registerNamespaceHandlers(api) + // Subscription handlers + registerOperatorSubscriptionHandlers(api) + + api.PreServerShutdown = func() {} + + api.ServerShutdown = func() {} + + return setupGlobalMiddleware(api.Serve(setupMiddlewares)) +} + +// The TLS configuration before HTTPS server starts. +func configureTLS(tlsConfig *tls.Config) { + // Make all necessary changes to the TLS configuration here. +} + +// As soon as server is initialized but not run yet, this function will be called. +// If you need to modify a config, store server instance to stop it individually later, this is the place. +// This function can be called multiple times, depending on the number of serving schemes. +// scheme value will be set accordingly: "http", "https" or "unix". +func configureServer(s *http.Server, scheme, addr string) { +} + +// The middleware configuration is for the handler executors. These do not apply to the swagger.json document. +// The middleware executes after routing but before authentication, binding and validation. +func setupMiddlewares(handler http.Handler) http.Handler { + return handler +} + +func AuthenticationMiddleware(next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + token, err := auth.GetTokenFromRequest(r) + if err != nil && err != auth.ErrNoAuthToken { + http.Error(w, err.Error(), http.StatusUnauthorized) + return + } + // All handlers handle appropriately to return errors + // based on their swagger rules, we do not need to + // additionally return error here, let the next ServeHTTPs + // handle it appropriately. + if token != "" { + r.Header.Add("Authorization", "Bearer "+token) + } + next.ServeHTTP(w, r) + }) +} + +// The middleware configuration happens before anything, this middleware also applies to serving the swagger.json document. +// So this is a good place to plug in a panic handling middleware, logging and metrics. +func setupGlobalMiddleware(handler http.Handler) http.Handler { + // handle cookie or authorization header for session + next := AuthenticationMiddleware(handler) + // serve static files + next = restapi.FileServerMiddleware(next) + // Secure middleware, this middleware wrap all the previous handlers and add + // HTTP security headers + secureOptions := secure.Options{ + AllowedHosts: restapi.GetSecureAllowedHosts(), + AllowedHostsAreRegex: restapi.GetSecureAllowedHostsAreRegex(), + HostsProxyHeaders: restapi.GetSecureHostsProxyHeaders(), + SSLRedirect: restapi.GetTLSRedirect() == "on" && len(GlobalPublicCerts) > 0, + SSLHost: restapi.GetSecureTLSHost(), + STSSeconds: restapi.GetSecureSTSSeconds(), + STSIncludeSubdomains: restapi.GetSecureSTSIncludeSubdomains(), + STSPreload: restapi.GetSecureSTSPreload(), + SSLTemporaryRedirect: restapi.GetSecureTLSTemporaryRedirect(), + SSLHostFunc: nil, + ForceSTSHeader: restapi.GetSecureForceSTSHeader(), + FrameDeny: restapi.GetSecureFrameDeny(), + ContentTypeNosniff: restapi.GetSecureContentTypeNonSniff(), + BrowserXssFilter: restapi.GetSecureBrowserXSSFilter(), + ContentSecurityPolicy: restapi.GetSecureContentSecurityPolicy(), + ContentSecurityPolicyReportOnly: restapi.GetSecureContentSecurityPolicyReportOnly(), + PublicKey: restapi.GetSecurePublicKey(), + ReferrerPolicy: restapi.GetSecureReferrerPolicy(), + FeaturePolicy: restapi.GetSecureFeaturePolicy(), + ExpectCTHeader: restapi.GetSecureExpectCTHeader(), + IsDevelopment: false, + } + secureMiddleware := secure.New(secureOptions) + return secureMiddleware.Handler(next) +} diff --git a/operatorapi/consts.go b/operatorapi/consts.go new file mode 100644 index 000000000..aae433116 --- /dev/null +++ b/operatorapi/consts.go @@ -0,0 +1,75 @@ +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . + +package operatorapi + +// list of all console environment constants +const ( + // Constants for common configuration + ConsoleMinIOServer = "CONSOLE_MINIO_SERVER" + ConsoleMinIORegion = "CONSOLE_MINIO_REGION" + ConsoleProductionMode = "CONSOLE_PRODUCTION_MODE" + ConsoleHostname = "CONSOLE_HOSTNAME" + ConsolePort = "CONSOLE_PORT" + ConsoleTLSHostname = "CONSOLE_TLS_HOSTNAME" + ConsoleTLSPort = "CONSOLE_TLS_PORT" + ConsoleSubnetLicense = "CONSOLE_SUBNET_LICENSE" + + // Constants for Secure middleware + ConsoleSecureAllowedHosts = "CONSOLE_SECURE_ALLOWED_HOSTS" + ConsoleSecureAllowedHostsAreRegex = "CONSOLE_SECURE_ALLOWED_HOSTS_ARE_REGEX" + ConsoleSecureFrameDeny = "CONSOLE_SECURE_FRAME_DENY" + ConsoleSecureContentTypeNoSniff = "CONSOLE_SECURE_CONTENT_TYPE_NO_SNIFF" + ConsoleSecureBrowserXSSFilter = "CONSOLE_SECURE_BROWSER_XSS_FILTER" + ConsoleSecureContentSecurityPolicy = "CONSOLE_SECURE_CONTENT_SECURITY_POLICY" + ConsoleSecureContentSecurityPolicyReportOnly = "CONSOLE_SECURE_CONTENT_SECURITY_POLICY_REPORT_ONLY" + ConsoleSecureHostsProxyHeaders = "CONSOLE_SECURE_HOSTS_PROXY_HEADERS" + ConsoleSecureSTSSeconds = "CONSOLE_SECURE_STS_SECONDS" + ConsoleSecureSTSIncludeSubdomains = "CONSOLE_SECURE_STS_INCLUDE_SUB_DOMAINS" + ConsoleSecureSTSPreload = "CONSOLE_SECURE_STS_PRELOAD" + ConsoleSecureTLSRedirect = "CONSOLE_SECURE_TLS_REDIRECT" + ConsoleSecureTLSHost = "CONSOLE_SECURE_TLS_HOST" + ConsoleSecureTLSTemporaryRedirect = "CONSOLE_SECURE_TLS_TEMPORARY_REDIRECT" + ConsoleSecureForceSTSHeader = "CONSOLE_SECURE_FORCE_STS_HEADER" + ConsoleSecurePublicKey = "CONSOLE_SECURE_PUBLIC_KEY" + ConsoleSecureReferrerPolicy = "CONSOLE_SECURE_REFERRER_POLICY" + ConsoleSecureFeaturePolicy = "CONSOLE_SECURE_FEATURE_POLICY" + ConsoleSecureExpectCTHeader = "CONSOLE_SECURE_EXPECT_CT_HEADER" + ConsoleOperatorSAToken = "CONSOLE_OPERATOR_SA_TOKEN" + ConsoleOperatorConsoleImage = "CONSOLE_OPERATOR_CONSOLE_IMAGE" + PrometheusURL = "CONSOLE_PROMETHEUS_URL" + PrometheusJobID = "CONSOLE_PROMETHEUS_JOB_ID" + ConsoleLogQueryURL = "CONSOLE_LOG_QUERY_URL" + ConsoleLogQueryAuthToken = "CONSOLE_LOG_QUERY_AUTH_TOKEN" + LogSearchQueryAuthToken = "LOGSEARCH_QUERY_AUTH_TOKEN" + + // Constants for prometheus annotations + prometheusPath = "prometheus.io/path" + prometheusPort = "prometheus.io/port" + prometheusScrape = "prometheus.io/scrape" +) + +// Image versions +const ( + KESImageVersion = "minio/kes:v0.13.4" + ConsoleImageDefaultVersion = "minio/console:v0.7.5" +) + +// K8s + +const ( + OperatorSubnetLicenseSecretName = "subnet-license" +) diff --git a/operatorapi/doc.go b/operatorapi/doc.go new file mode 100644 index 000000000..4bfcf0853 --- /dev/null +++ b/operatorapi/doc.go @@ -0,0 +1,35 @@ +// Code generated by go-swagger; DO NOT EDIT. +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +// Package operatorapi MinIO Console Server +// +// Schemes: +// http +// ws +// Host: localhost +// BasePath: /api/v1 +// Version: 0.1.0 +// +// Consumes: +// - application/json +// +// Produces: +// - application/json +// +// swagger:meta +package operatorapi diff --git a/operatorapi/embedded_spec.go b/operatorapi/embedded_spec.go new file mode 100644 index 000000000..84be83bc4 --- /dev/null +++ b/operatorapi/embedded_spec.go @@ -0,0 +1,10340 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package operatorapi + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "encoding/json" +) + +var ( + // SwaggerJSON embedded version of the swagger document used at generation time + SwaggerJSON json.RawMessage + // FlatSwaggerJSON embedded flattened version of the swagger document used at generation time + FlatSwaggerJSON json.RawMessage +) + +func init() { + SwaggerJSON = json.RawMessage([]byte(`{ + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "schemes": [ + "http", + "ws" + ], + "swagger": "2.0", + "info": { + "title": "MinIO Console Server", + "version": "0.1.0" + }, + "basePath": "/api/v1", + "paths": { + "/cluster/max-allocatable-memory": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "Get maximum allocatable memory for given number of nodes", + "operationId": "GetMaxAllocatableMem", + "parameters": [ + { + "minimum": 1, + "type": "integer", + "format": "int32", + "name": "num_nodes", + "in": "query", + "required": true + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/maxAllocatableMemResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/direct-csi/drives": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "Get direct-csi drives list", + "operationId": "GetDirectCSIDriveList", + "parameters": [ + { + "type": "string", + "name": "nodes", + "in": "query" + }, + { + "type": "string", + "name": "drives", + "in": "query" + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/getDirectCSIDriveListResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/direct-csi/drives/format": { + "post": { + "tags": [ + "OperatorAPI" + ], + "summary": "Format direct-csi drives from a list", + "operationId": "DirectCSIFormatDrive", + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/formatConfiguration" + } + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/formatDirectCSIDrivesResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/direct-csi/volumes": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "Get direct-csi volumes list", + "operationId": "GetDirectCSIVolumeList", + "parameters": [ + { + "type": "string", + "name": "nodes", + "in": "query" + }, + { + "type": "string", + "name": "drives", + "in": "query" + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/getDirectCSIVolumeListResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/get-parity/{nodes}/{disksPerNode}": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "Gets parity by sending number of nodes \u0026 number of disks", + "operationId": "GetParity", + "parameters": [ + { + "minimum": 2, + "type": "integer", + "name": "nodes", + "in": "path", + "required": true + }, + { + "minimum": 1, + "type": "integer", + "name": "disksPerNode", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/parityResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/list-pvcs": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "List all PVCs from namespaces that the user has access to", + "operationId": "ListPVCs", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/listPVCsResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/login": { + "get": { + "security": [], + "tags": [ + "UserAPI" + ], + "summary": "Returns login strategy, form or sso.", + "operationId": "LoginDetail", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/loginDetails" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + }, + "post": { + "security": [], + "tags": [ + "UserAPI" + ], + "summary": "Login to Console", + "operationId": "Login", + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/loginRequest" + } + } + ], + "responses": { + "201": { + "description": "A successful login.", + "schema": { + "$ref": "#/definitions/loginResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/login/oauth2/auth": { + "post": { + "security": [], + "tags": [ + "UserAPI" + ], + "summary": "Identity Provider oauth2 callback endpoint.", + "operationId": "LoginOauth2Auth", + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/loginOauth2AuthRequest" + } + } + ], + "responses": { + "201": { + "description": "A successful login.", + "schema": { + "$ref": "#/definitions/loginResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/login/operator": { + "post": { + "security": [], + "tags": [ + "UserAPI" + ], + "summary": "Login to Operator Console.", + "operationId": "LoginOperator", + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/loginOperatorRequest" + } + } + ], + "responses": { + "201": { + "description": "A successful login.", + "schema": { + "$ref": "#/definitions/loginResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/logout": { + "post": { + "tags": [ + "UserAPI" + ], + "summary": "Logout from Console.", + "operationId": "Logout", + "responses": { + "200": { + "description": "A successful response." + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/namespace": { + "post": { + "tags": [ + "OperatorAPI" + ], + "summary": "Creates a new Namespace with given information", + "operationId": "CreateNamespace", + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/namespace" + } + } + ], + "responses": { + "201": { + "description": "A successful response." + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/namespaces/{namespace}/resourcequotas/{resource-quota-name}": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "Get Resource Quota", + "operationId": "GetResourceQuota", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "resource-quota-name", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/resourceQuota" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/namespaces/{namespace}/tenants": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "List Tenants by Namespace", + "operationId": "ListTenants", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "sort_by", + "in": "query" + }, + { + "type": "integer", + "format": "int32", + "name": "offset", + "in": "query" + }, + { + "type": "integer", + "format": "int32", + "name": "limit", + "in": "query" + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/listTenantsResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/namespaces/{namespace}/tenants/{tenant}": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "Tenant Details", + "operationId": "TenantDetails", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/tenant" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + }, + "put": { + "tags": [ + "OperatorAPI" + ], + "summary": "Update Tenant", + "operationId": "UpdateTenant", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/updateTenantRequest" + } + } + ], + "responses": { + "201": { + "description": "A successful response." + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + }, + "delete": { + "tags": [ + "OperatorAPI" + ], + "summary": "Delete tenant and underlying pvcs", + "operationId": "DeleteTenant", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + }, + { + "name": "body", + "in": "body", + "schema": { + "$ref": "#/definitions/deleteTenantRequest" + } + } + ], + "responses": { + "204": { + "description": "A successful response." + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/namespaces/{namespace}/tenants/{tenant}/certificates": { + "put": { + "tags": [ + "OperatorAPI" + ], + "summary": "Tenant Update Certificates", + "operationId": "TenantUpdateCertificate", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/tlsConfiguration" + } + } + ], + "responses": { + "201": { + "description": "A successful response." + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/namespaces/{namespace}/tenants/{tenant}/encryption": { + "put": { + "tags": [ + "OperatorAPI" + ], + "summary": "Tenant Update Encryption", + "operationId": "TenantUpdateEncryption", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/encryptionConfiguration" + } + } + ], + "responses": { + "201": { + "description": "A successful response." + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/namespaces/{namespace}/tenants/{tenant}/pods": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "Get Pods For The Tenant", + "operationId": "GetTenantPods", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "type": "array", + "items": { + "$ref": "#/definitions/tenantPod" + } + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/namespaces/{namespace}/tenants/{tenant}/pods/{podName}": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "Get Logs for Pod", + "operationId": "GetPodLogs", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "podName", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "type": "string" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + }, + "delete": { + "tags": [ + "OperatorAPI" + ], + "summary": "Delete pod", + "operationId": "DeletePod", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "podName", + "in": "path", + "required": true + } + ], + "responses": { + "204": { + "description": "A successful response." + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/namespaces/{namespace}/tenants/{tenant}/pods/{podName}/events": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "Get Events for Pod", + "operationId": "GetPodEvents", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "podName", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/eventListWrapper" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/namespaces/{namespace}/tenants/{tenant}/pools": { + "put": { + "tags": [ + "OperatorAPI" + ], + "summary": "Tenant Update Pools", + "operationId": "TenantUpdatePools", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/poolUpdateRequest" + } + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/tenant" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + }, + "post": { + "tags": [ + "OperatorAPI" + ], + "summary": "Tenant Add Pool", + "operationId": "TenantAddPool", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/pool" + } + } + ], + "responses": { + "201": { + "description": "A successful response." + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/namespaces/{namespace}/tenants/{tenant}/security": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "Tenant Security", + "operationId": "TenantSecurity", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/tenantSecurityResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + }, + "post": { + "tags": [ + "OperatorAPI" + ], + "summary": "Update Tenant Security", + "operationId": "UpdateTenantSecurity", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/updateTenantSecurityRequest" + } + } + ], + "responses": { + "204": { + "description": "A successful response." + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/namespaces/{namespace}/tenants/{tenant}/usage": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "Get Usage For The Tenant", + "operationId": "GetTenantUsage", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/tenantUsage" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/namespaces/{namespace}/tenants/{tenant}/yaml": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "Get the Tenant YAML", + "operationId": "GetTenantYAML", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/tenantYAML" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + }, + "put": { + "tags": [ + "OperatorAPI" + ], + "summary": "Put the Tenant YAML", + "operationId": "PutTenantYAML", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/tenantYAML" + } + } + ], + "responses": { + "201": { + "description": "A successful response." + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/nodes/labels": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "List node labels", + "operationId": "ListNodeLabels", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/nodeLabels" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/session": { + "get": { + "tags": [ + "UserAPI" + ], + "summary": "Endpoint to check if your session is still valid", + "operationId": "SessionCheck", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/sessionResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/subscription/info": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "Subscription info", + "operationId": "SubscriptionInfo", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/license" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/subscription/namespaces/{namespace}/tenants/{tenant}/activate": { + "post": { + "tags": [ + "OperatorAPI" + ], + "summary": "Activate a particular tenant using the existing subscription license", + "operationId": "SubscriptionActivate", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + } + ], + "responses": { + "204": { + "description": "A successful response." + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/subscription/refresh": { + "post": { + "tags": [ + "OperatorAPI" + ], + "summary": "Refresh existing subscription license", + "operationId": "SubscriptionRefresh", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/license" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/subscription/validate": { + "post": { + "tags": [ + "OperatorAPI" + ], + "summary": "Validates subscription license", + "operationId": "SubscriptionValidate", + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/subscriptionValidateRequest" + } + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/license" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/tenants": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "List Tenant of All Namespaces", + "operationId": "ListAllTenants", + "parameters": [ + { + "type": "string", + "name": "sort_by", + "in": "query" + }, + { + "type": "integer", + "format": "int32", + "name": "offset", + "in": "query" + }, + { + "type": "integer", + "format": "int32", + "name": "limit", + "in": "query" + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/listTenantsResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + }, + "post": { + "tags": [ + "OperatorAPI" + ], + "summary": "Create Tenant", + "operationId": "CreateTenant", + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/createTenantRequest" + } + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/createTenantResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + } + }, + "definitions": { + "accountChangePasswordRequest": { + "type": "object", + "required": [ + "current_secret_key", + "new_secret_key" + ], + "properties": { + "current_secret_key": { + "type": "string" + }, + "new_secret_key": { + "type": "string" + } + } + }, + "addBucketLifecycle": { + "type": "object", + "properties": { + "disable": { + "description": "Non required, toggle to disable or enable rule", + "type": "boolean" + }, + "expired_object_delete_marker": { + "description": "Non required, toggle to disable or enable rule", + "type": "boolean" + }, + "expiry_date": { + "description": "Required in case of expiry_days or transition fields are not set. it defines an expiry date for ILM", + "type": "string" + }, + "expiry_days": { + "description": "Required in case of expiry_date or transition fields are not set. it defines an expiry days for ILM", + "type": "integer", + "format": "int32", + "default": 0 + }, + "noncurrentversion_expiration_days": { + "description": "Non required, can be set in case of expiration is enabled", + "type": "integer", + "format": "int32", + "default": 0 + }, + "noncurrentversion_transition_days": { + "description": "Non required, can be set in case of transition is enabled", + "type": "integer", + "format": "int32", + "default": 0 + }, + "noncurrentversion_transition_storage_class": { + "description": "Non required, can be set in case of transition is enabled", + "type": "string" + }, + "prefix": { + "description": "Non required field, it matches a prefix to perform ILM operations on it", + "type": "string" + }, + "storage_class": { + "description": "Required only in case of transition is set. it refers to a tier", + "type": "string" + }, + "tags": { + "description": "Non required field, tags to match ILM files", + "type": "string" + }, + "transition_date": { + "description": "Required in case of transition_days or expiry fields are not set. it defines a transition date for ILM", + "type": "string" + }, + "transition_days": { + "description": "Required in case of transition_date or expiry fields are not set. it defines a transition days for ILM", + "type": "integer", + "format": "int32", + "default": 0 + } + } + }, + "addBucketReplication": { + "type": "object", + "properties": { + "arn": { + "type": "string" + }, + "destination_bucket": { + "type": "string" + } + } + }, + "addGroupRequest": { + "type": "object", + "required": [ + "group", + "members" + ], + "properties": { + "group": { + "type": "string" + }, + "members": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "addPolicyRequest": { + "type": "object", + "required": [ + "name", + "policy" + ], + "properties": { + "name": { + "type": "string" + }, + "policy": { + "type": "string" + } + } + }, + "addUserRequest": { + "type": "object", + "required": [ + "accessKey", + "secretKey", + "groups" + ], + "properties": { + "accessKey": { + "type": "string" + }, + "groups": { + "type": "array", + "items": { + "type": "string" + } + }, + "secretKey": { + "type": "string" + } + } + }, + "adminInfoResponse": { + "type": "object", + "properties": { + "buckets": { + "type": "integer" + }, + "objects": { + "type": "integer" + }, + "usage": { + "type": "integer" + }, + "widgets": { + "type": "array", + "items": { + "$ref": "#/definitions/widget" + } + } + } + }, + "arnsResponse": { + "type": "object", + "properties": { + "arns": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "awsConfiguration": { + "type": "object", + "required": [ + "secretsmanager" + ], + "properties": { + "secretsmanager": { + "type": "object", + "required": [ + "endpoint", + "region", + "credentials" + ], + "properties": { + "credentials": { + "type": "object", + "required": [ + "accesskey", + "secretkey" + ], + "properties": { + "accesskey": { + "type": "string" + }, + "secretkey": { + "type": "string" + }, + "token": { + "type": "string" + } + } + }, + "endpoint": { + "type": "string" + }, + "kmskey": { + "type": "string" + }, + "region": { + "type": "string" + } + } + } + } + }, + "bucket": { + "type": "object", + "required": [ + "name" + ], + "properties": { + "access": { + "$ref": "#/definitions/bucketAccess" + }, + "creation_date": { + "type": "string" + }, + "name": { + "type": "string", + "minLength": 3 + }, + "size": { + "type": "integer", + "format": "int64" + } + } + }, + "bucketAccess": { + "type": "string", + "default": "PRIVATE", + "enum": [ + "PRIVATE", + "PUBLIC", + "CUSTOM" + ] + }, + "bucketEncryptionInfo": { + "type": "object", + "properties": { + "algorithm": { + "type": "string" + }, + "kmsMasterKeyID": { + "type": "string" + } + } + }, + "bucketEncryptionRequest": { + "type": "object", + "properties": { + "encType": { + "$ref": "#/definitions/bucketEncryptionType" + }, + "kmsKeyID": { + "type": "string" + } + } + }, + "bucketEncryptionType": { + "type": "string", + "default": "sse-s3", + "enum": [ + "sse-s3", + "sse-kms" + ] + }, + "bucketEventRequest": { + "type": "object", + "required": [ + "configuration" + ], + "properties": { + "configuration": { + "$ref": "#/definitions/notificationConfig" + }, + "ignoreExisting": { + "type": "boolean" + } + } + }, + "bucketLifecycleResponse": { + "type": "object", + "properties": { + "lifecycle": { + "type": "array", + "items": { + "$ref": "#/definitions/objectBucketLifecycle" + } + } + } + }, + "bucketObLockingResponse": { + "type": "object", + "properties": { + "object_locking_enabled": { + "type": "boolean" + } + } + }, + "bucketObject": { + "type": "object", + "properties": { + "content_type": { + "type": "string" + }, + "expiration": { + "type": "string" + }, + "expiration_rule_id": { + "type": "string" + }, + "is_delete_marker": { + "type": "boolean" + }, + "is_latest": { + "type": "boolean" + }, + "last_modified": { + "type": "string" + }, + "legal_hold_status": { + "type": "string" + }, + "name": { + "type": "string" + }, + "retention_mode": { + "type": "string" + }, + "retention_until_date": { + "type": "string" + }, + "size": { + "type": "integer", + "format": "int64" + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "user_tags": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "version_id": { + "type": "string" + } + } + }, + "bucketQuota": { + "type": "object", + "properties": { + "quota": { + "type": "integer" + }, + "type": { + "type": "string", + "enum": [ + "hard", + "fifo" + ] + } + } + }, + "bucketReplicationDestination": { + "type": "object", + "properties": { + "bucket": { + "type": "string" + } + } + }, + "bucketReplicationResponse": { + "type": "object", + "properties": { + "rules": { + "type": "array", + "items": { + "$ref": "#/definitions/bucketReplicationRule" + } + } + } + }, + "bucketReplicationRule": { + "type": "object", + "properties": { + "bandwidth": { + "type": "string" + }, + "delete_marker_replication": { + "type": "boolean" + }, + "deletes_replication": { + "type": "boolean" + }, + "destination": { + "$ref": "#/definitions/bucketReplicationDestination" + }, + "healthCheckPeriod": { + "type": "integer" + }, + "id": { + "type": "string" + }, + "metadata_replication": { + "type": "boolean" + }, + "prefix": { + "type": "string" + }, + "priority": { + "type": "integer", + "format": "int32" + }, + "status": { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + "syncMode": { + "type": "string", + "default": "async", + "enum": [ + "async", + "sync" + ] + }, + "tags": { + "type": "string" + } + } + }, + "bucketVersioningResponse": { + "type": "object", + "properties": { + "is_versioned": { + "type": "boolean" + } + } + }, + "bulkUserGroups": { + "type": "object", + "required": [ + "users", + "groups" + ], + "properties": { + "groups": { + "type": "array", + "items": { + "type": "string" + } + }, + "users": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "certificateInfo": { + "type": "object", + "properties": { + "domains": { + "type": "array", + "items": { + "type": "string" + } + }, + "expiry": { + "type": "string" + }, + "name": { + "type": "string" + }, + "serialNumber": { + "type": "string" + } + } + }, + "changeUserPasswordRequest": { + "type": "object", + "required": [ + "selectedUser", + "newSecretKey" + ], + "properties": { + "newSecretKey": { + "type": "string" + }, + "selectedUser": { + "type": "string" + } + } + }, + "configDescription": { + "type": "object", + "properties": { + "description": { + "type": "string" + }, + "key": { + "type": "string" + } + } + }, + "configuration": { + "type": "object", + "properties": { + "key_values": { + "type": "array", + "items": { + "$ref": "#/definitions/configurationKV" + } + }, + "name": { + "type": "string" + } + } + }, + "configurationKV": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "consoleConfiguration": { + "allOf": [ + { + "$ref": "#/definitions/metadataFields" + }, + { + "type": "object", + "properties": { + "image": { + "type": "string" + } + } + } + ] + }, + "createRemoteBucket": { + "required": [ + "accessKey", + "secretKey", + "targetURL", + "sourceBucket", + "targetBucket" + ], + "properties": { + "accessKey": { + "type": "string", + "minLength": 3 + }, + "bandwidth": { + "type": "integer", + "format": "int64" + }, + "healthCheckPeriod": { + "type": "integer", + "format": "int32" + }, + "region": { + "type": "string" + }, + "secretKey": { + "type": "string", + "minLength": 8 + }, + "sourceBucket": { + "type": "string" + }, + "syncMode": { + "type": "string", + "default": "async", + "enum": [ + "async", + "sync" + ] + }, + "targetBucket": { + "type": "string" + }, + "targetURL": { + "type": "string" + } + } + }, + "createTenantRequest": { + "type": "object", + "required": [ + "name", + "namespace", + "pools" + ], + "properties": { + "access_key": { + "type": "string" + }, + "annotations": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "console": { + "type": "object", + "$ref": "#/definitions/consoleConfiguration" + }, + "console_image": { + "type": "string" + }, + "enable_console": { + "type": "boolean", + "default": true + }, + "enable_prometheus": { + "type": "boolean", + "default": false + }, + "enable_tls": { + "type": "boolean", + "default": true + }, + "encryption": { + "type": "object", + "$ref": "#/definitions/encryptionConfiguration" + }, + "erasureCodingParity": { + "type": "integer" + }, + "expose_console": { + "type": "boolean" + }, + "expose_minio": { + "type": "boolean" + }, + "idp": { + "type": "object", + "$ref": "#/definitions/idpConfiguration" + }, + "image": { + "type": "string" + }, + "image_pull_secret": { + "type": "string" + }, + "image_registry": { + "$ref": "#/definitions/imageRegistry" + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "logSearchConfiguration": { + "$ref": "#/definitions/logSearchConfiguration" + }, + "mounth_path": { + "type": "string" + }, + "name": { + "type": "string", + "pattern": "^[a-z0-9-]{3,63}$" + }, + "namespace": { + "type": "string" + }, + "pools": { + "type": "array", + "items": { + "$ref": "#/definitions/pool" + } + }, + "prometheusConfiguration": { + "$ref": "#/definitions/prometheusConfiguration" + }, + "secret_key": { + "type": "string" + }, + "tls": { + "type": "object", + "$ref": "#/definitions/tlsConfiguration" + } + } + }, + "createTenantResponse": { + "type": "object", + "properties": { + "console": { + "type": "array", + "items": { + "$ref": "#/definitions/tenantResponseItem" + } + } + } + }, + "csiFormatErrorResponse": { + "type": "object", + "properties": { + "drive": { + "type": "string" + }, + "error": { + "type": "string" + }, + "node": { + "type": "string" + } + } + }, + "deleteTenantRequest": { + "type": "object", + "properties": { + "delete_pvcs": { + "type": "boolean" + } + } + }, + "directCSIDriveInfo": { + "type": "object", + "properties": { + "allocated": { + "type": "number", + "format": "int64" + }, + "capacity": { + "type": "number", + "format": "int64" + }, + "drive": { + "type": "string" + }, + "message": { + "type": "string" + }, + "node": { + "type": "string" + }, + "status": { + "type": "string" + }, + "volumes": { + "type": "number", + "format": "int64" + } + } + }, + "directCSIVolumeInfo": { + "type": "object", + "properties": { + "capacity": { + "type": "number", + "format": "int64" + }, + "drive": { + "type": "string" + }, + "node": { + "type": "string" + }, + "volume": { + "type": "string" + } + } + }, + "encryptionConfiguration": { + "allOf": [ + { + "$ref": "#/definitions/metadataFields" + }, + { + "type": "object", + "properties": { + "aws": { + "type": "object", + "$ref": "#/definitions/awsConfiguration" + }, + "client": { + "type": "object", + "$ref": "#/definitions/keyPairConfiguration" + }, + "gcp": { + "type": "object", + "$ref": "#/definitions/gcpConfiguration" + }, + "gemalto": { + "type": "object", + "$ref": "#/definitions/gemaltoConfiguration" + }, + "image": { + "type": "string" + }, + "replicas": { + "type": "string" + }, + "server": { + "type": "object", + "$ref": "#/definitions/keyPairConfiguration" + }, + "vault": { + "type": "object", + "$ref": "#/definitions/vaultConfiguration" + } + } + } + ] + }, + "error": { + "type": "object", + "required": [ + "message" + ], + "properties": { + "code": { + "type": "integer", + "format": "int32" + }, + "message": { + "type": "string" + } + } + }, + "eventListElement": { + "type": "object", + "properties": { + "event_type": { + "type": "string" + }, + "last_seen": { + "type": "integer", + "format": "int64" + }, + "message": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "object": { + "type": "string" + }, + "reason": { + "type": "string" + } + } + }, + "eventListWrapper": { + "type": "array", + "items": { + "$ref": "#/definitions/eventListElement" + } + }, + "expirationResponse": { + "type": "object", + "properties": { + "date": { + "type": "string" + }, + "days": { + "type": "integer", + "format": "int64" + }, + "delete_marker": { + "type": "boolean" + } + } + }, + "formatConfiguration": { + "type": "object", + "required": [ + "drives", + "force" + ], + "properties": { + "drives": { + "type": "array", + "minLength": 1, + "items": { + "type": "string" + } + }, + "force": { + "type": "boolean" + } + } + }, + "formatDirectCSIDrivesResponse": { + "type": "object", + "properties": { + "formatIssuesList": { + "type": "array", + "items": { + "$ref": "#/definitions/csiFormatErrorResponse" + } + } + } + }, + "gcpConfiguration": { + "type": "object", + "required": [ + "secretmanager" + ], + "properties": { + "secretmanager": { + "type": "object", + "required": [ + "project_id" + ], + "properties": { + "credentials": { + "type": "object", + "properties": { + "client_email": { + "type": "string" + }, + "client_id": { + "type": "string" + }, + "private_key": { + "type": "string" + }, + "private_key_id": { + "type": "string" + } + } + }, + "endpoint": { + "type": "string" + }, + "project_id": { + "type": "string" + } + } + } + } + }, + "gemaltoConfiguration": { + "type": "object", + "required": [ + "keysecure" + ], + "properties": { + "keysecure": { + "type": "object", + "required": [ + "endpoint", + "credentials" + ], + "properties": { + "credentials": { + "type": "object", + "required": [ + "token", + "domain" + ], + "properties": { + "domain": { + "type": "string" + }, + "retry": { + "type": "integer", + "format": "int64" + }, + "token": { + "type": "string" + } + } + }, + "endpoint": { + "type": "string" + }, + "tls": { + "type": "object", + "required": [ + "ca" + ], + "properties": { + "ca": { + "type": "string" + } + } + } + } + } + } + }, + "getBucketRetentionConfig": { + "type": "object", + "properties": { + "mode": { + "$ref": "#/definitions/objectRetentionMode" + }, + "unit": { + "$ref": "#/definitions/objectRetentionUnit" + }, + "validity": { + "type": "integer", + "format": "int32" + } + } + }, + "getDirectCSIDriveListResponse": { + "type": "object", + "properties": { + "drives": { + "type": "array", + "items": { + "$ref": "#/definitions/directCSIDriveInfo" + } + } + } + }, + "getDirectCSIVolumeListResponse": { + "type": "object", + "properties": { + "volumes": { + "type": "array", + "items": { + "$ref": "#/definitions/directCSIVolumeInfo" + } + } + } + }, + "group": { + "type": "object", + "properties": { + "members": { + "type": "array", + "items": { + "type": "string" + } + }, + "name": { + "type": "string" + }, + "policy": { + "type": "string" + }, + "status": { + "type": "string" + } + } + }, + "hasPermissionRequest": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/definitions/policyArgs" + } + } + } + }, + "hasPermissionResponse": { + "type": "object", + "properties": { + "permissions": { + "type": "array", + "items": { + "$ref": "#/definitions/permissionAction" + } + } + } + }, + "iamEntity": { + "type": "string", + "pattern": "^[\\w+=,.@-]{1,64}$" + }, + "idpConfiguration": { + "type": "object", + "properties": { + "active_directory": { + "type": "object", + "required": [ + "url", + "username_format", + "user_search_filter" + ], + "properties": { + "group_name_attribute": { + "type": "string" + }, + "group_search_base_dn": { + "type": "string" + }, + "group_search_filter": { + "type": "string" + }, + "server_insecure": { + "type": "boolean" + }, + "skip_tls_verification": { + "type": "boolean" + }, + "url": { + "type": "string" + }, + "user_search_filter": { + "type": "string" + }, + "username_format": { + "type": "string" + } + } + }, + "keys": { + "type": "array", + "items": { + "type": "object", + "required": [ + "access_key", + "secret_key" + ], + "properties": { + "access_key": { + "type": "string" + }, + "secret_key": { + "type": "string" + } + } + } + }, + "oidc": { + "type": "object", + "required": [ + "url", + "client_id", + "secret_id" + ], + "properties": { + "client_id": { + "type": "string" + }, + "secret_id": { + "type": "string" + }, + "url": { + "type": "string" + } + } + } + } + }, + "imageRegistry": { + "type": "object", + "required": [ + "registry", + "username", + "password" + ], + "properties": { + "password": { + "type": "string" + }, + "registry": { + "type": "string" + }, + "username": { + "type": "string" + } + } + }, + "keyPairConfiguration": { + "type": "object", + "required": [ + "crt", + "key" + ], + "properties": { + "crt": { + "type": "string" + }, + "key": { + "type": "string" + } + } + }, + "license": { + "type": "object", + "properties": { + "account_id": { + "type": "integer" + }, + "email": { + "type": "string" + }, + "expires_at": { + "type": "string" + }, + "organization": { + "type": "string" + }, + "plan": { + "type": "string" + }, + "storage_capacity": { + "type": "integer" + } + } + }, + "lifecycleTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "listBucketEventsResponse": { + "type": "object", + "properties": { + "events": { + "type": "array", + "items": { + "$ref": "#/definitions/notificationConfig" + } + }, + "total": { + "type": "integer", + "format": "int64", + "title": "total number of bucket events" + } + } + }, + "listBucketsResponse": { + "type": "object", + "properties": { + "buckets": { + "type": "array", + "title": "list of resulting buckets", + "items": { + "$ref": "#/definitions/bucket" + } + }, + "total": { + "type": "integer", + "format": "int64", + "title": "number of buckets accessible to tenant user" + } + } + }, + "listConfigResponse": { + "type": "object", + "properties": { + "configurations": { + "type": "array", + "items": { + "$ref": "#/definitions/configDescription" + } + }, + "total": { + "type": "integer", + "format": "int64", + "title": "total number of configurations" + } + } + }, + "listExternalBucketsParams": { + "required": [ + "accessKey", + "secretKey", + "targetURL", + "useTLS" + ], + "properties": { + "accessKey": { + "type": "string", + "minLength": 3 + }, + "region": { + "type": "string" + }, + "secretKey": { + "type": "string", + "minLength": 8 + }, + "targetURL": { + "type": "string" + }, + "useTLS": { + "type": "boolean" + } + } + }, + "listGroupsResponse": { + "type": "object", + "properties": { + "groups": { + "type": "array", + "title": "list of groups", + "items": { + "type": "string" + } + }, + "total": { + "type": "integer", + "format": "int64", + "title": "total number of groups" + } + } + }, + "listObjectsResponse": { + "type": "object", + "properties": { + "objects": { + "type": "array", + "title": "list of resulting objects", + "items": { + "$ref": "#/definitions/bucketObject" + } + }, + "total": { + "type": "integer", + "format": "int64", + "title": "number of objects" + } + } + }, + "listPVCsResponse": { + "type": "object", + "properties": { + "pvcs": { + "type": "array", + "items": { + "$ref": "#/definitions/pvcsListResponse" + } + } + } + }, + "listPoliciesResponse": { + "type": "object", + "properties": { + "policies": { + "type": "array", + "title": "list of policies", + "items": { + "$ref": "#/definitions/policy" + } + }, + "total": { + "type": "integer", + "format": "int64", + "title": "total number of policies" + } + } + }, + "listRemoteBucketsResponse": { + "type": "object", + "properties": { + "buckets": { + "type": "array", + "title": "list of remote buckets", + "items": { + "$ref": "#/definitions/remoteBucket" + } + }, + "total": { + "type": "integer", + "format": "int64", + "title": "number of remote buckets accessible to user" + } + } + }, + "listTenantsResponse": { + "type": "object", + "properties": { + "tenants": { + "type": "array", + "title": "list of resulting tenants", + "items": { + "$ref": "#/definitions/tenantList" + } + }, + "total": { + "type": "integer", + "format": "int64", + "title": "number of tenants accessible to tenant user" + } + } + }, + "listUsersResponse": { + "type": "object", + "properties": { + "users": { + "type": "array", + "title": "list of resulting users", + "items": { + "$ref": "#/definitions/user" + } + } + } + }, + "logSearchConfiguration": { + "type": "object", + "properties": { + "image": { + "type": "string" + }, + "postgres_image": { + "type": "string" + }, + "storageClass": { + "type": "string", + "default": "" + }, + "storageSize": { + "type": "number", + "default": 5 + } + } + }, + "logSearchResponse": { + "type": "object", + "properties": { + "results": { + "type": "object", + "title": "list of log search responses" + } + } + }, + "loginDetails": { + "type": "object", + "properties": { + "loginStrategy": { + "type": "string", + "enum": [ + "form", + "redirect", + "service-account" + ] + }, + "redirect": { + "type": "string" + } + } + }, + "loginOauth2AuthRequest": { + "type": "object", + "required": [ + "state", + "code" + ], + "properties": { + "code": { + "type": "string" + }, + "state": { + "type": "string" + } + } + }, + "loginOperatorRequest": { + "type": "object", + "required": [ + "jwt" + ], + "properties": { + "jwt": { + "type": "string" + } + } + }, + "loginRequest": { + "type": "object", + "required": [ + "accessKey", + "secretKey" + ], + "properties": { + "accessKey": { + "type": "string" + }, + "secretKey": { + "type": "string" + } + } + }, + "loginResponse": { + "type": "object", + "properties": { + "sessionId": { + "type": "string" + } + } + }, + "makeBucketRequest": { + "type": "object", + "required": [ + "name" + ], + "properties": { + "locking": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "quota": { + "$ref": "#/definitions/setBucketQuota" + }, + "retention": { + "$ref": "#/definitions/putBucketRetentionRequest" + }, + "versioning": { + "type": "boolean" + } + } + }, + "maxAllocatableMemResponse": { + "type": "object", + "properties": { + "max_memory": { + "type": "integer", + "format": "int64" + } + } + }, + "metadataFields": { + "type": "object", + "properties": { + "annotations": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "node_selector": { + "type": "object", + "additionalProperties": { + "type": "string" + } + } + } + }, + "multiBucketReplication": { + "required": [ + "accessKey", + "secretKey", + "targetURL", + "bucketsRelation" + ], + "properties": { + "accessKey": { + "type": "string", + "minLength": 3 + }, + "bandwidth": { + "type": "integer", + "format": "int64" + }, + "bucketsRelation": { + "type": "array", + "minLength": 1, + "items": { + "$ref": "#/definitions/multiBucketsRelation" + } + }, + "healthCheckPeriod": { + "type": "integer", + "format": "int32" + }, + "prefix": { + "type": "string" + }, + "region": { + "type": "string" + }, + "replicateDeleteMarkers": { + "type": "boolean" + }, + "replicateDeletes": { + "type": "boolean" + }, + "replicateMetadata": { + "type": "boolean" + }, + "secretKey": { + "type": "string", + "minLength": 8 + }, + "syncMode": { + "type": "string", + "default": "async", + "enum": [ + "async", + "sync" + ] + }, + "tags": { + "type": "string" + }, + "targetURL": { + "type": "string" + } + } + }, + "multiBucketResponseItem": { + "type": "object", + "properties": { + "errorString": { + "type": "string" + }, + "originBucket": { + "type": "string" + }, + "targetBucket": { + "type": "string" + } + } + }, + "multiBucketResponseState": { + "type": "object", + "properties": { + "replicationState": { + "type": "array", + "items": { + "$ref": "#/definitions/multiBucketResponseItem" + } + } + } + }, + "multiBucketsRelation": { + "type": "object", + "properties": { + "destinationBucket": { + "type": "string" + }, + "originBucket": { + "type": "string" + } + } + }, + "namespace": { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string" + } + } + }, + "nodeLabels": { + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "type": "string" + } + } + }, + "nodeSelectorTerm": { + "description": "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", + "type": "object", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "type": "array", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "type": "object", + "required": [ + "key", + "operator" + ], + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "type": "array", + "items": { + "type": "string" + } + } + } + } + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "type": "array", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "type": "object", + "required": [ + "key", + "operator" + ], + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "type": "array", + "items": { + "type": "string" + } + } + } + } + } + } + }, + "nofiticationService": { + "type": "string", + "enum": [ + "webhook", + "amqp", + "kafka", + "mqtt", + "nats", + "nsq", + "mysql", + "postgres", + "elasticsearch", + "redis" + ] + }, + "notifEndpointResponse": { + "type": "object", + "properties": { + "notification_endpoints": { + "type": "array", + "items": { + "$ref": "#/definitions/notificationEndpointItem" + } + } + } + }, + "notificationConfig": { + "type": "object", + "required": [ + "arn" + ], + "properties": { + "arn": { + "type": "string" + }, + "events": { + "type": "array", + "title": "filter specific type of event. Defaults to all event (default: '[put,delete,get]')", + "items": { + "$ref": "#/definitions/notificationEventType" + } + }, + "id": { + "type": "string" + }, + "prefix": { + "type": "string", + "title": "filter event associated to the specified prefix" + }, + "suffix": { + "type": "string", + "title": "filter event associated to the specified suffix" + } + } + }, + "notificationDeleteRequest": { + "type": "object", + "required": [ + "events", + "prefix", + "suffix" + ], + "properties": { + "events": { + "type": "array", + "title": "filter specific type of event. Defaults to all event (default: '[put,delete,get]')", + "minLength": 1, + "items": { + "$ref": "#/definitions/notificationEventType" + } + }, + "prefix": { + "type": "string", + "title": "filter event associated to the specified prefix" + }, + "suffix": { + "type": "string", + "title": "filter event associated to the specified suffix" + } + } + }, + "notificationEndpoint": { + "type": "object", + "required": [ + "service", + "account_id", + "properties" + ], + "properties": { + "account_id": { + "type": "string" + }, + "properties": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "service": { + "$ref": "#/definitions/nofiticationService" + } + } + }, + "notificationEndpointItem": { + "type": "object", + "properties": { + "account_id": { + "type": "string" + }, + "service": { + "$ref": "#/definitions/nofiticationService" + }, + "status": { + "type": "string" + } + } + }, + "notificationEventType": { + "type": "string", + "enum": [ + "put", + "delete", + "get" + ] + }, + "objectBucketLifecycle": { + "type": "object", + "properties": { + "expiration": { + "$ref": "#/definitions/expirationResponse" + }, + "id": { + "type": "string" + }, + "prefix": { + "type": "string" + }, + "status": { + "type": "string" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/definitions/lifecycleTag" + } + }, + "transition": { + "$ref": "#/definitions/transitionResponse" + } + } + }, + "objectLegalHoldStatus": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + }, + "objectRetentionMode": { + "type": "string", + "enum": [ + "governance", + "compliance" + ] + }, + "objectRetentionUnit": { + "type": "string", + "enum": [ + "days", + "years" + ] + }, + "parityResponse": { + "type": "array", + "items": { + "type": "string" + } + }, + "permissionAction": { + "type": "object", + "properties": { + "can": { + "type": "boolean" + }, + "id": { + "type": "string" + } + } + }, + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "type": "object", + "required": [ + "topologyKey" + ], + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "type": "object", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "type": "array", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "type": "object", + "required": [ + "key", + "operator" + ], + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "type": "array", + "items": { + "type": "string" + } + } + } + } + }, + "matchLabels": { + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object", + "additionalProperties": { + "type": "string" + } + } + } + }, + "namespaces": { + "description": "namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means \"this pod's namespace\"", + "type": "array", + "items": { + "type": "string" + } + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + } + }, + "policy": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "policy": { + "type": "string" + } + } + }, + "policyArgs": { + "type": "object", + "properties": { + "action": { + "type": "string" + }, + "bucket_name": { + "type": "string" + }, + "id": { + "type": "string" + } + } + }, + "policyEntity": { + "type": "string", + "default": "user", + "enum": [ + "user", + "group" + ] + }, + "pool": { + "type": "object", + "required": [ + "servers", + "volumes_per_server", + "volume_configuration" + ], + "properties": { + "affinity": { + "$ref": "#/definitions/poolAffinity" + }, + "name": { + "type": "string" + }, + "node_selector": { + "description": "NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node's labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/", + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "resources": { + "$ref": "#/definitions/poolResources" + }, + "servers": { + "type": "integer" + }, + "tolerations": { + "$ref": "#/definitions/poolTolerations" + }, + "volume_configuration": { + "type": "object", + "required": [ + "size" + ], + "properties": { + "annotations": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "size": { + "type": "integer" + }, + "storage_class_name": { + "type": "string" + } + } + }, + "volumes_per_server": { + "type": "integer", + "format": "int32" + } + } + }, + "poolAffinity": { + "description": "If specified, affinity will define the pod's scheduling constraints", + "type": "object", + "properties": { + "nodeAffinity": { + "description": "Describes node affinity scheduling rules for the pod.", + "type": "object", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.", + "type": "array", + "items": { + "description": "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", + "type": "object", + "required": [ + "preference", + "weight" + ], + "properties": { + "preference": { + "description": "A node selector term, associated with the corresponding weight.", + "type": "object", + "$ref": "#/definitions/nodeSelectorTerm" + }, + "weight": { + "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", + "type": "integer", + "format": "int32" + } + } + } + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", + "type": "object", + "required": [ + "nodeSelectorTerms" + ], + "properties": { + "nodeSelectorTerms": { + "description": "Required. A list of node selector terms. The terms are ORed.", + "type": "array", + "items": { + "$ref": "#/definitions/nodeSelectorTerm" + } + } + } + } + } + }, + "podAffinity": { + "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, pool, etc. as some other pod(s)).", + "type": "object", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "type": "array", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "type": "object", + "required": [ + "podAffinityTerm", + "weight" + ], + "properties": { + "podAffinityTerm": { + "$ref": "#/definitions/podAffinityTerm" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "type": "integer", + "format": "int32" + } + } + } + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "type": "array", + "items": { + "$ref": "#/definitions/podAffinityTerm" + } + } + } + }, + "podAntiAffinity": { + "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, pool, etc. as some other pod(s)).", + "type": "object", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "type": "array", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "type": "object", + "required": [ + "podAffinityTerm", + "weight" + ], + "properties": { + "podAffinityTerm": { + "$ref": "#/definitions/podAffinityTerm" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "type": "integer", + "format": "int32" + } + } + } + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "type": "array", + "items": { + "$ref": "#/definitions/podAffinityTerm" + } + } + } + } + } + }, + "poolResources": { + "description": "If provided, use these requests and limit for cpu/memory resource allocation", + "type": "object", + "properties": { + "limits": { + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/", + "type": "object", + "additionalProperties": { + "type": "integer", + "format": "int64" + } + }, + "requests": { + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/", + "type": "object", + "additionalProperties": { + "type": "integer", + "format": "int64" + } + } + } + }, + "poolTolerationSeconds": { + "description": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.", + "type": "object", + "required": [ + "seconds" + ], + "properties": { + "seconds": { + "type": "integer", + "format": "int64" + } + } + }, + "poolTolerations": { + "description": "Tolerations allows users to set entries like effect, key, operator, value.", + "type": "array", + "items": { + "description": "The pod this Toleration is attached to tolerates any taint that matches the triple \u003ckey,value,effect\u003e using the matching operator \u003coperator\u003e.", + "type": "object", + "properties": { + "effect": { + "description": "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", + "type": "string" + }, + "key": { + "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.", + "type": "string" + }, + "operator": { + "description": "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.", + "type": "string" + }, + "tolerationSeconds": { + "$ref": "#/definitions/poolTolerationSeconds" + }, + "value": { + "description": "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.", + "type": "string" + } + } + } + }, + "poolUpdateRequest": { + "type": "object", + "required": [ + "pools" + ], + "properties": { + "pools": { + "type": "array", + "items": { + "$ref": "#/definitions/pool" + } + } + } + }, + "principal": { + "type": "object", + "properties": { + "STSAccessKeyID": { + "type": "string" + }, + "STSSecretAccessKey": { + "type": "string" + }, + "STSSessionToken": { + "type": "string" + }, + "accountAccessKey": { + "type": "string" + }, + "actions": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "profilerType": { + "type": "string", + "enum": [ + "cpu", + "mem", + "block", + "mutex", + "trace", + "threads", + "goroutines" + ] + }, + "profilingStartRequest": { + "type": "object", + "required": [ + "type" + ], + "properties": { + "type": { + "$ref": "#/definitions/profilerType" + } + } + }, + "prometheusConfiguration": { + "type": "object", + "properties": { + "image": { + "type": "string" + }, + "storageClass": { + "type": "string", + "default": "" + }, + "storageSize": { + "type": "number", + "default": 5 + } + } + }, + "putBucketRetentionRequest": { + "type": "object", + "required": [ + "mode", + "unit", + "validity" + ], + "properties": { + "mode": { + "$ref": "#/definitions/objectRetentionMode" + }, + "unit": { + "$ref": "#/definitions/objectRetentionUnit" + }, + "validity": { + "type": "integer", + "format": "int32" + } + } + }, + "putObjectLegalHoldRequest": { + "type": "object", + "required": [ + "status" + ], + "properties": { + "status": { + "$ref": "#/definitions/objectLegalHoldStatus" + } + } + }, + "putObjectRetentionRequest": { + "type": "object", + "required": [ + "mode", + "expires" + ], + "properties": { + "expires": { + "type": "string" + }, + "governance_bypass": { + "type": "boolean" + }, + "mode": { + "$ref": "#/definitions/objectRetentionMode" + } + } + }, + "putObjectTagsRequest": { + "type": "object", + "properties": { + "tags": { + "additionalProperties": { + "type": "string" + } + } + } + }, + "pvcsListResponse": { + "type": "object", + "properties": { + "age": { + "type": "string" + }, + "capacity": { + "type": "string" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "status": { + "type": "string" + }, + "storageClass": { + "type": "string" + }, + "volume": { + "type": "string" + } + } + }, + "remoteBucket": { + "type": "object", + "required": [ + "accessKey", + "sourceBucket", + "remoteARN" + ], + "properties": { + "accessKey": { + "type": "string", + "minLength": 3 + }, + "bandwidth": { + "type": "integer", + "format": "int64" + }, + "healthCheckPeriod": { + "type": "integer" + }, + "remoteARN": { + "type": "string" + }, + "secretKey": { + "type": "string", + "minLength": 8 + }, + "service": { + "type": "string", + "enum": [ + "replication" + ] + }, + "sourceBucket": { + "type": "string" + }, + "status": { + "type": "string" + }, + "syncMode": { + "type": "string" + }, + "targetBucket": { + "type": "string" + }, + "targetURL": { + "type": "string" + } + } + }, + "resourceQuota": { + "type": "object", + "properties": { + "elements": { + "type": "array", + "items": { + "$ref": "#/definitions/resourceQuotaElement" + } + }, + "name": { + "type": "string" + } + } + }, + "resourceQuotaElement": { + "type": "object", + "properties": { + "hard": { + "type": "integer", + "format": "int64" + }, + "name": { + "type": "string" + }, + "used": { + "type": "integer", + "format": "int64" + } + } + }, + "resultTarget": { + "type": "object", + "properties": { + "legendFormat": { + "type": "string" + }, + "result": { + "type": "array", + "items": { + "$ref": "#/definitions/widgetResult" + } + }, + "resultType": { + "type": "string" + } + } + }, + "rewindItem": { + "type": "object", + "properties": { + "action": { + "type": "string" + }, + "delete_flag": { + "type": "boolean" + }, + "last_modified": { + "type": "string" + }, + "name": { + "type": "string" + }, + "size": { + "type": "integer", + "format": "int64" + }, + "version_id": { + "type": "string" + } + } + }, + "rewindResponse": { + "type": "object", + "properties": { + "objects": { + "type": "array", + "items": { + "$ref": "#/definitions/rewindItem" + } + } + } + }, + "serviceAccountCreds": { + "type": "object", + "properties": { + "accessKey": { + "type": "string" + }, + "secretKey": { + "type": "string" + } + } + }, + "serviceAccountRequest": { + "type": "object", + "properties": { + "policy": { + "type": "string", + "title": "policy to be applied to the Service Account if any" + } + } + }, + "serviceAccounts": { + "type": "array", + "items": { + "type": "string" + } + }, + "sessionResponse": { + "type": "object", + "properties": { + "features": { + "type": "array", + "items": { + "type": "string" + } + }, + "operator": { + "type": "boolean" + }, + "pages": { + "type": "array", + "items": { + "type": "string" + } + }, + "status": { + "type": "string", + "enum": [ + "ok" + ] + } + } + }, + "setBucketPolicyRequest": { + "type": "object", + "required": [ + "access" + ], + "properties": { + "access": { + "$ref": "#/definitions/bucketAccess" + } + } + }, + "setBucketQuota": { + "type": "object", + "required": [ + "enabled" + ], + "properties": { + "amount": { + "type": "integer" + }, + "enabled": { + "type": "boolean" + }, + "quota_type": { + "type": "string", + "enum": [ + "fifo", + "hard" + ] + } + } + }, + "setBucketVersioning": { + "type": "object", + "properties": { + "versioning": { + "type": "boolean" + } + } + }, + "setConfigRequest": { + "type": "object", + "required": [ + "key_values" + ], + "properties": { + "arn_resource_id": { + "type": "string", + "title": "Used if configuration is an event notification's target" + }, + "key_values": { + "type": "array", + "minItems": 1, + "items": { + "$ref": "#/definitions/configurationKV" + } + } + } + }, + "setConfigResponse": { + "type": "object", + "properties": { + "restart": { + "description": "Returns wheter server needs to restart to apply changes or not", + "type": "boolean" + } + } + }, + "setNotificationEndpointResponse": { + "type": "object", + "required": [ + "service", + "account_id", + "properties" + ], + "properties": { + "account_id": { + "type": "string" + }, + "properties": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "restart": { + "type": "boolean" + }, + "service": { + "$ref": "#/definitions/nofiticationService" + } + } + }, + "setPolicyMultipleRequest": { + "type": "object", + "properties": { + "groups": { + "type": "array", + "items": { + "$ref": "#/definitions/iamEntity" + } + }, + "users": { + "type": "array", + "items": { + "$ref": "#/definitions/iamEntity" + } + } + } + }, + "setPolicyRequest": { + "type": "object", + "required": [ + "entityType", + "entityName" + ], + "properties": { + "entityName": { + "type": "string" + }, + "entityType": { + "$ref": "#/definitions/policyEntity" + } + } + }, + "startProfilingItem": { + "type": "object", + "properties": { + "error": { + "type": "string" + }, + "nodeName": { + "type": "string" + }, + "success": { + "type": "boolean" + } + } + }, + "startProfilingList": { + "type": "object", + "properties": { + "startResults": { + "type": "array", + "items": { + "$ref": "#/definitions/startProfilingItem" + } + }, + "total": { + "type": "integer", + "format": "int64", + "title": "number of start results" + } + } + }, + "subscriptionValidateRequest": { + "type": "object", + "properties": { + "email": { + "type": "string" + }, + "license": { + "type": "string" + }, + "password": { + "type": "string" + } + } + }, + "tenant": { + "type": "object", + "properties": { + "consoleEnabled": { + "type": "boolean" + }, + "consoleTLS": { + "type": "boolean" + }, + "console_image": { + "type": "string" + }, + "creation_date": { + "type": "string" + }, + "currentState": { + "type": "string" + }, + "deletion_date": { + "type": "string" + }, + "enable_prometheus": { + "type": "boolean" + }, + "encryptionEnabled": { + "type": "boolean" + }, + "endpoints": { + "type": "object", + "properties": { + "console": { + "type": "string" + }, + "minio": { + "type": "string" + } + } + }, + "idpAdEnabled": { + "type": "boolean" + }, + "idpOicEnabled": { + "type": "boolean" + }, + "image": { + "type": "string" + }, + "logEnabled": { + "type": "boolean" + }, + "minioTLS": { + "type": "boolean" + }, + "monitoringEnabled": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "pools": { + "type": "array", + "items": { + "$ref": "#/definitions/pool" + } + }, + "status": { + "$ref": "#/definitions/tenantStatus" + }, + "subnet_license": { + "$ref": "#/definitions/license" + }, + "total_size": { + "type": "integer", + "format": "int64" + } + } + }, + "tenantList": { + "type": "object", + "properties": { + "creation_date": { + "type": "string" + }, + "currentState": { + "type": "string" + }, + "deletion_date": { + "type": "string" + }, + "health_status": { + "type": "string" + }, + "instance_count": { + "type": "integer" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "pool_count": { + "type": "integer" + }, + "total_size": { + "type": "integer" + }, + "volume_count": { + "type": "integer" + } + } + }, + "tenantPod": { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string" + }, + "node": { + "type": "string" + }, + "podIP": { + "type": "string" + }, + "restarts": { + "type": "integer" + }, + "status": { + "type": "string" + }, + "timeCreated": { + "type": "integer" + } + } + }, + "tenantResponseItem": { + "type": "object", + "properties": { + "access_key": { + "type": "string" + }, + "secret_key": { + "type": "string" + } + } + }, + "tenantSecurityResponse": { + "type": "object", + "properties": { + "autoCert": { + "type": "boolean" + }, + "customCertificates": { + "type": "object", + "properties": { + "console": { + "type": "array", + "items": { + "$ref": "#/definitions/certificateInfo" + } + }, + "consoleCAs": { + "type": "array", + "items": { + "$ref": "#/definitions/certificateInfo" + } + }, + "minio": { + "type": "array", + "items": { + "$ref": "#/definitions/certificateInfo" + } + }, + "minioCAs": { + "type": "array", + "items": { + "$ref": "#/definitions/certificateInfo" + } + } + } + } + } + }, + "tenantStatus": { + "type": "object", + "properties": { + "drives_healing": { + "type": "integer", + "format": "int32" + }, + "drives_offline": { + "type": "integer", + "format": "int32" + }, + "drives_online": { + "type": "integer", + "format": "int32" + }, + "health_status": { + "type": "string" + }, + "write_quorum": { + "type": "integer", + "format": "int32" + } + } + }, + "tenantUsage": { + "type": "object", + "properties": { + "disk_used": { + "type": "integer", + "format": "int64" + }, + "used": { + "type": "integer", + "format": "int64" + } + } + }, + "tenantYAML": { + "type": "object", + "properties": { + "yaml": { + "type": "string" + } + } + }, + "tier": { + "type": "object", + "properties": { + "azure": { + "type": "object", + "$ref": "#/definitions/tier_azure" + }, + "gcs": { + "type": "object", + "$ref": "#/definitions/tier_gcs" + }, + "s3": { + "type": "object", + "$ref": "#/definitions/tier_s3" + }, + "type": { + "type": "string", + "enum": [ + "s3", + "gcs", + "azure", + "unsupported" + ] + } + } + }, + "tierCredentialsRequest": { + "type": "object", + "properties": { + "access_key": { + "type": "string" + }, + "creds": { + "description": "a base64 encoded value", + "type": "string" + }, + "secret_key": { + "type": "string" + } + } + }, + "tierListResponse": { + "type": "object", + "properties": { + "items": { + "type": "array", + "items": { + "$ref": "#/definitions/tier" + } + } + } + }, + "tier_azure": { + "type": "object", + "properties": { + "accountkey": { + "type": "string" + }, + "accountname": { + "type": "string" + }, + "bucket": { + "type": "string" + }, + "endpoint": { + "type": "string" + }, + "name": { + "type": "string" + }, + "prefix": { + "type": "string" + }, + "region": { + "type": "string" + } + } + }, + "tier_gcs": { + "type": "object", + "properties": { + "bucket": { + "type": "string" + }, + "creds": { + "type": "string" + }, + "endpoint": { + "type": "string" + }, + "name": { + "type": "string" + }, + "prefix": { + "type": "string" + }, + "region": { + "type": "string" + } + } + }, + "tier_s3": { + "type": "object", + "properties": { + "accesskey": { + "type": "string" + }, + "bucket": { + "type": "string" + }, + "endpoint": { + "type": "string" + }, + "name": { + "type": "string" + }, + "prefix": { + "type": "string" + }, + "region": { + "type": "string" + }, + "secretkey": { + "type": "string" + }, + "storageclass": { + "type": "string" + } + } + }, + "tlsConfiguration": { + "type": "object", + "properties": { + "ca_certificates": { + "type": "array", + "items": { + "type": "string" + } + }, + "console": { + "type": "object", + "$ref": "#/definitions/keyPairConfiguration" + }, + "console_ca_certificates": { + "type": "array", + "items": { + "type": "string" + } + }, + "minio": { + "type": "array", + "items": { + "$ref": "#/definitions/keyPairConfiguration" + } + } + } + }, + "transitionResponse": { + "type": "object", + "properties": { + "date": { + "type": "string" + }, + "days": { + "type": "integer", + "format": "int64" + }, + "storage_class": { + "type": "string" + } + } + }, + "updateBucketLifecycle": { + "type": "object", + "properties": { + "disable": { + "type": "boolean" + }, + "tags": { + "type": "string" + } + } + }, + "updateGroupRequest": { + "type": "object", + "required": [ + "members", + "status" + ], + "properties": { + "members": { + "type": "array", + "items": { + "type": "string" + } + }, + "status": { + "type": "string" + } + } + }, + "updateTenantRequest": { + "type": "object", + "properties": { + "console_image": { + "type": "string", + "pattern": "^((.*?)/(.*?):(.+))$" + }, + "enable_prometheus": { + "type": "boolean" + }, + "image": { + "type": "string", + "pattern": "^((.*?)/(.*?):(.+))$" + }, + "image_pull_secret": { + "type": "string" + }, + "image_registry": { + "$ref": "#/definitions/imageRegistry" + } + } + }, + "updateTenantSecurityRequest": { + "type": "object", + "properties": { + "autoCert": { + "type": "boolean" + }, + "customCertificates": { + "type": "object", + "properties": { + "console": { + "type": "array", + "items": { + "$ref": "#/definitions/keyPairConfiguration" + } + }, + "consoleCAs": { + "type": "array", + "items": { + "type": "string" + } + }, + "minio": { + "type": "array", + "items": { + "$ref": "#/definitions/keyPairConfiguration" + } + }, + "minioCAs": { + "type": "array", + "items": { + "type": "string" + } + }, + "secretsToBeDeleted": { + "type": "array", + "items": { + "type": "string" + } + } + } + } + } + }, + "updateUser": { + "type": "object", + "required": [ + "status", + "groups" + ], + "properties": { + "groups": { + "type": "array", + "items": { + "type": "string" + } + }, + "status": { + "type": "string" + } + } + }, + "updateUserGroups": { + "type": "object", + "required": [ + "groups" + ], + "properties": { + "groups": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "user": { + "type": "object", + "properties": { + "accessKey": { + "type": "string" + }, + "memberOf": { + "type": "array", + "items": { + "type": "string" + } + }, + "policy": { + "type": "array", + "items": { + "type": "string" + } + }, + "status": { + "type": "string" + } + } + }, + "vaultConfiguration": { + "type": "object", + "required": [ + "endpoint", + "approle" + ], + "properties": { + "approle": { + "type": "object", + "required": [ + "id", + "secret" + ], + "properties": { + "engine": { + "type": "string" + }, + "id": { + "type": "string" + }, + "retry": { + "type": "integer", + "format": "int64" + }, + "secret": { + "type": "string" + } + } + }, + "endpoint": { + "type": "string" + }, + "engine": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "prefix": { + "type": "string" + }, + "status": { + "type": "object", + "properties": { + "ping": { + "type": "integer", + "format": "int64" + } + } + }, + "tls": { + "type": "object", + "properties": { + "ca": { + "type": "string" + }, + "crt": { + "type": "string" + }, + "key": { + "type": "string" + } + } + } + } + }, + "widget": { + "type": "object", + "properties": { + "id": { + "type": "integer", + "format": "int32" + }, + "options": { + "type": "object", + "properties": { + "reduceOptions": { + "type": "object", + "properties": { + "calcs": { + "type": "array", + "items": { + "type": "string" + } + } + } + } + } + }, + "targets": { + "type": "array", + "items": { + "$ref": "#/definitions/resultTarget" + } + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + } + } + }, + "widgetDetails": { + "type": "object", + "properties": { + "id": { + "type": "integer", + "format": "int32" + }, + "options": { + "type": "object", + "properties": { + "reduceOptions": { + "type": "object", + "properties": { + "calcs": { + "type": "array", + "items": { + "type": "string" + } + } + } + } + } + }, + "targets": { + "type": "array", + "items": { + "$ref": "#/definitions/resultTarget" + } + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + } + } + }, + "widgetResult": { + "type": "object", + "properties": { + "metric": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "values": { + "type": "array", + "items": {} + } + } + } + }, + "securityDefinitions": { + "key": { + "type": "oauth2", + "flow": "accessCode", + "authorizationUrl": "http://min.io", + "tokenUrl": "http://min.io" + } + }, + "security": [ + { + "key": [] + } + ] +}`)) + FlatSwaggerJSON = json.RawMessage([]byte(`{ + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "schemes": [ + "http", + "ws" + ], + "swagger": "2.0", + "info": { + "title": "MinIO Console Server", + "version": "0.1.0" + }, + "basePath": "/api/v1", + "paths": { + "/cluster/max-allocatable-memory": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "Get maximum allocatable memory for given number of nodes", + "operationId": "GetMaxAllocatableMem", + "parameters": [ + { + "minimum": 1, + "type": "integer", + "format": "int32", + "name": "num_nodes", + "in": "query", + "required": true + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/maxAllocatableMemResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/direct-csi/drives": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "Get direct-csi drives list", + "operationId": "GetDirectCSIDriveList", + "parameters": [ + { + "type": "string", + "name": "nodes", + "in": "query" + }, + { + "type": "string", + "name": "drives", + "in": "query" + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/getDirectCSIDriveListResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/direct-csi/drives/format": { + "post": { + "tags": [ + "OperatorAPI" + ], + "summary": "Format direct-csi drives from a list", + "operationId": "DirectCSIFormatDrive", + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/formatConfiguration" + } + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/formatDirectCSIDrivesResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/direct-csi/volumes": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "Get direct-csi volumes list", + "operationId": "GetDirectCSIVolumeList", + "parameters": [ + { + "type": "string", + "name": "nodes", + "in": "query" + }, + { + "type": "string", + "name": "drives", + "in": "query" + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/getDirectCSIVolumeListResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/get-parity/{nodes}/{disksPerNode}": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "Gets parity by sending number of nodes \u0026 number of disks", + "operationId": "GetParity", + "parameters": [ + { + "minimum": 2, + "type": "integer", + "name": "nodes", + "in": "path", + "required": true + }, + { + "minimum": 1, + "type": "integer", + "name": "disksPerNode", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/parityResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/list-pvcs": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "List all PVCs from namespaces that the user has access to", + "operationId": "ListPVCs", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/listPVCsResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/login": { + "get": { + "security": [], + "tags": [ + "UserAPI" + ], + "summary": "Returns login strategy, form or sso.", + "operationId": "LoginDetail", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/loginDetails" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + }, + "post": { + "security": [], + "tags": [ + "UserAPI" + ], + "summary": "Login to Console", + "operationId": "Login", + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/loginRequest" + } + } + ], + "responses": { + "201": { + "description": "A successful login.", + "schema": { + "$ref": "#/definitions/loginResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/login/oauth2/auth": { + "post": { + "security": [], + "tags": [ + "UserAPI" + ], + "summary": "Identity Provider oauth2 callback endpoint.", + "operationId": "LoginOauth2Auth", + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/loginOauth2AuthRequest" + } + } + ], + "responses": { + "201": { + "description": "A successful login.", + "schema": { + "$ref": "#/definitions/loginResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/login/operator": { + "post": { + "security": [], + "tags": [ + "UserAPI" + ], + "summary": "Login to Operator Console.", + "operationId": "LoginOperator", + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/loginOperatorRequest" + } + } + ], + "responses": { + "201": { + "description": "A successful login.", + "schema": { + "$ref": "#/definitions/loginResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/logout": { + "post": { + "tags": [ + "UserAPI" + ], + "summary": "Logout from Console.", + "operationId": "Logout", + "responses": { + "200": { + "description": "A successful response." + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/namespace": { + "post": { + "tags": [ + "OperatorAPI" + ], + "summary": "Creates a new Namespace with given information", + "operationId": "CreateNamespace", + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/namespace" + } + } + ], + "responses": { + "201": { + "description": "A successful response." + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/namespaces/{namespace}/resourcequotas/{resource-quota-name}": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "Get Resource Quota", + "operationId": "GetResourceQuota", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "resource-quota-name", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/resourceQuota" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/namespaces/{namespace}/tenants": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "List Tenants by Namespace", + "operationId": "ListTenants", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "sort_by", + "in": "query" + }, + { + "type": "integer", + "format": "int32", + "name": "offset", + "in": "query" + }, + { + "type": "integer", + "format": "int32", + "name": "limit", + "in": "query" + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/listTenantsResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/namespaces/{namespace}/tenants/{tenant}": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "Tenant Details", + "operationId": "TenantDetails", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/tenant" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + }, + "put": { + "tags": [ + "OperatorAPI" + ], + "summary": "Update Tenant", + "operationId": "UpdateTenant", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/updateTenantRequest" + } + } + ], + "responses": { + "201": { + "description": "A successful response." + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + }, + "delete": { + "tags": [ + "OperatorAPI" + ], + "summary": "Delete tenant and underlying pvcs", + "operationId": "DeleteTenant", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + }, + { + "name": "body", + "in": "body", + "schema": { + "$ref": "#/definitions/deleteTenantRequest" + } + } + ], + "responses": { + "204": { + "description": "A successful response." + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/namespaces/{namespace}/tenants/{tenant}/certificates": { + "put": { + "tags": [ + "OperatorAPI" + ], + "summary": "Tenant Update Certificates", + "operationId": "TenantUpdateCertificate", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/tlsConfiguration" + } + } + ], + "responses": { + "201": { + "description": "A successful response." + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/namespaces/{namespace}/tenants/{tenant}/encryption": { + "put": { + "tags": [ + "OperatorAPI" + ], + "summary": "Tenant Update Encryption", + "operationId": "TenantUpdateEncryption", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/encryptionConfiguration" + } + } + ], + "responses": { + "201": { + "description": "A successful response." + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/namespaces/{namespace}/tenants/{tenant}/pods": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "Get Pods For The Tenant", + "operationId": "GetTenantPods", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "type": "array", + "items": { + "$ref": "#/definitions/tenantPod" + } + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/namespaces/{namespace}/tenants/{tenant}/pods/{podName}": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "Get Logs for Pod", + "operationId": "GetPodLogs", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "podName", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "type": "string" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + }, + "delete": { + "tags": [ + "OperatorAPI" + ], + "summary": "Delete pod", + "operationId": "DeletePod", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "podName", + "in": "path", + "required": true + } + ], + "responses": { + "204": { + "description": "A successful response." + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/namespaces/{namespace}/tenants/{tenant}/pods/{podName}/events": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "Get Events for Pod", + "operationId": "GetPodEvents", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "podName", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/eventListWrapper" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/namespaces/{namespace}/tenants/{tenant}/pools": { + "put": { + "tags": [ + "OperatorAPI" + ], + "summary": "Tenant Update Pools", + "operationId": "TenantUpdatePools", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/poolUpdateRequest" + } + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/tenant" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + }, + "post": { + "tags": [ + "OperatorAPI" + ], + "summary": "Tenant Add Pool", + "operationId": "TenantAddPool", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/pool" + } + } + ], + "responses": { + "201": { + "description": "A successful response." + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/namespaces/{namespace}/tenants/{tenant}/security": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "Tenant Security", + "operationId": "TenantSecurity", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/tenantSecurityResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + }, + "post": { + "tags": [ + "OperatorAPI" + ], + "summary": "Update Tenant Security", + "operationId": "UpdateTenantSecurity", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/updateTenantSecurityRequest" + } + } + ], + "responses": { + "204": { + "description": "A successful response." + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/namespaces/{namespace}/tenants/{tenant}/usage": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "Get Usage For The Tenant", + "operationId": "GetTenantUsage", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/tenantUsage" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/namespaces/{namespace}/tenants/{tenant}/yaml": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "Get the Tenant YAML", + "operationId": "GetTenantYAML", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/tenantYAML" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + }, + "put": { + "tags": [ + "OperatorAPI" + ], + "summary": "Put the Tenant YAML", + "operationId": "PutTenantYAML", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/tenantYAML" + } + } + ], + "responses": { + "201": { + "description": "A successful response." + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/nodes/labels": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "List node labels", + "operationId": "ListNodeLabels", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/nodeLabels" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/session": { + "get": { + "tags": [ + "UserAPI" + ], + "summary": "Endpoint to check if your session is still valid", + "operationId": "SessionCheck", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/sessionResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/subscription/info": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "Subscription info", + "operationId": "SubscriptionInfo", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/license" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/subscription/namespaces/{namespace}/tenants/{tenant}/activate": { + "post": { + "tags": [ + "OperatorAPI" + ], + "summary": "Activate a particular tenant using the existing subscription license", + "operationId": "SubscriptionActivate", + "parameters": [ + { + "type": "string", + "name": "namespace", + "in": "path", + "required": true + }, + { + "type": "string", + "name": "tenant", + "in": "path", + "required": true + } + ], + "responses": { + "204": { + "description": "A successful response." + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/subscription/refresh": { + "post": { + "tags": [ + "OperatorAPI" + ], + "summary": "Refresh existing subscription license", + "operationId": "SubscriptionRefresh", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/license" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/subscription/validate": { + "post": { + "tags": [ + "OperatorAPI" + ], + "summary": "Validates subscription license", + "operationId": "SubscriptionValidate", + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/subscriptionValidateRequest" + } + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/license" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, + "/tenants": { + "get": { + "tags": [ + "OperatorAPI" + ], + "summary": "List Tenant of All Namespaces", + "operationId": "ListAllTenants", + "parameters": [ + { + "type": "string", + "name": "sort_by", + "in": "query" + }, + { + "type": "integer", + "format": "int32", + "name": "offset", + "in": "query" + }, + { + "type": "integer", + "format": "int32", + "name": "limit", + "in": "query" + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/listTenantsResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + }, + "post": { + "tags": [ + "OperatorAPI" + ], + "summary": "Create Tenant", + "operationId": "CreateTenant", + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/createTenantRequest" + } + } + ], + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/createTenantResponse" + } + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + } + }, + "definitions": { + "AwsConfigurationSecretsmanager": { + "type": "object", + "required": [ + "endpoint", + "region", + "credentials" + ], + "properties": { + "credentials": { + "type": "object", + "required": [ + "accesskey", + "secretkey" + ], + "properties": { + "accesskey": { + "type": "string" + }, + "secretkey": { + "type": "string" + }, + "token": { + "type": "string" + } + } + }, + "endpoint": { + "type": "string" + }, + "kmskey": { + "type": "string" + }, + "region": { + "type": "string" + } + } + }, + "AwsConfigurationSecretsmanagerCredentials": { + "type": "object", + "required": [ + "accesskey", + "secretkey" + ], + "properties": { + "accesskey": { + "type": "string" + }, + "secretkey": { + "type": "string" + }, + "token": { + "type": "string" + } + } + }, + "GcpConfigurationSecretmanager": { + "type": "object", + "required": [ + "project_id" + ], + "properties": { + "credentials": { + "type": "object", + "properties": { + "client_email": { + "type": "string" + }, + "client_id": { + "type": "string" + }, + "private_key": { + "type": "string" + }, + "private_key_id": { + "type": "string" + } + } + }, + "endpoint": { + "type": "string" + }, + "project_id": { + "type": "string" + } + } + }, + "GcpConfigurationSecretmanagerCredentials": { + "type": "object", + "properties": { + "client_email": { + "type": "string" + }, + "client_id": { + "type": "string" + }, + "private_key": { + "type": "string" + }, + "private_key_id": { + "type": "string" + } + } + }, + "GemaltoConfigurationKeysecure": { + "type": "object", + "required": [ + "endpoint", + "credentials" + ], + "properties": { + "credentials": { + "type": "object", + "required": [ + "token", + "domain" + ], + "properties": { + "domain": { + "type": "string" + }, + "retry": { + "type": "integer", + "format": "int64" + }, + "token": { + "type": "string" + } + } + }, + "endpoint": { + "type": "string" + }, + "tls": { + "type": "object", + "required": [ + "ca" + ], + "properties": { + "ca": { + "type": "string" + } + } + } + } + }, + "GemaltoConfigurationKeysecureCredentials": { + "type": "object", + "required": [ + "token", + "domain" + ], + "properties": { + "domain": { + "type": "string" + }, + "retry": { + "type": "integer", + "format": "int64" + }, + "token": { + "type": "string" + } + } + }, + "GemaltoConfigurationKeysecureTLS": { + "type": "object", + "required": [ + "ca" + ], + "properties": { + "ca": { + "type": "string" + } + } + }, + "IdpConfigurationActiveDirectory": { + "type": "object", + "required": [ + "url", + "username_format", + "user_search_filter" + ], + "properties": { + "group_name_attribute": { + "type": "string" + }, + "group_search_base_dn": { + "type": "string" + }, + "group_search_filter": { + "type": "string" + }, + "server_insecure": { + "type": "boolean" + }, + "skip_tls_verification": { + "type": "boolean" + }, + "url": { + "type": "string" + }, + "user_search_filter": { + "type": "string" + }, + "username_format": { + "type": "string" + } + } + }, + "IdpConfigurationKeysItems0": { + "type": "object", + "required": [ + "access_key", + "secret_key" + ], + "properties": { + "access_key": { + "type": "string" + }, + "secret_key": { + "type": "string" + } + } + }, + "IdpConfigurationOidc": { + "type": "object", + "required": [ + "url", + "client_id", + "secret_id" + ], + "properties": { + "client_id": { + "type": "string" + }, + "secret_id": { + "type": "string" + }, + "url": { + "type": "string" + } + } + }, + "NodeSelectorTermMatchExpressionsItems0": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "type": "object", + "required": [ + "key", + "operator" + ], + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "NodeSelectorTermMatchFieldsItems0": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "type": "object", + "required": [ + "key", + "operator" + ], + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "PodAffinityTermLabelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "type": "object", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "type": "array", + "items": { + "$ref": "#/definitions/PodAffinityTermLabelSelectorMatchExpressionsItems0" + } + }, + "matchLabels": { + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object", + "additionalProperties": { + "type": "string" + } + } + } + }, + "PodAffinityTermLabelSelectorMatchExpressionsItems0": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "type": "object", + "required": [ + "key", + "operator" + ], + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "PoolAffinityNodeAffinity": { + "description": "Describes node affinity scheduling rules for the pod.", + "type": "object", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.", + "type": "array", + "items": { + "$ref": "#/definitions/PoolAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0" + } + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", + "type": "object", + "required": [ + "nodeSelectorTerms" + ], + "properties": { + "nodeSelectorTerms": { + "description": "Required. A list of node selector terms. The terms are ORed.", + "type": "array", + "items": { + "$ref": "#/definitions/nodeSelectorTerm" + } + } + } + } + } + }, + "PoolAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0": { + "description": "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", + "type": "object", + "required": [ + "preference", + "weight" + ], + "properties": { + "preference": { + "description": "A node selector term, associated with the corresponding weight.", + "type": "object", + "$ref": "#/definitions/nodeSelectorTerm" + }, + "weight": { + "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", + "type": "integer", + "format": "int32" + } + } + }, + "PoolAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", + "type": "object", + "required": [ + "nodeSelectorTerms" + ], + "properties": { + "nodeSelectorTerms": { + "description": "Required. A list of node selector terms. The terms are ORed.", + "type": "array", + "items": { + "$ref": "#/definitions/nodeSelectorTerm" + } + } + } + }, + "PoolAffinityPodAffinity": { + "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, pool, etc. as some other pod(s)).", + "type": "object", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "type": "array", + "items": { + "$ref": "#/definitions/PoolAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0" + } + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "type": "array", + "items": { + "$ref": "#/definitions/podAffinityTerm" + } + } + } + }, + "PoolAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "type": "object", + "required": [ + "podAffinityTerm", + "weight" + ], + "properties": { + "podAffinityTerm": { + "$ref": "#/definitions/podAffinityTerm" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "type": "integer", + "format": "int32" + } + } + }, + "PoolAffinityPodAntiAffinity": { + "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, pool, etc. as some other pod(s)).", + "type": "object", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "type": "array", + "items": { + "$ref": "#/definitions/PoolAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0" + } + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "type": "array", + "items": { + "$ref": "#/definitions/podAffinityTerm" + } + } + } + }, + "PoolAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "type": "object", + "required": [ + "podAffinityTerm", + "weight" + ], + "properties": { + "podAffinityTerm": { + "$ref": "#/definitions/podAffinityTerm" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "type": "integer", + "format": "int32" + } + } + }, + "PoolTolerationsItems0": { + "description": "The pod this Toleration is attached to tolerates any taint that matches the triple \u003ckey,value,effect\u003e using the matching operator \u003coperator\u003e.", + "type": "object", + "properties": { + "effect": { + "description": "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", + "type": "string" + }, + "key": { + "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.", + "type": "string" + }, + "operator": { + "description": "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.", + "type": "string" + }, + "tolerationSeconds": { + "$ref": "#/definitions/poolTolerationSeconds" + }, + "value": { + "description": "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.", + "type": "string" + } + } + }, + "PoolVolumeConfiguration": { + "type": "object", + "required": [ + "size" + ], + "properties": { + "annotations": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "size": { + "type": "integer" + }, + "storage_class_name": { + "type": "string" + } + } + }, + "TenantEndpoints": { + "type": "object", + "properties": { + "console": { + "type": "string" + }, + "minio": { + "type": "string" + } + } + }, + "TenantSecurityResponseCustomCertificates": { + "type": "object", + "properties": { + "console": { + "type": "array", + "items": { + "$ref": "#/definitions/certificateInfo" + } + }, + "consoleCAs": { + "type": "array", + "items": { + "$ref": "#/definitions/certificateInfo" + } + }, + "minio": { + "type": "array", + "items": { + "$ref": "#/definitions/certificateInfo" + } + }, + "minioCAs": { + "type": "array", + "items": { + "$ref": "#/definitions/certificateInfo" + } + } + } + }, + "UpdateTenantSecurityRequestCustomCertificates": { + "type": "object", + "properties": { + "console": { + "type": "array", + "items": { + "$ref": "#/definitions/keyPairConfiguration" + } + }, + "consoleCAs": { + "type": "array", + "items": { + "type": "string" + } + }, + "minio": { + "type": "array", + "items": { + "$ref": "#/definitions/keyPairConfiguration" + } + }, + "minioCAs": { + "type": "array", + "items": { + "type": "string" + } + }, + "secretsToBeDeleted": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "VaultConfigurationApprole": { + "type": "object", + "required": [ + "id", + "secret" + ], + "properties": { + "engine": { + "type": "string" + }, + "id": { + "type": "string" + }, + "retry": { + "type": "integer", + "format": "int64" + }, + "secret": { + "type": "string" + } + } + }, + "VaultConfigurationStatus": { + "type": "object", + "properties": { + "ping": { + "type": "integer", + "format": "int64" + } + } + }, + "VaultConfigurationTLS": { + "type": "object", + "properties": { + "ca": { + "type": "string" + }, + "crt": { + "type": "string" + }, + "key": { + "type": "string" + } + } + }, + "WidgetDetailsOptions": { + "type": "object", + "properties": { + "reduceOptions": { + "type": "object", + "properties": { + "calcs": { + "type": "array", + "items": { + "type": "string" + } + } + } + } + } + }, + "WidgetDetailsOptionsReduceOptions": { + "type": "object", + "properties": { + "calcs": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "WidgetOptions": { + "type": "object", + "properties": { + "reduceOptions": { + "type": "object", + "properties": { + "calcs": { + "type": "array", + "items": { + "type": "string" + } + } + } + } + } + }, + "WidgetOptionsReduceOptions": { + "type": "object", + "properties": { + "calcs": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "accountChangePasswordRequest": { + "type": "object", + "required": [ + "current_secret_key", + "new_secret_key" + ], + "properties": { + "current_secret_key": { + "type": "string" + }, + "new_secret_key": { + "type": "string" + } + } + }, + "addBucketLifecycle": { + "type": "object", + "properties": { + "disable": { + "description": "Non required, toggle to disable or enable rule", + "type": "boolean" + }, + "expired_object_delete_marker": { + "description": "Non required, toggle to disable or enable rule", + "type": "boolean" + }, + "expiry_date": { + "description": "Required in case of expiry_days or transition fields are not set. it defines an expiry date for ILM", + "type": "string" + }, + "expiry_days": { + "description": "Required in case of expiry_date or transition fields are not set. it defines an expiry days for ILM", + "type": "integer", + "format": "int32", + "default": 0 + }, + "noncurrentversion_expiration_days": { + "description": "Non required, can be set in case of expiration is enabled", + "type": "integer", + "format": "int32", + "default": 0 + }, + "noncurrentversion_transition_days": { + "description": "Non required, can be set in case of transition is enabled", + "type": "integer", + "format": "int32", + "default": 0 + }, + "noncurrentversion_transition_storage_class": { + "description": "Non required, can be set in case of transition is enabled", + "type": "string" + }, + "prefix": { + "description": "Non required field, it matches a prefix to perform ILM operations on it", + "type": "string" + }, + "storage_class": { + "description": "Required only in case of transition is set. it refers to a tier", + "type": "string" + }, + "tags": { + "description": "Non required field, tags to match ILM files", + "type": "string" + }, + "transition_date": { + "description": "Required in case of transition_days or expiry fields are not set. it defines a transition date for ILM", + "type": "string" + }, + "transition_days": { + "description": "Required in case of transition_date or expiry fields are not set. it defines a transition days for ILM", + "type": "integer", + "format": "int32", + "default": 0 + } + } + }, + "addBucketReplication": { + "type": "object", + "properties": { + "arn": { + "type": "string" + }, + "destination_bucket": { + "type": "string" + } + } + }, + "addGroupRequest": { + "type": "object", + "required": [ + "group", + "members" + ], + "properties": { + "group": { + "type": "string" + }, + "members": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "addPolicyRequest": { + "type": "object", + "required": [ + "name", + "policy" + ], + "properties": { + "name": { + "type": "string" + }, + "policy": { + "type": "string" + } + } + }, + "addUserRequest": { + "type": "object", + "required": [ + "accessKey", + "secretKey", + "groups" + ], + "properties": { + "accessKey": { + "type": "string" + }, + "groups": { + "type": "array", + "items": { + "type": "string" + } + }, + "secretKey": { + "type": "string" + } + } + }, + "adminInfoResponse": { + "type": "object", + "properties": { + "buckets": { + "type": "integer" + }, + "objects": { + "type": "integer" + }, + "usage": { + "type": "integer" + }, + "widgets": { + "type": "array", + "items": { + "$ref": "#/definitions/widget" + } + } + } + }, + "arnsResponse": { + "type": "object", + "properties": { + "arns": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "awsConfiguration": { + "type": "object", + "required": [ + "secretsmanager" + ], + "properties": { + "secretsmanager": { + "type": "object", + "required": [ + "endpoint", + "region", + "credentials" + ], + "properties": { + "credentials": { + "type": "object", + "required": [ + "accesskey", + "secretkey" + ], + "properties": { + "accesskey": { + "type": "string" + }, + "secretkey": { + "type": "string" + }, + "token": { + "type": "string" + } + } + }, + "endpoint": { + "type": "string" + }, + "kmskey": { + "type": "string" + }, + "region": { + "type": "string" + } + } + } + } + }, + "bucket": { + "type": "object", + "required": [ + "name" + ], + "properties": { + "access": { + "$ref": "#/definitions/bucketAccess" + }, + "creation_date": { + "type": "string" + }, + "name": { + "type": "string", + "minLength": 3 + }, + "size": { + "type": "integer", + "format": "int64" + } + } + }, + "bucketAccess": { + "type": "string", + "default": "PRIVATE", + "enum": [ + "PRIVATE", + "PUBLIC", + "CUSTOM" + ] + }, + "bucketEncryptionInfo": { + "type": "object", + "properties": { + "algorithm": { + "type": "string" + }, + "kmsMasterKeyID": { + "type": "string" + } + } + }, + "bucketEncryptionRequest": { + "type": "object", + "properties": { + "encType": { + "$ref": "#/definitions/bucketEncryptionType" + }, + "kmsKeyID": { + "type": "string" + } + } + }, + "bucketEncryptionType": { + "type": "string", + "default": "sse-s3", + "enum": [ + "sse-s3", + "sse-kms" + ] + }, + "bucketEventRequest": { + "type": "object", + "required": [ + "configuration" + ], + "properties": { + "configuration": { + "$ref": "#/definitions/notificationConfig" + }, + "ignoreExisting": { + "type": "boolean" + } + } + }, + "bucketLifecycleResponse": { + "type": "object", + "properties": { + "lifecycle": { + "type": "array", + "items": { + "$ref": "#/definitions/objectBucketLifecycle" + } + } + } + }, + "bucketObLockingResponse": { + "type": "object", + "properties": { + "object_locking_enabled": { + "type": "boolean" + } + } + }, + "bucketObject": { + "type": "object", + "properties": { + "content_type": { + "type": "string" + }, + "expiration": { + "type": "string" + }, + "expiration_rule_id": { + "type": "string" + }, + "is_delete_marker": { + "type": "boolean" + }, + "is_latest": { + "type": "boolean" + }, + "last_modified": { + "type": "string" + }, + "legal_hold_status": { + "type": "string" + }, + "name": { + "type": "string" + }, + "retention_mode": { + "type": "string" + }, + "retention_until_date": { + "type": "string" + }, + "size": { + "type": "integer", + "format": "int64" + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "user_tags": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "version_id": { + "type": "string" + } + } + }, + "bucketQuota": { + "type": "object", + "properties": { + "quota": { + "type": "integer" + }, + "type": { + "type": "string", + "enum": [ + "hard", + "fifo" + ] + } + } + }, + "bucketReplicationDestination": { + "type": "object", + "properties": { + "bucket": { + "type": "string" + } + } + }, + "bucketReplicationResponse": { + "type": "object", + "properties": { + "rules": { + "type": "array", + "items": { + "$ref": "#/definitions/bucketReplicationRule" + } + } + } + }, + "bucketReplicationRule": { + "type": "object", + "properties": { + "bandwidth": { + "type": "string" + }, + "delete_marker_replication": { + "type": "boolean" + }, + "deletes_replication": { + "type": "boolean" + }, + "destination": { + "$ref": "#/definitions/bucketReplicationDestination" + }, + "healthCheckPeriod": { + "type": "integer" + }, + "id": { + "type": "string" + }, + "metadata_replication": { + "type": "boolean" + }, + "prefix": { + "type": "string" + }, + "priority": { + "type": "integer", + "format": "int32" + }, + "status": { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + "syncMode": { + "type": "string", + "default": "async", + "enum": [ + "async", + "sync" + ] + }, + "tags": { + "type": "string" + } + } + }, + "bucketVersioningResponse": { + "type": "object", + "properties": { + "is_versioned": { + "type": "boolean" + } + } + }, + "bulkUserGroups": { + "type": "object", + "required": [ + "users", + "groups" + ], + "properties": { + "groups": { + "type": "array", + "items": { + "type": "string" + } + }, + "users": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "certificateInfo": { + "type": "object", + "properties": { + "domains": { + "type": "array", + "items": { + "type": "string" + } + }, + "expiry": { + "type": "string" + }, + "name": { + "type": "string" + }, + "serialNumber": { + "type": "string" + } + } + }, + "changeUserPasswordRequest": { + "type": "object", + "required": [ + "selectedUser", + "newSecretKey" + ], + "properties": { + "newSecretKey": { + "type": "string" + }, + "selectedUser": { + "type": "string" + } + } + }, + "configDescription": { + "type": "object", + "properties": { + "description": { + "type": "string" + }, + "key": { + "type": "string" + } + } + }, + "configuration": { + "type": "object", + "properties": { + "key_values": { + "type": "array", + "items": { + "$ref": "#/definitions/configurationKV" + } + }, + "name": { + "type": "string" + } + } + }, + "configurationKV": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "consoleConfiguration": { + "allOf": [ + { + "$ref": "#/definitions/metadataFields" + }, + { + "type": "object", + "properties": { + "image": { + "type": "string" + } + } + } + ] + }, + "createRemoteBucket": { + "required": [ + "accessKey", + "secretKey", + "targetURL", + "sourceBucket", + "targetBucket" + ], + "properties": { + "accessKey": { + "type": "string", + "minLength": 3 + }, + "bandwidth": { + "type": "integer", + "format": "int64" + }, + "healthCheckPeriod": { + "type": "integer", + "format": "int32" + }, + "region": { + "type": "string" + }, + "secretKey": { + "type": "string", + "minLength": 8 + }, + "sourceBucket": { + "type": "string" + }, + "syncMode": { + "type": "string", + "default": "async", + "enum": [ + "async", + "sync" + ] + }, + "targetBucket": { + "type": "string" + }, + "targetURL": { + "type": "string" + } + } + }, + "createTenantRequest": { + "type": "object", + "required": [ + "name", + "namespace", + "pools" + ], + "properties": { + "access_key": { + "type": "string" + }, + "annotations": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "console": { + "type": "object", + "$ref": "#/definitions/consoleConfiguration" + }, + "console_image": { + "type": "string" + }, + "enable_console": { + "type": "boolean", + "default": true + }, + "enable_prometheus": { + "type": "boolean", + "default": false + }, + "enable_tls": { + "type": "boolean", + "default": true + }, + "encryption": { + "type": "object", + "$ref": "#/definitions/encryptionConfiguration" + }, + "erasureCodingParity": { + "type": "integer" + }, + "expose_console": { + "type": "boolean" + }, + "expose_minio": { + "type": "boolean" + }, + "idp": { + "type": "object", + "$ref": "#/definitions/idpConfiguration" + }, + "image": { + "type": "string" + }, + "image_pull_secret": { + "type": "string" + }, + "image_registry": { + "$ref": "#/definitions/imageRegistry" + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "logSearchConfiguration": { + "$ref": "#/definitions/logSearchConfiguration" + }, + "mounth_path": { + "type": "string" + }, + "name": { + "type": "string", + "pattern": "^[a-z0-9-]{3,63}$" + }, + "namespace": { + "type": "string" + }, + "pools": { + "type": "array", + "items": { + "$ref": "#/definitions/pool" + } + }, + "prometheusConfiguration": { + "$ref": "#/definitions/prometheusConfiguration" + }, + "secret_key": { + "type": "string" + }, + "tls": { + "type": "object", + "$ref": "#/definitions/tlsConfiguration" + } + } + }, + "createTenantResponse": { + "type": "object", + "properties": { + "console": { + "type": "array", + "items": { + "$ref": "#/definitions/tenantResponseItem" + } + } + } + }, + "csiFormatErrorResponse": { + "type": "object", + "properties": { + "drive": { + "type": "string" + }, + "error": { + "type": "string" + }, + "node": { + "type": "string" + } + } + }, + "deleteTenantRequest": { + "type": "object", + "properties": { + "delete_pvcs": { + "type": "boolean" + } + } + }, + "directCSIDriveInfo": { + "type": "object", + "properties": { + "allocated": { + "type": "number", + "format": "int64" + }, + "capacity": { + "type": "number", + "format": "int64" + }, + "drive": { + "type": "string" + }, + "message": { + "type": "string" + }, + "node": { + "type": "string" + }, + "status": { + "type": "string" + }, + "volumes": { + "type": "number", + "format": "int64" + } + } + }, + "directCSIVolumeInfo": { + "type": "object", + "properties": { + "capacity": { + "type": "number", + "format": "int64" + }, + "drive": { + "type": "string" + }, + "node": { + "type": "string" + }, + "volume": { + "type": "string" + } + } + }, + "encryptionConfiguration": { + "allOf": [ + { + "$ref": "#/definitions/metadataFields" + }, + { + "type": "object", + "properties": { + "aws": { + "type": "object", + "$ref": "#/definitions/awsConfiguration" + }, + "client": { + "type": "object", + "$ref": "#/definitions/keyPairConfiguration" + }, + "gcp": { + "type": "object", + "$ref": "#/definitions/gcpConfiguration" + }, + "gemalto": { + "type": "object", + "$ref": "#/definitions/gemaltoConfiguration" + }, + "image": { + "type": "string" + }, + "replicas": { + "type": "string" + }, + "server": { + "type": "object", + "$ref": "#/definitions/keyPairConfiguration" + }, + "vault": { + "type": "object", + "$ref": "#/definitions/vaultConfiguration" + } + } + } + ] + }, + "error": { + "type": "object", + "required": [ + "message" + ], + "properties": { + "code": { + "type": "integer", + "format": "int32" + }, + "message": { + "type": "string" + } + } + }, + "eventListElement": { + "type": "object", + "properties": { + "event_type": { + "type": "string" + }, + "last_seen": { + "type": "integer", + "format": "int64" + }, + "message": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "object": { + "type": "string" + }, + "reason": { + "type": "string" + } + } + }, + "eventListWrapper": { + "type": "array", + "items": { + "$ref": "#/definitions/eventListElement" + } + }, + "expirationResponse": { + "type": "object", + "properties": { + "date": { + "type": "string" + }, + "days": { + "type": "integer", + "format": "int64" + }, + "delete_marker": { + "type": "boolean" + } + } + }, + "formatConfiguration": { + "type": "object", + "required": [ + "drives", + "force" + ], + "properties": { + "drives": { + "type": "array", + "minLength": 1, + "items": { + "type": "string" + } + }, + "force": { + "type": "boolean" + } + } + }, + "formatDirectCSIDrivesResponse": { + "type": "object", + "properties": { + "formatIssuesList": { + "type": "array", + "items": { + "$ref": "#/definitions/csiFormatErrorResponse" + } + } + } + }, + "gcpConfiguration": { + "type": "object", + "required": [ + "secretmanager" + ], + "properties": { + "secretmanager": { + "type": "object", + "required": [ + "project_id" + ], + "properties": { + "credentials": { + "type": "object", + "properties": { + "client_email": { + "type": "string" + }, + "client_id": { + "type": "string" + }, + "private_key": { + "type": "string" + }, + "private_key_id": { + "type": "string" + } + } + }, + "endpoint": { + "type": "string" + }, + "project_id": { + "type": "string" + } + } + } + } + }, + "gemaltoConfiguration": { + "type": "object", + "required": [ + "keysecure" + ], + "properties": { + "keysecure": { + "type": "object", + "required": [ + "endpoint", + "credentials" + ], + "properties": { + "credentials": { + "type": "object", + "required": [ + "token", + "domain" + ], + "properties": { + "domain": { + "type": "string" + }, + "retry": { + "type": "integer", + "format": "int64" + }, + "token": { + "type": "string" + } + } + }, + "endpoint": { + "type": "string" + }, + "tls": { + "type": "object", + "required": [ + "ca" + ], + "properties": { + "ca": { + "type": "string" + } + } + } + } + } + } + }, + "getBucketRetentionConfig": { + "type": "object", + "properties": { + "mode": { + "$ref": "#/definitions/objectRetentionMode" + }, + "unit": { + "$ref": "#/definitions/objectRetentionUnit" + }, + "validity": { + "type": "integer", + "format": "int32" + } + } + }, + "getDirectCSIDriveListResponse": { + "type": "object", + "properties": { + "drives": { + "type": "array", + "items": { + "$ref": "#/definitions/directCSIDriveInfo" + } + } + } + }, + "getDirectCSIVolumeListResponse": { + "type": "object", + "properties": { + "volumes": { + "type": "array", + "items": { + "$ref": "#/definitions/directCSIVolumeInfo" + } + } + } + }, + "group": { + "type": "object", + "properties": { + "members": { + "type": "array", + "items": { + "type": "string" + } + }, + "name": { + "type": "string" + }, + "policy": { + "type": "string" + }, + "status": { + "type": "string" + } + } + }, + "hasPermissionRequest": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/definitions/policyArgs" + } + } + } + }, + "hasPermissionResponse": { + "type": "object", + "properties": { + "permissions": { + "type": "array", + "items": { + "$ref": "#/definitions/permissionAction" + } + } + } + }, + "iamEntity": { + "type": "string", + "pattern": "^[\\w+=,.@-]{1,64}$" + }, + "idpConfiguration": { + "type": "object", + "properties": { + "active_directory": { + "type": "object", + "required": [ + "url", + "username_format", + "user_search_filter" + ], + "properties": { + "group_name_attribute": { + "type": "string" + }, + "group_search_base_dn": { + "type": "string" + }, + "group_search_filter": { + "type": "string" + }, + "server_insecure": { + "type": "boolean" + }, + "skip_tls_verification": { + "type": "boolean" + }, + "url": { + "type": "string" + }, + "user_search_filter": { + "type": "string" + }, + "username_format": { + "type": "string" + } + } + }, + "keys": { + "type": "array", + "items": { + "$ref": "#/definitions/IdpConfigurationKeysItems0" + } + }, + "oidc": { + "type": "object", + "required": [ + "url", + "client_id", + "secret_id" + ], + "properties": { + "client_id": { + "type": "string" + }, + "secret_id": { + "type": "string" + }, + "url": { + "type": "string" + } + } + } + } + }, + "imageRegistry": { + "type": "object", + "required": [ + "registry", + "username", + "password" + ], + "properties": { + "password": { + "type": "string" + }, + "registry": { + "type": "string" + }, + "username": { + "type": "string" + } + } + }, + "keyPairConfiguration": { + "type": "object", + "required": [ + "crt", + "key" + ], + "properties": { + "crt": { + "type": "string" + }, + "key": { + "type": "string" + } + } + }, + "license": { + "type": "object", + "properties": { + "account_id": { + "type": "integer" + }, + "email": { + "type": "string" + }, + "expires_at": { + "type": "string" + }, + "organization": { + "type": "string" + }, + "plan": { + "type": "string" + }, + "storage_capacity": { + "type": "integer" + } + } + }, + "lifecycleTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "listBucketEventsResponse": { + "type": "object", + "properties": { + "events": { + "type": "array", + "items": { + "$ref": "#/definitions/notificationConfig" + } + }, + "total": { + "type": "integer", + "format": "int64", + "title": "total number of bucket events" + } + } + }, + "listBucketsResponse": { + "type": "object", + "properties": { + "buckets": { + "type": "array", + "title": "list of resulting buckets", + "items": { + "$ref": "#/definitions/bucket" + } + }, + "total": { + "type": "integer", + "format": "int64", + "title": "number of buckets accessible to tenant user" + } + } + }, + "listConfigResponse": { + "type": "object", + "properties": { + "configurations": { + "type": "array", + "items": { + "$ref": "#/definitions/configDescription" + } + }, + "total": { + "type": "integer", + "format": "int64", + "title": "total number of configurations" + } + } + }, + "listExternalBucketsParams": { + "required": [ + "accessKey", + "secretKey", + "targetURL", + "useTLS" + ], + "properties": { + "accessKey": { + "type": "string", + "minLength": 3 + }, + "region": { + "type": "string" + }, + "secretKey": { + "type": "string", + "minLength": 8 + }, + "targetURL": { + "type": "string" + }, + "useTLS": { + "type": "boolean" + } + } + }, + "listGroupsResponse": { + "type": "object", + "properties": { + "groups": { + "type": "array", + "title": "list of groups", + "items": { + "type": "string" + } + }, + "total": { + "type": "integer", + "format": "int64", + "title": "total number of groups" + } + } + }, + "listObjectsResponse": { + "type": "object", + "properties": { + "objects": { + "type": "array", + "title": "list of resulting objects", + "items": { + "$ref": "#/definitions/bucketObject" + } + }, + "total": { + "type": "integer", + "format": "int64", + "title": "number of objects" + } + } + }, + "listPVCsResponse": { + "type": "object", + "properties": { + "pvcs": { + "type": "array", + "items": { + "$ref": "#/definitions/pvcsListResponse" + } + } + } + }, + "listPoliciesResponse": { + "type": "object", + "properties": { + "policies": { + "type": "array", + "title": "list of policies", + "items": { + "$ref": "#/definitions/policy" + } + }, + "total": { + "type": "integer", + "format": "int64", + "title": "total number of policies" + } + } + }, + "listRemoteBucketsResponse": { + "type": "object", + "properties": { + "buckets": { + "type": "array", + "title": "list of remote buckets", + "items": { + "$ref": "#/definitions/remoteBucket" + } + }, + "total": { + "type": "integer", + "format": "int64", + "title": "number of remote buckets accessible to user" + } + } + }, + "listTenantsResponse": { + "type": "object", + "properties": { + "tenants": { + "type": "array", + "title": "list of resulting tenants", + "items": { + "$ref": "#/definitions/tenantList" + } + }, + "total": { + "type": "integer", + "format": "int64", + "title": "number of tenants accessible to tenant user" + } + } + }, + "listUsersResponse": { + "type": "object", + "properties": { + "users": { + "type": "array", + "title": "list of resulting users", + "items": { + "$ref": "#/definitions/user" + } + } + } + }, + "logSearchConfiguration": { + "type": "object", + "properties": { + "image": { + "type": "string" + }, + "postgres_image": { + "type": "string" + }, + "storageClass": { + "type": "string", + "default": "" + }, + "storageSize": { + "type": "number", + "default": 5 + } + } + }, + "logSearchResponse": { + "type": "object", + "properties": { + "results": { + "type": "object", + "title": "list of log search responses" + } + } + }, + "loginDetails": { + "type": "object", + "properties": { + "loginStrategy": { + "type": "string", + "enum": [ + "form", + "redirect", + "service-account" + ] + }, + "redirect": { + "type": "string" + } + } + }, + "loginOauth2AuthRequest": { + "type": "object", + "required": [ + "state", + "code" + ], + "properties": { + "code": { + "type": "string" + }, + "state": { + "type": "string" + } + } + }, + "loginOperatorRequest": { + "type": "object", + "required": [ + "jwt" + ], + "properties": { + "jwt": { + "type": "string" + } + } + }, + "loginRequest": { + "type": "object", + "required": [ + "accessKey", + "secretKey" + ], + "properties": { + "accessKey": { + "type": "string" + }, + "secretKey": { + "type": "string" + } + } + }, + "loginResponse": { + "type": "object", + "properties": { + "sessionId": { + "type": "string" + } + } + }, + "makeBucketRequest": { + "type": "object", + "required": [ + "name" + ], + "properties": { + "locking": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "quota": { + "$ref": "#/definitions/setBucketQuota" + }, + "retention": { + "$ref": "#/definitions/putBucketRetentionRequest" + }, + "versioning": { + "type": "boolean" + } + } + }, + "maxAllocatableMemResponse": { + "type": "object", + "properties": { + "max_memory": { + "type": "integer", + "format": "int64" + } + } + }, + "metadataFields": { + "type": "object", + "properties": { + "annotations": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "node_selector": { + "type": "object", + "additionalProperties": { + "type": "string" + } + } + } + }, + "multiBucketReplication": { + "required": [ + "accessKey", + "secretKey", + "targetURL", + "bucketsRelation" + ], + "properties": { + "accessKey": { + "type": "string", + "minLength": 3 + }, + "bandwidth": { + "type": "integer", + "format": "int64" + }, + "bucketsRelation": { + "type": "array", + "minLength": 1, + "items": { + "$ref": "#/definitions/multiBucketsRelation" + } + }, + "healthCheckPeriod": { + "type": "integer", + "format": "int32" + }, + "prefix": { + "type": "string" + }, + "region": { + "type": "string" + }, + "replicateDeleteMarkers": { + "type": "boolean" + }, + "replicateDeletes": { + "type": "boolean" + }, + "replicateMetadata": { + "type": "boolean" + }, + "secretKey": { + "type": "string", + "minLength": 8 + }, + "syncMode": { + "type": "string", + "default": "async", + "enum": [ + "async", + "sync" + ] + }, + "tags": { + "type": "string" + }, + "targetURL": { + "type": "string" + } + } + }, + "multiBucketResponseItem": { + "type": "object", + "properties": { + "errorString": { + "type": "string" + }, + "originBucket": { + "type": "string" + }, + "targetBucket": { + "type": "string" + } + } + }, + "multiBucketResponseState": { + "type": "object", + "properties": { + "replicationState": { + "type": "array", + "items": { + "$ref": "#/definitions/multiBucketResponseItem" + } + } + } + }, + "multiBucketsRelation": { + "type": "object", + "properties": { + "destinationBucket": { + "type": "string" + }, + "originBucket": { + "type": "string" + } + } + }, + "namespace": { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string" + } + } + }, + "nodeLabels": { + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "type": "string" + } + } + }, + "nodeSelectorTerm": { + "description": "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", + "type": "object", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "type": "array", + "items": { + "$ref": "#/definitions/NodeSelectorTermMatchExpressionsItems0" + } + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "type": "array", + "items": { + "$ref": "#/definitions/NodeSelectorTermMatchFieldsItems0" + } + } + } + }, + "nofiticationService": { + "type": "string", + "enum": [ + "webhook", + "amqp", + "kafka", + "mqtt", + "nats", + "nsq", + "mysql", + "postgres", + "elasticsearch", + "redis" + ] + }, + "notifEndpointResponse": { + "type": "object", + "properties": { + "notification_endpoints": { + "type": "array", + "items": { + "$ref": "#/definitions/notificationEndpointItem" + } + } + } + }, + "notificationConfig": { + "type": "object", + "required": [ + "arn" + ], + "properties": { + "arn": { + "type": "string" + }, + "events": { + "type": "array", + "title": "filter specific type of event. Defaults to all event (default: '[put,delete,get]')", + "items": { + "$ref": "#/definitions/notificationEventType" + } + }, + "id": { + "type": "string" + }, + "prefix": { + "type": "string", + "title": "filter event associated to the specified prefix" + }, + "suffix": { + "type": "string", + "title": "filter event associated to the specified suffix" + } + } + }, + "notificationDeleteRequest": { + "type": "object", + "required": [ + "events", + "prefix", + "suffix" + ], + "properties": { + "events": { + "type": "array", + "title": "filter specific type of event. Defaults to all event (default: '[put,delete,get]')", + "minLength": 1, + "items": { + "$ref": "#/definitions/notificationEventType" + } + }, + "prefix": { + "type": "string", + "title": "filter event associated to the specified prefix" + }, + "suffix": { + "type": "string", + "title": "filter event associated to the specified suffix" + } + } + }, + "notificationEndpoint": { + "type": "object", + "required": [ + "service", + "account_id", + "properties" + ], + "properties": { + "account_id": { + "type": "string" + }, + "properties": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "service": { + "$ref": "#/definitions/nofiticationService" + } + } + }, + "notificationEndpointItem": { + "type": "object", + "properties": { + "account_id": { + "type": "string" + }, + "service": { + "$ref": "#/definitions/nofiticationService" + }, + "status": { + "type": "string" + } + } + }, + "notificationEventType": { + "type": "string", + "enum": [ + "put", + "delete", + "get" + ] + }, + "objectBucketLifecycle": { + "type": "object", + "properties": { + "expiration": { + "$ref": "#/definitions/expirationResponse" + }, + "id": { + "type": "string" + }, + "prefix": { + "type": "string" + }, + "status": { + "type": "string" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/definitions/lifecycleTag" + } + }, + "transition": { + "$ref": "#/definitions/transitionResponse" + } + } + }, + "objectLegalHoldStatus": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + }, + "objectRetentionMode": { + "type": "string", + "enum": [ + "governance", + "compliance" + ] + }, + "objectRetentionUnit": { + "type": "string", + "enum": [ + "days", + "years" + ] + }, + "parityResponse": { + "type": "array", + "items": { + "type": "string" + } + }, + "permissionAction": { + "type": "object", + "properties": { + "can": { + "type": "boolean" + }, + "id": { + "type": "string" + } + } + }, + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "type": "object", + "required": [ + "topologyKey" + ], + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "type": "object", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "type": "array", + "items": { + "$ref": "#/definitions/PodAffinityTermLabelSelectorMatchExpressionsItems0" + } + }, + "matchLabels": { + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object", + "additionalProperties": { + "type": "string" + } + } + } + }, + "namespaces": { + "description": "namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means \"this pod's namespace\"", + "type": "array", + "items": { + "type": "string" + } + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + } + }, + "policy": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "policy": { + "type": "string" + } + } + }, + "policyArgs": { + "type": "object", + "properties": { + "action": { + "type": "string" + }, + "bucket_name": { + "type": "string" + }, + "id": { + "type": "string" + } + } + }, + "policyEntity": { + "type": "string", + "default": "user", + "enum": [ + "user", + "group" + ] + }, + "pool": { + "type": "object", + "required": [ + "servers", + "volumes_per_server", + "volume_configuration" + ], + "properties": { + "affinity": { + "$ref": "#/definitions/poolAffinity" + }, + "name": { + "type": "string" + }, + "node_selector": { + "description": "NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node's labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/", + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "resources": { + "$ref": "#/definitions/poolResources" + }, + "servers": { + "type": "integer" + }, + "tolerations": { + "$ref": "#/definitions/poolTolerations" + }, + "volume_configuration": { + "type": "object", + "required": [ + "size" + ], + "properties": { + "annotations": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "size": { + "type": "integer" + }, + "storage_class_name": { + "type": "string" + } + } + }, + "volumes_per_server": { + "type": "integer", + "format": "int32" + } + } + }, + "poolAffinity": { + "description": "If specified, affinity will define the pod's scheduling constraints", + "type": "object", + "properties": { + "nodeAffinity": { + "description": "Describes node affinity scheduling rules for the pod.", + "type": "object", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.", + "type": "array", + "items": { + "$ref": "#/definitions/PoolAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0" + } + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", + "type": "object", + "required": [ + "nodeSelectorTerms" + ], + "properties": { + "nodeSelectorTerms": { + "description": "Required. A list of node selector terms. The terms are ORed.", + "type": "array", + "items": { + "$ref": "#/definitions/nodeSelectorTerm" + } + } + } + } + } + }, + "podAffinity": { + "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, pool, etc. as some other pod(s)).", + "type": "object", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "type": "array", + "items": { + "$ref": "#/definitions/PoolAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0" + } + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "type": "array", + "items": { + "$ref": "#/definitions/podAffinityTerm" + } + } + } + }, + "podAntiAffinity": { + "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, pool, etc. as some other pod(s)).", + "type": "object", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "type": "array", + "items": { + "$ref": "#/definitions/PoolAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0" + } + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "type": "array", + "items": { + "$ref": "#/definitions/podAffinityTerm" + } + } + } + } + } + }, + "poolResources": { + "description": "If provided, use these requests and limit for cpu/memory resource allocation", + "type": "object", + "properties": { + "limits": { + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/", + "type": "object", + "additionalProperties": { + "type": "integer", + "format": "int64" + } + }, + "requests": { + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/", + "type": "object", + "additionalProperties": { + "type": "integer", + "format": "int64" + } + } + } + }, + "poolTolerationSeconds": { + "description": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.", + "type": "object", + "required": [ + "seconds" + ], + "properties": { + "seconds": { + "type": "integer", + "format": "int64" + } + } + }, + "poolTolerations": { + "description": "Tolerations allows users to set entries like effect, key, operator, value.", + "type": "array", + "items": { + "$ref": "#/definitions/PoolTolerationsItems0" + } + }, + "poolUpdateRequest": { + "type": "object", + "required": [ + "pools" + ], + "properties": { + "pools": { + "type": "array", + "items": { + "$ref": "#/definitions/pool" + } + } + } + }, + "principal": { + "type": "object", + "properties": { + "STSAccessKeyID": { + "type": "string" + }, + "STSSecretAccessKey": { + "type": "string" + }, + "STSSessionToken": { + "type": "string" + }, + "accountAccessKey": { + "type": "string" + }, + "actions": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "profilerType": { + "type": "string", + "enum": [ + "cpu", + "mem", + "block", + "mutex", + "trace", + "threads", + "goroutines" + ] + }, + "profilingStartRequest": { + "type": "object", + "required": [ + "type" + ], + "properties": { + "type": { + "$ref": "#/definitions/profilerType" + } + } + }, + "prometheusConfiguration": { + "type": "object", + "properties": { + "image": { + "type": "string" + }, + "storageClass": { + "type": "string", + "default": "" + }, + "storageSize": { + "type": "number", + "default": 5 + } + } + }, + "putBucketRetentionRequest": { + "type": "object", + "required": [ + "mode", + "unit", + "validity" + ], + "properties": { + "mode": { + "$ref": "#/definitions/objectRetentionMode" + }, + "unit": { + "$ref": "#/definitions/objectRetentionUnit" + }, + "validity": { + "type": "integer", + "format": "int32" + } + } + }, + "putObjectLegalHoldRequest": { + "type": "object", + "required": [ + "status" + ], + "properties": { + "status": { + "$ref": "#/definitions/objectLegalHoldStatus" + } + } + }, + "putObjectRetentionRequest": { + "type": "object", + "required": [ + "mode", + "expires" + ], + "properties": { + "expires": { + "type": "string" + }, + "governance_bypass": { + "type": "boolean" + }, + "mode": { + "$ref": "#/definitions/objectRetentionMode" + } + } + }, + "putObjectTagsRequest": { + "type": "object", + "properties": { + "tags": { + "additionalProperties": { + "type": "string" + } + } + } + }, + "pvcsListResponse": { + "type": "object", + "properties": { + "age": { + "type": "string" + }, + "capacity": { + "type": "string" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "status": { + "type": "string" + }, + "storageClass": { + "type": "string" + }, + "volume": { + "type": "string" + } + } + }, + "remoteBucket": { + "type": "object", + "required": [ + "accessKey", + "sourceBucket", + "remoteARN" + ], + "properties": { + "accessKey": { + "type": "string", + "minLength": 3 + }, + "bandwidth": { + "type": "integer", + "format": "int64" + }, + "healthCheckPeriod": { + "type": "integer" + }, + "remoteARN": { + "type": "string" + }, + "secretKey": { + "type": "string", + "minLength": 8 + }, + "service": { + "type": "string", + "enum": [ + "replication" + ] + }, + "sourceBucket": { + "type": "string" + }, + "status": { + "type": "string" + }, + "syncMode": { + "type": "string" + }, + "targetBucket": { + "type": "string" + }, + "targetURL": { + "type": "string" + } + } + }, + "resourceQuota": { + "type": "object", + "properties": { + "elements": { + "type": "array", + "items": { + "$ref": "#/definitions/resourceQuotaElement" + } + }, + "name": { + "type": "string" + } + } + }, + "resourceQuotaElement": { + "type": "object", + "properties": { + "hard": { + "type": "integer", + "format": "int64" + }, + "name": { + "type": "string" + }, + "used": { + "type": "integer", + "format": "int64" + } + } + }, + "resultTarget": { + "type": "object", + "properties": { + "legendFormat": { + "type": "string" + }, + "result": { + "type": "array", + "items": { + "$ref": "#/definitions/widgetResult" + } + }, + "resultType": { + "type": "string" + } + } + }, + "rewindItem": { + "type": "object", + "properties": { + "action": { + "type": "string" + }, + "delete_flag": { + "type": "boolean" + }, + "last_modified": { + "type": "string" + }, + "name": { + "type": "string" + }, + "size": { + "type": "integer", + "format": "int64" + }, + "version_id": { + "type": "string" + } + } + }, + "rewindResponse": { + "type": "object", + "properties": { + "objects": { + "type": "array", + "items": { + "$ref": "#/definitions/rewindItem" + } + } + } + }, + "serviceAccountCreds": { + "type": "object", + "properties": { + "accessKey": { + "type": "string" + }, + "secretKey": { + "type": "string" + } + } + }, + "serviceAccountRequest": { + "type": "object", + "properties": { + "policy": { + "type": "string", + "title": "policy to be applied to the Service Account if any" + } + } + }, + "serviceAccounts": { + "type": "array", + "items": { + "type": "string" + } + }, + "sessionResponse": { + "type": "object", + "properties": { + "features": { + "type": "array", + "items": { + "type": "string" + } + }, + "operator": { + "type": "boolean" + }, + "pages": { + "type": "array", + "items": { + "type": "string" + } + }, + "status": { + "type": "string", + "enum": [ + "ok" + ] + } + } + }, + "setBucketPolicyRequest": { + "type": "object", + "required": [ + "access" + ], + "properties": { + "access": { + "$ref": "#/definitions/bucketAccess" + } + } + }, + "setBucketQuota": { + "type": "object", + "required": [ + "enabled" + ], + "properties": { + "amount": { + "type": "integer" + }, + "enabled": { + "type": "boolean" + }, + "quota_type": { + "type": "string", + "enum": [ + "fifo", + "hard" + ] + } + } + }, + "setBucketVersioning": { + "type": "object", + "properties": { + "versioning": { + "type": "boolean" + } + } + }, + "setConfigRequest": { + "type": "object", + "required": [ + "key_values" + ], + "properties": { + "arn_resource_id": { + "type": "string", + "title": "Used if configuration is an event notification's target" + }, + "key_values": { + "type": "array", + "minItems": 1, + "items": { + "$ref": "#/definitions/configurationKV" + } + } + } + }, + "setConfigResponse": { + "type": "object", + "properties": { + "restart": { + "description": "Returns wheter server needs to restart to apply changes or not", + "type": "boolean" + } + } + }, + "setNotificationEndpointResponse": { + "type": "object", + "required": [ + "service", + "account_id", + "properties" + ], + "properties": { + "account_id": { + "type": "string" + }, + "properties": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "restart": { + "type": "boolean" + }, + "service": { + "$ref": "#/definitions/nofiticationService" + } + } + }, + "setPolicyMultipleRequest": { + "type": "object", + "properties": { + "groups": { + "type": "array", + "items": { + "$ref": "#/definitions/iamEntity" + } + }, + "users": { + "type": "array", + "items": { + "$ref": "#/definitions/iamEntity" + } + } + } + }, + "setPolicyRequest": { + "type": "object", + "required": [ + "entityType", + "entityName" + ], + "properties": { + "entityName": { + "type": "string" + }, + "entityType": { + "$ref": "#/definitions/policyEntity" + } + } + }, + "startProfilingItem": { + "type": "object", + "properties": { + "error": { + "type": "string" + }, + "nodeName": { + "type": "string" + }, + "success": { + "type": "boolean" + } + } + }, + "startProfilingList": { + "type": "object", + "properties": { + "startResults": { + "type": "array", + "items": { + "$ref": "#/definitions/startProfilingItem" + } + }, + "total": { + "type": "integer", + "format": "int64", + "title": "number of start results" + } + } + }, + "subscriptionValidateRequest": { + "type": "object", + "properties": { + "email": { + "type": "string" + }, + "license": { + "type": "string" + }, + "password": { + "type": "string" + } + } + }, + "tenant": { + "type": "object", + "properties": { + "consoleEnabled": { + "type": "boolean" + }, + "consoleTLS": { + "type": "boolean" + }, + "console_image": { + "type": "string" + }, + "creation_date": { + "type": "string" + }, + "currentState": { + "type": "string" + }, + "deletion_date": { + "type": "string" + }, + "enable_prometheus": { + "type": "boolean" + }, + "encryptionEnabled": { + "type": "boolean" + }, + "endpoints": { + "type": "object", + "properties": { + "console": { + "type": "string" + }, + "minio": { + "type": "string" + } + } + }, + "idpAdEnabled": { + "type": "boolean" + }, + "idpOicEnabled": { + "type": "boolean" + }, + "image": { + "type": "string" + }, + "logEnabled": { + "type": "boolean" + }, + "minioTLS": { + "type": "boolean" + }, + "monitoringEnabled": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "pools": { + "type": "array", + "items": { + "$ref": "#/definitions/pool" + } + }, + "status": { + "$ref": "#/definitions/tenantStatus" + }, + "subnet_license": { + "$ref": "#/definitions/license" + }, + "total_size": { + "type": "integer", + "format": "int64" + } + } + }, + "tenantList": { + "type": "object", + "properties": { + "creation_date": { + "type": "string" + }, + "currentState": { + "type": "string" + }, + "deletion_date": { + "type": "string" + }, + "health_status": { + "type": "string" + }, + "instance_count": { + "type": "integer" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "pool_count": { + "type": "integer" + }, + "total_size": { + "type": "integer" + }, + "volume_count": { + "type": "integer" + } + } + }, + "tenantPod": { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string" + }, + "node": { + "type": "string" + }, + "podIP": { + "type": "string" + }, + "restarts": { + "type": "integer" + }, + "status": { + "type": "string" + }, + "timeCreated": { + "type": "integer" + } + } + }, + "tenantResponseItem": { + "type": "object", + "properties": { + "access_key": { + "type": "string" + }, + "secret_key": { + "type": "string" + } + } + }, + "tenantSecurityResponse": { + "type": "object", + "properties": { + "autoCert": { + "type": "boolean" + }, + "customCertificates": { + "type": "object", + "properties": { + "console": { + "type": "array", + "items": { + "$ref": "#/definitions/certificateInfo" + } + }, + "consoleCAs": { + "type": "array", + "items": { + "$ref": "#/definitions/certificateInfo" + } + }, + "minio": { + "type": "array", + "items": { + "$ref": "#/definitions/certificateInfo" + } + }, + "minioCAs": { + "type": "array", + "items": { + "$ref": "#/definitions/certificateInfo" + } + } + } + } + } + }, + "tenantStatus": { + "type": "object", + "properties": { + "drives_healing": { + "type": "integer", + "format": "int32" + }, + "drives_offline": { + "type": "integer", + "format": "int32" + }, + "drives_online": { + "type": "integer", + "format": "int32" + }, + "health_status": { + "type": "string" + }, + "write_quorum": { + "type": "integer", + "format": "int32" + } + } + }, + "tenantUsage": { + "type": "object", + "properties": { + "disk_used": { + "type": "integer", + "format": "int64" + }, + "used": { + "type": "integer", + "format": "int64" + } + } + }, + "tenantYAML": { + "type": "object", + "properties": { + "yaml": { + "type": "string" + } + } + }, + "tier": { + "type": "object", + "properties": { + "azure": { + "type": "object", + "$ref": "#/definitions/tier_azure" + }, + "gcs": { + "type": "object", + "$ref": "#/definitions/tier_gcs" + }, + "s3": { + "type": "object", + "$ref": "#/definitions/tier_s3" + }, + "type": { + "type": "string", + "enum": [ + "s3", + "gcs", + "azure", + "unsupported" + ] + } + } + }, + "tierCredentialsRequest": { + "type": "object", + "properties": { + "access_key": { + "type": "string" + }, + "creds": { + "description": "a base64 encoded value", + "type": "string" + }, + "secret_key": { + "type": "string" + } + } + }, + "tierListResponse": { + "type": "object", + "properties": { + "items": { + "type": "array", + "items": { + "$ref": "#/definitions/tier" + } + } + } + }, + "tier_azure": { + "type": "object", + "properties": { + "accountkey": { + "type": "string" + }, + "accountname": { + "type": "string" + }, + "bucket": { + "type": "string" + }, + "endpoint": { + "type": "string" + }, + "name": { + "type": "string" + }, + "prefix": { + "type": "string" + }, + "region": { + "type": "string" + } + } + }, + "tier_gcs": { + "type": "object", + "properties": { + "bucket": { + "type": "string" + }, + "creds": { + "type": "string" + }, + "endpoint": { + "type": "string" + }, + "name": { + "type": "string" + }, + "prefix": { + "type": "string" + }, + "region": { + "type": "string" + } + } + }, + "tier_s3": { + "type": "object", + "properties": { + "accesskey": { + "type": "string" + }, + "bucket": { + "type": "string" + }, + "endpoint": { + "type": "string" + }, + "name": { + "type": "string" + }, + "prefix": { + "type": "string" + }, + "region": { + "type": "string" + }, + "secretkey": { + "type": "string" + }, + "storageclass": { + "type": "string" + } + } + }, + "tlsConfiguration": { + "type": "object", + "properties": { + "ca_certificates": { + "type": "array", + "items": { + "type": "string" + } + }, + "console": { + "type": "object", + "$ref": "#/definitions/keyPairConfiguration" + }, + "console_ca_certificates": { + "type": "array", + "items": { + "type": "string" + } + }, + "minio": { + "type": "array", + "items": { + "$ref": "#/definitions/keyPairConfiguration" + } + } + } + }, + "transitionResponse": { + "type": "object", + "properties": { + "date": { + "type": "string" + }, + "days": { + "type": "integer", + "format": "int64" + }, + "storage_class": { + "type": "string" + } + } + }, + "updateBucketLifecycle": { + "type": "object", + "properties": { + "disable": { + "type": "boolean" + }, + "tags": { + "type": "string" + } + } + }, + "updateGroupRequest": { + "type": "object", + "required": [ + "members", + "status" + ], + "properties": { + "members": { + "type": "array", + "items": { + "type": "string" + } + }, + "status": { + "type": "string" + } + } + }, + "updateTenantRequest": { + "type": "object", + "properties": { + "console_image": { + "type": "string", + "pattern": "^((.*?)/(.*?):(.+))$" + }, + "enable_prometheus": { + "type": "boolean" + }, + "image": { + "type": "string", + "pattern": "^((.*?)/(.*?):(.+))$" + }, + "image_pull_secret": { + "type": "string" + }, + "image_registry": { + "$ref": "#/definitions/imageRegistry" + } + } + }, + "updateTenantSecurityRequest": { + "type": "object", + "properties": { + "autoCert": { + "type": "boolean" + }, + "customCertificates": { + "type": "object", + "properties": { + "console": { + "type": "array", + "items": { + "$ref": "#/definitions/keyPairConfiguration" + } + }, + "consoleCAs": { + "type": "array", + "items": { + "type": "string" + } + }, + "minio": { + "type": "array", + "items": { + "$ref": "#/definitions/keyPairConfiguration" + } + }, + "minioCAs": { + "type": "array", + "items": { + "type": "string" + } + }, + "secretsToBeDeleted": { + "type": "array", + "items": { + "type": "string" + } + } + } + } + } + }, + "updateUser": { + "type": "object", + "required": [ + "status", + "groups" + ], + "properties": { + "groups": { + "type": "array", + "items": { + "type": "string" + } + }, + "status": { + "type": "string" + } + } + }, + "updateUserGroups": { + "type": "object", + "required": [ + "groups" + ], + "properties": { + "groups": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "user": { + "type": "object", + "properties": { + "accessKey": { + "type": "string" + }, + "memberOf": { + "type": "array", + "items": { + "type": "string" + } + }, + "policy": { + "type": "array", + "items": { + "type": "string" + } + }, + "status": { + "type": "string" + } + } + }, + "vaultConfiguration": { + "type": "object", + "required": [ + "endpoint", + "approle" + ], + "properties": { + "approle": { + "type": "object", + "required": [ + "id", + "secret" + ], + "properties": { + "engine": { + "type": "string" + }, + "id": { + "type": "string" + }, + "retry": { + "type": "integer", + "format": "int64" + }, + "secret": { + "type": "string" + } + } + }, + "endpoint": { + "type": "string" + }, + "engine": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "prefix": { + "type": "string" + }, + "status": { + "type": "object", + "properties": { + "ping": { + "type": "integer", + "format": "int64" + } + } + }, + "tls": { + "type": "object", + "properties": { + "ca": { + "type": "string" + }, + "crt": { + "type": "string" + }, + "key": { + "type": "string" + } + } + } + } + }, + "widget": { + "type": "object", + "properties": { + "id": { + "type": "integer", + "format": "int32" + }, + "options": { + "type": "object", + "properties": { + "reduceOptions": { + "type": "object", + "properties": { + "calcs": { + "type": "array", + "items": { + "type": "string" + } + } + } + } + } + }, + "targets": { + "type": "array", + "items": { + "$ref": "#/definitions/resultTarget" + } + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + } + } + }, + "widgetDetails": { + "type": "object", + "properties": { + "id": { + "type": "integer", + "format": "int32" + }, + "options": { + "type": "object", + "properties": { + "reduceOptions": { + "type": "object", + "properties": { + "calcs": { + "type": "array", + "items": { + "type": "string" + } + } + } + } + } + }, + "targets": { + "type": "array", + "items": { + "$ref": "#/definitions/resultTarget" + } + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + } + } + }, + "widgetResult": { + "type": "object", + "properties": { + "metric": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "values": { + "type": "array", + "items": {} + } + } + } + }, + "securityDefinitions": { + "key": { + "type": "oauth2", + "flow": "accessCode", + "authorizationUrl": "http://min.io", + "tokenUrl": "http://min.io" + } + }, + "security": [ + { + "key": [] + } + ] +}`)) +} diff --git a/operatorapi/error.go b/operatorapi/error.go new file mode 100644 index 000000000..832665c41 --- /dev/null +++ b/operatorapi/error.go @@ -0,0 +1,184 @@ +package operatorapi + +import ( + "errors" + "runtime" + "strings" + + "github.com/go-openapi/swag" + "github.com/minio/console/models" + "github.com/minio/madmin-go" + k8sErrors "k8s.io/apimachinery/pkg/api/errors" +) + +var ( + // Generic error messages + errorGeneric = errors.New("an error occurred, please try again") + errInvalidCredentials = errors.New("invalid Login") + errorGenericInvalidSession = errors.New("invalid session") + errorGenericUnauthorized = errors.New("unauthorized") + errorGenericForbidden = errors.New("forbidden") + // ErrorGenericNotFound Generic error for not found + ErrorGenericNotFound = errors.New("not found") + // Explicit error messages + errorInvalidErasureCodingValue = errors.New("invalid Erasure Coding Value") + errorUnableToGetTenantUsage = errors.New("unable to get tenant usage") + errorUnableToUpdateTenantCertificates = errors.New("unable to update tenant certificates") + errorUpdatingEncryptionConfig = errors.New("unable to update encryption configuration") + errBucketBodyNotInRequest = errors.New("error bucket body not in request") + errBucketNameNotInRequest = errors.New("error bucket name not in request") + errGroupBodyNotInRequest = errors.New("error group body not in request") + errGroupNameNotInRequest = errors.New("error group name not in request") + errPolicyNameNotInRequest = errors.New("error policy name not in request") + errPolicyBodyNotInRequest = errors.New("error policy body not in request") + errSSENotConfigured = errors.New("error server side encryption configuration not found") + errBucketLifeCycleNotConfigured = errors.New("error bucket life cycle configuration not found") + errChangePassword = errors.New("error please check your current password") + errInvalidLicense = errors.New("invalid license key") + errLicenseNotFound = errors.New("license not found") + errAvoidSelfAccountDelete = errors.New("logged in user cannot be deleted by itself") + errAccessDenied = errors.New("access denied") +) + +// PrepareError receives an error object and parse it against k8sErrors, returns the right error code paired with a generic error message +func PrepareError(err ...error) *models.Error { + errorCode := int32(500) + errorMessage := errorGeneric.Error() + if len(err) > 0 { + frame := getFrame(2) + fileParts := strings.Split(frame.File, "/") + LogError("original error -> (%s:%d: %v)", fileParts[len(fileParts)-1], frame.Line, err[0]) + if k8sErrors.IsUnauthorized(err[0]) { + errorCode = 401 + errorMessage = errorGenericUnauthorized.Error() + } + if k8sErrors.IsForbidden(err[0]) { + errorCode = 403 + errorMessage = errorGenericForbidden.Error() + } + if k8sErrors.IsNotFound(err[0]) { + errorCode = 404 + errorMessage = ErrorGenericNotFound.Error() + } + if err[0] == ErrorGenericNotFound { + errorCode = 404 + errorMessage = ErrorGenericNotFound.Error() + } + if errors.Is(err[0], errInvalidCredentials) { + errorCode = 401 + errorMessage = errInvalidCredentials.Error() + } + // console invalid erasure coding value + if errors.Is(err[0], errorInvalidErasureCodingValue) { + errorCode = 400 + errorMessage = errorInvalidErasureCodingValue.Error() + } + if errors.Is(err[0], errBucketBodyNotInRequest) { + errorCode = 400 + errorMessage = errBucketBodyNotInRequest.Error() + } + if errors.Is(err[0], errBucketNameNotInRequest) { + errorCode = 400 + errorMessage = errBucketNameNotInRequest.Error() + } + if errors.Is(err[0], errGroupBodyNotInRequest) { + errorCode = 400 + errorMessage = errGroupBodyNotInRequest.Error() + } + if errors.Is(err[0], errGroupNameNotInRequest) { + errorCode = 400 + errorMessage = errGroupNameNotInRequest.Error() + } + if errors.Is(err[0], errPolicyNameNotInRequest) { + errorCode = 400 + errorMessage = errPolicyNameNotInRequest.Error() + } + if errors.Is(err[0], errPolicyBodyNotInRequest) { + errorCode = 400 + errorMessage = errPolicyBodyNotInRequest.Error() + } + // console invalid session error + if errors.Is(err[0], errorGenericInvalidSession) { + errorCode = 401 + errorMessage = errorGenericInvalidSession.Error() + } + // Bucket life cycle not configured + if errors.Is(err[0], errBucketLifeCycleNotConfigured) { + errorCode = 404 + errorMessage = errBucketLifeCycleNotConfigured.Error() + } + // Encryption not configured + if errors.Is(err[0], errSSENotConfigured) { + errorCode = 404 + errorMessage = errSSENotConfigured.Error() + } + // account change password + if madmin.ToErrorResponse(err[0]).Code == "SignatureDoesNotMatch" { + errorCode = 403 + errorMessage = errChangePassword.Error() + } + if errors.Is(err[0], errLicenseNotFound) { + errorCode = 404 + errorMessage = errLicenseNotFound.Error() + } + if errors.Is(err[0], errInvalidLicense) { + errorCode = 404 + errorMessage = errInvalidLicense.Error() + } + if errors.Is(err[0], errAvoidSelfAccountDelete) { + errorCode = 403 + errorMessage = errAvoidSelfAccountDelete.Error() + } + if madmin.ToErrorResponse(err[0]).Code == "AccessDenied" { + errorCode = 403 + errorMessage = errAccessDenied.Error() + } + if madmin.ToErrorResponse(err[0]).Code == "InvalidAccessKeyId" { + errorCode = 401 + errorMessage = errorGenericInvalidSession.Error() + } + // console invalid session error + if madmin.ToErrorResponse(err[0]).Code == "XMinioAdminNoSuchUser" { + errorCode = 401 + errorMessage = errorGenericInvalidSession.Error() + } + // if we received a second error take that as friendly message but dont override the code + if len(err) > 1 && err[1] != nil { + LogError("friendly error: %v", err[1].Error()) + errorMessage = err[1].Error() + } + // if we receive third error we just print that as debugging + if len(err) > 2 && err[2] != nil { + LogError("debugging error: %v", err[2].Error()) + } + + errRemoteTierExists := errors.New("Specified remote tier already exists") //nolint + if errors.Is(err[0], errRemoteTierExists) { + errorMessage = err[0].Error() + } + } + return &models.Error{Code: errorCode, Message: swag.String(errorMessage)} +} + +func getFrame(skipFrames int) runtime.Frame { + // We need the frame at index skipFrames+2, since we never want runtime.Callers and getFrame + targetFrameIndex := skipFrames + 2 + + // Set size to targetFrameIndex+2 to ensure we have room for one more caller than we need + programCounters := make([]uintptr, targetFrameIndex+2) + n := runtime.Callers(0, programCounters) + + frame := runtime.Frame{Function: "unknown"} + if n > 0 { + frames := runtime.CallersFrames(programCounters[:n]) + for more, frameIndex := true, 0; more && frameIndex <= targetFrameIndex; frameIndex++ { + var frameCandidate runtime.Frame + frameCandidate, more = frames.Next() + if frameIndex == targetFrameIndex { + frame = frameCandidate + } + } + } + + return frame +} diff --git a/restapi/integrations.go b/operatorapi/integrations.go similarity index 99% rename from restapi/integrations.go rename to operatorapi/integrations.go index bf61effd2..d88cc29f4 100644 --- a/restapi/integrations.go +++ b/operatorapi/integrations.go @@ -14,7 +14,7 @@ // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . -package restapi +package operatorapi import ( "context" diff --git a/restapi/k8s_client.go b/operatorapi/k8s_client.go similarity index 99% rename from restapi/k8s_client.go rename to operatorapi/k8s_client.go index c6023a526..d89cce979 100644 --- a/restapi/k8s_client.go +++ b/operatorapi/k8s_client.go @@ -14,7 +14,7 @@ // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . -package restapi +package operatorapi import ( "context" diff --git a/operatorapi/logs.go b/operatorapi/logs.go new file mode 100644 index 000000000..9a886d6ec --- /dev/null +++ b/operatorapi/logs.go @@ -0,0 +1,76 @@ +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package operatorapi + +import ( + "errors" + "log" + "os" + + "github.com/minio/cli" +) + +var infoLog = log.New(os.Stdout, "I: ", log.LstdFlags) +var errorLog = log.New(os.Stdout, "E: ", log.LstdFlags) + +func logInfo(msg string, data ...interface{}) { + infoLog.Printf(msg+"\n", data...) +} + +func logError(msg string, data ...interface{}) { + errorLog.Printf(msg+"\n", data...) +} + +// globally changeable logger styles +var ( + LogInfo = logInfo + LogError = logError +) + +// Context captures all command line flags values +type Context struct { + Host string + HTTPPort, HTTPSPort int + TLSRedirect string + // Legacy options, TODO: remove in future + TLSCertificate, TLSKey, TLSca string +} + +// Load loads restapi Context from command line context. +func (c *Context) Load(ctx *cli.Context) error { + *c = Context{ + Host: ctx.String("host"), + HTTPPort: ctx.Int("port"), + HTTPSPort: ctx.Int("tls-port"), + TLSRedirect: ctx.String("tls-redirect"), + // Legacy options to be removed. + TLSCertificate: ctx.String("tls-certificate"), + TLSKey: ctx.String("tls-key"), + TLSca: ctx.String("tls-ca"), + } + if c.HTTPPort > 65535 { + return errors.New("invalid argument --port out of range - ports can range from 1-65535") + } + if c.HTTPSPort > 65535 { + return errors.New("invalid argument --tls-port out of range - ports can range from 1-65535") + } + if c.TLSRedirect != "on" && c.TLSRedirect != "off" { + return errors.New("invalid argument --tls-redirect only accepts either 'on' or 'off'") + } + return nil +} diff --git a/restapi/minio_operator_mock.go b/operatorapi/minio_operator_mock.go similarity index 97% rename from restapi/minio_operator_mock.go rename to operatorapi/minio_operator_mock.go index 14d45ef86..3ef987f8f 100644 --- a/restapi/minio_operator_mock.go +++ b/operatorapi/minio_operator_mock.go @@ -14,7 +14,7 @@ // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . -package restapi +package operatorapi type opClientMock struct{} type httpClientMock struct{} diff --git a/operatorapi/operations/operator_api.go b/operatorapi/operations/operator_api.go new file mode 100644 index 000000000..9a90b3b32 --- /dev/null +++ b/operatorapi/operations/operator_api.go @@ -0,0 +1,793 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package operations + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "fmt" + "net/http" + "strings" + + "github.com/go-openapi/errors" + "github.com/go-openapi/loads" + "github.com/go-openapi/runtime" + "github.com/go-openapi/runtime/middleware" + "github.com/go-openapi/runtime/security" + "github.com/go-openapi/spec" + "github.com/go-openapi/strfmt" + "github.com/go-openapi/swag" + + "github.com/minio/console/models" + "github.com/minio/console/operatorapi/operations/operator_api" + "github.com/minio/console/operatorapi/operations/user_api" +) + +// NewOperatorAPI creates a new Operator instance +func NewOperatorAPI(spec *loads.Document) *OperatorAPI { + return &OperatorAPI{ + handlers: make(map[string]map[string]http.Handler), + formats: strfmt.Default, + defaultConsumes: "application/json", + defaultProduces: "application/json", + customConsumers: make(map[string]runtime.Consumer), + customProducers: make(map[string]runtime.Producer), + PreServerShutdown: func() {}, + ServerShutdown: func() {}, + spec: spec, + useSwaggerUI: false, + ServeError: errors.ServeError, + BasicAuthenticator: security.BasicAuth, + APIKeyAuthenticator: security.APIKeyAuth, + BearerAuthenticator: security.BearerAuth, + + JSONConsumer: runtime.JSONConsumer(), + + JSONProducer: runtime.JSONProducer(), + + OperatorAPICreateNamespaceHandler: operator_api.CreateNamespaceHandlerFunc(func(params operator_api.CreateNamespaceParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.CreateNamespace has not yet been implemented") + }), + OperatorAPICreateTenantHandler: operator_api.CreateTenantHandlerFunc(func(params operator_api.CreateTenantParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.CreateTenant has not yet been implemented") + }), + OperatorAPIDeletePodHandler: operator_api.DeletePodHandlerFunc(func(params operator_api.DeletePodParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.DeletePod has not yet been implemented") + }), + OperatorAPIDeleteTenantHandler: operator_api.DeleteTenantHandlerFunc(func(params operator_api.DeleteTenantParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.DeleteTenant has not yet been implemented") + }), + OperatorAPIDirectCSIFormatDriveHandler: operator_api.DirectCSIFormatDriveHandlerFunc(func(params operator_api.DirectCSIFormatDriveParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.DirectCSIFormatDrive has not yet been implemented") + }), + OperatorAPIGetDirectCSIDriveListHandler: operator_api.GetDirectCSIDriveListHandlerFunc(func(params operator_api.GetDirectCSIDriveListParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.GetDirectCSIDriveList has not yet been implemented") + }), + OperatorAPIGetDirectCSIVolumeListHandler: operator_api.GetDirectCSIVolumeListHandlerFunc(func(params operator_api.GetDirectCSIVolumeListParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.GetDirectCSIVolumeList has not yet been implemented") + }), + OperatorAPIGetMaxAllocatableMemHandler: operator_api.GetMaxAllocatableMemHandlerFunc(func(params operator_api.GetMaxAllocatableMemParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.GetMaxAllocatableMem has not yet been implemented") + }), + OperatorAPIGetParityHandler: operator_api.GetParityHandlerFunc(func(params operator_api.GetParityParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.GetParity has not yet been implemented") + }), + OperatorAPIGetPodEventsHandler: operator_api.GetPodEventsHandlerFunc(func(params operator_api.GetPodEventsParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.GetPodEvents has not yet been implemented") + }), + OperatorAPIGetPodLogsHandler: operator_api.GetPodLogsHandlerFunc(func(params operator_api.GetPodLogsParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.GetPodLogs has not yet been implemented") + }), + OperatorAPIGetResourceQuotaHandler: operator_api.GetResourceQuotaHandlerFunc(func(params operator_api.GetResourceQuotaParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.GetResourceQuota has not yet been implemented") + }), + OperatorAPIGetTenantPodsHandler: operator_api.GetTenantPodsHandlerFunc(func(params operator_api.GetTenantPodsParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.GetTenantPods has not yet been implemented") + }), + OperatorAPIGetTenantUsageHandler: operator_api.GetTenantUsageHandlerFunc(func(params operator_api.GetTenantUsageParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.GetTenantUsage has not yet been implemented") + }), + OperatorAPIGetTenantYAMLHandler: operator_api.GetTenantYAMLHandlerFunc(func(params operator_api.GetTenantYAMLParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.GetTenantYAML has not yet been implemented") + }), + OperatorAPIListAllTenantsHandler: operator_api.ListAllTenantsHandlerFunc(func(params operator_api.ListAllTenantsParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.ListAllTenants has not yet been implemented") + }), + OperatorAPIListNodeLabelsHandler: operator_api.ListNodeLabelsHandlerFunc(func(params operator_api.ListNodeLabelsParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.ListNodeLabels has not yet been implemented") + }), + OperatorAPIListPVCsHandler: operator_api.ListPVCsHandlerFunc(func(params operator_api.ListPVCsParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.ListPVCs has not yet been implemented") + }), + OperatorAPIListTenantsHandler: operator_api.ListTenantsHandlerFunc(func(params operator_api.ListTenantsParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.ListTenants has not yet been implemented") + }), + UserAPILoginHandler: user_api.LoginHandlerFunc(func(params user_api.LoginParams) middleware.Responder { + return middleware.NotImplemented("operation user_api.Login has not yet been implemented") + }), + UserAPILoginDetailHandler: user_api.LoginDetailHandlerFunc(func(params user_api.LoginDetailParams) middleware.Responder { + return middleware.NotImplemented("operation user_api.LoginDetail has not yet been implemented") + }), + UserAPILoginOauth2AuthHandler: user_api.LoginOauth2AuthHandlerFunc(func(params user_api.LoginOauth2AuthParams) middleware.Responder { + return middleware.NotImplemented("operation user_api.LoginOauth2Auth has not yet been implemented") + }), + UserAPILoginOperatorHandler: user_api.LoginOperatorHandlerFunc(func(params user_api.LoginOperatorParams) middleware.Responder { + return middleware.NotImplemented("operation user_api.LoginOperator has not yet been implemented") + }), + UserAPILogoutHandler: user_api.LogoutHandlerFunc(func(params user_api.LogoutParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation user_api.Logout has not yet been implemented") + }), + OperatorAPIPutTenantYAMLHandler: operator_api.PutTenantYAMLHandlerFunc(func(params operator_api.PutTenantYAMLParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.PutTenantYAML has not yet been implemented") + }), + UserAPISessionCheckHandler: user_api.SessionCheckHandlerFunc(func(params user_api.SessionCheckParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation user_api.SessionCheck has not yet been implemented") + }), + OperatorAPISubscriptionActivateHandler: operator_api.SubscriptionActivateHandlerFunc(func(params operator_api.SubscriptionActivateParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.SubscriptionActivate has not yet been implemented") + }), + OperatorAPISubscriptionInfoHandler: operator_api.SubscriptionInfoHandlerFunc(func(params operator_api.SubscriptionInfoParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.SubscriptionInfo has not yet been implemented") + }), + OperatorAPISubscriptionRefreshHandler: operator_api.SubscriptionRefreshHandlerFunc(func(params operator_api.SubscriptionRefreshParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.SubscriptionRefresh has not yet been implemented") + }), + OperatorAPISubscriptionValidateHandler: operator_api.SubscriptionValidateHandlerFunc(func(params operator_api.SubscriptionValidateParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.SubscriptionValidate has not yet been implemented") + }), + OperatorAPITenantAddPoolHandler: operator_api.TenantAddPoolHandlerFunc(func(params operator_api.TenantAddPoolParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.TenantAddPool has not yet been implemented") + }), + OperatorAPITenantDetailsHandler: operator_api.TenantDetailsHandlerFunc(func(params operator_api.TenantDetailsParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.TenantDetails has not yet been implemented") + }), + OperatorAPITenantSecurityHandler: operator_api.TenantSecurityHandlerFunc(func(params operator_api.TenantSecurityParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.TenantSecurity has not yet been implemented") + }), + OperatorAPITenantUpdateCertificateHandler: operator_api.TenantUpdateCertificateHandlerFunc(func(params operator_api.TenantUpdateCertificateParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.TenantUpdateCertificate has not yet been implemented") + }), + OperatorAPITenantUpdateEncryptionHandler: operator_api.TenantUpdateEncryptionHandlerFunc(func(params operator_api.TenantUpdateEncryptionParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.TenantUpdateEncryption has not yet been implemented") + }), + OperatorAPITenantUpdatePoolsHandler: operator_api.TenantUpdatePoolsHandlerFunc(func(params operator_api.TenantUpdatePoolsParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.TenantUpdatePools has not yet been implemented") + }), + OperatorAPIUpdateTenantHandler: operator_api.UpdateTenantHandlerFunc(func(params operator_api.UpdateTenantParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.UpdateTenant has not yet been implemented") + }), + OperatorAPIUpdateTenantSecurityHandler: operator_api.UpdateTenantSecurityHandlerFunc(func(params operator_api.UpdateTenantSecurityParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation operator_api.UpdateTenantSecurity has not yet been implemented") + }), + + KeyAuth: func(token string, scopes []string) (*models.Principal, error) { + return nil, errors.NotImplemented("oauth2 bearer auth (key) has not yet been implemented") + }, + // default authorizer is authorized meaning no requests are blocked + APIAuthorizer: security.Authorized(), + } +} + +/*OperatorAPI the operator API */ +type OperatorAPI struct { + spec *loads.Document + context *middleware.Context + handlers map[string]map[string]http.Handler + formats strfmt.Registry + customConsumers map[string]runtime.Consumer + customProducers map[string]runtime.Producer + defaultConsumes string + defaultProduces string + Middleware func(middleware.Builder) http.Handler + useSwaggerUI bool + + // BasicAuthenticator generates a runtime.Authenticator from the supplied basic auth function. + // It has a default implementation in the security package, however you can replace it for your particular usage. + BasicAuthenticator func(security.UserPassAuthentication) runtime.Authenticator + + // APIKeyAuthenticator generates a runtime.Authenticator from the supplied token auth function. + // It has a default implementation in the security package, however you can replace it for your particular usage. + APIKeyAuthenticator func(string, string, security.TokenAuthentication) runtime.Authenticator + + // BearerAuthenticator generates a runtime.Authenticator from the supplied bearer token auth function. + // It has a default implementation in the security package, however you can replace it for your particular usage. + BearerAuthenticator func(string, security.ScopedTokenAuthentication) runtime.Authenticator + + // JSONConsumer registers a consumer for the following mime types: + // - application/json + JSONConsumer runtime.Consumer + + // JSONProducer registers a producer for the following mime types: + // - application/json + JSONProducer runtime.Producer + + // KeyAuth registers a function that takes an access token and a collection of required scopes and returns a principal + // it performs authentication based on an oauth2 bearer token provided in the request + KeyAuth func(string, []string) (*models.Principal, error) + + // APIAuthorizer provides access control (ACL/RBAC/ABAC) by providing access to the request and authenticated principal + APIAuthorizer runtime.Authorizer + + // OperatorAPICreateNamespaceHandler sets the operation handler for the create namespace operation + OperatorAPICreateNamespaceHandler operator_api.CreateNamespaceHandler + // OperatorAPICreateTenantHandler sets the operation handler for the create tenant operation + OperatorAPICreateTenantHandler operator_api.CreateTenantHandler + // OperatorAPIDeletePodHandler sets the operation handler for the delete pod operation + OperatorAPIDeletePodHandler operator_api.DeletePodHandler + // OperatorAPIDeleteTenantHandler sets the operation handler for the delete tenant operation + OperatorAPIDeleteTenantHandler operator_api.DeleteTenantHandler + // OperatorAPIDirectCSIFormatDriveHandler sets the operation handler for the direct c s i format drive operation + OperatorAPIDirectCSIFormatDriveHandler operator_api.DirectCSIFormatDriveHandler + // OperatorAPIGetDirectCSIDriveListHandler sets the operation handler for the get direct c s i drive list operation + OperatorAPIGetDirectCSIDriveListHandler operator_api.GetDirectCSIDriveListHandler + // OperatorAPIGetDirectCSIVolumeListHandler sets the operation handler for the get direct c s i volume list operation + OperatorAPIGetDirectCSIVolumeListHandler operator_api.GetDirectCSIVolumeListHandler + // OperatorAPIGetMaxAllocatableMemHandler sets the operation handler for the get max allocatable mem operation + OperatorAPIGetMaxAllocatableMemHandler operator_api.GetMaxAllocatableMemHandler + // OperatorAPIGetParityHandler sets the operation handler for the get parity operation + OperatorAPIGetParityHandler operator_api.GetParityHandler + // OperatorAPIGetPodEventsHandler sets the operation handler for the get pod events operation + OperatorAPIGetPodEventsHandler operator_api.GetPodEventsHandler + // OperatorAPIGetPodLogsHandler sets the operation handler for the get pod logs operation + OperatorAPIGetPodLogsHandler operator_api.GetPodLogsHandler + // OperatorAPIGetResourceQuotaHandler sets the operation handler for the get resource quota operation + OperatorAPIGetResourceQuotaHandler operator_api.GetResourceQuotaHandler + // OperatorAPIGetTenantPodsHandler sets the operation handler for the get tenant pods operation + OperatorAPIGetTenantPodsHandler operator_api.GetTenantPodsHandler + // OperatorAPIGetTenantUsageHandler sets the operation handler for the get tenant usage operation + OperatorAPIGetTenantUsageHandler operator_api.GetTenantUsageHandler + // OperatorAPIGetTenantYAMLHandler sets the operation handler for the get tenant y a m l operation + OperatorAPIGetTenantYAMLHandler operator_api.GetTenantYAMLHandler + // OperatorAPIListAllTenantsHandler sets the operation handler for the list all tenants operation + OperatorAPIListAllTenantsHandler operator_api.ListAllTenantsHandler + // OperatorAPIListNodeLabelsHandler sets the operation handler for the list node labels operation + OperatorAPIListNodeLabelsHandler operator_api.ListNodeLabelsHandler + // OperatorAPIListPVCsHandler sets the operation handler for the list p v cs operation + OperatorAPIListPVCsHandler operator_api.ListPVCsHandler + // OperatorAPIListTenantsHandler sets the operation handler for the list tenants operation + OperatorAPIListTenantsHandler operator_api.ListTenantsHandler + // UserAPILoginHandler sets the operation handler for the login operation + UserAPILoginHandler user_api.LoginHandler + // UserAPILoginDetailHandler sets the operation handler for the login detail operation + UserAPILoginDetailHandler user_api.LoginDetailHandler + // UserAPILoginOauth2AuthHandler sets the operation handler for the login oauth2 auth operation + UserAPILoginOauth2AuthHandler user_api.LoginOauth2AuthHandler + // UserAPILoginOperatorHandler sets the operation handler for the login operator operation + UserAPILoginOperatorHandler user_api.LoginOperatorHandler + // UserAPILogoutHandler sets the operation handler for the logout operation + UserAPILogoutHandler user_api.LogoutHandler + // OperatorAPIPutTenantYAMLHandler sets the operation handler for the put tenant y a m l operation + OperatorAPIPutTenantYAMLHandler operator_api.PutTenantYAMLHandler + // UserAPISessionCheckHandler sets the operation handler for the session check operation + UserAPISessionCheckHandler user_api.SessionCheckHandler + // OperatorAPISubscriptionActivateHandler sets the operation handler for the subscription activate operation + OperatorAPISubscriptionActivateHandler operator_api.SubscriptionActivateHandler + // OperatorAPISubscriptionInfoHandler sets the operation handler for the subscription info operation + OperatorAPISubscriptionInfoHandler operator_api.SubscriptionInfoHandler + // OperatorAPISubscriptionRefreshHandler sets the operation handler for the subscription refresh operation + OperatorAPISubscriptionRefreshHandler operator_api.SubscriptionRefreshHandler + // OperatorAPISubscriptionValidateHandler sets the operation handler for the subscription validate operation + OperatorAPISubscriptionValidateHandler operator_api.SubscriptionValidateHandler + // OperatorAPITenantAddPoolHandler sets the operation handler for the tenant add pool operation + OperatorAPITenantAddPoolHandler operator_api.TenantAddPoolHandler + // OperatorAPITenantDetailsHandler sets the operation handler for the tenant details operation + OperatorAPITenantDetailsHandler operator_api.TenantDetailsHandler + // OperatorAPITenantSecurityHandler sets the operation handler for the tenant security operation + OperatorAPITenantSecurityHandler operator_api.TenantSecurityHandler + // OperatorAPITenantUpdateCertificateHandler sets the operation handler for the tenant update certificate operation + OperatorAPITenantUpdateCertificateHandler operator_api.TenantUpdateCertificateHandler + // OperatorAPITenantUpdateEncryptionHandler sets the operation handler for the tenant update encryption operation + OperatorAPITenantUpdateEncryptionHandler operator_api.TenantUpdateEncryptionHandler + // OperatorAPITenantUpdatePoolsHandler sets the operation handler for the tenant update pools operation + OperatorAPITenantUpdatePoolsHandler operator_api.TenantUpdatePoolsHandler + // OperatorAPIUpdateTenantHandler sets the operation handler for the update tenant operation + OperatorAPIUpdateTenantHandler operator_api.UpdateTenantHandler + // OperatorAPIUpdateTenantSecurityHandler sets the operation handler for the update tenant security operation + OperatorAPIUpdateTenantSecurityHandler operator_api.UpdateTenantSecurityHandler + + // ServeError is called when an error is received, there is a default handler + // but you can set your own with this + ServeError func(http.ResponseWriter, *http.Request, error) + + // PreServerShutdown is called before the HTTP(S) server is shutdown + // This allows for custom functions to get executed before the HTTP(S) server stops accepting traffic + PreServerShutdown func() + + // ServerShutdown is called when the HTTP(S) server is shut down and done + // handling all active connections and does not accept connections any more + ServerShutdown func() + + // Custom command line argument groups with their descriptions + CommandLineOptionsGroups []swag.CommandLineOptionsGroup + + // User defined logger function. + Logger func(string, ...interface{}) +} + +// UseRedoc for documentation at /docs +func (o *OperatorAPI) UseRedoc() { + o.useSwaggerUI = false +} + +// UseSwaggerUI for documentation at /docs +func (o *OperatorAPI) UseSwaggerUI() { + o.useSwaggerUI = true +} + +// SetDefaultProduces sets the default produces media type +func (o *OperatorAPI) SetDefaultProduces(mediaType string) { + o.defaultProduces = mediaType +} + +// SetDefaultConsumes returns the default consumes media type +func (o *OperatorAPI) SetDefaultConsumes(mediaType string) { + o.defaultConsumes = mediaType +} + +// SetSpec sets a spec that will be served for the clients. +func (o *OperatorAPI) SetSpec(spec *loads.Document) { + o.spec = spec +} + +// DefaultProduces returns the default produces media type +func (o *OperatorAPI) DefaultProduces() string { + return o.defaultProduces +} + +// DefaultConsumes returns the default consumes media type +func (o *OperatorAPI) DefaultConsumes() string { + return o.defaultConsumes +} + +// Formats returns the registered string formats +func (o *OperatorAPI) Formats() strfmt.Registry { + return o.formats +} + +// RegisterFormat registers a custom format validator +func (o *OperatorAPI) RegisterFormat(name string, format strfmt.Format, validator strfmt.Validator) { + o.formats.Add(name, format, validator) +} + +// Validate validates the registrations in the OperatorAPI +func (o *OperatorAPI) Validate() error { + var unregistered []string + + if o.JSONConsumer == nil { + unregistered = append(unregistered, "JSONConsumer") + } + + if o.JSONProducer == nil { + unregistered = append(unregistered, "JSONProducer") + } + + if o.KeyAuth == nil { + unregistered = append(unregistered, "KeyAuth") + } + + if o.OperatorAPICreateNamespaceHandler == nil { + unregistered = append(unregistered, "operator_api.CreateNamespaceHandler") + } + if o.OperatorAPICreateTenantHandler == nil { + unregistered = append(unregistered, "operator_api.CreateTenantHandler") + } + if o.OperatorAPIDeletePodHandler == nil { + unregistered = append(unregistered, "operator_api.DeletePodHandler") + } + if o.OperatorAPIDeleteTenantHandler == nil { + unregistered = append(unregistered, "operator_api.DeleteTenantHandler") + } + if o.OperatorAPIDirectCSIFormatDriveHandler == nil { + unregistered = append(unregistered, "operator_api.DirectCSIFormatDriveHandler") + } + if o.OperatorAPIGetDirectCSIDriveListHandler == nil { + unregistered = append(unregistered, "operator_api.GetDirectCSIDriveListHandler") + } + if o.OperatorAPIGetDirectCSIVolumeListHandler == nil { + unregistered = append(unregistered, "operator_api.GetDirectCSIVolumeListHandler") + } + if o.OperatorAPIGetMaxAllocatableMemHandler == nil { + unregistered = append(unregistered, "operator_api.GetMaxAllocatableMemHandler") + } + if o.OperatorAPIGetParityHandler == nil { + unregistered = append(unregistered, "operator_api.GetParityHandler") + } + if o.OperatorAPIGetPodEventsHandler == nil { + unregistered = append(unregistered, "operator_api.GetPodEventsHandler") + } + if o.OperatorAPIGetPodLogsHandler == nil { + unregistered = append(unregistered, "operator_api.GetPodLogsHandler") + } + if o.OperatorAPIGetResourceQuotaHandler == nil { + unregistered = append(unregistered, "operator_api.GetResourceQuotaHandler") + } + if o.OperatorAPIGetTenantPodsHandler == nil { + unregistered = append(unregistered, "operator_api.GetTenantPodsHandler") + } + if o.OperatorAPIGetTenantUsageHandler == nil { + unregistered = append(unregistered, "operator_api.GetTenantUsageHandler") + } + if o.OperatorAPIGetTenantYAMLHandler == nil { + unregistered = append(unregistered, "operator_api.GetTenantYAMLHandler") + } + if o.OperatorAPIListAllTenantsHandler == nil { + unregistered = append(unregistered, "operator_api.ListAllTenantsHandler") + } + if o.OperatorAPIListNodeLabelsHandler == nil { + unregistered = append(unregistered, "operator_api.ListNodeLabelsHandler") + } + if o.OperatorAPIListPVCsHandler == nil { + unregistered = append(unregistered, "operator_api.ListPVCsHandler") + } + if o.OperatorAPIListTenantsHandler == nil { + unregistered = append(unregistered, "operator_api.ListTenantsHandler") + } + if o.UserAPILoginHandler == nil { + unregistered = append(unregistered, "user_api.LoginHandler") + } + if o.UserAPILoginDetailHandler == nil { + unregistered = append(unregistered, "user_api.LoginDetailHandler") + } + if o.UserAPILoginOauth2AuthHandler == nil { + unregistered = append(unregistered, "user_api.LoginOauth2AuthHandler") + } + if o.UserAPILoginOperatorHandler == nil { + unregistered = append(unregistered, "user_api.LoginOperatorHandler") + } + if o.UserAPILogoutHandler == nil { + unregistered = append(unregistered, "user_api.LogoutHandler") + } + if o.OperatorAPIPutTenantYAMLHandler == nil { + unregistered = append(unregistered, "operator_api.PutTenantYAMLHandler") + } + if o.UserAPISessionCheckHandler == nil { + unregistered = append(unregistered, "user_api.SessionCheckHandler") + } + if o.OperatorAPISubscriptionActivateHandler == nil { + unregistered = append(unregistered, "operator_api.SubscriptionActivateHandler") + } + if o.OperatorAPISubscriptionInfoHandler == nil { + unregistered = append(unregistered, "operator_api.SubscriptionInfoHandler") + } + if o.OperatorAPISubscriptionRefreshHandler == nil { + unregistered = append(unregistered, "operator_api.SubscriptionRefreshHandler") + } + if o.OperatorAPISubscriptionValidateHandler == nil { + unregistered = append(unregistered, "operator_api.SubscriptionValidateHandler") + } + if o.OperatorAPITenantAddPoolHandler == nil { + unregistered = append(unregistered, "operator_api.TenantAddPoolHandler") + } + if o.OperatorAPITenantDetailsHandler == nil { + unregistered = append(unregistered, "operator_api.TenantDetailsHandler") + } + if o.OperatorAPITenantSecurityHandler == nil { + unregistered = append(unregistered, "operator_api.TenantSecurityHandler") + } + if o.OperatorAPITenantUpdateCertificateHandler == nil { + unregistered = append(unregistered, "operator_api.TenantUpdateCertificateHandler") + } + if o.OperatorAPITenantUpdateEncryptionHandler == nil { + unregistered = append(unregistered, "operator_api.TenantUpdateEncryptionHandler") + } + if o.OperatorAPITenantUpdatePoolsHandler == nil { + unregistered = append(unregistered, "operator_api.TenantUpdatePoolsHandler") + } + if o.OperatorAPIUpdateTenantHandler == nil { + unregistered = append(unregistered, "operator_api.UpdateTenantHandler") + } + if o.OperatorAPIUpdateTenantSecurityHandler == nil { + unregistered = append(unregistered, "operator_api.UpdateTenantSecurityHandler") + } + + if len(unregistered) > 0 { + return fmt.Errorf("missing registration: %s", strings.Join(unregistered, ", ")) + } + + return nil +} + +// ServeErrorFor gets a error handler for a given operation id +func (o *OperatorAPI) ServeErrorFor(operationID string) func(http.ResponseWriter, *http.Request, error) { + return o.ServeError +} + +// AuthenticatorsFor gets the authenticators for the specified security schemes +func (o *OperatorAPI) AuthenticatorsFor(schemes map[string]spec.SecurityScheme) map[string]runtime.Authenticator { + result := make(map[string]runtime.Authenticator) + for name := range schemes { + switch name { + case "key": + result[name] = o.BearerAuthenticator(name, func(token string, scopes []string) (interface{}, error) { + return o.KeyAuth(token, scopes) + }) + + } + } + return result +} + +// Authorizer returns the registered authorizer +func (o *OperatorAPI) Authorizer() runtime.Authorizer { + return o.APIAuthorizer +} + +// ConsumersFor gets the consumers for the specified media types. +// MIME type parameters are ignored here. +func (o *OperatorAPI) ConsumersFor(mediaTypes []string) map[string]runtime.Consumer { + result := make(map[string]runtime.Consumer, len(mediaTypes)) + for _, mt := range mediaTypes { + switch mt { + case "application/json": + result["application/json"] = o.JSONConsumer + } + + if c, ok := o.customConsumers[mt]; ok { + result[mt] = c + } + } + return result +} + +// ProducersFor gets the producers for the specified media types. +// MIME type parameters are ignored here. +func (o *OperatorAPI) ProducersFor(mediaTypes []string) map[string]runtime.Producer { + result := make(map[string]runtime.Producer, len(mediaTypes)) + for _, mt := range mediaTypes { + switch mt { + case "application/json": + result["application/json"] = o.JSONProducer + } + + if p, ok := o.customProducers[mt]; ok { + result[mt] = p + } + } + return result +} + +// HandlerFor gets a http.Handler for the provided operation method and path +func (o *OperatorAPI) HandlerFor(method, path string) (http.Handler, bool) { + if o.handlers == nil { + return nil, false + } + um := strings.ToUpper(method) + if _, ok := o.handlers[um]; !ok { + return nil, false + } + if path == "/" { + path = "" + } + h, ok := o.handlers[um][path] + return h, ok +} + +// Context returns the middleware context for the operator API +func (o *OperatorAPI) Context() *middleware.Context { + if o.context == nil { + o.context = middleware.NewRoutableContext(o.spec, o, nil) + } + + return o.context +} + +func (o *OperatorAPI) initHandlerCache() { + o.Context() // don't care about the result, just that the initialization happened + if o.handlers == nil { + o.handlers = make(map[string]map[string]http.Handler) + } + + if o.handlers["POST"] == nil { + o.handlers["POST"] = make(map[string]http.Handler) + } + o.handlers["POST"]["/namespace"] = operator_api.NewCreateNamespace(o.context, o.OperatorAPICreateNamespaceHandler) + if o.handlers["POST"] == nil { + o.handlers["POST"] = make(map[string]http.Handler) + } + o.handlers["POST"]["/tenants"] = operator_api.NewCreateTenant(o.context, o.OperatorAPICreateTenantHandler) + if o.handlers["DELETE"] == nil { + o.handlers["DELETE"] = make(map[string]http.Handler) + } + o.handlers["DELETE"]["/namespaces/{namespace}/tenants/{tenant}/pods/{podName}"] = operator_api.NewDeletePod(o.context, o.OperatorAPIDeletePodHandler) + if o.handlers["DELETE"] == nil { + o.handlers["DELETE"] = make(map[string]http.Handler) + } + o.handlers["DELETE"]["/namespaces/{namespace}/tenants/{tenant}"] = operator_api.NewDeleteTenant(o.context, o.OperatorAPIDeleteTenantHandler) + if o.handlers["POST"] == nil { + o.handlers["POST"] = make(map[string]http.Handler) + } + o.handlers["POST"]["/direct-csi/drives/format"] = operator_api.NewDirectCSIFormatDrive(o.context, o.OperatorAPIDirectCSIFormatDriveHandler) + if o.handlers["GET"] == nil { + o.handlers["GET"] = make(map[string]http.Handler) + } + o.handlers["GET"]["/direct-csi/drives"] = operator_api.NewGetDirectCSIDriveList(o.context, o.OperatorAPIGetDirectCSIDriveListHandler) + if o.handlers["GET"] == nil { + o.handlers["GET"] = make(map[string]http.Handler) + } + o.handlers["GET"]["/direct-csi/volumes"] = operator_api.NewGetDirectCSIVolumeList(o.context, o.OperatorAPIGetDirectCSIVolumeListHandler) + if o.handlers["GET"] == nil { + o.handlers["GET"] = make(map[string]http.Handler) + } + o.handlers["GET"]["/cluster/max-allocatable-memory"] = operator_api.NewGetMaxAllocatableMem(o.context, o.OperatorAPIGetMaxAllocatableMemHandler) + if o.handlers["GET"] == nil { + o.handlers["GET"] = make(map[string]http.Handler) + } + o.handlers["GET"]["/get-parity/{nodes}/{disksPerNode}"] = operator_api.NewGetParity(o.context, o.OperatorAPIGetParityHandler) + if o.handlers["GET"] == nil { + o.handlers["GET"] = make(map[string]http.Handler) + } + o.handlers["GET"]["/namespaces/{namespace}/tenants/{tenant}/pods/{podName}/events"] = operator_api.NewGetPodEvents(o.context, o.OperatorAPIGetPodEventsHandler) + if o.handlers["GET"] == nil { + o.handlers["GET"] = make(map[string]http.Handler) + } + o.handlers["GET"]["/namespaces/{namespace}/tenants/{tenant}/pods/{podName}"] = operator_api.NewGetPodLogs(o.context, o.OperatorAPIGetPodLogsHandler) + if o.handlers["GET"] == nil { + o.handlers["GET"] = make(map[string]http.Handler) + } + o.handlers["GET"]["/namespaces/{namespace}/resourcequotas/{resource-quota-name}"] = operator_api.NewGetResourceQuota(o.context, o.OperatorAPIGetResourceQuotaHandler) + if o.handlers["GET"] == nil { + o.handlers["GET"] = make(map[string]http.Handler) + } + o.handlers["GET"]["/namespaces/{namespace}/tenants/{tenant}/pods"] = operator_api.NewGetTenantPods(o.context, o.OperatorAPIGetTenantPodsHandler) + if o.handlers["GET"] == nil { + o.handlers["GET"] = make(map[string]http.Handler) + } + o.handlers["GET"]["/namespaces/{namespace}/tenants/{tenant}/usage"] = operator_api.NewGetTenantUsage(o.context, o.OperatorAPIGetTenantUsageHandler) + if o.handlers["GET"] == nil { + o.handlers["GET"] = make(map[string]http.Handler) + } + o.handlers["GET"]["/namespaces/{namespace}/tenants/{tenant}/yaml"] = operator_api.NewGetTenantYAML(o.context, o.OperatorAPIGetTenantYAMLHandler) + if o.handlers["GET"] == nil { + o.handlers["GET"] = make(map[string]http.Handler) + } + o.handlers["GET"]["/tenants"] = operator_api.NewListAllTenants(o.context, o.OperatorAPIListAllTenantsHandler) + if o.handlers["GET"] == nil { + o.handlers["GET"] = make(map[string]http.Handler) + } + o.handlers["GET"]["/nodes/labels"] = operator_api.NewListNodeLabels(o.context, o.OperatorAPIListNodeLabelsHandler) + if o.handlers["GET"] == nil { + o.handlers["GET"] = make(map[string]http.Handler) + } + o.handlers["GET"]["/list-pvcs"] = operator_api.NewListPVCs(o.context, o.OperatorAPIListPVCsHandler) + if o.handlers["GET"] == nil { + o.handlers["GET"] = make(map[string]http.Handler) + } + o.handlers["GET"]["/namespaces/{namespace}/tenants"] = operator_api.NewListTenants(o.context, o.OperatorAPIListTenantsHandler) + if o.handlers["POST"] == nil { + o.handlers["POST"] = make(map[string]http.Handler) + } + o.handlers["POST"]["/login"] = user_api.NewLogin(o.context, o.UserAPILoginHandler) + if o.handlers["GET"] == nil { + o.handlers["GET"] = make(map[string]http.Handler) + } + o.handlers["GET"]["/login"] = user_api.NewLoginDetail(o.context, o.UserAPILoginDetailHandler) + if o.handlers["POST"] == nil { + o.handlers["POST"] = make(map[string]http.Handler) + } + o.handlers["POST"]["/login/oauth2/auth"] = user_api.NewLoginOauth2Auth(o.context, o.UserAPILoginOauth2AuthHandler) + if o.handlers["POST"] == nil { + o.handlers["POST"] = make(map[string]http.Handler) + } + o.handlers["POST"]["/login/operator"] = user_api.NewLoginOperator(o.context, o.UserAPILoginOperatorHandler) + if o.handlers["POST"] == nil { + o.handlers["POST"] = make(map[string]http.Handler) + } + o.handlers["POST"]["/logout"] = user_api.NewLogout(o.context, o.UserAPILogoutHandler) + if o.handlers["PUT"] == nil { + o.handlers["PUT"] = make(map[string]http.Handler) + } + o.handlers["PUT"]["/namespaces/{namespace}/tenants/{tenant}/yaml"] = operator_api.NewPutTenantYAML(o.context, o.OperatorAPIPutTenantYAMLHandler) + if o.handlers["GET"] == nil { + o.handlers["GET"] = make(map[string]http.Handler) + } + o.handlers["GET"]["/session"] = user_api.NewSessionCheck(o.context, o.UserAPISessionCheckHandler) + if o.handlers["POST"] == nil { + o.handlers["POST"] = make(map[string]http.Handler) + } + o.handlers["POST"]["/subscription/namespaces/{namespace}/tenants/{tenant}/activate"] = operator_api.NewSubscriptionActivate(o.context, o.OperatorAPISubscriptionActivateHandler) + if o.handlers["GET"] == nil { + o.handlers["GET"] = make(map[string]http.Handler) + } + o.handlers["GET"]["/subscription/info"] = operator_api.NewSubscriptionInfo(o.context, o.OperatorAPISubscriptionInfoHandler) + if o.handlers["POST"] == nil { + o.handlers["POST"] = make(map[string]http.Handler) + } + o.handlers["POST"]["/subscription/refresh"] = operator_api.NewSubscriptionRefresh(o.context, o.OperatorAPISubscriptionRefreshHandler) + if o.handlers["POST"] == nil { + o.handlers["POST"] = make(map[string]http.Handler) + } + o.handlers["POST"]["/subscription/validate"] = operator_api.NewSubscriptionValidate(o.context, o.OperatorAPISubscriptionValidateHandler) + if o.handlers["POST"] == nil { + o.handlers["POST"] = make(map[string]http.Handler) + } + o.handlers["POST"]["/namespaces/{namespace}/tenants/{tenant}/pools"] = operator_api.NewTenantAddPool(o.context, o.OperatorAPITenantAddPoolHandler) + if o.handlers["GET"] == nil { + o.handlers["GET"] = make(map[string]http.Handler) + } + o.handlers["GET"]["/namespaces/{namespace}/tenants/{tenant}"] = operator_api.NewTenantDetails(o.context, o.OperatorAPITenantDetailsHandler) + if o.handlers["GET"] == nil { + o.handlers["GET"] = make(map[string]http.Handler) + } + o.handlers["GET"]["/namespaces/{namespace}/tenants/{tenant}/security"] = operator_api.NewTenantSecurity(o.context, o.OperatorAPITenantSecurityHandler) + if o.handlers["PUT"] == nil { + o.handlers["PUT"] = make(map[string]http.Handler) + } + o.handlers["PUT"]["/namespaces/{namespace}/tenants/{tenant}/certificates"] = operator_api.NewTenantUpdateCertificate(o.context, o.OperatorAPITenantUpdateCertificateHandler) + if o.handlers["PUT"] == nil { + o.handlers["PUT"] = make(map[string]http.Handler) + } + o.handlers["PUT"]["/namespaces/{namespace}/tenants/{tenant}/encryption"] = operator_api.NewTenantUpdateEncryption(o.context, o.OperatorAPITenantUpdateEncryptionHandler) + if o.handlers["PUT"] == nil { + o.handlers["PUT"] = make(map[string]http.Handler) + } + o.handlers["PUT"]["/namespaces/{namespace}/tenants/{tenant}/pools"] = operator_api.NewTenantUpdatePools(o.context, o.OperatorAPITenantUpdatePoolsHandler) + if o.handlers["PUT"] == nil { + o.handlers["PUT"] = make(map[string]http.Handler) + } + o.handlers["PUT"]["/namespaces/{namespace}/tenants/{tenant}"] = operator_api.NewUpdateTenant(o.context, o.OperatorAPIUpdateTenantHandler) + if o.handlers["POST"] == nil { + o.handlers["POST"] = make(map[string]http.Handler) + } + o.handlers["POST"]["/namespaces/{namespace}/tenants/{tenant}/security"] = operator_api.NewUpdateTenantSecurity(o.context, o.OperatorAPIUpdateTenantSecurityHandler) +} + +// Serve creates a http handler to serve the API over HTTP +// can be used directly in http.ListenAndServe(":8000", api.Serve(nil)) +func (o *OperatorAPI) Serve(builder middleware.Builder) http.Handler { + o.Init() + + if o.Middleware != nil { + return o.Middleware(builder) + } + if o.useSwaggerUI { + return o.context.APIHandlerSwaggerUI(builder) + } + return o.context.APIHandler(builder) +} + +// Init allows you to just initialize the handler cache, you can then recompose the middleware as you see fit +func (o *OperatorAPI) Init() { + if len(o.handlers) == 0 { + o.initHandlerCache() + } +} + +// RegisterConsumer allows you to add (or override) a consumer for a media type. +func (o *OperatorAPI) RegisterConsumer(mediaType string, consumer runtime.Consumer) { + o.customConsumers[mediaType] = consumer +} + +// RegisterProducer allows you to add (or override) a producer for a media type. +func (o *OperatorAPI) RegisterProducer(mediaType string, producer runtime.Producer) { + o.customProducers[mediaType] = producer +} + +// AddMiddlewareFor adds a http middleware to existing handler +func (o *OperatorAPI) AddMiddlewareFor(method, path string, builder middleware.Builder) { + um := strings.ToUpper(method) + if path == "/" { + path = "" + } + o.Init() + if h, ok := o.handlers[um][path]; ok { + o.handlers[method][path] = builder(h) + } +} diff --git a/restapi/operations/admin_api/create_namespace.go b/operatorapi/operations/operator_api/create_namespace.go similarity index 96% rename from restapi/operations/admin_api/create_namespace.go rename to operatorapi/operations/operator_api/create_namespace.go index 96f625006..7f4fe0bf8 100644 --- a/restapi/operations/admin_api/create_namespace.go +++ b/operatorapi/operations/operator_api/create_namespace.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewCreateNamespace(ctx *middleware.Context, handler CreateNamespaceHandler) return &CreateNamespace{Context: ctx, Handler: handler} } -/* CreateNamespace swagger:route POST /namespace AdminAPI createNamespace +/* CreateNamespace swagger:route POST /namespace OperatorAPI createNamespace Creates a new Namespace with given information diff --git a/restapi/operations/admin_api/create_namespace_parameters.go b/operatorapi/operations/operator_api/create_namespace_parameters.go similarity index 99% rename from restapi/operations/admin_api/create_namespace_parameters.go rename to operatorapi/operations/operator_api/create_namespace_parameters.go index 0b526f6c7..6dda733f3 100644 --- a/restapi/operations/admin_api/create_namespace_parameters.go +++ b/operatorapi/operations/operator_api/create_namespace_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/create_namespace_responses.go b/operatorapi/operations/operator_api/create_namespace_responses.go similarity index 99% rename from restapi/operations/admin_api/create_namespace_responses.go rename to operatorapi/operations/operator_api/create_namespace_responses.go index 6d670667c..f1f226090 100644 --- a/restapi/operations/admin_api/create_namespace_responses.go +++ b/operatorapi/operations/operator_api/create_namespace_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/create_namespace_urlbuilder.go b/operatorapi/operations/operator_api/create_namespace_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/create_namespace_urlbuilder.go rename to operatorapi/operations/operator_api/create_namespace_urlbuilder.go index 90ac21690..8a0f1e7e1 100644 --- a/restapi/operations/admin_api/create_namespace_urlbuilder.go +++ b/operatorapi/operations/operator_api/create_namespace_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/restapi/operations/admin_api/create_tenant.go b/operatorapi/operations/operator_api/create_tenant.go similarity index 96% rename from restapi/operations/admin_api/create_tenant.go rename to operatorapi/operations/operator_api/create_tenant.go index 5b3922d8d..e21c178a9 100644 --- a/restapi/operations/admin_api/create_tenant.go +++ b/operatorapi/operations/operator_api/create_tenant.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewCreateTenant(ctx *middleware.Context, handler CreateTenantHandler) *Crea return &CreateTenant{Context: ctx, Handler: handler} } -/* CreateTenant swagger:route POST /tenants AdminAPI createTenant +/* CreateTenant swagger:route POST /tenants OperatorAPI createTenant Create Tenant diff --git a/restapi/operations/admin_api/create_tenant_parameters.go b/operatorapi/operations/operator_api/create_tenant_parameters.go similarity index 99% rename from restapi/operations/admin_api/create_tenant_parameters.go rename to operatorapi/operations/operator_api/create_tenant_parameters.go index 08a83b5f4..35e48926b 100644 --- a/restapi/operations/admin_api/create_tenant_parameters.go +++ b/operatorapi/operations/operator_api/create_tenant_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/create_tenant_responses.go b/operatorapi/operations/operator_api/create_tenant_responses.go similarity index 99% rename from restapi/operations/admin_api/create_tenant_responses.go rename to operatorapi/operations/operator_api/create_tenant_responses.go index 6966dca8f..0ac933d59 100644 --- a/restapi/operations/admin_api/create_tenant_responses.go +++ b/operatorapi/operations/operator_api/create_tenant_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/create_tenant_urlbuilder.go b/operatorapi/operations/operator_api/create_tenant_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/create_tenant_urlbuilder.go rename to operatorapi/operations/operator_api/create_tenant_urlbuilder.go index d645cf687..7368b4111 100644 --- a/restapi/operations/admin_api/create_tenant_urlbuilder.go +++ b/operatorapi/operations/operator_api/create_tenant_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/restapi/operations/admin_api/delete_pod.go b/operatorapi/operations/operator_api/delete_pod.go similarity index 97% rename from restapi/operations/admin_api/delete_pod.go rename to operatorapi/operations/operator_api/delete_pod.go index ee210e457..2b2562655 100644 --- a/restapi/operations/admin_api/delete_pod.go +++ b/operatorapi/operations/operator_api/delete_pod.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewDeletePod(ctx *middleware.Context, handler DeletePodHandler) *DeletePod return &DeletePod{Context: ctx, Handler: handler} } -/* DeletePod swagger:route DELETE /namespaces/{namespace}/tenants/{tenant}/pods/{podName} AdminAPI deletePod +/* DeletePod swagger:route DELETE /namespaces/{namespace}/tenants/{tenant}/pods/{podName} OperatorAPI deletePod Delete pod diff --git a/restapi/operations/admin_api/delete_pod_parameters.go b/operatorapi/operations/operator_api/delete_pod_parameters.go similarity index 99% rename from restapi/operations/admin_api/delete_pod_parameters.go rename to operatorapi/operations/operator_api/delete_pod_parameters.go index 7eb6dc31e..dacae8696 100644 --- a/restapi/operations/admin_api/delete_pod_parameters.go +++ b/operatorapi/operations/operator_api/delete_pod_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/delete_pod_responses.go b/operatorapi/operations/operator_api/delete_pod_responses.go similarity index 99% rename from restapi/operations/admin_api/delete_pod_responses.go rename to operatorapi/operations/operator_api/delete_pod_responses.go index e2fda3f66..07db435f5 100644 --- a/restapi/operations/admin_api/delete_pod_responses.go +++ b/operatorapi/operations/operator_api/delete_pod_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/delete_pod_urlbuilder.go b/operatorapi/operations/operator_api/delete_pod_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/delete_pod_urlbuilder.go rename to operatorapi/operations/operator_api/delete_pod_urlbuilder.go index 33891bb7a..efc693cb8 100644 --- a/restapi/operations/admin_api/delete_pod_urlbuilder.go +++ b/operatorapi/operations/operator_api/delete_pod_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/restapi/operations/admin_api/delete_tenant.go b/operatorapi/operations/operator_api/delete_tenant.go similarity index 97% rename from restapi/operations/admin_api/delete_tenant.go rename to operatorapi/operations/operator_api/delete_tenant.go index 63e62db75..41e13f1cc 100644 --- a/restapi/operations/admin_api/delete_tenant.go +++ b/operatorapi/operations/operator_api/delete_tenant.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewDeleteTenant(ctx *middleware.Context, handler DeleteTenantHandler) *Dele return &DeleteTenant{Context: ctx, Handler: handler} } -/* DeleteTenant swagger:route DELETE /namespaces/{namespace}/tenants/{tenant} AdminAPI deleteTenant +/* DeleteTenant swagger:route DELETE /namespaces/{namespace}/tenants/{tenant} OperatorAPI deleteTenant Delete tenant and underlying pvcs diff --git a/restapi/operations/admin_api/delete_tenant_parameters.go b/operatorapi/operations/operator_api/delete_tenant_parameters.go similarity index 99% rename from restapi/operations/admin_api/delete_tenant_parameters.go rename to operatorapi/operations/operator_api/delete_tenant_parameters.go index cf4b5e854..16c484408 100644 --- a/restapi/operations/admin_api/delete_tenant_parameters.go +++ b/operatorapi/operations/operator_api/delete_tenant_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/delete_tenant_responses.go b/operatorapi/operations/operator_api/delete_tenant_responses.go similarity index 99% rename from restapi/operations/admin_api/delete_tenant_responses.go rename to operatorapi/operations/operator_api/delete_tenant_responses.go index 4e4b408d9..497967433 100644 --- a/restapi/operations/admin_api/delete_tenant_responses.go +++ b/operatorapi/operations/operator_api/delete_tenant_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/delete_tenant_urlbuilder.go b/operatorapi/operations/operator_api/delete_tenant_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/delete_tenant_urlbuilder.go rename to operatorapi/operations/operator_api/delete_tenant_urlbuilder.go index 3626d5573..12ef37540 100644 --- a/restapi/operations/admin_api/delete_tenant_urlbuilder.go +++ b/operatorapi/operations/operator_api/delete_tenant_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/restapi/operations/admin_api/direct_c_s_i_format_drive.go b/operatorapi/operations/operator_api/direct_c_s_i_format_drive.go similarity index 98% rename from restapi/operations/admin_api/direct_c_s_i_format_drive.go rename to operatorapi/operations/operator_api/direct_c_s_i_format_drive.go index 27f627e0c..1b0dfa7a1 100644 --- a/restapi/operations/admin_api/direct_c_s_i_format_drive.go +++ b/operatorapi/operations/operator_api/direct_c_s_i_format_drive.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewDirectCSIFormatDrive(ctx *middleware.Context, handler DirectCSIFormatDri return &DirectCSIFormatDrive{Context: ctx, Handler: handler} } -/* DirectCSIFormatDrive swagger:route POST /direct-csi/drives/format AdminAPI directCSIFormatDrive +/* DirectCSIFormatDrive swagger:route POST /direct-csi/drives/format OperatorAPI directCSIFormatDrive Format direct-csi drives from a list diff --git a/restapi/operations/admin_api/direct_c_s_i_format_drive_parameters.go b/operatorapi/operations/operator_api/direct_c_s_i_format_drive_parameters.go similarity index 99% rename from restapi/operations/admin_api/direct_c_s_i_format_drive_parameters.go rename to operatorapi/operations/operator_api/direct_c_s_i_format_drive_parameters.go index 7712ee97a..b85200132 100644 --- a/restapi/operations/admin_api/direct_c_s_i_format_drive_parameters.go +++ b/operatorapi/operations/operator_api/direct_c_s_i_format_drive_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/direct_c_s_i_format_drive_responses.go b/operatorapi/operations/operator_api/direct_c_s_i_format_drive_responses.go similarity index 99% rename from restapi/operations/admin_api/direct_c_s_i_format_drive_responses.go rename to operatorapi/operations/operator_api/direct_c_s_i_format_drive_responses.go index 4733c02f4..ac3ba9090 100644 --- a/restapi/operations/admin_api/direct_c_s_i_format_drive_responses.go +++ b/operatorapi/operations/operator_api/direct_c_s_i_format_drive_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/direct_c_s_i_format_drive_urlbuilder.go b/operatorapi/operations/operator_api/direct_c_s_i_format_drive_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/direct_c_s_i_format_drive_urlbuilder.go rename to operatorapi/operations/operator_api/direct_c_s_i_format_drive_urlbuilder.go index d529fef3a..fe4fbea6c 100644 --- a/restapi/operations/admin_api/direct_c_s_i_format_drive_urlbuilder.go +++ b/operatorapi/operations/operator_api/direct_c_s_i_format_drive_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/restapi/operations/admin_api/get_direct_c_s_i_drive_list.go b/operatorapi/operations/operator_api/get_direct_c_s_i_drive_list.go similarity index 96% rename from restapi/operations/admin_api/get_direct_c_s_i_drive_list.go rename to operatorapi/operations/operator_api/get_direct_c_s_i_drive_list.go index 8e32ae5f4..27aa250ab 100644 --- a/restapi/operations/admin_api/get_direct_c_s_i_drive_list.go +++ b/operatorapi/operations/operator_api/get_direct_c_s_i_drive_list.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewGetDirectCSIDriveList(ctx *middleware.Context, handler GetDirectCSIDrive return &GetDirectCSIDriveList{Context: ctx, Handler: handler} } -/* GetDirectCSIDriveList swagger:route GET /direct-csi/drives AdminAPI getDirectCSIDriveList +/* GetDirectCSIDriveList swagger:route GET /direct-csi/drives OperatorAPI getDirectCSIDriveList Get direct-csi drives list diff --git a/restapi/operations/admin_api/get_direct_c_s_i_drive_list_parameters.go b/operatorapi/operations/operator_api/get_direct_c_s_i_drive_list_parameters.go similarity index 99% rename from restapi/operations/admin_api/get_direct_c_s_i_drive_list_parameters.go rename to operatorapi/operations/operator_api/get_direct_c_s_i_drive_list_parameters.go index db9c2027d..ebb81928f 100644 --- a/restapi/operations/admin_api/get_direct_c_s_i_drive_list_parameters.go +++ b/operatorapi/operations/operator_api/get_direct_c_s_i_drive_list_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/get_direct_c_s_i_drive_list_responses.go b/operatorapi/operations/operator_api/get_direct_c_s_i_drive_list_responses.go similarity index 99% rename from restapi/operations/admin_api/get_direct_c_s_i_drive_list_responses.go rename to operatorapi/operations/operator_api/get_direct_c_s_i_drive_list_responses.go index bf3922852..a75640429 100644 --- a/restapi/operations/admin_api/get_direct_c_s_i_drive_list_responses.go +++ b/operatorapi/operations/operator_api/get_direct_c_s_i_drive_list_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/get_direct_c_s_i_drive_list_urlbuilder.go b/operatorapi/operations/operator_api/get_direct_c_s_i_drive_list_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/get_direct_c_s_i_drive_list_urlbuilder.go rename to operatorapi/operations/operator_api/get_direct_c_s_i_drive_list_urlbuilder.go index 67bc800c6..0d828fb12 100644 --- a/restapi/operations/admin_api/get_direct_c_s_i_drive_list_urlbuilder.go +++ b/operatorapi/operations/operator_api/get_direct_c_s_i_drive_list_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/restapi/operations/admin_api/get_direct_c_s_i_volume_list.go b/operatorapi/operations/operator_api/get_direct_c_s_i_volume_list.go similarity index 98% rename from restapi/operations/admin_api/get_direct_c_s_i_volume_list.go rename to operatorapi/operations/operator_api/get_direct_c_s_i_volume_list.go index 0a01524d1..12cd5d383 100644 --- a/restapi/operations/admin_api/get_direct_c_s_i_volume_list.go +++ b/operatorapi/operations/operator_api/get_direct_c_s_i_volume_list.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewGetDirectCSIVolumeList(ctx *middleware.Context, handler GetDirectCSIVolu return &GetDirectCSIVolumeList{Context: ctx, Handler: handler} } -/* GetDirectCSIVolumeList swagger:route GET /direct-csi/volumes AdminAPI getDirectCSIVolumeList +/* GetDirectCSIVolumeList swagger:route GET /direct-csi/volumes OperatorAPI getDirectCSIVolumeList Get direct-csi volumes list diff --git a/restapi/operations/admin_api/get_direct_c_s_i_volume_list_parameters.go b/operatorapi/operations/operator_api/get_direct_c_s_i_volume_list_parameters.go similarity index 99% rename from restapi/operations/admin_api/get_direct_c_s_i_volume_list_parameters.go rename to operatorapi/operations/operator_api/get_direct_c_s_i_volume_list_parameters.go index c5385306f..81bd72fa9 100644 --- a/restapi/operations/admin_api/get_direct_c_s_i_volume_list_parameters.go +++ b/operatorapi/operations/operator_api/get_direct_c_s_i_volume_list_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/get_direct_c_s_i_volume_list_responses.go b/operatorapi/operations/operator_api/get_direct_c_s_i_volume_list_responses.go similarity index 99% rename from restapi/operations/admin_api/get_direct_c_s_i_volume_list_responses.go rename to operatorapi/operations/operator_api/get_direct_c_s_i_volume_list_responses.go index 0ab051fb0..c5d4c17d4 100644 --- a/restapi/operations/admin_api/get_direct_c_s_i_volume_list_responses.go +++ b/operatorapi/operations/operator_api/get_direct_c_s_i_volume_list_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/get_direct_c_s_i_volume_list_urlbuilder.go b/operatorapi/operations/operator_api/get_direct_c_s_i_volume_list_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/get_direct_c_s_i_volume_list_urlbuilder.go rename to operatorapi/operations/operator_api/get_direct_c_s_i_volume_list_urlbuilder.go index a6996fa98..1a37bc2fc 100644 --- a/restapi/operations/admin_api/get_direct_c_s_i_volume_list_urlbuilder.go +++ b/operatorapi/operations/operator_api/get_direct_c_s_i_volume_list_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/restapi/operations/admin_api/get_max_allocatable_mem.go b/operatorapi/operations/operator_api/get_max_allocatable_mem.go similarity index 97% rename from restapi/operations/admin_api/get_max_allocatable_mem.go rename to operatorapi/operations/operator_api/get_max_allocatable_mem.go index f939652a9..df74848a8 100644 --- a/restapi/operations/admin_api/get_max_allocatable_mem.go +++ b/operatorapi/operations/operator_api/get_max_allocatable_mem.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewGetMaxAllocatableMem(ctx *middleware.Context, handler GetMaxAllocatableM return &GetMaxAllocatableMem{Context: ctx, Handler: handler} } -/* GetMaxAllocatableMem swagger:route GET /cluster/max-allocatable-memory AdminAPI getMaxAllocatableMem +/* GetMaxAllocatableMem swagger:route GET /cluster/max-allocatable-memory OperatorAPI getMaxAllocatableMem Get maximum allocatable memory for given number of nodes diff --git a/restapi/operations/admin_api/get_max_allocatable_mem_parameters.go b/operatorapi/operations/operator_api/get_max_allocatable_mem_parameters.go similarity index 99% rename from restapi/operations/admin_api/get_max_allocatable_mem_parameters.go rename to operatorapi/operations/operator_api/get_max_allocatable_mem_parameters.go index 00ffc7985..995de9eed 100644 --- a/restapi/operations/admin_api/get_max_allocatable_mem_parameters.go +++ b/operatorapi/operations/operator_api/get_max_allocatable_mem_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/get_max_allocatable_mem_responses.go b/operatorapi/operations/operator_api/get_max_allocatable_mem_responses.go similarity index 99% rename from restapi/operations/admin_api/get_max_allocatable_mem_responses.go rename to operatorapi/operations/operator_api/get_max_allocatable_mem_responses.go index 3ae7a73e0..f62e21ad4 100644 --- a/restapi/operations/admin_api/get_max_allocatable_mem_responses.go +++ b/operatorapi/operations/operator_api/get_max_allocatable_mem_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/get_max_allocatable_mem_urlbuilder.go b/operatorapi/operations/operator_api/get_max_allocatable_mem_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/get_max_allocatable_mem_urlbuilder.go rename to operatorapi/operations/operator_api/get_max_allocatable_mem_urlbuilder.go index f66c86bb6..a2e5c7122 100644 --- a/restapi/operations/admin_api/get_max_allocatable_mem_urlbuilder.go +++ b/operatorapi/operations/operator_api/get_max_allocatable_mem_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/restapi/operations/admin_api/get_parity.go b/operatorapi/operations/operator_api/get_parity.go similarity index 98% rename from restapi/operations/admin_api/get_parity.go rename to operatorapi/operations/operator_api/get_parity.go index 6301184fa..efdd18342 100644 --- a/restapi/operations/admin_api/get_parity.go +++ b/operatorapi/operations/operator_api/get_parity.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewGetParity(ctx *middleware.Context, handler GetParityHandler) *GetParity return &GetParity{Context: ctx, Handler: handler} } -/* GetParity swagger:route GET /get-parity/{nodes}/{disksPerNode} AdminAPI getParity +/* GetParity swagger:route GET /get-parity/{nodes}/{disksPerNode} OperatorAPI getParity Gets parity by sending number of nodes & number of disks diff --git a/restapi/operations/admin_api/get_parity_parameters.go b/operatorapi/operations/operator_api/get_parity_parameters.go similarity index 99% rename from restapi/operations/admin_api/get_parity_parameters.go rename to operatorapi/operations/operator_api/get_parity_parameters.go index 9fe461214..916d7d5b5 100644 --- a/restapi/operations/admin_api/get_parity_parameters.go +++ b/operatorapi/operations/operator_api/get_parity_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/get_parity_responses.go b/operatorapi/operations/operator_api/get_parity_responses.go similarity index 99% rename from restapi/operations/admin_api/get_parity_responses.go rename to operatorapi/operations/operator_api/get_parity_responses.go index 67277a10e..fcd2e4285 100644 --- a/restapi/operations/admin_api/get_parity_responses.go +++ b/operatorapi/operations/operator_api/get_parity_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/get_parity_urlbuilder.go b/operatorapi/operations/operator_api/get_parity_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/get_parity_urlbuilder.go rename to operatorapi/operations/operator_api/get_parity_urlbuilder.go index 9f3785bd2..13f9873b9 100644 --- a/restapi/operations/admin_api/get_parity_urlbuilder.go +++ b/operatorapi/operations/operator_api/get_parity_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/restapi/operations/admin_api/get_pod_events.go b/operatorapi/operations/operator_api/get_pod_events.go similarity index 97% rename from restapi/operations/admin_api/get_pod_events.go rename to operatorapi/operations/operator_api/get_pod_events.go index 03aac2e37..a72a12077 100644 --- a/restapi/operations/admin_api/get_pod_events.go +++ b/operatorapi/operations/operator_api/get_pod_events.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewGetPodEvents(ctx *middleware.Context, handler GetPodEventsHandler) *GetP return &GetPodEvents{Context: ctx, Handler: handler} } -/* GetPodEvents swagger:route GET /namespaces/{namespace}/tenants/{tenant}/pods/{podName}/events AdminAPI getPodEvents +/* GetPodEvents swagger:route GET /namespaces/{namespace}/tenants/{tenant}/pods/{podName}/events OperatorAPI getPodEvents Get Events for Pod diff --git a/restapi/operations/admin_api/get_pod_events_parameters.go b/operatorapi/operations/operator_api/get_pod_events_parameters.go similarity index 99% rename from restapi/operations/admin_api/get_pod_events_parameters.go rename to operatorapi/operations/operator_api/get_pod_events_parameters.go index f8329d7ab..2cbefe158 100644 --- a/restapi/operations/admin_api/get_pod_events_parameters.go +++ b/operatorapi/operations/operator_api/get_pod_events_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/get_pod_events_responses.go b/operatorapi/operations/operator_api/get_pod_events_responses.go similarity index 99% rename from restapi/operations/admin_api/get_pod_events_responses.go rename to operatorapi/operations/operator_api/get_pod_events_responses.go index bbf801dd1..f4b249fa7 100644 --- a/restapi/operations/admin_api/get_pod_events_responses.go +++ b/operatorapi/operations/operator_api/get_pod_events_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/get_pod_events_urlbuilder.go b/operatorapi/operations/operator_api/get_pod_events_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/get_pod_events_urlbuilder.go rename to operatorapi/operations/operator_api/get_pod_events_urlbuilder.go index feb7f89d7..bb0ca8c62 100644 --- a/restapi/operations/admin_api/get_pod_events_urlbuilder.go +++ b/operatorapi/operations/operator_api/get_pod_events_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/restapi/operations/admin_api/get_pod_logs.go b/operatorapi/operations/operator_api/get_pod_logs.go similarity index 97% rename from restapi/operations/admin_api/get_pod_logs.go rename to operatorapi/operations/operator_api/get_pod_logs.go index bde148f92..bcdacb712 100644 --- a/restapi/operations/admin_api/get_pod_logs.go +++ b/operatorapi/operations/operator_api/get_pod_logs.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewGetPodLogs(ctx *middleware.Context, handler GetPodLogsHandler) *GetPodLo return &GetPodLogs{Context: ctx, Handler: handler} } -/* GetPodLogs swagger:route GET /namespaces/{namespace}/tenants/{tenant}/pods/{podName} AdminAPI getPodLogs +/* GetPodLogs swagger:route GET /namespaces/{namespace}/tenants/{tenant}/pods/{podName} OperatorAPI getPodLogs Get Logs for Pod diff --git a/restapi/operations/admin_api/get_pod_logs_parameters.go b/operatorapi/operations/operator_api/get_pod_logs_parameters.go similarity index 99% rename from restapi/operations/admin_api/get_pod_logs_parameters.go rename to operatorapi/operations/operator_api/get_pod_logs_parameters.go index fe2c1a5b2..b9f8bb20a 100644 --- a/restapi/operations/admin_api/get_pod_logs_parameters.go +++ b/operatorapi/operations/operator_api/get_pod_logs_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/get_pod_logs_responses.go b/operatorapi/operations/operator_api/get_pod_logs_responses.go similarity index 99% rename from restapi/operations/admin_api/get_pod_logs_responses.go rename to operatorapi/operations/operator_api/get_pod_logs_responses.go index 83e75bfbd..9e906d6eb 100644 --- a/restapi/operations/admin_api/get_pod_logs_responses.go +++ b/operatorapi/operations/operator_api/get_pod_logs_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/get_pod_logs_urlbuilder.go b/operatorapi/operations/operator_api/get_pod_logs_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/get_pod_logs_urlbuilder.go rename to operatorapi/operations/operator_api/get_pod_logs_urlbuilder.go index 0edd76a8b..f78e1da69 100644 --- a/restapi/operations/admin_api/get_pod_logs_urlbuilder.go +++ b/operatorapi/operations/operator_api/get_pod_logs_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/restapi/operations/admin_api/get_resource_quota.go b/operatorapi/operations/operator_api/get_resource_quota.go similarity index 97% rename from restapi/operations/admin_api/get_resource_quota.go rename to operatorapi/operations/operator_api/get_resource_quota.go index f879f37ed..e8d5b1fd9 100644 --- a/restapi/operations/admin_api/get_resource_quota.go +++ b/operatorapi/operations/operator_api/get_resource_quota.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewGetResourceQuota(ctx *middleware.Context, handler GetResourceQuotaHandle return &GetResourceQuota{Context: ctx, Handler: handler} } -/* GetResourceQuota swagger:route GET /namespaces/{namespace}/resourcequotas/{resource-quota-name} AdminAPI getResourceQuota +/* GetResourceQuota swagger:route GET /namespaces/{namespace}/resourcequotas/{resource-quota-name} OperatorAPI getResourceQuota Get Resource Quota diff --git a/restapi/operations/admin_api/get_resource_quota_parameters.go b/operatorapi/operations/operator_api/get_resource_quota_parameters.go similarity index 99% rename from restapi/operations/admin_api/get_resource_quota_parameters.go rename to operatorapi/operations/operator_api/get_resource_quota_parameters.go index 8a3f2d129..0f086e63d 100644 --- a/restapi/operations/admin_api/get_resource_quota_parameters.go +++ b/operatorapi/operations/operator_api/get_resource_quota_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/get_resource_quota_responses.go b/operatorapi/operations/operator_api/get_resource_quota_responses.go similarity index 99% rename from restapi/operations/admin_api/get_resource_quota_responses.go rename to operatorapi/operations/operator_api/get_resource_quota_responses.go index a0db1dc09..c773be783 100644 --- a/restapi/operations/admin_api/get_resource_quota_responses.go +++ b/operatorapi/operations/operator_api/get_resource_quota_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/get_resource_quota_urlbuilder.go b/operatorapi/operations/operator_api/get_resource_quota_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/get_resource_quota_urlbuilder.go rename to operatorapi/operations/operator_api/get_resource_quota_urlbuilder.go index ea6770904..816bc57ad 100644 --- a/restapi/operations/admin_api/get_resource_quota_urlbuilder.go +++ b/operatorapi/operations/operator_api/get_resource_quota_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/restapi/operations/admin_api/get_tenant_pods.go b/operatorapi/operations/operator_api/get_tenant_pods.go similarity index 97% rename from restapi/operations/admin_api/get_tenant_pods.go rename to operatorapi/operations/operator_api/get_tenant_pods.go index 3d17111a5..9513dbfa8 100644 --- a/restapi/operations/admin_api/get_tenant_pods.go +++ b/operatorapi/operations/operator_api/get_tenant_pods.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewGetTenantPods(ctx *middleware.Context, handler GetTenantPodsHandler) *Ge return &GetTenantPods{Context: ctx, Handler: handler} } -/* GetTenantPods swagger:route GET /namespaces/{namespace}/tenants/{tenant}/pods AdminAPI getTenantPods +/* GetTenantPods swagger:route GET /namespaces/{namespace}/tenants/{tenant}/pods OperatorAPI getTenantPods Get Pods For The Tenant diff --git a/restapi/operations/admin_api/get_tenant_pods_parameters.go b/operatorapi/operations/operator_api/get_tenant_pods_parameters.go similarity index 99% rename from restapi/operations/admin_api/get_tenant_pods_parameters.go rename to operatorapi/operations/operator_api/get_tenant_pods_parameters.go index 1f63b7f17..fed2c2522 100644 --- a/restapi/operations/admin_api/get_tenant_pods_parameters.go +++ b/operatorapi/operations/operator_api/get_tenant_pods_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/get_tenant_pods_responses.go b/operatorapi/operations/operator_api/get_tenant_pods_responses.go similarity index 99% rename from restapi/operations/admin_api/get_tenant_pods_responses.go rename to operatorapi/operations/operator_api/get_tenant_pods_responses.go index 2144cf929..f66763af9 100644 --- a/restapi/operations/admin_api/get_tenant_pods_responses.go +++ b/operatorapi/operations/operator_api/get_tenant_pods_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/get_tenant_pods_urlbuilder.go b/operatorapi/operations/operator_api/get_tenant_pods_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/get_tenant_pods_urlbuilder.go rename to operatorapi/operations/operator_api/get_tenant_pods_urlbuilder.go index 05fc0a58a..9a670ae99 100644 --- a/restapi/operations/admin_api/get_tenant_pods_urlbuilder.go +++ b/operatorapi/operations/operator_api/get_tenant_pods_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/restapi/operations/admin_api/get_tenant_usage.go b/operatorapi/operations/operator_api/get_tenant_usage.go similarity index 97% rename from restapi/operations/admin_api/get_tenant_usage.go rename to operatorapi/operations/operator_api/get_tenant_usage.go index 2ae0a69a4..2fbc299cb 100644 --- a/restapi/operations/admin_api/get_tenant_usage.go +++ b/operatorapi/operations/operator_api/get_tenant_usage.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewGetTenantUsage(ctx *middleware.Context, handler GetTenantUsageHandler) * return &GetTenantUsage{Context: ctx, Handler: handler} } -/* GetTenantUsage swagger:route GET /namespaces/{namespace}/tenants/{tenant}/usage AdminAPI getTenantUsage +/* GetTenantUsage swagger:route GET /namespaces/{namespace}/tenants/{tenant}/usage OperatorAPI getTenantUsage Get Usage For The Tenant diff --git a/restapi/operations/admin_api/get_tenant_usage_parameters.go b/operatorapi/operations/operator_api/get_tenant_usage_parameters.go similarity index 99% rename from restapi/operations/admin_api/get_tenant_usage_parameters.go rename to operatorapi/operations/operator_api/get_tenant_usage_parameters.go index acee771e0..676314bc3 100644 --- a/restapi/operations/admin_api/get_tenant_usage_parameters.go +++ b/operatorapi/operations/operator_api/get_tenant_usage_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/get_tenant_usage_responses.go b/operatorapi/operations/operator_api/get_tenant_usage_responses.go similarity index 99% rename from restapi/operations/admin_api/get_tenant_usage_responses.go rename to operatorapi/operations/operator_api/get_tenant_usage_responses.go index 5bd9c3584..4ba800c1f 100644 --- a/restapi/operations/admin_api/get_tenant_usage_responses.go +++ b/operatorapi/operations/operator_api/get_tenant_usage_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/get_tenant_usage_urlbuilder.go b/operatorapi/operations/operator_api/get_tenant_usage_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/get_tenant_usage_urlbuilder.go rename to operatorapi/operations/operator_api/get_tenant_usage_urlbuilder.go index 16806b88c..6aebc3a9a 100644 --- a/restapi/operations/admin_api/get_tenant_usage_urlbuilder.go +++ b/operatorapi/operations/operator_api/get_tenant_usage_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/restapi/operations/admin_api/get_tenant_y_a_m_l.go b/operatorapi/operations/operator_api/get_tenant_y_a_m_l.go similarity index 97% rename from restapi/operations/admin_api/get_tenant_y_a_m_l.go rename to operatorapi/operations/operator_api/get_tenant_y_a_m_l.go index 0a527d30c..44e694b94 100644 --- a/restapi/operations/admin_api/get_tenant_y_a_m_l.go +++ b/operatorapi/operations/operator_api/get_tenant_y_a_m_l.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewGetTenantYAML(ctx *middleware.Context, handler GetTenantYAMLHandler) *Ge return &GetTenantYAML{Context: ctx, Handler: handler} } -/* GetTenantYAML swagger:route GET /namespaces/{namespace}/tenants/{tenant}/yaml AdminAPI getTenantYAML +/* GetTenantYAML swagger:route GET /namespaces/{namespace}/tenants/{tenant}/yaml OperatorAPI getTenantYAML Get the Tenant YAML diff --git a/restapi/operations/admin_api/get_tenant_y_a_m_l_parameters.go b/operatorapi/operations/operator_api/get_tenant_y_a_m_l_parameters.go similarity index 99% rename from restapi/operations/admin_api/get_tenant_y_a_m_l_parameters.go rename to operatorapi/operations/operator_api/get_tenant_y_a_m_l_parameters.go index 1e35a13fe..76df06217 100644 --- a/restapi/operations/admin_api/get_tenant_y_a_m_l_parameters.go +++ b/operatorapi/operations/operator_api/get_tenant_y_a_m_l_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/get_tenant_y_a_m_l_responses.go b/operatorapi/operations/operator_api/get_tenant_y_a_m_l_responses.go similarity index 99% rename from restapi/operations/admin_api/get_tenant_y_a_m_l_responses.go rename to operatorapi/operations/operator_api/get_tenant_y_a_m_l_responses.go index a3283ecd6..34c80e082 100644 --- a/restapi/operations/admin_api/get_tenant_y_a_m_l_responses.go +++ b/operatorapi/operations/operator_api/get_tenant_y_a_m_l_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/get_tenant_y_a_m_l_urlbuilder.go b/operatorapi/operations/operator_api/get_tenant_y_a_m_l_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/get_tenant_y_a_m_l_urlbuilder.go rename to operatorapi/operations/operator_api/get_tenant_y_a_m_l_urlbuilder.go index ed7ec851a..ec75bffa9 100644 --- a/restapi/operations/admin_api/get_tenant_y_a_m_l_urlbuilder.go +++ b/operatorapi/operations/operator_api/get_tenant_y_a_m_l_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/restapi/operations/admin_api/list_all_tenants.go b/operatorapi/operations/operator_api/list_all_tenants.go similarity index 96% rename from restapi/operations/admin_api/list_all_tenants.go rename to operatorapi/operations/operator_api/list_all_tenants.go index 86ee07305..59f8064d0 100644 --- a/restapi/operations/admin_api/list_all_tenants.go +++ b/operatorapi/operations/operator_api/list_all_tenants.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewListAllTenants(ctx *middleware.Context, handler ListAllTenantsHandler) * return &ListAllTenants{Context: ctx, Handler: handler} } -/* ListAllTenants swagger:route GET /tenants AdminAPI listAllTenants +/* ListAllTenants swagger:route GET /tenants OperatorAPI listAllTenants List Tenant of All Namespaces diff --git a/restapi/operations/admin_api/list_all_tenants_parameters.go b/operatorapi/operations/operator_api/list_all_tenants_parameters.go similarity index 99% rename from restapi/operations/admin_api/list_all_tenants_parameters.go rename to operatorapi/operations/operator_api/list_all_tenants_parameters.go index eb6670ba0..dde2ab24d 100644 --- a/restapi/operations/admin_api/list_all_tenants_parameters.go +++ b/operatorapi/operations/operator_api/list_all_tenants_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/list_all_tenants_responses.go b/operatorapi/operations/operator_api/list_all_tenants_responses.go similarity index 99% rename from restapi/operations/admin_api/list_all_tenants_responses.go rename to operatorapi/operations/operator_api/list_all_tenants_responses.go index 83b01e966..0f86887c4 100644 --- a/restapi/operations/admin_api/list_all_tenants_responses.go +++ b/operatorapi/operations/operator_api/list_all_tenants_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/list_all_tenants_urlbuilder.go b/operatorapi/operations/operator_api/list_all_tenants_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/list_all_tenants_urlbuilder.go rename to operatorapi/operations/operator_api/list_all_tenants_urlbuilder.go index 8435d9bb6..32b971b1c 100644 --- a/restapi/operations/admin_api/list_all_tenants_urlbuilder.go +++ b/operatorapi/operations/operator_api/list_all_tenants_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/restapi/operations/operator_api/list_node_labels.go b/operatorapi/operations/operator_api/list_node_labels.go similarity index 100% rename from restapi/operations/operator_api/list_node_labels.go rename to operatorapi/operations/operator_api/list_node_labels.go diff --git a/restapi/operations/operator_api/list_node_labels_parameters.go b/operatorapi/operations/operator_api/list_node_labels_parameters.go similarity index 100% rename from restapi/operations/operator_api/list_node_labels_parameters.go rename to operatorapi/operations/operator_api/list_node_labels_parameters.go diff --git a/restapi/operations/operator_api/list_node_labels_responses.go b/operatorapi/operations/operator_api/list_node_labels_responses.go similarity index 100% rename from restapi/operations/operator_api/list_node_labels_responses.go rename to operatorapi/operations/operator_api/list_node_labels_responses.go diff --git a/restapi/operations/operator_api/list_node_labels_urlbuilder.go b/operatorapi/operations/operator_api/list_node_labels_urlbuilder.go similarity index 100% rename from restapi/operations/operator_api/list_node_labels_urlbuilder.go rename to operatorapi/operations/operator_api/list_node_labels_urlbuilder.go diff --git a/restapi/operations/admin_api/list_p_v_cs.go b/operatorapi/operations/operator_api/list_p_v_cs.go similarity index 97% rename from restapi/operations/admin_api/list_p_v_cs.go rename to operatorapi/operations/operator_api/list_p_v_cs.go index 7fd86761a..0f4d90fb5 100644 --- a/restapi/operations/admin_api/list_p_v_cs.go +++ b/operatorapi/operations/operator_api/list_p_v_cs.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewListPVCs(ctx *middleware.Context, handler ListPVCsHandler) *ListPVCs { return &ListPVCs{Context: ctx, Handler: handler} } -/* ListPVCs swagger:route GET /list-pvcs AdminAPI listPVCs +/* ListPVCs swagger:route GET /list-pvcs OperatorAPI listPVCs List all PVCs from namespaces that the user has access to diff --git a/restapi/operations/admin_api/list_p_v_cs_parameters.go b/operatorapi/operations/operator_api/list_p_v_cs_parameters.go similarity index 98% rename from restapi/operations/admin_api/list_p_v_cs_parameters.go rename to operatorapi/operations/operator_api/list_p_v_cs_parameters.go index 9088da7fc..2ec3abae2 100644 --- a/restapi/operations/admin_api/list_p_v_cs_parameters.go +++ b/operatorapi/operations/operator_api/list_p_v_cs_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/list_p_v_cs_responses.go b/operatorapi/operations/operator_api/list_p_v_cs_responses.go similarity index 99% rename from restapi/operations/admin_api/list_p_v_cs_responses.go rename to operatorapi/operations/operator_api/list_p_v_cs_responses.go index 40f9654dd..18f7e38a2 100644 --- a/restapi/operations/admin_api/list_p_v_cs_responses.go +++ b/operatorapi/operations/operator_api/list_p_v_cs_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/list_p_v_cs_urlbuilder.go b/operatorapi/operations/operator_api/list_p_v_cs_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/list_p_v_cs_urlbuilder.go rename to operatorapi/operations/operator_api/list_p_v_cs_urlbuilder.go index a01805396..1a53c86ee 100644 --- a/restapi/operations/admin_api/list_p_v_cs_urlbuilder.go +++ b/operatorapi/operations/operator_api/list_p_v_cs_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/restapi/operations/admin_api/list_tenants.go b/operatorapi/operations/operator_api/list_tenants.go similarity index 98% rename from restapi/operations/admin_api/list_tenants.go rename to operatorapi/operations/operator_api/list_tenants.go index 7a830a941..457e6499c 100644 --- a/restapi/operations/admin_api/list_tenants.go +++ b/operatorapi/operations/operator_api/list_tenants.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewListTenants(ctx *middleware.Context, handler ListTenantsHandler) *ListTe return &ListTenants{Context: ctx, Handler: handler} } -/* ListTenants swagger:route GET /namespaces/{namespace}/tenants AdminAPI listTenants +/* ListTenants swagger:route GET /namespaces/{namespace}/tenants OperatorAPI listTenants List Tenants by Namespace diff --git a/restapi/operations/admin_api/list_tenants_parameters.go b/operatorapi/operations/operator_api/list_tenants_parameters.go similarity index 99% rename from restapi/operations/admin_api/list_tenants_parameters.go rename to operatorapi/operations/operator_api/list_tenants_parameters.go index 45d451c5f..a35a4d798 100644 --- a/restapi/operations/admin_api/list_tenants_parameters.go +++ b/operatorapi/operations/operator_api/list_tenants_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/list_tenants_responses.go b/operatorapi/operations/operator_api/list_tenants_responses.go similarity index 99% rename from restapi/operations/admin_api/list_tenants_responses.go rename to operatorapi/operations/operator_api/list_tenants_responses.go index f553ad87f..70bfab4b8 100644 --- a/restapi/operations/admin_api/list_tenants_responses.go +++ b/operatorapi/operations/operator_api/list_tenants_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/list_tenants_urlbuilder.go b/operatorapi/operations/operator_api/list_tenants_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/list_tenants_urlbuilder.go rename to operatorapi/operations/operator_api/list_tenants_urlbuilder.go index 6fa67974a..d9ff48cd8 100644 --- a/restapi/operations/admin_api/list_tenants_urlbuilder.go +++ b/operatorapi/operations/operator_api/list_tenants_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/restapi/operations/admin_api/put_tenant_y_a_m_l.go b/operatorapi/operations/operator_api/put_tenant_y_a_m_l.go similarity index 97% rename from restapi/operations/admin_api/put_tenant_y_a_m_l.go rename to operatorapi/operations/operator_api/put_tenant_y_a_m_l.go index eb47f9670..893b35644 100644 --- a/restapi/operations/admin_api/put_tenant_y_a_m_l.go +++ b/operatorapi/operations/operator_api/put_tenant_y_a_m_l.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewPutTenantYAML(ctx *middleware.Context, handler PutTenantYAMLHandler) *Pu return &PutTenantYAML{Context: ctx, Handler: handler} } -/* PutTenantYAML swagger:route PUT /namespaces/{namespace}/tenants/{tenant}/yaml AdminAPI putTenantYAML +/* PutTenantYAML swagger:route PUT /namespaces/{namespace}/tenants/{tenant}/yaml OperatorAPI putTenantYAML Put the Tenant YAML diff --git a/restapi/operations/admin_api/put_tenant_y_a_m_l_parameters.go b/operatorapi/operations/operator_api/put_tenant_y_a_m_l_parameters.go similarity index 99% rename from restapi/operations/admin_api/put_tenant_y_a_m_l_parameters.go rename to operatorapi/operations/operator_api/put_tenant_y_a_m_l_parameters.go index 37d13180f..0bde7ac29 100644 --- a/restapi/operations/admin_api/put_tenant_y_a_m_l_parameters.go +++ b/operatorapi/operations/operator_api/put_tenant_y_a_m_l_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/put_tenant_y_a_m_l_responses.go b/operatorapi/operations/operator_api/put_tenant_y_a_m_l_responses.go similarity index 99% rename from restapi/operations/admin_api/put_tenant_y_a_m_l_responses.go rename to operatorapi/operations/operator_api/put_tenant_y_a_m_l_responses.go index 2e97e8711..0f23645c1 100644 --- a/restapi/operations/admin_api/put_tenant_y_a_m_l_responses.go +++ b/operatorapi/operations/operator_api/put_tenant_y_a_m_l_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/put_tenant_y_a_m_l_urlbuilder.go b/operatorapi/operations/operator_api/put_tenant_y_a_m_l_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/put_tenant_y_a_m_l_urlbuilder.go rename to operatorapi/operations/operator_api/put_tenant_y_a_m_l_urlbuilder.go index 72787f539..97c45e5be 100644 --- a/restapi/operations/admin_api/put_tenant_y_a_m_l_urlbuilder.go +++ b/operatorapi/operations/operator_api/put_tenant_y_a_m_l_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/restapi/operations/admin_api/subscription_activate.go b/operatorapi/operations/operator_api/subscription_activate.go similarity index 96% rename from restapi/operations/admin_api/subscription_activate.go rename to operatorapi/operations/operator_api/subscription_activate.go index 7e6e36fd2..dd9afa948 100644 --- a/restapi/operations/admin_api/subscription_activate.go +++ b/operatorapi/operations/operator_api/subscription_activate.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewSubscriptionActivate(ctx *middleware.Context, handler SubscriptionActiva return &SubscriptionActivate{Context: ctx, Handler: handler} } -/* SubscriptionActivate swagger:route POST /subscription/namespaces/{namespace}/tenants/{tenant}/activate AdminAPI subscriptionActivate +/* SubscriptionActivate swagger:route POST /subscription/namespaces/{namespace}/tenants/{tenant}/activate OperatorAPI subscriptionActivate Activate a particular tenant using the existing subscription license diff --git a/restapi/operations/admin_api/subscription_activate_parameters.go b/operatorapi/operations/operator_api/subscription_activate_parameters.go similarity index 99% rename from restapi/operations/admin_api/subscription_activate_parameters.go rename to operatorapi/operations/operator_api/subscription_activate_parameters.go index cacd72512..03df42e15 100644 --- a/restapi/operations/admin_api/subscription_activate_parameters.go +++ b/operatorapi/operations/operator_api/subscription_activate_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/subscription_activate_responses.go b/operatorapi/operations/operator_api/subscription_activate_responses.go similarity index 99% rename from restapi/operations/admin_api/subscription_activate_responses.go rename to operatorapi/operations/operator_api/subscription_activate_responses.go index 4dfcb3ce7..e9d955d2c 100644 --- a/restapi/operations/admin_api/subscription_activate_responses.go +++ b/operatorapi/operations/operator_api/subscription_activate_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/subscription_activate_urlbuilder.go b/operatorapi/operations/operator_api/subscription_activate_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/subscription_activate_urlbuilder.go rename to operatorapi/operations/operator_api/subscription_activate_urlbuilder.go index d3d23ba4f..bb7253cc5 100644 --- a/restapi/operations/admin_api/subscription_activate_urlbuilder.go +++ b/operatorapi/operations/operator_api/subscription_activate_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/operatorapi/operations/operator_api/subscription_info.go b/operatorapi/operations/operator_api/subscription_info.go new file mode 100644 index 000000000..fa2de126e --- /dev/null +++ b/operatorapi/operations/operator_api/subscription_info.go @@ -0,0 +1,88 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package operator_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the generate command + +import ( + "net/http" + + "github.com/go-openapi/runtime/middleware" + + "github.com/minio/console/models" +) + +// SubscriptionInfoHandlerFunc turns a function with the right signature into a subscription info handler +type SubscriptionInfoHandlerFunc func(SubscriptionInfoParams, *models.Principal) middleware.Responder + +// Handle executing the request and returning a response +func (fn SubscriptionInfoHandlerFunc) Handle(params SubscriptionInfoParams, principal *models.Principal) middleware.Responder { + return fn(params, principal) +} + +// SubscriptionInfoHandler interface for that can handle valid subscription info params +type SubscriptionInfoHandler interface { + Handle(SubscriptionInfoParams, *models.Principal) middleware.Responder +} + +// NewSubscriptionInfo creates a new http.Handler for the subscription info operation +func NewSubscriptionInfo(ctx *middleware.Context, handler SubscriptionInfoHandler) *SubscriptionInfo { + return &SubscriptionInfo{Context: ctx, Handler: handler} +} + +/* SubscriptionInfo swagger:route GET /subscription/info OperatorAPI subscriptionInfo + +Subscription info + +*/ +type SubscriptionInfo struct { + Context *middleware.Context + Handler SubscriptionInfoHandler +} + +func (o *SubscriptionInfo) ServeHTTP(rw http.ResponseWriter, r *http.Request) { + route, rCtx, _ := o.Context.RouteInfo(r) + if rCtx != nil { + *r = *rCtx + } + var Params = NewSubscriptionInfoParams() + uprinc, aCtx, err := o.Context.Authorize(r, route) + if err != nil { + o.Context.Respond(rw, r, route.Produces, route, err) + return + } + if aCtx != nil { + *r = *aCtx + } + var principal *models.Principal + if uprinc != nil { + principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise + } + + if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params + o.Context.Respond(rw, r, route.Produces, route, err) + return + } + + res := o.Handler.Handle(Params, principal) // actually handle the request + o.Context.Respond(rw, r, route.Produces, route, res) + +} diff --git a/operatorapi/operations/operator_api/subscription_info_parameters.go b/operatorapi/operations/operator_api/subscription_info_parameters.go new file mode 100644 index 000000000..7d5ce7095 --- /dev/null +++ b/operatorapi/operations/operator_api/subscription_info_parameters.go @@ -0,0 +1,63 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package operator_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "net/http" + + "github.com/go-openapi/errors" + "github.com/go-openapi/runtime/middleware" +) + +// NewSubscriptionInfoParams creates a new SubscriptionInfoParams object +// +// There are no default values defined in the spec. +func NewSubscriptionInfoParams() SubscriptionInfoParams { + + return SubscriptionInfoParams{} +} + +// SubscriptionInfoParams contains all the bound params for the subscription info operation +// typically these are obtained from a http.Request +// +// swagger:parameters SubscriptionInfo +type SubscriptionInfoParams struct { + + // HTTP Request Object + HTTPRequest *http.Request `json:"-"` +} + +// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface +// for simple values it will use straight method calls. +// +// To ensure default values, the struct must have been initialized with NewSubscriptionInfoParams() beforehand. +func (o *SubscriptionInfoParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error { + var res []error + + o.HTTPRequest = r + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} diff --git a/operatorapi/operations/operator_api/subscription_info_responses.go b/operatorapi/operations/operator_api/subscription_info_responses.go new file mode 100644 index 000000000..c6aa98d19 --- /dev/null +++ b/operatorapi/operations/operator_api/subscription_info_responses.go @@ -0,0 +1,133 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package operator_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "net/http" + + "github.com/go-openapi/runtime" + + "github.com/minio/console/models" +) + +// SubscriptionInfoOKCode is the HTTP code returned for type SubscriptionInfoOK +const SubscriptionInfoOKCode int = 200 + +/*SubscriptionInfoOK A successful response. + +swagger:response subscriptionInfoOK +*/ +type SubscriptionInfoOK struct { + + /* + In: Body + */ + Payload *models.License `json:"body,omitempty"` +} + +// NewSubscriptionInfoOK creates SubscriptionInfoOK with default headers values +func NewSubscriptionInfoOK() *SubscriptionInfoOK { + + return &SubscriptionInfoOK{} +} + +// WithPayload adds the payload to the subscription info o k response +func (o *SubscriptionInfoOK) WithPayload(payload *models.License) *SubscriptionInfoOK { + o.Payload = payload + return o +} + +// SetPayload sets the payload to the subscription info o k response +func (o *SubscriptionInfoOK) SetPayload(payload *models.License) { + o.Payload = payload +} + +// WriteResponse to the client +func (o *SubscriptionInfoOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) { + + rw.WriteHeader(200) + if o.Payload != nil { + payload := o.Payload + if err := producer.Produce(rw, payload); err != nil { + panic(err) // let the recovery middleware deal with this + } + } +} + +/*SubscriptionInfoDefault Generic error response. + +swagger:response subscriptionInfoDefault +*/ +type SubscriptionInfoDefault struct { + _statusCode int + + /* + In: Body + */ + Payload *models.Error `json:"body,omitempty"` +} + +// NewSubscriptionInfoDefault creates SubscriptionInfoDefault with default headers values +func NewSubscriptionInfoDefault(code int) *SubscriptionInfoDefault { + if code <= 0 { + code = 500 + } + + return &SubscriptionInfoDefault{ + _statusCode: code, + } +} + +// WithStatusCode adds the status to the subscription info default response +func (o *SubscriptionInfoDefault) WithStatusCode(code int) *SubscriptionInfoDefault { + o._statusCode = code + return o +} + +// SetStatusCode sets the status to the subscription info default response +func (o *SubscriptionInfoDefault) SetStatusCode(code int) { + o._statusCode = code +} + +// WithPayload adds the payload to the subscription info default response +func (o *SubscriptionInfoDefault) WithPayload(payload *models.Error) *SubscriptionInfoDefault { + o.Payload = payload + return o +} + +// SetPayload sets the payload to the subscription info default response +func (o *SubscriptionInfoDefault) SetPayload(payload *models.Error) { + o.Payload = payload +} + +// WriteResponse to the client +func (o *SubscriptionInfoDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) { + + rw.WriteHeader(o._statusCode) + if o.Payload != nil { + payload := o.Payload + if err := producer.Produce(rw, payload); err != nil { + panic(err) // let the recovery middleware deal with this + } + } +} diff --git a/operatorapi/operations/operator_api/subscription_info_urlbuilder.go b/operatorapi/operations/operator_api/subscription_info_urlbuilder.go new file mode 100644 index 000000000..9e6e421ad --- /dev/null +++ b/operatorapi/operations/operator_api/subscription_info_urlbuilder.go @@ -0,0 +1,104 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package operator_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the generate command + +import ( + "errors" + "net/url" + golangswaggerpaths "path" +) + +// SubscriptionInfoURL generates an URL for the subscription info operation +type SubscriptionInfoURL struct { + _basePath string +} + +// WithBasePath sets the base path for this url builder, only required when it's different from the +// base path specified in the swagger spec. +// When the value of the base path is an empty string +func (o *SubscriptionInfoURL) WithBasePath(bp string) *SubscriptionInfoURL { + o.SetBasePath(bp) + return o +} + +// SetBasePath sets the base path for this url builder, only required when it's different from the +// base path specified in the swagger spec. +// When the value of the base path is an empty string +func (o *SubscriptionInfoURL) SetBasePath(bp string) { + o._basePath = bp +} + +// Build a url path and query string +func (o *SubscriptionInfoURL) Build() (*url.URL, error) { + var _result url.URL + + var _path = "/subscription/info" + + _basePath := o._basePath + if _basePath == "" { + _basePath = "/api/v1" + } + _result.Path = golangswaggerpaths.Join(_basePath, _path) + + return &_result, nil +} + +// Must is a helper function to panic when the url builder returns an error +func (o *SubscriptionInfoURL) Must(u *url.URL, err error) *url.URL { + if err != nil { + panic(err) + } + if u == nil { + panic("url can't be nil") + } + return u +} + +// String returns the string representation of the path with query string +func (o *SubscriptionInfoURL) String() string { + return o.Must(o.Build()).String() +} + +// BuildFull builds a full url with scheme, host, path and query string +func (o *SubscriptionInfoURL) BuildFull(scheme, host string) (*url.URL, error) { + if scheme == "" { + return nil, errors.New("scheme is required for a full url on SubscriptionInfoURL") + } + if host == "" { + return nil, errors.New("host is required for a full url on SubscriptionInfoURL") + } + + base, err := o.Build() + if err != nil { + return nil, err + } + + base.Scheme = scheme + base.Host = host + return base, nil +} + +// StringFull returns the string representation of a complete url +func (o *SubscriptionInfoURL) StringFull(scheme, host string) string { + return o.Must(o.BuildFull(scheme, host)).String() +} diff --git a/restapi/operations/admin_api/tenant_widget_details.go b/operatorapi/operations/operator_api/subscription_refresh.go similarity index 62% rename from restapi/operations/admin_api/tenant_widget_details.go rename to operatorapi/operations/operator_api/subscription_refresh.go index 75f1a8ca4..81cd525ae 100644 --- a/restapi/operations/admin_api/tenant_widget_details.go +++ b/operatorapi/operations/operator_api/subscription_refresh.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -30,40 +30,40 @@ import ( "github.com/minio/console/models" ) -// TenantWidgetDetailsHandlerFunc turns a function with the right signature into a tenant widget details handler -type TenantWidgetDetailsHandlerFunc func(TenantWidgetDetailsParams, *models.Principal) middleware.Responder +// SubscriptionRefreshHandlerFunc turns a function with the right signature into a subscription refresh handler +type SubscriptionRefreshHandlerFunc func(SubscriptionRefreshParams, *models.Principal) middleware.Responder // Handle executing the request and returning a response -func (fn TenantWidgetDetailsHandlerFunc) Handle(params TenantWidgetDetailsParams, principal *models.Principal) middleware.Responder { +func (fn SubscriptionRefreshHandlerFunc) Handle(params SubscriptionRefreshParams, principal *models.Principal) middleware.Responder { return fn(params, principal) } -// TenantWidgetDetailsHandler interface for that can handle valid tenant widget details params -type TenantWidgetDetailsHandler interface { - Handle(TenantWidgetDetailsParams, *models.Principal) middleware.Responder +// SubscriptionRefreshHandler interface for that can handle valid subscription refresh params +type SubscriptionRefreshHandler interface { + Handle(SubscriptionRefreshParams, *models.Principal) middleware.Responder } -// NewTenantWidgetDetails creates a new http.Handler for the tenant widget details operation -func NewTenantWidgetDetails(ctx *middleware.Context, handler TenantWidgetDetailsHandler) *TenantWidgetDetails { - return &TenantWidgetDetails{Context: ctx, Handler: handler} +// NewSubscriptionRefresh creates a new http.Handler for the subscription refresh operation +func NewSubscriptionRefresh(ctx *middleware.Context, handler SubscriptionRefreshHandler) *SubscriptionRefresh { + return &SubscriptionRefresh{Context: ctx, Handler: handler} } -/* TenantWidgetDetails swagger:route GET /namespaces/{namespace}/tenants/{tenant}/info/widgets/{widgetId} AdminAPI tenantWidgetDetails +/* SubscriptionRefresh swagger:route POST /subscription/refresh OperatorAPI subscriptionRefresh -Returns information about a tenant deployment +Refresh existing subscription license */ -type TenantWidgetDetails struct { +type SubscriptionRefresh struct { Context *middleware.Context - Handler TenantWidgetDetailsHandler + Handler SubscriptionRefreshHandler } -func (o *TenantWidgetDetails) ServeHTTP(rw http.ResponseWriter, r *http.Request) { +func (o *SubscriptionRefresh) ServeHTTP(rw http.ResponseWriter, r *http.Request) { route, rCtx, _ := o.Context.RouteInfo(r) if rCtx != nil { *r = *rCtx } - var Params = NewTenantWidgetDetailsParams() + var Params = NewSubscriptionRefreshParams() uprinc, aCtx, err := o.Context.Authorize(r, route) if err != nil { o.Context.Respond(rw, r, route.Produces, route, err) diff --git a/operatorapi/operations/operator_api/subscription_refresh_parameters.go b/operatorapi/operations/operator_api/subscription_refresh_parameters.go new file mode 100644 index 000000000..4355d7d97 --- /dev/null +++ b/operatorapi/operations/operator_api/subscription_refresh_parameters.go @@ -0,0 +1,63 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package operator_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "net/http" + + "github.com/go-openapi/errors" + "github.com/go-openapi/runtime/middleware" +) + +// NewSubscriptionRefreshParams creates a new SubscriptionRefreshParams object +// +// There are no default values defined in the spec. +func NewSubscriptionRefreshParams() SubscriptionRefreshParams { + + return SubscriptionRefreshParams{} +} + +// SubscriptionRefreshParams contains all the bound params for the subscription refresh operation +// typically these are obtained from a http.Request +// +// swagger:parameters SubscriptionRefresh +type SubscriptionRefreshParams struct { + + // HTTP Request Object + HTTPRequest *http.Request `json:"-"` +} + +// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface +// for simple values it will use straight method calls. +// +// To ensure default values, the struct must have been initialized with NewSubscriptionRefreshParams() beforehand. +func (o *SubscriptionRefreshParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error { + var res []error + + o.HTTPRequest = r + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} diff --git a/restapi/operations/admin_api/tenant_widget_details_responses.go b/operatorapi/operations/operator_api/subscription_refresh_responses.go similarity index 52% rename from restapi/operations/admin_api/tenant_widget_details_responses.go rename to operatorapi/operations/operator_api/subscription_refresh_responses.go index c6f9d5f0f..e815814a2 100644 --- a/restapi/operations/admin_api/tenant_widget_details_responses.go +++ b/operatorapi/operations/operator_api/subscription_refresh_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command @@ -30,40 +30,40 @@ import ( "github.com/minio/console/models" ) -// TenantWidgetDetailsOKCode is the HTTP code returned for type TenantWidgetDetailsOK -const TenantWidgetDetailsOKCode int = 200 +// SubscriptionRefreshOKCode is the HTTP code returned for type SubscriptionRefreshOK +const SubscriptionRefreshOKCode int = 200 -/*TenantWidgetDetailsOK A successful response. +/*SubscriptionRefreshOK A successful response. -swagger:response tenantWidgetDetailsOK +swagger:response subscriptionRefreshOK */ -type TenantWidgetDetailsOK struct { +type SubscriptionRefreshOK struct { /* In: Body */ - Payload *models.WidgetDetails `json:"body,omitempty"` + Payload *models.License `json:"body,omitempty"` } -// NewTenantWidgetDetailsOK creates TenantWidgetDetailsOK with default headers values -func NewTenantWidgetDetailsOK() *TenantWidgetDetailsOK { +// NewSubscriptionRefreshOK creates SubscriptionRefreshOK with default headers values +func NewSubscriptionRefreshOK() *SubscriptionRefreshOK { - return &TenantWidgetDetailsOK{} + return &SubscriptionRefreshOK{} } -// WithPayload adds the payload to the tenant widget details o k response -func (o *TenantWidgetDetailsOK) WithPayload(payload *models.WidgetDetails) *TenantWidgetDetailsOK { +// WithPayload adds the payload to the subscription refresh o k response +func (o *SubscriptionRefreshOK) WithPayload(payload *models.License) *SubscriptionRefreshOK { o.Payload = payload return o } -// SetPayload sets the payload to the tenant widget details o k response -func (o *TenantWidgetDetailsOK) SetPayload(payload *models.WidgetDetails) { +// SetPayload sets the payload to the subscription refresh o k response +func (o *SubscriptionRefreshOK) SetPayload(payload *models.License) { o.Payload = payload } // WriteResponse to the client -func (o *TenantWidgetDetailsOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) { +func (o *SubscriptionRefreshOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) { rw.WriteHeader(200) if o.Payload != nil { @@ -74,11 +74,11 @@ func (o *TenantWidgetDetailsOK) WriteResponse(rw http.ResponseWriter, producer r } } -/*TenantWidgetDetailsDefault Generic error response. +/*SubscriptionRefreshDefault Generic error response. -swagger:response tenantWidgetDetailsDefault +swagger:response subscriptionRefreshDefault */ -type TenantWidgetDetailsDefault struct { +type SubscriptionRefreshDefault struct { _statusCode int /* @@ -87,41 +87,41 @@ type TenantWidgetDetailsDefault struct { Payload *models.Error `json:"body,omitempty"` } -// NewTenantWidgetDetailsDefault creates TenantWidgetDetailsDefault with default headers values -func NewTenantWidgetDetailsDefault(code int) *TenantWidgetDetailsDefault { +// NewSubscriptionRefreshDefault creates SubscriptionRefreshDefault with default headers values +func NewSubscriptionRefreshDefault(code int) *SubscriptionRefreshDefault { if code <= 0 { code = 500 } - return &TenantWidgetDetailsDefault{ + return &SubscriptionRefreshDefault{ _statusCode: code, } } -// WithStatusCode adds the status to the tenant widget details default response -func (o *TenantWidgetDetailsDefault) WithStatusCode(code int) *TenantWidgetDetailsDefault { +// WithStatusCode adds the status to the subscription refresh default response +func (o *SubscriptionRefreshDefault) WithStatusCode(code int) *SubscriptionRefreshDefault { o._statusCode = code return o } -// SetStatusCode sets the status to the tenant widget details default response -func (o *TenantWidgetDetailsDefault) SetStatusCode(code int) { +// SetStatusCode sets the status to the subscription refresh default response +func (o *SubscriptionRefreshDefault) SetStatusCode(code int) { o._statusCode = code } -// WithPayload adds the payload to the tenant widget details default response -func (o *TenantWidgetDetailsDefault) WithPayload(payload *models.Error) *TenantWidgetDetailsDefault { +// WithPayload adds the payload to the subscription refresh default response +func (o *SubscriptionRefreshDefault) WithPayload(payload *models.Error) *SubscriptionRefreshDefault { o.Payload = payload return o } -// SetPayload sets the payload to the tenant widget details default response -func (o *TenantWidgetDetailsDefault) SetPayload(payload *models.Error) { +// SetPayload sets the payload to the subscription refresh default response +func (o *SubscriptionRefreshDefault) SetPayload(payload *models.Error) { o.Payload = payload } // WriteResponse to the client -func (o *TenantWidgetDetailsDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) { +func (o *SubscriptionRefreshDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) { rw.WriteHeader(o._statusCode) if o.Payload != nil { diff --git a/restapi/operations/admin_api/tenant_widget_details_urlbuilder.go b/operatorapi/operations/operator_api/subscription_refresh_urlbuilder.go similarity index 53% rename from restapi/operations/admin_api/tenant_widget_details_urlbuilder.go rename to operatorapi/operations/operator_api/subscription_refresh_urlbuilder.go index 5f322664f..ee8272a8c 100644 --- a/restapi/operations/admin_api/tenant_widget_details_urlbuilder.go +++ b/operatorapi/operations/operator_api/subscription_refresh_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -26,30 +26,17 @@ import ( "errors" "net/url" golangswaggerpaths "path" - "strings" - - "github.com/go-openapi/swag" ) -// TenantWidgetDetailsURL generates an URL for the tenant widget details operation -type TenantWidgetDetailsURL struct { - Namespace string - Tenant string - WidgetID int32 - - End *int64 - Start *int64 - Step *int32 - +// SubscriptionRefreshURL generates an URL for the subscription refresh operation +type SubscriptionRefreshURL struct { _basePath string - // avoid unkeyed usage - _ struct{} } // WithBasePath sets the base path for this url builder, only required when it's different from the // base path specified in the swagger spec. // When the value of the base path is an empty string -func (o *TenantWidgetDetailsURL) WithBasePath(bp string) *TenantWidgetDetailsURL { +func (o *SubscriptionRefreshURL) WithBasePath(bp string) *SubscriptionRefreshURL { o.SetBasePath(bp) return o } @@ -57,36 +44,15 @@ func (o *TenantWidgetDetailsURL) WithBasePath(bp string) *TenantWidgetDetailsURL // SetBasePath sets the base path for this url builder, only required when it's different from the // base path specified in the swagger spec. // When the value of the base path is an empty string -func (o *TenantWidgetDetailsURL) SetBasePath(bp string) { +func (o *SubscriptionRefreshURL) SetBasePath(bp string) { o._basePath = bp } // Build a url path and query string -func (o *TenantWidgetDetailsURL) Build() (*url.URL, error) { +func (o *SubscriptionRefreshURL) Build() (*url.URL, error) { var _result url.URL - var _path = "/namespaces/{namespace}/tenants/{tenant}/info/widgets/{widgetId}" - - namespace := o.Namespace - if namespace != "" { - _path = strings.Replace(_path, "{namespace}", namespace, -1) - } else { - return nil, errors.New("namespace is required on TenantWidgetDetailsURL") - } - - tenant := o.Tenant - if tenant != "" { - _path = strings.Replace(_path, "{tenant}", tenant, -1) - } else { - return nil, errors.New("tenant is required on TenantWidgetDetailsURL") - } - - widgetID := swag.FormatInt32(o.WidgetID) - if widgetID != "" { - _path = strings.Replace(_path, "{widgetId}", widgetID, -1) - } else { - return nil, errors.New("widgetId is required on TenantWidgetDetailsURL") - } + var _path = "/subscription/refresh" _basePath := o._basePath if _basePath == "" { @@ -94,39 +60,11 @@ func (o *TenantWidgetDetailsURL) Build() (*url.URL, error) { } _result.Path = golangswaggerpaths.Join(_basePath, _path) - qs := make(url.Values) - - var endQ string - if o.End != nil { - endQ = swag.FormatInt64(*o.End) - } - if endQ != "" { - qs.Set("end", endQ) - } - - var startQ string - if o.Start != nil { - startQ = swag.FormatInt64(*o.Start) - } - if startQ != "" { - qs.Set("start", startQ) - } - - var stepQ string - if o.Step != nil { - stepQ = swag.FormatInt32(*o.Step) - } - if stepQ != "" { - qs.Set("step", stepQ) - } - - _result.RawQuery = qs.Encode() - return &_result, nil } // Must is a helper function to panic when the url builder returns an error -func (o *TenantWidgetDetailsURL) Must(u *url.URL, err error) *url.URL { +func (o *SubscriptionRefreshURL) Must(u *url.URL, err error) *url.URL { if err != nil { panic(err) } @@ -137,17 +75,17 @@ func (o *TenantWidgetDetailsURL) Must(u *url.URL, err error) *url.URL { } // String returns the string representation of the path with query string -func (o *TenantWidgetDetailsURL) String() string { +func (o *SubscriptionRefreshURL) String() string { return o.Must(o.Build()).String() } // BuildFull builds a full url with scheme, host, path and query string -func (o *TenantWidgetDetailsURL) BuildFull(scheme, host string) (*url.URL, error) { +func (o *SubscriptionRefreshURL) BuildFull(scheme, host string) (*url.URL, error) { if scheme == "" { - return nil, errors.New("scheme is required for a full url on TenantWidgetDetailsURL") + return nil, errors.New("scheme is required for a full url on SubscriptionRefreshURL") } if host == "" { - return nil, errors.New("host is required for a full url on TenantWidgetDetailsURL") + return nil, errors.New("host is required for a full url on SubscriptionRefreshURL") } base, err := o.Build() @@ -161,6 +99,6 @@ func (o *TenantWidgetDetailsURL) BuildFull(scheme, host string) (*url.URL, error } // StringFull returns the string representation of a complete url -func (o *TenantWidgetDetailsURL) StringFull(scheme, host string) string { +func (o *SubscriptionRefreshURL) StringFull(scheme, host string) string { return o.Must(o.BuildFull(scheme, host)).String() } diff --git a/operatorapi/operations/operator_api/subscription_validate.go b/operatorapi/operations/operator_api/subscription_validate.go new file mode 100644 index 000000000..b148a8ee4 --- /dev/null +++ b/operatorapi/operations/operator_api/subscription_validate.go @@ -0,0 +1,88 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package operator_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the generate command + +import ( + "net/http" + + "github.com/go-openapi/runtime/middleware" + + "github.com/minio/console/models" +) + +// SubscriptionValidateHandlerFunc turns a function with the right signature into a subscription validate handler +type SubscriptionValidateHandlerFunc func(SubscriptionValidateParams, *models.Principal) middleware.Responder + +// Handle executing the request and returning a response +func (fn SubscriptionValidateHandlerFunc) Handle(params SubscriptionValidateParams, principal *models.Principal) middleware.Responder { + return fn(params, principal) +} + +// SubscriptionValidateHandler interface for that can handle valid subscription validate params +type SubscriptionValidateHandler interface { + Handle(SubscriptionValidateParams, *models.Principal) middleware.Responder +} + +// NewSubscriptionValidate creates a new http.Handler for the subscription validate operation +func NewSubscriptionValidate(ctx *middleware.Context, handler SubscriptionValidateHandler) *SubscriptionValidate { + return &SubscriptionValidate{Context: ctx, Handler: handler} +} + +/* SubscriptionValidate swagger:route POST /subscription/validate OperatorAPI subscriptionValidate + +Validates subscription license + +*/ +type SubscriptionValidate struct { + Context *middleware.Context + Handler SubscriptionValidateHandler +} + +func (o *SubscriptionValidate) ServeHTTP(rw http.ResponseWriter, r *http.Request) { + route, rCtx, _ := o.Context.RouteInfo(r) + if rCtx != nil { + *r = *rCtx + } + var Params = NewSubscriptionValidateParams() + uprinc, aCtx, err := o.Context.Authorize(r, route) + if err != nil { + o.Context.Respond(rw, r, route.Produces, route, err) + return + } + if aCtx != nil { + *r = *aCtx + } + var principal *models.Principal + if uprinc != nil { + principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise + } + + if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params + o.Context.Respond(rw, r, route.Produces, route, err) + return + } + + res := o.Handler.Handle(Params, principal) // actually handle the request + o.Context.Respond(rw, r, route.Produces, route, res) + +} diff --git a/restapi/operations/admin_api/tenant_info_parameters.go b/operatorapi/operations/operator_api/subscription_validate_parameters.go similarity index 50% rename from restapi/operations/admin_api/tenant_info_parameters.go rename to operatorapi/operations/operator_api/subscription_validate_parameters.go index c49d3c4af..1669bb0e6 100644 --- a/restapi/operations/admin_api/tenant_info_parameters.go +++ b/operatorapi/operations/operator_api/subscription_validate_parameters.go @@ -17,96 +17,86 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "io" "net/http" "github.com/go-openapi/errors" + "github.com/go-openapi/runtime" "github.com/go-openapi/runtime/middleware" - "github.com/go-openapi/strfmt" + "github.com/go-openapi/validate" + + "github.com/minio/console/models" ) -// NewTenantInfoParams creates a new TenantInfoParams object +// NewSubscriptionValidateParams creates a new SubscriptionValidateParams object // // There are no default values defined in the spec. -func NewTenantInfoParams() TenantInfoParams { +func NewSubscriptionValidateParams() SubscriptionValidateParams { - return TenantInfoParams{} + return SubscriptionValidateParams{} } -// TenantInfoParams contains all the bound params for the tenant info operation +// SubscriptionValidateParams contains all the bound params for the subscription validate operation // typically these are obtained from a http.Request // -// swagger:parameters TenantInfo -type TenantInfoParams struct { +// swagger:parameters SubscriptionValidate +type SubscriptionValidateParams struct { // HTTP Request Object HTTPRequest *http.Request `json:"-"` /* Required: true - In: path + In: body */ - Namespace string - /* - Required: true - In: path - */ - Tenant string + Body *models.SubscriptionValidateRequest } // BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface // for simple values it will use straight method calls. // -// To ensure default values, the struct must have been initialized with NewTenantInfoParams() beforehand. -func (o *TenantInfoParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error { +// To ensure default values, the struct must have been initialized with NewSubscriptionValidateParams() beforehand. +func (o *SubscriptionValidateParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error { var res []error o.HTTPRequest = r - rNamespace, rhkNamespace, _ := route.Params.GetOK("namespace") - if err := o.bindNamespace(rNamespace, rhkNamespace, route.Formats); err != nil { - res = append(res, err) - } + if runtime.HasBody(r) { + defer r.Body.Close() + var body models.SubscriptionValidateRequest + if err := route.Consumer.Consume(r.Body, &body); err != nil { + if err == io.EOF { + res = append(res, errors.Required("body", "body", "")) + } else { + res = append(res, errors.NewParseError("body", "body", "", err)) + } + } else { + // validate body object + if err := body.Validate(route.Formats); err != nil { + res = append(res, err) + } - rTenant, rhkTenant, _ := route.Params.GetOK("tenant") - if err := o.bindTenant(rTenant, rhkTenant, route.Formats); err != nil { - res = append(res, err) + ctx := validate.WithOperationRequest(context.Background()) + if err := body.ContextValidate(ctx, route.Formats); err != nil { + res = append(res, err) + } + + if len(res) == 0 { + o.Body = &body + } + } + } else { + res = append(res, errors.Required("body", "body", "")) } if len(res) > 0 { return errors.CompositeValidationError(res...) } return nil } - -// bindNamespace binds and validates parameter Namespace from path. -func (o *TenantInfoParams) bindNamespace(rawData []string, hasKey bool, formats strfmt.Registry) error { - var raw string - if len(rawData) > 0 { - raw = rawData[len(rawData)-1] - } - - // Required: true - // Parameter is provided by construction from the route - o.Namespace = raw - - return nil -} - -// bindTenant binds and validates parameter Tenant from path. -func (o *TenantInfoParams) bindTenant(rawData []string, hasKey bool, formats strfmt.Registry) error { - var raw string - if len(rawData) > 0 { - raw = rawData[len(rawData)-1] - } - - // Required: true - // Parameter is provided by construction from the route - o.Tenant = raw - - return nil -} diff --git a/operatorapi/operations/operator_api/subscription_validate_responses.go b/operatorapi/operations/operator_api/subscription_validate_responses.go new file mode 100644 index 000000000..e17fb1200 --- /dev/null +++ b/operatorapi/operations/operator_api/subscription_validate_responses.go @@ -0,0 +1,133 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package operator_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "net/http" + + "github.com/go-openapi/runtime" + + "github.com/minio/console/models" +) + +// SubscriptionValidateOKCode is the HTTP code returned for type SubscriptionValidateOK +const SubscriptionValidateOKCode int = 200 + +/*SubscriptionValidateOK A successful response. + +swagger:response subscriptionValidateOK +*/ +type SubscriptionValidateOK struct { + + /* + In: Body + */ + Payload *models.License `json:"body,omitempty"` +} + +// NewSubscriptionValidateOK creates SubscriptionValidateOK with default headers values +func NewSubscriptionValidateOK() *SubscriptionValidateOK { + + return &SubscriptionValidateOK{} +} + +// WithPayload adds the payload to the subscription validate o k response +func (o *SubscriptionValidateOK) WithPayload(payload *models.License) *SubscriptionValidateOK { + o.Payload = payload + return o +} + +// SetPayload sets the payload to the subscription validate o k response +func (o *SubscriptionValidateOK) SetPayload(payload *models.License) { + o.Payload = payload +} + +// WriteResponse to the client +func (o *SubscriptionValidateOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) { + + rw.WriteHeader(200) + if o.Payload != nil { + payload := o.Payload + if err := producer.Produce(rw, payload); err != nil { + panic(err) // let the recovery middleware deal with this + } + } +} + +/*SubscriptionValidateDefault Generic error response. + +swagger:response subscriptionValidateDefault +*/ +type SubscriptionValidateDefault struct { + _statusCode int + + /* + In: Body + */ + Payload *models.Error `json:"body,omitempty"` +} + +// NewSubscriptionValidateDefault creates SubscriptionValidateDefault with default headers values +func NewSubscriptionValidateDefault(code int) *SubscriptionValidateDefault { + if code <= 0 { + code = 500 + } + + return &SubscriptionValidateDefault{ + _statusCode: code, + } +} + +// WithStatusCode adds the status to the subscription validate default response +func (o *SubscriptionValidateDefault) WithStatusCode(code int) *SubscriptionValidateDefault { + o._statusCode = code + return o +} + +// SetStatusCode sets the status to the subscription validate default response +func (o *SubscriptionValidateDefault) SetStatusCode(code int) { + o._statusCode = code +} + +// WithPayload adds the payload to the subscription validate default response +func (o *SubscriptionValidateDefault) WithPayload(payload *models.Error) *SubscriptionValidateDefault { + o.Payload = payload + return o +} + +// SetPayload sets the payload to the subscription validate default response +func (o *SubscriptionValidateDefault) SetPayload(payload *models.Error) { + o.Payload = payload +} + +// WriteResponse to the client +func (o *SubscriptionValidateDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) { + + rw.WriteHeader(o._statusCode) + if o.Payload != nil { + payload := o.Payload + if err := producer.Produce(rw, payload); err != nil { + panic(err) // let the recovery middleware deal with this + } + } +} diff --git a/operatorapi/operations/operator_api/subscription_validate_urlbuilder.go b/operatorapi/operations/operator_api/subscription_validate_urlbuilder.go new file mode 100644 index 000000000..57586e3f0 --- /dev/null +++ b/operatorapi/operations/operator_api/subscription_validate_urlbuilder.go @@ -0,0 +1,104 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package operator_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the generate command + +import ( + "errors" + "net/url" + golangswaggerpaths "path" +) + +// SubscriptionValidateURL generates an URL for the subscription validate operation +type SubscriptionValidateURL struct { + _basePath string +} + +// WithBasePath sets the base path for this url builder, only required when it's different from the +// base path specified in the swagger spec. +// When the value of the base path is an empty string +func (o *SubscriptionValidateURL) WithBasePath(bp string) *SubscriptionValidateURL { + o.SetBasePath(bp) + return o +} + +// SetBasePath sets the base path for this url builder, only required when it's different from the +// base path specified in the swagger spec. +// When the value of the base path is an empty string +func (o *SubscriptionValidateURL) SetBasePath(bp string) { + o._basePath = bp +} + +// Build a url path and query string +func (o *SubscriptionValidateURL) Build() (*url.URL, error) { + var _result url.URL + + var _path = "/subscription/validate" + + _basePath := o._basePath + if _basePath == "" { + _basePath = "/api/v1" + } + _result.Path = golangswaggerpaths.Join(_basePath, _path) + + return &_result, nil +} + +// Must is a helper function to panic when the url builder returns an error +func (o *SubscriptionValidateURL) Must(u *url.URL, err error) *url.URL { + if err != nil { + panic(err) + } + if u == nil { + panic("url can't be nil") + } + return u +} + +// String returns the string representation of the path with query string +func (o *SubscriptionValidateURL) String() string { + return o.Must(o.Build()).String() +} + +// BuildFull builds a full url with scheme, host, path and query string +func (o *SubscriptionValidateURL) BuildFull(scheme, host string) (*url.URL, error) { + if scheme == "" { + return nil, errors.New("scheme is required for a full url on SubscriptionValidateURL") + } + if host == "" { + return nil, errors.New("host is required for a full url on SubscriptionValidateURL") + } + + base, err := o.Build() + if err != nil { + return nil, err + } + + base.Scheme = scheme + base.Host = host + return base, nil +} + +// StringFull returns the string representation of a complete url +func (o *SubscriptionValidateURL) StringFull(scheme, host string) string { + return o.Must(o.BuildFull(scheme, host)).String() +} diff --git a/restapi/operations/admin_api/tenant_add_pool.go b/operatorapi/operations/operator_api/tenant_add_pool.go similarity index 97% rename from restapi/operations/admin_api/tenant_add_pool.go rename to operatorapi/operations/operator_api/tenant_add_pool.go index a5304a227..b0817205d 100644 --- a/restapi/operations/admin_api/tenant_add_pool.go +++ b/operatorapi/operations/operator_api/tenant_add_pool.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewTenantAddPool(ctx *middleware.Context, handler TenantAddPoolHandler) *Te return &TenantAddPool{Context: ctx, Handler: handler} } -/* TenantAddPool swagger:route POST /namespaces/{namespace}/tenants/{tenant}/pools AdminAPI tenantAddPool +/* TenantAddPool swagger:route POST /namespaces/{namespace}/tenants/{tenant}/pools OperatorAPI tenantAddPool Tenant Add Pool diff --git a/restapi/operations/admin_api/tenant_add_pool_parameters.go b/operatorapi/operations/operator_api/tenant_add_pool_parameters.go similarity index 99% rename from restapi/operations/admin_api/tenant_add_pool_parameters.go rename to operatorapi/operations/operator_api/tenant_add_pool_parameters.go index 7a0cc457c..26889907b 100644 --- a/restapi/operations/admin_api/tenant_add_pool_parameters.go +++ b/operatorapi/operations/operator_api/tenant_add_pool_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/tenant_add_pool_responses.go b/operatorapi/operations/operator_api/tenant_add_pool_responses.go similarity index 99% rename from restapi/operations/admin_api/tenant_add_pool_responses.go rename to operatorapi/operations/operator_api/tenant_add_pool_responses.go index 4e0a765a7..2b8f68a04 100644 --- a/restapi/operations/admin_api/tenant_add_pool_responses.go +++ b/operatorapi/operations/operator_api/tenant_add_pool_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/tenant_add_pool_urlbuilder.go b/operatorapi/operations/operator_api/tenant_add_pool_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/tenant_add_pool_urlbuilder.go rename to operatorapi/operations/operator_api/tenant_add_pool_urlbuilder.go index b6aa0df43..a9fa34f02 100644 --- a/restapi/operations/admin_api/tenant_add_pool_urlbuilder.go +++ b/operatorapi/operations/operator_api/tenant_add_pool_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/restapi/operations/admin_api/tenant_details.go b/operatorapi/operations/operator_api/tenant_details.go similarity index 97% rename from restapi/operations/admin_api/tenant_details.go rename to operatorapi/operations/operator_api/tenant_details.go index 979ee5d80..ead84bb61 100644 --- a/restapi/operations/admin_api/tenant_details.go +++ b/operatorapi/operations/operator_api/tenant_details.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewTenantDetails(ctx *middleware.Context, handler TenantDetailsHandler) *Te return &TenantDetails{Context: ctx, Handler: handler} } -/* TenantDetails swagger:route GET /namespaces/{namespace}/tenants/{tenant} AdminAPI tenantDetails +/* TenantDetails swagger:route GET /namespaces/{namespace}/tenants/{tenant} OperatorAPI tenantDetails Tenant Details diff --git a/restapi/operations/admin_api/tenant_details_parameters.go b/operatorapi/operations/operator_api/tenant_details_parameters.go similarity index 99% rename from restapi/operations/admin_api/tenant_details_parameters.go rename to operatorapi/operations/operator_api/tenant_details_parameters.go index 67d97d460..276d9ad31 100644 --- a/restapi/operations/admin_api/tenant_details_parameters.go +++ b/operatorapi/operations/operator_api/tenant_details_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/tenant_details_responses.go b/operatorapi/operations/operator_api/tenant_details_responses.go similarity index 99% rename from restapi/operations/admin_api/tenant_details_responses.go rename to operatorapi/operations/operator_api/tenant_details_responses.go index bde73c4e7..4f9f1f5b5 100644 --- a/restapi/operations/admin_api/tenant_details_responses.go +++ b/operatorapi/operations/operator_api/tenant_details_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/tenant_details_urlbuilder.go b/operatorapi/operations/operator_api/tenant_details_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/tenant_details_urlbuilder.go rename to operatorapi/operations/operator_api/tenant_details_urlbuilder.go index f137096d1..9686af56b 100644 --- a/restapi/operations/admin_api/tenant_details_urlbuilder.go +++ b/operatorapi/operations/operator_api/tenant_details_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/restapi/operations/admin_api/tenant_security.go b/operatorapi/operations/operator_api/tenant_security.go similarity index 97% rename from restapi/operations/admin_api/tenant_security.go rename to operatorapi/operations/operator_api/tenant_security.go index dd9bd055c..d3d45cd17 100644 --- a/restapi/operations/admin_api/tenant_security.go +++ b/operatorapi/operations/operator_api/tenant_security.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewTenantSecurity(ctx *middleware.Context, handler TenantSecurityHandler) * return &TenantSecurity{Context: ctx, Handler: handler} } -/* TenantSecurity swagger:route GET /namespaces/{namespace}/tenants/{tenant}/security AdminAPI tenantSecurity +/* TenantSecurity swagger:route GET /namespaces/{namespace}/tenants/{tenant}/security OperatorAPI tenantSecurity Tenant Security diff --git a/restapi/operations/admin_api/tenant_security_parameters.go b/operatorapi/operations/operator_api/tenant_security_parameters.go similarity index 99% rename from restapi/operations/admin_api/tenant_security_parameters.go rename to operatorapi/operations/operator_api/tenant_security_parameters.go index 8d6b406f8..cbe712d34 100644 --- a/restapi/operations/admin_api/tenant_security_parameters.go +++ b/operatorapi/operations/operator_api/tenant_security_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/tenant_security_responses.go b/operatorapi/operations/operator_api/tenant_security_responses.go similarity index 99% rename from restapi/operations/admin_api/tenant_security_responses.go rename to operatorapi/operations/operator_api/tenant_security_responses.go index 0290002b6..7eed91ad3 100644 --- a/restapi/operations/admin_api/tenant_security_responses.go +++ b/operatorapi/operations/operator_api/tenant_security_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/tenant_security_urlbuilder.go b/operatorapi/operations/operator_api/tenant_security_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/tenant_security_urlbuilder.go rename to operatorapi/operations/operator_api/tenant_security_urlbuilder.go index 477c04a19..a984a649f 100644 --- a/restapi/operations/admin_api/tenant_security_urlbuilder.go +++ b/operatorapi/operations/operator_api/tenant_security_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/restapi/operations/admin_api/tenant_update_certificate.go b/operatorapi/operations/operator_api/tenant_update_certificate.go similarity index 97% rename from restapi/operations/admin_api/tenant_update_certificate.go rename to operatorapi/operations/operator_api/tenant_update_certificate.go index 080351c28..ba2372174 100644 --- a/restapi/operations/admin_api/tenant_update_certificate.go +++ b/operatorapi/operations/operator_api/tenant_update_certificate.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewTenantUpdateCertificate(ctx *middleware.Context, handler TenantUpdateCer return &TenantUpdateCertificate{Context: ctx, Handler: handler} } -/* TenantUpdateCertificate swagger:route PUT /namespaces/{namespace}/tenants/{tenant}/certificates AdminAPI tenantUpdateCertificate +/* TenantUpdateCertificate swagger:route PUT /namespaces/{namespace}/tenants/{tenant}/certificates OperatorAPI tenantUpdateCertificate Tenant Update Certificates diff --git a/restapi/operations/admin_api/tenant_update_certificate_parameters.go b/operatorapi/operations/operator_api/tenant_update_certificate_parameters.go similarity index 99% rename from restapi/operations/admin_api/tenant_update_certificate_parameters.go rename to operatorapi/operations/operator_api/tenant_update_certificate_parameters.go index d9f892e5d..8521c9d51 100644 --- a/restapi/operations/admin_api/tenant_update_certificate_parameters.go +++ b/operatorapi/operations/operator_api/tenant_update_certificate_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/tenant_update_certificate_responses.go b/operatorapi/operations/operator_api/tenant_update_certificate_responses.go similarity index 99% rename from restapi/operations/admin_api/tenant_update_certificate_responses.go rename to operatorapi/operations/operator_api/tenant_update_certificate_responses.go index 1913f7f95..079cf3d6f 100644 --- a/restapi/operations/admin_api/tenant_update_certificate_responses.go +++ b/operatorapi/operations/operator_api/tenant_update_certificate_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/tenant_update_certificate_urlbuilder.go b/operatorapi/operations/operator_api/tenant_update_certificate_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/tenant_update_certificate_urlbuilder.go rename to operatorapi/operations/operator_api/tenant_update_certificate_urlbuilder.go index 33adcbaf1..1b7802609 100644 --- a/restapi/operations/admin_api/tenant_update_certificate_urlbuilder.go +++ b/operatorapi/operations/operator_api/tenant_update_certificate_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/restapi/operations/admin_api/tenant_update_encryption.go b/operatorapi/operations/operator_api/tenant_update_encryption.go similarity index 97% rename from restapi/operations/admin_api/tenant_update_encryption.go rename to operatorapi/operations/operator_api/tenant_update_encryption.go index f823a136b..dd5beda08 100644 --- a/restapi/operations/admin_api/tenant_update_encryption.go +++ b/operatorapi/operations/operator_api/tenant_update_encryption.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewTenantUpdateEncryption(ctx *middleware.Context, handler TenantUpdateEncr return &TenantUpdateEncryption{Context: ctx, Handler: handler} } -/* TenantUpdateEncryption swagger:route PUT /namespaces/{namespace}/tenants/{tenant}/encryption AdminAPI tenantUpdateEncryption +/* TenantUpdateEncryption swagger:route PUT /namespaces/{namespace}/tenants/{tenant}/encryption OperatorAPI tenantUpdateEncryption Tenant Update Encryption diff --git a/restapi/operations/admin_api/tenant_update_encryption_parameters.go b/operatorapi/operations/operator_api/tenant_update_encryption_parameters.go similarity index 99% rename from restapi/operations/admin_api/tenant_update_encryption_parameters.go rename to operatorapi/operations/operator_api/tenant_update_encryption_parameters.go index 175e5c909..79178415c 100644 --- a/restapi/operations/admin_api/tenant_update_encryption_parameters.go +++ b/operatorapi/operations/operator_api/tenant_update_encryption_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/tenant_update_encryption_responses.go b/operatorapi/operations/operator_api/tenant_update_encryption_responses.go similarity index 99% rename from restapi/operations/admin_api/tenant_update_encryption_responses.go rename to operatorapi/operations/operator_api/tenant_update_encryption_responses.go index 6fe88c1b9..19404cc99 100644 --- a/restapi/operations/admin_api/tenant_update_encryption_responses.go +++ b/operatorapi/operations/operator_api/tenant_update_encryption_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/tenant_update_encryption_urlbuilder.go b/operatorapi/operations/operator_api/tenant_update_encryption_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/tenant_update_encryption_urlbuilder.go rename to operatorapi/operations/operator_api/tenant_update_encryption_urlbuilder.go index 4ff84182c..3464b78d9 100644 --- a/restapi/operations/admin_api/tenant_update_encryption_urlbuilder.go +++ b/operatorapi/operations/operator_api/tenant_update_encryption_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/restapi/operations/admin_api/tenant_update_pools.go b/operatorapi/operations/operator_api/tenant_update_pools.go similarity index 97% rename from restapi/operations/admin_api/tenant_update_pools.go rename to operatorapi/operations/operator_api/tenant_update_pools.go index b86876437..b99066d43 100644 --- a/restapi/operations/admin_api/tenant_update_pools.go +++ b/operatorapi/operations/operator_api/tenant_update_pools.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewTenantUpdatePools(ctx *middleware.Context, handler TenantUpdatePoolsHand return &TenantUpdatePools{Context: ctx, Handler: handler} } -/* TenantUpdatePools swagger:route PUT /namespaces/{namespace}/tenants/{tenant}/pools AdminAPI tenantUpdatePools +/* TenantUpdatePools swagger:route PUT /namespaces/{namespace}/tenants/{tenant}/pools OperatorAPI tenantUpdatePools Tenant Update Pools diff --git a/restapi/operations/admin_api/tenant_update_pools_parameters.go b/operatorapi/operations/operator_api/tenant_update_pools_parameters.go similarity index 99% rename from restapi/operations/admin_api/tenant_update_pools_parameters.go rename to operatorapi/operations/operator_api/tenant_update_pools_parameters.go index 9a99f9a60..b0ffcd107 100644 --- a/restapi/operations/admin_api/tenant_update_pools_parameters.go +++ b/operatorapi/operations/operator_api/tenant_update_pools_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/tenant_update_pools_responses.go b/operatorapi/operations/operator_api/tenant_update_pools_responses.go similarity index 99% rename from restapi/operations/admin_api/tenant_update_pools_responses.go rename to operatorapi/operations/operator_api/tenant_update_pools_responses.go index 8a931052c..33e65145a 100644 --- a/restapi/operations/admin_api/tenant_update_pools_responses.go +++ b/operatorapi/operations/operator_api/tenant_update_pools_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/tenant_update_pools_urlbuilder.go b/operatorapi/operations/operator_api/tenant_update_pools_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/tenant_update_pools_urlbuilder.go rename to operatorapi/operations/operator_api/tenant_update_pools_urlbuilder.go index acc811890..e8cb0f49d 100644 --- a/restapi/operations/admin_api/tenant_update_pools_urlbuilder.go +++ b/operatorapi/operations/operator_api/tenant_update_pools_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/restapi/operations/admin_api/update_tenant.go b/operatorapi/operations/operator_api/update_tenant.go similarity index 98% rename from restapi/operations/admin_api/update_tenant.go rename to operatorapi/operations/operator_api/update_tenant.go index 0641fe4dc..d7becd75d 100644 --- a/restapi/operations/admin_api/update_tenant.go +++ b/operatorapi/operations/operator_api/update_tenant.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewUpdateTenant(ctx *middleware.Context, handler UpdateTenantHandler) *Upda return &UpdateTenant{Context: ctx, Handler: handler} } -/* UpdateTenant swagger:route PUT /namespaces/{namespace}/tenants/{tenant} AdminAPI updateTenant +/* UpdateTenant swagger:route PUT /namespaces/{namespace}/tenants/{tenant} OperatorAPI updateTenant Update Tenant diff --git a/restapi/operations/admin_api/update_tenant_parameters.go b/operatorapi/operations/operator_api/update_tenant_parameters.go similarity index 99% rename from restapi/operations/admin_api/update_tenant_parameters.go rename to operatorapi/operations/operator_api/update_tenant_parameters.go index 763062b7f..d76efbcc7 100644 --- a/restapi/operations/admin_api/update_tenant_parameters.go +++ b/operatorapi/operations/operator_api/update_tenant_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/update_tenant_responses.go b/operatorapi/operations/operator_api/update_tenant_responses.go similarity index 99% rename from restapi/operations/admin_api/update_tenant_responses.go rename to operatorapi/operations/operator_api/update_tenant_responses.go index 00a7080e6..1f23c1210 100644 --- a/restapi/operations/admin_api/update_tenant_responses.go +++ b/operatorapi/operations/operator_api/update_tenant_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/update_tenant_security.go b/operatorapi/operations/operator_api/update_tenant_security.go similarity index 97% rename from restapi/operations/admin_api/update_tenant_security.go rename to operatorapi/operations/operator_api/update_tenant_security.go index b3b3c7a67..72ed453e8 100644 --- a/restapi/operations/admin_api/update_tenant_security.go +++ b/operatorapi/operations/operator_api/update_tenant_security.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -48,7 +48,7 @@ func NewUpdateTenantSecurity(ctx *middleware.Context, handler UpdateTenantSecuri return &UpdateTenantSecurity{Context: ctx, Handler: handler} } -/* UpdateTenantSecurity swagger:route POST /namespaces/{namespace}/tenants/{tenant}/security AdminAPI updateTenantSecurity +/* UpdateTenantSecurity swagger:route POST /namespaces/{namespace}/tenants/{tenant}/security OperatorAPI updateTenantSecurity Update Tenant Security diff --git a/restapi/operations/admin_api/update_tenant_security_parameters.go b/operatorapi/operations/operator_api/update_tenant_security_parameters.go similarity index 99% rename from restapi/operations/admin_api/update_tenant_security_parameters.go rename to operatorapi/operations/operator_api/update_tenant_security_parameters.go index 6445e4dc5..bc577011a 100644 --- a/restapi/operations/admin_api/update_tenant_security_parameters.go +++ b/operatorapi/operations/operator_api/update_tenant_security_parameters.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/update_tenant_security_responses.go b/operatorapi/operations/operator_api/update_tenant_security_responses.go similarity index 99% rename from restapi/operations/admin_api/update_tenant_security_responses.go rename to operatorapi/operations/operator_api/update_tenant_security_responses.go index 0db921245..1a561d98e 100644 --- a/restapi/operations/admin_api/update_tenant_security_responses.go +++ b/operatorapi/operations/operator_api/update_tenant_security_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command diff --git a/restapi/operations/admin_api/update_tenant_security_urlbuilder.go b/operatorapi/operations/operator_api/update_tenant_security_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/update_tenant_security_urlbuilder.go rename to operatorapi/operations/operator_api/update_tenant_security_urlbuilder.go index 850e49afa..db772df9e 100644 --- a/restapi/operations/admin_api/update_tenant_security_urlbuilder.go +++ b/operatorapi/operations/operator_api/update_tenant_security_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/restapi/operations/admin_api/update_tenant_urlbuilder.go b/operatorapi/operations/operator_api/update_tenant_urlbuilder.go similarity index 99% rename from restapi/operations/admin_api/update_tenant_urlbuilder.go rename to operatorapi/operations/operator_api/update_tenant_urlbuilder.go index 3a30e561a..0bfa87764 100644 --- a/restapi/operations/admin_api/update_tenant_urlbuilder.go +++ b/operatorapi/operations/operator_api/update_tenant_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package operator_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command diff --git a/operatorapi/operations/user_api/login.go b/operatorapi/operations/user_api/login.go new file mode 100644 index 000000000..e8097a987 --- /dev/null +++ b/operatorapi/operations/user_api/login.go @@ -0,0 +1,73 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package user_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the generate command + +import ( + "net/http" + + "github.com/go-openapi/runtime/middleware" +) + +// LoginHandlerFunc turns a function with the right signature into a login handler +type LoginHandlerFunc func(LoginParams) middleware.Responder + +// Handle executing the request and returning a response +func (fn LoginHandlerFunc) Handle(params LoginParams) middleware.Responder { + return fn(params) +} + +// LoginHandler interface for that can handle valid login params +type LoginHandler interface { + Handle(LoginParams) middleware.Responder +} + +// NewLogin creates a new http.Handler for the login operation +func NewLogin(ctx *middleware.Context, handler LoginHandler) *Login { + return &Login{Context: ctx, Handler: handler} +} + +/* Login swagger:route POST /login UserAPI login + +Login to Console + +*/ +type Login struct { + Context *middleware.Context + Handler LoginHandler +} + +func (o *Login) ServeHTTP(rw http.ResponseWriter, r *http.Request) { + route, rCtx, _ := o.Context.RouteInfo(r) + if rCtx != nil { + *r = *rCtx + } + var Params = NewLoginParams() + if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params + o.Context.Respond(rw, r, route.Produces, route, err) + return + } + + res := o.Handler.Handle(Params) // actually handle the request + o.Context.Respond(rw, r, route.Produces, route, res) + +} diff --git a/operatorapi/operations/user_api/login_detail.go b/operatorapi/operations/user_api/login_detail.go new file mode 100644 index 000000000..2b69099f3 --- /dev/null +++ b/operatorapi/operations/user_api/login_detail.go @@ -0,0 +1,73 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package user_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the generate command + +import ( + "net/http" + + "github.com/go-openapi/runtime/middleware" +) + +// LoginDetailHandlerFunc turns a function with the right signature into a login detail handler +type LoginDetailHandlerFunc func(LoginDetailParams) middleware.Responder + +// Handle executing the request and returning a response +func (fn LoginDetailHandlerFunc) Handle(params LoginDetailParams) middleware.Responder { + return fn(params) +} + +// LoginDetailHandler interface for that can handle valid login detail params +type LoginDetailHandler interface { + Handle(LoginDetailParams) middleware.Responder +} + +// NewLoginDetail creates a new http.Handler for the login detail operation +func NewLoginDetail(ctx *middleware.Context, handler LoginDetailHandler) *LoginDetail { + return &LoginDetail{Context: ctx, Handler: handler} +} + +/* LoginDetail swagger:route GET /login UserAPI loginDetail + +Returns login strategy, form or sso. + +*/ +type LoginDetail struct { + Context *middleware.Context + Handler LoginDetailHandler +} + +func (o *LoginDetail) ServeHTTP(rw http.ResponseWriter, r *http.Request) { + route, rCtx, _ := o.Context.RouteInfo(r) + if rCtx != nil { + *r = *rCtx + } + var Params = NewLoginDetailParams() + if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params + o.Context.Respond(rw, r, route.Produces, route, err) + return + } + + res := o.Handler.Handle(Params) // actually handle the request + o.Context.Respond(rw, r, route.Produces, route, res) + +} diff --git a/operatorapi/operations/user_api/login_detail_parameters.go b/operatorapi/operations/user_api/login_detail_parameters.go new file mode 100644 index 000000000..0a9ec9b19 --- /dev/null +++ b/operatorapi/operations/user_api/login_detail_parameters.go @@ -0,0 +1,63 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package user_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "net/http" + + "github.com/go-openapi/errors" + "github.com/go-openapi/runtime/middleware" +) + +// NewLoginDetailParams creates a new LoginDetailParams object +// +// There are no default values defined in the spec. +func NewLoginDetailParams() LoginDetailParams { + + return LoginDetailParams{} +} + +// LoginDetailParams contains all the bound params for the login detail operation +// typically these are obtained from a http.Request +// +// swagger:parameters LoginDetail +type LoginDetailParams struct { + + // HTTP Request Object + HTTPRequest *http.Request `json:"-"` +} + +// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface +// for simple values it will use straight method calls. +// +// To ensure default values, the struct must have been initialized with NewLoginDetailParams() beforehand. +func (o *LoginDetailParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error { + var res []error + + o.HTTPRequest = r + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} diff --git a/operatorapi/operations/user_api/login_detail_responses.go b/operatorapi/operations/user_api/login_detail_responses.go new file mode 100644 index 000000000..6934c9b56 --- /dev/null +++ b/operatorapi/operations/user_api/login_detail_responses.go @@ -0,0 +1,133 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package user_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "net/http" + + "github.com/go-openapi/runtime" + + "github.com/minio/console/models" +) + +// LoginDetailOKCode is the HTTP code returned for type LoginDetailOK +const LoginDetailOKCode int = 200 + +/*LoginDetailOK A successful response. + +swagger:response loginDetailOK +*/ +type LoginDetailOK struct { + + /* + In: Body + */ + Payload *models.LoginDetails `json:"body,omitempty"` +} + +// NewLoginDetailOK creates LoginDetailOK with default headers values +func NewLoginDetailOK() *LoginDetailOK { + + return &LoginDetailOK{} +} + +// WithPayload adds the payload to the login detail o k response +func (o *LoginDetailOK) WithPayload(payload *models.LoginDetails) *LoginDetailOK { + o.Payload = payload + return o +} + +// SetPayload sets the payload to the login detail o k response +func (o *LoginDetailOK) SetPayload(payload *models.LoginDetails) { + o.Payload = payload +} + +// WriteResponse to the client +func (o *LoginDetailOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) { + + rw.WriteHeader(200) + if o.Payload != nil { + payload := o.Payload + if err := producer.Produce(rw, payload); err != nil { + panic(err) // let the recovery middleware deal with this + } + } +} + +/*LoginDetailDefault Generic error response. + +swagger:response loginDetailDefault +*/ +type LoginDetailDefault struct { + _statusCode int + + /* + In: Body + */ + Payload *models.Error `json:"body,omitempty"` +} + +// NewLoginDetailDefault creates LoginDetailDefault with default headers values +func NewLoginDetailDefault(code int) *LoginDetailDefault { + if code <= 0 { + code = 500 + } + + return &LoginDetailDefault{ + _statusCode: code, + } +} + +// WithStatusCode adds the status to the login detail default response +func (o *LoginDetailDefault) WithStatusCode(code int) *LoginDetailDefault { + o._statusCode = code + return o +} + +// SetStatusCode sets the status to the login detail default response +func (o *LoginDetailDefault) SetStatusCode(code int) { + o._statusCode = code +} + +// WithPayload adds the payload to the login detail default response +func (o *LoginDetailDefault) WithPayload(payload *models.Error) *LoginDetailDefault { + o.Payload = payload + return o +} + +// SetPayload sets the payload to the login detail default response +func (o *LoginDetailDefault) SetPayload(payload *models.Error) { + o.Payload = payload +} + +// WriteResponse to the client +func (o *LoginDetailDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) { + + rw.WriteHeader(o._statusCode) + if o.Payload != nil { + payload := o.Payload + if err := producer.Produce(rw, payload); err != nil { + panic(err) // let the recovery middleware deal with this + } + } +} diff --git a/operatorapi/operations/user_api/login_detail_urlbuilder.go b/operatorapi/operations/user_api/login_detail_urlbuilder.go new file mode 100644 index 000000000..2938dc21e --- /dev/null +++ b/operatorapi/operations/user_api/login_detail_urlbuilder.go @@ -0,0 +1,104 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package user_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the generate command + +import ( + "errors" + "net/url" + golangswaggerpaths "path" +) + +// LoginDetailURL generates an URL for the login detail operation +type LoginDetailURL struct { + _basePath string +} + +// WithBasePath sets the base path for this url builder, only required when it's different from the +// base path specified in the swagger spec. +// When the value of the base path is an empty string +func (o *LoginDetailURL) WithBasePath(bp string) *LoginDetailURL { + o.SetBasePath(bp) + return o +} + +// SetBasePath sets the base path for this url builder, only required when it's different from the +// base path specified in the swagger spec. +// When the value of the base path is an empty string +func (o *LoginDetailURL) SetBasePath(bp string) { + o._basePath = bp +} + +// Build a url path and query string +func (o *LoginDetailURL) Build() (*url.URL, error) { + var _result url.URL + + var _path = "/login" + + _basePath := o._basePath + if _basePath == "" { + _basePath = "/api/v1" + } + _result.Path = golangswaggerpaths.Join(_basePath, _path) + + return &_result, nil +} + +// Must is a helper function to panic when the url builder returns an error +func (o *LoginDetailURL) Must(u *url.URL, err error) *url.URL { + if err != nil { + panic(err) + } + if u == nil { + panic("url can't be nil") + } + return u +} + +// String returns the string representation of the path with query string +func (o *LoginDetailURL) String() string { + return o.Must(o.Build()).String() +} + +// BuildFull builds a full url with scheme, host, path and query string +func (o *LoginDetailURL) BuildFull(scheme, host string) (*url.URL, error) { + if scheme == "" { + return nil, errors.New("scheme is required for a full url on LoginDetailURL") + } + if host == "" { + return nil, errors.New("host is required for a full url on LoginDetailURL") + } + + base, err := o.Build() + if err != nil { + return nil, err + } + + base.Scheme = scheme + base.Host = host + return base, nil +} + +// StringFull returns the string representation of a complete url +func (o *LoginDetailURL) StringFull(scheme, host string) string { + return o.Must(o.BuildFull(scheme, host)).String() +} diff --git a/operatorapi/operations/user_api/login_oauth2_auth.go b/operatorapi/operations/user_api/login_oauth2_auth.go new file mode 100644 index 000000000..7713d8f4c --- /dev/null +++ b/operatorapi/operations/user_api/login_oauth2_auth.go @@ -0,0 +1,73 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package user_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the generate command + +import ( + "net/http" + + "github.com/go-openapi/runtime/middleware" +) + +// LoginOauth2AuthHandlerFunc turns a function with the right signature into a login oauth2 auth handler +type LoginOauth2AuthHandlerFunc func(LoginOauth2AuthParams) middleware.Responder + +// Handle executing the request and returning a response +func (fn LoginOauth2AuthHandlerFunc) Handle(params LoginOauth2AuthParams) middleware.Responder { + return fn(params) +} + +// LoginOauth2AuthHandler interface for that can handle valid login oauth2 auth params +type LoginOauth2AuthHandler interface { + Handle(LoginOauth2AuthParams) middleware.Responder +} + +// NewLoginOauth2Auth creates a new http.Handler for the login oauth2 auth operation +func NewLoginOauth2Auth(ctx *middleware.Context, handler LoginOauth2AuthHandler) *LoginOauth2Auth { + return &LoginOauth2Auth{Context: ctx, Handler: handler} +} + +/* LoginOauth2Auth swagger:route POST /login/oauth2/auth UserAPI loginOauth2Auth + +Identity Provider oauth2 callback endpoint. + +*/ +type LoginOauth2Auth struct { + Context *middleware.Context + Handler LoginOauth2AuthHandler +} + +func (o *LoginOauth2Auth) ServeHTTP(rw http.ResponseWriter, r *http.Request) { + route, rCtx, _ := o.Context.RouteInfo(r) + if rCtx != nil { + *r = *rCtx + } + var Params = NewLoginOauth2AuthParams() + if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params + o.Context.Respond(rw, r, route.Produces, route, err) + return + } + + res := o.Handler.Handle(Params) // actually handle the request + o.Context.Respond(rw, r, route.Produces, route, res) + +} diff --git a/operatorapi/operations/user_api/login_oauth2_auth_parameters.go b/operatorapi/operations/user_api/login_oauth2_auth_parameters.go new file mode 100644 index 000000000..2ec622777 --- /dev/null +++ b/operatorapi/operations/user_api/login_oauth2_auth_parameters.go @@ -0,0 +1,102 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package user_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "context" + "io" + "net/http" + + "github.com/go-openapi/errors" + "github.com/go-openapi/runtime" + "github.com/go-openapi/runtime/middleware" + "github.com/go-openapi/validate" + + "github.com/minio/console/models" +) + +// NewLoginOauth2AuthParams creates a new LoginOauth2AuthParams object +// +// There are no default values defined in the spec. +func NewLoginOauth2AuthParams() LoginOauth2AuthParams { + + return LoginOauth2AuthParams{} +} + +// LoginOauth2AuthParams contains all the bound params for the login oauth2 auth operation +// typically these are obtained from a http.Request +// +// swagger:parameters LoginOauth2Auth +type LoginOauth2AuthParams struct { + + // HTTP Request Object + HTTPRequest *http.Request `json:"-"` + + /* + Required: true + In: body + */ + Body *models.LoginOauth2AuthRequest +} + +// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface +// for simple values it will use straight method calls. +// +// To ensure default values, the struct must have been initialized with NewLoginOauth2AuthParams() beforehand. +func (o *LoginOauth2AuthParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error { + var res []error + + o.HTTPRequest = r + + if runtime.HasBody(r) { + defer r.Body.Close() + var body models.LoginOauth2AuthRequest + if err := route.Consumer.Consume(r.Body, &body); err != nil { + if err == io.EOF { + res = append(res, errors.Required("body", "body", "")) + } else { + res = append(res, errors.NewParseError("body", "body", "", err)) + } + } else { + // validate body object + if err := body.Validate(route.Formats); err != nil { + res = append(res, err) + } + + ctx := validate.WithOperationRequest(context.Background()) + if err := body.ContextValidate(ctx, route.Formats); err != nil { + res = append(res, err) + } + + if len(res) == 0 { + o.Body = &body + } + } + } else { + res = append(res, errors.Required("body", "body", "")) + } + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} diff --git a/operatorapi/operations/user_api/login_oauth2_auth_responses.go b/operatorapi/operations/user_api/login_oauth2_auth_responses.go new file mode 100644 index 000000000..998592dee --- /dev/null +++ b/operatorapi/operations/user_api/login_oauth2_auth_responses.go @@ -0,0 +1,133 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package user_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "net/http" + + "github.com/go-openapi/runtime" + + "github.com/minio/console/models" +) + +// LoginOauth2AuthCreatedCode is the HTTP code returned for type LoginOauth2AuthCreated +const LoginOauth2AuthCreatedCode int = 201 + +/*LoginOauth2AuthCreated A successful login. + +swagger:response loginOauth2AuthCreated +*/ +type LoginOauth2AuthCreated struct { + + /* + In: Body + */ + Payload *models.LoginResponse `json:"body,omitempty"` +} + +// NewLoginOauth2AuthCreated creates LoginOauth2AuthCreated with default headers values +func NewLoginOauth2AuthCreated() *LoginOauth2AuthCreated { + + return &LoginOauth2AuthCreated{} +} + +// WithPayload adds the payload to the login oauth2 auth created response +func (o *LoginOauth2AuthCreated) WithPayload(payload *models.LoginResponse) *LoginOauth2AuthCreated { + o.Payload = payload + return o +} + +// SetPayload sets the payload to the login oauth2 auth created response +func (o *LoginOauth2AuthCreated) SetPayload(payload *models.LoginResponse) { + o.Payload = payload +} + +// WriteResponse to the client +func (o *LoginOauth2AuthCreated) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) { + + rw.WriteHeader(201) + if o.Payload != nil { + payload := o.Payload + if err := producer.Produce(rw, payload); err != nil { + panic(err) // let the recovery middleware deal with this + } + } +} + +/*LoginOauth2AuthDefault Generic error response. + +swagger:response loginOauth2AuthDefault +*/ +type LoginOauth2AuthDefault struct { + _statusCode int + + /* + In: Body + */ + Payload *models.Error `json:"body,omitempty"` +} + +// NewLoginOauth2AuthDefault creates LoginOauth2AuthDefault with default headers values +func NewLoginOauth2AuthDefault(code int) *LoginOauth2AuthDefault { + if code <= 0 { + code = 500 + } + + return &LoginOauth2AuthDefault{ + _statusCode: code, + } +} + +// WithStatusCode adds the status to the login oauth2 auth default response +func (o *LoginOauth2AuthDefault) WithStatusCode(code int) *LoginOauth2AuthDefault { + o._statusCode = code + return o +} + +// SetStatusCode sets the status to the login oauth2 auth default response +func (o *LoginOauth2AuthDefault) SetStatusCode(code int) { + o._statusCode = code +} + +// WithPayload adds the payload to the login oauth2 auth default response +func (o *LoginOauth2AuthDefault) WithPayload(payload *models.Error) *LoginOauth2AuthDefault { + o.Payload = payload + return o +} + +// SetPayload sets the payload to the login oauth2 auth default response +func (o *LoginOauth2AuthDefault) SetPayload(payload *models.Error) { + o.Payload = payload +} + +// WriteResponse to the client +func (o *LoginOauth2AuthDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) { + + rw.WriteHeader(o._statusCode) + if o.Payload != nil { + payload := o.Payload + if err := producer.Produce(rw, payload); err != nil { + panic(err) // let the recovery middleware deal with this + } + } +} diff --git a/operatorapi/operations/user_api/login_oauth2_auth_urlbuilder.go b/operatorapi/operations/user_api/login_oauth2_auth_urlbuilder.go new file mode 100644 index 000000000..313018a29 --- /dev/null +++ b/operatorapi/operations/user_api/login_oauth2_auth_urlbuilder.go @@ -0,0 +1,104 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package user_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the generate command + +import ( + "errors" + "net/url" + golangswaggerpaths "path" +) + +// LoginOauth2AuthURL generates an URL for the login oauth2 auth operation +type LoginOauth2AuthURL struct { + _basePath string +} + +// WithBasePath sets the base path for this url builder, only required when it's different from the +// base path specified in the swagger spec. +// When the value of the base path is an empty string +func (o *LoginOauth2AuthURL) WithBasePath(bp string) *LoginOauth2AuthURL { + o.SetBasePath(bp) + return o +} + +// SetBasePath sets the base path for this url builder, only required when it's different from the +// base path specified in the swagger spec. +// When the value of the base path is an empty string +func (o *LoginOauth2AuthURL) SetBasePath(bp string) { + o._basePath = bp +} + +// Build a url path and query string +func (o *LoginOauth2AuthURL) Build() (*url.URL, error) { + var _result url.URL + + var _path = "/login/oauth2/auth" + + _basePath := o._basePath + if _basePath == "" { + _basePath = "/api/v1" + } + _result.Path = golangswaggerpaths.Join(_basePath, _path) + + return &_result, nil +} + +// Must is a helper function to panic when the url builder returns an error +func (o *LoginOauth2AuthURL) Must(u *url.URL, err error) *url.URL { + if err != nil { + panic(err) + } + if u == nil { + panic("url can't be nil") + } + return u +} + +// String returns the string representation of the path with query string +func (o *LoginOauth2AuthURL) String() string { + return o.Must(o.Build()).String() +} + +// BuildFull builds a full url with scheme, host, path and query string +func (o *LoginOauth2AuthURL) BuildFull(scheme, host string) (*url.URL, error) { + if scheme == "" { + return nil, errors.New("scheme is required for a full url on LoginOauth2AuthURL") + } + if host == "" { + return nil, errors.New("host is required for a full url on LoginOauth2AuthURL") + } + + base, err := o.Build() + if err != nil { + return nil, err + } + + base.Scheme = scheme + base.Host = host + return base, nil +} + +// StringFull returns the string representation of a complete url +func (o *LoginOauth2AuthURL) StringFull(scheme, host string) string { + return o.Must(o.BuildFull(scheme, host)).String() +} diff --git a/operatorapi/operations/user_api/login_operator.go b/operatorapi/operations/user_api/login_operator.go new file mode 100644 index 000000000..b5ae3c4a6 --- /dev/null +++ b/operatorapi/operations/user_api/login_operator.go @@ -0,0 +1,73 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package user_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the generate command + +import ( + "net/http" + + "github.com/go-openapi/runtime/middleware" +) + +// LoginOperatorHandlerFunc turns a function with the right signature into a login operator handler +type LoginOperatorHandlerFunc func(LoginOperatorParams) middleware.Responder + +// Handle executing the request and returning a response +func (fn LoginOperatorHandlerFunc) Handle(params LoginOperatorParams) middleware.Responder { + return fn(params) +} + +// LoginOperatorHandler interface for that can handle valid login operator params +type LoginOperatorHandler interface { + Handle(LoginOperatorParams) middleware.Responder +} + +// NewLoginOperator creates a new http.Handler for the login operator operation +func NewLoginOperator(ctx *middleware.Context, handler LoginOperatorHandler) *LoginOperator { + return &LoginOperator{Context: ctx, Handler: handler} +} + +/* LoginOperator swagger:route POST /login/operator UserAPI loginOperator + +Login to Operator Console. + +*/ +type LoginOperator struct { + Context *middleware.Context + Handler LoginOperatorHandler +} + +func (o *LoginOperator) ServeHTTP(rw http.ResponseWriter, r *http.Request) { + route, rCtx, _ := o.Context.RouteInfo(r) + if rCtx != nil { + *r = *rCtx + } + var Params = NewLoginOperatorParams() + if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params + o.Context.Respond(rw, r, route.Produces, route, err) + return + } + + res := o.Handler.Handle(Params) // actually handle the request + o.Context.Respond(rw, r, route.Produces, route, res) + +} diff --git a/operatorapi/operations/user_api/login_operator_parameters.go b/operatorapi/operations/user_api/login_operator_parameters.go new file mode 100644 index 000000000..beaf64f27 --- /dev/null +++ b/operatorapi/operations/user_api/login_operator_parameters.go @@ -0,0 +1,102 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package user_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "context" + "io" + "net/http" + + "github.com/go-openapi/errors" + "github.com/go-openapi/runtime" + "github.com/go-openapi/runtime/middleware" + "github.com/go-openapi/validate" + + "github.com/minio/console/models" +) + +// NewLoginOperatorParams creates a new LoginOperatorParams object +// +// There are no default values defined in the spec. +func NewLoginOperatorParams() LoginOperatorParams { + + return LoginOperatorParams{} +} + +// LoginOperatorParams contains all the bound params for the login operator operation +// typically these are obtained from a http.Request +// +// swagger:parameters LoginOperator +type LoginOperatorParams struct { + + // HTTP Request Object + HTTPRequest *http.Request `json:"-"` + + /* + Required: true + In: body + */ + Body *models.LoginOperatorRequest +} + +// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface +// for simple values it will use straight method calls. +// +// To ensure default values, the struct must have been initialized with NewLoginOperatorParams() beforehand. +func (o *LoginOperatorParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error { + var res []error + + o.HTTPRequest = r + + if runtime.HasBody(r) { + defer r.Body.Close() + var body models.LoginOperatorRequest + if err := route.Consumer.Consume(r.Body, &body); err != nil { + if err == io.EOF { + res = append(res, errors.Required("body", "body", "")) + } else { + res = append(res, errors.NewParseError("body", "body", "", err)) + } + } else { + // validate body object + if err := body.Validate(route.Formats); err != nil { + res = append(res, err) + } + + ctx := validate.WithOperationRequest(context.Background()) + if err := body.ContextValidate(ctx, route.Formats); err != nil { + res = append(res, err) + } + + if len(res) == 0 { + o.Body = &body + } + } + } else { + res = append(res, errors.Required("body", "body", "")) + } + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} diff --git a/operatorapi/operations/user_api/login_operator_responses.go b/operatorapi/operations/user_api/login_operator_responses.go new file mode 100644 index 000000000..54c5fcc8d --- /dev/null +++ b/operatorapi/operations/user_api/login_operator_responses.go @@ -0,0 +1,133 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package user_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "net/http" + + "github.com/go-openapi/runtime" + + "github.com/minio/console/models" +) + +// LoginOperatorCreatedCode is the HTTP code returned for type LoginOperatorCreated +const LoginOperatorCreatedCode int = 201 + +/*LoginOperatorCreated A successful login. + +swagger:response loginOperatorCreated +*/ +type LoginOperatorCreated struct { + + /* + In: Body + */ + Payload *models.LoginResponse `json:"body,omitempty"` +} + +// NewLoginOperatorCreated creates LoginOperatorCreated with default headers values +func NewLoginOperatorCreated() *LoginOperatorCreated { + + return &LoginOperatorCreated{} +} + +// WithPayload adds the payload to the login operator created response +func (o *LoginOperatorCreated) WithPayload(payload *models.LoginResponse) *LoginOperatorCreated { + o.Payload = payload + return o +} + +// SetPayload sets the payload to the login operator created response +func (o *LoginOperatorCreated) SetPayload(payload *models.LoginResponse) { + o.Payload = payload +} + +// WriteResponse to the client +func (o *LoginOperatorCreated) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) { + + rw.WriteHeader(201) + if o.Payload != nil { + payload := o.Payload + if err := producer.Produce(rw, payload); err != nil { + panic(err) // let the recovery middleware deal with this + } + } +} + +/*LoginOperatorDefault Generic error response. + +swagger:response loginOperatorDefault +*/ +type LoginOperatorDefault struct { + _statusCode int + + /* + In: Body + */ + Payload *models.Error `json:"body,omitempty"` +} + +// NewLoginOperatorDefault creates LoginOperatorDefault with default headers values +func NewLoginOperatorDefault(code int) *LoginOperatorDefault { + if code <= 0 { + code = 500 + } + + return &LoginOperatorDefault{ + _statusCode: code, + } +} + +// WithStatusCode adds the status to the login operator default response +func (o *LoginOperatorDefault) WithStatusCode(code int) *LoginOperatorDefault { + o._statusCode = code + return o +} + +// SetStatusCode sets the status to the login operator default response +func (o *LoginOperatorDefault) SetStatusCode(code int) { + o._statusCode = code +} + +// WithPayload adds the payload to the login operator default response +func (o *LoginOperatorDefault) WithPayload(payload *models.Error) *LoginOperatorDefault { + o.Payload = payload + return o +} + +// SetPayload sets the payload to the login operator default response +func (o *LoginOperatorDefault) SetPayload(payload *models.Error) { + o.Payload = payload +} + +// WriteResponse to the client +func (o *LoginOperatorDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) { + + rw.WriteHeader(o._statusCode) + if o.Payload != nil { + payload := o.Payload + if err := producer.Produce(rw, payload); err != nil { + panic(err) // let the recovery middleware deal with this + } + } +} diff --git a/operatorapi/operations/user_api/login_operator_urlbuilder.go b/operatorapi/operations/user_api/login_operator_urlbuilder.go new file mode 100644 index 000000000..6ec1d83b7 --- /dev/null +++ b/operatorapi/operations/user_api/login_operator_urlbuilder.go @@ -0,0 +1,104 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package user_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the generate command + +import ( + "errors" + "net/url" + golangswaggerpaths "path" +) + +// LoginOperatorURL generates an URL for the login operator operation +type LoginOperatorURL struct { + _basePath string +} + +// WithBasePath sets the base path for this url builder, only required when it's different from the +// base path specified in the swagger spec. +// When the value of the base path is an empty string +func (o *LoginOperatorURL) WithBasePath(bp string) *LoginOperatorURL { + o.SetBasePath(bp) + return o +} + +// SetBasePath sets the base path for this url builder, only required when it's different from the +// base path specified in the swagger spec. +// When the value of the base path is an empty string +func (o *LoginOperatorURL) SetBasePath(bp string) { + o._basePath = bp +} + +// Build a url path and query string +func (o *LoginOperatorURL) Build() (*url.URL, error) { + var _result url.URL + + var _path = "/login/operator" + + _basePath := o._basePath + if _basePath == "" { + _basePath = "/api/v1" + } + _result.Path = golangswaggerpaths.Join(_basePath, _path) + + return &_result, nil +} + +// Must is a helper function to panic when the url builder returns an error +func (o *LoginOperatorURL) Must(u *url.URL, err error) *url.URL { + if err != nil { + panic(err) + } + if u == nil { + panic("url can't be nil") + } + return u +} + +// String returns the string representation of the path with query string +func (o *LoginOperatorURL) String() string { + return o.Must(o.Build()).String() +} + +// BuildFull builds a full url with scheme, host, path and query string +func (o *LoginOperatorURL) BuildFull(scheme, host string) (*url.URL, error) { + if scheme == "" { + return nil, errors.New("scheme is required for a full url on LoginOperatorURL") + } + if host == "" { + return nil, errors.New("host is required for a full url on LoginOperatorURL") + } + + base, err := o.Build() + if err != nil { + return nil, err + } + + base.Scheme = scheme + base.Host = host + return base, nil +} + +// StringFull returns the string representation of a complete url +func (o *LoginOperatorURL) StringFull(scheme, host string) string { + return o.Must(o.BuildFull(scheme, host)).String() +} diff --git a/operatorapi/operations/user_api/login_parameters.go b/operatorapi/operations/user_api/login_parameters.go new file mode 100644 index 000000000..82b4ae00c --- /dev/null +++ b/operatorapi/operations/user_api/login_parameters.go @@ -0,0 +1,102 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package user_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "context" + "io" + "net/http" + + "github.com/go-openapi/errors" + "github.com/go-openapi/runtime" + "github.com/go-openapi/runtime/middleware" + "github.com/go-openapi/validate" + + "github.com/minio/console/models" +) + +// NewLoginParams creates a new LoginParams object +// +// There are no default values defined in the spec. +func NewLoginParams() LoginParams { + + return LoginParams{} +} + +// LoginParams contains all the bound params for the login operation +// typically these are obtained from a http.Request +// +// swagger:parameters Login +type LoginParams struct { + + // HTTP Request Object + HTTPRequest *http.Request `json:"-"` + + /* + Required: true + In: body + */ + Body *models.LoginRequest +} + +// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface +// for simple values it will use straight method calls. +// +// To ensure default values, the struct must have been initialized with NewLoginParams() beforehand. +func (o *LoginParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error { + var res []error + + o.HTTPRequest = r + + if runtime.HasBody(r) { + defer r.Body.Close() + var body models.LoginRequest + if err := route.Consumer.Consume(r.Body, &body); err != nil { + if err == io.EOF { + res = append(res, errors.Required("body", "body", "")) + } else { + res = append(res, errors.NewParseError("body", "body", "", err)) + } + } else { + // validate body object + if err := body.Validate(route.Formats); err != nil { + res = append(res, err) + } + + ctx := validate.WithOperationRequest(context.Background()) + if err := body.ContextValidate(ctx, route.Formats); err != nil { + res = append(res, err) + } + + if len(res) == 0 { + o.Body = &body + } + } + } else { + res = append(res, errors.Required("body", "body", "")) + } + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} diff --git a/restapi/operations/admin_api/tenant_info_responses.go b/operatorapi/operations/user_api/login_responses.go similarity index 52% rename from restapi/operations/admin_api/tenant_info_responses.go rename to operatorapi/operations/user_api/login_responses.go index e0a20d1fc..24b10c9dd 100644 --- a/restapi/operations/admin_api/tenant_info_responses.go +++ b/operatorapi/operations/user_api/login_responses.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package user_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command @@ -30,42 +30,42 @@ import ( "github.com/minio/console/models" ) -// TenantInfoOKCode is the HTTP code returned for type TenantInfoOK -const TenantInfoOKCode int = 200 +// LoginCreatedCode is the HTTP code returned for type LoginCreated +const LoginCreatedCode int = 201 -/*TenantInfoOK A successful response. +/*LoginCreated A successful login. -swagger:response tenantInfoOK +swagger:response loginCreated */ -type TenantInfoOK struct { +type LoginCreated struct { /* In: Body */ - Payload *models.AdminInfoResponse `json:"body,omitempty"` + Payload *models.LoginResponse `json:"body,omitempty"` } -// NewTenantInfoOK creates TenantInfoOK with default headers values -func NewTenantInfoOK() *TenantInfoOK { +// NewLoginCreated creates LoginCreated with default headers values +func NewLoginCreated() *LoginCreated { - return &TenantInfoOK{} + return &LoginCreated{} } -// WithPayload adds the payload to the tenant info o k response -func (o *TenantInfoOK) WithPayload(payload *models.AdminInfoResponse) *TenantInfoOK { +// WithPayload adds the payload to the login created response +func (o *LoginCreated) WithPayload(payload *models.LoginResponse) *LoginCreated { o.Payload = payload return o } -// SetPayload sets the payload to the tenant info o k response -func (o *TenantInfoOK) SetPayload(payload *models.AdminInfoResponse) { +// SetPayload sets the payload to the login created response +func (o *LoginCreated) SetPayload(payload *models.LoginResponse) { o.Payload = payload } // WriteResponse to the client -func (o *TenantInfoOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) { +func (o *LoginCreated) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) { - rw.WriteHeader(200) + rw.WriteHeader(201) if o.Payload != nil { payload := o.Payload if err := producer.Produce(rw, payload); err != nil { @@ -74,11 +74,11 @@ func (o *TenantInfoOK) WriteResponse(rw http.ResponseWriter, producer runtime.Pr } } -/*TenantInfoDefault Generic error response. +/*LoginDefault Generic error response. -swagger:response tenantInfoDefault +swagger:response loginDefault */ -type TenantInfoDefault struct { +type LoginDefault struct { _statusCode int /* @@ -87,41 +87,41 @@ type TenantInfoDefault struct { Payload *models.Error `json:"body,omitempty"` } -// NewTenantInfoDefault creates TenantInfoDefault with default headers values -func NewTenantInfoDefault(code int) *TenantInfoDefault { +// NewLoginDefault creates LoginDefault with default headers values +func NewLoginDefault(code int) *LoginDefault { if code <= 0 { code = 500 } - return &TenantInfoDefault{ + return &LoginDefault{ _statusCode: code, } } -// WithStatusCode adds the status to the tenant info default response -func (o *TenantInfoDefault) WithStatusCode(code int) *TenantInfoDefault { +// WithStatusCode adds the status to the login default response +func (o *LoginDefault) WithStatusCode(code int) *LoginDefault { o._statusCode = code return o } -// SetStatusCode sets the status to the tenant info default response -func (o *TenantInfoDefault) SetStatusCode(code int) { +// SetStatusCode sets the status to the login default response +func (o *LoginDefault) SetStatusCode(code int) { o._statusCode = code } -// WithPayload adds the payload to the tenant info default response -func (o *TenantInfoDefault) WithPayload(payload *models.Error) *TenantInfoDefault { +// WithPayload adds the payload to the login default response +func (o *LoginDefault) WithPayload(payload *models.Error) *LoginDefault { o.Payload = payload return o } -// SetPayload sets the payload to the tenant info default response -func (o *TenantInfoDefault) SetPayload(payload *models.Error) { +// SetPayload sets the payload to the login default response +func (o *LoginDefault) SetPayload(payload *models.Error) { o.Payload = payload } // WriteResponse to the client -func (o *TenantInfoDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) { +func (o *LoginDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) { rw.WriteHeader(o._statusCode) if o.Payload != nil { diff --git a/operatorapi/operations/user_api/login_urlbuilder.go b/operatorapi/operations/user_api/login_urlbuilder.go new file mode 100644 index 000000000..27082f0fa --- /dev/null +++ b/operatorapi/operations/user_api/login_urlbuilder.go @@ -0,0 +1,104 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package user_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the generate command + +import ( + "errors" + "net/url" + golangswaggerpaths "path" +) + +// LoginURL generates an URL for the login operation +type LoginURL struct { + _basePath string +} + +// WithBasePath sets the base path for this url builder, only required when it's different from the +// base path specified in the swagger spec. +// When the value of the base path is an empty string +func (o *LoginURL) WithBasePath(bp string) *LoginURL { + o.SetBasePath(bp) + return o +} + +// SetBasePath sets the base path for this url builder, only required when it's different from the +// base path specified in the swagger spec. +// When the value of the base path is an empty string +func (o *LoginURL) SetBasePath(bp string) { + o._basePath = bp +} + +// Build a url path and query string +func (o *LoginURL) Build() (*url.URL, error) { + var _result url.URL + + var _path = "/login" + + _basePath := o._basePath + if _basePath == "" { + _basePath = "/api/v1" + } + _result.Path = golangswaggerpaths.Join(_basePath, _path) + + return &_result, nil +} + +// Must is a helper function to panic when the url builder returns an error +func (o *LoginURL) Must(u *url.URL, err error) *url.URL { + if err != nil { + panic(err) + } + if u == nil { + panic("url can't be nil") + } + return u +} + +// String returns the string representation of the path with query string +func (o *LoginURL) String() string { + return o.Must(o.Build()).String() +} + +// BuildFull builds a full url with scheme, host, path and query string +func (o *LoginURL) BuildFull(scheme, host string) (*url.URL, error) { + if scheme == "" { + return nil, errors.New("scheme is required for a full url on LoginURL") + } + if host == "" { + return nil, errors.New("host is required for a full url on LoginURL") + } + + base, err := o.Build() + if err != nil { + return nil, err + } + + base.Scheme = scheme + base.Host = host + return base, nil +} + +// StringFull returns the string representation of a complete url +func (o *LoginURL) StringFull(scheme, host string) string { + return o.Must(o.BuildFull(scheme, host)).String() +} diff --git a/restapi/operations/admin_api/tenant_info.go b/operatorapi/operations/user_api/logout.go similarity index 65% rename from restapi/operations/admin_api/tenant_info.go rename to operatorapi/operations/user_api/logout.go index 6fe5b8f5a..ad4b10d4a 100644 --- a/restapi/operations/admin_api/tenant_info.go +++ b/operatorapi/operations/user_api/logout.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package user_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -30,40 +30,40 @@ import ( "github.com/minio/console/models" ) -// TenantInfoHandlerFunc turns a function with the right signature into a tenant info handler -type TenantInfoHandlerFunc func(TenantInfoParams, *models.Principal) middleware.Responder +// LogoutHandlerFunc turns a function with the right signature into a logout handler +type LogoutHandlerFunc func(LogoutParams, *models.Principal) middleware.Responder // Handle executing the request and returning a response -func (fn TenantInfoHandlerFunc) Handle(params TenantInfoParams, principal *models.Principal) middleware.Responder { +func (fn LogoutHandlerFunc) Handle(params LogoutParams, principal *models.Principal) middleware.Responder { return fn(params, principal) } -// TenantInfoHandler interface for that can handle valid tenant info params -type TenantInfoHandler interface { - Handle(TenantInfoParams, *models.Principal) middleware.Responder +// LogoutHandler interface for that can handle valid logout params +type LogoutHandler interface { + Handle(LogoutParams, *models.Principal) middleware.Responder } -// NewTenantInfo creates a new http.Handler for the tenant info operation -func NewTenantInfo(ctx *middleware.Context, handler TenantInfoHandler) *TenantInfo { - return &TenantInfo{Context: ctx, Handler: handler} +// NewLogout creates a new http.Handler for the logout operation +func NewLogout(ctx *middleware.Context, handler LogoutHandler) *Logout { + return &Logout{Context: ctx, Handler: handler} } -/* TenantInfo swagger:route GET /namespaces/{namespace}/tenants/{tenant}/info AdminAPI tenantInfo +/* Logout swagger:route POST /logout UserAPI logout -Tenant Info +Logout from Console. */ -type TenantInfo struct { +type Logout struct { Context *middleware.Context - Handler TenantInfoHandler + Handler LogoutHandler } -func (o *TenantInfo) ServeHTTP(rw http.ResponseWriter, r *http.Request) { +func (o *Logout) ServeHTTP(rw http.ResponseWriter, r *http.Request) { route, rCtx, _ := o.Context.RouteInfo(r) if rCtx != nil { *r = *rCtx } - var Params = NewTenantInfoParams() + var Params = NewLogoutParams() uprinc, aCtx, err := o.Context.Authorize(r, route) if err != nil { o.Context.Respond(rw, r, route.Produces, route, err) diff --git a/operatorapi/operations/user_api/logout_parameters.go b/operatorapi/operations/user_api/logout_parameters.go new file mode 100644 index 000000000..f292177f8 --- /dev/null +++ b/operatorapi/operations/user_api/logout_parameters.go @@ -0,0 +1,63 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package user_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "net/http" + + "github.com/go-openapi/errors" + "github.com/go-openapi/runtime/middleware" +) + +// NewLogoutParams creates a new LogoutParams object +// +// There are no default values defined in the spec. +func NewLogoutParams() LogoutParams { + + return LogoutParams{} +} + +// LogoutParams contains all the bound params for the logout operation +// typically these are obtained from a http.Request +// +// swagger:parameters Logout +type LogoutParams struct { + + // HTTP Request Object + HTTPRequest *http.Request `json:"-"` +} + +// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface +// for simple values it will use straight method calls. +// +// To ensure default values, the struct must have been initialized with NewLogoutParams() beforehand. +func (o *LogoutParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error { + var res []error + + o.HTTPRequest = r + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} diff --git a/operatorapi/operations/user_api/logout_responses.go b/operatorapi/operations/user_api/logout_responses.go new file mode 100644 index 000000000..d70e03fcf --- /dev/null +++ b/operatorapi/operations/user_api/logout_responses.go @@ -0,0 +1,113 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package user_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "net/http" + + "github.com/go-openapi/runtime" + + "github.com/minio/console/models" +) + +// LogoutOKCode is the HTTP code returned for type LogoutOK +const LogoutOKCode int = 200 + +/*LogoutOK A successful response. + +swagger:response logoutOK +*/ +type LogoutOK struct { +} + +// NewLogoutOK creates LogoutOK with default headers values +func NewLogoutOK() *LogoutOK { + + return &LogoutOK{} +} + +// WriteResponse to the client +func (o *LogoutOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) { + + rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses + + rw.WriteHeader(200) +} + +/*LogoutDefault Generic error response. + +swagger:response logoutDefault +*/ +type LogoutDefault struct { + _statusCode int + + /* + In: Body + */ + Payload *models.Error `json:"body,omitempty"` +} + +// NewLogoutDefault creates LogoutDefault with default headers values +func NewLogoutDefault(code int) *LogoutDefault { + if code <= 0 { + code = 500 + } + + return &LogoutDefault{ + _statusCode: code, + } +} + +// WithStatusCode adds the status to the logout default response +func (o *LogoutDefault) WithStatusCode(code int) *LogoutDefault { + o._statusCode = code + return o +} + +// SetStatusCode sets the status to the logout default response +func (o *LogoutDefault) SetStatusCode(code int) { + o._statusCode = code +} + +// WithPayload adds the payload to the logout default response +func (o *LogoutDefault) WithPayload(payload *models.Error) *LogoutDefault { + o.Payload = payload + return o +} + +// SetPayload sets the payload to the logout default response +func (o *LogoutDefault) SetPayload(payload *models.Error) { + o.Payload = payload +} + +// WriteResponse to the client +func (o *LogoutDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) { + + rw.WriteHeader(o._statusCode) + if o.Payload != nil { + payload := o.Payload + if err := producer.Produce(rw, payload); err != nil { + panic(err) // let the recovery middleware deal with this + } + } +} diff --git a/operatorapi/operations/user_api/logout_urlbuilder.go b/operatorapi/operations/user_api/logout_urlbuilder.go new file mode 100644 index 000000000..1cd37d66c --- /dev/null +++ b/operatorapi/operations/user_api/logout_urlbuilder.go @@ -0,0 +1,104 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package user_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the generate command + +import ( + "errors" + "net/url" + golangswaggerpaths "path" +) + +// LogoutURL generates an URL for the logout operation +type LogoutURL struct { + _basePath string +} + +// WithBasePath sets the base path for this url builder, only required when it's different from the +// base path specified in the swagger spec. +// When the value of the base path is an empty string +func (o *LogoutURL) WithBasePath(bp string) *LogoutURL { + o.SetBasePath(bp) + return o +} + +// SetBasePath sets the base path for this url builder, only required when it's different from the +// base path specified in the swagger spec. +// When the value of the base path is an empty string +func (o *LogoutURL) SetBasePath(bp string) { + o._basePath = bp +} + +// Build a url path and query string +func (o *LogoutURL) Build() (*url.URL, error) { + var _result url.URL + + var _path = "/logout" + + _basePath := o._basePath + if _basePath == "" { + _basePath = "/api/v1" + } + _result.Path = golangswaggerpaths.Join(_basePath, _path) + + return &_result, nil +} + +// Must is a helper function to panic when the url builder returns an error +func (o *LogoutURL) Must(u *url.URL, err error) *url.URL { + if err != nil { + panic(err) + } + if u == nil { + panic("url can't be nil") + } + return u +} + +// String returns the string representation of the path with query string +func (o *LogoutURL) String() string { + return o.Must(o.Build()).String() +} + +// BuildFull builds a full url with scheme, host, path and query string +func (o *LogoutURL) BuildFull(scheme, host string) (*url.URL, error) { + if scheme == "" { + return nil, errors.New("scheme is required for a full url on LogoutURL") + } + if host == "" { + return nil, errors.New("host is required for a full url on LogoutURL") + } + + base, err := o.Build() + if err != nil { + return nil, err + } + + base.Scheme = scheme + base.Host = host + return base, nil +} + +// StringFull returns the string representation of a complete url +func (o *LogoutURL) StringFull(scheme, host string) string { + return o.Must(o.BuildFull(scheme, host)).String() +} diff --git a/operatorapi/operations/user_api/session_check.go b/operatorapi/operations/user_api/session_check.go new file mode 100644 index 000000000..dbfeb429b --- /dev/null +++ b/operatorapi/operations/user_api/session_check.go @@ -0,0 +1,88 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package user_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the generate command + +import ( + "net/http" + + "github.com/go-openapi/runtime/middleware" + + "github.com/minio/console/models" +) + +// SessionCheckHandlerFunc turns a function with the right signature into a session check handler +type SessionCheckHandlerFunc func(SessionCheckParams, *models.Principal) middleware.Responder + +// Handle executing the request and returning a response +func (fn SessionCheckHandlerFunc) Handle(params SessionCheckParams, principal *models.Principal) middleware.Responder { + return fn(params, principal) +} + +// SessionCheckHandler interface for that can handle valid session check params +type SessionCheckHandler interface { + Handle(SessionCheckParams, *models.Principal) middleware.Responder +} + +// NewSessionCheck creates a new http.Handler for the session check operation +func NewSessionCheck(ctx *middleware.Context, handler SessionCheckHandler) *SessionCheck { + return &SessionCheck{Context: ctx, Handler: handler} +} + +/* SessionCheck swagger:route GET /session UserAPI sessionCheck + +Endpoint to check if your session is still valid + +*/ +type SessionCheck struct { + Context *middleware.Context + Handler SessionCheckHandler +} + +func (o *SessionCheck) ServeHTTP(rw http.ResponseWriter, r *http.Request) { + route, rCtx, _ := o.Context.RouteInfo(r) + if rCtx != nil { + *r = *rCtx + } + var Params = NewSessionCheckParams() + uprinc, aCtx, err := o.Context.Authorize(r, route) + if err != nil { + o.Context.Respond(rw, r, route.Produces, route, err) + return + } + if aCtx != nil { + *r = *aCtx + } + var principal *models.Principal + if uprinc != nil { + principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise + } + + if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params + o.Context.Respond(rw, r, route.Produces, route, err) + return + } + + res := o.Handler.Handle(Params, principal) // actually handle the request + o.Context.Respond(rw, r, route.Produces, route, res) + +} diff --git a/operatorapi/operations/user_api/session_check_parameters.go b/operatorapi/operations/user_api/session_check_parameters.go new file mode 100644 index 000000000..5f3eaaac4 --- /dev/null +++ b/operatorapi/operations/user_api/session_check_parameters.go @@ -0,0 +1,63 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package user_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "net/http" + + "github.com/go-openapi/errors" + "github.com/go-openapi/runtime/middleware" +) + +// NewSessionCheckParams creates a new SessionCheckParams object +// +// There are no default values defined in the spec. +func NewSessionCheckParams() SessionCheckParams { + + return SessionCheckParams{} +} + +// SessionCheckParams contains all the bound params for the session check operation +// typically these are obtained from a http.Request +// +// swagger:parameters SessionCheck +type SessionCheckParams struct { + + // HTTP Request Object + HTTPRequest *http.Request `json:"-"` +} + +// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface +// for simple values it will use straight method calls. +// +// To ensure default values, the struct must have been initialized with NewSessionCheckParams() beforehand. +func (o *SessionCheckParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error { + var res []error + + o.HTTPRequest = r + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} diff --git a/operatorapi/operations/user_api/session_check_responses.go b/operatorapi/operations/user_api/session_check_responses.go new file mode 100644 index 000000000..1a49ff2e7 --- /dev/null +++ b/operatorapi/operations/user_api/session_check_responses.go @@ -0,0 +1,133 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package user_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "net/http" + + "github.com/go-openapi/runtime" + + "github.com/minio/console/models" +) + +// SessionCheckOKCode is the HTTP code returned for type SessionCheckOK +const SessionCheckOKCode int = 200 + +/*SessionCheckOK A successful response. + +swagger:response sessionCheckOK +*/ +type SessionCheckOK struct { + + /* + In: Body + */ + Payload *models.SessionResponse `json:"body,omitempty"` +} + +// NewSessionCheckOK creates SessionCheckOK with default headers values +func NewSessionCheckOK() *SessionCheckOK { + + return &SessionCheckOK{} +} + +// WithPayload adds the payload to the session check o k response +func (o *SessionCheckOK) WithPayload(payload *models.SessionResponse) *SessionCheckOK { + o.Payload = payload + return o +} + +// SetPayload sets the payload to the session check o k response +func (o *SessionCheckOK) SetPayload(payload *models.SessionResponse) { + o.Payload = payload +} + +// WriteResponse to the client +func (o *SessionCheckOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) { + + rw.WriteHeader(200) + if o.Payload != nil { + payload := o.Payload + if err := producer.Produce(rw, payload); err != nil { + panic(err) // let the recovery middleware deal with this + } + } +} + +/*SessionCheckDefault Generic error response. + +swagger:response sessionCheckDefault +*/ +type SessionCheckDefault struct { + _statusCode int + + /* + In: Body + */ + Payload *models.Error `json:"body,omitempty"` +} + +// NewSessionCheckDefault creates SessionCheckDefault with default headers values +func NewSessionCheckDefault(code int) *SessionCheckDefault { + if code <= 0 { + code = 500 + } + + return &SessionCheckDefault{ + _statusCode: code, + } +} + +// WithStatusCode adds the status to the session check default response +func (o *SessionCheckDefault) WithStatusCode(code int) *SessionCheckDefault { + o._statusCode = code + return o +} + +// SetStatusCode sets the status to the session check default response +func (o *SessionCheckDefault) SetStatusCode(code int) { + o._statusCode = code +} + +// WithPayload adds the payload to the session check default response +func (o *SessionCheckDefault) WithPayload(payload *models.Error) *SessionCheckDefault { + o.Payload = payload + return o +} + +// SetPayload sets the payload to the session check default response +func (o *SessionCheckDefault) SetPayload(payload *models.Error) { + o.Payload = payload +} + +// WriteResponse to the client +func (o *SessionCheckDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) { + + rw.WriteHeader(o._statusCode) + if o.Payload != nil { + payload := o.Payload + if err := producer.Produce(rw, payload); err != nil { + panic(err) // let the recovery middleware deal with this + } + } +} diff --git a/restapi/operations/admin_api/tenant_info_urlbuilder.go b/operatorapi/operations/user_api/session_check_urlbuilder.go similarity index 66% rename from restapi/operations/admin_api/tenant_info_urlbuilder.go rename to operatorapi/operations/user_api/session_check_urlbuilder.go index bd4330b27..399a3f40d 100644 --- a/restapi/operations/admin_api/tenant_info_urlbuilder.go +++ b/operatorapi/operations/user_api/session_check_urlbuilder.go @@ -17,7 +17,7 @@ // along with this program. If not, see . // -package admin_api +package user_api // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the generate command @@ -26,23 +26,17 @@ import ( "errors" "net/url" golangswaggerpaths "path" - "strings" ) -// TenantInfoURL generates an URL for the tenant info operation -type TenantInfoURL struct { - Namespace string - Tenant string - +// SessionCheckURL generates an URL for the session check operation +type SessionCheckURL struct { _basePath string - // avoid unkeyed usage - _ struct{} } // WithBasePath sets the base path for this url builder, only required when it's different from the // base path specified in the swagger spec. // When the value of the base path is an empty string -func (o *TenantInfoURL) WithBasePath(bp string) *TenantInfoURL { +func (o *SessionCheckURL) WithBasePath(bp string) *SessionCheckURL { o.SetBasePath(bp) return o } @@ -50,29 +44,15 @@ func (o *TenantInfoURL) WithBasePath(bp string) *TenantInfoURL { // SetBasePath sets the base path for this url builder, only required when it's different from the // base path specified in the swagger spec. // When the value of the base path is an empty string -func (o *TenantInfoURL) SetBasePath(bp string) { +func (o *SessionCheckURL) SetBasePath(bp string) { o._basePath = bp } // Build a url path and query string -func (o *TenantInfoURL) Build() (*url.URL, error) { +func (o *SessionCheckURL) Build() (*url.URL, error) { var _result url.URL - var _path = "/namespaces/{namespace}/tenants/{tenant}/info" - - namespace := o.Namespace - if namespace != "" { - _path = strings.Replace(_path, "{namespace}", namespace, -1) - } else { - return nil, errors.New("namespace is required on TenantInfoURL") - } - - tenant := o.Tenant - if tenant != "" { - _path = strings.Replace(_path, "{tenant}", tenant, -1) - } else { - return nil, errors.New("tenant is required on TenantInfoURL") - } + var _path = "/session" _basePath := o._basePath if _basePath == "" { @@ -84,7 +64,7 @@ func (o *TenantInfoURL) Build() (*url.URL, error) { } // Must is a helper function to panic when the url builder returns an error -func (o *TenantInfoURL) Must(u *url.URL, err error) *url.URL { +func (o *SessionCheckURL) Must(u *url.URL, err error) *url.URL { if err != nil { panic(err) } @@ -95,17 +75,17 @@ func (o *TenantInfoURL) Must(u *url.URL, err error) *url.URL { } // String returns the string representation of the path with query string -func (o *TenantInfoURL) String() string { +func (o *SessionCheckURL) String() string { return o.Must(o.Build()).String() } // BuildFull builds a full url with scheme, host, path and query string -func (o *TenantInfoURL) BuildFull(scheme, host string) (*url.URL, error) { +func (o *SessionCheckURL) BuildFull(scheme, host string) (*url.URL, error) { if scheme == "" { - return nil, errors.New("scheme is required for a full url on TenantInfoURL") + return nil, errors.New("scheme is required for a full url on SessionCheckURL") } if host == "" { - return nil, errors.New("host is required for a full url on TenantInfoURL") + return nil, errors.New("host is required for a full url on SessionCheckURL") } base, err := o.Build() @@ -119,6 +99,6 @@ func (o *TenantInfoURL) BuildFull(scheme, host string) (*url.URL, error) { } // StringFull returns the string representation of a complete url -func (o *TenantInfoURL) StringFull(scheme, host string) string { +func (o *SessionCheckURL) StringFull(scheme, host string) string { return o.Must(o.BuildFull(scheme, host)).String() } diff --git a/restapi/operator_client.go b/operatorapi/operator_client.go similarity index 99% rename from restapi/operator_client.go rename to operatorapi/operator_client.go index 1d9534c40..b9fbab3ce 100644 --- a/restapi/operator_client.go +++ b/operatorapi/operator_client.go @@ -14,7 +14,7 @@ // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . -package restapi +package operatorapi import ( "context" diff --git a/restapi/admin_direct_csi.go b/operatorapi/operator_direct_csi.go similarity index 83% rename from restapi/admin_direct_csi.go rename to operatorapi/operator_direct_csi.go index 628ac056b..62523876b 100644 --- a/restapi/admin_direct_csi.go +++ b/operatorapi/operator_direct_csi.go @@ -14,7 +14,7 @@ // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . -package restapi +package operatorapi import ( "context" @@ -22,12 +22,15 @@ import ( "sort" "strings" + "github.com/minio/console/restapi" + + "github.com/minio/console/operatorapi/operations/operator_api" + "github.com/minio/console/cluster" "github.com/go-openapi/runtime/middleware" "github.com/minio/console/models" - "github.com/minio/console/restapi/operations" - "github.com/minio/console/restapi/operations/admin_api" + "github.com/minio/console/operatorapi/operations" directv1beta1apis "github.com/minio/direct-csi/pkg/apis/direct.csi.min.io/v1beta1" directv1beta1 "github.com/minio/direct-csi/pkg/clientset/typed/direct.csi.min.io/v1beta1" "github.com/minio/direct-csi/pkg/sys" @@ -36,27 +39,27 @@ import ( const XFS = "xfs" -func registerDirectCSIHandlers(api *operations.ConsoleAPI) { - api.AdminAPIGetDirectCSIDriveListHandler = admin_api.GetDirectCSIDriveListHandlerFunc(func(params admin_api.GetDirectCSIDriveListParams, session *models.Principal) middleware.Responder { +func registerDirectCSIHandlers(api *operations.OperatorAPI) { + api.OperatorAPIGetDirectCSIDriveListHandler = operator_api.GetDirectCSIDriveListHandlerFunc(func(params operator_api.GetDirectCSIDriveListParams, session *models.Principal) middleware.Responder { resp, err := getDirectCSIDrivesListResponse(session) if err != nil { - return admin_api.NewGetDirectCSIDriveListDefault(int(err.Code)).WithPayload(err) + return operator_api.NewGetDirectCSIDriveListDefault(int(err.Code)).WithPayload(err) } - return admin_api.NewGetDirectCSIDriveListOK().WithPayload(resp) + return operator_api.NewGetDirectCSIDriveListOK().WithPayload(resp) }) - api.AdminAPIGetDirectCSIVolumeListHandler = admin_api.GetDirectCSIVolumeListHandlerFunc(func(params admin_api.GetDirectCSIVolumeListParams, session *models.Principal) middleware.Responder { + api.OperatorAPIGetDirectCSIVolumeListHandler = operator_api.GetDirectCSIVolumeListHandlerFunc(func(params operator_api.GetDirectCSIVolumeListParams, session *models.Principal) middleware.Responder { resp, err := getDirectCSIVolumesListResponse(session) if err != nil { - return admin_api.NewGetDirectCSIVolumeListDefault(int(err.Code)).WithPayload(err) + return operator_api.NewGetDirectCSIVolumeListDefault(int(err.Code)).WithPayload(err) } - return admin_api.NewGetDirectCSIVolumeListOK().WithPayload(resp) + return operator_api.NewGetDirectCSIVolumeListOK().WithPayload(resp) }) - api.AdminAPIDirectCSIFormatDriveHandler = admin_api.DirectCSIFormatDriveHandlerFunc(func(params admin_api.DirectCSIFormatDriveParams, session *models.Principal) middleware.Responder { + api.OperatorAPIDirectCSIFormatDriveHandler = operator_api.DirectCSIFormatDriveHandlerFunc(func(params operator_api.DirectCSIFormatDriveParams, session *models.Principal) middleware.Responder { resp, err := formatVolumesResponse(session, params) if err != nil { - return admin_api.NewDirectCSIFormatDriveDefault(int(err.Code)).WithPayload(err) + return operator_api.NewDirectCSIFormatDriveDefault(int(err.Code)).WithPayload(err) } - return admin_api.NewDirectCSIFormatDriveOK().WithPayload(resp) + return operator_api.NewDirectCSIFormatDriveOK().WithPayload(resp) }) } @@ -150,12 +153,12 @@ func getDirectCSIDrivesListResponse(session *models.Principal) (*models.GetDirec ctx := context.Background() client, err := cluster.DirectCSIClient(session.STSSessionToken) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } drives, err := getDirectCSIDriveList(ctx, client.DirectV1beta1()) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } return drives, nil } @@ -204,12 +207,12 @@ func getDirectCSIVolumesListResponse(session *models.Principal) (*models.GetDire ctx := context.Background() client, err := cluster.DirectCSIClient(session.STSSessionToken) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } volumes, err := getDirectCSIVolumesList(ctx, client.DirectV1beta1()) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } return volumes, nil } @@ -301,16 +304,16 @@ func formatDrives(ctx context.Context, clientset directv1beta1.DirectV1beta1Inte return returnErrors, nil } -func formatVolumesResponse(session *models.Principal, params admin_api.DirectCSIFormatDriveParams) (*models.FormatDirectCSIDrivesResponse, *models.Error) { +func formatVolumesResponse(session *models.Principal, params operator_api.DirectCSIFormatDriveParams) (*models.FormatDirectCSIDrivesResponse, *models.Error) { ctx := context.Background() client, err := cluster.DirectCSIClient(session.STSSessionToken) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } formatResult, errFormat := formatDrives(ctx, client.DirectV1beta1(), params.Body.Drives, *params.Body.Force) if errFormat != nil { - return nil, prepareError(errFormat) + return nil, restapi.PrepareError(errFormat) } return formatResult, nil } diff --git a/operatorapi/operator_login.go b/operatorapi/operator_login.go new file mode 100644 index 000000000..3534cad43 --- /dev/null +++ b/operatorapi/operator_login.go @@ -0,0 +1,241 @@ +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . + +package operatorapi + +import ( + "bytes" + "context" + "net/http" + "time" + + "github.com/minio/console/restapi" + + iampolicy "github.com/minio/pkg/iam/policy" + + "github.com/go-openapi/runtime" + "github.com/go-openapi/runtime/middleware" + "github.com/minio/console/models" + "github.com/minio/console/operatorapi/operations" + "github.com/minio/console/operatorapi/operations/user_api" + "github.com/minio/console/pkg/acl" + "github.com/minio/console/pkg/auth" + "github.com/minio/console/pkg/auth/idp/oauth2" +) + +func registerLoginHandlers(api *operations.OperatorAPI) { + // get login strategy + api.UserAPILoginDetailHandler = user_api.LoginDetailHandlerFunc(func(params user_api.LoginDetailParams) middleware.Responder { + loginDetails, err := getLoginDetailsResponse() + if err != nil { + return user_api.NewLoginDetailDefault(int(err.Code)).WithPayload(err) + } + return user_api.NewLoginDetailOK().WithPayload(loginDetails) + }) + // post login + api.UserAPILoginHandler = user_api.LoginHandlerFunc(func(params user_api.LoginParams) middleware.Responder { + loginResponse, err := getLoginResponse(params.Body) + if err != nil { + return user_api.NewLoginDefault(int(err.Code)).WithPayload(err) + } + // Custom response writer to set the session cookies + return middleware.ResponderFunc(func(w http.ResponseWriter, p runtime.Producer) { + cookie := restapi.NewSessionCookieForConsole(loginResponse.SessionID) + http.SetCookie(w, &cookie) + user_api.NewLoginCreated().WithPayload(loginResponse).WriteResponse(w, p) + }) + }) + api.UserAPILoginOauth2AuthHandler = user_api.LoginOauth2AuthHandlerFunc(func(params user_api.LoginOauth2AuthParams) middleware.Responder { + loginResponse, err := getLoginOauth2AuthResponse() + if err != nil { + return user_api.NewLoginOauth2AuthDefault(int(err.Code)).WithPayload(err) + } + // Custom response writer to set the session cookies + return middleware.ResponderFunc(func(w http.ResponseWriter, p runtime.Producer) { + cookie := restapi.NewSessionCookieForConsole(loginResponse.SessionID) + http.SetCookie(w, &cookie) + user_api.NewLoginOauth2AuthCreated().WithPayload(loginResponse).WriteResponse(w, p) + }) + }) + api.UserAPILoginOperatorHandler = user_api.LoginOperatorHandlerFunc(func(params user_api.LoginOperatorParams) middleware.Responder { + loginResponse, err := getLoginOperatorResponse(params.Body) + if err != nil { + return user_api.NewLoginOperatorDefault(int(err.Code)).WithPayload(err) + } + // Custom response writer to set the session cookies + return middleware.ResponderFunc(func(w http.ResponseWriter, p runtime.Producer) { + cookie := restapi.NewSessionCookieForConsole(loginResponse.SessionID) + http.SetCookie(w, &cookie) + user_api.NewLoginOperatorCreated().WithPayload(loginResponse).WriteResponse(w, p) + }) + }) +} + +// login performs a check of consoleCredentials against MinIO, generates some claims and returns the jwt +// for subsequent authentication +func login(credentials restapi.ConsoleCredentialsI) (*string, error) { + // try to obtain consoleCredentials, + tokens, err := credentials.Get() + if err != nil { + return nil, err + } + // if we made it here, the consoleCredentials work, generate a jwt with claims + token, err := auth.NewEncryptedTokenForClient(&tokens, credentials.GetAccountAccessKey(), credentials.GetActions()) + if err != nil { + LogError("error authenticating user: %v", err) + return nil, errInvalidCredentials + } + return &token, nil +} + +// getAccountPolicy will return the associated policy of the current account +func getAccountPolicy(ctx context.Context, client restapi.MinioAdmin) (*iampolicy.Policy, error) { + // Obtain the current policy assigned to this user + // necessary for generating the list of allowed endpoints + accountInfo, err := client.AccountInfo(ctx) + if err != nil { + return nil, err + } + return iampolicy.ParseConfig(bytes.NewReader(accountInfo.Policy)) +} + +// getConsoleCredentials will return consoleCredentials interface including the associated policy of the current account +func getConsoleCredentials(ctx context.Context, accessKey, secretKey string) (*restapi.ConsoleCredentials, error) { + creds, err := restapi.NewConsoleCredentials(accessKey, secretKey, restapi.GetMinIORegion()) + if err != nil { + return nil, err + } + // cCredentials will be sts credentials, account credentials will be need it in the scenario the user wish + // to change its password + cCredentials := &restapi.ConsoleCredentials{ + ConsoleCredentials: creds, + AccountAccessKey: accessKey, + } + tokens, err := cCredentials.Get() + if err != nil { + return nil, err + } + // initialize admin client + mAdminClient, err := restapi.NewMinioAdminClient(&models.Principal{ + STSAccessKeyID: tokens.AccessKeyID, + STSSecretAccessKey: tokens.SecretAccessKey, + STSSessionToken: tokens.SessionToken, + }) + if err != nil { + return nil, err + } + userAdminClient := restapi.AdminClient{Client: mAdminClient} + // Obtain the current policy assigned to this user + // necessary for generating the list of allowed endpoints + policy, err := getAccountPolicy(ctx, userAdminClient) + if err != nil { + return nil, err + } + // by default every user starts with an empty array of available actions + // therefore we would have access only to pages that doesn't require any privilege + // ie: service-account page + var actions []string + // if a policy is assigned to this user we parse the actions from there + if policy != nil { + actions = acl.GetActionsStringFromPolicy(policy) + } + cCredentials.Actions = actions + return cCredentials, nil +} + +// getLoginResponse performs login() and serializes it to the handler's output +func getLoginResponse(lr *models.LoginRequest) (*models.LoginResponse, *models.Error) { + ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second) + defer cancel() + // prepare console credentials + consolCreds, err := getConsoleCredentials(ctx, *lr.AccessKey, *lr.SecretKey) + if err != nil { + return nil, PrepareError(errInvalidCredentials, nil, err) + } + sessionID, err := login(consolCreds) + if err != nil { + return nil, PrepareError(errInvalidCredentials, nil, err) + } + // serialize output + loginResponse := &models.LoginResponse{ + SessionID: *sessionID, + } + return loginResponse, nil +} + +// getLoginDetailsResponse returns information regarding the Console authentication mechanism. +func getLoginDetailsResponse() (*models.LoginDetails, *models.Error) { + ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second) + defer cancel() + loginStrategy := models.LoginDetailsLoginStrategyForm + redirectURL := "" + + if oauth2.IsIdpEnabled() { + loginStrategy = models.LoginDetailsLoginStrategyRedirect + // initialize new oauth2 client + oauth2Client, err := oauth2.NewOauth2ProviderClient(ctx, nil, restapi.GetConsoleSTSClient()) + if err != nil { + return nil, PrepareError(err) + } + // Validate user against IDP + identityProvider := &auth.IdentityProvider{Client: oauth2Client} + redirectURL = identityProvider.GenerateLoginURL() + } else if acl.GetOperatorMode() { + loginStrategy = models.LoginDetailsLoginStrategyServiceDashAccount + } + + loginDetails := &models.LoginDetails{ + LoginStrategy: loginStrategy, + Redirect: redirectURL, + } + return loginDetails, nil +} + +func getLoginOauth2AuthResponse() (*models.LoginResponse, *models.Error) { + + creds, err := restapi.NewConsoleCredentials("", getK8sSAToken(), "") + if err != nil { + return nil, PrepareError(err) + } + credentials := restapi.ConsoleCredentials{ConsoleCredentials: creds, Actions: []string{}} + token, err := login(credentials) + if err != nil { + return nil, PrepareError(errInvalidCredentials, nil, err) + } + // serialize output + loginResponse := &models.LoginResponse{ + SessionID: *token, + } + return loginResponse, nil +} + +// getLoginOperatorResponse validate the provided service account token against k8s api +func getLoginOperatorResponse(lmr *models.LoginOperatorRequest) (*models.LoginResponse, *models.Error) { + creds, err := restapi.NewConsoleCredentials("", *lmr.Jwt, "") + if err != nil { + return nil, PrepareError(err) + } + consoleCreds := restapi.ConsoleCredentials{ConsoleCredentials: creds, Actions: []string{}} + token, err := login(consoleCreds) + if err != nil { + return nil, PrepareError(errInvalidCredentials, nil, err) + } + // serialize output + loginResponse := &models.LoginResponse{ + SessionID: *token, + } + return loginResponse, nil +} diff --git a/restapi/admin_namespaces.go b/operatorapi/operator_namespaces.go similarity index 69% rename from restapi/admin_namespaces.go rename to operatorapi/operator_namespaces.go index 1d5e78d73..21fa27138 100644 --- a/restapi/admin_namespaces.go +++ b/operatorapi/operator_namespaces.go @@ -14,41 +14,43 @@ // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . -package restapi +package operatorapi import ( "context" "errors" + "github.com/minio/console/operatorapi/operations/operator_api" + "github.com/minio/console/restapi" + "github.com/go-openapi/runtime/middleware" "github.com/minio/console/cluster" "github.com/minio/console/models" - "github.com/minio/console/restapi/operations" - "github.com/minio/console/restapi/operations/admin_api" - + "github.com/minio/console/operatorapi/operations" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" v1 "k8s.io/client-go/kubernetes/typed/core/v1" ) -func registerNamespaceHandlers(api *operations.ConsoleAPI) { +func registerNamespaceHandlers(api *operations.OperatorAPI) { // Add Namespace - api.AdminAPICreateNamespaceHandler = admin_api.CreateNamespaceHandlerFunc(func(params admin_api.CreateNamespaceParams, session *models.Principal) middleware.Responder { + //api.OperatorAPICreateNamespaceHandler = operator_api.CreateNamespaceHandlerFunc(func(params operator_api.CreateNamespaceParams, session *models.Principal) middleware.Responder { + api.OperatorAPICreateNamespaceHandler = operator_api.CreateNamespaceHandlerFunc(func(params operator_api.CreateNamespaceParams, session *models.Principal) middleware.Responder { err := getNamespaceCreatedResponse(session, params) if err != nil { - return admin_api.NewCreateNamespaceDefault(int(err.Code)).WithPayload(err) + return operator_api.NewCreateNamespaceDefault(int(err.Code)).WithPayload(err) } return nil }) } -func getNamespaceCreatedResponse(session *models.Principal, params admin_api.CreateNamespaceParams) *models.Error { +func getNamespaceCreatedResponse(session *models.Principal, params operator_api.CreateNamespaceParams) *models.Error { ctx := context.Background() clientset, err := cluster.K8sClient(session.STSSessionToken) if err != nil { - return prepareError(err) + return restapi.PrepareError(err) } namespace := *params.Body.Name @@ -56,7 +58,7 @@ func getNamespaceCreatedResponse(session *models.Principal, params admin_api.Cre errCreation := getNamespaceCreated(ctx, clientset.CoreV1(), namespace) if errCreation != nil { - return prepareError(errCreation) + return restapi.PrepareError(errCreation) } return nil diff --git a/restapi/admin_namespaces_test.go b/operatorapi/operator_namespaces_test.go similarity index 98% rename from restapi/admin_namespaces_test.go rename to operatorapi/operator_namespaces_test.go index b2d72d3f8..01448a8d4 100644 --- a/restapi/admin_namespaces_test.go +++ b/operatorapi/operator_namespaces_test.go @@ -14,7 +14,7 @@ // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . -package restapi +package operatorapi import ( "context" diff --git a/restapi/admin_nodes.go b/operatorapi/operator_nodes.go similarity index 87% rename from restapi/admin_nodes.go rename to operatorapi/operator_nodes.go index a21367a27..60aace1fd 100644 --- a/restapi/admin_nodes.go +++ b/operatorapi/operator_nodes.go @@ -14,7 +14,7 @@ // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . -package restapi +package operatorapi import ( "context" @@ -22,7 +22,8 @@ import ( "github.com/minio/minio-go/v7/pkg/set" - "github.com/minio/console/restapi/operations/operator_api" + "github.com/minio/console/operatorapi/operations/operator_api" + "github.com/minio/console/restapi" "github.com/minio/console/cluster" @@ -30,20 +31,19 @@ import ( "github.com/go-openapi/runtime/middleware" "github.com/minio/console/models" - "github.com/minio/console/restapi/operations" - "github.com/minio/console/restapi/operations/admin_api" + "github.com/minio/console/operatorapi/operations" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" v1 "k8s.io/client-go/kubernetes/typed/core/v1" ) -func registerNodesHandlers(api *operations.ConsoleAPI) { - api.AdminAPIGetMaxAllocatableMemHandler = admin_api.GetMaxAllocatableMemHandlerFunc(func(params admin_api.GetMaxAllocatableMemParams, principal *models.Principal) middleware.Responder { +func registerNodesHandlers(api *operations.OperatorAPI) { + api.OperatorAPIGetMaxAllocatableMemHandler = operator_api.GetMaxAllocatableMemHandlerFunc(func(params operator_api.GetMaxAllocatableMemParams, principal *models.Principal) middleware.Responder { resp, err := getMaxAllocatableMemoryResponse(params.HTTPRequest.Context(), principal, params.NumNodes) if err != nil { - return admin_api.NewGetMaxAllocatableMemDefault(int(err.Code)).WithPayload(err) + return operator_api.NewGetMaxAllocatableMemDefault(int(err.Code)).WithPayload(err) } - return admin_api.NewGetMaxAllocatableMemOK().WithPayload(resp) + return operator_api.NewGetMaxAllocatableMemOK().WithPayload(resp) }) api.OperatorAPIListNodeLabelsHandler = operator_api.ListNodeLabelsHandlerFunc(func(params operator_api.ListNodeLabelsParams, principal *models.Principal) middleware.Responder { @@ -136,12 +136,12 @@ func min(x, y int64) int64 { func getMaxAllocatableMemoryResponse(ctx context.Context, session *models.Principal, numNodes int32) (*models.MaxAllocatableMemResponse, *models.Error) { client, err := cluster.K8sClient(session.STSSessionToken) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } clusterResources, err := getMaxAllocatableMemory(ctx, client.CoreV1(), numNodes) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } return clusterResources, nil } @@ -176,12 +176,12 @@ func getNodeLabels(ctx context.Context, clientset v1.CoreV1Interface) (*models.N func getNodeLabelsResponse(ctx context.Context, session *models.Principal) (*models.NodeLabels, *models.Error) { client, err := cluster.K8sClient(session.STSSessionToken) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } clusterResources, err := getNodeLabels(ctx, client.CoreV1()) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } return clusterResources, nil } diff --git a/restapi/admin_nodes_test.go b/operatorapi/operator_nodes_test.go similarity index 99% rename from restapi/admin_nodes_test.go rename to operatorapi/operator_nodes_test.go index da1d3d664..ae6f4d25b 100644 --- a/restapi/admin_nodes_test.go +++ b/operatorapi/operator_nodes_test.go @@ -14,7 +14,7 @@ // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . -package restapi +package operatorapi import ( "context" diff --git a/restapi/admin_parity.go b/operatorapi/operator_parity.go similarity index 65% rename from restapi/admin_parity.go rename to operatorapi/operator_parity.go index dcfca9c53..78499b6f2 100644 --- a/restapi/admin_parity.go +++ b/operatorapi/operator_parity.go @@ -14,26 +14,28 @@ // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . -package restapi +package operatorapi import ( "fmt" + "github.com/minio/console/restapi" + "github.com/minio/console/pkg/utils" "github.com/go-openapi/runtime/middleware" "github.com/minio/console/models" - "github.com/minio/console/restapi/operations" - "github.com/minio/console/restapi/operations/admin_api" + "github.com/minio/console/operatorapi/operations" + "github.com/minio/console/operatorapi/operations/operator_api" ) -func registerParityHandlers(api *operations.ConsoleAPI) { - api.AdminAPIGetParityHandler = admin_api.GetParityHandlerFunc(func(params admin_api.GetParityParams, principal *models.Principal) middleware.Responder { +func registerParityHandlers(api *operations.OperatorAPI) { + api.OperatorAPIGetParityHandler = operator_api.GetParityHandlerFunc(func(params operator_api.GetParityParams, principal *models.Principal) middleware.Responder { resp, err := getParityResponse(params) if err != nil { - return admin_api.NewGetParityDefault(int(err.Code)).WithPayload(err) + return operator_api.NewGetParityDefault(int(err.Code)).WithPayload(err) } - return admin_api.NewGetParityOK().WithPayload(resp) + return operator_api.NewGetParityOK().WithPayload(resp) }) } @@ -47,14 +49,14 @@ func GetParityInfo(nodes int64, disksPerNode int64) (models.ParityResponse, erro return parityVals, nil } -func getParityResponse(params admin_api.GetParityParams) (models.ParityResponse, *models.Error) { +func getParityResponse(params operator_api.GetParityParams) (models.ParityResponse, *models.Error) { nodes := params.Nodes disksPerNode := params.DisksPerNode parityValues, err := GetParityInfo(nodes, disksPerNode) if err != nil { - LogError("error getting parity info: %v", err) - return nil, prepareError(err) + restapi.LogError("error getting parity info: %v", err) + return nil, restapi.PrepareError(err) } return parityValues, nil diff --git a/restapi/admin_parity_test.go b/operatorapi/operator_parity_test.go similarity index 99% rename from restapi/admin_parity_test.go rename to operatorapi/operator_parity_test.go index 31f0df007..1f74e56a2 100644 --- a/restapi/admin_parity_test.go +++ b/operatorapi/operator_parity_test.go @@ -14,7 +14,7 @@ // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . -package restapi +package operatorapi import ( "encoding/json" diff --git a/operatorapi/operator_session.go b/operatorapi/operator_session.go new file mode 100644 index 000000000..09c6bc1e9 --- /dev/null +++ b/operatorapi/operator_session.go @@ -0,0 +1,57 @@ +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . + +package operatorapi + +import ( + "github.com/go-openapi/runtime/middleware" + "github.com/minio/console/models" + "github.com/minio/console/operatorapi/operations" + "github.com/minio/console/operatorapi/operations/user_api" + "github.com/minio/console/pkg/acl" +) + +func registerSessionHandlers(api *operations.OperatorAPI) { + // session check + api.UserAPISessionCheckHandler = user_api.SessionCheckHandlerFunc(func(params user_api.SessionCheckParams, session *models.Principal) middleware.Responder { + sessionResp, err := getSessionResponse(session) + if err != nil { + return user_api.NewSessionCheckDefault(int(err.Code)).WithPayload(err) + } + return user_api.NewSessionCheckOK().WithPayload(sessionResp) + }) +} + +// getSessionResponse parse the token of the current session and returns a list of allowed actions to render in the UI +func getSessionResponse(session *models.Principal) (*models.SessionResponse, *models.Error) { + // serialize output + if session == nil { + return nil, PrepareError(errorGenericInvalidSession) + } + sessionResp := &models.SessionResponse{ + Pages: acl.GetAuthorizedEndpoints(session.Actions), + Features: getListOfEnabledFeatures(), + Status: models.SessionResponseStatusOk, + Operator: acl.GetOperatorMode(), + } + return sessionResp, nil +} + +// getListOfEnabledFeatures returns a list of features +func getListOfEnabledFeatures() []string { + var features []string + return features +} diff --git a/operatorapi/operator_subscription.go b/operatorapi/operator_subscription.go new file mode 100644 index 000000000..fc0912c19 --- /dev/null +++ b/operatorapi/operator_subscription.go @@ -0,0 +1,362 @@ +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package operatorapi + +import ( + "context" + "errors" + "fmt" + "time" + + "github.com/minio/console/pkg/subnet" + + miniov2 "github.com/minio/operator/pkg/apis/minio.min.io/v2" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + "github.com/minio/console/restapi" + + "github.com/go-openapi/runtime/middleware" + "github.com/minio/console/cluster" + "github.com/minio/console/models" + "github.com/minio/console/operatorapi/operations" + "github.com/minio/console/operatorapi/operations/operator_api" +) + +func registerOperatorSubscriptionHandlers(api *operations.OperatorAPI) { + // Activate license subscription for a particular tenant + api.OperatorAPISubscriptionActivateHandler = operator_api.SubscriptionActivateHandlerFunc(func(params operator_api.SubscriptionActivateParams, session *models.Principal) middleware.Responder { + err := getOperatorSubscriptionActivateResponse(session, params.Namespace, params.Tenant) + if err != nil { + return operator_api.NewSubscriptionActivateDefault(int(err.Code)).WithPayload(err) + } + return operator_api.NewSubscriptionActivateNoContent() + }) + // Refresh license for k8s cluster + api.OperatorAPISubscriptionRefreshHandler = operator_api.SubscriptionRefreshHandlerFunc(func(params operator_api.SubscriptionRefreshParams, session *models.Principal) middleware.Responder { + license, err := getSubscriptionRefreshResponse(session) + if err != nil { + return operator_api.NewSubscriptionRefreshDefault(int(err.Code)).WithPayload(err) + } + return operator_api.NewSubscriptionRefreshOK().WithPayload(license) + }) +} + +// retrieveLicense returns license from K8S secrets (If console is deployed in operator mode) or from +// the configured CONSOLE_SUBNET_LICENSE environment variable +func retrieveLicense(ctx context.Context, sessionToken string) (string, error) { + var license string + + // configure kubernetes client + clientSet, err := cluster.K8sClient(sessionToken) + if err != nil { + return "", err + } + k8sClient := k8sClient{ + client: clientSet, + } + // Get cluster subscription license + license, err = getSubscriptionLicense(ctx, &k8sClient, cluster.Namespace, OperatorSubnetLicenseSecretName) + if err != nil { + return "", err + } + + return license, nil +} + +func getOperatorSubscriptionActivateResponse(session *models.Principal, namespace, tenant string) *models.Error { + // 20 seconds timeout + ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second) + defer cancel() + opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken) + if err != nil { + return restapi.PrepareError(restapi.ErrorGeneric, nil, err) + } + clientSet, err := cluster.K8sClient(session.STSSessionToken) + if err != nil { + return restapi.PrepareError(restapi.ErrorGeneric, nil, err) + } + opClient := &operatorClient{ + client: opClientClientSet, + } + minTenant, err := getTenant(ctx, opClient, namespace, tenant) + if err != nil { + return restapi.PrepareError(err, restapi.ErrorGeneric) + } + // If console is not deployed for this tenant return an error + if minTenant.Spec.Console == nil { + return restapi.PrepareError(restapi.ErrorGenericNotFound) + } + + // configure kubernetes client + k8sClient := k8sClient{ + client: clientSet, + } + // Get cluster subscription license + license, err := getSubscriptionLicense(ctx, &k8sClient, cluster.Namespace, restapi.OperatorSubnetLicenseSecretName) + if err != nil { + return restapi.PrepareError(errInvalidCredentials, nil, err) + } + // add subscription license to existing console Tenant + if err = addSubscriptionLicenseToTenant(ctx, &k8sClient, license, namespace, tenant, minTenant.Spec.Console.ConsoleSecret.Name); err != nil { + return restapi.PrepareError(err, restapi.ErrorGeneric) + } + return nil +} + +// getSubscriptionLicense will retrieve stored license jwt from k8s secret +func getSubscriptionLicense(ctx context.Context, clientSet K8sClientI, namespace, secretName string) (string, error) { + // retrieve license stored in k8s + licenseSecret, err := clientSet.getSecret(ctx, namespace, secretName, metav1.GetOptions{}) + if err != nil { + return "", err + } + license, ok := licenseSecret.Data[ConsoleSubnetLicense] + if !ok { + LogError("subnet secret does not contain a valid subnet license") + return "", restapi.ErrorGeneric + } + return string(license), nil +} + +// addSubscriptionLicenseToTenant replace existing console tenant secret and adds the subnet license key +func addSubscriptionLicenseToTenant(ctx context.Context, clientSet K8sClientI, license, namespace, tenantName, secretName string) error { + // Retrieve console secret for Tenant + consoleSecret, err := clientSet.getSecret(ctx, namespace, secretName, metav1.GetOptions{}) + if err != nil { + return err + } + // Copy current console secret + dataNewSecret := consoleSecret.Data + // Add subnet license to the new console secret + dataNewSecret[ConsoleSubnetLicense] = []byte(license) + // Delete existing console secret + err = clientSet.deleteSecret(ctx, namespace, secretName, metav1.DeleteOptions{}) + if err != nil { + return err + } + // Prepare the new Console Secret + imm := true + newConsoleSecret := &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: secretName, + Labels: map[string]string{ + miniov2.TenantLabel: tenantName, + }, + }, + Immutable: &imm, + Data: dataNewSecret, + } + // Create new Console secret with the subnet License + _, err = clientSet.createSecret(ctx, namespace, newConsoleSecret, metav1.CreateOptions{}) + if err != nil { + return err + } + // restart Console pods based on label: + // v1.min.io/console: TENANT-console + err = clientSet.deletePodCollection(ctx, namespace, metav1.DeleteOptions{}, metav1.ListOptions{ + LabelSelector: fmt.Sprintf("%s=%s%s", miniov2.ConsoleTenantLabel, tenantName, miniov2.ConsoleName), + }) + if err != nil { + return err + } + return nil +} + +// updateTenantLicenseAndRestartConsole +func updateTenantLicenseAndRestartConsole(ctx context.Context, clientSet K8sClientI, license, namespace, tenantName string) error { + consoleSelector := fmt.Sprintf("%s-console", tenantName) + consoleSecretName := fmt.Sprintf("%s-secret", consoleSelector) + // read current console configuration from k8s secrets + currentConsoleSecret, err := clientSet.getSecret(ctx, namespace, consoleSecretName, metav1.GetOptions{}) + if err != nil || currentConsoleSecret == nil { + return err + } + secretData := currentConsoleSecret.Data + secretData[ConsoleSubnetLicense] = []byte(license) + // delete existing console configuration from k8s secrets + err = clientSet.deleteSecret(ctx, namespace, consoleSecretName, metav1.DeleteOptions{}) + if err != nil { + // log the error if any and continue + LogError("unable to delete secret %s: %v", consoleSecretName, err) + } + // Save subnet license in k8s secrets + imm := true + consoleConfigSecret := &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: consoleSecretName, + }, + Immutable: &imm, + Data: secretData, + } + _, err = clientSet.createSecret(ctx, namespace, consoleConfigSecret, metav1.CreateOptions{}) + if err != nil { + return err + } + // restart Console pods based on label: + // v1.min.io/console: TENANT-console + err = clientSet.deletePodCollection(ctx, namespace, metav1.DeleteOptions{}, metav1.ListOptions{ + LabelSelector: fmt.Sprintf("%s=%s%s", miniov2.ConsoleTenantLabel, tenantName, miniov2.ConsoleName), + }) + if err != nil { + return err + } + return nil +} + +func getSubscriptionRefreshResponse(session *models.Principal) (*models.License, *models.Error) { + // 20 seconds timeout + ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second) + defer cancel() + client := &cluster.HTTPClient{ + Client: restapi.GetConsoleSTSClient(), + } + licenseKey, err := retrieveLicense(context.Background(), session.STSSessionToken) + if err != nil { + return nil, PrepareError(errLicenseNotFound, nil, err) + } + newLicenseInfo, licenseRaw, err := subscriptionRefresh(client, licenseKey) + if err != nil { + return nil, PrepareError(errLicenseNotFound, nil, err) + } + // configure kubernetes client + clientSet, err := cluster.K8sClient(session.STSSessionToken) + if err != nil { + return nil, PrepareError(errLicenseNotFound, nil, err) + } + k8sClient := k8sClient{ + client: clientSet, + } + // save license key to k8s and restart all console pods + if err = saveSubscriptionLicense(ctx, &k8sClient, licenseRaw); err != nil { + return nil, PrepareError(restapi.ErrorGeneric, nil, err) + } + // update license for all existing tenants + opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken) + if err != nil { + return nil, PrepareError(err) + } + opClient := &operatorClient{ + client: opClientClientSet, + } + tenants, err := listTenants(ctx, opClient, "", nil) + if err != nil { + return nil, PrepareError(err) + } + // iterate over all tenants, update console configuration and restart console pods + for _, tenant := range tenants.Tenants { + if err := updateTenantLicenseAndRestartConsole(ctx, &k8sClient, licenseRaw, tenant.Namespace, tenant.Name); err != nil { + LogError("unable to updateTenantLicenseAndRestartConsole: %v", err) + } + } + + return newLicenseInfo, nil +} + +// RefreshLicense will check current subnet license and try to renew it +func RefreshLicense() error { + // Get current license + saK8SToken := getK8sSAToken() + licenseKey, err := retrieveLicense(context.Background(), saK8SToken) + if licenseKey == "" { + return errors.New("no license present") + } + if err != nil { + return err + } + client := &cluster.HTTPClient{ + Client: restapi.GetConsoleSTSClient(), + } + // Attempt to refresh license + _, refreshedLicenseKey, err := subscriptionRefresh(client, licenseKey) + if err != nil { + return err + } + if refreshedLicenseKey == "" { + return errors.New("license expired, please open a support ticket at https://subnet.min.io/") + } + // store new license in memory for console ui + LicenseKey = refreshedLicenseKey + ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second) + defer cancel() + clientSet, err := cluster.K8sClient(saK8SToken) + if err != nil { + return err + } + k8sClient := k8sClient{ + client: clientSet, + } + return saveSubscriptionLicense(ctx, &k8sClient, refreshedLicenseKey) +} + +func subscriptionRefresh(httpClient *cluster.HTTPClient, license string) (*models.License, string, error) { + licenseInfo, rawLicense, err := subnet.RefreshLicense(httpClient, license) + if err != nil { + return nil, "", err + } + return &models.License{ + Email: licenseInfo.Email, + AccountID: licenseInfo.AccountID, + StorageCapacity: licenseInfo.StorageCapacity, + Plan: licenseInfo.Plan, + ExpiresAt: licenseInfo.ExpiresAt.String(), + Organization: licenseInfo.Organization, + }, rawLicense, nil +} + +// saveSubscriptionLicense will create or replace an existing subnet license secret in the k8s cluster +func saveSubscriptionLicense(ctx context.Context, clientSet K8sClientI, license string) error { + // Delete subnet license secret if exists + err := clientSet.deleteSecret(ctx, cluster.Namespace, OperatorSubnetLicenseSecretName, metav1.DeleteOptions{}) + if err != nil { + // log the error if any and continue + LogError("unable to delete secret %s: %v", OperatorSubnetLicenseSecretName, err) + } + // Save subnet license in k8s secrets + imm := true + licenseSecret := &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: OperatorSubnetLicenseSecretName, + }, + Immutable: &imm, + Data: map[string][]byte{ + ConsoleSubnetLicense: []byte(license), + }, + } + _, err = clientSet.createSecret(ctx, cluster.Namespace, licenseSecret, metav1.CreateOptions{}) + if err != nil { + return err + } + return nil +} + +// subscriptionValidate will validate the provided jwt license against the subnet public key +func subscriptionValidate(client cluster.HTTPClientI, license, email, password string) (*models.License, string, error) { + licenseInfo, rawLicense, err := subnet.ValidateLicense(client, license, email, password) + if err != nil { + return nil, "", err + } + return &models.License{ + Email: licenseInfo.Email, + AccountID: licenseInfo.AccountID, + StorageCapacity: licenseInfo.StorageCapacity, + Plan: licenseInfo.Plan, + ExpiresAt: licenseInfo.ExpiresAt.String(), + Organization: licenseInfo.Organization, + }, rawLicense, nil +} diff --git a/restapi/admin_subscription_test.go b/operatorapi/operator_subscription_test.go similarity index 99% rename from restapi/admin_subscription_test.go rename to operatorapi/operator_subscription_test.go index b7da40871..e54e86922 100644 --- a/restapi/admin_subscription_test.go +++ b/operatorapi/operator_subscription_test.go @@ -14,7 +14,7 @@ // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . -package restapi +package operatorapi import ( "context" diff --git a/restapi/admin_tenants.go b/operatorapi/operator_tenants.go similarity index 85% rename from restapi/admin_tenants.go rename to operatorapi/operator_tenants.go index 1138f9b2c..060d2659c 100644 --- a/restapi/admin_tenants.go +++ b/operatorapi/operator_tenants.go @@ -14,7 +14,7 @@ // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . -package restapi +package operatorapi import ( "bytes" @@ -33,6 +33,10 @@ import ( "strings" "time" + "github.com/minio/console/restapi" + + "github.com/minio/console/operatorapi/operations/operator_api" + "github.com/minio/console/pkg/auth/utils" "k8s.io/apimachinery/pkg/runtime" @@ -49,8 +53,7 @@ import ( "github.com/go-openapi/runtime/middleware" "github.com/go-openapi/swag" "github.com/minio/console/models" - "github.com/minio/console/restapi/operations" - "github.com/minio/console/restapi/operations/admin_api" + "github.com/minio/console/operatorapi/operations" miniov2 "github.com/minio/operator/pkg/apis/minio.min.io/v2" k8sErrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -68,189 +71,189 @@ type imageRegistryCredentials struct { Auth string `json:"auth"` } -func registerTenantHandlers(api *operations.ConsoleAPI) { +func registerTenantHandlers(api *operations.OperatorAPI) { // Add Tenant - api.AdminAPICreateTenantHandler = admin_api.CreateTenantHandlerFunc(func(params admin_api.CreateTenantParams, session *models.Principal) middleware.Responder { + api.OperatorAPICreateTenantHandler = operator_api.CreateTenantHandlerFunc(func(params operator_api.CreateTenantParams, session *models.Principal) middleware.Responder { resp, err := getTenantCreatedResponse(session, params) if err != nil { - return admin_api.NewCreateTenantDefault(int(err.Code)).WithPayload(err) + return operator_api.NewCreateTenantDefault(int(err.Code)).WithPayload(err) } - return admin_api.NewCreateTenantOK().WithPayload(resp) + return operator_api.NewCreateTenantOK().WithPayload(resp) }) // List All Tenants of all namespaces - api.AdminAPIListAllTenantsHandler = admin_api.ListAllTenantsHandlerFunc(func(params admin_api.ListAllTenantsParams, session *models.Principal) middleware.Responder { + api.OperatorAPIListAllTenantsHandler = operator_api.ListAllTenantsHandlerFunc(func(params operator_api.ListAllTenantsParams, session *models.Principal) middleware.Responder { resp, err := getListAllTenantsResponse(session, params) if err != nil { - return admin_api.NewListTenantsDefault(int(err.Code)).WithPayload(err) + return operator_api.NewListTenantsDefault(int(err.Code)).WithPayload(err) } - return admin_api.NewListTenantsOK().WithPayload(resp) + return operator_api.NewListTenantsOK().WithPayload(resp) }) // List Tenants by namespace - api.AdminAPIListTenantsHandler = admin_api.ListTenantsHandlerFunc(func(params admin_api.ListTenantsParams, session *models.Principal) middleware.Responder { + api.OperatorAPIListTenantsHandler = operator_api.ListTenantsHandlerFunc(func(params operator_api.ListTenantsParams, session *models.Principal) middleware.Responder { resp, err := getListTenantsResponse(session, params) if err != nil { - return admin_api.NewListTenantsDefault(int(err.Code)).WithPayload(err) + return operator_api.NewListTenantsDefault(int(err.Code)).WithPayload(err) } - return admin_api.NewListTenantsOK().WithPayload(resp) + return operator_api.NewListTenantsOK().WithPayload(resp) }) // Detail Tenant - api.AdminAPITenantDetailsHandler = admin_api.TenantDetailsHandlerFunc(func(params admin_api.TenantDetailsParams, session *models.Principal) middleware.Responder { + api.OperatorAPITenantDetailsHandler = operator_api.TenantDetailsHandlerFunc(func(params operator_api.TenantDetailsParams, session *models.Principal) middleware.Responder { resp, err := getTenantDetailsResponse(session, params) if err != nil { - return admin_api.NewTenantDetailsDefault(int(err.Code)).WithPayload(err) + return operator_api.NewTenantDetailsDefault(int(err.Code)).WithPayload(err) } - return admin_api.NewTenantDetailsOK().WithPayload(resp) + return operator_api.NewTenantDetailsOK().WithPayload(resp) }) // Tenant Security details - api.AdminAPITenantSecurityHandler = admin_api.TenantSecurityHandlerFunc(func(params admin_api.TenantSecurityParams, session *models.Principal) middleware.Responder { + api.OperatorAPITenantSecurityHandler = operator_api.TenantSecurityHandlerFunc(func(params operator_api.TenantSecurityParams, session *models.Principal) middleware.Responder { resp, err := getTenantSecurityResponse(session, params) if err != nil { - return admin_api.NewTenantSecurityDefault(int(err.Code)).WithPayload(err) + return operator_api.NewTenantSecurityDefault(int(err.Code)).WithPayload(err) } - return admin_api.NewTenantSecurityOK().WithPayload(resp) + return operator_api.NewTenantSecurityOK().WithPayload(resp) }) // Update Tenant Security configuration - api.AdminAPIUpdateTenantSecurityHandler = admin_api.UpdateTenantSecurityHandlerFunc(func(params admin_api.UpdateTenantSecurityParams, session *models.Principal) middleware.Responder { + api.OperatorAPIUpdateTenantSecurityHandler = operator_api.UpdateTenantSecurityHandlerFunc(func(params operator_api.UpdateTenantSecurityParams, session *models.Principal) middleware.Responder { err := getUpdateTenantSecurityResponse(session, params) if err != nil { - return admin_api.NewUpdateTenantSecurityDefault(int(err.Code)).WithPayload(err) + return operator_api.NewUpdateTenantSecurityDefault(int(err.Code)).WithPayload(err) } - return admin_api.NewUpdateTenantSecurityNoContent() + return operator_api.NewUpdateTenantSecurityNoContent() }) // Delete Tenant - api.AdminAPIDeleteTenantHandler = admin_api.DeleteTenantHandlerFunc(func(params admin_api.DeleteTenantParams, session *models.Principal) middleware.Responder { + api.OperatorAPIDeleteTenantHandler = operator_api.DeleteTenantHandlerFunc(func(params operator_api.DeleteTenantParams, session *models.Principal) middleware.Responder { err := getDeleteTenantResponse(session, params) if err != nil { - return admin_api.NewTenantInfoDefault(int(err.Code)).WithPayload(err) + return operator_api.NewDeleteTenantDefault(int(err.Code)).WithPayload(err) } - return admin_api.NewTenantInfoOK() + return operator_api.NewDeleteTenantNoContent() }) // Delete Pod - api.AdminAPIDeletePodHandler = admin_api.DeletePodHandlerFunc(func(params admin_api.DeletePodParams, session *models.Principal) middleware.Responder { + api.OperatorAPIDeletePodHandler = operator_api.DeletePodHandlerFunc(func(params operator_api.DeletePodParams, session *models.Principal) middleware.Responder { err := getDeletePodResponse(session, params) if err != nil { - return admin_api.NewTenantInfoDefault(int(err.Code)).WithPayload(err) + return operator_api.NewDeletePodDefault(int(err.Code)).WithPayload(err) } - return admin_api.NewTenantInfoOK() + return operator_api.NewDeletePodNoContent() }) // Update Tenant - api.AdminAPIUpdateTenantHandler = admin_api.UpdateTenantHandlerFunc(func(params admin_api.UpdateTenantParams, session *models.Principal) middleware.Responder { + api.OperatorAPIUpdateTenantHandler = operator_api.UpdateTenantHandlerFunc(func(params operator_api.UpdateTenantParams, session *models.Principal) middleware.Responder { err := getUpdateTenantResponse(session, params) if err != nil { - return admin_api.NewUpdateTenantDefault(int(err.Code)).WithPayload(err) + return operator_api.NewUpdateTenantDefault(int(err.Code)).WithPayload(err) } - return admin_api.NewUpdateTenantCreated() + return operator_api.NewUpdateTenantCreated() }) // Add Tenant Pools - api.AdminAPITenantAddPoolHandler = admin_api.TenantAddPoolHandlerFunc(func(params admin_api.TenantAddPoolParams, session *models.Principal) middleware.Responder { + api.OperatorAPITenantAddPoolHandler = operator_api.TenantAddPoolHandlerFunc(func(params operator_api.TenantAddPoolParams, session *models.Principal) middleware.Responder { err := getTenantAddPoolResponse(session, params) if err != nil { - return admin_api.NewTenantAddPoolDefault(int(err.Code)).WithPayload(err) + return operator_api.NewTenantAddPoolDefault(int(err.Code)).WithPayload(err) } - return admin_api.NewTenantAddPoolCreated() + return operator_api.NewTenantAddPoolCreated() }) // Get Tenant Usage - api.AdminAPIGetTenantUsageHandler = admin_api.GetTenantUsageHandlerFunc(func(params admin_api.GetTenantUsageParams, session *models.Principal) middleware.Responder { + api.OperatorAPIGetTenantUsageHandler = operator_api.GetTenantUsageHandlerFunc(func(params operator_api.GetTenantUsageParams, session *models.Principal) middleware.Responder { payload, err := getTenantUsageResponse(session, params) if err != nil { - return admin_api.NewGetTenantUsageDefault(int(err.Code)).WithPayload(err) + return operator_api.NewGetTenantUsageDefault(int(err.Code)).WithPayload(err) } - return admin_api.NewGetTenantUsageOK().WithPayload(payload) + return operator_api.NewGetTenantUsageOK().WithPayload(payload) }) - api.AdminAPIGetTenantPodsHandler = admin_api.GetTenantPodsHandlerFunc(func(params admin_api.GetTenantPodsParams, session *models.Principal) middleware.Responder { + api.OperatorAPIGetTenantPodsHandler = operator_api.GetTenantPodsHandlerFunc(func(params operator_api.GetTenantPodsParams, session *models.Principal) middleware.Responder { payload, err := getTenantPodsResponse(session, params) if err != nil { - return admin_api.NewGetTenantPodsDefault(int(err.Code)).WithPayload(err) + return operator_api.NewGetTenantPodsDefault(int(err.Code)).WithPayload(err) } - return admin_api.NewGetTenantPodsOK().WithPayload(payload) + return operator_api.NewGetTenantPodsOK().WithPayload(payload) }) - api.AdminAPIGetPodLogsHandler = admin_api.GetPodLogsHandlerFunc(func(params admin_api.GetPodLogsParams, session *models.Principal) middleware.Responder { + api.OperatorAPIGetPodLogsHandler = operator_api.GetPodLogsHandlerFunc(func(params operator_api.GetPodLogsParams, session *models.Principal) middleware.Responder { payload, err := getPodLogsResponse(session, params) if err != nil { - return admin_api.NewGetPodLogsDefault(int(err.Code)).WithPayload(err) + return operator_api.NewGetPodLogsDefault(int(err.Code)).WithPayload(err) } - return admin_api.NewGetPodLogsOK().WithPayload(payload) + return operator_api.NewGetPodLogsOK().WithPayload(payload) }) - api.AdminAPIGetPodEventsHandler = admin_api.GetPodEventsHandlerFunc(func(params admin_api.GetPodEventsParams, session *models.Principal) middleware.Responder { + api.OperatorAPIGetPodEventsHandler = operator_api.GetPodEventsHandlerFunc(func(params operator_api.GetPodEventsParams, session *models.Principal) middleware.Responder { payload, err := getPodEventsResponse(session, params) if err != nil { - return admin_api.NewGetPodEventsDefault(int(err.Code)).WithPayload(err) + return operator_api.NewGetPodEventsDefault(int(err.Code)).WithPayload(err) } - return admin_api.NewGetPodEventsOK().WithPayload(payload) + return operator_api.NewGetPodEventsOK().WithPayload(payload) }) // Update Tenant Pools - api.AdminAPITenantUpdatePoolsHandler = admin_api.TenantUpdatePoolsHandlerFunc(func(params admin_api.TenantUpdatePoolsParams, session *models.Principal) middleware.Responder { + api.OperatorAPITenantUpdatePoolsHandler = operator_api.TenantUpdatePoolsHandlerFunc(func(params operator_api.TenantUpdatePoolsParams, session *models.Principal) middleware.Responder { resp, err := getTenantUpdatePoolResponse(session, params) if err != nil { - return admin_api.NewTenantUpdatePoolsDefault(int(err.Code)).WithPayload(err) + return operator_api.NewTenantUpdatePoolsDefault(int(err.Code)).WithPayload(err) } - return admin_api.NewTenantUpdatePoolsOK().WithPayload(resp) + return operator_api.NewTenantUpdatePoolsOK().WithPayload(resp) }) // Update Tenant Certificates - api.AdminAPITenantUpdateCertificateHandler = admin_api.TenantUpdateCertificateHandlerFunc(func(params admin_api.TenantUpdateCertificateParams, session *models.Principal) middleware.Responder { + api.OperatorAPITenantUpdateCertificateHandler = operator_api.TenantUpdateCertificateHandlerFunc(func(params operator_api.TenantUpdateCertificateParams, session *models.Principal) middleware.Responder { err := getTenantUpdateCertificatesResponse(session, params) if err != nil { - return admin_api.NewTenantUpdateCertificateDefault(int(err.Code)).WithPayload(err) + return operator_api.NewTenantUpdateCertificateDefault(int(err.Code)).WithPayload(err) } - return admin_api.NewTenantUpdateCertificateCreated() + return operator_api.NewTenantUpdateCertificateCreated() }) // Update Tenant Encryption Configuration - api.AdminAPITenantUpdateEncryptionHandler = admin_api.TenantUpdateEncryptionHandlerFunc(func(params admin_api.TenantUpdateEncryptionParams, session *models.Principal) middleware.Responder { + api.OperatorAPITenantUpdateEncryptionHandler = operator_api.TenantUpdateEncryptionHandlerFunc(func(params operator_api.TenantUpdateEncryptionParams, session *models.Principal) middleware.Responder { err := getTenantUpdateEncryptionResponse(session, params) if err != nil { - return admin_api.NewTenantUpdateEncryptionDefault(int(err.Code)).WithPayload(err) + return operator_api.NewTenantUpdateEncryptionDefault(int(err.Code)).WithPayload(err) } - return admin_api.NewTenantUpdateEncryptionCreated() + return operator_api.NewTenantUpdateEncryptionCreated() }) // Get Tenant YAML - api.AdminAPIGetTenantYAMLHandler = admin_api.GetTenantYAMLHandlerFunc(func(params admin_api.GetTenantYAMLParams, principal *models.Principal) middleware.Responder { + api.OperatorAPIGetTenantYAMLHandler = operator_api.GetTenantYAMLHandlerFunc(func(params operator_api.GetTenantYAMLParams, principal *models.Principal) middleware.Responder { payload, err := getTenantYAML(principal, params) if err != nil { - return admin_api.NewGetTenantYAMLDefault(int(err.Code)).WithPayload(err) + return operator_api.NewGetTenantYAMLDefault(int(err.Code)).WithPayload(err) } - return admin_api.NewGetTenantYAMLOK().WithPayload(payload) + return operator_api.NewGetTenantYAMLOK().WithPayload(payload) }) // Update Tenant YAML - api.AdminAPIPutTenantYAMLHandler = admin_api.PutTenantYAMLHandlerFunc(func(params admin_api.PutTenantYAMLParams, principal *models.Principal) middleware.Responder { + api.OperatorAPIPutTenantYAMLHandler = operator_api.PutTenantYAMLHandlerFunc(func(params operator_api.PutTenantYAMLParams, principal *models.Principal) middleware.Responder { err := getUpdateTenantYAML(principal, params) if err != nil { - return admin_api.NewPutTenantYAMLDefault(int(err.Code)).WithPayload(err) + return operator_api.NewPutTenantYAMLDefault(int(err.Code)).WithPayload(err) } - return admin_api.NewPutTenantYAMLCreated() + return operator_api.NewPutTenantYAMLCreated() }) } // getDeleteTenantResponse gets the output of deleting a minio instance -func getDeleteTenantResponse(session *models.Principal, params admin_api.DeleteTenantParams) *models.Error { +func getDeleteTenantResponse(session *models.Principal, params operator_api.DeleteTenantParams) *models.Error { opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken) if err != nil { - return prepareError(err) + return restapi.PrepareError(err) } // get Kubernetes Client clientset, err := cluster.K8sClient(session.STSSessionToken) if err != nil { - return prepareError(err) + return restapi.PrepareError(err) } opClient := &operatorClient{ client: opClientClientSet, @@ -260,7 +263,7 @@ func getDeleteTenantResponse(session *models.Principal, params admin_api.DeleteT deleteTenantPVCs = params.Body.DeletePvcs } if err = deleteTenantAction(context.Background(), opClient, clientset.CoreV1(), params.Namespace, params.Tenant, deleteTenantPVCs); err != nil { - return prepareError(err) + return restapi.PrepareError(err) } return nil } @@ -299,19 +302,19 @@ func deleteTenantAction( } // getDeleteTenantResponse gets the output of deleting a minio instance -func getDeletePodResponse(session *models.Principal, params admin_api.DeletePodParams) *models.Error { +func getDeletePodResponse(session *models.Principal, params operator_api.DeletePodParams) *models.Error { ctx := context.Background() // get Kubernetes Client clientset, err := cluster.K8sClient(session.STSSessionToken) if err != nil { - return prepareError(err) + return restapi.PrepareError(err) } listOpts := metav1.ListOptions{ LabelSelector: fmt.Sprintf("v1.min.io/tenant=%s", params.Tenant), FieldSelector: fmt.Sprintf("metadata.name=%s%s", params.Tenant, params.PodName[len(params.Tenant):]), } if err = clientset.CoreV1().Pods(params.Namespace).DeleteCollection(ctx, metav1.DeleteOptions{}, listOpts); err != nil { - return prepareError(err) + return restapi.PrepareError(err) } return nil } @@ -333,7 +336,7 @@ func getTenantAdminClient(ctx context.Context, client K8sClientI, tenant *miniov return nil, err } sessionToken := "" - mAdmin, pErr := NewAdminClientWithInsecure(svcURL, tenantCreds.accessKey, tenantCreds.secretKey, sessionToken, false) + mAdmin, pErr := restapi.NewAdminClientWithInsecure(svcURL, tenantCreds.accessKey, tenantCreds.secretKey, sessionToken, false) if pErr != nil { return nil, pErr.Cause } @@ -356,13 +359,13 @@ func getTenantCreds(ctx context.Context, client K8sClientI, tenant *miniov2.Tena } tenantAccessKey, ok := creds.Data["accesskey"] if !ok { - LogError("tenant's secret doesn't contain accesskey") - return nil, errorGeneric + restapi.LogError("tenant's secret doesn't contain accesskey") + return nil, restapi.ErrorGeneric } tenantSecretKey, ok := creds.Data["secretkey"] if !ok { - LogError("tenant's secret doesn't contain secretkey") - return nil, errorGeneric + restapi.LogError("tenant's secret doesn't contain secretkey") + return nil, restapi.ErrorGeneric } // TODO: // We need to avoid using minio root credentials to talk to tenants, and instead use a different user credentials @@ -428,13 +431,13 @@ func getTenantInfo(tenant *miniov2.Tenant) *models.Tenant { } } -func getTenantDetailsResponse(session *models.Principal, params admin_api.TenantDetailsParams) (*models.Tenant, *models.Error) { +func getTenantDetailsResponse(session *models.Principal, params operator_api.TenantDetailsParams) (*models.Tenant, *models.Error) { // 5 seconds timeout ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second) defer cancel() opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } opClient := &operatorClient{ @@ -443,7 +446,7 @@ func getTenantDetailsResponse(session *models.Principal, params admin_api.Tenant minTenant, err := getTenant(ctx, opClient, params.Namespace, params.Tenant) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } info := getTenantInfo(minTenant) @@ -459,7 +462,7 @@ func getTenantDetailsResponse(session *models.Principal, params admin_api.Tenant // get Kubernetes Client clientSet, err := cluster.K8sClient(session.STSSessionToken) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } k8sClient := k8sClient{ @@ -474,7 +477,7 @@ func getTenantDetailsResponse(session *models.Principal, params admin_api.Tenant consoleSecret, err := clientSet.CoreV1().Secrets(minTenant.Namespace).Get(ctx, consoleSecretName, metav1.GetOptions{}) // we can tolerate not getting this secret if err != nil { - LogError("unable to fetch existing secrets for %s: %v", minTenant.Name, err) + restapi.LogError("unable to fetch existing secrets for %s: %v", minTenant.Name, err) } if consoleSecret != nil { if _, ok := consoleSecret.Data["CONSOLE_IDP_URL"]; ok { @@ -503,7 +506,7 @@ func getTenantDetailsResponse(session *models.Principal, params admin_api.Tenant license, _ := getSubscriptionLicense(context.Background(), &k8sClient, params.Namespace, minTenant.Spec.Console.ConsoleSecret.Name) if license != "" { client := &cluster.HTTPClient{ - Client: GetConsoleSTSClient(), + Client: restapi.GetConsoleSTSClient(), } licenseInfo, _, _ := subscriptionValidate(client, license, "", "") // if licenseInfo is present attach it to the tenantInfo response @@ -528,13 +531,13 @@ func getTenantDetailsResponse(session *models.Principal, params admin_api.Tenant minSvc, err := k8sClient.getService(ctx, minTenant.Namespace, minTenant.MinIOCIServiceName(), metav1.GetOptions{}) if err != nil { // we can tolerate this error - LogError("Unable to get MinIO service name: %v, continuing", err) + restapi.LogError("Unable to get MinIO service name: %v, continuing", err) } //console service conSvc, err := k8sClient.getService(ctx, minTenant.Namespace, minTenant.ConsoleCIServiceName(), metav1.GetOptions{}) if err != nil { // we can tolerate this error - LogError("Unable to get MinIO console service name: %v, continuing", err) + restapi.LogError("Unable to get MinIO console service name: %v, continuing", err) } schema := "http" @@ -649,21 +652,21 @@ func getTenantSecurity(ctx context.Context, clientSet K8sClientI, tenant *miniov }, nil } -func getTenantSecurityResponse(session *models.Principal, params admin_api.TenantSecurityParams) (*models.TenantSecurityResponse, *models.Error) { +func getTenantSecurityResponse(session *models.Principal, params operator_api.TenantSecurityParams) (*models.TenantSecurityResponse, *models.Error) { // 5 seconds timeout ctx := context.Background() //ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second) //defer cancel() opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } opClient := &operatorClient{ client: opClientClientSet, } minTenant, err := getTenant(ctx, opClient, params.Namespace, params.Tenant) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } // get Kubernetes Client clientSet, err := cluster.K8sClient(session.STSSessionToken) @@ -671,27 +674,27 @@ func getTenantSecurityResponse(session *models.Principal, params admin_api.Tenan client: clientSet, } if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } info, err := getTenantSecurity(ctx, &k8sClient, minTenant) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } return info, nil } -func getUpdateTenantSecurityResponse(session *models.Principal, params admin_api.UpdateTenantSecurityParams) *models.Error { +func getUpdateTenantSecurityResponse(session *models.Principal, params operator_api.UpdateTenantSecurityParams) *models.Error { // 5 seconds timeout ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second) defer cancel() opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken) if err != nil { - return prepareError(err) + return restapi.PrepareError(err) } // get Kubernetes Client clientSet, err := cluster.K8sClient(session.STSSessionToken) if err != nil { - return prepareError(err) + return restapi.PrepareError(err) } k8sClient := k8sClient{ client: clientSet, @@ -700,13 +703,13 @@ func getUpdateTenantSecurityResponse(session *models.Principal, params admin_api client: opClientClientSet, } if err := updateTenantSecurity(ctx, opClient, &k8sClient, params.Namespace, params); err != nil { - return prepareError(err, errors.New("unable to update tenant")) + return restapi.PrepareError(err, errors.New("unable to update tenant")) } return nil } // updateTenantSecurity -func updateTenantSecurity(ctx context.Context, operatorClient OperatorClientI, client K8sClientI, namespace string, params admin_api.UpdateTenantSecurityParams) error { +func updateTenantSecurity(ctx context.Context, operatorClient OperatorClientI, client K8sClientI, namespace string, params operator_api.UpdateTenantSecurityParams) error { minInst, err := operatorClient.TenantGet(ctx, namespace, params.Tenant, metav1.GetOptions{}) if err != nil { return err @@ -850,7 +853,7 @@ func updateTenantSecurity(ctx context.Context, operatorClient OperatorClientI, c for _, secretName := range params.Body.CustomCertificates.SecretsToBeDeleted { err = client.deleteSecret(ctx, minInst.Namespace, secretName, metav1.DeleteOptions{}) if err != nil { - LogError("error deleting secret: %v", err) + restapi.LogError("error deleting secret: %v", err) } } return nil @@ -910,40 +913,40 @@ func listTenants(ctx context.Context, operatorClient OperatorClientI, namespace }, nil } -func getListAllTenantsResponse(session *models.Principal, params admin_api.ListAllTenantsParams) (*models.ListTenantsResponse, *models.Error) { +func getListAllTenantsResponse(session *models.Principal, params operator_api.ListAllTenantsParams) (*models.ListTenantsResponse, *models.Error) { ctx := context.Background() opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } opClient := &operatorClient{ client: opClientClientSet, } listT, err := listTenants(ctx, opClient, "", params.Limit) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } return listT, nil } // getListTenantsResponse list tenants by namespace -func getListTenantsResponse(session *models.Principal, params admin_api.ListTenantsParams) (*models.ListTenantsResponse, *models.Error) { +func getListTenantsResponse(session *models.Principal, params operator_api.ListTenantsParams) (*models.ListTenantsResponse, *models.Error) { ctx := context.Background() opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } opClient := &operatorClient{ client: opClientClientSet, } listT, err := listTenants(ctx, opClient, params.Namespace, params.Limit) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } return listT, nil } -func getTenantCreatedResponse(session *models.Principal, params admin_api.CreateTenantParams) (response *models.CreateTenantResponse, mError *models.Error) { +func getTenantCreatedResponse(session *models.Principal, params operator_api.CreateTenantParams) (response *models.CreateTenantResponse, mError *models.Error) { tenantReq := params.Body minioImage := tenantReq.Image ctx := context.Background() @@ -962,14 +965,14 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create client: clientSet, } if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } ns := *tenantReq.Namespace // if access/secret are provided, use them, else create a random pair - accessKey := RandomCharString(16) - secretKey := RandomCharString(32) + accessKey := restapi.RandomCharString(16) + secretKey := restapi.RandomCharString(32) if tenantReq.AccessKey != "" { accessKey = tenantReq.AccessKey @@ -1001,19 +1004,19 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create } _, err = clientSet.CoreV1().Secrets(ns).Create(ctx, &instanceSecret, metav1.CreateOptions{}) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } // delete secrets created if an error occurred during tenant creation, defer func() { if mError != nil { - LogError("deleting secrets created for failed tenant: %s if any: %v", tenantName, mError) + restapi.LogError("deleting secrets created for failed tenant: %s if any: %v", tenantName, mError) opts := metav1.ListOptions{ LabelSelector: fmt.Sprintf("%s=%s", miniov2.TenantLabel, tenantName), } err = clientSet.CoreV1().Secrets(ns).DeleteCollection(ctx, metav1.DeleteOptions{}, opts) if err != nil { - LogError("error deleting tenant's secrets: %v", err) + restapi.LogError("error deleting tenant's secrets: %v", err) } } }() @@ -1022,7 +1025,7 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create // Check the Erasure Coding Parity for validity and pass it to Tenant if tenantReq.ErasureCodingParity > 0 { if tenantReq.ErasureCodingParity < 2 || tenantReq.ErasureCodingParity > 8 { - return nil, prepareError(errorInvalidErasureCodingValue) + return nil, restapi.PrepareError(errorInvalidErasureCodingValue) } environmentVariables = append(environmentVariables, corev1.EnvVar{ Name: "MINIO_STORAGE_CLASS_STANDARD", @@ -1118,7 +1121,7 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create } _, err := clientSet.CoreV1().Secrets(ns).Create(ctx, &userSecret, metav1.CreateOptions{}) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } } // attach the users to the tenant @@ -1144,7 +1147,7 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create externalCertSecretName := fmt.Sprintf("%s-instance-external-certificates", secretName) externalCertSecret, err := createOrReplaceExternalCertSecrets(ctx, &k8sClient, ns, tenantReq.TLS.Minio, externalCertSecretName, tenantName) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } minInst.Spec.ExternalCertSecret = externalCertSecret } @@ -1156,7 +1159,7 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create certificates := []*models.KeyPairConfiguration{tenantReq.Encryption.Client} certificateSecrets, err := createOrReplaceExternalCertSecrets(ctx, &k8sClient, ns, certificates, tenantExternalClientCertSecretName, tenantName) if err != nil { - return nil, prepareError(errorGeneric) + return nil, restapi.PrepareError(restapi.ErrorGeneric) } if len(certificateSecrets) > 0 { minInst.Spec.ExternalClientCertSecret = certificateSecrets[0] @@ -1166,7 +1169,7 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create // KES configuration for Tenant instance minInst.Spec.KES, err = getKESConfiguration(ctx, &k8sClient, ns, tenantReq.Encryption, secretName, tenantName) if err != nil { - return nil, prepareError(errorGeneric) + return nil, restapi.PrepareError(restapi.ErrorGeneric) } // Set Labels, Annotations and Node Selector for KES minInst.Spec.KES.Labels = tenantReq.Encryption.Labels @@ -1179,7 +1182,7 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create for i, caCertificate := range tenantReq.TLS.CaCertificates { certificateContent, err := base64.StdEncoding.DecodeString(caCertificate) if err != nil { - return nil, prepareError(errorGeneric, nil, err) + return nil, restapi.PrepareError(restapi.ErrorGeneric, nil, err) } caCertificates = append(caCertificates, tenantSecret{ Name: fmt.Sprintf("ca-certificate-%d", i), @@ -1191,7 +1194,7 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create if len(caCertificates) > 0 { certificateSecrets, err := createOrReplaceSecrets(ctx, &k8sClient, ns, caCertificates, tenantName) if err != nil { - return nil, prepareError(errorGeneric, nil, err) + return nil, restapi.PrepareError(restapi.ErrorGeneric, nil, err) } minInst.Spec.ExternalCaCertSecret = certificateSecrets } @@ -1210,14 +1213,14 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create consoleSelector := fmt.Sprintf("%s-console", tenantName) consoleSecretName := fmt.Sprintf("%s-secret", consoleSelector) consoleSecretData := map[string][]byte{ - "CONSOLE_PBKDF_PASSPHRASE": []byte(RandomCharString(16)), - "CONSOLE_PBKDF_SALT": []byte(RandomCharString(8)), + "CONSOLE_PBKDF_PASSPHRASE": []byte(restapi.RandomCharString(16)), + "CONSOLE_PBKDF_SALT": []byte(restapi.RandomCharString(8)), } // If Subnet License is present in k8s secrets, copy that to the CONSOLE_SUBNET_LICENSE env variable // of the console tenant - license, _ := getSubscriptionLicense(ctx, &k8sClient, cluster.Namespace, OperatorSubnetLicenseSecretName) + license, _ := getSubscriptionLicense(ctx, &k8sClient, cluster.Namespace, restapi.OperatorSubnetLicenseSecretName) if license != "" { - consoleSecretData[ConsoleSubnetLicense] = []byte(license) + consoleSecretData[restapi.ConsoleSubnetLicense] = []byte(license) } imm := true instanceSecret := corev1.Secret{ @@ -1248,7 +1251,7 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create certificates := []*models.KeyPairConfiguration{tenantReq.TLS.Console} externalCertSecret, err := createOrReplaceExternalCertSecrets(ctx, &k8sClient, ns, certificates, externalCertSecretName, tenantName) if err != nil { - return nil, prepareError(errorGeneric) + return nil, restapi.PrepareError(restapi.ErrorGeneric) } if len(externalCertSecret) > 0 { minInst.Spec.Console.ExternalCertSecret = externalCertSecret[0] @@ -1280,7 +1283,7 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create _, err = clientSet.CoreV1().Secrets(ns).Create(ctx, &instanceSecret, metav1.CreateOptions{}) if err != nil { - return nil, prepareError(errorGeneric) + return nil, restapi.PrepareError(restapi.ErrorGeneric) } // Set Labels, Annotations and Node Selector for Console @@ -1296,7 +1299,7 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create for i, caCertificate := range tenantReq.TLS.ConsoleCaCertificates { certificateContent, err := base64.StdEncoding.DecodeString(caCertificate) if err != nil { - return nil, prepareError(errorGeneric, nil, err) + return nil, restapi.PrepareError(restapi.ErrorGeneric, nil, err) } caCertificates = append(caCertificates, tenantSecret{ Name: fmt.Sprintf("console-ca-certificate-%d", i), @@ -1308,7 +1311,7 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create if len(caCertificates) > 0 { certificateSecrets, err := createOrReplaceSecrets(ctx, &k8sClient, ns, caCertificates, tenantName) if err != nil { - return nil, prepareError(errorGeneric, nil, err) + return nil, restapi.PrepareError(restapi.ErrorGeneric, nil, err) } minInst.Spec.Console.ExternalCaCertSecret = certificateSecrets } @@ -1326,8 +1329,8 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create for _, pool := range tenantReq.Pools { pool, err := parseTenantPoolRequest(pool) if err != nil { - LogError("parseTenantPoolRequest failed: %v", err) - return nil, prepareError(err) + restapi.LogError("parseTenantPoolRequest failed: %v", err) + return nil, restapi.PrepareError(err) } minInst.Spec.Pools = append(minInst.Spec.Pools, *pool) } @@ -1343,7 +1346,7 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create if tenantReq.ImagePullSecret != "" { imagePullSecret = tenantReq.ImagePullSecret } else if imagePullSecret, err = setImageRegistry(ctx, tenantReq.ImageRegistry, clientSet.CoreV1(), ns, tenantName); err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } // pass the image pull secret to the Tenant if imagePullSecret != "" { @@ -1462,20 +1465,20 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create opClient, err := cluster.OperatorClient(session.STSSessionToken) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } _, err = opClient.MinioV2().Tenants(ns).Create(context.Background(), &minInst, metav1.CreateOptions{}) if err != nil { - LogError("Creating new tenant failed with: %v", err) - return nil, prepareError(err) + restapi.LogError("Creating new tenant failed with: %v", err) + return nil, restapi.PrepareError(err) } // Integrations if os.Getenv("GKE_INTEGRATION") != "" { err := gkeIntegration(clientSet, tenantName, ns, session.STSSessionToken) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } } response = &models.CreateTenantResponse{} @@ -1556,7 +1559,7 @@ func setImageRegistry(ctx context.Context, req *models.ImageRegistry, clientset } // updateTenantAction does an update on the minioTenant by patching the desired changes -func updateTenantAction(ctx context.Context, operatorClient OperatorClientI, clientset v1.CoreV1Interface, httpCl cluster.HTTPClientI, namespace string, params admin_api.UpdateTenantParams) error { +func updateTenantAction(ctx context.Context, operatorClient OperatorClientI, clientset v1.CoreV1Interface, httpCl cluster.HTTPClientI, namespace string, params operator_api.UpdateTenantParams) error { imageToUpdate := params.Body.Image imageRegistryReq := params.Body.ImageRegistry @@ -1570,7 +1573,7 @@ func updateTenantAction(ctx context.Context, operatorClient OperatorClientI, cli } else { // update the image pull secret content if _, err := setImageRegistry(ctx, imageRegistryReq, clientset, namespace, params.Tenant); err != nil { - LogError("error setting image registry secret: %v", err) + restapi.LogError("error setting image registry secret: %v", err) return err } } @@ -1653,16 +1656,16 @@ func removeAnnotations(annotationsOne, annotationsTwo map[string]string) map[str return annotationsOne } -func getUpdateTenantResponse(session *models.Principal, params admin_api.UpdateTenantParams) *models.Error { +func getUpdateTenantResponse(session *models.Principal, params operator_api.UpdateTenantParams) *models.Error { ctx := context.Background() opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken) if err != nil { - return prepareError(err) + return restapi.PrepareError(err) } // get Kubernetes Client clientSet, err := cluster.K8sClient(session.STSSessionToken) if err != nil { - return prepareError(err) + return restapi.PrepareError(err) } opClient := &operatorClient{ client: opClientClientSet, @@ -1673,13 +1676,13 @@ func getUpdateTenantResponse(session *models.Principal, params admin_api.UpdateT }, } if err := updateTenantAction(ctx, opClient, clientSet.CoreV1(), httpC, params.Namespace, params); err != nil { - return prepareError(err, errors.New("unable to update tenant")) + return restapi.PrepareError(err, errors.New("unable to update tenant")) } return nil } // addTenantPool creates a pool to a defined tenant -func addTenantPool(ctx context.Context, operatorClient OperatorClientI, params admin_api.TenantAddPoolParams) error { +func addTenantPool(ctx context.Context, operatorClient OperatorClientI, params operator_api.TenantAddPoolParams) error { tenant, err := operatorClient.TenantGet(ctx, params.Namespace, params.Tenant, metav1.GetOptions{}) if err != nil { return err @@ -1703,34 +1706,34 @@ func addTenantPool(ctx context.Context, operatorClient OperatorClientI, params a return nil } -func getTenantAddPoolResponse(session *models.Principal, params admin_api.TenantAddPoolParams) *models.Error { +func getTenantAddPoolResponse(session *models.Principal, params operator_api.TenantAddPoolParams) *models.Error { ctx := context.Background() opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken) if err != nil { - return prepareError(err) + return restapi.PrepareError(err) } opClient := &operatorClient{ client: opClientClientSet, } if err := addTenantPool(ctx, opClient, params); err != nil { - return prepareError(err, errors.New("unable to add pool")) + return restapi.PrepareError(err, errors.New("unable to add pool")) } return nil } // getTenantUsageResponse returns the usage of a tenant -func getTenantUsageResponse(session *models.Principal, params admin_api.GetTenantUsageParams) (*models.TenantUsage, *models.Error) { +func getTenantUsageResponse(session *models.Principal, params operator_api.GetTenantUsageParams) (*models.TenantUsage, *models.Error) { // 5 seconds timeout ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second) defer cancel() opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken) if err != nil { - return nil, prepareError(err, errorUnableToGetTenantUsage) + return nil, restapi.PrepareError(err, errorUnableToGetTenantUsage) } clientSet, err := cluster.K8sClient(session.STSSessionToken) if err != nil { - return nil, prepareError(err, errorUnableToGetTenantUsage) + return nil, restapi.PrepareError(err, errorUnableToGetTenantUsage) } opClient := &operatorClient{ @@ -1742,7 +1745,7 @@ func getTenantUsageResponse(session *models.Principal, params admin_api.GetTenan minTenant, err := getTenant(ctx, opClient, params.Namespace, params.Tenant) if err != nil { - return nil, prepareError(err, errorUnableToGetTenantUsage) + return nil, restapi.PrepareError(err, errorUnableToGetTenantUsage) } minTenant.EnsureDefaults() @@ -1755,32 +1758,32 @@ func getTenantUsageResponse(session *models.Principal, params admin_api.GetTenan svcURL, ) if err != nil { - return nil, prepareError(err, errorUnableToGetTenantUsage) + return nil, restapi.PrepareError(err, errorUnableToGetTenantUsage) } // create a minioClient interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := restapi.AdminClient{Client: mAdmin} // serialize output - adminInfo, err := getAdminInfo(ctx, adminClient) + adminInfo, err := restapi.GetAdminInfo(ctx, adminClient) if err != nil { - return nil, prepareError(err, errorUnableToGetTenantUsage) + return nil, restapi.PrepareError(err, errorUnableToGetTenantUsage) } info := &models.TenantUsage{Used: adminInfo.Usage, DiskUsed: adminInfo.DisksUsage} return info, nil } -func getTenantPodsResponse(session *models.Principal, params admin_api.GetTenantPodsParams) ([]*models.TenantPod, *models.Error) { +func getTenantPodsResponse(session *models.Principal, params operator_api.GetTenantPodsParams) ([]*models.TenantPod, *models.Error) { ctx := context.Background() clientset, err := cluster.K8sClient(session.STSSessionToken) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } listOpts := metav1.ListOptions{ LabelSelector: fmt.Sprintf("%s=%s", miniov2.TenantLabel, params.Tenant), } pods, err := clientset.CoreV1().Pods(params.Namespace).List(ctx, listOpts) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } retval := []*models.TenantPod{} for _, pod := range pods.Items { @@ -1799,34 +1802,34 @@ func getTenantPodsResponse(session *models.Principal, params admin_api.GetTenant return retval, nil } -func getPodLogsResponse(session *models.Principal, params admin_api.GetPodLogsParams) (string, *models.Error) { +func getPodLogsResponse(session *models.Principal, params operator_api.GetPodLogsParams) (string, *models.Error) { ctx := context.Background() clientset, err := cluster.K8sClient(session.STSSessionToken) if err != nil { - return "", prepareError(err) + return "", restapi.PrepareError(err) } listOpts := &corev1.PodLogOptions{} logs := clientset.CoreV1().Pods(params.Namespace).GetLogs(params.PodName, listOpts) buff, err := logs.DoRaw(ctx) if err != nil { - return "", prepareError(err) + return "", restapi.PrepareError(err) } return string(buff), nil } -func getPodEventsResponse(session *models.Principal, params admin_api.GetPodEventsParams) (models.EventListWrapper, *models.Error) { +func getPodEventsResponse(session *models.Principal, params operator_api.GetPodEventsParams) (models.EventListWrapper, *models.Error) { ctx := context.Background() clientset, err := cluster.K8sClient(session.STSSessionToken) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } pod, err := clientset.CoreV1().Pods(params.Namespace).Get(ctx, params.PodName, metav1.GetOptions{}) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } events, err := clientset.CoreV1().Events(params.Namespace).List(ctx, metav1.ListOptions{FieldSelector: fmt.Sprintf("involvedObject.uid=%s", pod.UID)}) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } retval := models.EventListWrapper{} for i := 0; i < len(events.Items); i++ { @@ -2257,11 +2260,11 @@ func parseNodeSelectorTerm(term *corev1.NodeSelectorTerm) *models.NodeSelectorTe return &t } -func getTenantUpdatePoolResponse(session *models.Principal, params admin_api.TenantUpdatePoolsParams) (*models.Tenant, *models.Error) { +func getTenantUpdatePoolResponse(session *models.Principal, params operator_api.TenantUpdatePoolsParams) (*models.Tenant, *models.Error) { ctx := context.Background() opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } opClient := &operatorClient{ @@ -2270,8 +2273,8 @@ func getTenantUpdatePoolResponse(session *models.Principal, params admin_api.Ten t, err := updateTenantPools(ctx, opClient, params.Namespace, params.Tenant, params.Body.Pools) if err != nil { - LogError("error updating Tenant's pools: %v", err) - return nil, prepareError(err) + restapi.LogError("error updating Tenant's pools: %v", err) + return nil, restapi.PrepareError(err) } // parse it to models.Tenant @@ -2321,17 +2324,17 @@ func updateTenantPools( return tenantUpdated, nil } -func getTenantYAML(session *models.Principal, params admin_api.GetTenantYAMLParams) (*models.TenantYAML, *models.Error) { +func getTenantYAML(session *models.Principal, params operator_api.GetTenantYAMLParams) (*models.TenantYAML, *models.Error) { // get Kubernetes Client opClient, err := cluster.OperatorClient(session.STSSessionToken) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } tenant, err := opClient.MinioV2().Tenants(params.Namespace).Get(params.HTTPRequest.Context(), params.Tenant, metav1.GetOptions{}) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } // remove managed fields tenant.ManagedFields = []metav1.ManagedFieldsEntry{} @@ -2349,7 +2352,7 @@ func getTenantYAML(session *models.Principal, params admin_api.GetTenantYAMLPara err = serializer.Encode(tenant, buf) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } yb := buf.String() @@ -2357,7 +2360,7 @@ func getTenantYAML(session *models.Principal, params admin_api.GetTenantYAMLPara return &models.TenantYAML{Yaml: yb}, nil } -func getUpdateTenantYAML(session *models.Principal, params admin_api.PutTenantYAMLParams) *models.Error { +func getUpdateTenantYAML(session *models.Principal, params operator_api.PutTenantYAMLParams) *models.Error { // https://godoc.org/k8s.io/apimachinery/pkg/runtime#Scheme scheme := runtime.NewScheme() @@ -2375,12 +2378,12 @@ func getUpdateTenantYAML(session *models.Principal, params admin_api.PutTenantYA // get Kubernetes Client opClient, err := cluster.OperatorClient(session.STSSessionToken) if err != nil { - return prepareError(err) + return restapi.PrepareError(err) } tenant, err := opClient.MinioV2().Tenants(params.Namespace).Get(params.HTTPRequest.Context(), params.Tenant, metav1.GetOptions{}) if err != nil { - return prepareError(err) + return restapi.PrepareError(err) } upTenant := tenant.DeepCopy() // only update safe fields: spec, metadata.finalizers, metadata.labels and metadata.annotations diff --git a/restapi/admin_tenants_helper.go b/operatorapi/operator_tenants_helper.go similarity index 96% rename from restapi/admin_tenants_helper.go rename to operatorapi/operator_tenants_helper.go index a330ac658..cdf3051b0 100644 --- a/restapi/admin_tenants_helper.go +++ b/operatorapi/operator_tenants_helper.go @@ -14,7 +14,7 @@ // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . -package restapi +package operatorapi import ( "context" @@ -25,12 +25,15 @@ import ( "strconv" "time" + "github.com/minio/console/restapi" + + "github.com/minio/console/operatorapi/operations/operator_api" + "errors" "github.com/minio/console/cluster" "github.com/minio/console/models" "github.com/minio/console/pkg/kes" - "github.com/minio/console/restapi/operations/admin_api" miniov2 "github.com/minio/operator/pkg/apis/minio.min.io/v2" "gopkg.in/yaml.v2" corev1 "k8s.io/api/core/v1" @@ -39,7 +42,7 @@ import ( // tenantUpdateCertificates receives the keyPair certificates (public and private keys) for Minio and Console and will try // to replace the existing kubernetes secrets with the new values, then will restart the affected pods so the new volumes can be mounted -func tenantUpdateCertificates(ctx context.Context, operatorClient OperatorClientI, clientSet K8sClientI, namespace string, params admin_api.TenantUpdateCertificateParams) error { +func tenantUpdateCertificates(ctx context.Context, operatorClient OperatorClientI, clientSet K8sClientI, namespace string, params operator_api.TenantUpdateCertificateParams) error { tenantName := params.Tenant tenant, err := operatorClient.TenantGet(ctx, namespace, tenantName, metav1.GetOptions{}) if err != nil { @@ -82,31 +85,31 @@ func tenantUpdateCertificates(ctx context.Context, operatorClient OperatorClient } // getTenantUpdateCertificatesResponse wrapper of tenantUpdateCertificates -func getTenantUpdateCertificatesResponse(session *models.Principal, params admin_api.TenantUpdateCertificateParams) *models.Error { +func getTenantUpdateCertificatesResponse(session *models.Principal, params operator_api.TenantUpdateCertificateParams) *models.Error { ctx := context.Background() // get Kubernetes Client clientSet, err := cluster.K8sClient(session.STSSessionToken) if err != nil { - return prepareError(err, errorUnableToUpdateTenantCertificates) + return restapi.PrepareError(err, errorUnableToUpdateTenantCertificates) } k8sClient := k8sClient{ client: clientSet, } opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken) if err != nil { - return prepareError(err, errorUnableToUpdateTenantCertificates) + return restapi.PrepareError(err, errorUnableToUpdateTenantCertificates) } opClient := operatorClient{ client: opClientClientSet, } if err := tenantUpdateCertificates(ctx, &opClient, &k8sClient, params.Namespace, params); err != nil { - return prepareError(err, errorUnableToUpdateTenantCertificates) + return restapi.PrepareError(err, errorUnableToUpdateTenantCertificates) } return nil } // tenantUpdateEncryption allow user to update KES server certificates, KES client certificates (used by MinIO for mTLS) and KES configuration (KMS configuration, credentials, etc) -func tenantUpdateEncryption(ctx context.Context, operatorClient OperatorClientI, clientSet K8sClientI, namespace string, params admin_api.TenantUpdateEncryptionParams) error { +func tenantUpdateEncryption(ctx context.Context, operatorClient OperatorClientI, clientSet K8sClientI, namespace string, params operator_api.TenantUpdateEncryptionParams) error { tenantName := params.Tenant secretName := fmt.Sprintf("%s-secret", tenantName) tenant, err := operatorClient.TenantGet(ctx, namespace, tenantName, metav1.GetOptions{}) @@ -160,25 +163,25 @@ func tenantUpdateEncryption(ctx context.Context, operatorClient OperatorClientI, } // getTenantUpdateEncryptionResponse is a wrapper for tenantUpdateEncryption -func getTenantUpdateEncryptionResponse(session *models.Principal, params admin_api.TenantUpdateEncryptionParams) *models.Error { +func getTenantUpdateEncryptionResponse(session *models.Principal, params operator_api.TenantUpdateEncryptionParams) *models.Error { ctx := context.Background() // get Kubernetes Client clientSet, err := cluster.K8sClient(session.STSSessionToken) if err != nil { - return prepareError(err, errorUpdatingEncryptionConfig) + return restapi.PrepareError(err, errorUpdatingEncryptionConfig) } k8sClient := k8sClient{ client: clientSet, } opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken) if err != nil { - return prepareError(err, errorUpdatingEncryptionConfig) + return restapi.PrepareError(err, errorUpdatingEncryptionConfig) } opClient := operatorClient{ client: opClientClientSet, } if err := tenantUpdateEncryption(ctx, &opClient, &k8sClient, params.Namespace, params); err != nil { - return prepareError(err, errorUpdatingEncryptionConfig) + return restapi.PrepareError(err, errorUpdatingEncryptionConfig) } return nil } diff --git a/restapi/admin_tenants_helper_test.go b/operatorapi/operator_tenants_helper_test.go similarity index 97% rename from restapi/admin_tenants_helper_test.go rename to operatorapi/operator_tenants_helper_test.go index 341621e3f..77bd9d23c 100644 --- a/restapi/admin_tenants_helper_test.go +++ b/operatorapi/operator_tenants_helper_test.go @@ -14,7 +14,7 @@ // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . -package restapi +package operatorapi import ( "context" @@ -22,8 +22,9 @@ import ( "reflect" "testing" + "github.com/minio/console/operatorapi/operations/operator_api" + "github.com/minio/console/models" - "github.com/minio/console/restapi/operations/admin_api" miniov2 "github.com/minio/operator/pkg/apis/minio.min.io/v2" v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -57,7 +58,7 @@ func Test_tenantUpdateCertificates(t *testing.T) { opClient OperatorClientI clientSet K8sClientI namespace string - params admin_api.TenantUpdateCertificateParams + params operator_api.TenantUpdateCertificateParams mockTenantGet func(ctx context.Context, namespace string, tenantName string, options metav1.GetOptions) (*miniov2.Tenant, error) mockDeleteSecret func(ctx context.Context, namespace string, name string, opts metav1.DeleteOptions) error mockCreateSecret func(ctx context.Context, namespace string, secret *v1.Secret, opts metav1.CreateOptions) (*v1.Secret, error) @@ -75,7 +76,7 @@ func Test_tenantUpdateCertificates(t *testing.T) { opClient: opClient, clientSet: k8sClient, namespace: "", - params: admin_api.TenantUpdateCertificateParams{}, + params: operator_api.TenantUpdateCertificateParams{}, mockTenantGet: func(ctx context.Context, namespace string, tenantName string, options metav1.GetOptions) (*miniov2.Tenant, error) { return nil, errors.New("invalid tenant") }, @@ -89,7 +90,7 @@ func Test_tenantUpdateCertificates(t *testing.T) { opClient: opClient, clientSet: k8sClient, namespace: "", - params: admin_api.TenantUpdateCertificateParams{ + params: operator_api.TenantUpdateCertificateParams{ Body: &models.TLSConfiguration{ Minio: []*models.KeyPairConfiguration{ { @@ -123,7 +124,7 @@ func Test_tenantUpdateCertificates(t *testing.T) { opClient: opClient, clientSet: k8sClient, namespace: "", - params: admin_api.TenantUpdateCertificateParams{ + params: operator_api.TenantUpdateCertificateParams{ Body: &models.TLSConfiguration{ Minio: []*models.KeyPairConfiguration{ { @@ -157,7 +158,7 @@ func Test_tenantUpdateCertificates(t *testing.T) { opClient: opClient, clientSet: k8sClient, namespace: "", - params: admin_api.TenantUpdateCertificateParams{ + params: operator_api.TenantUpdateCertificateParams{ Body: &models.TLSConfiguration{ Minio: []*models.KeyPairConfiguration{ { @@ -194,7 +195,7 @@ func Test_tenantUpdateCertificates(t *testing.T) { opClient: opClient, clientSet: k8sClient, namespace: "", - params: admin_api.TenantUpdateCertificateParams{ + params: operator_api.TenantUpdateCertificateParams{ Body: &models.TLSConfiguration{ Minio: []*models.KeyPairConfiguration{ { @@ -234,7 +235,7 @@ func Test_tenantUpdateCertificates(t *testing.T) { opClient: opClient, clientSet: k8sClient, namespace: "", - params: admin_api.TenantUpdateCertificateParams{ + params: operator_api.TenantUpdateCertificateParams{ Body: &models.TLSConfiguration{ Console: &models.KeyPairConfiguration{}, }, @@ -260,7 +261,7 @@ func Test_tenantUpdateCertificates(t *testing.T) { opClient: opClient, clientSet: k8sClient, namespace: "", - params: admin_api.TenantUpdateCertificateParams{ + params: operator_api.TenantUpdateCertificateParams{ Body: &models.TLSConfiguration{ Console: &models.KeyPairConfiguration{ Crt: &crt, @@ -313,7 +314,7 @@ func Test_tenantUpdateEncryption(t *testing.T) { opClient OperatorClientI clientSet K8sClientI namespace string - params admin_api.TenantUpdateEncryptionParams + params operator_api.TenantUpdateEncryptionParams mockTenantGet func(ctx context.Context, namespace string, tenantName string, options metav1.GetOptions) (*miniov2.Tenant, error) mockDeleteSecret func(ctx context.Context, namespace string, name string, opts metav1.DeleteOptions) error mockCreateSecret func(ctx context.Context, namespace string, secret *v1.Secret, opts metav1.CreateOptions) (*v1.Secret, error) @@ -331,7 +332,7 @@ func Test_tenantUpdateEncryption(t *testing.T) { opClient: opClient, clientSet: k8sClient, namespace: "", - params: admin_api.TenantUpdateEncryptionParams{}, + params: operator_api.TenantUpdateEncryptionParams{}, mockTenantGet: func(ctx context.Context, namespace string, tenantName string, options metav1.GetOptions) (*miniov2.Tenant, error) { return nil, errors.New("invalid tenant") }, diff --git a/restapi/admin_tenants_test.go b/operatorapi/operator_tenants_test.go similarity index 97% rename from restapi/admin_tenants_test.go rename to operatorapi/operator_tenants_test.go index e3d49aabc..5accc8740 100644 --- a/restapi/admin_tenants_test.go +++ b/operatorapi/operator_tenants_test.go @@ -14,7 +14,7 @@ // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . -package restapi +package operatorapi import ( "bytes" @@ -28,10 +28,11 @@ import ( "testing" "time" + "github.com/minio/console/operatorapi/operations/operator_api" + "github.com/go-openapi/swag" "github.com/minio/console/cluster" "github.com/minio/console/models" - "github.com/minio/console/restapi/operations/admin_api" miniov2 "github.com/minio/operator/pkg/apis/minio.min.io/v2" corev1 "k8s.io/api/core/v1" k8sErrors "k8s.io/apimachinery/pkg/api/errors" @@ -700,7 +701,7 @@ func Test_TenantAddPool(t *testing.T) { nameSpace string mockTenantPatch func(ctx context.Context, namespace string, tenantName string, pt types.PatchType, data []byte, options metav1.PatchOptions) (*miniov2.Tenant, error) mockTenantGet func(ctx context.Context, namespace string, tenantName string, options metav1.GetOptions) (*miniov2.Tenant, error) - params admin_api.TenantAddPoolParams + params operator_api.TenantAddPoolParams } tests := []struct { name string @@ -719,7 +720,7 @@ func Test_TenantAddPool(t *testing.T) { mockTenantGet: func(ctx context.Context, namespace string, tenantName string, options metav1.GetOptions) (*miniov2.Tenant, error) { return &miniov2.Tenant{}, nil }, - params: admin_api.TenantAddPoolParams{ + params: operator_api.TenantAddPoolParams{ Body: &models.Pool{ Name: "pool-1", Servers: swag.Int64(int64(4)), @@ -744,7 +745,7 @@ func Test_TenantAddPool(t *testing.T) { mockTenantGet: func(ctx context.Context, namespace string, tenantName string, options metav1.GetOptions) (*miniov2.Tenant, error) { return &miniov2.Tenant{}, nil }, - params: admin_api.TenantAddPoolParams{ + params: operator_api.TenantAddPoolParams{ Body: &models.Pool{ Name: "pool-1", Servers: swag.Int64(int64(4)), @@ -770,7 +771,7 @@ func Test_TenantAddPool(t *testing.T) { mockTenantGet: func(ctx context.Context, namespace string, tenantName string, options metav1.GetOptions) (*miniov2.Tenant, error) { return &miniov2.Tenant{}, nil }, - params: admin_api.TenantAddPoolParams{ + params: operator_api.TenantAddPoolParams{ Body: &models.Pool{ Name: "pool-1", Servers: swag.Int64(int64(-1)), @@ -796,7 +797,7 @@ func Test_TenantAddPool(t *testing.T) { mockTenantGet: func(ctx context.Context, namespace string, tenantName string, options metav1.GetOptions) (*miniov2.Tenant, error) { return &miniov2.Tenant{}, nil }, - params: admin_api.TenantAddPoolParams{ + params: operator_api.TenantAddPoolParams{ Body: &models.Pool{ Name: "pool-1", Servers: swag.Int64(int64(4)), @@ -822,7 +823,7 @@ func Test_TenantAddPool(t *testing.T) { mockTenantGet: func(ctx context.Context, namespace string, tenantName string, options metav1.GetOptions) (*miniov2.Tenant, error) { return &miniov2.Tenant{}, nil }, - params: admin_api.TenantAddPoolParams{ + params: operator_api.TenantAddPoolParams{ Body: &models.Pool{ Name: "pool-1", Servers: swag.Int64(int64(4)), @@ -843,7 +844,7 @@ func Test_TenantAddPool(t *testing.T) { mockTenantGet: func(ctx context.Context, namespace string, tenantName string, options metav1.GetOptions) (*miniov2.Tenant, error) { return nil, errors.New("errors") }, - params: admin_api.TenantAddPoolParams{ + params: operator_api.TenantAddPoolParams{ Body: &models.Pool{ Name: "pool-1", Servers: swag.Int64(int64(4)), @@ -877,7 +878,7 @@ func Test_UpdateTenantAction(t *testing.T) { mockTenantPatch func(ctx context.Context, namespace string, tenantName string, pt types.PatchType, data []byte, options metav1.PatchOptions) (*miniov2.Tenant, error) mockTenantGet func(ctx context.Context, namespace string, tenantName string, options metav1.GetOptions) (*miniov2.Tenant, error) mockHTTPClientGet func(url string) (resp *http.Response, err error) - params admin_api.UpdateTenantParams + params operator_api.UpdateTenantParams } tests := []struct { name string @@ -902,7 +903,7 @@ func Test_UpdateTenantAction(t *testing.T) { mockHTTPClientGet: func(url string) (resp *http.Response, err error) { return &http.Response{}, nil }, - params: admin_api.UpdateTenantParams{ + params: operator_api.UpdateTenantParams{ Body: &models.UpdateTenantRequest{ Image: "minio/minio:RELEASE.2020-06-03T22-13-49Z", }, @@ -927,7 +928,7 @@ func Test_UpdateTenantAction(t *testing.T) { mockHTTPClientGet: func(url string) (resp *http.Response, err error) { return &http.Response{}, nil }, - params: admin_api.UpdateTenantParams{ + params: operator_api.UpdateTenantParams{ Body: &models.UpdateTenantRequest{ Image: "minio/minio:RELEASE.2020-06-03T22-13-49Z", }, @@ -952,7 +953,7 @@ func Test_UpdateTenantAction(t *testing.T) { mockHTTPClientGet: func(url string) (resp *http.Response, err error) { return &http.Response{}, nil }, - params: admin_api.UpdateTenantParams{ + params: operator_api.UpdateTenantParams{ Tenant: "minio-tenant", Body: &models.UpdateTenantRequest{ Image: "minio/minio:RELEASE.2020-06-03T22-13-49Z", @@ -981,7 +982,7 @@ func Test_UpdateTenantAction(t *testing.T) { Body: r, }, nil }, - params: admin_api.UpdateTenantParams{ + params: operator_api.UpdateTenantParams{ Tenant: "minio-tenant", Body: &models.UpdateTenantRequest{ Image: "", @@ -1007,7 +1008,7 @@ func Test_UpdateTenantAction(t *testing.T) { mockHTTPClientGet: func(url string) (resp *http.Response, err error) { return nil, errors.New("error") }, - params: admin_api.UpdateTenantParams{ + params: operator_api.UpdateTenantParams{ Tenant: "minio-tenant", Body: &models.UpdateTenantRequest{ Image: "", @@ -1033,7 +1034,7 @@ func Test_UpdateTenantAction(t *testing.T) { mockHTTPClientGet: func(url string) (resp *http.Response, err error) { return nil, errors.New("use default minio") }, - params: admin_api.UpdateTenantParams{ + params: operator_api.UpdateTenantParams{ Body: &models.UpdateTenantRequest{ ConsoleImage: "minio/console:v0.7.5", }, @@ -1058,7 +1059,7 @@ func Test_UpdateTenantAction(t *testing.T) { mockHTTPClientGet: func(url string) (resp *http.Response, err error) { return nil, errors.New("use default minio") }, - params: admin_api.UpdateTenantParams{ + params: operator_api.UpdateTenantParams{ Body: &models.UpdateTenantRequest{ ImagePullSecret: "minio-regcred", }, diff --git a/restapi/admin_volumes.go b/operatorapi/operator_volumes.go similarity index 77% rename from restapi/admin_volumes.go rename to operatorapi/operator_volumes.go index 3e26dcdb0..657c4661e 100644 --- a/restapi/admin_volumes.go +++ b/operatorapi/operator_volumes.go @@ -14,7 +14,7 @@ // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . -package restapi +package operatorapi import ( "context" @@ -24,20 +24,21 @@ import ( "github.com/go-openapi/runtime/middleware" "github.com/minio/console/cluster" "github.com/minio/console/models" - "github.com/minio/console/restapi/operations" - "github.com/minio/console/restapi/operations/admin_api" + "github.com/minio/console/operatorapi/operations" + "github.com/minio/console/operatorapi/operations/operator_api" + "github.com/minio/console/restapi" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) -func registerVolumesHandlers(api *operations.ConsoleAPI) { - api.AdminAPIListPVCsHandler = admin_api.ListPVCsHandlerFunc(func(params admin_api.ListPVCsParams, session *models.Principal) middleware.Responder { +func registerVolumesHandlers(api *operations.OperatorAPI) { + api.OperatorAPIListPVCsHandler = operator_api.ListPVCsHandlerFunc(func(params operator_api.ListPVCsParams, session *models.Principal) middleware.Responder { payload, err := getPVCsResponse(session) if err != nil { - return admin_api.NewListPVCsDefault(int(err.Code)).WithPayload(err) + return operator_api.NewListPVCsDefault(int(err.Code)).WithPayload(err) } - return admin_api.NewListPVCsOK().WithPayload(payload) + return operator_api.NewListPVCsOK().WithPayload(payload) }) } @@ -46,7 +47,7 @@ func getPVCsResponse(session *models.Principal) (*models.ListPVCsResponse, *mode clientset, err := cluster.K8sClient(session.STSSessionToken) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } // Filter Tenant PVCs. They keep their v1 tenant annotation @@ -58,7 +59,7 @@ func getPVCsResponse(session *models.Principal) (*models.ListPVCsResponse, *mode listAllPvcs, err2 := clientset.CoreV1().PersistentVolumeClaims("").List(ctx, listOpts) if err2 != nil { - return nil, prepareError(err2) + return nil, restapi.PrepareError(err2) } var ListPVCs []*models.PvcsListResponse diff --git a/restapi/resource_quota.go b/operatorapi/resource_quota.go similarity index 81% rename from restapi/resource_quota.go rename to operatorapi/resource_quota.go index f0f799a2f..a74343b18 100644 --- a/restapi/resource_quota.go +++ b/operatorapi/resource_quota.go @@ -14,31 +14,33 @@ // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . -package restapi +package operatorapi import ( "context" "fmt" + "github.com/minio/console/restapi" + "k8s.io/apimachinery/pkg/api/errors" "github.com/minio/console/cluster" "github.com/go-openapi/runtime/middleware" "github.com/minio/console/models" - "github.com/minio/console/restapi/operations" - "github.com/minio/console/restapi/operations/admin_api" + "github.com/minio/console/operatorapi/operations" + "github.com/minio/console/operatorapi/operations/operator_api" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) -func registerResourceQuotaHandlers(api *operations.ConsoleAPI) { +func registerResourceQuotaHandlers(api *operations.OperatorAPI) { // Get Resource Quota - api.AdminAPIGetResourceQuotaHandler = admin_api.GetResourceQuotaHandlerFunc(func(params admin_api.GetResourceQuotaParams, session *models.Principal) middleware.Responder { + api.OperatorAPIGetResourceQuotaHandler = operator_api.GetResourceQuotaHandlerFunc(func(params operator_api.GetResourceQuotaParams, session *models.Principal) middleware.Responder { resp, err := getResourceQuotaResponse(session, params) if err != nil { - return admin_api.NewGetResourceQuotaDefault(int(err.Code)).WithPayload(err) + return operator_api.NewGetResourceQuotaDefault(int(err.Code)).WithPayload(err) } - return admin_api.NewGetResourceQuotaOK().WithPayload(resp) + return operator_api.NewGetResourceQuotaOK().WithPayload(resp) }) } @@ -93,18 +95,18 @@ func getResourceQuota(ctx context.Context, client K8sClientI, namespace, resourc return &rq, nil } -func getResourceQuotaResponse(session *models.Principal, params admin_api.GetResourceQuotaParams) (*models.ResourceQuota, *models.Error) { +func getResourceQuotaResponse(session *models.Principal, params operator_api.GetResourceQuotaParams) (*models.ResourceQuota, *models.Error) { ctx := context.Background() client, err := cluster.K8sClient(session.STSSessionToken) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } k8sClient := &k8sClient{ client: client, } resourceQuota, err := getResourceQuota(ctx, k8sClient, params.Namespace, params.ResourceQuotaName) if err != nil { - return nil, prepareError(err) + return nil, restapi.PrepareError(err) } return resourceQuota, nil } diff --git a/restapi/resource_quota_test.go b/operatorapi/resource_quota_test.go similarity index 99% rename from restapi/resource_quota_test.go rename to operatorapi/resource_quota_test.go index 8798fd473..a3429d7aa 100644 --- a/restapi/resource_quota_test.go +++ b/operatorapi/resource_quota_test.go @@ -1,4 +1,4 @@ -package restapi +package operatorapi import ( "context" diff --git a/operatorapi/server.go b/operatorapi/server.go new file mode 100644 index 000000000..1a4c9a4ce --- /dev/null +++ b/operatorapi/server.go @@ -0,0 +1,528 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2021 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package operatorapi + +import ( + "context" + "crypto/tls" + "crypto/x509" + "errors" + "fmt" + "io/ioutil" + "log" + "net" + "net/http" + "os" + "os/signal" + "strconv" + "sync" + "sync/atomic" + "syscall" + "time" + + "github.com/go-openapi/runtime/flagext" + "github.com/go-openapi/swag" + flags "github.com/jessevdk/go-flags" + "golang.org/x/net/netutil" + + "github.com/minio/console/operatorapi/operations" +) + +const ( + schemeHTTP = "http" + schemeHTTPS = "https" + schemeUnix = "unix" +) + +var defaultSchemes []string + +func init() { + defaultSchemes = []string{ + schemeHTTP, + } +} + +// NewServer creates a new api operator server but does not configure it +func NewServer(api *operations.OperatorAPI) *Server { + s := new(Server) + + s.shutdown = make(chan struct{}) + s.api = api + s.interrupt = make(chan os.Signal, 1) + return s +} + +// ConfigureAPI configures the API and handlers. +func (s *Server) ConfigureAPI() { + if s.api != nil { + s.handler = configureAPI(s.api) + } +} + +// ConfigureFlags configures the additional flags defined by the handlers. Needs to be called before the parser.Parse +func (s *Server) ConfigureFlags() { + if s.api != nil { + configureFlags(s.api) + } +} + +// Server for the operator API +type Server struct { + EnabledListeners []string `long:"scheme" description:"the listeners to enable, this can be repeated and defaults to the schemes in the swagger spec"` + CleanupTimeout time.Duration `long:"cleanup-timeout" description:"grace period for which to wait before killing idle connections" default:"10s"` + GracefulTimeout time.Duration `long:"graceful-timeout" description:"grace period for which to wait before shutting down the server" default:"15s"` + MaxHeaderSize flagext.ByteSize `long:"max-header-size" description:"controls the maximum number of bytes the server will read parsing the request header's keys and values, including the request line. It does not limit the size of the request body." default:"1MiB"` + + SocketPath flags.Filename `long:"socket-path" description:"the unix socket to listen on" default:"/var/run/operator.sock"` + domainSocketL net.Listener + + Host string `long:"host" description:"the IP to listen on" default:"localhost" env:"HOST"` + Port int `long:"port" description:"the port to listen on for insecure connections, defaults to a random value" env:"PORT"` + ListenLimit int `long:"listen-limit" description:"limit the number of outstanding requests"` + KeepAlive time.Duration `long:"keep-alive" description:"sets the TCP keep-alive timeouts on accepted connections. It prunes dead TCP connections ( e.g. closing laptop mid-download)" default:"3m"` + ReadTimeout time.Duration `long:"read-timeout" description:"maximum duration before timing out read of the request" default:"30s"` + WriteTimeout time.Duration `long:"write-timeout" description:"maximum duration before timing out write of the response" default:"60s"` + httpServerL net.Listener + + TLSHost string `long:"tls-host" description:"the IP to listen on for tls, when not specified it's the same as --host" env:"TLS_HOST"` + TLSPort int `long:"tls-port" description:"the port to listen on for secure connections, defaults to a random value" env:"TLS_PORT"` + TLSCertificate flags.Filename `long:"tls-certificate" description:"the certificate to use for secure connections" env:"TLS_CERTIFICATE"` + TLSCertificateKey flags.Filename `long:"tls-key" description:"the private key to use for secure connections" env:"TLS_PRIVATE_KEY"` + TLSCACertificate flags.Filename `long:"tls-ca" description:"the certificate authority file to be used with mutual tls auth" env:"TLS_CA_CERTIFICATE"` + TLSListenLimit int `long:"tls-listen-limit" description:"limit the number of outstanding requests"` + TLSKeepAlive time.Duration `long:"tls-keep-alive" description:"sets the TCP keep-alive timeouts on accepted connections. It prunes dead TCP connections ( e.g. closing laptop mid-download)"` + TLSReadTimeout time.Duration `long:"tls-read-timeout" description:"maximum duration before timing out read of the request"` + TLSWriteTimeout time.Duration `long:"tls-write-timeout" description:"maximum duration before timing out write of the response"` + httpsServerL net.Listener + + api *operations.OperatorAPI + handler http.Handler + hasListeners bool + shutdown chan struct{} + shuttingDown int32 + interrupted bool + interrupt chan os.Signal +} + +// Logf logs message either via defined user logger or via system one if no user logger is defined. +func (s *Server) Logf(f string, args ...interface{}) { + if s.api != nil && s.api.Logger != nil { + s.api.Logger(f, args...) + } else { + log.Printf(f, args...) + } +} + +// Fatalf logs message either via defined user logger or via system one if no user logger is defined. +// Exits with non-zero status after printing +func (s *Server) Fatalf(f string, args ...interface{}) { + if s.api != nil && s.api.Logger != nil { + s.api.Logger(f, args...) + os.Exit(1) + } else { + log.Fatalf(f, args...) + } +} + +// SetAPI configures the server with the specified API. Needs to be called before Serve +func (s *Server) SetAPI(api *operations.OperatorAPI) { + if api == nil { + s.api = nil + s.handler = nil + return + } + + s.api = api + s.handler = configureAPI(api) +} + +func (s *Server) hasScheme(scheme string) bool { + schemes := s.EnabledListeners + if len(schemes) == 0 { + schemes = defaultSchemes + } + + for _, v := range schemes { + if v == scheme { + return true + } + } + return false +} + +// Serve the api +func (s *Server) Serve() (err error) { + if !s.hasListeners { + if err = s.Listen(); err != nil { + return err + } + } + + // set default handler, if none is set + if s.handler == nil { + if s.api == nil { + return errors.New("can't create the default handler, as no api is set") + } + + s.SetHandler(s.api.Serve(nil)) + } + + wg := new(sync.WaitGroup) + once := new(sync.Once) + signalNotify(s.interrupt) + go handleInterrupt(once, s) + + servers := []*http.Server{} + + if s.hasScheme(schemeUnix) { + domainSocket := new(http.Server) + domainSocket.MaxHeaderBytes = int(s.MaxHeaderSize) + domainSocket.Handler = s.handler + if int64(s.CleanupTimeout) > 0 { + domainSocket.IdleTimeout = s.CleanupTimeout + } + + configureServer(domainSocket, "unix", string(s.SocketPath)) + + servers = append(servers, domainSocket) + wg.Add(1) + s.Logf("Serving operator at unix://%s", s.SocketPath) + go func(l net.Listener) { + defer wg.Done() + if err := domainSocket.Serve(l); err != nil && err != http.ErrServerClosed { + s.Fatalf("%v", err) + } + s.Logf("Stopped serving operator at unix://%s", s.SocketPath) + }(s.domainSocketL) + } + + if s.hasScheme(schemeHTTP) { + httpServer := new(http.Server) + httpServer.MaxHeaderBytes = int(s.MaxHeaderSize) + httpServer.ReadTimeout = s.ReadTimeout + httpServer.WriteTimeout = s.WriteTimeout + httpServer.SetKeepAlivesEnabled(int64(s.KeepAlive) > 0) + if s.ListenLimit > 0 { + s.httpServerL = netutil.LimitListener(s.httpServerL, s.ListenLimit) + } + + if int64(s.CleanupTimeout) > 0 { + httpServer.IdleTimeout = s.CleanupTimeout + } + + httpServer.Handler = s.handler + + configureServer(httpServer, "http", s.httpServerL.Addr().String()) + + servers = append(servers, httpServer) + wg.Add(1) + s.Logf("Serving operator at http://%s", s.httpServerL.Addr()) + go func(l net.Listener) { + defer wg.Done() + if err := httpServer.Serve(l); err != nil && err != http.ErrServerClosed { + s.Fatalf("%v", err) + } + s.Logf("Stopped serving operator at http://%s", l.Addr()) + }(s.httpServerL) + } + + if s.hasScheme(schemeHTTPS) { + httpsServer := new(http.Server) + httpsServer.MaxHeaderBytes = int(s.MaxHeaderSize) + httpsServer.ReadTimeout = s.TLSReadTimeout + httpsServer.WriteTimeout = s.TLSWriteTimeout + httpsServer.SetKeepAlivesEnabled(int64(s.TLSKeepAlive) > 0) + if s.TLSListenLimit > 0 { + s.httpsServerL = netutil.LimitListener(s.httpsServerL, s.TLSListenLimit) + } + if int64(s.CleanupTimeout) > 0 { + httpsServer.IdleTimeout = s.CleanupTimeout + } + httpsServer.Handler = s.handler + + // Inspired by https://blog.bracebin.com/achieving-perfect-ssl-labs-score-with-go + httpsServer.TLSConfig = &tls.Config{ + // Causes servers to use Go's default ciphersuite preferences, + // which are tuned to avoid attacks. Does nothing on clients. + PreferServerCipherSuites: true, + // Only use curves which have assembly implementations + // https://github.com/golang/go/tree/master/src/crypto/elliptic + CurvePreferences: []tls.CurveID{tls.CurveP256}, + // Use modern tls mode https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility + NextProtos: []string{"h2", "http/1.1"}, + // https://www.owasp.org/index.php/Transport_Layer_Protection_Cheat_Sheet#Rule_-_Only_Support_Strong_Protocols + MinVersion: tls.VersionTLS12, + // These ciphersuites support Forward Secrecy: https://en.wikipedia.org/wiki/Forward_secrecy + CipherSuites: []uint16{ + tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, + tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, + tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, + tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, + tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, + tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, + }, + } + + // build standard config from server options + if s.TLSCertificate != "" && s.TLSCertificateKey != "" { + httpsServer.TLSConfig.Certificates = make([]tls.Certificate, 1) + httpsServer.TLSConfig.Certificates[0], err = tls.LoadX509KeyPair(string(s.TLSCertificate), string(s.TLSCertificateKey)) + if err != nil { + return err + } + } + + if s.TLSCACertificate != "" { + // include specified CA certificate + caCert, caCertErr := ioutil.ReadFile(string(s.TLSCACertificate)) + if caCertErr != nil { + return caCertErr + } + caCertPool := x509.NewCertPool() + ok := caCertPool.AppendCertsFromPEM(caCert) + if !ok { + return fmt.Errorf("cannot parse CA certificate") + } + httpsServer.TLSConfig.ClientCAs = caCertPool + httpsServer.TLSConfig.ClientAuth = tls.RequireAndVerifyClientCert + } + + // call custom TLS configurator + configureTLS(httpsServer.TLSConfig) + + if len(httpsServer.TLSConfig.Certificates) == 0 && httpsServer.TLSConfig.GetCertificate == nil { + // after standard and custom config are passed, this ends up with no certificate + if s.TLSCertificate == "" { + if s.TLSCertificateKey == "" { + s.Fatalf("the required flags `--tls-certificate` and `--tls-key` were not specified") + } + s.Fatalf("the required flag `--tls-certificate` was not specified") + } + if s.TLSCertificateKey == "" { + s.Fatalf("the required flag `--tls-key` was not specified") + } + // this happens with a wrong custom TLS configurator + s.Fatalf("no certificate was configured for TLS") + } + + // must have at least one certificate or panics + httpsServer.TLSConfig.BuildNameToCertificate() + + configureServer(httpsServer, "https", s.httpsServerL.Addr().String()) + + servers = append(servers, httpsServer) + wg.Add(1) + s.Logf("Serving operator at https://%s", s.httpsServerL.Addr()) + go func(l net.Listener) { + defer wg.Done() + if err := httpsServer.Serve(l); err != nil && err != http.ErrServerClosed { + s.Fatalf("%v", err) + } + s.Logf("Stopped serving operator at https://%s", l.Addr()) + }(tls.NewListener(s.httpsServerL, httpsServer.TLSConfig)) + } + + wg.Add(1) + go s.handleShutdown(wg, &servers) + + wg.Wait() + return nil +} + +// Listen creates the listeners for the server +func (s *Server) Listen() error { + if s.hasListeners { // already done this + return nil + } + + if s.hasScheme(schemeHTTPS) { + // Use http host if https host wasn't defined + if s.TLSHost == "" { + s.TLSHost = s.Host + } + // Use http listen limit if https listen limit wasn't defined + if s.TLSListenLimit == 0 { + s.TLSListenLimit = s.ListenLimit + } + // Use http tcp keep alive if https tcp keep alive wasn't defined + if int64(s.TLSKeepAlive) == 0 { + s.TLSKeepAlive = s.KeepAlive + } + // Use http read timeout if https read timeout wasn't defined + if int64(s.TLSReadTimeout) == 0 { + s.TLSReadTimeout = s.ReadTimeout + } + // Use http write timeout if https write timeout wasn't defined + if int64(s.TLSWriteTimeout) == 0 { + s.TLSWriteTimeout = s.WriteTimeout + } + } + + if s.hasScheme(schemeUnix) { + domSockListener, err := net.Listen("unix", string(s.SocketPath)) + if err != nil { + return err + } + s.domainSocketL = domSockListener + } + + if s.hasScheme(schemeHTTP) { + listener, err := net.Listen("tcp", net.JoinHostPort(s.Host, strconv.Itoa(s.Port))) + if err != nil { + return err + } + + h, p, err := swag.SplitHostPort(listener.Addr().String()) + if err != nil { + return err + } + s.Host = h + s.Port = p + s.httpServerL = listener + } + + if s.hasScheme(schemeHTTPS) { + tlsListener, err := net.Listen("tcp", net.JoinHostPort(s.TLSHost, strconv.Itoa(s.TLSPort))) + if err != nil { + return err + } + + sh, sp, err := swag.SplitHostPort(tlsListener.Addr().String()) + if err != nil { + return err + } + s.TLSHost = sh + s.TLSPort = sp + s.httpsServerL = tlsListener + } + + s.hasListeners = true + return nil +} + +// Shutdown server and clean up resources +func (s *Server) Shutdown() error { + if atomic.CompareAndSwapInt32(&s.shuttingDown, 0, 1) { + close(s.shutdown) + } + return nil +} + +func (s *Server) handleShutdown(wg *sync.WaitGroup, serversPtr *[]*http.Server) { + // wg.Done must occur last, after s.api.ServerShutdown() + // (to preserve old behaviour) + defer wg.Done() + + <-s.shutdown + + servers := *serversPtr + + ctx, cancel := context.WithTimeout(context.TODO(), s.GracefulTimeout) + defer cancel() + + // first execute the pre-shutdown hook + s.api.PreServerShutdown() + + shutdownChan := make(chan bool) + for i := range servers { + server := servers[i] + go func() { + var success bool + defer func() { + shutdownChan <- success + }() + if err := server.Shutdown(ctx); err != nil { + // Error from closing listeners, or context timeout: + s.Logf("HTTP server Shutdown: %v", err) + } else { + success = true + } + }() + } + + // Wait until all listeners have successfully shut down before calling ServerShutdown + success := true + for range servers { + success = success && <-shutdownChan + } + if success { + s.api.ServerShutdown() + } +} + +// GetHandler returns a handler useful for testing +func (s *Server) GetHandler() http.Handler { + return s.handler +} + +// SetHandler allows for setting a http handler on this server +func (s *Server) SetHandler(handler http.Handler) { + s.handler = handler +} + +// UnixListener returns the domain socket listener +func (s *Server) UnixListener() (net.Listener, error) { + if !s.hasListeners { + if err := s.Listen(); err != nil { + return nil, err + } + } + return s.domainSocketL, nil +} + +// HTTPListener returns the http listener +func (s *Server) HTTPListener() (net.Listener, error) { + if !s.hasListeners { + if err := s.Listen(); err != nil { + return nil, err + } + } + return s.httpServerL, nil +} + +// TLSListener returns the https listener +func (s *Server) TLSListener() (net.Listener, error) { + if !s.hasListeners { + if err := s.Listen(); err != nil { + return nil, err + } + } + return s.httpsServerL, nil +} + +func handleInterrupt(once *sync.Once, s *Server) { + once.Do(func() { + for range s.interrupt { + if s.interrupted { + s.Logf("Server already shutting down") + continue + } + s.interrupted = true + s.Logf("Shutting down... ") + if err := s.Shutdown(); err != nil { + s.Logf("HTTP server Shutdown: %v", err) + } + } + }) +} + +func signalNotify(interrupt chan<- os.Signal) { + signal.Notify(interrupt, syscall.SIGINT, syscall.SIGTERM) +} diff --git a/portal-ui/src/common/utils.ts b/portal-ui/src/common/utils.ts index 0edd738cf..ad7b16922 100644 --- a/portal-ui/src/common/utils.ts +++ b/portal-ui/src/common/utils.ts @@ -38,11 +38,11 @@ export const k8sCalcUnits = ["B", ...k8sUnits]; export const niceBytes = (x: string, showK8sUnits: boolean = false) => { let n = parseInt(x, 10) || 0; - return niceBytesInt(n, showK8sUnits) + return niceBytesInt(n, showK8sUnits); }; export const niceBytesInt = (n: number, showK8sUnits: boolean = false) => { - let l = 0 + let l = 0; while (n >= 1024 && ++l) { n = n / 1024; @@ -51,9 +51,9 @@ export const niceBytesInt = (n: number, showK8sUnits: boolean = false) => { //less than ten of KB or greater units const k8sUnitsN = ["B", ...k8sUnits]; return ( - n.toFixed(n < 10 && l > 0 ? 1 : 0) + - " " + - (showK8sUnits ? k8sUnitsN[l] : units[l]) + n.toFixed(n < 10 && l > 0 ? 1 : 0) + + " " + + (showK8sUnits ? k8sUnitsN[l] : units[l]) ); }; @@ -430,11 +430,10 @@ export const generatePoolName = (pools: IPool[]) => { export const niceDays = (secondsValue: string, timeVariant: string = "s") => { let seconds = parseFloat(secondsValue); - return niceDaysInt(seconds, timeVariant) + return niceDaysInt(seconds, timeVariant); }; export const niceDaysInt = (seconds: number, timeVariant: string = "s") => { - switch (timeVariant) { case "ns": seconds = Math.floor(seconds * 0.000000001); @@ -463,7 +462,7 @@ export const niceDaysInt = (seconds: number, timeVariant: string = "s") => { const diffDays = days - months * 30; return `${months} month${Math.floor(months) === 1 ? "" : "s"} ${ - diffDays > 0 ? `${diffDays} day${diffDays > 1 ? "s" : ""}` : "" + diffDays > 0 ? `${diffDays} day${diffDays > 1 ? "s" : ""}` : "" }`; } @@ -478,13 +477,13 @@ export const niceDaysInt = (seconds: number, timeVariant: string = "s") => { } return `${hours >= 1 ? `${hours} hour${hours > 1 ? "s" : ""}` : ""} ${ - minutes >= 1 && hours === 0 - ? `${minutes} minute${minutes > 1 ? "s" : ""}` - : "" + minutes >= 1 && hours === 0 + ? `${minutes} minute${minutes > 1 ? "s" : ""}` + : "" } ${ - seconds >= 1 && minutes === 0 && hours === 0 - ? `${seconds} second${seconds > 1 ? "s" : ""}` - : "" + seconds >= 1 && minutes === 0 && hours === 0 + ? `${seconds} second${seconds > 1 ? "s" : ""}` + : "" }`; }; diff --git a/restapi/admin_arns.go b/restapi/admin_arns.go index 1a53beeb7..3e707cacb 100644 --- a/restapi/admin_arns.go +++ b/restapi/admin_arns.go @@ -52,20 +52,20 @@ func getArns(ctx context.Context, client MinioAdmin) (*models.ArnsResponse, erro // getArnsResponse returns a list of active arns in the instance func getArnsResponse(session *models.Principal) (*models.ArnsResponse, *models.Error) { - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a minioClient interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} // 20 seconds timeout ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second) defer cancel() // serialize output arnsList, err := getArns(ctx, adminClient) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } return arnsList, nil } diff --git a/restapi/admin_config.go b/restapi/admin_config.go index 615b85035..32d3e474d 100644 --- a/restapi/admin_config.go +++ b/restapi/admin_config.go @@ -77,17 +77,17 @@ func listConfig(client MinioAdmin) ([]*models.ConfigDescription, error) { // getListConfigResponse performs listConfig() and serializes it to the handler's output func getListConfigResponse(session *models.Principal) (*models.ListConfigResponse, *models.Error) { - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a MinIO Admin Client interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} configDescs, err := listConfig(adminClient) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } listGroupsResponse := &models.ListConfigResponse{ Configurations: configDescs, @@ -125,17 +125,17 @@ func getConfig(ctx context.Context, client MinioAdmin, name string) ([]*models.C // getConfigResponse performs getConfig() and serializes it to the handler's output func getConfigResponse(session *models.Principal, params admin_api.ConfigInfoParams) (*models.Configuration, *models.Error) { ctx := context.Background() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a MinIO Admin Client interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} configkv, err := getConfig(ctx, adminClient, params.Name) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } configurationObj := &models.Configuration{ Name: params.Name, @@ -177,20 +177,20 @@ func buildConfig(configName *string, kvs []*models.ConfigurationKV) *string { // setConfigResponse implements setConfig() to be used by handler func setConfigResponse(session *models.Principal, name string, configRequest *models.SetConfigRequest) (*models.SetConfigResponse, *models.Error) { - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a MinIO Admin Client interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} configName := name ctx := context.Background() needsRestart, err := setConfigWithARNAccountID(ctx, adminClient, &configName, configRequest.KeyValues, configRequest.ArnResourceID) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } return &models.SetConfigResponse{Restart: needsRestart}, nil } diff --git a/restapi/admin_groups.go b/restapi/admin_groups.go index 9ba719c69..803f0e2c8 100644 --- a/restapi/admin_groups.go +++ b/restapi/admin_groups.go @@ -73,17 +73,17 @@ func registerGroupsHandlers(api *operations.ConsoleAPI) { // getListGroupsResponse performs listGroups() and serializes it to the handler's output func getListGroupsResponse(session *models.Principal) (*models.ListGroupsResponse, *models.Error) { ctx := context.Background() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a MinIO Admin Client interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} groups, err := adminClient.listGroups(ctx) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // serialize output @@ -107,17 +107,17 @@ func groupInfo(ctx context.Context, client MinioAdmin, group string) (*madmin.Gr // getGroupInfoResponse performs groupInfo() and serializes it to the handler's output func getGroupInfoResponse(session *models.Principal, params admin_api.GroupInfoParams) (*models.Group, *models.Error) { ctx := context.Background() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a MinIO Admin Client interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} groupDesc, err := groupInfo(ctx, adminClient, params.Name) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } groupResponse := &models.Group{ @@ -148,19 +148,19 @@ func getAddGroupResponse(session *models.Principal, params *models.AddGroupReque ctx := context.Background() // AddGroup request needed to proceed if params == nil { - return prepareError(errGroupBodyNotInRequest) + return PrepareError(errGroupBodyNotInRequest) } - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return prepareError(err) + return PrepareError(err) } // create a MinIO Admin Client interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} if err := addGroup(ctx, adminClient, *params.Group, params.Members); err != nil { - return prepareError(err) + return PrepareError(err) } return nil } @@ -184,18 +184,18 @@ func getRemoveGroupResponse(session *models.Principal, params admin_api.RemoveGr ctx := context.Background() if params.Name == "" { - return prepareError(errGroupNameNotInRequest) + return PrepareError(errGroupNameNotInRequest) } - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return prepareError(err) + return PrepareError(err) } // createad a MinIO Admin Client interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} if err := removeGroup(ctx, adminClient, params.Name); err != nil { - return prepareError(err) + return PrepareError(err) } return nil } @@ -257,26 +257,26 @@ func setGroupStatus(ctx context.Context, client MinioAdmin, group, status string func getUpdateGroupResponse(session *models.Principal, params admin_api.UpdateGroupParams) (*models.Group, *models.Error) { ctx := context.Background() if params.Name == "" { - return nil, prepareError(errGroupNameNotInRequest) + return nil, PrepareError(errGroupNameNotInRequest) } if params.Body == nil { - return nil, prepareError(errGroupBodyNotInRequest) + return nil, PrepareError(errGroupBodyNotInRequest) } expectedGroupUpdate := params.Body groupName := params.Name - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a MinIO Admin Client interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} groupUpdated, err := groupUpdate(ctx, adminClient, groupName, expectedGroupUpdate) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } groupResponse := &models.Group{ Name: groupUpdated.Name, diff --git a/restapi/admin_info.go b/restapi/admin_info.go index 4b735071a..ab036cb9f 100644 --- a/restapi/admin_info.go +++ b/restapi/admin_info.go @@ -57,15 +57,15 @@ func registerAdminInfoHandlers(api *operations.ConsoleAPI) { } -type usageInfo struct { +type UsageInfo struct { Buckets int64 Objects int64 Usage int64 DisksUsage int64 } -// getAdminInfo invokes admin info and returns a parsed `usageInfo` structure -func getAdminInfo(ctx context.Context, client MinioAdmin) (*usageInfo, error) { +// GetAdminInfo invokes admin info and returns a parsed `UsageInfo` structure +func GetAdminInfo(ctx context.Context, client MinioAdmin) (*UsageInfo, error) { serverInfo, err := client.serverInfo(ctx) if err != nil { return nil, err @@ -80,7 +80,7 @@ func getAdminInfo(ctx context.Context, client MinioAdmin) (*usageInfo, error) { } } - return &usageInfo{ + return &UsageInfo{ Buckets: int64(serverInfo.Buckets.Count), Objects: int64(serverInfo.Objects.Count), Usage: int64(serverInfo.Usage.Size), @@ -790,9 +790,9 @@ type LabelResults struct { // getAdminInfoResponse returns the response containing total buckets, objects and usage. func getAdminInfoResponse(session *models.Principal) (*models.AdminInfoResponse, *models.Error) { prometheusURL := getPrometheusURL() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } sessionResp, err2 := getUsageWidgetsForDeployment(prometheusURL, mAdmin) @@ -807,14 +807,14 @@ func getUsageWidgetsForDeployment(prometheusURL string, mAdmin *madmin.AdminClie if prometheusURL == "" { // create a minioClient interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} // 20 seconds timeout ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second) defer cancel() // serialize output - usage, err := getAdminInfo(ctx, adminClient) + usage, err := GetAdminInfo(ctx, adminClient) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } sessionResp := &models.AdminInfoResponse{ Buckets: usage.Buckets, diff --git a/restapi/admin_info_test.go b/restapi/admin_info_test.go index 94e352410..1bb99aeb9 100644 --- a/restapi/admin_info_test.go +++ b/restapi/admin_info_test.go @@ -37,7 +37,7 @@ func TestAdminInfo(t *testing.T) { }, nil } ctx := context.Background() - serverInfo, err := getAdminInfo(ctx, adminClient) + serverInfo, err := GetAdminInfo(ctx, adminClient) assert.NotNil(serverInfo, "server info was returned nil") if serverInfo != nil { var actual64 int64 = 10 @@ -52,7 +52,7 @@ func TestAdminInfo(t *testing.T) { return madmin.InfoMessage{}, errors.New("some reason") } - serverInfo, err = getAdminInfo(ctx, adminClient) + serverInfo, err = GetAdminInfo(ctx, adminClient) assert.Nil(serverInfo, "server info was not returned nil") assert.NotNil(err, "An error should have ben returned") diff --git a/restapi/admin_notification_endpoints.go b/restapi/admin_notification_endpoints.go index 6b6022707..d5503dfd0 100644 --- a/restapi/admin_notification_endpoints.go +++ b/restapi/admin_notification_endpoints.go @@ -77,20 +77,20 @@ func getNotificationEndpoints(ctx context.Context, client MinioAdmin) (*models.N // getNotificationEndpointsResponse returns a list of notification endpoints in the instance func getNotificationEndpointsResponse(session *models.Principal) (*models.NotifEndpointResponse, *models.Error) { - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a minioClient interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} // 20 seconds timeout ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second) defer cancel() // serialize output notfEndpointResp, err := getNotificationEndpoints(ctx, adminClient) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } return notfEndpointResp, nil } @@ -148,20 +148,20 @@ func addNotificationEndpoint(ctx context.Context, client MinioAdmin, params *adm // getNotificationEndpointsResponse returns a list of notification endpoints in the instance func getAddNotificationEndpointResponse(session *models.Principal, params *admin_api.AddNotificationEndpointParams) (*models.SetNotificationEndpointResponse, *models.Error) { - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a minioClient interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} // 20 seconds timeout ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second) defer cancel() // serialize output notfEndpointResp, err := addNotificationEndpoint(ctx, adminClient, params) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } return notfEndpointResp, nil } diff --git a/restapi/admin_policies.go b/restapi/admin_policies.go index 04cd8e4e0..89eee16c8 100644 --- a/restapi/admin_policies.go +++ b/restapi/admin_policies.go @@ -100,17 +100,17 @@ func registersPoliciesHandler(api *operations.ConsoleAPI) { func getListPoliciesWithBucketResponse(session *models.Principal, bucket string) (*models.ListPoliciesResponse, *models.Error) { ctx := context.Background() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a MinIO Admin Client interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} policies, err := listPoliciesWithBucket(ctx, bucket, adminClient) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // serialize output listPoliciesResponse := &models.ListPoliciesResponse{ @@ -178,17 +178,17 @@ func listPolicies(ctx context.Context, client MinioAdmin) ([]*models.Policy, err // getListPoliciesResponse performs listPolicies() and serializes it to the handler's output func getListPoliciesResponse(session *models.Principal) (*models.ListPoliciesResponse, *models.Error) { ctx := context.Background() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a MinIO Admin Client interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} policies, err := listPolicies(ctx, adminClient) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // serialize output listPoliciesResponse := &models.ListPoliciesResponse{ @@ -201,17 +201,17 @@ func getListPoliciesResponse(session *models.Principal) (*models.ListPoliciesRes // getListUsersForPoliciesResponse performs lists users affected by a given policy. func getListUsersForPolicyResponse(session *models.Principal, policy string) ([]string, *models.Error) { ctx := context.Background() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a minioClient interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} users, err := listUsers(ctx, adminClient) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } var filteredUsers []string @@ -229,17 +229,17 @@ func getListUsersForPolicyResponse(session *models.Principal, policy string) ([] func getListGroupsForPolicyResponse(session *models.Principal, policy string) ([]string, *models.Error) { ctx := context.Background() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a minioClient interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} groups, err := adminClient.listGroups(ctx) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } var filteredGroups []string @@ -269,18 +269,18 @@ func removePolicy(ctx context.Context, client MinioAdmin, name string) error { func getRemovePolicyResponse(session *models.Principal, params admin_api.RemovePolicyParams) *models.Error { ctx := context.Background() if params.Name == "" { - return prepareError(errPolicyNameNotInRequest) + return PrepareError(errPolicyNameNotInRequest) } - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return prepareError(err) + return PrepareError(err) } // create a MinIO Admin Client interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} if err := removePolicy(ctx, adminClient, params.Name); err != nil { - return prepareError(err) + return PrepareError(err) } return nil } @@ -308,19 +308,19 @@ func addPolicy(ctx context.Context, client MinioAdmin, name, policy string) (*mo func getAddPolicyResponse(session *models.Principal, params *models.AddPolicyRequest) (*models.Policy, *models.Error) { ctx := context.Background() if params == nil { - return nil, prepareError(errPolicyBodyNotInRequest) + return nil, PrepareError(errPolicyBodyNotInRequest) } - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a MinIO Admin Client interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} policy, err := addPolicy(ctx, adminClient, *params.Name, *params.Policy) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } return policy, nil } @@ -344,16 +344,16 @@ func policyInfo(ctx context.Context, client MinioAdmin, name string) (*models.Po // getPolicyInfoResponse performs policyInfo() and serializes it to the handler's output func getPolicyInfoResponse(session *models.Principal, params admin_api.PolicyInfoParams) (*models.Policy, *models.Error) { ctx := context.Background() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a MinIO Admin Client interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} policy, err := policyInfo(ctx, adminClient, params.Name) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } return policy, nil } @@ -371,34 +371,34 @@ func setPolicy(ctx context.Context, client MinioAdmin, name, entityName string, func getSetPolicyResponse(session *models.Principal, name string, params *models.SetPolicyRequest) *models.Error { ctx := context.Background() if name == "" { - return prepareError(errPolicyNameNotInRequest) + return PrepareError(errPolicyNameNotInRequest) } - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return prepareError(err) + return PrepareError(err) } // create a MinIO Admin Client interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} if err := setPolicy(ctx, adminClient, name, *params.EntityName, *params.EntityType); err != nil { - return prepareError(err) + return PrepareError(err) } return nil } func getSetPolicyMultipleResponse(session *models.Principal, name string, params *models.SetPolicyMultipleRequest) *models.Error { ctx := context.Background() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return prepareError(err) + return PrepareError(err) } // create a MinIO Admin Client interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} if err := setPolicyMultipleEntities(ctx, adminClient, name, params.Users, params.Groups); err != nil { - return prepareError(err) + return PrepareError(err) } return nil } diff --git a/restapi/admin_profiling.go b/restapi/admin_profiling.go index 192b65ac6..edb78b3b7 100644 --- a/restapi/admin_profiling.go +++ b/restapi/admin_profiling.go @@ -86,18 +86,18 @@ func startProfiling(ctx context.Context, client MinioAdmin, profilerType models. func getProfilingStartResponse(session *models.Principal, params *models.ProfilingStartRequest) (*models.StartProfilingList, *models.Error) { ctx := context.Background() if params == nil { - return nil, prepareError(errPolicyBodyNotInRequest) + return nil, PrepareError(errPolicyBodyNotInRequest) } - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a MinIO Admin Client interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} profilingItems, err := startProfiling(ctx, adminClient, *params.Type) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } profilingList := &models.StartProfilingList{ StartResults: profilingItems, @@ -119,16 +119,16 @@ func stopProfiling(ctx context.Context, client MinioAdmin) (io.ReadCloser, error // getProfilingStopResponse() performs setPolicy() and serializes it to the handler's output func getProfilingStopResponse(session *models.Principal) (io.ReadCloser, *models.Error) { ctx := context.Background() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a MinIO Admin Client interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} profilingData, err := stopProfiling(ctx, adminClient) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } return profilingData, nil } diff --git a/restapi/admin_profiling_test.go b/restapi/admin_profiling_test.go index a42833506..2a359594b 100644 --- a/restapi/admin_profiling_test.go +++ b/restapi/admin_profiling_test.go @@ -100,12 +100,10 @@ func TestStopProfiling(t *testing.T) { return &ClosingBuffer{bytes.NewBufferString("In memory string eaeae")}, nil } function := "stopProfiling()" - readCloserInterface, err := stopProfiling(ctx, adminClient) + _, err := stopProfiling(ctx, adminClient) if err != nil { t.Errorf("Failed on %s:, error occurred: %s", function, err.Error()) } - // Check return type of stopProfiling is io.ReadCloser by doing a cast - assert.NotPanics(func() { readCloserInterface.(io.ReadCloser).Close() }) // Test-2 : stopProfiling() Correctly handles errors returned by Minio // mock function response from stopProfiling() minioStopProfiling = func() (io.ReadCloser, error) { diff --git a/restapi/admin_remote_buckets.go b/restapi/admin_remote_buckets.go index a7a9631ab..36590a0e6 100644 --- a/restapi/admin_remote_buckets.go +++ b/restapi/admin_remote_buckets.go @@ -112,12 +112,12 @@ func registerAdminBucketRemoteHandlers(api *operations.ConsoleAPI) { func getListRemoteBucketsResponse(session *models.Principal) (*models.ListRemoteBucketsResponse, error) { ctx := context.Background() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { LogError("error creating Madmin Client: %v", err) return nil, err } - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} buckets, err := listRemoteBuckets(ctx, adminClient) if err != nil { LogError("error listing remote buckets: %v", err) @@ -131,12 +131,12 @@ func getListRemoteBucketsResponse(session *models.Principal) (*models.ListRemote func getRemoteBucketDetailsResponse(session *models.Principal, params user_api.RemoteBucketDetailsParams) (*models.RemoteBucket, error) { ctx := context.Background() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { LogError("error creating Madmin Client: %v", err) return nil, err } - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} bucket, err := getRemoteBucket(ctx, adminClient, params.Name) if err != nil { LogError("error getting remote bucket details: %v", err) @@ -147,12 +147,12 @@ func getRemoteBucketDetailsResponse(session *models.Principal, params user_api.R func getDeleteRemoteBucketResponse(session *models.Principal, params user_api.DeleteRemoteBucketParams) error { ctx := context.Background() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { LogError("error creating Madmin Client: %v", err) return err } - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} err = deleteRemoteBucket(ctx, adminClient, params.SourceBucketName, params.Arn) if err != nil { LogError("error deleting remote bucket: %v", err) @@ -163,12 +163,12 @@ func getDeleteRemoteBucketResponse(session *models.Principal, params user_api.De func getAddRemoteBucketResponse(session *models.Principal, params user_api.AddRemoteBucketParams) error { ctx := context.Background() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { LogError("error creating Madmin Client: %v", err) return err } - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} _, err = addRemoteBucket(ctx, adminClient, *params.Body) if err != nil { LogError("error adding remote bucket: %v", err) @@ -407,17 +407,17 @@ func setMultiBucketReplication(ctx context.Context, session *models.Principal, c func setMultiBucketReplicationResponse(session *models.Principal, params user_api.SetMultiBucketReplicationParams) (*models.MultiBucketResponseState, *models.Error) { ctx := context.Background() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { LogError("error creating Madmin Client:", err) - return nil, prepareError(err) + return nil, PrepareError(err) } - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} mClient, err := newMinioClient(session) if err != nil { LogError("error creating MinIO Client:", err) - return nil, prepareError(err) + return nil, PrepareError(err) } // create a minioClient interface implementation // defining the client to be used @@ -427,7 +427,7 @@ func setMultiBucketReplicationResponse(session *models.Principal, params user_ap if replicationResults == nil { err = errors.New("error setting buckets replication") - return nil, prepareError(err) + return nil, PrepareError(err) } resParsed := []*models.MultiBucketResponseItem{} @@ -454,14 +454,14 @@ func listExternalBucketsResponse(params user_api.ListExternalBucketsParams) (*mo defer cancel() remoteAdmin, err := newAdminFromCreds(*params.Body.AccessKey, *params.Body.SecretKey, *params.Body.TargetURL, *params.Body.UseTLS) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a minioClient interface implementation // defining the client to be used - remoteClient := adminClient{client: remoteAdmin} + remoteClient := AdminClient{Client: remoteAdmin} buckets, err := getAccountInfo(ctx, remoteClient) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // serialize output @@ -514,7 +514,7 @@ func deleteReplicationRuleResponse(session *models.Principal, params user_api.De err := deleteReplicationRule(ctx, session, params.BucketName, params.RuleID) if err != nil { - return prepareError(err) + return PrepareError(err) } return nil } diff --git a/restapi/admin_service.go b/restapi/admin_service.go index 2e119ac79..f21bd6723 100644 --- a/restapi/admin_service.go +++ b/restapi/admin_service.go @@ -61,16 +61,16 @@ func serviceRestart(ctx context.Context, client MinioAdmin) error { // getRestartServiceResponse performs serviceRestart() func getRestartServiceResponse(session *models.Principal) *models.Error { ctx := context.Background() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return prepareError(err) + return PrepareError(err) } // create a MinIO Admin Client interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} if err := serviceRestart(ctx, adminClient); err != nil { - return prepareError(err) + return PrepareError(err) } return nil } diff --git a/restapi/admin_subscription.go b/restapi/admin_subscription.go index c1e615073..c28250732 100644 --- a/restapi/admin_subscription.go +++ b/restapi/admin_subscription.go @@ -18,19 +18,8 @@ package restapi import ( - "context" - "errors" - "fmt" - "time" - - miniov2 "github.com/minio/operator/pkg/apis/minio.min.io/v2" - - "github.com/minio/console/pkg/acl" - "github.com/minio/console/cluster" "github.com/minio/console/pkg/subnet" - corev1 "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "github.com/go-openapi/runtime/middleware" "github.com/minio/console/models" @@ -39,215 +28,22 @@ import ( ) func registerSubscriptionHandlers(api *operations.ConsoleAPI) { - // Validate subscription handler - api.AdminAPISubscriptionValidateHandler = admin_api.SubscriptionValidateHandlerFunc(func(params admin_api.SubscriptionValidateParams, session *models.Principal) middleware.Responder { - license, err := getSubscriptionValidateResponse(session, params.Body) - if err != nil { - return admin_api.NewSubscriptionValidateDefault(int(err.Code)).WithPayload(err) - } - return admin_api.NewSubscriptionValidateOK().WithPayload(license) - }) - // Activate license subscription for a particular tenant - api.AdminAPISubscriptionActivateHandler = admin_api.SubscriptionActivateHandlerFunc(func(params admin_api.SubscriptionActivateParams, session *models.Principal) middleware.Responder { - err := getSubscriptionActivateResponse(session, params.Namespace, params.Tenant) - if err != nil { - return admin_api.NewSubscriptionActivateDefault(int(err.Code)).WithPayload(err) - } - return admin_api.NewSubscriptionActivateNoContent() - }) // Get subscription information handler api.AdminAPISubscriptionInfoHandler = admin_api.SubscriptionInfoHandlerFunc(func(params admin_api.SubscriptionInfoParams, session *models.Principal) middleware.Responder { - license, err := getSubscriptionInfoResponse(session) + license, err := getSubscriptionInfoResponse() if err != nil { return admin_api.NewSubscriptionInfoDefault(int(err.Code)).WithPayload(err) } return admin_api.NewSubscriptionInfoOK().WithPayload(license) }) - // Refresh license for k8s cluster - api.AdminAPISubscriptionRefreshHandler = admin_api.SubscriptionRefreshHandlerFunc(func(params admin_api.SubscriptionRefreshParams, session *models.Principal) middleware.Responder { - license, err := getSubscriptionRefreshResponse(session) - if err != nil { - return admin_api.NewSubscriptionRefreshDefault(int(err.Code)).WithPayload(err) - } - return admin_api.NewSubscriptionRefreshOK().WithPayload(license) - }) } // retrieveLicense returns license from K8S secrets (If console is deployed in operator mode) or from // the configured CONSOLE_SUBNET_LICENSE environment variable -func retrieveLicense(ctx context.Context, sessionToken string) (string, error) { - var license string - // If Console is running in operator mode retrieve License stored in K8s secrets - if acl.GetOperatorMode() { - // configure kubernetes client - clientSet, err := cluster.K8sClient(sessionToken) - if err != nil { - return "", err - } - k8sClient := k8sClient{ - client: clientSet, - } - // Get cluster subscription license - license, err = getSubscriptionLicense(ctx, &k8sClient, cluster.Namespace, OperatorSubnetLicenseSecretName) - if err != nil { - return "", err - } - } else { - // If Console is running in Tenant Admin mode retrieve license from env variable - license = GetSubnetLicense() - } - return license, nil -} - -// addSubscriptionLicenseToTenant replace existing console tenant secret and adds the subnet license key -func addSubscriptionLicenseToTenant(ctx context.Context, clientSet K8sClientI, license, namespace, tenantName, secretName string) error { - // Retrieve console secret for Tenant - consoleSecret, err := clientSet.getSecret(ctx, namespace, secretName, metav1.GetOptions{}) - if err != nil { - return err - } - // Copy current console secret - dataNewSecret := consoleSecret.Data - // Add subnet license to the new console secret - dataNewSecret[ConsoleSubnetLicense] = []byte(license) - // Delete existing console secret - err = clientSet.deleteSecret(ctx, namespace, secretName, metav1.DeleteOptions{}) - if err != nil { - return err - } - // Prepare the new Console Secret - imm := true - newConsoleSecret := &corev1.Secret{ - ObjectMeta: metav1.ObjectMeta{ - Name: secretName, - Labels: map[string]string{ - miniov2.TenantLabel: tenantName, - }, - }, - Immutable: &imm, - Data: dataNewSecret, - } - // Create new Console secret with the subnet License - _, err = clientSet.createSecret(ctx, namespace, newConsoleSecret, metav1.CreateOptions{}) - if err != nil { - return err - } - // restart Console pods based on label: - // v1.min.io/console: TENANT-console - err = clientSet.deletePodCollection(ctx, namespace, metav1.DeleteOptions{}, metav1.ListOptions{ - LabelSelector: fmt.Sprintf("%s=%s%s", miniov2.ConsoleTenantLabel, tenantName, miniov2.ConsoleName), - }) - if err != nil { - return err - } - return nil -} - -func getSubscriptionActivateResponse(session *models.Principal, namespace, tenant string) *models.Error { - // 20 seconds timeout - ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second) - defer cancel() - opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken) - if err != nil { - return prepareError(errorGeneric, nil, err) - } - clientSet, err := cluster.K8sClient(session.STSSessionToken) - if err != nil { - return prepareError(errorGeneric, nil, err) - } - opClient := &operatorClient{ - client: opClientClientSet, - } - minTenant, err := getTenant(ctx, opClient, namespace, tenant) - if err != nil { - return prepareError(err, errorGeneric) - } - // If console is not deployed for this tenant return an error - if minTenant.Spec.Console == nil { - return prepareError(ErrorGenericNotFound) - } - - // configure kubernetes client - k8sClient := k8sClient{ - client: clientSet, - } - // Get cluster subscription license - license, err := getSubscriptionLicense(ctx, &k8sClient, cluster.Namespace, OperatorSubnetLicenseSecretName) - if err != nil { - return prepareError(errInvalidCredentials, nil, err) - } - // add subscription license to existing console Tenant - if err = addSubscriptionLicenseToTenant(ctx, &k8sClient, license, namespace, tenant, minTenant.Spec.Console.ConsoleSecret.Name); err != nil { - return prepareError(err, errorGeneric) - } - return nil -} - -// saveSubscriptionLicense will create or replace an existing subnet license secret in the k8s cluster -func saveSubscriptionLicense(ctx context.Context, clientSet K8sClientI, license string) error { - // Delete subnet license secret if exists - err := clientSet.deleteSecret(ctx, cluster.Namespace, OperatorSubnetLicenseSecretName, metav1.DeleteOptions{}) - if err != nil { - // log the error if any and continue - LogError("unable to delete secret %s: %v", OperatorSubnetLicenseSecretName, err) - } - // Save subnet license in k8s secrets - imm := true - licenseSecret := &corev1.Secret{ - ObjectMeta: metav1.ObjectMeta{ - Name: OperatorSubnetLicenseSecretName, - }, - Immutable: &imm, - Data: map[string][]byte{ - ConsoleSubnetLicense: []byte(license), - }, - } - _, err = clientSet.createSecret(ctx, cluster.Namespace, licenseSecret, metav1.CreateOptions{}) - if err != nil { - return err - } - return nil -} - -// updateTenantLicenseAndRestartConsole -func updateTenantLicenseAndRestartConsole(ctx context.Context, clientSet K8sClientI, license, namespace, tenantName string) error { - consoleSelector := fmt.Sprintf("%s-console", tenantName) - consoleSecretName := fmt.Sprintf("%s-secret", consoleSelector) - // read current console configuration from k8s secrets - currentConsoleSecret, err := clientSet.getSecret(ctx, namespace, consoleSecretName, metav1.GetOptions{}) - if err != nil || currentConsoleSecret == nil { - return err - } - secretData := currentConsoleSecret.Data - secretData[ConsoleSubnetLicense] = []byte(license) - // delete existing console configuration from k8s secrets - err = clientSet.deleteSecret(ctx, namespace, consoleSecretName, metav1.DeleteOptions{}) - if err != nil { - // log the error if any and continue - LogError("unable to delete secret %s: %v", consoleSecretName, err) - } - // Save subnet license in k8s secrets - imm := true - consoleConfigSecret := &corev1.Secret{ - ObjectMeta: metav1.ObjectMeta{ - Name: consoleSecretName, - }, - Immutable: &imm, - Data: secretData, - } - _, err = clientSet.createSecret(ctx, namespace, consoleConfigSecret, metav1.CreateOptions{}) - if err != nil { - return err - } - // restart Console pods based on label: - // v1.min.io/console: TENANT-console - err = clientSet.deletePodCollection(ctx, namespace, metav1.DeleteOptions{}, metav1.ListOptions{ - LabelSelector: fmt.Sprintf("%s=%s%s", miniov2.ConsoleTenantLabel, tenantName, miniov2.ConsoleName), - }) - if err != nil { - return err - } - return nil +func retrieveLicense() string { + // If Console is running in Tenant Admin mode retrieve license from env variable + license := GetSubnetLicense() + return license } // subscriptionValidate will validate the provided jwt license against the subnet public key @@ -266,167 +62,17 @@ func subscriptionValidate(client cluster.HTTPClientI, license, email, password s }, rawLicense, nil } -// getSubscriptionValidateResponse -func getSubscriptionValidateResponse(session *models.Principal, params *models.SubscriptionValidateRequest) (*models.License, *models.Error) { - // 20 seconds timeout - ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second) - defer cancel() - - client := &cluster.HTTPClient{ - Client: GetConsoleSTSClient(), - } - // validate license key - licenseInfo, license, err := subscriptionValidate(client, params.License, params.Email, params.Password) - if err != nil { - return nil, prepareError(errInvalidLicense, nil, err) - } - // configure kubernetes client - clientSet, err := cluster.K8sClient(session.STSSessionToken) - k8sClient := k8sClient{ - client: clientSet, - } - if err != nil { - return nil, prepareError(errorGeneric, nil, err) - } - // save license key to k8s - if err = saveSubscriptionLicense(ctx, &k8sClient, license); err != nil { - return nil, prepareError(errorGeneric, nil, err) - } - return licenseInfo, nil -} - -// getSubscriptionLicense will retrieve stored license jwt from k8s secret -func getSubscriptionLicense(ctx context.Context, clientSet K8sClientI, namespace, secretName string) (string, error) { - // retrieve license stored in k8s - licenseSecret, err := clientSet.getSecret(ctx, namespace, secretName, metav1.GetOptions{}) - if err != nil { - return "", err - } - license, ok := licenseSecret.Data[ConsoleSubnetLicense] - if !ok { - LogError("subnet secret does not contain a valid subnet license") - return "", errorGeneric - } - return string(license), nil -} - // getSubscriptionInfoResponse returns information about the current configured subnet license for Console -func getSubscriptionInfoResponse(session *models.Principal) (*models.License, *models.Error) { +func getSubscriptionInfoResponse() (*models.License, *models.Error) { var licenseInfo *models.License client := &cluster.HTTPClient{ Client: GetConsoleSTSClient(), } - licenseKey, err := retrieveLicense(context.Background(), session.STSSessionToken) - if err != nil { - return nil, prepareError(errLicenseNotFound, nil, err) - } + licenseKey := retrieveLicense() // validate license key and obtain license info - licenseInfo, _, err = subscriptionValidate(client, licenseKey, "", "") + licenseInfo, _, err := subscriptionValidate(client, licenseKey, "", "") if err != nil { - return nil, prepareError(errLicenseNotFound, nil, err) + return nil, PrepareError(errLicenseNotFound, nil, err) } return licenseInfo, nil } - -func subscriptionRefresh(httpClient *cluster.HTTPClient, license string) (*models.License, string, error) { - licenseInfo, rawLicense, err := subnet.RefreshLicense(httpClient, license) - if err != nil { - return nil, "", err - } - return &models.License{ - Email: licenseInfo.Email, - AccountID: licenseInfo.AccountID, - StorageCapacity: licenseInfo.StorageCapacity, - Plan: licenseInfo.Plan, - ExpiresAt: licenseInfo.ExpiresAt.String(), - Organization: licenseInfo.Organization, - }, rawLicense, nil -} - -func getSubscriptionRefreshResponse(session *models.Principal) (*models.License, *models.Error) { - // 20 seconds timeout - ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second) - defer cancel() - client := &cluster.HTTPClient{ - Client: GetConsoleSTSClient(), - } - licenseKey, err := retrieveLicense(context.Background(), session.STSSessionToken) - if err != nil { - return nil, prepareError(errLicenseNotFound, nil, err) - } - newLicenseInfo, licenseRaw, err := subscriptionRefresh(client, licenseKey) - if err != nil { - return nil, prepareError(errLicenseNotFound, nil, err) - } - // configure kubernetes client - clientSet, err := cluster.K8sClient(session.STSSessionToken) - if err != nil { - return nil, prepareError(errLicenseNotFound, nil, err) - } - k8sClient := k8sClient{ - client: clientSet, - } - // save license key to k8s and restart all console pods - if err = saveSubscriptionLicense(ctx, &k8sClient, licenseRaw); err != nil { - return nil, prepareError(errorGeneric, nil, err) - } - // update license for all existing tenants - opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken) - if err != nil { - return nil, prepareError(err) - } - opClient := &operatorClient{ - client: opClientClientSet, - } - tenants, err := listTenants(ctx, opClient, "", nil) - if err != nil { - return nil, prepareError(err) - } - // iterate over all tenants, update console configuration and restart console pods - for _, tenant := range tenants.Tenants { - if err := updateTenantLicenseAndRestartConsole(ctx, &k8sClient, licenseRaw, tenant.Namespace, tenant.Name); err != nil { - LogError("unable to updateTenantLicenseAndRestartConsole: %v", err) - } - } - - return newLicenseInfo, nil -} - -// RefreshLicense will check current subnet license and try to renew it -func RefreshLicense() error { - // Get current license - saK8SToken := getK8sSAToken() - licenseKey, err := retrieveLicense(context.Background(), saK8SToken) - if licenseKey == "" { - return errors.New("no license present") - } - if err != nil { - return err - } - client := &cluster.HTTPClient{ - Client: GetConsoleSTSClient(), - } - // Attempt to refresh license - _, refreshedLicenseKey, err := subscriptionRefresh(client, licenseKey) - if err != nil { - return err - } - if refreshedLicenseKey == "" { - return errors.New("license expired, please open a support ticket at https://subnet.min.io/") - } - // store new license in memory for console ui - LicenseKey = refreshedLicenseKey - if acl.GetOperatorMode() { - ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second) - defer cancel() - clientSet, err := cluster.K8sClient(saK8SToken) - if err != nil { - return err - } - k8sClient := k8sClient{ - client: clientSet, - } - return saveSubscriptionLicense(ctx, &k8sClient, refreshedLicenseKey) - } - return nil -} diff --git a/restapi/admin_tiers.go b/restapi/admin_tiers.go index 356f80a94..c00d3e59c 100644 --- a/restapi/admin_tiers.go +++ b/restapi/admin_tiers.go @@ -131,20 +131,20 @@ func getTiers(ctx context.Context, client MinioAdmin) (*models.TierListResponse, // getTiersResponse returns a response with a list of tiers func getTiersResponse(session *models.Principal) (*models.TierListResponse, *models.Error) { - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a minioClient interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} // 20 seconds timeout ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second) defer cancel() // serialize output tiersResp, err := getTiers(ctx, adminClient) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } return tiersResp, nil } @@ -221,20 +221,20 @@ func addTier(ctx context.Context, client MinioAdmin, params *admin_api.AddTierPa // getAddTierResponse returns the response of admin tier func getAddTierResponse(session *models.Principal, params *admin_api.AddTierParams) *models.Error { - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return prepareError(err) + return PrepareError(err) } // create a minioClient interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} // 20 seconds timeout ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second) defer cancel() // serialize output errTier := addTier(ctx, adminClient, params) if errTier != nil { - return prepareError(errTier) + return PrepareError(errTier) } return nil } @@ -304,20 +304,20 @@ func getTier(ctx context.Context, client MinioAdmin, params *admin_api.GetTierPa // getGetTierResponse returns a tier func getGetTierResponse(session *models.Principal, params *admin_api.GetTierParams) (*models.Tier, *models.Error) { - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a minioClient interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} // 20 seconds timeout ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second) defer cancel() // serialize output addTierResp, err := getTier(ctx, adminClient, params) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } return addTierResp, nil } @@ -340,20 +340,20 @@ func editTierCredentials(ctx context.Context, client MinioAdmin, params *admin_a // getEditTierCredentialsResponse returns the result of editing credentials for a tier func getEditTierCredentialsResponse(session *models.Principal, params *admin_api.EditTierCredentialsParams) *models.Error { - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return prepareError(err) + return PrepareError(err) } // create a minioClient interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} // 20 seconds timeout ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second) defer cancel() // serialize output err = editTierCredentials(ctx, adminClient, params) if err != nil { - return prepareError(err) + return PrepareError(err) } return nil } diff --git a/restapi/admin_users.go b/restapi/admin_users.go index 83a2c8cab..ed4408b12 100644 --- a/restapi/admin_users.go +++ b/restapi/admin_users.go @@ -143,17 +143,17 @@ func listUsers(ctx context.Context, client MinioAdmin) ([]*models.User, error) { // getListUsersResponse performs listUsers() and serializes it to the handler's output func getListUsersResponse(session *models.Principal) (*models.ListUsersResponse, *models.Error) { ctx := context.Background() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a minioClient interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} users, err := listUsers(ctx, adminClient) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // serialize output listUsersResponse := &models.ListUsersResponse{ @@ -189,17 +189,17 @@ func addUser(ctx context.Context, client MinioAdmin, accessKey, secretKey *strin func getUserAddResponse(session *models.Principal, params admin_api.AddUserParams) (*models.User, *models.Error) { ctx := context.Background() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a minioClient interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} user, err := addUser(ctx, adminClient, params.Body.AccessKey, params.Body.SecretKey, params.Body.Groups) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } return user, nil } @@ -212,21 +212,21 @@ func removeUser(ctx context.Context, client MinioAdmin, accessKey string) error func getRemoveUserResponse(session *models.Principal, params admin_api.RemoveUserParams) *models.Error { ctx := context.Background() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return prepareError(err) + return PrepareError(err) } if session.AccountAccessKey == params.Name { - return prepareError(errAvoidSelfAccountDelete) + return PrepareError(errAvoidSelfAccountDelete) } // create a minioClient interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} if err := removeUser(ctx, adminClient, params.Name); err != nil { - return prepareError(err) + return PrepareError(err) } return nil @@ -245,18 +245,18 @@ func getUserInfo(ctx context.Context, client MinioAdmin, accessKey string) (*mad func getUserInfoResponse(session *models.Principal, params admin_api.GetUserInfoParams) (*models.User, *models.Error) { ctx := context.Background() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a minioClient interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} user, err := getUserInfo(ctx, adminClient, params.Name) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } userInformation := &models.User{ @@ -360,19 +360,19 @@ func updateUserGroups(ctx context.Context, client MinioAdmin, user string, group func getUpdateUserGroupsResponse(session *models.Principal, params admin_api.UpdateUserGroupsParams) (*models.User, *models.Error) { ctx := context.Background() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a minioClient interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} user, err := updateUserGroups(ctx, adminClient, params.Name, params.Body.Groups) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } return user, nil @@ -396,27 +396,27 @@ func setUserStatus(ctx context.Context, client MinioAdmin, user string, status s func getUpdateUserResponse(session *models.Principal, params admin_api.UpdateUserInfoParams) (*models.User, *models.Error) { ctx := context.Background() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a minioClient interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} name := params.Name status := *params.Body.Status groups := params.Body.Groups if err := setUserStatus(ctx, adminClient, name, status); err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } userElem, errUG := updateUserGroups(ctx, adminClient, name, groups) if errUG != nil { - return nil, prepareError(errUG) + return nil, PrepareError(errUG) } return userElem, nil } @@ -467,20 +467,20 @@ func addUsersListToGroups(ctx context.Context, client MinioAdmin, usersToUpdate func getAddUsersListToGroupsResponse(session *models.Principal, params admin_api.BulkUpdateUsersGroupsParams) *models.Error { ctx := context.Background() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return prepareError(err) + return PrepareError(err) } // create a minioClient interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} usersList := params.Body.Users groupsList := params.Body.Groups if err := addUsersListToGroups(ctx, adminClient, usersList, groupsList); err != nil { - return prepareError(err) + return PrepareError(err) } return nil @@ -488,13 +488,13 @@ func getAddUsersListToGroupsResponse(session *models.Principal, params admin_api func getListUsersWithAccessToBucketResponse(session *models.Principal, bucket string) ([]string, *models.Error) { ctx := context.Background() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a minioClient interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} return listUsersWithAccessToBucket(ctx, adminClient, bucket) } @@ -519,7 +519,7 @@ func policyAllowsAndMatchesBucket(policy *iampolicy.Policy, bucket string) int { func listUsersWithAccessToBucket(ctx context.Context, adminClient MinioAdmin, bucket string) ([]string, *models.Error) { users, err := adminClient.listUsers(ctx) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } var retval []string akHasAccess := make(map[string]struct{}) @@ -595,13 +595,13 @@ func changeUserPassword(ctx context.Context, client MinioAdmin, selectedUser str // getChangeUserPasswordResponse will change the password of selctedUser to newSecretKey func getChangeUserPasswordResponse(session *models.Principal, params admin_api.ChangeUserPasswordParams) *models.Error { ctx := context.Background() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return prepareError(err) + return PrepareError(err) } // create a minioClient interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} // params will contain selectedUser and newSecretKey credentials for the user user := *params.Body.SelectedUser @@ -609,7 +609,7 @@ func getChangeUserPasswordResponse(session *models.Principal, params admin_api.C // changes password of user to newSecretKey if err := changeUserPassword(ctx, adminClient, user, newSecretKey); err != nil { - return prepareError(err) + return PrepareError(err) } return nil } diff --git a/restapi/admin_users_test.go b/restapi/admin_users_test.go index 077e26d89..4534501f9 100644 --- a/restapi/admin_users_test.go +++ b/restapi/admin_users_test.go @@ -516,7 +516,7 @@ func TestListUsersWithAccessToBucket(t *testing.T) { } return mockResponse, nil } - return nil, errorGeneric + return nil, ErrorGeneric } type args struct { bucket string diff --git a/restapi/client-admin.go b/restapi/client-admin.go index 3f9b368fb..a927ea8c7 100644 --- a/restapi/client-admin.go +++ b/restapi/client-admin.go @@ -91,7 +91,7 @@ type MinioAdmin interface { stopProfiling(ctx context.Context) (io.ReadCloser, error) serviceTrace(ctx context.Context, threshold int64, s3, internal, storage, os, errTrace bool) <-chan madmin.ServiceTraceInfo getLogs(ctx context.Context, node string, lineCnt int, logKind string) <-chan madmin.LogInfo - accountInfo(ctx context.Context) (madmin.AccountInfo, error) + AccountInfo(ctx context.Context) (madmin.AccountInfo, error) heal(ctx context.Context, bucket, prefix string, healOpts madmin.HealOpts, clientToken string, forceStart, forceStop bool) (healStart madmin.HealStartSuccess, healTaskStatus madmin.HealTaskStatus, err error) // Service Accounts @@ -119,62 +119,62 @@ type MinioAdmin interface { // // Define the structure of a minIO Client and define the functions that are actually used // from minIO api. -type adminClient struct { - client *madmin.AdminClient +type AdminClient struct { + Client *madmin.AdminClient } -func (ac adminClient) changePassword(ctx context.Context, accessKey, secretKey string) error { - return ac.client.SetUser(ctx, accessKey, secretKey, madmin.AccountEnabled) +func (ac AdminClient) changePassword(ctx context.Context, accessKey, secretKey string) error { + return ac.Client.SetUser(ctx, accessKey, secretKey, madmin.AccountEnabled) } // implements madmin.ListUsers() -func (ac adminClient) listUsers(ctx context.Context) (map[string]madmin.UserInfo, error) { - return ac.client.ListUsers(ctx) +func (ac AdminClient) listUsers(ctx context.Context) (map[string]madmin.UserInfo, error) { + return ac.Client.ListUsers(ctx) } // implements madmin.AddUser() -func (ac adminClient) addUser(ctx context.Context, accessKey, secretKey string) error { - return ac.client.AddUser(ctx, accessKey, secretKey) +func (ac AdminClient) addUser(ctx context.Context, accessKey, secretKey string) error { + return ac.Client.AddUser(ctx, accessKey, secretKey) } // implements madmin.RemoveUser() -func (ac adminClient) removeUser(ctx context.Context, accessKey string) error { - return ac.client.RemoveUser(ctx, accessKey) +func (ac AdminClient) removeUser(ctx context.Context, accessKey string) error { + return ac.Client.RemoveUser(ctx, accessKey) } //implements madmin.GetUserInfo() -func (ac adminClient) getUserInfo(ctx context.Context, accessKey string) (madmin.UserInfo, error) { - return ac.client.GetUserInfo(ctx, accessKey) +func (ac AdminClient) getUserInfo(ctx context.Context, accessKey string) (madmin.UserInfo, error) { + return ac.Client.GetUserInfo(ctx, accessKey) } // implements madmin.SetUserStatus() -func (ac adminClient) setUserStatus(ctx context.Context, accessKey string, status madmin.AccountStatus) error { - return ac.client.SetUserStatus(ctx, accessKey, status) +func (ac AdminClient) setUserStatus(ctx context.Context, accessKey string, status madmin.AccountStatus) error { + return ac.Client.SetUserStatus(ctx, accessKey, status) } // implements madmin.ListGroups() -func (ac adminClient) listGroups(ctx context.Context) ([]string, error) { - return ac.client.ListGroups(ctx) +func (ac AdminClient) listGroups(ctx context.Context) ([]string, error) { + return ac.Client.ListGroups(ctx) } // implements madmin.UpdateGroupMembers() -func (ac adminClient) updateGroupMembers(ctx context.Context, greq madmin.GroupAddRemove) error { - return ac.client.UpdateGroupMembers(ctx, greq) +func (ac AdminClient) updateGroupMembers(ctx context.Context, greq madmin.GroupAddRemove) error { + return ac.Client.UpdateGroupMembers(ctx, greq) } // implements madmin.GetGroupDescription(group) -func (ac adminClient) getGroupDescription(ctx context.Context, group string) (*madmin.GroupDesc, error) { - return ac.client.GetGroupDescription(ctx, group) +func (ac AdminClient) getGroupDescription(ctx context.Context, group string) (*madmin.GroupDesc, error) { + return ac.Client.GetGroupDescription(ctx, group) } // implements madmin.SetGroupStatus(group, status) -func (ac adminClient) setGroupStatus(ctx context.Context, group string, status madmin.GroupStatus) error { - return ac.client.SetGroupStatus(ctx, group, status) +func (ac AdminClient) setGroupStatus(ctx context.Context, group string, status madmin.GroupStatus) error { + return ac.Client.SetGroupStatus(ctx, group, status) } // implements madmin.ListCannedPolicies() -func (ac adminClient) listPolicies(ctx context.Context) (map[string]*iampolicy.Policy, error) { - policyMap, err := ac.client.ListCannedPolicies(ctx) +func (ac AdminClient) listPolicies(ctx context.Context) (map[string]*iampolicy.Policy, error) { + policyMap, err := ac.Client.ListCannedPolicies(ctx) if err != nil { return nil, err } @@ -190,8 +190,8 @@ func (ac adminClient) listPolicies(ctx context.Context) (map[string]*iampolicy.P } // implements madmin.ListCannedPolicies() -func (ac adminClient) getPolicy(ctx context.Context, name string) (*iampolicy.Policy, error) { - praw, err := ac.client.InfoCannedPolicy(ctx, name) +func (ac AdminClient) getPolicy(ctx context.Context, name string) (*iampolicy.Policy, error) { + praw, err := ac.Client.InfoCannedPolicy(ctx, name) if err != nil { return nil, err } @@ -199,61 +199,61 @@ func (ac adminClient) getPolicy(ctx context.Context, name string) (*iampolicy.Po } // implements madmin.RemoveCannedPolicy() -func (ac adminClient) removePolicy(ctx context.Context, name string) error { - return ac.client.RemoveCannedPolicy(ctx, name) +func (ac AdminClient) removePolicy(ctx context.Context, name string) error { + return ac.Client.RemoveCannedPolicy(ctx, name) } // implements madmin.AddCannedPolicy() -func (ac adminClient) addPolicy(ctx context.Context, name string, policy *iampolicy.Policy) error { +func (ac AdminClient) addPolicy(ctx context.Context, name string, policy *iampolicy.Policy) error { buf, err := json.Marshal(policy) if err != nil { return err } - return ac.client.AddCannedPolicy(ctx, name, buf) + return ac.Client.AddCannedPolicy(ctx, name, buf) } // implements madmin.SetPolicy() -func (ac adminClient) setPolicy(ctx context.Context, policyName, entityName string, isGroup bool) error { - return ac.client.SetPolicy(ctx, policyName, entityName, isGroup) +func (ac AdminClient) setPolicy(ctx context.Context, policyName, entityName string, isGroup bool) error { + return ac.Client.SetPolicy(ctx, policyName, entityName, isGroup) } // implements madmin.GetConfigKV() -func (ac adminClient) getConfigKV(ctx context.Context, key string) ([]byte, error) { - return ac.client.GetConfigKV(ctx, key) +func (ac AdminClient) getConfigKV(ctx context.Context, key string) ([]byte, error) { + return ac.Client.GetConfigKV(ctx, key) } // implements madmin.HelpConfigKV() -func (ac adminClient) helpConfigKV(ctx context.Context, subSys, key string, envOnly bool) (madmin.Help, error) { - return ac.client.HelpConfigKV(ctx, subSys, key, envOnly) +func (ac AdminClient) helpConfigKV(ctx context.Context, subSys, key string, envOnly bool) (madmin.Help, error) { + return ac.Client.HelpConfigKV(ctx, subSys, key, envOnly) } // implements madmin.SetConfigKV() -func (ac adminClient) setConfigKV(ctx context.Context, kv string) (restart bool, err error) { - return ac.client.SetConfigKV(ctx, kv) +func (ac AdminClient) setConfigKV(ctx context.Context, kv string) (restart bool, err error) { + return ac.Client.SetConfigKV(ctx, kv) } // implements madmin.ServiceRestart() -func (ac adminClient) serviceRestart(ctx context.Context) (err error) { - return ac.client.ServiceRestart(ctx) +func (ac AdminClient) serviceRestart(ctx context.Context) (err error) { + return ac.Client.ServiceRestart(ctx) } // implements madmin.ServerInfo() -func (ac adminClient) serverInfo(ctx context.Context) (madmin.InfoMessage, error) { - return ac.client.ServerInfo(ctx) +func (ac AdminClient) serverInfo(ctx context.Context) (madmin.InfoMessage, error) { + return ac.Client.ServerInfo(ctx) } // implements madmin.StartProfiling() -func (ac adminClient) startProfiling(ctx context.Context, profiler madmin.ProfilerType) ([]madmin.StartProfilingResult, error) { - return ac.client.StartProfiling(ctx, profiler) +func (ac AdminClient) startProfiling(ctx context.Context, profiler madmin.ProfilerType) ([]madmin.StartProfilingResult, error) { + return ac.Client.StartProfiling(ctx, profiler) } // implements madmin.DownloadProfilingData() -func (ac adminClient) stopProfiling(ctx context.Context) (io.ReadCloser, error) { - return ac.client.DownloadProfilingData(ctx) +func (ac AdminClient) stopProfiling(ctx context.Context) (io.ReadCloser, error) { + return ac.Client.DownloadProfilingData(ctx) } // implements madmin.ServiceTrace() -func (ac adminClient) serviceTrace(ctx context.Context, threshold int64, s3, internal, storage, os, errTrace bool) <-chan madmin.ServiceTraceInfo { +func (ac AdminClient) serviceTrace(ctx context.Context, threshold int64, s3, internal, storage, os, errTrace bool) <-chan madmin.ServiceTraceInfo { thresholdT := time.Duration(threshold) tracingOptions := madmin.ServiceTraceOpts{ @@ -265,21 +265,21 @@ func (ac adminClient) serviceTrace(ctx context.Context, threshold int64, s3, int Threshold: thresholdT, } - return ac.client.ServiceTrace(ctx, tracingOptions) + return ac.Client.ServiceTrace(ctx, tracingOptions) } // implements madmin.GetLogs() -func (ac adminClient) getLogs(ctx context.Context, node string, lineCnt int, logKind string) <-chan madmin.LogInfo { - return ac.client.GetLogs(ctx, node, lineCnt, logKind) +func (ac AdminClient) getLogs(ctx context.Context, node string, lineCnt int, logKind string) <-chan madmin.LogInfo { + return ac.Client.GetLogs(ctx, node, lineCnt, logKind) } // implements madmin.AddServiceAccount() -func (ac adminClient) addServiceAccount(ctx context.Context, policy *iampolicy.Policy) (madmin.Credentials, error) { +func (ac AdminClient) addServiceAccount(ctx context.Context, policy *iampolicy.Policy) (madmin.Credentials, error) { buf, err := json.Marshal(policy) if err != nil { return madmin.Credentials{}, err } - return ac.client.AddServiceAccount(ctx, madmin.AddServiceAccountReq{ + return ac.Client.AddServiceAccount(ctx, madmin.AddServiceAccountReq{ Policy: buf, TargetUser: "", AccessKey: "", @@ -288,34 +288,34 @@ func (ac adminClient) addServiceAccount(ctx context.Context, policy *iampolicy.P } // implements madmin.ListServiceAccounts() -func (ac adminClient) listServiceAccounts(ctx context.Context, user string) (madmin.ListServiceAccountsResp, error) { +func (ac AdminClient) listServiceAccounts(ctx context.Context, user string) (madmin.ListServiceAccountsResp, error) { // TODO: Fix this - return ac.client.ListServiceAccounts(ctx, user) + return ac.Client.ListServiceAccounts(ctx, user) } // implements madmin.DeleteServiceAccount() -func (ac adminClient) deleteServiceAccount(ctx context.Context, serviceAccount string) error { - return ac.client.DeleteServiceAccount(ctx, serviceAccount) +func (ac AdminClient) deleteServiceAccount(ctx context.Context, serviceAccount string) error { + return ac.Client.DeleteServiceAccount(ctx, serviceAccount) } -// implements madmin.AccountingUsageInfo() -func (ac adminClient) accountInfo(ctx context.Context) (madmin.AccountInfo, error) { - return ac.client.AccountInfo(ctx) +// AccountInfo implements madmin.AccountingUsageInfo() +func (ac AdminClient) AccountInfo(ctx context.Context) (madmin.AccountInfo, error) { + return ac.Client.AccountInfo(ctx) } -func (ac adminClient) heal(ctx context.Context, bucket, prefix string, healOpts madmin.HealOpts, clientToken string, +func (ac AdminClient) heal(ctx context.Context, bucket, prefix string, healOpts madmin.HealOpts, clientToken string, forceStart, forceStop bool) (healStart madmin.HealStartSuccess, healTaskStatus madmin.HealTaskStatus, err error) { - return ac.client.Heal(ctx, bucket, prefix, healOpts, clientToken, forceStart, forceStop) + return ac.Client.Heal(ctx, bucket, prefix, healOpts, clientToken, forceStart, forceStop) } // listRemoteBuckets - return a list of remote buckets -func (ac adminClient) listRemoteBuckets(ctx context.Context, bucket, arnType string) (targets []madmin.BucketTarget, err error) { - return ac.client.ListRemoteTargets(ctx, bucket, arnType) +func (ac AdminClient) listRemoteBuckets(ctx context.Context, bucket, arnType string) (targets []madmin.BucketTarget, err error) { + return ac.Client.ListRemoteTargets(ctx, bucket, arnType) } // getRemoteBucket - gets remote bucked based on a given bucket name -func (ac adminClient) getRemoteBucket(ctx context.Context, bucket, arnType string) (*madmin.BucketTarget, error) { - targets, err := ac.client.ListRemoteTargets(ctx, bucket, arnType) +func (ac AdminClient) getRemoteBucket(ctx context.Context, bucket, arnType string) (*madmin.BucketTarget, error) { + targets, err := ac.Client.ListRemoteTargets(ctx, bucket, arnType) if err != nil { return nil, err } @@ -326,26 +326,26 @@ func (ac adminClient) getRemoteBucket(ctx context.Context, bucket, arnType strin } // removeRemoteBucket removes a remote target associated with particular ARN for this bucket -func (ac adminClient) removeRemoteBucket(ctx context.Context, bucket, arn string) error { - return ac.client.RemoveRemoteTarget(ctx, bucket, arn) +func (ac AdminClient) removeRemoteBucket(ctx context.Context, bucket, arn string) error { + return ac.Client.RemoveRemoteTarget(ctx, bucket, arn) } // addRemoteBucket sets up a remote target for this bucket -func (ac adminClient) addRemoteBucket(ctx context.Context, bucket string, target *madmin.BucketTarget) (string, error) { - return ac.client.SetRemoteTarget(ctx, bucket, target) +func (ac AdminClient) addRemoteBucket(ctx context.Context, bucket string, target *madmin.BucketTarget) (string, error) { + return ac.Client.SetRemoteTarget(ctx, bucket, target) } -func (ac adminClient) setBucketQuota(ctx context.Context, bucket string, quota *madmin.BucketQuota) error { - return ac.client.SetBucketQuota(ctx, bucket, quota) +func (ac AdminClient) setBucketQuota(ctx context.Context, bucket string, quota *madmin.BucketQuota) error { + return ac.Client.SetBucketQuota(ctx, bucket, quota) } -func (ac adminClient) getBucketQuota(ctx context.Context, bucket string) (madmin.BucketQuota, error) { - return ac.client.GetBucketQuota(ctx, bucket) +func (ac AdminClient) getBucketQuota(ctx context.Context, bucket string) (madmin.BucketQuota, error) { + return ac.Client.GetBucketQuota(ctx, bucket) } // serverHealthInfo implements mc.ServerHealthInfo - Connect to a minio server and call Health Info Management API -func (ac adminClient) serverHealthInfo(ctx context.Context, healthDataTypes []madmin.HealthDataType, deadline time.Duration) (interface{}, string, error) { - resp, version, err := ac.client.ServerHealthInfo(ctx, healthDataTypes, deadline) +func (ac AdminClient) serverHealthInfo(ctx context.Context, healthDataTypes []madmin.HealthDataType, deadline time.Duration) (interface{}, string, error) { + resp, version, err := ac.Client.ServerHealthInfo(ctx, healthDataTypes, deadline) if err != nil { return nil, version, err } @@ -378,21 +378,21 @@ func (ac adminClient) serverHealthInfo(ctx context.Context, healthDataTypes []ma } // implements madmin.listTiers() -func (ac adminClient) listTiers(ctx context.Context) ([]*madmin.TierConfig, error) { - return ac.client.ListTiers(ctx) +func (ac AdminClient) listTiers(ctx context.Context) ([]*madmin.TierConfig, error) { + return ac.Client.ListTiers(ctx) } // implements madmin.AddTier() -func (ac adminClient) addTier(ctx context.Context, cfg *madmin.TierConfig) error { - return ac.client.AddTier(ctx, cfg) +func (ac AdminClient) addTier(ctx context.Context, cfg *madmin.TierConfig) error { + return ac.Client.AddTier(ctx, cfg) } // implements madmin.EditTier() -func (ac adminClient) editTierCreds(ctx context.Context, tierName string, creds madmin.TierCreds) error { - return ac.client.EditTier(ctx, tierName, creds) +func (ac AdminClient) editTierCreds(ctx context.Context, tierName string, creds madmin.TierCreds) error { + return ac.Client.EditTier(ctx, tierName, creds) } -func newAdminClient(sessionClaims *models.Principal) (*madmin.AdminClient, error) { +func NewMinioAdminClient(sessionClaims *models.Principal) (*madmin.AdminClient, error) { adminClient, err := newAdminFromClaims(sessionClaims) if err != nil { return nil, err diff --git a/restapi/client.go b/restapi/client.go index 639a96054..2e1b324ab 100644 --- a/restapi/client.go +++ b/restapi/client.go @@ -267,28 +267,28 @@ type ConsoleCredentialsI interface { } // Interface implementation -type consoleCredentials struct { - consoleCredentials *credentials.Credentials - accountAccessKey string - actions []string +type ConsoleCredentials struct { + ConsoleCredentials *credentials.Credentials + AccountAccessKey string + Actions []string } -func (c consoleCredentials) GetActions() []string { - return c.actions +func (c ConsoleCredentials) GetActions() []string { + return c.Actions } -func (c consoleCredentials) GetAccountAccessKey() string { - return c.accountAccessKey +func (c ConsoleCredentials) GetAccountAccessKey() string { + return c.AccountAccessKey } -// implements *Login.Get() -func (c consoleCredentials) Get() (credentials.Value, error) { - return c.consoleCredentials.Get() +// Get implements *Login.Get() +func (c ConsoleCredentials) Get() (credentials.Value, error) { + return c.ConsoleCredentials.Get() } -// implements *Login.Expire() -func (c consoleCredentials) Expire() { - c.consoleCredentials.Expire() +// Expire implements *Login.Expire() +func (c ConsoleCredentials) Expire() { + c.ConsoleCredentials.Expire() } // consoleSTSAssumeRole it's a STSAssumeRole wrapper, in general @@ -306,7 +306,7 @@ func (s consoleSTSAssumeRole) IsExpired() bool { return s.stsAssumeRole.IsExpired() } -func newConsoleCredentials(accessKey, secretKey, location string) (*credentials.Credentials, error) { +func NewConsoleCredentials(accessKey, secretKey, location string) (*credentials.Credentials, error) { // Future authentication methods can be added under this switch statement switch { // authentication for Operator Console @@ -356,7 +356,7 @@ func getConsoleCredentialsFromSession(claims *models.Principal) *credentials.Cre return credentials.NewStaticV4(claims.STSAccessKeyID, claims.STSSecretAccessKey, claims.STSSessionToken) } -// newMinioClient creates a new MinIO client based on the consoleCredentials extracted +// newMinioClient creates a new MinIO client based on the ConsoleCredentials extracted // from the provided session token func newMinioClient(claims *models.Principal) (*minio.Client, error) { creds := getConsoleCredentialsFromSession(claims) diff --git a/restapi/config.go b/restapi/config.go index f5f78c3f5..592a43376 100644 --- a/restapi/config.go +++ b/restapi/config.go @@ -18,7 +18,6 @@ package restapi import ( "crypto/x509" - "io/ioutil" "net" "strconv" "strings" @@ -51,17 +50,11 @@ var ( LicenseKey = "" ) -var consoleImage string - -func init() { - consoleImage = env.Get(ConsoleOperatorConsoleImage, ConsoleImageDefaultVersion) -} - func getMinIOServer() string { return strings.TrimSpace(env.Get(ConsoleMinIOServer, "http://localhost:9000")) } -func getMinIORegion() string { +func GetMinIORegion() string { return strings.TrimSpace(env.Get(ConsoleMinIORegion, "")) } @@ -127,7 +120,7 @@ func GetTLSRedirect() string { } // Get secure middleware env variable configurations -func getSecureAllowedHosts() []string { +func GetSecureAllowedHosts() []string { allowedHosts := env.Get(ConsoleSecureAllowedHosts, "") if allowedHosts != "" { return strings.Split(allowedHosts, ",") @@ -136,39 +129,39 @@ func getSecureAllowedHosts() []string { } // AllowedHostsAreRegex determines, if the provided AllowedHosts slice contains valid regular expressions. Default is false. -func getSecureAllowedHostsAreRegex() bool { +func GetSecureAllowedHostsAreRegex() bool { return strings.ToLower(env.Get(ConsoleSecureAllowedHostsAreRegex, "off")) == "on" } // If FrameDeny is set to true, adds the X-Frame-Options header with the value of `DENY`. Default is true. -func getSecureFrameDeny() bool { +func GetSecureFrameDeny() bool { return strings.ToLower(env.Get(ConsoleSecureFrameDeny, "on")) == "on" } // If ContentTypeNosniff is true, adds the X-Content-Type-Options header with the value `nosniff`. Default is true. -func getSecureContentTypeNonSniff() bool { +func GetSecureContentTypeNonSniff() bool { return strings.ToLower(env.Get(ConsoleSecureContentTypeNoSniff, "on")) == "on" } // If BrowserXssFilter is true, adds the X-XSS-Protection header with the value `1; mode=block`. Default is true. -func getSecureBrowserXSSFilter() bool { +func GetSecureBrowserXSSFilter() bool { return strings.ToLower(env.Get(ConsoleSecureBrowserXSSFilter, "on")) == "on" } // ContentSecurityPolicy allows the Content-Security-Policy header value to be set with a custom value. Default is "". // Passing a template string will replace `$NONCE` with a dynamic nonce value of 16 bytes for each request which can be // later retrieved using the Nonce function. -func getSecureContentSecurityPolicy() string { +func GetSecureContentSecurityPolicy() string { return env.Get(ConsoleSecureContentSecurityPolicy, "") } // ContentSecurityPolicyReportOnly allows the Content-Security-Policy-Report-Only header value to be set with a custom value. Default is "". -func getSecureContentSecurityPolicyReportOnly() string { +func GetSecureContentSecurityPolicyReportOnly() string { return env.Get(ConsoleSecureContentSecurityPolicyReportOnly, "") } // HostsProxyHeaders is a set of header keys that may hold a proxied hostname value for the request. -func getSecureHostsProxyHeaders() []string { +func GetSecureHostsProxyHeaders() []string { allowedHosts := env.Get(ConsoleSecureHostsProxyHeaders, "") if allowedHosts != "" { return strings.Split(allowedHosts, ",") @@ -177,12 +170,12 @@ func getSecureHostsProxyHeaders() []string { } // TLSHost is the host name that is used to redirect HTTP requests to HTTPS. Default is "", which indicates to use the same host. -func getSecureTLSHost() string { +func GetSecureTLSHost() string { return env.Get(ConsoleSecureTLSHost, net.JoinHostPort(Hostname, TLSPort)) } // STSSeconds is the max-age of the Strict-Transport-Security header. Default is 0, which would NOT include the header. -func getSecureSTSSeconds() int64 { +func GetSecureSTSSeconds() int64 { seconds, err := strconv.Atoi(env.Get(ConsoleSecureSTSSeconds, "0")) if err != nil { seconds = 0 @@ -191,41 +184,41 @@ func getSecureSTSSeconds() int64 { } // If STSIncludeSubdomains is set to true, the `includeSubdomains` will be appended to the Strict-Transport-Security header. Default is false. -func getSecureSTSIncludeSubdomains() bool { +func GetSecureSTSIncludeSubdomains() bool { return strings.ToLower(env.Get(ConsoleSecureSTSIncludeSubdomains, "off")) == "on" } // If STSPreload is set to true, the `preload` flag will be appended to the Strict-Transport-Security header. Default is false. -func getSecureSTSPreload() bool { +func GetSecureSTSPreload() bool { return strings.ToLower(env.Get(ConsoleSecureSTSPreload, "off")) == "on" } // If TLSTemporaryRedirect is true, the a 302 will be used while redirecting. Default is false (301). -func getSecureTLSTemporaryRedirect() bool { +func GetSecureTLSTemporaryRedirect() bool { return strings.ToLower(env.Get(ConsoleSecureTLSTemporaryRedirect, "off")) == "on" } // STS header is only included when the connection is HTTPS. -func getSecureForceSTSHeader() bool { +func GetSecureForceSTSHeader() bool { return strings.ToLower(env.Get(ConsoleSecureForceSTSHeader, "off")) == "on" } // PublicKey implements HPKP to prevent MITM attacks with forged certificates. Default is "". -func getSecurePublicKey() string { +func GetSecurePublicKey() string { return env.Get(ConsoleSecurePublicKey, "") } // ReferrerPolicy allows the Referrer-Policy header with the value to be set with a custom value. Default is "". -func getSecureReferrerPolicy() string { +func GetSecureReferrerPolicy() string { return env.Get(ConsoleSecureReferrerPolicy, "") } // FeaturePolicy allows the Feature-Policy header with the value to be set with a custom value. Default is "". -func getSecureFeaturePolicy() string { +func GetSecureFeaturePolicy() string { return env.Get(ConsoleSecureFeaturePolicy, "") } -func getSecureExpectCTHeader() string { +func GetSecureExpectCTHeader() string { return env.Get(ConsoleSecureExpectCTHeader, "") } @@ -267,17 +260,3 @@ var ( // GlobalTLSCertsManager custom TLS Manager for SNI support GlobalTLSCertsManager *xcerts.Manager ) - -// getK8sSAToken assumes the plugin is running inside a k8s pod and extract the current service account from the -// /var/run/secrets/kubernetes.io/serviceaccount/token file -func getK8sSAToken() string { - dat, err := ioutil.ReadFile("/var/run/secrets/kubernetes.io/serviceaccount/token") - if err != nil { - return env.Get(ConsoleOperatorSAToken, "") - } - return string(dat) -} - -func getConsoleImage() string { - return consoleImage -} diff --git a/restapi/configure_console.go b/restapi/configure_console.go index 0c1ff74af..1524afccb 100644 --- a/restapi/configure_console.go +++ b/restapi/configure_console.go @@ -115,28 +115,13 @@ func configureAPI(api *operations.ConsoleAPI) http.Handler { registerAdminTiersHandlers(api) // Operator Console - // Register tenant handlers - registerTenantHandlers(api) - // Register admin info handlers - registerOperatorTenantInfoHandlers(api) - // Register ResourceQuota handlers - registerResourceQuotaHandlers(api) - // Register Nodes' handlers - registerNodesHandlers(api) - // Register Parity' handlers - registerParityHandlers(api) + // Register Object's Handlers registerObjectsHandlers(api) // Register Bucket Quota's Handlers registerBucketQuotaHandlers(api) // Register Account handlers registerAccountHandlers(api) - // Direct CSI handlers - registerDirectCSIHandlers(api) - // Volumes handlers - registerVolumesHandlers(api) - // Namespaces handlers - registerNamespaceHandlers(api) api.PreServerShutdown = func() {} @@ -167,26 +152,26 @@ func setupGlobalMiddleware(handler http.Handler) http.Handler { // Secure middleware, this middleware wrap all the previous handlers and add // HTTP security headers secureOptions := secure.Options{ - AllowedHosts: getSecureAllowedHosts(), - AllowedHostsAreRegex: getSecureAllowedHostsAreRegex(), - HostsProxyHeaders: getSecureHostsProxyHeaders(), + AllowedHosts: GetSecureAllowedHosts(), + AllowedHostsAreRegex: GetSecureAllowedHostsAreRegex(), + HostsProxyHeaders: GetSecureHostsProxyHeaders(), SSLRedirect: GetTLSRedirect() == "on" && len(GlobalPublicCerts) > 0, - SSLHost: getSecureTLSHost(), - STSSeconds: getSecureSTSSeconds(), - STSIncludeSubdomains: getSecureSTSIncludeSubdomains(), - STSPreload: getSecureSTSPreload(), - SSLTemporaryRedirect: getSecureTLSTemporaryRedirect(), + SSLHost: GetSecureTLSHost(), + STSSeconds: GetSecureSTSSeconds(), + STSIncludeSubdomains: GetSecureSTSIncludeSubdomains(), + STSPreload: GetSecureSTSPreload(), + SSLTemporaryRedirect: GetSecureTLSTemporaryRedirect(), SSLHostFunc: nil, - ForceSTSHeader: getSecureForceSTSHeader(), - FrameDeny: getSecureFrameDeny(), - ContentTypeNosniff: getSecureContentTypeNonSniff(), - BrowserXssFilter: getSecureBrowserXSSFilter(), - ContentSecurityPolicy: getSecureContentSecurityPolicy(), - ContentSecurityPolicyReportOnly: getSecureContentSecurityPolicyReportOnly(), - PublicKey: getSecurePublicKey(), - ReferrerPolicy: getSecureReferrerPolicy(), - FeaturePolicy: getSecureFeaturePolicy(), - ExpectCTHeader: getSecureExpectCTHeader(), + ForceSTSHeader: GetSecureForceSTSHeader(), + FrameDeny: GetSecureFrameDeny(), + ContentTypeNosniff: GetSecureContentTypeNonSniff(), + BrowserXssFilter: GetSecureBrowserXSSFilter(), + ContentSecurityPolicy: GetSecureContentSecurityPolicy(), + ContentSecurityPolicyReportOnly: GetSecureContentSecurityPolicyReportOnly(), + PublicKey: GetSecurePublicKey(), + ReferrerPolicy: GetSecureReferrerPolicy(), + FeaturePolicy: GetSecureFeaturePolicy(), + ExpectCTHeader: GetSecureExpectCTHeader(), IsDevelopment: false, } secureMiddleware := secure.New(secureOptions) diff --git a/restapi/consts.go b/restapi/consts.go index 369570d37..f04e819ce 100644 --- a/restapi/consts.go +++ b/restapi/consts.go @@ -48,23 +48,16 @@ const ( ConsoleSecureReferrerPolicy = "CONSOLE_SECURE_REFERRER_POLICY" ConsoleSecureFeaturePolicy = "CONSOLE_SECURE_FEATURE_POLICY" ConsoleSecureExpectCTHeader = "CONSOLE_SECURE_EXPECT_CT_HEADER" - ConsoleOperatorSAToken = "CONSOLE_OPERATOR_SA_TOKEN" ConsoleOperatorConsoleImage = "CONSOLE_OPERATOR_CONSOLE_IMAGE" PrometheusURL = "CONSOLE_PROMETHEUS_URL" PrometheusJobID = "CONSOLE_PROMETHEUS_JOB_ID" ConsoleLogQueryURL = "CONSOLE_LOG_QUERY_URL" ConsoleLogQueryAuthToken = "CONSOLE_LOG_QUERY_AUTH_TOKEN" LogSearchQueryAuthToken = "LOGSEARCH_QUERY_AUTH_TOKEN" - - // Constants for prometheus annotations - prometheusPath = "prometheus.io/path" - prometheusPort = "prometheus.io/port" - prometheusScrape = "prometheus.io/scrape" ) // Image versions const ( - KESImageVersion = "minio/kes:v0.13.4" ConsoleImageDefaultVersion = "minio/console:v0.7.5" ) diff --git a/restapi/embedded_spec.go b/restapi/embedded_spec.go index 73a464493..49844df89 100644 --- a/restapi/embedded_spec.go +++ b/restapi/embedded_spec.go @@ -1746,39 +1746,6 @@ func init() { } } }, - "/cluster/max-allocatable-memory": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Get maximum allocatable memory for given number of nodes", - "operationId": "GetMaxAllocatableMem", - "parameters": [ - { - "minimum": 1, - "type": "integer", - "format": "int32", - "name": "num_nodes", - "in": "query", - "required": true - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/maxAllocatableMemResponse" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, "/configs": { "get": { "tags": [ @@ -1884,148 +1851,6 @@ func init() { } } }, - "/direct-csi/drives": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Get direct-csi drives list", - "operationId": "GetDirectCSIDriveList", - "parameters": [ - { - "type": "string", - "name": "nodes", - "in": "query" - }, - { - "type": "string", - "name": "drives", - "in": "query" - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/getDirectCSIDriveListResponse" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/direct-csi/drives/format": { - "post": { - "tags": [ - "AdminAPI" - ], - "summary": "Format direct-csi drives from a list", - "operationId": "DirectCSIFormatDrive", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/formatConfiguration" - } - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/formatDirectCSIDrivesResponse" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/direct-csi/volumes": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Get direct-csi volumes list", - "operationId": "GetDirectCSIVolumeList", - "parameters": [ - { - "type": "string", - "name": "nodes", - "in": "query" - }, - { - "type": "string", - "name": "drives", - "in": "query" - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/getDirectCSIVolumeListResponse" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/get-parity/{nodes}/{disksPerNode}": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Gets parity by sending number of nodes \u0026 number of disks", - "operationId": "GetParity", - "parameters": [ - { - "minimum": 2, - "type": "integer", - "name": "nodes", - "in": "path", - "required": true - }, - { - "minimum": 1, - "type": "integer", - "name": "disksPerNode", - "in": "path", - "required": true - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/parityResponse" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, "/groups": { "get": { "tags": [ @@ -2251,29 +2076,6 @@ func init() { } } }, - "/list-pvcs": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "List all PVCs from namespaces that the user has access to", - "operationId": "ListPVCs", - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/listPVCsResponse" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, "/login": { "get": { "security": [], @@ -2482,881 +2284,6 @@ func init() { } } }, - "/namespace": { - "post": { - "tags": [ - "AdminAPI" - ], - "summary": "Creates a new Namespace with given information", - "operationId": "CreateNamespace", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/namespace" - } - } - ], - "responses": { - "201": { - "description": "A successful response." - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/resourcequotas/{resource-quota-name}": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Get Resource Quota", - "operationId": "GetResourceQuota", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "resource-quota-name", - "in": "path", - "required": true - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/resourceQuota" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/tenants": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "List Tenants by Namespace", - "operationId": "ListTenants", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "sort_by", - "in": "query" - }, - { - "type": "integer", - "format": "int32", - "name": "offset", - "in": "query" - }, - { - "type": "integer", - "format": "int32", - "name": "limit", - "in": "query" - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/listTenantsResponse" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/tenants/{tenant}": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Tenant Details", - "operationId": "TenantDetails", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/tenant" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - }, - "put": { - "tags": [ - "AdminAPI" - ], - "summary": "Update Tenant", - "operationId": "UpdateTenant", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - }, - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/updateTenantRequest" - } - } - ], - "responses": { - "201": { - "description": "A successful response." - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - }, - "delete": { - "tags": [ - "AdminAPI" - ], - "summary": "Delete tenant and underlying pvcs", - "operationId": "DeleteTenant", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - }, - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/deleteTenantRequest" - } - } - ], - "responses": { - "204": { - "description": "A successful response." - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/tenants/{tenant}/certificates": { - "put": { - "tags": [ - "AdminAPI" - ], - "summary": "Tenant Update Certificates", - "operationId": "TenantUpdateCertificate", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - }, - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/tlsConfiguration" - } - } - ], - "responses": { - "201": { - "description": "A successful response." - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/tenants/{tenant}/encryption": { - "put": { - "tags": [ - "AdminAPI" - ], - "summary": "Tenant Update Encryption", - "operationId": "TenantUpdateEncryption", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - }, - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/encryptionConfiguration" - } - } - ], - "responses": { - "201": { - "description": "A successful response." - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/tenants/{tenant}/info": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Tenant Info", - "operationId": "TenantInfo", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/adminInfoResponse" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/tenants/{tenant}/info/widgets/{widgetId}": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Returns information about a tenant deployment", - "operationId": "TenantWidgetDetails", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - }, - { - "type": "integer", - "format": "int32", - "name": "widgetId", - "in": "path", - "required": true - }, - { - "type": "integer", - "name": "start", - "in": "query" - }, - { - "type": "integer", - "name": "end", - "in": "query" - }, - { - "type": "integer", - "format": "int32", - "name": "step", - "in": "query" - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/widgetDetails" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/tenants/{tenant}/pods": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Get Pods For The Tenant", - "operationId": "GetTenantPods", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "type": "array", - "items": { - "$ref": "#/definitions/tenantPod" - } - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/tenants/{tenant}/pods/{podName}": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Get Logs for Pod", - "operationId": "GetPodLogs", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "podName", - "in": "path", - "required": true - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "type": "string" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - }, - "delete": { - "tags": [ - "AdminAPI" - ], - "summary": "Delete pod", - "operationId": "DeletePod", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "podName", - "in": "path", - "required": true - } - ], - "responses": { - "204": { - "description": "A successful response." - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/tenants/{tenant}/pods/{podName}/events": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Get Events for Pod", - "operationId": "GetPodEvents", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "podName", - "in": "path", - "required": true - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/eventListWrapper" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/tenants/{tenant}/pools": { - "put": { - "tags": [ - "AdminAPI" - ], - "summary": "Tenant Update Pools", - "operationId": "TenantUpdatePools", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - }, - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/poolUpdateRequest" - } - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/tenant" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - }, - "post": { - "tags": [ - "AdminAPI" - ], - "summary": "Tenant Add Pool", - "operationId": "TenantAddPool", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - }, - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/pool" - } - } - ], - "responses": { - "201": { - "description": "A successful response." - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/tenants/{tenant}/security": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Tenant Security", - "operationId": "TenantSecurity", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/tenantSecurityResponse" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - }, - "post": { - "tags": [ - "AdminAPI" - ], - "summary": "Update Tenant Security", - "operationId": "UpdateTenantSecurity", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - }, - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/updateTenantSecurityRequest" - } - } - ], - "responses": { - "204": { - "description": "A successful response." - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/tenants/{tenant}/usage": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Get Usage For The Tenant", - "operationId": "GetTenantUsage", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/tenantUsage" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/tenants/{tenant}/yaml": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Get the Tenant YAML", - "operationId": "GetTenantYAML", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/tenantYAML" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - }, - "put": { - "tags": [ - "AdminAPI" - ], - "summary": "Put the Tenant YAML", - "operationId": "PutTenantYAML", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - }, - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/tenantYAML" - } - } - ], - "responses": { - "201": { - "description": "A successful response." - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/nodes/labels": { - "get": { - "tags": [ - "OperatorAPI" - ], - "summary": "List node labels", - "operationId": "ListNodeLabels", - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/nodeLabels" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, "/policies": { "get": { "tags": [ @@ -3959,40 +2886,6 @@ func init() { } } }, - "/subscription/namespaces/{namespace}/tenants/{tenant}/activate": { - "post": { - "tags": [ - "AdminAPI" - ], - "summary": "Activate a particular tenant using the existing subscription license", - "operationId": "SubscriptionActivate", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - } - ], - "responses": { - "204": { - "description": "A successful response." - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, "/subscription/refresh": { "post": { "tags": [ @@ -4049,79 +2942,6 @@ func init() { } } }, - "/tenants": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "List Tenant of All Namespaces", - "operationId": "ListAllTenants", - "parameters": [ - { - "type": "string", - "name": "sort_by", - "in": "query" - }, - { - "type": "integer", - "format": "int32", - "name": "offset", - "in": "query" - }, - { - "type": "integer", - "format": "int32", - "name": "limit", - "in": "query" - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/listTenantsResponse" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - }, - "post": { - "tags": [ - "AdminAPI" - ], - "summary": "Create Tenant", - "operationId": "CreateTenant", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/createTenantRequest" - } - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/createTenantResponse" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, "/users": { "get": { "tags": [ @@ -4559,51 +3379,6 @@ func init() { } } }, - "awsConfiguration": { - "type": "object", - "required": [ - "secretsmanager" - ], - "properties": { - "secretsmanager": { - "type": "object", - "required": [ - "endpoint", - "region", - "credentials" - ], - "properties": { - "credentials": { - "type": "object", - "required": [ - "accesskey", - "secretkey" - ], - "properties": { - "accesskey": { - "type": "string" - }, - "secretkey": { - "type": "string" - }, - "token": { - "type": "string" - } - } - }, - "endpoint": { - "type": "string" - }, - "kmskey": { - "type": "string" - }, - "region": { - "type": "string" - } - } - } - } - }, "bucket": { "type": "object", "required": [ @@ -4866,26 +3641,6 @@ func init() { } } }, - "certificateInfo": { - "type": "object", - "properties": { - "domains": { - "type": "array", - "items": { - "type": "string" - } - }, - "expiry": { - "type": "string" - }, - "name": { - "type": "string" - }, - "serialNumber": { - "type": "string" - } - } - }, "changeUserPasswordRequest": { "type": "object", "required": [ @@ -4937,21 +3692,6 @@ func init() { } } }, - "consoleConfiguration": { - "allOf": [ - { - "$ref": "#/definitions/metadataFields" - }, - { - "type": "object", - "properties": { - "image": { - "type": "string" - } - } - } - ] - }, "createRemoteBucket": { "required": [ "accessKey", @@ -4999,138 +3739,6 @@ func init() { } } }, - "createTenantRequest": { - "type": "object", - "required": [ - "name", - "namespace", - "pools" - ], - "properties": { - "access_key": { - "type": "string" - }, - "annotations": { - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "console": { - "type": "object", - "$ref": "#/definitions/consoleConfiguration" - }, - "console_image": { - "type": "string" - }, - "enable_console": { - "type": "boolean", - "default": true - }, - "enable_prometheus": { - "type": "boolean", - "default": false - }, - "enable_tls": { - "type": "boolean", - "default": true - }, - "encryption": { - "type": "object", - "$ref": "#/definitions/encryptionConfiguration" - }, - "erasureCodingParity": { - "type": "integer" - }, - "expose_console": { - "type": "boolean" - }, - "expose_minio": { - "type": "boolean" - }, - "idp": { - "type": "object", - "$ref": "#/definitions/idpConfiguration" - }, - "image": { - "type": "string" - }, - "image_pull_secret": { - "type": "string" - }, - "image_registry": { - "$ref": "#/definitions/imageRegistry" - }, - "labels": { - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "logSearchConfiguration": { - "$ref": "#/definitions/logSearchConfiguration" - }, - "mounth_path": { - "type": "string" - }, - "name": { - "type": "string", - "pattern": "^[a-z0-9-]{3,63}$" - }, - "namespace": { - "type": "string" - }, - "pools": { - "type": "array", - "items": { - "$ref": "#/definitions/pool" - } - }, - "prometheusConfiguration": { - "$ref": "#/definitions/prometheusConfiguration" - }, - "secret_key": { - "type": "string" - }, - "tls": { - "type": "object", - "$ref": "#/definitions/tlsConfiguration" - } - } - }, - "createTenantResponse": { - "type": "object", - "properties": { - "console": { - "type": "array", - "items": { - "$ref": "#/definitions/tenantResponseItem" - } - } - } - }, - "csiFormatErrorResponse": { - "type": "object", - "properties": { - "drive": { - "type": "string" - }, - "error": { - "type": "string" - }, - "node": { - "type": "string" - } - } - }, - "deleteTenantRequest": { - "type": "object", - "properties": { - "delete_pvcs": { - "type": "boolean" - } - } - }, "directCSIDriveInfo": { "type": "object", "properties": { @@ -5178,48 +3786,6 @@ func init() { } } }, - "encryptionConfiguration": { - "allOf": [ - { - "$ref": "#/definitions/metadataFields" - }, - { - "type": "object", - "properties": { - "aws": { - "type": "object", - "$ref": "#/definitions/awsConfiguration" - }, - "client": { - "type": "object", - "$ref": "#/definitions/keyPairConfiguration" - }, - "gcp": { - "type": "object", - "$ref": "#/definitions/gcpConfiguration" - }, - "gemalto": { - "type": "object", - "$ref": "#/definitions/gemaltoConfiguration" - }, - "image": { - "type": "string" - }, - "replicas": { - "type": "string" - }, - "server": { - "type": "object", - "$ref": "#/definitions/keyPairConfiguration" - }, - "vault": { - "type": "object", - "$ref": "#/definitions/vaultConfiguration" - } - } - } - ] - }, "error": { "type": "object", "required": [ @@ -5235,36 +3801,6 @@ func init() { } } }, - "eventListElement": { - "type": "object", - "properties": { - "event_type": { - "type": "string" - }, - "last_seen": { - "type": "integer", - "format": "int64" - }, - "message": { - "type": "string" - }, - "namespace": { - "type": "string" - }, - "object": { - "type": "string" - }, - "reason": { - "type": "string" - } - } - }, - "eventListWrapper": { - "type": "array", - "items": { - "$ref": "#/definitions/eventListElement" - } - }, "expirationResponse": { "type": "object", "properties": { @@ -5299,106 +3835,6 @@ func init() { } } }, - "formatDirectCSIDrivesResponse": { - "type": "object", - "properties": { - "formatIssuesList": { - "type": "array", - "items": { - "$ref": "#/definitions/csiFormatErrorResponse" - } - } - } - }, - "gcpConfiguration": { - "type": "object", - "required": [ - "secretmanager" - ], - "properties": { - "secretmanager": { - "type": "object", - "required": [ - "project_id" - ], - "properties": { - "credentials": { - "type": "object", - "properties": { - "client_email": { - "type": "string" - }, - "client_id": { - "type": "string" - }, - "private_key": { - "type": "string" - }, - "private_key_id": { - "type": "string" - } - } - }, - "endpoint": { - "type": "string" - }, - "project_id": { - "type": "string" - } - } - } - } - }, - "gemaltoConfiguration": { - "type": "object", - "required": [ - "keysecure" - ], - "properties": { - "keysecure": { - "type": "object", - "required": [ - "endpoint", - "credentials" - ], - "properties": { - "credentials": { - "type": "object", - "required": [ - "token", - "domain" - ], - "properties": { - "domain": { - "type": "string" - }, - "retry": { - "type": "integer", - "format": "int64" - }, - "token": { - "type": "string" - } - } - }, - "endpoint": { - "type": "string" - }, - "tls": { - "type": "object", - "required": [ - "ca" - ], - "properties": { - "ca": { - "type": "string" - } - } - } - } - } - } - }, "getBucketRetentionConfig": { "type": "object", "properties": { @@ -5558,25 +3994,6 @@ func init() { } } }, - "imageRegistry": { - "type": "object", - "required": [ - "registry", - "username", - "password" - ], - "properties": { - "password": { - "type": "string" - }, - "registry": { - "type": "string" - }, - "username": { - "type": "string" - } - } - }, "keyPairConfiguration": { "type": "object", "required": [ @@ -5655,7 +4072,7 @@ func init() { "total": { "type": "integer", "format": "int64", - "title": "number of buckets accessible to tenant user" + "title": "number of buckets accessible to the user" } } }, @@ -5736,17 +4153,6 @@ func init() { } } }, - "listPVCsResponse": { - "type": "object", - "properties": { - "pvcs": { - "type": "array", - "items": { - "$ref": "#/definitions/pvcsListResponse" - } - } - } - }, "listPoliciesResponse": { "type": "object", "properties": { @@ -5781,23 +4187,6 @@ func init() { } } }, - "listTenantsResponse": { - "type": "object", - "properties": { - "tenants": { - "type": "array", - "title": "list of resulting tenants", - "items": { - "$ref": "#/definitions/tenantList" - } - }, - "total": { - "type": "integer", - "format": "int64", - "title": "number of tenants accessible to tenant user" - } - } - }, "listUsersResponse": { "type": "object", "properties": { @@ -5926,38 +4315,6 @@ func init() { } } }, - "maxAllocatableMemResponse": { - "type": "object", - "properties": { - "max_memory": { - "type": "integer", - "format": "int64" - } - } - }, - "metadataFields": { - "type": "object", - "properties": { - "annotations": { - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "labels": { - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "node_selector": { - "type": "object", - "additionalProperties": { - "type": "string" - } - } - } - }, "multiBucketReplication": { "required": [ "accessKey", @@ -6056,90 +4413,6 @@ func init() { } } }, - "namespace": { - "type": "object", - "required": [ - "name" - ], - "properties": { - "name": { - "type": "string" - } - } - }, - "nodeLabels": { - "type": "object", - "additionalProperties": { - "type": "array", - "items": { - "type": "string" - } - } - }, - "nodeSelectorTerm": { - "description": "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", - "type": "object", - "properties": { - "matchExpressions": { - "description": "A list of node selector requirements by node's labels.", - "type": "array", - "items": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", - "type": "object", - "required": [ - "key", - "operator" - ], - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", - "type": "string" - }, - "values": { - "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", - "type": "array", - "items": { - "type": "string" - } - } - } - } - }, - "matchFields": { - "description": "A list of node selector requirements by node's fields.", - "type": "array", - "items": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", - "type": "object", - "required": [ - "key", - "operator" - ], - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", - "type": "string" - }, - "values": { - "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", - "type": "array", - "items": { - "type": "string" - } - } - } - } - } - } - }, "nofiticationService": { "type": "string", "enum": [ @@ -6312,12 +4585,6 @@ func init() { "years" ] }, - "parityResponse": { - "type": "array", - "items": { - "type": "string" - } - }, "permissionAction": { "type": "object", "properties": { @@ -6329,68 +4596,6 @@ func init() { } } }, - "podAffinityTerm": { - "description": "Required. A pod affinity term, associated with the corresponding weight.", - "type": "object", - "required": [ - "topologyKey" - ], - "properties": { - "labelSelector": { - "description": "A label query over a set of resources, in this case pods.", - "type": "object", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "type": "array", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", - "type": "object", - "required": [ - "key", - "operator" - ], - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", - "type": "array", - "items": { - "type": "string" - } - } - } - } - }, - "matchLabels": { - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object", - "additionalProperties": { - "type": "string" - } - } - } - }, - "namespaces": { - "description": "namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means \"this pod's namespace\"", - "type": "array", - "items": { - "type": "string" - } - }, - "topologyKey": { - "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", - "type": "string" - } - } - }, "policy": { "type": "object", "properties": { @@ -6424,268 +4629,6 @@ func init() { "group" ] }, - "pool": { - "type": "object", - "required": [ - "servers", - "volumes_per_server", - "volume_configuration" - ], - "properties": { - "affinity": { - "$ref": "#/definitions/poolAffinity" - }, - "name": { - "type": "string" - }, - "node_selector": { - "description": "NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node's labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/", - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "resources": { - "$ref": "#/definitions/poolResources" - }, - "servers": { - "type": "integer" - }, - "tolerations": { - "$ref": "#/definitions/poolTolerations" - }, - "volume_configuration": { - "type": "object", - "required": [ - "size" - ], - "properties": { - "annotations": { - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "labels": { - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "size": { - "type": "integer" - }, - "storage_class_name": { - "type": "string" - } - } - }, - "volumes_per_server": { - "type": "integer", - "format": "int32" - } - } - }, - "poolAffinity": { - "description": "If specified, affinity will define the pod's scheduling constraints", - "type": "object", - "properties": { - "nodeAffinity": { - "description": "Describes node affinity scheduling rules for the pod.", - "type": "object", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.", - "type": "array", - "items": { - "description": "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", - "type": "object", - "required": [ - "preference", - "weight" - ], - "properties": { - "preference": { - "description": "A node selector term, associated with the corresponding weight.", - "type": "object", - "$ref": "#/definitions/nodeSelectorTerm" - }, - "weight": { - "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", - "type": "integer", - "format": "int32" - } - } - } - }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", - "type": "object", - "required": [ - "nodeSelectorTerms" - ], - "properties": { - "nodeSelectorTerms": { - "description": "Required. A list of node selector terms. The terms are ORed.", - "type": "array", - "items": { - "$ref": "#/definitions/nodeSelectorTerm" - } - } - } - } - } - }, - "podAffinity": { - "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, pool, etc. as some other pod(s)).", - "type": "object", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", - "type": "array", - "items": { - "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", - "type": "object", - "required": [ - "podAffinityTerm", - "weight" - ], - "properties": { - "podAffinityTerm": { - "$ref": "#/definitions/podAffinityTerm" - }, - "weight": { - "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", - "type": "integer", - "format": "int32" - } - } - } - }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", - "type": "array", - "items": { - "$ref": "#/definitions/podAffinityTerm" - } - } - } - }, - "podAntiAffinity": { - "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, pool, etc. as some other pod(s)).", - "type": "object", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", - "type": "array", - "items": { - "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", - "type": "object", - "required": [ - "podAffinityTerm", - "weight" - ], - "properties": { - "podAffinityTerm": { - "$ref": "#/definitions/podAffinityTerm" - }, - "weight": { - "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", - "type": "integer", - "format": "int32" - } - } - } - }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", - "type": "array", - "items": { - "$ref": "#/definitions/podAffinityTerm" - } - } - } - } - } - }, - "poolResources": { - "description": "If provided, use these requests and limit for cpu/memory resource allocation", - "type": "object", - "properties": { - "limits": { - "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/", - "type": "object", - "additionalProperties": { - "type": "integer", - "format": "int64" - } - }, - "requests": { - "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/", - "type": "object", - "additionalProperties": { - "type": "integer", - "format": "int64" - } - } - } - }, - "poolTolerationSeconds": { - "description": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.", - "type": "object", - "required": [ - "seconds" - ], - "properties": { - "seconds": { - "type": "integer", - "format": "int64" - } - } - }, - "poolTolerations": { - "description": "Tolerations allows users to set entries like effect, key, operator, value.", - "type": "array", - "items": { - "description": "The pod this Toleration is attached to tolerates any taint that matches the triple \u003ckey,value,effect\u003e using the matching operator \u003coperator\u003e.", - "type": "object", - "properties": { - "effect": { - "description": "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", - "type": "string" - }, - "key": { - "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.", - "type": "string" - }, - "operator": { - "description": "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.", - "type": "string" - }, - "tolerationSeconds": { - "$ref": "#/definitions/poolTolerationSeconds" - }, - "value": { - "description": "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.", - "type": "string" - } - } - } - }, - "poolUpdateRequest": { - "type": "object", - "required": [ - "pools" - ], - "properties": { - "pools": { - "type": "array", - "items": { - "$ref": "#/definitions/pool" - } - } - } - }, "principal": { "type": "object", "properties": { @@ -6807,32 +4750,6 @@ func init() { } } }, - "pvcsListResponse": { - "type": "object", - "properties": { - "age": { - "type": "string" - }, - "capacity": { - "type": "string" - }, - "name": { - "type": "string" - }, - "namespace": { - "type": "string" - }, - "status": { - "type": "string" - }, - "storageClass": { - "type": "string" - }, - "volume": { - "type": "string" - } - } - }, "remoteBucket": { "type": "object", "required": [ @@ -6882,36 +4799,6 @@ func init() { } } }, - "resourceQuota": { - "type": "object", - "properties": { - "elements": { - "type": "array", - "items": { - "$ref": "#/definitions/resourceQuotaElement" - } - }, - "name": { - "type": "string" - } - } - }, - "resourceQuotaElement": { - "type": "object", - "properties": { - "hard": { - "type": "integer", - "format": "int64" - }, - "name": { - "type": "string" - }, - "used": { - "type": "integer", - "format": "int64" - } - } - }, "resultTarget": { "type": "object", "properties": { @@ -7185,240 +5072,6 @@ func init() { } } }, - "tenant": { - "type": "object", - "properties": { - "consoleEnabled": { - "type": "boolean" - }, - "consoleTLS": { - "type": "boolean" - }, - "console_image": { - "type": "string" - }, - "creation_date": { - "type": "string" - }, - "currentState": { - "type": "string" - }, - "deletion_date": { - "type": "string" - }, - "enable_prometheus": { - "type": "boolean" - }, - "encryptionEnabled": { - "type": "boolean" - }, - "endpoints": { - "type": "object", - "properties": { - "console": { - "type": "string" - }, - "minio": { - "type": "string" - } - } - }, - "idpAdEnabled": { - "type": "boolean" - }, - "idpOicEnabled": { - "type": "boolean" - }, - "image": { - "type": "string" - }, - "logEnabled": { - "type": "boolean" - }, - "minioTLS": { - "type": "boolean" - }, - "monitoringEnabled": { - "type": "boolean" - }, - "name": { - "type": "string" - }, - "namespace": { - "type": "string" - }, - "pools": { - "type": "array", - "items": { - "$ref": "#/definitions/pool" - } - }, - "status": { - "$ref": "#/definitions/tenantStatus" - }, - "subnet_license": { - "$ref": "#/definitions/license" - }, - "total_size": { - "type": "integer", - "format": "int64" - } - } - }, - "tenantList": { - "type": "object", - "properties": { - "creation_date": { - "type": "string" - }, - "currentState": { - "type": "string" - }, - "deletion_date": { - "type": "string" - }, - "health_status": { - "type": "string" - }, - "instance_count": { - "type": "integer" - }, - "name": { - "type": "string" - }, - "namespace": { - "type": "string" - }, - "pool_count": { - "type": "integer" - }, - "total_size": { - "type": "integer" - }, - "volume_count": { - "type": "integer" - } - } - }, - "tenantPod": { - "type": "object", - "required": [ - "name" - ], - "properties": { - "name": { - "type": "string" - }, - "node": { - "type": "string" - }, - "podIP": { - "type": "string" - }, - "restarts": { - "type": "integer" - }, - "status": { - "type": "string" - }, - "timeCreated": { - "type": "integer" - } - } - }, - "tenantResponseItem": { - "type": "object", - "properties": { - "access_key": { - "type": "string" - }, - "secret_key": { - "type": "string" - } - } - }, - "tenantSecurityResponse": { - "type": "object", - "properties": { - "autoCert": { - "type": "boolean" - }, - "customCertificates": { - "type": "object", - "properties": { - "console": { - "type": "array", - "items": { - "$ref": "#/definitions/certificateInfo" - } - }, - "consoleCAs": { - "type": "array", - "items": { - "$ref": "#/definitions/certificateInfo" - } - }, - "minio": { - "type": "array", - "items": { - "$ref": "#/definitions/certificateInfo" - } - }, - "minioCAs": { - "type": "array", - "items": { - "$ref": "#/definitions/certificateInfo" - } - } - } - } - } - }, - "tenantStatus": { - "type": "object", - "properties": { - "drives_healing": { - "type": "integer", - "format": "int32" - }, - "drives_offline": { - "type": "integer", - "format": "int32" - }, - "drives_online": { - "type": "integer", - "format": "int32" - }, - "health_status": { - "type": "string" - }, - "write_quorum": { - "type": "integer", - "format": "int32" - } - } - }, - "tenantUsage": { - "type": "object", - "properties": { - "disk_used": { - "type": "integer", - "format": "int64" - }, - "used": { - "type": "integer", - "format": "int64" - } - } - }, - "tenantYAML": { - "type": "object", - "properties": { - "yaml": { - "type": "string" - } - } - }, "tier": { "type": "object", "properties": { @@ -7620,71 +5273,6 @@ func init() { } } }, - "updateTenantRequest": { - "type": "object", - "properties": { - "console_image": { - "type": "string", - "pattern": "^((.*?)/(.*?):(.+))$" - }, - "enable_prometheus": { - "type": "boolean" - }, - "image": { - "type": "string", - "pattern": "^((.*?)/(.*?):(.+))$" - }, - "image_pull_secret": { - "type": "string" - }, - "image_registry": { - "$ref": "#/definitions/imageRegistry" - } - } - }, - "updateTenantSecurityRequest": { - "type": "object", - "properties": { - "autoCert": { - "type": "boolean" - }, - "customCertificates": { - "type": "object", - "properties": { - "console": { - "type": "array", - "items": { - "$ref": "#/definitions/keyPairConfiguration" - } - }, - "consoleCAs": { - "type": "array", - "items": { - "type": "string" - } - }, - "minio": { - "type": "array", - "items": { - "$ref": "#/definitions/keyPairConfiguration" - } - }, - "minioCAs": { - "type": "array", - "items": { - "type": "string" - } - }, - "secretsToBeDeleted": { - "type": "array", - "items": { - "type": "string" - } - } - } - } - } - }, "updateUser": { "type": "object", "required": [ @@ -7740,72 +5328,6 @@ func init() { } } }, - "vaultConfiguration": { - "type": "object", - "required": [ - "endpoint", - "approle" - ], - "properties": { - "approle": { - "type": "object", - "required": [ - "id", - "secret" - ], - "properties": { - "engine": { - "type": "string" - }, - "id": { - "type": "string" - }, - "retry": { - "type": "integer", - "format": "int64" - }, - "secret": { - "type": "string" - } - } - }, - "endpoint": { - "type": "string" - }, - "engine": { - "type": "string" - }, - "namespace": { - "type": "string" - }, - "prefix": { - "type": "string" - }, - "status": { - "type": "object", - "properties": { - "ping": { - "type": "integer", - "format": "int64" - } - } - }, - "tls": { - "type": "object", - "properties": { - "ca": { - "type": "string" - }, - "crt": { - "type": "string" - }, - "key": { - "type": "string" - } - } - } - } - }, "widget": { "type": "object", "properties": { @@ -9622,39 +7144,6 @@ func init() { } } }, - "/cluster/max-allocatable-memory": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Get maximum allocatable memory for given number of nodes", - "operationId": "GetMaxAllocatableMem", - "parameters": [ - { - "minimum": 1, - "type": "integer", - "format": "int32", - "name": "num_nodes", - "in": "query", - "required": true - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/maxAllocatableMemResponse" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, "/configs": { "get": { "tags": [ @@ -9760,148 +7249,6 @@ func init() { } } }, - "/direct-csi/drives": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Get direct-csi drives list", - "operationId": "GetDirectCSIDriveList", - "parameters": [ - { - "type": "string", - "name": "nodes", - "in": "query" - }, - { - "type": "string", - "name": "drives", - "in": "query" - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/getDirectCSIDriveListResponse" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/direct-csi/drives/format": { - "post": { - "tags": [ - "AdminAPI" - ], - "summary": "Format direct-csi drives from a list", - "operationId": "DirectCSIFormatDrive", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/formatConfiguration" - } - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/formatDirectCSIDrivesResponse" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/direct-csi/volumes": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Get direct-csi volumes list", - "operationId": "GetDirectCSIVolumeList", - "parameters": [ - { - "type": "string", - "name": "nodes", - "in": "query" - }, - { - "type": "string", - "name": "drives", - "in": "query" - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/getDirectCSIVolumeListResponse" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/get-parity/{nodes}/{disksPerNode}": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Gets parity by sending number of nodes \u0026 number of disks", - "operationId": "GetParity", - "parameters": [ - { - "minimum": 2, - "type": "integer", - "name": "nodes", - "in": "path", - "required": true - }, - { - "minimum": 1, - "type": "integer", - "name": "disksPerNode", - "in": "path", - "required": true - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/parityResponse" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, "/groups": { "get": { "tags": [ @@ -10127,29 +7474,6 @@ func init() { } } }, - "/list-pvcs": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "List all PVCs from namespaces that the user has access to", - "operationId": "ListPVCs", - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/listPVCsResponse" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, "/login": { "get": { "security": [], @@ -10358,881 +7682,6 @@ func init() { } } }, - "/namespace": { - "post": { - "tags": [ - "AdminAPI" - ], - "summary": "Creates a new Namespace with given information", - "operationId": "CreateNamespace", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/namespace" - } - } - ], - "responses": { - "201": { - "description": "A successful response." - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/resourcequotas/{resource-quota-name}": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Get Resource Quota", - "operationId": "GetResourceQuota", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "resource-quota-name", - "in": "path", - "required": true - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/resourceQuota" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/tenants": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "List Tenants by Namespace", - "operationId": "ListTenants", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "sort_by", - "in": "query" - }, - { - "type": "integer", - "format": "int32", - "name": "offset", - "in": "query" - }, - { - "type": "integer", - "format": "int32", - "name": "limit", - "in": "query" - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/listTenantsResponse" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/tenants/{tenant}": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Tenant Details", - "operationId": "TenantDetails", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/tenant" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - }, - "put": { - "tags": [ - "AdminAPI" - ], - "summary": "Update Tenant", - "operationId": "UpdateTenant", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - }, - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/updateTenantRequest" - } - } - ], - "responses": { - "201": { - "description": "A successful response." - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - }, - "delete": { - "tags": [ - "AdminAPI" - ], - "summary": "Delete tenant and underlying pvcs", - "operationId": "DeleteTenant", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - }, - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/deleteTenantRequest" - } - } - ], - "responses": { - "204": { - "description": "A successful response." - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/tenants/{tenant}/certificates": { - "put": { - "tags": [ - "AdminAPI" - ], - "summary": "Tenant Update Certificates", - "operationId": "TenantUpdateCertificate", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - }, - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/tlsConfiguration" - } - } - ], - "responses": { - "201": { - "description": "A successful response." - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/tenants/{tenant}/encryption": { - "put": { - "tags": [ - "AdminAPI" - ], - "summary": "Tenant Update Encryption", - "operationId": "TenantUpdateEncryption", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - }, - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/encryptionConfiguration" - } - } - ], - "responses": { - "201": { - "description": "A successful response." - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/tenants/{tenant}/info": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Tenant Info", - "operationId": "TenantInfo", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/adminInfoResponse" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/tenants/{tenant}/info/widgets/{widgetId}": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Returns information about a tenant deployment", - "operationId": "TenantWidgetDetails", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - }, - { - "type": "integer", - "format": "int32", - "name": "widgetId", - "in": "path", - "required": true - }, - { - "type": "integer", - "name": "start", - "in": "query" - }, - { - "type": "integer", - "name": "end", - "in": "query" - }, - { - "type": "integer", - "format": "int32", - "name": "step", - "in": "query" - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/widgetDetails" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/tenants/{tenant}/pods": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Get Pods For The Tenant", - "operationId": "GetTenantPods", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "type": "array", - "items": { - "$ref": "#/definitions/tenantPod" - } - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/tenants/{tenant}/pods/{podName}": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Get Logs for Pod", - "operationId": "GetPodLogs", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "podName", - "in": "path", - "required": true - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "type": "string" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - }, - "delete": { - "tags": [ - "AdminAPI" - ], - "summary": "Delete pod", - "operationId": "DeletePod", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "podName", - "in": "path", - "required": true - } - ], - "responses": { - "204": { - "description": "A successful response." - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/tenants/{tenant}/pods/{podName}/events": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Get Events for Pod", - "operationId": "GetPodEvents", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "podName", - "in": "path", - "required": true - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/eventListWrapper" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/tenants/{tenant}/pools": { - "put": { - "tags": [ - "AdminAPI" - ], - "summary": "Tenant Update Pools", - "operationId": "TenantUpdatePools", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - }, - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/poolUpdateRequest" - } - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/tenant" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - }, - "post": { - "tags": [ - "AdminAPI" - ], - "summary": "Tenant Add Pool", - "operationId": "TenantAddPool", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - }, - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/pool" - } - } - ], - "responses": { - "201": { - "description": "A successful response." - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/tenants/{tenant}/security": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Tenant Security", - "operationId": "TenantSecurity", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/tenantSecurityResponse" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - }, - "post": { - "tags": [ - "AdminAPI" - ], - "summary": "Update Tenant Security", - "operationId": "UpdateTenantSecurity", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - }, - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/updateTenantSecurityRequest" - } - } - ], - "responses": { - "204": { - "description": "A successful response." - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/tenants/{tenant}/usage": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Get Usage For The Tenant", - "operationId": "GetTenantUsage", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/tenantUsage" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/namespaces/{namespace}/tenants/{tenant}/yaml": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "Get the Tenant YAML", - "operationId": "GetTenantYAML", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/tenantYAML" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - }, - "put": { - "tags": [ - "AdminAPI" - ], - "summary": "Put the Tenant YAML", - "operationId": "PutTenantYAML", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - }, - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/tenantYAML" - } - } - ], - "responses": { - "201": { - "description": "A successful response." - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, - "/nodes/labels": { - "get": { - "tags": [ - "OperatorAPI" - ], - "summary": "List node labels", - "operationId": "ListNodeLabels", - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/nodeLabels" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, "/policies": { "get": { "tags": [ @@ -11835,40 +8284,6 @@ func init() { } } }, - "/subscription/namespaces/{namespace}/tenants/{tenant}/activate": { - "post": { - "tags": [ - "AdminAPI" - ], - "summary": "Activate a particular tenant using the existing subscription license", - "operationId": "SubscriptionActivate", - "parameters": [ - { - "type": "string", - "name": "namespace", - "in": "path", - "required": true - }, - { - "type": "string", - "name": "tenant", - "in": "path", - "required": true - } - ], - "responses": { - "204": { - "description": "A successful response." - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, "/subscription/refresh": { "post": { "tags": [ @@ -11925,79 +8340,6 @@ func init() { } } }, - "/tenants": { - "get": { - "tags": [ - "AdminAPI" - ], - "summary": "List Tenant of All Namespaces", - "operationId": "ListAllTenants", - "parameters": [ - { - "type": "string", - "name": "sort_by", - "in": "query" - }, - { - "type": "integer", - "format": "int32", - "name": "offset", - "in": "query" - }, - { - "type": "integer", - "format": "int32", - "name": "limit", - "in": "query" - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/listTenantsResponse" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - }, - "post": { - "tags": [ - "AdminAPI" - ], - "summary": "Create Tenant", - "operationId": "CreateTenant", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/createTenantRequest" - } - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/createTenantResponse" - } - }, - "default": { - "description": "Generic error response.", - "schema": { - "$ref": "#/definitions/error" - } - } - } - } - }, "/users": { "get": { "tags": [ @@ -12262,181 +8604,6 @@ func init() { } }, "definitions": { - "AwsConfigurationSecretsmanager": { - "type": "object", - "required": [ - "endpoint", - "region", - "credentials" - ], - "properties": { - "credentials": { - "type": "object", - "required": [ - "accesskey", - "secretkey" - ], - "properties": { - "accesskey": { - "type": "string" - }, - "secretkey": { - "type": "string" - }, - "token": { - "type": "string" - } - } - }, - "endpoint": { - "type": "string" - }, - "kmskey": { - "type": "string" - }, - "region": { - "type": "string" - } - } - }, - "AwsConfigurationSecretsmanagerCredentials": { - "type": "object", - "required": [ - "accesskey", - "secretkey" - ], - "properties": { - "accesskey": { - "type": "string" - }, - "secretkey": { - "type": "string" - }, - "token": { - "type": "string" - } - } - }, - "GcpConfigurationSecretmanager": { - "type": "object", - "required": [ - "project_id" - ], - "properties": { - "credentials": { - "type": "object", - "properties": { - "client_email": { - "type": "string" - }, - "client_id": { - "type": "string" - }, - "private_key": { - "type": "string" - }, - "private_key_id": { - "type": "string" - } - } - }, - "endpoint": { - "type": "string" - }, - "project_id": { - "type": "string" - } - } - }, - "GcpConfigurationSecretmanagerCredentials": { - "type": "object", - "properties": { - "client_email": { - "type": "string" - }, - "client_id": { - "type": "string" - }, - "private_key": { - "type": "string" - }, - "private_key_id": { - "type": "string" - } - } - }, - "GemaltoConfigurationKeysecure": { - "type": "object", - "required": [ - "endpoint", - "credentials" - ], - "properties": { - "credentials": { - "type": "object", - "required": [ - "token", - "domain" - ], - "properties": { - "domain": { - "type": "string" - }, - "retry": { - "type": "integer", - "format": "int64" - }, - "token": { - "type": "string" - } - } - }, - "endpoint": { - "type": "string" - }, - "tls": { - "type": "object", - "required": [ - "ca" - ], - "properties": { - "ca": { - "type": "string" - } - } - } - } - }, - "GemaltoConfigurationKeysecureCredentials": { - "type": "object", - "required": [ - "token", - "domain" - ], - "properties": { - "domain": { - "type": "string" - }, - "retry": { - "type": "integer", - "format": "int64" - }, - "token": { - "type": "string" - } - } - }, - "GemaltoConfigurationKeysecureTLS": { - "type": "object", - "required": [ - "ca" - ], - "properties": { - "ca": { - "type": "string" - } - } - }, "IdpConfigurationActiveDirectory": { "type": "object", "required": [ @@ -12505,413 +8672,6 @@ func init() { } } }, - "NodeSelectorTermMatchExpressionsItems0": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", - "type": "object", - "required": [ - "key", - "operator" - ], - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", - "type": "string" - }, - "values": { - "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "NodeSelectorTermMatchFieldsItems0": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", - "type": "object", - "required": [ - "key", - "operator" - ], - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", - "type": "string" - }, - "values": { - "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "PodAffinityTermLabelSelector": { - "description": "A label query over a set of resources, in this case pods.", - "type": "object", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "type": "array", - "items": { - "$ref": "#/definitions/PodAffinityTermLabelSelectorMatchExpressionsItems0" - } - }, - "matchLabels": { - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object", - "additionalProperties": { - "type": "string" - } - } - } - }, - "PodAffinityTermLabelSelectorMatchExpressionsItems0": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", - "type": "object", - "required": [ - "key", - "operator" - ], - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "PoolAffinityNodeAffinity": { - "description": "Describes node affinity scheduling rules for the pod.", - "type": "object", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.", - "type": "array", - "items": { - "$ref": "#/definitions/PoolAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0" - } - }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", - "type": "object", - "required": [ - "nodeSelectorTerms" - ], - "properties": { - "nodeSelectorTerms": { - "description": "Required. A list of node selector terms. The terms are ORed.", - "type": "array", - "items": { - "$ref": "#/definitions/nodeSelectorTerm" - } - } - } - } - } - }, - "PoolAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0": { - "description": "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", - "type": "object", - "required": [ - "preference", - "weight" - ], - "properties": { - "preference": { - "description": "A node selector term, associated with the corresponding weight.", - "type": "object", - "$ref": "#/definitions/nodeSelectorTerm" - }, - "weight": { - "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", - "type": "integer", - "format": "int32" - } - } - }, - "PoolAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", - "type": "object", - "required": [ - "nodeSelectorTerms" - ], - "properties": { - "nodeSelectorTerms": { - "description": "Required. A list of node selector terms. The terms are ORed.", - "type": "array", - "items": { - "$ref": "#/definitions/nodeSelectorTerm" - } - } - } - }, - "PoolAffinityPodAffinity": { - "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, pool, etc. as some other pod(s)).", - "type": "object", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", - "type": "array", - "items": { - "$ref": "#/definitions/PoolAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0" - } - }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", - "type": "array", - "items": { - "$ref": "#/definitions/podAffinityTerm" - } - } - } - }, - "PoolAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0": { - "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", - "type": "object", - "required": [ - "podAffinityTerm", - "weight" - ], - "properties": { - "podAffinityTerm": { - "$ref": "#/definitions/podAffinityTerm" - }, - "weight": { - "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", - "type": "integer", - "format": "int32" - } - } - }, - "PoolAffinityPodAntiAffinity": { - "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, pool, etc. as some other pod(s)).", - "type": "object", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", - "type": "array", - "items": { - "$ref": "#/definitions/PoolAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0" - } - }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", - "type": "array", - "items": { - "$ref": "#/definitions/podAffinityTerm" - } - } - } - }, - "PoolAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0": { - "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", - "type": "object", - "required": [ - "podAffinityTerm", - "weight" - ], - "properties": { - "podAffinityTerm": { - "$ref": "#/definitions/podAffinityTerm" - }, - "weight": { - "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", - "type": "integer", - "format": "int32" - } - } - }, - "PoolTolerationsItems0": { - "description": "The pod this Toleration is attached to tolerates any taint that matches the triple \u003ckey,value,effect\u003e using the matching operator \u003coperator\u003e.", - "type": "object", - "properties": { - "effect": { - "description": "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", - "type": "string" - }, - "key": { - "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.", - "type": "string" - }, - "operator": { - "description": "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.", - "type": "string" - }, - "tolerationSeconds": { - "$ref": "#/definitions/poolTolerationSeconds" - }, - "value": { - "description": "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.", - "type": "string" - } - } - }, - "PoolVolumeConfiguration": { - "type": "object", - "required": [ - "size" - ], - "properties": { - "annotations": { - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "labels": { - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "size": { - "type": "integer" - }, - "storage_class_name": { - "type": "string" - } - } - }, - "TenantEndpoints": { - "type": "object", - "properties": { - "console": { - "type": "string" - }, - "minio": { - "type": "string" - } - } - }, - "TenantSecurityResponseCustomCertificates": { - "type": "object", - "properties": { - "console": { - "type": "array", - "items": { - "$ref": "#/definitions/certificateInfo" - } - }, - "consoleCAs": { - "type": "array", - "items": { - "$ref": "#/definitions/certificateInfo" - } - }, - "minio": { - "type": "array", - "items": { - "$ref": "#/definitions/certificateInfo" - } - }, - "minioCAs": { - "type": "array", - "items": { - "$ref": "#/definitions/certificateInfo" - } - } - } - }, - "UpdateTenantSecurityRequestCustomCertificates": { - "type": "object", - "properties": { - "console": { - "type": "array", - "items": { - "$ref": "#/definitions/keyPairConfiguration" - } - }, - "consoleCAs": { - "type": "array", - "items": { - "type": "string" - } - }, - "minio": { - "type": "array", - "items": { - "$ref": "#/definitions/keyPairConfiguration" - } - }, - "minioCAs": { - "type": "array", - "items": { - "type": "string" - } - }, - "secretsToBeDeleted": { - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "VaultConfigurationApprole": { - "type": "object", - "required": [ - "id", - "secret" - ], - "properties": { - "engine": { - "type": "string" - }, - "id": { - "type": "string" - }, - "retry": { - "type": "integer", - "format": "int64" - }, - "secret": { - "type": "string" - } - } - }, - "VaultConfigurationStatus": { - "type": "object", - "properties": { - "ping": { - "type": "integer", - "format": "int64" - } - } - }, - "VaultConfigurationTLS": { - "type": "object", - "properties": { - "ca": { - "type": "string" - }, - "crt": { - "type": "string" - }, - "key": { - "type": "string" - } - } - }, "WidgetDetailsOptions": { "type": "object", "properties": { @@ -13139,51 +8899,6 @@ func init() { } } }, - "awsConfiguration": { - "type": "object", - "required": [ - "secretsmanager" - ], - "properties": { - "secretsmanager": { - "type": "object", - "required": [ - "endpoint", - "region", - "credentials" - ], - "properties": { - "credentials": { - "type": "object", - "required": [ - "accesskey", - "secretkey" - ], - "properties": { - "accesskey": { - "type": "string" - }, - "secretkey": { - "type": "string" - }, - "token": { - "type": "string" - } - } - }, - "endpoint": { - "type": "string" - }, - "kmskey": { - "type": "string" - }, - "region": { - "type": "string" - } - } - } - } - }, "bucket": { "type": "object", "required": [ @@ -13446,26 +9161,6 @@ func init() { } } }, - "certificateInfo": { - "type": "object", - "properties": { - "domains": { - "type": "array", - "items": { - "type": "string" - } - }, - "expiry": { - "type": "string" - }, - "name": { - "type": "string" - }, - "serialNumber": { - "type": "string" - } - } - }, "changeUserPasswordRequest": { "type": "object", "required": [ @@ -13517,21 +9212,6 @@ func init() { } } }, - "consoleConfiguration": { - "allOf": [ - { - "$ref": "#/definitions/metadataFields" - }, - { - "type": "object", - "properties": { - "image": { - "type": "string" - } - } - } - ] - }, "createRemoteBucket": { "required": [ "accessKey", @@ -13579,138 +9259,6 @@ func init() { } } }, - "createTenantRequest": { - "type": "object", - "required": [ - "name", - "namespace", - "pools" - ], - "properties": { - "access_key": { - "type": "string" - }, - "annotations": { - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "console": { - "type": "object", - "$ref": "#/definitions/consoleConfiguration" - }, - "console_image": { - "type": "string" - }, - "enable_console": { - "type": "boolean", - "default": true - }, - "enable_prometheus": { - "type": "boolean", - "default": false - }, - "enable_tls": { - "type": "boolean", - "default": true - }, - "encryption": { - "type": "object", - "$ref": "#/definitions/encryptionConfiguration" - }, - "erasureCodingParity": { - "type": "integer" - }, - "expose_console": { - "type": "boolean" - }, - "expose_minio": { - "type": "boolean" - }, - "idp": { - "type": "object", - "$ref": "#/definitions/idpConfiguration" - }, - "image": { - "type": "string" - }, - "image_pull_secret": { - "type": "string" - }, - "image_registry": { - "$ref": "#/definitions/imageRegistry" - }, - "labels": { - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "logSearchConfiguration": { - "$ref": "#/definitions/logSearchConfiguration" - }, - "mounth_path": { - "type": "string" - }, - "name": { - "type": "string", - "pattern": "^[a-z0-9-]{3,63}$" - }, - "namespace": { - "type": "string" - }, - "pools": { - "type": "array", - "items": { - "$ref": "#/definitions/pool" - } - }, - "prometheusConfiguration": { - "$ref": "#/definitions/prometheusConfiguration" - }, - "secret_key": { - "type": "string" - }, - "tls": { - "type": "object", - "$ref": "#/definitions/tlsConfiguration" - } - } - }, - "createTenantResponse": { - "type": "object", - "properties": { - "console": { - "type": "array", - "items": { - "$ref": "#/definitions/tenantResponseItem" - } - } - } - }, - "csiFormatErrorResponse": { - "type": "object", - "properties": { - "drive": { - "type": "string" - }, - "error": { - "type": "string" - }, - "node": { - "type": "string" - } - } - }, - "deleteTenantRequest": { - "type": "object", - "properties": { - "delete_pvcs": { - "type": "boolean" - } - } - }, "directCSIDriveInfo": { "type": "object", "properties": { @@ -13758,48 +9306,6 @@ func init() { } } }, - "encryptionConfiguration": { - "allOf": [ - { - "$ref": "#/definitions/metadataFields" - }, - { - "type": "object", - "properties": { - "aws": { - "type": "object", - "$ref": "#/definitions/awsConfiguration" - }, - "client": { - "type": "object", - "$ref": "#/definitions/keyPairConfiguration" - }, - "gcp": { - "type": "object", - "$ref": "#/definitions/gcpConfiguration" - }, - "gemalto": { - "type": "object", - "$ref": "#/definitions/gemaltoConfiguration" - }, - "image": { - "type": "string" - }, - "replicas": { - "type": "string" - }, - "server": { - "type": "object", - "$ref": "#/definitions/keyPairConfiguration" - }, - "vault": { - "type": "object", - "$ref": "#/definitions/vaultConfiguration" - } - } - } - ] - }, "error": { "type": "object", "required": [ @@ -13815,36 +9321,6 @@ func init() { } } }, - "eventListElement": { - "type": "object", - "properties": { - "event_type": { - "type": "string" - }, - "last_seen": { - "type": "integer", - "format": "int64" - }, - "message": { - "type": "string" - }, - "namespace": { - "type": "string" - }, - "object": { - "type": "string" - }, - "reason": { - "type": "string" - } - } - }, - "eventListWrapper": { - "type": "array", - "items": { - "$ref": "#/definitions/eventListElement" - } - }, "expirationResponse": { "type": "object", "properties": { @@ -13879,106 +9355,6 @@ func init() { } } }, - "formatDirectCSIDrivesResponse": { - "type": "object", - "properties": { - "formatIssuesList": { - "type": "array", - "items": { - "$ref": "#/definitions/csiFormatErrorResponse" - } - } - } - }, - "gcpConfiguration": { - "type": "object", - "required": [ - "secretmanager" - ], - "properties": { - "secretmanager": { - "type": "object", - "required": [ - "project_id" - ], - "properties": { - "credentials": { - "type": "object", - "properties": { - "client_email": { - "type": "string" - }, - "client_id": { - "type": "string" - }, - "private_key": { - "type": "string" - }, - "private_key_id": { - "type": "string" - } - } - }, - "endpoint": { - "type": "string" - }, - "project_id": { - "type": "string" - } - } - } - } - }, - "gemaltoConfiguration": { - "type": "object", - "required": [ - "keysecure" - ], - "properties": { - "keysecure": { - "type": "object", - "required": [ - "endpoint", - "credentials" - ], - "properties": { - "credentials": { - "type": "object", - "required": [ - "token", - "domain" - ], - "properties": { - "domain": { - "type": "string" - }, - "retry": { - "type": "integer", - "format": "int64" - }, - "token": { - "type": "string" - } - } - }, - "endpoint": { - "type": "string" - }, - "tls": { - "type": "object", - "required": [ - "ca" - ], - "properties": { - "ca": { - "type": "string" - } - } - } - } - } - } - }, "getBucketRetentionConfig": { "type": "object", "properties": { @@ -14126,25 +9502,6 @@ func init() { } } }, - "imageRegistry": { - "type": "object", - "required": [ - "registry", - "username", - "password" - ], - "properties": { - "password": { - "type": "string" - }, - "registry": { - "type": "string" - }, - "username": { - "type": "string" - } - } - }, "keyPairConfiguration": { "type": "object", "required": [ @@ -14223,7 +9580,7 @@ func init() { "total": { "type": "integer", "format": "int64", - "title": "number of buckets accessible to tenant user" + "title": "number of buckets accessible to the user" } } }, @@ -14304,17 +9661,6 @@ func init() { } } }, - "listPVCsResponse": { - "type": "object", - "properties": { - "pvcs": { - "type": "array", - "items": { - "$ref": "#/definitions/pvcsListResponse" - } - } - } - }, "listPoliciesResponse": { "type": "object", "properties": { @@ -14349,23 +9695,6 @@ func init() { } } }, - "listTenantsResponse": { - "type": "object", - "properties": { - "tenants": { - "type": "array", - "title": "list of resulting tenants", - "items": { - "$ref": "#/definitions/tenantList" - } - }, - "total": { - "type": "integer", - "format": "int64", - "title": "number of tenants accessible to tenant user" - } - } - }, "listUsersResponse": { "type": "object", "properties": { @@ -14494,38 +9823,6 @@ func init() { } } }, - "maxAllocatableMemResponse": { - "type": "object", - "properties": { - "max_memory": { - "type": "integer", - "format": "int64" - } - } - }, - "metadataFields": { - "type": "object", - "properties": { - "annotations": { - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "labels": { - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "node_selector": { - "type": "object", - "additionalProperties": { - "type": "string" - } - } - } - }, "multiBucketReplication": { "required": [ "accessKey", @@ -14624,46 +9921,6 @@ func init() { } } }, - "namespace": { - "type": "object", - "required": [ - "name" - ], - "properties": { - "name": { - "type": "string" - } - } - }, - "nodeLabels": { - "type": "object", - "additionalProperties": { - "type": "array", - "items": { - "type": "string" - } - } - }, - "nodeSelectorTerm": { - "description": "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", - "type": "object", - "properties": { - "matchExpressions": { - "description": "A list of node selector requirements by node's labels.", - "type": "array", - "items": { - "$ref": "#/definitions/NodeSelectorTermMatchExpressionsItems0" - } - }, - "matchFields": { - "description": "A list of node selector requirements by node's fields.", - "type": "array", - "items": { - "$ref": "#/definitions/NodeSelectorTermMatchFieldsItems0" - } - } - } - }, "nofiticationService": { "type": "string", "enum": [ @@ -14836,12 +10093,6 @@ func init() { "years" ] }, - "parityResponse": { - "type": "array", - "items": { - "type": "string" - } - }, "permissionAction": { "type": "object", "properties": { @@ -14853,46 +10104,6 @@ func init() { } } }, - "podAffinityTerm": { - "description": "Required. A pod affinity term, associated with the corresponding weight.", - "type": "object", - "required": [ - "topologyKey" - ], - "properties": { - "labelSelector": { - "description": "A label query over a set of resources, in this case pods.", - "type": "object", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "type": "array", - "items": { - "$ref": "#/definitions/PodAffinityTermLabelSelectorMatchExpressionsItems0" - } - }, - "matchLabels": { - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object", - "additionalProperties": { - "type": "string" - } - } - } - }, - "namespaces": { - "description": "namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means \"this pod's namespace\"", - "type": "array", - "items": { - "type": "string" - } - }, - "topologyKey": { - "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", - "type": "string" - } - } - }, "policy": { "type": "object", "properties": { @@ -14926,199 +10137,6 @@ func init() { "group" ] }, - "pool": { - "type": "object", - "required": [ - "servers", - "volumes_per_server", - "volume_configuration" - ], - "properties": { - "affinity": { - "$ref": "#/definitions/poolAffinity" - }, - "name": { - "type": "string" - }, - "node_selector": { - "description": "NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node's labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/", - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "resources": { - "$ref": "#/definitions/poolResources" - }, - "servers": { - "type": "integer" - }, - "tolerations": { - "$ref": "#/definitions/poolTolerations" - }, - "volume_configuration": { - "type": "object", - "required": [ - "size" - ], - "properties": { - "annotations": { - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "labels": { - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "size": { - "type": "integer" - }, - "storage_class_name": { - "type": "string" - } - } - }, - "volumes_per_server": { - "type": "integer", - "format": "int32" - } - } - }, - "poolAffinity": { - "description": "If specified, affinity will define the pod's scheduling constraints", - "type": "object", - "properties": { - "nodeAffinity": { - "description": "Describes node affinity scheduling rules for the pod.", - "type": "object", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.", - "type": "array", - "items": { - "$ref": "#/definitions/PoolAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0" - } - }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", - "type": "object", - "required": [ - "nodeSelectorTerms" - ], - "properties": { - "nodeSelectorTerms": { - "description": "Required. A list of node selector terms. The terms are ORed.", - "type": "array", - "items": { - "$ref": "#/definitions/nodeSelectorTerm" - } - } - } - } - } - }, - "podAffinity": { - "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, pool, etc. as some other pod(s)).", - "type": "object", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", - "type": "array", - "items": { - "$ref": "#/definitions/PoolAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0" - } - }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", - "type": "array", - "items": { - "$ref": "#/definitions/podAffinityTerm" - } - } - } - }, - "podAntiAffinity": { - "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, pool, etc. as some other pod(s)).", - "type": "object", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", - "type": "array", - "items": { - "$ref": "#/definitions/PoolAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0" - } - }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", - "type": "array", - "items": { - "$ref": "#/definitions/podAffinityTerm" - } - } - } - } - } - }, - "poolResources": { - "description": "If provided, use these requests and limit for cpu/memory resource allocation", - "type": "object", - "properties": { - "limits": { - "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/", - "type": "object", - "additionalProperties": { - "type": "integer", - "format": "int64" - } - }, - "requests": { - "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/", - "type": "object", - "additionalProperties": { - "type": "integer", - "format": "int64" - } - } - } - }, - "poolTolerationSeconds": { - "description": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.", - "type": "object", - "required": [ - "seconds" - ], - "properties": { - "seconds": { - "type": "integer", - "format": "int64" - } - } - }, - "poolTolerations": { - "description": "Tolerations allows users to set entries like effect, key, operator, value.", - "type": "array", - "items": { - "$ref": "#/definitions/PoolTolerationsItems0" - } - }, - "poolUpdateRequest": { - "type": "object", - "required": [ - "pools" - ], - "properties": { - "pools": { - "type": "array", - "items": { - "$ref": "#/definitions/pool" - } - } - } - }, "principal": { "type": "object", "properties": { @@ -15240,32 +10258,6 @@ func init() { } } }, - "pvcsListResponse": { - "type": "object", - "properties": { - "age": { - "type": "string" - }, - "capacity": { - "type": "string" - }, - "name": { - "type": "string" - }, - "namespace": { - "type": "string" - }, - "status": { - "type": "string" - }, - "storageClass": { - "type": "string" - }, - "volume": { - "type": "string" - } - } - }, "remoteBucket": { "type": "object", "required": [ @@ -15315,36 +10307,6 @@ func init() { } } }, - "resourceQuota": { - "type": "object", - "properties": { - "elements": { - "type": "array", - "items": { - "$ref": "#/definitions/resourceQuotaElement" - } - }, - "name": { - "type": "string" - } - } - }, - "resourceQuotaElement": { - "type": "object", - "properties": { - "hard": { - "type": "integer", - "format": "int64" - }, - "name": { - "type": "string" - }, - "used": { - "type": "integer", - "format": "int64" - } - } - }, "resultTarget": { "type": "object", "properties": { @@ -15618,240 +10580,6 @@ func init() { } } }, - "tenant": { - "type": "object", - "properties": { - "consoleEnabled": { - "type": "boolean" - }, - "consoleTLS": { - "type": "boolean" - }, - "console_image": { - "type": "string" - }, - "creation_date": { - "type": "string" - }, - "currentState": { - "type": "string" - }, - "deletion_date": { - "type": "string" - }, - "enable_prometheus": { - "type": "boolean" - }, - "encryptionEnabled": { - "type": "boolean" - }, - "endpoints": { - "type": "object", - "properties": { - "console": { - "type": "string" - }, - "minio": { - "type": "string" - } - } - }, - "idpAdEnabled": { - "type": "boolean" - }, - "idpOicEnabled": { - "type": "boolean" - }, - "image": { - "type": "string" - }, - "logEnabled": { - "type": "boolean" - }, - "minioTLS": { - "type": "boolean" - }, - "monitoringEnabled": { - "type": "boolean" - }, - "name": { - "type": "string" - }, - "namespace": { - "type": "string" - }, - "pools": { - "type": "array", - "items": { - "$ref": "#/definitions/pool" - } - }, - "status": { - "$ref": "#/definitions/tenantStatus" - }, - "subnet_license": { - "$ref": "#/definitions/license" - }, - "total_size": { - "type": "integer", - "format": "int64" - } - } - }, - "tenantList": { - "type": "object", - "properties": { - "creation_date": { - "type": "string" - }, - "currentState": { - "type": "string" - }, - "deletion_date": { - "type": "string" - }, - "health_status": { - "type": "string" - }, - "instance_count": { - "type": "integer" - }, - "name": { - "type": "string" - }, - "namespace": { - "type": "string" - }, - "pool_count": { - "type": "integer" - }, - "total_size": { - "type": "integer" - }, - "volume_count": { - "type": "integer" - } - } - }, - "tenantPod": { - "type": "object", - "required": [ - "name" - ], - "properties": { - "name": { - "type": "string" - }, - "node": { - "type": "string" - }, - "podIP": { - "type": "string" - }, - "restarts": { - "type": "integer" - }, - "status": { - "type": "string" - }, - "timeCreated": { - "type": "integer" - } - } - }, - "tenantResponseItem": { - "type": "object", - "properties": { - "access_key": { - "type": "string" - }, - "secret_key": { - "type": "string" - } - } - }, - "tenantSecurityResponse": { - "type": "object", - "properties": { - "autoCert": { - "type": "boolean" - }, - "customCertificates": { - "type": "object", - "properties": { - "console": { - "type": "array", - "items": { - "$ref": "#/definitions/certificateInfo" - } - }, - "consoleCAs": { - "type": "array", - "items": { - "$ref": "#/definitions/certificateInfo" - } - }, - "minio": { - "type": "array", - "items": { - "$ref": "#/definitions/certificateInfo" - } - }, - "minioCAs": { - "type": "array", - "items": { - "$ref": "#/definitions/certificateInfo" - } - } - } - } - } - }, - "tenantStatus": { - "type": "object", - "properties": { - "drives_healing": { - "type": "integer", - "format": "int32" - }, - "drives_offline": { - "type": "integer", - "format": "int32" - }, - "drives_online": { - "type": "integer", - "format": "int32" - }, - "health_status": { - "type": "string" - }, - "write_quorum": { - "type": "integer", - "format": "int32" - } - } - }, - "tenantUsage": { - "type": "object", - "properties": { - "disk_used": { - "type": "integer", - "format": "int64" - }, - "used": { - "type": "integer", - "format": "int64" - } - } - }, - "tenantYAML": { - "type": "object", - "properties": { - "yaml": { - "type": "string" - } - } - }, "tier": { "type": "object", "properties": { @@ -16053,71 +10781,6 @@ func init() { } } }, - "updateTenantRequest": { - "type": "object", - "properties": { - "console_image": { - "type": "string", - "pattern": "^((.*?)/(.*?):(.+))$" - }, - "enable_prometheus": { - "type": "boolean" - }, - "image": { - "type": "string", - "pattern": "^((.*?)/(.*?):(.+))$" - }, - "image_pull_secret": { - "type": "string" - }, - "image_registry": { - "$ref": "#/definitions/imageRegistry" - } - } - }, - "updateTenantSecurityRequest": { - "type": "object", - "properties": { - "autoCert": { - "type": "boolean" - }, - "customCertificates": { - "type": "object", - "properties": { - "console": { - "type": "array", - "items": { - "$ref": "#/definitions/keyPairConfiguration" - } - }, - "consoleCAs": { - "type": "array", - "items": { - "type": "string" - } - }, - "minio": { - "type": "array", - "items": { - "$ref": "#/definitions/keyPairConfiguration" - } - }, - "minioCAs": { - "type": "array", - "items": { - "type": "string" - } - }, - "secretsToBeDeleted": { - "type": "array", - "items": { - "type": "string" - } - } - } - } - } - }, "updateUser": { "type": "object", "required": [ @@ -16173,72 +10836,6 @@ func init() { } } }, - "vaultConfiguration": { - "type": "object", - "required": [ - "endpoint", - "approle" - ], - "properties": { - "approle": { - "type": "object", - "required": [ - "id", - "secret" - ], - "properties": { - "engine": { - "type": "string" - }, - "id": { - "type": "string" - }, - "retry": { - "type": "integer", - "format": "int64" - }, - "secret": { - "type": "string" - } - } - }, - "endpoint": { - "type": "string" - }, - "engine": { - "type": "string" - }, - "namespace": { - "type": "string" - }, - "prefix": { - "type": "string" - }, - "status": { - "type": "object", - "properties": { - "ping": { - "type": "integer", - "format": "int64" - } - } - }, - "tls": { - "type": "object", - "properties": { - "ca": { - "type": "string" - }, - "crt": { - "type": "string" - }, - "key": { - "type": "string" - } - } - } - } - }, "widget": { "type": "object", "properties": { diff --git a/restapi/error.go b/restapi/error.go index a90fec530..2a7aade40 100644 --- a/restapi/error.go +++ b/restapi/error.go @@ -12,8 +12,8 @@ import ( ) var ( - // Generic error messages - errorGeneric = errors.New("an error occurred, please try again") + // ErrorGeneric is a heneric error message + ErrorGeneric = errors.New("an error occurred, please try again") errInvalidCredentials = errors.New("invalid Login") errorGenericInvalidSession = errors.New("invalid session") errorGenericUnauthorized = errors.New("unauthorized") @@ -21,30 +21,27 @@ var ( // ErrorGenericNotFound Generic error for not found ErrorGenericNotFound = errors.New("not found") // Explicit error messages - errorInvalidErasureCodingValue = errors.New("invalid Erasure Coding Value") - errorUnableToGetTenantUsage = errors.New("unable to get tenant usage") - errorUnableToUpdateTenantCertificates = errors.New("unable to update tenant certificates") - errorUpdatingEncryptionConfig = errors.New("unable to update encryption configuration") - errBucketBodyNotInRequest = errors.New("error bucket body not in request") - errBucketNameNotInRequest = errors.New("error bucket name not in request") - errGroupBodyNotInRequest = errors.New("error group body not in request") - errGroupNameNotInRequest = errors.New("error group name not in request") - errPolicyNameNotInRequest = errors.New("error policy name not in request") - errPolicyBodyNotInRequest = errors.New("error policy body not in request") - errInvalidEncryptionAlgorithm = errors.New("error invalid encryption algorithm") - errSSENotConfigured = errors.New("error server side encryption configuration not found") - errBucketLifeCycleNotConfigured = errors.New("error bucket life cycle configuration not found") - errChangePassword = errors.New("error please check your current password") - errInvalidLicense = errors.New("invalid license key") - errLicenseNotFound = errors.New("license not found") - errAvoidSelfAccountDelete = errors.New("logged in user cannot be deleted by itself") - errAccessDenied = errors.New("access denied") + errorInvalidErasureCodingValue = errors.New("invalid Erasure Coding Value") + errBucketBodyNotInRequest = errors.New("error bucket body not in request") + errBucketNameNotInRequest = errors.New("error bucket name not in request") + errGroupBodyNotInRequest = errors.New("error group body not in request") + errGroupNameNotInRequest = errors.New("error group name not in request") + errPolicyNameNotInRequest = errors.New("error policy name not in request") + errPolicyBodyNotInRequest = errors.New("error policy body not in request") + errInvalidEncryptionAlgorithm = errors.New("error invalid encryption algorithm") + errSSENotConfigured = errors.New("error server side encryption configuration not found") + errBucketLifeCycleNotConfigured = errors.New("error bucket life cycle configuration not found") + errChangePassword = errors.New("error please check your current password") + errInvalidLicense = errors.New("invalid license key") + errLicenseNotFound = errors.New("license not found") + errAvoidSelfAccountDelete = errors.New("logged in user cannot be deleted by itself") + errAccessDenied = errors.New("access denied") ) -// prepareError receives an error object and parse it against k8sErrors, returns the right error code paired with a generic error message -func prepareError(err ...error) *models.Error { +// PrepareError receives an error object and parse it against k8sErrors, returns the right error code paired with a generic error message +func PrepareError(err ...error) *models.Error { errorCode := int32(500) - errorMessage := errorGeneric.Error() + errorMessage := ErrorGeneric.Error() if len(err) > 0 { frame := getFrame(2) fileParts := strings.Split(frame.File, "/") diff --git a/restapi/operations/admin_api/tenant_widget_details_parameters.go b/restapi/operations/admin_api/tenant_widget_details_parameters.go deleted file mode 100644 index 2769c4bf6..000000000 --- a/restapi/operations/admin_api/tenant_widget_details_parameters.go +++ /dev/null @@ -1,241 +0,0 @@ -// Code generated by go-swagger; DO NOT EDIT. - -// This file is part of MinIO Console Server -// Copyright (c) 2021 MinIO, Inc. -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU Affero General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU Affero General Public License for more details. -// -// You should have received a copy of the GNU Affero General Public License -// along with this program. If not, see . -// - -package admin_api - -// This file was generated by the swagger tool. -// Editing this file might prove futile when you re-run the swagger generate command - -import ( - "net/http" - - "github.com/go-openapi/errors" - "github.com/go-openapi/runtime" - "github.com/go-openapi/runtime/middleware" - "github.com/go-openapi/strfmt" - "github.com/go-openapi/swag" -) - -// NewTenantWidgetDetailsParams creates a new TenantWidgetDetailsParams object -// -// There are no default values defined in the spec. -func NewTenantWidgetDetailsParams() TenantWidgetDetailsParams { - - return TenantWidgetDetailsParams{} -} - -// TenantWidgetDetailsParams contains all the bound params for the tenant widget details operation -// typically these are obtained from a http.Request -// -// swagger:parameters TenantWidgetDetails -type TenantWidgetDetailsParams struct { - - // HTTP Request Object - HTTPRequest *http.Request `json:"-"` - - /* - In: query - */ - End *int64 - /* - Required: true - In: path - */ - Namespace string - /* - In: query - */ - Start *int64 - /* - In: query - */ - Step *int32 - /* - Required: true - In: path - */ - Tenant string - /* - Required: true - In: path - */ - WidgetID int32 -} - -// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface -// for simple values it will use straight method calls. -// -// To ensure default values, the struct must have been initialized with NewTenantWidgetDetailsParams() beforehand. -func (o *TenantWidgetDetailsParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error { - var res []error - - o.HTTPRequest = r - - qs := runtime.Values(r.URL.Query()) - - qEnd, qhkEnd, _ := qs.GetOK("end") - if err := o.bindEnd(qEnd, qhkEnd, route.Formats); err != nil { - res = append(res, err) - } - - rNamespace, rhkNamespace, _ := route.Params.GetOK("namespace") - if err := o.bindNamespace(rNamespace, rhkNamespace, route.Formats); err != nil { - res = append(res, err) - } - - qStart, qhkStart, _ := qs.GetOK("start") - if err := o.bindStart(qStart, qhkStart, route.Formats); err != nil { - res = append(res, err) - } - - qStep, qhkStep, _ := qs.GetOK("step") - if err := o.bindStep(qStep, qhkStep, route.Formats); err != nil { - res = append(res, err) - } - - rTenant, rhkTenant, _ := route.Params.GetOK("tenant") - if err := o.bindTenant(rTenant, rhkTenant, route.Formats); err != nil { - res = append(res, err) - } - - rWidgetID, rhkWidgetID, _ := route.Params.GetOK("widgetId") - if err := o.bindWidgetID(rWidgetID, rhkWidgetID, route.Formats); err != nil { - res = append(res, err) - } - if len(res) > 0 { - return errors.CompositeValidationError(res...) - } - return nil -} - -// bindEnd binds and validates parameter End from query. -func (o *TenantWidgetDetailsParams) bindEnd(rawData []string, hasKey bool, formats strfmt.Registry) error { - var raw string - if len(rawData) > 0 { - raw = rawData[len(rawData)-1] - } - - // Required: false - // AllowEmptyValue: false - - if raw == "" { // empty values pass all other validations - return nil - } - - value, err := swag.ConvertInt64(raw) - if err != nil { - return errors.InvalidType("end", "query", "int64", raw) - } - o.End = &value - - return nil -} - -// bindNamespace binds and validates parameter Namespace from path. -func (o *TenantWidgetDetailsParams) bindNamespace(rawData []string, hasKey bool, formats strfmt.Registry) error { - var raw string - if len(rawData) > 0 { - raw = rawData[len(rawData)-1] - } - - // Required: true - // Parameter is provided by construction from the route - o.Namespace = raw - - return nil -} - -// bindStart binds and validates parameter Start from query. -func (o *TenantWidgetDetailsParams) bindStart(rawData []string, hasKey bool, formats strfmt.Registry) error { - var raw string - if len(rawData) > 0 { - raw = rawData[len(rawData)-1] - } - - // Required: false - // AllowEmptyValue: false - - if raw == "" { // empty values pass all other validations - return nil - } - - value, err := swag.ConvertInt64(raw) - if err != nil { - return errors.InvalidType("start", "query", "int64", raw) - } - o.Start = &value - - return nil -} - -// bindStep binds and validates parameter Step from query. -func (o *TenantWidgetDetailsParams) bindStep(rawData []string, hasKey bool, formats strfmt.Registry) error { - var raw string - if len(rawData) > 0 { - raw = rawData[len(rawData)-1] - } - - // Required: false - // AllowEmptyValue: false - - if raw == "" { // empty values pass all other validations - return nil - } - - value, err := swag.ConvertInt32(raw) - if err != nil { - return errors.InvalidType("step", "query", "int32", raw) - } - o.Step = &value - - return nil -} - -// bindTenant binds and validates parameter Tenant from path. -func (o *TenantWidgetDetailsParams) bindTenant(rawData []string, hasKey bool, formats strfmt.Registry) error { - var raw string - if len(rawData) > 0 { - raw = rawData[len(rawData)-1] - } - - // Required: true - // Parameter is provided by construction from the route - o.Tenant = raw - - return nil -} - -// bindWidgetID binds and validates parameter WidgetID from path. -func (o *TenantWidgetDetailsParams) bindWidgetID(rawData []string, hasKey bool, formats strfmt.Registry) error { - var raw string - if len(rawData) > 0 { - raw = rawData[len(rawData)-1] - } - - // Required: true - // Parameter is provided by construction from the route - - value, err := swag.ConvertInt32(raw) - if err != nil { - return errors.InvalidType("widgetId", "path", "int32", raw) - } - o.WidgetID = value - - return nil -} diff --git a/restapi/operations/console_api.go b/restapi/operations/console_api.go index 2626edded..787b870bf 100644 --- a/restapi/operations/console_api.go +++ b/restapi/operations/console_api.go @@ -38,7 +38,6 @@ import ( "github.com/minio/console/models" "github.com/minio/console/restapi/operations/admin_api" - "github.com/minio/console/restapi/operations/operator_api" "github.com/minio/console/restapi/operations/user_api" ) @@ -114,15 +113,9 @@ func NewConsoleAPI(spec *loads.Document) *ConsoleAPI { UserAPICreateBucketEventHandler: user_api.CreateBucketEventHandlerFunc(func(params user_api.CreateBucketEventParams, principal *models.Principal) middleware.Responder { return middleware.NotImplemented("operation user_api.CreateBucketEvent has not yet been implemented") }), - AdminAPICreateNamespaceHandler: admin_api.CreateNamespaceHandlerFunc(func(params admin_api.CreateNamespaceParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.CreateNamespace has not yet been implemented") - }), UserAPICreateServiceAccountHandler: user_api.CreateServiceAccountHandlerFunc(func(params user_api.CreateServiceAccountParams, principal *models.Principal) middleware.Responder { return middleware.NotImplemented("operation user_api.CreateServiceAccount has not yet been implemented") }), - AdminAPICreateTenantHandler: admin_api.CreateTenantHandlerFunc(func(params admin_api.CreateTenantParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.CreateTenant has not yet been implemented") - }), AdminAPIDashboardWidgetDetailsHandler: admin_api.DashboardWidgetDetailsHandlerFunc(func(params admin_api.DashboardWidgetDetailsParams, principal *models.Principal) middleware.Responder { return middleware.NotImplemented("operation admin_api.DashboardWidgetDetails has not yet been implemented") }), @@ -141,21 +134,12 @@ func NewConsoleAPI(spec *loads.Document) *ConsoleAPI { UserAPIDeleteObjectRetentionHandler: user_api.DeleteObjectRetentionHandlerFunc(func(params user_api.DeleteObjectRetentionParams, principal *models.Principal) middleware.Responder { return middleware.NotImplemented("operation user_api.DeleteObjectRetention has not yet been implemented") }), - AdminAPIDeletePodHandler: admin_api.DeletePodHandlerFunc(func(params admin_api.DeletePodParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.DeletePod has not yet been implemented") - }), UserAPIDeleteRemoteBucketHandler: user_api.DeleteRemoteBucketHandlerFunc(func(params user_api.DeleteRemoteBucketParams, principal *models.Principal) middleware.Responder { return middleware.NotImplemented("operation user_api.DeleteRemoteBucket has not yet been implemented") }), UserAPIDeleteServiceAccountHandler: user_api.DeleteServiceAccountHandlerFunc(func(params user_api.DeleteServiceAccountParams, principal *models.Principal) middleware.Responder { return middleware.NotImplemented("operation user_api.DeleteServiceAccount has not yet been implemented") }), - AdminAPIDeleteTenantHandler: admin_api.DeleteTenantHandlerFunc(func(params admin_api.DeleteTenantParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.DeleteTenant has not yet been implemented") - }), - AdminAPIDirectCSIFormatDriveHandler: admin_api.DirectCSIFormatDriveHandlerFunc(func(params admin_api.DirectCSIFormatDriveParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.DirectCSIFormatDrive has not yet been implemented") - }), UserAPIDisableBucketEncryptionHandler: user_api.DisableBucketEncryptionHandlerFunc(func(params user_api.DisableBucketEncryptionParams, principal *models.Principal) middleware.Responder { return middleware.NotImplemented("operation user_api.DisableBucketEncryption has not yet been implemented") }), @@ -192,36 +176,6 @@ func NewConsoleAPI(spec *loads.Document) *ConsoleAPI { UserAPIGetBucketVersioningHandler: user_api.GetBucketVersioningHandlerFunc(func(params user_api.GetBucketVersioningParams, principal *models.Principal) middleware.Responder { return middleware.NotImplemented("operation user_api.GetBucketVersioning has not yet been implemented") }), - AdminAPIGetDirectCSIDriveListHandler: admin_api.GetDirectCSIDriveListHandlerFunc(func(params admin_api.GetDirectCSIDriveListParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.GetDirectCSIDriveList has not yet been implemented") - }), - AdminAPIGetDirectCSIVolumeListHandler: admin_api.GetDirectCSIVolumeListHandlerFunc(func(params admin_api.GetDirectCSIVolumeListParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.GetDirectCSIVolumeList has not yet been implemented") - }), - AdminAPIGetMaxAllocatableMemHandler: admin_api.GetMaxAllocatableMemHandlerFunc(func(params admin_api.GetMaxAllocatableMemParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.GetMaxAllocatableMem has not yet been implemented") - }), - AdminAPIGetParityHandler: admin_api.GetParityHandlerFunc(func(params admin_api.GetParityParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.GetParity has not yet been implemented") - }), - AdminAPIGetPodEventsHandler: admin_api.GetPodEventsHandlerFunc(func(params admin_api.GetPodEventsParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.GetPodEvents has not yet been implemented") - }), - AdminAPIGetPodLogsHandler: admin_api.GetPodLogsHandlerFunc(func(params admin_api.GetPodLogsParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.GetPodLogs has not yet been implemented") - }), - AdminAPIGetResourceQuotaHandler: admin_api.GetResourceQuotaHandlerFunc(func(params admin_api.GetResourceQuotaParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.GetResourceQuota has not yet been implemented") - }), - AdminAPIGetTenantPodsHandler: admin_api.GetTenantPodsHandlerFunc(func(params admin_api.GetTenantPodsParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.GetTenantPods has not yet been implemented") - }), - AdminAPIGetTenantUsageHandler: admin_api.GetTenantUsageHandlerFunc(func(params admin_api.GetTenantUsageParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.GetTenantUsage has not yet been implemented") - }), - AdminAPIGetTenantYAMLHandler: admin_api.GetTenantYAMLHandlerFunc(func(params admin_api.GetTenantYAMLParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.GetTenantYAML has not yet been implemented") - }), AdminAPIGetTierHandler: admin_api.GetTierHandlerFunc(func(params admin_api.GetTierParams, principal *models.Principal) middleware.Responder { return middleware.NotImplemented("operation admin_api.GetTier has not yet been implemented") }), @@ -237,9 +191,6 @@ func NewConsoleAPI(spec *loads.Document) *ConsoleAPI { AdminAPIListAUserServiceAccountsHandler: admin_api.ListAUserServiceAccountsHandlerFunc(func(params admin_api.ListAUserServiceAccountsParams, principal *models.Principal) middleware.Responder { return middleware.NotImplemented("operation admin_api.ListAUserServiceAccounts has not yet been implemented") }), - AdminAPIListAllTenantsHandler: admin_api.ListAllTenantsHandlerFunc(func(params admin_api.ListAllTenantsParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.ListAllTenants has not yet been implemented") - }), UserAPIListBucketEventsHandler: user_api.ListBucketEventsHandlerFunc(func(params user_api.ListBucketEventsParams, principal *models.Principal) middleware.Responder { return middleware.NotImplemented("operation user_api.ListBucketEvents has not yet been implemented") }), @@ -258,15 +209,9 @@ func NewConsoleAPI(spec *loads.Document) *ConsoleAPI { AdminAPIListGroupsForPolicyHandler: admin_api.ListGroupsForPolicyHandlerFunc(func(params admin_api.ListGroupsForPolicyParams, principal *models.Principal) middleware.Responder { return middleware.NotImplemented("operation admin_api.ListGroupsForPolicy has not yet been implemented") }), - OperatorAPIListNodeLabelsHandler: operator_api.ListNodeLabelsHandlerFunc(func(params operator_api.ListNodeLabelsParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation operator_api.ListNodeLabels has not yet been implemented") - }), UserAPIListObjectsHandler: user_api.ListObjectsHandlerFunc(func(params user_api.ListObjectsParams, principal *models.Principal) middleware.Responder { return middleware.NotImplemented("operation user_api.ListObjects has not yet been implemented") }), - AdminAPIListPVCsHandler: admin_api.ListPVCsHandlerFunc(func(params admin_api.ListPVCsParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.ListPVCs has not yet been implemented") - }), AdminAPIListPoliciesHandler: admin_api.ListPoliciesHandlerFunc(func(params admin_api.ListPoliciesParams, principal *models.Principal) middleware.Responder { return middleware.NotImplemented("operation admin_api.ListPolicies has not yet been implemented") }), @@ -276,9 +221,6 @@ func NewConsoleAPI(spec *loads.Document) *ConsoleAPI { UserAPIListRemoteBucketsHandler: user_api.ListRemoteBucketsHandlerFunc(func(params user_api.ListRemoteBucketsParams, principal *models.Principal) middleware.Responder { return middleware.NotImplemented("operation user_api.ListRemoteBuckets has not yet been implemented") }), - AdminAPIListTenantsHandler: admin_api.ListTenantsHandlerFunc(func(params admin_api.ListTenantsParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.ListTenants has not yet been implemented") - }), UserAPIListUserServiceAccountsHandler: user_api.ListUserServiceAccountsHandlerFunc(func(params user_api.ListUserServiceAccountsParams, principal *models.Principal) middleware.Responder { return middleware.NotImplemented("operation user_api.ListUserServiceAccounts has not yet been implemented") }), @@ -336,9 +278,6 @@ func NewConsoleAPI(spec *loads.Document) *ConsoleAPI { UserAPIPutObjectTagsHandler: user_api.PutObjectTagsHandlerFunc(func(params user_api.PutObjectTagsParams, principal *models.Principal) middleware.Responder { return middleware.NotImplemented("operation user_api.PutObjectTags has not yet been implemented") }), - AdminAPIPutTenantYAMLHandler: admin_api.PutTenantYAMLHandlerFunc(func(params admin_api.PutTenantYAMLParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.PutTenantYAML has not yet been implemented") - }), UserAPIRemoteBucketDetailsHandler: user_api.RemoteBucketDetailsHandlerFunc(func(params user_api.RemoteBucketDetailsParams, principal *models.Principal) middleware.Responder { return middleware.NotImplemented("operation user_api.RemoteBucketDetails has not yet been implemented") }), @@ -381,9 +320,6 @@ func NewConsoleAPI(spec *loads.Document) *ConsoleAPI { UserAPIShareObjectHandler: user_api.ShareObjectHandlerFunc(func(params user_api.ShareObjectParams, principal *models.Principal) middleware.Responder { return middleware.NotImplemented("operation user_api.ShareObject has not yet been implemented") }), - AdminAPISubscriptionActivateHandler: admin_api.SubscriptionActivateHandlerFunc(func(params admin_api.SubscriptionActivateParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.SubscriptionActivate has not yet been implemented") - }), AdminAPISubscriptionInfoHandler: admin_api.SubscriptionInfoHandlerFunc(func(params admin_api.SubscriptionInfoParams, principal *models.Principal) middleware.Responder { return middleware.NotImplemented("operation admin_api.SubscriptionInfo has not yet been implemented") }), @@ -393,30 +329,6 @@ func NewConsoleAPI(spec *loads.Document) *ConsoleAPI { AdminAPISubscriptionValidateHandler: admin_api.SubscriptionValidateHandlerFunc(func(params admin_api.SubscriptionValidateParams, principal *models.Principal) middleware.Responder { return middleware.NotImplemented("operation admin_api.SubscriptionValidate has not yet been implemented") }), - AdminAPITenantAddPoolHandler: admin_api.TenantAddPoolHandlerFunc(func(params admin_api.TenantAddPoolParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.TenantAddPool has not yet been implemented") - }), - AdminAPITenantDetailsHandler: admin_api.TenantDetailsHandlerFunc(func(params admin_api.TenantDetailsParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.TenantDetails has not yet been implemented") - }), - AdminAPITenantInfoHandler: admin_api.TenantInfoHandlerFunc(func(params admin_api.TenantInfoParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.TenantInfo has not yet been implemented") - }), - AdminAPITenantSecurityHandler: admin_api.TenantSecurityHandlerFunc(func(params admin_api.TenantSecurityParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.TenantSecurity has not yet been implemented") - }), - AdminAPITenantUpdateCertificateHandler: admin_api.TenantUpdateCertificateHandlerFunc(func(params admin_api.TenantUpdateCertificateParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.TenantUpdateCertificate has not yet been implemented") - }), - AdminAPITenantUpdateEncryptionHandler: admin_api.TenantUpdateEncryptionHandlerFunc(func(params admin_api.TenantUpdateEncryptionParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.TenantUpdateEncryption has not yet been implemented") - }), - AdminAPITenantUpdatePoolsHandler: admin_api.TenantUpdatePoolsHandlerFunc(func(params admin_api.TenantUpdatePoolsParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.TenantUpdatePools has not yet been implemented") - }), - AdminAPITenantWidgetDetailsHandler: admin_api.TenantWidgetDetailsHandlerFunc(func(params admin_api.TenantWidgetDetailsParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.TenantWidgetDetails has not yet been implemented") - }), AdminAPITiersListHandler: admin_api.TiersListHandlerFunc(func(params admin_api.TiersListParams, principal *models.Principal) middleware.Responder { return middleware.NotImplemented("operation admin_api.TiersList has not yet been implemented") }), @@ -426,12 +338,6 @@ func NewConsoleAPI(spec *loads.Document) *ConsoleAPI { AdminAPIUpdateGroupHandler: admin_api.UpdateGroupHandlerFunc(func(params admin_api.UpdateGroupParams, principal *models.Principal) middleware.Responder { return middleware.NotImplemented("operation admin_api.UpdateGroup has not yet been implemented") }), - AdminAPIUpdateTenantHandler: admin_api.UpdateTenantHandlerFunc(func(params admin_api.UpdateTenantParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.UpdateTenant has not yet been implemented") - }), - AdminAPIUpdateTenantSecurityHandler: admin_api.UpdateTenantSecurityHandlerFunc(func(params admin_api.UpdateTenantSecurityParams, principal *models.Principal) middleware.Responder { - return middleware.NotImplemented("operation admin_api.UpdateTenantSecurity has not yet been implemented") - }), AdminAPIUpdateUserGroupsHandler: admin_api.UpdateUserGroupsHandlerFunc(func(params admin_api.UpdateUserGroupsParams, principal *models.Principal) middleware.Responder { return middleware.NotImplemented("operation admin_api.UpdateUserGroups has not yet been implemented") }), @@ -525,12 +431,8 @@ type ConsoleAPI struct { AdminAPIConfigInfoHandler admin_api.ConfigInfoHandler // UserAPICreateBucketEventHandler sets the operation handler for the create bucket event operation UserAPICreateBucketEventHandler user_api.CreateBucketEventHandler - // AdminAPICreateNamespaceHandler sets the operation handler for the create namespace operation - AdminAPICreateNamespaceHandler admin_api.CreateNamespaceHandler // UserAPICreateServiceAccountHandler sets the operation handler for the create service account operation UserAPICreateServiceAccountHandler user_api.CreateServiceAccountHandler - // AdminAPICreateTenantHandler sets the operation handler for the create tenant operation - AdminAPICreateTenantHandler admin_api.CreateTenantHandler // AdminAPIDashboardWidgetDetailsHandler sets the operation handler for the dashboard widget details operation AdminAPIDashboardWidgetDetailsHandler admin_api.DashboardWidgetDetailsHandler // UserAPIDeleteBucketHandler sets the operation handler for the delete bucket operation @@ -543,16 +445,10 @@ type ConsoleAPI struct { UserAPIDeleteObjectHandler user_api.DeleteObjectHandler // UserAPIDeleteObjectRetentionHandler sets the operation handler for the delete object retention operation UserAPIDeleteObjectRetentionHandler user_api.DeleteObjectRetentionHandler - // AdminAPIDeletePodHandler sets the operation handler for the delete pod operation - AdminAPIDeletePodHandler admin_api.DeletePodHandler // UserAPIDeleteRemoteBucketHandler sets the operation handler for the delete remote bucket operation UserAPIDeleteRemoteBucketHandler user_api.DeleteRemoteBucketHandler // UserAPIDeleteServiceAccountHandler sets the operation handler for the delete service account operation UserAPIDeleteServiceAccountHandler user_api.DeleteServiceAccountHandler - // AdminAPIDeleteTenantHandler sets the operation handler for the delete tenant operation - AdminAPIDeleteTenantHandler admin_api.DeleteTenantHandler - // AdminAPIDirectCSIFormatDriveHandler sets the operation handler for the direct c s i format drive operation - AdminAPIDirectCSIFormatDriveHandler admin_api.DirectCSIFormatDriveHandler // UserAPIDisableBucketEncryptionHandler sets the operation handler for the disable bucket encryption operation UserAPIDisableBucketEncryptionHandler user_api.DisableBucketEncryptionHandler // UserAPIDownloadObjectHandler sets the operation handler for the download object operation @@ -577,26 +473,6 @@ type ConsoleAPI struct { UserAPIGetBucketRewindHandler user_api.GetBucketRewindHandler // UserAPIGetBucketVersioningHandler sets the operation handler for the get bucket versioning operation UserAPIGetBucketVersioningHandler user_api.GetBucketVersioningHandler - // AdminAPIGetDirectCSIDriveListHandler sets the operation handler for the get direct c s i drive list operation - AdminAPIGetDirectCSIDriveListHandler admin_api.GetDirectCSIDriveListHandler - // AdminAPIGetDirectCSIVolumeListHandler sets the operation handler for the get direct c s i volume list operation - AdminAPIGetDirectCSIVolumeListHandler admin_api.GetDirectCSIVolumeListHandler - // AdminAPIGetMaxAllocatableMemHandler sets the operation handler for the get max allocatable mem operation - AdminAPIGetMaxAllocatableMemHandler admin_api.GetMaxAllocatableMemHandler - // AdminAPIGetParityHandler sets the operation handler for the get parity operation - AdminAPIGetParityHandler admin_api.GetParityHandler - // AdminAPIGetPodEventsHandler sets the operation handler for the get pod events operation - AdminAPIGetPodEventsHandler admin_api.GetPodEventsHandler - // AdminAPIGetPodLogsHandler sets the operation handler for the get pod logs operation - AdminAPIGetPodLogsHandler admin_api.GetPodLogsHandler - // AdminAPIGetResourceQuotaHandler sets the operation handler for the get resource quota operation - AdminAPIGetResourceQuotaHandler admin_api.GetResourceQuotaHandler - // AdminAPIGetTenantPodsHandler sets the operation handler for the get tenant pods operation - AdminAPIGetTenantPodsHandler admin_api.GetTenantPodsHandler - // AdminAPIGetTenantUsageHandler sets the operation handler for the get tenant usage operation - AdminAPIGetTenantUsageHandler admin_api.GetTenantUsageHandler - // AdminAPIGetTenantYAMLHandler sets the operation handler for the get tenant y a m l operation - AdminAPIGetTenantYAMLHandler admin_api.GetTenantYAMLHandler // AdminAPIGetTierHandler sets the operation handler for the get tier operation AdminAPIGetTierHandler admin_api.GetTierHandler // AdminAPIGetUserInfoHandler sets the operation handler for the get user info operation @@ -607,8 +483,6 @@ type ConsoleAPI struct { UserAPIHasPermissionToHandler user_api.HasPermissionToHandler // AdminAPIListAUserServiceAccountsHandler sets the operation handler for the list a user service accounts operation AdminAPIListAUserServiceAccountsHandler admin_api.ListAUserServiceAccountsHandler - // AdminAPIListAllTenantsHandler sets the operation handler for the list all tenants operation - AdminAPIListAllTenantsHandler admin_api.ListAllTenantsHandler // UserAPIListBucketEventsHandler sets the operation handler for the list bucket events operation UserAPIListBucketEventsHandler user_api.ListBucketEventsHandler // UserAPIListBucketsHandler sets the operation handler for the list buckets operation @@ -621,20 +495,14 @@ type ConsoleAPI struct { AdminAPIListGroupsHandler admin_api.ListGroupsHandler // AdminAPIListGroupsForPolicyHandler sets the operation handler for the list groups for policy operation AdminAPIListGroupsForPolicyHandler admin_api.ListGroupsForPolicyHandler - // OperatorAPIListNodeLabelsHandler sets the operation handler for the list node labels operation - OperatorAPIListNodeLabelsHandler operator_api.ListNodeLabelsHandler // UserAPIListObjectsHandler sets the operation handler for the list objects operation UserAPIListObjectsHandler user_api.ListObjectsHandler - // AdminAPIListPVCsHandler sets the operation handler for the list p v cs operation - AdminAPIListPVCsHandler admin_api.ListPVCsHandler // AdminAPIListPoliciesHandler sets the operation handler for the list policies operation AdminAPIListPoliciesHandler admin_api.ListPoliciesHandler // AdminAPIListPoliciesWithBucketHandler sets the operation handler for the list policies with bucket operation AdminAPIListPoliciesWithBucketHandler admin_api.ListPoliciesWithBucketHandler // UserAPIListRemoteBucketsHandler sets the operation handler for the list remote buckets operation UserAPIListRemoteBucketsHandler user_api.ListRemoteBucketsHandler - // AdminAPIListTenantsHandler sets the operation handler for the list tenants operation - AdminAPIListTenantsHandler admin_api.ListTenantsHandler // UserAPIListUserServiceAccountsHandler sets the operation handler for the list user service accounts operation UserAPIListUserServiceAccountsHandler user_api.ListUserServiceAccountsHandler // AdminAPIListUsersHandler sets the operation handler for the list users operation @@ -673,8 +541,6 @@ type ConsoleAPI struct { UserAPIPutObjectRetentionHandler user_api.PutObjectRetentionHandler // UserAPIPutObjectTagsHandler sets the operation handler for the put object tags operation UserAPIPutObjectTagsHandler user_api.PutObjectTagsHandler - // AdminAPIPutTenantYAMLHandler sets the operation handler for the put tenant y a m l operation - AdminAPIPutTenantYAMLHandler admin_api.PutTenantYAMLHandler // UserAPIRemoteBucketDetailsHandler sets the operation handler for the remote bucket details operation UserAPIRemoteBucketDetailsHandler user_api.RemoteBucketDetailsHandler // AdminAPIRemoveGroupHandler sets the operation handler for the remove group operation @@ -703,40 +569,18 @@ type ConsoleAPI struct { AdminAPISetPolicyMultipleHandler admin_api.SetPolicyMultipleHandler // UserAPIShareObjectHandler sets the operation handler for the share object operation UserAPIShareObjectHandler user_api.ShareObjectHandler - // AdminAPISubscriptionActivateHandler sets the operation handler for the subscription activate operation - AdminAPISubscriptionActivateHandler admin_api.SubscriptionActivateHandler // AdminAPISubscriptionInfoHandler sets the operation handler for the subscription info operation AdminAPISubscriptionInfoHandler admin_api.SubscriptionInfoHandler // AdminAPISubscriptionRefreshHandler sets the operation handler for the subscription refresh operation AdminAPISubscriptionRefreshHandler admin_api.SubscriptionRefreshHandler // AdminAPISubscriptionValidateHandler sets the operation handler for the subscription validate operation AdminAPISubscriptionValidateHandler admin_api.SubscriptionValidateHandler - // AdminAPITenantAddPoolHandler sets the operation handler for the tenant add pool operation - AdminAPITenantAddPoolHandler admin_api.TenantAddPoolHandler - // AdminAPITenantDetailsHandler sets the operation handler for the tenant details operation - AdminAPITenantDetailsHandler admin_api.TenantDetailsHandler - // AdminAPITenantInfoHandler sets the operation handler for the tenant info operation - AdminAPITenantInfoHandler admin_api.TenantInfoHandler - // AdminAPITenantSecurityHandler sets the operation handler for the tenant security operation - AdminAPITenantSecurityHandler admin_api.TenantSecurityHandler - // AdminAPITenantUpdateCertificateHandler sets the operation handler for the tenant update certificate operation - AdminAPITenantUpdateCertificateHandler admin_api.TenantUpdateCertificateHandler - // AdminAPITenantUpdateEncryptionHandler sets the operation handler for the tenant update encryption operation - AdminAPITenantUpdateEncryptionHandler admin_api.TenantUpdateEncryptionHandler - // AdminAPITenantUpdatePoolsHandler sets the operation handler for the tenant update pools operation - AdminAPITenantUpdatePoolsHandler admin_api.TenantUpdatePoolsHandler - // AdminAPITenantWidgetDetailsHandler sets the operation handler for the tenant widget details operation - AdminAPITenantWidgetDetailsHandler admin_api.TenantWidgetDetailsHandler // AdminAPITiersListHandler sets the operation handler for the tiers list operation AdminAPITiersListHandler admin_api.TiersListHandler // UserAPIUpdateBucketLifecycleHandler sets the operation handler for the update bucket lifecycle operation UserAPIUpdateBucketLifecycleHandler user_api.UpdateBucketLifecycleHandler // AdminAPIUpdateGroupHandler sets the operation handler for the update group operation AdminAPIUpdateGroupHandler admin_api.UpdateGroupHandler - // AdminAPIUpdateTenantHandler sets the operation handler for the update tenant operation - AdminAPIUpdateTenantHandler admin_api.UpdateTenantHandler - // AdminAPIUpdateTenantSecurityHandler sets the operation handler for the update tenant security operation - AdminAPIUpdateTenantSecurityHandler admin_api.UpdateTenantSecurityHandler // AdminAPIUpdateUserGroupsHandler sets the operation handler for the update user groups operation AdminAPIUpdateUserGroupsHandler admin_api.UpdateUserGroupsHandler // AdminAPIUpdateUserInfoHandler sets the operation handler for the update user info operation @@ -876,15 +720,9 @@ func (o *ConsoleAPI) Validate() error { if o.UserAPICreateBucketEventHandler == nil { unregistered = append(unregistered, "user_api.CreateBucketEventHandler") } - if o.AdminAPICreateNamespaceHandler == nil { - unregistered = append(unregistered, "admin_api.CreateNamespaceHandler") - } if o.UserAPICreateServiceAccountHandler == nil { unregistered = append(unregistered, "user_api.CreateServiceAccountHandler") } - if o.AdminAPICreateTenantHandler == nil { - unregistered = append(unregistered, "admin_api.CreateTenantHandler") - } if o.AdminAPIDashboardWidgetDetailsHandler == nil { unregistered = append(unregistered, "admin_api.DashboardWidgetDetailsHandler") } @@ -903,21 +741,12 @@ func (o *ConsoleAPI) Validate() error { if o.UserAPIDeleteObjectRetentionHandler == nil { unregistered = append(unregistered, "user_api.DeleteObjectRetentionHandler") } - if o.AdminAPIDeletePodHandler == nil { - unregistered = append(unregistered, "admin_api.DeletePodHandler") - } if o.UserAPIDeleteRemoteBucketHandler == nil { unregistered = append(unregistered, "user_api.DeleteRemoteBucketHandler") } if o.UserAPIDeleteServiceAccountHandler == nil { unregistered = append(unregistered, "user_api.DeleteServiceAccountHandler") } - if o.AdminAPIDeleteTenantHandler == nil { - unregistered = append(unregistered, "admin_api.DeleteTenantHandler") - } - if o.AdminAPIDirectCSIFormatDriveHandler == nil { - unregistered = append(unregistered, "admin_api.DirectCSIFormatDriveHandler") - } if o.UserAPIDisableBucketEncryptionHandler == nil { unregistered = append(unregistered, "user_api.DisableBucketEncryptionHandler") } @@ -954,36 +783,6 @@ func (o *ConsoleAPI) Validate() error { if o.UserAPIGetBucketVersioningHandler == nil { unregistered = append(unregistered, "user_api.GetBucketVersioningHandler") } - if o.AdminAPIGetDirectCSIDriveListHandler == nil { - unregistered = append(unregistered, "admin_api.GetDirectCSIDriveListHandler") - } - if o.AdminAPIGetDirectCSIVolumeListHandler == nil { - unregistered = append(unregistered, "admin_api.GetDirectCSIVolumeListHandler") - } - if o.AdminAPIGetMaxAllocatableMemHandler == nil { - unregistered = append(unregistered, "admin_api.GetMaxAllocatableMemHandler") - } - if o.AdminAPIGetParityHandler == nil { - unregistered = append(unregistered, "admin_api.GetParityHandler") - } - if o.AdminAPIGetPodEventsHandler == nil { - unregistered = append(unregistered, "admin_api.GetPodEventsHandler") - } - if o.AdminAPIGetPodLogsHandler == nil { - unregistered = append(unregistered, "admin_api.GetPodLogsHandler") - } - if o.AdminAPIGetResourceQuotaHandler == nil { - unregistered = append(unregistered, "admin_api.GetResourceQuotaHandler") - } - if o.AdminAPIGetTenantPodsHandler == nil { - unregistered = append(unregistered, "admin_api.GetTenantPodsHandler") - } - if o.AdminAPIGetTenantUsageHandler == nil { - unregistered = append(unregistered, "admin_api.GetTenantUsageHandler") - } - if o.AdminAPIGetTenantYAMLHandler == nil { - unregistered = append(unregistered, "admin_api.GetTenantYAMLHandler") - } if o.AdminAPIGetTierHandler == nil { unregistered = append(unregistered, "admin_api.GetTierHandler") } @@ -999,9 +798,6 @@ func (o *ConsoleAPI) Validate() error { if o.AdminAPIListAUserServiceAccountsHandler == nil { unregistered = append(unregistered, "admin_api.ListAUserServiceAccountsHandler") } - if o.AdminAPIListAllTenantsHandler == nil { - unregistered = append(unregistered, "admin_api.ListAllTenantsHandler") - } if o.UserAPIListBucketEventsHandler == nil { unregistered = append(unregistered, "user_api.ListBucketEventsHandler") } @@ -1020,15 +816,9 @@ func (o *ConsoleAPI) Validate() error { if o.AdminAPIListGroupsForPolicyHandler == nil { unregistered = append(unregistered, "admin_api.ListGroupsForPolicyHandler") } - if o.OperatorAPIListNodeLabelsHandler == nil { - unregistered = append(unregistered, "operator_api.ListNodeLabelsHandler") - } if o.UserAPIListObjectsHandler == nil { unregistered = append(unregistered, "user_api.ListObjectsHandler") } - if o.AdminAPIListPVCsHandler == nil { - unregistered = append(unregistered, "admin_api.ListPVCsHandler") - } if o.AdminAPIListPoliciesHandler == nil { unregistered = append(unregistered, "admin_api.ListPoliciesHandler") } @@ -1038,9 +828,6 @@ func (o *ConsoleAPI) Validate() error { if o.UserAPIListRemoteBucketsHandler == nil { unregistered = append(unregistered, "user_api.ListRemoteBucketsHandler") } - if o.AdminAPIListTenantsHandler == nil { - unregistered = append(unregistered, "admin_api.ListTenantsHandler") - } if o.UserAPIListUserServiceAccountsHandler == nil { unregistered = append(unregistered, "user_api.ListUserServiceAccountsHandler") } @@ -1098,9 +885,6 @@ func (o *ConsoleAPI) Validate() error { if o.UserAPIPutObjectTagsHandler == nil { unregistered = append(unregistered, "user_api.PutObjectTagsHandler") } - if o.AdminAPIPutTenantYAMLHandler == nil { - unregistered = append(unregistered, "admin_api.PutTenantYAMLHandler") - } if o.UserAPIRemoteBucketDetailsHandler == nil { unregistered = append(unregistered, "user_api.RemoteBucketDetailsHandler") } @@ -1143,9 +927,6 @@ func (o *ConsoleAPI) Validate() error { if o.UserAPIShareObjectHandler == nil { unregistered = append(unregistered, "user_api.ShareObjectHandler") } - if o.AdminAPISubscriptionActivateHandler == nil { - unregistered = append(unregistered, "admin_api.SubscriptionActivateHandler") - } if o.AdminAPISubscriptionInfoHandler == nil { unregistered = append(unregistered, "admin_api.SubscriptionInfoHandler") } @@ -1155,30 +936,6 @@ func (o *ConsoleAPI) Validate() error { if o.AdminAPISubscriptionValidateHandler == nil { unregistered = append(unregistered, "admin_api.SubscriptionValidateHandler") } - if o.AdminAPITenantAddPoolHandler == nil { - unregistered = append(unregistered, "admin_api.TenantAddPoolHandler") - } - if o.AdminAPITenantDetailsHandler == nil { - unregistered = append(unregistered, "admin_api.TenantDetailsHandler") - } - if o.AdminAPITenantInfoHandler == nil { - unregistered = append(unregistered, "admin_api.TenantInfoHandler") - } - if o.AdminAPITenantSecurityHandler == nil { - unregistered = append(unregistered, "admin_api.TenantSecurityHandler") - } - if o.AdminAPITenantUpdateCertificateHandler == nil { - unregistered = append(unregistered, "admin_api.TenantUpdateCertificateHandler") - } - if o.AdminAPITenantUpdateEncryptionHandler == nil { - unregistered = append(unregistered, "admin_api.TenantUpdateEncryptionHandler") - } - if o.AdminAPITenantUpdatePoolsHandler == nil { - unregistered = append(unregistered, "admin_api.TenantUpdatePoolsHandler") - } - if o.AdminAPITenantWidgetDetailsHandler == nil { - unregistered = append(unregistered, "admin_api.TenantWidgetDetailsHandler") - } if o.AdminAPITiersListHandler == nil { unregistered = append(unregistered, "admin_api.TiersListHandler") } @@ -1188,12 +945,6 @@ func (o *ConsoleAPI) Validate() error { if o.AdminAPIUpdateGroupHandler == nil { unregistered = append(unregistered, "admin_api.UpdateGroupHandler") } - if o.AdminAPIUpdateTenantHandler == nil { - unregistered = append(unregistered, "admin_api.UpdateTenantHandler") - } - if o.AdminAPIUpdateTenantSecurityHandler == nil { - unregistered = append(unregistered, "admin_api.UpdateTenantSecurityHandler") - } if o.AdminAPIUpdateUserGroupsHandler == nil { unregistered = append(unregistered, "admin_api.UpdateUserGroupsHandler") } @@ -1369,15 +1120,7 @@ func (o *ConsoleAPI) initHandlerCache() { if o.handlers["POST"] == nil { o.handlers["POST"] = make(map[string]http.Handler) } - o.handlers["POST"]["/namespace"] = admin_api.NewCreateNamespace(o.context, o.AdminAPICreateNamespaceHandler) - if o.handlers["POST"] == nil { - o.handlers["POST"] = make(map[string]http.Handler) - } o.handlers["POST"]["/service-accounts"] = user_api.NewCreateServiceAccount(o.context, o.UserAPICreateServiceAccountHandler) - if o.handlers["POST"] == nil { - o.handlers["POST"] = make(map[string]http.Handler) - } - o.handlers["POST"]["/tenants"] = admin_api.NewCreateTenant(o.context, o.AdminAPICreateTenantHandler) if o.handlers["GET"] == nil { o.handlers["GET"] = make(map[string]http.Handler) } @@ -1405,23 +1148,11 @@ func (o *ConsoleAPI) initHandlerCache() { if o.handlers["DELETE"] == nil { o.handlers["DELETE"] = make(map[string]http.Handler) } - o.handlers["DELETE"]["/namespaces/{namespace}/tenants/{tenant}/pods/{podName}"] = admin_api.NewDeletePod(o.context, o.AdminAPIDeletePodHandler) - if o.handlers["DELETE"] == nil { - o.handlers["DELETE"] = make(map[string]http.Handler) - } o.handlers["DELETE"]["/remote-buckets/{source-bucket-name}/{arn}"] = user_api.NewDeleteRemoteBucket(o.context, o.UserAPIDeleteRemoteBucketHandler) if o.handlers["DELETE"] == nil { o.handlers["DELETE"] = make(map[string]http.Handler) } o.handlers["DELETE"]["/service-accounts/{access_key}"] = user_api.NewDeleteServiceAccount(o.context, o.UserAPIDeleteServiceAccountHandler) - if o.handlers["DELETE"] == nil { - o.handlers["DELETE"] = make(map[string]http.Handler) - } - o.handlers["DELETE"]["/namespaces/{namespace}/tenants/{tenant}"] = admin_api.NewDeleteTenant(o.context, o.AdminAPIDeleteTenantHandler) - if o.handlers["POST"] == nil { - o.handlers["POST"] = make(map[string]http.Handler) - } - o.handlers["POST"]["/direct-csi/drives/format"] = admin_api.NewDirectCSIFormatDrive(o.context, o.AdminAPIDirectCSIFormatDriveHandler) if o.handlers["POST"] == nil { o.handlers["POST"] = make(map[string]http.Handler) } @@ -1473,46 +1204,6 @@ func (o *ConsoleAPI) initHandlerCache() { if o.handlers["GET"] == nil { o.handlers["GET"] = make(map[string]http.Handler) } - o.handlers["GET"]["/direct-csi/drives"] = admin_api.NewGetDirectCSIDriveList(o.context, o.AdminAPIGetDirectCSIDriveListHandler) - if o.handlers["GET"] == nil { - o.handlers["GET"] = make(map[string]http.Handler) - } - o.handlers["GET"]["/direct-csi/volumes"] = admin_api.NewGetDirectCSIVolumeList(o.context, o.AdminAPIGetDirectCSIVolumeListHandler) - if o.handlers["GET"] == nil { - o.handlers["GET"] = make(map[string]http.Handler) - } - o.handlers["GET"]["/cluster/max-allocatable-memory"] = admin_api.NewGetMaxAllocatableMem(o.context, o.AdminAPIGetMaxAllocatableMemHandler) - if o.handlers["GET"] == nil { - o.handlers["GET"] = make(map[string]http.Handler) - } - o.handlers["GET"]["/get-parity/{nodes}/{disksPerNode}"] = admin_api.NewGetParity(o.context, o.AdminAPIGetParityHandler) - if o.handlers["GET"] == nil { - o.handlers["GET"] = make(map[string]http.Handler) - } - o.handlers["GET"]["/namespaces/{namespace}/tenants/{tenant}/pods/{podName}/events"] = admin_api.NewGetPodEvents(o.context, o.AdminAPIGetPodEventsHandler) - if o.handlers["GET"] == nil { - o.handlers["GET"] = make(map[string]http.Handler) - } - o.handlers["GET"]["/namespaces/{namespace}/tenants/{tenant}/pods/{podName}"] = admin_api.NewGetPodLogs(o.context, o.AdminAPIGetPodLogsHandler) - if o.handlers["GET"] == nil { - o.handlers["GET"] = make(map[string]http.Handler) - } - o.handlers["GET"]["/namespaces/{namespace}/resourcequotas/{resource-quota-name}"] = admin_api.NewGetResourceQuota(o.context, o.AdminAPIGetResourceQuotaHandler) - if o.handlers["GET"] == nil { - o.handlers["GET"] = make(map[string]http.Handler) - } - o.handlers["GET"]["/namespaces/{namespace}/tenants/{tenant}/pods"] = admin_api.NewGetTenantPods(o.context, o.AdminAPIGetTenantPodsHandler) - if o.handlers["GET"] == nil { - o.handlers["GET"] = make(map[string]http.Handler) - } - o.handlers["GET"]["/namespaces/{namespace}/tenants/{tenant}/usage"] = admin_api.NewGetTenantUsage(o.context, o.AdminAPIGetTenantUsageHandler) - if o.handlers["GET"] == nil { - o.handlers["GET"] = make(map[string]http.Handler) - } - o.handlers["GET"]["/namespaces/{namespace}/tenants/{tenant}/yaml"] = admin_api.NewGetTenantYAML(o.context, o.AdminAPIGetTenantYAMLHandler) - if o.handlers["GET"] == nil { - o.handlers["GET"] = make(map[string]http.Handler) - } o.handlers["GET"]["/admin/tiers/{type}/{name}"] = admin_api.NewGetTier(o.context, o.AdminAPIGetTierHandler) if o.handlers["GET"] == nil { o.handlers["GET"] = make(map[string]http.Handler) @@ -1533,10 +1224,6 @@ func (o *ConsoleAPI) initHandlerCache() { if o.handlers["GET"] == nil { o.handlers["GET"] = make(map[string]http.Handler) } - o.handlers["GET"]["/tenants"] = admin_api.NewListAllTenants(o.context, o.AdminAPIListAllTenantsHandler) - if o.handlers["GET"] == nil { - o.handlers["GET"] = make(map[string]http.Handler) - } o.handlers["GET"]["/buckets/{bucket_name}/events"] = user_api.NewListBucketEvents(o.context, o.UserAPIListBucketEventsHandler) if o.handlers["GET"] == nil { o.handlers["GET"] = make(map[string]http.Handler) @@ -1561,18 +1248,10 @@ func (o *ConsoleAPI) initHandlerCache() { if o.handlers["GET"] == nil { o.handlers["GET"] = make(map[string]http.Handler) } - o.handlers["GET"]["/nodes/labels"] = operator_api.NewListNodeLabels(o.context, o.OperatorAPIListNodeLabelsHandler) - if o.handlers["GET"] == nil { - o.handlers["GET"] = make(map[string]http.Handler) - } o.handlers["GET"]["/buckets/{bucket_name}/objects"] = user_api.NewListObjects(o.context, o.UserAPIListObjectsHandler) if o.handlers["GET"] == nil { o.handlers["GET"] = make(map[string]http.Handler) } - o.handlers["GET"]["/list-pvcs"] = admin_api.NewListPVCs(o.context, o.AdminAPIListPVCsHandler) - if o.handlers["GET"] == nil { - o.handlers["GET"] = make(map[string]http.Handler) - } o.handlers["GET"]["/policies"] = admin_api.NewListPolicies(o.context, o.AdminAPIListPoliciesHandler) if o.handlers["GET"] == nil { o.handlers["GET"] = make(map[string]http.Handler) @@ -1585,10 +1264,6 @@ func (o *ConsoleAPI) initHandlerCache() { if o.handlers["GET"] == nil { o.handlers["GET"] = make(map[string]http.Handler) } - o.handlers["GET"]["/namespaces/{namespace}/tenants"] = admin_api.NewListTenants(o.context, o.AdminAPIListTenantsHandler) - if o.handlers["GET"] == nil { - o.handlers["GET"] = make(map[string]http.Handler) - } o.handlers["GET"]["/service-accounts"] = user_api.NewListUserServiceAccounts(o.context, o.UserAPIListUserServiceAccountsHandler) if o.handlers["GET"] == nil { o.handlers["GET"] = make(map[string]http.Handler) @@ -1662,10 +1337,6 @@ func (o *ConsoleAPI) initHandlerCache() { o.handlers["PUT"] = make(map[string]http.Handler) } o.handlers["PUT"]["/buckets/{bucket_name}/objects/tags"] = user_api.NewPutObjectTags(o.context, o.UserAPIPutObjectTagsHandler) - if o.handlers["PUT"] == nil { - o.handlers["PUT"] = make(map[string]http.Handler) - } - o.handlers["PUT"]["/namespaces/{namespace}/tenants/{tenant}/yaml"] = admin_api.NewPutTenantYAML(o.context, o.AdminAPIPutTenantYAMLHandler) if o.handlers["GET"] == nil { o.handlers["GET"] = make(map[string]http.Handler) } @@ -1722,10 +1393,6 @@ func (o *ConsoleAPI) initHandlerCache() { o.handlers["GET"] = make(map[string]http.Handler) } o.handlers["GET"]["/buckets/{bucket_name}/objects/share"] = user_api.NewShareObject(o.context, o.UserAPIShareObjectHandler) - if o.handlers["POST"] == nil { - o.handlers["POST"] = make(map[string]http.Handler) - } - o.handlers["POST"]["/subscription/namespaces/{namespace}/tenants/{tenant}/activate"] = admin_api.NewSubscriptionActivate(o.context, o.AdminAPISubscriptionActivateHandler) if o.handlers["GET"] == nil { o.handlers["GET"] = make(map[string]http.Handler) } @@ -1738,38 +1405,6 @@ func (o *ConsoleAPI) initHandlerCache() { o.handlers["POST"] = make(map[string]http.Handler) } o.handlers["POST"]["/subscription/validate"] = admin_api.NewSubscriptionValidate(o.context, o.AdminAPISubscriptionValidateHandler) - if o.handlers["POST"] == nil { - o.handlers["POST"] = make(map[string]http.Handler) - } - o.handlers["POST"]["/namespaces/{namespace}/tenants/{tenant}/pools"] = admin_api.NewTenantAddPool(o.context, o.AdminAPITenantAddPoolHandler) - if o.handlers["GET"] == nil { - o.handlers["GET"] = make(map[string]http.Handler) - } - o.handlers["GET"]["/namespaces/{namespace}/tenants/{tenant}"] = admin_api.NewTenantDetails(o.context, o.AdminAPITenantDetailsHandler) - if o.handlers["GET"] == nil { - o.handlers["GET"] = make(map[string]http.Handler) - } - o.handlers["GET"]["/namespaces/{namespace}/tenants/{tenant}/info"] = admin_api.NewTenantInfo(o.context, o.AdminAPITenantInfoHandler) - if o.handlers["GET"] == nil { - o.handlers["GET"] = make(map[string]http.Handler) - } - o.handlers["GET"]["/namespaces/{namespace}/tenants/{tenant}/security"] = admin_api.NewTenantSecurity(o.context, o.AdminAPITenantSecurityHandler) - if o.handlers["PUT"] == nil { - o.handlers["PUT"] = make(map[string]http.Handler) - } - o.handlers["PUT"]["/namespaces/{namespace}/tenants/{tenant}/certificates"] = admin_api.NewTenantUpdateCertificate(o.context, o.AdminAPITenantUpdateCertificateHandler) - if o.handlers["PUT"] == nil { - o.handlers["PUT"] = make(map[string]http.Handler) - } - o.handlers["PUT"]["/namespaces/{namespace}/tenants/{tenant}/encryption"] = admin_api.NewTenantUpdateEncryption(o.context, o.AdminAPITenantUpdateEncryptionHandler) - if o.handlers["PUT"] == nil { - o.handlers["PUT"] = make(map[string]http.Handler) - } - o.handlers["PUT"]["/namespaces/{namespace}/tenants/{tenant}/pools"] = admin_api.NewTenantUpdatePools(o.context, o.AdminAPITenantUpdatePoolsHandler) - if o.handlers["GET"] == nil { - o.handlers["GET"] = make(map[string]http.Handler) - } - o.handlers["GET"]["/namespaces/{namespace}/tenants/{tenant}/info/widgets/{widgetId}"] = admin_api.NewTenantWidgetDetails(o.context, o.AdminAPITenantWidgetDetailsHandler) if o.handlers["GET"] == nil { o.handlers["GET"] = make(map[string]http.Handler) } @@ -1785,14 +1420,6 @@ func (o *ConsoleAPI) initHandlerCache() { if o.handlers["PUT"] == nil { o.handlers["PUT"] = make(map[string]http.Handler) } - o.handlers["PUT"]["/namespaces/{namespace}/tenants/{tenant}"] = admin_api.NewUpdateTenant(o.context, o.AdminAPIUpdateTenantHandler) - if o.handlers["POST"] == nil { - o.handlers["POST"] = make(map[string]http.Handler) - } - o.handlers["POST"]["/namespaces/{namespace}/tenants/{tenant}/security"] = admin_api.NewUpdateTenantSecurity(o.context, o.AdminAPIUpdateTenantSecurityHandler) - if o.handlers["PUT"] == nil { - o.handlers["PUT"] = make(map[string]http.Handler) - } o.handlers["PUT"]["/users/{name}/groups"] = admin_api.NewUpdateUserGroups(o.context, o.AdminAPIUpdateUserGroupsHandler) if o.handlers["PUT"] == nil { o.handlers["PUT"] = make(map[string]http.Handler) diff --git a/restapi/operator_info.go b/restapi/operator_info.go deleted file mode 100644 index e58f42c4b..000000000 --- a/restapi/operator_info.go +++ /dev/null @@ -1,138 +0,0 @@ -// This file is part of MinIO Console Server -// Copyright (c) 2021 MinIO, Inc. -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU Affero General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU Affero General Public License for more details. -// -// You should have received a copy of the GNU Affero General Public License -// along with this program. If not, see . - -package restapi - -import ( - "fmt" - - "github.com/go-openapi/runtime/middleware" - "github.com/minio/console/cluster" - "github.com/minio/console/models" - "github.com/minio/console/restapi/operations" - "github.com/minio/console/restapi/operations/admin_api" - miniov2 "github.com/minio/operator/pkg/apis/minio.min.io/v2" -) - -func registerOperatorTenantInfoHandlers(api *operations.ConsoleAPI) { - // return usage stats - api.AdminAPITenantInfoHandler = admin_api.TenantInfoHandlerFunc(func(params admin_api.TenantInfoParams, session *models.Principal) middleware.Responder { - infoResp, err := getTenantInfoResponse(session, params) - if err != nil { - return admin_api.NewTenantInfoDefault(int(err.Code)).WithPayload(err) - } - return admin_api.NewTenantInfoOK().WithPayload(infoResp) - }) - // return single widget results - api.AdminAPITenantWidgetDetailsHandler = admin_api.TenantWidgetDetailsHandlerFunc(func(params admin_api.TenantWidgetDetailsParams, session *models.Principal) middleware.Responder { - infoResp, err := getTenantWidgetResponse(session, params) - if err != nil { - return admin_api.NewDashboardWidgetDetailsDefault(int(err.Code)).WithPayload(err) - } - return admin_api.NewDashboardWidgetDetailsOK().WithPayload(infoResp) - }) -} - -func getTenantInfoResponse(session *models.Principal, params admin_api.TenantInfoParams) (*models.AdminInfoResponse, *models.Error) { - opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken) - if err != nil { - return nil, prepareError(err, errorUnableToGetTenantUsage) - } - clientSet, err := cluster.K8sClient(session.STSSessionToken) - if err != nil { - return nil, prepareError(err, errorUnableToGetTenantUsage) - } - - opClient := &operatorClient{ - client: opClientClientSet, - } - k8sClient := &k8sClient{ - client: clientSet, - } - - tenant, err := getTenant(params.HTTPRequest.Context(), opClient, params.Namespace, params.Tenant) - if err != nil { - return nil, prepareError(err, errorUnableToGetTenantUsage) - } - tenant.EnsureDefaults() - - svcURL := GetTenantServiceURL(tenant) - // getTenantAdminClient will use all certificates under ~/.console/certs/CAs to trust the TLS connections with MinIO tenants - mAdmin, err := getTenantAdminClient( - params.HTTPRequest.Context(), - k8sClient, - tenant, - svcURL, - ) - if err != nil { - return nil, prepareError(err, errorUnableToGetTenantUsage) - } - - prometheusURL := getPrometheusURLForTenant(tenant) - - sessionResp, err2 := getUsageWidgetsForDeployment(prometheusURL, mAdmin) - if err2 != nil { - return nil, err2 - } - - return sessionResp, nil -} - -func getTenantWidgetResponse(session *models.Principal, params admin_api.TenantWidgetDetailsParams) (*models.WidgetDetails, *models.Error) { - - opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken) - if err != nil { - return nil, prepareError(err, errorUnableToGetTenantUsage) - } - - opClient := &operatorClient{ - client: opClientClientSet, - } - - tenant, err := getTenant(params.HTTPRequest.Context(), opClient, params.Namespace, params.Tenant) - if err != nil { - return nil, prepareError(err, errorUnableToGetTenantUsage) - } - tenant.EnsureDefaults() - - prometheusURL := getPrometheusURLForTenant(tenant) - prometheusJobID := getPrometheusJobID() - // check for special values - if tenant.HasConsoleEnabled() { - for _, env := range tenant.Spec.Console.Env { - if env.Name == "CONSOLE_PROMETHEUS_JOB_ID" { - prometheusJobID = env.Value - } - } - - } - - return getWidgetDetails(prometheusURL, prometheusJobID, params.WidgetID, params.Step, params.Start, params.End) -} - -func getPrometheusURLForTenant(tenant *miniov2.Tenant) string { - prometheusURL := fmt.Sprintf("http://%s.%s:%d", tenant.PrometheusHLServiceName(), tenant.Namespace, miniov2.PrometheusAPIPort) - // check for special values - if tenant.HasConsoleEnabled() { - for _, env := range tenant.Spec.Console.Env { - if env.Name == "CONSOLE_PROMETHEUS_URL" { - prometheusURL = env.Value - } - } - - } - return prometheusURL -} diff --git a/restapi/user_account.go b/restapi/user_account.go index de157ef72..2ec5f8243 100644 --- a/restapi/user_account.go +++ b/restapi/user_account.go @@ -68,32 +68,32 @@ func getChangePasswordResponse(session *models.Principal, params user_api.Accoun // changePassword operations requires an AdminClient initialized with parent account credentials not // STS credentials - parentAccountClient, err := newAdminClient(&models.Principal{ + parentAccountClient, err := NewMinioAdminClient(&models.Principal{ STSAccessKeyID: session.AccountAccessKey, STSSecretAccessKey: *params.Body.CurrentSecretKey, }) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // parentAccountClient will contain access and secret key credentials for the user - userClient := adminClient{client: parentAccountClient} + userClient := AdminClient{Client: parentAccountClient} accessKey := session.AccountAccessKey newSecretKey := *params.Body.NewSecretKey // currentSecretKey will compare currentSecretKey against the stored secret key inside the encrypted session if err := changePassword(ctx, userClient, session, newSecretKey); err != nil { - return nil, prepareError(errChangePassword, nil, err) + return nil, PrepareError(errChangePassword, nil, err) } // user credentials are updated at this point, we need to generate a new admin client and authenticate using // the new credentials credentials, err := getConsoleCredentials(ctx, accessKey, newSecretKey) if err != nil { - return nil, prepareError(errInvalidCredentials, nil, err) + return nil, PrepareError(errInvalidCredentials, nil, err) } // authenticate user and generate new session token sessionID, err := login(credentials) if err != nil { - return nil, prepareError(errInvalidCredentials, nil, err) + return nil, PrepareError(errInvalidCredentials, nil, err) } // serialize output loginResponse := &models.LoginResponse{ @@ -106,17 +106,17 @@ func getUserHasPermissionsResponse(session *models.Principal, params user_api.Ha ctx, cancel := context.WithTimeout(context.Background(), time.Second*20) defer cancel() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a minioClient interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} userPolicy, err := getAccountPolicy(ctx, adminClient) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } var perms []*models.PermissionAction diff --git a/restapi/user_bucket_quota.go b/restapi/user_bucket_quota.go index 463656301..8f3a22407 100644 --- a/restapi/user_bucket_quota.go +++ b/restapi/user_bucket_quota.go @@ -52,13 +52,13 @@ func registerBucketQuotaHandlers(api *operations.ConsoleAPI) { } func setBucketQuotaResponse(session *models.Principal, params user_api.SetBucketQuotaParams) *models.Error { - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return prepareError(err) + return PrepareError(err) } // create a minioClient interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} if err := setBucketQuota(params.HTTPRequest.Context(), &adminClient, ¶ms.Name, params.Body); err != nil { return &models.Error{ @@ -69,7 +69,7 @@ func setBucketQuotaResponse(session *models.Principal, params user_api.SetBucket return nil } -func setBucketQuota(ctx context.Context, ac *adminClient, bucket *string, bucketQuota *models.SetBucketQuota) error { +func setBucketQuota(ctx context.Context, ac *AdminClient, bucket *string, bucketQuota *models.SetBucketQuota) error { if bucketQuota == nil { return errors.New("nil bucket quota was provided") } @@ -88,7 +88,7 @@ func setBucketQuota(ctx context.Context, ac *adminClient, bucket *string, bucket return err } } else { - if err := ac.client.SetBucketQuota(ctx, *bucket, &madmin.BucketQuota{}); err != nil { + if err := ac.Client.SetBucketQuota(ctx, *bucket, &madmin.BucketQuota{}); err != nil { return err } } @@ -96,13 +96,13 @@ func setBucketQuota(ctx context.Context, ac *adminClient, bucket *string, bucket } func getBucketQuotaResponse(session *models.Principal, params user_api.GetBucketQuotaParams) (*models.BucketQuota, *models.Error) { - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a minioClient interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} quota, err := getBucketQuota(params.HTTPRequest.Context(), &adminClient, ¶ms.Name) if err != nil { return nil, &models.Error{ @@ -113,7 +113,7 @@ func getBucketQuotaResponse(session *models.Principal, params user_api.GetBucket return quota, nil } -func getBucketQuota(ctx context.Context, ac *adminClient, bucket *string) (*models.BucketQuota, error) { +func getBucketQuota(ctx context.Context, ac *AdminClient, bucket *string) (*models.BucketQuota, error) { quota, err := ac.getBucketQuota(ctx, *bucket) if err != nil { diff --git a/restapi/user_buckets.go b/restapi/user_buckets.go index 5905df52c..6f9fdf7b1 100644 --- a/restapi/user_buckets.go +++ b/restapi/user_buckets.go @@ -180,7 +180,7 @@ func doSetVersioning(client MCClient, state VersionState) error { func setBucketVersioningResponse(session *models.Principal, bucketName string, params *user_api.SetBucketVersioningParams) *models.Error { s3Client, err := newS3BucketClient(session, bucketName, "") if err != nil { - return prepareError(err) + return PrepareError(err) } // create a mc S3Client interface implementation // defining the client to be used @@ -193,7 +193,7 @@ func setBucketVersioningResponse(session *models.Principal, bucketName string, p } if err := doSetVersioning(amcClient, versioningState); err != nil { - return prepareError(err) + return PrepareError(err) } return nil } @@ -276,7 +276,7 @@ func getBucketVersionedResponse(session *models.Principal, bucketName string) (* // getAccountInfo fetches a list of all buckets allowed to that particular client from MinIO Servers func getAccountInfo(ctx context.Context, client MinioAdmin) ([]*models.Bucket, error) { - info, err := client.accountInfo(ctx) + info, err := client.AccountInfo(ctx) if err != nil { return []*models.Bucket{}, err } @@ -294,16 +294,16 @@ func getListBucketsResponse(session *models.Principal) (*models.ListBucketsRespo ctx, cancel := context.WithTimeout(context.Background(), time.Second*20) defer cancel() - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a minioClient interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} buckets, err := getAccountInfo(ctx, adminClient) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // serialize output @@ -326,11 +326,11 @@ func getMakeBucketResponse(session *models.Principal, br *models.MakeBucketReque defer cancel() // bucket request needed to proceed if br == nil { - return prepareError(errBucketBodyNotInRequest) + return PrepareError(errBucketBodyNotInRequest) } mClient, err := newMinioClient(session) if err != nil { - return prepareError(err) + return PrepareError(err) } // create a minioClient interface implementation // defining the client to be used @@ -342,7 +342,7 @@ func getMakeBucketResponse(session *models.Principal, br *models.MakeBucketReque } if err := makeBucket(ctx, minioClient, *br.Name, br.Locking); err != nil { - return prepareError(err) + return PrepareError(err) } // make sure to delete bucket if an error occurs after bucket was created @@ -359,26 +359,26 @@ func getMakeBucketResponse(session *models.Principal, br *models.MakeBucketReque if br.Versioning || br.Retention != nil { s3Client, err := newS3BucketClient(session, *br.Name, "") if err != nil { - return prepareError(err) + return PrepareError(err) } // create a mc S3Client interface implementation // defining the client to be used amcClient := mcClient{client: s3Client} if err = doSetVersioning(amcClient, VersionEnable); err != nil { - return prepareError(err) + return PrepareError(err) } } // if it has support for if br.Quota != nil && br.Quota.Enabled != nil && *br.Quota.Enabled { - mAdmin, err := newAdminClient(session) + mAdmin, err := NewMinioAdminClient(session) if err != nil { - return prepareError(err) + return PrepareError(err) } // create a minioClient interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} // we will tolerate this call failing if err := setBucketQuota(ctx, &adminClient, br.Name, br.Quota); err != nil { LogError("error versioning bucket:", err) @@ -389,7 +389,7 @@ func getMakeBucketResponse(session *models.Principal, br *models.MakeBucketReque if br.Retention != nil { err = setBucketRetentionConfig(ctx, minioClient, *br.Name, *br.Retention.Mode, *br.Retention.Unit, br.Retention.Validity) if err != nil { - return prepareError(err) + return PrepareError(err) } } return nil @@ -431,7 +431,7 @@ func getBucketSetPolicyResponse(session *models.Principal, bucketName string, re mClient, err := newMinioClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a minioClient interface implementation // defining the client to be used @@ -439,12 +439,12 @@ func getBucketSetPolicyResponse(session *models.Principal, bucketName string, re // set bucket access policy if err := setBucketAccessPolicy(ctx, minioClient, bucketName, *req.Access); err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // get updated bucket details and return it bucket, err := getBucketInfo(minioClient, bucketName) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } return bucket, nil } @@ -457,19 +457,19 @@ func removeBucket(client MinioClient, bucketName string) error { // getDeleteBucketResponse performs removeBucket() to delete a bucket func getDeleteBucketResponse(session *models.Principal, params user_api.DeleteBucketParams) *models.Error { if params.Name == "" { - return prepareError(errBucketNameNotInRequest) + return PrepareError(errBucketNameNotInRequest) } bucketName := params.Name mClient, err := newMinioClient(session) if err != nil { - return prepareError(err) + return PrepareError(err) } // create a minioClient interface implementation // defining the client to be used minioClient := minioClient{client: mClient} if err := removeBucket(minioClient, bucketName); err != nil { - return prepareError(err) + return PrepareError(err) } return nil } @@ -507,7 +507,7 @@ func getBucketInfo(client MinioClient, bucketName string) (*models.Bucket, error func getBucketInfoResponse(session *models.Principal, params user_api.BucketInfoParams) (*models.Bucket, *models.Error) { mClient, err := newMinioClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a minioClient interface implementation // defining the client to be used @@ -515,7 +515,7 @@ func getBucketInfoResponse(session *models.Principal, params user_api.BucketInfo bucket, err := getBucketInfo(minioClient, params.Name) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } return bucket, nil @@ -565,13 +565,13 @@ func enableBucketEncryptionResponse(session *models.Principal, params user_api.E defer cancel() mClient, err := newMinioClient(session) if err != nil { - return prepareError(err) + return PrepareError(err) } // create a minioClient interface implementation // defining the client to be used minioClient := minioClient{client: mClient} if err := enableBucketEncryption(ctx, minioClient, params.BucketName, *params.Body.EncType, params.Body.KmsKeyID); err != nil { - return prepareError(err) + return PrepareError(err) } return nil } @@ -587,13 +587,13 @@ func disableBucketEncryptionResponse(session *models.Principal, params user_api. defer cancel() mClient, err := newMinioClient(session) if err != nil { - return prepareError(err) + return PrepareError(err) } // create a minioClient interface implementation // defining the client to be used minioClient := minioClient{client: mClient} if err := disableBucketEncryption(ctx, minioClient, params.BucketName); err != nil { - return prepareError(err) + return PrepareError(err) } return nil } @@ -604,7 +604,7 @@ func getBucketEncryptionInfo(ctx context.Context, client MinioClient, bucketName return nil, err } if len(bucketInfo.Rules) == 0 { - return nil, errorGeneric + return nil, ErrorGeneric } return &models.BucketEncryptionInfo{Algorithm: bucketInfo.Rules[0].Apply.SSEAlgorithm, KmsMasterKeyID: bucketInfo.Rules[0].Apply.KmsMasterKeyID}, nil } @@ -614,14 +614,14 @@ func getBucketEncryptionInfoResponse(session *models.Principal, params user_api. defer cancel() mClient, err := newMinioClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a minioClient interface implementation // defining the client to be used minioClient := minioClient{client: mClient} bucketInfo, err := getBucketEncryptionInfo(ctx, minioClient, params.BucketName) if err != nil { - return nil, prepareError(errSSENotConfigured, err) + return nil, PrepareError(errSSENotConfigured, err) } return bucketInfo, nil } @@ -661,14 +661,14 @@ func getSetBucketRetentionConfigResponse(session *models.Principal, params user_ defer cancel() mClient, err := newMinioClient(session) if err != nil { - return prepareError(err) + return PrepareError(err) } // create a minioClient interface implementation // defining the client to be used minioClient := minioClient{client: mClient} err = setBucketRetentionConfig(ctx, minioClient, params.BucketName, *params.Body.Mode, *params.Body.Unit, params.Body.Validity) if err != nil { - return prepareError(err) + return PrepareError(err) } return nil } @@ -715,7 +715,7 @@ func getBucketRetentionConfigResponse(session *models.Principal, bucketName stri defer cancel() mClient, err := newMinioClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a minioClient interface implementation // defining the client to be used @@ -723,7 +723,7 @@ func getBucketRetentionConfigResponse(session *models.Principal, bucketName stri config, err := getBucketRetentionConfig(ctx, minioClient, bucketName) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } return config, nil } @@ -772,7 +772,7 @@ func getBucketRewindResponse(session *models.Principal, params user_api.GetBucke s3Client, err := newS3BucketClient(session, params.BucketName, prefix) if err != nil { LogError("error creating S3Client: %v", err) - return nil, prepareError(err) + return nil, PrepareError(err) } // create a mc S3Client interface implementation @@ -782,7 +782,7 @@ func getBucketRewindResponse(session *models.Principal, params user_api.GetBucke parsedDate, errDate := time.Parse(time.RFC3339, params.Date) if errDate != nil { - return nil, prepareError(errDate) + return nil, PrepareError(errDate) } var rewindItems []*models.RewindItem diff --git a/restapi/user_buckets_events.go b/restapi/user_buckets_events.go index c25ea6aff..2fd63e5d7 100644 --- a/restapi/user_buckets_events.go +++ b/restapi/user_buckets_events.go @@ -127,7 +127,7 @@ func listBucketEvents(client MinioClient, bucketName string) ([]*models.Notifica func getListBucketEventsResponse(session *models.Principal, params user_api.ListBucketEventsParams) (*models.ListBucketEventsResponse, *models.Error) { mClient, err := newMinioClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a minioClient interface implementation // defining the client to be used @@ -135,7 +135,7 @@ func getListBucketEventsResponse(session *models.Principal, params user_api.List bucketEvents, err := listBucketEvents(minioClient, params.BucketName) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // serialize output listBucketsResponse := &models.ListBucketEventsResponse{ @@ -179,14 +179,14 @@ func getCreateBucketEventsResponse(session *models.Principal, bucketName string, ctx := context.Background() s3Client, err := newS3BucketClient(session, bucketName, "") if err != nil { - return prepareError(err) + return PrepareError(err) } // create a mc S3Client interface implementation // defining the client to be used mcClient := mcClient{client: s3Client} err = createBucketEvent(ctx, mcClient, *eventReq.Configuration.Arn, eventReq.Configuration.Events, eventReq.Configuration.Prefix, eventReq.Configuration.Suffix, eventReq.IgnoreExisting) if err != nil { - return prepareError(err) + return PrepareError(err) } return nil } @@ -214,14 +214,14 @@ func getDeleteBucketEventsResponse(session *models.Principal, bucketName string, ctx := context.Background() s3Client, err := newS3BucketClient(session, bucketName, "") if err != nil { - return prepareError(err) + return PrepareError(err) } // create a mc S3Client interface implementation // defining the client to be used mcClient := mcClient{client: s3Client} err = deleteBucketEventNotification(ctx, mcClient, arn, events, prefix, suffix) if err != nil { - return prepareError(err) + return PrepareError(err) } return nil } diff --git a/restapi/user_buckets_lifecycle.go b/restapi/user_buckets_lifecycle.go index ccc65691b..83f206279 100644 --- a/restapi/user_buckets_lifecycle.go +++ b/restapi/user_buckets_lifecycle.go @@ -98,7 +98,7 @@ func getBucketLifecycleResponse(session *models.Principal, params user_api.GetBu ctx := context.Background() mClient, err := newMinioClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a minioClient interface implementation // defining the client to be used @@ -106,7 +106,7 @@ func getBucketLifecycleResponse(session *models.Principal, params user_api.GetBu bucketEvents, err := getBucketLifecycle(ctx, minioClient, params.BucketName) if err != nil { - return nil, prepareError(errBucketLifeCycleNotConfigured, err) + return nil, PrepareError(errBucketLifeCycleNotConfigured, err) } return bucketEvents, nil } @@ -233,7 +233,7 @@ func getAddBucketLifecycleResponse(session *models.Principal, params user_api.Ad ctx := context.Background() mClient, err := newMinioClient(session) if err != nil { - return prepareError(err) + return PrepareError(err) } // create a minioClient interface implementation // defining the client to be used @@ -241,7 +241,7 @@ func getAddBucketLifecycleResponse(session *models.Principal, params user_api.Ad err = addBucketLifecycle(ctx, minioClient, params) if err != nil { - return prepareError(err) + return PrepareError(err) } return nil diff --git a/restapi/user_buckets_test.go b/restapi/user_buckets_test.go index 680ca0def..4f271a562 100644 --- a/restapi/user_buckets_test.go +++ b/restapi/user_buckets_test.go @@ -107,7 +107,7 @@ func (c s3ClientMock) setVersioning(ctx context.Context, state string) *probe.Er var minioAccountInfoMock func(ctx context.Context) (madmin.AccountInfo, error) // mock function of dataUsageInfo() needed for list bucket's usage -func (ac adminClientMock) accountInfo(ctx context.Context) (madmin.AccountInfo, error) { +func (ac adminClientMock) AccountInfo(ctx context.Context) (madmin.AccountInfo, error) { return minioAccountInfoMock(ctx) } @@ -441,7 +441,7 @@ func Test_disableBucketEncryption(t *testing.T) { client: minClient, bucketName: "test", mockBucketDisableFunc: func(ctx context.Context, bucketName string) error { - return errorGeneric + return ErrorGeneric }, }, wantErr: true, diff --git a/restapi/user_log_search.go b/restapi/user_log_search.go index ffad69a12..275467f2d 100644 --- a/restapi/user_log_search.go +++ b/restapi/user_log_search.go @@ -66,13 +66,13 @@ func getLogSearchResponse(params user_api.LogSearchParams) (*models.LogSearchRes func logSearch(endpoint string) (*models.LogSearchResponse, *models.Error) { resp, err := http.Get(endpoint) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } body, err := ioutil.ReadAll(resp.Body) resp.Body.Close() if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } if resp.StatusCode != 200 { @@ -84,7 +84,7 @@ func logSearch(endpoint string) (*models.LogSearchResponse, *models.Error) { var results []logsearchServer.ReqInfoRow if err = json.Unmarshal(body, &results); err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } response := models.LogSearchResponse{ diff --git a/restapi/user_login.go b/restapi/user_login.go index 97100ce7f..eae68e69e 100644 --- a/restapi/user_login.go +++ b/restapi/user_login.go @@ -84,7 +84,7 @@ func registerLoginHandlers(api *operations.ConsoleAPI) { }) } -// login performs a check of consoleCredentials against MinIO, generates some claims and returns the jwt +// login performs a check of ConsoleCredentials against MinIO, generates some claims and returns the jwt // for subsequent authentication func login(credentials ConsoleCredentialsI) (*string, error) { // try to obtain consoleCredentials, @@ -105,31 +105,31 @@ func login(credentials ConsoleCredentialsI) (*string, error) { func getAccountPolicy(ctx context.Context, client MinioAdmin) (*iampolicy.Policy, error) { // Obtain the current policy assigned to this user // necessary for generating the list of allowed endpoints - accountInfo, err := client.accountInfo(ctx) + accountInfo, err := client.AccountInfo(ctx) if err != nil { return nil, err } return iampolicy.ParseConfig(bytes.NewReader(accountInfo.Policy)) } -// getConsoleCredentials will return consoleCredentials interface including the associated policy of the current account -func getConsoleCredentials(ctx context.Context, accessKey, secretKey string) (*consoleCredentials, error) { - creds, err := newConsoleCredentials(accessKey, secretKey, getMinIORegion()) +// getConsoleCredentials will return ConsoleCredentials interface including the associated policy of the current account +func getConsoleCredentials(ctx context.Context, accessKey, secretKey string) (*ConsoleCredentials, error) { + creds, err := NewConsoleCredentials(accessKey, secretKey, GetMinIORegion()) if err != nil { return nil, err } // cCredentials will be sts credentials, account credentials will be need it in the scenario the user wish // to change its password - cCredentials := &consoleCredentials{ - consoleCredentials: creds, - accountAccessKey: accessKey, + cCredentials := &ConsoleCredentials{ + ConsoleCredentials: creds, + AccountAccessKey: accessKey, } tokens, err := cCredentials.Get() if err != nil { return nil, err } // initialize admin client - mAdminClient, err := newAdminClient(&models.Principal{ + mAdminClient, err := NewMinioAdminClient(&models.Principal{ STSAccessKeyID: tokens.AccessKeyID, STSSecretAccessKey: tokens.SecretAccessKey, STSSessionToken: tokens.SessionToken, @@ -137,7 +137,7 @@ func getConsoleCredentials(ctx context.Context, accessKey, secretKey string) (*c if err != nil { return nil, err } - userAdminClient := adminClient{client: mAdminClient} + userAdminClient := AdminClient{Client: mAdminClient} // Obtain the current policy assigned to this user // necessary for generating the list of allowed endpoints policy, err := getAccountPolicy(ctx, userAdminClient) @@ -152,7 +152,7 @@ func getConsoleCredentials(ctx context.Context, accessKey, secretKey string) (*c if policy != nil { actions = acl.GetActionsStringFromPolicy(policy) } - cCredentials.actions = actions + cCredentials.Actions = actions return cCredentials, nil } @@ -163,11 +163,11 @@ func getLoginResponse(lr *models.LoginRequest) (*models.LoginResponse, *models.E // prepare console credentials consolCreds, err := getConsoleCredentials(ctx, *lr.AccessKey, *lr.SecretKey) if err != nil { - return nil, prepareError(errInvalidCredentials, nil, err) + return nil, PrepareError(errInvalidCredentials, nil, err) } sessionID, err := login(consolCreds) if err != nil { - return nil, prepareError(errInvalidCredentials, nil, err) + return nil, PrepareError(errInvalidCredentials, nil, err) } // serialize output loginResponse := &models.LoginResponse{ @@ -188,7 +188,7 @@ func getLoginDetailsResponse() (*models.LoginDetails, *models.Error) { // initialize new oauth2 client oauth2Client, err := oauth2.NewOauth2ProviderClient(ctx, nil, GetConsoleSTSClient()) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // Validate user against IDP identityProvider := &auth.IdentityProvider{Client: oauth2Client} @@ -217,53 +217,38 @@ func verifyUserAgainstIDP(ctx context.Context, provider auth.IdentityProviderI, func getLoginOauth2AuthResponse(lr *models.LoginOauth2AuthRequest) (*models.LoginResponse, *models.Error) { ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second) defer cancel() - if acl.GetOperatorMode() { - creds, err := newConsoleCredentials("", getK8sSAToken(), "") - if err != nil { - return nil, prepareError(err) - } - credentials := consoleCredentials{consoleCredentials: creds, actions: []string{}} - token, err := login(credentials) - if err != nil { - return nil, prepareError(errInvalidCredentials, nil, err) - } - // serialize output - loginResponse := &models.LoginResponse{ - SessionID: *token, - } - return loginResponse, nil - } else if oauth2.IsIdpEnabled() { + if oauth2.IsIdpEnabled() { // initialize new oauth2 client oauth2Client, err := oauth2.NewOauth2ProviderClient(ctx, nil, GetConsoleSTSClient()) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // initialize new identity provider identityProvider := auth.IdentityProvider{Client: oauth2Client} // Validate user against IDP userCredentials, err := verifyUserAgainstIDP(ctx, identityProvider, *lr.Code, *lr.State) if err != nil { - return nil, prepareError(errInvalidCredentials, nil, err) + return nil, PrepareError(errInvalidCredentials, nil, err) } creds, err := userCredentials.Get() if err != nil { - return nil, prepareError(errInvalidCredentials, nil, err) + return nil, PrepareError(errInvalidCredentials, nil, err) } // initialize admin client - mAdminClient, err := newAdminClient(&models.Principal{ + mAdminClient, err := NewMinioAdminClient(&models.Principal{ STSAccessKeyID: creds.AccessKeyID, STSSecretAccessKey: creds.SecretAccessKey, STSSessionToken: creds.SessionToken, }) if err != nil { - return nil, prepareError(errInvalidCredentials, nil, err) + return nil, PrepareError(errInvalidCredentials, nil, err) } - userAdminClient := adminClient{client: mAdminClient} + userAdminClient := AdminClient{Client: mAdminClient} // Obtain the current policy assigned to this user // necessary for generating the list of allowed endpoints policy, err := getAccountPolicy(ctx, userAdminClient) if err != nil { - return nil, prepareError(errorGeneric, nil, err) + return nil, PrepareError(ErrorGeneric, nil, err) } // by default every user starts with an empty array of available actions // therefore we would have access only to pages that doesn't require any privilege @@ -274,13 +259,13 @@ func getLoginOauth2AuthResponse(lr *models.LoginOauth2AuthRequest) (*models.Logi actions = acl.GetActionsStringFromPolicy(policy) } // login user against console and generate session token - token, err := login(&consoleCredentials{ - consoleCredentials: userCredentials, - accountAccessKey: "", - actions: actions, + token, err := login(&ConsoleCredentials{ + ConsoleCredentials: userCredentials, + AccountAccessKey: "", + Actions: actions, }) if err != nil { - return nil, prepareError(errInvalidCredentials, nil, err) + return nil, PrepareError(errInvalidCredentials, nil, err) } // serialize output loginResponse := &models.LoginResponse{ @@ -288,19 +273,19 @@ func getLoginOauth2AuthResponse(lr *models.LoginOauth2AuthRequest) (*models.Logi } return loginResponse, nil } - return nil, prepareError(errorGeneric) + return nil, PrepareError(ErrorGeneric) } // getLoginOperatorResponse validate the provided service account token against k8s api func getLoginOperatorResponse(lmr *models.LoginOperatorRequest) (*models.LoginResponse, *models.Error) { - creds, err := newConsoleCredentials("", *lmr.Jwt, "") + creds, err := NewConsoleCredentials("", *lmr.Jwt, "") if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } - consoleCreds := consoleCredentials{consoleCredentials: creds, actions: []string{}} + consoleCreds := ConsoleCredentials{ConsoleCredentials: creds, Actions: []string{}} token, err := login(consoleCreds) if err != nil { - return nil, prepareError(errInvalidCredentials, nil, err) + return nil, PrepareError(errInvalidCredentials, nil, err) } // serialize output loginResponse := &models.LoginResponse{ diff --git a/restapi/user_logout.go b/restapi/user_logout.go index b212a7e83..b78566fc1 100644 --- a/restapi/user_logout.go +++ b/restapi/user_logout.go @@ -41,7 +41,7 @@ func registerLogoutHandlers(api *operations.ConsoleAPI) { }) } -// logout() call Expire() on the provided consoleCredentials +// logout() call Expire() on the provided ConsoleCredentials func logout(credentials ConsoleCredentialsI) { credentials.Expire() } @@ -49,6 +49,6 @@ func logout(credentials ConsoleCredentialsI) { // getLogoutResponse performs logout() and returns nil or error func getLogoutResponse(session *models.Principal) { creds := getConsoleCredentialsFromSession(session) - credentials := consoleCredentials{consoleCredentials: creds} + credentials := ConsoleCredentials{ConsoleCredentials: creds} logout(credentials) } diff --git a/restapi/user_objects.go b/restapi/user_objects.go index 8c59fbe39..19ec37861 100644 --- a/restapi/user_objects.go +++ b/restapi/user_objects.go @@ -149,11 +149,11 @@ func getListObjectsResponse(session *models.Principal, params user_api.ListObjec } // bucket request needed to proceed if params.BucketName == "" { - return nil, prepareError(errBucketNameNotInRequest) + return nil, PrepareError(errBucketNameNotInRequest) } mClient, err := newMinioClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a minioClient interface implementation // defining the client to be used @@ -161,7 +161,7 @@ func getListObjectsResponse(session *models.Principal, params user_api.ListObjec objs, err := listBucketObjects(params.HTTPRequest.Context(), minioClient, params.BucketName, prefix, recursive, withVersions) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } resp := &models.ListObjectsResponse{ @@ -232,14 +232,14 @@ func getDownloadObjectResponse(session *models.Principal, params user_api.Downlo ctx := context.Background() s3Client, err := newS3BucketClient(session, params.BucketName, params.Prefix) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a mc S3Client interface implementation // defining the client to be used mcClient := mcClient{client: s3Client} object, err := downloadObject(ctx, mcClient, params.VersionID) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } return object, nil } @@ -263,7 +263,7 @@ func getDeleteObjectResponse(session *models.Principal, params user_api.DeleteOb ctx := context.Background() s3Client, err := newS3BucketClient(session, params.BucketName, params.Path) if err != nil { - return prepareError(err) + return PrepareError(err) } // create a mc S3Client interface implementation // defining the client to be used @@ -278,7 +278,7 @@ func getDeleteObjectResponse(session *models.Principal, params user_api.DeleteOb } err = deleteObjects(ctx, mcClient, params.BucketName, params.Path, version, rec) if err != nil { - return prepareError(err) + return PrepareError(err) } return nil } @@ -386,13 +386,13 @@ func getUploadObjectResponse(session *models.Principal, params user_api.PostBuck ctx := context.Background() mClient, err := newMinioClient(session) if err != nil { - return prepareError(err) + return PrepareError(err) } // create a minioClient interface implementation // defining the client to be used minioClient := minioClient{client: mClient} if err := uploadFiles(ctx, minioClient, params); err != nil { - prepareError(err, errorGeneric) + PrepareError(err, ErrorGeneric) } return nil } @@ -481,7 +481,7 @@ func getShareObjectResponse(session *models.Principal, params user_api.ShareObje ctx := context.Background() s3Client, err := newS3BucketClient(session, params.BucketName, params.Prefix) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a mc S3Client interface implementation // defining the client to be used @@ -492,7 +492,7 @@ func getShareObjectResponse(session *models.Principal, params user_api.ShareObje } url, err := getShareObjectURL(ctx, mcClient, params.VersionID, expireDuration) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } return url, nil } @@ -519,14 +519,14 @@ func getSetObjectLegalHoldResponse(session *models.Principal, params user_api.Pu defer cancel() mClient, err := newMinioClient(session) if err != nil { - return prepareError(err) + return PrepareError(err) } // create a minioClient interface implementation // defining the client to be used minioClient := minioClient{client: mClient} err = setObjectLegalHold(ctx, minioClient, params.BucketName, params.Prefix, params.VersionID, *params.Body.Status) if err != nil { - return prepareError(err) + return PrepareError(err) } return nil } @@ -546,14 +546,14 @@ func getSetObjectRetentionResponse(session *models.Principal, params user_api.Pu defer cancel() mClient, err := newMinioClient(session) if err != nil { - return prepareError(err) + return PrepareError(err) } // create a minioClient interface implementation // defining the client to be used minioClient := minioClient{client: mClient} err = setObjectRetention(ctx, minioClient, params.BucketName, params.VersionID, params.Prefix, params.Body) if err != nil { - return prepareError(err) + return PrepareError(err) } return nil } @@ -590,14 +590,14 @@ func deleteObjectRetentionResponse(session *models.Principal, params user_api.De defer cancel() mClient, err := newMinioClient(session) if err != nil { - return prepareError(err) + return PrepareError(err) } // create a minioClient interface implementation // defining the client to be used minioClient := minioClient{client: mClient} err = deleteObjectRetention(ctx, minioClient, params.BucketName, params.Prefix, params.VersionID) if err != nil { - return prepareError(err) + return PrepareError(err) } return nil } @@ -616,14 +616,14 @@ func getPutObjectTagsResponse(session *models.Principal, params user_api.PutObje defer cancel() mClient, err := newMinioClient(session) if err != nil { - return prepareError(err) + return PrepareError(err) } // create a minioClient interface implementation // defining the client to be used minioClient := minioClient{client: mClient} err = putObjectTags(ctx, minioClient, params.BucketName, params.Prefix, params.VersionID, params.Body.Tags) if err != nil { - return prepareError(err) + return PrepareError(err) } return nil } diff --git a/restapi/user_service_accounts.go b/restapi/user_service_accounts.go index e114b5f7d..241a21109 100644 --- a/restapi/user_service_accounts.go +++ b/restapi/user_service_accounts.go @@ -95,17 +95,17 @@ func getCreateServiceAccountResponse(session *models.Principal, serviceAccount * ctx, cancel := context.WithTimeout(context.Background(), time.Second*20) defer cancel() - userAdmin, err := newAdminClient(session) + userAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a MinIO user Admin Client interface implementation // defining the client to be used - userAdminClient := adminClient{client: userAdmin} + userAdminClient := AdminClient{Client: userAdmin} saCreds, err := createServiceAccount(ctx, userAdminClient, serviceAccount.Policy) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } return saCreds, nil } @@ -129,17 +129,17 @@ func getUserServiceAccountsResponse(session *models.Principal, user string) (mod ctx, cancel := context.WithTimeout(context.Background(), time.Second*20) defer cancel() - userAdmin, err := newAdminClient(session) + userAdmin, err := NewMinioAdminClient(session) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } // create a MinIO user Admin Client interface implementation // defining the client to be used - userAdminClient := adminClient{client: userAdmin} + userAdminClient := AdminClient{Client: userAdmin} serviceAccounts, err := getUserServiceAccounts(ctx, userAdminClient, user) if err != nil { - return nil, prepareError(err) + return nil, PrepareError(err) } return serviceAccounts, nil } @@ -154,16 +154,16 @@ func getDeleteServiceAccountResponse(session *models.Principal, accessKey string ctx, cancel := context.WithTimeout(context.Background(), time.Second*20) defer cancel() - userAdmin, err := newAdminClient(session) + userAdmin, err := NewMinioAdminClient(session) if err != nil { - return prepareError(err) + return PrepareError(err) } // create a MinIO user Admin Client interface implementation // defining the client to be used - userAdminClient := adminClient{client: userAdmin} + userAdminClient := AdminClient{Client: userAdmin} if err := deleteServiceAccount(ctx, userAdminClient, accessKey); err != nil { - return prepareError(err) + return PrepareError(err) } return nil } diff --git a/restapi/user_session.go b/restapi/user_session.go index a5a89895f..2e075a952 100644 --- a/restapi/user_session.go +++ b/restapi/user_session.go @@ -39,7 +39,7 @@ func registerSessionHandlers(api *operations.ConsoleAPI) { func getSessionResponse(session *models.Principal) (*models.SessionResponse, *models.Error) { // serialize output if session == nil { - return nil, prepareError(errorGenericInvalidSession) + return nil, PrepareError(errorGenericInvalidSession) } sessionResp := &models.SessionResponse{ Pages: acl.GetAuthorizedEndpoints(session.Actions), diff --git a/restapi/ws_handle.go b/restapi/ws_handle.go index 8d8c2ee6a..c9d33d8c4 100644 --- a/restapi/ws_handle.go +++ b/restapi/ws_handle.go @@ -232,7 +232,7 @@ func newWebSocketAdminClient(conn *websocket.Conn, autClaims *models.Principal) wsConnection := wsConn{conn: conn} // create a minioClient interface implementation // defining the client to be used - adminClient := adminClient{client: mAdmin} + adminClient := AdminClient{Client: mAdmin} // create websocket client and handle request wsAdminClient := &wsAdminClient{conn: wsConnection, client: adminClient} return wsAdminClient, nil @@ -389,7 +389,7 @@ func sendWsCloseMessage(conn WSConn, err error) { return } // else, internal server error - conn.writeMessage(websocket.CloseMessage, websocket.FormatCloseMessage(websocket.CloseInternalServerErr, errorGeneric.Error())) + conn.writeMessage(websocket.CloseMessage, websocket.FormatCloseMessage(websocket.CloseInternalServerErr, ErrorGeneric.Error())) return } // normal closure diff --git a/swagger-console.yml b/swagger-console.yml new file mode 100644 index 000000000..1f3308f84 --- /dev/null +++ b/swagger-console.yml @@ -0,0 +1,3668 @@ +swagger: "2.0" +info: + title: MinIO Console Server + version: 0.1.0 +consumes: + - application/json +produces: + - application/json +schemes: + - http + - ws +basePath: /api/v1 +# We are going to be taking `Authorization: Bearer TOKEN` header for our authentication +securityDefinitions: + key: + type: oauth2 + flow: accessCode + authorizationUrl: http://min.io + tokenUrl: http://min.io +# Apply the key security definition to all APIs +security: + - key: [] +paths: + /login: + get: + summary: Returns login strategy, form or sso. + operationId: LoginDetail + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/loginDetails" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + # Exclude this API from the authentication requirement + security: [] + tags: + - UserAPI + post: + summary: Login to Console + operationId: Login + parameters: + - name: body + in: body + required: true + schema: + $ref: "#/definitions/loginRequest" + responses: + 201: + description: A successful login. + schema: + $ref: "#/definitions/loginResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + # Exclude this API from the authentication requirement + security: [] + tags: + - UserAPI + /login/operator: + post: + summary: Login to Operator Console. + operationId: LoginOperator + parameters: + - name: body + in: body + required: true + schema: + $ref: "#/definitions/loginOperatorRequest" + responses: + 201: + description: A successful login. + schema: + $ref: "#/definitions/loginResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + security: [] + tags: + - UserAPI + + /login/oauth2/auth: + post: + summary: Identity Provider oauth2 callback endpoint. + operationId: LoginOauth2Auth + parameters: + - name: body + in: body + required: true + schema: + $ref: "#/definitions/loginOauth2AuthRequest" + responses: + 201: + description: A successful login. + schema: + $ref: "#/definitions/loginResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + security: [] + tags: + - UserAPI + + /logout: + post: + summary: Logout from Console. + operationId: Logout + responses: + 200: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /session: + get: + summary: Endpoint to check if your session is still valid + operationId: SessionCheck + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/sessionResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /account/change-password: + post: + summary: Change password of currently logged in user. + operationId: AccountChangePassword + parameters: + - name: body + in: body + required: true + schema: + $ref: "#/definitions/accountChangePasswordRequest" + responses: + 201: + description: A successful login. + schema: + $ref: "#/definitions/loginResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /account/change-user-password: + post: + summary: Change password of currently logged in user. + operationId: ChangeUserPassword + parameters: + - name: body + in: body + required: true + schema: + $ref: "#/definitions/changeUserPasswordRequest" + responses: + 201: + description: Password successfully changed. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /buckets: + get: + summary: List Buckets + operationId: ListBuckets + parameters: + - name: sort_by + in: query + required: false + type: string + - name: offset + in: query + required: false + type: integer + format: int32 + - name: limit + in: query + required: false + type: integer + format: int32 + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/listBucketsResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + post: + summary: Make bucket + operationId: MakeBucket + parameters: + - name: body + in: body + required: true + schema: + $ref: "#/definitions/makeBucketRequest" + responses: + 201: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /buckets/{name}: + get: + summary: Bucket Info + operationId: BucketInfo + parameters: + - name: name + in: path + required: true + type: string + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/bucket" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + delete: + summary: Delete Bucket + operationId: DeleteBucket + parameters: + - name: name + in: path + required: true + type: string + responses: + 204: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /buckets/{bucket_name}/retention: + get: + summary: Get Bucket's retention config + operationId: GetBucketRetentionConfig + parameters: + - name: bucket_name + in: path + required: true + type: string + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/getBucketRetentionConfig" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + put: + summary: Set Bucket's retention config + operationId: SetBucketRetentionConfig + parameters: + - name: bucket_name + in: path + required: true + type: string + - name: body + in: body + required: true + schema: + $ref: "#/definitions/putBucketRetentionRequest" + responses: + 200: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /buckets/{bucket_name}/objects: + get: + summary: List Objects + operationId: ListObjects + parameters: + - name: bucket_name + in: path + required: true + type: string + - name: prefix + in: query + required: false + type: string + - name: recursive + in: query + required: false + type: boolean + - name: with_versions + in: query + required: false + type: boolean + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/listObjectsResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + delete: + summary: Delete Object + operationId: DeleteObject + parameters: + - name: bucket_name + in: path + required: true + type: string + - name: path + in: query + required: true + type: string + - name: version_id + in: query + required: false + type: string + - name: recursive + in: query + required: false + type: boolean + responses: + 200: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /buckets/{bucket_name}/objects/upload: + post: + summary: Uploads an Object. + consumes: + - multipart/form-data + parameters: + - name: bucket_name + in: path + required: true + type: string + - name: prefix + in: query + type: string + responses: + 200: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /buckets/{bucket_name}/objects/download: + get: + summary: Download Object + operationId: Download Object + produces: + - application/octet-stream + parameters: + - name: bucket_name + in: path + required: true + type: string + - name: prefix + in: query + required: true + type: string + - name: version_id + in: query + required: false + type: string + responses: + 200: + description: A successful response. + schema: + type: file + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /buckets/{bucket_name}/objects/share: + get: + summary: Shares an Object on a url + operationId: ShareObject + parameters: + - name: bucket_name + in: path + required: true + type: string + - name: prefix + in: query + required: true + type: string + - name: version_id + in: query + required: true + type: string + - name: expires + in: query + required: false + type: string + responses: + 200: + description: A successful response. + schema: + type: string + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /buckets/{bucket_name}/objects/legalhold: + put: + summary: Put Object's legalhold status + operationId: PutObjectLegalHold + parameters: + - name: bucket_name + in: path + required: true + type: string + - name: prefix + in: query + required: true + type: string + - name: version_id + in: query + required: true + type: string + - name: body + in: body + required: true + schema: + $ref: "#/definitions/putObjectLegalHoldRequest" + responses: + 200: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /buckets/{bucket_name}/objects/retention: + put: + summary: Put Object's retention status + operationId: PutObjectRetention + parameters: + - name: bucket_name + in: path + required: true + type: string + - name: prefix + in: query + required: true + type: string + - name: version_id + in: query + required: true + type: string + - name: body + in: body + required: true + schema: + $ref: "#/definitions/putObjectRetentionRequest" + responses: + 200: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + delete: + summary: Delete Object retention from an object + operationId: DeleteObjectRetention + parameters: + - name: bucket_name + in: path + required: true + type: string + - name: prefix + in: query + required: true + type: string + - name: version_id + in: query + required: true + type: string + responses: + 200: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /buckets/{bucket_name}/objects/tags: + put: + summary: Put Object's tags + operationId: PutObjectTags + parameters: + - name: bucket_name + in: path + required: true + type: string + - name: prefix + in: query + required: true + type: string + - name: version_id + in: query + required: true + type: string + - name: body + in: body + required: true + schema: + $ref: "#/definitions/putObjectTagsRequest" + responses: + 200: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /buckets/{name}/set-policy: + put: + summary: Bucket Set Policy + operationId: BucketSetPolicy + parameters: + - name: name + in: path + required: true + type: string + - name: body + in: body + required: true + schema: + $ref: "#/definitions/setBucketPolicyRequest" + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/bucket" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /buckets/{name}/quota: + get: + summary: Get Bucket Quota + operationId: GetBucketQuota + parameters: + - name: name + in: path + required: true + type: string + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/bucketQuota" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + put: + summary: Bucket Quota + operationId: SetBucketQuota + parameters: + - name: name + in: path + required: true + type: string + - name: body + in: body + required: true + schema: + $ref: "#/definitions/setBucketQuota" + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/bucket" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /buckets/{bucket_name}/events: + get: + summary: List Bucket Events + operationId: ListBucketEvents + parameters: + - name: bucket_name + in: path + required: true + type: string + - name: offset + in: query + required: false + type: integer + format: int32 + - name: limit + in: query + required: false + type: integer + format: int32 + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/listBucketEventsResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + post: + summary: Create Bucket Event + operationId: CreateBucketEvent + parameters: + - name: bucket_name + in: path + required: true + type: string + - name: body + in: body + required: true + schema: + $ref: "#/definitions/bucketEventRequest" + responses: + 201: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /buckets/{bucket_name}/events/{arn}: + delete: + summary: Delete Bucket Event + operationId: DeleteBucketEvent + parameters: + - name: bucket_name + in: path + required: true + type: string + - name: arn + in: path + required: true + type: string + - name: body + in: body + required: true + schema: + $ref: "#/definitions/notificationDeleteRequest" + responses: + 204: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /list-external-buckets: + post: + summary: Lists an External list of buckets using custom credentials + operationId: ListExternalBuckets + parameters: + - name: body + in: body + required: true + schema: + $ref: "#/definitions/listExternalBucketsParams" + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/listBucketsResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /buckets-replication: + post: + summary: Sets Multi Bucket Replication in multiple Buckets + operationId: SetMultiBucketReplication + parameters: + - name: body + in: body + required: true + schema: + $ref: "#/definitions/multiBucketReplication" + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/multiBucketResponseState" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /buckets/{bucket_name}/replication: + get: + summary: Bucket Replication + operationId: GetBucketReplication + parameters: + - name: bucket_name + in: path + required: true + type: string + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/bucketReplicationResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /buckets/{bucket_name}/replication/{rule_id}: + delete: + summary: Bucket Replication Rule Delete + operationId: DeleteBucketReplicationRule + parameters: + - name: bucket_name + in: path + required: true + type: string + - name: rule_id + in: path + required: true + type: string + responses: + 204: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /buckets/{bucket_name}/versioning: + get: + summary: Bucket Versioning + operationId: GetBucketVersioning + parameters: + - name: bucket_name + in: path + required: true + type: string + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/bucketVersioningResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + put: + summary: Set Bucket Versioning + operationId: SetBucketVersioning + parameters: + - name: bucket_name + in: path + required: true + type: string + - name: body + in: body + required: true + schema: + $ref: "#/definitions/setBucketVersioning" + responses: + 201: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /buckets/{bucket_name}/object-locking: + get: + summary: Returns the status of object locking support on the bucket + operationId: GetBucketObjectLockingStatus + parameters: + - name: bucket_name + in: path + required: true + type: string + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/bucketObLockingResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /buckets/{bucket_name}/encryption/enable: + post: + summary: Enable bucket encryption. + operationId: EnableBucketEncryption + parameters: + - name: bucket_name + in: path + required: true + type: string + - name: body + in: body + required: true + schema: + $ref: "#/definitions/bucketEncryptionRequest" + responses: + 200: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /buckets/{bucket_name}/encryption/disable: + post: + summary: Disable bucket encryption. + operationId: DisableBucketEncryption + parameters: + - name: bucket_name + in: path + required: true + type: string + responses: + 200: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /buckets/{bucket_name}/encryption/info: + get: + summary: Get bucket encryption information. + operationId: GetBucketEncryptionInfo + parameters: + - name: bucket_name + in: path + required: true + type: string + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/bucketEncryptionInfo" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /buckets/{bucket_name}/lifecycle: + get: + summary: Bucket Lifecycle + operationId: GetBucketLifecycle + parameters: + - name: bucket_name + in: path + required: true + type: string + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/bucketLifecycleResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + post: + summary: Add Bucket Lifecycle + operationId: AddBucketLifecycle + parameters: + - name: bucket_name + in: path + required: true + type: string + - name: body + in: body + required: true + schema: + $ref: "#/definitions/addBucketLifecycle" + responses: + 201: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /buckets/{bucket_name}/lifecycle/{lifecycle_id}: + put: + summary: Update Lifecycle rule + operationId: UpdateBucketLifecycle + parameters: + - name: bucket_name + in: path + required: true + type: string + - name: lifecycle_id + in: path + required: true + type: string + - name: body + in: body + required: true + schema: + $ref: "#/definitions/updateBucketLifecycle" + responses: + 200: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /buckets/{bucket_name}/rewind/{date}: + get: + summary: Get objects in a bucket for a rewind date + operationId: GetBucketRewind + parameters: + - name: bucket_name + in: path + required: true + type: string + - name: date + in: path + required: true + type: string + - name: prefix + in: query + required: false + type: string + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/rewindResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /service-accounts: + get: + summary: List User's Service Accounts + operationId: ListUserServiceAccounts + parameters: + - name: offset + in: query + required: false + type: integer + format: int32 + - name: limit + in: query + required: false + type: integer + format: int32 + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/serviceAccounts" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + post: + summary: Create Service Account + operationId: CreateServiceAccount + parameters: + - name: body + in: body + required: true + schema: + $ref: "#/definitions/serviceAccountRequest" + responses: + 201: + description: A successful response. + schema: + $ref: "#/definitions/serviceAccountCreds" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /service-accounts/{access_key}: + delete: + summary: Delete Service Account + operationId: DeleteServiceAccount + parameters: + - name: access_key + in: path + required: true + type: string + responses: + 204: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /has-permission: + post: + summary: Checks whether the user can perform a series of actions + operationId: HasPermissionTo + parameters: + - name: body + in: body + required: true + schema: + $ref: "#/definitions/hasPermissionRequest" + responses: + 201: + description: A successful response. + schema: + $ref: "#/definitions/hasPermissionResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /users: + get: + summary: List Users + operationId: ListUsers + parameters: + - name: offset + in: query + required: false + type: integer + format: int32 + - name: limit + in: query + required: false + type: integer + format: int32 + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/listUsersResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + post: + summary: Add User + operationId: AddUser + parameters: + - name: body + in: body + required: true + schema: + $ref: "#/definitions/addUserRequest" + responses: + 201: + description: A successful response. + schema: + $ref: "#/definitions/user" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /users/{name}: + get: + summary: Get User Info + operationId: GetUserInfo + parameters: + - name: name + in: path + required: true + type: string + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/user" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + put: + summary: Update User Info + operationId: UpdateUserInfo + parameters: + - name: name + in: path + required: true + type: string + - name: body + in: body + required: true + schema: + $ref: "#/definitions/updateUser" + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/user" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + delete: + summary: Remove user + operationId: RemoveUser + parameters: + - name: name + in: path + required: true + type: string + responses: + 204: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /users/{name}/groups: + put: + summary: Update Groups for a user + operationId: UpdateUserGroups + parameters: + - name: name + in: path + required: true + type: string + - name: body + in: body + required: true + schema: + $ref: "#/definitions/updateUserGroups" + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/user" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /users/{name}/service-accounts: + get: + summary: returns a list of service accounts for a user + operationId: ListAUserServiceAccounts + parameters: + - name: name + in: path + required: true + type: string + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/serviceAccounts" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /users-groups-bulk: + put: + summary: Bulk functionality to Add Users to Groups + operationId: BulkUpdateUsersGroups + parameters: + - name: body + in: body + required: true + schema: + $ref: "#/definitions/bulkUserGroups" + responses: + 200: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /groups: + get: + summary: List Groups + operationId: ListGroups + parameters: + - name: offset + in: query + required: false + type: integer + format: int32 + - name: limit + in: query + required: false + type: integer + format: int32 + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/listGroupsResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + post: + summary: Add Group + operationId: AddGroup + parameters: + - name: body + in: body + required: true + schema: + $ref: "#/definitions/addGroupRequest" + responses: + 201: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /groups/{name}: + get: + summary: Group info + operationId: GroupInfo + parameters: + - name: name + in: path + required: true + type: string + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/group" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + delete: + summary: Remove group + operationId: RemoveGroup + parameters: + - name: name + in: path + required: true + type: string + responses: + 204: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + put: + summary: Update Group Members or Status + operationId: UpdateGroup + parameters: + - name: name + in: path + required: true + type: string + - name: body + in: body + required: true + schema: + $ref: "#/definitions/updateGroupRequest" + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/group" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /policies: + get: + summary: List Policies + operationId: ListPolicies + parameters: + - name: offset + in: query + required: false + type: integer + format: int32 + - name: limit + in: query + required: false + type: integer + format: int32 + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/listPoliciesResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + post: + summary: Add Policy + operationId: AddPolicy + parameters: + - name: body + in: body + required: true + schema: + $ref: "#/definitions/addPolicyRequest" + responses: + 201: + description: A successful response. + schema: + $ref: "#/definitions/policy" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /policies/{policy}/users: + get: + summary: List Users for a Policy + operationId: ListUsersForPolicy + parameters: + - name: policy + in: path + required: true + type: string + responses: + 200: + description: A successful response. + schema: + type: array + items: + type: string + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /policies/{policy}/groups: + get: + summary: List Groups for a Policy + operationId: ListGroupsForPolicy + parameters: + - name: policy + in: path + required: true + type: string + responses: + 200: + description: A successful response. + schema: + type: array + items: + type: string + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /bucket-policy/{bucket}: + get: + summary: List Policies With Given Bucket + operationId: ListPoliciesWithBucket + parameters: + - name: bucket + in: path + required: true + type: string + - name: offset + in: query + required: false + type: integer + format: int32 + - name: limit + in: query + required: false + type: integer + format: int32 + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/listPoliciesResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /bucket-users/{bucket}: + get: + summary: List Users With Access to a Given Bucket + operationId: ListUsersWithAccessToBucket + parameters: + - name: bucket + in: path + required: true + type: string + - name: offset + in: query + required: false + type: integer + format: int32 + - name: limit + in: query + required: false + type: integer + format: int32 + responses: + 200: + description: A successful response. + schema: + type: array + items: + type: string + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /policy: + get: + summary: Policy info + operationId: PolicyInfo + parameters: + - name: name + in: query + required: true + type: string + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/policy" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + delete: + summary: Remove policy + operationId: RemovePolicy + parameters: + - name: name + in: query + required: true + type: string + responses: + 204: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /configs: + get: + summary: List Configurations + operationId: ListConfig + parameters: + - name: offset + in: query + required: false + type: integer + format: int32 + - name: limit + in: query + required: false + type: integer + format: int32 + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/listConfigResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /set-policy/{name}: + put: + summary: Set policy + operationId: SetPolicy + parameters: + - name: name + in: path + required: true + type: string + - name: body + in: body + required: true + schema: + $ref: "#/definitions/setPolicyRequest" + responses: + 204: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /set-policy-multi/{name}: + put: + summary: Set policy to multiple users/groups + operationId: SetPolicyMultiple + parameters: + - name: name + in: path + required: true + type: string + - name: body + in: body + required: true + schema: + $ref: "#/definitions/setPolicyMultipleRequest" + responses: + 204: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /configs/{name}: + get: + summary: Configuration info + operationId: ConfigInfo + parameters: + - name: name + in: path + required: true + type: string + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/configuration" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + put: + summary: Set Configuration + operationId: SetConfig + parameters: + - name: name + in: path + required: true + type: string + - name: body + in: body + required: true + schema: + $ref: "#/definitions/setConfigRequest" + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/setConfigResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /service/restart: + post: + summary: Restart Service + operationId: RestartService + responses: + 204: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + /profiling/start: + post: + summary: Start recording profile data + operationId: ProfilingStart + parameters: + - name: body + in: body + required: true + schema: + $ref: "#/definitions/profilingStartRequest" + responses: + 201: + description: A successful response. + schema: + $ref: "#/definitions/startProfilingList" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /profiling/stop: + post: + summary: Stop and download profile data + operationId: ProfilingStop + produces: + - application/octet-stream + responses: + 201: + description: A successful response. + schema: + type: file + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /subscription/info: + get: + summary: Subscription info + operationId: SubscriptionInfo + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/license" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + + /admin/info: + get: + summary: Returns information about the deployment + operationId: AdminInfo + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/adminInfoResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /admin/info/widgets/{widgetId}: + get: + summary: Returns information about the deployment + operationId: DashboardWidgetDetails + parameters: + - name: widgetId + in: path + type: integer + format: int32 + required: true + - name: start + in: query + type: integer + - name: end + in: query + type: integer + - name: step + in: query + type: integer + format: int32 + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/widgetDetails" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /admin/arns: + get: + summary: Returns a list of active ARNs in the instance + operationId: ArnList + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/arnsResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /admin/notification_endpoints: + get: + summary: Returns a list of active notification endpoints + operationId: NotificationEndpointList + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/notifEndpointResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + post: + summary: Allows to configure a new notification endpoint + operationId: AddNotificationEndpoint + parameters: + - name: body + in: body + required: true + schema: + $ref: "#/definitions/notificationEndpoint" + responses: + 201: + description: A successful response. + schema: + $ref: "#/definitions/setNotificationEndpointResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /admin/tiers: + get: + summary: Returns a list of tiers for ilm + operationId: TiersList + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/tierListResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + post: + summary: Allows to configure a new tier + operationId: AddTier + parameters: + - name: body + in: body + required: true + schema: + $ref: "#/definitions/tier" + responses: + 201: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /admin/tiers/{type}/{name}: + get: + summary: Get Tier + operationId: GetTier + parameters: + - name: type + in: path + required: true + type: string + enum: + - s3 + - gcs + - azure + - name: name + in: path + required: true + type: string + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/tier" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /admin/tiers/{type}/{name}/credentials: + put: + summary: Edit Tier Credentials + operationId: EditTierCredentials + parameters: + - name: type + in: path + required: true + type: string + enum: + - s3 + - gcs + - azure + - name: name + in: path + required: true + type: string + - name: body + in: body + required: true + schema: + $ref: "#/definitions/tierCredentialsRequest" + responses: + 200: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + + /remote-buckets: + get: + summary: List Remote Buckets + operationId: ListRemoteBuckets + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/listRemoteBucketsResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + post: + summary: Add Remote Bucket + operationId: AddRemoteBucket + parameters: + - name: body + in: body + required: true + schema: + $ref: "#/definitions/createRemoteBucket" + responses: + 201: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + + /remote-buckets/{name}: + get: + summary: Remote Bucket Details + operationId: RemoteBucketDetails + parameters: + - name: name + in: path + required: true + type: string + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/remoteBucket" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + /remote-buckets/{source-bucket-name}/{arn}: + delete: + summary: Delete Remote Bucket + operationId: DeleteRemoteBucket + parameters: + - name: source-bucket-name + in: path + required: true + type: string + - name: arn + in: path + required: true + type: string + responses: + 204: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + /logs/search: + get: + summary: Search the logs + operationId: LogSearch + parameters: + - name: fp + description: Filter Parameters + in: query + collectionFormat: multi + type: array + items: + type: string + - name: pageSize + in: query + type: number + format: int32 + default: 10 + - name: pageNo + in: query + type: number + format: int32 + default: 0 + - name: order + in: query + type: string + enum: [timeDesc, timeAsc] + default: timeDesc + - name: timeStart + in: query + type: string + responses: + 200: + description: A successful response. + schema: + $ref: "#/definitions/logSearchResponse" + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - UserAPI + +definitions: + accountChangePasswordRequest: + type: object + required: + - current_secret_key + - new_secret_key + properties: + current_secret_key: + type: string + new_secret_key: + type: string + + changeUserPasswordRequest: + type: object + required: + - selectedUser + - newSecretKey + properties: + selectedUser: + type: string + newSecretKey: + type: string + + bucketEncryptionType: + type: string + enum: + - sse-s3 + - sse-kms + default: sse-s3 + + bucketAccess: + type: string + enum: + - PRIVATE + - PUBLIC + - CUSTOM + default: PRIVATE + + bucket: + type: object + required: + - name + properties: + name: + type: string + minLength: 3 + size: + type: integer + format: int64 + access: + $ref: "#/definitions/bucketAccess" + creation_date: + type: string + + bucketEncryptionRequest: + type: object + properties: + encType: + $ref: "#/definitions/bucketEncryptionType" + kmsKeyID: + type: string + + bucketEncryptionInfo: + type: object + properties: + kmsMasterKeyID: + type: string + algorithm: + type: string + + listBucketsResponse: + type: object + properties: + buckets: + type: array + items: + $ref: "#/definitions/bucket" + title: list of resulting buckets + total: + type: integer + format: int64 + title: number of buckets accessible to the user + + listObjectsResponse: + type: object + properties: + objects: + type: array + items: + $ref: "#/definitions/bucketObject" + title: list of resulting objects + total: + type: integer + format: int64 + title: number of objects + + bucketObject: + type: object + properties: + name: + type: string + size: + type: integer + format: int64 + content_type: + type: string + last_modified: + type: string + is_latest: + type: boolean + is_delete_marker: + type: boolean + version_id: + type: string + user_tags: + type: object + additionalProperties: + type: string + expiration: + type: string + expiration_rule_id: + type: string + legal_hold_status: + type: string + retention_mode: + type: string + retention_until_date: + type: string + tags: + type: object + additionalProperties: + type: string + + makeBucketRequest: + type: object + required: + - name + properties: + name: + type: string + locking: + type: boolean + versioning: + type: boolean + quota: + $ref: "#/definitions/setBucketQuota" + retention: + $ref: "#/definitions/putBucketRetentionRequest" + + error: + type: object + required: + - message + properties: + code: + type: integer + format: int32 + message: + type: string + user: + type: object + properties: + accessKey: + type: string + policy: + type: array + items: + type: string + memberOf: + type: array + items: + type: string + status: + type: string + listUsersResponse: + type: object + properties: + users: + type: array + items: + $ref: "#/definitions/user" + title: list of resulting users + addUserRequest: + type: object + required: + - accessKey + - secretKey + - groups + properties: + accessKey: + type: string + secretKey: + type: string + groups: + type: array + items: + type: string + group: + type: object + properties: + name: + type: string + status: + type: string + members: + type: array + items: + type: string + policy: + type: string + addGroupRequest: + type: object + required: + - group + - members + properties: + group: + type: string + members: + type: array + items: + type: string + listGroupsResponse: + type: object + properties: + groups: + type: array + items: + type: string + title: list of groups + total: + type: integer + format: int64 + title: total number of groups + policy: + type: object + properties: + name: + type: string + policy: + type: string + policyEntity: + type: string + enum: + - user + - group + default: user + setPolicyRequest: + type: object + required: + - entityType + - entityName + properties: + entityType: + $ref: "#/definitions/policyEntity" + entityName: + type: string + + setPolicyMultipleRequest: + type: object + properties: + users: + type: array + items: + $ref: "#/definitions/iamEntity" + groups: + type: array + items: + $ref: "#/definitions/iamEntity" + + iamEntity: + type: string + pattern: '^[\w+=,.@-]{1,64}$' + + addPolicyRequest: + type: object + required: + - name + - policy + properties: + name: + type: string + policy: + type: string + listPoliciesResponse: + type: object + properties: + policies: + type: array + items: + $ref: "#/definitions/policy" + title: list of policies + total: + type: integer + format: int64 + title: total number of policies + updateGroupRequest: + type: object + required: + - members + - status + properties: + members: + type: array + items: + type: string + status: + type: string + configDescription: + type: object + properties: + key: + type: string + description: + type: string + configurationKV: + type: object + properties: + key: + type: string + value: + type: string + configuration: + type: object + properties: + name: + type: string + key_values: + type: array + items: + $ref: "#/definitions/configurationKV" + listConfigResponse: + type: object + properties: + configurations: + type: array + items: + $ref: "#/definitions/configDescription" + total: + type: integer + format: int64 + title: total number of configurations + setConfigRequest: + type: object + required: + - key_values + properties: + key_values: + type: array + minItems: 1 + items: + $ref: "#/definitions/configurationKV" + arn_resource_id: + type: string + title: Used if configuration is an event notification's target + notificationEventType: + type: string + enum: + - put + - delete + - get + notificationConfig: + type: object + required: + - arn + properties: + id: + type: string + arn: + type: string + events: + type: array + items: + $ref: "#/definitions/notificationEventType" + title: "filter specific type of event. Defaults to all event (default: '[put,delete,get]')" + prefix: + type: string + title: "filter event associated to the specified prefix" + suffix: + type: string + title: "filter event associated to the specified suffix" + notificationDeleteRequest: + type: object + required: + - events + - prefix + - suffix + properties: + events: + type: array + minLength: 1 + items: + $ref: "#/definitions/notificationEventType" + title: "filter specific type of event. Defaults to all event (default: '[put,delete,get]')" + prefix: + type: string + title: "filter event associated to the specified prefix" + suffix: + type: string + title: "filter event associated to the specified suffix" + bucketEventRequest: + type: object + required: + - configuration + properties: + configuration: + $ref: "#/definitions/notificationConfig" + ignoreExisting: + type: boolean + bucketReplicationDestination: + type: object + properties: + bucket: + type: string + bucketReplicationRule: + type: object + properties: + id: + type: string + status: + type: string + enum: + - Enabled + - Disabled + priority: + type: integer + format: int32 + syncMode: + type: string + enum: + - async + - sync + default: async + bandwidth: + type: string + healthCheckPeriod: + type: integer + delete_marker_replication: + type: boolean + deletes_replication: + type: boolean + metadata_replication: + type: boolean + prefix: + type: string + tags: + type: string + destination: + $ref: "#/definitions/bucketReplicationDestination" + + bucketReplicationResponse: + type: object + properties: + rules: + type: array + items: + $ref: "#/definitions/bucketReplicationRule" + # missing + # "Filter": { + # "And": {}, + # "Tag": {} + # } + # } + #} + + listExternalBucketsParams: + required: + - accessKey + - secretKey + - targetURL + - useTLS + properties: + accessKey: + type: string + minLength: 3 + secretKey: + type: string + minLength: 8 + targetURL: + type: string + useTLS: + type: boolean + region: + type: string + + multiBucketReplication: + required: + - accessKey + - secretKey + - targetURL + - bucketsRelation + properties: + accessKey: + type: string + minLength: 3 + secretKey: + type: string + minLength: 8 + targetURL: + type: string + region: + type: string + syncMode: + type: string + enum: + - async + - sync + default: async + bandwidth: + type: integer + format: int64 + healthCheckPeriod: + type: integer + format: int32 + prefix: + type: string + tags: + type: string + replicateDeleteMarkers: + type: boolean + replicateDeletes: + type: boolean + replicateMetadata: + type: boolean + bucketsRelation: + type: array + minLength: 1 + items: + $ref: "#/definitions/multiBucketsRelation" + + multiBucketsRelation: + type: object + properties: + originBucket: + type: string + destinationBucket: + type: string + + multiBucketResponseItem: + type: object + properties: + originBucket: + type: string + targetBucket: + type: string + errorString: + type: string + + multiBucketResponseState: + type: object + properties: + replicationState: + type: array + items: + $ref: "#/definitions/multiBucketResponseItem" + + addBucketReplication: + type: object + properties: + arn: + type: string + destination_bucket: + type: string + listBucketEventsResponse: + type: object + properties: + events: + type: array + items: + $ref: "#/definitions/notificationConfig" + total: + type: integer + format: int64 + title: total number of bucket events + setBucketPolicyRequest: + type: object + required: + - access + properties: + access: + $ref: "#/definitions/bucketAccess" + bucketQuota: + type: object + properties: + quota: + type: integer + type: + type: string + enum: + - hard + - fifo + setBucketQuota: + type: object + required: + - enabled + properties: + enabled: + type: boolean + quota_type: + type: string + enum: + - fifo + - hard + amount: + type: integer + loginDetails: + type: object + properties: + loginStrategy: + type: string + enum: [form, redirect, service-account] + redirect: + type: string + loginOauth2AuthRequest: + type: object + required: + - state + - code + properties: + state: + type: string + code: + type: string + loginOperatorRequest: + type: object + required: + - jwt + properties: + jwt: + type: string + loginRequest: + type: object + required: + - accessKey + - secretKey + properties: + accessKey: + type: string + secretKey: + type: string + loginResponse: + type: object + properties: + sessionId: + type: string + # Structure that holds the `Bearer {TOKEN}` present on authenticated requests + principal: + type: object + properties: + STSAccessKeyID: + type: string + STSSecretAccessKey: + type: string + STSSessionToken: + type: string + actions: + type: array + items: + type: string + accountAccessKey: + type: string + startProfilingItem: + type: object + properties: + nodeName: + type: string + success: + type: boolean + error: + type: string + startProfilingList: + type: object + properties: + total: + type: integer + format: int64 + title: number of start results + startResults: + type: array + items: + $ref: "#/definitions/startProfilingItem" + profilerType: + type: string + enum: + - cpu + - mem + - block + - mutex + - trace + - threads + - goroutines + profilingStartRequest: + type: object + required: + - type + properties: + type: + $ref: "#/definitions/profilerType" + sessionResponse: + type: object + properties: + pages: + type: array + items: + type: string + features: + type: array + items: + type: string + status: + type: string + enum: [ok] + operator: + type: boolean + widgetResult: + type: object + properties: + metric: + type: object + additionalProperties: + type: string + values: + type: array + items: {} + resultTarget: + type: object + properties: + legendFormat: + type: string + resultType: + type: string + result: + type: array + items: + $ref: "#/definitions/widgetResult" + widget: + type: object + properties: + title: + type: string + type: + type: string + id: + type: integer + format: int32 + options: + type: object + properties: + reduceOptions: + type: object + properties: + calcs: + type: array + items: + type: string + targets: + type: array + items: + $ref: "#/definitions/resultTarget" + widgetDetails: + type: object + properties: + title: + type: string + type: + type: string + id: + type: integer + format: int32 + options: + type: object + properties: + reduceOptions: + type: object + properties: + calcs: + type: array + items: + type: string + targets: + type: array + items: + $ref: "#/definitions/resultTarget" + adminInfoResponse: + type: object + properties: + buckets: + type: integer + objects: + type: integer + usage: + type: integer + widgets: + type: array + items: + $ref: "#/definitions/widget" + arnsResponse: + type: object + properties: + arns: + type: array + items: + type: string + updateUserGroups: + type: object + required: + - groups + properties: + groups: + type: array + items: + type: string + nofiticationService: + type: string + enum: + - webhook + - amqp + - kafka + - mqtt + - nats + - nsq + - mysql + - postgres + - elasticsearch + - redis + notificationEndpointItem: + type: object + properties: + service: + $ref: "#/definitions/nofiticationService" + account_id: + type: string + status: + type: string + notificationEndpoint: + type: object + required: + - service + - account_id + - properties + properties: + service: + $ref: "#/definitions/nofiticationService" + account_id: + type: string + properties: + type: object + additionalProperties: + type: string + setNotificationEndpointResponse: + type: object + required: + - service + - account_id + - properties + properties: + service: + $ref: "#/definitions/nofiticationService" + account_id: + type: string + properties: + type: object + additionalProperties: + type: string + restart: + type: boolean + notifEndpointResponse: + type: object + properties: + notification_endpoints: + type: array + items: + $ref: "#/definitions/notificationEndpointItem" + updateUser: + type: object + required: + - status + - groups + properties: + status: + type: string + groups: + type: array + items: + type: string + bulkUserGroups: + type: object + required: + - users + - groups + properties: + users: + type: array + items: + type: string + groups: + type: array + items: + type: string + serviceAccounts: + type: array + items: + type: string + serviceAccountRequest: + type: object + properties: + policy: + type: string + title: "policy to be applied to the Service Account if any" + serviceAccountCreds: + type: object + properties: + accessKey: + type: string + secretKey: + type: string + remoteBucket: + type: object + required: + - accessKey + - sourceBucket + - remoteARN + properties: + accessKey: + type: string + minLength: 3 + secretKey: + type: string + minLength: 8 + sourceBucket: + type: string + targetURL: + type: string + targetBucket: + type: string + remoteARN: + type: string + status: + type: string + service: + type: string + enum: [replication] + syncMode: + type: string + bandwidth: + type: integer + format: int64 + healthCheckPeriod: + type: integer + createRemoteBucket: + required: + - accessKey + - secretKey + - targetURL + - sourceBucket + - targetBucket + properties: + accessKey: + type: string + minLength: 3 + secretKey: + type: string + minLength: 8 + targetURL: + type: string + sourceBucket: + type: string + targetBucket: + type: string + region: + type: string + syncMode: + type: string + enum: + - async + - sync + default: async + bandwidth: + type: integer + format: int64 + healthCheckPeriod: + type: integer + format: int32 + listRemoteBucketsResponse: + type: object + properties: + buckets: + type: array + items: + $ref: "#/definitions/remoteBucket" + title: list of remote buckets + total: + type: integer + format: int64 + title: number of remote buckets accessible to user + bucketVersioningResponse: + type: object + properties: + is_versioned: + type: boolean + setBucketVersioning: + type: object + properties: + versioning: + type: boolean + bucketObLockingResponse: + type: object + properties: + object_locking_enabled: + type: boolean + + + logSearchResponse: + type: object + properties: + results: + type: object + title: list of log search responses + + + keyPairConfiguration: + type: object + required: + - crt + - key + properties: + crt: + type: string + key: + type: string + + tlsConfiguration: + type: object + properties: + minio: + type: array + items: + $ref: "#/definitions/keyPairConfiguration" + console: + type: object + $ref: "#/definitions/keyPairConfiguration" + ca_certificates: + type: array + items: + type: string + console_ca_certificates: + type: array + items: + type: string + + idpConfiguration: + type: object + properties: + oidc: + type: object + required: + - url + - client_id + - secret_id + properties: + url: + type: string + client_id: + type: string + secret_id: + type: string + keys: + type: array + items: + type: object + required: + - access_key + - secret_key + properties: + access_key: + type: string + secret_key: + type: string + active_directory: + type: object + required: + - url + - username_format + - user_search_filter + properties: + url: + type: string + username_format: + type: string + user_search_filter: + type: string + group_search_base_dn: + type: string + group_search_filter: + type: string + group_name_attribute: + type: string + skip_tls_verification: + type: boolean + server_insecure: + type: boolean + + + objectLegalHoldStatus: + type: string + enum: + - enabled + - disabled + + putObjectLegalHoldRequest: + type: object + required: + - status + properties: + status: + $ref: "#/definitions/objectLegalHoldStatus" + + objectRetentionMode: + type: string + enum: + - governance + - compliance + + putObjectRetentionRequest: + type: object + required: + - mode + - expires + properties: + mode: + $ref: "#/definitions/objectRetentionMode" + expires: + type: string + governance_bypass: + type: boolean + + putObjectTagsRequest: + type: object + properties: + tags: + additionalProperties: + type: string + + objectRetentionUnit: + type: string + enum: + - days + - years + + putBucketRetentionRequest: + type: object + required: + - mode + - unit + - validity + properties: + mode: + $ref: "#/definitions/objectRetentionMode" + unit: + $ref: "#/definitions/objectRetentionUnit" + validity: + type: integer + format: int32 + + getBucketRetentionConfig: + type: object + properties: + mode: + $ref: "#/definitions/objectRetentionMode" + unit: + $ref: "#/definitions/objectRetentionUnit" + validity: + type: integer + format: int32 + + bucketLifecycleResponse: + type: object + properties: + lifecycle: + type: array + items: + $ref: "#/definitions/objectBucketLifecycle" + + expirationResponse: + type: object + properties: + date: + type: string + days: + type: integer + format: int64 + delete_marker: + type: boolean + + transitionResponse: + type: object + properties: + date: + type: string + storage_class: + type: string + days: + type: integer + format: int64 + + lifecycleTag: + type: object + properties: + key: + type: string + value: + type: string + + objectBucketLifecycle: + type: object + properties: + id: + type: string + prefix: + type: string + status: + type: string + expiration: + $ref: "#/definitions/expirationResponse" + transition: + $ref: "#/definitions/transitionResponse" + tags: + type: array + items: + $ref: "#/definitions/lifecycleTag" + + addBucketLifecycle: + type: object + properties: + prefix: + description: Non required field, it matches a prefix to perform ILM operations on it + type: string + tags: + description: Non required field, tags to match ILM files + type: string + expiry_date: + description: Required in case of expiry_days or transition fields are not set. it defines an expiry date for ILM + type: string + expiry_days: + description: Required in case of expiry_date or transition fields are not set. it defines an expiry days for ILM + type: integer + format: int32 + default: 0 + transition_date: + description: Required in case of transition_days or expiry fields are not set. it defines a transition date for ILM + type: string + transition_days: + description: Required in case of transition_date or expiry fields are not set. it defines a transition days for ILM + type: integer + format: int32 + default: 0 + storage_class: + description: Required only in case of transition is set. it refers to a tier + type: string + disable: + description: Non required, toggle to disable or enable rule + type: boolean + expired_object_delete_marker: + description: Non required, toggle to disable or enable rule + type: boolean + noncurrentversion_expiration_days: + description: Non required, can be set in case of expiration is enabled + type: integer + format: int32 + default: 0 + noncurrentversion_transition_days: + description: Non required, can be set in case of transition is enabled + type: integer + format: int32 + default: 0 + noncurrentversion_transition_storage_class: + description: Non required, can be set in case of transition is enabled + type: string + + updateBucketLifecycle: + type: object + properties: + tags: + type: string + disable: + type: boolean + + setConfigResponse: + type: object + properties: + restart: + description: Returns wheter server needs to restart to apply changes or not + type: boolean + + license: + type: object + properties: + email: + type: string + organization: + type: string + account_id: + type: integer + storage_capacity: + type: integer + plan: + type: string + expires_at: + type: string + + getDirectCSIDriveListResponse: + type: object + properties: + drives: + type: array + items: + $ref: "#/definitions/directCSIDriveInfo" + + directCSIDriveInfo: + type: object + properties: + drive: + type: string + capacity: + type: number + format: int64 + allocated: + type: number + format: int64 + volumes: + type: number + format: int64 + node: + type: string + status: + type: string + message: + type: string + + getDirectCSIVolumeListResponse: + type: object + properties: + volumes: + type: array + items: + $ref: "#/definitions/directCSIVolumeInfo" + + directCSIVolumeInfo: + type: object + properties: + volume: + type: string + capacity: + type: number + format: int64 + node: + type: string + drive: + type: string + + policyArgs: + type: object + properties: + id: + type: string + action: + type: string + bucket_name: + type: string + + hasPermissionRequest: + type: object + properties: + actions: + type: array + items: + $ref: "#/definitions/policyArgs" + + permissionAction: + type: object + properties: + id: + type: string + can: + type: boolean + + hasPermissionResponse: + type: object + properties: + permissions: + type: array + items: + $ref: "#/definitions/permissionAction" + + logSearchConfiguration: + type: object + properties: + storageClass: + type: string + default: "" + storageSize: + type: number + default: 5 + image: + type: string + postgres_image: + type: string + + prometheusConfiguration: + type: object + properties: + storageClass: + type: string + default: "" + storageSize: + type: number + default: 5 + image: + type: string + tier_s3: + type: object + properties: + name: + type: string + endpoint: + type: string + accesskey: + type: string + secretkey: + type: string + bucket: + type: string + prefix: + type: string + region: + type: string + storageclass: + type: string + + tier_azure: + type: object + properties: + name: + type: string + endpoint: + type: string + accountname: + type: string + accountkey: + type: string + bucket: + type: string + prefix: + type: string + region: + type: string + + tier_gcs: + type: object + properties: + name: + type: string + endpoint: + type: string + creds: + type: string + bucket: + type: string + prefix: + type: string + region: + type: string + + tier: + type: object + properties: + type: + type: string + enum: + - s3 + - gcs + - azure + - unsupported + s3: + type: object + $ref: "#/definitions/tier_s3" + gcs: + type: object + $ref: "#/definitions/tier_gcs" + azure: + type: object + $ref: "#/definitions/tier_azure" + + tierListResponse: + type: object + properties: + items: + type: array + items: + $ref: "#/definitions/tier" + + tierCredentialsRequest: + type: object + properties: + access_key: + type: string + secret_key: + type: string + creds: + type: string + description: a base64 encoded value + formatConfiguration: + type: object + required: + - drives + - force + properties: + drives: + type: array + minLength: 1 + items: + type: string + force: + type: boolean + + + + rewindItem: + type: object + properties: + last_modified: + type: string + size: + type: integer + format: int64 + version_id: + type: string + delete_flag: + type: boolean + action: + type: string + name: + type: string + + rewindResponse: + type: object + properties: + objects: + type: array + items: + $ref: "#/definitions/rewindItem" diff --git a/swagger.yml b/swagger-operator.yml similarity index 62% rename from swagger.yml rename to swagger-operator.yml index 373bc00e3..f4a4b53cd 100644 --- a/swagger.yml +++ b/swagger-operator.yml @@ -19,7 +19,7 @@ securityDefinitions: tokenUrl: http://min.io # Apply the key security definition to all APIs security: - - key: [] + - key: [ ] paths: /login: get: @@ -35,7 +35,7 @@ paths: schema: $ref: "#/definitions/error" # Exclude this API from the authentication requirement - security: [] + security: [ ] tags: - UserAPI post: @@ -57,7 +57,7 @@ paths: schema: $ref: "#/definitions/error" # Exclude this API from the authentication requirement - security: [] + security: [ ] tags: - UserAPI /login/operator: @@ -79,7 +79,7 @@ paths: description: Generic error response. schema: $ref: "#/definitions/error" - security: [] + security: [ ] tags: - UserAPI @@ -102,7 +102,7 @@ paths: description: Generic error response. schema: $ref: "#/definitions/error" - security: [] + security: [ ] tags: - UserAPI @@ -136,1654 +136,6 @@ paths: tags: - UserAPI - /account/change-password: - post: - summary: Change password of currently logged in user. - operationId: AccountChangePassword - parameters: - - name: body - in: body - required: true - schema: - $ref: "#/definitions/accountChangePasswordRequest" - responses: - 201: - description: A successful login. - schema: - $ref: "#/definitions/loginResponse" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /account/change-user-password: - post: - summary: Change password of currently logged in user. - operationId: ChangeUserPassword - parameters: - - name: body - in: body - required: true - schema: - $ref: "#/definitions/changeUserPasswordRequest" - responses: - 201: - description: Password successfully changed. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - - /buckets: - get: - summary: List Buckets - operationId: ListBuckets - parameters: - - name: sort_by - in: query - required: false - type: string - - name: offset - in: query - required: false - type: integer - format: int32 - - name: limit - in: query - required: false - type: integer - format: int32 - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/listBucketsResponse" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - post: - summary: Make bucket - operationId: MakeBucket - parameters: - - name: body - in: body - required: true - schema: - $ref: "#/definitions/makeBucketRequest" - responses: - 201: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /buckets/{name}: - get: - summary: Bucket Info - operationId: BucketInfo - parameters: - - name: name - in: path - required: true - type: string - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/bucket" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - delete: - summary: Delete Bucket - operationId: DeleteBucket - parameters: - - name: name - in: path - required: true - type: string - responses: - 204: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /buckets/{bucket_name}/retention: - get: - summary: Get Bucket's retention config - operationId: GetBucketRetentionConfig - parameters: - - name: bucket_name - in: path - required: true - type: string - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/getBucketRetentionConfig" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - put: - summary: Set Bucket's retention config - operationId: SetBucketRetentionConfig - parameters: - - name: bucket_name - in: path - required: true - type: string - - name: body - in: body - required: true - schema: - $ref: "#/definitions/putBucketRetentionRequest" - responses: - 200: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /buckets/{bucket_name}/objects: - get: - summary: List Objects - operationId: ListObjects - parameters: - - name: bucket_name - in: path - required: true - type: string - - name: prefix - in: query - required: false - type: string - - name: recursive - in: query - required: false - type: boolean - - name: with_versions - in: query - required: false - type: boolean - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/listObjectsResponse" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - delete: - summary: Delete Object - operationId: DeleteObject - parameters: - - name: bucket_name - in: path - required: true - type: string - - name: path - in: query - required: true - type: string - - name: version_id - in: query - required: false - type: string - - name: recursive - in: query - required: false - type: boolean - responses: - 200: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /buckets/{bucket_name}/objects/upload: - post: - summary: Uploads an Object. - consumes: - - multipart/form-data - parameters: - - name: bucket_name - in: path - required: true - type: string - - name: prefix - in: query - type: string - responses: - 200: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /buckets/{bucket_name}/objects/download: - get: - summary: Download Object - operationId: Download Object - produces: - - application/octet-stream - parameters: - - name: bucket_name - in: path - required: true - type: string - - name: prefix - in: query - required: true - type: string - - name: version_id - in: query - required: false - type: string - responses: - 200: - description: A successful response. - schema: - type: file - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /buckets/{bucket_name}/objects/share: - get: - summary: Shares an Object on a url - operationId: ShareObject - parameters: - - name: bucket_name - in: path - required: true - type: string - - name: prefix - in: query - required: true - type: string - - name: version_id - in: query - required: true - type: string - - name: expires - in: query - required: false - type: string - responses: - 200: - description: A successful response. - schema: - type: string - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /buckets/{bucket_name}/objects/legalhold: - put: - summary: Put Object's legalhold status - operationId: PutObjectLegalHold - parameters: - - name: bucket_name - in: path - required: true - type: string - - name: prefix - in: query - required: true - type: string - - name: version_id - in: query - required: true - type: string - - name: body - in: body - required: true - schema: - $ref: "#/definitions/putObjectLegalHoldRequest" - responses: - 200: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /buckets/{bucket_name}/objects/retention: - put: - summary: Put Object's retention status - operationId: PutObjectRetention - parameters: - - name: bucket_name - in: path - required: true - type: string - - name: prefix - in: query - required: true - type: string - - name: version_id - in: query - required: true - type: string - - name: body - in: body - required: true - schema: - $ref: "#/definitions/putObjectRetentionRequest" - responses: - 200: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - delete: - summary: Delete Object retention from an object - operationId: DeleteObjectRetention - parameters: - - name: bucket_name - in: path - required: true - type: string - - name: prefix - in: query - required: true - type: string - - name: version_id - in: query - required: true - type: string - responses: - 200: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /buckets/{bucket_name}/objects/tags: - put: - summary: Put Object's tags - operationId: PutObjectTags - parameters: - - name: bucket_name - in: path - required: true - type: string - - name: prefix - in: query - required: true - type: string - - name: version_id - in: query - required: true - type: string - - name: body - in: body - required: true - schema: - $ref: "#/definitions/putObjectTagsRequest" - responses: - 200: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /buckets/{name}/set-policy: - put: - summary: Bucket Set Policy - operationId: BucketSetPolicy - parameters: - - name: name - in: path - required: true - type: string - - name: body - in: body - required: true - schema: - $ref: "#/definitions/setBucketPolicyRequest" - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/bucket" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /buckets/{name}/quota: - get: - summary: Get Bucket Quota - operationId: GetBucketQuota - parameters: - - name: name - in: path - required: true - type: string - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/bucketQuota" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - put: - summary: Bucket Quota - operationId: SetBucketQuota - parameters: - - name: name - in: path - required: true - type: string - - name: body - in: body - required: true - schema: - $ref: "#/definitions/setBucketQuota" - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/bucket" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /buckets/{bucket_name}/events: - get: - summary: List Bucket Events - operationId: ListBucketEvents - parameters: - - name: bucket_name - in: path - required: true - type: string - - name: offset - in: query - required: false - type: integer - format: int32 - - name: limit - in: query - required: false - type: integer - format: int32 - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/listBucketEventsResponse" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - post: - summary: Create Bucket Event - operationId: CreateBucketEvent - parameters: - - name: bucket_name - in: path - required: true - type: string - - name: body - in: body - required: true - schema: - $ref: "#/definitions/bucketEventRequest" - responses: - 201: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /buckets/{bucket_name}/events/{arn}: - delete: - summary: Delete Bucket Event - operationId: DeleteBucketEvent - parameters: - - name: bucket_name - in: path - required: true - type: string - - name: arn - in: path - required: true - type: string - - name: body - in: body - required: true - schema: - $ref: "#/definitions/notificationDeleteRequest" - responses: - 204: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /list-external-buckets: - post: - summary: Lists an External list of buckets using custom credentials - operationId: ListExternalBuckets - parameters: - - name: body - in: body - required: true - schema: - $ref: "#/definitions/listExternalBucketsParams" - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/listBucketsResponse" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /buckets-replication: - post: - summary: Sets Multi Bucket Replication in multiple Buckets - operationId: SetMultiBucketReplication - parameters: - - name: body - in: body - required: true - schema: - $ref: "#/definitions/multiBucketReplication" - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/multiBucketResponseState" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /buckets/{bucket_name}/replication: - get: - summary: Bucket Replication - operationId: GetBucketReplication - parameters: - - name: bucket_name - in: path - required: true - type: string - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/bucketReplicationResponse" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /buckets/{bucket_name}/replication/{rule_id}: - delete: - summary: Bucket Replication Rule Delete - operationId: DeleteBucketReplicationRule - parameters: - - name: bucket_name - in: path - required: true - type: string - - name: rule_id - in: path - required: true - type: string - responses: - 204: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /buckets/{bucket_name}/versioning: - get: - summary: Bucket Versioning - operationId: GetBucketVersioning - parameters: - - name: bucket_name - in: path - required: true - type: string - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/bucketVersioningResponse" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - put: - summary: Set Bucket Versioning - operationId: SetBucketVersioning - parameters: - - name: bucket_name - in: path - required: true - type: string - - name: body - in: body - required: true - schema: - $ref: "#/definitions/setBucketVersioning" - responses: - 201: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /buckets/{bucket_name}/object-locking: - get: - summary: Returns the status of object locking support on the bucket - operationId: GetBucketObjectLockingStatus - parameters: - - name: bucket_name - in: path - required: true - type: string - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/bucketObLockingResponse" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /buckets/{bucket_name}/encryption/enable: - post: - summary: Enable bucket encryption. - operationId: EnableBucketEncryption - parameters: - - name: bucket_name - in: path - required: true - type: string - - name: body - in: body - required: true - schema: - $ref: "#/definitions/bucketEncryptionRequest" - responses: - 200: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /buckets/{bucket_name}/encryption/disable: - post: - summary: Disable bucket encryption. - operationId: DisableBucketEncryption - parameters: - - name: bucket_name - in: path - required: true - type: string - responses: - 200: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /buckets/{bucket_name}/encryption/info: - get: - summary: Get bucket encryption information. - operationId: GetBucketEncryptionInfo - parameters: - - name: bucket_name - in: path - required: true - type: string - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/bucketEncryptionInfo" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /buckets/{bucket_name}/lifecycle: - get: - summary: Bucket Lifecycle - operationId: GetBucketLifecycle - parameters: - - name: bucket_name - in: path - required: true - type: string - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/bucketLifecycleResponse" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - post: - summary: Add Bucket Lifecycle - operationId: AddBucketLifecycle - parameters: - - name: bucket_name - in: path - required: true - type: string - - name: body - in: body - required: true - schema: - $ref: "#/definitions/addBucketLifecycle" - responses: - 201: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /buckets/{bucket_name}/lifecycle/{lifecycle_id}: - put: - summary: Update Lifecycle rule - operationId: UpdateBucketLifecycle - parameters: - - name: bucket_name - in: path - required: true - type: string - - name: lifecycle_id - in: path - required: true - type: string - - name: body - in: body - required: true - schema: - $ref: "#/definitions/updateBucketLifecycle" - responses: - 200: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /buckets/{bucket_name}/rewind/{date}: - get: - summary: Get objects in a bucket for a rewind date - operationId: GetBucketRewind - parameters: - - name: bucket_name - in: path - required: true - type: string - - name: date - in: path - required: true - type: string - - name: prefix - in: query - required: false - type: string - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/rewindResponse" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /service-accounts: - get: - summary: List User's Service Accounts - operationId: ListUserServiceAccounts - parameters: - - name: offset - in: query - required: false - type: integer - format: int32 - - name: limit - in: query - required: false - type: integer - format: int32 - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/serviceAccounts" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - post: - summary: Create Service Account - operationId: CreateServiceAccount - parameters: - - name: body - in: body - required: true - schema: - $ref: "#/definitions/serviceAccountRequest" - responses: - 201: - description: A successful response. - schema: - $ref: "#/definitions/serviceAccountCreds" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /service-accounts/{access_key}: - delete: - summary: Delete Service Account - operationId: DeleteServiceAccount - parameters: - - name: access_key - in: path - required: true - type: string - responses: - 204: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /has-permission: - post: - summary: Checks whether the user can perform a series of actions - operationId: HasPermissionTo - parameters: - - name: body - in: body - required: true - schema: - $ref: "#/definitions/hasPermissionRequest" - responses: - 201: - description: A successful response. - schema: - $ref: "#/definitions/hasPermissionResponse" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /users: - get: - summary: List Users - operationId: ListUsers - parameters: - - name: offset - in: query - required: false - type: integer - format: int32 - - name: limit - in: query - required: false - type: integer - format: int32 - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/listUsersResponse" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - post: - summary: Add User - operationId: AddUser - parameters: - - name: body - in: body - required: true - schema: - $ref: "#/definitions/addUserRequest" - responses: - 201: - description: A successful response. - schema: - $ref: "#/definitions/user" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - - /users/{name}: - get: - summary: Get User Info - operationId: GetUserInfo - parameters: - - name: name - in: path - required: true - type: string - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/user" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - put: - summary: Update User Info - operationId: UpdateUserInfo - parameters: - - name: name - in: path - required: true - type: string - - name: body - in: body - required: true - schema: - $ref: "#/definitions/updateUser" - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/user" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - delete: - summary: Remove user - operationId: RemoveUser - parameters: - - name: name - in: path - required: true - type: string - responses: - 204: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - - /users/{name}/groups: - put: - summary: Update Groups for a user - operationId: UpdateUserGroups - parameters: - - name: name - in: path - required: true - type: string - - name: body - in: body - required: true - schema: - $ref: "#/definitions/updateUserGroups" - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/user" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - - /users/{name}/service-accounts: - get: - summary: returns a list of service accounts for a user - operationId: ListAUserServiceAccounts - parameters: - - name: name - in: path - required: true - type: string - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/serviceAccounts" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - - /users-groups-bulk: - put: - summary: Bulk functionality to Add Users to Groups - operationId: BulkUpdateUsersGroups - parameters: - - name: body - in: body - required: true - schema: - $ref: "#/definitions/bulkUserGroups" - responses: - 200: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - - /groups: - get: - summary: List Groups - operationId: ListGroups - parameters: - - name: offset - in: query - required: false - type: integer - format: int32 - - name: limit - in: query - required: false - type: integer - format: int32 - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/listGroupsResponse" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - post: - summary: Add Group - operationId: AddGroup - parameters: - - name: body - in: body - required: true - schema: - $ref: "#/definitions/addGroupRequest" - responses: - 201: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - - /groups/{name}: - get: - summary: Group info - operationId: GroupInfo - parameters: - - name: name - in: path - required: true - type: string - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/group" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - delete: - summary: Remove group - operationId: RemoveGroup - parameters: - - name: name - in: path - required: true - type: string - responses: - 204: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - put: - summary: Update Group Members or Status - operationId: UpdateGroup - parameters: - - name: name - in: path - required: true - type: string - - name: body - in: body - required: true - schema: - $ref: "#/definitions/updateGroupRequest" - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/group" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - - /policies: - get: - summary: List Policies - operationId: ListPolicies - parameters: - - name: offset - in: query - required: false - type: integer - format: int32 - - name: limit - in: query - required: false - type: integer - format: int32 - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/listPoliciesResponse" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - post: - summary: Add Policy - operationId: AddPolicy - parameters: - - name: body - in: body - required: true - schema: - $ref: "#/definitions/addPolicyRequest" - responses: - 201: - description: A successful response. - schema: - $ref: "#/definitions/policy" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - - /policies/{policy}/users: - get: - summary: List Users for a Policy - operationId: ListUsersForPolicy - parameters: - - name: policy - in: path - required: true - type: string - responses: - 200: - description: A successful response. - schema: - type: array - items: - type: string - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - - /policies/{policy}/groups: - get: - summary: List Groups for a Policy - operationId: ListGroupsForPolicy - parameters: - - name: policy - in: path - required: true - type: string - responses: - 200: - description: A successful response. - schema: - type: array - items: - type: string - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - - /bucket-policy/{bucket}: - get: - summary: List Policies With Given Bucket - operationId: ListPoliciesWithBucket - parameters: - - name: bucket - in: path - required: true - type: string - - name: offset - in: query - required: false - type: integer - format: int32 - - name: limit - in: query - required: false - type: integer - format: int32 - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/listPoliciesResponse" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - - /bucket-users/{bucket}: - get: - summary: List Users With Access to a Given Bucket - operationId: ListUsersWithAccessToBucket - parameters: - - name: bucket - in: path - required: true - type: string - - name: offset - in: query - required: false - type: integer - format: int32 - - name: limit - in: query - required: false - type: integer - format: int32 - responses: - 200: - description: A successful response. - schema: - type: array - items: - type: string - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - - /policy: - get: - summary: Policy info - operationId: PolicyInfo - parameters: - - name: name - in: query - required: true - type: string - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/policy" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - delete: - summary: Remove policy - operationId: RemovePolicy - parameters: - - name: name - in: query - required: true - type: string - responses: - 204: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - - /configs: - get: - summary: List Configurations - operationId: ListConfig - parameters: - - name: offset - in: query - required: false - type: integer - format: int32 - - name: limit - in: query - required: false - type: integer - format: int32 - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/listConfigResponse" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - - /set-policy/{name}: - put: - summary: Set policy - operationId: SetPolicy - parameters: - - name: name - in: path - required: true - type: string - - name: body - in: body - required: true - schema: - $ref: "#/definitions/setPolicyRequest" - responses: - 204: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - - /set-policy-multi/{name}: - put: - summary: Set policy to multiple users/groups - operationId: SetPolicyMultiple - parameters: - - name: name - in: path - required: true - type: string - - name: body - in: body - required: true - schema: - $ref: "#/definitions/setPolicyMultipleRequest" - responses: - 204: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - - /configs/{name}: - get: - summary: Configuration info - operationId: ConfigInfo - parameters: - - name: name - in: path - required: true - type: string - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/configuration" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - put: - summary: Set Configuration - operationId: SetConfig - parameters: - - name: name - in: path - required: true - type: string - - name: body - in: body - required: true - schema: - $ref: "#/definitions/setConfigRequest" - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/setConfigResponse" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - - /service/restart: - post: - summary: Restart Service - operationId: RestartService - responses: - 204: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - /profiling/start: - post: - summary: Start recording profile data - operationId: ProfilingStart - parameters: - - name: body - in: body - required: true - schema: - $ref: "#/definitions/profilingStartRequest" - responses: - 201: - description: A successful response. - schema: - $ref: "#/definitions/startProfilingList" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - - /profiling/stop: - post: - summary: Stop and download profile data - operationId: ProfilingStop - produces: - - application/octet-stream - responses: - 201: - description: A successful response. - schema: - type: file - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI /subscription/info: get: @@ -1799,7 +151,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI /subscription/validate: post: @@ -1821,7 +173,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI /subscription/refresh: post: @@ -1837,7 +189,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI /subscription/namespaces/{namespace}/tenants/{tenant}/activate: post: @@ -1860,320 +212,9 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI - /admin/info: - get: - summary: Returns information about the deployment - operationId: AdminInfo - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/adminInfoResponse" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - /admin/info/widgets/{widgetId}: - get: - summary: Returns information about the deployment - operationId: DashboardWidgetDetails - parameters: - - name: widgetId - in: path - type: integer - format: int32 - required: true - - name: start - in: query - type: integer - - name: end - in: query - type: integer - - name: step - in: query - type: integer - format: int32 - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/widgetDetails" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - - /admin/arns: - get: - summary: Returns a list of active ARNs in the instance - operationId: ArnList - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/arnsResponse" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - - /admin/notification_endpoints: - get: - summary: Returns a list of active notification endpoints - operationId: NotificationEndpointList - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/notifEndpointResponse" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - post: - summary: Allows to configure a new notification endpoint - operationId: AddNotificationEndpoint - parameters: - - name: body - in: body - required: true - schema: - $ref: "#/definitions/notificationEndpoint" - responses: - 201: - description: A successful response. - schema: - $ref: "#/definitions/setNotificationEndpointResponse" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - - /admin/tiers: - get: - summary: Returns a list of tiers for ilm - operationId: TiersList - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/tierListResponse" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - post: - summary: Allows to configure a new tier - operationId: AddTier - parameters: - - name: body - in: body - required: true - schema: - $ref: "#/definitions/tier" - responses: - 201: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - - /admin/tiers/{type}/{name}: - get: - summary: Get Tier - operationId: GetTier - parameters: - - name: type - in: path - required: true - type: string - enum: - - s3 - - gcs - - azure - - name: name - in: path - required: true - type: string - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/tier" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - - /admin/tiers/{type}/{name}/credentials: - put: - summary: Edit Tier Credentials - operationId: EditTierCredentials - parameters: - - name: type - in: path - required: true - type: string - enum: - - s3 - - gcs - - azure - - name: name - in: path - required: true - type: string - - name: body - in: body - required: true - schema: - $ref: "#/definitions/tierCredentialsRequest" - responses: - 200: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - - /remote-buckets: - get: - summary: List Remote Buckets - operationId: ListRemoteBuckets - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/listRemoteBucketsResponse" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - post: - summary: Add Remote Bucket - operationId: AddRemoteBucket - parameters: - - name: body - in: body - required: true - schema: - $ref: "#/definitions/createRemoteBucket" - responses: - 201: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - - /remote-buckets/{name}: - get: - summary: Remote Bucket Details - operationId: RemoteBucketDetails - parameters: - - name: name - in: path - required: true - type: string - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/remoteBucket" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - /remote-buckets/{source-bucket-name}/{arn}: - delete: - summary: Delete Remote Bucket - operationId: DeleteRemoteBucket - parameters: - - name: source-bucket-name - in: path - required: true - type: string - - name: arn - in: path - required: true - type: string - responses: - 204: - description: A successful response. - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI - /logs/search: - get: - summary: Search the logs - operationId: LogSearch - parameters: - - name: fp - description: Filter Parameters - in: query - collectionFormat: multi - type: array - items: - type: string - - name: pageSize - in: query - type: number - format: int32 - default: 10 - - name: pageNo - in: query - type: number - format: int32 - default: 0 - - name: order - in: query - type: string - enum: [timeDesc, timeAsc] - default: timeDesc - - name: timeStart - in: query - type: string - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/logSearchResponse" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - UserAPI /tenants: get: summary: List Tenant of All Namespaces @@ -2203,7 +244,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI post: summary: Create Tenant operationId: CreateTenant @@ -2223,8 +264,8 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI - + - OperatorAPI + /namespace: post: summary: Creates a new Namespace with given information @@ -2243,7 +284,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI /namespaces/{namespace}/tenants: get: @@ -2278,7 +319,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI /namespaces/{namespace}/tenants/{tenant}/security: get: @@ -2303,7 +344,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI post: summary: Update Tenant Security operationId: UpdateTenantSecurity @@ -2329,7 +370,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI /namespaces/{namespace}/tenants/{tenant}: get: @@ -2354,7 +395,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI delete: summary: Delete tenant and underlying pvcs operationId: DeleteTenant @@ -2380,7 +421,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI put: summary: Update Tenant operationId: UpdateTenant @@ -2406,71 +447,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI - /namespaces/{namespace}/tenants/{tenant}/info: - get: - summary: Tenant Info - operationId: TenantInfo - parameters: - - name: namespace - in: path - required: true - type: string - - name: tenant - in: path - required: true - type: string - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/adminInfoResponse" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI - - /namespaces/{namespace}/tenants/{tenant}/info/widgets/{widgetId}: - get: - summary: Returns information about a tenant deployment - operationId: TenantWidgetDetails - parameters: - - name: namespace - in: path - required: true - type: string - - name: tenant - in: path - required: true - type: string - - name: widgetId - in: path - type: integer - format: int32 - required: true - - name: start - in: query - type: integer - - name: end - in: query - type: integer - - name: step - in: query - type: integer - format: int32 - responses: - 200: - description: A successful response. - schema: - $ref: "#/definitions/widgetDetails" - default: - description: Generic error response. - schema: - $ref: "#/definitions/error" - tags: - - AdminAPI + - OperatorAPI /namespaces/{namespace}/tenants/{tenant}/pools: post: @@ -2498,7 +475,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI put: summary: Tenant Update Pools operationId: TenantUpdatePools @@ -2526,7 +503,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI /namespaces/{namespace}/tenants/{tenant}/usage: get: @@ -2551,7 +528,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI /namespaces/{namespace}/tenants/{tenant}/pods: get: @@ -2578,7 +555,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI /namespaces/{namespace}/tenants/{tenant}/pods/{podName}: get: @@ -2607,7 +584,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI delete: summary: Delete pod operationId: DeletePod @@ -2632,7 +609,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI /namespaces/{namespace}/tenants/{tenant}/pods/{podName}/events: get: @@ -2661,7 +638,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI /namespaces/{namespace}/tenants/{tenant}/certificates: put: @@ -2689,7 +666,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI /namespaces/{namespace}/tenants/{tenant}/encryption: put: @@ -2717,7 +694,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI /namespaces/{namespace}/tenants/{tenant}/yaml: get: @@ -2742,7 +719,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI put: summary: Put the Tenant YAML operationId: PutTenantYAML @@ -2768,7 +745,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI /namespaces/{namespace}/resourcequotas/{resource-quota-name}: get: @@ -2793,7 +770,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI /cluster/max-allocatable-memory: get: @@ -2816,7 +793,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI /get-parity/{nodes}/{disksPerNode}: get: @@ -2843,7 +820,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI /direct-csi/drives: get: @@ -2868,7 +845,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI /direct-csi/volumes: get: @@ -2893,7 +870,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI /direct-csi/drives/format: post: @@ -2915,7 +892,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI /list-pvcs: get: @@ -2931,7 +908,7 @@ paths: schema: $ref: "#/definitions/error" tags: - - AdminAPI + - OperatorAPI /nodes/labels: get: @@ -3559,7 +1536,7 @@ definitions: properties: loginStrategy: type: string - enum: [form, redirect, service-account] + enum: [ form, redirect, service-account ] redirect: type: string loginOauth2AuthRequest: @@ -3660,7 +1637,7 @@ definitions: type: string status: type: string - enum: [ok] + enum: [ ok ] operator: type: boolean widgetResult: @@ -3672,7 +1649,7 @@ definitions: type: string values: type: array - items: {} + items: { } resultTarget: type: object properties: @@ -3890,7 +1867,7 @@ definitions: type: string service: type: string - enum: [replication] + enum: [ replication ] syncMode: type: string bandwidth: @@ -5537,7 +3514,7 @@ definitions: type: array items: type: string - + namespace: type: object required: @@ -5584,7 +3561,7 @@ definitions: type: string name: type: string - + rewindResponse: type: object properties: