Read-only file-system, ie: when console is running as container in kubernetes, was
preventing console to run because of an error during creating
directories
Signed-off-by: Lenin Alevski <alevsk.8772@gmail.com>
- enhance logging throughout the codebase
- all packages at pkg/ should never log
or perform log.Fatal() instead packages
should return errors through functions.
- simplified various user, group mapping
and removed redundant functions.
- deprecate older flags like --tls-certificate
--tls-key and --tls-ca as we do not use
them anymore, keep them for backward compatibility
for some time.
also converge tls-host and host, because hostnames
have nothing to do with HTTP or HTTPs they are the
same for both HTTP and HTTPs. Deprecating the
older flag `--tls-host` but it will still be honored
as hidden flag.
- Add support to load certificates via `--tls-certificate`, `--tls-key`
and `--tls-ca` flags (standard TLS flags for the swagger server)
- Certificate keypair will be added to the certificate pool used by the
Console server
- fixed issue when deploying tenant with tls disabled
- applied new design for tenant details and license screens
- added license refresh job to operator console
- added new refresh license endpoint
- console operator not longer store CONSOLE_ACCESS_KEY and
CONSOLE_SECRET_KEY values in the tenant-console-secret
Co-authored-by: Daniel Valdivia <hola@danielvaldivia.com>
- If MinIO is configured with LDAP then users and groups are external, and
the credentials provided in the CONSOLE_ACCESS_KEY and
CONSOLE_SECRET_KEY env vars will belong to an existing user in the active
directory, therefore we need to authenticate first with
`credentials.NewLDAPIdentity`
- Fixed race condition bug in which TLS RootCAs certs were not loading
correctly (certPool was always null)
- Fixed TLS bug in which if Console was deployed without TLS enabled
RootCAs certs were not loading
- Initialize LDAP Admin credentials once
- Initialize stsClient once
