mirrors/object-browser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add CSR end point (#1893)

Browse Source
This commit is contained in:
Cesar Celis Hernandez
2022-05-09 14:35:19 -04:00
committed by GitHub
parent 624d9d9c4a
commit 0c822ffa98
10 changed files with 900 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

154
models/csr_element.go Normal file
View File

@@ -0,0 +1,154 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2022 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package models
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"context"
"strconv"
"github.com/go-openapi/errors"
"github.com/go-openapi/strfmt"
"github.com/go-openapi/swag"
)
// CsrElement csr element
//
// swagger:model csrElement
type CsrElement struct {
// annotations
Annotations []*Annotation `json:"annotations"`
// deletion grace period seconds
DeletionGracePeriodSeconds int64 `json:"deletion_grace_period_seconds,omitempty"`
// generate name
GenerateName string `json:"generate_name,omitempty"`
// generation
Generation int64 `json:"generation,omitempty"`
// name
Name string `json:"name,omitempty"`
// namespace
Namespace string `json:"namespace,omitempty"`
// resource version
ResourceVersion string `json:"resource_version,omitempty"`
// status
Status string `json:"status,omitempty"`
}
// Validate validates this csr element
func (m *CsrElement) Validate(formats strfmt.Registry) error {
var res []error
if err := m.validateAnnotations(formats); err != nil {
res = append(res, err)
}
if len(res) > 0 {
return errors.CompositeValidationError(res...)
}
return nil
}
func (m *CsrElement) validateAnnotations(formats strfmt.Registry) error {
if swag.IsZero(m.Annotations) { // not required
return nil
}
for i := 0; i < len(m.Annotations); i++ {
if swag.IsZero(m.Annotations[i]) { // not required
continue
}
if m.Annotations[i] != nil {
if err := m.Annotations[i].Validate(formats); err != nil {
if ve, ok := err.(*errors.Validation); ok {
return ve.ValidateName("annotations" + "." + strconv.Itoa(i))
} else if ce, ok := err.(*errors.CompositeError); ok {
return ce.ValidateName("annotations" + "." + strconv.Itoa(i))
}
return err
}
}
}
return nil
}
// ContextValidate validate this csr element based on the context it is used
func (m *CsrElement) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
var res []error
if err := m.contextValidateAnnotations(ctx, formats); err != nil {
res = append(res, err)
}
if len(res) > 0 {
return errors.CompositeValidationError(res...)
}
return nil
}
func (m *CsrElement) contextValidateAnnotations(ctx context.Context, formats strfmt.Registry) error {
for i := 0; i < len(m.Annotations); i++ {
if m.Annotations[i] != nil {
if err := m.Annotations[i].ContextValidate(ctx, formats); err != nil {
if ve, ok := err.(*errors.Validation); ok {
return ve.ValidateName("annotations" + "." + strconv.Itoa(i))
} else if ce, ok := err.(*errors.CompositeError); ok {
return ce.ValidateName("annotations" + "." + strconv.Itoa(i))
}
return err
}
}
}
return nil
}
// MarshalBinary interface implementation
func (m *CsrElement) MarshalBinary() ([]byte, error) {
if m == nil {
return nil, nil
}
return swag.WriteJSON(m)
}
// UnmarshalBinary interface implementation
func (m *CsrElement) UnmarshalBinary(b []byte) error {
var res CsrElement
if err := swag.ReadJSON(b, &res); err != nil {
return err
}
*m = res
return nil
}

38
operator-integration/tenant_test.go
View File

@@ -606,3 +606,41 @@ func TestGetPodDescribe(t *testing.T) {
200, resp.StatusCode, "Status Code is incorrect")
}*/
}
func GetCSR(nameSpace string, tenant string) (*http.Response, error) {
/*
Helper function to get events for pod
URL: /namespaces/{namespace}/tenants/{tenant}/csr
HTTP Verb: GET
*/
request, err := http.NewRequest(
"GET", "http://localhost:9090/api/v1/namespaces/"+nameSpace+"/tenants/"+tenant+"/csr/", nil)
if err != nil {
log.Println(err)
}
request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
request.Header.Add("Content-Type", "application/json")
client := &http.Client{
Timeout: 2 * time.Second,
}
response, err := client.Do(request)
return response, err
}
func TestGetCSR(t *testing.T) {
assert := assert.New(t)
namespace := "tenant-lite"
tenant := "storage-lite"
resp, err := GetCSR(namespace, tenant)
assert.Nil(err)
if err != nil {
log.Println(err)
return
}
finalResponse := inspectHTTPResponse(resp)
if resp != nil {
assert.Equal(
200, resp.StatusCode, finalResponse)
}
assert.Equal(strings.Contains(finalResponse, "Automatically approved by MinIO Operator"), true)
}

142
operatorapi/embedded_spec.go
View File

@@ -583,6 +583,43 @@ func init() {
}
}
},
"/namespaces/{namespace}/tenants/{tenant}/csr": {
"get": {
"tags": [
"OperatorAPI"
],
"summary": "List Tenant Certificate Signing Request",
"operationId": "ListTenantCertificateSigningRequest",
"parameters": [
{
"type": "string",
"name": "namespace",
"in": "path",
"required": true
},
{
"type": "string",
"name": "tenant",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/csrElement"
}
},
"default": {
"description": "Generic error response.",
"schema": {
"$ref": "#/definitions/error"
}
}
}
}
},
"/namespaces/{namespace}/tenants/{tenant}/disable-logging": {
"post": {
"tags": [
@@ -2273,6 +2310,40 @@ func init() {
}
}
},
"csrElement": {
"type": "object",
"properties": {
"annotations": {
"type": "array",
"items": {
"$ref": "#/definitions/annotation"
}
},
"deletion_grace_period_seconds": {
"type": "integer",
"format": "int64"
},
"generate_name": {
"type": "string"
},
"generation": {
"type": "integer",
"format": "int64"
},
"name": {
"type": "string"
},
"namespace": {
"type": "string"
},
"resource_version": {
"type": "string"
},
"status": {
"type": "string"
}
}
},
"deleteTenantRequest": {
"type": "object",
"properties": {
@@ -5012,6 +5083,43 @@ func init() {
}
}
},
"/namespaces/{namespace}/tenants/{tenant}/csr": {
"get": {
"tags": [
"OperatorAPI"
],
"summary": "List Tenant Certificate Signing Request",
"operationId": "ListTenantCertificateSigningRequest",
"parameters": [
{
"type": "string",
"name": "namespace",
"in": "path",
"required": true
},
{
"type": "string",
"name": "tenant",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/csrElement"
}
},
"default": {
"description": "Generic error response.",
"schema": {
"$ref": "#/definitions/error"
}
}
}
}
},
"/namespaces/{namespace}/tenants/{tenant}/disable-logging": {
"post": {
"tags": [
@@ -7545,6 +7653,40 @@ func init() {
}
}
},
"csrElement": {
"type": "object",
"properties": {
"annotations": {
"type": "array",
"items": {
"$ref": "#/definitions/annotation"
}
},
"deletion_grace_period_seconds": {
"type": "integer",
"format": "int64"
},
"generate_name": {
"type": "string"
},
"generation": {
"type": "integer",
"format": "int64"
},
"name": {
"type": "string"
},
"namespace": {
"type": "string"
},
"resource_version": {
"type": "string"
},
"status": {
"type": "string"
}
}
},
"deleteTenantRequest": {
"type": "object",
"properties": {

12
operatorapi/operations/operator_api.go
View File

@@ -142,6 +142,9 @@ func NewOperatorAPI(spec *loads.Document) *OperatorAPI {
OperatorAPIListPVCsForTenantHandler: operator_api.ListPVCsForTenantHandlerFunc(func(params operator_api.ListPVCsForTenantParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation operator_api.ListPVCsForTenant has not yet been implemented")
}),
OperatorAPIListTenantCertificateSigningRequestHandler: operator_api.ListTenantCertificateSigningRequestHandlerFunc(func(params operator_api.ListTenantCertificateSigningRequestParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation operator_api.ListTenantCertificateSigningRequest has not yet been implemented")
}),
OperatorAPIListTenantsHandler: operator_api.ListTenantsHandlerFunc(func(params operator_api.ListTenantsParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation operator_api.ListTenants has not yet been implemented")
}),
@@ -321,6 +324,8 @@ type OperatorAPI struct {
OperatorAPIListPVCsHandler operator_api.ListPVCsHandler
// OperatorAPIListPVCsForTenantHandler sets the operation handler for the list p v cs for tenant operation
OperatorAPIListPVCsForTenantHandler operator_api.ListPVCsForTenantHandler
// OperatorAPIListTenantCertificateSigningRequestHandler sets the operation handler for the list tenant certificate signing request operation
OperatorAPIListTenantCertificateSigningRequestHandler operator_api.ListTenantCertificateSigningRequestHandler
// OperatorAPIListTenantsHandler sets the operation handler for the list tenants operation
OperatorAPIListTenantsHandler operator_api.ListTenantsHandler
// AuthLoginDetailHandler sets the operation handler for the login detail operation
@@ -532,6 +537,9 @@ func (o *OperatorAPI) Validate() error {
if o.OperatorAPIListPVCsForTenantHandler == nil {
unregistered = append(unregistered, "operator_api.ListPVCsForTenantHandler")
}
if o.OperatorAPIListTenantCertificateSigningRequestHandler == nil {
unregistered = append(unregistered, "operator_api.ListTenantCertificateSigningRequestHandler")
}
if o.OperatorAPIListTenantsHandler == nil {
unregistered = append(unregistered, "operator_api.ListTenantsHandler")
}
@@ -815,6 +823,10 @@ func (o *OperatorAPI) initHandlerCache() {
if o.handlers["GET"] == nil {
o.handlers["GET"] = make(map[string]http.Handler)
}
o.handlers["GET"]["/namespaces/{namespace}/tenants/{tenant}/csr"] = operator_api.NewListTenantCertificateSigningRequest(o.context, o.OperatorAPIListTenantCertificateSigningRequestHandler)
if o.handlers["GET"] == nil {
o.handlers["GET"] = make(map[string]http.Handler)
}
o.handlers["GET"]["/namespaces/{namespace}/tenants"] = operator_api.NewListTenants(o.context, o.OperatorAPIListTenantsHandler)
if o.handlers["GET"] == nil {
o.handlers["GET"] = make(map[string]http.Handler)

88
operatorapi/operations/operator_api/list_tenant_certificate_signing_request.go Normal file
View File

@@ -0,0 +1,88 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2022 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package operator_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the generate command
import (
"net/http"
"github.com/go-openapi/runtime/middleware"
"github.com/minio/console/models"
)
// ListTenantCertificateSigningRequestHandlerFunc turns a function with the right signature into a list tenant certificate signing request handler
type ListTenantCertificateSigningRequestHandlerFunc func(ListTenantCertificateSigningRequestParams, *models.Principal) middleware.Responder
// Handle executing the request and returning a response
func (fn ListTenantCertificateSigningRequestHandlerFunc) Handle(params ListTenantCertificateSigningRequestParams, principal *models.Principal) middleware.Responder {
return fn(params, principal)
}
// ListTenantCertificateSigningRequestHandler interface for that can handle valid list tenant certificate signing request params
type ListTenantCertificateSigningRequestHandler interface {
Handle(ListTenantCertificateSigningRequestParams, *models.Principal) middleware.Responder
}
// NewListTenantCertificateSigningRequest creates a new http.Handler for the list tenant certificate signing request operation
func NewListTenantCertificateSigningRequest(ctx *middleware.Context, handler ListTenantCertificateSigningRequestHandler) *ListTenantCertificateSigningRequest {
return &ListTenantCertificateSigningRequest{Context: ctx, Handler: handler}
}
/* ListTenantCertificateSigningRequest swagger:route GET /namespaces/{namespace}/tenants/{tenant}/csr OperatorAPI listTenantCertificateSigningRequest
List Tenant Certificate Signing Request
*/
type ListTenantCertificateSigningRequest struct {
Context *middleware.Context
Handler ListTenantCertificateSigningRequestHandler
}
func (o *ListTenantCertificateSigningRequest) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
route, rCtx, _ := o.Context.RouteInfo(r)
if rCtx != nil {
*r = *rCtx
}
var Params = NewListTenantCertificateSigningRequestParams()
uprinc, aCtx, err := o.Context.Authorize(r, route)
if err != nil {
o.Context.Respond(rw, r, route.Produces, route, err)
return
}
if aCtx != nil {
*r = *aCtx
}
var principal *models.Principal
if uprinc != nil {
principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise
}
if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
o.Context.Respond(rw, r, route.Produces, route, err)
return
}
res := o.Handler.Handle(Params, principal) // actually handle the request
o.Context.Respond(rw, r, route.Produces, route, res)
}

112
operatorapi/operations/operator_api/list_tenant_certificate_signing_request_parameters.go Normal file
View File

@@ -0,0 +1,112 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2022 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package operator_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"net/http"
"github.com/go-openapi/errors"
"github.com/go-openapi/runtime/middleware"
"github.com/go-openapi/strfmt"
)
// NewListTenantCertificateSigningRequestParams creates a new ListTenantCertificateSigningRequestParams object
//
// There are no default values defined in the spec.
func NewListTenantCertificateSigningRequestParams() ListTenantCertificateSigningRequestParams {
return ListTenantCertificateSigningRequestParams{}
}
// ListTenantCertificateSigningRequestParams contains all the bound params for the list tenant certificate signing request operation
// typically these are obtained from a http.Request
//
// swagger:parameters ListTenantCertificateSigningRequest
type ListTenantCertificateSigningRequestParams struct {
// HTTP Request Object
HTTPRequest *http.Request `json:"-"`
/*
Required: true
In: path
*/
Namespace string
/*
Required: true
In: path
*/
Tenant string
}
// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
// for simple values it will use straight method calls.
//
// To ensure default values, the struct must have been initialized with NewListTenantCertificateSigningRequestParams() beforehand.
func (o *ListTenantCertificateSigningRequestParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
var res []error
o.HTTPRequest = r
rNamespace, rhkNamespace, _ := route.Params.GetOK("namespace")
if err := o.bindNamespace(rNamespace, rhkNamespace, route.Formats); err != nil {
res = append(res, err)
}
rTenant, rhkTenant, _ := route.Params.GetOK("tenant")
if err := o.bindTenant(rTenant, rhkTenant, route.Formats); err != nil {
res = append(res, err)
}
if len(res) > 0 {
return errors.CompositeValidationError(res...)
}
return nil
}
// bindNamespace binds and validates parameter Namespace from path.
func (o *ListTenantCertificateSigningRequestParams) bindNamespace(rawData []string, hasKey bool, formats strfmt.Registry) error {
var raw string
if len(rawData) > 0 {
raw = rawData[len(rawData)-1]
}
// Required: true
// Parameter is provided by construction from the route
o.Namespace = raw
return nil
}
// bindTenant binds and validates parameter Tenant from path.
func (o *ListTenantCertificateSigningRequestParams) bindTenant(rawData []string, hasKey bool, formats strfmt.Registry) error {
var raw string
if len(rawData) > 0 {
raw = rawData[len(rawData)-1]
}
// Required: true
// Parameter is provided by construction from the route
o.Tenant = raw
return nil
}

133
operatorapi/operations/operator_api/list_tenant_certificate_signing_request_responses.go Normal file
View File

@@ -0,0 +1,133 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2022 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package operator_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"net/http"
"github.com/go-openapi/runtime"
"github.com/minio/console/models"
)
// ListTenantCertificateSigningRequestOKCode is the HTTP code returned for type ListTenantCertificateSigningRequestOK
const ListTenantCertificateSigningRequestOKCode int = 200
/*ListTenantCertificateSigningRequestOK A successful response.
swagger:response listTenantCertificateSigningRequestOK
*/
type ListTenantCertificateSigningRequestOK struct {
/*
In: Body
*/
Payload *models.CsrElement `json:"body,omitempty"`
}
// NewListTenantCertificateSigningRequestOK creates ListTenantCertificateSigningRequestOK with default headers values
func NewListTenantCertificateSigningRequestOK() *ListTenantCertificateSigningRequestOK {
return &ListTenantCertificateSigningRequestOK{}
}
// WithPayload adds the payload to the list tenant certificate signing request o k response
func (o *ListTenantCertificateSigningRequestOK) WithPayload(payload *models.CsrElement) *ListTenantCertificateSigningRequestOK {
o.Payload = payload
return o
}
// SetPayload sets the payload to the list tenant certificate signing request o k response
func (o *ListTenantCertificateSigningRequestOK) SetPayload(payload *models.CsrElement) {
o.Payload = payload
}
// WriteResponse to the client
func (o *ListTenantCertificateSigningRequestOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(200)
if o.Payload != nil {
payload := o.Payload
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
}
/*ListTenantCertificateSigningRequestDefault Generic error response.
swagger:response listTenantCertificateSigningRequestDefault
*/
type ListTenantCertificateSigningRequestDefault struct {
_statusCode int
/*
In: Body
*/
Payload *models.Error `json:"body,omitempty"`
}
// NewListTenantCertificateSigningRequestDefault creates ListTenantCertificateSigningRequestDefault with default headers values
func NewListTenantCertificateSigningRequestDefault(code int) *ListTenantCertificateSigningRequestDefault {
if code <= 0 {
code = 500
}
return &ListTenantCertificateSigningRequestDefault{
_statusCode: code,
}
}
// WithStatusCode adds the status to the list tenant certificate signing request default response
func (o *ListTenantCertificateSigningRequestDefault) WithStatusCode(code int) *ListTenantCertificateSigningRequestDefault {
o._statusCode = code
return o
}
// SetStatusCode sets the status to the list tenant certificate signing request default response
func (o *ListTenantCertificateSigningRequestDefault) SetStatusCode(code int) {
o._statusCode = code
}
// WithPayload adds the payload to the list tenant certificate signing request default response
func (o *ListTenantCertificateSigningRequestDefault) WithPayload(payload *models.Error) *ListTenantCertificateSigningRequestDefault {
o.Payload = payload
return o
}
// SetPayload sets the payload to the list tenant certificate signing request default response
func (o *ListTenantCertificateSigningRequestDefault) SetPayload(payload *models.Error) {
o.Payload = payload
}
// WriteResponse to the client
func (o *ListTenantCertificateSigningRequestDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(o._statusCode)
if o.Payload != nil {
payload := o.Payload
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
}

124
operatorapi/operations/operator_api/list_tenant_certificate_signing_request_urlbuilder.go Normal file
View File

@@ -0,0 +1,124 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2022 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package operator_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the generate command
import (
"errors"
"net/url"
golangswaggerpaths "path"
"strings"
)
// ListTenantCertificateSigningRequestURL generates an URL for the list tenant certificate signing request operation
type ListTenantCertificateSigningRequestURL struct {
Namespace string
Tenant string
_basePath string
// avoid unkeyed usage
_ struct{}
}
// WithBasePath sets the base path for this url builder, only required when it's different from the
// base path specified in the swagger spec.
// When the value of the base path is an empty string
func (o *ListTenantCertificateSigningRequestURL) WithBasePath(bp string) *ListTenantCertificateSigningRequestURL {
o.SetBasePath(bp)
return o
}
// SetBasePath sets the base path for this url builder, only required when it's different from the
// base path specified in the swagger spec.
// When the value of the base path is an empty string
func (o *ListTenantCertificateSigningRequestURL) SetBasePath(bp string) {
o._basePath = bp
}
// Build a url path and query string
func (o *ListTenantCertificateSigningRequestURL) Build() (*url.URL, error) {
var _result url.URL
var _path = "/namespaces/{namespace}/tenants/{tenant}/csr"
namespace := o.Namespace
if namespace != "" {
_path = strings.Replace(_path, "{namespace}", namespace, -1)
} else {
return nil, errors.New("namespace is required on ListTenantCertificateSigningRequestURL")
}
tenant := o.Tenant
if tenant != "" {
_path = strings.Replace(_path, "{tenant}", tenant, -1)
} else {
return nil, errors.New("tenant is required on ListTenantCertificateSigningRequestURL")
}
_basePath := o._basePath
if _basePath == "" {
_basePath = "/api/v1"
}
_result.Path = golangswaggerpaths.Join(_basePath, _path)
return &_result, nil
}
// Must is a helper function to panic when the url builder returns an error
func (o *ListTenantCertificateSigningRequestURL) Must(u *url.URL, err error) *url.URL {
if err != nil {
panic(err)
}
if u == nil {
panic("url can't be nil")
}
return u
}
// String returns the string representation of the path with query string
func (o *ListTenantCertificateSigningRequestURL) String() string {
return o.Must(o.Build()).String()
}
// BuildFull builds a full url with scheme, host, path and query string
func (o *ListTenantCertificateSigningRequestURL) BuildFull(scheme, host string) (*url.URL, error) {
if scheme == "" {
return nil, errors.New("scheme is required for a full url on ListTenantCertificateSigningRequestURL")
}
if host == "" {
return nil, errors.New("host is required for a full url on ListTenantCertificateSigningRequestURL")
}
base, err := o.Build()
if err != nil {
return nil, err
}
base.Scheme = scheme
base.Host = host
return base, nil
}
// StringFull returns the string representation of a complete url
func (o *ListTenantCertificateSigningRequestURL) StringFull(scheme, host string) string {
return o.Must(o.BuildFull(scheme, host)).String()
}

48
operatorapi/volumes.go
View File

@@ -52,6 +52,15 @@ func registerVolumesHandlers(api *operations.OperatorAPI) {
return operator_api.NewListPVCsForTenantOK().WithPayload(payload)
})
api.OperatorAPIListTenantCertificateSigningRequestHandler = operator_api.ListTenantCertificateSigningRequestHandlerFunc(func(params operator_api.ListTenantCertificateSigningRequestParams, session *models.Principal) middleware.Responder {
payload, err := getTenantCSResponse(session, params)
if err != nil {
return operator_api.NewListTenantCertificateSigningRequestDefault(int(err.Code)).WithPayload(err)
}
return operator_api.NewListTenantCertificateSigningRequestOK().WithPayload(payload)
})
api.OperatorAPIDeletePVCHandler = operator_api.DeletePVCHandlerFunc(func(params operator_api.DeletePVCParams, session *models.Principal) middleware.Responder {
err := getDeletePVCResponse(session, params)
if err != nil {
@@ -212,3 +221,42 @@ func getPVCEventsResponse(session *models.Principal, params operator_api.GetPVCE
})
return retval, nil
}
func getTenantCSResponse(session *models.Principal, params operator_api.ListTenantCertificateSigningRequestParams) (*models.CsrElement, *models.Error) {
ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
defer cancel()
clientset, err := cluster.K8sClient(session.STSSessionToken)
if err != nil {
return nil, errors.ErrorWithContext(ctx, err)
}
csrName := params.Tenant + "-" + params.Namespace + "-csr"
csrResult, csrError := clientset.CertificatesV1().CertificateSigningRequests().Get(ctx, csrName, metav1.GetOptions{})
if csrError != nil {
return nil, errors.ErrorWithContext(ctx, err)
}
annotations := []*models.Annotation{}
for k, v := range csrResult.ObjectMeta.Annotations {
annotations = append(annotations, &models.Annotation{Key: k, Value: v})
}
var DeletionGracePeriodSeconds int64
DeletionGracePeriodSeconds = 0
if csrResult.ObjectMeta.DeletionGracePeriodSeconds != nil {
DeletionGracePeriodSeconds = *csrResult.ObjectMeta.DeletionGracePeriodSeconds
}
messages := ""
// A CSR.Status can contain multiple Conditions
for i := 0; i < len(csrResult.Status.Conditions); i++ {
messages = messages + " " + csrResult.Status.Conditions[i].Message
}
retval := &models.CsrElement{
Name: csrResult.ObjectMeta.Name,
Annotations: annotations,
DeletionGracePeriodSeconds: DeletionGracePeriodSeconds,
GenerateName: csrResult.ObjectMeta.GenerateName,
Generation: csrResult.ObjectMeta.Generation,
Namespace: csrResult.ObjectMeta.Namespace,
ResourceVersion: csrResult.ObjectMeta.ResourceVersion,
Status: messages,
}
return retval, nil
}

49
swagger-operator.yml
View File

@@ -310,6 +310,31 @@ paths:
tags:
- OperatorAPI
/namespaces/{namespace}/tenants/{tenant}/csr:
get:
summary: List Tenant Certificate Signing Request
operationId: ListTenantCertificateSigningRequest
parameters:
- name: namespace
in: path
required: true
type: string
- name: tenant
in: path
required: true
type: string
responses:
200:
description: A successful response.
schema:
$ref: "#/definitions/csrElement"
default:
description: Generic error response.
schema:
$ref: "#/definitions/error"
tags:
- OperatorAPI
/namespaces/{namespace}/tenants/{tenant}/identity-provider:
get:
summary: Tenant Identity Provider
@@ -1580,6 +1605,30 @@ definitions:
password:
type: string
csrElement:
type: object
properties:
status:
type: string
name:
type: string
generate_name:
type: string
namespace:
type: string
resource_version:
type: string
generation:
type: integer
format: int64
deletion_grace_period_seconds:
type: integer
format: int64
annotations:
type: array
items:
$ref: "#/definitions/annotation"
createTenantRequest:
type: object
required: