mirrors/object-browser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Read subnet proxy configuration from minio or env var (#1511)

Browse Source 
Signed-off-by: Lenin Alevski <alevsk.8772@gmail.com>
This commit is contained in:
Lenin Alevski
2022-02-03 12:04:35 -06:00
committed by GitHub
parent 4091b11f99
commit 297c980a8d
11 changed files with 70 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
models/subnet_login_m_f_a_request.go
View File

@@ -44,9 +44,6 @@ type SubnetLoginMFARequest struct {
// Required: true
Otp *string `json:"otp"`
// proxy
Proxy string `json:"proxy,omitempty"`
// username
// Required: true
Username *string `json:"username"`

3
models/subnet_login_request.go
View File

@@ -40,9 +40,6 @@ type SubnetLoginRequest struct {
// password
Password string `json:"password,omitempty"`
// proxy
Proxy string `json:"proxy,omitempty"`
// username
Username string `json:"username,omitempty"`
}

3
models/subnet_register_request.go
View File

@@ -40,9 +40,6 @@ type SubnetRegisterRequest struct {
// Required: true
AccountID *string `json:"account_id"`
// proxy
Proxy string `json:"proxy,omitempty"`
// token
// Required: true
Token *string `json:"token"`

3
pkg/subnet/subnet.go
View File

@@ -87,6 +87,7 @@ func GetOrganizations(client cluster.HTTPClientI, token string) ([]*models.Subne
type LicenseTokenConfig struct {
APIKey string
License string
Proxy string
}
func Register(client cluster.HTTPClientI, admInfo madmin.InfoMessage, apiKey, token, accountID string) (*LicenseTokenConfig, error) {
@@ -115,7 +116,7 @@ func Register(client cluster.HTTPClientI, admInfo madmin.InfoMessage, apiKey, to
subnetAPIKey := respJSON.Get("api_key").String()
licenseJwt := respJSON.Get("license").String()
if subnetAPIKey != "" {
if subnetAPIKey != "" || licenseJwt != "" {
return &LicenseTokenConfig{
APIKey: subnetAPIKey,
License: licenseJwt,

1
portal-ui/src/screens/Console/License/types.tsx
View File

@@ -33,7 +33,6 @@ export interface SubnetLoginRequest {
export interface SubnetRegisterRequest {
token: string;
account_id: string;
proxy?: string;
}
export interface SubnetOrganization {

42
portal-ui/src/screens/Console/Support/Register.tsx
View File

@@ -30,7 +30,6 @@ import React, { Fragment, useCallback, useEffect, useState } from "react";
import { CopyIcon, DiagnosticsFeatureIcon, UsersIcon } from "../../../icons";
import RemoveRedEyeIcon from "@mui/icons-material/RemoveRedEye";
import VisibilityOffIcon from "@mui/icons-material/VisibilityOff";
import DnsIcon from "@mui/icons-material/Dns";
import OnlineRegistrationIcon from "../../../icons/OnlineRegistrationIcon";
import OfflineRegistrationIcon from "../../../icons/OfflineRegistrationIcon";
import InputBoxWrapper from "../Common/FormComponents/InputBoxWrapper/InputBoxWrapper";
@@ -302,7 +301,6 @@ const Register = ({
const [clusterRegistered, setClusterRegistered] = useState<boolean>(false);
const [initialLicenseLoading, setInitialLicenseLoading] =
useState<boolean>(true);
const [subnetProxy, setSubnetProxy] = useState<string>("");
const [displaySubnetProxy, setDisplaySubnetProxy] = useState<boolean>(false);
const clearForm = () => {
@@ -374,9 +372,6 @@ const Register = ({
token: token,
account_id: account_id,
};
if (displaySubnetProxy) {
request.proxy = subnetProxy;
}
api
.invoke("POST", "/api/v1/subnet/register", request)
.then(() => {
@@ -409,9 +404,6 @@ const Register = ({
otp: subnetOTP,
mfa_token: subnetMFAToken,
};
if (displaySubnetProxy) {
request.proxy = subnetProxy;
}
api
.invoke("POST", "/api/v1/subnet/login/mfa", request)
.then((resp: SubnetLoginResponse) => {
@@ -448,9 +440,6 @@ const Register = ({
password: subnetPassword,
apiKey: license,
};
if (displaySubnetProxy) {
request.proxy = subnetProxy;
}
api
.invoke("POST", "/api/v1/subnet/login", request)
.then((resp: SubnetLoginResponse) => {
@@ -917,6 +906,9 @@ const Register = ({
);
}
const proxyConfigurationCommand =
"mc admin config set {alias} subnet proxy={proxy}";
return (
<Fragment>
<PageHeader label="Register" />
@@ -1001,21 +993,33 @@ const Register = ({
fontSize: "14px",
}}
>
For airgap/firewalled environments it is possible to configure
a proxy to connect to SUBNET.
For airgap/firewalled environments it is possible to{" "}
<Link
className={classes.link}
href="https://docs.min.io/docs/minio-server-configuration-guide.html?ref=con"
target="_blank"
>
configure a proxy
</Link>{" "}
to connect to SUBNET .
</Box>
<Box>
{displaySubnetProxy && (
<InputBoxWrapper
overlayIcon={<DnsIcon />}
disabled
id="subnetProxy"
name="subnetProxy"
onChange={(event: React.ChangeEvent<HTMLInputElement>) =>
setSubnetProxy(event.target.value)
}
placeholder="https://192.168.1.3:3128"
placeholder=""
onChange={() => {}}
label=""
value={subnetProxy}
value={proxyConfigurationCommand}
overlayIcon={<CopyIcon />}
extraInputProps={{
readOnly: true,
}}
overlayAction={() =>
navigator.clipboard.writeText(proxyConfigurationCommand)
}
/>
)}
</Box>

51
restapi/admin_subnet.go
View File

@@ -44,7 +44,7 @@ func registerSubnetHandlers(api *operations.ConsoleAPI) {
})
// Get subnet login with MFA handler
api.AdminAPISubnetLoginMFAHandler = admin_api.SubnetLoginMFAHandlerFunc(func(params admin_api.SubnetLoginMFAParams, session *models.Principal) middleware.Responder {
resp, err := GetSubnetLoginWithMFAResponse(params)
resp, err := GetSubnetLoginWithMFAResponse(session, params)
if err != nil {
return admin_api.NewSubnetLoginMFADefault(int(err.Code)).WithPayload(err)
}
@@ -85,7 +85,12 @@ func SubnetRegisterWithAPIKey(ctx context.Context, minioClient MinioAdmin, apiKe
if err != nil {
return false, err
}
configStr := fmt.Sprintf("subnet license=%s api_key=%s", registerResult.License, registerResult.APIKey)
// Keep existing subnet proxy if exists
subnetKey, err := GetSubnetKeyFromMinIOConfig(ctx, minioClient)
if err != nil {
return false, err
}
configStr := fmt.Sprintf("subnet license=%s api_key=%s proxy=%s", registerResult.License, registerResult.APIKey, subnetKey.Proxy)
_, err = minioClient.setConfigKV(ctx, configStr)
if err != nil {
return false, err
@@ -112,15 +117,15 @@ func SubnetLogin(client cluster.HTTPClientI, username, password string) (string,
func GetSubnetLoginResponse(session *models.Principal, params admin_api.SubnetLoginParams) (*models.SubnetLoginResponse, *models.Error) {
ctx := context.Background()
subnetHTTPClient, err := GetSubnetHTTPClient(params.Body.Proxy)
if err != nil {
return nil, prepareError(err)
}
mAdmin, err := NewMinioAdminClient(session)
if err != nil {
return nil, prepareError(err)
}
minioClient := AdminClient{Client: mAdmin}
subnetHTTPClient, err := GetSubnetHTTPClient(ctx, minioClient)
if err != nil {
return nil, prepareError(err)
}
apiKey := params.Body.APIKey
if apiKey != "" {
registered, err := SubnetRegisterWithAPIKey(ctx, minioClient, apiKey)
@@ -173,8 +178,19 @@ func SubnetLoginWithMFA(client cluster.HTTPClientI, username, mfaToken, otp stri
}
// GetSubnetHTTPClient will return a client with proxy if configured, otherwise will return the default console http client
func GetSubnetHTTPClient(proxy string) (*cluster.HTTPClient, error) {
func GetSubnetHTTPClient(ctx context.Context, minioClient MinioAdmin) (*cluster.HTTPClient, error) {
var subnetHTTPClient *http.Client
var proxy string
envProxy := getSubnetProxy()
subnetKey, err := GetSubnetKeyFromMinIOConfig(ctx, minioClient)
if err != nil {
return nil, err
}
if subnetKey.Proxy != "" {
proxy = subnetKey.Proxy
} else if envProxy != "" {
proxy = envProxy
}
if proxy != "" {
transport := prepareSTSClientTransport(false)
subnetHTTPClient = &http.Client{
@@ -194,8 +210,14 @@ func GetSubnetHTTPClient(proxy string) (*cluster.HTTPClient, error) {
return clientI, nil
}
func GetSubnetLoginWithMFAResponse(params admin_api.SubnetLoginMFAParams) (*models.SubnetLoginResponse, *models.Error) {
subnetHTTPClient, err := GetSubnetHTTPClient(params.Body.Proxy)
func GetSubnetLoginWithMFAResponse(session *models.Principal, params admin_api.SubnetLoginMFAParams) (*models.SubnetLoginResponse, *models.Error) {
ctx := context.Background()
mAdmin, err := NewMinioAdminClient(session)
if err != nil {
return nil, prepareError(err)
}
minioClient := AdminClient{Client: mAdmin}
subnetHTTPClient, err := GetSubnetHTTPClient(ctx, minioClient)
if err != nil {
return nil, prepareError(err)
}
@@ -225,6 +247,8 @@ func GetSubnetKeyFromMinIOConfig(ctx context.Context, minioClient MinioAdmin) (*
res.APIKey = kv.Value
} else if kv.Key == "license" {
res.License = kv.Value
} else if kv.Key == "proxy" {
res.Proxy = kv.Value
}
}
return &res, nil
@@ -239,7 +263,12 @@ func GetSubnetRegister(ctx context.Context, minioClient MinioAdmin, httpClient c
if err != nil {
return err
}
configStr := fmt.Sprintf("subnet license=%s api_key=%s", registerResult.License, registerResult.APIKey)
// Keep existing subnet proxy if exists
subnetKey, err := GetSubnetKeyFromMinIOConfig(ctx, minioClient)
if err != nil {
return err
}
configStr := fmt.Sprintf("subnet license=%s api_key=%s proxy=%s", registerResult.License, registerResult.APIKey, subnetKey.Proxy)
_, err = minioClient.setConfigKV(ctx, configStr)
if err != nil {
return err
@@ -254,7 +283,7 @@ func GetSubnetRegisterResponse(session *models.Principal, params admin_api.Subne
return prepareError(err)
}
adminClient := AdminClient{Client: mAdmin}
subnetHTTPClient, err := GetSubnetHTTPClient(params.Body.Proxy)
subnetHTTPClient, err := GetSubnetHTTPClient(ctx, adminClient)
if err != nil {
return prepareError(err)
}

4
restapi/config.go
View File

@@ -50,6 +50,10 @@ func getMinIOServer() string {
return strings.TrimSpace(env.Get(ConsoleMinIOServer, "http://localhost:9000"))
}
func getSubnetProxy() string {
return strings.TrimSpace(env.Get(ConsoleSubnetProxy, ""))
}
func GetMinIORegion() string {
return strings.TrimSpace(env.Get(ConsoleMinIORegion, ""))
}

1
restapi/consts.go
View File

@@ -20,6 +20,7 @@ package restapi
const (
// Constants for common configuration
ConsoleMinIOServer = "CONSOLE_MINIO_SERVER"
ConsoleSubnetProxy = "CONSOLE_SUBNET_PROXY"
ConsoleMinIORegion = "CONSOLE_MINIO_REGION"
ConsoleHostname = "CONSOLE_HOSTNAME"
ConsolePort = "CONSOLE_PORT"

18
restapi/embedded_spec.go
View File

@@ -5730,9 +5730,6 @@ func init() {
"otp": {
"type": "string"
},
"proxy": {
"type": "string"
},
"username": {
"type": "string"
}
@@ -5747,9 +5744,6 @@ func init() {
"password": {
"type": "string"
},
"proxy": {
"type": "string"
},
"username": {
"type": "string"
}
@@ -5808,9 +5802,6 @@ func init() {
"account_id": {
"type": "string"
},
"proxy": {
"type": "string"
},
"token": {
"type": "string"
}
@@ -11966,9 +11957,6 @@ func init() {
"otp": {
"type": "string"
},
"proxy": {
"type": "string"
},
"username": {
"type": "string"
}
@@ -11983,9 +11971,6 @@ func init() {
"password": {
"type": "string"
},
"proxy": {
"type": "string"
},
"username": {
"type": "string"
}
@@ -12044,9 +12029,6 @@ func init() {
"account_id": {
"type": "string"
},
"proxy": {
"type": "string"
},
"token": {
"type": "string"
}

6
swagger-console.yml
View File

@@ -4138,8 +4138,6 @@ definitions:
subnetLoginRequest:
type: object
properties:
proxy:
type: string
username:
type: string
password:
@@ -4154,8 +4152,6 @@ definitions:
- otp
- mfa_token
properties:
proxy:
type: string
username:
type: string
otp:
@@ -4169,8 +4165,6 @@ definitions:
- token
- account_id
properties:
proxy:
type: string
token:
type: string
account_id: