mirrors/object-browser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added Annotations, Labels and NodeSelector fields (#285)

Browse Source 
For Console/Encryption objects in the  CreateTenant Api
This commit is contained in:
Lenin Alevski
2020-09-22 15:50:37 -07:00
committed by GitHub
parent e5f7870f5e
commit 86426e95f7
11 changed files with 653 additions and 72 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
go.mod
View File

@@ -19,7 +19,7 @@ require (
github.com/minio/mc v0.0.0-20200808005614-7e52c104bee1
github.com/minio/minio v0.0.0-20200808024306-2a9819aff876
github.com/minio/minio-go/v7 v7.0.5-0.20200807085956-d7db33ea7618
github.com/minio/operator v0.0.0-20200921211523-69f9eef5b7b5
github.com/minio/operator v0.0.0-20200922064400-af3315add727
github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35 // indirect
github.com/secure-io/sio-go v0.3.1
github.com/stretchr/testify v1.6.1

2
go.sum
View File

@@ -783,6 +783,8 @@ github.com/minio/minio-go/v7 v7.0.5-0.20200807085956-d7db33ea7618 h1:8iTb0TFs6kD
github.com/minio/minio-go/v7 v7.0.5-0.20200807085956-d7db33ea7618/go.mod h1:CSt2ETZNs+bIIhWTse0mcZKZWMGrFU7Er7RR0TmkDYk=
github.com/minio/operator v0.0.0-20200921211523-69f9eef5b7b5 h1:yQ7WHA2wbTTGHz0Z4xXSRxfUTm5fafM0ajvlZlQ2Zl4=
github.com/minio/operator v0.0.0-20200921211523-69f9eef5b7b5/go.mod h1:6lavbNo2YuJWeQR5bZYsEWdbpRCO2KrTyfQ0PtC/AN4=
github.com/minio/operator v0.0.0-20200922064400-af3315add727 h1:MN8Knn7yxrd76Y3uL38DZh4RhihTZTck5u51NoEar/c=
github.com/minio/operator v0.0.0-20200922064400-af3315add727/go.mod h1:6lavbNo2YuJWeQR5bZYsEWdbpRCO2KrTyfQ0PtC/AN4=
github.com/minio/selfupdate v0.3.1 h1:BWEFSNnrZVMUWXbXIgLDNDjbejkmpAmZvy/nCz1HlEs=
github.com/minio/selfupdate v0.3.1/go.mod h1:b8ThJzzH7u2MkF6PcIra7KaXO9Khf6alWPvMSyTDCFM=
github.com/minio/sha256-simd v0.1.1 h1:5QHSlgo3nt5yKOJrC7W8w7X+NFl8cMPZm96iu8kKUJU=

117
models/console_configuration.go Normal file
View File

@@ -0,0 +1,117 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2020 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package models
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"github.com/go-openapi/errors"
"github.com/go-openapi/strfmt"
"github.com/go-openapi/swag"
)
// ConsoleConfiguration console configuration
//
// swagger:model consoleConfiguration
type ConsoleConfiguration struct {
MetadataFields
// image
Image string `json:"image,omitempty"`
}
// UnmarshalJSON unmarshals this object from a JSON structure
func (m *ConsoleConfiguration) UnmarshalJSON(raw []byte) error {
// AO0
var aO0 MetadataFields
if err := swag.ReadJSON(raw, &aO0); err != nil {
return err
}
m.MetadataFields = aO0
// AO1
var dataAO1 struct {
Image string `json:"image,omitempty"`
}
if err := swag.ReadJSON(raw, &dataAO1); err != nil {
return err
}
m.Image = dataAO1.Image
return nil
}
// MarshalJSON marshals this object to a JSON structure
func (m ConsoleConfiguration) MarshalJSON() ([]byte, error) {
_parts := make([][]byte, 0, 2)
aO0, err := swag.WriteJSON(m.MetadataFields)
if err != nil {
return nil, err
}
_parts = append(_parts, aO0)
var dataAO1 struct {
Image string `json:"image,omitempty"`
}
dataAO1.Image = m.Image
jsonDataAO1, errAO1 := swag.WriteJSON(dataAO1)
if errAO1 != nil {
return nil, errAO1
}
_parts = append(_parts, jsonDataAO1)
return swag.ConcatJSON(_parts...), nil
}
// Validate validates this console configuration
func (m *ConsoleConfiguration) Validate(formats strfmt.Registry) error {
var res []error
// validation for a type composition with MetadataFields
if err := m.MetadataFields.Validate(formats); err != nil {
res = append(res, err)
}
if len(res) > 0 {
return errors.CompositeValidationError(res...)
}
return nil
}
// MarshalBinary interface implementation
func (m *ConsoleConfiguration) MarshalBinary() ([]byte, error) {
if m == nil {
return nil, nil
}
return swag.WriteJSON(m)
}
// UnmarshalBinary interface implementation
func (m *ConsoleConfiguration) UnmarshalBinary(b []byte) error {
var res ConsoleConfiguration
if err := swag.ReadJSON(b, &res); err != nil {
return err
}
*m = res
return nil
}

25
models/create_tenant_request.go
View File

@@ -42,6 +42,9 @@ type CreateTenantRequest struct {
// annotations
Annotations map[string]string `json:"annotations,omitempty"`
// console
Console *ConsoleConfiguration `json:"console,omitempty"`
// console image
ConsoleImage string `json:"console_image,omitempty"`
@@ -105,6 +108,10 @@ type CreateTenantRequest struct {
func (m *CreateTenantRequest) Validate(formats strfmt.Registry) error {
var res []error
if err := m.validateConsole(formats); err != nil {
res = append(res, err)
}
if err := m.validateEncryption(formats); err != nil {
res = append(res, err)
}
@@ -139,6 +146,24 @@ func (m *CreateTenantRequest) Validate(formats strfmt.Registry) error {
return nil
}
func (m *CreateTenantRequest) validateConsole(formats strfmt.Registry) error {
if swag.IsZero(m.Console) { // not required
return nil
}
if m.Console != nil {
if err := m.Console.Validate(formats); err != nil {
if ve, ok := err.(*errors.Validation); ok {
return ve.ValidateName("console")
}
return err
}
}
return nil
}
func (m *CreateTenantRequest) validateEncryption(formats strfmt.Registry) error {
if swag.IsZero(m.Encryption) { // not required

91
models/encryption_configuration.go
View File

@@ -32,6 +32,7 @@ import (
//
// swagger:model encryptionConfiguration
type EncryptionConfiguration struct {
MetadataFields
// aws
Aws *AwsConfiguration `json:"aws,omitempty"`
@@ -52,10 +53,100 @@ type EncryptionConfiguration struct {
Vault *VaultConfiguration `json:"vault,omitempty"`
}
// UnmarshalJSON unmarshals this object from a JSON structure
func (m *EncryptionConfiguration) UnmarshalJSON(raw []byte) error {
// AO0
var aO0 MetadataFields
if err := swag.ReadJSON(raw, &aO0); err != nil {
return err
}
m.MetadataFields = aO0
// AO1
var dataAO1 struct {
Aws *AwsConfiguration `json:"aws,omitempty"`
Client *KeyPairConfiguration `json:"client,omitempty"`
Gemalto *GemaltoConfiguration `json:"gemalto,omitempty"`
Image string `json:"image,omitempty"`
Server *KeyPairConfiguration `json:"server,omitempty"`
Vault *VaultConfiguration `json:"vault,omitempty"`
}
if err := swag.ReadJSON(raw, &dataAO1); err != nil {
return err
}
m.Aws = dataAO1.Aws
m.Client = dataAO1.Client
m.Gemalto = dataAO1.Gemalto
m.Image = dataAO1.Image
m.Server = dataAO1.Server
m.Vault = dataAO1.Vault
return nil
}
// MarshalJSON marshals this object to a JSON structure
func (m EncryptionConfiguration) MarshalJSON() ([]byte, error) {
_parts := make([][]byte, 0, 2)
aO0, err := swag.WriteJSON(m.MetadataFields)
if err != nil {
return nil, err
}
_parts = append(_parts, aO0)
var dataAO1 struct {
Aws *AwsConfiguration `json:"aws,omitempty"`
Client *KeyPairConfiguration `json:"client,omitempty"`
Gemalto *GemaltoConfiguration `json:"gemalto,omitempty"`
Image string `json:"image,omitempty"`
Server *KeyPairConfiguration `json:"server,omitempty"`
Vault *VaultConfiguration `json:"vault,omitempty"`
}
dataAO1.Aws = m.Aws
dataAO1.Client = m.Client
dataAO1.Gemalto = m.Gemalto
dataAO1.Image = m.Image
dataAO1.Server = m.Server
dataAO1.Vault = m.Vault
jsonDataAO1, errAO1 := swag.WriteJSON(dataAO1)
if errAO1 != nil {
return nil, errAO1
}
_parts = append(_parts, jsonDataAO1)
return swag.ConcatJSON(_parts...), nil
}
// Validate validates this encryption configuration
func (m *EncryptionConfiguration) Validate(formats strfmt.Registry) error {
var res []error
// validation for a type composition with MetadataFields
if err := m.MetadataFields.Validate(formats); err != nil {
res = append(res, err)
}
if err := m.validateAws(formats); err != nil {
res = append(res, err)
}

138
models/metadata_configuration.go Normal file
View File

@@ -0,0 +1,138 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2020 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package models
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"github.com/go-openapi/errors"
"github.com/go-openapi/strfmt"
"github.com/go-openapi/swag"
)
// MetadataConfiguration metadata configuration
//
// swagger:model metadataConfiguration
type MetadataConfiguration struct {
// console
Console *MetadataFields `json:"console,omitempty"`
// kes
Kes *MetadataFields `json:"kes,omitempty"`
// minio
Minio *MetadataFields `json:"minio,omitempty"`
}
// Validate validates this metadata configuration
func (m *MetadataConfiguration) Validate(formats strfmt.Registry) error {
var res []error
if err := m.validateConsole(formats); err != nil {
res = append(res, err)
}
if err := m.validateKes(formats); err != nil {
res = append(res, err)
}
if err := m.validateMinio(formats); err != nil {
res = append(res, err)
}
if len(res) > 0 {
return errors.CompositeValidationError(res...)
}
return nil
}
func (m *MetadataConfiguration) validateConsole(formats strfmt.Registry) error {
if swag.IsZero(m.Console) { // not required
return nil
}
if m.Console != nil {
if err := m.Console.Validate(formats); err != nil {
if ve, ok := err.(*errors.Validation); ok {
return ve.ValidateName("console")
}
return err
}
}
return nil
}
func (m *MetadataConfiguration) validateKes(formats strfmt.Registry) error {
if swag.IsZero(m.Kes) { // not required
return nil
}
if m.Kes != nil {
if err := m.Kes.Validate(formats); err != nil {
if ve, ok := err.(*errors.Validation); ok {
return ve.ValidateName("kes")
}
return err
}
}
return nil
}
func (m *MetadataConfiguration) validateMinio(formats strfmt.Registry) error {
if swag.IsZero(m.Minio) { // not required
return nil
}
if m.Minio != nil {
if err := m.Minio.Validate(formats); err != nil {
if ve, ok := err.(*errors.Validation); ok {
return ve.ValidateName("minio")
}
return err
}
}
return nil
}
// MarshalBinary interface implementation
func (m *MetadataConfiguration) MarshalBinary() ([]byte, error) {
if m == nil {
return nil, nil
}
return swag.WriteJSON(m)
}
// UnmarshalBinary interface implementation
func (m *MetadataConfiguration) UnmarshalBinary(b []byte) error {
var res MetadataConfiguration
if err := swag.ReadJSON(b, &res); err != nil {
return err
}
*m = res
return nil
}

66
models/metadata_fields.go Normal file
View File

@@ -0,0 +1,66 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2020 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package models
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"github.com/go-openapi/strfmt"
"github.com/go-openapi/swag"
)
// MetadataFields metadata fields
//
// swagger:model metadataFields
type MetadataFields struct {
// annotations
Annotations map[string]string `json:"annotations,omitempty"`
// labels
Labels map[string]string `json:"labels,omitempty"`
// node selector
NodeSelector map[string]string `json:"node_selector,omitempty"`
}
// Validate validates this metadata fields
func (m *MetadataFields) Validate(formats strfmt.Registry) error {
return nil
}
// MarshalBinary interface implementation
func (m *MetadataFields) MarshalBinary() ([]byte, error) {
if m == nil {
return nil, nil
}
return swag.WriteJSON(m)
}
// UnmarshalBinary interface implementation
func (m *MetadataFields) UnmarshalBinary(b []byte) error {
var res MetadataFields
if err := swag.ReadJSON(b, &res); err != nil {
return err
}
*m = res
return nil
}

26
restapi/admin_tenants.go
View File

@@ -514,7 +514,9 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create
CredsSecret: &corev1.LocalObjectReference{
Name: secretName,
},
Env: envrionmentVariables,
Env: envrionmentVariables,
KES: &operator.KESConfig{},
Console: &operator.ConsoleConfiguration{},
},
}
idpEnabled := false
@@ -569,16 +571,16 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create
}
}
isEncryptionAvailable := false
isEncryptionEnabled := false
if tenantReq.EnableTLS != nil && *tenantReq.EnableTLS {
// If user request autoCert, Operator will generate certificate keypair for MinIO (server), Console (server) and KES (server and app mTLS)
isEncryptionAvailable = true
isEncryptionEnabled = true
minInst.Spec.RequestAutoCert = *tenantReq.EnableTLS
}
if !minInst.Spec.RequestAutoCert && tenantReq.TLS != nil && tenantReq.TLS.Minio != nil {
// User provided TLS certificates for MinIO
isEncryptionAvailable = true
isEncryptionEnabled = true
// disable autoCert
minInst.Spec.RequestAutoCert = false
// Certificates used by the MinIO instance
@@ -590,7 +592,7 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create
minInst.Spec.ExternalCertSecret = externalCertSecret
}
if tenantReq.Encryption != nil && isEncryptionAvailable {
if tenantReq.Encryption != nil && isEncryptionEnabled {
// Enable auto encryption
minInst.Spec.Env = append(minInst.Spec.Env, corev1.EnvVar{
Name: "MINIO_KMS_AUTO_ENCRYPTION",
@@ -611,6 +613,13 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create
}
}
// Set Labels, Annotations and Node Selector for KES
if isEncryptionEnabled && tenantReq.Encryption != nil {
minInst.Spec.KES.Labels = tenantReq.Encryption.Labels
minInst.Spec.KES.Annotations = tenantReq.Encryption.Annotations
minInst.Spec.KES.NodeSelector = tenantReq.Encryption.NodeSelector
}
// optionals are set below
var consoleAccess string
var consoleSecret string
@@ -689,6 +698,13 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create
}
minInst.Spec.Console.ExternalCertSecret = externalCertSecret
}
// Set Labels, Annotations and Node Selector for Console
if tenantReq.Console != nil {
minInst.Spec.Console.Annotations = tenantReq.Console.Annotations
minInst.Spec.Console.Labels = tenantReq.Console.Labels
minInst.Spec.Console.NodeSelector = tenantReq.Console.NodeSelector
}
}
// set the service name if provided

1
restapi/admin_tenants_helper.go
View File

@@ -195,7 +195,6 @@ func getKESConfiguration(ctx context.Context, clientSet K8sClientI, ns string, e
kesConfiguration = &operator.KESConfig{
Image: "minio/kes:v0.11.0",
Replicas: 1,
Metadata: nil,
}
// Using custom image for KES
if encryptionCfg.Image != "" {

190
restapi/embedded_spec.go
View File

@@ -2213,6 +2213,21 @@ func init() {
}
}
},
"consoleConfiguration": {
"allOf": [
{
"$ref": "#/definitions/metadataFields"
},
{
"type": "object",
"properties": {
"image": {
"type": "string"
}
}
}
]
},
"createTenantRequest": {
"type": "object",
"required": [
@@ -2230,6 +2245,10 @@ func init() {
"type": "string"
}
},
"console": {
"type": "object",
"$ref": "#/definitions/consoleConfiguration"
},
"console_image": {
"type": "string"
},
@@ -2330,32 +2349,39 @@ func init() {
}
},
"encryptionConfiguration": {
"type": "object",
"properties": {
"aws": {
"type": "object",
"$ref": "#/definitions/awsConfiguration"
"allOf": [
{
"$ref": "#/definitions/metadataFields"
},
"client": {
{
"type": "object",
"$ref": "#/definitions/keyPairConfiguration"
},
"gemalto": {
"type": "object",
"$ref": "#/definitions/gemaltoConfiguration"
},
"image": {
"type": "string"
},
"server": {
"type": "object",
"$ref": "#/definitions/keyPairConfiguration"
},
"vault": {
"type": "object",
"$ref": "#/definitions/vaultConfiguration"
"properties": {
"aws": {
"type": "object",
"$ref": "#/definitions/awsConfiguration"
},
"client": {
"type": "object",
"$ref": "#/definitions/keyPairConfiguration"
},
"gemalto": {
"type": "object",
"$ref": "#/definitions/gemaltoConfiguration"
},
"image": {
"type": "string"
},
"server": {
"type": "object",
"$ref": "#/definitions/keyPairConfiguration"
},
"vault": {
"type": "object",
"$ref": "#/definitions/vaultConfiguration"
}
}
}
}
]
},
"error": {
"type": "object",
@@ -2731,6 +2757,29 @@ func init() {
}
}
},
"metadataFields": {
"type": "object",
"properties": {
"annotations": {
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"labels": {
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"node_selector": {
"type": "object",
"additionalProperties": {
"type": "string"
}
}
}
},
"nodeSelectorTerm": {
"description": "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.",
"type": "object",
@@ -6432,6 +6481,21 @@ func init() {
}
}
},
"consoleConfiguration": {
"allOf": [
{
"$ref": "#/definitions/metadataFields"
},
{
"type": "object",
"properties": {
"image": {
"type": "string"
}
}
}
]
},
"createTenantRequest": {
"type": "object",
"required": [
@@ -6449,6 +6513,10 @@ func init() {
"type": "string"
}
},
"console": {
"type": "object",
"$ref": "#/definitions/consoleConfiguration"
},
"console_image": {
"type": "string"
},
@@ -6549,32 +6617,39 @@ func init() {
}
},
"encryptionConfiguration": {
"type": "object",
"properties": {
"aws": {
"type": "object",
"$ref": "#/definitions/awsConfiguration"
"allOf": [
{
"$ref": "#/definitions/metadataFields"
},
"client": {
{
"type": "object",
"$ref": "#/definitions/keyPairConfiguration"
},
"gemalto": {
"type": "object",
"$ref": "#/definitions/gemaltoConfiguration"
},
"image": {
"type": "string"
},
"server": {
"type": "object",
"$ref": "#/definitions/keyPairConfiguration"
},
"vault": {
"type": "object",
"$ref": "#/definitions/vaultConfiguration"
"properties": {
"aws": {
"type": "object",
"$ref": "#/definitions/awsConfiguration"
},
"client": {
"type": "object",
"$ref": "#/definitions/keyPairConfiguration"
},
"gemalto": {
"type": "object",
"$ref": "#/definitions/gemaltoConfiguration"
},
"image": {
"type": "string"
},
"server": {
"type": "object",
"$ref": "#/definitions/keyPairConfiguration"
},
"vault": {
"type": "object",
"$ref": "#/definitions/vaultConfiguration"
}
}
}
}
]
},
"error": {
"type": "object",
@@ -6950,6 +7025,29 @@ func init() {
}
}
},
"metadataFields": {
"type": "object",
"properties": {
"annotations": {
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"labels": {
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"node_selector": {
"type": "object",
"additionalProperties": {
"type": "string"
}
}
}
},
"nodeSelectorTerm": {
"description": "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.",
"type": "object",

67
swagger.yml
View File

@@ -2010,6 +2010,25 @@ definitions:
encryption:
type: object
$ref: "#/definitions/encryptionConfiguration"
console:
type: object
$ref: '#/definitions/consoleConfiguration'
metadataFields:
type: object
properties:
annotations:
type: object
additionalProperties:
type: string
labels:
type: object
additionalProperties:
type: string
node_selector:
type: object
additionalProperties:
type: string
keyPairConfiguration:
type: object
@@ -2072,26 +2091,36 @@ definitions:
server_insecure:
type: boolean
consoleConfiguration:
allOf:
- $ref: '#/definitions/metadataFields'
- type: object
properties:
image:
type: string
encryptionConfiguration:
type: object
properties:
image:
type: string
server:
type: object
$ref: "#/definitions/keyPairConfiguration"
client:
type: object
$ref: "#/definitions/keyPairConfiguration"
gemalto:
type: object
$ref: "#/definitions/gemaltoConfiguration"
aws:
type: object
$ref: "#/definitions/awsConfiguration"
vault:
type: object
$ref: "#/definitions/vaultConfiguration"
allOf:
- $ref: '#/definitions/metadataFields'
- type: object
properties:
image:
type: string
server:
type: object
$ref: "#/definitions/keyPairConfiguration"
client:
type: object
$ref: "#/definitions/keyPairConfiguration"
gemalto:
type: object
$ref: "#/definitions/gemaltoConfiguration"
aws:
type: object
$ref: "#/definitions/awsConfiguration"
vault:
type: object
$ref: "#/definitions/vaultConfiguration"
vaultConfiguration:
type: object