Added Annotations, Labels and NodeSelector fields (#285)

For Console/Encryption objects in the CreateTenant Api
2020-09-22 15:50:37 -07:00
parent e5f7870f5e
commit 86426e95f7
11 changed files with 653 additions and 72 deletions
--- a/go.mod
+++ b/go.mod
@@ -19,7 +19,7 @@ require (
 	github.com/minio/mc v0.0.0-20200808005614-7e52c104bee1
 	github.com/minio/minio v0.0.0-20200808024306-2a9819aff876
 	github.com/minio/minio-go/v7 v7.0.5-0.20200807085956-d7db33ea7618
-	github.com/minio/operator v0.0.0-20200921211523-69f9eef5b7b5
+	github.com/minio/operator v0.0.0-20200922064400-af3315add727
 	github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35 // indirect
 	github.com/secure-io/sio-go v0.3.1
 	github.com/stretchr/testify v1.6.1
--- a/go.sum
+++ b/go.sum
@@ -783,6 +783,8 @@ github.com/minio/minio-go/v7 v7.0.5-0.20200807085956-d7db33ea7618 h1:8iTb0TFs6kD
 github.com/minio/minio-go/v7 v7.0.5-0.20200807085956-d7db33ea7618/go.mod h1:CSt2ETZNs+bIIhWTse0mcZKZWMGrFU7Er7RR0TmkDYk=
 github.com/minio/operator v0.0.0-20200921211523-69f9eef5b7b5 h1:yQ7WHA2wbTTGHz0Z4xXSRxfUTm5fafM0ajvlZlQ2Zl4=
 github.com/minio/operator v0.0.0-20200921211523-69f9eef5b7b5/go.mod h1:6lavbNo2YuJWeQR5bZYsEWdbpRCO2KrTyfQ0PtC/AN4=
+github.com/minio/operator v0.0.0-20200922064400-af3315add727 h1:MN8Knn7yxrd76Y3uL38DZh4RhihTZTck5u51NoEar/c=
+github.com/minio/operator v0.0.0-20200922064400-af3315add727/go.mod h1:6lavbNo2YuJWeQR5bZYsEWdbpRCO2KrTyfQ0PtC/AN4=
 github.com/minio/selfupdate v0.3.1 h1:BWEFSNnrZVMUWXbXIgLDNDjbejkmpAmZvy/nCz1HlEs=
 github.com/minio/selfupdate v0.3.1/go.mod h1:b8ThJzzH7u2MkF6PcIra7KaXO9Khf6alWPvMSyTDCFM=
 github.com/minio/sha256-simd v0.1.1 h1:5QHSlgo3nt5yKOJrC7W8w7X+NFl8cMPZm96iu8kKUJU=
--- a/models/console_configuration.go
+++ b/models/console_configuration.go
@@ -0,0 +1,117 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// ConsoleConfiguration console configuration
+//
+// swagger:model consoleConfiguration
+type ConsoleConfiguration struct {
+	MetadataFields
+
+	// image
+	Image string `json:"image,omitempty"`
+}
+
+// UnmarshalJSON unmarshals this object from a JSON structure
+func (m *ConsoleConfiguration) UnmarshalJSON(raw []byte) error {
+	// AO0
+	var aO0 MetadataFields
+	if err := swag.ReadJSON(raw, &aO0); err != nil {
+		return err
+	}
+	m.MetadataFields = aO0
+
+	// AO1
+	var dataAO1 struct {
+		Image string `json:"image,omitempty"`
+	}
+	if err := swag.ReadJSON(raw, &dataAO1); err != nil {
+		return err
+	}
+
+	m.Image = dataAO1.Image
+
+	return nil
+}
+
+// MarshalJSON marshals this object to a JSON structure
+func (m ConsoleConfiguration) MarshalJSON() ([]byte, error) {
+	_parts := make([][]byte, 0, 2)
+
+	aO0, err := swag.WriteJSON(m.MetadataFields)
+	if err != nil {
+		return nil, err
+	}
+	_parts = append(_parts, aO0)
+	var dataAO1 struct {
+		Image string `json:"image,omitempty"`
+	}
+
+	dataAO1.Image = m.Image
+
+	jsonDataAO1, errAO1 := swag.WriteJSON(dataAO1)
+	if errAO1 != nil {
+		return nil, errAO1
+	}
+	_parts = append(_parts, jsonDataAO1)
+	return swag.ConcatJSON(_parts...), nil
+}
+
+// Validate validates this console configuration
+func (m *ConsoleConfiguration) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	// validation for a type composition with MetadataFields
+	if err := m.MetadataFields.Validate(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *ConsoleConfiguration) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *ConsoleConfiguration) UnmarshalBinary(b []byte) error {
+	var res ConsoleConfiguration
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/create_tenant_request.go
+++ b/models/create_tenant_request.go
@@ -42,6 +42,9 @@ type CreateTenantRequest struct {
 	// annotations
 	Annotations map[string]string `json:"annotations,omitempty"`

+	// console
+	Console *ConsoleConfiguration `json:"console,omitempty"`
+
 	// console image
 	ConsoleImage string `json:"console_image,omitempty"`

@@ -105,6 +108,10 @@ type CreateTenantRequest struct {
 func (m *CreateTenantRequest) Validate(formats strfmt.Registry) error {
 	var res []error

+	if err := m.validateConsole(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateEncryption(formats); err != nil {
 		res = append(res, err)
 	}
@@ -139,6 +146,24 @@ func (m *CreateTenantRequest) Validate(formats strfmt.Registry) error {
 	return nil
 }

+func (m *CreateTenantRequest) validateConsole(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.Console) { // not required
+		return nil
+	}
+
+	if m.Console != nil {
+		if err := m.Console.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("console")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 func (m *CreateTenantRequest) validateEncryption(formats strfmt.Registry) error {

 	if swag.IsZero(m.Encryption) { // not required
--- a/models/encryption_configuration.go
+++ b/models/encryption_configuration.go
@@ -32,6 +32,7 @@ import (
 //
 // swagger:model encryptionConfiguration
 type EncryptionConfiguration struct {
+	MetadataFields

 	// aws
 	Aws *AwsConfiguration `json:"aws,omitempty"`
@@ -52,10 +53,100 @@ type EncryptionConfiguration struct {
 	Vault *VaultConfiguration `json:"vault,omitempty"`
 }

+// UnmarshalJSON unmarshals this object from a JSON structure
+func (m *EncryptionConfiguration) UnmarshalJSON(raw []byte) error {
+	// AO0
+	var aO0 MetadataFields
+	if err := swag.ReadJSON(raw, &aO0); err != nil {
+		return err
+	}
+	m.MetadataFields = aO0
+
+	// AO1
+	var dataAO1 struct {
+		Aws *AwsConfiguration `json:"aws,omitempty"`
+
+		Client *KeyPairConfiguration `json:"client,omitempty"`
+
+		Gemalto *GemaltoConfiguration `json:"gemalto,omitempty"`
+
+		Image string `json:"image,omitempty"`
+
+		Server *KeyPairConfiguration `json:"server,omitempty"`
+
+		Vault *VaultConfiguration `json:"vault,omitempty"`
+	}
+	if err := swag.ReadJSON(raw, &dataAO1); err != nil {
+		return err
+	}
+
+	m.Aws = dataAO1.Aws
+
+	m.Client = dataAO1.Client
+
+	m.Gemalto = dataAO1.Gemalto
+
+	m.Image = dataAO1.Image
+
+	m.Server = dataAO1.Server
+
+	m.Vault = dataAO1.Vault
+
+	return nil
+}
+
+// MarshalJSON marshals this object to a JSON structure
+func (m EncryptionConfiguration) MarshalJSON() ([]byte, error) {
+	_parts := make([][]byte, 0, 2)
+
+	aO0, err := swag.WriteJSON(m.MetadataFields)
+	if err != nil {
+		return nil, err
+	}
+	_parts = append(_parts, aO0)
+	var dataAO1 struct {
+		Aws *AwsConfiguration `json:"aws,omitempty"`
+
+		Client *KeyPairConfiguration `json:"client,omitempty"`
+
+		Gemalto *GemaltoConfiguration `json:"gemalto,omitempty"`
+
+		Image string `json:"image,omitempty"`
+
+		Server *KeyPairConfiguration `json:"server,omitempty"`
+
+		Vault *VaultConfiguration `json:"vault,omitempty"`
+	}
+
+	dataAO1.Aws = m.Aws
+
+	dataAO1.Client = m.Client
+
+	dataAO1.Gemalto = m.Gemalto
+
+	dataAO1.Image = m.Image
+
+	dataAO1.Server = m.Server
+
+	dataAO1.Vault = m.Vault
+
+	jsonDataAO1, errAO1 := swag.WriteJSON(dataAO1)
+	if errAO1 != nil {
+		return nil, errAO1
+	}
+	_parts = append(_parts, jsonDataAO1)
+	return swag.ConcatJSON(_parts...), nil
+}
+
 // Validate validates this encryption configuration
 func (m *EncryptionConfiguration) Validate(formats strfmt.Registry) error {
 	var res []error

+	// validation for a type composition with MetadataFields
+	if err := m.MetadataFields.Validate(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateAws(formats); err != nil {
 		res = append(res, err)
 	}
--- a/models/metadata_configuration.go
+++ b/models/metadata_configuration.go
@@ -0,0 +1,138 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// MetadataConfiguration metadata configuration
+//
+// swagger:model metadataConfiguration
+type MetadataConfiguration struct {
+
+	// console
+	Console *MetadataFields `json:"console,omitempty"`
+
+	// kes
+	Kes *MetadataFields `json:"kes,omitempty"`
+
+	// minio
+	Minio *MetadataFields `json:"minio,omitempty"`
+}
+
+// Validate validates this metadata configuration
+func (m *MetadataConfiguration) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateConsole(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateKes(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateMinio(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *MetadataConfiguration) validateConsole(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.Console) { // not required
+		return nil
+	}
+
+	if m.Console != nil {
+		if err := m.Console.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("console")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *MetadataConfiguration) validateKes(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.Kes) { // not required
+		return nil
+	}
+
+	if m.Kes != nil {
+		if err := m.Kes.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("kes")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *MetadataConfiguration) validateMinio(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.Minio) { // not required
+		return nil
+	}
+
+	if m.Minio != nil {
+		if err := m.Minio.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("minio")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *MetadataConfiguration) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *MetadataConfiguration) UnmarshalBinary(b []byte) error {
+	var res MetadataConfiguration
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/metadata_fields.go
+++ b/models/metadata_fields.go
@@ -0,0 +1,66 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// MetadataFields metadata fields
+//
+// swagger:model metadataFields
+type MetadataFields struct {
+
+	// annotations
+	Annotations map[string]string `json:"annotations,omitempty"`
+
+	// labels
+	Labels map[string]string `json:"labels,omitempty"`
+
+	// node selector
+	NodeSelector map[string]string `json:"node_selector,omitempty"`
+}
+
+// Validate validates this metadata fields
+func (m *MetadataFields) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *MetadataFields) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *MetadataFields) UnmarshalBinary(b []byte) error {
+	var res MetadataFields
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/restapi/admin_tenants.go
+++ b/restapi/admin_tenants.go
@@ -515,6 +515,8 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create
 				Name: secretName,
 			},
 			Env:     envrionmentVariables,
+			KES:     &operator.KESConfig{},
+			Console: &operator.ConsoleConfiguration{},
 		},
 	}
 	idpEnabled := false
@@ -569,16 +571,16 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create
 		}
 	}

-	isEncryptionAvailable := false
+	isEncryptionEnabled := false
 	if tenantReq.EnableTLS != nil && *tenantReq.EnableTLS {
 		// If user request autoCert, Operator will generate certificate keypair for MinIO (server), Console (server) and KES (server and app mTLS)
-		isEncryptionAvailable = true
+		isEncryptionEnabled = true
 		minInst.Spec.RequestAutoCert = *tenantReq.EnableTLS
 	}

 	if !minInst.Spec.RequestAutoCert && tenantReq.TLS != nil && tenantReq.TLS.Minio != nil {
 		// User provided TLS certificates for MinIO
-		isEncryptionAvailable = true
+		isEncryptionEnabled = true
 		// disable autoCert
 		minInst.Spec.RequestAutoCert = false
 		// Certificates used by the MinIO instance
@@ -590,7 +592,7 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create
 		minInst.Spec.ExternalCertSecret = externalCertSecret
 	}

-	if tenantReq.Encryption != nil && isEncryptionAvailable {
+	if tenantReq.Encryption != nil && isEncryptionEnabled {
 		// Enable auto encryption
 		minInst.Spec.Env = append(minInst.Spec.Env, corev1.EnvVar{
 			Name:  "MINIO_KMS_AUTO_ENCRYPTION",
@@ -611,6 +613,13 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create
 		}
 	}

+	// Set Labels, Annotations and Node Selector for KES
+	if isEncryptionEnabled && tenantReq.Encryption != nil {
+		minInst.Spec.KES.Labels = tenantReq.Encryption.Labels
+		minInst.Spec.KES.Annotations = tenantReq.Encryption.Annotations
+		minInst.Spec.KES.NodeSelector = tenantReq.Encryption.NodeSelector
+	}
+
 	// optionals are set below
 	var consoleAccess string
 	var consoleSecret string
@@ -689,6 +698,13 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create
 			}
 			minInst.Spec.Console.ExternalCertSecret = externalCertSecret
 		}
+
+		// Set Labels, Annotations and Node Selector for Console
+		if tenantReq.Console != nil {
+			minInst.Spec.Console.Annotations = tenantReq.Console.Annotations
+			minInst.Spec.Console.Labels = tenantReq.Console.Labels
+			minInst.Spec.Console.NodeSelector = tenantReq.Console.NodeSelector
+		}
 	}

 	// set the service name if provided
--- a/restapi/admin_tenants_helper.go
+++ b/restapi/admin_tenants_helper.go
@@ -195,7 +195,6 @@ func getKESConfiguration(ctx context.Context, clientSet K8sClientI, ns string, e
 	kesConfiguration = &operator.KESConfig{
 		Image:    "minio/kes:v0.11.0",
 		Replicas: 1,
-		Metadata: nil,
 	}
 	// Using custom image for KES
 	if encryptionCfg.Image != "" {
--- a/restapi/embedded_spec.go
+++ b/restapi/embedded_spec.go
@@ -2213,6 +2213,21 @@ func init() {
        }
      }
    },
+    "consoleConfiguration": {
+      "allOf": [
+        {
+          "$ref": "#/definitions/metadataFields"
+        },
+        {
+          "type": "object",
+          "properties": {
+            "image": {
+              "type": "string"
+            }
+          }
+        }
+      ]
+    },
    "createTenantRequest": {
      "type": "object",
      "required": [
@@ -2230,6 +2245,10 @@ func init() {
            "type": "string"
          }
        },
+        "console": {
+          "type": "object",
+          "$ref": "#/definitions/consoleConfiguration"
+        },
        "console_image": {
          "type": "string"
        },
@@ -2330,6 +2349,11 @@ func init() {
      }
    },
    "encryptionConfiguration": {
+      "allOf": [
+        {
+          "$ref": "#/definitions/metadataFields"
+        },
+        {
          "type": "object",
          "properties": {
            "aws": {
@@ -2356,6 +2380,8 @@ func init() {
              "$ref": "#/definitions/vaultConfiguration"
            }
          }
+        }
+      ]
    },
    "error": {
      "type": "object",
@@ -2731,6 +2757,29 @@ func init() {
        }
      }
    },
+    "metadataFields": {
+      "type": "object",
+      "properties": {
+        "annotations": {
+          "type": "object",
+          "additionalProperties": {
+            "type": "string"
+          }
+        },
+        "labels": {
+          "type": "object",
+          "additionalProperties": {
+            "type": "string"
+          }
+        },
+        "node_selector": {
+          "type": "object",
+          "additionalProperties": {
+            "type": "string"
+          }
+        }
+      }
+    },
    "nodeSelectorTerm": {
      "description": "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.",
      "type": "object",
@@ -6432,6 +6481,21 @@ func init() {
        }
      }
    },
+    "consoleConfiguration": {
+      "allOf": [
+        {
+          "$ref": "#/definitions/metadataFields"
+        },
+        {
+          "type": "object",
+          "properties": {
+            "image": {
+              "type": "string"
+            }
+          }
+        }
+      ]
+    },
    "createTenantRequest": {
      "type": "object",
      "required": [
@@ -6449,6 +6513,10 @@ func init() {
            "type": "string"
          }
        },
+        "console": {
+          "type": "object",
+          "$ref": "#/definitions/consoleConfiguration"
+        },
        "console_image": {
          "type": "string"
        },
@@ -6549,6 +6617,11 @@ func init() {
      }
    },
    "encryptionConfiguration": {
+      "allOf": [
+        {
+          "$ref": "#/definitions/metadataFields"
+        },
+        {
          "type": "object",
          "properties": {
            "aws": {
@@ -6575,6 +6648,8 @@ func init() {
              "$ref": "#/definitions/vaultConfiguration"
            }
          }
+        }
+      ]
    },
    "error": {
      "type": "object",
@@ -6950,6 +7025,29 @@ func init() {
        }
      }
    },
+    "metadataFields": {
+      "type": "object",
+      "properties": {
+        "annotations": {
+          "type": "object",
+          "additionalProperties": {
+            "type": "string"
+          }
+        },
+        "labels": {
+          "type": "object",
+          "additionalProperties": {
+            "type": "string"
+          }
+        },
+        "node_selector": {
+          "type": "object",
+          "additionalProperties": {
+            "type": "string"
+          }
+        }
+      }
+    },
    "nodeSelectorTerm": {
      "description": "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.",
      "type": "object",
--- a/swagger.yml
+++ b/swagger.yml
@@ -2010,6 +2010,25 @@ definitions:
      encryption:
        type: object
        $ref: "#/definitions/encryptionConfiguration"
+      console:
+        type: object
+        $ref: '#/definitions/consoleConfiguration'
+
+  metadataFields:
+    type: object
+    properties:
+      annotations:
+        type: object
+        additionalProperties:
+          type: string
+      labels:
+        type: object
+        additionalProperties:
+          type: string
+      node_selector:
+        type: object
+        additionalProperties:
+          type: string

  keyPairConfiguration:
    type: object
@@ -2072,8 +2091,18 @@ definitions:
          server_insecure:
            type: boolean

+  consoleConfiguration:
+    allOf:
+      - $ref: '#/definitions/metadataFields'
+      - type: object
+        properties:
+          image:
+            type: string
+
  encryptionConfiguration:
-    type: object
+    allOf:
+      - $ref: '#/definitions/metadataFields'
+      - type: object
        properties:
          image:
            type: string