Change register tabs (#2250 )

Co-authored-by: Alex <33497058+bexsoft@users.noreply.github.com>
UI to delete configured notification targets (#2213 )
2022-08-17 18:32:10 -05:00 · 2022-08-17 15:40:37 -05:00 · 2022-08-17 13:05:07 -05:00 · 2022-08-17 11:06:10 -05:00 · 2022-08-16 18:23:48 -05:00 · 2022-08-12 22:45:08 -05:00
1311 changed files with 50245 additions and 30406 deletions
--- a/.github/workflows/jobs.yaml
+++ b/.github/workflows/jobs.yaml
@@ -24,11 +24,12 @@ jobs:
      - no-warnings-and-make-assets
      - reuse-golang-dependencies
      - vulnerable-dependencies-checks
+      - semgrep-static-code-analysis
    runs-on: ubuntu-latest

    strategy:
      matrix:
-        go-version: [ 1.17.x ]
+        go-version: [ 1.18.x, 1.19.x ]

    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
@@ -92,11 +93,12 @@ jobs:
      - no-warnings-and-make-assets
      - reuse-golang-dependencies
      - vulnerable-dependencies-checks
+      - semgrep-static-code-analysis
    runs-on: ubuntu-latest

    strategy:
      matrix:
-        go-version: [ 1.17.x ]
+        go-version: [ 1.18.x, 1.19.x ]

    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
@@ -133,6 +135,7 @@ jobs:
        run: |
          echo "The idea is to build minio image from downloaded repository";
          cd $GITHUB_WORKSPACE/minio_repository;
+          echo "replace github.com/minio/console => ../" >> go.mod
          echo "Get git version to build MinIO Image";
          VERSION=`git rev-parse HEAD`;
          echo $VERSION;
@@ -160,11 +163,12 @@ jobs:
      - no-warnings-and-make-assets
      - reuse-golang-dependencies
      - vulnerable-dependencies-checks
+      - semgrep-static-code-analysis
    runs-on: ubuntu-latest

    strategy:
      matrix:
-        go-version: [ 1.17.x ]
+        go-version: [ 1.18.x, 1.19.x ]

    steps:

@@ -189,7 +193,7 @@ jobs:
          curl -sLO "https://dl.k8s.io/release/v1.23.1/bin/linux/amd64/kubectl" -o kubectl
          chmod +x kubectl
          mv kubectl /usr/local/bin
-          "${GITHUB_WORKSPACE}/.github/workflows/deploy-tenant.sh"
+          "${GITHUB_WORKSPACE}/tests/deploy-tenant.sh"
          echo "start ---> make test-operator-integration";
          make test-operator-integration;

@@ -206,7 +210,7 @@ jobs:
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
-        go-version: [ 1.17.x ]
+        go-version: [ 1.18.x, 1.19.x ]
        os: [ ubuntu-latest ]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
@@ -230,7 +234,7 @@ jobs:
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
-        go-version: [ 1.17.x ]
+        go-version: [ 1.18.x, 1.19.x ]
        os: [ ubuntu-latest ]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
@@ -256,12 +260,28 @@ jobs:
          curl -L -o nancy https://github.com/sonatype-nexus-community/nancy/releases/download/${nancy_version}/nancy-${nancy_version}-linux-amd64 && chmod +x nancy
          go list -deps -json ./... | jq -s 'unique_by(.Module.Path)|.[]|select(has("Module"))|.Module' | ./nancy sleuth

+  semgrep-static-code-analysis:
+    name: "semgrep checks"
+    runs-on: ${{ matrix.os }}
+    container:
+      image: "returntocorp/semgrep"
+    strategy:
+      matrix:
+        os: [ ubuntu-latest ]
+    steps:
+      - name: Check out source code
+        uses: actions/checkout@v2
+      - name: Scanning code on ${{ matrix.os }}
+        continue-on-error: false
+        run: |
+          semgrep --config semgrep.yaml $(pwd)/portal-ui --error
+
  no-warnings-and-make-assets:
-    name: "React Code Has No Warnings and then Make Assets"
+    name: "React Code Has No Warnings & is Prettified, then Make Assets"
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
-        go-version: [ 1.17.x ]
+        go-version: [ 1.18.x, 1.19.x ]
        os: [ ubuntu-latest ]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
@@ -269,12 +289,18 @@ jobs:
        with:
          go-version: ${{ matrix.go-version }}
        id: go
-      - uses: actions/setup-node@v2
-        with:
-          node-version: '17'
+
      - name: Check out code into the Go module directory
        uses: actions/checkout@v2

+      - name: Read .nvmrc
+        id: node_version
+        run: echo ::set-output name=NVMRC::$(cat .nvmrc)
+
+      - uses: actions/setup-node@v2
+        with:
+          node-version: ${{ env.NVMRC }}
+
      - name: Get yarn cache directory path
        id: yarn-cache-dir-path
        run: echo "::set-output name=dir::$(yarn cache dir)"
@@ -310,13 +336,18 @@ jobs:
        continue-on-error: false
        run: |
          ./check-warnings.sh
+      - name: Check if Files are Prettified
+        working-directory: ./portal-ui
+        continue-on-error: false
+        run: |
+          ./check-prettier.sh

  reuse-golang-dependencies:
    name: reuse golang dependencies
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
-        go-version: [ 1.17.x ]
+        go-version: [ 1.18.x, 1.19.x ]
        os: [ ubuntu-latest ]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
@@ -350,10 +381,11 @@ jobs:
      - no-warnings-and-make-assets
      - reuse-golang-dependencies
      - vulnerable-dependencies-checks
+      - semgrep-static-code-analysis
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
-        go-version: [ 1.17.x ]
+        go-version: [ 1.18.x, 1.19.x ]
        os: [ ubuntu-latest ]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
@@ -361,12 +393,18 @@ jobs:
        with:
          go-version: ${{ matrix.go-version }}
        id: go
-      - uses: actions/setup-node@v2
-        with:
-          node-version: '16'
+
      - name: Check out code into the Go module directory
        uses: actions/checkout@v2

+      - name: Read .nvmrc
+        id: node_version
+        run: echo ::set-output name=NVMRC::$(cat .nvmrc)
+
+      - uses: actions/setup-node@v2
+        with:
+          node-version: ${{ env.NVMRC }}
+
      - name: Get yarn cache directory path
        id: yarn-cache-dir-path
        run: echo "::set-output name=dir::$(yarn cache dir)"
@@ -428,10 +466,11 @@ jobs:
      - no-warnings-and-make-assets
      - reuse-golang-dependencies
      - vulnerable-dependencies-checks
+      - semgrep-static-code-analysis
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
-        go-version: [ 1.17.x ]
+        go-version: [ 1.18.x, 1.19.x ]
        os: [ ubuntu-latest ]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
@@ -439,12 +478,18 @@ jobs:
        with:
          go-version: ${{ matrix.go-version }}
        id: go
-      - uses: actions/setup-node@v2
-        with:
-          node-version: '16'
+
      - name: Check out code into the Go module directory
        uses: actions/checkout@v2

+      - name: Read .nvmrc
+        id: node_version
+        run: echo ::set-output name=NVMRC::$(cat .nvmrc)
+
+      - uses: actions/setup-node@v2
+        with:
+          node-version: ${{ env.NVMRC }}
+
      - name: Get yarn cache directory path
        id: yarn-cache-dir-path
        run: echo "::set-output name=dir::$(yarn cache dir)"
@@ -506,10 +551,11 @@ jobs:
      - no-warnings-and-make-assets
      - reuse-golang-dependencies
      - vulnerable-dependencies-checks
+      - semgrep-static-code-analysis
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
-        go-version: [ 1.17.x ]
+        go-version: [ 1.18.x, 1.19.x ]
        os: [ ubuntu-latest ]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
@@ -517,12 +563,18 @@ jobs:
        with:
          go-version: ${{ matrix.go-version }}
        id: go
-      - uses: actions/setup-node@v2
-        with:
-          node-version: '16'
+
      - name: Check out code into the Go module directory
        uses: actions/checkout@v2

+      - name: Read .nvmrc
+        id: node_version
+        run: echo ::set-output name=NVMRC::$(cat .nvmrc)
+
+      - uses: actions/setup-node@v2
+        with:
+          node-version: ${{ env.NVMRC }}
+
      - name: Get yarn cache directory path
        id: yarn-cache-dir-path
        run: echo "::set-output name=dir::$(yarn cache dir)"
@@ -585,11 +637,12 @@ jobs:
      - no-warnings-and-make-assets
      - reuse-golang-dependencies
      - vulnerable-dependencies-checks
+      - semgrep-static-code-analysis
    runs-on: ${{ matrix.os }}
    timeout-minutes: 5
    strategy:
      matrix:
-        go-version: [ 1.17.x ]
+        go-version: [ 1.18.x, 1.19.x ]
        os: [ ubuntu-latest ]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
@@ -597,11 +650,14 @@ jobs:
        with:
          go-version: ${{ matrix.go-version }}
        id: go
-      - uses: actions/setup-node@v2
-        with:
-          node-version: '16'
      - name: Check out code into the Go module directory
        uses: actions/checkout@v2
+      - name: Read .nvmrc
+        id: node_version
+        run: echo ::set-output name=NVMRC::$(cat .nvmrc)
+      - uses: actions/setup-node@v2
+        with:
+          node-version: ${{ env.NVMRC }}
      - name: Get yarn cache directory path
        id: yarn-cache-dir-path
        run: echo "::set-output name=dir::$(yarn cache dir)"
@@ -654,10 +710,11 @@ jobs:
      - no-warnings-and-make-assets
      - reuse-golang-dependencies
      - vulnerable-dependencies-checks
+      - semgrep-static-code-analysis
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
-        go-version: [ 1.17.x ]
+        go-version: [ 1.18.x, 1.19.x ]
        os: [ ubuntu-latest ]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
@@ -665,11 +722,14 @@ jobs:
        with:
          go-version: ${{ matrix.go-version }}
        id: go
-      - uses: actions/setup-node@v2
-        with:
-          node-version: '16'
      - name: Check out code into the Go module directory
        uses: actions/checkout@v2
+      - name: Read .nvmrc
+        id: node_version
+        run: echo ::set-output name=NVMRC::$(cat .nvmrc)
+      - uses: actions/setup-node@v2
+        with:
+          node-version: ${{ env.NVMRC }}
      - name: Get yarn cache directory path
        id: yarn-cache-dir-path
        run: echo "::set-output name=dir::$(yarn cache dir)"
@@ -722,10 +782,11 @@ jobs:
      - no-warnings-and-make-assets
      - reuse-golang-dependencies
      - vulnerable-dependencies-checks
+      - semgrep-static-code-analysis
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
-        go-version: [ 1.17.x ]
+        go-version: [ 1.18.x, 1.19.x ]
        os: [ ubuntu-latest ]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
@@ -733,11 +794,14 @@ jobs:
        with:
          go-version: ${{ matrix.go-version }}
        id: go
-      - uses: actions/setup-node@v2
-        with:
-          node-version: '16'
      - name: Check out code into the Go module directory
        uses: actions/checkout@v2
+      - name: Read .nvmrc
+        id: node_version
+        run: echo ::set-output name=NVMRC::$(cat .nvmrc)
+      - uses: actions/setup-node@v2
+        with:
+          node-version: ${{ env.NVMRC }}
      - name: Get yarn cache directory path
        id: yarn-cache-dir-path
        run: echo "::set-output name=dir::$(yarn cache dir)"
@@ -783,17 +847,18 @@ jobs:
        with:
          args: '"chrome:headless" portal-ui/tests/permissions-6/ --skip-js-errors'

-  all-operator-tests:
-    name: Operator UI Tests
+  all-permissions-7:
+    name: Permissions Tests Part 7
    needs:
      - lint-job
      - no-warnings-and-make-assets
      - reuse-golang-dependencies
      - vulnerable-dependencies-checks
+      - semgrep-static-code-analysis
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
-        go-version: [ 1.17.x ]
+        go-version: [ 1.18.x, 1.19.x ]
        os: [ ubuntu-latest ]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
@@ -801,11 +866,247 @@ jobs:
        with:
          go-version: ${{ matrix.go-version }}
        id: go
-      - uses: actions/setup-node@v2
-        with:
-          node-version: '16'
      - name: Check out code into the Go module directory
        uses: actions/checkout@v2
+      - name: Read .nvmrc
+        id: node_version
+        run: echo ::set-output name=NVMRC::$(cat .nvmrc)
+      - uses: actions/setup-node@v2
+        with:
+          node-version: ${{ env.NVMRC }}
+      - name: Get yarn cache directory path
+        id: yarn-cache-dir-path
+        run: echo "::set-output name=dir::$(yarn cache dir)"
+      - uses: actions/cache@v2
+        id: yarn-cache
+        name: Yarn Cache
+        with:
+          path: |
+            ${{ steps.yarn-cache-dir-path.outputs.dir }}
+            ./portal-ui/node_modules/
+            ./portal-ui/build/
+          key: ${{ runner.os }}-yarn-${{ hashFiles('./portal-ui/yarn.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-yarn-
+      - uses: actions/cache@v2
+        id: assets-cache
+        name: Assets Cache
+        with:
+          path: |
+            ./portal-ui/build/
+          key: ${{ runner.os }}-assets-${{ github.run_id }}
+          restore-keys: |
+            ${{ runner.os }}-assets-
+      - uses: actions/cache@v2
+        name: Go Mod Cache
+        with:
+          path: |
+            ~/.cache/go-build
+            ~/go/pkg/mod
+          key: ${{ runner.os }}-go-${{ github.run_id }}
+      - name: Build Console on ${{ matrix.os }}
+        env:
+          GO111MODULE: on
+          GOOS: linux
+        run: |
+          make console
+      - name: Start Console, front-end app and initialize users/policies
+        run: |
+          (./console server) & (make initialize-permissions)
+      - name: Run TestCafe Tests
+        timeout-minutes: 5
+        uses: DevExpress/testcafe-action@latest
+        with:
+          args: '"chrome:headless" portal-ui/tests/permissions-7/ --skip-js-errors'
+
+  all-permissions-8:
+    name: Permissions Tests Part 8
+    needs:
+      - lint-job
+      - no-warnings-and-make-assets
+      - reuse-golang-dependencies
+      - vulnerable-dependencies-checks
+      - semgrep-static-code-analysis
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        go-version: [ 1.18.x, 1.19.x ]
+        os: [ ubuntu-latest ]
+    steps:
+      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
+        uses: actions/setup-go@v2
+        with:
+          go-version: ${{ matrix.go-version }}
+        id: go
+      - name: Check out code into the Go module directory
+        uses: actions/checkout@v2
+      - name: Read .nvmrc
+        id: node_version
+        run: echo ::set-output name=NVMRC::$(cat .nvmrc)
+      - uses: actions/setup-node@v2
+        with:
+          node-version: ${{ env.NVMRC }}
+      - name: Get yarn cache directory path
+        id: yarn-cache-dir-path
+        run: echo "::set-output name=dir::$(yarn cache dir)"
+      - uses: actions/cache@v2
+        id: yarn-cache
+        name: Yarn Cache
+        with:
+          path: |
+            ${{ steps.yarn-cache-dir-path.outputs.dir }}
+            ./portal-ui/node_modules/
+            ./portal-ui/build/
+          key: ${{ runner.os }}-yarn-${{ hashFiles('./portal-ui/yarn.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-yarn-
+      - uses: actions/cache@v2
+        id: assets-cache
+        name: Assets Cache
+        with:
+          path: |
+            ./portal-ui/build/
+          key: ${{ runner.os }}-assets-${{ github.run_id }}
+          restore-keys: |
+            ${{ runner.os }}-assets-
+      - uses: actions/cache@v2
+        name: Go Mod Cache
+        with:
+          path: |
+            ~/.cache/go-build
+            ~/go/pkg/mod
+          key: ${{ runner.os }}-go-${{ github.run_id }}
+      - name: Build Console on ${{ matrix.os }}
+        env:
+          GO111MODULE: on
+          GOOS: linux
+        run: |
+          make console
+      - name: Start Console, front-end app and initialize users/policies
+        run: |
+          (./console server) & (make initialize-permissions)
+      - name: Run TestCafe Tests
+        timeout-minutes: 5
+        uses: DevExpress/testcafe-action@latest
+        with:
+          args: '"chrome:headless" portal-ui/tests/permissions-8/ --skip-js-errors'
+
+  all-permissions-9:
+    name: Permissions Tests Part 9
+    needs:
+      - lint-job
+      - no-warnings-and-make-assets
+      - reuse-golang-dependencies
+      - vulnerable-dependencies-checks
+      - semgrep-static-code-analysis
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        go-version: [ 1.18.x, 1.19.x ]
+        os: [ ubuntu-latest ]
+    steps:
+      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
+        uses: actions/setup-go@v2
+        with:
+          go-version: ${{ matrix.go-version }}
+        id: go
+
+      - name: Check out code into the Go module directory
+        uses: actions/checkout@v2
+
+      - name: Read .nvmrc
+        id: node_version
+        run: echo ::set-output name=NVMRC::$(cat .nvmrc)
+
+      - uses: actions/setup-node@v2
+        with:
+          node-version: ${{ env.NVMRC }}
+
+      - name: Get yarn cache directory path
+        id: yarn-cache-dir-path
+        run: echo "::set-output name=dir::$(yarn cache dir)"
+
+      - uses: actions/cache@v2
+        id: yarn-cache
+        name: Yarn Cache
+        with:
+          path: |
+            ${{ steps.yarn-cache-dir-path.outputs.dir }}
+            ./portal-ui/node_modules/
+            ./portal-ui/build/
+          key: ${{ runner.os }}-yarn-${{ hashFiles('./portal-ui/yarn.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-yarn-
+
+      - uses: actions/cache@v2
+        id: assets-cache
+        name: Assets Cache
+        with:
+          path: |
+            ./portal-ui/build/
+          key: ${{ runner.os }}-assets-${{ github.run_id }}
+          restore-keys: |
+            ${{ runner.os }}-assets-
+
+      - uses: actions/cache@v2
+        name: Go Mod Cache
+        with:
+          path: |
+            ~/.cache/go-build
+            ~/go/pkg/mod
+          key: ${{ runner.os }}-go-${{ github.run_id }}
+
+      - name: Build Console on ${{ matrix.os }}
+        env:
+          GO111MODULE: on
+          GOOS: linux
+        run: |
+          make console
+
+      - name: Start Console, front-end app and initialize users/policies
+        run: |
+          (./console server) & (make initialize-permissions)
+
+      - name: Run TestCafe Tests
+        uses: DevExpress/testcafe-action@latest
+        with:
+          args: '"chrome:headless" portal-ui/tests/permissions-9/ --skip-js-errors -c 3'
+
+      - name: Clean up users & policies
+        run: |
+          make cleanup-permissions
+
+  all-operator-tests:
+    name: Operator UI Tests
+    needs:
+      - lint-job
+      - no-warnings-and-make-assets
+      - reuse-golang-dependencies
+      - vulnerable-dependencies-checks
+      - semgrep-static-code-analysis
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        go-version: [ 1.18.x, 1.19.x ]
+        os: [ ubuntu-latest ]
+    steps:
+      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
+        uses: actions/setup-go@v2
+        with:
+          go-version: ${{ matrix.go-version }}
+        id: go
+
+      - name: Check out code into the Go module directory
+        uses: actions/checkout@v2
+
+      - name: Read .nvmrc
+        id: node_version
+        run: echo ::set-output name=NVMRC::$(cat .nvmrc)
+
+      - uses: actions/setup-node@v2
+        with:
+          node-version: ${{ env.NVMRC }}
+
      - uses: actions/cache@v2
        name: Go Mod Cache
        with:
@@ -863,10 +1164,11 @@ jobs:
      - no-warnings-and-make-assets
      - reuse-golang-dependencies
      - vulnerable-dependencies-checks
+      - semgrep-static-code-analysis
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
-        go-version: [ 1.17.x ]
+        go-version: [ 1.18.x, 1.19.x ]
        os: [ ubuntu-latest ]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
@@ -900,10 +1202,11 @@ jobs:
      - no-warnings-and-make-assets
      - reuse-golang-dependencies
      - vulnerable-dependencies-checks
+      - semgrep-static-code-analysis
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
-        go-version: [ 1.17.x ]
+        go-version: [ 1.18.x, 1.19.x ]
        os: [ ubuntu-latest ]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
@@ -937,10 +1240,11 @@ jobs:
      - no-warnings-and-make-assets
      - reuse-golang-dependencies
      - vulnerable-dependencies-checks
+      - semgrep-static-code-analysis
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
-        go-version: [ 1.17.x ]
+        go-version: [ 1.18.x, 1.19.x ]
        os: [ ubuntu-latest ]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
@@ -974,10 +1278,11 @@ jobs:
      - no-warnings-and-make-assets
      - reuse-golang-dependencies
      - vulnerable-dependencies-checks
+      - semgrep-static-code-analysis
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
-        go-version: [ 1.17.x ]
+        go-version: [ 1.18.x, 1.19.x ]
        os: [ ubuntu-latest ]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
@@ -1011,10 +1316,11 @@ jobs:
      - no-warnings-and-make-assets
      - reuse-golang-dependencies
      - vulnerable-dependencies-checks
+      - semgrep-static-code-analysis
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
-        go-version: [ 1.17.x ]
+        go-version: [ 1.18.x, 1.19.x ]
        os: [ ubuntu-latest ]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
@@ -1048,10 +1354,11 @@ jobs:
      - no-warnings-and-make-assets
      - reuse-golang-dependencies
      - vulnerable-dependencies-checks
+      - semgrep-static-code-analysis
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
-        go-version: [ 1.17.x ]
+        go-version: [ 1.18.x, 1.19.x ]
        os: [ ubuntu-latest ]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
@@ -1085,10 +1392,11 @@ jobs:
      - no-warnings-and-make-assets
      - reuse-golang-dependencies
      - vulnerable-dependencies-checks
+      - semgrep-static-code-analysis
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
-        go-version: [ 1.17.x ]
+        go-version: [ 1.18.x, 1.19.x ]
        os: [ ubuntu-latest ]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
@@ -1122,10 +1430,11 @@ jobs:
      - no-warnings-and-make-assets
      - reuse-golang-dependencies
      - vulnerable-dependencies-checks
+      - semgrep-static-code-analysis
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
-        go-version: [ 1.17.x ]
+        go-version: [ 1.18.x, 1.19.x ]
        os: [ ubuntu-latest ]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
@@ -1160,6 +1469,52 @@ jobs:
            ./restapi/coverage/
          key: ${{ runner.os }}-coverage-restapi-2-${{ github.run_id }}

+  test-operatorapi-on-go:
+    name: Test Operatorapi on Go ${{ matrix.go-version }} and ${{ matrix.os }}
+    needs:
+      - lint-job
+      - no-warnings-and-make-assets
+      - reuse-golang-dependencies
+      - vulnerable-dependencies-checks
+      - semgrep-static-code-analysis
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        go-version: [ 1.18.x, 1.19.x ]
+        os: [ ubuntu-latest ]
+    steps:
+      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
+        uses: actions/setup-go@v2
+        with:
+          go-version: ${{ matrix.go-version }}
+        id: go
+
+      - name: Check out code into the Go module directory
+        uses: actions/checkout@v2
+
+      - uses: actions/cache@v2
+        name: Go Mod Cache
+        with:
+          path: |
+            ~/.cache/go-build
+            ~/go/pkg/mod
+          key: ${{ runner.os }}-go-${{ github.run_id }}
+
+      - name: Build on ${{ matrix.os }}
+        env:
+          GO111MODULE: on
+          GOOS: linux
+        run: |
+          make test-unit-test-operator
+
+      - uses: actions/cache@v2
+        id: coverage-cache-unittest-operatorapi
+        name: Coverage Cache unit test operatorAPI
+        with:
+          path: |
+            ./operatorapi/coverage/
+          key: ${{ runner.os }}-coverage-unittest-operatorapi-2-${{ github.run_id }}
+
  b-integration-tests:
    name: Integration Tests with Latest Distributed MinIO
    needs:
@@ -1167,11 +1522,12 @@ jobs:
      - no-warnings-and-make-assets
      - reuse-golang-dependencies
      - vulnerable-dependencies-checks
+      - semgrep-static-code-analysis
    runs-on: ubuntu-latest

    strategy:
      matrix:
-        go-version: [ 1.17.x ]
+        go-version: [ 1.18.x, 1.19.x ]

    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
@@ -1218,7 +1574,31 @@ jobs:
          echo "We are going to use the built image on test-integration";
          VERSION="minio/minio:$VERSION";
          echo $VERSION;
-          make test-integration MINIO_VERSION=$VERSION;
+          
+          echo "Create bucket for replication with versioning"
+          echo "Download mc for Ubuntu"
+          wget -q https://dl.min.io/client/mc/release/linux-amd64/mc
+          echo "Change the permissions to execute mc command"
+          chmod +x mc
+          echo "Create the folder to put the all.out file"
+          TARGET_BUCKET=`echo $RANDOM | md5sum | head -c 20; echo;`
+          echo "TARGET_BUCKET: ${TARGET_BUCKET}"
+          echo "Only run our test if play is up and running..."
+          PLAY_IS_ON=`wget --spider --server-response https://play.min.io:9443/login 2>&1 | grep '200\ OK' | wc -l`
+          if [ $PLAY_IS_ON == 1 ]
+          then
+            echo "Play is up and running, we will proceed with the test"
+          else
+            echo "Play is down, please report it on hack channel"
+            exit
+          fi
+          ./mc mb --ignore-existing play/${TARGET_BUCKET}/
+          ./mc version enable play/${TARGET_BUCKET}
+          # Via API we are going to test:
+          # mc admin bucket remote add myminio/source https://minioadmin:minioadmin@play.min.io/target --service "replication"
+          # expected output is: Remote ARN = `arn:minio:replication::f5bdb8d7-541d-415e-aaf4-592979484ba9:target`.
+          
+          make test-integration MINIO_VERSION=$VERSION TARGET_BUCKET=$TARGET_BUCKET;

      - uses: actions/cache@v2
        id: coverage-cache
@@ -1235,6 +1615,7 @@ jobs:
      - no-warnings-and-make-assets
      - reuse-golang-dependencies
      - vulnerable-dependencies-checks
+      - semgrep-static-code-analysis
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
@@ -1250,6 +1631,7 @@ jobs:
    needs:
      - b-integration-tests
      - test-restapi-on-go
+      - test-operatorapi-on-go
      - c-operator-api-tests
      - test-pkg-on-go
      - sso-integration
@@ -1257,7 +1639,7 @@ jobs:
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
-        go-version: [ 1.17.x ]
+        go-version: [ 1.18.x, 1.19.x ]
        os: [ ubuntu-latest ]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
@@ -1320,6 +1702,14 @@ jobs:
            ./restapi/coverage/
          key: ${{ runner.os }}-coverage-restapi-2-${{ github.run_id }}

+      - uses: actions/cache@v2
+        id: coverage-cache-unittest-operatorapi
+        name: Coverage Cache unit test operatorAPI
+        with:
+          path: |
+            ./operatorapi/coverage/
+          key: ${{ runner.os }}-coverage-unittest-operatorapi-2-${{ github.run_id }}
+
      - uses: actions/cache@v2
        id: coverage-cache-pkg
        name: Coverage Cache Pkg
@@ -1339,17 +1729,42 @@ jobs:
          echo "go build gocoverage.go"
          go build gocovmerge.go
          echo "put together the outs for final coverage resolution"
-          ./gocovmerge ../integration/coverage/system.out ../replication/coverage/replication.out ../sso-integration/coverage/sso-system.out ../restapi/coverage/coverage.out ../pkg/coverage/coverage-pkg.out ../operator-integration/coverage/operator-api.out > all.out
+          ./gocovmerge ../integration/coverage/system.out ../replication/coverage/replication.out ../sso-integration/coverage/sso-system.out ../restapi/coverage/coverage.out ../pkg/coverage/coverage-pkg.out ../operator-integration/coverage/operator-api.out ../operatorapi/coverage/coverage-unit-test-operatorapi.out > all.out
+          echo "Download mc for Ubuntu"
+          wget -q https://dl.min.io/client/mc/release/linux-amd64/mc
+          echo "Change the permissions to execute mc command"
+          chmod +x mc
+          echo "Only run our test if play is up and running since we require it for replication tests here."
+          PLAY_IS_ON=`wget --spider --server-response https://play.min.io:9443/login 2>&1 | grep '200\ OK' | wc -l`
+          if [ $PLAY_IS_ON == 1 ]
+          then
+            echo "Play is up and running, we will proceed with the play part for coverage"
+            echo "Create the folder to put the all.out file"
+            ./mc mb --ignore-existing play/builds/
+            echo "Copy the all.out file to play bucket"
+            echo ${{ github.repository }}
+            echo ${{ github.event.number }}
+            echo ${{ github.run_id }}
+            # mc cp can fail due to lack of space: mc: <ERROR> Failed to copy `all.out`.
+            # Storage backend has reached its minimum free disk threshold. Please delete a few objects to proceed.
+            ./mc cp all.out play/builds/${{ github.repository }}/${{ github.event.number }}/${{ github.run_id }}/ || true
+            ./mc cp all.out play/builds/${{ github.repository }}/${{ github.event.number }}/latest/ || true
+            go tool cover -html=all.out -o coverage.html
+            ./mc cp coverage.html play/builds/${{ github.repository }}/${{ github.event.number }}/${{ github.run_id }}/ || true
+            ./mc cp coverage.html play/builds/${{ github.repository }}/${{ github.event.number }}/latest/ || true
+          else
+            echo "Play is down, please report it on hack channel, no coverage is going to be uploaded!!!"
+          fi
          echo "grep to obtain the result"
          go tool cover -func=all.out | grep total > tmp2
          result=`cat tmp2 | awk 'END {print $3}'`
          result=${result%\%}
-          echo "result:"
-          echo $result
-          threshold=41.2
+          threshold=53.40
+          echo "Result:"
+          echo "$result%"
          if (( $(echo "$result >= $threshold" |bc -l) )); then
-            echo "It is equal or greater than threshold, passed!"
+            echo "It is equal or greater than threshold ($threshold%), passed!"
          else
-            echo "It is smaller than threshold value, failed!"
+            echo "It is smaller than threshold ($threshold%) value, failed!"
            exit 1
          fi
--- a/.golangci.yml
+++ b/.golangci.yml
@@ -5,6 +5,12 @@ linters-settings:
  misspell:
    locale: US

+  goheader:
+    values:
+      regexp:
+        copyright-holder: Copyright \(c\) (20\d\d\-20\d\d)|2021|({{year}})
+    template-path: .license.tmpl
+
 linters:
  disable-all: true
  enable:
@@ -16,17 +22,17 @@ linters:
    - ineffassign
    - gosimple
    - deadcode
-    - unparam
+    - structcheck
+    - gomodguard
+    - gofmt
    - unused
    - structcheck
-    - goheader
-
-linters-settings:
-  goheader:
-    values:
-      regexp:
-        copyright-holder: Copyright \(c\) (20\d\d\-20\d\d)|2021|({{year}})
-    template-path: .license.tmpl
+    - unconvert
+    - varcheck
+    - gocritic
+    - gofumpt
+    - tenv
+    - durationcheck

 service:
  golangci-lint-version: 1.43.0 # use the fixed version to not introduce new linters unexpectedly
@@ -34,14 +40,15 @@ service:
 issues:
  exclude-use-default: false
  exclude:
-      - should have a package comment
-      # TODO(y4m4): Remove once all exported ident. have comments!      
-      - comment on exported function
-      - comment on exported type
-      - should have comment
-      - use leading k in Go names
-      - comment on exported const
+    - should have a package comment
+    # TODO(y4m4): Remove once all exported ident. have comments!
+    - comment on exported function
+    - comment on exported type
+    - should have comment
+    - use leading k in Go names
+    - comment on exported const
 run:
  skip-dirs:
    - pkg/clientgen
    - pkg/apis/networking.gke.io
+    - restapi/operations
--- a/.nvmrc
+++ b/.nvmrc
@@ -0,0 +1 @@
+17
--- a/.semgrepignore
+++ b/.semgrepignore
@@ -0,0 +1,33 @@
+# Ignore git items
+.gitignore
+.git/
+:include .gitignore
+
+# Common large paths
+node_modules/
+portal-ui/node_modules/
+build/
+dist/
+.idea/
+vendor/
+.env/
+.venv/
+.tox/
+*.min.js
+
+# Common test paths
+test/
+tests/
+*_test.go
+
+# Semgrep rules folder
+.semgrep
+
+# Semgrep-action log folder
+.semgrep_logs/
+
+# Ignore VsCode files
+.vscode/
+*.code-workspace
+*~
+.eslintcache
--- a/2768
+++ b/2768
--- a/7
+++ b/7
@@ -1,4 +1,5 @@
-FROM node:17 as uilayer
+ARG NODE_VERSION
+FROM node:$NODE_VERSION as uilayer

 WORKDIR /app

@@ -12,7 +13,7 @@ RUN make build-static

 USER node

-FROM golang:1.17 as golayer
+FROM golang:1.18 as golayer

 RUN apt-get update -y && apt-get install -y ca-certificates

@@ -31,7 +32,7 @@ ENV CGO_ENABLED=0
 COPY --from=uilayer /app/build /go/src/github.com/minio/console/portal-ui/build
 RUN go build --tags=kqueue,operator -ldflags "-w -s" -a -o console ./cmd/console

-FROM registry.access.redhat.com/ubi8/ubi-minimal:8.5
+FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6
 MAINTAINER MinIO Development "dev@min.io"
 EXPOSE 9090

--- a/Dockerfile.assets
+++ b/Dockerfile.assets
@@ -1,4 +1,5 @@
-FROM node:17 as uilayer
+ARG NODE_VERSION
+FROM node:$NODE_VERSION as uilayer

 WORKDIR /app

--- a/92
+++ b/92
@@ -5,6 +5,8 @@ BUILD_VERSION:=$(shell git describe --exact-match --tags $(git log -n1 --pretty=
 BUILD_TIME:=$(shell date 2>/dev/null)
 TAG ?= "minio/console:$(BUILD_VERSION)-dev"
 MINIO_VERSION ?= "quay.io/minio/minio:latest"
+TARGET_BUCKET ?= "target"
+NODE_VERSION := $(shell cat .nvmrc)

 default: console

@@ -14,13 +16,13 @@ console:
 	@(GO111MODULE=on CGO_ENABLED=0 go build -trimpath --tags=kqueue,operator --ldflags "-s -w" -o console ./cmd/console)

 k8sdev:
-	@docker build -t $(TAG) --build-arg build_version=$(BUILD_VERSION) --build-arg build_time='$(BUILD_TIME)' .
+	@docker build -t $(TAG) --build-arg build_version=$(BUILD_VERSION) --build-arg build_time='$(BUILD_TIME)' --build-arg NODE_VERSION='$(NODE_VERSION)' .
 	@kind load docker-image $(TAG)
 	@echo "Done, now restart your console deployment"

 getdeps:
 	@mkdir -p ${GOPATH}/bin
-	@which golangci-lint 1>/dev/null || (echo "Installing golangci-lint" && curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(GOPATH)/bin v1.43.0)
+	@echo "Installing golangci-lint" && curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(GOPATH)/bin

 verifiers: getdeps fmt lint

@@ -62,7 +64,8 @@ swagger-operator:
 	@swagger generate server -A operator --main-package=operator --server-package=operatorapi --exclude-main -P models.Principal -f ./swagger-operator.yml -r NOTICE

 assets:
-	@(cd portal-ui; yarn install --prefer-offline; make build-static; yarn prettier --write . --loglevel warn; cd ..)
+	@(if [ -f "${NVM_DIR}/nvm.sh" ]; then \. "${NVM_DIR}/nvm.sh" && nvm install && nvm use && npm install -g yarn ; fi &&\
+	  cd portal-ui; yarn install --prefer-offline; make build-static; yarn prettier --write . --loglevel warn; cd ..)

 test-integration:
 	@(docker stop pgsqlcontainer || true)
@@ -74,8 +77,8 @@ test-integration:
 	@echo $(MINIO_VERSION)
 	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 --net=mynet123 -d --name minio --rm -p 9000:9000 -p 9001:9001 -e MINIO_KMS_SECRET_KEY=my-minio-key:OSMM+vkKUTCvQs9YL/CVMIMt43HFhkUpqJxTmGl6rYw= $(MINIO_VERSION) server /data{1...4} --console-address ':9001' && sleep 5)
 	@(docker run --net=mynet123 --ip=173.18.0.3 --name pgsqlcontainer --rm -p 5432:5432 -e POSTGRES_PASSWORD=password -d postgres && sleep 5)
-	@echo "execute test and get coverage"
-	@(cd integration && go test -coverpkg=../restapi -c -tags testrunmain . && mkdir -p coverage && ./integration.test -test.v -test.run "^Test*" -test.coverprofile=coverage/system.out)
+	@echo "execute test and get coverage for test-integration:"
+	@(cd integration && go test -coverpkg=../restapi -c -tags testrunmain . && mkdir -p coverage && export THETARGET=$(TARGET_BUCKET) && echo "THETARGET: ${THETARGET}" && ./integration.test -test.v -test.run "^Test*" -test.coverprofile=coverage/system.out)
 	@(docker stop pgsqlcontainer)
 	@(docker stop minio)
 	@(docker network rm mynet123)
@@ -131,29 +134,25 @@ test-replication:
 test-sso-integration:
 	@echo "create the network in bridge mode to communicate all containers"
 	@(docker network create my-net)
-	@echo "execute latest keycloak container"
+	@echo "run openldap container using MinIO Image: quay.io/minio/openldap:latest"
 	@(docker run \
-	--rm \
-	--name keycloak-container \
-	--network my-net \
-	-p 8080:8080 \
-	-e KEYCLOAK_USER=admin \
-	-e KEYCLOAK_PASSWORD=admin jboss/keycloak:latest -b 0.0.0.0 -bprivate 127.0.0.1 &)
-	@echo "wait 60 sec until keycloak is listenning on port, then go for minio server"
-	@(sleep 60)
-	@echo "execute keycloak-config-cli container to configure keycloak for Single Sign On with MinIO"
+		-e LDAP_ORGANIZATION="MinIO Inc" \
+		-e LDAP_DOMAIN="min.io" \
+		-e LDAP_ADMIN_PASSWORD="admin" \
+		--network my-net \
+		-p 389:389 \
+		-p 636:636 \
+		--name openldap \
+		--detach quay.io/minio/openldap:latest)
+	@echo "Run Dex container using MinIO Image: quay.io/minio/dex:latest"
 	@(docker run \
-	--rm \
-	--network my-net \
-	--name keycloak-config-cli \
-	-e KEYCLOAK_URL=http://keycloak-container:8080/auth \
-	-e KEYCLOAK_USER="admin" \
-	-e KEYCLOAK_PASSWORD="admin" \
-	-e KEYCLOAK_AVAILABILITYCHECK_ENABLED=true \
-	-e KEYCLOAK_AVAILABILITYCHECK_TIMEOUT=120s \
-	-e IMPORT_FILES_LOCATIONS='/config/realm-export.json' \
-	-v /home/runner/work/console/console/sso-integration/config:/config \
-	adorsys/keycloak-config-cli:latest)
+		-e DEX_ISSUER=http://dex:5556/dex \
+		-e DEX_CLIENT_REDIRECT_URI=http://127.0.0.1:9090/oauth_callback \
+		-e DEX_LDAP_SERVER=openldap:389 \
+		--network my-net \
+		-p 5556:5556 \
+		--name dex \
+		--detach quay.io/minio/dex:latest)
 	@echo "running minio server"
 	@(docker run \
 	-v /data1 -v /data2 -v /data3 -v /data4 \
@@ -163,13 +162,22 @@ test-sso-integration:
 	--rm \
 	-p 9000:9000 \
 	-p 9001:9001 \
-	-e MINIO_IDENTITY_OPENID_CLIENT_SECRET=0nfJuqIt0iPnRIUJkvetve5l38C6gi9W \
-	-e MINIO_IDENTITY_OPENID_CONFIG_URL=http://keycloak-container:8080/auth/realms/myrealm/.well-known/openid-configuration \
-	-e MINIO_IDENTITY_OPENID_CLIENT_ID="account" \
+	-e MINIO_IDENTITY_OPENID_CLIENT_ID="minio-client-app" \
+	-e MINIO_IDENTITY_OPENID_CLIENT_SECRET="minio-client-app-secret" \
+	-e MINIO_IDENTITY_OPENID_CLAIM_NAME=name \
+	-e MINIO_IDENTITY_OPENID_CONFIG_URL=http://dex:5556/dex/.well-known/openid-configuration \
+	-e MINIO_IDENTITY_OPENID_REDIRECT_URI=http://127.0.0.1:9090/oauth_callback \
 	-e MINIO_ROOT_USER=minio \
 	-e MINIO_ROOT_PASSWORD=minio123 $(MINIO_VERSION) server /data{1...4} --address :9000 --console-address :9001)
+	@echo "run mc commands to set the policy"
+	@(docker run --name minio-client --network my-net -dit --entrypoint=/bin/sh minio/mc)
+	@(docker exec minio-client mc alias set myminio/ http://minio:9000 minio minio123)
+	@echo "adding policy to Dillon Harper to be able to login:"
+	@(cd sso-integration && docker cp allaccess.json minio-client:/ && docker exec minio-client mc admin policy add myminio "Dillon Harper" allaccess.json)
 	@echo "starting bash script"
 	@(env bash $(PWD)/sso-integration/set-sso.sh)
+	@echo "add python module"
+	@(pip3 install bs4)
 	@echo "Executing the test:"
 	@(cd sso-integration && go test -coverpkg=../restapi -c -tags testrunmain . && mkdir -p coverage && ./sso-integration.test -test.v -test.run "^Test*" -test.coverprofile=coverage/sso-system.out)

@@ -197,6 +205,26 @@ test-permissions-3:
 	@(env bash $(PWD)/portal-ui/tests/scripts/permissions.sh "portal-ui/tests/permissions-3/")
 	@(docker stop minio)

+test-permissions-4:
+	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
+	@(env bash $(PWD)/portal-ui/tests/scripts/permissions.sh "portal-ui/tests/permissions-4/")
+	@(docker stop minio)
+
+test-permissions-5:
+	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
+	@(env bash $(PWD)/portal-ui/tests/scripts/permissions.sh "portal-ui/tests/permissions-5/")
+	@(docker stop minio)
+
+test-permissions-6:
+	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
+	@(env bash $(PWD)/portal-ui/tests/scripts/permissions.sh "portal-ui/tests/permissions-6/")
+	@(docker stop minio)
+
+test-permissions-7:
+	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
+	@(env bash $(PWD)/portal-ui/tests/scripts/permissions.sh "portal-ui/tests/permissions-7/")
+	@(docker stop minio)
+
 test-apply-permissions:
 	@(env bash $(PWD)/portal-ui/tests/scripts/initialize-env.sh)

@@ -217,6 +245,10 @@ test:
 	@echo "execute test and get coverage"
 	@(cd restapi && mkdir coverage && GO111MODULE=on go test -test.v -coverprofile=coverage/coverage.out)

+test-unit-test-operator:
+	@echo "execute unit test and get coverage for operatorapi"
+	@(cd operatorapi && mkdir coverage && GO111MODULE=on go test -test.v -coverprofile=coverage/coverage-unit-test-operatorapi.out)
+
 test-pkg:
 	@echo "execute test and get coverage"
 	@(cd pkg && mkdir coverage && GO111MODULE=on go test -test.v -coverprofile=coverage/coverage-pkg.out)
@@ -231,7 +263,7 @@ clean:
 	@rm -vf console

 docker:
-	@docker buildx build --output=type=docker --platform linux/amd64 -t $(TAG) --build-arg build_version=$(BUILD_VERSION) --build-arg build_time='$(BUILD_TIME)' .
+	@docker buildx build --output=type=docker --platform linux/amd64 -t $(TAG) --build-arg build_version=$(BUILD_VERSION) --build-arg build_time='$(BUILD_TIME)' --build-arg NODE_VERSION='$(NODE_VERSION)' .

 release: swagger-gen
 	@echo "Generating Release: $(RELEASE)"
--- a/cluster/cluster.go
+++ b/cluster/cluster.go
@@ -17,6 +17,7 @@
 package cluster

 import (
+	directpvclient "github.com/minio/directpv/pkg/client"
 	operator "github.com/minio/operator/pkg/client/clientset/versioned"
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/rest"
@@ -25,8 +26,8 @@ import (

 // getTLSClientConfig will return the right TLS configuration for the K8S client based on the configured TLS certificate
 func getTLSClientConfig() rest.TLSClientConfig {
-	var defaultRootCAFile = "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"
-	var customRootCAFile = getK8sAPIServerTLSRootCA()
+	defaultRootCAFile := "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"
+	customRootCAFile := getK8sAPIServerTLSRootCA()
 	tlsClientConfig := rest.TLSClientConfig{}
 	// if console is running inside k8s by default he will have access to the CA Cert from the k8s local authority
 	if _, err := certutil.NewPool(defaultRootCAFile); err == nil {
@@ -63,3 +64,13 @@ func OperatorClient(token string) (*operator.Clientset, error) {
 func K8sClient(token string) (*kubernetes.Clientset, error) {
 	return kubernetes.NewForConfig(GetK8sConfig(token))
 }
+
+// DirectPV interfaces  required to fetch information
+
+func DirectPVDriveInterface(token string) (*directpvclient.DirectCSIDriveInterface, error) {
+	return directpvclient.DirectCSIDriveInterfaceForConfig(GetK8sConfig(token))
+}
+
+func DirectPVVolumeInterface(token string) (*directpvclient.DirectCSIVolumeInterface, error) {
+	return directpvclient.DirectCSIVolumeInterfaceForConfig(GetK8sConfig(token))
+}
--- a/cmd/console/app_commands.go
+++ b/cmd/console/app_commands.go
@@ -40,7 +40,6 @@ var appCmds = []cli.Command{

 // StartServer starts the console service
 func StartServer(ctx *cli.Context) error {
-
 	// Load all certificates
 	if err := loadAllCerts(ctx); err != nil {
 		// Log this as a warning and continue running console without TLS certificates
--- a/cmd/console/operator.go
+++ b/cmd/console/operator.go
@@ -189,7 +189,6 @@ func loadOperatorAllCerts(ctx *cli.Context) error {

 // StartServer starts the console service
 func startOperatorServer(ctx *cli.Context) error {
-
 	if err := loadAllCerts(ctx); err != nil {
 		// Log this as a warning and continue running console without TLS certificates
 		restapi.LogError("Unable to load certs: %v", err)
--- a/go.mod
+++ b/go.mod
@@ -20,13 +20,14 @@ require (
 	github.com/jessevdk/go-flags v1.5.0
 	github.com/klauspost/compress v1.15.1
 	github.com/minio/cli v1.22.0
+	github.com/minio/directpv v1.4.4-0.20220805090942-948ca4731651
 	github.com/minio/highwayhash v1.0.2
 	github.com/minio/kes v0.19.2
-	github.com/minio/madmin-go v1.3.12
-	github.com/minio/mc v0.0.0-20220419155441-cc4ff3a0cc82
-	github.com/minio/minio-go/v7 v7.0.24
+	github.com/minio/madmin-go v1.4.3
+	github.com/minio/mc v0.0.0-20220705180830-01b87ecc02ff
+	github.com/minio/minio-go/v7 v7.0.30
 	github.com/minio/operator v0.0.0-20220414212219-ba4c097324b2
-	github.com/minio/pkg v1.1.21
+	github.com/minio/pkg v1.1.23
 	github.com/minio/selfupdate v0.4.0
 	github.com/mitchellh/go-homedir v1.1.0
 	github.com/rs/xid v1.4.0
@@ -34,20 +35,27 @@ require (
 	github.com/stretchr/testify v1.7.1
 	github.com/tidwall/gjson v1.14.0
 	github.com/unrolled/secure v1.10.0
-	golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4
+	golang.org/x/crypto v0.0.0-20220525230936-793ad666bf5e
 	golang.org/x/net v0.0.0-20220421235706-1d1ef9303861
 	golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5
 	gopkg.in/yaml.v2 v2.4.0
-	k8s.io/api v0.23.5
-	k8s.io/apimachinery v0.23.5
-	k8s.io/client-go v0.23.5
+	k8s.io/api v0.24.3
+	k8s.io/apimachinery v0.24.3
+	k8s.io/client-go v0.24.3
+	k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9
 )

 require (
+	cloud.google.com/go v0.81.0 // indirect
+	github.com/Azure/go-autorest v14.2.0+incompatible // indirect
+	github.com/Azure/go-autorest/autorest v0.11.18 // indirect
+	github.com/Azure/go-autorest/autorest/adal v0.9.13 // indirect
+	github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect
+	github.com/Azure/go-autorest/logger v0.2.1 // indirect
+	github.com/Azure/go-autorest/tracing v0.6.0 // indirect
 	github.com/VividCortex/ewma v1.2.0 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
-	github.com/briandowns/spinner v1.18.1 // indirect
 	github.com/cespare/xxhash/v2 v2.1.2 // indirect
 	github.com/charmbracelet/bubbles v0.10.3 // indirect
 	github.com/charmbracelet/bubbletea v0.20.0 // indirect
@@ -59,8 +67,11 @@ require (
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1 // indirect
 	github.com/docker/go-units v0.4.0 // indirect
+	github.com/emicklei/go-restful/v3 v3.8.0 // indirect
 	github.com/evanphx/json-patch v5.6.0+incompatible // indirect
 	github.com/fatih/structs v1.1.0 // indirect
+	github.com/form3tech-oss/jwt-go v3.2.3+incompatible // indirect
+	github.com/fsnotify/fsnotify v1.5.1 // indirect
 	github.com/gdamore/encoding v1.0.0 // indirect
 	github.com/gdamore/tcell/v2 v2.4.1-0.20210905002822-f057f0a857a1 // indirect
 	github.com/go-logr/logr v1.2.2 // indirect
@@ -72,13 +83,16 @@ require (
 	github.com/goccy/go-json v0.9.4 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
+	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/protobuf v1.5.2 // indirect
+	github.com/google/gnostic v0.5.7-v3refs // indirect
 	github.com/google/go-cmp v0.5.7 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
-	github.com/googleapis/gnostic v0.5.5 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
+	github.com/hashicorp/hcl v1.0.0 // indirect
+	github.com/imdario/mergo v0.3.12 // indirect
 	github.com/inconshreveable/mousetrap v1.0.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
@@ -91,12 +105,14 @@ require (
 	github.com/lestrrat-go/option v1.0.0 // indirect
 	github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
 	github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
+	github.com/magiconair/properties v1.8.5 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/mattn/go-colorable v0.1.12 // indirect
 	github.com/mattn/go-ieproxy v0.0.1 // indirect
 	github.com/mattn/go-isatty v0.0.14 // indirect
 	github.com/mattn/go-runewidth v0.0.13 // indirect
 	github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect
+	github.com/mb0/glob v0.0.0-20160210091149-1eb79d2de6c4 // indirect
 	github.com/minio/colorjson v1.0.2 // indirect
 	github.com/minio/filepath v1.0.0 // indirect
 	github.com/minio/md5-simd v1.1.2 // indirect
@@ -104,27 +120,37 @@ require (
 	github.com/mitchellh/mapstructure v1.4.3 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
+	github.com/montanaflynn/stats v0.6.6 // indirect
 	github.com/muesli/ansi v0.0.0-20211031195517-c9f0611b6c70 // indirect
 	github.com/muesli/reflow v0.3.0 // indirect
 	github.com/muesli/termenv v0.11.1-0.20220212125758-44cd13922739 // indirect
+	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/navidys/tvxwidgets v0.1.0 // indirect
 	github.com/oklog/ulid v1.3.1 // indirect
 	github.com/olekukonko/tablewriter v0.0.5 // indirect
+	github.com/pelletier/go-toml v1.9.3 // indirect
 	github.com/philhofer/fwd v1.1.2-0.20210722190033-5c56ac6d0bb9 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pkg/xattr v0.4.5 // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/posener/complete v1.2.3 // indirect
 	github.com/power-devops/perfstat v0.0.0-20220216144756-c35f1ee13d7c // indirect
-	github.com/prometheus/client_golang v1.12.1 // indirect
+	github.com/prometheus/client_golang v1.12.2 // indirect
 	github.com/prometheus/client_model v0.2.0 // indirect
-	github.com/prometheus/common v0.32.1 // indirect
+	github.com/prometheus/common v0.33.0 // indirect
 	github.com/prometheus/procfs v0.7.3 // indirect
+	github.com/prometheus/prom2json v1.3.1 // indirect
 	github.com/rivo/tview v0.0.0-20220216162559-96063d6082f3 // indirect
 	github.com/rivo/uniseg v0.2.0 // indirect
 	github.com/rjeczalik/notify v0.9.2 // indirect
 	github.com/shirou/gopsutil/v3 v3.22.2 // indirect
 	github.com/sirupsen/logrus v1.8.1 // indirect
+	github.com/spf13/afero v1.6.0 // indirect
+	github.com/spf13/cast v1.3.1 // indirect
+	github.com/spf13/jwalterweatherman v1.1.0 // indirect
+	github.com/spf13/pflag v1.0.5 // indirect
+	github.com/spf13/viper v1.8.1 // indirect
+	github.com/subosito/gotenv v1.2.0 // indirect
 	github.com/tidwall/match v1.1.1 // indirect
 	github.com/tidwall/pretty v1.2.0 // indirect
 	github.com/tinylib/msgp v1.1.7-0.20211026165309-e818a1881b0e // indirect
@@ -134,7 +160,7 @@ require (
 	go.etcd.io/etcd/api/v3 v3.5.2 // indirect
 	go.etcd.io/etcd/client/pkg/v3 v3.5.2 // indirect
 	go.etcd.io/etcd/client/v3 v3.5.2 // indirect
-	go.mongodb.org/mongo-driver v1.8.4 // indirect
+	go.mongodb.org/mongo-driver v1.9.1 // indirect
 	go.uber.org/atomic v1.9.0 // indirect
 	go.uber.org/multierr v1.8.0 // indirect
 	go.uber.org/zap v1.21.0 // indirect
@@ -150,11 +176,10 @@ require (
 	gopkg.in/h2non/filetype.v1 v1.0.5 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/ini.v1 v1.66.4 // indirect
-	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
-	k8s.io/klog/v2 v2.40.1 // indirect
-	k8s.io/kube-openapi v0.0.0-20220124234850-424119656bbf // indirect
-	k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9 // indirect
-	maze.io/x/duration v0.0.0-20160924141736-faac084b6075 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+	k8s.io/apiextensions-apiserver v0.24.3 // indirect
+	k8s.io/klog/v2 v2.60.1 // indirect
+	k8s.io/kube-openapi v0.0.0-20220627174259-011e075b9cb8 // indirect
 	sigs.k8s.io/controller-runtime v0.11.1 // indirect
 	sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2 // indirect
 	sigs.k8s.io/structured-merge-diff/v4 v4.2.1 // indirect
--- a/go.sum
+++ b/go.sum
--- a/integration/access_rules_test.go
+++ b/integration/access_rules_test.go
@@ -0,0 +1,216 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package integration
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"log"
+	"net/http"
+	"testing"
+	"time"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func Test_AddAccessRuleAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	AddBucket("testaccessruleadd", false, false, nil, nil)
+
+	type args struct {
+		bucket string
+		prefix string
+		access string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "Create Access Rule - Valid",
+			args: args{
+				bucket: "testaccessruleadd",
+				prefix: "/test/",
+				access: "readonly",
+			},
+			expectedStatus: 200,
+			expectedError:  nil,
+		},
+		{
+			name: "Add Access Rule - Invalid",
+			args: args{
+				bucket: "testaccessruleadd",
+				prefix: "/test/",
+				access: "readonl",
+			},
+			expectedStatus: 500,
+			expectedError:  nil,
+		},
+		{
+			name: "Add Access Rule - Invalid Bucket",
+			args: args{
+				bucket: "fakebucket",
+				prefix: "/test/",
+				access: "readonl",
+			},
+			expectedStatus: 404,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			requestDataPolicy := map[string]interface{}{}
+			requestDataPolicy["prefix"] = tt.args.prefix
+			requestDataPolicy["access"] = tt.args.access
+
+			requestDataJSON, _ := json.Marshal(requestDataPolicy)
+			requestDataBody := bytes.NewReader(requestDataJSON)
+			request, err := http.NewRequest(
+				"PUT", fmt.Sprintf("http://localhost:9090/api/v1/bucket/%s/access-rules", tt.args.bucket), requestDataBody)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
+			}
+		})
+	}
+}
+
+func Test_GetAccessRulesAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	AddBucket("testaccessruleget", false, false, nil, nil)
+
+	type args struct {
+		bucket string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "Get Access Rule - Valid",
+			args: args{
+				bucket: "testaccessruleget",
+			},
+			expectedStatus: 200,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			request, err := http.NewRequest(
+				"GET", fmt.Sprintf("http://localhost:9090/api/v1/bucket/%s/access-rules", tt.args.bucket), nil)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
+			}
+		})
+	}
+}
+
+func Test_DeleteAccessRuleAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	AddBucket("testaccessruledelete", false, false, nil, nil)
+
+	type args struct {
+		prefix string
+		access string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "Delete Access Rule - Valid",
+			args: args{
+				prefix: "/test/",
+			},
+			expectedStatus: 200,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			requestDataPolicy := map[string]interface{}{}
+			requestDataPolicy["prefix"] = tt.args.prefix
+			requestDataPolicy["access"] = tt.args.access
+
+			requestDataJSON, _ := json.Marshal(requestDataPolicy)
+			requestDataBody := bytes.NewReader(requestDataJSON)
+			request, err := http.NewRequest(
+				"DELETE", "http://localhost:9090/api/v1/bucket/testaccessruledelete/access-rules", requestDataBody)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
+			}
+		})
+	}
+}
--- a/integration/admin_api_integration_test.go
+++ b/integration/admin_api_integration_test.go
@@ -154,7 +154,6 @@ func NotifyPostgres() (*http.Response, error) {
 }

 func TestNotifyPostgres(t *testing.T) {
-
 	// Variables
 	assert := assert.New(t)

@@ -170,11 +169,9 @@ func TestNotifyPostgres(t *testing.T) {
 	if response != nil {
 		assert.Equal(200, response.StatusCode, finalResponse)
 	}
-
 }

 func TestRestartService(t *testing.T) {
-
 	assert := assert.New(t)
 	restartResponse, restartError := RestartService()
 	assert.Nil(restartError)
@@ -190,7 +187,6 @@ func TestRestartService(t *testing.T) {
 			addObjRsp,
 		)
 	}
-
 }

 func ListPoliciesWithBucket(bucketName string) (*http.Response, error) {
@@ -214,7 +210,6 @@ func ListPoliciesWithBucket(bucketName string) (*http.Response, error) {
 }

 func TestListPoliciesWithBucket(t *testing.T) {
-
 	// Test Variables
 	bucketName := "testlistpolicieswithbucket"
 	assert := assert.New(t)
@@ -234,7 +229,6 @@ func TestListPoliciesWithBucket(t *testing.T) {
 			parsedResponse,
 		)
 	}
-
 }

 func ListUsersWithAccessToBucket(bucketName string) (*http.Response, error) {
@@ -258,7 +252,6 @@ func ListUsersWithAccessToBucket(bucketName string) (*http.Response, error) {
 }

 func TestListUsersWithAccessToBucket(t *testing.T) {
-
 	// Test Variables
 	bucketName := "testlistuserswithaccesstobucket1"
 	assert := assert.New(t)
@@ -278,11 +271,9 @@ func TestListUsersWithAccessToBucket(t *testing.T) {
 			parsedResponse,
 		)
 	}
-
 }

 func TestGetNodes(t *testing.T) {
-
 	assert := assert.New(t)
 	getNodesResponse, getNodesError := GetNodes()
 	assert.Nil(getNodesError)
@@ -298,7 +289,6 @@ func TestGetNodes(t *testing.T) {
 			addObjRsp,
 		)
 	}
-
 }

 func ArnList() (*http.Response, error) {
--- a/integration/buckets_test.go
+++ b/integration/buckets_test.go
@@ -56,8 +56,7 @@ func inspectHTTPResponse(httpResponse *http.Response) string {
 }

 func initConsoleServer() (*restapi.Server, error) {
-
-	//os.Setenv("CONSOLE_MINIO_SERVER", "localhost:9000")
+	// os.Setenv("CONSOLE_MINIO_SERVER", "localhost:9000")

 	swaggerSpec, err := loads.Embedded(restapi.SwaggerJSON, restapi.FlatSwaggerJSON)
 	if err != nil {
@@ -79,7 +78,7 @@ func initConsoleServer() (*restapi.Server, error) {
 	// register all APIs
 	server.ConfigureAPI()

-	//restapi.GlobalRootCAs, restapi.GlobalPublicCerts, restapi.GlobalTLSCertsManager = globalRootCAs, globalPublicCerts, globalTLSCerts
+	// restapi.GlobalRootCAs, restapi.GlobalPublicCerts, restapi.GlobalTLSCertsManager = globalRootCAs, globalPublicCerts, globalTLSCerts

 	consolePort, _ := strconv.Atoi("9090")

@@ -92,7 +91,6 @@ func initConsoleServer() (*restapi.Server, error) {
 }

 func TestMain(m *testing.M) {
-
 	// start console server
 	go func() {
 		fmt.Println("start server")
@@ -103,7 +101,6 @@ func TestMain(m *testing.M) {
 			return
 		}
 		srv.Serve()
-
 	}()

 	fmt.Println("sleeping")
@@ -132,7 +129,6 @@ func TestMain(m *testing.M) {
 	request.Header.Add("Content-Type", "application/json")

 	response, err := client.Do(request)
-
 	if err != nil {
 		log.Println(err)
 		return
@@ -162,7 +158,7 @@ func TestMain(m *testing.M) {

 	requestDataBody = bytes.NewReader(requestDataJSON)

-	// get list of buckets
+	// delete bucket
 	request, err = http.NewRequest("DELETE", "http://localhost:9090/api/v1/buckets/test1", requestDataBody)
 	if err != nil {
 		log.Println(err)
--- a/integration/config_test.go
+++ b/integration/config_test.go
@@ -31,38 +31,206 @@ import (
 func Test_ConfigAPI(t *testing.T) {
 	assert := assert.New(t)

-	type args struct {
-		api string
-	}
 	tests := []struct {
 		name           string
-		args           args
 		expectedStatus int
 		expectedError  error
 	}{
 		{
-			name: "Config - Valid",
-			args: args{
-				api: "/configs",
-			},
+			name:           "Config - Valid",
 			expectedStatus: 200,
 			expectedError:  nil,
 		},
 	}

+	client := &http.Client{
+		Timeout: 3 * time.Second,
+	}
+
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-
-			client := &http.Client{
-				Timeout: 3 * time.Second,
-			}
-
-			requestDataPolicy := map[string]interface{}{}
-
-			requestDataJSON, _ := json.Marshal(requestDataPolicy)
-			requestDataBody := bytes.NewReader(requestDataJSON)
-			request, err := http.NewRequest(
-				"GET", fmt.Sprintf("http://localhost:9090/api/v1%s", tt.args.api), requestDataBody)
+			request, err := http.NewRequest("GET", "http://localhost:9090/api/v1/configs", nil)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
+			}
+		})
+	}
+}
+
+func Test_GetConfigAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	type args struct {
+		name string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "Get Config - Valid",
+			args: args{
+				name: "storage_class",
+			},
+			expectedStatus: 200,
+			expectedError:  nil,
+		},
+		{
+			name: "Get Config - Invalid",
+			args: args{
+				name: "asdf",
+			},
+			expectedStatus: 404,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			request, err := http.NewRequest(
+				"GET", fmt.Sprintf("http://localhost:9090/api/v1/configs/%s", tt.args.name), nil)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
+			}
+		})
+	}
+}
+
+func Test_SetConfigAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	type args struct {
+		name      string
+		keyValues []map[string]interface{}
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "Set Config - Valid",
+			args: args{
+				name:      "region",
+				keyValues: []map[string]interface{}{{"key": "name", "value": "testServer"}, {"key": "region", "value": "us-west-1"}},
+			},
+			expectedStatus: 200,
+			expectedError:  nil,
+		},
+		{
+			name: "Set Config - Invalid",
+			args: args{
+				name:      "regiontest",
+				keyValues: []map[string]interface{}{{"key": "name", "value": "testServer"}, {"key": "region", "value": "us-west-1"}},
+			},
+			expectedStatus: 500,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			requestDataPolicy := map[string]interface{}{}
+
+			requestDataPolicy["key_values"] = tt.args.keyValues
+
+			requestDataJSON, _ := json.Marshal(requestDataPolicy)
+			requestDataBody := bytes.NewReader(requestDataJSON)
+			request, err := http.NewRequest(
+				"PUT", fmt.Sprintf("http://localhost:9090/api/v1/configs/%s", tt.args.name), requestDataBody)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
+			}
+		})
+	}
+}
+
+func Test_ResetConfigAPI(t *testing.T) {
+	assert := assert.New(t)
+
+	type args struct {
+		name string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "Reset Config - Valid",
+			args: args{
+				name: "region",
+			},
+			expectedStatus: 200,
+			expectedError:  nil,
+		},
+		{
+			name: "Reset Config - Invalid",
+			args: args{
+				name: "regiontest",
+			},
+			expectedStatus: 500,
+			expectedError:  nil,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+
+			requestDataPolicy := map[string]interface{}{}
+
+			requestDataJSON, _ := json.Marshal(requestDataPolicy)
+			requestDataBody := bytes.NewReader(requestDataJSON)
+			request, err := http.NewRequest(
+				"POST", fmt.Sprintf("http://localhost:9090/api/v1/configs/%s/reset", tt.args.name), requestDataBody)
 			if err != nil {
 				log.Println(err)
 				return
@@ -79,5 +247,4 @@ func Test_ConfigAPI(t *testing.T) {
 			}
 		})
 	}
-
 }
--- a/integration/groups_test.go
+++ b/integration/groups_test.go
@@ -18,6 +18,7 @@ package integration

 import (
 	"bytes"
+	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"log"
@@ -65,7 +66,6 @@ func Test_AddGroupAPI(t *testing.T) {

 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
@@ -92,10 +92,8 @@ func Test_AddGroupAPI(t *testing.T) {
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
 			}
-
 		})
 	}
-
 }

 func Test_GetGroupAPI(t *testing.T) {
@@ -116,7 +114,7 @@ func Test_GetGroupAPI(t *testing.T) {
 		{
 			name: "Get Group - Valid",
 			args: args{
-				api: "?name=getgroup1",
+				api: base64.StdEncoding.EncodeToString([]byte("getgroup1")),
 			},
 			expectedStatus: 200,
 			expectedError:  nil,
@@ -124,7 +122,7 @@ func Test_GetGroupAPI(t *testing.T) {
 		{
 			name: "Get Group - Invalid",
 			args: args{
-				api: "?name=askfjalkd",
+				api: base64.StdEncoding.EncodeToString([]byte("askfjalkd")),
 			},
 			expectedStatus: 500,
 			expectedError:  nil,
@@ -133,7 +131,6 @@ func Test_GetGroupAPI(t *testing.T) {

 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
@@ -143,7 +140,7 @@ func Test_GetGroupAPI(t *testing.T) {
 			requestDataJSON, _ := json.Marshal(requestDataPolicy)
 			requestDataBody := bytes.NewReader(requestDataJSON)
 			request, err := http.NewRequest(
-				"GET", fmt.Sprintf("http://localhost:9090/api/v1/group%s", tt.args.api), requestDataBody)
+				"GET", fmt.Sprintf("http://localhost:9090/api/v1/group/%s", tt.args.api), requestDataBody)
 			if err != nil {
 				log.Println(err)
 				return
@@ -158,10 +155,8 @@ func Test_GetGroupAPI(t *testing.T) {
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
 			}
-
 		})
 	}
-
 }

 func Test_ListGroupsAPI(t *testing.T) {
@@ -181,7 +176,6 @@ func Test_ListGroupsAPI(t *testing.T) {

 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
@@ -206,10 +200,8 @@ func Test_ListGroupsAPI(t *testing.T) {
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
 			}
-
 		})
 	}
-
 }

 func Test_PutGroupsAPI(t *testing.T) {
@@ -232,7 +224,7 @@ func Test_PutGroupsAPI(t *testing.T) {
 		{
 			name: "Put Group - Valid",
 			args: args{
-				api:     "?name=putgroup1",
+				api:     base64.StdEncoding.EncodeToString([]byte("putgroup1")),
 				members: []string{"member3"},
 				status:  "enabled",
 			},
@@ -242,7 +234,7 @@ func Test_PutGroupsAPI(t *testing.T) {
 		{
 			name: "Put Group - Invalid",
 			args: args{
-				api:     "?name=gdgfdfgd",
+				api:     base64.StdEncoding.EncodeToString([]byte("gdgfdfgd")),
 				members: []string{"member3"},
 				status:  "enabled",
 			},
@@ -253,7 +245,6 @@ func Test_PutGroupsAPI(t *testing.T) {

 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
@@ -266,7 +257,7 @@ func Test_PutGroupsAPI(t *testing.T) {
 			requestDataJSON, _ := json.Marshal(requestDataPolicy)
 			requestDataBody := bytes.NewReader(requestDataJSON)
 			request, err := http.NewRequest(
-				"PUT", fmt.Sprintf("http://localhost:9090/api/v1/group%s", tt.args.api), requestDataBody)
+				"PUT", fmt.Sprintf("http://localhost:9090/api/v1/group/%s", tt.args.api), requestDataBody)
 			if err != nil {
 				log.Println(err)
 				return
@@ -281,10 +272,8 @@ func Test_PutGroupsAPI(t *testing.T) {
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
 			}
-
 		})
 	}
-
 }

 func Test_DeleteGroupAPI(t *testing.T) {
@@ -305,7 +294,7 @@ func Test_DeleteGroupAPI(t *testing.T) {
 		{
 			name: "Delete Group - Valid",
 			args: args{
-				api: "?name=grouptests1",
+				api: base64.StdEncoding.EncodeToString([]byte("grouptests1")),
 			},
 			verb:           "DELETE",
 			expectedStatus: 204,
@@ -314,7 +303,7 @@ func Test_DeleteGroupAPI(t *testing.T) {
 		{
 			name: "Delete Group - Invalid",
 			args: args{
-				api: "?name=grouptests12345",
+				api: base64.StdEncoding.EncodeToString([]byte("grouptests12345")),
 			},
 			verb:           "DELETE",
 			expectedStatus: 404,
@@ -323,7 +312,7 @@ func Test_DeleteGroupAPI(t *testing.T) {
 		{
 			name: "Access Group After Delete - Invalid",
 			args: args{
-				api: "?name=grouptests1",
+				api: base64.StdEncoding.EncodeToString([]byte("grouptests1")),
 			},
 			verb:           "GET",
 			expectedStatus: 500,
@@ -333,7 +322,6 @@ func Test_DeleteGroupAPI(t *testing.T) {

 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
@@ -343,7 +331,7 @@ func Test_DeleteGroupAPI(t *testing.T) {
 			requestDataJSON, _ := json.Marshal(requestDataPolicy)
 			requestDataBody := bytes.NewReader(requestDataJSON)
 			request, err := http.NewRequest(
-				tt.verb, fmt.Sprintf("http://localhost:9090/api/v1/group%s", tt.args.api), requestDataBody)
+				tt.verb, fmt.Sprintf("http://localhost:9090/api/v1/group/%s", tt.args.api), requestDataBody)
 			if err != nil {
 				log.Println(err)
 				return
@@ -358,8 +346,6 @@ func Test_DeleteGroupAPI(t *testing.T) {
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
 			}
-
 		})
 	}
-
 }
--- a/integration/inspect_test.go
+++ b/integration/inspect_test.go
@@ -0,0 +1,106 @@
+package integration
+
+import (
+	"fmt"
+	"log"
+	"net/http"
+	"testing"
+	"time"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func Inspect(volume string, file string, enc bool) (*http.Response, error) {
+	requestURL := fmt.Sprintf("http://localhost:9090/api/v1/admin/inspect?volume=%s&file=%s&encrypt=%t", volume, file, enc)
+	request, err := http.NewRequest(
+		"GET", requestURL, nil)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func TestInspect(t *testing.T) {
+	assert := assert.New(t)
+
+	type args struct {
+		volume  string
+		file    string
+		encrypt bool
+	}
+
+	// Inspect returns successful response always
+	tests := []struct {
+		name          string
+		args          args
+		expStatusCode int
+		expectedError bool
+	}{
+		{
+			name: "Test Invalid Path",
+			args: args{
+				volume:  "/test-with-slash",
+				file:    "/test-with-slash",
+				encrypt: false,
+			},
+			expStatusCode: 200,
+			expectedError: false,
+		},
+
+		{
+			name: "Test Invalid characters in Path",
+			args: args{
+				volume:  "//test",
+				file:    "//bucket",
+				encrypt: false,
+			},
+			expStatusCode: 200,
+			expectedError: true,
+		},
+		{
+			name: "Test valid bucket",
+			args: args{
+				volume:  "test-bucket",
+				file:    "test.txt",
+				encrypt: true,
+			},
+			expStatusCode: 200,
+			expectedError: false,
+		},
+		{
+			name: "Test Empty Path", // Un processable entity error
+			args: args{
+				volume:  "",
+				file:    "",
+				encrypt: false,
+			},
+			expStatusCode: 422,
+			expectedError: false,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			resp, err := Inspect(tt.args.volume, tt.args.file, tt.args.encrypt)
+			if tt.expectedError {
+				assert.Nil(err)
+				if err != nil {
+					log.Println(err)
+					return
+				}
+			}
+			if resp != nil {
+				assert.Equal(
+					tt.expStatusCode,
+					resp.StatusCode,
+				)
+			}
+		})
+	}
+}
--- a/integration/login_test.go
+++ b/integration/login_test.go
@@ -32,7 +32,6 @@ import (
 )

 func TestLoginStrategy(t *testing.T) {
-
 	assert := assert.New(t)

 	// image for now:
@@ -70,11 +69,9 @@ func TestLoginStrategy(t *testing.T) {
 		assert.Equal(models.LoginDetailsLoginStrategyForm, loginDetails.LoginStrategy, "Login Details don't match")

 	}
-
 }

 func TestLogout(t *testing.T) {
-
 	assert := assert.New(t)

 	// image for now:
@@ -133,5 +130,34 @@ func TestLogout(t *testing.T) {
 	assert.NotNil(response, "Logout response is nil")
 	assert.Nil(err, "Logout errored out")
 	assert.Equal(response.StatusCode, 200)
-
+}
+
+func TestBadLogin(t *testing.T) {
+	assert := assert.New(t)
+
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	requestData := map[string]string{
+		"accessKey": "minioadmin",
+		"secretKey": "minioadminbad",
+	}
+
+	requestDataJSON, _ := json.Marshal(requestData)
+
+	requestDataBody := bytes.NewReader(requestDataJSON)
+
+	request, err := http.NewRequest("POST", "http://localhost:9090/api/v1/login", requestDataBody)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	request.Header.Add("Content-Type", "application/json")
+
+	response, err := client.Do(request)
+
+	assert.Equal(401, response.StatusCode, "Login request not rejected")
+	assert.NotNil(response, "Login response is  nil")
+	assert.Nil(err, "Login errored out")
 }
--- a/integration/objects_test.go
+++ b/integration/objects_test.go
@@ -34,7 +34,6 @@ import (
 )

 func TestObjectGet(t *testing.T) {
-
 	// for setup we'll create a bucket and upload a file
 	endpoint := "localhost:9000"
 	accessKeyID := "minioadmin"
@@ -194,5 +193,4 @@ func TestObjectGet(t *testing.T) {
 			}
 		})
 	}
-
 }
--- a/integration/policy_test.go
+++ b/integration/policy_test.go
@@ -18,6 +18,7 @@ package integration

 import (
 	"bytes"
+	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"io/ioutil"
@@ -31,7 +32,7 @@ import (
 	"github.com/stretchr/testify/assert"
 )

-func AddPolicy(name string, definition string) (*http.Response, error) {
+func AddPolicy(name, definition string) (*http.Response, error) {
 	/*
 		This is an atomic function to add user and can be reused across
 		different functions.
@@ -59,7 +60,7 @@ func AddPolicy(name string, definition string) (*http.Response, error) {
 	return response, err
 }

-func SetPolicy(policies []string, entityName string, entityType string) (*http.Response, error) {
+func SetPolicy(policies []string, entityName, entityType string) (*http.Response, error) {
 	/*
 		This is an atomic function to add user and can be reused across
 		different functions.
@@ -182,7 +183,6 @@ func Test_AddPolicyAPI(t *testing.T) {

 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
@@ -213,7 +213,6 @@ func Test_AddPolicyAPI(t *testing.T) {
 			}
 		})
 	}
-
 }

 func Test_SetPolicyAPI(t *testing.T) {
@@ -298,7 +297,6 @@ func Test_SetPolicyAPI(t *testing.T) {

 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
@@ -330,7 +328,6 @@ func Test_SetPolicyAPI(t *testing.T) {
 			}
 		})
 	}
-
 }

 func Test_SetPolicyMultipleAPI(t *testing.T) {
@@ -412,7 +409,6 @@ func Test_SetPolicyMultipleAPI(t *testing.T) {

 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
@@ -442,7 +438,6 @@ func Test_SetPolicyMultipleAPI(t *testing.T) {
 			}
 		})
 	}
-
 }

 func Test_ListPoliciesAPI(t *testing.T) {
@@ -469,7 +464,6 @@ func Test_ListPoliciesAPI(t *testing.T) {

 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
@@ -492,7 +486,6 @@ func Test_ListPoliciesAPI(t *testing.T) {
 			}
 		})
 	}
-
 }

 func Test_GetPolicyAPI(t *testing.T) {
@@ -527,7 +520,7 @@ func Test_GetPolicyAPI(t *testing.T) {
 		{
 			name: "Get Policies - Invalid",
 			args: args{
-				api: "/policy?name=test3",
+				api: base64.StdEncoding.EncodeToString([]byte("test3")),
 			},
 			expectedStatus: 500,
 			expectedError:  nil,
@@ -535,7 +528,7 @@ func Test_GetPolicyAPI(t *testing.T) {
 		{
 			name: "Get Policies - Valid",
 			args: args{
-				api: "/policy?name=getpolicytest",
+				api: base64.StdEncoding.EncodeToString([]byte("getpolicytest")),
 			},
 			expectedStatus: 200,
 			expectedError:  nil,
@@ -544,13 +537,12 @@ func Test_GetPolicyAPI(t *testing.T) {

 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}

 			request, err := http.NewRequest(
-				"GET", fmt.Sprintf("http://localhost:9090/api/v1%s", tt.args.api), nil)
+				"GET", fmt.Sprintf("http://localhost:9090/api/v1/policy/%s", tt.args.api), nil)
 			if err != nil {
 				log.Println(err)
 				return
@@ -567,7 +559,6 @@ func Test_GetPolicyAPI(t *testing.T) {
 			}
 		})
 	}
-
 }

 func Test_PolicyListUsersAPI(t *testing.T) {
@@ -604,7 +595,7 @@ func Test_PolicyListUsersAPI(t *testing.T) {
 		{
 			name: "List Users for Policy - Valid",
 			args: args{
-				api: "/policies/policylistusers/users",
+				api: "/policies/" + base64.StdEncoding.EncodeToString([]byte("policylistusers")) + "/users",
 			},
 			expectedStatus: 200,
 			expectedError:  nil,
@@ -612,7 +603,7 @@ func Test_PolicyListUsersAPI(t *testing.T) {
 		{
 			name: "List Users for Policy - Invalid",
 			args: args{
-				api: "/policies/test2/users",
+				api: "/policies/" + base64.StdEncoding.EncodeToString([]byte("test2")) + "/users",
 			},
 			expectedStatus: 404,
 			expectedError:  nil,
@@ -621,7 +612,6 @@ func Test_PolicyListUsersAPI(t *testing.T) {

 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
@@ -646,10 +636,8 @@ func Test_PolicyListUsersAPI(t *testing.T) {
 					assert.Equal("[\"policyuser4\"]\n", string(bodyBytes))
 				}
 			}
-
 		})
 	}
-
 }

 func Test_PolicyListGroupsAPI(t *testing.T) {
@@ -686,7 +674,7 @@ func Test_PolicyListGroupsAPI(t *testing.T) {
 		{
 			name: "List Users for Policy - Valid",
 			args: args{
-				api: "/policies/policylistgroups/groups",
+				api: "/policies/" + base64.StdEncoding.EncodeToString([]byte("policylistgroups")) + "/groups",
 			},
 			expectedStatus: 200,
 			expectedError:  nil,
@@ -694,7 +682,7 @@ func Test_PolicyListGroupsAPI(t *testing.T) {
 		{
 			name: "List Users for Policy - Invalid",
 			args: args{
-				api: "/policies/test3/groups",
+				api: "/policies/" + base64.StdEncoding.EncodeToString([]byte("test3")) + "/groups",
 			},
 			expectedStatus: 404,
 			expectedError:  nil,
@@ -703,7 +691,6 @@ func Test_PolicyListGroupsAPI(t *testing.T) {

 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
@@ -728,10 +715,8 @@ func Test_PolicyListGroupsAPI(t *testing.T) {
 					assert.Equal("[\"testgroup12345\"]\n", string(bodyBytes))
 				}
 			}
-
 		})
 	}
-
 }

 func Test_DeletePolicyAPI(t *testing.T) {
@@ -766,7 +751,7 @@ func Test_DeletePolicyAPI(t *testing.T) {
 		{
 			name: "Delete Policies - Valid",
 			args: args{
-				api:    "/policy?name=testdelete",
+				api:    base64.StdEncoding.EncodeToString([]byte("testdelete")),
 				method: "DELETE",
 			},
 			expectedStatus: 204,
@@ -775,7 +760,7 @@ func Test_DeletePolicyAPI(t *testing.T) {
 		{
 			name: "Get Policy After Delete - Invalid",
 			args: args{
-				api:    "/policy?name=testdelete",
+				api:    base64.StdEncoding.EncodeToString([]byte("testdelete")),
 				method: "GET",
 			},
 			expectedStatus: 500,
@@ -785,13 +770,79 @@ func Test_DeletePolicyAPI(t *testing.T) {

 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}

 			request, err := http.NewRequest(
-				tt.args.method, fmt.Sprintf("http://localhost:9090/api/v1%s", tt.args.api), nil)
+				tt.args.method, fmt.Sprintf("http://localhost:9090/api/v1/policy/%s", tt.args.api), nil)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+			request.Header.Add("Content-Type", "application/json")
+			response, err := client.Do(request)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if response != nil {
+				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
+			}
+		})
+	}
+}
+
+func Test_GetAUserPolicyAPI(t *testing.T) {
+	assert := assert.New(t)
+	// Create a User with a Policy to use for testing
+	groups := []string{}
+	policies := []string{"readwrite"}
+	_, err := AddUser("getuserpolicyuser", "secretKey", groups, policies)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	// encode usernames to pass to api
+	bName := []byte("getuserpolicyuser")
+	fName := []byte("failname")
+	encodedName := base64.URLEncoding.EncodeToString(bName)
+	encodedFailName := base64.URLEncoding.EncodeToString(fName)
+
+	type args struct {
+		api string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		expectedStatus int
+		expectedError  error
+	}{
+		{
+			name: "Get User Policy - Invalid",
+			args: args{
+				api: "/user/" + encodedFailName + "/policies",
+			},
+			expectedStatus: 401,
+			expectedError:  nil,
+		},
+		{
+			name: "Get User Policy - Valid",
+			args: args{
+				api: "/user/" + encodedName + "/policies",
+			},
+			expectedStatus: 200,
+			expectedError:  nil,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			client := &http.Client{
+				Timeout: 3 * time.Second,
+			}
+			request, err := http.NewRequest(
+				"GET", fmt.Sprintf("http://localhost:9090/api/v1%s", tt.args.api), nil)
 			if err != nil {
 				log.Println(err)
 				return
@@ -808,5 +859,4 @@ func Test_DeletePolicyAPI(t *testing.T) {
 			}
 		})
 	}
-
 }
--- a/integration/profiling_test.go
+++ b/integration/profiling_test.go
@@ -20,18 +20,16 @@ import (
 	"archive/zip"
 	"bytes"
 	"fmt"
-	"io"
 	"log"
 	"net/http"
-	"strings"
 	"testing"
-	"time"

+	"github.com/gorilla/websocket"
 	"github.com/stretchr/testify/assert"
 )

 func TestStartProfiling(t *testing.T) {
-	testAsser := assert.New(t)
+	testAssert := assert.New(t)

 	tests := []struct {
 		name string
@@ -43,7 +41,6 @@ func TestStartProfiling(t *testing.T) {

 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-
 			files := map[string]bool{
 				"profile-127.0.0.1:9000-goroutines.txt":                false,
 				"profile-127.0.0.1:9000-goroutines-before.txt":         false,
@@ -59,53 +56,28 @@ func TestStartProfiling(t *testing.T) {
 				"profile-127.0.0.1:9000-mutex-before.pprof":            false,
 			}

-			client := &http.Client{
-				Timeout: 3 * time.Second,
-			}
+			wsDestination := "/ws/profile?types=cpu,mem,block,mutex,trace,threads,goroutines"
+			wsFinalURL := fmt.Sprintf("ws://localhost:9090%s", wsDestination)

-			destination := "/api/v1/profiling/start"
-			finalURL := fmt.Sprintf("http://localhost:9090%s", destination)
-			request, err := http.NewRequest("POST", finalURL, strings.NewReader("{\"type\":\"cpu,mem,block,mutex,trace,threads,goroutines\"}"))
+			ws, _, err := websocket.DefaultDialer.Dial(wsFinalURL, nil)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			defer ws.Close()
+
+			_, zipFileBytes, err := ws.ReadMessage()
 			if err != nil {
 				log.Println(err)
 				return
 			}

-			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
-			request.Header.Add("Content-Type", "application/json")
-
-			response, err := client.Do(request)
-
-			testAsser.Nil(err, fmt.Sprintf("%s returned an error: %v", tt.name, err))
-			testAsser.Equal(201, response.StatusCode)
-
-			time.Sleep(5 * time.Second)
-
-			destination = "/api/v1/profiling/stop"
-			finalURL = fmt.Sprintf("http://localhost:9090%s", destination)
-			request, err = http.NewRequest("POST", finalURL, nil)
-			if err != nil {
-				log.Println(err)
-				return
-			}
-
-			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
-			request.Header.Add("Content-Type", "application/json")
-
-			response, err = client.Do(request)
-
-			testAsser.Nil(err, fmt.Sprintf("%s returned an error: %v", tt.name, err))
-			testAsser.Equal(200, response.StatusCode)
-			zipFileBytes, err := io.ReadAll(response.Body)
-			if err != nil {
-				testAsser.Nil(err, fmt.Sprintf("%s returned an error: %v", tt.name, err))
-			}
 			filetype := http.DetectContentType(zipFileBytes)
-			testAsser.Equal("application/zip", filetype)
+			testAssert.Equal("application/zip", filetype)

 			zipReader, err := zip.NewReader(bytes.NewReader(zipFileBytes), int64(len(zipFileBytes)))
 			if err != nil {
-				testAsser.Nil(err, fmt.Sprintf("%s returned an error: %v", tt.name, err))
+				testAssert.Nil(err, fmt.Sprintf("%s returned an error: %v", tt.name, err))
 			}

 			// Read all the files from zip archive
@@ -114,7 +86,7 @@ func TestStartProfiling(t *testing.T) {
 			}

 			for k, v := range files {
-				testAsser.Equal(true, v, fmt.Sprintf("%s : compressed file expected to have %v file inside", tt.name, k))
+				testAssert.Equal(true, v, fmt.Sprintf("%s : compressed file expected to have %v file inside", tt.name, k))
 			}
 		})
 	}
--- a/integration/service_account_test.go
+++ b/integration/service_account_test.go
@@ -18,6 +18,7 @@ package integration

 import (
 	"bytes"
+	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"log"
@@ -74,7 +75,8 @@ func TestAddServiceAccount(t *testing.T) {
 		assert.Equal(201, response.StatusCode, "Status Code is incorrect")
 	}

-	requestDataPolicy := map[string]interface{}{"policy": `
+	requestDataPolicy := map[string]interface{}{
+		"policy": `
  {
  "Version": "2012-10-17",
  "Statement": [
@@ -94,7 +96,7 @@ func TestAddServiceAccount(t *testing.T) {
 	requestDataJSON, _ = json.Marshal(requestDataPolicy)
 	requestDataBody = bytes.NewReader(requestDataJSON)
 	request, err = http.NewRequest(
-		"PUT", "http://localhost:9090/api/v1/service-accounts/testuser1/policy", requestDataBody)
+		"PUT", "http://localhost:9090/api/v1/service-accounts/"+base64.StdEncoding.EncodeToString([]byte("testuser1"))+"/policy", requestDataBody)
 	if err != nil {
 		log.Println(err)
 		return
@@ -113,7 +115,7 @@ func TestAddServiceAccount(t *testing.T) {

 	// Test policy
 	request, err = http.NewRequest(
-		"GET", "http://localhost:9090/api/v1/service-accounts/testuser1/policy", nil)
+		"GET", "http://localhost:9090/api/v1/service-accounts/"+base64.StdEncoding.EncodeToString([]byte("testuser1"))+"/policy", nil)
 	if err != nil {
 		log.Println(err)
 		return
@@ -145,7 +147,7 @@ func TestAddServiceAccount(t *testing.T) {
 	// {{baseUrl}}/user?name=proident velit
 	// Investiga como se borra en el browser.
 	request, err = http.NewRequest(
-		"DELETE", "http://localhost:9090/api/v1/service-accounts/testuser1", nil)
+		"DELETE", "http://localhost:9090/api/v1/service-accounts/"+base64.StdEncoding.EncodeToString([]byte("testuser1")), nil)
 	if err != nil {
 		log.Println(err)
 		return
@@ -161,7 +163,6 @@ func TestAddServiceAccount(t *testing.T) {
 		fmt.Println("DELETE StatusCode:", response.StatusCode)
 		assert.Equal(204, response.StatusCode, "has to be 204 when delete user")
 	}
-
 }

 func Test_ServiceAccountsAPI(t *testing.T) {
@@ -238,7 +239,6 @@ func Test_ServiceAccountsAPI(t *testing.T) {

 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
@@ -268,10 +268,8 @@ func Test_ServiceAccountsAPI(t *testing.T) {
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
 			}
-
 		})
 	}
-
 }

 func DeleteMultipleServiceAccounts(serviceAccounts []string) (*http.Response, error) {
@@ -310,9 +308,9 @@ func TestCreateServiceAccountForUserWithCredentials(t *testing.T) {
 	serviceAccountLengthInBytes := 40 // As observed, update as needed

 	// 1. Create the user
-	var groups = []string{}
-	var policies = []string{}
-	var secretKey = "testcreateserviceaccountforuserwithcrede"
+	groups := []string{}
+	policies := []string{}
+	secretKey := "testcreateserviceaccountforuserwithcrede"
 	response, err := AddUser(userName, "secretKey", groups, policies)
 	if err != nil {
 		log.Println(err)
@@ -405,5 +403,4 @@ func TestCreateServiceAccountForUserWithCredentials(t *testing.T) {
 			inspectHTTPResponse(response),
 		)
 	}
-
 }
--- a/integration/tiers_test.go
+++ b/integration/tiers_test.go
@@ -27,7 +27,6 @@ import (
 )

 func TestTiersList(t *testing.T) {
-
 	assert := assert.New(t)

 	// image for now:
@@ -51,5 +50,4 @@ func TestTiersList(t *testing.T) {
 	assert.NotNil(response, "Tiers List response is nil")
 	assert.Nil(err, "Tiers List errored out")
 	assert.Equal(response.StatusCode, 200)
-
 }
--- a/integration/user_api_bucket_test.go
+++ b/integration/user_api_bucket_test.go
--- a/integration/users_test.go
+++ b/integration/users_test.go
@@ -18,6 +18,7 @@ package integration

 import (
 	"bytes"
+	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"io"
@@ -31,7 +32,7 @@ import (
 	"github.com/stretchr/testify/assert"
 )

-func AddUser(accessKey string, secretKey string, groups []string, policies []string) (*http.Response, error) {
+func AddUser(accessKey, secretKey string, groups, policies []string) (*http.Response, error) {
 	/*
 		This is an atomic function to add user and can be reused across
 		different functions.
@@ -62,6 +63,7 @@ func AddUser(accessKey string, secretKey string, groups []string, policies []str
 }

 func DeleteUser(userName string) (*http.Response, error) {
+	userName = base64.StdEncoding.EncodeToString([]byte(userName))
 	/*
 		This is an atomic function to delete user and can be reused across
 		different functions.
@@ -70,7 +72,7 @@ func DeleteUser(userName string) (*http.Response, error) {
 		Timeout: 3 * time.Second,
 	}
 	request, err := http.NewRequest(
-		"DELETE", "http://localhost:9090/api/v1/user?name="+userName, nil)
+		"DELETE", "http://localhost:9090/api/v1/user/"+userName, nil)
 	if err != nil {
 		log.Println(err)
 	}
@@ -80,7 +82,7 @@ func DeleteUser(userName string) (*http.Response, error) {
 	return response, err
 }

-func ListUsers(offset string, limit string) (*http.Response, error) {
+func ListUsers(offset, limit string) (*http.Response, error) {
 	/*
 		This is an atomic function to list users.
 		{{baseUrl}}/users?offset=-5480083&limit=-5480083
@@ -102,6 +104,7 @@ func ListUsers(offset string, limit string) (*http.Response, error) {
 }

 func GetUserInformation(userName string) (*http.Response, error) {
+	userName = base64.StdEncoding.EncodeToString([]byte(userName))
 	/*
 		Helper function to get user information via API:
 		{{baseUrl}}/user?name=proident velit
@@ -111,7 +114,7 @@ func GetUserInformation(userName string) (*http.Response, error) {
 	}
 	request, err := http.NewRequest(
 		"GET",
-		"http://localhost:9090/api/v1/user?name="+userName,
+		"http://localhost:9090/api/v1/user/"+userName,
 		nil)
 	if err != nil {
 		log.Println(err)
@@ -122,7 +125,8 @@ func GetUserInformation(userName string) (*http.Response, error) {
 	return response, err
 }

-func UpdateUserInformation(name string, status string, groups []string) (*http.Response, error) {
+func UpdateUserInformation(name, status string, groups []string) (*http.Response, error) {
+	name = base64.StdEncoding.EncodeToString([]byte(name))
 	/*
 		Helper function to update user information:
 		PUT: {{baseUrl}}/user?name=proident velit
@@ -145,7 +149,7 @@ func UpdateUserInformation(name string, status string, groups []string) (*http.R
 	requestDataJSON, _ := json.Marshal(requestDataAdd)
 	requestDataBody := bytes.NewReader(requestDataJSON)
 	request, err := http.NewRequest(
-		"PUT", "http://localhost:9090/api/v1/user?name="+name, requestDataBody)
+		"PUT", "http://localhost:9090/api/v1/user/"+name, requestDataBody)
 	if err != nil {
 		log.Println(err)
 	}
@@ -156,6 +160,7 @@ func UpdateUserInformation(name string, status string, groups []string) (*http.R
 }

 func RemoveUser(name string) (*http.Response, error) {
+	name = base64.StdEncoding.EncodeToString([]byte(name))
 	/*
 		Helper function to remove user.
 		DELETE: {{baseUrl}}/user?name=proident velit
@@ -164,7 +169,7 @@ func RemoveUser(name string) (*http.Response, error) {
 		Timeout: 3 * time.Second,
 	}
 	request, err := http.NewRequest(
-		"DELETE", "http://localhost:9090/api/v1/user?name="+name, nil)
+		"DELETE", "http://localhost:9090/api/v1/user/"+name, nil)
 	if err != nil {
 		log.Println(err)
 	}
@@ -175,6 +180,7 @@ func RemoveUser(name string) (*http.Response, error) {
 }

 func UpdateGroupsForAUser(userName string, groups []string) (*http.Response, error) {
+	userName = base64.StdEncoding.EncodeToString([]byte(userName))
 	/*
 		Helper function to update groups for a user
 		PUT: {{baseUrl}}/user/groups?name=username
@@ -195,7 +201,7 @@ func UpdateGroupsForAUser(userName string, groups []string) (*http.Response, err
 	requestDataBody := bytes.NewReader(requestDataJSON)
 	request, err := http.NewRequest(
 		"PUT",
-		"http://localhost:9090/api/v1/user/groups?name="+userName,
+		"http://localhost:9090/api/v1/user/"+userName+"/groups",
 		requestDataBody,
 	)
 	if err != nil {
@@ -207,7 +213,8 @@ func UpdateGroupsForAUser(userName string, groups []string) (*http.Response, err
 	return response, err
 }

-func CreateServiceAccountForUser(userName string, policy string) (*http.Response, error) {
+func CreateServiceAccountForUser(userName, policy string) (*http.Response, error) {
+	userName = base64.StdEncoding.EncodeToString([]byte(userName))
 	/*
 		Helper function to Create Service Account for user
 		POST: api/v1/user/username/service-accounts
@@ -237,7 +244,8 @@ func CreateServiceAccountForUser(userName string, policy string) (*http.Response
 	return response, err
 }

-func CreateServiceAccountForUserWithCredentials(userName string, policy string, accessKey string, secretKey string) (*http.Response, error) {
+func CreateServiceAccountForUserWithCredentials(userName, policy, accessKey, secretKey string) (*http.Response, error) {
+	userName = base64.StdEncoding.EncodeToString([]byte(userName))
 	// Helper function to test "Create Service Account for User With Credentials" end point.
 	client := &http.Client{
 		Timeout: 3 * time.Second,
@@ -264,6 +272,7 @@ func CreateServiceAccountForUserWithCredentials(userName string, policy string,
 }

 func ReturnsAListOfServiceAccountsForAUser(userName string) (*http.Response, error) {
+	userName = base64.StdEncoding.EncodeToString([]byte(userName))
 	/*
 		Helper function to return a list of service accounts for a user.
 		GET: {{baseUrl}}/user/:name/service-accounts
@@ -312,7 +321,7 @@ func AddGroup(group string, members []string) (*http.Response, error) {
 	return response, err
 }

-func UsersGroupsBulk(users []string, groups []string) (*http.Response, error) {
+func UsersGroupsBulk(users, groups []string) (*http.Response, error) {
 	/*
 		Helper function to test Bulk functionality to Add Users to Groups.
 		PUT: {{baseUrl}}/users-groups-bulk
@@ -363,8 +372,8 @@ func TestAddUser(t *testing.T) {
 	assert := assert.New(t)

 	// With no groups & no policies
-	var groups = []string{}
-	var policies = []string{}
+	groups := []string{}
+	policies := []string{}
 	response, err := AddUser("accessKey", "secretKey", groups, policies)
 	if err != nil {
 		log.Println(err)
@@ -384,7 +393,6 @@ func TestAddUser(t *testing.T) {
 		fmt.Println("DELETE StatusCode:", response.StatusCode)
 		assert.Equal(204, response.StatusCode, "has to be 204 when delete user")
 	}
-
 }

 func TestListUsers(t *testing.T) {
@@ -398,8 +406,8 @@ func TestListUsers(t *testing.T) {
 	assert := assert.New(t)

 	// With no groups & no policies
-	var groups = []string{}
-	var policies = []string{}
+	groups := []string{}
+	policies := []string{}

 	// 1. Create the users
 	numberOfUsers := 5
@@ -454,7 +462,6 @@ func TestListUsers(t *testing.T) {
 				response.StatusCode, "has to be 204 when delete user")
 		}
 	}
-
 }

 func TestGetUserInfo(t *testing.T) {
@@ -465,8 +472,8 @@ func TestGetUserInfo(t *testing.T) {
 	// 1. Create the user
 	fmt.Println("TestGetUserInfo(): 1. Create the user")
 	assert := assert.New(t)
-	var groups = []string{}
-	var policies = []string{}
+	groups := []string{}
+	policies := []string{}
 	response, err := AddUser("accessKey", "secretKey", groups, policies)
 	if err != nil {
 		log.Println(err)
@@ -500,7 +507,6 @@ func TestGetUserInfo(t *testing.T) {
 	expected := "{\"accessKey\":\"accessKey\",\"memberOf\":null,\"policy\":[],\"status\":\"enabled\"}\n"
 	obtained := string(b)
 	assert.Equal(expected, obtained, "User Information is wrong")
-
 }

 func TestUpdateUserInfoSuccessfulResponse(t *testing.T) {
@@ -511,8 +517,8 @@ func TestUpdateUserInfoSuccessfulResponse(t *testing.T) {
 	assert := assert.New(t)

 	// 1. Create an active user
-	var groups = []string{}
-	var policies = []string{}
+	groups := []string{}
+	policies := []string{}
 	addUserResponse, addUserError := AddUser(
 		"updateuser", "secretKey", groups, policies)
 	if addUserError != nil {
@@ -545,7 +551,6 @@ func TestUpdateUserInfoSuccessfulResponse(t *testing.T) {
 		log.Fatalln(err)
 	}
 	assert.True(strings.Contains(string(b), "disabled"))
-
 }

 func TestUpdateUserInfoGenericErrorResponse(t *testing.T) {
@@ -556,8 +561,8 @@ func TestUpdateUserInfoGenericErrorResponse(t *testing.T) {
 	assert := assert.New(t)

 	// 1. Create an active user
-	var groups = []string{}
-	var policies = []string{}
+	groups := []string{}
+	policies := []string{}
 	addUserResponse, addUserError := AddUser(
 		"updateusererror", "secretKey", groups, policies)
 	if addUserError != nil {
@@ -590,7 +595,6 @@ func TestUpdateUserInfoGenericErrorResponse(t *testing.T) {
 		log.Fatalln(err)
 	}
 	assert.True(strings.Contains(string(b), "status not valid"))
-
 }

 func TestRemoveUserSuccessfulResponse(t *testing.T) {
@@ -601,8 +605,8 @@ func TestRemoveUserSuccessfulResponse(t *testing.T) {
 	assert := assert.New(t)

 	// 1. Create an active user
-	var groups = []string{}
-	var policies = []string{}
+	groups := []string{}
+	policies := []string{}
 	addUserResponse, addUserError := AddUser(
 		"testremoveuser1", "secretKey", groups, policies)
 	if addUserError != nil {
@@ -644,7 +648,6 @@ func TestRemoveUserSuccessfulResponse(t *testing.T) {
 	fmt.Println(finalResponse)
 	assert.True(strings.Contains(
 		finalResponse, "The specified user does not exist"), finalResponse)
-
 }

 func TestUpdateGroupsForAUser(t *testing.T) {
@@ -657,8 +660,8 @@ func TestUpdateGroupsForAUser(t *testing.T) {
 	groupName := "updategroupforausergroup"
 	userName := "updategroupsforauser1"
 	assert := assert.New(t)
-	var groups = []string{}
-	var policies = []string{}
+	groups := []string{}
+	policies := []string{}
 	response, err := AddUser(userName, "secretKey", groups, policies)
 	if err != nil {
 		log.Println(err)
@@ -670,7 +673,7 @@ func TestUpdateGroupsForAUser(t *testing.T) {
 	}

 	// 2. Update the groups of the created user with newGroups
-	var newGroups = make([]string, 3)
+	newGroups := make([]string, 3)
 	for i := 0; i < numberOfGroups; i++ {
 		newGroups[i] = groupName + strconv.Itoa(i)
 	}
@@ -701,7 +704,6 @@ func TestUpdateGroupsForAUser(t *testing.T) {
 		assert.True(strings.Contains(
 			finalResponse, groupName+strconv.Itoa(i)), finalResponse)
 	}
-
 }

 func TestCreateServiceAccountForUser(t *testing.T) {
@@ -716,8 +718,8 @@ func TestCreateServiceAccountForUser(t *testing.T) {
 	serviceAccountLengthInBytes := 40 // As observed, update as needed

 	// 1. Create the user
-	var groups = []string{}
-	var policies = []string{}
+	groups := []string{}
+	policies := []string{}
 	response, err := AddUser(userName, "secretKey", groups, policies)
 	if err != nil {
 		log.Println(err)
@@ -747,8 +749,10 @@ func TestCreateServiceAccountForUser(t *testing.T) {
 	}

 	// 3. Verify the service account for the user
-	listOfAccountsResponse,
-		listOfAccountsError := ReturnsAListOfServiceAccountsForAUser(userName)
+	listOfAccountsResponse, listOfAccountsError := ReturnsAListOfServiceAccountsForAUser(userName)
+
+	fmt.Println(listOfAccountsResponse, listOfAccountsError)
+
 	if listOfAccountsError != nil {
 		log.Println(listOfAccountsError)
 		assert.Fail("Error in listOfAccountsError")
@@ -761,8 +765,8 @@ func TestCreateServiceAccountForUser(t *testing.T) {
 			finalResponse,
 		)
 	}
-	assert.Equal(len(finalResponse), serviceAccountLengthInBytes, finalResponse)

+	assert.Equal(len(finalResponse), serviceAccountLengthInBytes, finalResponse)
 }

 func TestUsersGroupsBulk(t *testing.T) {
@@ -774,11 +778,11 @@ func TestUsersGroupsBulk(t *testing.T) {
 	assert := assert.New(t)
 	numberOfUsers := 5
 	numberOfGroups := 1
-	//var groups = []string{}
-	var policies = []string{}
+	// var groups = []string{}
+	policies := []string{}
 	username := "testusersgroupbulk"
 	groupName := "testusersgroupsbulkgroupone"
-	var members = []string{}
+	members := []string{}
 	users := make([]string, numberOfUsers)
 	groups := make([]string, numberOfGroups)

@@ -850,17 +854,16 @@ func TestUsersGroupsBulk(t *testing.T) {
 			assert.Equal(200, responseGetUserInfo.StatusCode, finalResponse)
 		}
 		// Make sure the user belongs to the created group
-		assert.True(strings.Contains(string(finalResponse), groupName))
+		assert.True(strings.Contains(finalResponse, groupName))
 	}
-
 }

 func Test_GetUserPolicyAPI(t *testing.T) {
 	assert := assert.New(t)

 	// 1. Create an active user with valid policy
-	var groups = []string{}
-	var policies = []string{"readwrite"}
+	groups := []string{}
+	policies := []string{"readwrite"}
 	addUserResponse, addUserError := AddUser(
 		"getpolicyuser", "secretKey", groups, policies)
 	if addUserError != nil {
@@ -894,7 +897,6 @@ func Test_GetUserPolicyAPI(t *testing.T) {

 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
@@ -917,5 +919,4 @@ func Test_GetUserPolicyAPI(t *testing.T) {
 			}
 		})
 	}
-
 }
--- a/integration/version_test.go
+++ b/integration/version_test.go
@@ -68,8 +68,6 @@ func Test_VersionAPI(t *testing.T) {
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
 			}
-
 		})
 	}
-
 }
--- a/k8s/operator-console/base/console-deployment.yaml
+++ b/k8s/operator-console/base/console-deployment.yaml
@@ -15,7 +15,7 @@ spec:
      serviceAccountName: console-sa
      containers:
        - name: console
-          image: 'minio/console:v0.16.2'
+          image: 'minio/console:v0.19.5'
          imagePullPolicy: "IfNotPresent"
          env:
            - name: CONSOLE_OPERATOR_MODE
--- a/k8s/operator-console/standalone/console-deployment.yaml
+++ b/k8s/operator-console/standalone/console-deployment.yaml
@@ -32,7 +32,7 @@ spec:
    spec:
      containers:
        - name: console
-          image: 'minio/console:v0.16.2'
+          image: 'minio/console:v0.19.5'
          imagePullPolicy: "IfNotPresent"
          env:
            - name: CONSOLE_MINIO_SERVER
--- a/models/a_user_policy_response.go
+++ b/models/a_user_policy_response.go
@@ -0,0 +1,67 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// AUserPolicyResponse a user policy response
+//
+// swagger:model aUserPolicyResponse
+type AUserPolicyResponse struct {
+
+	// policy
+	Policy string `json:"policy,omitempty"`
+}
+
+// Validate validates this a user policy response
+func (m *AUserPolicyResponse) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this a user policy response based on context it is used
+func (m *AUserPolicyResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *AUserPolicyResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *AUserPolicyResponse) UnmarshalBinary(b []byte) error {
+	var res AUserPolicyResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/api_key.go
+++ b/models/api_key.go
@@ -0,0 +1,67 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// APIKey api key
+//
+// swagger:model apiKey
+type APIKey struct {
+
+	// api key
+	APIKey string `json:"apiKey,omitempty"`
+}
+
+// Validate validates this api key
+func (m *APIKey) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this api key based on context it is used
+func (m *APIKey) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *APIKey) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *APIKey) UnmarshalBinary(b []byte) error {
+	var res APIKey
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/csr_element.go
+++ b/models/csr_element.go
@@ -0,0 +1,154 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// CsrElement csr element
+//
+// swagger:model csrElement
+type CsrElement struct {
+
+	// annotations
+	Annotations []*Annotation `json:"annotations"`
+
+	// deletion grace period seconds
+	DeletionGracePeriodSeconds int64 `json:"deletion_grace_period_seconds,omitempty"`
+
+	// generate name
+	GenerateName string `json:"generate_name,omitempty"`
+
+	// generation
+	Generation int64 `json:"generation,omitempty"`
+
+	// name
+	Name string `json:"name,omitempty"`
+
+	// namespace
+	Namespace string `json:"namespace,omitempty"`
+
+	// resource version
+	ResourceVersion string `json:"resource_version,omitempty"`
+
+	// status
+	Status string `json:"status,omitempty"`
+}
+
+// Validate validates this csr element
+func (m *CsrElement) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateAnnotations(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *CsrElement) validateAnnotations(formats strfmt.Registry) error {
+	if swag.IsZero(m.Annotations) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Annotations); i++ {
+		if swag.IsZero(m.Annotations[i]) { // not required
+			continue
+		}
+
+		if m.Annotations[i] != nil {
+			if err := m.Annotations[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("annotations" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("annotations" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this csr element based on the context it is used
+func (m *CsrElement) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateAnnotations(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *CsrElement) contextValidateAnnotations(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.Annotations); i++ {
+
+		if m.Annotations[i] != nil {
+			if err := m.Annotations[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("annotations" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("annotations" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *CsrElement) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *CsrElement) UnmarshalBinary(b []byte) error {
+	var res CsrElement
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/csr_elements.go
+++ b/models/csr_elements.go
@@ -0,0 +1,133 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// CsrElements csr elements
+//
+// swagger:model csrElements
+type CsrElements struct {
+
+	// csr element
+	CsrElement []*CsrElement `json:"csrElement"`
+}
+
+// Validate validates this csr elements
+func (m *CsrElements) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateCsrElement(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *CsrElements) validateCsrElement(formats strfmt.Registry) error {
+	if swag.IsZero(m.CsrElement) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.CsrElement); i++ {
+		if swag.IsZero(m.CsrElement[i]) { // not required
+			continue
+		}
+
+		if m.CsrElement[i] != nil {
+			if err := m.CsrElement[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("csrElement" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("csrElement" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this csr elements based on the context it is used
+func (m *CsrElements) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateCsrElement(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *CsrElements) contextValidateCsrElement(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.CsrElement); i++ {
+
+		if m.CsrElement[i] != nil {
+			if err := m.CsrElement[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("csrElement" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("csrElement" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *CsrElements) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *CsrElements) UnmarshalBinary(b []byte) error {
+	var res CsrElements
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/describe_p_v_c_wrapper.go
+++ b/models/describe_p_v_c_wrapper.go
@@ -0,0 +1,217 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// DescribePVCWrapper describe p v c wrapper
+//
+// swagger:model describePVCWrapper
+type DescribePVCWrapper struct {
+
+	// access modes
+	AccessModes []string `json:"accessModes"`
+
+	// annotations
+	Annotations []*Annotation `json:"annotations"`
+
+	// capacity
+	Capacity string `json:"capacity,omitempty"`
+
+	// finalizers
+	Finalizers []string `json:"finalizers"`
+
+	// labels
+	Labels []*Label `json:"labels"`
+
+	// name
+	Name string `json:"name,omitempty"`
+
+	// namespace
+	Namespace string `json:"namespace,omitempty"`
+
+	// status
+	Status string `json:"status,omitempty"`
+
+	// storage class
+	StorageClass string `json:"storageClass,omitempty"`
+
+	// volume
+	Volume string `json:"volume,omitempty"`
+
+	// volume mode
+	VolumeMode string `json:"volumeMode,omitempty"`
+}
+
+// Validate validates this describe p v c wrapper
+func (m *DescribePVCWrapper) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateAnnotations(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateLabels(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *DescribePVCWrapper) validateAnnotations(formats strfmt.Registry) error {
+	if swag.IsZero(m.Annotations) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Annotations); i++ {
+		if swag.IsZero(m.Annotations[i]) { // not required
+			continue
+		}
+
+		if m.Annotations[i] != nil {
+			if err := m.Annotations[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("annotations" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("annotations" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+func (m *DescribePVCWrapper) validateLabels(formats strfmt.Registry) error {
+	if swag.IsZero(m.Labels) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Labels); i++ {
+		if swag.IsZero(m.Labels[i]) { // not required
+			continue
+		}
+
+		if m.Labels[i] != nil {
+			if err := m.Labels[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("labels" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("labels" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this describe p v c wrapper based on the context it is used
+func (m *DescribePVCWrapper) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateAnnotations(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.contextValidateLabels(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *DescribePVCWrapper) contextValidateAnnotations(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.Annotations); i++ {
+
+		if m.Annotations[i] != nil {
+			if err := m.Annotations[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("annotations" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("annotations" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+func (m *DescribePVCWrapper) contextValidateLabels(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.Labels); i++ {
+
+		if m.Labels[i] != nil {
+			if err := m.Labels[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("labels" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("labels" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *DescribePVCWrapper) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *DescribePVCWrapper) UnmarshalBinary(b []byte) error {
+	var res DescribePVCWrapper
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/direct_p_v_drive_info.go
+++ b/models/direct_p_v_drive_info.go
@@ -0,0 +1,85 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// DirectPVDriveInfo direct p v drive info
+//
+// swagger:model directPVDriveInfo
+type DirectPVDriveInfo struct {
+
+	// allocated
+	Allocated int64 `json:"allocated,omitempty"`
+
+	// capacity
+	Capacity int64 `json:"capacity,omitempty"`
+
+	// drive
+	Drive string `json:"drive,omitempty"`
+
+	// message
+	Message string `json:"message,omitempty"`
+
+	// node
+	Node string `json:"node,omitempty"`
+
+	// status
+	Status string `json:"status,omitempty"`
+
+	// volumes
+	Volumes int64 `json:"volumes,omitempty"`
+}
+
+// Validate validates this direct p v drive info
+func (m *DirectPVDriveInfo) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this direct p v drive info based on context it is used
+func (m *DirectPVDriveInfo) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *DirectPVDriveInfo) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *DirectPVDriveInfo) UnmarshalBinary(b []byte) error {
+	var res DirectPVDriveInfo
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/direct_p_v_volume_info.go
+++ b/models/direct_p_v_volume_info.go
@@ -0,0 +1,76 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// DirectPVVolumeInfo direct p v volume info
+//
+// swagger:model directPVVolumeInfo
+type DirectPVVolumeInfo struct {
+
+	// capacity
+	Capacity int64 `json:"capacity,omitempty"`
+
+	// drive
+	Drive string `json:"drive,omitempty"`
+
+	// node
+	Node string `json:"node,omitempty"`
+
+	// volume
+	Volume string `json:"volume,omitempty"`
+}
+
+// Validate validates this direct p v volume info
+func (m *DirectPVVolumeInfo) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this direct p v volume info based on context it is used
+func (m *DirectPVVolumeInfo) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *DirectPVVolumeInfo) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *DirectPVVolumeInfo) UnmarshalBinary(b []byte) error {
+	var res DirectPVVolumeInfo
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/format_direct_p_v_drives_response.go
+++ b/models/format_direct_p_v_drives_response.go
@@ -0,0 +1,133 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// FormatDirectPVDrivesResponse format direct p v drives response
+//
+// swagger:model formatDirectPVDrivesResponse
+type FormatDirectPVDrivesResponse struct {
+
+	// format issues list
+	FormatIssuesList []*PvFormatErrorResponse `json:"formatIssuesList"`
+}
+
+// Validate validates this format direct p v drives response
+func (m *FormatDirectPVDrivesResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateFormatIssuesList(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *FormatDirectPVDrivesResponse) validateFormatIssuesList(formats strfmt.Registry) error {
+	if swag.IsZero(m.FormatIssuesList) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.FormatIssuesList); i++ {
+		if swag.IsZero(m.FormatIssuesList[i]) { // not required
+			continue
+		}
+
+		if m.FormatIssuesList[i] != nil {
+			if err := m.FormatIssuesList[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("formatIssuesList" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("formatIssuesList" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this format direct p v drives response based on the context it is used
+func (m *FormatDirectPVDrivesResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateFormatIssuesList(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *FormatDirectPVDrivesResponse) contextValidateFormatIssuesList(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.FormatIssuesList); i++ {
+
+		if m.FormatIssuesList[i] != nil {
+			if err := m.FormatIssuesList[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("formatIssuesList" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("formatIssuesList" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *FormatDirectPVDrivesResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *FormatDirectPVDrivesResponse) UnmarshalBinary(b []byte) error {
+	var res FormatDirectPVDrivesResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/get_direct_p_v_drive_list_response.go
+++ b/models/get_direct_p_v_drive_list_response.go
@@ -0,0 +1,133 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// GetDirectPVDriveListResponse get direct p v drive list response
+//
+// swagger:model getDirectPVDriveListResponse
+type GetDirectPVDriveListResponse struct {
+
+	// drives
+	Drives []*DirectPVDriveInfo `json:"drives"`
+}
+
+// Validate validates this get direct p v drive list response
+func (m *GetDirectPVDriveListResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateDrives(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *GetDirectPVDriveListResponse) validateDrives(formats strfmt.Registry) error {
+	if swag.IsZero(m.Drives) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Drives); i++ {
+		if swag.IsZero(m.Drives[i]) { // not required
+			continue
+		}
+
+		if m.Drives[i] != nil {
+			if err := m.Drives[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("drives" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("drives" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this get direct p v drive list response based on the context it is used
+func (m *GetDirectPVDriveListResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateDrives(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *GetDirectPVDriveListResponse) contextValidateDrives(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.Drives); i++ {
+
+		if m.Drives[i] != nil {
+			if err := m.Drives[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("drives" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("drives" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *GetDirectPVDriveListResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *GetDirectPVDriveListResponse) UnmarshalBinary(b []byte) error {
+	var res GetDirectPVDriveListResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/get_direct_p_v_volume_list_response.go
+++ b/models/get_direct_p_v_volume_list_response.go
@@ -0,0 +1,133 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// GetDirectPVVolumeListResponse get direct p v volume list response
+//
+// swagger:model getDirectPVVolumeListResponse
+type GetDirectPVVolumeListResponse struct {
+
+	// volumes
+	Volumes []*DirectPVVolumeInfo `json:"volumes"`
+}
+
+// Validate validates this get direct p v volume list response
+func (m *GetDirectPVVolumeListResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateVolumes(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *GetDirectPVVolumeListResponse) validateVolumes(formats strfmt.Registry) error {
+	if swag.IsZero(m.Volumes) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Volumes); i++ {
+		if swag.IsZero(m.Volumes[i]) { // not required
+			continue
+		}
+
+		if m.Volumes[i] != nil {
+			if err := m.Volumes[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("volumes" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("volumes" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this get direct p v volume list response based on the context it is used
+func (m *GetDirectPVVolumeListResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateVolumes(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *GetDirectPVVolumeListResponse) contextValidateVolumes(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.Volumes); i++ {
+
+		if m.Volumes[i] != nil {
+			if err := m.Volumes[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("volumes" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("volumes" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *GetDirectPVVolumeListResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *GetDirectPVVolumeListResponse) UnmarshalBinary(b []byte) error {
+	var res GetDirectPVVolumeListResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/login_details.go
+++ b/models/login_details.go
@@ -37,6 +37,9 @@ import (
 // swagger:model loginDetails
 type LoginDetails struct {

+	// is direct p v
+	IsDirectPV bool `json:"isDirectPV,omitempty"`
+
 	// login strategy
 	// Enum: [form redirect service-account redirect-service-account]
 	LoginStrategy string `json:"loginStrategy,omitempty"`
--- a/models/login_request.go
+++ b/models/login_request.go
@@ -28,7 +28,6 @@ import (
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
-	"github.com/go-openapi/validate"
 )

 // LoginRequest login request
@@ -37,48 +36,32 @@ import (
 type LoginRequest struct {

 	// access key
-	// Required: true
-	AccessKey *string `json:"accessKey"`
+	AccessKey string `json:"accessKey,omitempty"`

 	// features
 	Features *LoginRequestFeatures `json:"features,omitempty"`

 	// secret key
-	// Required: true
-	SecretKey *string `json:"secretKey"`
+	SecretKey string `json:"secretKey,omitempty"`
+
+	// sts
+	Sts string `json:"sts,omitempty"`
 }

 // Validate validates this login request
 func (m *LoginRequest) Validate(formats strfmt.Registry) error {
 	var res []error

-	if err := m.validateAccessKey(formats); err != nil {
-		res = append(res, err)
-	}
-
 	if err := m.validateFeatures(formats); err != nil {
 		res = append(res, err)
 	}

-	if err := m.validateSecretKey(formats); err != nil {
-		res = append(res, err)
-	}
-
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
 	return nil
 }

-func (m *LoginRequest) validateAccessKey(formats strfmt.Registry) error {
-
-	if err := validate.Required("accessKey", "body", m.AccessKey); err != nil {
-		return err
-	}
-
-	return nil
-}
-
 func (m *LoginRequest) validateFeatures(formats strfmt.Registry) error {
 	if swag.IsZero(m.Features) { // not required
 		return nil
@@ -98,15 +81,6 @@ func (m *LoginRequest) validateFeatures(formats strfmt.Registry) error {
 	return nil
 }

-func (m *LoginRequest) validateSecretKey(formats strfmt.Registry) error {
-
-	if err := validate.Required("secretKey", "body", m.SecretKey); err != nil {
-		return err
-	}
-
-	return nil
-}
-
 // ContextValidate validate this login request based on the context it is used
 func (m *LoginRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
--- a/models/mp_integration.go
+++ b/models/mp_integration.go
@@ -0,0 +1,70 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// MpIntegration mp integration
+//
+// swagger:model mpIntegration
+type MpIntegration struct {
+
+	// email
+	Email string `json:"email,omitempty"`
+
+	// is in e u
+	IsInEU bool `json:"isInEU,omitempty"`
+}
+
+// Validate validates this mp integration
+func (m *MpIntegration) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this mp integration based on context it is used
+func (m *MpIntegration) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *MpIntegration) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *MpIntegration) UnmarshalBinary(b []byte) error {
+	var res MpIntegration
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/operator_session_response.go
+++ b/models/operator_session_response.go
@@ -37,6 +37,9 @@ import (
 // swagger:model operatorSessionResponse
 type OperatorSessionResponse struct {

+	// direct p v
+	DirectPV bool `json:"directPV,omitempty"`
+
 	// features
 	Features []string `json:"features"`

--- a/models/operator_subnet_api_key.go
+++ b/models/operator_subnet_api_key.go
@@ -0,0 +1,67 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// OperatorSubnetAPIKey operator subnet API key
+//
+// swagger:model operatorSubnetAPIKey
+type OperatorSubnetAPIKey struct {
+
+	// api key
+	APIKey string `json:"apiKey,omitempty"`
+}
+
+// Validate validates this operator subnet API key
+func (m *OperatorSubnetAPIKey) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this operator subnet API key based on context it is used
+func (m *OperatorSubnetAPIKey) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *OperatorSubnetAPIKey) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *OperatorSubnetAPIKey) UnmarshalBinary(b []byte) error {
+	var res OperatorSubnetAPIKey
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/operator_subnet_login_m_f_a_request.go
+++ b/models/operator_subnet_login_m_f_a_request.go
@@ -0,0 +1,122 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
+// OperatorSubnetLoginMFARequest operator subnet login m f a request
+//
+// swagger:model operatorSubnetLoginMFARequest
+type OperatorSubnetLoginMFARequest struct {
+
+	// mfa token
+	// Required: true
+	MfaToken *string `json:"mfa_token"`
+
+	// otp
+	// Required: true
+	Otp *string `json:"otp"`
+
+	// username
+	// Required: true
+	Username *string `json:"username"`
+}
+
+// Validate validates this operator subnet login m f a request
+func (m *OperatorSubnetLoginMFARequest) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateMfaToken(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateOtp(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateUsername(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *OperatorSubnetLoginMFARequest) validateMfaToken(formats strfmt.Registry) error {
+
+	if err := validate.Required("mfa_token", "body", m.MfaToken); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *OperatorSubnetLoginMFARequest) validateOtp(formats strfmt.Registry) error {
+
+	if err := validate.Required("otp", "body", m.Otp); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *OperatorSubnetLoginMFARequest) validateUsername(formats strfmt.Registry) error {
+
+	if err := validate.Required("username", "body", m.Username); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ContextValidate validates this operator subnet login m f a request based on context it is used
+func (m *OperatorSubnetLoginMFARequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *OperatorSubnetLoginMFARequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *OperatorSubnetLoginMFARequest) UnmarshalBinary(b []byte) error {
+	var res OperatorSubnetLoginMFARequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/operator_subnet_login_request.go
+++ b/models/operator_subnet_login_request.go
@@ -0,0 +1,70 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// OperatorSubnetLoginRequest operator subnet login request
+//
+// swagger:model operatorSubnetLoginRequest
+type OperatorSubnetLoginRequest struct {
+
+	// password
+	Password string `json:"password,omitempty"`
+
+	// username
+	Username string `json:"username,omitempty"`
+}
+
+// Validate validates this operator subnet login request
+func (m *OperatorSubnetLoginRequest) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this operator subnet login request based on context it is used
+func (m *OperatorSubnetLoginRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *OperatorSubnetLoginRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *OperatorSubnetLoginRequest) UnmarshalBinary(b []byte) error {
+	var res OperatorSubnetLoginRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/operator_subnet_login_response.go
+++ b/models/operator_subnet_login_response.go
@@ -0,0 +1,70 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// OperatorSubnetLoginResponse operator subnet login response
+//
+// swagger:model operatorSubnetLoginResponse
+type OperatorSubnetLoginResponse struct {
+
+	// access token
+	AccessToken string `json:"access_token,omitempty"`
+
+	// mfa token
+	MfaToken string `json:"mfa_token,omitempty"`
+}
+
+// Validate validates this operator subnet login response
+func (m *OperatorSubnetLoginResponse) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this operator subnet login response based on context it is used
+func (m *OperatorSubnetLoginResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *OperatorSubnetLoginResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *OperatorSubnetLoginResponse) UnmarshalBinary(b []byte) error {
+	var res OperatorSubnetLoginResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/operator_subnet_register_api_key.go
+++ b/models/operator_subnet_register_api_key.go
@@ -0,0 +1,67 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// OperatorSubnetRegisterAPIKey operator subnet register API key
+//
+// swagger:model operatorSubnetRegisterAPIKey
+type OperatorSubnetRegisterAPIKey struct {
+
+	// registered
+	Registered bool `json:"registered,omitempty"`
+}
+
+// Validate validates this operator subnet register API key
+func (m *OperatorSubnetRegisterAPIKey) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this operator subnet register API key based on context it is used
+func (m *OperatorSubnetRegisterAPIKey) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *OperatorSubnetRegisterAPIKey) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *OperatorSubnetRegisterAPIKey) UnmarshalBinary(b []byte) error {
+	var res OperatorSubnetRegisterAPIKey
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/operator_subnet_register_api_key_response.go
+++ b/models/operator_subnet_register_api_key_response.go
@@ -0,0 +1,67 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// OperatorSubnetRegisterAPIKeyResponse operator subnet register API key response
+//
+// swagger:model operatorSubnetRegisterAPIKeyResponse
+type OperatorSubnetRegisterAPIKeyResponse struct {
+
+	// registered
+	Registered bool `json:"registered,omitempty"`
+}
+
+// Validate validates this operator subnet register API key response
+func (m *OperatorSubnetRegisterAPIKeyResponse) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this operator subnet register API key response based on context it is used
+func (m *OperatorSubnetRegisterAPIKeyResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *OperatorSubnetRegisterAPIKeyResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *OperatorSubnetRegisterAPIKeyResponse) UnmarshalBinary(b []byte) error {
+	var res OperatorSubnetRegisterAPIKeyResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/permission_resource.go
+++ b/models/permission_resource.go
@@ -0,0 +1,73 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// PermissionResource permission resource
+//
+// swagger:model permissionResource
+type PermissionResource struct {
+
+	// condition operator
+	ConditionOperator string `json:"conditionOperator,omitempty"`
+
+	// prefixes
+	Prefixes []string `json:"prefixes"`
+
+	// resource
+	Resource string `json:"resource,omitempty"`
+}
+
+// Validate validates this permission resource
+func (m *PermissionResource) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this permission resource based on context it is used
+func (m *PermissionResource) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *PermissionResource) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *PermissionResource) UnmarshalBinary(b []byte) error {
+	var res PermissionResource
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/principal.go
+++ b/models/principal.go
@@ -46,8 +46,14 @@ type Principal struct {
 	// account access key
 	AccountAccessKey string `json:"accountAccessKey,omitempty"`

+	// custom style ob
+	CustomStyleOb string `json:"customStyleOb,omitempty"`
+
 	// hm
 	Hm bool `json:"hm,omitempty"`
+
+	// ob
+	Ob bool `json:"ob,omitempty"`
 }

 // Validate validates this principal
--- a/models/pv_format_error_response.go
+++ b/models/pv_format_error_response.go
@@ -0,0 +1,73 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// PvFormatErrorResponse pv format error response
+//
+// swagger:model pvFormatErrorResponse
+type PvFormatErrorResponse struct {
+
+	// drive
+	Drive string `json:"drive,omitempty"`
+
+	// error
+	Error string `json:"error,omitempty"`
+
+	// node
+	Node string `json:"node,omitempty"`
+}
+
+// Validate validates this pv format error response
+func (m *PvFormatErrorResponse) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this pv format error response based on context it is used
+func (m *PvFormatErrorResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *PvFormatErrorResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *PvFormatErrorResponse) UnmarshalBinary(b []byte) error {
+	var res PvFormatErrorResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/security_context.go
+++ b/models/security_context.go
@@ -37,8 +37,10 @@ import (
 type SecurityContext struct {

 	// fs group
-	// Required: true
-	FsGroup *string `json:"fsGroup"`
+	FsGroup string `json:"fsGroup,omitempty"`
+
+	// fs group change policy
+	FsGroupChangePolicy string `json:"fsGroupChangePolicy,omitempty"`

 	// run as group
 	// Required: true
@@ -57,10 +59,6 @@ type SecurityContext struct {
 func (m *SecurityContext) Validate(formats strfmt.Registry) error {
 	var res []error

-	if err := m.validateFsGroup(formats); err != nil {
-		res = append(res, err)
-	}
-
 	if err := m.validateRunAsGroup(formats); err != nil {
 		res = append(res, err)
 	}
@@ -79,15 +77,6 @@ func (m *SecurityContext) Validate(formats strfmt.Registry) error {
 	return nil
 }

-func (m *SecurityContext) validateFsGroup(formats strfmt.Registry) error {
-
-	if err := validate.Required("fsGroup", "body", m.FsGroup); err != nil {
-		return err
-	}
-
-	return nil
-}
-
 func (m *SecurityContext) validateRunAsGroup(formats strfmt.Registry) error {

 	if err := validate.Required("runAsGroup", "body", m.RunAsGroup); err != nil {
--- a/models/session_response.go
+++ b/models/session_response.go
@@ -25,6 +25,7 @@ package models
 import (
 	"context"
 	"encoding/json"
+	"strconv"

 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
@@ -37,6 +38,12 @@ import (
 // swagger:model sessionResponse
 type SessionResponse struct {

+	// allow resources
+	AllowResources []*PermissionResource `json:"allowResources"`
+
+	// custom styles
+	CustomStyles string `json:"customStyles,omitempty"`
+
 	// distributed mode
 	DistributedMode bool `json:"distributedMode,omitempty"`

@@ -58,6 +65,10 @@ type SessionResponse struct {
 func (m *SessionResponse) Validate(formats strfmt.Registry) error {
 	var res []error

+	if err := m.validateAllowResources(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateStatus(formats); err != nil {
 		res = append(res, err)
 	}
@@ -68,6 +79,32 @@ func (m *SessionResponse) Validate(formats strfmt.Registry) error {
 	return nil
 }

+func (m *SessionResponse) validateAllowResources(formats strfmt.Registry) error {
+	if swag.IsZero(m.AllowResources) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.AllowResources); i++ {
+		if swag.IsZero(m.AllowResources[i]) { // not required
+			continue
+		}
+
+		if m.AllowResources[i] != nil {
+			if err := m.AllowResources[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("allowResources" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("allowResources" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
 var sessionResponseTypeStatusPropEnum []interface{}

 func init() {
@@ -107,8 +144,37 @@ func (m *SessionResponse) validateStatus(formats strfmt.Registry) error {
 	return nil
 }

-// ContextValidate validates this session response based on context it is used
+// ContextValidate validate this session response based on the context it is used
 func (m *SessionResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateAllowResources(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *SessionResponse) contextValidateAllowResources(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.AllowResources); i++ {
+
+		if m.AllowResources[i] != nil {
+			if err := m.AllowResources[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("allowResources" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("allowResources" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
 	return nil
 }

--- a/models/set_administrators_request.go
+++ b/models/set_administrators_request.go
@@ -0,0 +1,70 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// SetAdministratorsRequest set administrators request
+//
+// swagger:model setAdministratorsRequest
+type SetAdministratorsRequest struct {
+
+	// group dns
+	GroupDNS []string `json:"group_dns"`
+
+	// user dns
+	UserDNS []string `json:"user_dns"`
+}
+
+// Validate validates this set administrators request
+func (m *SetAdministratorsRequest) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this set administrators request based on context it is used
+func (m *SetAdministratorsRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *SetAdministratorsRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *SetAdministratorsRequest) UnmarshalBinary(b []byte) error {
+	var res SetAdministratorsRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/tenant_logs.go
+++ b/models/tenant_logs.go
@@ -45,12 +45,18 @@ type TenantLogs struct {
 	// db image
 	DbImage string `json:"dbImage,omitempty"`

+	// db init image
+	DbInitImage string `json:"dbInitImage,omitempty"`
+
 	// db labels
 	DbLabels []*Label `json:"dbLabels"`

 	// db node selector
 	DbNodeSelector []*NodeSelector `json:"dbNodeSelector"`

+	// db security context
+	DbSecurityContext *SecurityContext `json:"dbSecurityContext,omitempty"`
+
 	// db service account name
 	DbServiceAccountName string `json:"dbServiceAccountName,omitempty"`

@@ -81,6 +87,9 @@ type TenantLogs struct {
 	// node selector
 	NodeSelector []*NodeSelector `json:"nodeSelector"`

+	// security context
+	SecurityContext *SecurityContext `json:"securityContext,omitempty"`
+
 	// service account name
 	ServiceAccountName string `json:"serviceAccountName,omitempty"`
 }
@@ -105,6 +114,10 @@ func (m *TenantLogs) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}

+	if err := m.validateDbSecurityContext(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateLabels(formats); err != nil {
 		res = append(res, err)
 	}
@@ -113,6 +126,10 @@ func (m *TenantLogs) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}

+	if err := m.validateSecurityContext(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -223,6 +240,25 @@ func (m *TenantLogs) validateDbNodeSelector(formats strfmt.Registry) error {
 	return nil
 }

+func (m *TenantLogs) validateDbSecurityContext(formats strfmt.Registry) error {
+	if swag.IsZero(m.DbSecurityContext) { // not required
+		return nil
+	}
+
+	if m.DbSecurityContext != nil {
+		if err := m.DbSecurityContext.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("dbSecurityContext")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("dbSecurityContext")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 func (m *TenantLogs) validateLabels(formats strfmt.Registry) error {
 	if swag.IsZero(m.Labels) { // not required
 		return nil
@@ -275,6 +311,25 @@ func (m *TenantLogs) validateNodeSelector(formats strfmt.Registry) error {
 	return nil
 }

+func (m *TenantLogs) validateSecurityContext(formats strfmt.Registry) error {
+	if swag.IsZero(m.SecurityContext) { // not required
+		return nil
+	}
+
+	if m.SecurityContext != nil {
+		if err := m.SecurityContext.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("securityContext")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("securityContext")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 // ContextValidate validate this tenant logs based on the context it is used
 func (m *TenantLogs) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
@@ -295,6 +350,10 @@ func (m *TenantLogs) ContextValidate(ctx context.Context, formats strfmt.Registr
 		res = append(res, err)
 	}

+	if err := m.contextValidateDbSecurityContext(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.contextValidateLabels(ctx, formats); err != nil {
 		res = append(res, err)
 	}
@@ -303,6 +362,10 @@ func (m *TenantLogs) ContextValidate(ctx context.Context, formats strfmt.Registr
 		res = append(res, err)
 	}

+	if err := m.contextValidateSecurityContext(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -389,6 +452,22 @@ func (m *TenantLogs) contextValidateDbNodeSelector(ctx context.Context, formats
 	return nil
 }

+func (m *TenantLogs) contextValidateDbSecurityContext(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.DbSecurityContext != nil {
+		if err := m.DbSecurityContext.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("dbSecurityContext")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("dbSecurityContext")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 func (m *TenantLogs) contextValidateLabels(ctx context.Context, formats strfmt.Registry) error {

 	for i := 0; i < len(m.Labels); i++ {
@@ -429,6 +508,22 @@ func (m *TenantLogs) contextValidateNodeSelector(ctx context.Context, formats st
 	return nil
 }

+func (m *TenantLogs) contextValidateSecurityContext(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.SecurityContext != nil {
+		if err := m.SecurityContext.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("securityContext")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("securityContext")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 // MarshalBinary interface implementation
 func (m *TenantLogs) MarshalBinary() ([]byte, error) {
 	if m == nil {
--- a/models/tenant_monitoring_info.go
+++ b/models/tenant_monitoring_info.go
@@ -63,6 +63,9 @@ type TenantMonitoringInfo struct {
 	// prometheus enabled
 	PrometheusEnabled bool `json:"prometheusEnabled,omitempty"`

+	// security context
+	SecurityContext *SecurityContext `json:"securityContext,omitempty"`
+
 	// service account name
 	ServiceAccountName string `json:"serviceAccountName,omitempty"`

@@ -92,6 +95,10 @@ func (m *TenantMonitoringInfo) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}

+	if err := m.validateSecurityContext(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -176,6 +183,25 @@ func (m *TenantMonitoringInfo) validateNodeSelector(formats strfmt.Registry) err
 	return nil
 }

+func (m *TenantMonitoringInfo) validateSecurityContext(formats strfmt.Registry) error {
+	if swag.IsZero(m.SecurityContext) { // not required
+		return nil
+	}
+
+	if m.SecurityContext != nil {
+		if err := m.SecurityContext.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("securityContext")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("securityContext")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 // ContextValidate validate this tenant monitoring info based on the context it is used
 func (m *TenantMonitoringInfo) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
@@ -192,6 +218,10 @@ func (m *TenantMonitoringInfo) ContextValidate(ctx context.Context, formats strf
 		res = append(res, err)
 	}

+	if err := m.contextValidateSecurityContext(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -258,6 +288,22 @@ func (m *TenantMonitoringInfo) contextValidateNodeSelector(ctx context.Context,
 	return nil
 }

+func (m *TenantMonitoringInfo) contextValidateSecurityContext(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.SecurityContext != nil {
+		if err := m.SecurityContext.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("securityContext")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("securityContext")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 // MarshalBinary interface implementation
 func (m *TenantMonitoringInfo) MarshalBinary() ([]byte, error) {
 	if m == nil {
--- a/models/tenant_security_response.go
+++ b/models/tenant_security_response.go
@@ -41,6 +41,9 @@ type TenantSecurityResponse struct {

 	// custom certificates
 	CustomCertificates *TenantSecurityResponseCustomCertificates `json:"customCertificates,omitempty"`
+
+	// security context
+	SecurityContext *SecurityContext `json:"securityContext,omitempty"`
 }

 // Validate validates this tenant security response
@@ -51,6 +54,10 @@ func (m *TenantSecurityResponse) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}

+	if err := m.validateSecurityContext(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -76,6 +83,25 @@ func (m *TenantSecurityResponse) validateCustomCertificates(formats strfmt.Regis
 	return nil
 }

+func (m *TenantSecurityResponse) validateSecurityContext(formats strfmt.Registry) error {
+	if swag.IsZero(m.SecurityContext) { // not required
+		return nil
+	}
+
+	if m.SecurityContext != nil {
+		if err := m.SecurityContext.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("securityContext")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("securityContext")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 // ContextValidate validate this tenant security response based on the context it is used
 func (m *TenantSecurityResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
@@ -84,6 +110,10 @@ func (m *TenantSecurityResponse) ContextValidate(ctx context.Context, formats st
 		res = append(res, err)
 	}

+	if err := m.contextValidateSecurityContext(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -106,6 +136,22 @@ func (m *TenantSecurityResponse) contextValidateCustomCertificates(ctx context.C
 	return nil
 }

+func (m *TenantSecurityResponse) contextValidateSecurityContext(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.SecurityContext != nil {
+		if err := m.SecurityContext.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("securityContext")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("securityContext")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 // MarshalBinary interface implementation
 func (m *TenantSecurityResponse) MarshalBinary() ([]byte, error) {
 	if m == nil {
--- a/models/update_tenant_security_request.go
+++ b/models/update_tenant_security_request.go
@@ -41,6 +41,9 @@ type UpdateTenantSecurityRequest struct {

 	// custom certificates
 	CustomCertificates *UpdateTenantSecurityRequestCustomCertificates `json:"customCertificates,omitempty"`
+
+	// security context
+	SecurityContext *SecurityContext `json:"securityContext,omitempty"`
 }

 // Validate validates this update tenant security request
@@ -51,6 +54,10 @@ func (m *UpdateTenantSecurityRequest) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}

+	if err := m.validateSecurityContext(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -76,6 +83,25 @@ func (m *UpdateTenantSecurityRequest) validateCustomCertificates(formats strfmt.
 	return nil
 }

+func (m *UpdateTenantSecurityRequest) validateSecurityContext(formats strfmt.Registry) error {
+	if swag.IsZero(m.SecurityContext) { // not required
+		return nil
+	}
+
+	if m.SecurityContext != nil {
+		if err := m.SecurityContext.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("securityContext")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("securityContext")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 // ContextValidate validate this update tenant security request based on the context it is used
 func (m *UpdateTenantSecurityRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
@@ -84,6 +110,10 @@ func (m *UpdateTenantSecurityRequest) ContextValidate(ctx context.Context, forma
 		res = append(res, err)
 	}

+	if err := m.contextValidateSecurityContext(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -106,6 +136,22 @@ func (m *UpdateTenantSecurityRequest) contextValidateCustomCertificates(ctx cont
 	return nil
 }

+func (m *UpdateTenantSecurityRequest) contextValidateSecurityContext(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.SecurityContext != nil {
+		if err := m.SecurityContext.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("securityContext")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("securityContext")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 // MarshalBinary interface implementation
 func (m *UpdateTenantSecurityRequest) MarshalBinary() ([]byte, error) {
 	if m == nil {
--- a/models/user_s_as.go
+++ b/models/user_s_as.go
@@ -0,0 +1,73 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// UserSAs user s as
+//
+// swagger:model userSAs
+type UserSAs struct {
+
+	// path
+	Path string `json:"path,omitempty"`
+
+	// recursive
+	Recursive bool `json:"recursive,omitempty"`
+
+	// version ID
+	VersionID string `json:"versionID,omitempty"`
+}
+
+// Validate validates this user s as
+func (m *UserSAs) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this user s as based on context it is used
+func (m *UserSAs) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *UserSAs) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *UserSAs) UnmarshalBinary(b []byte) error {
+	var res UserSAs
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/user_service_account_item.go
+++ b/models/user_service_account_item.go
@@ -0,0 +1,70 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// UserServiceAccountItem user service account item
+//
+// swagger:model userServiceAccountItem
+type UserServiceAccountItem struct {
+
+	// num s as
+	NumSAs int64 `json:"numSAs,omitempty"`
+
+	// user name
+	UserName string `json:"userName,omitempty"`
+}
+
+// Validate validates this user service account item
+func (m *UserServiceAccountItem) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this user service account item based on context it is used
+func (m *UserServiceAccountItem) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *UserServiceAccountItem) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *UserServiceAccountItem) UnmarshalBinary(b []byte) error {
+	var res UserServiceAccountItem
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/user_service_account_summary.go
+++ b/models/user_service_account_summary.go
@@ -0,0 +1,136 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// UserServiceAccountSummary user service account summary
+//
+// swagger:model userServiceAccountSummary
+type UserServiceAccountSummary struct {
+
+	// has s a
+	HasSA bool `json:"hasSA,omitempty"`
+
+	// list of users with number of service accounts
+	UserServiceAccountList []*UserServiceAccountItem `json:"userServiceAccountList"`
+}
+
+// Validate validates this user service account summary
+func (m *UserServiceAccountSummary) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateUserServiceAccountList(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *UserServiceAccountSummary) validateUserServiceAccountList(formats strfmt.Registry) error {
+	if swag.IsZero(m.UserServiceAccountList) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.UserServiceAccountList); i++ {
+		if swag.IsZero(m.UserServiceAccountList[i]) { // not required
+			continue
+		}
+
+		if m.UserServiceAccountList[i] != nil {
+			if err := m.UserServiceAccountList[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("userServiceAccountList" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("userServiceAccountList" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this user service account summary based on the context it is used
+func (m *UserServiceAccountSummary) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateUserServiceAccountList(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *UserServiceAccountSummary) contextValidateUserServiceAccountList(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.UserServiceAccountList); i++ {
+
+		if m.UserServiceAccountList[i] != nil {
+			if err := m.UserServiceAccountList[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("userServiceAccountList" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("userServiceAccountList" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *UserServiceAccountSummary) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *UserServiceAccountSummary) UnmarshalBinary(b []byte) error {
+	var res UserServiceAccountSummary
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/operator-integration/tenant_test.go
+++ b/operator-integration/tenant_test.go
@@ -39,7 +39,10 @@ import (
 	"github.com/stretchr/testify/assert"
 )

-var token string
+var (
+	token string
+	jwt   string
+)

 func inspectHTTPResponse(httpResponse *http.Response) string {
 	/*
@@ -88,8 +91,7 @@ func printEndFunc(functionName string) {
 }

 func initConsoleServer() (*operatorapi.Server, error) {
-
-	//os.Setenv("CONSOLE_MINIO_SERVER", "localhost:9000")
+	// os.Setenv("CONSOLE_MINIO_SERVER", "localhost:9000")

 	swaggerSpec, err := loads.Embedded(operatorapi.SwaggerJSON, operatorapi.FlatSwaggerJSON)
 	if err != nil {
@@ -127,51 +129,37 @@ func TestMain(m *testing.M) {
 	go func() {
 		fmt.Println("start server")
 		srv, err := initConsoleServer()
+		fmt.Println("Server has been started at this point")
 		if err != nil {
+			fmt.Println("There is an error in console server: ", err)
 			log.Println(err)
 			log.Println("init fail")
 			return
 		}
+		fmt.Println("Start serving with Serve() function")
 		srv.Serve()
-
+		fmt.Println("After Serve() function")
 	}()

 	fmt.Println("sleeping")
 	time.Sleep(2 * time.Second)
+	fmt.Println("after 2 seconds sleep")

-	client := &http.Client{
-		Timeout: 2 * time.Second,
-	}
+	fmt.Println("creating the client")

-	// kubectl to get token
-	app := "kubectl"
-	arg0 := "get"
-	arg1 := "serviceaccount"
-	arg2 := "console-sa"
-	arg3 := "--namespace"
-	arg4 := "minio-operator"
-	arg5 := "-o"
-	arg6 := "jsonpath=\"{.secrets[0].name}\""
-	cmd := exec.Command(app, arg0, arg1, arg2, arg3, arg4, arg5, arg6)
-	var out bytes.Buffer
-	var stderr bytes.Buffer
-	cmd.Stdout = &out
-	cmd.Stderr = &stderr
-	err := cmd.Run()
-	if err != nil {
-		fmt.Println(fmt.Sprint(err) + ": " + stderr.String())
-		return
-	}
-	secret := out.String() // "console-sa-token-kxdw2" <-- secret
+	// SA_TOKEN=$(kubectl -n minio-operator  get secret console-sa-secret -o jsonpath="{.data.token}" | base64 --decode)
+	fmt.Println("Where we have the secret already: ")
 	app2 := "kubectl"
 	argu0 := "--namespace"
 	argu1 := "minio-operator"
 	argu2 := "get"
 	argu3 := "secret"
-	argu4 := secret[1 : len(secret)-1]
+	argu4 := "console-sa-secret"
 	argu5 := "-o"
 	argu6 := "jsonpath=\"{.data.token}\""
+	fmt.Println("Prior executing second command to get the token")
 	cmd2 := exec.Command(app2, argu0, argu1, argu2, argu3, argu4, argu5, argu6)
+	fmt.Println("after executing second command to get the token")
 	var out2 bytes.Buffer
 	var stderr2 bytes.Buffer
 	cmd2.Stdout = &out2
@@ -182,25 +170,12 @@ func TestMain(m *testing.M) {
 		return
 	}
 	secret2 := out2.String()
-	secret3 := decodeBase64(secret2[1 : len(secret2)-1])
-	requestData := map[string]string{
-		"jwt": secret3,
+	jwt := decodeBase64(secret2[1 : len(secret2)-1])
+	if jwt == "" {
+		fmt.Println("jwt cannot be empty string")
+		os.Exit(-1)
 	}
-
-	requestDataJSON, _ := json.Marshal(requestData)
-
-	requestDataBody := bytes.NewReader(requestDataJSON)
-
-	request, err := http.NewRequest("POST", "http://localhost:9090/api/v1/login/operator", requestDataBody)
-	if err != nil {
-		log.Println(err)
-		return
-	}
-
-	request.Header.Add("Content-Type", "application/json")
-
-	response, err := client.Do(request)
-
+	response, err := LoginOperator()
 	if err != nil {
 		log.Println(err)
 		return
@@ -268,7 +243,7 @@ func TestListTenants(t *testing.T) {
 	}
 	TenantName := &result.Tenants[0].Name // The array has to be empty, no index accessible
 	fmt.Println(*TenantName)
-	assert.Equal("storage-lite", *TenantName, *TenantName)
+	assert.Equal("storage-kms-encrypted", *TenantName, *TenantName)
 	printEndFunc("TestListTenants")
 }

@@ -318,6 +293,29 @@ func CreateTenant(tenantName string, namespace string, accessKey string, secretK
 	return response, err
 }

+func DeleteTenant(nameSpace, tenant string) (*http.Response, error) {
+	/*
+		URL: /namespaces/{namespace}/tenants/{tenant}:
+		HTTP Verb: DELETE
+		Summary: Delete tenant and underlying pvcs
+	*/
+	request, err := http.NewRequest(
+		"DELETE",
+		"http://localhost:9090/api/v1/namespaces/"+nameSpace+"/tenants/"+tenant,
+		nil,
+	)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
 func TestCreateTenant(t *testing.T) {
 	printStartFunc("TestCreateTenant")

@@ -444,6 +442,159 @@ func TestCreateTenant(t *testing.T) {
 	printEndFunc("TestCreateTenant")
 }

+func TestDeleteTenant(t *testing.T) {
+	printStartFunc("TestCreateTenant")
+
+	// Variables
+	assert := assert.New(t)
+	erasureCodingParity := 2
+	tenantName := "new-tenant-3"
+	namespace := "new-namespace-3"
+
+	// 0. Create the namespace
+	resp, err := CreateNamespace(namespace)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	if resp != nil {
+		assert.Equal(
+			201, resp.StatusCode, inspectHTTPResponse(resp))
+	}
+
+	accessKey := ""
+	secretKey := ""
+	var accessKeys []string
+	var secretKeys []string
+	var minio []string
+	var caCertificates []string
+	var consoleCAcertificates []string
+	enableTLS := true
+	enableConsole := true
+	enablePrometheus := true
+	serviceName := ""
+	image := ""
+	exposeMinIO := true
+	exposeConsole := true
+	values := make([]string, 1)
+	values[0] = "new-tenant"
+	values2 := make([]string, 1)
+	values2[0] = "pool-0"
+	keys := make([]map[string]interface{}, 1)
+	keys[0] = map[string]interface{}{
+		"access_key": "IGLksSXdiU3fjcRI",
+		"secret_key": "EqeCPZ1xBYdnygizxxRWnkH09N2350nO",
+	}
+	pools := make([]map[string]interface{}, 1)
+	matchExpressions := make([]map[string]interface{}, 2)
+	matchExpressions[0] = map[string]interface{}{
+		"key":      "v1.min.io/tenant",
+		"operator": "In",
+		"values":   values,
+	}
+	matchExpressions[1] = map[string]interface{}{
+		"key":      "v1.min.io/pool",
+		"operator": "In",
+		"values":   values2,
+	}
+	requiredDuringSchedulingIgnoredDuringExecution := make([]map[string]interface{}, 1)
+	requiredDuringSchedulingIgnoredDuringExecution[0] = map[string]interface{}{
+		"labelSelector": map[string]interface{}{
+			"matchExpressions": matchExpressions,
+		},
+		"topologyKey": "kubernetes.io/hostname",
+	}
+	pools0 := map[string]interface{}{
+		"name":               "pool-0",
+		"servers":            4,
+		"volumes_per_server": 1,
+		"volume_configuration": map[string]interface{}{
+			"size":               26843545600,
+			"storage_class_name": "standard",
+		},
+		"securityContext": nil,
+		"affinity": map[string]interface{}{
+			"podAntiAffinity": map[string]interface{}{
+				"requiredDuringSchedulingIgnoredDuringExecution": requiredDuringSchedulingIgnoredDuringExecution,
+			},
+		},
+		"resources": map[string]interface{}{
+			"requests": map[string]interface{}{
+				"cpu":    2,
+				"memory": 2,
+			},
+		},
+	}
+	logSearchConfiguration := map[string]interface{}{
+		"image":               "",
+		"postgres_image":      "",
+		"postgres_init_image": "",
+	}
+	prometheusConfiguration := map[string]interface{}{
+		"image":         "",
+		"sidecar_image": "",
+		"init_image":    "",
+	}
+	tls := map[string]interface{}{
+		"minio":                   minio,
+		"ca_certificates":         caCertificates,
+		"console_ca_certificates": consoleCAcertificates,
+	}
+	idp := map[string]interface{}{
+		"keys": keys,
+	}
+	pools[0] = pools0
+
+	// 1. Create Tenant
+	resp, err = CreateTenant(
+		tenantName,
+		namespace,
+		accessKey,
+		secretKey,
+		accessKeys,
+		idp,
+		tls,
+		prometheusConfiguration,
+		logSearchConfiguration,
+		erasureCodingParity,
+		pools,
+		exposeConsole,
+		exposeMinIO,
+		image,
+		serviceName,
+		enablePrometheus,
+		enableConsole,
+		enableTLS,
+		secretKeys,
+	)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	if resp != nil {
+		assert.Equal(
+			200, resp.StatusCode, "Status Code is incorrect")
+	}
+
+	// 2. Delete tenant
+	resp, err = DeleteTenant(namespace, tenantName)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	if resp != nil {
+		assert.Equal(
+			204,
+			resp.StatusCode,
+			inspectHTTPResponse(resp),
+		)
+	}
+
+	printEndFunc("TestCreateTenant")
+}
+
 func ListTenantsByNameSpace(namespace string) (*http.Response, error) {
 	/*
 		Helper function to list buckets
@@ -484,7 +635,10 @@ func TestListTenantsByNameSpace(t *testing.T) {
 		log.Println(err)
 		assert.Nil(err)
 	}
-	TenantName := &result.Tenants[0].Name // The array has to be empty, no index accessible
+	if len(result.Tenants) == 0 {
+		assert.Fail("FAIL: There are no tenants in the array")
+	}
+	TenantName := &result.Tenants[0].Name
 	fmt.Println(*TenantName)
 	assert.Equal("new-tenant", *TenantName, *TenantName)
 }
@@ -609,3 +763,545 @@ func TestGetPodDescribe(t *testing.T) {
 			200, resp.StatusCode, "Status Code is incorrect")
 	}*/
 }
+
+func GetCSR(nameSpace string, tenant string) (*http.Response, error) {
+	/*
+		Helper function to get events for pod
+		URL: /namespaces/{namespace}/tenants/{tenant}/csr
+		HTTP Verb: GET
+	*/
+	request, err := http.NewRequest(
+		"GET", "http://localhost:9090/api/v1/namespaces/"+nameSpace+"/tenants/"+tenant+"/csr/", nil)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func TestGetCSR(t *testing.T) {
+	assert := assert.New(t)
+	namespace := "tenant-lite"
+	tenant := "storage-lite"
+	resp, err := GetCSR(namespace, tenant)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	finalResponse := inspectHTTPResponse(resp)
+	if resp != nil {
+		assert.Equal(
+			200, resp.StatusCode, finalResponse)
+	}
+	assert.Equal(strings.Contains(finalResponse, "Automatically approved by MinIO Operator"), true, finalResponse)
+}
+
+func TestGetMultipleCSRs(t *testing.T) {
+	/*
+		We can have multiple CSRs per tenant, the idea is to support them in our API and test them here, making sure we
+		can retrieve them all, as an example I found this tenant:
+		storage-kms-encrypted  -client  -tenant-kms-encrypted-csr
+		storage-kms-encrypted  -kes     -tenant-kms-encrypted-csr
+		storage-kms-encrypted           -tenant-kms-encrypted-csr
+		Notice the nomenclature of it:
+		<tenant-name>-<*>-<namespace>-csr
+		where * is anything either nothing or something, anything.
+	*/
+	assert := assert.New(t)
+	namespace := "tenant-kms-encrypted"
+	tenant := "storage-kms-encrypted"
+	resp, err := GetCSR(namespace, tenant)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	finalResponse := inspectHTTPResponse(resp)
+	if resp != nil {
+		assert.Equal(
+			200, resp.StatusCode, finalResponse)
+	}
+	var expectedMessages [3]string
+	expectedMessages[0] = "storage-kms-encrypted-tenant-kms-encrypted-csr"
+	expectedMessages[1] = "storage-kms-encrypted-kes-tenant-kms-encrypted-csr"
+	expectedMessages[2] = "Automatically approved by MinIO Operator"
+	for _, element := range expectedMessages {
+		assert.Equal(strings.Contains(finalResponse, element), true)
+	}
+}
+
+func ListPVCsForTenant(nameSpace string, tenant string) (*http.Response, error) {
+	/*
+		URL: /namespaces/{namespace}/tenants/{tenant}/pvcs
+		HTTP Verb: GET
+	*/
+	request, err := http.NewRequest(
+		"GET", "http://localhost:9090/api/v1/namespaces/"+nameSpace+"/tenants/"+tenant+"/pvcs/", nil)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func TestListPVCsForTenant(t *testing.T) {
+	/*
+		Function to list and verify the Tenant's Persistent Volume Claims
+	*/
+	assert := assert.New(t)
+	namespace := "tenant-lite"
+	tenant := "storage-lite"
+	resp, err := ListPVCsForTenant(namespace, tenant)
+	bodyResponse := resp.Body
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	if resp != nil {
+		assert.Equal(
+			200, resp.StatusCode, "failed")
+	}
+	bodyBytes, _ := ioutil.ReadAll(bodyResponse)
+	listObjs := models.ListPVCsResponse{}
+	err = json.Unmarshal(bodyBytes, &listObjs)
+	if err != nil {
+		log.Println(err)
+		assert.Nil(err)
+	}
+	var pvcArray [4]string
+	pvcArray[0] = "data0-storage-lite-pool-0-0"
+	pvcArray[1] = "data0-storage-lite-pool-0-1"
+	pvcArray[2] = "data0-storage-lite-pool-0-2"
+	pvcArray[3] = "data0-storage-lite-pool-0-3"
+	for i := 0; i < len(pvcArray); i++ {
+		assert.Equal(strings.Contains(listObjs.Pvcs[i].Name, pvcArray[i]), true)
+	}
+}
+
+func CreateNamespace(nameSpace string) (*http.Response, error) {
+	/*
+		Description: Creates a new Namespace with given information
+		URL: /namespace
+		HTTP Verb: POST
+	*/
+	requestDataAdd := map[string]interface{}{
+		"name": nameSpace,
+	}
+	requestDataJSON, _ := json.Marshal(requestDataAdd)
+	requestDataBody := bytes.NewReader(requestDataJSON)
+	request, err := http.NewRequest(
+		"POST",
+		"http://localhost:9090/api/v1/namespace/",
+		requestDataBody,
+	)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func TestCreateNamespace(t *testing.T) {
+	/*
+		Function to Create a Namespace only once.
+	*/
+	assert := assert.New(t)
+	namespace := "new-namespace-thujun2208pm"
+	tests := []struct {
+		name           string
+		nameSpace      string
+		expectedStatus int
+	}{
+		{
+			name:           "Create Namespace for the first time",
+			expectedStatus: 201,
+			nameSpace:      namespace,
+		},
+		{
+			name:           "Create repeated namespace for second time",
+			expectedStatus: 500,
+			nameSpace:      namespace,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			resp, err := CreateNamespace(tt.nameSpace)
+			assert.Nil(err)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			if resp != nil {
+				assert.Equal(
+					tt.expectedStatus, resp.StatusCode, "failed")
+			} else {
+				assert.Fail("resp cannot be nil")
+			}
+		})
+	}
+}
+
+func LoginOperator() (*http.Response, error) {
+	/*
+		Description: Login to Operator Console.
+		URL: /login/operator
+		Params in the Body: jwt
+	*/
+	requestData := map[string]string{
+		"jwt": jwt,
+	}
+	fmt.Println("requestData: ", requestData)
+
+	requestDataJSON, _ := json.Marshal(requestData)
+
+	requestDataBody := bytes.NewReader(requestDataJSON)
+
+	request, err := http.NewRequest("POST", "http://localhost:9090/api/v1/login/operator", requestDataBody)
+	if err != nil {
+		log.Println(err)
+	}
+
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func LogoutOperator() (*http.Response, error) {
+	/*
+		Description: Logout from Operator.
+		URL: /logout
+	*/
+	request, err := http.NewRequest(
+		"POST",
+		"http://localhost:9090/api/v1/logout",
+		nil,
+	)
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func TestLogout(t *testing.T) {
+	// Vars
+	assert := assert.New(t)
+
+	// 1. Logout
+	response, err := LogoutOperator()
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	if response != nil {
+		assert.Equal(
+			200,
+			response.StatusCode,
+			inspectHTTPResponse(response),
+		)
+	}
+
+	// 2. Login to recover token
+	response, err = LoginOperator()
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	if response != nil {
+		for _, cookie := range response.Cookies() {
+			if cookie.Name == "token" {
+				token = cookie.Value
+				break
+			}
+		}
+	}
+
+	// Verify token
+	if token == "" {
+		assert.Fail("authentication token not found in cookies response")
+	}
+}
+
+func EnableTenantLogging(namespace, tenant string) (*http.Response, error) {
+	/*
+		Description: Enable Tenant Logging
+		HTTP Verb: POST
+	*/
+	request, err := http.NewRequest(
+		"POST",
+		"http://localhost:9090/api/v1/namespaces/"+namespace+"/tenants/"+tenant+"/enable-logging",
+		nil,
+	)
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func DisableTenantLogging(namespace, tenant string) (*http.Response, error) {
+	/*
+		Description: Disable Tenant Logging
+	*/
+	request, err := http.NewRequest(
+		"POST",
+		"http://localhost:9090/api/v1/namespaces/"+namespace+"/tenants/"+tenant+"/disable-logging",
+		nil,
+	)
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func TestEnableTenantLogging(t *testing.T) {
+	// Vars
+	assert := assert.New(t)
+	namespace := "tenant-lite"
+	tenant := "storage-lite"
+
+	// Enable tenant logging
+	resp, err := EnableTenantLogging(namespace, tenant)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	if resp != nil {
+		assert.Equal(
+			200,
+			resp.StatusCode,
+			inspectHTTPResponse(resp),
+		)
+	}
+}
+
+func TestDisableTenantLogging(t *testing.T) {
+	// Vars
+	assert := assert.New(t)
+	namespace := "tenant-lite"
+	tenant := "storage-lite"
+
+	// Disable tenant logging
+	resp, err := DisableTenantLogging(namespace, tenant)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	if resp != nil {
+		assert.Equal(
+			200,
+			resp.StatusCode,
+			inspectHTTPResponse(resp),
+		)
+	}
+}
+
+func GetTenantLogs(nameSpace, tenant string) (*http.Response, error) {
+	/*
+		URL: /namespaces/{namespace}/tenants/{tenant}/log
+		summary: Get Tenant Logs
+		HTTP Verb:GET
+	*/
+	request, err := http.NewRequest(
+		"GET",
+		"http://localhost:9090/api/v1/namespaces/"+nameSpace+"/tenants/"+tenant+"/log",
+		nil,
+	)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func SetTenantLogs(labels, annotations, nodeSelector, dbLabels, dbAnnotations, dbNodeSelector []string, nameSpace, tenant, dbServiceAccountName, logMemRequest, logDBMemRequest, diskCapacityGB, serviceAccountName string) (*http.Response, error) {
+	/*
+		URL: /namespaces/{namespace}/tenants/{tenant}/log
+		summary: Set Tenant Logs
+		HTTP Verb: PUT
+	*/
+	requestDataAdd := map[string]interface{}{
+		"labels":               labels,
+		"annotations":          annotations,
+		"dbAnnotations":        dbAnnotations,
+		"dbLabels":             dbLabels,
+		"dbNodeSelector":       dbNodeSelector,
+		"diskCapacityGB":       diskCapacityGB,
+		"nodeSelector":         nodeSelector,
+		"serviceAccountName":   serviceAccountName,
+		"dbServiceAccountName": dbServiceAccountName,
+		"logMemRequest":        logMemRequest,
+		"logDBMemRequest":      logDBMemRequest,
+	}
+	requestDataJSON, _ := json.Marshal(requestDataAdd)
+	requestDataBody := bytes.NewReader(requestDataJSON)
+	request, err := http.NewRequest(
+		"PUT",
+		"http://localhost:9090/api/v1/namespaces/"+nameSpace+"/tenants/"+tenant+"/log",
+		requestDataBody,
+	)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func TestGetTenantLogs(t *testing.T) {
+	// Vars
+	assert := assert.New(t)
+	namespace := "tenant-lite"
+	tenant := "storage-lite"
+
+	// Get Log Settings
+	resp, err := GetTenantLogs(namespace, tenant)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	if resp != nil {
+		assert.Equal(
+			200,
+			resp.StatusCode,
+			inspectHTTPResponse(resp),
+		)
+	}
+}
+
+func TestSetTenantLogs(t *testing.T) {
+	// Vars
+	assert := assert.New(t)
+	nameSpace := "tenant-lite"
+	tenant := "storage-lite"
+	var nodeSelector []string
+	var labels []string
+	var annotations []string
+	var dbAnnotations []string
+	var dbNodeSelector []string
+	var dbLabels []string
+	diskCapacityGB := "2"
+	dbServiceAccountName := ""
+	logMemRequest := "0Gi"
+	logDBMemRequest := "0Gi"
+	serviceAccountName := ""
+
+	// Set Tenant Logs
+	resp, err := SetTenantLogs(
+		labels,
+		annotations,
+		nodeSelector,
+		dbLabels,
+		dbAnnotations,
+		dbNodeSelector,
+		nameSpace,
+		tenant,
+		dbServiceAccountName,
+		logMemRequest,
+		logDBMemRequest,
+		diskCapacityGB,
+		serviceAccountName,
+	)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	if resp != nil {
+		assert.Equal(
+			200,
+			resp.StatusCode,
+			inspectHTTPResponse(resp),
+		)
+	}
+}
+
+func TenantDetails(nameSpace, tenant string) (*http.Response, error) {
+	/*
+		url: /namespaces/{namespace}/tenants/{tenant}
+		summary: Tenant Details
+		operationId: TenantDetails
+		HTTP Verb: GET
+	*/
+	request, err := http.NewRequest(
+		"GET",
+		"http://localhost:9090/api/v1/namespaces/"+nameSpace+"/tenants/"+tenant,
+		nil,
+	)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func TestTenantDetails(t *testing.T) {
+	// Vars
+	assert := assert.New(t)
+	nameSpace := "tenant-lite"
+	tenant := "storage-lite"
+	resp, err := TenantDetails(nameSpace, tenant)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	if resp != nil {
+		assert.Equal(
+			200,
+			resp.StatusCode,
+			inspectHTTPResponse(resp),
+		)
+	}
+}
--- a/operatorapi/config.go
+++ b/operatorapi/config.go
@@ -69,3 +69,10 @@ func getK8sSAToken() string {
 func getMarketplace() string {
 	return env.Get(ConsoleMarketplace, "")
 }
+
+// Get DirectPVMode
+func getDirectPVEnabled() bool {
+	currentMode := env.Get(DirectPVMode, "off")
+
+	return currentMode == "on"
+}
--- a/operatorapi/config_test.go
+++ b/operatorapi/config_test.go
@@ -0,0 +1,98 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package operatorapi
+
+import (
+	"os"
+	"testing"
+)
+
+func Test_getK8sSAToken(t *testing.T) {
+	tests := []struct {
+		name string
+		want string
+		envs map[string]string
+	}{
+		{
+			name: "Missing file, empty",
+			want: "",
+			envs: nil,
+		},
+		{
+			name: "Missing file, return env",
+			want: "x",
+			envs: map[string]string{
+				ConsoleOperatorSAToken: "x",
+			},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if tt.envs != nil {
+				for k, v := range tt.envs {
+					os.Setenv(k, v)
+				}
+			}
+			if got := getK8sSAToken(); got != tt.want {
+				t.Errorf("getK8sSAToken() = %v, want %v", got, tt.want)
+			}
+			if tt.envs != nil {
+				for k := range tt.envs {
+					os.Unsetenv(k)
+				}
+			}
+		})
+	}
+}
+
+func Test_getMarketplace(t *testing.T) {
+	tests := []struct {
+		name string
+		want string
+		envs map[string]string
+	}{
+		{
+			name: "Nothing set",
+			want: "",
+			envs: nil,
+		},
+		{
+			name: "Value set",
+			want: "x",
+			envs: map[string]string{
+				ConsoleMarketplace: "x",
+			},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if tt.envs != nil {
+				for k, v := range tt.envs {
+					os.Setenv(k, v)
+				}
+			}
+			if got := getMarketplace(); got != tt.want {
+				t.Errorf("getMarketplace() = %v, want %v", got, tt.want)
+			}
+			if tt.envs != nil {
+				for k := range tt.envs {
+					os.Unsetenv(k)
+				}
+			}
+		})
+	}
+}
--- a/operatorapi/configure_operator.go
+++ b/operatorapi/configure_operator.go
@@ -52,7 +52,6 @@ func configureFlags(api *operations.OperatorAPI) {
 }

 func configureAPI(api *operations.OperatorAPI) http.Handler {
-
 	// Applies when the "x-token" header is set
 	api.KeyAuth = func(token string, scopes []string) (*models.Principal, error) {
 		// we are validating the session token by decrypting the claims inside, if the operation succeed that means the jwt
@@ -90,6 +89,12 @@ func configureAPI(api *operations.OperatorAPI) http.Handler {
 	registerVolumesHandlers(api)
 	// Namespaces handlers
 	registerNamespaceHandlers(api)
+	// Marketplace handlers
+	registerMarketplaceHandlers(api)
+	// Subnet handlers
+	registerOperatorSubnetHandlers(api)
+	// Direct PV handlers
+	registerDirectPVHandlers(api)

 	api.PreServerShutdown = func() {}

--- a/operatorapi/consts.go
+++ b/operatorapi/consts.go
@@ -25,6 +25,9 @@ const (
 	prometheusPath   = "prometheus.io/path"
 	prometheusPort   = "prometheus.io/port"
 	prometheusScrape = "prometheus.io/scrape"
+
+	// Constants for DirectPV
+	DirectPVMode = "DIRECTPV_MODE"
 )

 // Image versions
--- a/operatorapi/directpv.go
+++ b/operatorapi/directpv.go
@@ -0,0 +1,328 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package operatorapi
+
+import (
+	"context"
+	"errors"
+	"sort"
+	"strings"
+
+	"github.com/minio/directpv/pkg/utils"
+
+	"github.com/go-openapi/runtime/middleware"
+	"github.com/minio/console/cluster"
+	"github.com/minio/console/models"
+	"github.com/minio/console/operatorapi/operations"
+	"github.com/minio/console/operatorapi/operations/operator_api"
+	xerrors "github.com/minio/console/restapi"
+	directcsi "github.com/minio/directpv/pkg/apis/direct.csi.min.io/v1beta4"
+	"github.com/minio/directpv/pkg/sys"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+const XFS = "xfs"
+
+func registerDirectPVHandlers(api *operations.OperatorAPI) {
+	api.OperatorAPIGetDirectPVDriveListHandler = operator_api.GetDirectPVDriveListHandlerFunc(func(params operator_api.GetDirectPVDriveListParams, session *models.Principal) middleware.Responder {
+		resp, err := getDirectPVDrivesListResponse(session)
+		if err != nil {
+			return operator_api.NewGetDirectPVDriveListDefault(int(err.Code)).WithPayload(err)
+		}
+		return operator_api.NewGetDirectPVDriveListOK().WithPayload(resp)
+	})
+	api.OperatorAPIGetDirectPVVolumeListHandler = operator_api.GetDirectPVVolumeListHandlerFunc(func(params operator_api.GetDirectPVVolumeListParams, session *models.Principal) middleware.Responder {
+		resp, err := getDirectPVVolumesListResponse(session)
+		if err != nil {
+			return operator_api.NewGetDirectPVVolumeListDefault(int(err.Code)).WithPayload(err)
+		}
+		return operator_api.NewGetDirectPVVolumeListOK().WithPayload(resp)
+	})
+	api.OperatorAPIDirectPVFormatDriveHandler = operator_api.DirectPVFormatDriveHandlerFunc(func(params operator_api.DirectPVFormatDriveParams, session *models.Principal) middleware.Responder {
+		resp, err := formatVolumesResponse(session, params)
+		if err != nil {
+			return operator_api.NewDirectPVFormatDriveDefault(int(err.Code)).WithPayload(err)
+		}
+		return operator_api.NewDirectPVFormatDriveOK().WithPayload(resp)
+	})
+}
+
+// getDirectPVVolumesList returns directPV drives
+func getDirectPVDriveList(ctx context.Context, driveInterface DirectPVDrivesClientI) (*models.GetDirectPVDriveListResponse, error) {
+	drivesList, err := driveInterface.List(ctx, metav1.ListOptions{})
+	if err != nil {
+		return nil, err
+	}
+	res := &models.GetDirectPVDriveListResponse{}
+
+	// implementation same as directPV `drives ls` command
+	driveName := func(val string) string {
+		dr := strings.ReplaceAll(val, sys.DirectCSIDevRoot+"/", "")
+		dr = strings.ReplaceAll(dr, sys.HostDevRoot+"/", "")
+		return strings.ReplaceAll(dr, sys.DirectCSIPartitionInfix, "")
+	}
+	drivesSorted := drivesList.Items
+	// sort by nodename, path and status
+	sort.Slice(drivesSorted, func(i, j int) bool {
+		d1 := drivesSorted[i]
+		d2 := drivesSorted[j]
+
+		if v := strings.Compare(d1.Status.NodeName, d2.Status.NodeName); v != 0 {
+			return v < 0
+		}
+
+		if v := strings.Compare(d1.Status.Path, d2.Status.Path); v != 0 {
+			return v < 0
+		}
+
+		return strings.Compare(string(d1.Status.DriveStatus), string(d2.Status.DriveStatus)) < 0
+	})
+
+	for _, d := range drivesSorted {
+		volumes := 0
+
+		if len(d.Finalizers) > 1 {
+			volumes = len(d.Finalizers) - 1
+		}
+
+		dr := driveName(d.Status.Path)
+		dr = strings.ReplaceAll("/dev/"+dr, sys.DirectCSIPartitionInfix, "")
+
+		status := d.Status.DriveStatus
+		msg := ""
+		for _, c := range d.Status.Conditions {
+			switch c.Type {
+			case string(directcsi.DirectCSIDriveConditionInitialized), string(directcsi.DirectCSIDriveConditionOwned), string(directcsi.DirectCSIDriveConditionReady):
+				if c.Status != metav1.ConditionTrue {
+					msg = c.Message
+					if msg != "" {
+						status = d.Status.DriveStatus + "*"
+						msg = strings.ReplaceAll(msg, d.Name, "")
+						msg = strings.ReplaceAll(msg, sys.DirectCSIDevRoot, "/dev")
+						msg = strings.ReplaceAll(msg, sys.DirectCSIPartitionInfix, "")
+						msg = strings.Split(msg, "\n")[0]
+					}
+				}
+			}
+		}
+
+		var allocatedCapacity int64
+		if status == directcsi.DriveStatusInUse {
+			allocatedCapacity = d.Status.AllocatedCapacity
+		}
+
+		drStatus := d.Status.DriveStatus
+
+		driveInfo := &models.DirectPVDriveInfo{
+			Drive:     dr,
+			Capacity:  d.Status.TotalCapacity,
+			Allocated: allocatedCapacity,
+			Node:      d.Status.NodeName,
+			Status:    string(drStatus),
+			Message:   msg,
+			Volumes:   int64(volumes),
+		}
+		res.Drives = append(res.Drives, driveInfo)
+	}
+
+	return res, nil
+}
+
+func getDirectPVDrivesListResponse(session *models.Principal) (*models.GetDirectPVDriveListResponse, *models.Error) {
+	ctx := context.Background()
+
+	driveInterface, err := cluster.DirectPVDriveInterface(session.STSSessionToken)
+	if err != nil {
+		return nil, xerrors.ErrorWithContext(ctx, err)
+	}
+
+	directPVDrvClient := &directPVDrivesClient{
+		client: driveInterface,
+	}
+
+	drives, err := getDirectPVDriveList(ctx, directPVDrvClient)
+	if err != nil {
+		return nil, xerrors.ErrorWithContext(ctx, err)
+	}
+	return drives, nil
+}
+
+// getDirectPVVolumesList returns directPV volumes
+func getDirectPVVolumesList(ctx context.Context, volumeInterface DirectPVVolumesClientI) (*models.GetDirectPVVolumeListResponse, error) {
+	volList, err := volumeInterface.List(ctx, metav1.ListOptions{})
+	if err != nil {
+		return nil, err
+	}
+
+	driveName := func(val string) string {
+		dr := strings.ReplaceAll(val, sys.DirectCSIDevRoot+"/", "")
+		return strings.ReplaceAll(dr, sys.HostDevRoot+"/", "")
+	}
+
+	getLabelValue := func(obj metav1.Object, key string) string {
+		if labels := obj.GetLabels(); labels != nil {
+			return labels[key]
+		}
+		return ""
+	}
+
+	var volumes []*models.DirectPVVolumeInfo
+	for _, v := range volList.Items {
+		vol := &models.DirectPVVolumeInfo{
+			Volume:   v.Name,
+			Capacity: v.Status.TotalCapacity,
+			Drive:    driveName(getLabelValue(&v, string(utils.DrivePathLabelKey))),
+			Node:     v.Status.NodeName,
+		}
+
+		volumes = append(volumes, vol)
+	}
+
+	res := &models.GetDirectPVVolumeListResponse{
+		Volumes: volumes,
+	}
+	return res, nil
+}
+
+func getDirectPVVolumesListResponse(session *models.Principal) (*models.GetDirectPVVolumeListResponse, *models.Error) {
+	ctx := context.Background()
+
+	volumeInterface, err := cluster.DirectPVVolumeInterface(session.STSSessionToken)
+	if err != nil {
+		return nil, xerrors.ErrorWithContext(ctx, err)
+	}
+
+	directPVVolClient := &directPVVolumesClient{
+		client: volumeInterface,
+	}
+
+	volumes, err := getDirectPVVolumesList(ctx, directPVVolClient)
+	if err != nil {
+		return nil, xerrors.ErrorWithContext(ctx, err)
+	}
+	return volumes, nil
+}
+
+func formatDrives(ctx context.Context, driveInterface DirectPVDrivesClientI, drives []string, force bool) (*models.FormatDirectPVDrivesResponse, error) {
+	if len(drives) == 0 {
+		return nil, errors.New("at least one drive needs to be set")
+	}
+
+	driveList, err := driveInterface.List(ctx, metav1.ListOptions{})
+	if err != nil {
+		return nil, err
+	}
+
+	driveName := func(val string) string {
+		dr := strings.ReplaceAll(val, sys.DirectCSIDevRoot+"/", "")
+		dr = strings.ReplaceAll(dr, sys.HostDevRoot+"/", "")
+		return strings.ReplaceAll(dr, sys.DirectCSIPartitionInfix, "")
+	}
+
+	drivesArray := map[string]string{}
+
+	for _, driveFromAPI := range drives {
+		drivesArray[driveFromAPI] = driveFromAPI
+	}
+
+	if len(driveList.Items) == 0 {
+		return nil, errors.New("no resources found globally")
+	}
+
+	var errorResponses []*models.PvFormatErrorResponse
+
+	for _, driveItem := range driveList.Items {
+		drName := "/dev/" + driveName(driveItem.Status.Path)
+		driveName := driveItem.Status.NodeName + ":" + drName
+
+		base := &models.PvFormatErrorResponse{
+			Node:  driveItem.Status.NodeName,
+			Drive: drName,
+			Error: "",
+		}
+
+		// Element is requested to be formatted
+		if _, ok := drivesArray[driveName]; ok {
+			if driveItem.Status.DriveStatus == directcsi.DriveStatusUnavailable {
+				base.Error = "Status is unavailable"
+				errorResponses = append(errorResponses, base)
+				continue
+			}
+
+			if driveItem.Status.DriveStatus == directcsi.DriveStatusInUse {
+				base.Error = "Drive in use. Cannot be formatted"
+				errorResponses = append(errorResponses, base)
+				continue
+			}
+
+			if driveItem.Status.DriveStatus == directcsi.DriveStatusReady {
+				base.Error = "Drive already owned and managed."
+				errorResponses = append(errorResponses, base)
+				continue
+			}
+			if driveItem.Status.Filesystem != "" && !force {
+				base.Error = "Drive already has a fs. Use force to overwrite"
+				errorResponses = append(errorResponses, base)
+				continue
+			}
+
+			if driveItem.Status.DriveStatus == directcsi.DriveStatusReleased {
+				base.Error = "Drive is in 'released state'. Please wait until it becomes available"
+				errorResponses = append(errorResponses, base)
+				continue
+			}
+
+			// Validation passes, we request format
+			driveItem.Spec.DirectCSIOwned = true
+			driveItem.Spec.RequestedFormat = &directcsi.RequestedFormat{
+				Filesystem: XFS,
+				Force:      force,
+			}
+
+			_, err := driveInterface.Update(ctx, &driveItem, metav1.UpdateOptions{})
+			if err != nil {
+				base.Error = err.Error()
+				errorResponses = append(errorResponses, base)
+			}
+		}
+	}
+
+	returnErrors := &models.FormatDirectPVDrivesResponse{
+		FormatIssuesList: errorResponses,
+	}
+
+	return returnErrors, nil
+}
+
+func formatVolumesResponse(session *models.Principal, params operator_api.DirectPVFormatDriveParams) (*models.FormatDirectPVDrivesResponse, *models.Error) {
+	ctx := context.Background()
+
+	driveInterface, err := cluster.DirectPVDriveInterface(session.STSSessionToken)
+	if err != nil {
+		return nil, xerrors.ErrorWithContext(ctx, err)
+	}
+
+	directPVDrvClient := &directPVDrivesClient{
+		client: driveInterface,
+	}
+
+	formatResult, errFormat := formatDrives(ctx, directPVDrvClient, params.Body.Drives, *params.Body.Force)
+	if errFormat != nil {
+		return nil, xerrors.ErrorWithContext(ctx, errFormat)
+	}
+	return formatResult, nil
+}
--- a/operatorapi/directpv_client.go
+++ b/operatorapi/directpv_client.go
@@ -0,0 +1,73 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package operatorapi
+
+import (
+	"context"
+
+	"github.com/minio/directpv/pkg/apis/direct.csi.min.io/v1beta4"
+	directPVClient "github.com/minio/directpv/pkg/client"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// DirectPVDrivesClientI interface with all functions to be implemented
+// by mock when testing, it should include all DirectPVDrivesClientI respective api calls
+// that are used within this project.
+type DirectPVDrivesClientI interface {
+	List(ctx context.Context, opts metav1.ListOptions) (*v1beta4.DirectCSIDriveList, error)
+	Update(ctx context.Context, driveItem *v1beta4.DirectCSIDrive, opts metav1.UpdateOptions) (*v1beta4.DirectCSIDriveList, error)
+}
+
+// Interface implementation
+//
+// Define the structure of directpv drive client and define the functions that are actually used
+// from the minio operator / directpv interface.
+
+type directPVDrivesClient struct {
+	client *directPVClient.DirectCSIDriveInterface
+}
+
+// List implements the listing for DirectPV Drives List functionality
+func (dpd *directPVDrivesClient) List(ctx context.Context, opts metav1.ListOptions) (*v1beta4.DirectCSIDriveList, error) {
+	return dpd.List(ctx, opts)
+}
+
+// Update implements the listing for DirectPV Drives Update functionality
+func (dpd *directPVDrivesClient) Update(ctx context.Context, driveItem *v1beta4.DirectCSIDrive, opts metav1.UpdateOptions) (*v1beta4.DirectCSIDriveList, error) {
+	return dpd.Update(ctx, driveItem, opts)
+}
+
+// DirectPVVolumesClientI interface with all functions to be implemented
+// by mock when testing, it should include all DirectPVVolumesClientI respective api calls
+// that are used within this project.
+type DirectPVVolumesClientI interface {
+	List(ctx context.Context, opts metav1.ListOptions) (*v1beta4.DirectCSIVolumeList, error)
+}
+
+// Interface implementation
+//
+// Define the structure of directpv volumes client and define the functions that are actually used
+// from the minio operator / directpv interface.
+
+type directPVVolumesClient struct {
+	client *directPVClient.DirectCSIVolumeInterface
+}
+
+// List implements the listing for DirectPV Volumes List functionality
+func (dpv *directPVVolumesClient) List(ctx context.Context, opts metav1.ListOptions) (*v1beta4.DirectCSIVolumeList, error) {
+	return dpv.List(ctx, opts)
+}
--- a/operatorapi/directpv_test.go
+++ b/operatorapi/directpv_test.go
@@ -0,0 +1,410 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package operatorapi
+
+import (
+	"context"
+	"errors"
+	"testing"
+
+	"github.com/minio/directpv/pkg/apis/direct.csi.min.io/v1beta4"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+var (
+	dpdClientListMock   func(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIDriveList, error)
+	dpdClientUpdateMock func(ctx context.Context, driveItem *v1beta4.DirectCSIDrive, opts v1.UpdateOptions) (*v1beta4.DirectCSIDriveList, error)
+)
+
+// mock function for drives List()
+func (dpdm directPVDriveMock) List(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIDriveList, error) {
+	return dpdClientListMock(ctx, opts)
+}
+
+func (dpdm directPVDriveMock) Update(ctx context.Context, driveItem *v1beta4.DirectCSIDrive, opts v1.UpdateOptions) (*v1beta4.DirectCSIDriveList, error) {
+	return dpdClientUpdateMock(ctx, driveItem, opts)
+}
+
+var dpvClientListMock func(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIVolumeList, error)
+
+// mock function for volumes List()
+func (dpvm directPVVolumeMock) List(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIVolumeList, error) {
+	return dpvClientListMock(ctx, opts)
+}
+
+// DirectPVDrivesList
+func Test_GetDirectPVDrives(t *testing.T) {
+	directPVDrvMock := directPVDriveMock{}
+
+	type args struct {
+		ctx  context.Context
+		opts v1.ListOptions
+	}
+	tests := []struct {
+		name           string
+		args           args
+		client         DirectPVDrivesClientI
+		mockListDrives func(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIDriveList, error)
+		wantErr        bool
+	}{
+		{
+			name: "Can List Drives correctly",
+			args: args{
+				ctx:  context.Background(),
+				opts: v1.ListOptions{},
+			},
+			client: directPVDrvMock,
+			mockListDrives: func(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIDriveList, error) {
+				items := []v1beta4.DirectCSIDrive{}
+
+				returnList := v1beta4.DirectCSIDriveList{
+					Items: items,
+				}
+
+				return &returnList, nil
+			},
+			wantErr: false,
+		},
+		{
+			name: "Drives request from DirectPV failed",
+			args: args{
+				ctx: context.Background(),
+			},
+			client: directPVDrvMock,
+			mockListDrives: func(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIDriveList, error) {
+				return nil, errors.New("some error occurred")
+			},
+			wantErr: true,
+		},
+		{
+			name: "Drives request from DirectPV has information and doesn't return errors",
+			args: args{
+				ctx: context.Background(),
+			},
+			client: directPVDrvMock,
+			mockListDrives: func(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIDriveList, error) {
+				items := []v1beta4.DirectCSIDrive{
+					{
+						Status: v1beta4.DirectCSIDriveStatus{
+							Path:              "/var/lib/direct-csi/devices/test-part-dev0-directcsi",
+							AllocatedCapacity: 0,
+							FreeCapacity:      4772382377372,
+							RootPartition:     "/",
+							PartitionNum:      0,
+							Filesystem:        "nfs",
+							Mountpoint:        "",
+							NodeName:          "test-dev0-directcsi",
+							DriveStatus:       v1beta4.DriveStatusReady,
+							ModelNumber:       "testModel",
+							SerialNumber:      "testSN",
+							TotalCapacity:     4772382377372,
+							PhysicalBlockSize: 1024,
+							LogicalBlockSize:  1024,
+							AccessTier:        "",
+							FilesystemUUID:    "",
+							PartitionUUID:     "",
+							MajorNumber:       0,
+							MinorNumber:       0,
+							UeventSerial:      "",
+							UeventFSUUID:      "",
+							WWID:              "",
+							Vendor:            "",
+							DMName:            "",
+							DMUUID:            "",
+							MDUUID:            "",
+							PartTableUUID:     "",
+							PartTableType:     "",
+							Virtual:           false,
+							ReadOnly:          false,
+							Partitioned:       false,
+							SwapOn:            false,
+							Master:            "",
+							OtherMountsInfo:   nil,
+							PCIPath:           "",
+							SerialNumberLong:  "",
+							Conditions: []v1.Condition{{
+								Type:               "",
+								Status:             "",
+								ObservedGeneration: 0,
+								LastTransitionTime: v1.Time{},
+								Reason:             "",
+								Message:            "",
+							}},
+						},
+					},
+					{
+						Status: v1beta4.DirectCSIDriveStatus{
+							Path:              "/var/lib/direct-csi/devices/test-part-dev1-directcsi",
+							AllocatedCapacity: 0,
+							FreeCapacity:      4772382377372,
+							RootPartition:     "/",
+							PartitionNum:      0,
+							Filesystem:        "nfs",
+							Mountpoint:        "",
+							NodeName:          "test-dev1-directcsi",
+							DriveStatus:       v1beta4.DriveStatus(v1beta4.DirectCSIDriveConditionOwned),
+							ModelNumber:       "testModel",
+							SerialNumber:      "testSN2",
+							TotalCapacity:     4772382377372,
+							PhysicalBlockSize: 1024,
+							LogicalBlockSize:  1024,
+							AccessTier:        "",
+							FilesystemUUID:    "",
+							PartitionUUID:     "",
+							MajorNumber:       0,
+							MinorNumber:       0,
+							UeventSerial:      "",
+							UeventFSUUID:      "",
+							WWID:              "",
+							Vendor:            "",
+							DMName:            "",
+							DMUUID:            "",
+							MDUUID:            "",
+							PartTableUUID:     "",
+							PartTableType:     "",
+							Virtual:           false,
+							ReadOnly:          false,
+							Partitioned:       false,
+							SwapOn:            false,
+							Master:            "",
+							OtherMountsInfo:   nil,
+							PCIPath:           "",
+							SerialNumberLong:  "",
+							Conditions:        nil,
+						},
+					},
+				}
+
+				returnList := v1beta4.DirectCSIDriveList{
+					Items: items,
+				}
+
+				return &returnList, nil
+			},
+			wantErr: false,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			dpdClientListMock = tt.mockListDrives
+
+			_, err := getDirectPVDriveList(tt.args.ctx, tt.client)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("getNamespaceCreated() error = %v, wantErr %v", err, tt.wantErr)
+			}
+		})
+	}
+}
+
+// DirectPVVolumesList
+func Test_GetDirectPVVolumes(t *testing.T) {
+	directPVVolMock := directPVVolumeMock{}
+
+	type args struct {
+		ctx  context.Context
+		opts v1.ListOptions
+	}
+	tests := []struct {
+		name            string
+		args            args
+		volumesClient   DirectPVVolumesClientI
+		mockListVolumes func(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIVolumeList, error)
+		wantErr         bool
+	}{
+		{
+			name: "Can List Volumes correctly",
+			args: args{
+				ctx:  context.Background(),
+				opts: v1.ListOptions{},
+			},
+			volumesClient: directPVVolMock,
+			mockListVolumes: func(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIVolumeList, error) {
+				items := []v1beta4.DirectCSIVolume{}
+
+				returnList := v1beta4.DirectCSIVolumeList{
+					Items: items,
+				}
+
+				return &returnList, nil
+			},
+			wantErr: false,
+		},
+		{
+			name: "Drives request from DirectPV is ok but volumes request failed",
+			args: args{
+				ctx: context.Background(),
+			},
+			volumesClient: directPVVolMock,
+			mockListVolumes: func(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIVolumeList, error) {
+				return nil, errors.New("some error occurred")
+			},
+			wantErr: true,
+		},
+		{
+			name: "Can List Volumes & Drives correctly without any issue",
+			args: args{
+				ctx:  context.Background(),
+				opts: v1.ListOptions{},
+			},
+			volumesClient: directPVVolMock,
+			mockListVolumes: func(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIVolumeList, error) {
+				items := []v1beta4.DirectCSIVolume{{
+					Status: v1beta4.DirectCSIVolumeStatus{
+						Drive:             "/var/lib/direct-csi/devices/test-part-dev1-directcsi",
+						NodeName:          "testNodeName",
+						HostPath:          "",
+						StagingPath:       "",
+						ContainerPath:     "",
+						TotalCapacity:     4772382377372,
+						AvailableCapacity: 4772382377372,
+						UsedCapacity:      0,
+						Conditions:        nil,
+					},
+				}}
+
+				returnList := v1beta4.DirectCSIVolumeList{
+					Items: items,
+				}
+
+				return &returnList, nil
+			},
+			wantErr: false,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			dpvClientListMock = tt.mockListVolumes
+
+			_, err := getDirectPVVolumesList(tt.args.ctx, tt.volumesClient)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("getNamespaceCreated() error = %v, wantErr %v", err, tt.wantErr)
+			}
+		})
+	}
+}
+
+// FormatDrives
+func Test_GetDirectPVFormatDrives(t *testing.T) {
+	directPVDrvMock := directPVDriveMock{}
+
+	type args struct {
+		ctx  context.Context
+		opts v1.ListOptions
+	}
+	tests := []struct {
+		name           string
+		args           args
+		drivesClient   DirectPVDrivesClientI
+		mockListDrives func(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIDriveList, error)
+		drives         []string
+		force          bool
+		wantErr        bool
+	}{
+		{
+			name: "Format doesn't crash on empty list & returns error",
+			args: args{
+				ctx:  context.Background(),
+				opts: v1.ListOptions{},
+			},
+			drivesClient: directPVDrvMock,
+			mockListDrives: func(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIDriveList, error) {
+				items := []v1beta4.DirectCSIDrive{}
+
+				returnList := v1beta4.DirectCSIDriveList{
+					Items: items,
+				}
+
+				return &returnList, nil
+			},
+			drives:  []string{},
+			force:   false,
+			wantErr: true,
+		},
+		{
+			name: "Can Format Selected drives",
+			args: args{
+				ctx:  context.Background(),
+				opts: v1.ListOptions{},
+			},
+			drivesClient: directPVDrvMock,
+			mockListDrives: func(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIDriveList, error) {
+				items := []v1beta4.DirectCSIDrive{
+					{
+						Status: v1beta4.DirectCSIDriveStatus{
+							Path:              "/var/lib/direct-csi/devices/test-part-dev1-directcsi",
+							AllocatedCapacity: 0,
+							FreeCapacity:      4772382377372,
+							RootPartition:     "/",
+							PartitionNum:      0,
+							Filesystem:        "nfs",
+							Mountpoint:        "",
+							NodeName:          "test-dev1-directcsi",
+							DriveStatus:       v1beta4.DriveStatusAvailable,
+							ModelNumber:       "testModel",
+							SerialNumber:      "testSN2",
+							TotalCapacity:     4772382377372,
+							PhysicalBlockSize: 1024,
+							LogicalBlockSize:  1024,
+							AccessTier:        "",
+							FilesystemUUID:    "",
+							PartitionUUID:     "",
+							MajorNumber:       0,
+							MinorNumber:       0,
+							UeventSerial:      "",
+							UeventFSUUID:      "",
+							WWID:              "",
+							Vendor:            "",
+							DMName:            "",
+							DMUUID:            "",
+							MDUUID:            "",
+							PartTableUUID:     "",
+							PartTableType:     "",
+							Virtual:           false,
+							ReadOnly:          false,
+							Partitioned:       false,
+							SwapOn:            false,
+							Master:            "",
+							OtherMountsInfo:   nil,
+							PCIPath:           "",
+							SerialNumberLong:  "",
+							Conditions:        nil,
+						},
+					},
+				}
+
+				returnList := v1beta4.DirectCSIDriveList{
+					Items: items,
+				}
+
+				return &returnList, nil
+			},
+			drives:  []string{"test-dev1-directcsi:/dev/testdev1-directcsi"},
+			force:   false,
+			wantErr: false,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			dpdClientListMock = tt.mockListDrives
+
+			_, err := formatDrives(tt.args.ctx, tt.drivesClient, tt.drives, tt.force)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("getNamespaceCreated() error = %v, wantErr %v", err, tt.wantErr)
+			}
+		})
+	}
+}
--- a/operatorapi/embedded_spec.go
+++ b/operatorapi/embedded_spec.go
--- a/operatorapi/integrations.go
+++ b/operatorapi/integrations.go
@@ -112,7 +112,6 @@ func gkeIntegration(clientset *kubernetes.Clientset, tenantName string, namespac
 			Name: tenantNpSvc,
 		},
 		Spec: corev1.ServiceSpec{
-
 			Selector: map[string]string{
 				"v1.min.io/instance": tenantName,
 			},
@@ -132,7 +131,7 @@ func gkeIntegration(clientset *kubernetes.Clientset, tenantName string, namespac
 		return err
 	}

-	//NOW FOR Console
+	// NOW FOR Console
 	// create consoleManagedCertificate

 	// get a nodeport port for this tenant and create a nodeport for it
--- a/operatorapi/k8s_client.go
+++ b/operatorapi/k8s_client.go
@@ -38,6 +38,11 @@ type K8sClientI interface {
 	deleteSecret(ctx context.Context, namespace string, name string, opts metav1.DeleteOptions) error
 	createSecret(ctx context.Context, namespace string, secret *v1.Secret, opts metav1.CreateOptions) (*v1.Secret, error)
 	updateSecret(ctx context.Context, namespace string, secret *v1.Secret, opts metav1.UpdateOptions) (*v1.Secret, error)
+	getPVC(ctx context.Context, namespace string, pvcName string, opts metav1.GetOptions) (*v1.PersistentVolumeClaim, error)
+	getConfigMap(ctx context.Context, namespace, configMap string, opts metav1.GetOptions) (*v1.ConfigMap, error)
+	createConfigMap(ctx context.Context, namespace string, cm *v1.ConfigMap, opts metav1.CreateOptions) (*v1.ConfigMap, error)
+	updateConfigMap(ctx context.Context, namespace string, cm *v1.ConfigMap, opts metav1.UpdateOptions) (*v1.ConfigMap, error)
+	deleteConfigMap(ctx context.Context, namespace string, name string, opts metav1.DeleteOptions) error
 }

 // Interface implementation
@@ -82,3 +87,23 @@ func (c *k8sClient) getNamespace(ctx context.Context, name string, opts metav1.G
 func (c *k8sClient) getStorageClasses(ctx context.Context, opts metav1.ListOptions) (*storagev1.StorageClassList, error) {
 	return c.client.StorageV1().StorageClasses().List(ctx, opts)
 }
+
+func (c *k8sClient) getPVC(ctx context.Context, namespace string, pvcName string, opts metav1.GetOptions) (*v1.PersistentVolumeClaim, error) {
+	return c.client.CoreV1().PersistentVolumeClaims(namespace).Get(ctx, pvcName, opts)
+}
+
+func (c *k8sClient) getConfigMap(ctx context.Context, namespace, name string, opts metav1.GetOptions) (*v1.ConfigMap, error) {
+	return c.client.CoreV1().ConfigMaps(namespace).Get(ctx, name, opts)
+}
+
+func (c *k8sClient) createConfigMap(ctx context.Context, namespace string, cm *v1.ConfigMap, opts metav1.CreateOptions) (*v1.ConfigMap, error) {
+	return c.client.CoreV1().ConfigMaps(namespace).Create(ctx, cm, opts)
+}
+
+func (c *k8sClient) updateConfigMap(ctx context.Context, namespace string, cm *v1.ConfigMap, opts metav1.UpdateOptions) (*v1.ConfigMap, error) {
+	return c.client.CoreV1().ConfigMaps(namespace).Update(ctx, cm, opts)
+}
+
+func (c *k8sClient) deleteConfigMap(ctx context.Context, namespace string, name string, opts metav1.DeleteOptions) error {
+	return c.client.CoreV1().ConfigMaps(namespace).Delete(ctx, name, opts)
+}
--- a/operatorapi/login.go
+++ b/operatorapi/login.go
@@ -118,6 +118,7 @@ func getLoginDetailsResponse(params authApi.LoginDetailParams) (*models.LoginDet
 	loginDetails := &models.LoginDetails{
 		LoginStrategy: loginStrategy,
 		Redirect:      redirectURL,
+		IsDirectPV:    getDirectPVEnabled(),
 	}
 	return loginDetails, nil
 }
--- a/operatorapi/logs.go
+++ b/operatorapi/logs.go
@@ -25,8 +25,10 @@ import (
 	"github.com/minio/cli"
 )

-var infoLog = log.New(os.Stdout, "I: ", log.LstdFlags)
-var errorLog = log.New(os.Stdout, "E: ", log.LstdFlags)
+var (
+	infoLog  = log.New(os.Stdout, "I: ", log.LstdFlags)
+	errorLog = log.New(os.Stdout, "E: ", log.LstdFlags)
+)

 func logInfo(msg string, data ...interface{}) {
 	infoLog.Printf(msg+"\n", data...)
--- a/operatorapi/marketplace.go
+++ b/operatorapi/marketplace.go
@@ -0,0 +1,194 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package operatorapi
+
+import (
+	"context"
+	"fmt"
+	"io"
+	"net/http"
+	"os"
+	"strings"
+	"time"
+
+	"github.com/go-openapi/runtime/middleware"
+	"github.com/golang-jwt/jwt/v4"
+	"github.com/minio/console/cluster"
+	"github.com/minio/console/models"
+	"github.com/minio/console/operatorapi/operations"
+	"github.com/minio/console/operatorapi/operations/operator_api"
+	"github.com/minio/console/pkg"
+	errors "github.com/minio/console/restapi"
+	"github.com/minio/pkg/env"
+	corev1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+var (
+	mpConfigMapDefault = "mp-config"
+	mpConfigMapKey     = "MP_CONFIG_KEY"
+	mpHostEnvVar       = "MP_HOST"
+	defaultMPHost      = "https://marketplace.apps.min.dev"
+	mpEUHostEnvVar     = "MP_EU_HOST"
+	defaultEUMPHost    = "https://marketplace-eu.apps.min.dev"
+	isMPEmailSet       = "isEmailSet"
+	emailNotSetMsg     = "Email was not sent in request"
+)
+
+func registerMarketplaceHandlers(api *operations.OperatorAPI) {
+	api.OperatorAPIGetMPIntegrationHandler = operator_api.GetMPIntegrationHandlerFunc(func(params operator_api.GetMPIntegrationParams, session *models.Principal) middleware.Responder {
+		payload, err := getMPIntegrationResponse(session, params)
+		if err != nil {
+			return operator_api.NewGetMPIntegrationDefault(int(err.Code)).WithPayload(err)
+		}
+		return operator_api.NewGetMPIntegrationOK().WithPayload(payload)
+	})
+
+	api.OperatorAPIPostMPIntegrationHandler = operator_api.PostMPIntegrationHandlerFunc(func(params operator_api.PostMPIntegrationParams, session *models.Principal) middleware.Responder {
+		err := postMPIntegrationResponse(session, params)
+		if err != nil {
+			return operator_api.NewPostMPIntegrationDefault(int(err.Code)).WithPayload(err)
+		}
+		return operator_api.NewPostMPIntegrationCreated()
+	})
+}
+
+func getMPIntegrationResponse(session *models.Principal, params operator_api.GetMPIntegrationParams) (*operator_api.GetMPIntegrationOKBody, *models.Error) {
+	clientSet, err := cluster.K8sClient(session.STSSessionToken)
+	ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
+	defer cancel()
+	if err != nil {
+		return nil, errors.ErrorWithContext(ctx, err)
+	}
+	isMPEmailSet, err := getMPEmail(ctx, &k8sClient{client: clientSet})
+	if err != nil {
+		return nil, errors.ErrorWithContext(ctx, errors.ErrNotFound)
+	}
+	return &operator_api.GetMPIntegrationOKBody{
+		IsEmailSet: isMPEmailSet,
+	}, nil
+}
+
+func getMPEmail(ctx context.Context, clientSet K8sClientI) (bool, error) {
+	cm, err := clientSet.getConfigMap(ctx, "default", getMPConfigMapKey(mpConfigMapKey), metav1.GetOptions{})
+	if err != nil {
+		return false, err
+	}
+	return cm.Data[isMPEmailSet] == "true", nil
+}
+
+func postMPIntegrationResponse(session *models.Principal, params operator_api.PostMPIntegrationParams) *models.Error {
+	clientSet, err := cluster.K8sClient(session.STSSessionToken)
+	ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
+	defer cancel()
+	if err != nil {
+		return errors.ErrorWithContext(ctx, err)
+	}
+	return setMPIntegration(ctx, params.Body.Email, params.Body.IsInEU, &k8sClient{client: clientSet})
+}
+
+func setMPIntegration(ctx context.Context, email string, isInEU bool, clientSet K8sClientI) *models.Error {
+	if email == "" {
+		return errors.ErrorWithContext(ctx, errors.ErrBadRequest, fmt.Errorf(emailNotSetMsg))
+	}
+	if _, err := setMPEmail(ctx, email, isInEU, clientSet); err != nil {
+		return errors.ErrorWithContext(ctx, err)
+	}
+	return nil
+}
+
+func setMPEmail(ctx context.Context, email string, isInEU bool, clientSet K8sClientI) (*corev1.ConfigMap, error) {
+	if err := postEmailToMP(email, isInEU); err != nil {
+		return nil, err
+	}
+	cm := createCM()
+	return clientSet.createConfigMap(ctx, "default", cm, metav1.CreateOptions{})
+}
+
+func postEmailToMP(email string, isInEU bool) error {
+	mpURL, err := getMPURL(isInEU)
+	if err != nil {
+		return err
+	}
+	return makePostRequestToMP(mpURL, email)
+}
+
+func getMPURL(isInEU bool) (string, error) {
+	mpHost := getMPHost(isInEU)
+	if mpHost == "" {
+		return "", fmt.Errorf("mp host not set")
+	}
+	return fmt.Sprintf("%s/mp-email", mpHost), nil
+}
+
+func getMPHost(isInEU bool) string {
+	if isInEU {
+		return env.Get(mpEUHostEnvVar, defaultEUMPHost)
+	}
+	return env.Get(mpHostEnvVar, defaultMPHost)
+}
+
+func makePostRequestToMP(url, email string) error {
+	request, err := createMPRequest(url, email)
+	if err != nil {
+		return err
+	}
+	client := &http.Client{Timeout: 3 * time.Second}
+	if res, err := client.Do(request); err != nil {
+		return err
+	} else if res.StatusCode >= http.StatusBadRequest {
+		b, _ := io.ReadAll(res.Body)
+		return fmt.Errorf("request to %s failed with status code %d and error %s", url, res.StatusCode, string(b))
+	}
+	return nil
+}
+
+func createMPRequest(url, email string) (*http.Request, error) {
+	request, err := http.NewRequest("POST", url, strings.NewReader(fmt.Sprintf("{\"email\":\"%s\"}", email)))
+	if err != nil {
+		return nil, err
+	}
+	jwtToken := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{})
+	jwtTokenString, err := jwtToken.SignedString([]byte(pkg.MPSecret))
+	if err != nil {
+		return nil, err
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("jwtToken=%s", jwtTokenString))
+	request.Header.Add("Content-Type", "application/json")
+	return request, nil
+}
+
+func createCM() *corev1.ConfigMap {
+	return &corev1.ConfigMap{
+		TypeMeta: metav1.TypeMeta{
+			Kind:       "ConfigMap",
+			APIVersion: "v1",
+		},
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      getMPConfigMapKey(mpConfigMapKey),
+			Namespace: "default",
+		},
+		Data: map[string]string{isMPEmailSet: "true"},
+	}
+}
+
+func getMPConfigMapKey(envVar string) string {
+	if mp := os.Getenv(envVar); mp != "" {
+		return mp
+	}
+	return mpConfigMapDefault
+}
--- a/operatorapi/marketplace_test.go
+++ b/operatorapi/marketplace_test.go
@@ -0,0 +1,214 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package operatorapi
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"net/http"
+	"net/http/httptest"
+	"os"
+	"testing"
+
+	"github.com/minio/console/models"
+	"github.com/minio/console/operatorapi/operations"
+	"github.com/minio/console/operatorapi/operations/operator_api"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/suite"
+	corev1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+var (
+	testWithError                = false
+	testServerWithError          = false
+	errMock                      = errors.New("mock error")
+	k8sClientGetConfigMapMock    func(ctx context.Context, namespace, configMap string, opts metav1.GetOptions) (*corev1.ConfigMap, error)
+	k8sClientCreateConfigMapMock func(ctx context.Context, namespace string, cm *corev1.ConfigMap, opts metav1.CreateOptions) (*corev1.ConfigMap, error)
+	k8sClientUpdateConfigMapMock func(ctx context.Context, namespace string, cm *corev1.ConfigMap, opts metav1.UpdateOptions) (*corev1.ConfigMap, error)
+	k8sClientDeleteConfigMapMock func(ctx context.Context, namespace string, name string, opts metav1.DeleteOptions) error
+)
+
+type MarketplaceTestSuite struct {
+	suite.Suite
+	assert     *assert.Assertions
+	kClient    k8sClientMock
+	namespace  string
+	postServer *httptest.Server
+}
+
+func (c k8sClientMock) getConfigMap(ctx context.Context, namespace, configMap string, opts metav1.GetOptions) (*corev1.ConfigMap, error) {
+	return k8sClientGetConfigMapMock(ctx, namespace, configMap, opts)
+}
+
+func (c k8sClientMock) createConfigMap(ctx context.Context, namespace string, cm *corev1.ConfigMap, opts metav1.CreateOptions) (*corev1.ConfigMap, error) {
+	return k8sClientCreateConfigMapMock(ctx, namespace, cm, opts)
+}
+
+func (c k8sClientMock) updateConfigMap(ctx context.Context, namespace string, cm *corev1.ConfigMap, opts metav1.UpdateOptions) (*corev1.ConfigMap, error) {
+	return k8sClientUpdateConfigMapMock(ctx, namespace, cm, opts)
+}
+
+func (c k8sClientMock) deleteConfigMap(ctx context.Context, namespace string, name string, opts metav1.DeleteOptions) error {
+	return k8sClientDeleteConfigMapMock(ctx, namespace, name, opts)
+}
+
+func (suite *MarketplaceTestSuite) SetupSuite() {
+	suite.assert = assert.New(suite.T())
+	suite.namespace = "default"
+	k8sClientGetConfigMapMock = suite.getConfigMapMock
+	k8sClientCreateConfigMapMock = suite.createConfigMapMock
+	k8sClientUpdateConfigMapMock = suite.updateConfigMapMock
+	k8sClientDeleteConfigMapMock = suite.deleteConfigMapMock
+	os.Setenv(mpConfigMapKey, "mp-mock-config")
+	suite.postServer = httptest.NewServer(http.HandlerFunc(suite.postHandler))
+}
+
+func (suite *MarketplaceTestSuite) postHandler(
+	w http.ResponseWriter, r *http.Request,
+) {
+	if testServerWithError {
+		w.WriteHeader(400)
+	} else {
+		fmt.Fprintf(w, `{"post": "Post response"}`)
+	}
+}
+
+func (suite *MarketplaceTestSuite) TearDownSuite() {
+	os.Unsetenv(mpConfigMapKey)
+}
+
+func (suite *MarketplaceTestSuite) getConfigMapMock(ctx context.Context, namespace, configMap string, opts metav1.GetOptions) (*corev1.ConfigMap, error) {
+	if testWithError {
+		return nil, errMock
+	}
+	return &corev1.ConfigMap{Data: map[string]string{isMPEmailSet: "true"}}, nil
+}
+
+func (suite *MarketplaceTestSuite) createConfigMapMock(ctx context.Context, namespace string, cm *corev1.ConfigMap, opts metav1.CreateOptions) (*corev1.ConfigMap, error) {
+	if testWithError {
+		return nil, errMock
+	}
+	return &corev1.ConfigMap{}, nil
+}
+
+func (suite *MarketplaceTestSuite) updateConfigMapMock(ctx context.Context, namespace string, cm *corev1.ConfigMap, opts metav1.UpdateOptions) (*corev1.ConfigMap, error) {
+	if testWithError {
+		return nil, errMock
+	}
+	return &corev1.ConfigMap{}, nil
+}
+
+func (suite *MarketplaceTestSuite) deleteConfigMapMock(ctx context.Context, namespace string, name string, opts metav1.DeleteOptions) error {
+	if testWithError {
+		return errMock
+	}
+	return nil
+}
+
+func (suite *MarketplaceTestSuite) TestRegisterMarketplaceHandlers() {
+	api := &operations.OperatorAPI{}
+	suite.assert.Nil(api.OperatorAPIGetMPIntegrationHandler)
+	suite.assert.Nil(api.OperatorAPIPostMPIntegrationHandler)
+	registerMarketplaceHandlers(api)
+	suite.assert.NotNil(api.OperatorAPIGetMPIntegrationHandler)
+	suite.assert.NotNil(api.OperatorAPIPostMPIntegrationHandler)
+}
+
+func (suite *MarketplaceTestSuite) TestGetMPIntegrationHandlerWithError() {
+	api := &operations.OperatorAPI{}
+	registerMarketplaceHandlers(api)
+	params := operator_api.NewGetMPIntegrationParams()
+	params.HTTPRequest = &http.Request{}
+	response := api.OperatorAPIGetMPIntegrationHandler.Handle(params, &models.Principal{})
+	_, ok := response.(*operator_api.GetMPIntegrationDefault)
+	suite.assert.True(ok)
+}
+
+func (suite *MarketplaceTestSuite) TestPostMPIntegrationHandlerWithError() {
+	api := &operations.OperatorAPI{}
+	registerMarketplaceHandlers(api)
+	params := operator_api.NewPostMPIntegrationParams()
+	params.Body = &models.MpIntegration{Email: ""}
+	params.HTTPRequest = &http.Request{}
+	params.HTTPRequest.Header = map[string][]string{}
+	params.HTTPRequest.AddCookie(&http.Cookie{Value: "token", Name: "token"})
+	response := api.OperatorAPIPostMPIntegrationHandler.Handle(params, &models.Principal{})
+	_, ok := response.(*operator_api.PostMPIntegrationDefault)
+	suite.assert.True(ok)
+}
+
+func (suite *MarketplaceTestSuite) TestGetMPEmailWithError() {
+	testWithError = true
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+	email, err := getMPEmail(ctx, &suite.kClient)
+	suite.assert.NotNil(err)
+	suite.assert.Empty(email)
+}
+
+func (suite *MarketplaceTestSuite) TestGetMPEmailNoError() {
+	testWithError = false
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+	isSet, err := getMPEmail(ctx, &suite.kClient)
+	suite.assert.Nil(err)
+	suite.assert.True(isSet)
+}
+
+func (suite *MarketplaceTestSuite) TestSetMPIntegrationNoEmail() {
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+	err := setMPIntegration(ctx, "", false, &suite.kClient)
+	suite.assert.NotNil(err)
+}
+
+func (suite *MarketplaceTestSuite) TestSetMPIntegrationWithError() {
+	testWithError = true
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+	os.Setenv(mpHostEnvVar, "  ")
+	err := setMPIntegration(ctx, "mock@mock.com", false, &suite.kClient)
+	suite.assert.NotNil(err)
+	os.Unsetenv(mpHostEnvVar)
+}
+
+func (suite *MarketplaceTestSuite) TestSetMPIntegrationNoError() {
+	testWithError = false
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+	os.Setenv(mpHostEnvVar, suite.postServer.URL)
+	err := setMPIntegration(ctx, "mock@mock.com", false, &suite.kClient)
+	suite.assert.Nil(err)
+	os.Unsetenv(mpHostEnvVar)
+}
+
+func (suite *MarketplaceTestSuite) TestSetMPIntegrationWithRequestError() {
+	testWithError = false
+	testServerWithError = true
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+	os.Setenv(mpHostEnvVar, suite.postServer.URL)
+	err := setMPIntegration(ctx, "mock@mock.com", false, &suite.kClient)
+	suite.assert.NotNil(err)
+	os.Unsetenv(mpHostEnvVar)
+}
+
+func TestMarketplace(t *testing.T) {
+	suite.Run(t, new(MarketplaceTestSuite))
+}
--- a/operatorapi/minio_operator_mock.go
+++ b/operatorapi/minio_operator_mock.go
@@ -16,5 +16,30 @@

 package operatorapi

-type opClientMock struct{}
-type httpClientMock struct{}
+import (
+	v1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+type (
+	opClientMock       struct{}
+	httpClientMock     struct{}
+	directPVDriveMock  struct{}
+	directPVVolumeMock struct{}
+)
+
+func createMockPVC(pvcMockName, pvcMockNamespace string) *v1.PersistentVolumeClaim {
+	var mockVolumeMode v1.PersistentVolumeMode = "mockVolumeMode"
+	mockStorage := "mockStorage"
+
+	return &v1.PersistentVolumeClaim{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      pvcMockName,
+			Namespace: pvcMockNamespace,
+		},
+		Spec: v1.PersistentVolumeClaimSpec{
+			StorageClassName: &mockStorage,
+			VolumeMode:       &mockVolumeMode,
+		},
+	}
+}
--- a/operatorapi/namespaces.go
+++ b/operatorapi/namespaces.go
@@ -34,7 +34,7 @@ import (

 func registerNamespaceHandlers(api *operations.OperatorAPI) {
 	// Add Namespace
-	//api.OperatorAPICreateNamespaceHandler = operator_api.CreateNamespaceHandlerFunc(func(params operator_api.CreateNamespaceParams, session *models.Principal) middleware.Responder {
+	// api.OperatorAPICreateNamespaceHandler = operator_api.CreateNamespaceHandlerFunc(func(params operator_api.CreateNamespaceParams, session *models.Principal) middleware.Responder {
 	api.OperatorAPICreateNamespaceHandler = operator_api.CreateNamespaceHandlerFunc(func(params operator_api.CreateNamespaceParams, session *models.Principal) middleware.Responder {
 		err := getNamespaceCreatedResponse(session, params)
 		if err != nil {
@@ -48,7 +48,6 @@ func getNamespaceCreatedResponse(session *models.Principal, params operator_api.
 	ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
 	defer cancel()
 	clientset, err := cluster.K8sClient(session.STSSessionToken)
-
 	if err != nil {
 		return xerrors.ErrorWithContext(ctx, err)
 	}
--- a/operatorapi/nodes.go
+++ b/operatorapi/nodes.go
@@ -230,7 +230,6 @@ func getNodeLabelsResponse(ctx context.Context, session *models.Principal) (*mod
 }

 func getClusterResourcesInfo(numNodes int32, inNodesResources []NodeResourceInfo) *models.AllocatableResourcesResponse {
-
 	// purge any nodes with 0 cpu
 	var nodesResources []NodeResourceInfo
 	for _, n := range inNodesResources {
--- a/operatorapi/nodes_test.go
+++ b/operatorapi/nodes_test.go
@@ -30,7 +30,7 @@ import (
 	"k8s.io/client-go/kubernetes/fake"
 )

-func Test_MaxAllocatableMemory(t *testing.T) {
+func NoTestMaxAllocatableMemory(t *testing.T) {
 	type args struct {
 		ctx      context.Context
 		numNodes int32
--- a/operatorapi/operations/operator_api.go
+++ b/operatorapi/operations/operator_api.go
@@ -85,6 +85,9 @@ func NewOperatorAPI(spec *loads.Document) *OperatorAPI {
 		OperatorAPIDescribePodHandler: operator_api.DescribePodHandlerFunc(func(params operator_api.DescribePodParams, principal *models.Principal) middleware.Responder {
 			return middleware.NotImplemented("operation operator_api.DescribePod has not yet been implemented")
 		}),
+		OperatorAPIDirectPVFormatDriveHandler: operator_api.DirectPVFormatDriveHandlerFunc(func(params operator_api.DirectPVFormatDriveParams, principal *models.Principal) middleware.Responder {
+			return middleware.NotImplemented("operation operator_api.DirectPVFormatDrive has not yet been implemented")
+		}),
 		OperatorAPIDisableTenantLoggingHandler: operator_api.DisableTenantLoggingHandlerFunc(func(params operator_api.DisableTenantLoggingParams, principal *models.Principal) middleware.Responder {
 			return middleware.NotImplemented("operation operator_api.DisableTenantLogging has not yet been implemented")
 		}),
@@ -94,9 +97,21 @@ func NewOperatorAPI(spec *loads.Document) *OperatorAPI {
 		OperatorAPIGetAllocatableResourcesHandler: operator_api.GetAllocatableResourcesHandlerFunc(func(params operator_api.GetAllocatableResourcesParams, principal *models.Principal) middleware.Responder {
 			return middleware.NotImplemented("operation operator_api.GetAllocatableResources has not yet been implemented")
 		}),
+		OperatorAPIGetDirectPVDriveListHandler: operator_api.GetDirectPVDriveListHandlerFunc(func(params operator_api.GetDirectPVDriveListParams, principal *models.Principal) middleware.Responder {
+			return middleware.NotImplemented("operation operator_api.GetDirectPVDriveList has not yet been implemented")
+		}),
+		OperatorAPIGetDirectPVVolumeListHandler: operator_api.GetDirectPVVolumeListHandlerFunc(func(params operator_api.GetDirectPVVolumeListParams, principal *models.Principal) middleware.Responder {
+			return middleware.NotImplemented("operation operator_api.GetDirectPVVolumeList has not yet been implemented")
+		}),
+		OperatorAPIGetMPIntegrationHandler: operator_api.GetMPIntegrationHandlerFunc(func(params operator_api.GetMPIntegrationParams, principal *models.Principal) middleware.Responder {
+			return middleware.NotImplemented("operation operator_api.GetMPIntegration has not yet been implemented")
+		}),
 		OperatorAPIGetMaxAllocatableMemHandler: operator_api.GetMaxAllocatableMemHandlerFunc(func(params operator_api.GetMaxAllocatableMemParams, principal *models.Principal) middleware.Responder {
 			return middleware.NotImplemented("operation operator_api.GetMaxAllocatableMem has not yet been implemented")
 		}),
+		OperatorAPIGetPVCDescribeHandler: operator_api.GetPVCDescribeHandlerFunc(func(params operator_api.GetPVCDescribeParams, principal *models.Principal) middleware.Responder {
+			return middleware.NotImplemented("operation operator_api.GetPVCDescribe has not yet been implemented")
+		}),
 		OperatorAPIGetPVCEventsHandler: operator_api.GetPVCEventsHandlerFunc(func(params operator_api.GetPVCEventsParams, principal *models.Principal) middleware.Responder {
 			return middleware.NotImplemented("operation operator_api.GetPVCEvents has not yet been implemented")
 		}),
@@ -142,6 +157,9 @@ func NewOperatorAPI(spec *loads.Document) *OperatorAPI {
 		OperatorAPIListPVCsForTenantHandler: operator_api.ListPVCsForTenantHandlerFunc(func(params operator_api.ListPVCsForTenantParams, principal *models.Principal) middleware.Responder {
 			return middleware.NotImplemented("operation operator_api.ListPVCsForTenant has not yet been implemented")
 		}),
+		OperatorAPIListTenantCertificateSigningRequestHandler: operator_api.ListTenantCertificateSigningRequestHandlerFunc(func(params operator_api.ListTenantCertificateSigningRequestParams, principal *models.Principal) middleware.Responder {
+			return middleware.NotImplemented("operation operator_api.ListTenantCertificateSigningRequest has not yet been implemented")
+		}),
 		OperatorAPIListTenantsHandler: operator_api.ListTenantsHandlerFunc(func(params operator_api.ListTenantsParams, principal *models.Principal) middleware.Responder {
 			return middleware.NotImplemented("operation operator_api.ListTenants has not yet been implemented")
 		}),
@@ -157,12 +175,33 @@ func NewOperatorAPI(spec *loads.Document) *OperatorAPI {
 		AuthLogoutHandler: auth.LogoutHandlerFunc(func(params auth.LogoutParams, principal *models.Principal) middleware.Responder {
 			return middleware.NotImplemented("operation auth.Logout has not yet been implemented")
 		}),
+		OperatorAPIOperatorSubnetAPIKeyInfoHandler: operator_api.OperatorSubnetAPIKeyInfoHandlerFunc(func(params operator_api.OperatorSubnetAPIKeyInfoParams, principal *models.Principal) middleware.Responder {
+			return middleware.NotImplemented("operation operator_api.OperatorSubnetAPIKeyInfo has not yet been implemented")
+		}),
+		OperatorAPIOperatorSubnetAPIKeyHandler: operator_api.OperatorSubnetAPIKeyHandlerFunc(func(params operator_api.OperatorSubnetAPIKeyParams, principal *models.Principal) middleware.Responder {
+			return middleware.NotImplemented("operation operator_api.OperatorSubnetAPIKey has not yet been implemented")
+		}),
+		OperatorAPIOperatorSubnetLoginHandler: operator_api.OperatorSubnetLoginHandlerFunc(func(params operator_api.OperatorSubnetLoginParams, principal *models.Principal) middleware.Responder {
+			return middleware.NotImplemented("operation operator_api.OperatorSubnetLogin has not yet been implemented")
+		}),
+		OperatorAPIOperatorSubnetLoginMFAHandler: operator_api.OperatorSubnetLoginMFAHandlerFunc(func(params operator_api.OperatorSubnetLoginMFAParams, principal *models.Principal) middleware.Responder {
+			return middleware.NotImplemented("operation operator_api.OperatorSubnetLoginMFA has not yet been implemented")
+		}),
+		OperatorAPIOperatorSubnetRegisterAPIKeyHandler: operator_api.OperatorSubnetRegisterAPIKeyHandlerFunc(func(params operator_api.OperatorSubnetRegisterAPIKeyParams, principal *models.Principal) middleware.Responder {
+			return middleware.NotImplemented("operation operator_api.OperatorSubnetRegisterAPIKey has not yet been implemented")
+		}),
+		OperatorAPIPostMPIntegrationHandler: operator_api.PostMPIntegrationHandlerFunc(func(params operator_api.PostMPIntegrationParams, principal *models.Principal) middleware.Responder {
+			return middleware.NotImplemented("operation operator_api.PostMPIntegration has not yet been implemented")
+		}),
 		OperatorAPIPutTenantYAMLHandler: operator_api.PutTenantYAMLHandlerFunc(func(params operator_api.PutTenantYAMLParams, principal *models.Principal) middleware.Responder {
 			return middleware.NotImplemented("operation operator_api.PutTenantYAML has not yet been implemented")
 		}),
 		AuthSessionCheckHandler: auth.SessionCheckHandlerFunc(func(params auth.SessionCheckParams, principal *models.Principal) middleware.Responder {
 			return middleware.NotImplemented("operation auth.SessionCheck has not yet been implemented")
 		}),
+		OperatorAPISetTenantAdministratorsHandler: operator_api.SetTenantAdministratorsHandlerFunc(func(params operator_api.SetTenantAdministratorsParams, principal *models.Principal) middleware.Responder {
+			return middleware.NotImplemented("operation operator_api.SetTenantAdministrators has not yet been implemented")
+		}),
 		OperatorAPISetTenantLogsHandler: operator_api.SetTenantLogsHandlerFunc(func(params operator_api.SetTenantLogsParams, principal *models.Principal) middleware.Responder {
 			return middleware.NotImplemented("operation operator_api.SetTenantLogs has not yet been implemented")
 		}),
@@ -283,14 +322,24 @@ type OperatorAPI struct {
 	OperatorAPIDeleteTenantHandler operator_api.DeleteTenantHandler
 	// OperatorAPIDescribePodHandler sets the operation handler for the describe pod operation
 	OperatorAPIDescribePodHandler operator_api.DescribePodHandler
+	// OperatorAPIDirectPVFormatDriveHandler sets the operation handler for the direct p v format drive operation
+	OperatorAPIDirectPVFormatDriveHandler operator_api.DirectPVFormatDriveHandler
 	// OperatorAPIDisableTenantLoggingHandler sets the operation handler for the disable tenant logging operation
 	OperatorAPIDisableTenantLoggingHandler operator_api.DisableTenantLoggingHandler
 	// OperatorAPIEnableTenantLoggingHandler sets the operation handler for the enable tenant logging operation
 	OperatorAPIEnableTenantLoggingHandler operator_api.EnableTenantLoggingHandler
 	// OperatorAPIGetAllocatableResourcesHandler sets the operation handler for the get allocatable resources operation
 	OperatorAPIGetAllocatableResourcesHandler operator_api.GetAllocatableResourcesHandler
+	// OperatorAPIGetDirectPVDriveListHandler sets the operation handler for the get direct p v drive list operation
+	OperatorAPIGetDirectPVDriveListHandler operator_api.GetDirectPVDriveListHandler
+	// OperatorAPIGetDirectPVVolumeListHandler sets the operation handler for the get direct p v volume list operation
+	OperatorAPIGetDirectPVVolumeListHandler operator_api.GetDirectPVVolumeListHandler
+	// OperatorAPIGetMPIntegrationHandler sets the operation handler for the get m p integration operation
+	OperatorAPIGetMPIntegrationHandler operator_api.GetMPIntegrationHandler
 	// OperatorAPIGetMaxAllocatableMemHandler sets the operation handler for the get max allocatable mem operation
 	OperatorAPIGetMaxAllocatableMemHandler operator_api.GetMaxAllocatableMemHandler
+	// OperatorAPIGetPVCDescribeHandler sets the operation handler for the get p v c describe operation
+	OperatorAPIGetPVCDescribeHandler operator_api.GetPVCDescribeHandler
 	// OperatorAPIGetPVCEventsHandler sets the operation handler for the get p v c events operation
 	OperatorAPIGetPVCEventsHandler operator_api.GetPVCEventsHandler
 	// OperatorAPIGetParityHandler sets the operation handler for the get parity operation
@@ -321,6 +370,8 @@ type OperatorAPI struct {
 	OperatorAPIListPVCsHandler operator_api.ListPVCsHandler
 	// OperatorAPIListPVCsForTenantHandler sets the operation handler for the list p v cs for tenant operation
 	OperatorAPIListPVCsForTenantHandler operator_api.ListPVCsForTenantHandler
+	// OperatorAPIListTenantCertificateSigningRequestHandler sets the operation handler for the list tenant certificate signing request operation
+	OperatorAPIListTenantCertificateSigningRequestHandler operator_api.ListTenantCertificateSigningRequestHandler
 	// OperatorAPIListTenantsHandler sets the operation handler for the list tenants operation
 	OperatorAPIListTenantsHandler operator_api.ListTenantsHandler
 	// AuthLoginDetailHandler sets the operation handler for the login detail operation
@@ -331,10 +382,24 @@ type OperatorAPI struct {
 	AuthLoginOperatorHandler auth.LoginOperatorHandler
 	// AuthLogoutHandler sets the operation handler for the logout operation
 	AuthLogoutHandler auth.LogoutHandler
+	// OperatorAPIOperatorSubnetAPIKeyInfoHandler sets the operation handler for the operator subnet API key info operation
+	OperatorAPIOperatorSubnetAPIKeyInfoHandler operator_api.OperatorSubnetAPIKeyInfoHandler
+	// OperatorAPIOperatorSubnetAPIKeyHandler sets the operation handler for the operator subnet Api key operation
+	OperatorAPIOperatorSubnetAPIKeyHandler operator_api.OperatorSubnetAPIKeyHandler
+	// OperatorAPIOperatorSubnetLoginHandler sets the operation handler for the operator subnet login operation
+	OperatorAPIOperatorSubnetLoginHandler operator_api.OperatorSubnetLoginHandler
+	// OperatorAPIOperatorSubnetLoginMFAHandler sets the operation handler for the operator subnet login m f a operation
+	OperatorAPIOperatorSubnetLoginMFAHandler operator_api.OperatorSubnetLoginMFAHandler
+	// OperatorAPIOperatorSubnetRegisterAPIKeyHandler sets the operation handler for the operator subnet register API key operation
+	OperatorAPIOperatorSubnetRegisterAPIKeyHandler operator_api.OperatorSubnetRegisterAPIKeyHandler
+	// OperatorAPIPostMPIntegrationHandler sets the operation handler for the post m p integration operation
+	OperatorAPIPostMPIntegrationHandler operator_api.PostMPIntegrationHandler
 	// OperatorAPIPutTenantYAMLHandler sets the operation handler for the put tenant y a m l operation
 	OperatorAPIPutTenantYAMLHandler operator_api.PutTenantYAMLHandler
 	// AuthSessionCheckHandler sets the operation handler for the session check operation
 	AuthSessionCheckHandler auth.SessionCheckHandler
+	// OperatorAPISetTenantAdministratorsHandler sets the operation handler for the set tenant administrators operation
+	OperatorAPISetTenantAdministratorsHandler operator_api.SetTenantAdministratorsHandler
 	// OperatorAPISetTenantLogsHandler sets the operation handler for the set tenant logs operation
 	OperatorAPISetTenantLogsHandler operator_api.SetTenantLogsHandler
 	// OperatorAPISetTenantMonitoringHandler sets the operation handler for the set tenant monitoring operation
@@ -475,6 +540,9 @@ func (o *OperatorAPI) Validate() error {
 	if o.OperatorAPIDescribePodHandler == nil {
 		unregistered = append(unregistered, "operator_api.DescribePodHandler")
 	}
+	if o.OperatorAPIDirectPVFormatDriveHandler == nil {
+		unregistered = append(unregistered, "operator_api.DirectPVFormatDriveHandler")
+	}
 	if o.OperatorAPIDisableTenantLoggingHandler == nil {
 		unregistered = append(unregistered, "operator_api.DisableTenantLoggingHandler")
 	}
@@ -484,9 +552,21 @@ func (o *OperatorAPI) Validate() error {
 	if o.OperatorAPIGetAllocatableResourcesHandler == nil {
 		unregistered = append(unregistered, "operator_api.GetAllocatableResourcesHandler")
 	}
+	if o.OperatorAPIGetDirectPVDriveListHandler == nil {
+		unregistered = append(unregistered, "operator_api.GetDirectPVDriveListHandler")
+	}
+	if o.OperatorAPIGetDirectPVVolumeListHandler == nil {
+		unregistered = append(unregistered, "operator_api.GetDirectPVVolumeListHandler")
+	}
+	if o.OperatorAPIGetMPIntegrationHandler == nil {
+		unregistered = append(unregistered, "operator_api.GetMPIntegrationHandler")
+	}
 	if o.OperatorAPIGetMaxAllocatableMemHandler == nil {
 		unregistered = append(unregistered, "operator_api.GetMaxAllocatableMemHandler")
 	}
+	if o.OperatorAPIGetPVCDescribeHandler == nil {
+		unregistered = append(unregistered, "operator_api.GetPVCDescribeHandler")
+	}
 	if o.OperatorAPIGetPVCEventsHandler == nil {
 		unregistered = append(unregistered, "operator_api.GetPVCEventsHandler")
 	}
@@ -532,6 +612,9 @@ func (o *OperatorAPI) Validate() error {
 	if o.OperatorAPIListPVCsForTenantHandler == nil {
 		unregistered = append(unregistered, "operator_api.ListPVCsForTenantHandler")
 	}
+	if o.OperatorAPIListTenantCertificateSigningRequestHandler == nil {
+		unregistered = append(unregistered, "operator_api.ListTenantCertificateSigningRequestHandler")
+	}
 	if o.OperatorAPIListTenantsHandler == nil {
 		unregistered = append(unregistered, "operator_api.ListTenantsHandler")
 	}
@@ -547,12 +630,33 @@ func (o *OperatorAPI) Validate() error {
 	if o.AuthLogoutHandler == nil {
 		unregistered = append(unregistered, "auth.LogoutHandler")
 	}
+	if o.OperatorAPIOperatorSubnetAPIKeyInfoHandler == nil {
+		unregistered = append(unregistered, "operator_api.OperatorSubnetAPIKeyInfoHandler")
+	}
+	if o.OperatorAPIOperatorSubnetAPIKeyHandler == nil {
+		unregistered = append(unregistered, "operator_api.OperatorSubnetAPIKeyHandler")
+	}
+	if o.OperatorAPIOperatorSubnetLoginHandler == nil {
+		unregistered = append(unregistered, "operator_api.OperatorSubnetLoginHandler")
+	}
+	if o.OperatorAPIOperatorSubnetLoginMFAHandler == nil {
+		unregistered = append(unregistered, "operator_api.OperatorSubnetLoginMFAHandler")
+	}
+	if o.OperatorAPIOperatorSubnetRegisterAPIKeyHandler == nil {
+		unregistered = append(unregistered, "operator_api.OperatorSubnetRegisterAPIKeyHandler")
+	}
+	if o.OperatorAPIPostMPIntegrationHandler == nil {
+		unregistered = append(unregistered, "operator_api.PostMPIntegrationHandler")
+	}
 	if o.OperatorAPIPutTenantYAMLHandler == nil {
 		unregistered = append(unregistered, "operator_api.PutTenantYAMLHandler")
 	}
 	if o.AuthSessionCheckHandler == nil {
 		unregistered = append(unregistered, "auth.SessionCheckHandler")
 	}
+	if o.OperatorAPISetTenantAdministratorsHandler == nil {
+		unregistered = append(unregistered, "operator_api.SetTenantAdministratorsHandler")
+	}
 	if o.OperatorAPISetTenantLogsHandler == nil {
 		unregistered = append(unregistered, "operator_api.SetTenantLogsHandler")
 	}
@@ -739,6 +843,10 @@ func (o *OperatorAPI) initHandlerCache() {
 	if o.handlers["POST"] == nil {
 		o.handlers["POST"] = make(map[string]http.Handler)
 	}
+	o.handlers["POST"]["/directpv/drives/format"] = operator_api.NewDirectPVFormatDrive(o.context, o.OperatorAPIDirectPVFormatDriveHandler)
+	if o.handlers["POST"] == nil {
+		o.handlers["POST"] = make(map[string]http.Handler)
+	}
 	o.handlers["POST"]["/namespaces/{namespace}/tenants/{tenant}/disable-logging"] = operator_api.NewDisableTenantLogging(o.context, o.OperatorAPIDisableTenantLoggingHandler)
 	if o.handlers["POST"] == nil {
 		o.handlers["POST"] = make(map[string]http.Handler)
@@ -751,10 +859,26 @@ func (o *OperatorAPI) initHandlerCache() {
 	if o.handlers["GET"] == nil {
 		o.handlers["GET"] = make(map[string]http.Handler)
 	}
+	o.handlers["GET"]["/directpv/drives"] = operator_api.NewGetDirectPVDriveList(o.context, o.OperatorAPIGetDirectPVDriveListHandler)
+	if o.handlers["GET"] == nil {
+		o.handlers["GET"] = make(map[string]http.Handler)
+	}
+	o.handlers["GET"]["/directpv/volumes"] = operator_api.NewGetDirectPVVolumeList(o.context, o.OperatorAPIGetDirectPVVolumeListHandler)
+	if o.handlers["GET"] == nil {
+		o.handlers["GET"] = make(map[string]http.Handler)
+	}
+	o.handlers["GET"]["/mp-integration"] = operator_api.NewGetMPIntegration(o.context, o.OperatorAPIGetMPIntegrationHandler)
+	if o.handlers["GET"] == nil {
+		o.handlers["GET"] = make(map[string]http.Handler)
+	}
 	o.handlers["GET"]["/cluster/max-allocatable-memory"] = operator_api.NewGetMaxAllocatableMem(o.context, o.OperatorAPIGetMaxAllocatableMemHandler)
 	if o.handlers["GET"] == nil {
 		o.handlers["GET"] = make(map[string]http.Handler)
 	}
+	o.handlers["GET"]["/namespaces/{namespace}/tenants/{tenant}/pvcs/{PVCName}/describe"] = operator_api.NewGetPVCDescribe(o.context, o.OperatorAPIGetPVCDescribeHandler)
+	if o.handlers["GET"] == nil {
+		o.handlers["GET"] = make(map[string]http.Handler)
+	}
 	o.handlers["GET"]["/namespaces/{namespace}/tenants/{tenant}/pvcs/{PVCName}/events"] = operator_api.NewGetPVCEvents(o.context, o.OperatorAPIGetPVCEventsHandler)
 	if o.handlers["GET"] == nil {
 		o.handlers["GET"] = make(map[string]http.Handler)
@@ -815,6 +939,10 @@ func (o *OperatorAPI) initHandlerCache() {
 	if o.handlers["GET"] == nil {
 		o.handlers["GET"] = make(map[string]http.Handler)
 	}
+	o.handlers["GET"]["/namespaces/{namespace}/tenants/{tenant}/csr"] = operator_api.NewListTenantCertificateSigningRequest(o.context, o.OperatorAPIListTenantCertificateSigningRequestHandler)
+	if o.handlers["GET"] == nil {
+		o.handlers["GET"] = make(map[string]http.Handler)
+	}
 	o.handlers["GET"]["/namespaces/{namespace}/tenants"] = operator_api.NewListTenants(o.context, o.OperatorAPIListTenantsHandler)
 	if o.handlers["GET"] == nil {
 		o.handlers["GET"] = make(map[string]http.Handler)
@@ -832,6 +960,30 @@ func (o *OperatorAPI) initHandlerCache() {
 		o.handlers["POST"] = make(map[string]http.Handler)
 	}
 	o.handlers["POST"]["/logout"] = auth.NewLogout(o.context, o.AuthLogoutHandler)
+	if o.handlers["GET"] == nil {
+		o.handlers["GET"] = make(map[string]http.Handler)
+	}
+	o.handlers["GET"]["/subnet/apikey/info"] = operator_api.NewOperatorSubnetAPIKeyInfo(o.context, o.OperatorAPIOperatorSubnetAPIKeyInfoHandler)
+	if o.handlers["GET"] == nil {
+		o.handlers["GET"] = make(map[string]http.Handler)
+	}
+	o.handlers["GET"]["/subnet/apikey"] = operator_api.NewOperatorSubnetAPIKey(o.context, o.OperatorAPIOperatorSubnetAPIKeyHandler)
+	if o.handlers["POST"] == nil {
+		o.handlers["POST"] = make(map[string]http.Handler)
+	}
+	o.handlers["POST"]["/subnet/login"] = operator_api.NewOperatorSubnetLogin(o.context, o.OperatorAPIOperatorSubnetLoginHandler)
+	if o.handlers["POST"] == nil {
+		o.handlers["POST"] = make(map[string]http.Handler)
+	}
+	o.handlers["POST"]["/subnet/login/mfa"] = operator_api.NewOperatorSubnetLoginMFA(o.context, o.OperatorAPIOperatorSubnetLoginMFAHandler)
+	if o.handlers["POST"] == nil {
+		o.handlers["POST"] = make(map[string]http.Handler)
+	}
+	o.handlers["POST"]["/subnet/apikey/register"] = operator_api.NewOperatorSubnetRegisterAPIKey(o.context, o.OperatorAPIOperatorSubnetRegisterAPIKeyHandler)
+	if o.handlers["POST"] == nil {
+		o.handlers["POST"] = make(map[string]http.Handler)
+	}
+	o.handlers["POST"]["/mp-integration"] = operator_api.NewPostMPIntegration(o.context, o.OperatorAPIPostMPIntegrationHandler)
 	if o.handlers["PUT"] == nil {
 		o.handlers["PUT"] = make(map[string]http.Handler)
 	}
@@ -840,6 +992,10 @@ func (o *OperatorAPI) initHandlerCache() {
 		o.handlers["GET"] = make(map[string]http.Handler)
 	}
 	o.handlers["GET"]["/session"] = auth.NewSessionCheck(o.context, o.AuthSessionCheckHandler)
+	if o.handlers["POST"] == nil {
+		o.handlers["POST"] = make(map[string]http.Handler)
+	}
+	o.handlers["POST"]["/namespaces/{namespace}/tenants/{tenant}/set-administrators"] = operator_api.NewSetTenantAdministrators(o.context, o.OperatorAPISetTenantAdministratorsHandler)
 	if o.handlers["PUT"] == nil {
 		o.handlers["PUT"] = make(map[string]http.Handler)
 	}
--- a/operatorapi/operations/operator_api/direct_p_v_format_drive.go
+++ b/operatorapi/operations/operator_api/direct_p_v_format_drive.go
@@ -0,0 +1,88 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/runtime/middleware"
+
+	"github.com/minio/console/models"
+)
+
+// DirectPVFormatDriveHandlerFunc turns a function with the right signature into a direct p v format drive handler
+type DirectPVFormatDriveHandlerFunc func(DirectPVFormatDriveParams, *models.Principal) middleware.Responder
+
+// Handle executing the request and returning a response
+func (fn DirectPVFormatDriveHandlerFunc) Handle(params DirectPVFormatDriveParams, principal *models.Principal) middleware.Responder {
+	return fn(params, principal)
+}
+
+// DirectPVFormatDriveHandler interface for that can handle valid direct p v format drive params
+type DirectPVFormatDriveHandler interface {
+	Handle(DirectPVFormatDriveParams, *models.Principal) middleware.Responder
+}
+
+// NewDirectPVFormatDrive creates a new http.Handler for the direct p v format drive operation
+func NewDirectPVFormatDrive(ctx *middleware.Context, handler DirectPVFormatDriveHandler) *DirectPVFormatDrive {
+	return &DirectPVFormatDrive{Context: ctx, Handler: handler}
+}
+
+/* DirectPVFormatDrive swagger:route POST /directpv/drives/format OperatorAPI directPVFormatDrive
+
+Format directpv drives from a list
+
+*/
+type DirectPVFormatDrive struct {
+	Context *middleware.Context
+	Handler DirectPVFormatDriveHandler
+}
+
+func (o *DirectPVFormatDrive) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
+	route, rCtx, _ := o.Context.RouteInfo(r)
+	if rCtx != nil {
+		*r = *rCtx
+	}
+	var Params = NewDirectPVFormatDriveParams()
+	uprinc, aCtx, err := o.Context.Authorize(r, route)
+	if err != nil {
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+	if aCtx != nil {
+		*r = *aCtx
+	}
+	var principal *models.Principal
+	if uprinc != nil {
+		principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise
+	}
+
+	if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+
+	res := o.Handler.Handle(Params, principal) // actually handle the request
+	o.Context.Respond(rw, r, route.Produces, route, res)
+
+}
--- a/operatorapi/operations/operator_api/direct_p_v_format_drive_parameters.go
+++ b/operatorapi/operations/operator_api/direct_p_v_format_drive_parameters.go
@@ -0,0 +1,102 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"io"
+	"net/http"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/runtime"
+	"github.com/go-openapi/runtime/middleware"
+	"github.com/go-openapi/validate"
+
+	"github.com/minio/console/models"
+)
+
+// NewDirectPVFormatDriveParams creates a new DirectPVFormatDriveParams object
+//
+// There are no default values defined in the spec.
+func NewDirectPVFormatDriveParams() DirectPVFormatDriveParams {
+
+	return DirectPVFormatDriveParams{}
+}
+
+// DirectPVFormatDriveParams contains all the bound params for the direct p v format drive operation
+// typically these are obtained from a http.Request
+//
+// swagger:parameters DirectPVFormatDrive
+type DirectPVFormatDriveParams struct {
+
+	// HTTP Request Object
+	HTTPRequest *http.Request `json:"-"`
+
+	/*
+	  Required: true
+	  In: body
+	*/
+	Body *models.FormatConfiguration
+}
+
+// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
+// for simple values it will use straight method calls.
+//
+// To ensure default values, the struct must have been initialized with NewDirectPVFormatDriveParams() beforehand.
+func (o *DirectPVFormatDriveParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
+	var res []error
+
+	o.HTTPRequest = r
+
+	if runtime.HasBody(r) {
+		defer r.Body.Close()
+		var body models.FormatConfiguration
+		if err := route.Consumer.Consume(r.Body, &body); err != nil {
+			if err == io.EOF {
+				res = append(res, errors.Required("body", "body", ""))
+			} else {
+				res = append(res, errors.NewParseError("body", "body", "", err))
+			}
+		} else {
+			// validate body object
+			if err := body.Validate(route.Formats); err != nil {
+				res = append(res, err)
+			}
+
+			ctx := validate.WithOperationRequest(context.Background())
+			if err := body.ContextValidate(ctx, route.Formats); err != nil {
+				res = append(res, err)
+			}
+
+			if len(res) == 0 {
+				o.Body = &body
+			}
+		}
+	} else {
+		res = append(res, errors.Required("body", "body", ""))
+	}
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
--- a/operatorapi/operations/operator_api/direct_p_v_format_drive_responses.go
+++ b/operatorapi/operations/operator_api/direct_p_v_format_drive_responses.go
@@ -0,0 +1,133 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/runtime"
+
+	"github.com/minio/console/models"
+)
+
+// DirectPVFormatDriveOKCode is the HTTP code returned for type DirectPVFormatDriveOK
+const DirectPVFormatDriveOKCode int = 200
+
+/*DirectPVFormatDriveOK A successful response.
+
+swagger:response directPVFormatDriveOK
+*/
+type DirectPVFormatDriveOK struct {
+
+	/*
+	  In: Body
+	*/
+	Payload *models.FormatDirectPVDrivesResponse `json:"body,omitempty"`
+}
+
+// NewDirectPVFormatDriveOK creates DirectPVFormatDriveOK with default headers values
+func NewDirectPVFormatDriveOK() *DirectPVFormatDriveOK {
+
+	return &DirectPVFormatDriveOK{}
+}
+
+// WithPayload adds the payload to the direct p v format drive o k response
+func (o *DirectPVFormatDriveOK) WithPayload(payload *models.FormatDirectPVDrivesResponse) *DirectPVFormatDriveOK {
+	o.Payload = payload
+	return o
+}
+
+// SetPayload sets the payload to the direct p v format drive o k response
+func (o *DirectPVFormatDriveOK) SetPayload(payload *models.FormatDirectPVDrivesResponse) {
+	o.Payload = payload
+}
+
+// WriteResponse to the client
+func (o *DirectPVFormatDriveOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.WriteHeader(200)
+	if o.Payload != nil {
+		payload := o.Payload
+		if err := producer.Produce(rw, payload); err != nil {
+			panic(err) // let the recovery middleware deal with this
+		}
+	}
+}
+
+/*DirectPVFormatDriveDefault Generic error response.
+
+swagger:response directPVFormatDriveDefault
+*/
+type DirectPVFormatDriveDefault struct {
+	_statusCode int
+
+	/*
+	  In: Body
+	*/
+	Payload *models.Error `json:"body,omitempty"`
+}
+
+// NewDirectPVFormatDriveDefault creates DirectPVFormatDriveDefault with default headers values
+func NewDirectPVFormatDriveDefault(code int) *DirectPVFormatDriveDefault {
+	if code <= 0 {
+		code = 500
+	}
+
+	return &DirectPVFormatDriveDefault{
+		_statusCode: code,
+	}
+}
+
+// WithStatusCode adds the status to the direct p v format drive default response
+func (o *DirectPVFormatDriveDefault) WithStatusCode(code int) *DirectPVFormatDriveDefault {
+	o._statusCode = code
+	return o
+}
+
+// SetStatusCode sets the status to the direct p v format drive default response
+func (o *DirectPVFormatDriveDefault) SetStatusCode(code int) {
+	o._statusCode = code
+}
+
+// WithPayload adds the payload to the direct p v format drive default response
+func (o *DirectPVFormatDriveDefault) WithPayload(payload *models.Error) *DirectPVFormatDriveDefault {
+	o.Payload = payload
+	return o
+}
+
+// SetPayload sets the payload to the direct p v format drive default response
+func (o *DirectPVFormatDriveDefault) SetPayload(payload *models.Error) {
+	o.Payload = payload
+}
+
+// WriteResponse to the client
+func (o *DirectPVFormatDriveDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.WriteHeader(o._statusCode)
+	if o.Payload != nil {
+		payload := o.Payload
+		if err := producer.Produce(rw, payload); err != nil {
+			panic(err) // let the recovery middleware deal with this
+		}
+	}
+}
--- a/operatorapi/operations/operator_api/direct_p_v_format_drive_urlbuilder.go
+++ b/operatorapi/operations/operator_api/direct_p_v_format_drive_urlbuilder.go
@@ -0,0 +1,104 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+	"errors"
+	"net/url"
+	golangswaggerpaths "path"
+)
+
+// DirectPVFormatDriveURL generates an URL for the direct p v format drive operation
+type DirectPVFormatDriveURL struct {
+	_basePath string
+}
+
+// WithBasePath sets the base path for this url builder, only required when it's different from the
+// base path specified in the swagger spec.
+// When the value of the base path is an empty string
+func (o *DirectPVFormatDriveURL) WithBasePath(bp string) *DirectPVFormatDriveURL {
+	o.SetBasePath(bp)
+	return o
+}
+
+// SetBasePath sets the base path for this url builder, only required when it's different from the
+// base path specified in the swagger spec.
+// When the value of the base path is an empty string
+func (o *DirectPVFormatDriveURL) SetBasePath(bp string) {
+	o._basePath = bp
+}
+
+// Build a url path and query string
+func (o *DirectPVFormatDriveURL) Build() (*url.URL, error) {
+	var _result url.URL
+
+	var _path = "/directpv/drives/format"
+
+	_basePath := o._basePath
+	if _basePath == "" {
+		_basePath = "/api/v1"
+	}
+	_result.Path = golangswaggerpaths.Join(_basePath, _path)
+
+	return &_result, nil
+}
+
+// Must is a helper function to panic when the url builder returns an error
+func (o *DirectPVFormatDriveURL) Must(u *url.URL, err error) *url.URL {
+	if err != nil {
+		panic(err)
+	}
+	if u == nil {
+		panic("url can't be nil")
+	}
+	return u
+}
+
+// String returns the string representation of the path with query string
+func (o *DirectPVFormatDriveURL) String() string {
+	return o.Must(o.Build()).String()
+}
+
+// BuildFull builds a full url with scheme, host, path and query string
+func (o *DirectPVFormatDriveURL) BuildFull(scheme, host string) (*url.URL, error) {
+	if scheme == "" {
+		return nil, errors.New("scheme is required for a full url on DirectPVFormatDriveURL")
+	}
+	if host == "" {
+		return nil, errors.New("host is required for a full url on DirectPVFormatDriveURL")
+	}
+
+	base, err := o.Build()
+	if err != nil {
+		return nil, err
+	}
+
+	base.Scheme = scheme
+	base.Host = host
+	return base, nil
+}
+
+// StringFull returns the string representation of a complete url
+func (o *DirectPVFormatDriveURL) StringFull(scheme, host string) string {
+	return o.Must(o.BuildFull(scheme, host)).String()
+}
--- a/operatorapi/operations/operator_api/get_direct_p_v_drive_list.go
+++ b/operatorapi/operations/operator_api/get_direct_p_v_drive_list.go
@@ -0,0 +1,88 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/runtime/middleware"
+
+	"github.com/minio/console/models"
+)
+
+// GetDirectPVDriveListHandlerFunc turns a function with the right signature into a get direct p v drive list handler
+type GetDirectPVDriveListHandlerFunc func(GetDirectPVDriveListParams, *models.Principal) middleware.Responder
+
+// Handle executing the request and returning a response
+func (fn GetDirectPVDriveListHandlerFunc) Handle(params GetDirectPVDriveListParams, principal *models.Principal) middleware.Responder {
+	return fn(params, principal)
+}
+
+// GetDirectPVDriveListHandler interface for that can handle valid get direct p v drive list params
+type GetDirectPVDriveListHandler interface {
+	Handle(GetDirectPVDriveListParams, *models.Principal) middleware.Responder
+}
+
+// NewGetDirectPVDriveList creates a new http.Handler for the get direct p v drive list operation
+func NewGetDirectPVDriveList(ctx *middleware.Context, handler GetDirectPVDriveListHandler) *GetDirectPVDriveList {
+	return &GetDirectPVDriveList{Context: ctx, Handler: handler}
+}
+
+/* GetDirectPVDriveList swagger:route GET /directpv/drives OperatorAPI getDirectPVDriveList
+
+Get directpv drives list
+
+*/
+type GetDirectPVDriveList struct {
+	Context *middleware.Context
+	Handler GetDirectPVDriveListHandler
+}
+
+func (o *GetDirectPVDriveList) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
+	route, rCtx, _ := o.Context.RouteInfo(r)
+	if rCtx != nil {
+		*r = *rCtx
+	}
+	var Params = NewGetDirectPVDriveListParams()
+	uprinc, aCtx, err := o.Context.Authorize(r, route)
+	if err != nil {
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+	if aCtx != nil {
+		*r = *aCtx
+	}
+	var principal *models.Principal
+	if uprinc != nil {
+		principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise
+	}
+
+	if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+
+	res := o.Handler.Handle(Params, principal) // actually handle the request
+	o.Context.Respond(rw, r, route.Produces, route, res)
+
+}
--- a/operatorapi/operations/operator_api/get_direct_p_v_drive_list_parameters.go
+++ b/operatorapi/operations/operator_api/get_direct_p_v_drive_list_parameters.go
@@ -0,0 +1,121 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/runtime"
+	"github.com/go-openapi/runtime/middleware"
+	"github.com/go-openapi/strfmt"
+)
+
+// NewGetDirectPVDriveListParams creates a new GetDirectPVDriveListParams object
+//
+// There are no default values defined in the spec.
+func NewGetDirectPVDriveListParams() GetDirectPVDriveListParams {
+
+	return GetDirectPVDriveListParams{}
+}
+
+// GetDirectPVDriveListParams contains all the bound params for the get direct p v drive list operation
+// typically these are obtained from a http.Request
+//
+// swagger:parameters GetDirectPVDriveList
+type GetDirectPVDriveListParams struct {
+
+	// HTTP Request Object
+	HTTPRequest *http.Request `json:"-"`
+
+	/*
+	  In: query
+	*/
+	Drives *string
+	/*
+	  In: query
+	*/
+	Nodes *string
+}
+
+// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
+// for simple values it will use straight method calls.
+//
+// To ensure default values, the struct must have been initialized with NewGetDirectPVDriveListParams() beforehand.
+func (o *GetDirectPVDriveListParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
+	var res []error
+
+	o.HTTPRequest = r
+
+	qs := runtime.Values(r.URL.Query())
+
+	qDrives, qhkDrives, _ := qs.GetOK("drives")
+	if err := o.bindDrives(qDrives, qhkDrives, route.Formats); err != nil {
+		res = append(res, err)
+	}
+
+	qNodes, qhkNodes, _ := qs.GetOK("nodes")
+	if err := o.bindNodes(qNodes, qhkNodes, route.Formats); err != nil {
+		res = append(res, err)
+	}
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+// bindDrives binds and validates parameter Drives from query.
+func (o *GetDirectPVDriveListParams) bindDrives(rawData []string, hasKey bool, formats strfmt.Registry) error {
+	var raw string
+	if len(rawData) > 0 {
+		raw = rawData[len(rawData)-1]
+	}
+
+	// Required: false
+	// AllowEmptyValue: false
+
+	if raw == "" { // empty values pass all other validations
+		return nil
+	}
+	o.Drives = &raw
+
+	return nil
+}
+
+// bindNodes binds and validates parameter Nodes from query.
+func (o *GetDirectPVDriveListParams) bindNodes(rawData []string, hasKey bool, formats strfmt.Registry) error {
+	var raw string
+	if len(rawData) > 0 {
+		raw = rawData[len(rawData)-1]
+	}
+
+	// Required: false
+	// AllowEmptyValue: false
+
+	if raw == "" { // empty values pass all other validations
+		return nil
+	}
+	o.Nodes = &raw
+
+	return nil
+}
--- a/operatorapi/operations/operator_api/get_direct_p_v_drive_list_responses.go
+++ b/operatorapi/operations/operator_api/get_direct_p_v_drive_list_responses.go
@@ -0,0 +1,133 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/runtime"
+
+	"github.com/minio/console/models"
+)
+
+// GetDirectPVDriveListOKCode is the HTTP code returned for type GetDirectPVDriveListOK
+const GetDirectPVDriveListOKCode int = 200
+
+/*GetDirectPVDriveListOK A successful response.
+
+swagger:response getDirectPVDriveListOK
+*/
+type GetDirectPVDriveListOK struct {
+
+	/*
+	  In: Body
+	*/
+	Payload *models.GetDirectPVDriveListResponse `json:"body,omitempty"`
+}
+
+// NewGetDirectPVDriveListOK creates GetDirectPVDriveListOK with default headers values
+func NewGetDirectPVDriveListOK() *GetDirectPVDriveListOK {
+
+	return &GetDirectPVDriveListOK{}
+}
+
+// WithPayload adds the payload to the get direct p v drive list o k response
+func (o *GetDirectPVDriveListOK) WithPayload(payload *models.GetDirectPVDriveListResponse) *GetDirectPVDriveListOK {
+	o.Payload = payload
+	return o
+}
+
+// SetPayload sets the payload to the get direct p v drive list o k response
+func (o *GetDirectPVDriveListOK) SetPayload(payload *models.GetDirectPVDriveListResponse) {
+	o.Payload = payload
+}
+
+// WriteResponse to the client
+func (o *GetDirectPVDriveListOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.WriteHeader(200)
+	if o.Payload != nil {
+		payload := o.Payload
+		if err := producer.Produce(rw, payload); err != nil {
+			panic(err) // let the recovery middleware deal with this
+		}
+	}
+}
+
+/*GetDirectPVDriveListDefault Generic error response.
+
+swagger:response getDirectPVDriveListDefault
+*/
+type GetDirectPVDriveListDefault struct {
+	_statusCode int
+
+	/*
+	  In: Body
+	*/
+	Payload *models.Error `json:"body,omitempty"`
+}
+
+// NewGetDirectPVDriveListDefault creates GetDirectPVDriveListDefault with default headers values
+func NewGetDirectPVDriveListDefault(code int) *GetDirectPVDriveListDefault {
+	if code <= 0 {
+		code = 500
+	}
+
+	return &GetDirectPVDriveListDefault{
+		_statusCode: code,
+	}
+}
+
+// WithStatusCode adds the status to the get direct p v drive list default response
+func (o *GetDirectPVDriveListDefault) WithStatusCode(code int) *GetDirectPVDriveListDefault {
+	o._statusCode = code
+	return o
+}
+
+// SetStatusCode sets the status to the get direct p v drive list default response
+func (o *GetDirectPVDriveListDefault) SetStatusCode(code int) {
+	o._statusCode = code
+}
+
+// WithPayload adds the payload to the get direct p v drive list default response
+func (o *GetDirectPVDriveListDefault) WithPayload(payload *models.Error) *GetDirectPVDriveListDefault {
+	o.Payload = payload
+	return o
+}
+
+// SetPayload sets the payload to the get direct p v drive list default response
+func (o *GetDirectPVDriveListDefault) SetPayload(payload *models.Error) {
+	o.Payload = payload
+}
+
+// WriteResponse to the client
+func (o *GetDirectPVDriveListDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.WriteHeader(o._statusCode)
+	if o.Payload != nil {
+		payload := o.Payload
+		if err := producer.Produce(rw, payload); err != nil {
+			panic(err) // let the recovery middleware deal with this
+		}
+	}
+}
--- a/operatorapi/operations/operator_api/get_direct_p_v_drive_list_urlbuilder.go
+++ b/operatorapi/operations/operator_api/get_direct_p_v_drive_list_urlbuilder.go
@@ -0,0 +1,129 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+	"errors"
+	"net/url"
+	golangswaggerpaths "path"
+)
+
+// GetDirectPVDriveListURL generates an URL for the get direct p v drive list operation
+type GetDirectPVDriveListURL struct {
+	Drives *string
+	Nodes  *string
+
+	_basePath string
+	// avoid unkeyed usage
+	_ struct{}
+}
+
+// WithBasePath sets the base path for this url builder, only required when it's different from the
+// base path specified in the swagger spec.
+// When the value of the base path is an empty string
+func (o *GetDirectPVDriveListURL) WithBasePath(bp string) *GetDirectPVDriveListURL {
+	o.SetBasePath(bp)
+	return o
+}
+
+// SetBasePath sets the base path for this url builder, only required when it's different from the
+// base path specified in the swagger spec.
+// When the value of the base path is an empty string
+func (o *GetDirectPVDriveListURL) SetBasePath(bp string) {
+	o._basePath = bp
+}
+
+// Build a url path and query string
+func (o *GetDirectPVDriveListURL) Build() (*url.URL, error) {
+	var _result url.URL
+
+	var _path = "/directpv/drives"
+
+	_basePath := o._basePath
+	if _basePath == "" {
+		_basePath = "/api/v1"
+	}
+	_result.Path = golangswaggerpaths.Join(_basePath, _path)
+
+	qs := make(url.Values)
+
+	var drivesQ string
+	if o.Drives != nil {
+		drivesQ = *o.Drives
+	}
+	if drivesQ != "" {
+		qs.Set("drives", drivesQ)
+	}
+
+	var nodesQ string
+	if o.Nodes != nil {
+		nodesQ = *o.Nodes
+	}
+	if nodesQ != "" {
+		qs.Set("nodes", nodesQ)
+	}
+
+	_result.RawQuery = qs.Encode()
+
+	return &_result, nil
+}
+
+// Must is a helper function to panic when the url builder returns an error
+func (o *GetDirectPVDriveListURL) Must(u *url.URL, err error) *url.URL {
+	if err != nil {
+		panic(err)
+	}
+	if u == nil {
+		panic("url can't be nil")
+	}
+	return u
+}
+
+// String returns the string representation of the path with query string
+func (o *GetDirectPVDriveListURL) String() string {
+	return o.Must(o.Build()).String()
+}
+
+// BuildFull builds a full url with scheme, host, path and query string
+func (o *GetDirectPVDriveListURL) BuildFull(scheme, host string) (*url.URL, error) {
+	if scheme == "" {
+		return nil, errors.New("scheme is required for a full url on GetDirectPVDriveListURL")
+	}
+	if host == "" {
+		return nil, errors.New("host is required for a full url on GetDirectPVDriveListURL")
+	}
+
+	base, err := o.Build()
+	if err != nil {
+		return nil, err
+	}
+
+	base.Scheme = scheme
+	base.Host = host
+	return base, nil
+}
+
+// StringFull returns the string representation of a complete url
+func (o *GetDirectPVDriveListURL) StringFull(scheme, host string) string {
+	return o.Must(o.BuildFull(scheme, host)).String()
+}
--- a/operatorapi/operations/operator_api/get_direct_p_v_volume_list.go
+++ b/operatorapi/operations/operator_api/get_direct_p_v_volume_list.go
@@ -0,0 +1,88 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/runtime/middleware"
+
+	"github.com/minio/console/models"
+)
+
+// GetDirectPVVolumeListHandlerFunc turns a function with the right signature into a get direct p v volume list handler
+type GetDirectPVVolumeListHandlerFunc func(GetDirectPVVolumeListParams, *models.Principal) middleware.Responder
+
+// Handle executing the request and returning a response
+func (fn GetDirectPVVolumeListHandlerFunc) Handle(params GetDirectPVVolumeListParams, principal *models.Principal) middleware.Responder {
+	return fn(params, principal)
+}
+
+// GetDirectPVVolumeListHandler interface for that can handle valid get direct p v volume list params
+type GetDirectPVVolumeListHandler interface {
+	Handle(GetDirectPVVolumeListParams, *models.Principal) middleware.Responder
+}
+
+// NewGetDirectPVVolumeList creates a new http.Handler for the get direct p v volume list operation
+func NewGetDirectPVVolumeList(ctx *middleware.Context, handler GetDirectPVVolumeListHandler) *GetDirectPVVolumeList {
+	return &GetDirectPVVolumeList{Context: ctx, Handler: handler}
+}
+
+/* GetDirectPVVolumeList swagger:route GET /directpv/volumes OperatorAPI getDirectPVVolumeList
+
+Get directpv volumes list
+
+*/
+type GetDirectPVVolumeList struct {
+	Context *middleware.Context
+	Handler GetDirectPVVolumeListHandler
+}
+
+func (o *GetDirectPVVolumeList) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
+	route, rCtx, _ := o.Context.RouteInfo(r)
+	if rCtx != nil {
+		*r = *rCtx
+	}
+	var Params = NewGetDirectPVVolumeListParams()
+	uprinc, aCtx, err := o.Context.Authorize(r, route)
+	if err != nil {
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+	if aCtx != nil {
+		*r = *aCtx
+	}
+	var principal *models.Principal
+	if uprinc != nil {
+		principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise
+	}
+
+	if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+
+	res := o.Handler.Handle(Params, principal) // actually handle the request
+	o.Context.Respond(rw, r, route.Produces, route, res)
+
+}
--- a/operatorapi/operations/operator_api/get_direct_p_v_volume_list_parameters.go
+++ b/operatorapi/operations/operator_api/get_direct_p_v_volume_list_parameters.go
@@ -0,0 +1,121 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/runtime"
+	"github.com/go-openapi/runtime/middleware"
+	"github.com/go-openapi/strfmt"
+)
+
+// NewGetDirectPVVolumeListParams creates a new GetDirectPVVolumeListParams object
+//
+// There are no default values defined in the spec.
+func NewGetDirectPVVolumeListParams() GetDirectPVVolumeListParams {
+
+	return GetDirectPVVolumeListParams{}
+}
+
+// GetDirectPVVolumeListParams contains all the bound params for the get direct p v volume list operation
+// typically these are obtained from a http.Request
+//
+// swagger:parameters GetDirectPVVolumeList
+type GetDirectPVVolumeListParams struct {
+
+	// HTTP Request Object
+	HTTPRequest *http.Request `json:"-"`
+
+	/*
+	  In: query
+	*/
+	Drives *string
+	/*
+	  In: query
+	*/
+	Nodes *string
+}
+
+// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
+// for simple values it will use straight method calls.
+//
+// To ensure default values, the struct must have been initialized with NewGetDirectPVVolumeListParams() beforehand.
+func (o *GetDirectPVVolumeListParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
+	var res []error
+
+	o.HTTPRequest = r
+
+	qs := runtime.Values(r.URL.Query())
+
+	qDrives, qhkDrives, _ := qs.GetOK("drives")
+	if err := o.bindDrives(qDrives, qhkDrives, route.Formats); err != nil {
+		res = append(res, err)
+	}
+
+	qNodes, qhkNodes, _ := qs.GetOK("nodes")
+	if err := o.bindNodes(qNodes, qhkNodes, route.Formats); err != nil {
+		res = append(res, err)
+	}
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+// bindDrives binds and validates parameter Drives from query.
+func (o *GetDirectPVVolumeListParams) bindDrives(rawData []string, hasKey bool, formats strfmt.Registry) error {
+	var raw string
+	if len(rawData) > 0 {
+		raw = rawData[len(rawData)-1]
+	}
+
+	// Required: false
+	// AllowEmptyValue: false
+
+	if raw == "" { // empty values pass all other validations
+		return nil
+	}
+	o.Drives = &raw
+
+	return nil
+}
+
+// bindNodes binds and validates parameter Nodes from query.
+func (o *GetDirectPVVolumeListParams) bindNodes(rawData []string, hasKey bool, formats strfmt.Registry) error {
+	var raw string
+	if len(rawData) > 0 {
+		raw = rawData[len(rawData)-1]
+	}
+
+	// Required: false
+	// AllowEmptyValue: false
+
+	if raw == "" { // empty values pass all other validations
+		return nil
+	}
+	o.Nodes = &raw
+
+	return nil
+}
--- a/operatorapi/operations/operator_api/get_direct_p_v_volume_list_responses.go
+++ b/operatorapi/operations/operator_api/get_direct_p_v_volume_list_responses.go
@@ -0,0 +1,133 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/runtime"
+
+	"github.com/minio/console/models"
+)
+
+// GetDirectPVVolumeListOKCode is the HTTP code returned for type GetDirectPVVolumeListOK
+const GetDirectPVVolumeListOKCode int = 200
+
+/*GetDirectPVVolumeListOK A successful response.
+
+swagger:response getDirectPVVolumeListOK
+*/
+type GetDirectPVVolumeListOK struct {
+
+	/*
+	  In: Body
+	*/
+	Payload *models.GetDirectPVVolumeListResponse `json:"body,omitempty"`
+}
+
+// NewGetDirectPVVolumeListOK creates GetDirectPVVolumeListOK with default headers values
+func NewGetDirectPVVolumeListOK() *GetDirectPVVolumeListOK {
+
+	return &GetDirectPVVolumeListOK{}
+}
+
+// WithPayload adds the payload to the get direct p v volume list o k response
+func (o *GetDirectPVVolumeListOK) WithPayload(payload *models.GetDirectPVVolumeListResponse) *GetDirectPVVolumeListOK {
+	o.Payload = payload
+	return o
+}
+
+// SetPayload sets the payload to the get direct p v volume list o k response
+func (o *GetDirectPVVolumeListOK) SetPayload(payload *models.GetDirectPVVolumeListResponse) {
+	o.Payload = payload
+}
+
+// WriteResponse to the client
+func (o *GetDirectPVVolumeListOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.WriteHeader(200)
+	if o.Payload != nil {
+		payload := o.Payload
+		if err := producer.Produce(rw, payload); err != nil {
+			panic(err) // let the recovery middleware deal with this
+		}
+	}
+}
+
+/*GetDirectPVVolumeListDefault Generic error response.
+
+swagger:response getDirectPVVolumeListDefault
+*/
+type GetDirectPVVolumeListDefault struct {
+	_statusCode int
+
+	/*
+	  In: Body
+	*/
+	Payload *models.Error `json:"body,omitempty"`
+}
+
+// NewGetDirectPVVolumeListDefault creates GetDirectPVVolumeListDefault with default headers values
+func NewGetDirectPVVolumeListDefault(code int) *GetDirectPVVolumeListDefault {
+	if code <= 0 {
+		code = 500
+	}
+
+	return &GetDirectPVVolumeListDefault{
+		_statusCode: code,
+	}
+}
+
+// WithStatusCode adds the status to the get direct p v volume list default response
+func (o *GetDirectPVVolumeListDefault) WithStatusCode(code int) *GetDirectPVVolumeListDefault {
+	o._statusCode = code
+	return o
+}
+
+// SetStatusCode sets the status to the get direct p v volume list default response
+func (o *GetDirectPVVolumeListDefault) SetStatusCode(code int) {
+	o._statusCode = code
+}
+
+// WithPayload adds the payload to the get direct p v volume list default response
+func (o *GetDirectPVVolumeListDefault) WithPayload(payload *models.Error) *GetDirectPVVolumeListDefault {
+	o.Payload = payload
+	return o
+}
+
+// SetPayload sets the payload to the get direct p v volume list default response
+func (o *GetDirectPVVolumeListDefault) SetPayload(payload *models.Error) {
+	o.Payload = payload
+}
+
+// WriteResponse to the client
+func (o *GetDirectPVVolumeListDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.WriteHeader(o._statusCode)
+	if o.Payload != nil {
+		payload := o.Payload
+		if err := producer.Produce(rw, payload); err != nil {
+			panic(err) // let the recovery middleware deal with this
+		}
+	}
+}
--- a/operatorapi/operations/operator_api/get_direct_p_v_volume_list_urlbuilder.go
+++ b/operatorapi/operations/operator_api/get_direct_p_v_volume_list_urlbuilder.go
@@ -0,0 +1,129 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+	"errors"
+	"net/url"
+	golangswaggerpaths "path"
+)
+
+// GetDirectPVVolumeListURL generates an URL for the get direct p v volume list operation
+type GetDirectPVVolumeListURL struct {
+	Drives *string
+	Nodes  *string
+
+	_basePath string
+	// avoid unkeyed usage
+	_ struct{}
+}
+
+// WithBasePath sets the base path for this url builder, only required when it's different from the
+// base path specified in the swagger spec.
+// When the value of the base path is an empty string
+func (o *GetDirectPVVolumeListURL) WithBasePath(bp string) *GetDirectPVVolumeListURL {
+	o.SetBasePath(bp)
+	return o
+}
+
+// SetBasePath sets the base path for this url builder, only required when it's different from the
+// base path specified in the swagger spec.
+// When the value of the base path is an empty string
+func (o *GetDirectPVVolumeListURL) SetBasePath(bp string) {
+	o._basePath = bp
+}
+
+// Build a url path and query string
+func (o *GetDirectPVVolumeListURL) Build() (*url.URL, error) {
+	var _result url.URL
+
+	var _path = "/directpv/volumes"
+
+	_basePath := o._basePath
+	if _basePath == "" {
+		_basePath = "/api/v1"
+	}
+	_result.Path = golangswaggerpaths.Join(_basePath, _path)
+
+	qs := make(url.Values)
+
+	var drivesQ string
+	if o.Drives != nil {
+		drivesQ = *o.Drives
+	}
+	if drivesQ != "" {
+		qs.Set("drives", drivesQ)
+	}
+
+	var nodesQ string
+	if o.Nodes != nil {
+		nodesQ = *o.Nodes
+	}
+	if nodesQ != "" {
+		qs.Set("nodes", nodesQ)
+	}
+
+	_result.RawQuery = qs.Encode()
+
+	return &_result, nil
+}
+
+// Must is a helper function to panic when the url builder returns an error
+func (o *GetDirectPVVolumeListURL) Must(u *url.URL, err error) *url.URL {
+	if err != nil {
+		panic(err)
+	}
+	if u == nil {
+		panic("url can't be nil")
+	}
+	return u
+}
+
+// String returns the string representation of the path with query string
+func (o *GetDirectPVVolumeListURL) String() string {
+	return o.Must(o.Build()).String()
+}
+
+// BuildFull builds a full url with scheme, host, path and query string
+func (o *GetDirectPVVolumeListURL) BuildFull(scheme, host string) (*url.URL, error) {
+	if scheme == "" {
+		return nil, errors.New("scheme is required for a full url on GetDirectPVVolumeListURL")
+	}
+	if host == "" {
+		return nil, errors.New("host is required for a full url on GetDirectPVVolumeListURL")
+	}
+
+	base, err := o.Build()
+	if err != nil {
+		return nil, err
+	}
+
+	base.Scheme = scheme
+	base.Host = host
+	return base, nil
+}
+
+// StringFull returns the string representation of a complete url
+func (o *GetDirectPVVolumeListURL) StringFull(scheme, host string) string {
+	return o.Must(o.BuildFull(scheme, host)).String()
+}
--- a/operatorapi/operations/operator_api/get_m_p_integration.go
+++ b/operatorapi/operations/operator_api/get_m_p_integration.go
@@ -0,0 +1,128 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+	"context"
+	"net/http"
+
+	"github.com/go-openapi/runtime/middleware"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+
+	"github.com/minio/console/models"
+)
+
+// GetMPIntegrationHandlerFunc turns a function with the right signature into a get m p integration handler
+type GetMPIntegrationHandlerFunc func(GetMPIntegrationParams, *models.Principal) middleware.Responder
+
+// Handle executing the request and returning a response
+func (fn GetMPIntegrationHandlerFunc) Handle(params GetMPIntegrationParams, principal *models.Principal) middleware.Responder {
+	return fn(params, principal)
+}
+
+// GetMPIntegrationHandler interface for that can handle valid get m p integration params
+type GetMPIntegrationHandler interface {
+	Handle(GetMPIntegrationParams, *models.Principal) middleware.Responder
+}
+
+// NewGetMPIntegration creates a new http.Handler for the get m p integration operation
+func NewGetMPIntegration(ctx *middleware.Context, handler GetMPIntegrationHandler) *GetMPIntegration {
+	return &GetMPIntegration{Context: ctx, Handler: handler}
+}
+
+/* GetMPIntegration swagger:route GET /mp-integration OperatorAPI getMPIntegration
+
+Returns email registered for marketplace integration
+
+*/
+type GetMPIntegration struct {
+	Context *middleware.Context
+	Handler GetMPIntegrationHandler
+}
+
+func (o *GetMPIntegration) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
+	route, rCtx, _ := o.Context.RouteInfo(r)
+	if rCtx != nil {
+		*r = *rCtx
+	}
+	var Params = NewGetMPIntegrationParams()
+	uprinc, aCtx, err := o.Context.Authorize(r, route)
+	if err != nil {
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+	if aCtx != nil {
+		*r = *aCtx
+	}
+	var principal *models.Principal
+	if uprinc != nil {
+		principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise
+	}
+
+	if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+
+	res := o.Handler.Handle(Params, principal) // actually handle the request
+	o.Context.Respond(rw, r, route.Produces, route, res)
+
+}
+
+// GetMPIntegrationOKBody get m p integration o k body
+//
+// swagger:model GetMPIntegrationOKBody
+type GetMPIntegrationOKBody struct {
+
+	// is email set
+	IsEmailSet bool `json:"isEmailSet,omitempty"`
+}
+
+// Validate validates this get m p integration o k body
+func (o *GetMPIntegrationOKBody) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this get m p integration o k body based on context it is used
+func (o *GetMPIntegrationOKBody) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (o *GetMPIntegrationOKBody) MarshalBinary() ([]byte, error) {
+	if o == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(o)
+}
+
+// UnmarshalBinary interface implementation
+func (o *GetMPIntegrationOKBody) UnmarshalBinary(b []byte) error {
+	var res GetMPIntegrationOKBody
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*o = res
+	return nil
+}
--- a/operatorapi/operations/operator_api/get_m_p_integration_parameters.go
+++ b/operatorapi/operations/operator_api/get_m_p_integration_parameters.go
@@ -0,0 +1,63 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/runtime/middleware"
+)
+
+// NewGetMPIntegrationParams creates a new GetMPIntegrationParams object
+//
+// There are no default values defined in the spec.
+func NewGetMPIntegrationParams() GetMPIntegrationParams {
+
+	return GetMPIntegrationParams{}
+}
+
+// GetMPIntegrationParams contains all the bound params for the get m p integration operation
+// typically these are obtained from a http.Request
+//
+// swagger:parameters GetMPIntegration
+type GetMPIntegrationParams struct {
+
+	// HTTP Request Object
+	HTTPRequest *http.Request `json:"-"`
+}
+
+// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
+// for simple values it will use straight method calls.
+//
+// To ensure default values, the struct must have been initialized with NewGetMPIntegrationParams() beforehand.
+func (o *GetMPIntegrationParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
+	var res []error
+
+	o.HTTPRequest = r
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
--- a/operatorapi/operations/operator_api/get_m_p_integration_responses.go
+++ b/operatorapi/operations/operator_api/get_m_p_integration_responses.go
@@ -0,0 +1,133 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/runtime"
+
+	"github.com/minio/console/models"
+)
+
+// GetMPIntegrationOKCode is the HTTP code returned for type GetMPIntegrationOK
+const GetMPIntegrationOKCode int = 200
+
+/*GetMPIntegrationOK A successful response.
+
+swagger:response getMPIntegrationOK
+*/
+type GetMPIntegrationOK struct {
+
+	/*
+	  In: Body
+	*/
+	Payload *GetMPIntegrationOKBody `json:"body,omitempty"`
+}
+
+// NewGetMPIntegrationOK creates GetMPIntegrationOK with default headers values
+func NewGetMPIntegrationOK() *GetMPIntegrationOK {
+
+	return &GetMPIntegrationOK{}
+}
+
+// WithPayload adds the payload to the get m p integration o k response
+func (o *GetMPIntegrationOK) WithPayload(payload *GetMPIntegrationOKBody) *GetMPIntegrationOK {
+	o.Payload = payload
+	return o
+}
+
+// SetPayload sets the payload to the get m p integration o k response
+func (o *GetMPIntegrationOK) SetPayload(payload *GetMPIntegrationOKBody) {
+	o.Payload = payload
+}
+
+// WriteResponse to the client
+func (o *GetMPIntegrationOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.WriteHeader(200)
+	if o.Payload != nil {
+		payload := o.Payload
+		if err := producer.Produce(rw, payload); err != nil {
+			panic(err) // let the recovery middleware deal with this
+		}
+	}
+}
+
+/*GetMPIntegrationDefault Generic error response.
+
+swagger:response getMPIntegrationDefault
+*/
+type GetMPIntegrationDefault struct {
+	_statusCode int
+
+	/*
+	  In: Body
+	*/
+	Payload *models.Error `json:"body,omitempty"`
+}
+
+// NewGetMPIntegrationDefault creates GetMPIntegrationDefault with default headers values
+func NewGetMPIntegrationDefault(code int) *GetMPIntegrationDefault {
+	if code <= 0 {
+		code = 500
+	}
+
+	return &GetMPIntegrationDefault{
+		_statusCode: code,
+	}
+}
+
+// WithStatusCode adds the status to the get m p integration default response
+func (o *GetMPIntegrationDefault) WithStatusCode(code int) *GetMPIntegrationDefault {
+	o._statusCode = code
+	return o
+}
+
+// SetStatusCode sets the status to the get m p integration default response
+func (o *GetMPIntegrationDefault) SetStatusCode(code int) {
+	o._statusCode = code
+}
+
+// WithPayload adds the payload to the get m p integration default response
+func (o *GetMPIntegrationDefault) WithPayload(payload *models.Error) *GetMPIntegrationDefault {
+	o.Payload = payload
+	return o
+}
+
+// SetPayload sets the payload to the get m p integration default response
+func (o *GetMPIntegrationDefault) SetPayload(payload *models.Error) {
+	o.Payload = payload
+}
+
+// WriteResponse to the client
+func (o *GetMPIntegrationDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.WriteHeader(o._statusCode)
+	if o.Payload != nil {
+		payload := o.Payload
+		if err := producer.Produce(rw, payload); err != nil {
+			panic(err) // let the recovery middleware deal with this
+		}
+	}
+}
--- a/operatorapi/operations/operator_api/get_m_p_integration_urlbuilder.go
+++ b/operatorapi/operations/operator_api/get_m_p_integration_urlbuilder.go
@@ -0,0 +1,104 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+	"errors"
+	"net/url"
+	golangswaggerpaths "path"
+)
+
+// GetMPIntegrationURL generates an URL for the get m p integration operation
+type GetMPIntegrationURL struct {
+	_basePath string
+}
+
+// WithBasePath sets the base path for this url builder, only required when it's different from the
+// base path specified in the swagger spec.
+// When the value of the base path is an empty string
+func (o *GetMPIntegrationURL) WithBasePath(bp string) *GetMPIntegrationURL {
+	o.SetBasePath(bp)
+	return o
+}
+
+// SetBasePath sets the base path for this url builder, only required when it's different from the
+// base path specified in the swagger spec.
+// When the value of the base path is an empty string
+func (o *GetMPIntegrationURL) SetBasePath(bp string) {
+	o._basePath = bp
+}
+
+// Build a url path and query string
+func (o *GetMPIntegrationURL) Build() (*url.URL, error) {
+	var _result url.URL
+
+	var _path = "/mp-integration"
+
+	_basePath := o._basePath
+	if _basePath == "" {
+		_basePath = "/api/v1"
+	}
+	_result.Path = golangswaggerpaths.Join(_basePath, _path)
+
+	return &_result, nil
+}
+
+// Must is a helper function to panic when the url builder returns an error
+func (o *GetMPIntegrationURL) Must(u *url.URL, err error) *url.URL {
+	if err != nil {
+		panic(err)
+	}
+	if u == nil {
+		panic("url can't be nil")
+	}
+	return u
+}
+
+// String returns the string representation of the path with query string
+func (o *GetMPIntegrationURL) String() string {
+	return o.Must(o.Build()).String()
+}
+
+// BuildFull builds a full url with scheme, host, path and query string
+func (o *GetMPIntegrationURL) BuildFull(scheme, host string) (*url.URL, error) {
+	if scheme == "" {
+		return nil, errors.New("scheme is required for a full url on GetMPIntegrationURL")
+	}
+	if host == "" {
+		return nil, errors.New("host is required for a full url on GetMPIntegrationURL")
+	}
+
+	base, err := o.Build()
+	if err != nil {
+		return nil, err
+	}
+
+	base.Scheme = scheme
+	base.Host = host
+	return base, nil
+}
+
+// StringFull returns the string representation of a complete url
+func (o *GetMPIntegrationURL) StringFull(scheme, host string) string {
+	return o.Must(o.BuildFull(scheme, host)).String()
+}
--- a/operatorapi/operations/operator_api/get_p_v_c_describe.go
+++ b/operatorapi/operations/operator_api/get_p_v_c_describe.go
@@ -0,0 +1,88 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/runtime/middleware"
+
+	"github.com/minio/console/models"
+)
+
+// GetPVCDescribeHandlerFunc turns a function with the right signature into a get p v c describe handler
+type GetPVCDescribeHandlerFunc func(GetPVCDescribeParams, *models.Principal) middleware.Responder
+
+// Handle executing the request and returning a response
+func (fn GetPVCDescribeHandlerFunc) Handle(params GetPVCDescribeParams, principal *models.Principal) middleware.Responder {
+	return fn(params, principal)
+}
+
+// GetPVCDescribeHandler interface for that can handle valid get p v c describe params
+type GetPVCDescribeHandler interface {
+	Handle(GetPVCDescribeParams, *models.Principal) middleware.Responder
+}
+
+// NewGetPVCDescribe creates a new http.Handler for the get p v c describe operation
+func NewGetPVCDescribe(ctx *middleware.Context, handler GetPVCDescribeHandler) *GetPVCDescribe {
+	return &GetPVCDescribe{Context: ctx, Handler: handler}
+}
+
+/* GetPVCDescribe swagger:route GET /namespaces/{namespace}/tenants/{tenant}/pvcs/{PVCName}/describe OperatorAPI getPVCDescribe
+
+Get Describe output for PVC
+
+*/
+type GetPVCDescribe struct {
+	Context *middleware.Context
+	Handler GetPVCDescribeHandler
+}
+
+func (o *GetPVCDescribe) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
+	route, rCtx, _ := o.Context.RouteInfo(r)
+	if rCtx != nil {
+		*r = *rCtx
+	}
+	var Params = NewGetPVCDescribeParams()
+	uprinc, aCtx, err := o.Context.Authorize(r, route)
+	if err != nil {
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+	if aCtx != nil {
+		*r = *aCtx
+	}
+	var principal *models.Principal
+	if uprinc != nil {
+		principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise
+	}
+
+	if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+
+	res := o.Handler.Handle(Params, principal) // actually handle the request
+	o.Context.Respond(rw, r, route.Produces, route, res)
+
+}
--- a/Show More
+++ b/Show More