Return Generated Console Credentials (#217)

Whe Console is configured, we auto generate credentials for Console and store them in a secret but we need to return them to the user so he knows what credentials he/she can use to log in to console.

models/create_tenant_response.go

@@ -23,6 +23,7 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 )
@@ -35,12 +36,42 @@ type CreateTenantResponse struct {
 	// access key
 	AccessKey string `json:"access_key,omitempty"`
 
+	// console
+	Console *CreateTenantResponseConsole `json:"console,omitempty"`
+
 	// secret key
 	SecretKey string `json:"secret_key,omitempty"`
 }
 
 // Validate validates this create tenant response
 func (m *CreateTenantResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateConsole(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *CreateTenantResponse) validateConsole(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.Console) { // not required
+		return nil
+	}
+
+	if m.Console != nil {
+		if err := m.Console.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("console")
+			}
+			return err
+		}
+	}
+
 	return nil
 }
 
@@ -61,3 +92,38 @@ func (m *CreateTenantResponse) UnmarshalBinary(b []byte) error {
 	*m = res
 	return nil
 }
+
+// CreateTenantResponseConsole create tenant response console
+//
+// swagger:model CreateTenantResponseConsole
+type CreateTenantResponseConsole struct {
+
+	// access key
+	AccessKey string `json:"access_key,omitempty"`
+
+	// secret key
+	SecretKey string `json:"secret_key,omitempty"`
+}
+
+// Validate validates this create tenant response console
+func (m *CreateTenantResponseConsole) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *CreateTenantResponseConsole) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *CreateTenantResponseConsole) UnmarshalBinary(b []byte) error {
+	var res CreateTenantResponseConsole
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

restapi/admin_tenants.go

@@ -254,12 +254,12 @@ func listTenants(ctx context.Context, operatorClient OperatorClient, namespace s
 	}
 
 	var tenants []*models.TenantList
-	var totalSize int64
 
-	for _, minInst := range minTenants.Items {
+	for _, tenant := range minTenants.Items {
+		var totalSize int64
 		var instanceCount int64
 		var volumeCount int64
-		for _, zone := range minInst.Spec.Zones {
+		for _, zone := range tenant.Spec.Zones {
 			instanceCount = instanceCount + int64(zone.Servers)
 			volumeCount = volumeCount + int64(zone.Servers*zone.VolumesPerServer)
 			if zone.VolumeClaimTemplate != nil {
@@ -269,20 +269,20 @@ func listTenants(ctx context.Context, operatorClient OperatorClient, namespace s
 		}
 
 		tenants = append(tenants, &models.TenantList{
-			CreationDate:  minInst.ObjectMeta.CreationTimestamp.String(),
+			CreationDate:  tenant.ObjectMeta.CreationTimestamp.String(),
-			Name:          minInst.ObjectMeta.Name,
+			Name:          tenant.ObjectMeta.Name,
-			ZoneCount:     int64(len(minInst.Spec.Zones)),
+			ZoneCount:     int64(len(tenant.Spec.Zones)),
 			InstanceCount: instanceCount,
 			VolumeCount:   volumeCount,
-			CurrentState:  minInst.Status.CurrentState,
+			CurrentState:  tenant.Status.CurrentState,
-			Namespace:     minInst.ObjectMeta.Namespace,
+			Namespace:     tenant.ObjectMeta.Namespace,
 			TotalSize:     totalSize,
 		})
 	}
 
 	return &models.ListTenantsResponse{
 		Tenants: tenants,
-		Total:   0,
+		Total:   int64(len(tenants)),
 	}, nil
 }
 
@@ -332,6 +332,13 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create
 		}
 		minioImage = *minImg
 	}
+	// get Kubernetes Client
+	clientset, err := cluster.K8sClient(session.SessionToken)
+	if err != nil {
+		return nil, err
+	}
+
+	ns := *params.Body.Namespace
 
 	// if access/secret are provided, use them, else create a random pair
 	accessKey := RandomCharString(16)
@@ -355,11 +362,6 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create
 		},
 	}
 
-	clientset, err := cluster.K8sClient(session.SessionToken)
-	if err != nil {
-		return nil, err
-	}
-	ns := *params.Body.Namespace
 	_, err = clientset.CoreV1().Secrets(ns).Create(context.Background(), &instanceSecret, metav1.CreateOptions{})
 	if err != nil {
 		return nil, err
@@ -389,10 +391,13 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create
 		},
 	}
 	// optionals are set below
-
+	var consoleAccess string
+	var consoleSecret string
 	if enableConsole {
 		consoleSelector := fmt.Sprintf("%s-console", *params.Body.Name)
 		consoleSecretName := fmt.Sprintf("%s-secret", consoleSelector)
+		consoleAccess = RandomCharString(16)
+		consoleSecret = RandomCharString(32)
 		imm := true
 		instanceSecret := corev1.Secret{
 			ObjectMeta: metav1.ObjectMeta{
@@ -403,8 +408,8 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create
 				"CONSOLE_HMAC_JWT_SECRET":  []byte(RandomCharString(16)),
 				"CONSOLE_PBKDF_PASSPHRASE": []byte(RandomCharString(16)),
 				"CONSOLE_PBKDF_SALT":       []byte(RandomCharString(8)),
-				"CONSOLE_ACCESS_KEY":       []byte(RandomCharString(16)),
+				"CONSOLE_ACCESS_KEY":       []byte(consoleAccess),
-				"CONSOLE_SECRET_KEY":       []byte(RandomCharString(32)),
+				"CONSOLE_SECRET_KEY":       []byte(consoleSecret),
 			},
 		}
 		_, err = clientset.CoreV1().Secrets(ns).Create(context.Background(), &instanceSecret, metav1.CreateOptions{})
@@ -462,11 +467,16 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create
 			return nil, err
 		}
 	}
-
+	response := &models.CreateTenantResponse{
-	return &models.CreateTenantResponse{
 		AccessKey: accessKey,
 		SecretKey: secretKey,
-	}, nil
+	}
+	// Attach Console Credentials
+	if enableConsole {
+		response.Console.AccessKey = consoleAccess
+		response.Console.SecretKey = consoleSecret
+	}
+	return response, nil
 }
 
 // updateTenantAction does an update on the minioTenant by patching the desired changes

restapi/embedded_spec.go

@@ -2020,6 +2020,17 @@ func init() {
         "access_key": {
           "type": "string"
         },
+        "console": {
+          "type": "object",
+          "properties": {
+            "access_key": {
+              "type": "string"
+            },
+            "secret_key": {
+              "type": "string"
+            }
+          }
+        },
         "secret_key": {
           "type": "string"
         }
@@ -4842,6 +4853,17 @@ func init() {
     }
   },
   "definitions": {
+    "CreateTenantResponseConsole": {
+      "type": "object",
+      "properties": {
+        "access_key": {
+          "type": "string"
+        },
+        "secret_key": {
+          "type": "string"
+        }
+      }
+    },
     "NodeSelectorTermMatchExpressionsItems0": {
       "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.",
       "type": "object",
@@ -5359,6 +5381,17 @@ func init() {
         "access_key": {
           "type": "string"
         },
+        "console": {
+          "type": "object",
+          "properties": {
+            "access_key": {
+              "type": "string"
+            },
+            "secret_key": {
+              "type": "string"
+            }
+          }
+        },
         "secret_key": {
           "type": "string"
         }

swagger.yml

@@ -1817,6 +1817,13 @@ definitions:
         type: string
       secret_key:
         type: string
+      console:
+        type: object
+        properties:
+          access_key:
+            type: string
+          secret_key:
+            type: string
   zone:
     type: object
     required: