Release v0.43.1 (#3161)

Signed-off-by: Benjamin Perez <benjamin@bexsoft.net>

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,48 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: ''
+labels: community, triage
+assignees: ''
+
+---
+
+## NOTE
+If this case is urgent, please subscribe to [Subnet](https://min.io/pricing) so that our 24/7 support team may help you faster.
+
+<!--- Provide a general summary of the issue in the title above -->
+
+## Expected Behavior
+<!--- If you're describing a bug, tell us what should happen -->
+<!--- If you're suggesting a change/improvement, tell us how it should work -->
+
+## Current Behavior
+<!--- If describing a bug, tell us what happens instead of the expected behavior -->
+<!--- If suggesting a change/improvement, explain the difference from current behavior -->
+
+## Possible Solution
+<!--- Not obligatory, but suggest a fix/reason for the bug, -->
+<!--- or ideas how to implement the addition or change -->
+
+## Steps to Reproduce (for bugs)
+<!--- Provide a link to a live example, or an unambiguous set of steps to -->
+<!--- reproduce this bug. Include code to reproduce, if relevant -->
+
+1.
+2.
+3.
+4.
+
+## Context
+<!--- How has this issue affected you? What are you trying to accomplish? -->
+<!--- Providing context helps us come up with a solution that is most useful in the real world -->
+
+## Regression
+<!-- Is this issue a regression? (Yes / No) -->
+<!-- If Yes, optionally please include the MinIO version or commit id or PR# that caused this regression, if you have these details. -->
+
+## Your Environment
+<!--- Include as many relevant details about the environment you experienced the bug in -->
+* MinIO version used (`minio --version`):
+* Server setup and configuration:
+* Operating System and version (`uname -a`):

.github/workflows/compiles.yml

@@ -1,34 +0,0 @@
-name: Go
-
-on:
-  pull_request:
-    branches:
-      - master
-  push:
-    branches:
-      - master
-
-jobs:
-  build:
-    name: Compiles on Go ${{ matrix.go-version }} and ${{ matrix.os }}
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        go-version: [1.17.x]
-        os: [ubuntu-latest]
-    steps:
-      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
-        uses: actions/setup-go@v2
-        with:
-          go-version: ${{ matrix.go-version }}
-        id: go
-
-      - name: Check out code into the Go module directory
-        uses: actions/checkout@v2
-
-      - name: Build on ${{ matrix.os }}
-        env:
-          GO111MODULE: on
-          GOOS: linux
-        run: |
-          make console

.github/workflows/cross-compile.yaml

@@ -0,0 +1,166 @@
+# @format
+
+name: Cross Compile
+
+on:
+  pull_request:
+    branches:
+      - master
+    paths:
+      - go.sum
+
+# This ensures that previous jobs for the PR are canceled when the PR is
+# updated.
+concurrency:
+  group: ${{ github.workflow }}-${{ github.head_ref }}
+  cancel-in-progress: true
+
+jobs:
+  cross-compile-1:
+    name: Cross compile
+    needs:
+      - lint-job
+      - ui-assets
+      - reuse-golang-dependencies
+      - semgrep-static-code-analysis
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        go-version: [ 1.21.x ]
+        os: [ ubuntu-latest ]
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v3
+
+      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
+        uses: actions/setup-go@v3
+        with:
+          go-version: ${{ matrix.go-version }}
+          cache: true
+        id: go
+
+      - name: Build on ${{ matrix.os }}
+        env:
+          GO111MODULE: on
+          GOOS: linux
+        run: |
+          make crosscompile arg1="'linux/ppc64le linux/mips64'"
+
+  cross-compile-2:
+    name: Cross compile 2
+    needs:
+      - lint-job
+      - ui-assets
+      - reuse-golang-dependencies
+      - semgrep-static-code-analysis
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        go-version: [ 1.21.x ]
+        os: [ ubuntu-latest ]
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v3
+      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
+        uses: actions/setup-go@v3
+        with:
+          go-version: ${{ matrix.go-version }}
+          cache: true
+        id: go
+
+      - name: Build on ${{ matrix.os }}
+        env:
+          GO111MODULE: on
+          GOOS: linux
+        run: |
+          make crosscompile arg1="'linux/arm64 linux/s390x'"
+
+  cross-compile-3:
+    name: Cross compile 3
+    needs:
+      - lint-job
+      - ui-assets
+      - reuse-golang-dependencies
+      - semgrep-static-code-analysis
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        go-version: [ 1.21.x ]
+        os: [ ubuntu-latest ]
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v3
+
+      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
+        uses: actions/setup-go@v3
+        with:
+          go-version: ${{ matrix.go-version }}
+          cache: true
+        id: go
+
+      - name: Build on ${{ matrix.os }}
+        env:
+          GO111MODULE: on
+          GOOS: linux
+        run: |
+          make crosscompile arg1="'darwin/amd64 freebsd/amd64'"
+
+  cross-compile-4:
+    name: Cross compile 4
+    needs:
+      - lint-job
+      - ui-assets
+      - reuse-golang-dependencies
+      - semgrep-static-code-analysis
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        go-version: [ 1.21.x ]
+        os: [ ubuntu-latest ]
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v3
+
+      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
+        uses: actions/setup-go@v3
+        with:
+          go-version: ${{ matrix.go-version }}
+          cache: true
+        id: go
+
+      - name: Build on ${{ matrix.os }}
+        env:
+          GO111MODULE: on
+          GOOS: linux
+        run: |
+          make crosscompile arg1="'windows/amd64 linux/arm'"
+
+  cross-compile-5:
+    name: Cross compile 5
+    needs:
+      - lint-job
+      - ui-assets
+      - reuse-golang-dependencies
+      - semgrep-static-code-analysis
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        go-version: [ 1.21.x ]
+        os: [ ubuntu-latest ]
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v3
+
+      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
+        uses: actions/setup-go@v3
+        with:
+          go-version: ${{ matrix.go-version }}
+          cache: true
+        id: go
+
+      - name: Build on ${{ matrix.os }}
+        env:
+          GO111MODULE: on
+          GOOS: linux
+        run: |
+          make crosscompile arg1="'linux/386 netbsd/amd64'"

.github/workflows/crosscompile-1.yml

@@ -1,34 +0,0 @@
-name: Go
-
-on:
-  pull_request:
-    branches:
-      - master
-  push:
-    branches:
-      - master
-
-jobs:
-  build:
-    name: Cross compile
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        go-version: [1.17.x]
-        os: [ubuntu-latest]
-    steps:
-      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
-        uses: actions/setup-go@v2
-        with:
-          go-version: ${{ matrix.go-version }}
-        id: go
-
-      - name: Check out code into the Go module directory
-        uses: actions/checkout@v2
-
-      - name: Build on ${{ matrix.os }}
-        env:
-          GO111MODULE: on
-          GOOS: linux
-        run: |
-          make crosscompile arg1="'linux/ppc64le linux/mips64'"

.github/workflows/crosscompile-2.yml

@@ -1,34 +0,0 @@
-name: Go
-
-on:
-  pull_request:
-    branches:
-      - master
-  push:
-    branches:
-      - master
-
-jobs:
-  build:
-    name: Cross compile
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        go-version: [1.17.x]
-        os: [ubuntu-latest]
-    steps:
-      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
-        uses: actions/setup-go@v2
-        with:
-          go-version: ${{ matrix.go-version }}
-        id: go
-
-      - name: Check out code into the Go module directory
-        uses: actions/checkout@v2
-
-      - name: Build on ${{ matrix.os }}
-        env:
-          GO111MODULE: on
-          GOOS: linux
-        run: |
-          make crosscompile arg1="'linux/arm64 linux/s390x'"

.github/workflows/crosscompile-3.yml

@@ -1,34 +0,0 @@
-name: Go
-
-on:
-  pull_request:
-    branches:
-      - master
-  push:
-    branches:
-      - master
-
-jobs:
-  build:
-    name: Cross compile
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        go-version: [1.17.x]
-        os: [ubuntu-latest]
-    steps:
-      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
-        uses: actions/setup-go@v2
-        with:
-          go-version: ${{ matrix.go-version }}
-        id: go
-
-      - name: Check out code into the Go module directory
-        uses: actions/checkout@v2
-
-      - name: Build on ${{ matrix.os }}
-        env:
-          GO111MODULE: on
-          GOOS: linux
-        run: |
-          make crosscompile arg1="'darwin/amd64 freebsd/amd64'"

.github/workflows/crosscompile-4.yml

@@ -1,34 +0,0 @@
-name: Go
-
-on:
-  pull_request:
-    branches:
-      - master
-  push:
-    branches:
-      - master
-
-jobs:
-  build:
-    name: Cross compile
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        go-version: [1.17.x]
-        os: [ubuntu-latest]
-    steps:
-      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
-        uses: actions/setup-go@v2
-        with:
-          go-version: ${{ matrix.go-version }}
-        id: go
-
-      - name: Check out code into the Go module directory
-        uses: actions/checkout@v2
-
-      - name: Build on ${{ matrix.os }}
-        env:
-          GO111MODULE: on
-          GOOS: linux
-        run: |
-          make crosscompile arg1="'windows/amd64 linux/arm'"

.github/workflows/crosscompile-5.yml

@@ -1,34 +0,0 @@
-name: Go
-
-on:
-  pull_request:
-    branches:
-      - master
-  push:
-    branches:
-      - master
-
-jobs:
-  build:
-    name: Cross compile
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        go-version: [1.17.x]
-        os: [ubuntu-latest]
-    steps:
-      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
-        uses: actions/setup-go@v2
-        with:
-          go-version: ${{ matrix.go-version }}
-        id: go
-
-      - name: Check out code into the Go module directory
-        uses: actions/checkout@v2
-
-      - name: Build on ${{ matrix.os }}
-        env:
-          GO111MODULE: on
-          GOOS: linux
-        run: |
-          make crosscompile arg1="'linux/386 netbsd/amd64'"

.github/workflows/go-test-pkg.yml

@@ -1,34 +0,0 @@
-name: Go
-
-on:
-  pull_request:
-    branches:
-      - master
-  push:
-    branches:
-      - master
-
-jobs:
-  build:
-    name: Test Pkg on Go ${{ matrix.go-version }} and ${{ matrix.os }}
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        go-version: [1.17.x]
-        os: [ubuntu-latest]
-    steps:
-      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
-        uses: actions/setup-go@v2
-        with:
-          go-version: ${{ matrix.go-version }}
-        id: go
-
-      - name: Check out code into the Go module directory
-        uses: actions/checkout@v2
-
-      - name: Build on ${{ matrix.os }}
-        env:
-          GO111MODULE: on
-          GOOS: linux
-        run: |
-          make test-pkg

.github/workflows/go.yml

@@ -1,34 +0,0 @@
-name: Go
-
-on:
-  pull_request:
-    branches:
-      - master
-  push:
-    branches:
-      - master
-
-jobs:
-  build:
-    name: Test Restapi on Go ${{ matrix.go-version }} and ${{ matrix.os }}
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        go-version: [1.17.x]
-        os: [ubuntu-latest]
-    steps:
-      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
-        uses: actions/setup-go@v2
-        with:
-          go-version: ${{ matrix.go-version }}
-        id: go
-
-      - name: Check out code into the Go module directory
-        uses: actions/checkout@v2
-
-      - name: Build on ${{ matrix.os }}
-        env:
-          GO111MODULE: on
-          GOOS: linux
-        run: |
-          make test

.github/workflows/integration.yml

@@ -1,63 +0,0 @@
-name: Go
-
-on:
-  pull_request:
-    branches:
-      - master
-  push:
-    branches:
-      - master
-
-# This ensures that previous jobs for the PR are canceled when the PR is
-# updated.
-concurrency:
-  group: ${{ github.workflow }}-${{ github.head_ref }}
-  cancel-in-progress: true
-
-jobs:
-  minio-test:
-    name: Integration Tests with Latest Distributed MinIO
-    runs-on: ubuntu-latest
-
-    strategy:
-      matrix:
-        go-version: [1.17.x]
-
-    steps:
-      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
-        uses: actions/setup-go@v2
-        with:
-          go-version: ${{ matrix.go-version }}
-        id: go
-
-      - name: Check out code into the Go module directory
-        uses: actions/checkout@v2
-
-      # To build minio image, we need to clone the repository first
-      - name: clone https://github.com/minio/minio
-        uses: actions/checkout@master
-        with:
-
-          # Repository name with owner. For example, actions/checkout
-          # Default: ${{ github.repository }}
-          repository: minio/minio
-          
-          # Relative path under $GITHUB_WORKSPACE to place the repository
-          # To have two repositories under the same test
-          path: 'minio_repository'
-
-      - name: Build on ${{ matrix.os }}
-        run: |
-          echo "The idea is to build minio image from downloaded repository";
-          cd $GITHUB_WORKSPACE/minio_repository;
-          echo "Get git version to build MinIO Image";
-          VERSION=`git rev-parse HEAD`;
-          echo $VERSION;
-          echo "Create minio image";
-          make docker VERSION=$VERSION;
-          echo "Jumping back to console repository to run the integration test"
-          cd $GITHUB_WORKSPACE;
-          echo "We are going to use the built image on test-integration";
-          VERSION="minio/minio:$VERSION";
-          echo $VERSION;
-          make test-integration MINIO_VERSION=$VERSION;

.github/workflows/issues.yaml

@@ -0,0 +1,18 @@
+# @format
+
+name: Issue Workflow
+
+on:
+  issues:
+    types:
+      - opened
+
+jobs:
+  add-to-project:
+    name: Add issue to project
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/add-to-project@v0.5.0
+        with:
+          project-url: https://github.com/orgs/miniohq/projects/2
+          github-token: ${{ secrets.BOT_PAT }}

.github/workflows/lint.yml

@@ -1,34 +0,0 @@
-name: Go
-
-on:
-  pull_request:
-    branches:
-      - master
-  push:
-    branches:
-      - master
-
-jobs:
-  build:
-    name: Checking Lint
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        go-version: [1.17.x]
-        os: [ubuntu-latest]
-    steps:
-      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
-        uses: actions/setup-go@v2
-        with:
-          go-version: ${{ matrix.go-version }}
-        id: go
-
-      - name: Check out code into the Go module directory
-        uses: actions/checkout@v2
-
-      - name: Build on ${{ matrix.os }}
-        env:
-          GO111MODULE: on
-          GOOS: linux
-        run: |
-          make verifiers

.github/workflows/permissions.yml

@@ -1,70 +0,0 @@
-name: "UI"
-
-on:
-  pull_request:
-    branches:
-      - master
-  push:
-    branches:
-      - master
-
-jobs:
-  permissions:
-    name: Permissions Tests
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        go-version: [ 1.17.x ]
-        os: [ ubuntu-latest ]
-    steps:
-      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
-        uses: actions/setup-go@v2
-        with:
-          go-version: ${{ matrix.go-version }}
-        id: go
-      - uses: actions/setup-node@v2
-        with:
-          node-version: '17'
-      - name: Check out code into the Go module directory
-        uses: actions/checkout@v2
-      - uses: actions/cache@v2
-        with:
-          path: |
-            ~/.cache/go-build
-            ~/go/pkg/mod
-          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
-          restore-keys: |
-            ${{ runner.os }}-go-
-      - name: Get yarn cache directory path
-        id: yarn-cache-dir-path
-        run: echo "::set-output name=dir::$(yarn cache dir)"
-
-      - uses: actions/cache@v2
-        id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
-        with:
-          path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
-          key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
-          restore-keys: |
-            ${{ runner.os }}-yarn-
-      - name: Make assets
-        run: |
-          make assets
-      - name: Build Console on ${{ matrix.os }}
-        env:
-          GO111MODULE: on
-          GOOS: linux
-        run: |
-          make console
-
-      - name: Start Console, front-end app and initialize users/policies
-        run: |
-          (./console server) & (make initialize-permissions)
-
-      - name: Run TestCafe Tests
-        uses: DevExpress/testcafe-action@latest
-        with:
-          args: '"chrome:headless" portal-ui/tests/permissions/ --skip-js-errors '
-
-      - name: Clean up users & policies
-        run: |
-          make cleanup-permissions

.github/workflows/react-no-warnings.yml

@@ -1,17 +0,0 @@
-name: "React Code Has No Warnings"
-on:
-  push:
-  pull_request:
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - name: Install modules
-        working-directory: ./portal-ui
-        run: yarn
-      - name: Check for Warnings in build output
-        working-directory: ./portal-ui
-        continue-on-error: false
-        run: |
-          chmod +x check-warnings.sh  && ./check-warnings.sh 

.github/workflows/react.yml

@@ -1,15 +0,0 @@
-name: "React Tests"
-on:
-  push:
-  pull_request:
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - name: Install modules
-        working-directory: ./portal-ui
-        run: yarn
-      - name: Run tests
-        working-directory: ./portal-ui
-        run: yarn test

.github/workflows/vulncheck.yaml

@@ -0,0 +1,53 @@
+# @format
+
+name: Vulnerability Check
+on:
+  pull_request:
+    branches:
+      - master
+  push:
+    branches:
+      - master
+
+permissions:
+  contents: read # to fetch code (actions/checkout)
+
+jobs:
+  vulncheck:
+    name: Analysis
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out code into the Go module directory
+        uses: actions/checkout@v3
+      - name: Set up Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: 1.21.5
+          check-latest: true
+      - name: Get official govulncheck
+        run: go install golang.org/x/vuln/cmd/govulncheck@latest
+        shell: bash
+      - name: Run govulncheck
+        run: govulncheck ./...
+        shell: bash
+
+  react-code-known-vulnerabilities:
+    name: "React Code Has No Known Vulnerable Deps"
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        go-version: [ 1.21.5 ]
+        os: [ ubuntu-latest ]
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
+        with:
+          node-version: ${{ env.NVMRC }}
+          cache: "yarn"
+          cache-dependency-path: portal-ui/yarn.lock
+      - name: Checks for known security issues with the installed packages
+        working-directory: ./portal-ui
+        continue-on-error: false
+        run: |
+          yarn audit --groups dependencies

.gitignore

@@ -1,3 +1,13 @@
+# Playwright Data
+portal-ui/storage/
+portal-ui/playwright/.auth/admin.json
+
+# Report from Playwright
+portal-ui/playwright-report/
+
+# Coverage from Playwright
+portal-ui/.nyc_output/
+
 # Binaries for programs and plugins
 *.exe
 *.exe~
@@ -19,6 +29,7 @@ vendor/
 
 # Ignore executables
 target/
+!pkg/logger/target/
 console
 !console/
 

.golangci.yml

@@ -5,28 +5,29 @@ linters-settings:
   misspell:
     locale: US
 
+  goheader:
+    values:
+      regexp:
+        copyright-holder: Copyright \(c\) (20\d\d\-20\d\d)|2021|({{year}})
+    template-path: .license.tmpl
+
 linters:
   disable-all: true
   enable:
-    - typecheck
     - goimports
     - misspell
     - govet
     - revive
     - ineffassign
     - gosimple
-    - deadcode
-    - unparam
+    - gomodguard
+    - gofmt
     - unused
-    - structcheck
-    - goheader
-
-linters-settings:
-  goheader:
-    values:
-      regexp:
-        copyright-holder: Copyright \(c\) (20\d\d\-20\d\d)|2021|({{year}})
-    template-path: .license.tmpl
+    - staticcheck
+    - unconvert
+    - gocritic
+    - gofumpt
+    - durationcheck
 
 service:
   golangci-lint-version: 1.43.0 # use the fixed version to not introduce new linters unexpectedly
@@ -34,14 +35,15 @@ service:
 issues:
   exclude-use-default: false
   exclude:
-      - should have a package comment
-      # TODO(y4m4): Remove once all exported ident. have comments!      
-      - comment on exported function
-      - comment on exported type
-      - should have comment
-      - use leading k in Go names
-      - comment on exported const
+    - should have a package comment
+    # TODO(y4m4): Remove once all exported ident. have comments!
+    - comment on exported function
+    - comment on exported type
+    - should have comment
+    - use leading k in Go names
+    - comment on exported const
 run:
   skip-dirs:
     - pkg/clientgen
     - pkg/apis/networking.gke.io
+    - restapi/operations

.goreleaser.yml

@@ -1,195 +0,0 @@
-# This is an example goreleaser.yaml file with some sane defaults.
-# Make sure to check the documentation at http://goreleaser.com
-project_name: console
-
-release:
-   name_template: "Release version {{.Tag}}"
-   github:
-    owner: minio
-    name: console
-   extra_files:
-     - glob: "*.minisig"
-
-before:
-  hooks:
-    # you may remove this if you don't use vgo
-    - go mod tidy
-
-builds:
-  -
-    goos:
-      - linux
-      - darwin
-      - windows
-    goarch:
-      - amd64
-      - ppc64le
-      - s390x
-      - arm64
-    ignore:
-      - goos: darwin
-        goarch: arm
-      - goos: windows
-        goarch: arm64
-      - goos: windows
-        goarch: arm
-
-    env:
-      - CGO_ENABLED=0
-
-    main: ./cmd/console/
-
-    flags:
-      - -trimpath
-      - --tags=kqueue,operator
-
-    ldflags:
-      - -s -w -X github.com/minio/console/pkg.ReleaseTag={{.Tag}} -X github.com/minio/console/pkg.CommitID={{.FullCommit}} -X github.com/minio/console/pkg.Version={{.Version}} -X github.com/minio/console/pkg.ShortCommitID={{.ShortCommit}} -X github.com/minio/console/pkg.ReleaseTime={{.Date}}
-
-archives:
-  -
-    name_template: "{{ .ProjectName }}-{{ .Os }}-{{ .Arch }}"
-    format: binary
-    replacements:
-      arm: arm
-
-signs:
-  -
-    signature: "${artifact}.minisig"
-    cmd: "sh"
-    args:
-      - '-c'
-      - 'minisign -s /media/${USER}/minio/minisign.key -Sm ${artifact} < /media/${USER}/minio/minisign-passphrase'
-    artifacts: all
-
-snapshot:
-  name_template: v0.0.0@{{.ShortCommit}}
-
-changelog:
-  sort: asc
-
-nfpms:
-  -
-    vendor: MinIO, Inc.
-    homepage: https://github.com/minio/console
-    maintainer: MinIO Development <dev@min.io>
-    description: MinIO Console Server
-    license: GNU Affero General Public License v3.0
-    formats:
-      - deb
-      - rpm
-    contents:
-      # Basic file that applies to all packagers
-      - src: systemd/console.service
-        dst: /etc/systemd/system/minio-console.service
-
-dockers:
-- image_templates:
-  - "minio/console:{{ .Tag }}-amd64"
-  use: buildx
-  goarch: amd64
-  dockerfile: Dockerfile.release
-  extra_files:
-    - LICENSE
-    - CREDITS
-  build_flag_templates:
-  - "--platform=linux/amd64"
-  - "--build-arg=TAG={{ .Tag }}"
-- image_templates:
-  - "minio/console:{{ .Tag }}-ppc64le"
-  use: buildx
-  goarch: ppc64le
-  dockerfile: Dockerfile.release
-  extra_files:
-    - LICENSE
-    - CREDITS
-  build_flag_templates:
-  - "--platform=linux/ppc64le"
-  - "--build-arg=TAG={{ .Tag }}"
-- image_templates:
-  - "minio/console:{{ .Tag }}-s390x"
-  use: buildx
-  goarch: s390x
-  dockerfile: Dockerfile.release
-  extra_files:
-    - LICENSE
-    - CREDITS
-  build_flag_templates:
-  - "--platform=linux/s390x"
-  - "--build-arg=TAG={{ .Tag }}"
-- image_templates:
-  - "minio/console:{{ .Tag }}-arm64"
-  use: buildx
-  goarch: arm64
-  goos: linux
-  dockerfile: Dockerfile.release
-  extra_files:
-    - LICENSE
-    - CREDITS
-  build_flag_templates:
-  - "--platform=linux/arm64"
-  - "--build-arg=TAG={{ .Tag }}"
-- image_templates:
-  - "quay.io/minio/console:{{ .Tag }}-amd64"
-  use: buildx
-  goarch: amd64
-  dockerfile: Dockerfile.release
-  extra_files:
-    - LICENSE
-    - CREDITS
-  build_flag_templates:
-  - "--platform=linux/amd64"
-  - "--build-arg=TAG={{ .Tag }}"
-- image_templates:
-  - "quay.io/minio/console:{{ .Tag }}-ppc64le"
-  use: buildx
-  goarch: ppc64le
-  dockerfile: Dockerfile.release
-  extra_files:
-    - LICENSE
-    - CREDITS
-  build_flag_templates:
-  - "--platform=linux/ppc64le"
-  - "--build-arg=TAG={{ .Tag }}"
-- image_templates:
-  - "quay.io/minio/console:{{ .Tag }}-s390x"
-  use: buildx
-  goarch: s390x
-  dockerfile: Dockerfile.release
-  extra_files:
-    - LICENSE
-    - CREDITS
-  build_flag_templates:
-  - "--platform=linux/s390x"
-  - "--build-arg=TAG={{ .Tag }}"
-- image_templates:
-  - "quay.io/minio/console:{{ .Tag }}-arm64"
-  use: buildx
-  goarch: arm64
-  goos: linux
-  dockerfile: Dockerfile.release
-  extra_files:
-    - LICENSE
-    - CREDITS
-  build_flag_templates:
-  - "--platform=linux/arm64"
-  - "--build-arg=TAG={{ .Tag }}"
-docker_manifests:
-- name_template: minio/console:{{ .Tag }}
-  image_templates:
-  - minio/console:{{ .Tag }}-amd64
-  - minio/console:{{ .Tag }}-arm64
-  - minio/console:{{ .Tag }}-ppc64le
-  - minio/console:{{ .Tag }}-s390x
-- name_template: quay.io/minio/console:{{ .Tag }}
-  image_templates:
-  - quay.io/minio/console:{{ .Tag }}-amd64
-  - quay.io/minio/console:{{ .Tag }}-arm64
-  - quay.io/minio/console:{{ .Tag }}-ppc64le
-  - quay.io/minio/console:{{ .Tag }}-s390x
-- name_template: minio/console:latest
-  image_templates:
-  - minio/console:{{ .Tag }}-amd64
-  - minio/console:{{ .Tag }}-arm64
-  - minio/console:{{ .Tag }}-ppc64le
-  - minio/console:{{ .Tag }}-s390x

.nvmrc

@@ -0,0 +1 @@
+18

.semgrepignore

@@ -0,0 +1,35 @@
+# Ignore git items
+.gitignore
+.git/
+:include .gitignore
+
+# Common large paths
+node_modules/
+portal-ui/node_modules/
+build/
+dist/
+.idea/
+vendor/
+.env/
+.venv/
+.tox/
+*.min.js
+
+# Common test paths
+test/
+tests/
+*_test.go
+
+# Semgrep rules folder
+.semgrep
+
+# Semgrep-action log folder
+.semgrep_logs/
+
+# Ignore VsCode files
+.vscode/
+*.code-workspace
+*~
+.eslintcache
+
+consoleApi.ts

CHANGELOG.md

@@ -0,0 +1,215 @@
+<!-- @format -->
+
+# Changelog
+
+## Release v0.43.1
+
+Bug Fix:
+
+- Update Share Object UI to reflect maximum expiration time in UI
+
+## Release v0.43.0
+
+Features:
+
+- Updated PDF preview method
+
+Bug Fix:
+
+- Fixed vulnerabilities
+- Prevented non-necessary metadata calls in object browser
+
+## Release v0.42.2
+
+Bug Fix:
+
+- Hidden Prometheus metrics if URL is empty
+
+## Release v0.42.1
+
+Bug Fix:
+
+- Reset go version to 1.19
+
+## Release v0.42.0
+
+Features:
+
+- Introducing Dark Mode
+
+Bug Fix:
+
+- Fixed vulnerabilities
+- Changes on Upload and Delete object urls
+- Fixed blocking subpath creation if not enough permissions
+- Removed share object option at prefix level
+- Updated allowed actions for a deleted object
+
+## Release v0.41.0
+
+Features:
+
+- Updated pages to use mds components
+- support for resolving IPv4/IPv6
+
+Bug Fix:
+
+- Remove cache for ClientIP
+- Fixed override environment variables display in settings page
+- Fixed daylight savings time support in share modal
+
+## Release v0.40.0
+
+Features:
+
+- Updated OpenID page
+- Added New bucket event types support
+
+Bug Fix:
+
+- Fixed crash in access keys page
+- Fixed AuditLog filters issue
+- Fixed multiple issues with Object Browser
+
+## Release v0.39.0
+
+Features:
+
+- Migrated metrics page to mds
+- Migrated Register page to mds
+
+Bug Fix:
+
+- Fixed LDAP configuration page issues
+- Load available certificates in logout
+- Updated dependencies & go version
+- Fixed delete objects functionality
+
+## Release v0.38.0
+
+Features:
+
+- Added extra information to Service Accounts page
+- Updated Tiers, Site Replication, Speedtest, Heal & Watch pages components
+
+Bug Fix:
+
+- Fixed IDP expiry time errors
+- Updated project Dependencies
+
+## Release v0.37.0
+
+Features:
+
+- Updated Trace and Logs page components
+- Updated Prometheus metrics
+
+Bug Fix:
+
+- Disabled input fields for Subscription features if MinIO is not registered
+
+## Release v0.36.0
+
+Features:
+
+- Updated Settings page components
+
+Bug Fix:
+
+- Show LDAP Enabled value LDAP configuration
+- Download multiple objects in same path as they were selected
+
+## Release v0.35.1
+
+Bug Fix:
+
+- Change timestamp format for zip creation
+
+## Release v0.35.0
+
+Features:
+
+- Add Exclude Folders and Exclude Prefixes during bucket creation
+- Download multiple selected objects as zip and ignore deleted objects
+- Updated Call Home, Inspet, Profile and Health components
+
+Bug Fix:
+
+- Remove extra white spaces for configuration strings
+- Allow Create New Path in bucket view when having right permissions
+
+## Release v0.34.0
+
+Features:
+
+- Updated Buckets components
+
+Bug Fix:
+
+- Fixed SUBNET Health report upload
+- Updated Download Handler
+- Fixes issue with rewind
+- Avoid 1 hour expiration for IDP credentials
+
+---
+
+## Release v0.33.0
+
+Features:
+
+- Updated OpenID, LDAP components
+
+Bug Fix:
+
+- Fixed security issues
+- Fixed navigation issues in Object Browser
+- Fixed Dashboard metrics
+
+---
+
+## Release v0.32.0
+
+Features:
+
+- Updated Users and Groups components
+- Added placeholder image for Help Menu
+
+Bug Fix:
+
+- Fixed memory leak in WebSocket API for Object Browser
+
+---
+
+## Release v0.31.0
+
+**Breaking Changes:**
+
+- **Removed support for Standalone Deployments**
+
+Features:
+
+- Updated way files are displayed in uploading component
+- Updated Audit Logs and Policies components
+
+Bug Fix:
+
+- Fixed Download folders issue in Object Browser
+- Added missing Notification Events (ILM & REPLICA) in Events Notification Page
+- Fixed Security Vulnerability for `semver` dependency
+
+---
+
+## Release v0.30.0
+
+Features:
+
+- Added MinIO Console Help Menu
+- Updated UI Menu components
+
+Bug Fix:
+
+- Disable the Upload button on Object Browser if the user is not allowed
+- Fixed security vulnerability for `lestrrat-go/jwx` and `fast-xml-parser`
+- Fixed bug on sub-paths for Object Browser
+- Reduce the number of calls to `/session` API endpoint to improve performance
+- Rolled back the previous change for the Share File feature to no longer ask for Service Account access keys

DEVELOPMENT.md

@@ -1,3 +1,96 @@
+# Developing MinIO Console
+
+The MinIO Console requires the [MinIO Server](https://github.com/minio/minio). For development purposes, you also need to run both the MinIO Console web app and the MinIO Console server.
+
+## Running MinIO Console server
+
+Build the server in the main folder by running:
+```
+make
+```
+> Note: If it's the first time running the server, you might need to run `go mod tidy` to ensure you have all modules required.
+To start the server run:
+```
+CONSOLE_ACCESS_KEY=<your-access-key>
+CONSOLE_SECRET_KEY=<your-secret-key>
+CONSOLE_MINIO_SERVER=<minio-server-endpoint>
+CONSOLE_DEV_MODE=on
+./console server
+```
+
+## Running MinIO Console web app
+Refer to `/portal-ui` [instructions](/portal-ui/README.md) to run the web app locally.
+
+
+# Building with MinIO
+
+To test console in its shipping format, you need to build it from the MinIO repository, the following step will guide
+you to do that.
+
+### 0. Building with UI Changes
+
+If you are performing changes in the UI components of console and want to test inside the MinIO binary, you need to
+build assets first.
+
+In the console folder run
+
+```shell
+make assets
+```
+
+This will regenerate all the static assets that will be served by MinIO.
+
+### 1. Clone the `MinIO` repository
+
+In the parent folder of where you cloned this `console` repository, clone the MinIO Repository
+
+```shell
+git clone https://github.com/minio/minio.git
+```
+
+### 2. Update `go.mod` to use your local version
+
+In the MinIO repository open `go.mod` and after the first `require()` directive add a `replace()` directive
+
+```
+...
+)
+
+replace (
+github.com/minio/console => "../console"
+)
+
+require (
+...
+```
+
+### 3. Build `MinIO`
+
+Still in the MinIO folder, run
+
+```shell
+make build
+```
+
+# Testing on Kubernetes
+
+If you want to test console on kubernetes, you can perform all the steps from `Building with MinIO`, but change `Step 3`
+to the following:
+
+```shell
+TAG=miniodev/console:dev make docker
+```
+
+This will build a docker container image that can be used to test with your local kubernetes environment.
+
+For example, if you are using kind:
+
+```shell
+kind load docker-image miniodev/console:dev
+```
+
+and then deploy any `Tenant` that uses this image
+
 # LDAP authentication with Console
 
 ## Setup
@@ -15,7 +108,8 @@ $ docker cp console/docs/ldap/billy.ldif my-openldap-container:/container/servic
 $ docker exec my-openldap-container ldapadd -x -D "cn=admin,dc=example,dc=org" -w admin -f /container/service/slapd/assets/test/billy.ldif -H ldap://localhost
 ```
 
-Query the ldap server to check the user billy was created correctly and got assigned to the consoleAdmin group, you should get a list 
+Query the ldap server to check the user billy was created correctly and got assigned to the consoleAdmin group, you
+should get a list
 containing ldap users and groups.
 
 ```
@@ -30,7 +124,7 @@ $ docker exec my-openldap-container ldapsearch -x -H ldap://localhost -b uid=bil
 
 ### Change the password for user billy
 
-Set the new password for `billy` to `minio123` and enter `admin` as the default `LDAP Password` 
+Set the new password for `billy` to `minio123` and enter `admin` as the default `LDAP Password`
 
 ```
 $ docker exec -it my-openldap-container /bin/bash
@@ -41,6 +135,7 @@ Enter LDAP Password:
 ```
 
 ### Add the consoleAdmin policy to user billy on MinIO
+
 ```
 $ cat > consoleAdmin.json << EOF
 {
@@ -66,8 +161,8 @@ $ cat > consoleAdmin.json << EOF
   ]
 }
 EOF
-$ mc admin policy add myminio consoleAdmin consoleAdmin.json
-$ mc admin policy set myminio consoleAdmin user="uid=billy,dc=example,dc=org"
+$ mc admin policy create myminio consoleAdmin consoleAdmin.json
+$ mc admin policy attach myminio consoleAdmin --user="uid=billy,dc=example,dc=org"
 ```
 
 ## Run MinIO

Dockerfile

@@ -1,4 +1,5 @@
-FROM node:14 as uilayer
+ARG NODE_VERSION
+FROM node:$NODE_VERSION as uilayer
 
 WORKDIR /app
 
@@ -12,7 +13,7 @@ RUN make build-static
 
 USER node
 
-FROM golang:1.16 as golayer
+FROM golang:1.19 as golayer
 
 RUN apt-get update -y && apt-get install -y ca-certificates
 
@@ -29,9 +30,9 @@ WORKDIR /go/src/github.com/minio/console/
 ENV CGO_ENABLED=0
 
 COPY --from=uilayer /app/build /go/src/github.com/minio/console/portal-ui/build
-RUN go build -ldflags "-w -s" -a -o console ./cmd/console
+RUN go build --tags=kqueue,operator -ldflags "-w -s" -a -o console ./cmd/console
 
-FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3
+FROM registry.access.redhat.com/ubi8/ubi-minimal:8.7
 MAINTAINER MinIO Development "dev@min.io"
 EXPOSE 9090
 

Dockerfile.assets

@@ -1,4 +1,5 @@
-FROM node:14 as uilayer
+ARG NODE_VERSION
+FROM node:$NODE_VERSION as uilayer
 
 WORKDIR /app
 

Dockerfile.release

@@ -1,10 +1,11 @@
-FROM registry.access.redhat.com/ubi8/ubi-minimal:8.4
+FROM registry.access.redhat.com/ubi9/ubi-minimal:9.2 as build
+
+RUN microdnf update --nodocs && microdnf install ca-certificates --nodocs
+
+FROM registry.access.redhat.com/ubi9/ubi-micro:9.2
 
 ARG TAG
 
-COPY CREDITS /licenses/CREDITS
-COPY LICENSE /licenses/LICENSE
-
 LABEL name="MinIO" \
       vendor="MinIO Inc <dev@min.io>" \
       maintainer="MinIO Inc <dev@min.io>" \
@@ -13,11 +14,14 @@ LABEL name="MinIO" \
       summary="A graphical user interface for MinIO" \
       description="MinIO object storage is fundamentally different. Designed for performance and the S3 API, it is 100% open-source. MinIO is ideal for large, private cloud environments with stringent security requirements and delivers mission-critical availability across a diverse range of workloads."
 
-RUN \
-     microdnf update --nodocs && \
-     microdnf install ca-certificates --nodocs
-
-EXPOSE 9090
+# On RHEL the certificate bundle is located at:
+# - /etc/pki/tls/certs/ca-bundle.crt (RHEL 6)
+# - /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem (RHEL 7)
+COPY --from=build /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem /etc/pki/ca-trust/extracted/pem/
+COPY LICENSE /LICENSE
+COPY CREDITS /CREDITS
 COPY console /console
 
+EXPOSE 9090
+
 ENTRYPOINT ["/console"]

Makefile

@@ -5,31 +5,25 @@ BUILD_VERSION:=$(shell git describe --exact-match --tags $(git log -n1 --pretty=
 BUILD_TIME:=$(shell date 2>/dev/null)
 TAG ?= "minio/console:$(BUILD_VERSION)-dev"
 MINIO_VERSION ?= "quay.io/minio/minio:latest"
+TARGET_BUCKET ?= "target"
+NODE_VERSION := $(shell cat .nvmrc)
 
 default: console
 
 .PHONY: console
 console:
 	@echo "Building Console binary to './console'"
-	@(GO111MODULE=on CGO_ENABLED=0 go build -trimpath --tags=kqueue,operator --ldflags "-s -w" -o console ./cmd/console)
-
-k8sdev:
-	@docker build -t $(TAG) --build-arg build_version=$(BUILD_VERSION) --build-arg build_time='$(BUILD_TIME)' .
-	@kind load docker-image $(TAG)
-	@echo "Done, now restart your console deployment"
+	@(GO111MODULE=on CGO_ENABLED=0 go build -trimpath --tags=kqueue --ldflags "-s -w" -o console ./cmd/console)
 
 getdeps:
 	@mkdir -p ${GOPATH}/bin
-	@which golangci-lint 1>/dev/null || (echo "Installing golangci-lint" && curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(GOPATH)/bin v1.43.0)
+	@echo "Installing golangci-lint" && curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(GOPATH)/bin
 
 verifiers: getdeps fmt lint
 
 fmt:
 	@echo "Running $@ check"
-	@GO111MODULE=on gofmt -d restapi/
-	@GO111MODULE=on gofmt -d pkg/
-	@GO111MODULE=on gofmt -d cmd/
-	@GO111MODULE=on gofmt -d cluster/
+	@(env bash $(PWD)/verify-gofmt.sh)
 
 crosscompile:
 	@(env bash $(PWD)/cross-compile.sh $(arg1))
@@ -44,43 +38,190 @@ install: console
 	@mkdir -p $(GOPATH)/bin && cp -f $(PWD)/console $(GOPATH)/bin/console
 	@echo "Installation successful. To learn more, try \"console --help\"."
 
-swagger-gen: clean-swagger swagger-console swagger-operator
+swagger-gen: clean-swagger swagger-console apply-gofmt
 	@echo "Done Generating swagger server code from yaml"
 
+apply-gofmt:
+	@echo "Applying gofmt to all generated an existing files"
+	@GO111MODULE=on gofmt -w .
+
 clean-swagger:
 	@echo "cleaning"
 	@rm -rf models
 	@rm -rf restapi/operations
-	@rm -rf operatorapi/operations
 
 swagger-console:
 	@echo "Generating swagger server code from yaml"
-	@swagger generate server -A console --main-package=management --server-package=restapi --exclude-main -P models.Principal -f ./swagger-console.yml -r NOTICE
+	@swagger generate server -A console --main-package=management --server-package=restapi --exclude-main -P models.Principal -f ./swagger.yml -r NOTICE
+	@echo "Generating typescript api"
+	@npx swagger-typescript-api -p ./swagger.yml -o ./portal-ui/src/api -n consoleApi.ts
+	@git restore restapi/server.go
 
-swagger-operator:
-	@echo "Generating swagger server code from yaml"
-	@swagger generate server -A operator --main-package=operator --server-package=operatorapi --exclude-main -P models.Principal -f ./swagger-operator.yml -r NOTICE
 
 assets:
-	@(cd portal-ui; yarn install; make build-static; yarn prettier --write . --loglevel warn; cd ..)
+	@(if [ -f "${NVM_DIR}/nvm.sh" ]; then \. "${NVM_DIR}/nvm.sh" && nvm install && nvm use && npm install -g yarn ; fi &&\
+	  cd portal-ui; yarn install --prefer-offline; make build-static; yarn prettier --write . --loglevel warn; cd ..)
 
 test-integration:
+	@(docker stop pgsqlcontainer || true)
+	@(docker stop minio || true)
+	@(docker stop minio2 || true)
+	@(docker network rm mynet123 || true)
+	@echo "create docker network to communicate containers MinIO & PostgreSQL"
+	@(docker network create --subnet=173.18.0.0/29 mynet123)
 	@echo "docker run with MinIO Version below:"
 	@echo $(MINIO_VERSION)
-	@(docker run -d --name minio --rm -p 9000:9000 $(MINIO_VERSION) server /data{1...4} && sleep 5)
-	@(GO111MODULE=on go test -race -v github.com/minio/console/integration/...)
+	@echo "MinIO 1"
+	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 --net=mynet123 -d --name minio --rm -p 9000:9000 -p 9091:9091 -e MINIO_KMS_SECRET_KEY=my-minio-key:OSMM+vkKUTCvQs9YL/CVMIMt43HFhkUpqJxTmGl6rYw= $(MINIO_VERSION) server /data{1...4} --console-address ':9091' && sleep 5)
+	@echo "MinIO 2"
+	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 --net=mynet123 -d --name minio2 --rm -p 9001:9001 -p 9092:9092 -e MINIO_KMS_SECRET_KEY=my-minio-key:OSMM+vkKUTCvQs9YL/CVMIMt43HFhkUpqJxTmGl6rYw= $(MINIO_VERSION) server /data{1...4} --address ':9001' --console-address ':9092' && sleep 5)
+	@echo "Postgres"
+	@(docker run --net=mynet123 --ip=173.18.0.4 --name pgsqlcontainer --rm -p 5432:5432 -e POSTGRES_PASSWORD=password -d postgres && sleep 5)
+	@echo "execute test and get coverage for test-integration:"
+	@(cd integration && go test -coverpkg=../restapi -c -tags testrunmain . && mkdir -p coverage &&  ./integration.test -test.v -test.run "^Test*" -test.coverprofile=coverage/system.out)
+	@(docker stop pgsqlcontainer)
+	@(docker stop minio)
+	@(docker stop minio2)
+	@(docker network rm mynet123)
+
+test-replication:
+	@(docker stop minio || true)
+	@(docker stop minio1 || true)
+	@(docker stop minio2 || true)
+	@(docker network rm mynet123 || true)
+	@(docker network create mynet123)
+	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 \
+	  --net=mynet123 -d \
+	  --name minio \
+	  --rm \
+	  -p 9000:9000 \
+	  -p 6000:6000 \
+	  -e MINIO_KMS_SECRET_KEY=my-minio-key:OSMM+vkKUTCvQs9YL/CVMIMt43HFhkUpqJxTmGl6rYw= \
+	  -e MINIO_ROOT_USER="minioadmin" \
+	  -e MINIO_ROOT_PASSWORD="minioadmin" \
+	  $(MINIO_VERSION) server /data{1...4} \
+	  --address :9000 \
+	  --console-address :6000)
+	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 \
+	  --net=mynet123 -d \
+	  --name minio1 \
+	  --rm \
+	  -p 9001:9001 \
+	  -p 6001:6001 \
+	  -e MINIO_KMS_SECRET_KEY=my-minio-key:OSMM+vkKUTCvQs9YL/CVMIMt43HFhkUpqJxTmGl6rYw= \
+	  -e MINIO_ROOT_USER="minioadmin" \
+	  -e MINIO_ROOT_PASSWORD="minioadmin" \
+	  $(MINIO_VERSION) server /data{1...4} \
+	  --address :9001 \
+	  --console-address :6001)
+	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 \
+	  --net=mynet123 -d \
+	  --name minio2 \
+	  --rm \
+	  -p 9002:9002 \
+	  -p 6002:6002 \
+	  -e MINIO_KMS_SECRET_KEY=my-minio-key:OSMM+vkKUTCvQs9YL/CVMIMt43HFhkUpqJxTmGl6rYw= \
+	  -e MINIO_ROOT_USER="minioadmin" \
+	  -e MINIO_ROOT_PASSWORD="minioadmin" \
+	  $(MINIO_VERSION) server /data{1...4} \
+	  --address :9002 \
+	  --console-address :6002)
+	@(cd replication && go test -coverpkg=../restapi -c -tags testrunmain . && mkdir -p coverage && ./replication.test -test.v -test.run "^Test*" -test.coverprofile=coverage/replication.out)
+	@(docker stop minio || true)
+	@(docker stop minio1 || true)
+	@(docker stop minio2 || true)
+	@(docker network rm mynet123 || true)
+
+test-sso-integration:
+	@echo "create the network in bridge mode to communicate all containers"
+	@(docker network create my-net)
+	@echo "run openldap container using MinIO Image: quay.io/minio/openldap:latest"
+	@(docker run \
+		-e LDAP_ORGANIZATION="MinIO Inc" \
+		-e LDAP_DOMAIN="min.io" \
+		-e LDAP_ADMIN_PASSWORD="admin" \
+		--network my-net \
+		-p 389:389 \
+		-p 636:636 \
+		--name openldap \
+		--detach quay.io/minio/openldap:latest)
+	@echo "Run Dex container using MinIO Image: quay.io/minio/dex:latest"
+	@(docker run \
+		-e DEX_ISSUER=http://dex:5556/dex \
+		-e DEX_CLIENT_REDIRECT_URI=http://127.0.0.1:9090/oauth_callback \
+		-e DEX_LDAP_SERVER=openldap:389 \
+		--network my-net \
+		-p 5556:5556 \
+		--name dex \
+		--detach quay.io/minio/dex:latest)
+	@echo "running minio server"
+	@(docker run \
+	-v /data1 -v /data2 -v /data3 -v /data4 \
+	--network my-net \
+	-d \
+	--name minio \
+	--rm \
+	-p 9000:9000 \
+	-p 9001:9001 \
+	-e MINIO_IDENTITY_OPENID_CLIENT_ID="minio-client-app" \
+	-e MINIO_IDENTITY_OPENID_CLIENT_SECRET="minio-client-app-secret" \
+	-e MINIO_IDENTITY_OPENID_CLAIM_NAME=name \
+	-e MINIO_IDENTITY_OPENID_CONFIG_URL=http://dex:5556/dex/.well-known/openid-configuration \
+	-e MINIO_IDENTITY_OPENID_REDIRECT_URI=http://127.0.0.1:9090/oauth_callback \
+	-e MINIO_ROOT_USER=minio \
+	-e MINIO_ROOT_PASSWORD=minio123 $(MINIO_VERSION) server /data{1...4} --address :9000 --console-address :9001)
+	@echo "run mc commands to set the policy"
+	@(docker run --name minio-client --network my-net -dit --entrypoint=/bin/sh minio/mc)
+	@(docker exec minio-client mc alias set myminio/ http://minio:9000 minio minio123)
+	@echo "adding policy to Dillon Harper to be able to login:"
+	@(cd sso-integration && docker cp allaccess.json minio-client:/ && docker exec minio-client mc admin policy create myminio "Dillon Harper" allaccess.json)
+	@echo "starting bash script"
+	@(env bash $(PWD)/sso-integration/set-sso.sh)
+	@echo "add python module"
+	@(pip3 install bs4)
+	@echo "Executing the test:"
+	@(cd sso-integration && go test -coverpkg=../restapi -c -tags testrunmain . && mkdir -p coverage && ./sso-integration.test -test.v -test.run "^Test*" -test.coverprofile=coverage/sso-system.out)
+
+test-permissions-1:
+	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
+	@(env bash $(PWD)/portal-ui/tests/scripts/permissions.sh "portal-ui/tests/permissions-1/")
 	@(docker stop minio)
 
-test-permissions:
-	@(docker run -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
-	@(env bash $(PWD)/portal-ui/tests/scripts/permissions.sh)
+test-permissions-2:
+	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
+	@(env bash $(PWD)/portal-ui/tests/scripts/permissions.sh "portal-ui/tests/permissions-2/")
+	@(docker stop minio)
+
+test-permissions-3:
+	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
+	@(env bash $(PWD)/portal-ui/tests/scripts/permissions.sh "portal-ui/tests/permissions-3/")
+	@(docker stop minio)
+
+test-permissions-4:
+	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
+	@(env bash $(PWD)/portal-ui/tests/scripts/permissions.sh "portal-ui/tests/permissions-4/")
+	@(docker stop minio)
+
+test-permissions-5:
+	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
+	@(env bash $(PWD)/portal-ui/tests/scripts/permissions.sh "portal-ui/tests/permissions-5/")
+	@(docker stop minio)
+
+test-permissions-6:
+	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
+	@(env bash $(PWD)/portal-ui/tests/scripts/permissions.sh "portal-ui/tests/permissions-6/")
+	@(docker stop minio)
+
+test-permissions-7:
+	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
+	@(env bash $(PWD)/portal-ui/tests/scripts/permissions.sh "portal-ui/tests/permissions-7/")
 	@(docker stop minio)
 
 test-apply-permissions:
 	@(env bash $(PWD)/portal-ui/tests/scripts/initialize-env.sh)
 
 test-start-docker-minio:
-	@(docker run -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
+	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
 
 initialize-permissions: test-start-docker-minio test-apply-permissions
 	@echo "Done initializing permissions test"
@@ -89,11 +230,38 @@ cleanup-permissions:
 	@(env bash $(PWD)/portal-ui/tests/scripts/cleanup-env.sh)
 	@(docker stop minio)
 
+initialize-docker-network:
+	@(docker network create test-network)
+
+test-start-docker-minio-w-redirect-url: initialize-docker-network
+	@(docker run \
+    -e MINIO_BROWSER_REDIRECT_URL='http://localhost:8000/console/subpath/' \
+    -e MINIO_SERVER_URL='http://localhost:9000' \
+    -v /data1 -v /data2 -v /data3 -v /data4 \
+    -d --network host --name minio --rm\
+    quay.io/minio/minio:latest server /data{1...4}) 
+
+test-start-docker-nginx-w-subpath:
+	@(docker run \
+	--network host \
+	-d --rm \
+	--add-host=host.docker.internal:host-gateway \
+	-v ./portal-ui/tests/subpath-nginx/nginx.conf:/etc/nginx/nginx.conf \
+	--name test-nginx nginx)
+
+test-initialize-minio-nginx: test-start-docker-minio-w-redirect-url test-start-docker-nginx-w-subpath
+
+cleanup-minio-nginx:
+	@(docker stop minio test-nginx & docker network rm test-network)
+
 test:
-	@(GO111MODULE=on go test -race -v github.com/minio/console/restapi/...)
+	@echo "execute test and get coverage"
+	@(cd restapi && mkdir coverage && GO111MODULE=on go test -test.v -coverprofile=coverage/coverage.out)
+
 
 test-pkg:
-	@(GO111MODULE=on go test -race -v github.com/minio/console/pkg/...)
+	@echo "execute test and get coverage"
+	@(cd pkg && mkdir coverage && GO111MODULE=on go test -test.v -coverprofile=coverage/coverage-pkg.out)
 
 coverage:
 	@(GO111MODULE=on go test -v -coverprofile=coverage.out github.com/minio/console/restapi/... && go tool cover -html=coverage.out && open coverage.html)
@@ -105,4 +273,10 @@ clean:
 	@rm -vf console
 
 docker:
-	@docker buildx build --output=type=docker --platform linux/amd64 -t $(TAG) --build-arg build_version=$(BUILD_VERSION) --build-arg build_time='$(BUILD_TIME)' .
+	@docker buildx build --output=type=docker --platform linux/amd64 -t $(TAG) --build-arg build_version=$(BUILD_VERSION) --build-arg build_time='$(BUILD_TIME)' --build-arg NODE_VERSION='$(NODE_VERSION)' .
+
+release: swagger-gen
+	@echo "Generating Release: $(RELEASE)"
+	@make assets
+	@git add -u .
+	@git add portal-ui/build/

NOTICE

@@ -1,5 +1,5 @@
 This file is part of MinIO Console Server
-Copyright (c) 2021 MinIO, Inc.
+Copyright (c) 2023 MinIO, Inc.
 
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU Affero General Public License as published by

README.md

@@ -4,57 +4,38 @@
 
 A graphical user interface for [MinIO](https://github.com/minio/minio)
 
-| Dashboard                     | Creating a bucket             |
-| -------------                 | -------------                 |
-| ![Dashboard](images/pic1.png) | ![Dashboard](images/pic2.png) |
+| Object Browser                     | Dashboard                     | Creating a bucket             |
+|------------------------------------|-------------------------------|-------------------------------|
+| ![Object Browser](images/pic3.png) | ![Dashboard](images/pic1.png) | ![Dashboard](images/pic2.png) |
 
 <!-- markdown-toc start - Don't edit this section. Run M-x markdown-toc-refresh-toc -->
 **Table of Contents**
 
 - [MinIO Console](#minio-console)
-    - [Install](#install)
-        - [Binary Releases](#binary-releases)
-        - [Docker](#docker)
-        - [Build from source](#build-from-source)
-    - [Setup](#setup)
-        - [1. Create a user `console` using `mc`](#1-create-a-user-console-using-mc)
-        - [2. Create a policy for `console` with admin access to all resources (for testing)](#2-create-a-policy-for-console-with-admin-access-to-all-resources-for-testing)
-        - [3. Set the policy for the new `console` user](#3-set-the-policy-for-the-new-console-user)
-    - [Start Console service:](#start-console-service)
-    - [Start Console service with TLS:](#start-console-service-with-tls)
-    - [Connect Console to a Minio using TLS and a self-signed certificate](#connect-console-to-a-minio-using-tls-and-a-self-signed-certificate)
+  - [Install](#install)
+    - [Build from source](#build-from-source)
+  - [Setup](#setup)
+    - [1. Create a user `console` using `mc`](#1-create-a-user-console-using-mc)
+    - [2. Create a policy for `console` with admin access to all resources (for testing)](#2-create-a-policy-for-console-with-admin-access-to-all-resources-for-testing)
+    - [3. Set the policy for the new `console` user](#3-set-the-policy-for-the-new-console-user)
+  - [Start Console service:](#start-console-service)
+  - [Start Console service with TLS:](#start-console-service-with-tls)
+  - [Connect Console to a Minio using TLS and a self-signed certificate](#connect-console-to-a-minio-using-tls-and-a-self-signed-certificate)
 - [Contribute to console Project](#contribute-to-console-project)
 
 <!-- markdown-toc end -->
 
 ## Install
 
-### Binary Releases
+MinIO Console is a library that provides a management and browser UI overlay for the MinIO Server.
+The standalone binary installation path has been removed.
 
-| OS      | ARCH    | Binary                                                                                               |
-|:-------:|:-------:|:----------------------------------------------------------------------------------------------------:|
-| Linux   | amd64   | [linux-amd64](https://github.com/minio/console/releases/latest/download/console-linux-amd64)         |
-| Linux   | arm64   | [linux-arm64](https://github.com/minio/console/releases/latest/download/console-linux-arm64)         |
-| Linux   | ppc64le | [linux-ppc64le](https://github.com/minio/console/releases/latest/download/console-linux-ppc64le)     |
-| Linux   | s390x   | [linux-s390x](https://github.com/minio/console/releases/latest/download/console-linux-s390x)         |
-| Apple   | amd64   | [darwin-amd64](https://github.com/minio/console/releases/latest/download/console-darwin-amd64)       |
-| Windows | amd64   | [windows-amd64](https://github.com/minio/console/releases/latest/download/console-windows-amd64.exe) |
-
-You can also verify the binary with [minisign](https://jedisct1.github.io/minisign/) by downloading the corresponding [`.minisig`](https://github.com/minio/console/releases/latest) signature file. Then run:
-```
-minisign -Vm console-<OS>-<ARCH> -P RWTx5Zr1tiHQLwG9keckT0c45M3AGeHD6IvimQHpyRywVWGbP1aVSGav
-```
-
-### Docker
-
-Pull the latest release via:
-```
-docker pull minio/console
-```
+In case a Console standalone binary is needed, it can be generated by building this package from source as follows:
 
 ### Build from source
+
 > You will need a working Go environment. Therefore, please follow [How to install Go](https://golang.org/doc/install).
-> Minimum version required is go1.17
+> Minimum version required is go1.19
 
 ```
 go install github.com/minio/console/cmd/console@latest
@@ -103,60 +84,64 @@ EOF
 ```
 
 ```sh
-mc admin policy add myminio/ consoleAdmin admin.json
+mc admin policy create myminio/ consoleAdmin admin.json
 ```
 
 ### 3. Set the policy for the new `console` user
 
 ```sh
-mc admin policy set myminio consoleAdmin user=console
+mc admin policy attach myminio consoleAdmin --user=console
 ```
 
-> NOTE: Additionally, you can create policies to limit the privileges for other `console` users, for example, if you want the user to only have access to dashboard, buckets, notifications and watch page, the policy should look like this:
+> NOTE: Additionally, you can create policies to limit the privileges for other `console` users, for example, if you
+> want the user to only have access to dashboard, buckets, notifications and watch page, the policy should look like
+> this:
 
 ```json
 {
-	"Version": "2012-10-17",
-	"Statement": [{
-			"Action": [
-				"admin:ServerInfo"
-			],
-			"Effect": "Allow",
-			"Sid": ""
-		},
-		{
-			"Action": [
-				"s3:ListenBucketNotification",
-				"s3:PutBucketNotification",
-				"s3:GetBucketNotification",
-				"s3:ListMultipartUploadParts",
-				"s3:ListBucketMultipartUploads",
-				"s3:ListBucket",
-				"s3:HeadBucket",
-				"s3:GetObject",
-				"s3:GetBucketLocation",
-				"s3:AbortMultipartUpload",
-				"s3:CreateBucket",
-				"s3:PutObject",
-				"s3:DeleteObject",
-				"s3:DeleteBucket",
-				"s3:PutBucketPolicy",
-				"s3:DeleteBucketPolicy",
-				"s3:GetBucketPolicy"
-			],
-			"Effect": "Allow",
-			"Resource": [
-				"arn:aws:s3:::*"
-			],
-			"Sid": ""
-		}
-	]
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Action": [
+        "admin:ServerInfo"
+      ],
+      "Effect": "Allow",
+      "Sid": ""
+    },
+    {
+      "Action": [
+        "s3:ListenBucketNotification",
+        "s3:PutBucketNotification",
+        "s3:GetBucketNotification",
+        "s3:ListMultipartUploadParts",
+        "s3:ListBucketMultipartUploads",
+        "s3:ListBucket",
+        "s3:HeadBucket",
+        "s3:GetObject",
+        "s3:GetBucketLocation",
+        "s3:AbortMultipartUpload",
+        "s3:CreateBucket",
+        "s3:PutObject",
+        "s3:DeleteObject",
+        "s3:DeleteBucket",
+        "s3:PutBucketPolicy",
+        "s3:DeleteBucketPolicy",
+        "s3:GetBucketPolicy"
+      ],
+      "Effect": "Allow",
+      "Resource": [
+        "arn:aws:s3:::*"
+      ],
+      "Sid": ""
+    }
+  ]
 }
 ```
 
 ## Start Console service:
 
 Before running console service, following environment settings must be supplied
+
 ```sh
 # Salt to encrypt JWT payload
 export CONSOLE_PBKDF_PASSPHRASE=SECRET
@@ -169,6 +154,7 @@ export CONSOLE_MINIO_SERVER=http://localhost:9000
 ```
 
 Now start the console service.
+
 ```
 ./console server
 2021-01-19 02:36:08.893735 I | 2021/01/19 02:36:08 server.go:129: Serving console at http://localhost:9090
@@ -189,6 +175,7 @@ Copy your `public.crt` and `private.key` to `~/.console/certs`, then:
 For advanced users, `console` has support for multiple certificates to service clients through multiple domains.
 
 Following tree structure is expected for supporting multiple domains:
+
 ```sh
  certs/
   │
@@ -219,4 +206,5 @@ export CONSOLE_MINIO_SERVER=https://localhost:9000
 You can verify that the apis work by doing the request on `localhost:9090/api/v1/...`
 
 # Contribute to console Project
+
 Please follow console [Contributor's Guide](https://github.com/minio/console/blob/master/CONTRIBUTING.md)

SECURITY.md

@@ -18,9 +18,10 @@ you need access credentials for a successful exploit).
 
 If you have not received a reply to your email within 48 hours or you have not heard from the security team
 for the past five days please contact the security team directly:
-  - Primary security coordinator: lenin@min.io
-  - Secondary coordinator: security@min.io
-  - If you receive no response: dev@min.io
+
+- Primary security coordinator: daniel@min.io
+- Secondary coordinator: security@min.io
+- If you receive no response: dev@min.io
 
 ### Disclosure Process
 

cluster/cluster.go

@@ -1,71 +0,0 @@
-// This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package cluster
-
-import (
-	direct "github.com/minio/direct-csi/pkg/clientset"
-	operator "github.com/minio/operator/pkg/client/clientset/versioned"
-	"k8s.io/client-go/kubernetes"
-	"k8s.io/client-go/rest"
-	certutil "k8s.io/client-go/util/cert"
-)
-
-// getTLSClientConfig will return the right TLS configuration for the K8S client based on the configured TLS certificate
-func getTLSClientConfig() rest.TLSClientConfig {
-	var defaultRootCAFile = "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"
-	var customRootCAFile = getK8sAPIServerTLSRootCA()
-	tlsClientConfig := rest.TLSClientConfig{}
-	// if console is running inside k8s by default he will have access to the CA Cert from the k8s local authority
-	if _, err := certutil.NewPool(defaultRootCAFile); err == nil {
-		tlsClientConfig.CAFile = defaultRootCAFile
-	}
-	// if the user explicitly define a custom CA certificate, instead, we will use that
-	if customRootCAFile != "" {
-		if _, err := certutil.NewPool(customRootCAFile); err == nil {
-			tlsClientConfig.CAFile = customRootCAFile
-		}
-	}
-	return tlsClientConfig
-}
-
-// This operation will run only once at console startup
-var tlsClientConfig = getTLSClientConfig()
-
-func GetK8sConfig(token string) *rest.Config {
-	config := &rest.Config{
-		Host:            GetK8sAPIServer(),
-		TLSClientConfig: tlsClientConfig,
-		APIPath:         "/",
-		BearerToken:     token,
-	}
-	return config
-}
-
-// OperatorClient returns an operator client using GetK8sConfig for its config
-func OperatorClient(token string) (*operator.Clientset, error) {
-	return operator.NewForConfig(GetK8sConfig(token))
-}
-
-// K8sClient returns kubernetes client using GetK8sConfig for its config
-func K8sClient(token string) (*kubernetes.Clientset, error) {
-	return kubernetes.NewForConfig(GetK8sConfig(token))
-}
-
-// DirectCSIClient returns Direct CSI client using GetK8sConfig for its config
-func DirectCSIClient(token string) (*direct.Clientset, error) {
-	return direct.NewForConfig(GetK8sConfig(token))
-}

cluster/config.go

@@ -1,121 +0,0 @@
-// This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package cluster
-
-import (
-	"errors"
-	"fmt"
-	"io/ioutil"
-	"net"
-	"net/http"
-	"regexp"
-	"strings"
-	"time"
-
-	"github.com/minio/pkg/env"
-)
-
-var (
-	errCantDetermineMinIOImage = errors.New("can't determine MinIO Image")
-)
-
-func GetK8sAPIServer() string {
-	// if console is running inside a k8s pod KUBERNETES_SERVICE_HOST and KUBERNETES_SERVICE_PORT will contain the k8s api server apiServerAddress
-	// if console is not running inside k8s by default will look for the k8s api server on localhost:8001 (kubectl proxy)
-	// NOTE: using kubectl proxy is for local development only, since every request send to localhost:8001 will bypass service account authentication
-	// more info here: https://kubernetes.io/docs/tasks/access-application-cluster/access-cluster/#directly-accessing-the-rest-api
-	// you can override this using CONSOLE_K8S_API_SERVER, ie use the k8s cluster from `kubectl config view`
-	host, port := env.Get("KUBERNETES_SERVICE_HOST", ""), env.Get("KUBERNETES_SERVICE_PORT", "")
-	apiServerAddress := "http://localhost:8001"
-	if host != "" && port != "" {
-		apiServerAddress = "https://" + net.JoinHostPort(host, port)
-	}
-	return env.Get(ConsoleK8sAPIServer, apiServerAddress)
-}
-
-// If CONSOLE_K8S_API_SERVER_TLS_ROOT_CA is true console will load the certificate into the
-// http.client rootCAs pool, this is useful for testing an k8s ApiServer or when working with self-signed certificates
-func getK8sAPIServerTLSRootCA() string {
-	return strings.TrimSpace(env.Get(ConsoleK8SAPIServerTLSRootCA, ""))
-}
-
-// GetNsFromFile assumes console is running inside a k8s pod and extract the current namespace from the
-// /var/run/secrets/kubernetes.io/serviceaccount/namespace file
-func GetNsFromFile() string {
-	dat, err := ioutil.ReadFile("/var/run/secrets/kubernetes.io/serviceaccount/namespace")
-	if err != nil {
-		return "default"
-	}
-	return string(dat)
-}
-
-// Namespace will run only once at console startup
-var Namespace = GetNsFromFile()
-
-// getLatestMinIOImage returns the latest docker image for MinIO if found on the internet
-func getLatestMinIOImage(client HTTPClientI) (*string, error) {
-	resp, err := client.Get("https://dl.min.io/server/minio/release/linux-amd64/")
-	if err != nil {
-		return nil, err
-	}
-	defer resp.Body.Close()
-
-	body, err := ioutil.ReadAll(resp.Body)
-	if err != nil {
-		return nil, err
-	}
-	var re = regexp.MustCompile(`(?m)\.\/minio\.(RELEASE.*?Z)"`)
-	// look for a single match
-	matches := re.FindAllStringSubmatch(string(body), 1)
-	for i := range matches {
-		release := matches[i][1]
-		dockerImage := fmt.Sprintf("minio/minio:%s", release)
-		return &dockerImage, nil
-	}
-	return nil, errCantDetermineMinIOImage
-}
-
-var latestMinIOImage, errLatestMinIOImage = getLatestMinIOImage(
-	&HTTPClient{
-		Client: &http.Client{
-			Timeout: 15 * time.Second,
-		},
-	})
-
-// GetMinioImage returns the image URL to be used when deploying a MinIO instance, if there is
-// a preferred image to be used (configured via ENVIRONMENT VARIABLES) GetMinioImage will return that
-// if not, GetMinioImage will try to obtain the image URL for the latest version of MinIO and return that
-func GetMinioImage() (*string, error) {
-	image := strings.TrimSpace(env.Get(ConsoleMinioImage, ""))
-	// if there is a preferred image configured by the user we'll always return that
-	if image != "" {
-		return &image, nil
-	}
-	if errLatestMinIOImage != nil {
-		return nil, errLatestMinIOImage
-	}
-	return latestMinIOImage, nil
-}
-
-// GetLatestMinioImage returns the latest image URL on minio repository
-func GetLatestMinioImage(client HTTPClientI) (*string, error) {
-	latestMinIOImage, err := getLatestMinIOImage(client)
-	if err != nil {
-		return nil, err
-	}
-	return latestMinIOImage, nil
-}

cluster/const.go

@@ -1,24 +0,0 @@
-// This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package cluster
-
-const (
-	ConsoleK8sAPIServer          = "CONSOLE_K8S_API_SERVER"
-	ConsoleK8SAPIServerTLSRootCA = "CONSOLE_K8S_API_SERVER_TLS_ROOT_CA"
-	ConsoleMinioImage            = "CONSOLE_MINIO_IMAGE"
-	ConsoleMCImage               = "CONSOLE_MC_IMAGE"
-)

cluster/http_client.go

@@ -1,53 +0,0 @@
-// This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package cluster
-
-import (
-	"io"
-	"net/http"
-)
-
-// HTTPClientI interface with all functions to be implemented
-// by mock when testing, it should include all HttpClient respective api calls
-// that are used within this project.
-type HTTPClientI interface {
-	Get(url string) (resp *http.Response, err error)
-	Post(url, contentType string, body io.Reader) (resp *http.Response, err error)
-	Do(req *http.Request) (*http.Response, error)
-}
-
-// HTTPClient Interface implementation
-//
-// Define the structure of a http client and define the functions that are actually used
-type HTTPClient struct {
-	Client *http.Client
-}
-
-// Get implements http.Client.Get()
-func (c *HTTPClient) Get(url string) (resp *http.Response, err error) {
-	return c.Client.Get(url)
-}
-
-// Post implements http.Client.Post()
-func (c *HTTPClient) Post(url, contentType string, body io.Reader) (resp *http.Response, err error) {
-	return c.Client.Post(url, contentType, body)
-}
-
-// Do implement http.Client.Do()
-func (c *HTTPClient) Do(req *http.Request) (*http.Response, error) {
-	return c.Client.Do(req)
-}

cmd/console/app_commands.go

@@ -1,6 +1,3 @@
-//go:build operator
-// +build operator
-
 // This file is part of MinIO Console Server
 // Copyright (c) 2021 MinIO, Inc.
 //
@@ -20,10 +17,13 @@
 package main
 
 import (
-	"os"
+	"context"
+	"fmt"
 	"strconv"
 	"time"
 
+	"github.com/minio/console/pkg/logger"
+
 	"github.com/minio/cli"
 	"github.com/minio/console/restapi"
 )
@@ -31,20 +31,27 @@ import (
 var appCmds = []cli.Command{
 	serverCmd,
 	updateCmd,
-	operatorCmd,
 }
 
 // StartServer starts the console service
 func StartServer(ctx *cli.Context) error {
-	if os.Getenv("CONSOLE_OPERATOR_MODE") != "" && os.Getenv("CONSOLE_OPERATOR_MODE") == "on" {
-		return startOperatorServer(ctx)
-	}
-
 	if err := loadAllCerts(ctx); err != nil {
 		// Log this as a warning and continue running console without TLS certificates
 		restapi.LogError("Unable to load certs: %v", err)
 	}
 
+	xctx := context.Background()
+
+	transport := restapi.PrepareSTSClientTransport(false, restapi.LocalAddress)
+	if err := logger.InitializeLogger(xctx, transport.Transport); err != nil {
+		fmt.Println("error InitializeLogger", err)
+		logger.CriticalIf(xctx, err)
+	}
+	// custom error configuration
+	restapi.LogInfo = logger.Info
+	restapi.LogError = logger.Error
+	restapi.LogIf = logger.LogIf
+
 	var rctx restapi.Context
 	if err := rctx.Load(ctx); err != nil {
 		restapi.LogError("argument validation failed: %v", err)

cmd/console/app_commands_noop.go

@@ -1,77 +0,0 @@
-// This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-//go:build !operator
-// +build !operator
-
-package main
-
-import (
-	"strconv"
-	"time"
-
-	"github.com/minio/cli"
-	"github.com/minio/console/restapi"
-)
-
-var appCmds = []cli.Command{
-	serverCmd,
-	updateCmd,
-}
-
-// StartServer starts the console service
-func StartServer(ctx *cli.Context) error {
-	if err := loadAllCerts(ctx); err != nil {
-		// Log this as a warning and continue running console without TLS certificates
-		restapi.LogError("Unable to load certs: %v", err)
-	}
-
-	var rctx restapi.Context
-	if err := rctx.Load(ctx); err != nil {
-		restapi.LogError("argument validation failed: %v", err)
-		return err
-	}
-
-	server, err := buildServer()
-	if err != nil {
-		restapi.LogError("Unable to initialize console server: %v", err)
-		return err
-	}
-
-	server.Host = rctx.Host
-	server.Port = rctx.HTTPPort
-	// set conservative timesout for uploads
-	server.ReadTimeout = 1 * time.Hour
-	// no timeouts for response for downloads
-	server.WriteTimeout = 0
-	restapi.Port = strconv.Itoa(server.Port)
-	restapi.Hostname = server.Host
-
-	if len(restapi.GlobalPublicCerts) > 0 {
-		// If TLS certificates are provided enforce the HTTPS schema, meaning console will redirect
-		// plain HTTP connections to HTTPS server
-		server.EnabledListeners = []string{"http", "https"}
-		server.TLSPort = rctx.HTTPSPort
-		// Need to store tls-port, tls-host un config variables so secure.middleware can read from there
-		restapi.TLSPort = strconv.Itoa(server.TLSPort)
-		restapi.Hostname = rctx.Host
-		restapi.TLSRedirect = rctx.TLSRedirect
-	}
-
-	defer server.Shutdown()
-
-	return server.Serve()
-}

cmd/console/main.go

@@ -25,29 +25,29 @@ import (
 
 	"github.com/minio/cli"
 	"github.com/minio/console/pkg"
-	"github.com/minio/pkg/console"
-	"github.com/minio/pkg/trie"
-	"github.com/minio/pkg/words"
+	"github.com/minio/pkg/v2/console"
+	"github.com/minio/pkg/v2/trie"
+	"github.com/minio/pkg/v2/words"
 )
 
 // Help template for Console.
 var consoleHelpTemplate = `NAME:
-  {{.Name}} - {{.Usage}}
+ {{.Name}} - {{.Usage}}
 
 DESCRIPTION:
-  {{.Description}}
+ {{.Description}}
 
 USAGE:
-  {{.HelpName}} {{if .VisibleFlags}}[FLAGS] {{end}}COMMAND{{if .VisibleFlags}}{{end}} [ARGS...]
+ {{.HelpName}} {{if .VisibleFlags}}[FLAGS] {{end}}COMMAND{{if .VisibleFlags}}{{end}} [ARGS...]
 
 COMMANDS:
-  {{range .VisibleCommands}}{{join .Names ", "}}{{ "\t" }}{{.Usage}}
-  {{end}}{{if .VisibleFlags}}
+ {{range .VisibleCommands}}{{join .Names ", "}}{{ "\t" }}{{.Usage}}
+ {{end}}{{if .VisibleFlags}}
 FLAGS:
-  {{range .VisibleFlags}}{{.}}
-  {{end}}{{end}}
+ {{range .VisibleFlags}}{{.}}
+ {{end}}{{end}}
 VERSION:
-  {{.Version}}
+ {{.Version}}
 `
 
 func newApp(name string) *cli.App {

cmd/console/operator.go

@@ -1,229 +0,0 @@
-//go:build operator
-// +build operator
-
-// This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package main
-
-import (
-	"fmt"
-	"io/ioutil"
-	"path/filepath"
-	"strconv"
-	"syscall"
-	"time"
-
-	"github.com/minio/console/restapi"
-
-	"github.com/go-openapi/loads"
-	"github.com/jessevdk/go-flags"
-	"github.com/minio/cli"
-	"github.com/minio/console/operatorapi"
-	"github.com/minio/console/operatorapi/operations"
-	"github.com/minio/console/pkg/certs"
-)
-
-// starts the server
-var operatorCmd = cli.Command{
-	Name:    "operator",
-	Aliases: []string{"opr"},
-	Usage:   "Start MinIO Operator UI server",
-	Action:  startOperatorServer,
-	Flags: []cli.Flag{
-		cli.StringFlag{
-			Name:  "host",
-			Value: restapi.GetHostname(),
-			Usage: "bind to a specific HOST, HOST can be an IP or hostname",
-		},
-		cli.IntFlag{
-			Name:  "port",
-			Value: restapi.GetPort(),
-			Usage: "bind to specific HTTP port",
-		},
-		// This is kept here for backward compatibility,
-		// hostname's do not have HTTP or HTTPs
-		// hostnames are opaque so using --host
-		// works for both HTTP and HTTPS setup.
-		cli.StringFlag{
-			Name:   "tls-host",
-			Value:  restapi.GetHostname(),
-			Hidden: true,
-		},
-		cli.StringFlag{
-			Name:  "certs-dir",
-			Value: certs.GlobalCertsCADir.Get(),
-			Usage: "path to certs directory",
-		},
-		cli.IntFlag{
-			Name:  "tls-port",
-			Value: restapi.GetTLSPort(),
-			Usage: "bind to specific HTTPS port",
-		},
-		cli.StringFlag{
-			Name:  "tls-redirect",
-			Value: restapi.GetTLSRedirect(),
-			Usage: "toggle HTTP->HTTPS redirect",
-		},
-		cli.StringFlag{
-			Name:   "tls-certificate",
-			Value:  "",
-			Usage:  "path to TLS public certificate",
-			Hidden: true,
-		},
-		cli.StringFlag{
-			Name:   "tls-key",
-			Value:  "",
-			Usage:  "path to TLS private key",
-			Hidden: true,
-		},
-		cli.StringFlag{
-			Name:   "tls-ca",
-			Value:  "",
-			Usage:  "path to TLS Certificate Authority",
-			Hidden: true,
-		},
-	},
-}
-
-func buildOperatorServer() (*operatorapi.Server, error) {
-	swaggerSpec, err := loads.Embedded(operatorapi.SwaggerJSON, operatorapi.FlatSwaggerJSON)
-	if err != nil {
-		return nil, err
-	}
-
-	api := operations.NewOperatorAPI(swaggerSpec)
-	api.Logger = operatorapi.LogInfo
-	server := operatorapi.NewServer(api)
-
-	parser := flags.NewParser(server, flags.Default)
-	parser.ShortDescription = "MinIO Console Server"
-	parser.LongDescription = swaggerSpec.Spec().Info.Description
-
-	server.ConfigureFlags()
-
-	// register all APIs
-	server.ConfigureAPI()
-
-	for _, optsGroup := range api.CommandLineOptionsGroups {
-		_, err := parser.AddGroup(optsGroup.ShortDescription, optsGroup.LongDescription, optsGroup.Options)
-		if err != nil {
-			return nil, err
-		}
-	}
-
-	if _, err := parser.Parse(); err != nil {
-		return nil, err
-	}
-
-	return server, nil
-}
-
-func loadOperatorAllCerts(ctx *cli.Context) error {
-	var err error
-	// Set all certs and CAs directories path
-	certs.GlobalCertsDir, _, err = certs.NewConfigDirFromCtx(ctx, "certs-dir", certs.DefaultCertsDir.Get)
-	if err != nil {
-		return err
-	}
-
-	certs.GlobalCertsCADir = &certs.ConfigDir{Path: filepath.Join(certs.GlobalCertsDir.Get(), certs.CertsCADir)}
-	// check if certs and CAs directories exists or can be created
-	if err = certs.MkdirAllIgnorePerm(certs.GlobalCertsCADir.Get()); err != nil {
-		return fmt.Errorf("unable to create certs CA directory at %s: failed with %w", certs.GlobalCertsCADir.Get(), err)
-	}
-
-	// load the certificates and the CAs
-	operatorapi.GlobalRootCAs, operatorapi.GlobalPublicCerts, operatorapi.GlobalTLSCertsManager, err = certs.GetAllCertificatesAndCAs()
-	if err != nil {
-		return fmt.Errorf("unable to load certificates at %s: failed with %w", certs.GlobalCertsDir.Get(), err)
-	}
-
-	{
-		// TLS flags from swagger server, used to support VMware vsphere operator version.
-		swaggerServerCertificate := ctx.String("tls-certificate")
-		swaggerServerCertificateKey := ctx.String("tls-key")
-		swaggerServerCACertificate := ctx.String("tls-ca")
-		// load tls cert and key from swagger server tls-certificate and tls-key flags
-		if swaggerServerCertificate != "" && swaggerServerCertificateKey != "" {
-			if err = operatorapi.GlobalTLSCertsManager.AddCertificate(swaggerServerCertificate, swaggerServerCertificateKey); err != nil {
-				return err
-			}
-			x509Certs, err := certs.ParsePublicCertFile(swaggerServerCertificate)
-			if err == nil {
-				operatorapi.GlobalPublicCerts = append(operatorapi.GlobalPublicCerts, x509Certs...)
-			}
-		}
-
-		// load ca cert from swagger server tls-ca flag
-		if swaggerServerCACertificate != "" {
-			caCert, caCertErr := ioutil.ReadFile(swaggerServerCACertificate)
-			if caCertErr == nil {
-				operatorapi.GlobalRootCAs.AppendCertsFromPEM(caCert)
-			}
-		}
-	}
-
-	if restapi.GlobalTLSCertsManager != nil {
-		restapi.GlobalTLSCertsManager.ReloadOnSignal(syscall.SIGHUP)
-	}
-
-	return nil
-}
-
-// StartServer starts the console service
-func startOperatorServer(ctx *cli.Context) error {
-	if err := loadOperatorAllCerts(ctx); err != nil {
-		// Log this as a warning and continue running console without TLS certificates
-		operatorapi.LogError("Unable to load certs: %v", err)
-	}
-
-	var rctx operatorapi.Context
-	if err := rctx.Load(ctx); err != nil {
-		operatorapi.LogError("argument validation failed: %v", err)
-		return err
-	}
-
-	server, err := buildOperatorServer()
-	if err != nil {
-		operatorapi.LogError("Unable to initialize console server: %v", err)
-		return err
-	}
-
-	server.Host = rctx.Host
-	server.Port = rctx.HTTPPort
-	// set conservative timesout for uploads
-	server.ReadTimeout = 1 * time.Hour
-	// no timeouts for response for downloads
-	server.WriteTimeout = 0
-	operatorapi.Port = strconv.Itoa(server.Port)
-	operatorapi.Hostname = server.Host
-
-	if len(operatorapi.GlobalPublicCerts) > 0 {
-		// If TLS certificates are provided enforce the HTTPS schema, meaning console will redirect
-		// plain HTTP connections to HTTPS server
-		server.EnabledListeners = []string{"http", "https"}
-		server.TLSPort = rctx.HTTPSPort
-		// Need to store tls-port, tls-host un config variables so secure.middleware can read from there
-		operatorapi.TLSPort = strconv.Itoa(server.TLSPort)
-		operatorapi.Hostname = rctx.Host
-		operatorapi.TLSRedirect = rctx.TLSRedirect
-	}
-
-	defer server.Shutdown()
-
-	return server.Serve()
-}

cmd/console/server.go

@@ -18,7 +18,7 @@ package main
 
 import (
 	"fmt"
-	"io/ioutil"
+	"os"
 	"path/filepath"
 	"syscall"
 
@@ -163,7 +163,7 @@ func loadAllCerts(ctx *cli.Context) error {
 
 		// load ca cert from swagger server tls-ca flag
 		if swaggerServerCACertificate != "" {
-			caCert, caCertErr := ioutil.ReadFile(swaggerServerCACertificate)
+			caCert, caCertErr := os.ReadFile(swaggerServerCACertificate)
 			if caCertErr == nil {
 				restapi.GlobalRootCAs.AppendCertsFromPEM(caCert)
 			}

cmd/console/update.go

@@ -96,7 +96,7 @@ var updateCmd = cli.Command{
 	Action: updateInplace,
 }
 
-func updateInplace(ctx *cli.Context) error {
+func updateInplace(_ *cli.Context) error {
 	transport := getUpdateTransport(30 * time.Second)
 	rel, err := getLatestRelease(transport)
 	if err != nil {

docs/console_operator_mode.md

@@ -1,39 +0,0 @@
-# Running Console in Operator mode
-
-`Console` will authenticate against `Kubernetes`using bearer tokens via HTTP `Authorization` header. The user will provide this token once
-in the login form, Console will validate it against Kubernetes (list apis) and if valid will generate and return a new Console sessions 
-with encrypted claims (the user Service account token will be inside the session encrypted token
-
-# Kubernetes
-
-The provided `JWT token` corresponds to the `Kubernetes service account` that `Console` will use to run tasks on behalf of the
-user, ie: list, create, edit, delete tenants, storage class, etc.
-
-
-# Development
-
-If console is running inside a k8s pod `KUBERNETES_SERVICE_HOST` and `KUBERNETES_SERVICE_PORT` will contain the k8s api server apiServerAddress
-if console is not running inside k8s by default will look for the k8s api server on `localhost:8001` (kubectl proxy)
-
-If you are running console in your local environment and wish to make request to `Kubernetes` you can set `CONSOLE_K8S_API_SERVER`, if
-the environment variable is not present by default `Console` will use `"http://localhost:8001"`, additionally you will need to set the
-`CONSOLE_OPERATOR_MODE=on` variable to make Console display the Operator UI.
-
-NOTE: using `kubectl` proxy is for local development only, since every request send to localhost:8001 will bypass service account authentication
-more info here: https://kubernetes.io/docs/tasks/access-application-cluster/access-cluster/#directly-accessing-the-rest-api
-you can override this using `CONSOLE_K8S_API_SERVER`, ie use the k8s cluster from `kubectl config view`
-
-## Extract the Service account token and use it with Console
-
-For local development you can use the jwt associated to the `console-sa` service account, you can get the token running
-the following command in your terminal:
-
-```
-kubectl get secret $(kubectl get serviceaccount console-sa -o jsonpath="{.secrets[0].name}") -o jsonpath="{.data.token}" | base64 --decode
-```
-
-Then run the Console server
-
-```
-CONSOLE_OPERATOR_MODE=on ./console server
-```

go.mod

@@ -1,155 +1,159 @@
 module github.com/minio/console
 
-go 1.17
+go 1.19
 
 require (
 	github.com/blang/semver/v4 v4.0.0
-	github.com/cheggaaa/pb/v3 v3.0.6
-	github.com/dustin/go-humanize v1.0.0
-	github.com/go-openapi/errors v0.20.1
-	github.com/go-openapi/loads v0.21.0
-	github.com/go-openapi/runtime v0.21.0
-	github.com/go-openapi/spec v0.20.4
-	github.com/go-openapi/strfmt v0.21.1
-	github.com/go-openapi/swag v0.19.15
-	github.com/go-openapi/validate v0.20.3
-	github.com/golang-jwt/jwt/v4 v4.1.0
-	github.com/gorilla/websocket v1.4.2
-	github.com/jessevdk/go-flags v1.4.0
-	github.com/klauspost/compress v1.13.6
-	github.com/minio/cli v1.22.0
-	github.com/minio/direct-csi v1.3.5-0.20210601185811-f7776f7961bf
-	github.com/minio/kes v0.11.0
-	github.com/minio/madmin-go v1.1.23
-	github.com/minio/mc v0.0.0-20211207230606-23a05f5a17f2
-	github.com/minio/minio-go/v7 v7.0.21
-	github.com/minio/operator v0.0.0-20220110040724-a5d59a342b7f
-	github.com/minio/pkg v1.1.14
-	github.com/minio/selfupdate v0.4.0
+	github.com/cheggaaa/pb/v3 v3.1.4
+	github.com/dustin/go-humanize v1.0.1
+	github.com/fatih/color v1.15.0
+	github.com/go-openapi/errors v0.20.4
+	github.com/go-openapi/loads v0.21.2
+	github.com/go-openapi/runtime v0.26.0
+	github.com/go-openapi/spec v0.20.9
+	github.com/go-openapi/strfmt v0.21.7
+	github.com/go-openapi/swag v0.22.4
+	github.com/go-openapi/validate v0.22.1
+	github.com/golang-jwt/jwt/v4 v4.5.0
+	github.com/google/uuid v1.3.1
+	github.com/jessevdk/go-flags v1.5.0
+	github.com/klauspost/compress v1.16.7
+	github.com/minio/cli v1.24.2
+	github.com/minio/highwayhash v1.0.2
+	github.com/minio/kes v0.22.3
+	github.com/minio/madmin-go/v3 v3.0.29
+	github.com/minio/mc v0.0.0-20231030184332-9f2fb2b6a9f8
+	github.com/minio/minio-go/v7 v7.0.64-0.20230920204636-e783c9ba11b3
+	github.com/minio/selfupdate v0.6.0
+	github.com/minio/websocket v1.6.0
 	github.com/mitchellh/go-homedir v1.1.0
-	github.com/rs/xid v1.3.0
+	github.com/rs/xid v1.5.0
 	github.com/secure-io/sio-go v0.3.1
-	github.com/stretchr/testify v1.7.0
-	github.com/tidwall/gjson v1.10.2
-	github.com/unrolled/secure v1.0.9
-	golang.org/x/crypto v0.0.0-20211209193657-4570a0811e8b
-	golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2
-	golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c
-	gopkg.in/yaml.v2 v2.4.0
-	k8s.io/api v0.21.1
-	k8s.io/apimachinery v0.21.1
-	k8s.io/client-go v0.21.1
+	github.com/stretchr/testify v1.8.4
+	github.com/tidwall/gjson v1.16.0
+	github.com/unrolled/secure v1.13.0
+	golang.org/x/crypto v0.16.0
+	golang.org/x/net v0.17.0
+	golang.org/x/oauth2 v0.12.0
+	// Added to include security fix for
+	// https://github.com/golang/go/issues/56152
+	golang.org/x/text v0.14.0 // indirect
+	gopkg.in/yaml.v2 v2.4.0 // indirect
 )
 
 require (
-	github.com/PuerkitoBio/purell v1.1.1 // indirect
-	github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
-	github.com/StackExchange/wmi v1.2.1 // indirect
-	github.com/VividCortex/ewma v1.1.1 // indirect
-	github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef // indirect
-	github.com/beorn7/perks v1.0.1 // indirect
-	github.com/briandowns/spinner v1.16.0 // indirect
-	github.com/cespare/xxhash/v2 v2.1.2 // indirect
-	github.com/cheggaaa/pb v1.0.29 // indirect
-	github.com/coreos/go-semver v0.3.0 // indirect
-	github.com/coreos/go-systemd/v22 v22.3.2 // indirect
-	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.0 // indirect
-	github.com/docker/go-units v0.4.0 // indirect
-	github.com/emicklei/go-restful v2.9.5+incompatible // indirect
-	github.com/evanphx/json-patch v4.9.0+incompatible // indirect
-	github.com/fatih/color v1.13.0 // indirect
-	github.com/fatih/structs v1.1.0 // indirect
-	github.com/go-logr/logr v0.4.0 // indirect
-	github.com/go-ole/go-ole v1.2.6 // indirect
-	github.com/go-openapi/analysis v0.20.1 // indirect
-	github.com/go-openapi/jsonpointer v0.19.5 // indirect
-	github.com/go-openapi/jsonreference v0.19.6 // indirect
-	github.com/go-stack/stack v1.8.0 // indirect
-	github.com/goccy/go-json v0.7.9 // indirect
-	github.com/gogo/protobuf v1.3.2 // indirect
-	github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
-	github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b // indirect
-	github.com/golang/protobuf v1.5.2 // indirect
-	github.com/google/go-cmp v0.5.5 // indirect
-	github.com/google/gofuzz v1.1.0 // indirect
-	github.com/google/uuid v1.3.0 // indirect
-	github.com/googleapis/gnostic v0.5.1 // indirect
-	github.com/hashicorp/errwrap v1.1.0 // indirect
-	github.com/hashicorp/go-multierror v1.1.1 // indirect
-	github.com/hashicorp/golang-lru v0.5.4 // indirect
-	github.com/inconshreveable/mousetrap v1.0.0 // indirect
-	github.com/josharian/intern v1.0.0 // indirect
-	github.com/json-iterator/go v1.1.12 // indirect
-	github.com/klauspost/cpuid/v2 v2.0.9 // indirect
-	github.com/lestrrat-go/backoff/v2 v2.0.8 // indirect
-	github.com/lestrrat-go/blackmagic v1.0.0 // indirect
-	github.com/lestrrat-go/httpcc v1.0.0 // indirect
-	github.com/lestrrat-go/iter v1.0.1 // indirect
-	github.com/lestrrat-go/jwx v1.2.7 // indirect
-	github.com/lestrrat-go/option v1.0.0 // indirect
-	github.com/mailru/easyjson v0.7.6 // indirect
-	github.com/mattn/go-colorable v0.1.10 // indirect
-	github.com/mattn/go-ieproxy v0.0.1 // indirect
-	github.com/mattn/go-isatty v0.0.14 // indirect
-	github.com/mattn/go-runewidth v0.0.13 // indirect
-	github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect
-	github.com/mb0/glob v0.0.0-20160210091149-1eb79d2de6c4 // indirect
-	github.com/minio/argon2 v1.0.0 // indirect
-	github.com/minio/colorjson v1.0.1 // indirect
-	github.com/minio/filepath v1.0.0 // indirect
-	github.com/minio/md5-simd v1.1.2 // indirect
-	github.com/minio/sha256-simd v1.0.0 // indirect
-	github.com/mitchellh/mapstructure v1.4.1 // indirect
-	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
-	github.com/modern-go/reflect2 v1.0.2 // indirect
-	github.com/nxadm/tail v1.4.8 // indirect
-	github.com/oklog/ulid v1.3.1 // indirect
-	github.com/philhofer/fwd v1.1.1 // indirect
-	github.com/pkg/errors v0.9.1 // indirect
-	github.com/pkg/profile v1.6.0 // indirect
-	github.com/pkg/xattr v0.4.3 // indirect
-	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
-	github.com/posener/complete v1.2.3 // indirect
-	github.com/prometheus/client_golang v1.11.0 // indirect
-	github.com/prometheus/client_model v0.2.0 // indirect
-	github.com/prometheus/common v0.31.1 // indirect
-	github.com/prometheus/procfs v0.7.3 // indirect
-	github.com/rivo/uniseg v0.2.0 // indirect
-	github.com/rjeczalik/notify v0.9.2 // indirect
-	github.com/shirou/gopsutil/v3 v3.21.8 // indirect
-	github.com/sirupsen/logrus v1.8.1 // indirect
-	github.com/tidwall/match v1.1.1 // indirect
-	github.com/tidwall/pretty v1.2.0 // indirect
-	github.com/tinylib/msgp v1.1.6 // indirect
-	github.com/tklauser/go-sysconf v0.3.9 // indirect
-	github.com/tklauser/numcpus v0.3.0 // indirect
-	go.etcd.io/etcd/api/v3 v3.5.0 // indirect
-	go.etcd.io/etcd/client/pkg/v3 v3.5.0 // indirect
-	go.etcd.io/etcd/client/v3 v3.5.0 // indirect
-	go.mongodb.org/mongo-driver v1.7.5 // indirect
-	go.uber.org/atomic v1.9.0 // indirect
-	go.uber.org/multierr v1.7.0 // indirect
-	go.uber.org/zap v1.19.1 // indirect
-	golang.org/x/sys v0.0.0-20211015200801-69063c4bb744 // indirect
-	golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect
-	golang.org/x/text v0.3.7 // indirect
-	golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba // indirect
-	google.golang.org/appengine v1.6.6 // indirect
-	google.golang.org/genproto v0.0.0-20210928142010-c7af6a1a74c9 // indirect
-	google.golang.org/grpc v1.41.0 // indirect
-	google.golang.org/protobuf v1.27.1 // indirect
-	gopkg.in/h2non/filetype.v1 v1.0.5 // indirect
-	gopkg.in/inf.v0 v0.9.1 // indirect
-	gopkg.in/ini.v1 v1.63.2 // indirect
-	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
-	k8s.io/klog/v2 v2.8.0 // indirect
-	k8s.io/kube-openapi v0.0.0-20210305001622-591a79e4bda7 // indirect
-	k8s.io/utils v0.0.0-20201110183641-67b214c5f920 // indirect
-	maze.io/x/duration v0.0.0-20160924141736-faac084b6075 // indirect
-	sigs.k8s.io/controller-runtime v0.8.0 // indirect
-	sigs.k8s.io/structured-merge-diff/v4 v4.1.0 // indirect
-	sigs.k8s.io/yaml v1.2.0 // indirect
+	github.com/mattn/go-ieproxy v0.0.11
+	github.com/minio/pkg/v2 v2.0.2
 )
 
-replace google.golang.org/grpc => google.golang.org/grpc v1.29.1
+require (
+	aead.dev/mem v0.2.0 // indirect
+	aead.dev/minisign v0.2.0 // indirect
+	github.com/VividCortex/ewma v1.2.0 // indirect
+	github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d // indirect
+	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
+	github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect
+	github.com/beorn7/perks v1.0.1 // indirect
+	github.com/cespare/xxhash/v2 v2.2.0 // indirect
+	github.com/charmbracelet/bubbles v0.16.1 // indirect
+	github.com/charmbracelet/bubbletea v0.24.2 // indirect
+	github.com/charmbracelet/lipgloss v0.8.0 // indirect
+	github.com/cheggaaa/pb v1.0.29 // indirect
+	github.com/containerd/console v1.0.4-0.20230313162750-1ae8d489ac81 // indirect
+	github.com/coreos/go-semver v0.3.1 // indirect
+	github.com/coreos/go-systemd/v22 v22.5.0 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 // indirect
+	github.com/docker/go-units v0.5.0 // indirect
+	github.com/fatih/structs v1.1.0 // indirect
+	github.com/gdamore/encoding v1.0.0 // indirect
+	github.com/gdamore/tcell/v2 v2.6.0 // indirect
+	github.com/go-ole/go-ole v1.3.0 // indirect
+	github.com/go-openapi/analysis v0.21.4 // indirect
+	github.com/go-openapi/jsonpointer v0.20.0 // indirect
+	github.com/go-openapi/jsonreference v0.20.2 // indirect
+	github.com/goccy/go-json v0.10.2 // indirect
+	github.com/gogo/protobuf v1.3.2 // indirect
+	github.com/golang/protobuf v1.5.3 // indirect
+	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
+	github.com/hashicorp/errwrap v1.1.0 // indirect
+	github.com/hashicorp/go-multierror v1.1.1 // indirect
+	github.com/inconshreveable/mousetrap v1.1.0 // indirect
+	github.com/jedib0t/go-pretty/v6 v6.4.7 // indirect
+	github.com/josharian/intern v1.0.0 // indirect
+	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/juju/ratelimit v1.0.2 // indirect
+	github.com/klauspost/cpuid/v2 v2.2.5 // indirect
+	github.com/lestrrat-go/backoff/v2 v2.0.8 // indirect
+	github.com/lestrrat-go/blackmagic v1.0.2 // indirect
+	github.com/lestrrat-go/httpcc v1.0.1 // indirect
+	github.com/lestrrat-go/iter v1.0.2 // indirect
+	github.com/lestrrat-go/jwx v1.2.27 // indirect
+	github.com/lestrrat-go/option v1.0.1 // indirect
+	github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
+	github.com/lufia/plan9stats v0.0.0-20230326075908-cb1d2100619a // indirect
+	github.com/mailru/easyjson v0.7.7 // indirect
+	github.com/mattn/go-colorable v0.1.13 // indirect
+	github.com/mattn/go-isatty v0.0.19 // indirect
+	github.com/mattn/go-localereader v0.0.1 // indirect
+	github.com/mattn/go-runewidth v0.0.15 // indirect
+	github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
+	github.com/minio/colorjson v1.0.6 // indirect
+	github.com/minio/filepath v1.0.0 // indirect
+	github.com/minio/md5-simd v1.1.2 // indirect
+	github.com/minio/sha256-simd v1.0.1 // indirect
+	github.com/mitchellh/mapstructure v1.5.0 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
+	github.com/montanaflynn/stats v0.7.1 // indirect
+	github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6 // indirect
+	github.com/muesli/cancelreader v0.2.2 // indirect
+	github.com/muesli/reflow v0.3.0 // indirect
+	github.com/muesli/termenv v0.15.2 // indirect
+	github.com/navidys/tvxwidgets v0.3.0 // indirect
+	github.com/oklog/ulid v1.3.1 // indirect
+	github.com/olekukonko/tablewriter v0.0.5 // indirect
+	github.com/philhofer/fwd v1.1.2 // indirect
+	github.com/pkg/errors v0.9.1 // indirect
+	github.com/pkg/xattr v0.4.9 // indirect
+	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
+	github.com/posener/complete v1.2.3 // indirect
+	github.com/power-devops/perfstat v0.0.0-20221212215047-62379fc7944b // indirect
+	github.com/prometheus/client_golang v1.16.0 // indirect
+	github.com/prometheus/client_model v0.4.0 // indirect
+	github.com/prometheus/common v0.44.0 // indirect
+	github.com/prometheus/procfs v0.11.1 // indirect
+	github.com/prometheus/prom2json v1.3.3 // indirect
+	github.com/rivo/tview v0.0.0-20230909130259-ba6a2a345459 // indirect
+	github.com/rivo/uniseg v0.4.4 // indirect
+	github.com/rjeczalik/notify v0.9.3 // indirect
+	github.com/safchain/ethtool v0.3.0 // indirect
+	github.com/shirou/gopsutil/v3 v3.23.8 // indirect
+	github.com/shoenig/go-m1cpu v0.1.6 // indirect
+	github.com/sirupsen/logrus v1.9.3 // indirect
+	github.com/tidwall/match v1.1.1 // indirect
+	github.com/tidwall/pretty v1.2.1 // indirect
+	github.com/tinylib/msgp v1.1.8 // indirect
+	github.com/tklauser/go-sysconf v0.3.12 // indirect
+	github.com/tklauser/numcpus v0.6.1 // indirect
+	github.com/vbauerster/mpb/v8 v8.6.2 // indirect
+	github.com/yusufpapurcu/wmi v1.2.3 // indirect
+	go.etcd.io/etcd/api/v3 v3.5.9 // indirect
+	go.etcd.io/etcd/client/pkg/v3 v3.5.9 // indirect
+	go.etcd.io/etcd/client/v3 v3.5.9 // indirect
+	go.mongodb.org/mongo-driver v1.12.1 // indirect
+	go.uber.org/multierr v1.11.0 // indirect
+	go.uber.org/zap v1.25.0 // indirect
+	golang.org/x/sync v0.3.0 // indirect
+	golang.org/x/sys v0.15.0 // indirect
+	golang.org/x/term v0.15.0 // indirect
+	google.golang.org/appengine v1.6.8 // indirect
+	google.golang.org/genproto v0.0.0-20230913181813-007df8e322eb // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20230913181813-007df8e322eb // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20230913181813-007df8e322eb // indirect
+	google.golang.org/grpc v1.58.3 // indirect
+	google.golang.org/protobuf v1.31.0 // indirect
+	gopkg.in/h2non/filetype.v1 v1.0.5 // indirect
+	gopkg.in/ini.v1 v1.67.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+)

integration/access_rules_test.go

@@ -0,0 +1,216 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package integration
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"log"
+	"net/http"
+	"testing"
+	"time"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func Test_AddAccessRuleAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	AddBucket("testaccessruleadd", false, nil, nil, nil)
+
+	type args struct {
+		bucket string
+		prefix string
+		access string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "Create Access Rule - Valid",
+			args: args{
+				bucket: "testaccessruleadd",
+				prefix: "/test/",
+				access: "readonly",
+			},
+			expectedStatus: 200,
+			expectedError:  nil,
+		},
+		{
+			name: "Add Access Rule - Invalid",
+			args: args{
+				bucket: "testaccessruleadd",
+				prefix: "/test/",
+				access: "readonl",
+			},
+			expectedStatus: 500,
+			expectedError:  nil,
+		},
+		{
+			name: "Add Access Rule - Invalid Bucket",
+			args: args{
+				bucket: "fakebucket",
+				prefix: "/test/",
+				access: "readonl",
+			},
+			expectedStatus: 404,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			requestDataPolicy := map[string]interface{}{}
+			requestDataPolicy["prefix"] = tt.args.prefix
+			requestDataPolicy["access"] = tt.args.access
+
+			requestDataJSON, _ := json.Marshal(requestDataPolicy)
+			requestDataBody := bytes.NewReader(requestDataJSON)
+			request, err := http.NewRequest(
+				"PUT", fmt.Sprintf("http://localhost:9090/api/v1/bucket/%s/access-rules", tt.args.bucket), requestDataBody)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
+			}
+		})
+	}
+}
+
+func Test_GetAccessRulesAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	AddBucket("testaccessruleget", false, nil, nil, nil)
+
+	type args struct {
+		bucket string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "Get Access Rule - Valid",
+			args: args{
+				bucket: "testaccessruleget",
+			},
+			expectedStatus: 200,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			request, err := http.NewRequest(
+				"GET", fmt.Sprintf("http://localhost:9090/api/v1/bucket/%s/access-rules", tt.args.bucket), nil)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
+			}
+		})
+	}
+}
+
+func Test_DeleteAccessRuleAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	AddBucket("testaccessruledelete", false, nil, nil, nil)
+
+	type args struct {
+		prefix string
+		access string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "Delete Access Rule - Valid",
+			args: args{
+				prefix: "/test/",
+			},
+			expectedStatus: 200,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			requestDataPolicy := map[string]interface{}{}
+			requestDataPolicy["prefix"] = tt.args.prefix
+			requestDataPolicy["access"] = tt.args.access
+
+			requestDataJSON, _ := json.Marshal(requestDataPolicy)
+			requestDataBody := bytes.NewReader(requestDataJSON)
+			request, err := http.NewRequest(
+				"DELETE", "http://localhost:9090/api/v1/bucket/testaccessruledelete/access-rules", requestDataBody)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
+			}
+		})
+	}
+}

integration/admin_api_integration_test.go

@@ -0,0 +1,407 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+// These tests are for AdminAPI Tag based on swagger-console.yml
+
+package integration
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io"
+	"log"
+	"mime/multipart"
+	"net/http"
+	"os"
+	"path"
+	"testing"
+	"time"
+
+	"github.com/minio/console/models"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func RestartService() (*http.Response, error) {
+	/*
+		Helper function to restart service
+		HTTP Verb: POST
+		URL: /api/v1/service/restart
+	*/
+	request, err := http.NewRequest(
+		"POST",
+		"http://localhost:9090/api/v1/service/restart",
+		nil,
+	)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2000 * time.Second, // increased timeout since restart takes time, more than other APIs.
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func GetNodes() (*http.Response, error) {
+	/*
+		Helper function to get nodes
+		HTTP Verb: GET
+		URL: /api/v1/nodes
+	*/
+	request, err := http.NewRequest(
+		"GET",
+		"http://localhost:9090/api/v1/nodes",
+		nil,
+	)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2000 * time.Second, // increased timeout since restart takes time, more than other APIs.
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func NotifyPostgres() (*http.Response, error) {
+	/*
+		Helper function to add Postgres Notification
+		HTTP Verb: PUT
+		URL: api/v1/configs/notify_postgres
+		Body:
+		{
+			"key_values":[
+				{
+					"key":"connection_string",
+					"value":"user=postgres password=password host=localhost dbname=postgres port=5432 sslmode=disable"
+				},
+				{
+					"key":"table",
+					"value":"accountsssss"
+				},
+				{
+					"key":"format",
+					"value":"namespace"
+				},
+				{
+					"key":"queue_limit",
+					"value":"10000"
+				},
+				{
+					"key":"comment",
+					"value":"comment"
+				}
+			]
+		}
+	*/
+	Body := models.SetConfigRequest{
+		KeyValues: []*models.ConfigurationKV{
+			{
+				Key:   "connection_string",
+				Value: "user=postgres password=password host=173.18.0.4 dbname=postgres port=5432 sslmode=disable",
+			},
+			{
+				Key:   "table",
+				Value: "accountsssss",
+			},
+			{
+				Key:   "format",
+				Value: "namespace",
+			},
+			{
+				Key:   "queue_limit",
+				Value: "10000",
+			},
+			{
+				Key:   "comment",
+				Value: "comment",
+			},
+		},
+	}
+
+	requestDataJSON, _ := json.Marshal(Body)
+	requestDataBody := bytes.NewReader(requestDataJSON)
+	request, err := http.NewRequest(
+		"PUT",
+		"http://localhost:9090/api/v1/configs/notify_postgres",
+		requestDataBody,
+	)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func TestNotifyPostgres(t *testing.T) {
+	// Variables
+	asserter := assert.New(t)
+
+	// Test
+	response, err := NotifyPostgres()
+	finalResponse := inspectHTTPResponse(response)
+	asserter.Nil(err)
+	if err != nil {
+		log.Println(err)
+		asserter.Fail(finalResponse)
+		return
+	}
+	if response != nil {
+		asserter.Equal(200, response.StatusCode, finalResponse)
+	}
+}
+
+func TestRestartService(t *testing.T) {
+	asserter := assert.New(t)
+	restartResponse, restartError := RestartService()
+	asserter.Nil(restartError)
+	if restartError != nil {
+		log.Println(restartError)
+		return
+	}
+	addObjRsp := inspectHTTPResponse(restartResponse)
+	if restartResponse != nil {
+		asserter.Equal(
+			204,
+			restartResponse.StatusCode,
+			addObjRsp,
+		)
+	}
+}
+
+func ListPoliciesWithBucket(bucketName string) (*http.Response, error) {
+	/*
+		Helper function to List Policies With Given Bucket
+		HTTP Verb: GET
+		URL: /bucket-policy/{bucket}
+	*/
+	request, err := http.NewRequest(
+		"GET", "http://localhost:9090/api/v1/bucket-policy/"+bucketName, nil)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func TestListPoliciesWithBucket(t *testing.T) {
+	// Test Variables
+	bucketName := "testlistpolicieswithbucket"
+	asserter := assert.New(t)
+
+	// Test
+	response, err := ListPoliciesWithBucket(bucketName)
+	asserter.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	parsedResponse := inspectHTTPResponse(response)
+	if response != nil {
+		asserter.Equal(
+			200,
+			response.StatusCode,
+			parsedResponse,
+		)
+	}
+}
+
+func ListUsersWithAccessToBucket(bucketName string) (*http.Response, error) {
+	/*
+		Helper function to List Users With Access to a Given Bucket
+		HTTP Verb: GET
+		URL: /bucket-users/{bucket}
+	*/
+	request, err := http.NewRequest(
+		"GET", "http://localhost:9090/api/v1/bucket-users/"+bucketName, nil)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func TestListUsersWithAccessToBucket(t *testing.T) {
+	// Test Variables
+	bucketName := "testlistuserswithaccesstobucket1"
+	asserter := assert.New(t)
+
+	// Test
+	response, err := ListUsersWithAccessToBucket(bucketName)
+	asserter.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	parsedResponse := inspectHTTPResponse(response)
+	if response != nil {
+		asserter.Equal(
+			200,
+			response.StatusCode,
+			parsedResponse,
+		)
+	}
+}
+
+func TestGetNodes(t *testing.T) {
+	asserter := assert.New(t)
+	getNodesResponse, getNodesError := GetNodes()
+	asserter.Nil(getNodesError)
+	if getNodesError != nil {
+		log.Println(getNodesError)
+		return
+	}
+	addObjRsp := inspectHTTPResponse(getNodesResponse)
+	if getNodesResponse != nil {
+		asserter.Equal(
+			200,
+			getNodesResponse.StatusCode,
+			addObjRsp,
+		)
+	}
+}
+
+func ArnList() (*http.Response, error) {
+	/*
+		Helper function to get arn list
+		HTTP Verb: GET
+		URL: /api/v1/admin/arns
+	*/
+	request, err := http.NewRequest(
+		"GET", "http://localhost:9090/api/v1/admin/arns", nil)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func TestArnList(t *testing.T) {
+	asserter := assert.New(t)
+	resp, err := ArnList()
+	asserter.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	objRsp := inspectHTTPResponse(resp)
+	if resp != nil {
+		asserter.Equal(
+			200,
+			resp.StatusCode,
+			objRsp,
+		)
+	}
+}
+
+func ExportConfig() (*http.Response, error) {
+	request, err := http.NewRequest(
+		"GET", "http://localhost:9090/api/v1/configs/export", nil)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func ImportConfig() (*http.Response, error) {
+	body := &bytes.Buffer{}
+	writer := multipart.NewWriter(body)
+	formFile, _ := writer.CreateFormFile("file", "sample-import-config.txt")
+	fileDir, _ := os.Getwd()
+	fileName := "sample-import-config.txt"
+	filePath := path.Join(fileDir, fileName)
+	file, _ := os.Open(filePath)
+	io.Copy(formFile, file)
+	writer.Close()
+	request, err := http.NewRequest(
+		"POST", "http://localhost:9090/api/v1/configs/import",
+		bytes.NewReader(body.Bytes()),
+	)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Set("Content-Type", writer.FormDataContentType())
+
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+
+	rsp, _ := client.Do(request)
+	if rsp.StatusCode != http.StatusOK {
+		log.Printf("Request failed with response code: %d", rsp.StatusCode)
+	}
+	return rsp, err
+}
+
+func TestExportConfig(t *testing.T) {
+	asserter := assert.New(t)
+	resp, err := ExportConfig()
+	asserter.Nil(err)
+	objRsp := inspectHTTPResponse(resp)
+	if resp != nil {
+		asserter.Equal(
+			200,
+			resp.StatusCode,
+			objRsp,
+		)
+	}
+}
+
+func TestImportConfig(t *testing.T) {
+	asserter := assert.New(t)
+	resp, err := ImportConfig()
+	asserter.Nil(err)
+	objRsp := inspectHTTPResponse(resp)
+	if resp != nil {
+		asserter.Equal(
+			200,
+			resp.StatusCode,
+			objRsp,
+		)
+	}
+}

integration/buckets_test.go

@@ -18,29 +18,32 @@ package integration
 
 import (
 	"bytes"
+	b64 "encoding/base64"
 	"encoding/json"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"log"
 	"net/http"
 	"os"
 	"strconv"
-	"strings"
 	"testing"
 	"time"
 
 	"github.com/go-openapi/loads"
 	"github.com/minio/console/restapi"
 	"github.com/minio/console/restapi/operations"
-
-	"github.com/minio/console/models"
-
-	"github.com/stretchr/testify/assert"
 )
 
 var token string
 
+func encodeBase64(fileName string) string {
+	/*
+		Helper function to encode in base64 the file name so we can get the path
+	*/
+	path := b64.StdEncoding.EncodeToString([]byte(fileName))
+	return path
+}
+
 func inspectHTTPResponse(httpResponse *http.Response) string {
 	/*
 		Helper function to inspect the content of a HTTP response.
@@ -52,16 +55,8 @@ func inspectHTTPResponse(httpResponse *http.Response) string {
 	return "Http Response: " + string(b)
 }
 
-func printMessage(message string) {
-	/*
-		Helper function to print HTTP response.
-	*/
-	fmt.Println(message)
-}
-
 func initConsoleServer() (*restapi.Server, error) {
-
-	//os.Setenv("CONSOLE_MINIO_SERVER", "localhost:9000")
+	// os.Setenv("CONSOLE_MINIO_SERVER", "localhost:9000")
 
 	swaggerSpec, err := loads.Embedded(restapi.SwaggerJSON, restapi.FlatSwaggerJSON)
 	if err != nil {
@@ -83,7 +78,7 @@ func initConsoleServer() (*restapi.Server, error) {
 	// register all APIs
 	server.ConfigureAPI()
 
-	//restapi.GlobalRootCAs, restapi.GlobalPublicCerts, restapi.GlobalTLSCertsManager = globalRootCAs, globalPublicCerts, globalTLSCerts
+	// restapi.GlobalRootCAs, restapi.GlobalPublicCerts, restapi.GlobalTLSCertsManager = globalRootCAs, globalPublicCerts, globalTLSCerts
 
 	consolePort, _ := strconv.Atoi("9090")
 
@@ -96,7 +91,6 @@ func initConsoleServer() (*restapi.Server, error) {
 }
 
 func TestMain(m *testing.M) {
-
 	// start console server
 	go func() {
 		fmt.Println("start server")
@@ -107,7 +101,6 @@ func TestMain(m *testing.M) {
 			return
 		}
 		srv.Serve()
-
 	}()
 
 	fmt.Println("sleeping")
@@ -136,7 +129,6 @@ func TestMain(m *testing.M) {
 	request.Header.Add("Content-Type", "application/json")
 
 	response, err := client.Do(request)
-
 	if err != nil {
 		log.Println(err)
 		return
@@ -166,7 +158,7 @@ func TestMain(m *testing.M) {
 
 	requestDataBody = bytes.NewReader(requestDataJSON)
 
-	// get list of buckets
+	// delete bucket
 	request, err = http.NewRequest("DELETE", "http://localhost:9090/api/v1/buckets/test1", requestDataBody)
 	if err != nil {
 		log.Println(err)
@@ -188,689 +180,3 @@ func TestMain(m *testing.M) {
 
 	os.Exit(code)
 }
-
-func AddBucket(name string, locking bool, versioning bool, quota map[string]interface{}, retention map[string]interface{}) (*http.Response, error) {
-	/*
-	   This is an atomic function that we can re-use to create a bucket on any
-	   desired test.
-	*/
-	// Needed Parameters for API Call
-	requestDataAdd := map[string]interface{}{
-		"name":       name,
-		"locking":    locking,
-		"versioning": versioning,
-		"quota":      quota,
-		"retention":  retention,
-	}
-
-	// Creating the Call by adding the URL and Headers
-	requestDataJSON, _ := json.Marshal(requestDataAdd)
-	requestDataBody := bytes.NewReader(requestDataJSON)
-	request, err := http.NewRequest("POST", "http://localhost:9090/api/v1/buckets", requestDataBody)
-	if err != nil {
-		log.Println(err)
-	}
-	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
-	request.Header.Add("Content-Type", "application/json")
-
-	// Performing the call
-	client := &http.Client{
-		Timeout: 2 * time.Second,
-	}
-	response, err := client.Do(request)
-	return response, err
-}
-
-func ListBuckets() (*http.Response, error) {
-	/*
-		Helper function to list buckets
-		HTTP Verb: GET
-		{{baseUrl}}/buckets?sort_by=proident velit&offset=-5480083&limit=-5480083
-	*/
-	request, err := http.NewRequest(
-		"GET", "http://localhost:9090/api/v1/buckets", nil)
-	if err != nil {
-		log.Println(err)
-	}
-	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
-	request.Header.Add("Content-Type", "application/json")
-	client := &http.Client{
-		Timeout: 2 * time.Second,
-	}
-	response, err := client.Do(request)
-	return response, err
-}
-
-func BucketInfo(name string) (*http.Response, error) {
-	/*
-		Helper function to test Bucket Info End Point
-		GET: {{baseUrl}}/buckets/:name
-	*/
-	bucketInformationRequest, bucketInformationError := http.NewRequest(
-		"GET", "http://localhost:9090/api/v1/buckets/"+name, nil)
-	if bucketInformationError != nil {
-		log.Println(bucketInformationError)
-	}
-	bucketInformationRequest.Header.Add("Cookie",
-		fmt.Sprintf("token=%s", token))
-	bucketInformationRequest.Header.Add("Content-Type", "application/json")
-	client := &http.Client{
-		Timeout: 2 * time.Second,
-	}
-	response, err := client.Do(bucketInformationRequest)
-	return response, err
-}
-
-func PutBucketsTags(bucketName string, tags map[string]string) (*http.Response, error) {
-	/*
-		Helper function to put bucket's tags.
-		PUT: {{baseUrl}}/buckets/:bucket_name/tags
-		{
-			"tags": {}
-		}
-	*/
-	requestDataAdd := map[string]interface{}{
-		"tags": tags,
-	}
-	requestDataJSON, _ := json.Marshal(requestDataAdd)
-	requestDataBody := bytes.NewReader(requestDataJSON)
-	request, err := http.NewRequest("PUT",
-		"http://localhost:9090/api/v1/buckets/"+bucketName+"/tags",
-		requestDataBody)
-	if err != nil {
-		log.Println(err)
-	}
-	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
-	request.Header.Add("Content-Type", "application/json")
-	client := &http.Client{
-		Timeout: 2 * time.Second,
-	}
-	response, err := client.Do(request)
-	return response, err
-}
-
-func SetBucketRetention(bucketName string, mode string, unit string, validity int) (*http.Response, error) {
-	/*
-		Helper function to set bucket's retention
-		PUT: {{baseUrl}}/buckets/:bucket_name/retention
-		{
-			"mode":"compliance",
-			"unit":"years",
-			"validity":2
-		}
-	*/
-	requestDataAdd := map[string]interface{}{
-		"mode":     mode,
-		"unit":     unit,
-		"validity": validity,
-	}
-	requestDataJSON, _ := json.Marshal(requestDataAdd)
-	requestDataBody := bytes.NewReader(requestDataJSON)
-	request, err := http.NewRequest("PUT",
-		"http://localhost:9090/api/v1/buckets/"+bucketName+"/retention",
-		requestDataBody)
-	if err != nil {
-		log.Println(err)
-	}
-	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
-	request.Header.Add("Content-Type", "application/json")
-	client := &http.Client{
-		Timeout: 2 * time.Second,
-	}
-	response, err := client.Do(request)
-	return response, err
-}
-
-func GetBucketRetention(bucketName string) (*http.Response, error) {
-	/*
-		Helper function to get the bucket's retention
-	*/
-	request, err := http.NewRequest("GET",
-		"http://localhost:9090/api/v1/buckets/"+bucketName+"/retention",
-		nil)
-	if err != nil {
-		log.Println(err)
-	}
-	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
-	request.Header.Add("Content-Type", "application/json")
-	client := &http.Client{
-		Timeout: 2 * time.Second,
-	}
-	response, err := client.Do(request)
-	return response, err
-}
-
-func TestAddBucket(t *testing.T) {
-	assert := assert.New(t)
-
-	response, err := AddBucket("test1", false, false, nil, nil)
-	assert.Nil(err)
-	if err != nil {
-		log.Println(err)
-		return
-	}
-
-	if response != nil {
-		assert.Equal(201, response.StatusCode, "Status Code is incorrect")
-	}
-}
-
-func TestAddBucketLocking(t *testing.T) {
-	/*
-		This function is to test that locking can't be activated if versioning
-		is not enabled.
-		Then, locking will be activated because versioning is activated as well.
-	*/
-	assert := assert.New(t)
-
-	/*
-		This is invalid, versioning has to be true for locking to be true, but
-		test will see and make sure this is not allowed and that we get proper
-		error for this scenario.
-	*/
-	response, err := AddBucket("test1", true, false, nil, nil)
-	assert.Nil(err)
-	if err != nil {
-		log.Println(err)
-		return
-	}
-
-	if response != nil {
-		assert.Equal(400, response.StatusCode, "400 is expected for this test")
-	}
-
-	msg := "TestAddBucketLocking(): Valid scenario versioning true locking true"
-	fmt.Println(msg)
-
-	/*
-		This is valid, versioning is true, then locking can be true as well.
-	*/
-	response, err = AddBucket("thujun", true, true, nil, nil)
-	assert.Nil(err)
-	if err != nil {
-		log.Println(err)
-		return
-	}
-
-	// Verification part, bucket should be created with versioning enabled and
-	// locking enabled, we expect 201 when created.
-	if response != nil {
-		assert.Equal(201, response.StatusCode, "201 is expected for this test")
-	}
-
-	defer response.Body.Close()
-
-	/*
-		To convert an HTTP response body to a string in Go, so you can read the
-		error from the API in case the bucket is invalid for some reason
-	*/
-	b, err := io.ReadAll(response.Body)
-	if err != nil {
-		log.Fatalln(err)
-	}
-	fmt.Println(string(b))
-
-}
-
-func TestGetBucket(t *testing.T) {
-	assert := assert.New(t)
-
-	client := &http.Client{
-		Timeout: 2 * time.Second,
-	}
-
-	response, err := AddBucket("test3", false, false, nil, nil)
-	assert.Nil(err)
-	if err != nil {
-		log.Println(err)
-		return
-	}
-
-	// get bucket
-	request, err := http.NewRequest("GET", "http://localhost:9090/api/v1/buckets/test3", nil)
-	if err != nil {
-		log.Println(err)
-		return
-	}
-
-	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
-	request.Header.Add("Content-Type", "application/json")
-
-	response, err = client.Do(request)
-	assert.Nil(err)
-	if err != nil {
-		log.Println(err)
-		return
-	}
-
-	if response != nil {
-		assert.Equal(200, response.StatusCode, "Status Code is incorrect")
-	}
-}
-
-func TestSetBucketTags(t *testing.T) {
-	assert := assert.New(t)
-
-	client := &http.Client{
-		Timeout: 2 * time.Second,
-	}
-
-	// put bucket
-	response, err := AddBucket("test4", false, false, nil, nil)
-	assert.Nil(err)
-	if err != nil {
-		log.Println(err)
-		return
-	}
-
-	requestDataTags := map[string]interface{}{
-		"tags": map[string]interface{}{
-			"test": "TAG",
-		},
-	}
-
-	requestTagsJSON, _ := json.Marshal(requestDataTags)
-
-	requestTagsBody := bytes.NewBuffer(requestTagsJSON)
-
-	request, err := http.NewRequest(http.MethodPut, "http://localhost:9090/api/v1/buckets/test4/tags", requestTagsBody)
-	request.Close = true
-	if err != nil {
-		log.Println(err)
-		return
-	}
-
-	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
-	request.Header.Add("Content-Type", "application/json")
-
-	response, err = client.Do(request)
-	assert.Nil(err)
-	if err != nil {
-		log.Println(err)
-		return
-	}
-
-	// get bucket
-	request, err = http.NewRequest("GET", "http://localhost:9090/api/v1/buckets/test4", nil)
-	request.Close = true
-	if err != nil {
-		log.Println(err)
-		return
-	}
-
-	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
-	request.Header.Add("Content-Type", "application/json")
-
-	response, err = client.Do(request)
-	assert.Nil(err)
-	if err != nil {
-		log.Println(err)
-		return
-	}
-
-	bodyBytes, _ := ioutil.ReadAll(response.Body)
-
-	bucket := models.Bucket{}
-	err = json.Unmarshal(bodyBytes, &bucket)
-	if err != nil {
-		log.Println(err)
-	}
-
-	assert.Equal("TAG", bucket.Details.Tags["test"], "Failed to add tag")
-}
-
-func TestBucketVersioning(t *testing.T) {
-	assert := assert.New(t)
-
-	client := &http.Client{
-		Timeout: 2 * time.Second,
-	}
-
-	request, err := http.NewRequest("GET", "http://localhost:9090/api/v1/session", nil)
-	if err != nil {
-		log.Println(err)
-		return
-	}
-
-	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
-
-	response, err := client.Do(request)
-	assert.Nil(err)
-	if err != nil {
-		log.Println(err)
-		return
-	}
-	var distributedSystem bool
-
-	if response != nil {
-
-		bodyBytes, _ := ioutil.ReadAll(response.Body)
-
-		sessionResponse := models.SessionResponse{}
-		err = json.Unmarshal(bodyBytes, &sessionResponse)
-		if err != nil {
-			log.Println(err)
-		}
-
-		distributedSystem = sessionResponse.DistributedMode
-
-	}
-
-	requestDataVersioning := map[string]interface{}{
-		"name":       "test2",
-		"versioning": true,
-		"locking":    false,
-	}
-
-	requestDataJSON, _ := json.Marshal(requestDataVersioning)
-
-	requestDataBody := bytes.NewReader(requestDataJSON)
-
-	response, err = AddBucket("test2", true, false, nil, nil)
-	assert.Nil(err)
-	if err != nil {
-		log.Println(err)
-		return
-	}
-
-	fmt.Println("Versioned bucket creation test status:", response.Status)
-	if distributedSystem {
-		assert.Equal(201, response.StatusCode, "Versioning test Status Code is incorrect - bucket failed to create")
-	} else {
-		assert.NotEqual(201, response.StatusCode, "Versioning test Status Code is incorrect -  versioned bucket created on non-distributed system")
-	}
-
-	request, error := http.NewRequest("DELETE", "http://localhost:9090/api/v1/buckets/test2", requestDataBody)
-	if error != nil {
-		log.Println(error)
-		return
-	}
-
-	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
-	request.Header.Add("Content-Type", "application/json")
-
-	response, err = client.Do(request)
-	if err != nil {
-		log.Println(err)
-		return
-	}
-
-	if response != nil {
-		fmt.Println("DELETE StatusCode:", response.StatusCode)
-	}
-
-}
-
-func TestBucketsGet(t *testing.T) {
-	assert := assert.New(t)
-
-	client := &http.Client{
-		Timeout: 2 * time.Second,
-	}
-
-	// get list of buckets
-	request, err := http.NewRequest("GET", "http://localhost:9090/api/v1/buckets", nil)
-	if err != nil {
-		log.Println(err)
-		return
-	}
-
-	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
-
-	response, err := client.Do(request)
-	assert.Nil(err)
-	if err != nil {
-		log.Println(err)
-		return
-	}
-
-	if response != nil {
-		assert.Equal(200, response.StatusCode, "Status Code is incorrect")
-		bodyBytes, _ := ioutil.ReadAll(response.Body)
-
-		listBuckets := models.ListBucketsResponse{}
-		err = json.Unmarshal(bodyBytes, &listBuckets)
-		if err != nil {
-			log.Println(err)
-			assert.Nil(err)
-		}
-
-		assert.Greater(len(listBuckets.Buckets), 0, "No bucket was returned")
-		assert.Greater(listBuckets.Total, int64(0), "Total buckets is 0")
-
-	}
-
-}
-
-func TestListBuckets(t *testing.T) {
-	/*
-		Test the list of buckets without query parameters.
-	*/
-	assert := assert.New(t)
-
-	// 1. Create buckets
-	var numberOfBuckets = 3
-	for i := 1; i <= numberOfBuckets; i++ {
-		response, err := AddBucket(
-			"testlistbuckets"+strconv.Itoa(i), false, false, nil, nil)
-		assert.Nil(err)
-		if err != nil {
-			log.Println(err)
-			assert.Fail("Error creating the buckets")
-			return
-		}
-		if response != nil {
-			b, err := io.ReadAll(response.Body)
-			if err != nil {
-				log.Fatalln(err)
-			}
-			assert.Equal(201, response.StatusCode,
-				"Status Code is incorrect: "+string(b)+
-					" Bucket name: TestListBuckets"+strconv.Itoa(i))
-		}
-	}
-
-	// 2. List buckets
-	listBucketsResponse, listBucketsError := ListBuckets()
-	assert.Nil(listBucketsError)
-	if listBucketsError != nil {
-		log.Println(listBucketsError)
-		assert.Fail("Error listing the buckets")
-		return
-	}
-
-	// 3. Verify list of buckets
-	b, err := io.ReadAll(listBucketsResponse.Body)
-	if listBucketsResponse != nil {
-		if err != nil {
-			log.Fatalln(err)
-		}
-		assert.Equal(200, listBucketsResponse.StatusCode,
-			"Status Code is incorrect: "+string(b))
-	}
-	for i := 1; i <= numberOfBuckets; i++ {
-		assert.True(strings.Contains(string(b),
-			"testlistbuckets"+strconv.Itoa(i)))
-	}
-}
-
-func TestBucketInformationSuccessfulResponse(t *testing.T) {
-	/*
-		Test Bucket Info End Point with a Successful Response.
-	*/
-
-	// 1. Create the bucket
-	assert := assert.New(t)
-	response, err := AddBucket("bucketinformation1", false, false, nil, nil)
-	assert.Nil(err)
-	if err != nil {
-		log.Println(err)
-		return
-	}
-	if response != nil {
-		assert.Equal(201, response.StatusCode, inspectHTTPResponse(response))
-	}
-
-	// 2. Add a tag to the bucket
-	tags := make(map[string]string)
-	tags["tag1"] = "tag1"
-	putBucketTagResponse, putBucketTagError := PutBucketsTags(
-		"bucketinformation1", tags)
-	if putBucketTagError != nil {
-		log.Println(putBucketTagError)
-		assert.Fail("Error creating the bucket")
-		return
-	}
-	if putBucketTagResponse != nil {
-		assert.Equal(
-			200, putBucketTagResponse.StatusCode,
-			inspectHTTPResponse(putBucketTagResponse))
-	}
-
-	// 3. Get the information
-	bucketInfoResponse, bucketInfoError := BucketInfo("bucketinformation1")
-	if bucketInfoError != nil {
-		log.Println(bucketInfoError)
-		assert.Fail("Error getting the bucket information")
-		return
-	}
-	debugResponse := inspectHTTPResponse(bucketInfoResponse) // call it once
-	if bucketInfoResponse != nil {
-		assert.Equal(200, bucketInfoResponse.StatusCode,
-			debugResponse)
-	}
-	printMessage(debugResponse)
-
-	// 4. Verify the information
-	assert.True(
-		strings.Contains(debugResponse, "bucketinformation1"),
-		inspectHTTPResponse(bucketInfoResponse))
-	assert.True(
-		strings.Contains(debugResponse, "tag1"),
-		inspectHTTPResponse(bucketInfoResponse))
-}
-
-func TestBucketInformationGenericErrorResponse(t *testing.T) {
-	/*
-		Test Bucket Info End Point with a Generic Error Response.
-	*/
-	// 1. Create the bucket
-	assert := assert.New(t)
-	response, err := AddBucket("bucketinformation2", false, false, nil, nil)
-	assert.Nil(err)
-	if err != nil {
-		log.Println(err)
-		assert.Fail("Error creating the bucket")
-		return
-	}
-	if response != nil {
-		assert.Equal(201, response.StatusCode, inspectHTTPResponse(response))
-	}
-
-	// 2. Add a tag to the bucket
-	tags := make(map[string]string)
-	tags["tag2"] = "tag2"
-	putBucketTagResponse, putBucketTagError := PutBucketsTags(
-		"bucketinformation2", tags)
-	if putBucketTagError != nil {
-		log.Println(putBucketTagError)
-		assert.Fail("Error creating the bucket")
-		return
-	}
-	if putBucketTagResponse != nil {
-		assert.Equal(
-			200, putBucketTagResponse.StatusCode,
-			inspectHTTPResponse(putBucketTagResponse))
-	}
-
-	// 3. Get the information
-	bucketInfoResponse, bucketInfoError := BucketInfo("bucketinformation3")
-	if bucketInfoError != nil {
-		log.Println(bucketInfoError)
-		assert.Fail("Error getting the bucket information")
-		return
-	}
-	finalResponse := inspectHTTPResponse(bucketInfoResponse)
-	if bucketInfoResponse != nil {
-		assert.Equal(200, bucketInfoResponse.StatusCode)
-	}
-
-	// 4. Verify the information
-	// Since bucketinformation3 hasn't been created, then it is expected that
-	// tag2 is not part of the response, this is why assert.False is used.
-	assert.False(strings.Contains(finalResponse, "tag2"), finalResponse)
-}
-
-func TestBucketRetention(t *testing.T) {
-	/*
-		To test bucket retention feature
-	*/
-	// 1. Create the bucket with 2 years validity retention
-	assert := assert.New(t)
-	/*
-		{
-			"name":"setbucketretention1",
-			"versioning":true,
-			"locking":true,
-			"retention":
-				{
-					"mode":"compliance",
-					"unit":"years",
-					"validity":2
-				}
-		}
-	*/
-	retention := make(map[string]interface{})
-	retention["mode"] = "compliance"
-	retention["unit"] = "years"
-	retention["validity"] = 2
-	response, err := AddBucket("setbucketretention1", true, true, nil, retention)
-	assert.Nil(err)
-	if err != nil {
-		log.Println(err)
-		assert.Fail("Error creating the bucket")
-		return
-	}
-	if response != nil {
-		assert.Equal(201, response.StatusCode, inspectHTTPResponse(response))
-	}
-
-	// 2. Set the bucket's retention from 2 years to 3 years
-	setBucketRetentionResponse, setBucketRetentionError := SetBucketRetention(
-		"setbucketretention1",
-		"compliance",
-		"years",
-		3,
-	)
-	assert.Nil(setBucketRetentionError)
-	if setBucketRetentionError != nil {
-		log.Println(setBucketRetentionError)
-		assert.Fail("Error creating the bucket")
-		return
-	}
-	if setBucketRetentionResponse != nil {
-		assert.Equal(200, setBucketRetentionResponse.StatusCode,
-			inspectHTTPResponse(setBucketRetentionResponse))
-	}
-
-	// 3. Verify the bucket's retention was properly set.
-	getBucketRetentionResponse, getBucketRetentionError := GetBucketRetention(
-		"setbucketretention1",
-	)
-	assert.Nil(getBucketRetentionError)
-	if getBucketRetentionError != nil {
-		log.Println(getBucketRetentionError)
-		assert.Fail("Error creating the bucket")
-		return
-	}
-	finalResponse := inspectHTTPResponse(getBucketRetentionResponse)
-	if getBucketRetentionResponse != nil {
-		assert.Equal(
-			200,
-			getBucketRetentionResponse.StatusCode,
-			finalResponse,
-		)
-	}
-	expected := "Http Response: {\"mode\":\"compliance\",\"unit\":\"years\",\"validity\":3}\n"
-	assert.Equal(expected, finalResponse, finalResponse)
-}

integration/config_test.go

@@ -0,0 +1,250 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package integration
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"log"
+	"net/http"
+	"testing"
+	"time"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func Test_ConfigAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	tests := []struct {
+		name           string
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name:           "Config - Valid",
+			expectedStatus: 200,
+			expectedError:  nil,
+		},
+	}
+
+	client := &http.Client{
+		Timeout: 3 * time.Second,
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			request, err := http.NewRequest("GET", "http://localhost:9090/api/v1/configs", nil)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
+			}
+		})
+	}
+}
+
+func Test_GetConfigAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	type args struct {
+		name string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "Get Config - Valid",
+			args: args{
+				name: "storage_class",
+			},
+			expectedStatus: 200,
+			expectedError:  nil,
+		},
+		{
+			name: "Get Config - Invalid",
+			args: args{
+				name: "asdf",
+			},
+			expectedStatus: 404,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			request, err := http.NewRequest(
+				"GET", fmt.Sprintf("http://localhost:9090/api/v1/configs/%s", tt.args.name), nil)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
+			}
+		})
+	}
+}
+
+func Test_SetConfigAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	type args struct {
+		name      string
+		keyValues []map[string]interface{}
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "Set Config - Valid",
+			args: args{
+				name:      "region",
+				keyValues: []map[string]interface{}{{"key": "name", "value": "testServer"}, {"key": "region", "value": "us-west-1"}},
+			},
+			expectedStatus: 200,
+			expectedError:  nil,
+		},
+		{
+			name: "Set Config - Invalid",
+			args: args{
+				name:      "regiontest",
+				keyValues: []map[string]interface{}{{"key": "name", "value": "testServer"}, {"key": "region", "value": "us-west-1"}},
+			},
+			expectedStatus: 500,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			requestDataPolicy := map[string]interface{}{}
+
+			requestDataPolicy["key_values"] = tt.args.keyValues
+
+			requestDataJSON, _ := json.Marshal(requestDataPolicy)
+			requestDataBody := bytes.NewReader(requestDataJSON)
+			request, err := http.NewRequest(
+				"PUT", fmt.Sprintf("http://localhost:9090/api/v1/configs/%s", tt.args.name), requestDataBody)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
+			}
+		})
+	}
+}
+
+func Test_ResetConfigAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	type args struct {
+		name string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "Reset Config - Valid",
+			args: args{
+				name: "region",
+			},
+			expectedStatus: 200,
+			expectedError:  nil,
+		},
+		{
+			name: "Reset Config - Invalid",
+			args: args{
+				name: "regiontest",
+			},
+			expectedStatus: 500,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			requestDataPolicy := map[string]interface{}{}
+
+			requestDataJSON, _ := json.Marshal(requestDataPolicy)
+			requestDataBody := bytes.NewReader(requestDataJSON)
+			request, err := http.NewRequest(
+				"POST", fmt.Sprintf("http://localhost:9090/api/v1/configs/%s/reset", tt.args.name), requestDataBody)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
+			}
+		})
+	}
+}

integration/groups_test.go

@@ -0,0 +1,351 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package integration
+
+import (
+	"bytes"
+	"encoding/base64"
+	"encoding/json"
+	"fmt"
+	"log"
+	"net/http"
+	"testing"
+	"time"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func Test_AddGroupAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	AddUser("member1", "testtest", []string{}, []string{"consoleAdmin"})
+
+	type args struct {
+		group   string
+		members []string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "Create Group - Valid",
+			args: args{
+				group:   "test",
+				members: []string{"member1"},
+			},
+			expectedStatus: 201,
+			expectedError:  nil,
+		},
+		{
+			name: "Create Group - Invalid",
+			args: args{
+				group:   "test",
+				members: []string{},
+			},
+			expectedStatus: 400,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			requestDataPolicy := map[string]interface{}{}
+			requestDataPolicy["group"] = tt.args.group
+			requestDataPolicy["members"] = tt.args.members
+
+			requestDataJSON, _ := json.Marshal(requestDataPolicy)
+			requestDataBody := bytes.NewReader(requestDataJSON)
+			request, err := http.NewRequest(
+				"POST", "http://localhost:9090/api/v1/groups", requestDataBody)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
+			}
+		})
+	}
+}
+
+func Test_GetGroupAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	AddUser("member2", "testtest", []string{}, []string{"consoleAdmin"})
+	AddGroup("getgroup1", []string{"member2"})
+
+	type args struct {
+		api string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "Get Group - Valid",
+			args: args{
+				api: base64.StdEncoding.EncodeToString([]byte("getgroup1")),
+			},
+			expectedStatus: 200,
+			expectedError:  nil,
+		},
+		{
+			name: "Get Group - Invalid",
+			args: args{
+				api: base64.StdEncoding.EncodeToString([]byte("askfjalkd")),
+			},
+			expectedStatus: 500,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			requestDataPolicy := map[string]interface{}{}
+
+			requestDataJSON, _ := json.Marshal(requestDataPolicy)
+			requestDataBody := bytes.NewReader(requestDataJSON)
+			request, err := http.NewRequest(
+				"GET", fmt.Sprintf("http://localhost:9090/api/v1/group/%s", tt.args.api), requestDataBody)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
+			}
+		})
+	}
+}
+
+func Test_ListGroupsAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	tests := []struct {
+		name           string
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name:           "Get Group - Valid",
+			expectedStatus: 200,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			requestDataPolicy := map[string]interface{}{}
+
+			requestDataJSON, _ := json.Marshal(requestDataPolicy)
+			requestDataBody := bytes.NewReader(requestDataJSON)
+			request, err := http.NewRequest(
+				"GET", "http://localhost:9090/api/v1/groups", requestDataBody)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
+			}
+		})
+	}
+}
+
+func Test_PutGroupsAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	AddUser("member3", "testtest", []string{}, []string{"consoleAdmin"})
+	AddGroup("putgroup1", []string{})
+
+	type args struct {
+		api     string
+		members []string
+		status  string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "Put Group - Valid",
+			args: args{
+				api:     base64.StdEncoding.EncodeToString([]byte("putgroup1")),
+				members: []string{"member3"},
+				status:  "enabled",
+			},
+			expectedStatus: 200,
+			expectedError:  nil,
+		},
+		{
+			name: "Put Group - Invalid",
+			args: args{
+				api:     base64.StdEncoding.EncodeToString([]byte("gdgfdfgd")),
+				members: []string{"member3"},
+				status:  "enabled",
+			},
+			expectedStatus: 500,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			requestDataPolicy := map[string]interface{}{}
+
+			requestDataPolicy["members"] = tt.args.members
+			requestDataPolicy["status"] = tt.args.status
+
+			requestDataJSON, _ := json.Marshal(requestDataPolicy)
+			requestDataBody := bytes.NewReader(requestDataJSON)
+			request, err := http.NewRequest(
+				"PUT", fmt.Sprintf("http://localhost:9090/api/v1/group/%s", tt.args.api), requestDataBody)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
+			}
+		})
+	}
+}
+
+func Test_DeleteGroupAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	AddGroup("grouptests1", []string{})
+
+	type args struct {
+		api string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+		verb           string
+	}{
+		{
+			name: "Delete Group - Valid",
+			args: args{
+				api: base64.StdEncoding.EncodeToString([]byte("grouptests1")),
+			},
+			verb:           "DELETE",
+			expectedStatus: 204,
+			expectedError:  nil,
+		},
+		{
+			name: "Delete Group - Invalid",
+			args: args{
+				api: base64.StdEncoding.EncodeToString([]byte("grouptests12345")),
+			},
+			verb:           "DELETE",
+			expectedStatus: 404,
+			expectedError:  nil,
+		},
+		{
+			name: "Access Group After Delete - Invalid",
+			args: args{
+				api: base64.StdEncoding.EncodeToString([]byte("grouptests1")),
+			},
+			verb:           "GET",
+			expectedStatus: 500,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			requestDataPolicy := map[string]interface{}{}
+
+			requestDataJSON, _ := json.Marshal(requestDataPolicy)
+			requestDataBody := bytes.NewReader(requestDataJSON)
+			request, err := http.NewRequest(
+				tt.verb, fmt.Sprintf("http://localhost:9090/api/v1/group/%s", tt.args.api), requestDataBody)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
+			}
+		})
+	}
+}

integration/inspect_test.go

@@ -0,0 +1,106 @@
+package integration
+
+import (
+	"fmt"
+	"log"
+	"net/http"
+	"testing"
+	"time"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func Inspect(volume string, file string, enc bool) (*http.Response, error) {
+	requestURL := fmt.Sprintf("http://localhost:9090/api/v1/admin/inspect?volume=%s&file=%s&encrypt=%t", volume, file, enc)
+	request, err := http.NewRequest(
+		"GET", requestURL, nil)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func TestInspect(t *testing.T) {
+	assert := assert.New(t)
+
+	type args struct {
+		volume  string
+		file    string
+		encrypt bool
+	}
+
+	// Inspect returns successful response always
+	tests := []struct {
+		name          string
+		args          args
+		expStatusCode int
+		expectedError bool
+	}{
+		{
+			name: "Test Invalid Path",
+			args: args{
+				volume:  "/test-with-slash",
+				file:    "/test-with-slash",
+				encrypt: false,
+			},
+			expStatusCode: 200,
+			expectedError: false,
+		},
+
+		{
+			name: "Test Invalid characters in Path",
+			args: args{
+				volume:  "//test",
+				file:    "//bucket",
+				encrypt: false,
+			},
+			expStatusCode: 200,
+			expectedError: true,
+		},
+		{
+			name: "Test valid bucket",
+			args: args{
+				volume:  "test-bucket",
+				file:    "test.txt",
+				encrypt: true,
+			},
+			expStatusCode: 200,
+			expectedError: false,
+		},
+		{
+			name: "Test Empty Path", // Un processable entity error
+			args: args{
+				volume:  "",
+				file:    "",
+				encrypt: false,
+			},
+			expStatusCode: 422,
+			expectedError: false,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			resp, err := Inspect(tt.args.volume, tt.args.file, tt.args.encrypt)
+			if tt.expectedError {
+				assert.Nil(err)
+				if err != nil {
+					log.Println(err)
+					return
+				}
+			}
+			if resp != nil {
+				assert.Equal(
+					tt.expStatusCode,
+					resp.StatusCode,
+				)
+			}
+		})
+	}
+}

integration/login_test.go

@@ -17,8 +17,10 @@
 package integration
 
 import (
+	"bytes"
 	"encoding/json"
-	"io/ioutil"
+	"fmt"
+	"io"
 	"log"
 	"net/http"
 	"testing"
@@ -54,7 +56,7 @@ func TestLoginStrategy(t *testing.T) {
 	}
 
 	if response != nil {
-		bodyBytes, _ := ioutil.ReadAll(response.Body)
+		bodyBytes, _ := io.ReadAll(response.Body)
 
 		loginDetails := models.LoginDetails{}
 
@@ -67,5 +69,94 @@ func TestLoginStrategy(t *testing.T) {
 		assert.Equal(models.LoginDetailsLoginStrategyForm, loginDetails.LoginStrategy, "Login Details don't match")
 
 	}
-
+}
+
+func TestLogout(t *testing.T) {
+	assert := assert.New(t)
+
+	// image for now:
+	// minio: 9000
+	// console: 9090
+
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	requestData := map[string]string{
+		"accessKey": "minioadmin",
+		"secretKey": "minioadmin",
+	}
+
+	requestDataJSON, _ := json.Marshal(requestData)
+
+	requestDataBody := bytes.NewReader(requestDataJSON)
+
+	request, err := http.NewRequest("POST", "http://localhost:9090/api/v1/login", requestDataBody)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	request.Header.Add("Content-Type", "application/json")
+
+	response, err := client.Do(request)
+
+	assert.NotNil(response, "Login response is nil")
+	assert.Nil(err, "Login errored out")
+
+	var loginToken string
+
+	for _, cookie := range response.Cookies() {
+		if cookie.Name == "token" {
+			loginToken = cookie.Value
+			break
+		}
+	}
+
+	if loginToken == "" {
+		log.Println("authentication token not found in cookies response")
+		return
+	}
+	logoutRequest := bytes.NewReader([]byte("{}"))
+	request, err = http.NewRequest("POST", "http://localhost:9090/api/v1/logout", logoutRequest)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", loginToken))
+	request.Header.Add("Content-Type", "application/json")
+
+	response, err = client.Do(request)
+	assert.NotNil(response, "Logout response is nil")
+	assert.Nil(err, "Logout errored out")
+	assert.Equal(response.StatusCode, 200)
+}
+
+func TestBadLogin(t *testing.T) {
+	assert := assert.New(t)
+
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	requestData := map[string]string{
+		"accessKey": "minioadmin",
+		"secretKey": "minioadminbad",
+	}
+
+	requestDataJSON, _ := json.Marshal(requestData)
+
+	requestDataBody := bytes.NewReader(requestDataJSON)
+
+	request, err := http.NewRequest("POST", "http://localhost:9090/api/v1/login", requestDataBody)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	request.Header.Add("Content-Type", "application/json")
+
+	response, err := client.Do(request)
+
+	assert.Equal(401, response.StatusCode, "Login request not rejected")
+	assert.NotNil(response, "Login response is  nil")
+	assert.Nil(err, "Login errored out")
 }

integration/objects_test.go

@@ -0,0 +1,281 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package integration
+
+import (
+	"bytes"
+	"context"
+	"encoding/base64"
+	"encoding/json"
+	"fmt"
+	"log"
+	"math/rand"
+	"net/http"
+	"strings"
+	"testing"
+	"time"
+
+	"github.com/minio/minio-go/v7"
+	"github.com/minio/minio-go/v7/pkg/credentials"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestObjectGet(t *testing.T) {
+	// for setup we'll create a bucket and upload a file
+	endpoint := "localhost:9000"
+	accessKeyID := "minioadmin"
+	secretAccessKey := "minioadmin"
+
+	// Initialize minio client object.
+	minioClient, err := minio.New(endpoint, &minio.Options{
+		Creds:  credentials.NewStaticV4(accessKeyID, secretAccessKey, ""),
+		Secure: false,
+	})
+	if err != nil {
+		log.Fatalln(err)
+	}
+	bucketName := fmt.Sprintf("testbucket-%d", rand.Intn(1000-1)+1)
+	err = minioClient.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1", ObjectLocking: true})
+
+	if err != nil {
+		fmt.Println(err)
+	}
+	// upload a simple file
+	fakeFile := "12345678"
+	fileReader := strings.NewReader(fakeFile)
+
+	_, err = minioClient.PutObject(
+		context.Background(),
+		bucketName,
+		"myobject", fileReader, int64(len(fakeFile)), minio.PutObjectOptions{ContentType: "application/octet-stream"})
+	if err != nil {
+		fmt.Println(err)
+		return
+	}
+	_, err = minioClient.PutObject(
+		context.Background(),
+		bucketName,
+		"myobject.jpg", fileReader, int64(len(fakeFile)), minio.PutObjectOptions{ContentType: "application/octet-stream"})
+	if err != nil {
+		fmt.Println(err)
+		return
+	}
+
+	assert := assert.New(t)
+	type args struct {
+		encodedPrefix string
+		versionID     string
+		bytesRange    string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "Preview Object",
+			args: args{
+				encodedPrefix: base64.StdEncoding.EncodeToString([]byte("myobject")),
+			},
+			expectedStatus: 200,
+			expectedError:  nil,
+		},
+		{
+			name: "Preview image",
+			args: args{
+				encodedPrefix: base64.StdEncoding.EncodeToString([]byte("myobject.jpg")),
+			},
+			expectedStatus: 200,
+			expectedError:  nil,
+		},
+		{
+			name: "Get Range of bytes",
+			args: args{
+				encodedPrefix: base64.StdEncoding.EncodeToString([]byte("myobject.jpg")),
+				bytesRange:    "bytes=1-4",
+			},
+			expectedStatus: 206,
+			expectedError:  nil,
+		},
+		{
+			name: "Get Range of bytes empty start",
+			args: args{
+				encodedPrefix: base64.StdEncoding.EncodeToString([]byte("myobject.jpg")),
+				bytesRange:    "bytes=-4",
+			},
+			expectedStatus: 206,
+			expectedError:  nil,
+		},
+		{
+			name: "Get Invalid Range of bytes",
+			args: args{
+				encodedPrefix: base64.StdEncoding.EncodeToString([]byte("myobject.jpg")),
+				bytesRange:    "bytes=9-12",
+			},
+			expectedStatus: 400,
+			expectedError:  nil,
+		},
+		{
+			name: "Get Larger Range of bytes empty start",
+			args: args{
+				encodedPrefix: base64.StdEncoding.EncodeToString([]byte("myobject.jpg")),
+				bytesRange:    "bytes=-12",
+			},
+			expectedStatus: 206,
+			expectedError:  nil,
+		},
+		{
+			name: "Get invalid seek start Range of bytes",
+			args: args{
+				encodedPrefix: base64.StdEncoding.EncodeToString([]byte("myobject.jpg")),
+				bytesRange:    "bytes=12-16",
+			},
+			expectedStatus: 400,
+			expectedError:  nil,
+		},
+		{
+			name: "Bad Preview Object",
+			args: args{
+				encodedPrefix: "garble",
+			},
+			expectedStatus: 400,
+			expectedError:  nil,
+		},
+		{
+			name: "Bad Version Preview Object",
+			args: args{
+				encodedPrefix: base64.StdEncoding.EncodeToString([]byte("myobject")),
+				versionID:     "garble",
+			},
+			expectedStatus: 400,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+			destination := fmt.Sprintf("/api/v1/buckets/%s/objects/download?preview=true&prefix=%s&version_id=%s", bucketName, tt.args.encodedPrefix, tt.args.versionID)
+			finalURL := fmt.Sprintf("http://localhost:9090%s", destination)
+			request, err := http.NewRequest("GET", finalURL, nil)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			if tt.args.bytesRange != "" {
+				request.Header.Add("Range", tt.args.bytesRange)
+			}
+
+			response, err := client.Do(request)
+
+			assert.NotNil(response, fmt.Sprintf("%s response object is nil", tt.name))
+			assert.Nil(err, fmt.Sprintf("%s returned an error: %v", tt.name, err))
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, fmt.Sprintf("%s returned the wrong status code", tt.name))
+			}
+		})
+	}
+}
+
+func downloadMultipleFiles(bucketName string, objects []string) (*http.Response, error) {
+	requestURL := fmt.Sprintf("http://localhost:9090/api/v1/buckets/%s/objects/download-multiple", bucketName)
+
+	postReqParams, _ := json.Marshal(objects)
+	reqBody := bytes.NewReader(postReqParams)
+
+	request, err := http.NewRequest(
+		"POST", requestURL, reqBody)
+	if err != nil {
+		log.Println(err)
+		return nil, nil
+	}
+
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func TestDownloadMultipleFiles(t *testing.T) {
+	assert := assert.New(t)
+	type args struct {
+		bucketName string
+		objectLis  []string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  bool
+	}{
+		{
+			name: "Test empty Bucket",
+			args: args{
+				bucketName: "",
+			},
+			expectedStatus: 400,
+			expectedError:  true,
+		},
+		{
+			name: "Test empty object list",
+			args: args{
+				bucketName: "test-bucket",
+			},
+			expectedStatus: 400,
+			expectedError:  true,
+		},
+		{
+			name: "Test with bucket and object list",
+			args: args{
+				bucketName: "test-bucket",
+				objectLis: []string{
+					"my-object.txt",
+					"test-prefix/",
+					"test-prefix/nested-prefix/",
+					"test-prefix/nested-prefix/deep-nested/",
+				},
+			},
+			expectedStatus: 200,
+			expectedError:  false,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			resp, err := downloadMultipleFiles(tt.args.bucketName, tt.args.objectLis)
+			if tt.expectedError {
+				assert.Nil(err)
+				if err != nil {
+					log.Println(err)
+					return
+				}
+			}
+			if resp != nil {
+				assert.NotNil(resp)
+			}
+		})
+	}
+}

integration/policy_test.go

@@ -0,0 +1,862 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package integration
+
+import (
+	"bytes"
+	"encoding/base64"
+	"encoding/json"
+	"fmt"
+	"io"
+	"log"
+	"net/http"
+	"testing"
+	"time"
+
+	"github.com/go-openapi/swag"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func AddPolicy(name, definition string) (*http.Response, error) {
+	/*
+		This is an atomic function to add user and can be reused across
+		different functions.
+	*/
+	client := &http.Client{
+		Timeout: 3 * time.Second,
+	}
+
+	requestDataAdd := map[string]interface{}{
+		"name":   name,
+		"policy": definition,
+	}
+
+	requestDataJSON, _ := json.Marshal(requestDataAdd)
+	requestDataBody := bytes.NewReader(requestDataJSON)
+	request, err := http.NewRequest(
+		"POST", "http://localhost:9090/api/v1/policies", requestDataBody)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	response, err := client.Do(request)
+	return response, err
+}
+
+func SetPolicy(policies []string, entityName, entityType string) (*http.Response, error) {
+	/*
+		This is an atomic function to add user and can be reused across
+		different functions.
+	*/
+	client := &http.Client{
+		Timeout: 3 * time.Second,
+	}
+
+	requestDataAdd := map[string]interface{}{
+		"name":       policies,
+		"entityType": entityType,
+		"entityName": entityName,
+	}
+
+	requestDataJSON, _ := json.Marshal(requestDataAdd)
+	requestDataBody := bytes.NewReader(requestDataJSON)
+	request, err := http.NewRequest(
+		"PUT", "http://localhost:9090/api/v1/set-policy", requestDataBody)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	response, err := client.Do(request)
+	return response, err
+}
+
+func Test_AddPolicyAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	type args struct {
+		api    string
+		name   string
+		policy *string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "Create Policy - Valid",
+			args: args{
+				api:  "/policies",
+				name: "test",
+				policy: swag.String(`
+  {
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": [
+        "s3:GetBucketLocation",
+        "s3:GetObject"
+      ],
+      "Resource": [
+        "arn:aws:s3:::*"
+      ]
+    }
+  ]
+}`),
+			},
+			expectedStatus: 201,
+			expectedError:  nil,
+		},
+
+		{
+			name: "Create Policy - Invalid",
+			args: args{
+				api:  "/policies",
+				name: "test2",
+				policy: swag.String(`
+  {
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": [
+        "s3:GetBucketLocation"
+        "s3:GetObject"
+      ],
+      "Resource": [
+        "arn:aws:s3:::*"
+      ]
+    }
+  ]
+}`),
+			},
+			expectedStatus: 500,
+			expectedError:  nil,
+		},
+		{
+			name: "Create Policy - Space in Name",
+			args: args{
+				api:  "/policies",
+				name: "space test",
+				policy: swag.String(`
+  {
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": [
+        "s3:GetBucketLocation",
+        "s3:GetObject"
+      ],
+      "Resource": [
+        "arn:aws:s3:::*"
+      ]
+    }
+  ]
+}`),
+			},
+			expectedStatus: 400,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			requestDataPolicy := map[string]interface{}{}
+			requestDataPolicy["name"] = tt.args.name
+			if tt.args.policy != nil {
+				requestDataPolicy["policy"] = *tt.args.policy
+			}
+
+			requestDataJSON, _ := json.Marshal(requestDataPolicy)
+			requestDataBody := bytes.NewReader(requestDataJSON)
+			request, err := http.NewRequest(
+				"POST", fmt.Sprintf("http://localhost:9090/api/v1%s", tt.args.api), requestDataBody)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
+			}
+		})
+	}
+}
+
+func Test_SetPolicyAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	AddUser("policyuser1", "testtest", []string{}, []string{"readwrite"})
+	AddGroup("testgroup123", []string{})
+	AddPolicy("setpolicytest", `
+  {
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": [
+        "s3:GetBucketLocation",
+        "s3:GetObject"
+      ],
+      "Resource": [
+        "arn:aws:s3:::*"
+      ]
+    }
+  ]
+  }`)
+
+	type args struct {
+		api        string
+		entityType string
+		entityName string
+		policyName []string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "Set Policy - Valid",
+			args: args{
+				api:        "/set-policy",
+				policyName: []string{"setpolicytest"},
+				entityType: "user",
+				entityName: "policyuser1",
+			},
+			expectedStatus: 204,
+			expectedError:  nil,
+		},
+		{
+			name: "Set Policy - Invalid",
+			args: args{
+				api:        "/set-policy",
+				policyName: []string{"test3"},
+				entityType: "user",
+				entityName: "policyuser1",
+			},
+			expectedStatus: 500,
+			expectedError:  nil,
+		},
+		{
+			name: "Set Policy Group - Valid",
+			args: args{
+				api:        "/set-policy",
+				policyName: []string{"setpolicytest"},
+				entityType: "group",
+				entityName: "testgroup123",
+			},
+			expectedStatus: 204,
+			expectedError:  nil,
+		},
+		{
+			name: "Set Policy Group - Invalid",
+			args: args{
+				api:        "/set-policy",
+				policyName: []string{"test3"},
+				entityType: "group",
+				entityName: "testgroup123",
+			},
+			expectedStatus: 500,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			requestDataPolicy := map[string]interface{}{}
+			requestDataPolicy["entityName"] = tt.args.entityName
+			requestDataPolicy["entityType"] = tt.args.entityType
+			if tt.args.policyName != nil {
+				requestDataPolicy["name"] = tt.args.policyName
+			}
+
+			requestDataJSON, _ := json.Marshal(requestDataPolicy)
+			requestDataBody := bytes.NewReader(requestDataJSON)
+			request, err := http.NewRequest(
+				"PUT", fmt.Sprintf("http://localhost:9090/api/v1%s", tt.args.api), requestDataBody)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
+			}
+		})
+	}
+}
+
+func Test_SetPolicyMultipleAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	AddUser("policyuser2", "testtest", []string{}, []string{"readwrite"})
+	AddUser("policyuser3", "testtest", []string{}, []string{"readwrite"})
+	AddGroup("testgroup1234", []string{})
+	AddPolicy("setpolicytest2", `
+  {
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": [
+        "s3:GetBucketLocation",
+        "s3:GetObject"
+      ],
+      "Resource": [
+        "arn:aws:s3:::*"
+      ]
+    }
+  ]
+  }`)
+
+	type args struct {
+		api    string
+		users  []string
+		groups []string
+		name   []string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "Set Policy - Valid",
+			args: args{
+				api:   "/set-policy-multi",
+				name:  []string{"setpolicytest2"},
+				users: []string{"policyuser2", "policyuser3"},
+			},
+			expectedStatus: 204,
+			expectedError:  nil,
+		},
+		{
+			name: "Set Policy - Invalid",
+			args: args{
+				api:   "/set-policy-multi",
+				name:  []string{"test3"},
+				users: []string{"policyuser2", "policyuser3"},
+			},
+			expectedStatus: 500,
+			expectedError:  nil,
+		},
+		{
+			name: "Set Policy Group - Valid",
+			args: args{
+				api:    "/set-policy-multi",
+				name:   []string{"setpolicytest2"},
+				groups: []string{"testgroup1234"},
+			},
+			expectedStatus: 204,
+			expectedError:  nil,
+		},
+		{
+			name: "Set Policy Group - Valid",
+			args: args{
+				api:    "/set-policy-multi",
+				name:   []string{"setpolicytest23"},
+				groups: []string{"testgroup1234"},
+			},
+			expectedStatus: 500,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			requestDataPolicy := map[string]interface{}{}
+			requestDataPolicy["name"] = tt.args.name
+			requestDataPolicy["users"] = tt.args.users
+			requestDataPolicy["groups"] = tt.args.groups
+
+			requestDataJSON, _ := json.Marshal(requestDataPolicy)
+			requestDataBody := bytes.NewReader(requestDataJSON)
+			request, err := http.NewRequest(
+				"PUT", fmt.Sprintf("http://localhost:9090/api/v1%s", tt.args.api), requestDataBody)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
+			}
+		})
+	}
+}
+
+func Test_ListPoliciesAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	type args struct {
+		api string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "List Policies",
+			args: args{
+				api: "/policies",
+			},
+			expectedStatus: 200,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			request, err := http.NewRequest(
+				"GET", fmt.Sprintf("http://localhost:9090/api/v1%s", tt.args.api), nil)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
+			}
+		})
+	}
+}
+
+func Test_GetPolicyAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	AddPolicy("getpolicytest", `
+  {
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": [
+        "s3:GetBucketLocation",
+        "s3:GetObject"
+      ],
+      "Resource": [
+        "arn:aws:s3:::*"
+      ]
+    }
+  ]
+  }`)
+
+	type args struct {
+		api string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "Get Policies - Invalid",
+			args: args{
+				api: base64.StdEncoding.EncodeToString([]byte("test3")),
+			},
+			expectedStatus: 500,
+			expectedError:  nil,
+		},
+		{
+			name: "Get Policies - Valid",
+			args: args{
+				api: base64.StdEncoding.EncodeToString([]byte("getpolicytest")),
+			},
+			expectedStatus: 200,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			request, err := http.NewRequest(
+				"GET", fmt.Sprintf("http://localhost:9090/api/v1/policy/%s", tt.args.api), nil)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
+			}
+		})
+	}
+}
+
+func Test_PolicyListUsersAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	AddUser("policyuser4", "testtest", []string{}, []string{"readwrite"})
+	AddPolicy("policylistusers", `
+  {
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": [
+        "s3:GetBucketLocation",
+        "s3:GetObject"
+      ],
+      "Resource": [
+        "arn:aws:s3:::*"
+      ]
+    }
+  ]
+  }`)
+	SetPolicy([]string{"policylistusers"}, "policyuser4", "user")
+
+	type args struct {
+		api string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "List Users for Policy - Valid",
+			args: args{
+				api: "/policies/" + base64.StdEncoding.EncodeToString([]byte("policylistusers")) + "/users",
+			},
+			expectedStatus: 200,
+			expectedError:  nil,
+		},
+		{
+			name: "List Users for Policy - Invalid",
+			args: args{
+				api: "/policies/" + base64.StdEncoding.EncodeToString([]byte("test2")) + "/users",
+			},
+			expectedStatus: 404,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			request, err := http.NewRequest(
+				"GET", fmt.Sprintf("http://localhost:9090/api/v1%s", tt.args.api), nil)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				bodyBytes, _ := io.ReadAll(response.Body)
+				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
+				if response.StatusCode == 200 {
+					assert.Equal("[\"policyuser4\"]\n", string(bodyBytes))
+				}
+			}
+		})
+	}
+}
+
+func Test_PolicyListGroupsAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	AddGroup("testgroup12345", []string{})
+	AddPolicy("policylistgroups", `
+  {
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": [
+        "s3:GetBucketLocation",
+        "s3:GetObject"
+      ],
+      "Resource": [
+        "arn:aws:s3:::*"
+      ]
+    }
+  ]
+  }`)
+	SetPolicy([]string{"policylistgroups"}, "testgroup12345", "group")
+
+	type args struct {
+		api string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "List Users for Policy - Valid",
+			args: args{
+				api: "/policies/" + base64.StdEncoding.EncodeToString([]byte("policylistgroups")) + "/groups",
+			},
+			expectedStatus: 200,
+			expectedError:  nil,
+		},
+		{
+			name: "List Users for Policy - Invalid",
+			args: args{
+				api: "/policies/" + base64.StdEncoding.EncodeToString([]byte("test3")) + "/groups",
+			},
+			expectedStatus: 404,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			request, err := http.NewRequest(
+				"GET", fmt.Sprintf("http://localhost:9090/api/v1%s", tt.args.api), nil)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				bodyBytes, _ := io.ReadAll(response.Body)
+				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
+				if response.StatusCode == 200 {
+					assert.Equal("[\"testgroup12345\"]\n", string(bodyBytes))
+				}
+			}
+		})
+	}
+}
+
+func Test_DeletePolicyAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	AddPolicy("testdelete", `
+  {
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": [
+        "s3:GetBucketLocation",
+        "s3:GetObject"
+      ],
+      "Resource": [
+        "arn:aws:s3:::*"
+      ]
+    }
+  ]
+  }`)
+	type args struct {
+		api    string
+		method string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "Delete Policies - Valid",
+			args: args{
+				api:    base64.StdEncoding.EncodeToString([]byte("testdelete")),
+				method: "DELETE",
+			},
+			expectedStatus: 204,
+			expectedError:  nil,
+		},
+		{
+			name: "Get Policy After Delete - Invalid",
+			args: args{
+				api:    base64.StdEncoding.EncodeToString([]byte("testdelete")),
+				method: "GET",
+			},
+			expectedStatus: 500,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			request, err := http.NewRequest(
+				tt.args.method, fmt.Sprintf("http://localhost:9090/api/v1/policy/%s", tt.args.api), nil)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
+			}
+		})
+	}
+}
+
+func Test_GetAUserPolicyAPI(t *testing.T) {
+	assert := assert.New(t)
+	// Create a User with a Policy to use for testing
+	groups := []string{}
+	policies := []string{"readwrite"}
+	_, err := AddUser("getuserpolicyuser", "secretKey", groups, policies)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	// encode usernames to pass to api
+	bName := []byte("getuserpolicyuser")
+	fName := []byte("failname")
+	encodedName := base64.URLEncoding.EncodeToString(bName)
+	encodedFailName := base64.URLEncoding.EncodeToString(fName)
+
+	type args struct {
+		api string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "Get User Policy - Invalid",
+			args: args{
+				api: "/user/" + encodedFailName + "/policies",
+			},
+			expectedStatus: 401,
+			expectedError:  nil,
+		},
+		{
+			name: "Get User Policy - Valid",
+			args: args{
+				api: "/user/" + encodedName + "/policies",
+			},
+			expectedStatus: 200,
+			expectedError:  nil,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+			request, err := http.NewRequest(
+				"GET", fmt.Sprintf("http://localhost:9090/api/v1%s", tt.args.api), nil)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
+			}
+		})
+	}
+}

integration/profiling_test.go

@@ -0,0 +1,93 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package integration
+
+import (
+	"archive/zip"
+	"bytes"
+	"fmt"
+	"log"
+	"net/http"
+	"testing"
+
+	"github.com/minio/websocket"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestStartProfiling(t *testing.T) {
+	testAssert := assert.New(t)
+
+	tests := []struct {
+		name string
+	}{
+		{
+			name: "start/stop profiling",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			files := map[string]bool{
+				"profile-127.0.0.1:9000-goroutines.txt":                false,
+				"profile-127.0.0.1:9000-goroutines-before.txt":         false,
+				"profile-127.0.0.1:9000-goroutines-before,debug=2.txt": false,
+				"profile-127.0.0.1:9000-threads-before.pprof":          false,
+				"profile-127.0.0.1:9000-mem.pprof":                     false,
+				"profile-127.0.0.1:9000-threads.pprof":                 false,
+				"profile-127.0.0.1:9000-cpu.pprof":                     false,
+				"profile-127.0.0.1:9000-mem-before.pprof":              false,
+				"profile-127.0.0.1:9000-block.pprof":                   false,
+				"profile-127.0.0.1:9000-trace.trace":                   false,
+				"profile-127.0.0.1:9000-mutex.pprof":                   false,
+				"profile-127.0.0.1:9000-mutex-before.pprof":            false,
+			}
+
+			wsDestination := "/ws/profile?types=cpu,mem,block,mutex,trace,threads,goroutines"
+			wsFinalURL := fmt.Sprintf("ws://localhost:9090%s", wsDestination)
+
+			ws, _, err := websocket.DefaultDialer.Dial(wsFinalURL, nil)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			defer ws.Close()
+
+			_, zipFileBytes, err := ws.ReadMessage()
+			if err != nil {
+				log.Println(err)
+				return
+			}
+
+			filetype := http.DetectContentType(zipFileBytes)
+			testAssert.Equal("application/zip", filetype)
+
+			zipReader, err := zip.NewReader(bytes.NewReader(zipFileBytes), int64(len(zipFileBytes)))
+			if err != nil {
+				testAssert.Nil(err, fmt.Sprintf("%s returned an error: %v", tt.name, err))
+			}
+
+			// Read all the files from zip archive
+			for _, zipFile := range zipReader.File {
+				files[zipFile.Name] = true
+			}
+
+			for k, v := range files {
+				testAssert.Equal(true, v, fmt.Sprintf("%s : compressed file expected to have %v file inside", tt.name, k))
+			}
+		})
+	}
+}

integration/sample-import-config.txt

@@ -0,0 +1,28 @@
+subnet license= api_key= proxy=
+# callhome enable=off frequency=24h
+# site name= region=
+# api requests_max=0 requests_deadline=10s cluster_deadline=10s cors_allow_origin=* remote_transport_deadline=2h list_quorum=strict replication_priority=auto transition_workers=100 stale_uploads_cleanup_interval=6h stale_uploads_expiry=24h delete_cleanup_interval=5m disable_odirect=off gzip_objects=off
+# scanner speed=default
+# compression enable=off allow_encryption=off extensions=.txt,.log,.csv,.json,.tar,.xml,.bin mime_types=text/*,application/json,application/xml,binary/octet-stream
+# identity_openid enable= display_name= config_url= client_id= client_secret= claim_name=policy claim_userinfo= role_policy= claim_prefix= redirect_uri= redirect_uri_dynamic=off scopes= vendor= keycloak_realm= keycloak_admin_url=
+# identity_ldap server_addr= srv_record_name= user_dn_search_base_dn= user_dn_search_filter= group_search_filter= group_search_base_dn= tls_skip_verify=off server_insecure=off server_starttls=off lookup_bind_dn= lookup_bind_password=
+# identity_tls skip_verify=off
+# identity_plugin url= auth_token= role_policy= role_id=
+# policy_plugin url= auth_token= enable_http2=off
+# logger_webhook enable=off endpoint= auth_token= client_cert= client_key= queue_size=100000
+# audit_webhook enable=off endpoint= auth_token= client_cert= client_key= queue_size=100000
+# audit_kafka enable=off topic= brokers= sasl_username= sasl_password= sasl_mechanism=plain client_tls_cert= client_tls_key= tls_client_auth=0 sasl=off tls=off tls_skip_verify=off version=
+# notify_webhook enable=off endpoint= auth_token= queue_limit=0 queue_dir= client_cert= client_key=
+# notify_amqp enable=off url= exchange= exchange_type= routing_key= mandatory=off durable=off no_wait=off internal=off auto_deleted=off delivery_mode=0 publisher_confirms=off queue_limit=0 queue_dir=
+# notify_kafka enable=off topic= brokers= sasl_username= sasl_password= sasl_mechanism=plain client_tls_cert= client_tls_key= tls_client_auth=0 sasl=off tls=off tls_skip_verify=off queue_limit=0 queue_dir= version=
+# notify_mqtt enable=off broker= topic= password= username= qos=0 keep_alive_interval=0s reconnect_interval=0s queue_dir= queue_limit=0
+# notify_nats enable=off address= subject= username= password= token= tls=off tls_skip_verify=off cert_authority= client_cert= client_key= ping_interval=0 jetstream=off streaming=off streaming_async=off streaming_max_pub_acks_in_flight=0 streaming_cluster_id= queue_dir= queue_limit=0
+# notify_nsq enable=off nsqd_address= topic= tls=off tls_skip_verify=off queue_dir= queue_limit=0
+# notify_mysql enable=off format=namespace dsn_string= table= queue_dir= queue_limit=0 max_open_connections=2
+# notify_postgres enable=off format=namespace connection_string= table= queue_dir= queue_limit=0 max_open_connections=2
+# notify_elasticsearch enable=off url= format=namespace index= queue_dir= queue_limit=0 username= password=
+# notify_redis enable=off format=namespace address= key= password= queue_dir= queue_limit=0
+# etcd endpoints= path_prefix= coredns_path=/skydns client_cert= client_cert_key=
+# cache drives= exclude= expiry=90 quota=80 after=0 watermark_low=70 watermark_high=80 range=on commit=
+# storage_class standard= rrs=EC:1
+# heal bitrotscan=off max_sleep=1s max_io=100

integration/service_account_test.go

@@ -0,0 +1,349 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package integration
+
+import (
+	"bytes"
+	"encoding/base64"
+	"encoding/json"
+	"fmt"
+	"log"
+	"net/http"
+	"testing"
+	"time"
+
+	"github.com/go-openapi/swag"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestAddServiceAccount(t *testing.T) {
+	/*
+		This is an atomic API Test to add a user service account, the intention
+		is simple, add a user and make sure the response is 201 meaning that the
+		user got added successfully.
+		After test completion, it is expected that user is removed, so other
+		tests like users.ts can run over clean data and we don't collide against
+		it.
+	*/
+
+	assert := assert.New(t)
+
+	client := &http.Client{
+		Timeout: 3 * time.Second,
+	}
+
+	// Add service account
+	requestDataAddServiceAccount := map[string]interface{}{
+		"accessKey": "testuser1",
+		"secretKey": "password",
+		"policy": `{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": [
+        "s3:GetBucketLocation",
+        "s3:GetObject"
+      ],
+      "Resource": [
+        "arn:aws:s3:::*"
+      ]
+    }
+  ]
+}`,
+	}
+
+	requestDataJSON, _ := json.Marshal(requestDataAddServiceAccount)
+	requestDataBody := bytes.NewReader(requestDataJSON)
+	request, err := http.NewRequest(
+		"POST", "http://localhost:9090/api/v1/service-account-credentials", requestDataBody)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	response, err := client.Do(request)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	if response != nil {
+		fmt.Println("POST StatusCode:", response.StatusCode)
+		assert.Equal(201, response.StatusCode, "Status Code is incorrect")
+	}
+
+	// {{baseUrl}}/user?name=proident velit
+	// Investiga como se borra en el browser.
+	request, err = http.NewRequest(
+		"DELETE", "http://localhost:9090/api/v1/service-accounts/"+base64.StdEncoding.EncodeToString([]byte("testuser1")), nil)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	response, err = client.Do(request)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	if response != nil {
+		fmt.Println("DELETE StatusCode:", response.StatusCode)
+		assert.Equal(204, response.StatusCode, "has to be 204 when delete user")
+	}
+}
+
+func Test_ServiceAccountsAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	type args struct {
+		api    string
+		policy *string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "Create Service Account - Default",
+			args: args{
+				api:    "/service-accounts",
+				policy: nil,
+			},
+			expectedStatus: 201,
+			expectedError:  nil,
+		},
+		{
+			name: "Create Service Account - Valid Policy",
+			args: args{
+				api: "/service-accounts",
+				policy: swag.String(`
+  {
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": [
+        "s3:GetBucketLocation",
+        "s3:GetObject"
+      ],
+      "Resource": [
+        "arn:aws:s3:::*"
+      ]
+    }
+  ]
+}`),
+			},
+			expectedStatus: 201,
+			expectedError:  nil,
+		},
+		{
+			name: "Create Service Account - Invalid Policy",
+			args: args{
+				api: "/service-accounts",
+				policy: swag.String(`
+  {
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": [
+        "s3:GetBucketLocation"
+        "s3:GetObject"
+      ],
+      "Resource": [
+        "arn:aws:s3:::*"
+      ]
+    }
+  ]
+}`),
+			},
+			expectedStatus: 500,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			// Add service account
+
+			requestDataPolicy := map[string]interface{}{}
+			if tt.args.policy != nil {
+				requestDataPolicy["policy"] = *tt.args.policy
+			}
+
+			requestDataJSON, _ := json.Marshal(requestDataPolicy)
+			requestDataBody := bytes.NewReader(requestDataJSON)
+			request, err := http.NewRequest(
+				"POST", fmt.Sprintf("http://localhost:9090/api/v1%s", tt.args.api), requestDataBody)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
+			}
+		})
+	}
+}
+
+func DeleteMultipleServiceAccounts(serviceAccounts []string) (*http.Response, error) {
+	/*
+		Helper function to delete multiple service accounts
+		URL: http://localhost:9001/api/v1/service-accounts/delete-multi
+		HTTP Verb: DELETE
+		Data: ["U3RADB7J2ZZHELR0WSBB","ZE8H1HYOA6AVGKFCV6YU"]
+		Response: Status Code: 204 No Content
+	*/
+	client := &http.Client{
+		Timeout: 3 * time.Second,
+	}
+	requestDataJSON, _ := json.Marshal(serviceAccounts)
+	requestDataBody := bytes.NewReader(requestDataJSON)
+	request, err := http.NewRequest(
+		"DELETE", "http://localhost:9090/api/v1/service-accounts/delete-multi", requestDataBody)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	response, err := client.Do(request)
+	return response, err
+}
+
+func TestCreateServiceAccountForUserWithCredentials(t *testing.T) {
+	/*
+		To test creation of service account for a user.
+	*/
+
+	// Test's variables
+	userName := "testcreateserviceaccountforuserwithcredentials1"
+	assert := assert.New(t)
+	policy := ""
+
+	// 1. Create the user
+	groups := []string{}
+	policies := []string{}
+	secretKey := "testcreateserviceaccountforuserwithcrede"
+	response, err := AddUser(userName, "secretKey", groups, policies)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	if response != nil {
+		fmt.Println("StatusCode:", response.StatusCode)
+		assert.Equal(201, response.StatusCode, "Status Code is incorrect")
+	}
+
+	// Table driven testing part
+	type args struct {
+		accessKey string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+	}{
+		{
+			name:           "Service Account With Valid Credentials",
+			expectedStatus: 201,
+			args: args{
+				accessKey: "testcreateserviceacc",
+			},
+		},
+		{
+			name:           "Service Account With Invalid Credentials",
+			expectedStatus: 500,
+			args: args{
+				accessKey: "tooooooooooooooooooooolongggggggggggggggggg",
+			},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			// 2. Create the service account for the user
+			createServiceAccountWithCredentialsResponse,
+				createServiceAccountWithCredentialsError := CreateServiceAccountForUserWithCredentials(
+				userName,
+				policy,
+				tt.args.accessKey,
+				secretKey,
+			)
+			if createServiceAccountWithCredentialsError != nil {
+				log.Println(createServiceAccountWithCredentialsError)
+				assert.Fail("Error in createServiceAccountWithCredentialsError")
+			}
+			if createServiceAccountWithCredentialsResponse != nil {
+				fmt.Println("StatusCode:", createServiceAccountWithCredentialsResponse.StatusCode)
+				assert.Equal(
+					tt.expectedStatus, // different status expected per table's row
+					createServiceAccountWithCredentialsResponse.StatusCode,
+					inspectHTTPResponse(createServiceAccountWithCredentialsResponse),
+				)
+			}
+
+			// 3. Verify the service account for the user
+			listOfAccountsResponse,
+				listOfAccountsError := ReturnsAListOfServiceAccountsForAUser(userName)
+			if listOfAccountsError != nil {
+				log.Println(listOfAccountsError)
+				assert.Fail("Error in listOfAccountsError")
+			}
+			finalResponse := inspectHTTPResponse(listOfAccountsResponse)
+			if listOfAccountsResponse != nil {
+				fmt.Println("StatusCode:", listOfAccountsResponse.StatusCode)
+				assert.Equal(
+					200, listOfAccountsResponse.StatusCode,
+					finalResponse,
+				)
+			}
+		})
+	}
+
+	// Delete Multiple Service Accounts
+	serviceAccount := make([]string, 1)
+	serviceAccount[0] = "testcreateserviceacc"
+	response, err = DeleteMultipleServiceAccounts(serviceAccount)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	if response != nil {
+		fmt.Println("StatusCode:", response.StatusCode)
+		assert.Equal(
+			204,
+			response.StatusCode,
+			inspectHTTPResponse(response),
+		)
+	}
+}

integration/tiers_test.go

@@ -0,0 +1,53 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package integration
+
+import (
+	"fmt"
+	"log"
+	"net/http"
+	"testing"
+	"time"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestTiersList(t *testing.T) {
+	assert := assert.New(t)
+
+	// image for now:
+	// minio: 9000
+	// console: 9090
+
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+
+	request, err := http.NewRequest("GET", "http://localhost:9090/api/v1/admin/tiers", nil)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	response, err := client.Do(request)
+
+	assert.NotNil(response, "Tiers List response is nil")
+	assert.Nil(err, "Tiers List errored out")
+	assert.Equal(response.StatusCode, 200)
+}

integration/users_test.go

@@ -18,6 +18,7 @@ package integration
 
 import (
 	"bytes"
+	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"io"
@@ -31,7 +32,7 @@ import (
 	"github.com/stretchr/testify/assert"
 )
 
-func AddUser(accessKey string, secretKey string, groups []string, policies []string) (*http.Response, error) {
+func AddUser(accessKey, secretKey string, groups, policies []string) (*http.Response, error) {
 	/*
 		This is an atomic function to add user and can be reused across
 		different functions.
@@ -40,7 +41,6 @@ func AddUser(accessKey string, secretKey string, groups []string, policies []str
 		Timeout: 3 * time.Second,
 	}
 
-	fmt.Println(".......................TestAddUser(): Create Data to add user")
 	requestDataAdd := map[string]interface{}{
 		"accessKey": accessKey,
 		"secretKey": secretKey,
@@ -48,7 +48,6 @@ func AddUser(accessKey string, secretKey string, groups []string, policies []str
 		"policies":  policies,
 	}
 
-	fmt.Println("..............................TestAddUser(): Prepare the POST")
 	requestDataJSON, _ := json.Marshal(requestDataAdd)
 	requestDataBody := bytes.NewReader(requestDataJSON)
 	request, err := http.NewRequest(
@@ -59,12 +58,12 @@ func AddUser(accessKey string, secretKey string, groups []string, policies []str
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 
-	fmt.Println(".................................TestAddUser(): Make the POST")
 	response, err := client.Do(request)
 	return response, err
 }
 
 func DeleteUser(userName string) (*http.Response, error) {
+	userName = base64.StdEncoding.EncodeToString([]byte(userName))
 	/*
 		This is an atomic function to delete user and can be reused across
 		different functions.
@@ -72,21 +71,18 @@ func DeleteUser(userName string) (*http.Response, error) {
 	client := &http.Client{
 		Timeout: 3 * time.Second,
 	}
-	fmt.Println("...................................TestAddUser(): Remove user")
 	request, err := http.NewRequest(
-		"DELETE", "http://localhost:9090/api/v1/user?name="+userName, nil)
+		"DELETE", "http://localhost:9090/api/v1/user/"+userName, nil)
 	if err != nil {
 		log.Println(err)
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
-
-	fmt.Println("...............................TestAddUser(): Make the DELETE")
 	response, err := client.Do(request)
 	return response, err
 }
 
-func ListUsers(offset string, limit string) (*http.Response, error) {
+func ListUsers(offset, limit string) (*http.Response, error) {
 	/*
 		This is an atomic function to list users.
 		{{baseUrl}}/users?offset=-5480083&limit=-5480083
@@ -94,7 +90,6 @@ func ListUsers(offset string, limit string) (*http.Response, error) {
 	client := &http.Client{
 		Timeout: 3 * time.Second,
 	}
-	fmt.Println("...................................TestAddUser(): Remove user")
 	request, err := http.NewRequest(
 		"GET",
 		"http://localhost:9090/api/v1/users?offset="+offset+"&limit="+limit,
@@ -104,13 +99,12 @@ func ListUsers(offset string, limit string) (*http.Response, error) {
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
-
-	fmt.Println("...............................TestAddUser(): Make the DELETE")
 	response, err := client.Do(request)
 	return response, err
 }
 
 func GetUserInformation(userName string) (*http.Response, error) {
+	userName = base64.StdEncoding.EncodeToString([]byte(userName))
 	/*
 		Helper function to get user information via API:
 		{{baseUrl}}/user?name=proident velit
@@ -120,7 +114,7 @@ func GetUserInformation(userName string) (*http.Response, error) {
 	}
 	request, err := http.NewRequest(
 		"GET",
-		"http://localhost:9090/api/v1/user?name="+userName,
+		"http://localhost:9090/api/v1/user/"+userName,
 		nil)
 	if err != nil {
 		log.Println(err)
@@ -131,7 +125,8 @@ func GetUserInformation(userName string) (*http.Response, error) {
 	return response, err
 }
 
-func UpdateUserInformation(name string, status string, groups []string) (*http.Response, error) {
+func UpdateUserInformation(name, status string, groups []string) (*http.Response, error) {
+	name = base64.StdEncoding.EncodeToString([]byte(name))
 	/*
 		Helper function to update user information:
 		PUT: {{baseUrl}}/user?name=proident velit
@@ -154,7 +149,7 @@ func UpdateUserInformation(name string, status string, groups []string) (*http.R
 	requestDataJSON, _ := json.Marshal(requestDataAdd)
 	requestDataBody := bytes.NewReader(requestDataJSON)
 	request, err := http.NewRequest(
-		"PUT", "http://localhost:9090/api/v1/user?name="+name, requestDataBody)
+		"PUT", "http://localhost:9090/api/v1/user/"+name, requestDataBody)
 	if err != nil {
 		log.Println(err)
 	}
@@ -165,6 +160,7 @@ func UpdateUserInformation(name string, status string, groups []string) (*http.R
 }
 
 func RemoveUser(name string) (*http.Response, error) {
+	name = base64.StdEncoding.EncodeToString([]byte(name))
 	/*
 		Helper function to remove user.
 		DELETE: {{baseUrl}}/user?name=proident velit
@@ -173,7 +169,7 @@ func RemoveUser(name string) (*http.Response, error) {
 		Timeout: 3 * time.Second,
 	}
 	request, err := http.NewRequest(
-		"DELETE", "http://localhost:9090/api/v1/user?name="+name, nil)
+		"DELETE", "http://localhost:9090/api/v1/user/"+name, nil)
 	if err != nil {
 		log.Println(err)
 	}
@@ -183,6 +179,186 @@ func RemoveUser(name string) (*http.Response, error) {
 	return response, err
 }
 
+func UpdateGroupsForAUser(userName string, groups []string) (*http.Response, error) {
+	userName = base64.StdEncoding.EncodeToString([]byte(userName))
+	/*
+		Helper function to update groups for a user
+		PUT: {{baseUrl}}/user/groups?name=username
+		{
+			"groups":[
+				"groupone",
+				"grouptwo"
+			]
+		}
+	*/
+	client := &http.Client{
+		Timeout: 3 * time.Second,
+	}
+	requestDataAdd := map[string]interface{}{
+		"groups": groups,
+	}
+	requestDataJSON, _ := json.Marshal(requestDataAdd)
+	requestDataBody := bytes.NewReader(requestDataJSON)
+	request, err := http.NewRequest(
+		"PUT",
+		"http://localhost:9090/api/v1/user/"+userName+"/groups",
+		requestDataBody,
+	)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	response, err := client.Do(request)
+	return response, err
+}
+
+func CreateServiceAccountForUser(userName, policy string) (*http.Response, error) {
+	userName = base64.StdEncoding.EncodeToString([]byte(userName))
+	/*
+		Helper function to Create Service Account for user
+		POST: api/v1/user/username/service-accounts
+		{
+			"policy": "ad magna"
+		}
+	*/
+	client := &http.Client{
+		Timeout: 3 * time.Second,
+	}
+	requestDataAdd := map[string]interface{}{
+		"policy": policy,
+	}
+	requestDataJSON, _ := json.Marshal(requestDataAdd)
+	requestDataBody := bytes.NewReader(requestDataJSON)
+	request, err := http.NewRequest(
+		"POST",
+		"http://localhost:9090/api/v1/user/"+userName+"/service-accounts",
+		requestDataBody,
+	)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	response, err := client.Do(request)
+	return response, err
+}
+
+func CreateServiceAccountForUserWithCredentials(userName, policy, accessKey, secretKey string) (*http.Response, error) {
+	userName = base64.StdEncoding.EncodeToString([]byte(userName))
+	// Helper function to test "Create Service Account for User With Credentials" end point.
+	client := &http.Client{
+		Timeout: 3 * time.Second,
+	}
+	requestDataAdd := map[string]interface{}{
+		"policy":    policy,
+		"accessKey": accessKey,
+		"secretKey": secretKey,
+	}
+	requestDataJSON, _ := json.Marshal(requestDataAdd)
+	requestDataBody := bytes.NewReader(requestDataJSON)
+	request, err := http.NewRequest(
+		"POST",
+		"http://localhost:9090/api/v1/user/"+userName+"/service-account-credentials",
+		requestDataBody,
+	)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	response, err := client.Do(request)
+	return response, err
+}
+
+func ReturnsAListOfServiceAccountsForAUser(userName string) (*http.Response, error) {
+	userName = base64.StdEncoding.EncodeToString([]byte(userName))
+	/*
+		Helper function to return a list of service accounts for a user.
+		GET: {{baseUrl}}/user/:name/service-accounts
+	*/
+	client := &http.Client{
+		Timeout: 3 * time.Second,
+	}
+	request, err := http.NewRequest(
+		"GET",
+		"http://localhost:9090/api/v1/user/"+userName+"/service-accounts",
+		nil,
+	)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	response, err := client.Do(request)
+	return response, err
+}
+
+func AddGroup(group string, members []string) (*http.Response, error) {
+	/*
+		Helper function to add a group.
+	*/
+	client := &http.Client{
+		Timeout: 3 * time.Second,
+	}
+	requestDataAdd := map[string]interface{}{
+		"group":   group,
+		"members": members,
+	}
+	requestDataJSON, _ := json.Marshal(requestDataAdd)
+	requestDataBody := bytes.NewReader(requestDataJSON)
+	request, err := http.NewRequest(
+		"POST",
+		"http://localhost:9090/api/v1/groups",
+		requestDataBody,
+	)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	response, err := client.Do(request)
+	return response, err
+}
+
+func UsersGroupsBulk(users, groups []string) (*http.Response, error) {
+	/*
+		Helper function to test Bulk functionality to Add Users to Groups.
+		PUT: {{baseUrl}}/users-groups-bulk
+		{
+			"users": [
+				"magna id",
+				"enim sit tempor incididunt"
+			],
+			"groups": [
+				"nisi est esse",
+				"fugiat eu"
+			]
+		}
+	*/
+	requestDataAdd := map[string]interface{}{
+		"users":  users,
+		"groups": groups,
+	}
+	requestDataJSON, _ := json.Marshal(requestDataAdd)
+	requestDataBody := bytes.NewReader(requestDataJSON)
+	request, err := http.NewRequest(
+		"PUT",
+		"http://localhost:9090/api/v1/users-groups-bulk",
+		requestDataBody,
+	)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
 func TestAddUser(t *testing.T) {
 	/*
 		This is an API Test to add a user via api/v1/users, the intention
@@ -196,20 +372,13 @@ func TestAddUser(t *testing.T) {
 	assert := assert.New(t)
 
 	// With no groups & no policies
-	var groups = []string{}
-	var policies = []string{}
-
-	fmt.Println(".................................TestAddUser(): Make the POST")
+	groups := []string{}
+	policies := []string{}
 	response, err := AddUser("accessKey", "secretKey", groups, policies)
 	if err != nil {
 		log.Println(err)
 		return
 	}
-	fmt.Println("..................................TestAddUser(): Verification")
-	fmt.Println(".................................TestAddUser(): POST response")
-	fmt.Println(response)
-	fmt.Println("....................................TestAddUser(): POST error")
-	fmt.Println(err)
 	if response != nil {
 		fmt.Println("POST StatusCode:", response.StatusCode)
 		assert.Equal(201, response.StatusCode, "Status Code is incorrect")
@@ -220,16 +389,10 @@ func TestAddUser(t *testing.T) {
 		log.Println(err)
 		return
 	}
-	fmt.Println("..................................TestAddUser(): Verification")
-	fmt.Println("...............................TestAddUser(): DELETE response")
-	fmt.Println(response)
-	fmt.Println("..................................TestAddUser(): DELETE error")
-	fmt.Println(err)
 	if response != nil {
 		fmt.Println("DELETE StatusCode:", response.StatusCode)
 		assert.Equal(204, response.StatusCode, "has to be 204 when delete user")
 	}
-
 }
 
 func TestListUsers(t *testing.T) {
@@ -243,14 +406,12 @@ func TestListUsers(t *testing.T) {
 	assert := assert.New(t)
 
 	// With no groups & no policies
-	var groups = []string{}
-	var policies = []string{}
+	groups := []string{}
+	policies := []string{}
 
 	// 1. Create the users
 	numberOfUsers := 5
 	for i := 1; i < numberOfUsers; i++ {
-		fmt.Println("............................TestListUsers(): Adding users")
-		fmt.Println(strconv.Itoa(i) + "accessKey" + strconv.Itoa(i))
 		response, err := AddUser(
 			strconv.Itoa(i)+"accessKey"+strconv.Itoa(i),
 			"secretKey"+strconv.Itoa(i), groups, policies)
@@ -258,11 +419,6 @@ func TestListUsers(t *testing.T) {
 			log.Println(err)
 			return
 		}
-		fmt.Println("............................TestListUsers(): Verification")
-		fmt.Println("...........................TestListUsers(): POST response")
-		fmt.Println(response)
-		fmt.Println("..............................TestListUsers(): POST error")
-		fmt.Println(err)
 		if response != nil {
 			fmt.Println("POST StatusCode:", response.StatusCode)
 			assert.Equal(201, response.StatusCode,
@@ -300,11 +456,6 @@ func TestListUsers(t *testing.T) {
 			log.Println(err)
 			return
 		}
-		fmt.Println("............................TestListUsers(): Verification")
-		fmt.Println(".........................TestListUsers(): DELETE response")
-		fmt.Println(response)
-		fmt.Println("............................TestListUsers(): DELETE error")
-		fmt.Println(err)
 		if response != nil {
 			fmt.Println("DELETE StatusCode:", response.StatusCode)
 			assert.Equal(204,
@@ -321,8 +472,8 @@ func TestGetUserInfo(t *testing.T) {
 	// 1. Create the user
 	fmt.Println("TestGetUserInfo(): 1. Create the user")
 	assert := assert.New(t)
-	var groups = []string{}
-	var policies = []string{}
+	groups := []string{}
+	policies := []string{}
 	response, err := AddUser("accessKey", "secretKey", groups, policies)
 	if err != nil {
 		log.Println(err)
@@ -366,8 +517,8 @@ func TestUpdateUserInfoSuccessfulResponse(t *testing.T) {
 	assert := assert.New(t)
 
 	// 1. Create an active user
-	var groups = []string{}
-	var policies = []string{}
+	groups := []string{}
+	policies := []string{}
 	addUserResponse, addUserError := AddUser(
 		"updateuser", "secretKey", groups, policies)
 	if addUserError != nil {
@@ -400,7 +551,6 @@ func TestUpdateUserInfoSuccessfulResponse(t *testing.T) {
 		log.Fatalln(err)
 	}
 	assert.True(strings.Contains(string(b), "disabled"))
-
 }
 
 func TestUpdateUserInfoGenericErrorResponse(t *testing.T) {
@@ -411,8 +561,8 @@ func TestUpdateUserInfoGenericErrorResponse(t *testing.T) {
 	assert := assert.New(t)
 
 	// 1. Create an active user
-	var groups = []string{}
-	var policies = []string{}
+	groups := []string{}
+	policies := []string{}
 	addUserResponse, addUserError := AddUser(
 		"updateusererror", "secretKey", groups, policies)
 	if addUserError != nil {
@@ -445,18 +595,18 @@ func TestUpdateUserInfoGenericErrorResponse(t *testing.T) {
 		log.Fatalln(err)
 	}
 	assert.True(strings.Contains(string(b), "status not valid"))
-
 }
 
 func TestRemoveUserSuccessfulResponse(t *testing.T) {
 	/*
 		To test removing a user from API
 	*/
+
 	assert := assert.New(t)
 
 	// 1. Create an active user
-	var groups = []string{}
-	var policies = []string{}
+	groups := []string{}
+	policies := []string{}
 	addUserResponse, addUserError := AddUser(
 		"testremoveuser1", "secretKey", groups, policies)
 	if addUserError != nil {
@@ -495,8 +645,275 @@ func TestRemoveUserSuccessfulResponse(t *testing.T) {
 			404, getUserInfoResponse.StatusCode, "Status Code is incorrect")
 	}
 	finalResponse := inspectHTTPResponse(getUserInfoResponse)
-	printMessage(finalResponse)
+	fmt.Println(finalResponse)
 	assert.True(strings.Contains(
 		finalResponse, "The specified user does not exist"), finalResponse)
-
+}
+
+func TestUpdateGroupsForAUser(t *testing.T) {
+	/*
+		To test Update Groups For a User End Point.
+	*/
+
+	// 1. Create the user
+	numberOfGroups := 3
+	groupName := "updategroupforausergroup"
+	userName := "updategroupsforauser1"
+	assert := assert.New(t)
+	groups := []string{}
+	policies := []string{}
+	response, err := AddUser(userName, "secretKey", groups, policies)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	if response != nil {
+		fmt.Println("StatusCode:", response.StatusCode)
+		assert.Equal(201, response.StatusCode, "Status Code is incorrect")
+	}
+
+	// 2. Update the groups of the created user with newGroups
+	newGroups := make([]string, 3)
+	for i := 0; i < numberOfGroups; i++ {
+		newGroups[i] = groupName + strconv.Itoa(i)
+	}
+	response, err = UpdateGroupsForAUser(userName, newGroups)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	if response != nil {
+		fmt.Println("StatusCode:", response.StatusCode)
+		assert.Equal(200, response.StatusCode, "Status Code is incorrect")
+	}
+
+	// 3. Verify the newGroups were updated accordingly
+	getUserInfoResponse, getUserInfoErr := GetUserInformation(userName)
+	if getUserInfoErr != nil {
+		log.Println(getUserInfoErr)
+		assert.Fail("There was an error in the response")
+		return
+	}
+	if getUserInfoResponse != nil {
+		fmt.Println("StatusCode:", getUserInfoResponse.StatusCode)
+		assert.Equal(
+			200, getUserInfoResponse.StatusCode, "Status Code is incorrect")
+	}
+	finalResponse := inspectHTTPResponse(getUserInfoResponse)
+	for i := 0; i < numberOfGroups; i++ {
+		assert.True(strings.Contains(
+			finalResponse, groupName+strconv.Itoa(i)), finalResponse)
+	}
+}
+
+func TestCreateServiceAccountForUser(t *testing.T) {
+	/*
+		To test creation of service account for a user.
+	*/
+
+	// Test's variables
+	userName := "testcreateserviceaccountforuser1"
+	assert := assert.New(t)
+	policy := ""
+
+	// 1. Create the user
+	groups := []string{}
+	policies := []string{}
+	response, err := AddUser(userName, "secretKey", groups, policies)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	if response != nil {
+		fmt.Println("StatusCode:", response.StatusCode)
+		assert.Equal(201, response.StatusCode, "Status Code is incorrect")
+	}
+
+	// 2. Create the service account for the user
+	createServiceAccountResponse,
+		createServiceAccountError := CreateServiceAccountForUser(
+		userName,
+		policy,
+	)
+	if createServiceAccountError != nil {
+		log.Println(createServiceAccountError)
+		assert.Fail("Error in createServiceAccountError")
+	}
+	if createServiceAccountResponse != nil {
+		fmt.Println("StatusCode:", createServiceAccountResponse.StatusCode)
+		assert.Equal(
+			201, createServiceAccountResponse.StatusCode,
+			inspectHTTPResponse(createServiceAccountResponse),
+		)
+	}
+
+	// 3. Verify the service account for the user
+	listOfAccountsResponse, listOfAccountsError := ReturnsAListOfServiceAccountsForAUser(userName)
+
+	fmt.Println(listOfAccountsResponse, listOfAccountsError)
+
+	if listOfAccountsError != nil {
+		log.Println(listOfAccountsError)
+		assert.Fail("Error in listOfAccountsError")
+	}
+	finalResponse := inspectHTTPResponse(listOfAccountsResponse)
+	if listOfAccountsResponse != nil {
+		fmt.Println("StatusCode:", listOfAccountsResponse.StatusCode)
+		assert.Equal(
+			200, listOfAccountsResponse.StatusCode,
+			finalResponse,
+		)
+	}
+}
+
+func TestUsersGroupsBulk(t *testing.T) {
+	/*
+		To test UsersGroupsBulk End Point
+	*/
+
+	// Vars
+	assert := assert.New(t)
+	numberOfUsers := 5
+	numberOfGroups := 1
+	// var groups = []string{}
+	policies := []string{}
+	username := "testusersgroupbulk"
+	groupName := "testusersgroupsbulkgroupone"
+	members := []string{}
+	users := make([]string, numberOfUsers)
+	groups := make([]string, numberOfGroups)
+
+	// 1. Create some users
+	for i := 0; i < numberOfUsers; i++ {
+		users[i] = username + strconv.Itoa(i)
+		response, err := AddUser(
+			users[i],
+			"secretKey"+strconv.Itoa(i), []string{}, policies)
+		if err != nil {
+			log.Println(err)
+			return
+		}
+		if response != nil {
+			fmt.Println("POST StatusCode:", response.StatusCode)
+			assert.Equal(201, response.StatusCode,
+				"Status Code is incorrect on index: "+strconv.Itoa(i))
+		}
+	}
+
+	// 2. Create a group with no members
+	responseAddGroup, errorAddGroup := AddGroup(groupName, members)
+	if errorAddGroup != nil {
+		log.Println(errorAddGroup)
+		return
+	}
+	finalResponse := inspectHTTPResponse(responseAddGroup)
+	if responseAddGroup != nil {
+		fmt.Println("POST StatusCode:", responseAddGroup.StatusCode)
+		assert.Equal(
+			201,
+			responseAddGroup.StatusCode,
+			finalResponse,
+		)
+	}
+
+	// 3. Add users to the group
+	groups[0] = groupName
+	responseUsersGroupsBulk, errorUsersGroupsBulk := UsersGroupsBulk(
+		users,
+		groups,
+	)
+	if errorUsersGroupsBulk != nil {
+		log.Println(errorUsersGroupsBulk)
+		return
+	}
+	finalResponse = inspectHTTPResponse(responseUsersGroupsBulk)
+	if responseUsersGroupsBulk != nil {
+		fmt.Println("POST StatusCode:", responseUsersGroupsBulk.StatusCode)
+		assert.Equal(
+			200,
+			responseUsersGroupsBulk.StatusCode,
+			finalResponse,
+		)
+	}
+
+	// 4. Verify users got added to the group
+	for i := 0; i < numberOfUsers; i++ {
+		responseGetUserInfo, errGetUserInfo := GetUserInformation(
+			username + strconv.Itoa(i),
+		)
+		if errGetUserInfo != nil {
+			log.Println(errGetUserInfo)
+			assert.Fail("There was an error in the response")
+			return
+		}
+		finalResponse = inspectHTTPResponse(responseGetUserInfo)
+		if responseGetUserInfo != nil {
+			assert.Equal(200, responseGetUserInfo.StatusCode, finalResponse)
+		}
+		// Make sure the user belongs to the created group
+		assert.True(strings.Contains(finalResponse, groupName))
+	}
+}
+
+func Test_GetUserPolicyAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	// 1. Create an active user with valid policy
+	groups := []string{}
+	policies := []string{"readwrite"}
+	addUserResponse, addUserError := AddUser(
+		"getpolicyuser", "secretKey", groups, policies)
+	if addUserError != nil {
+		log.Println(addUserError)
+		return
+	}
+	if addUserResponse != nil {
+		fmt.Println("StatusCode:", addUserResponse.StatusCode)
+		assert.Equal(
+			201, addUserResponse.StatusCode, "Status Code is incorrect")
+	}
+
+	type args struct {
+		api string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "Get User Policies",
+			args: args{
+				api: "/user/policy",
+			},
+			expectedStatus: 200,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			request, err := http.NewRequest(
+				"GET", fmt.Sprintf("http://localhost:9090/api/v1%s", tt.args.api), nil)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
+			}
+		})
+	}
 }

k8s/boilerplate.go.txt

@@ -1,15 +0,0 @@
-// This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.

k8s/create-kind.sh

@@ -1,44 +0,0 @@
-#!/bin/bash
-
-# setup environment variables based on flags to see if we should build the docker containers again
-CONSOLE_DOCKER="true"
-
-# evaluate flags
-# `-m` for console
-
-
-while getopts ":m:" opt; do
-  case $opt in
-    m)
-	  CONSOLE_DOCKER="$OPTARG"
-      ;;
-    \?)
-      echo "Invalid option: -$OPTARG" >&2
-      exit 1
-      ;;
-    :)
-      echo "Option -$OPTARG requires an argument." >&2
-      exit 1
-      ;;
-  esac
-done
-
-echo "Provisioning Kind"
-kind create cluster  --config kind-cluster.yaml
-echo "Remove Master Taint"
-kubectl taint nodes --all node-role.kubernetes.io/master-
-echo "Install Contour"
-kubectl apply -f https://projectcontour.io/quickstart/contour.yaml
-kubectl patch daemonsets -n projectcontour envoy -p '{"spec":{"template":{"spec":{"nodeSelector":{"ingress-ready":"true"},"tolerations":[{"key":"node-role.kubernetes.io/master","operator":"Equal","effect":"NoSchedule"}]}}}}'
-echo "install metrics server"
-kubectl apply -f metrics-dev.yaml
-
-# Whether or not to build the m3 container and load it to kind or just load it
-if [[ $CONSOLE_DOCKER == "true" ]]; then
-	# Build mkube
-  make --directory=".." k8sdev TAG=minio/console:latest
-else
-	kind load docker-image minio/console:latest
-fi
-
-echo "done"

k8s/kind-cluster.yaml

@@ -1,22 +0,0 @@
-# three node (two workers) cluster config
-kind: Cluster
-apiVersion: kind.x-k8s.io/v1alpha4
-nodes:
-- role: control-plane
-  kubeadmConfigPatches:
-  - |
-    kind: InitConfiguration
-    nodeRegistration:
-      kubeletExtraArgs:
-        node-labels: "ingress-ready=true"
-  extraPortMappings:
-    - containerPort: 80
-      hostPort: 8844
-      protocol: TCP
-    - containerPort: 443
-      hostPort: 8843
-      protocol: TCP
-#- role: worker
-#- role: worker
-#- role: worker
-#- role: worker

k8s/metrics-dev.yaml

@@ -1,153 +0,0 @@
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: system:aggregated-metrics-reader
-  labels:
-    rbac.authorization.k8s.io/aggregate-to-view: "true"
-    rbac.authorization.k8s.io/aggregate-to-edit: "true"
-    rbac.authorization.k8s.io/aggregate-to-admin: "true"
-rules:
-  - apiGroups: ["metrics.k8s.io"]
-    resources: ["pods", "nodes"]
-    verbs: ["get", "list", "watch"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: metrics-server:system:auth-delegator
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: system:auth-delegator
-subjects:
-  - kind: ServiceAccount
-    name: metrics-server
-    namespace: kube-system
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: metrics-server-auth-reader
-  namespace: kube-system
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: extension-apiserver-authentication-reader
-subjects:
-  - kind: ServiceAccount
-    name: metrics-server
-    namespace: kube-system
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: system:metrics-server
-rules:
-  - apiGroups:
-      - ""
-    resources:
-      - pods
-      - nodes
-      - nodes/stats
-      - namespaces
-      - configmaps
-    verbs:
-      - get
-      - list
-      - watch
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: system:metrics-server
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: system:metrics-server
-subjects:
-  - kind: ServiceAccount
-    name: metrics-server
-    namespace: kube-system
----
-apiVersion: apiregistration.k8s.io/v1beta1
-kind: APIService
-metadata:
-  name: v1beta1.metrics.k8s.io
-spec:
-  service:
-    name: metrics-server
-    namespace: kube-system
-  group: metrics.k8s.io
-  version: v1beta1
-  insecureSkipTLSVerify: true
-  groupPriorityMinimum: 100
-  versionPriority: 100
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: metrics-server
-  namespace: kube-system
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: metrics-server
-  namespace: kube-system
-  labels:
-    kubernetes.io/name: "Metrics-server"
-    kubernetes.io/cluster-service: "true"
-spec:
-  selector:
-    k8s-app: metrics-server
-  ports:
-    - port: 443
-      protocol: TCP
-      targetPort: main-port
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: metrics-server
-  namespace: kube-system
-  labels:
-    k8s-app: metrics-server
-spec:
-  selector:
-    matchLabels:
-      k8s-app: metrics-server
-  template:
-    metadata:
-      name: metrics-server
-      labels:
-        k8s-app: metrics-server
-    spec:
-      serviceAccountName: metrics-server
-      volumes:
-        # mount in tmp so we can safely use from-scratch images and/or read-only containers
-        - name: tmp-dir
-          emptyDir: {}
-      containers:
-        - name: metrics-server
-          image: k8s.gcr.io/metrics-server-amd64:v0.3.6
-          args:
-            - --cert-dir=/tmp
-            - --secure-port=4443
-            - --kubelet-insecure-tls
-            - --kubelet-preferred-address-types=InternalIP
-          ports:
-            - name: main-port
-              containerPort: 4443
-              protocol: TCP
-          securityContext:
-            readOnlyRootFilesystem: true
-            runAsNonRoot: true
-            runAsUser: 1000
-          imagePullPolicy: Always
-          volumeMounts:
-            - name: tmp-dir
-              mountPath: /tmp
-      nodeSelector:
-        beta.kubernetes.io/os: linux
-        kubernetes.io/arch: "amd64"

k8s/operator-console/base/console-cluster-role-binding.yaml

@@ -1,12 +0,0 @@
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: console-sa-binding
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: console-sa-role
-subjects:
-  - kind: ServiceAccount
-    name: console-sa
-    namespace: default

k8s/operator-console/base/console-cluster-role.yaml

@@ -1,234 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: console-sa-role
-rules:
-  - apiGroups:
-      - ""
-    resources:
-      - secrets
-    verbs:
-      - get
-      - watch
-      - create
-      - list
-      - patch
-      - update
-      - deletecollection
-  - apiGroups:
-      - ""
-    resources:
-      - namespaces
-      - services
-      - events
-      - resourcequotas
-      - nodes
-    verbs:
-      - get
-      - watch
-      - create
-      - list
-      - patch
-  - apiGroups:
-      - ""
-    resources:
-      - pods
-    verbs:
-      - get
-      - watch
-      - create
-      - list
-      - patch
-      - delete
-      - deletecollection
-  - apiGroups:
-      - ""
-    resources:
-      - persistentvolumeclaims
-    verbs:
-      - deletecollection
-      - list
-      - get
-      - watch
-      - update
-  - apiGroups:
-      - "storage.k8s.io"
-    resources:
-      - storageclasses
-    verbs:
-      - get
-      - watch
-      - create
-      - list
-      - patch
-  - apiGroups:
-      - apps
-    resources:
-      - statefulsets
-      - deployments
-    verbs:
-      - get
-      - create
-      - list
-      - patch
-      - watch
-      - update
-      - delete
-  - apiGroups:
-      - batch
-    resources:
-      - jobs
-    verbs:
-      - get
-      - create
-      - list
-      - patch
-      - watch
-      - update
-      - delete
-  - apiGroups:
-      - "certificates.k8s.io"
-    resources:
-      - "certificatesigningrequests"
-      - "certificatesigningrequests/approval"
-      - "certificatesigningrequests/status"
-    verbs:
-      - update
-      - create
-      - get
-  - apiGroups:
-      - minio.min.io
-    resources:
-      - "*"
-    verbs:
-      - "*"
-  - apiGroups:
-      - min.io
-    resources:
-      - "*"
-    verbs:
-      - "*"
-  - apiGroups:
-    - ""
-    resources:
-    - persistentvolumes
-    verbs:
-    - get
-    - list
-    - watch
-    - create
-    - delete
-  - apiGroups:
-    - ""
-    resources:
-    - persistentvolumeclaims
-    verbs:
-    - get
-    - list
-    - watch
-    - update
-  - apiGroups:
-    - ""
-    resources:
-    - events
-    verbs:
-    - create
-    - list
-    - watch
-    - update
-    - patch
-  - apiGroups:
-    - snapshot.storage.k8s.io
-    resources:
-    - volumesnapshots
-    verbs:
-    - get
-    - list
-  - apiGroups:
-    - snapshot.storage.k8s.io
-    resources:
-    - volumesnapshotcontents
-    verbs:
-    - get
-    - list
-  - apiGroups:
-    - storage.k8s.io
-    resources:
-    - csinodes
-    verbs:
-    - get
-    - list
-    - watch
-  - apiGroups:
-    - storage.k8s.io
-    resources:
-    - volumeattachments
-    verbs:
-    - get
-    - list
-    - watch
-  - apiGroups:
-    - ""
-    resources:
-    - endpoints
-    verbs:
-    - get
-    - list
-    - watch
-    - create
-    - update
-    - delete
-  - apiGroups:
-    - coordination.k8s.io
-    resources:
-    - leases
-    verbs:
-    - get
-    - list
-    - watch
-    - create
-    - update
-    - delete
-  - apiGroups:
-    - direct.csi.min.io
-    resources:
-    - volumes
-    verbs:
-    - get
-    - list
-    - watch
-    - create
-    - update
-    - delete
-  - apiGroups:
-    - apiextensions.k8s.io
-    resources:
-    - customresourcedefinitions
-    verbs:
-    - get
-    - list
-    - watch
-    - create
-    - update
-    - delete
-  - apiGroups:
-    - direct.csi.min.io
-    resources:
-    - directcsidrives
-    - directcsivolumes
-    verbs:
-    - get
-    - list
-    - watch
-    - create
-    - update
-    - delete
-  - apiGroups:
-    - ""
-    resources:
-    - pod
-    - pods/log
-    verbs:
-    - get
-    - list
-    - watch

k8s/operator-console/base/console-configmap.yaml

@@ -1,7 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: console-env
-data:
-  CONSOLE_PORT: "9090"
-  CONSOLE_TLS_PORT: "9443"

k8s/operator-console/base/console-deployment.yaml

@@ -1,29 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: console
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: console
-  template:
-    metadata:
-      labels:
-        app: console
-    spec:
-      serviceAccountName: console-sa
-      containers:
-        - name: console
-          image: minio/console:v0.14.0
-          imagePullPolicy: "IfNotPresent"
-          env:
-            - name: CONSOLE_OPERATOR_MODE
-              value: "on"
-          args:
-            - server
-          ports:
-            - containerPort: 9090
-              name: http
-            - containerPort: 9433
-              name: https

k8s/operator-console/base/console-service-account.yaml

@@ -1,5 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: console-sa
-  namespace: default

k8s/operator-console/base/console-service.yaml

@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: console
-  labels:
-    name: console
-spec:
-  ports:
-    - port: 9090
-      name: http
-    - port: 9443
-      name: https
-  selector:
-    app: console

k8s/operator-console/base/kustomization.yaml

@@ -1,10 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-# beginning of customizations
-resources:
-  - console-service-account.yaml
-  - console-cluster-role.yaml
-  - console-cluster-role-binding.yaml
-  - console-configmap.yaml
-  - console-service.yaml
-  - console-deployment.yaml

k8s/operator-console/standalone/console-deployment.yaml

@@ -1,46 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: console
-  namespace: default
-  labels:
-    name: console
-spec:
-  ports:
-    - port: 9090
-      name: http
-    - port: 9443
-      name: https
-  selector:
-    app: console-standalone
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: console
-  namespace: default
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: console-standalone
-  template:
-    metadata:
-      labels:
-        app: console-standalone
-    spec:
-      containers:
-        - name: console
-          image: minio/console:v0.14.0
-          imagePullPolicy: "IfNotPresent"
-          env:
-            - name: CONSOLE_MINIO_SERVER
-              value: "https://minio.default.svc.cluster.local"
-          args:
-            - server
-          ports:
-            - containerPort: 9090
-              name: http
-            - containerPort: 9433
-              name: https

k8s/tools.go

@@ -1,20 +0,0 @@
-// This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-// Package k8s - this package imports things required by build scripts, to force `go mod` to see them as dependencies
-package k8s
-
-// import _ "k8s.io/code-generator"

k8s/update-codegen.sh

@@ -1,35 +0,0 @@
-#!/usr/bin/env bash
-
-# Copyright 2017 The Kubernetes Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-set -o errexit
-set -o nounset
-set -o pipefail
-
-SCRIPT_ROOT=$(dirname "${BASH_SOURCE[0]}")/..
-CODEGEN_PKG=${CODEGEN_PKG:-$(cd "${SCRIPT_ROOT}"; ls -d -1 ./vendor/k8s.io/code-generator 2>/dev/null || echo ../code-generator)}
-
-# generate the code with:
-# --output-base    because this script should also be able to run inside the vendor dir of
-#                  k8s.io/kubernetes. The output-base is needed for the generators to output into the vendor dir
-#                  instead of the $GOPATH directly. For normal projects this can be dropped.
-bash "${CODEGEN_PKG}"/generate-groups.sh "all" \
-  github.com/minio/console/pkg/generated \
-  github.com/minio/console/pkg/apis \
-  mkube:v1 \
-  --go-header-file "${SCRIPT_ROOT}"/k8s/boilerplate.go.txt
-
-# To use your own boilerplate text append:
-#   --go-header-file "${SCRIPT_ROOT}"/hack/custom-boilerplate.go.txt

models/a_user_policy_response.go

@@ -0,0 +1,67 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2023 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// AUserPolicyResponse a user policy response
+//
+// swagger:model aUserPolicyResponse
+type AUserPolicyResponse struct {
+
+	// policy
+	Policy string `json:"policy,omitempty"`
+}
+
+// Validate validates this a user policy response
+func (m *AUserPolicyResponse) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this a user policy response based on context it is used
+func (m *AUserPolicyResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *AUserPolicyResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *AUserPolicyResponse) UnmarshalBinary(b []byte) error {
+	var res AUserPolicyResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/access_rule.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by

models/account_change_password_request.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by

models/add_bucket_lifecycle.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -24,9 +24,12 @@ package models
 
 import (
 	"context"
+	"encoding/json"
 
+	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
 )
 
 // AddBucketLifecycle add bucket lifecycle
@@ -40,12 +43,12 @@ type AddBucketLifecycle struct {
 	// Non required, toggle to disable or enable rule
 	ExpiredObjectDeleteMarker bool `json:"expired_object_delete_marker,omitempty"`
 
-	// Required in case of expiry_days or transition fields are not set. it defines an expiry date for ILM
-	ExpiryDate string `json:"expiry_date,omitempty"`
-
 	// Required in case of expiry_date or transition fields are not set. it defines an expiry days for ILM
 	ExpiryDays int32 `json:"expiry_days,omitempty"`
 
+	// Non required, can be set in case of expiration is enabled
+	NewerNoncurrentversionExpirationVersions int32 `json:"newer_noncurrentversion_expiration_versions,omitempty"`
+
 	// Non required, can be set in case of expiration is enabled
 	NoncurrentversionExpirationDays int32 `json:"noncurrentversion_expiration_days,omitempty"`
 
@@ -64,15 +67,67 @@ type AddBucketLifecycle struct {
 	// Non required field, tags to match ILM files
 	Tags string `json:"tags,omitempty"`
 
-	// Required in case of transition_days or expiry fields are not set. it defines a transition date for ILM
-	TransitionDate string `json:"transition_date,omitempty"`
-
 	// Required in case of transition_date or expiry fields are not set. it defines a transition days for ILM
 	TransitionDays int32 `json:"transition_days,omitempty"`
+
+	// ILM Rule type (Expiry or transition)
+	// Enum: [expiry transition]
+	Type string `json:"type,omitempty"`
 }
 
 // Validate validates this add bucket lifecycle
 func (m *AddBucketLifecycle) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateType(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+var addBucketLifecycleTypeTypePropEnum []interface{}
+
+func init() {
+	var res []string
+	if err := json.Unmarshal([]byte(`["expiry","transition"]`), &res); err != nil {
+		panic(err)
+	}
+	for _, v := range res {
+		addBucketLifecycleTypeTypePropEnum = append(addBucketLifecycleTypeTypePropEnum, v)
+	}
+}
+
+const (
+
+	// AddBucketLifecycleTypeExpiry captures enum value "expiry"
+	AddBucketLifecycleTypeExpiry string = "expiry"
+
+	// AddBucketLifecycleTypeTransition captures enum value "transition"
+	AddBucketLifecycleTypeTransition string = "transition"
+)
+
+// prop value enum
+func (m *AddBucketLifecycle) validateTypeEnum(path, location string, value string) error {
+	if err := validate.EnumCase(path, location, value, addBucketLifecycleTypeTypePropEnum, true); err != nil {
+		return err
+	}
+	return nil
+}
+
+func (m *AddBucketLifecycle) validateType(formats strfmt.Registry) error {
+	if swag.IsZero(m.Type) { // not required
+		return nil
+	}
+
+	// value enum
+	if err := m.validateTypeEnum("type", "body", m.Type); err != nil {
+		return err
+	}
+
 	return nil
 }
 

models/add_bucket_replication.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by

models/add_group_request.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by

models/add_multi_bucket_lifecycle.go

@@ -0,0 +1,168 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2023 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"encoding/json"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
+// AddMultiBucketLifecycle add multi bucket lifecycle
+//
+// swagger:model addMultiBucketLifecycle
+type AddMultiBucketLifecycle struct {
+
+	// buckets
+	// Required: true
+	Buckets []string `json:"buckets"`
+
+	// Non required, toggle to disable or enable rule
+	ExpiredObjectDeleteMarker bool `json:"expired_object_delete_marker,omitempty"`
+
+	// Required in case of expiry_date or transition fields are not set. it defines an expiry days for ILM
+	ExpiryDays int32 `json:"expiry_days,omitempty"`
+
+	// Non required, can be set in case of expiration is enabled
+	NoncurrentversionExpirationDays int32 `json:"noncurrentversion_expiration_days,omitempty"`
+
+	// Non required, can be set in case of transition is enabled
+	NoncurrentversionTransitionDays int32 `json:"noncurrentversion_transition_days,omitempty"`
+
+	// Non required, can be set in case of transition is enabled
+	NoncurrentversionTransitionStorageClass string `json:"noncurrentversion_transition_storage_class,omitempty"`
+
+	// Non required field, it matches a prefix to perform ILM operations on it
+	Prefix string `json:"prefix,omitempty"`
+
+	// Required only in case of transition is set. it refers to a tier
+	StorageClass string `json:"storage_class,omitempty"`
+
+	// Non required field, tags to match ILM files
+	Tags string `json:"tags,omitempty"`
+
+	// Required in case of transition_date or expiry fields are not set. it defines a transition days for ILM
+	TransitionDays int32 `json:"transition_days,omitempty"`
+
+	// ILM Rule type (Expiry or transition)
+	// Required: true
+	// Enum: [expiry transition]
+	Type *string `json:"type"`
+}
+
+// Validate validates this add multi bucket lifecycle
+func (m *AddMultiBucketLifecycle) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateBuckets(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateType(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *AddMultiBucketLifecycle) validateBuckets(formats strfmt.Registry) error {
+
+	if err := validate.Required("buckets", "body", m.Buckets); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+var addMultiBucketLifecycleTypeTypePropEnum []interface{}
+
+func init() {
+	var res []string
+	if err := json.Unmarshal([]byte(`["expiry","transition"]`), &res); err != nil {
+		panic(err)
+	}
+	for _, v := range res {
+		addMultiBucketLifecycleTypeTypePropEnum = append(addMultiBucketLifecycleTypeTypePropEnum, v)
+	}
+}
+
+const (
+
+	// AddMultiBucketLifecycleTypeExpiry captures enum value "expiry"
+	AddMultiBucketLifecycleTypeExpiry string = "expiry"
+
+	// AddMultiBucketLifecycleTypeTransition captures enum value "transition"
+	AddMultiBucketLifecycleTypeTransition string = "transition"
+)
+
+// prop value enum
+func (m *AddMultiBucketLifecycle) validateTypeEnum(path, location string, value string) error {
+	if err := validate.EnumCase(path, location, value, addMultiBucketLifecycleTypeTypePropEnum, true); err != nil {
+		return err
+	}
+	return nil
+}
+
+func (m *AddMultiBucketLifecycle) validateType(formats strfmt.Registry) error {
+
+	if err := validate.Required("type", "body", m.Type); err != nil {
+		return err
+	}
+
+	// value enum
+	if err := m.validateTypeEnum("type", "body", *m.Type); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ContextValidate validates this add multi bucket lifecycle based on context it is used
+func (m *AddMultiBucketLifecycle) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *AddMultiBucketLifecycle) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *AddMultiBucketLifecycle) UnmarshalBinary(b []byte) error {
+	var res AddMultiBucketLifecycle
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/add_policy_request.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by

models/add_user_request.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by

models/admin_info_response.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -24,11 +24,13 @@ package models
 
 import (
 	"context"
+	"encoding/json"
 	"strconv"
 
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
 )
 
 // AdminInfoResponse admin info response
@@ -36,15 +38,19 @@ import (
 // swagger:model adminInfoResponse
 type AdminInfoResponse struct {
 
+	// advanced metrics status
+	// Enum: [not configured available unavailable]
+	AdvancedMetricsStatus string `json:"advancedMetricsStatus,omitempty"`
+
+	// backend
+	Backend *BackendProperties `json:"backend,omitempty"`
+
 	// buckets
 	Buckets int64 `json:"buckets,omitempty"`
 
 	// objects
 	Objects int64 `json:"objects,omitempty"`
 
-	// prometheus not ready
-	PrometheusNotReady bool `json:"prometheusNotReady,omitempty"`
-
 	// servers
 	Servers []*ServerProperties `json:"servers"`
 
@@ -59,6 +65,14 @@ type AdminInfoResponse struct {
 func (m *AdminInfoResponse) Validate(formats strfmt.Registry) error {
 	var res []error
 
+	if err := m.validateAdvancedMetricsStatus(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateBackend(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateServers(formats); err != nil {
 		res = append(res, err)
 	}
@@ -73,6 +87,70 @@ func (m *AdminInfoResponse) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
+var adminInfoResponseTypeAdvancedMetricsStatusPropEnum []interface{}
+
+func init() {
+	var res []string
+	if err := json.Unmarshal([]byte(`["not configured","available","unavailable"]`), &res); err != nil {
+		panic(err)
+	}
+	for _, v := range res {
+		adminInfoResponseTypeAdvancedMetricsStatusPropEnum = append(adminInfoResponseTypeAdvancedMetricsStatusPropEnum, v)
+	}
+}
+
+const (
+
+	// AdminInfoResponseAdvancedMetricsStatusNotConfigured captures enum value "not configured"
+	AdminInfoResponseAdvancedMetricsStatusNotConfigured string = "not configured"
+
+	// AdminInfoResponseAdvancedMetricsStatusAvailable captures enum value "available"
+	AdminInfoResponseAdvancedMetricsStatusAvailable string = "available"
+
+	// AdminInfoResponseAdvancedMetricsStatusUnavailable captures enum value "unavailable"
+	AdminInfoResponseAdvancedMetricsStatusUnavailable string = "unavailable"
+)
+
+// prop value enum
+func (m *AdminInfoResponse) validateAdvancedMetricsStatusEnum(path, location string, value string) error {
+	if err := validate.EnumCase(path, location, value, adminInfoResponseTypeAdvancedMetricsStatusPropEnum, true); err != nil {
+		return err
+	}
+	return nil
+}
+
+func (m *AdminInfoResponse) validateAdvancedMetricsStatus(formats strfmt.Registry) error {
+	if swag.IsZero(m.AdvancedMetricsStatus) { // not required
+		return nil
+	}
+
+	// value enum
+	if err := m.validateAdvancedMetricsStatusEnum("advancedMetricsStatus", "body", m.AdvancedMetricsStatus); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *AdminInfoResponse) validateBackend(formats strfmt.Registry) error {
+	if swag.IsZero(m.Backend) { // not required
+		return nil
+	}
+
+	if m.Backend != nil {
+		if err := m.Backend.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("backend")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("backend")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 func (m *AdminInfoResponse) validateServers(formats strfmt.Registry) error {
 	if swag.IsZero(m.Servers) { // not required
 		return nil
@@ -129,6 +207,10 @@ func (m *AdminInfoResponse) validateWidgets(formats strfmt.Registry) error {
 func (m *AdminInfoResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
 
+	if err := m.contextValidateBackend(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.contextValidateServers(ctx, formats); err != nil {
 		res = append(res, err)
 	}
@@ -143,11 +225,37 @@ func (m *AdminInfoResponse) ContextValidate(ctx context.Context, formats strfmt.
 	return nil
 }
 
+func (m *AdminInfoResponse) contextValidateBackend(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.Backend != nil {
+
+		if swag.IsZero(m.Backend) { // not required
+			return nil
+		}
+
+		if err := m.Backend.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("backend")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("backend")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 func (m *AdminInfoResponse) contextValidateServers(ctx context.Context, formats strfmt.Registry) error {
 
 	for i := 0; i < len(m.Servers); i++ {
 
 		if m.Servers[i] != nil {
+
+			if swag.IsZero(m.Servers[i]) { // not required
+				return nil
+			}
+
 			if err := m.Servers[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("servers" + "." + strconv.Itoa(i))
@@ -168,6 +276,11 @@ func (m *AdminInfoResponse) contextValidateWidgets(ctx context.Context, formats
 	for i := 0; i < len(m.Widgets); i++ {
 
 		if m.Widgets[i] != nil {
+
+			if swag.IsZero(m.Widgets[i]) { // not required
+				return nil
+			}
+
 			if err := m.Widgets[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("widgets" + "." + strconv.Itoa(i))

models/allocatable_resources_response.go

@@ -1,173 +0,0 @@
-// Code generated by go-swagger; DO NOT EDIT.
-
-// This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-//
-
-package models
-
-// This file was generated by the swagger tool.
-// Editing this file might prove futile when you re-run the swagger generate command
-
-import (
-	"context"
-
-	"github.com/go-openapi/errors"
-	"github.com/go-openapi/strfmt"
-	"github.com/go-openapi/swag"
-)
-
-// AllocatableResourcesResponse allocatable resources response
-//
-// swagger:model allocatableResourcesResponse
-type AllocatableResourcesResponse struct {
-
-	// cpu priority
-	CPUPriority *NodeMaxAllocatableResources `json:"cpu_priority,omitempty"`
-
-	// mem priority
-	MemPriority *NodeMaxAllocatableResources `json:"mem_priority,omitempty"`
-
-	// min allocatable cpu
-	MinAllocatableCPU int64 `json:"min_allocatable_cpu,omitempty"`
-
-	// min allocatable mem
-	MinAllocatableMem int64 `json:"min_allocatable_mem,omitempty"`
-}
-
-// Validate validates this allocatable resources response
-func (m *AllocatableResourcesResponse) Validate(formats strfmt.Registry) error {
-	var res []error
-
-	if err := m.validateCPUPriority(formats); err != nil {
-		res = append(res, err)
-	}
-
-	if err := m.validateMemPriority(formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-func (m *AllocatableResourcesResponse) validateCPUPriority(formats strfmt.Registry) error {
-	if swag.IsZero(m.CPUPriority) { // not required
-		return nil
-	}
-
-	if m.CPUPriority != nil {
-		if err := m.CPUPriority.Validate(formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("cpu_priority")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("cpu_priority")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
-func (m *AllocatableResourcesResponse) validateMemPriority(formats strfmt.Registry) error {
-	if swag.IsZero(m.MemPriority) { // not required
-		return nil
-	}
-
-	if m.MemPriority != nil {
-		if err := m.MemPriority.Validate(formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("mem_priority")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("mem_priority")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
-// ContextValidate validate this allocatable resources response based on the context it is used
-func (m *AllocatableResourcesResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
-	var res []error
-
-	if err := m.contextValidateCPUPriority(ctx, formats); err != nil {
-		res = append(res, err)
-	}
-
-	if err := m.contextValidateMemPriority(ctx, formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-func (m *AllocatableResourcesResponse) contextValidateCPUPriority(ctx context.Context, formats strfmt.Registry) error {
-
-	if m.CPUPriority != nil {
-		if err := m.CPUPriority.ContextValidate(ctx, formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("cpu_priority")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("cpu_priority")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
-func (m *AllocatableResourcesResponse) contextValidateMemPriority(ctx context.Context, formats strfmt.Registry) error {
-
-	if m.MemPriority != nil {
-		if err := m.MemPriority.ContextValidate(ctx, formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("mem_priority")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("mem_priority")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
-// MarshalBinary interface implementation
-func (m *AllocatableResourcesResponse) MarshalBinary() ([]byte, error) {
-	if m == nil {
-		return nil, nil
-	}
-	return swag.WriteJSON(m)
-}
-
-// UnmarshalBinary interface implementation
-func (m *AllocatableResourcesResponse) UnmarshalBinary(b []byte) error {
-	var res AllocatableResourcesResponse
-	if err := swag.ReadJSON(b, &res); err != nil {
-		return err
-	}
-	*m = res
-	return nil
-}

models/annotation.go

@@ -1,70 +0,0 @@
-// Code generated by go-swagger; DO NOT EDIT.
-
-// This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-//
-
-package models
-
-// This file was generated by the swagger tool.
-// Editing this file might prove futile when you re-run the swagger generate command
-
-import (
-	"context"
-
-	"github.com/go-openapi/strfmt"
-	"github.com/go-openapi/swag"
-)
-
-// Annotation annotation
-//
-// swagger:model annotation
-type Annotation struct {
-
-	// key
-	Key string `json:"key,omitempty"`
-
-	// value
-	Value string `json:"value,omitempty"`
-}
-
-// Validate validates this annotation
-func (m *Annotation) Validate(formats strfmt.Registry) error {
-	return nil
-}
-
-// ContextValidate validates this annotation based on context it is used
-func (m *Annotation) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
-	return nil
-}
-
-// MarshalBinary interface implementation
-func (m *Annotation) MarshalBinary() ([]byte, error) {
-	if m == nil {
-		return nil, nil
-	}
-	return swag.WriteJSON(m)
-}
-
-// UnmarshalBinary interface implementation
-func (m *Annotation) UnmarshalBinary(b []byte) error {
-	var res Annotation
-	if err := swag.ReadJSON(b, &res); err != nil {
-		return err
-	}
-	*m = res
-	return nil
-}

models/api_error.go

@@ -0,0 +1,70 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2023 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// APIError Api error
+//
+// swagger:model ApiError
+type APIError struct {
+
+	// detailed message
+	DetailedMessage string `json:"detailedMessage,omitempty"`
+
+	// message
+	Message string `json:"message,omitempty"`
+}
+
+// Validate validates this Api error
+func (m *APIError) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this Api error based on context it is used
+func (m *APIError) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *APIError) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *APIError) UnmarshalBinary(b []byte) error {
+	var res APIError
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/api_key.go

@@ -0,0 +1,67 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2023 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// APIKey api key
+//
+// swagger:model apiKey
+type APIKey struct {
+
+	// api key
+	APIKey string `json:"apiKey,omitempty"`
+}
+
+// Validate validates this api key
+func (m *APIKey) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this api key based on context it is used
+func (m *APIKey) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *APIKey) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *APIKey) UnmarshalBinary(b []byte) error {
+	var res APIKey
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/arns_response.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by

models/aws_configuration.go

@@ -1,329 +0,0 @@
-// Code generated by go-swagger; DO NOT EDIT.
-
-// This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-//
-
-package models
-
-// This file was generated by the swagger tool.
-// Editing this file might prove futile when you re-run the swagger generate command
-
-import (
-	"context"
-
-	"github.com/go-openapi/errors"
-	"github.com/go-openapi/strfmt"
-	"github.com/go-openapi/swag"
-	"github.com/go-openapi/validate"
-)
-
-// AwsConfiguration aws configuration
-//
-// swagger:model awsConfiguration
-type AwsConfiguration struct {
-
-	// secretsmanager
-	// Required: true
-	Secretsmanager *AwsConfigurationSecretsmanager `json:"secretsmanager"`
-}
-
-// Validate validates this aws configuration
-func (m *AwsConfiguration) Validate(formats strfmt.Registry) error {
-	var res []error
-
-	if err := m.validateSecretsmanager(formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-func (m *AwsConfiguration) validateSecretsmanager(formats strfmt.Registry) error {
-
-	if err := validate.Required("secretsmanager", "body", m.Secretsmanager); err != nil {
-		return err
-	}
-
-	if m.Secretsmanager != nil {
-		if err := m.Secretsmanager.Validate(formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("secretsmanager")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("secretsmanager")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
-// ContextValidate validate this aws configuration based on the context it is used
-func (m *AwsConfiguration) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
-	var res []error
-
-	if err := m.contextValidateSecretsmanager(ctx, formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-func (m *AwsConfiguration) contextValidateSecretsmanager(ctx context.Context, formats strfmt.Registry) error {
-
-	if m.Secretsmanager != nil {
-		if err := m.Secretsmanager.ContextValidate(ctx, formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("secretsmanager")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("secretsmanager")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
-// MarshalBinary interface implementation
-func (m *AwsConfiguration) MarshalBinary() ([]byte, error) {
-	if m == nil {
-		return nil, nil
-	}
-	return swag.WriteJSON(m)
-}
-
-// UnmarshalBinary interface implementation
-func (m *AwsConfiguration) UnmarshalBinary(b []byte) error {
-	var res AwsConfiguration
-	if err := swag.ReadJSON(b, &res); err != nil {
-		return err
-	}
-	*m = res
-	return nil
-}
-
-// AwsConfigurationSecretsmanager aws configuration secretsmanager
-//
-// swagger:model AwsConfigurationSecretsmanager
-type AwsConfigurationSecretsmanager struct {
-
-	// credentials
-	// Required: true
-	Credentials *AwsConfigurationSecretsmanagerCredentials `json:"credentials"`
-
-	// endpoint
-	// Required: true
-	Endpoint *string `json:"endpoint"`
-
-	// kmskey
-	Kmskey string `json:"kmskey,omitempty"`
-
-	// region
-	// Required: true
-	Region *string `json:"region"`
-}
-
-// Validate validates this aws configuration secretsmanager
-func (m *AwsConfigurationSecretsmanager) Validate(formats strfmt.Registry) error {
-	var res []error
-
-	if err := m.validateCredentials(formats); err != nil {
-		res = append(res, err)
-	}
-
-	if err := m.validateEndpoint(formats); err != nil {
-		res = append(res, err)
-	}
-
-	if err := m.validateRegion(formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-func (m *AwsConfigurationSecretsmanager) validateCredentials(formats strfmt.Registry) error {
-
-	if err := validate.Required("secretsmanager"+"."+"credentials", "body", m.Credentials); err != nil {
-		return err
-	}
-
-	if m.Credentials != nil {
-		if err := m.Credentials.Validate(formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("secretsmanager" + "." + "credentials")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("secretsmanager" + "." + "credentials")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
-func (m *AwsConfigurationSecretsmanager) validateEndpoint(formats strfmt.Registry) error {
-
-	if err := validate.Required("secretsmanager"+"."+"endpoint", "body", m.Endpoint); err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (m *AwsConfigurationSecretsmanager) validateRegion(formats strfmt.Registry) error {
-
-	if err := validate.Required("secretsmanager"+"."+"region", "body", m.Region); err != nil {
-		return err
-	}
-
-	return nil
-}
-
-// ContextValidate validate this aws configuration secretsmanager based on the context it is used
-func (m *AwsConfigurationSecretsmanager) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
-	var res []error
-
-	if err := m.contextValidateCredentials(ctx, formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-func (m *AwsConfigurationSecretsmanager) contextValidateCredentials(ctx context.Context, formats strfmt.Registry) error {
-
-	if m.Credentials != nil {
-		if err := m.Credentials.ContextValidate(ctx, formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("secretsmanager" + "." + "credentials")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("secretsmanager" + "." + "credentials")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
-// MarshalBinary interface implementation
-func (m *AwsConfigurationSecretsmanager) MarshalBinary() ([]byte, error) {
-	if m == nil {
-		return nil, nil
-	}
-	return swag.WriteJSON(m)
-}
-
-// UnmarshalBinary interface implementation
-func (m *AwsConfigurationSecretsmanager) UnmarshalBinary(b []byte) error {
-	var res AwsConfigurationSecretsmanager
-	if err := swag.ReadJSON(b, &res); err != nil {
-		return err
-	}
-	*m = res
-	return nil
-}
-
-// AwsConfigurationSecretsmanagerCredentials aws configuration secretsmanager credentials
-//
-// swagger:model AwsConfigurationSecretsmanagerCredentials
-type AwsConfigurationSecretsmanagerCredentials struct {
-
-	// accesskey
-	// Required: true
-	Accesskey *string `json:"accesskey"`
-
-	// secretkey
-	// Required: true
-	Secretkey *string `json:"secretkey"`
-
-	// token
-	Token string `json:"token,omitempty"`
-}
-
-// Validate validates this aws configuration secretsmanager credentials
-func (m *AwsConfigurationSecretsmanagerCredentials) Validate(formats strfmt.Registry) error {
-	var res []error
-
-	if err := m.validateAccesskey(formats); err != nil {
-		res = append(res, err)
-	}
-
-	if err := m.validateSecretkey(formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-func (m *AwsConfigurationSecretsmanagerCredentials) validateAccesskey(formats strfmt.Registry) error {
-
-	if err := validate.Required("secretsmanager"+"."+"credentials"+"."+"accesskey", "body", m.Accesskey); err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (m *AwsConfigurationSecretsmanagerCredentials) validateSecretkey(formats strfmt.Registry) error {
-
-	if err := validate.Required("secretsmanager"+"."+"credentials"+"."+"secretkey", "body", m.Secretkey); err != nil {
-		return err
-	}
-
-	return nil
-}
-
-// ContextValidate validates this aws configuration secretsmanager credentials based on context it is used
-func (m *AwsConfigurationSecretsmanagerCredentials) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
-	return nil
-}
-
-// MarshalBinary interface implementation
-func (m *AwsConfigurationSecretsmanagerCredentials) MarshalBinary() ([]byte, error) {
-	if m == nil {
-		return nil, nil
-	}
-	return swag.WriteJSON(m)
-}
-
-// UnmarshalBinary interface implementation
-func (m *AwsConfigurationSecretsmanagerCredentials) UnmarshalBinary(b []byte) error {
-	var res AwsConfigurationSecretsmanagerCredentials
-	if err := swag.ReadJSON(b, &res); err != nil {
-		return err
-	}
-	*m = res
-	return nil
-}

models/azure_configuration.go

@@ -1,321 +0,0 @@
-// Code generated by go-swagger; DO NOT EDIT.
-
-// This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-//
-
-package models
-
-// This file was generated by the swagger tool.
-// Editing this file might prove futile when you re-run the swagger generate command
-
-import (
-	"context"
-
-	"github.com/go-openapi/errors"
-	"github.com/go-openapi/strfmt"
-	"github.com/go-openapi/swag"
-	"github.com/go-openapi/validate"
-)
-
-// AzureConfiguration azure configuration
-//
-// swagger:model azureConfiguration
-type AzureConfiguration struct {
-
-	// keyvault
-	// Required: true
-	Keyvault *AzureConfigurationKeyvault `json:"keyvault"`
-}
-
-// Validate validates this azure configuration
-func (m *AzureConfiguration) Validate(formats strfmt.Registry) error {
-	var res []error
-
-	if err := m.validateKeyvault(formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-func (m *AzureConfiguration) validateKeyvault(formats strfmt.Registry) error {
-
-	if err := validate.Required("keyvault", "body", m.Keyvault); err != nil {
-		return err
-	}
-
-	if m.Keyvault != nil {
-		if err := m.Keyvault.Validate(formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("keyvault")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("keyvault")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
-// ContextValidate validate this azure configuration based on the context it is used
-func (m *AzureConfiguration) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
-	var res []error
-
-	if err := m.contextValidateKeyvault(ctx, formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-func (m *AzureConfiguration) contextValidateKeyvault(ctx context.Context, formats strfmt.Registry) error {
-
-	if m.Keyvault != nil {
-		if err := m.Keyvault.ContextValidate(ctx, formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("keyvault")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("keyvault")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
-// MarshalBinary interface implementation
-func (m *AzureConfiguration) MarshalBinary() ([]byte, error) {
-	if m == nil {
-		return nil, nil
-	}
-	return swag.WriteJSON(m)
-}
-
-// UnmarshalBinary interface implementation
-func (m *AzureConfiguration) UnmarshalBinary(b []byte) error {
-	var res AzureConfiguration
-	if err := swag.ReadJSON(b, &res); err != nil {
-		return err
-	}
-	*m = res
-	return nil
-}
-
-// AzureConfigurationKeyvault azure configuration keyvault
-//
-// swagger:model AzureConfigurationKeyvault
-type AzureConfigurationKeyvault struct {
-
-	// credentials
-	Credentials *AzureConfigurationKeyvaultCredentials `json:"credentials,omitempty"`
-
-	// endpoint
-	// Required: true
-	Endpoint *string `json:"endpoint"`
-}
-
-// Validate validates this azure configuration keyvault
-func (m *AzureConfigurationKeyvault) Validate(formats strfmt.Registry) error {
-	var res []error
-
-	if err := m.validateCredentials(formats); err != nil {
-		res = append(res, err)
-	}
-
-	if err := m.validateEndpoint(formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-func (m *AzureConfigurationKeyvault) validateCredentials(formats strfmt.Registry) error {
-	if swag.IsZero(m.Credentials) { // not required
-		return nil
-	}
-
-	if m.Credentials != nil {
-		if err := m.Credentials.Validate(formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("keyvault" + "." + "credentials")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("keyvault" + "." + "credentials")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
-func (m *AzureConfigurationKeyvault) validateEndpoint(formats strfmt.Registry) error {
-
-	if err := validate.Required("keyvault"+"."+"endpoint", "body", m.Endpoint); err != nil {
-		return err
-	}
-
-	return nil
-}
-
-// ContextValidate validate this azure configuration keyvault based on the context it is used
-func (m *AzureConfigurationKeyvault) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
-	var res []error
-
-	if err := m.contextValidateCredentials(ctx, formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-func (m *AzureConfigurationKeyvault) contextValidateCredentials(ctx context.Context, formats strfmt.Registry) error {
-
-	if m.Credentials != nil {
-		if err := m.Credentials.ContextValidate(ctx, formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("keyvault" + "." + "credentials")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("keyvault" + "." + "credentials")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
-// MarshalBinary interface implementation
-func (m *AzureConfigurationKeyvault) MarshalBinary() ([]byte, error) {
-	if m == nil {
-		return nil, nil
-	}
-	return swag.WriteJSON(m)
-}
-
-// UnmarshalBinary interface implementation
-func (m *AzureConfigurationKeyvault) UnmarshalBinary(b []byte) error {
-	var res AzureConfigurationKeyvault
-	if err := swag.ReadJSON(b, &res); err != nil {
-		return err
-	}
-	*m = res
-	return nil
-}
-
-// AzureConfigurationKeyvaultCredentials azure configuration keyvault credentials
-//
-// swagger:model AzureConfigurationKeyvaultCredentials
-type AzureConfigurationKeyvaultCredentials struct {
-
-	// client id
-	// Required: true
-	ClientID *string `json:"client_id"`
-
-	// client secret
-	// Required: true
-	ClientSecret *string `json:"client_secret"`
-
-	// tenant id
-	// Required: true
-	TenantID *string `json:"tenant_id"`
-}
-
-// Validate validates this azure configuration keyvault credentials
-func (m *AzureConfigurationKeyvaultCredentials) Validate(formats strfmt.Registry) error {
-	var res []error
-
-	if err := m.validateClientID(formats); err != nil {
-		res = append(res, err)
-	}
-
-	if err := m.validateClientSecret(formats); err != nil {
-		res = append(res, err)
-	}
-
-	if err := m.validateTenantID(formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-func (m *AzureConfigurationKeyvaultCredentials) validateClientID(formats strfmt.Registry) error {
-
-	if err := validate.Required("keyvault"+"."+"credentials"+"."+"client_id", "body", m.ClientID); err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (m *AzureConfigurationKeyvaultCredentials) validateClientSecret(formats strfmt.Registry) error {
-
-	if err := validate.Required("keyvault"+"."+"credentials"+"."+"client_secret", "body", m.ClientSecret); err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (m *AzureConfigurationKeyvaultCredentials) validateTenantID(formats strfmt.Registry) error {
-
-	if err := validate.Required("keyvault"+"."+"credentials"+"."+"tenant_id", "body", m.TenantID); err != nil {
-		return err
-	}
-
-	return nil
-}
-
-// ContextValidate validates this azure configuration keyvault credentials based on context it is used
-func (m *AzureConfigurationKeyvaultCredentials) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
-	return nil
-}
-
-// MarshalBinary interface implementation
-func (m *AzureConfigurationKeyvaultCredentials) MarshalBinary() ([]byte, error) {
-	if m == nil {
-		return nil, nil
-	}
-	return swag.WriteJSON(m)
-}
-
-// UnmarshalBinary interface implementation
-func (m *AzureConfigurationKeyvaultCredentials) UnmarshalBinary(b []byte) error {
-	var res AzureConfigurationKeyvaultCredentials
-	if err := swag.ReadJSON(b, &res); err != nil {
-		return err
-	}
-	*m = res
-	return nil
-}

models/backend_properties.go

@@ -0,0 +1,79 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2023 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// BackendProperties backend properties
+//
+// swagger:model BackendProperties
+type BackendProperties struct {
+
+	// backend type
+	BackendType string `json:"backendType,omitempty"`
+
+	// offline drives
+	OfflineDrives int64 `json:"offlineDrives,omitempty"`
+
+	// online drives
+	OnlineDrives int64 `json:"onlineDrives,omitempty"`
+
+	// rr s c parity
+	RrSCParity int64 `json:"rrSCParity,omitempty"`
+
+	// standard s c parity
+	StandardSCParity int64 `json:"standardSCParity,omitempty"`
+}
+
+// Validate validates this backend properties
+func (m *BackendProperties) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this backend properties based on context it is used
+func (m *BackendProperties) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *BackendProperties) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *BackendProperties) UnmarshalBinary(b []byte) error {
+	var res BackendProperties
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/bucket.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -185,6 +185,11 @@ func (m *Bucket) ContextValidate(ctx context.Context, formats strfmt.Registry) e
 func (m *Bucket) contextValidateAccess(ctx context.Context, formats strfmt.Registry) error {
 
 	if m.Access != nil {
+
+		if swag.IsZero(m.Access) { // not required
+			return nil
+		}
+
 		if err := m.Access.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("access")
@@ -201,6 +206,11 @@ func (m *Bucket) contextValidateAccess(ctx context.Context, formats strfmt.Regis
 func (m *Bucket) contextValidateDetails(ctx context.Context, formats strfmt.Registry) error {
 
 	if m.Details != nil {
+
+		if swag.IsZero(m.Details) { // not required
+			return nil
+		}
+
 		if err := m.Details.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("details")
@@ -217,6 +227,11 @@ func (m *Bucket) contextValidateDetails(ctx context.Context, formats strfmt.Regi
 func (m *Bucket) contextValidateRwAccess(ctx context.Context, formats strfmt.Registry) error {
 
 	if m.RwAccess != nil {
+
+		if swag.IsZero(m.RwAccess) { // not required
+			return nil
+		}
+
 		if err := m.RwAccess.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("rw_access")
@@ -322,6 +337,11 @@ func (m *BucketDetails) ContextValidate(ctx context.Context, formats strfmt.Regi
 func (m *BucketDetails) contextValidateQuota(ctx context.Context, formats strfmt.Registry) error {
 
 	if m.Quota != nil {
+
+		if swag.IsZero(m.Quota) { // not required
+			return nil
+		}
+
 		if err := m.Quota.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("details" + "." + "quota")
@@ -362,7 +382,7 @@ type BucketDetailsQuota struct {
 	Quota int64 `json:"quota,omitempty"`
 
 	// type
-	// Enum: [fifo hard]
+	// Enum: [hard]
 	Type string `json:"type,omitempty"`
 }
 
@@ -384,7 +404,7 @@ var bucketDetailsQuotaTypeTypePropEnum []interface{}
 
 func init() {
 	var res []string
-	if err := json.Unmarshal([]byte(`["fifo","hard"]`), &res); err != nil {
+	if err := json.Unmarshal([]byte(`["hard"]`), &res); err != nil {
 		panic(err)
 	}
 	for _, v := range res {
@@ -394,9 +414,6 @@ func init() {
 
 const (
 
-	// BucketDetailsQuotaTypeFifo captures enum value "fifo"
-	BucketDetailsQuotaTypeFifo string = "fifo"
-
 	// BucketDetailsQuotaTypeHard captures enum value "hard"
 	BucketDetailsQuotaTypeHard string = "hard"
 )

models/bucket_access.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -37,8 +37,12 @@ import (
 type BucketAccess string
 
 func NewBucketAccess(value BucketAccess) *BucketAccess {
-	v := value
-	return &v
+	return &value
+}
+
+// Pointer returns a pointer to a freshly-allocated BucketAccess.
+func (m BucketAccess) Pointer() *BucketAccess {
+	return &m
 }
 
 const (

models/bucket_encryption_info.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by

models/bucket_encryption_request.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -92,6 +92,11 @@ func (m *BucketEncryptionRequest) ContextValidate(ctx context.Context, formats s
 func (m *BucketEncryptionRequest) contextValidateEncType(ctx context.Context, formats strfmt.Registry) error {
 
 	if m.EncType != nil {
+
+		if swag.IsZero(m.EncType) { // not required
+			return nil
+		}
+
 		if err := m.EncType.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("encType")