Remove Operator mode references in Console mode (#884)

Signed-off-by: Daniel Valdivia <18384552+dvaldivia@users.noreply.github.com>

models/list_buckets_response.go

@@ -39,7 +39,7 @@ type ListBucketsResponse struct {
 	// list of resulting buckets
 	Buckets []*Bucket `json:"buckets"`
 
-	// number of buckets accessible to the user
+	// number of buckets accessible to tenant user
 	Total int64 `json:"total,omitempty"`
 }
 

models/operator_session_response.go

@@ -0,0 +1,128 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"encoding/json"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
+// OperatorSessionResponse operator session response
+//
+// swagger:model operatorSessionResponse
+type OperatorSessionResponse struct {
+
+	// features
+	Features []string `json:"features"`
+
+	// operator
+	Operator bool `json:"operator,omitempty"`
+
+	// pages
+	Pages []string `json:"pages"`
+
+	// status
+	// Enum: [ok]
+	Status string `json:"status,omitempty"`
+}
+
+// Validate validates this operator session response
+func (m *OperatorSessionResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateStatus(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+var operatorSessionResponseTypeStatusPropEnum []interface{}
+
+func init() {
+	var res []string
+	if err := json.Unmarshal([]byte(`["ok"]`), &res); err != nil {
+		panic(err)
+	}
+	for _, v := range res {
+		operatorSessionResponseTypeStatusPropEnum = append(operatorSessionResponseTypeStatusPropEnum, v)
+	}
+}
+
+const (
+
+	// OperatorSessionResponseStatusOk captures enum value "ok"
+	OperatorSessionResponseStatusOk string = "ok"
+)
+
+// prop value enum
+func (m *OperatorSessionResponse) validateStatusEnum(path, location string, value string) error {
+	if err := validate.EnumCase(path, location, value, operatorSessionResponseTypeStatusPropEnum, true); err != nil {
+		return err
+	}
+	return nil
+}
+
+func (m *OperatorSessionResponse) validateStatus(formats strfmt.Registry) error {
+	if swag.IsZero(m.Status) { // not required
+		return nil
+	}
+
+	// value enum
+	if err := m.validateStatusEnum("status", "body", m.Status); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ContextValidate validates this operator session response based on context it is used
+func (m *OperatorSessionResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *OperatorSessionResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *OperatorSessionResponse) UnmarshalBinary(b []byte) error {
+	var res OperatorSessionResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

operatorapi/consts.go

@@ -19,14 +19,13 @@ package operatorapi
 // list of all console environment constants
 const (
 	// Constants for common configuration
-	ConsoleMinIOServer    = "CONSOLE_MINIO_SERVER"
-	ConsoleMinIORegion    = "CONSOLE_MINIO_REGION"
-	ConsoleProductionMode = "CONSOLE_PRODUCTION_MODE"
-	ConsoleHostname       = "CONSOLE_HOSTNAME"
-	ConsolePort           = "CONSOLE_PORT"
-	ConsoleTLSHostname    = "CONSOLE_TLS_HOSTNAME"
-	ConsoleTLSPort        = "CONSOLE_TLS_PORT"
-	ConsoleSubnetLicense  = "CONSOLE_SUBNET_LICENSE"
+	ConsoleMinIOServer   = "CONSOLE_MINIO_SERVER"
+	ConsoleMinIORegion   = "CONSOLE_MINIO_REGION"
+	ConsoleHostname      = "CONSOLE_HOSTNAME"
+	ConsolePort          = "CONSOLE_PORT"
+	ConsoleTLSHostname   = "CONSOLE_TLS_HOSTNAME"
+	ConsoleTLSPort       = "CONSOLE_TLS_PORT"
+	ConsoleSubnetLicense = "CONSOLE_SUBNET_LICENSE"
 
 	// Constants for Secure middleware
 	ConsoleSecureAllowedHosts                    = "CONSOLE_SECURE_ALLOWED_HOSTS"
@@ -50,11 +49,6 @@ const (
 	ConsoleSecureExpectCTHeader                  = "CONSOLE_SECURE_EXPECT_CT_HEADER"
 	ConsoleOperatorSAToken                       = "CONSOLE_OPERATOR_SA_TOKEN"
 	ConsoleOperatorConsoleImage                  = "CONSOLE_OPERATOR_CONSOLE_IMAGE"
-	PrometheusURL                                = "CONSOLE_PROMETHEUS_URL"
-	PrometheusJobID                              = "CONSOLE_PROMETHEUS_JOB_ID"
-	ConsoleLogQueryURL                           = "CONSOLE_LOG_QUERY_URL"
-	ConsoleLogQueryAuthToken                     = "CONSOLE_LOG_QUERY_AUTH_TOKEN"
-	LogSearchQueryAuthToken                      = "LOGSEARCH_QUERY_AUTH_TOKEN"
 
 	// Constants for prometheus annotations
 	prometheusPath   = "prometheus.io/path"

operatorapi/embedded_spec.go

@@ -1183,7 +1183,7 @@ func init() {
           "200": {
             "description": "A successful response.",
             "schema": {
-              "$ref": "#/definitions/sessionResponse"
+              "$ref": "#/definitions/operatorSessionResponse"
             }
           },
           "default": {
@@ -3309,6 +3309,32 @@ func init() {
         "years"
       ]
     },
+    "operatorSessionResponse": {
+      "type": "object",
+      "properties": {
+        "features": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        },
+        "operator": {
+          "type": "boolean"
+        },
+        "pages": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        },
+        "status": {
+          "type": "string",
+          "enum": [
+            "ok"
+          ]
+        }
+      }
+    },
     "parityResponse": {
       "type": "array",
       "items": {
@@ -3987,32 +4013,6 @@ func init() {
         "type": "string"
       }
     },
-    "sessionResponse": {
-      "type": "object",
-      "properties": {
-        "features": {
-          "type": "array",
-          "items": {
-            "type": "string"
-          }
-        },
-        "operator": {
-          "type": "boolean"
-        },
-        "pages": {
-          "type": "array",
-          "items": {
-            "type": "string"
-          }
-        },
-        "status": {
-          "type": "string",
-          "enum": [
-            "ok"
-          ]
-        }
-      }
-    },
     "setBucketPolicyRequest": {
       "type": "object",
       "required": [
@@ -6056,7 +6056,7 @@ func init() {
           "200": {
             "description": "A successful response.",
             "schema": {
-              "$ref": "#/definitions/sessionResponse"
+              "$ref": "#/definitions/operatorSessionResponse"
             }
           },
           "default": {
@@ -8830,6 +8830,32 @@ func init() {
         "years"
       ]
     },
+    "operatorSessionResponse": {
+      "type": "object",
+      "properties": {
+        "features": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        },
+        "operator": {
+          "type": "boolean"
+        },
+        "pages": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        },
+        "status": {
+          "type": "string",
+          "enum": [
+            "ok"
+          ]
+        }
+      }
+    },
     "parityResponse": {
       "type": "array",
       "items": {
@@ -9417,32 +9443,6 @@ func init() {
         "type": "string"
       }
     },
-    "sessionResponse": {
-      "type": "object",
-      "properties": {
-        "features": {
-          "type": "array",
-          "items": {
-            "type": "string"
-          }
-        },
-        "operator": {
-          "type": "boolean"
-        },
-        "pages": {
-          "type": "array",
-          "items": {
-            "type": "string"
-          }
-        },
-        "status": {
-          "type": "string",
-          "enum": [
-            "ok"
-          ]
-        }
-      }
-    },
     "setBucketPolicyRequest": {
       "type": "object",
       "required": [

operatorapi/operations/user_api/session_check_responses.go

@@ -42,7 +42,7 @@ type SessionCheckOK struct {
 	/*
 	  In: Body
 	*/
-	Payload *models.SessionResponse `json:"body,omitempty"`
+	Payload *models.OperatorSessionResponse `json:"body,omitempty"`
 }
 
 // NewSessionCheckOK creates SessionCheckOK with default headers values
@@ -52,13 +52,13 @@ func NewSessionCheckOK() *SessionCheckOK {
 }
 
 // WithPayload adds the payload to the session check o k response
-func (o *SessionCheckOK) WithPayload(payload *models.SessionResponse) *SessionCheckOK {
+func (o *SessionCheckOK) WithPayload(payload *models.OperatorSessionResponse) *SessionCheckOK {
 	o.Payload = payload
 	return o
 }
 
 // SetPayload sets the payload to the session check o k response
-func (o *SessionCheckOK) SetPayload(payload *models.SessionResponse) {
+func (o *SessionCheckOK) SetPayload(payload *models.OperatorSessionResponse) {
 	o.Payload = payload
 }
 

operatorapi/operator_login.go

@@ -22,6 +22,8 @@ import (
 	"net/http"
 	"time"
 
+	"github.com/minio/minio-go/v7/pkg/credentials"
+
 	"github.com/minio/console/restapi"
 
 	iampolicy "github.com/minio/pkg/iam/policy"
@@ -114,7 +116,7 @@ func getAccountPolicy(ctx context.Context, client restapi.MinioAdmin) (*iampolic
 
 // getConsoleCredentials will return consoleCredentials interface including the associated policy of the current account
 func getConsoleCredentials(ctx context.Context, accessKey, secretKey string) (*restapi.ConsoleCredentials, error) {
-	creds, err := restapi.NewConsoleCredentials(accessKey, secretKey, restapi.GetMinIORegion())
+	creds, err := newConsoleCredentials(secretKey)
 	if err != nil {
 		return nil, err
 	}
@@ -180,7 +182,7 @@ func getLoginResponse(lr *models.LoginRequest) (*models.LoginResponse, *models.E
 func getLoginDetailsResponse() (*models.LoginDetails, *models.Error) {
 	ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second)
 	defer cancel()
-	loginStrategy := models.LoginDetailsLoginStrategyForm
+	loginStrategy := models.LoginDetailsLoginStrategyServiceDashAccount
 	redirectURL := ""
 
 	if oauth2.IsIdpEnabled() {
@@ -193,8 +195,6 @@ func getLoginDetailsResponse() (*models.LoginDetails, *models.Error) {
 		// Validate user against IDP
 		identityProvider := &auth.IdentityProvider{Client: oauth2Client}
 		redirectURL = identityProvider.GenerateLoginURL()
-	} else if acl.GetOperatorMode() {
-		loginStrategy = models.LoginDetailsLoginStrategyServiceDashAccount
 	}
 
 	loginDetails := &models.LoginDetails{
@@ -206,12 +206,12 @@ func getLoginDetailsResponse() (*models.LoginDetails, *models.Error) {
 
 func getLoginOauth2AuthResponse() (*models.LoginResponse, *models.Error) {
 
-	creds, err := restapi.NewConsoleCredentials("", getK8sSAToken(), "")
+	creds, err := newConsoleCredentials(getK8sSAToken())
 	if err != nil {
 		return nil, prepareError(err)
 	}
-	credentials := restapi.ConsoleCredentials{ConsoleCredentials: creds, Actions: []string{}}
-	token, err := login(credentials)
+	consoleCredentials := restapi.ConsoleCredentials{ConsoleCredentials: creds, Actions: []string{}}
+	token, err := login(consoleCredentials)
 	if err != nil {
 		return nil, prepareError(errInvalidCredentials, nil, err)
 	}
@@ -222,9 +222,17 @@ func getLoginOauth2AuthResponse() (*models.LoginResponse, *models.Error) {
 	return loginResponse, nil
 }
 
+func newConsoleCredentials(secretKey string) (*credentials.Credentials, error) {
+	creds, err := auth.GetConsoleCredentialsForOperator(secretKey)
+	if err != nil {
+		return nil, err
+	}
+	return creds, nil
+}
+
 // getLoginOperatorResponse validate the provided service account token against k8s api
 func getLoginOperatorResponse(lmr *models.LoginOperatorRequest) (*models.LoginResponse, *models.Error) {
-	creds, err := restapi.NewConsoleCredentials("", *lmr.Jwt, "")
+	creds, err := newConsoleCredentials(*lmr.Jwt)
 	if err != nil {
 		return nil, prepareError(err)
 	}

operatorapi/operator_session.go

@@ -36,16 +36,16 @@ func registerSessionHandlers(api *operations.OperatorAPI) {
 }
 
 // getSessionResponse parse the token of the current session and returns a list of allowed actions to render in the UI
-func getSessionResponse(session *models.Principal) (*models.SessionResponse, *models.Error) {
+func getSessionResponse(session *models.Principal) (*models.OperatorSessionResponse, *models.Error) {
 	// serialize output
 	if session == nil {
 		return nil, prepareError(errorGenericInvalidSession)
 	}
-	sessionResp := &models.SessionResponse{
+	sessionResp := &models.OperatorSessionResponse{
 		Pages:    acl.GetAuthorizedEndpoints(session.Actions),
 		Features: getListOfEnabledFeatures(),
-		Status:   models.SessionResponseStatusOk,
-		Operator: acl.GetOperatorMode(),
+		Status:   models.OperatorSessionResponseStatusOk,
+		Operator: true,
 	}
 	return sessionResp, nil
 }

operatorapi/operator_subscription.go

@@ -108,7 +108,7 @@ func getOperatorSubscriptionActivateResponse(session *models.Principal, namespac
 		client: clientSet,
 	}
 	// Get cluster subscription license
-	license, err := getSubscriptionLicense(ctx, &k8sClient, cluster.Namespace, restapi.OperatorSubnetLicenseSecretName)
+	license, err := getSubscriptionLicense(ctx, &k8sClient, cluster.Namespace, OperatorSubnetLicenseSecretName)
 	if err != nil {
 		return prepareError(errInvalidCredentials, nil, err)
 	}

operatorapi/operator_tenants.go

@@ -1220,7 +1220,7 @@ func getTenantCreatedResponse(session *models.Principal, params operator_api.Cre
 		}
 		// If Subnet License is present in k8s secrets, copy that to the CONSOLE_SUBNET_LICENSE env variable
 		// of the console tenant
-		license, _ := getSubscriptionLicense(ctx, &k8sClient, cluster.Namespace, restapi.OperatorSubnetLicenseSecretName)
+		license, _ := getSubscriptionLicense(ctx, &k8sClient, cluster.Namespace, OperatorSubnetLicenseSecretName)
 		if license != "" {
 			consoleSecretData[restapi.ConsoleSubnetLicense] = []byte(license)
 		}

portal-ui/build/asset-manifest.json

@@ -1,25 +1,25 @@
 {
   "files": {
     "main.css": "/static/css/main.8cfac526.chunk.css",
-    "main.js": "/static/js/main.50c2f2ba.chunk.js",
-    "main.js.map": "/static/js/main.50c2f2ba.chunk.js.map",
+    "main.js": "/static/js/main.cd39de89.chunk.js",
+    "main.js.map": "/static/js/main.cd39de89.chunk.js.map",
     "runtime-main.js": "/static/js/runtime-main.43a31377.js",
     "runtime-main.js.map": "/static/js/runtime-main.43a31377.js.map",
-    "static/css/2.60e04a19.chunk.css": "/static/css/2.60e04a19.chunk.css",
-    "static/js/2.1bafa615.chunk.js": "/static/js/2.1bafa615.chunk.js",
-    "static/js/2.1bafa615.chunk.js.map": "/static/js/2.1bafa615.chunk.js.map",
+    "static/css/2.c5a51b70.chunk.css": "/static/css/2.c5a51b70.chunk.css",
+    "static/js/2.58cdc602.chunk.js": "/static/js/2.58cdc602.chunk.js",
+    "static/js/2.58cdc602.chunk.js.map": "/static/js/2.58cdc602.chunk.js.map",
     "index.html": "/index.html",
-    "static/css/2.60e04a19.chunk.css.map": "/static/css/2.60e04a19.chunk.css.map",
+    "static/css/2.c5a51b70.chunk.css.map": "/static/css/2.c5a51b70.chunk.css.map",
     "static/css/main.8cfac526.chunk.css.map": "/static/css/main.8cfac526.chunk.css.map",
-    "static/js/2.1bafa615.chunk.js.LICENSE.txt": "/static/js/2.1bafa615.chunk.js.LICENSE.txt",
+    "static/js/2.58cdc602.chunk.js.LICENSE.txt": "/static/js/2.58cdc602.chunk.js.LICENSE.txt",
     "static/media/minio_console_logo.0837460e.svg": "/static/media/minio_console_logo.0837460e.svg",
     "static/media/minio_operator_logo.1312b7c9.svg": "/static/media/minio_operator_logo.1312b7c9.svg"
   },
   "entrypoints": [
     "static/js/runtime-main.43a31377.js",
-    "static/css/2.60e04a19.chunk.css",
-    "static/js/2.1bafa615.chunk.js",
+    "static/css/2.c5a51b70.chunk.css",
+    "static/js/2.58cdc602.chunk.js",
     "static/css/main.8cfac526.chunk.css",
-    "static/js/main.50c2f2ba.chunk.js"
+    "static/js/main.cd39de89.chunk.js"
   ]
 }

portal-ui/build/index.html

@@ -1 +1 @@
-<!doctype html><html lang="en"><head><meta charset="utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><meta name="theme-color" content="#000000"/><meta name="description" content="MinIO Console"/><link href="https://fonts.googleapis.com/css2?family=Lato:wght@400;500;700;900&display=swap" rel="stylesheet"/><link href="/styles/root-styles.css" rel="stylesheet"/><link rel="apple-touch-icon" sizes="180x180" href="/apple-icon-180x180.png"/><link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png"/><link rel="icon" type="image/png" sizes="96x96" href="/favicon-96x96.png"/><link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png"/><link rel="manifest" href="/manifest.json"/><link rel="mask-icon" href="/safari-pinned-tab.svg" color="#3a4e54"/><title>MinIO Console</title><link href="/static/css/2.60e04a19.chunk.css" rel="stylesheet"><link href="/static/css/main.8cfac526.chunk.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"><div id="loader-block"><svg class="loader-svg-container" viewBox="22 22 44 44"><circle class="loader-style MuiCircularProgress-circle MuiCircularProgress-circleIndeterminate" cx="44" cy="44" r="20.2" fill="none" stroke-width="3.6"></circle></svg></div></div><script>!function(e){function r(r){for(var n,l,i=r[0],a=r[1],p=r[2],c=0,s=[];c<i.length;c++)l=i[c],Object.prototype.hasOwnProperty.call(o,l)&&o[l]&&s.push(o[l][0]),o[l]=0;for(n in a)Object.prototype.hasOwnProperty.call(a,n)&&(e[n]=a[n]);for(f&&f(r);s.length;)s.shift()();return u.push.apply(u,p||[]),t()}function t(){for(var e,r=0;r<u.length;r++){for(var t=u[r],n=!0,i=1;i<t.length;i++){var a=t[i];0!==o[a]&&(n=!1)}n&&(u.splice(r--,1),e=l(l.s=t[0]))}return e}var n={},o={1:0},u=[];function l(r){if(n[r])return n[r].exports;var t=n[r]={i:r,l:!1,exports:{}};return e[r].call(t.exports,t,t.exports,l),t.l=!0,t.exports}l.m=e,l.c=n,l.d=function(e,r,t){l.o(e,r)||Object.defineProperty(e,r,{enumerable:!0,get:t})},l.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},l.t=function(e,r){if(1&r&&(e=l(e)),8&r)return e;if(4&r&&"object"==typeof e&&e&&e.__esModule)return e;var t=Object.create(null);if(l.r(t),Object.defineProperty(t,"default",{enumerable:!0,value:e}),2&r&&"string"!=typeof e)for(var n in e)l.d(t,n,function(r){return e[r]}.bind(null,n));return t},l.n=function(e){var r=e&&e.__esModule?function(){return e.default}:function(){return e};return l.d(r,"a",r),r},l.o=function(e,r){return Object.prototype.hasOwnProperty.call(e,r)},l.p="/";var i=this["webpackJsonpportal-ui"]=this["webpackJsonpportal-ui"]||[],a=i.push.bind(i);i.push=r,i=i.slice();for(var p=0;p<i.length;p++)r(i[p]);var f=a;t()}([])</script><script src="/static/js/2.1bafa615.chunk.js"></script><script src="/static/js/main.50c2f2ba.chunk.js"></script></body></html>
+<!doctype html><html lang="en"><head><meta charset="utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><meta name="theme-color" content="#000000"/><meta name="description" content="MinIO Console"/><link href="https://fonts.googleapis.com/css2?family=Lato:wght@400;500;700;900&display=swap" rel="stylesheet"/><link href="/styles/root-styles.css" rel="stylesheet"/><link rel="apple-touch-icon" sizes="180x180" href="/apple-icon-180x180.png"/><link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png"/><link rel="icon" type="image/png" sizes="96x96" href="/favicon-96x96.png"/><link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png"/><link rel="manifest" href="/manifest.json"/><link rel="mask-icon" href="/safari-pinned-tab.svg" color="#3a4e54"/><title>MinIO Console</title><link href="/static/css/2.c5a51b70.chunk.css" rel="stylesheet"><link href="/static/css/main.8cfac526.chunk.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"><div id="loader-block"><svg class="loader-svg-container" viewBox="22 22 44 44"><circle class="loader-style MuiCircularProgress-circle MuiCircularProgress-circleIndeterminate" cx="44" cy="44" r="20.2" fill="none" stroke-width="3.6"></circle></svg></div></div><script>!function(e){function r(r){for(var n,l,i=r[0],a=r[1],p=r[2],c=0,s=[];c<i.length;c++)l=i[c],Object.prototype.hasOwnProperty.call(o,l)&&o[l]&&s.push(o[l][0]),o[l]=0;for(n in a)Object.prototype.hasOwnProperty.call(a,n)&&(e[n]=a[n]);for(f&&f(r);s.length;)s.shift()();return u.push.apply(u,p||[]),t()}function t(){for(var e,r=0;r<u.length;r++){for(var t=u[r],n=!0,i=1;i<t.length;i++){var a=t[i];0!==o[a]&&(n=!1)}n&&(u.splice(r--,1),e=l(l.s=t[0]))}return e}var n={},o={1:0},u=[];function l(r){if(n[r])return n[r].exports;var t=n[r]={i:r,l:!1,exports:{}};return e[r].call(t.exports,t,t.exports,l),t.l=!0,t.exports}l.m=e,l.c=n,l.d=function(e,r,t){l.o(e,r)||Object.defineProperty(e,r,{enumerable:!0,get:t})},l.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},l.t=function(e,r){if(1&r&&(e=l(e)),8&r)return e;if(4&r&&"object"==typeof e&&e&&e.__esModule)return e;var t=Object.create(null);if(l.r(t),Object.defineProperty(t,"default",{enumerable:!0,value:e}),2&r&&"string"!=typeof e)for(var n in e)l.d(t,n,function(r){return e[r]}.bind(null,n));return t},l.n=function(e){var r=e&&e.__esModule?function(){return e.default}:function(){return e};return l.d(r,"a",r),r},l.o=function(e,r){return Object.prototype.hasOwnProperty.call(e,r)},l.p="/";var i=this["webpackJsonpportal-ui"]=this["webpackJsonpportal-ui"]||[],a=i.push.bind(i);i.push=r,i=i.slice();for(var p=0;p<i.length;p++)r(i[p]);var f=a;t()}([])</script><script src="/static/js/2.58cdc602.chunk.js"></script><script src="/static/js/main.cd39de89.chunk.js"></script></body></html>

restapi/client.go

@@ -30,7 +30,6 @@ import (
 
 	"github.com/minio/console/models"
 	"github.com/minio/console/pkg"
-	"github.com/minio/console/pkg/acl"
 	"github.com/minio/console/pkg/auth"
 	"github.com/minio/console/pkg/auth/ldap"
 	xjwt "github.com/minio/console/pkg/auth/token"
@@ -309,15 +308,6 @@ func (s consoleSTSAssumeRole) IsExpired() bool {
 func NewConsoleCredentials(accessKey, secretKey, location string) (*credentials.Credentials, error) {
 	// Future authentication methods can be added under this switch statement
 	switch {
-	// authentication for Operator Console
-	case acl.GetOperatorMode():
-		{
-			creds, err := auth.GetConsoleCredentialsForOperator(secretKey)
-			if err != nil {
-				return nil, err
-			}
-			return creds, nil
-		}
 	// LDAP authentication for Console
 	case ldap.GetLDAPEnabled():
 		{

restapi/consts.go

@@ -19,14 +19,13 @@ package restapi
 // list of all console environment constants
 const (
 	// Constants for common configuration
-	ConsoleMinIOServer    = "CONSOLE_MINIO_SERVER"
-	ConsoleMinIORegion    = "CONSOLE_MINIO_REGION"
-	ConsoleProductionMode = "CONSOLE_PRODUCTION_MODE"
-	ConsoleHostname       = "CONSOLE_HOSTNAME"
-	ConsolePort           = "CONSOLE_PORT"
-	ConsoleTLSHostname    = "CONSOLE_TLS_HOSTNAME"
-	ConsoleTLSPort        = "CONSOLE_TLS_PORT"
-	ConsoleSubnetLicense  = "CONSOLE_SUBNET_LICENSE"
+	ConsoleMinIOServer   = "CONSOLE_MINIO_SERVER"
+	ConsoleMinIORegion   = "CONSOLE_MINIO_REGION"
+	ConsoleHostname      = "CONSOLE_HOSTNAME"
+	ConsolePort          = "CONSOLE_PORT"
+	ConsoleTLSHostname   = "CONSOLE_TLS_HOSTNAME"
+	ConsoleTLSPort       = "CONSOLE_TLS_PORT"
+	ConsoleSubnetLicense = "CONSOLE_SUBNET_LICENSE"
 
 	// Constants for Secure middleware
 	ConsoleSecureAllowedHosts                    = "CONSOLE_SECURE_ALLOWED_HOSTS"
@@ -48,21 +47,9 @@ const (
 	ConsoleSecureReferrerPolicy                  = "CONSOLE_SECURE_REFERRER_POLICY"
 	ConsoleSecureFeaturePolicy                   = "CONSOLE_SECURE_FEATURE_POLICY"
 	ConsoleSecureExpectCTHeader                  = "CONSOLE_SECURE_EXPECT_CT_HEADER"
-	ConsoleOperatorConsoleImage                  = "CONSOLE_OPERATOR_CONSOLE_IMAGE"
 	PrometheusURL                                = "CONSOLE_PROMETHEUS_URL"
 	PrometheusJobID                              = "CONSOLE_PROMETHEUS_JOB_ID"
 	ConsoleLogQueryURL                           = "CONSOLE_LOG_QUERY_URL"
 	ConsoleLogQueryAuthToken                     = "CONSOLE_LOG_QUERY_AUTH_TOKEN"
 	LogSearchQueryAuthToken                      = "LOGSEARCH_QUERY_AUTH_TOKEN"
 )
-
-// Image versions
-const (
-	ConsoleImageDefaultVersion = "minio/console:v0.7.5"
-)
-
-// K8s
-
-const (
-	OperatorSubnetLicenseSecretName = "subnet-license"
-)

restapi/user_login.go

@@ -193,8 +193,6 @@ func getLoginDetailsResponse() (*models.LoginDetails, *models.Error) {
 		// Validate user against IDP
 		identityProvider := &auth.IdentityProvider{Client: oauth2Client}
 		redirectURL = identityProvider.GenerateLoginURL()
-	} else if acl.GetOperatorMode() {
-		loginStrategy = models.LoginDetailsLoginStrategyServiceDashAccount
 	}
 
 	loginDetails := &models.LoginDetails{

restapi/user_session.go

@@ -40,9 +40,10 @@ func validateDistributedMode(session *models.Principal) bool {
 
 	info, err := client.AccountInfo(ctx)
 
-	// We couldn't retrieve admin information
+	// We couldn't retrieve admin information, default to true for legacy reasons
+	// TODO: Revert to false after August 15th 2021
 	if err != nil {
-		return false
+		return true
 	}
 
 	backendInfo := info.Server
@@ -72,7 +73,7 @@ func getSessionResponse(session *models.Principal) (*models.SessionResponse, *mo
 		Pages:           acl.GetAuthorizedEndpoints(session.Actions),
 		Features:        getListOfEnabledFeatures(),
 		Status:          models.SessionResponseStatusOk,
-		Operator:        acl.GetOperatorMode(),
+		Operator:        false,
 		DistributedMode: validateDistributedMode(session),
 	}
 	return sessionResp, nil

swagger-operator.yml

@@ -128,7 +128,7 @@ paths:
         200:
           description: A successful response.
           schema:
-            $ref: "#/definitions/sessionResponse"
+            $ref: "#/definitions/operatorSessionResponse"
         default:
           description: Generic error response.
           schema:
@@ -1624,7 +1624,7 @@ definitions:
     properties:
       type:
         $ref: "#/definitions/profilerType"
-  sessionResponse:
+  operatorSessionResponse:
     type: object
     properties:
       pages: