Release v0.19.4 (#2209)

Signed-off-by: Benjamin Perez <benjamin@bexsoft.net>

cmd/console/server.go

@@ -98,7 +98,7 @@ func buildServer() (*restapi.Server, error) {
 		return nil, err
 	}
 
-	api := operations.NewConsoleAPI(swaggerSpec, nil)
+	api := operations.NewConsoleAPI(swaggerSpec)
 	api.Logger = restapi.LogInfo
 	server := restapi.NewServer(api)
 

integration/buckets_test.go

@@ -71,7 +71,7 @@ func initConsoleServer() (*restapi.Server, error) {
 	restapi.LogInfo = noLog
 	restapi.LogError = noLog
 
-	api := operations.NewConsoleAPI(swaggerSpec, nil)
+	api := operations.NewConsoleAPI(swaggerSpec)
 	api.Logger = noLog
 
 	server := restapi.NewServer(api)

integration/profiling_test.go

@@ -20,18 +20,16 @@ import (
 	"archive/zip"
 	"bytes"
 	"fmt"
-	"io"
 	"log"
 	"net/http"
-	"strings"
 	"testing"
-	"time"
 
+	"github.com/gorilla/websocket"
 	"github.com/stretchr/testify/assert"
 )
 
 func TestStartProfiling(t *testing.T) {
-	testAsser := assert.New(t)
+	testAssert := assert.New(t)
 
 	tests := []struct {
 		name string
@@ -58,53 +56,28 @@ func TestStartProfiling(t *testing.T) {
 				"profile-127.0.0.1:9000-mutex-before.pprof":            false,
 			}
 
-			client := &http.Client{
-				Timeout: 3 * time.Second,
-			}
+			wsDestination := "/ws/profile?types=cpu,mem,block,mutex,trace,threads,goroutines"
+			wsFinalURL := fmt.Sprintf("ws://localhost:9090%s", wsDestination)
 
-			destination := "/api/v1/profiling/start"
-			finalURL := fmt.Sprintf("http://localhost:9090%s", destination)
-			request, err := http.NewRequest("POST", finalURL, strings.NewReader("{\"type\":\"cpu,mem,block,mutex,trace,threads,goroutines\"}"))
+			ws, _, err := websocket.DefaultDialer.Dial(wsFinalURL, nil)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			defer ws.Close()
+
+			_, zipFileBytes, err := ws.ReadMessage()
 			if err != nil {
 				log.Println(err)
 				return
 			}
 
-			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
-			request.Header.Add("Content-Type", "application/json")
-
-			response, err := client.Do(request)
-
-			testAsser.Nil(err, fmt.Sprintf("%s returned an error: %v", tt.name, err))
-			testAsser.Equal(201, response.StatusCode)
-
-			time.Sleep(5 * time.Second)
-
-			destination = "/api/v1/profiling/stop"
-			finalURL = fmt.Sprintf("http://localhost:9090%s", destination)
-			request, err = http.NewRequest("POST", finalURL, nil)
-			if err != nil {
-				log.Println(err)
-				return
-			}
-
-			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
-			request.Header.Add("Content-Type", "application/json")
-
-			response, err = client.Do(request)
-
-			testAsser.Nil(err, fmt.Sprintf("%s returned an error: %v", tt.name, err))
-			testAsser.Equal(200, response.StatusCode)
-			zipFileBytes, err := io.ReadAll(response.Body)
-			if err != nil {
-				testAsser.Nil(err, fmt.Sprintf("%s returned an error: %v", tt.name, err))
-			}
 			filetype := http.DetectContentType(zipFileBytes)
-			testAsser.Equal("application/zip", filetype)
+			testAssert.Equal("application/zip", filetype)
 
 			zipReader, err := zip.NewReader(bytes.NewReader(zipFileBytes), int64(len(zipFileBytes)))
 			if err != nil {
-				testAsser.Nil(err, fmt.Sprintf("%s returned an error: %v", tt.name, err))
+				testAssert.Nil(err, fmt.Sprintf("%s returned an error: %v", tt.name, err))
 			}
 
 			// Read all the files from zip archive
@@ -113,7 +86,7 @@ func TestStartProfiling(t *testing.T) {
 			}
 
 			for k, v := range files {
-				testAsser.Equal(true, v, fmt.Sprintf("%s : compressed file expected to have %v file inside", tt.name, k))
+				testAssert.Equal(true, v, fmt.Sprintf("%s : compressed file expected to have %v file inside", tt.name, k))
 			}
 		})
 	}

k8s/operator-console/base/console-deployment.yaml

@@ -15,7 +15,7 @@ spec:
       serviceAccountName: console-sa
       containers:
         - name: console
-          image: 'minio/console:v0.19.3'
+          image: 'minio/console:v0.19.4'
           imagePullPolicy: "IfNotPresent"
           env:
             - name: CONSOLE_OPERATOR_MODE

k8s/operator-console/standalone/console-deployment.yaml

@@ -32,7 +32,7 @@ spec:
     spec:
       containers:
         - name: console
-          image: 'minio/console:v0.19.3'
+          image: 'minio/console:v0.19.4'
           imagePullPolicy: "IfNotPresent"
           env:
             - name: CONSOLE_MINIO_SERVER

models/operator_subnet_api_key.go

@@ -0,0 +1,67 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// OperatorSubnetAPIKey operator subnet API key
+//
+// swagger:model operatorSubnetAPIKey
+type OperatorSubnetAPIKey struct {
+
+	// api key
+	APIKey string `json:"apiKey,omitempty"`
+}
+
+// Validate validates this operator subnet API key
+func (m *OperatorSubnetAPIKey) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this operator subnet API key based on context it is used
+func (m *OperatorSubnetAPIKey) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *OperatorSubnetAPIKey) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *OperatorSubnetAPIKey) UnmarshalBinary(b []byte) error {
+	var res OperatorSubnetAPIKey
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/operator_subnet_login_m_f_a_request.go

@@ -0,0 +1,122 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
+// OperatorSubnetLoginMFARequest operator subnet login m f a request
+//
+// swagger:model operatorSubnetLoginMFARequest
+type OperatorSubnetLoginMFARequest struct {
+
+	// mfa token
+	// Required: true
+	MfaToken *string `json:"mfa_token"`
+
+	// otp
+	// Required: true
+	Otp *string `json:"otp"`
+
+	// username
+	// Required: true
+	Username *string `json:"username"`
+}
+
+// Validate validates this operator subnet login m f a request
+func (m *OperatorSubnetLoginMFARequest) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateMfaToken(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateOtp(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateUsername(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *OperatorSubnetLoginMFARequest) validateMfaToken(formats strfmt.Registry) error {
+
+	if err := validate.Required("mfa_token", "body", m.MfaToken); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *OperatorSubnetLoginMFARequest) validateOtp(formats strfmt.Registry) error {
+
+	if err := validate.Required("otp", "body", m.Otp); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *OperatorSubnetLoginMFARequest) validateUsername(formats strfmt.Registry) error {
+
+	if err := validate.Required("username", "body", m.Username); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ContextValidate validates this operator subnet login m f a request based on context it is used
+func (m *OperatorSubnetLoginMFARequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *OperatorSubnetLoginMFARequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *OperatorSubnetLoginMFARequest) UnmarshalBinary(b []byte) error {
+	var res OperatorSubnetLoginMFARequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/operator_subnet_login_request.go

@@ -0,0 +1,70 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// OperatorSubnetLoginRequest operator subnet login request
+//
+// swagger:model operatorSubnetLoginRequest
+type OperatorSubnetLoginRequest struct {
+
+	// password
+	Password string `json:"password,omitempty"`
+
+	// username
+	Username string `json:"username,omitempty"`
+}
+
+// Validate validates this operator subnet login request
+func (m *OperatorSubnetLoginRequest) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this operator subnet login request based on context it is used
+func (m *OperatorSubnetLoginRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *OperatorSubnetLoginRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *OperatorSubnetLoginRequest) UnmarshalBinary(b []byte) error {
+	var res OperatorSubnetLoginRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/operator_subnet_login_response.go

@@ -0,0 +1,70 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// OperatorSubnetLoginResponse operator subnet login response
+//
+// swagger:model operatorSubnetLoginResponse
+type OperatorSubnetLoginResponse struct {
+
+	// access token
+	AccessToken string `json:"access_token,omitempty"`
+
+	// mfa token
+	MfaToken string `json:"mfa_token,omitempty"`
+}
+
+// Validate validates this operator subnet login response
+func (m *OperatorSubnetLoginResponse) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this operator subnet login response based on context it is used
+func (m *OperatorSubnetLoginResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *OperatorSubnetLoginResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *OperatorSubnetLoginResponse) UnmarshalBinary(b []byte) error {
+	var res OperatorSubnetLoginResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

operatorapi/configure_operator.go

@@ -90,6 +90,7 @@ func configureAPI(api *operations.OperatorAPI) http.Handler {
 	// Namespaces handlers
 	registerNamespaceHandlers(api)
 	registerMarketplaceHandlers(api)
+	registerOperatorSubnetHandlers(api)
 
 	api.PreServerShutdown = func() {}
 

operatorapi/embedded_spec.go

@@ -1906,6 +1906,133 @@ func init() {
         }
       }
     },
+    "/subnet/apikey": {
+      "get": {
+        "tags": [
+          "OperatorAPI"
+        ],
+        "summary": "Subnet api key",
+        "operationId": "OperatorSubnetApiKey",
+        "parameters": [
+          {
+            "type": "string",
+            "name": "token",
+            "in": "query",
+            "required": true
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/operatorSubnetAPIKey"
+            }
+          },
+          "default": {
+            "description": "Generic error response.",
+            "schema": {
+              "$ref": "#/definitions/error"
+            }
+          }
+        }
+      }
+    },
+    "/subnet/apikey/register": {
+      "post": {
+        "tags": [
+          "OperatorAPI"
+        ],
+        "summary": "Register Operator with Subnet",
+        "operationId": "OperatorSubnetRegisterAPIKey",
+        "parameters": [
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/operatorSubnetAPIKey"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "A successful response."
+          },
+          "default": {
+            "description": "Generic error response.",
+            "schema": {
+              "$ref": "#/definitions/error"
+            }
+          }
+        }
+      }
+    },
+    "/subnet/login": {
+      "post": {
+        "tags": [
+          "OperatorAPI"
+        ],
+        "summary": "Login to subnet",
+        "operationId": "OperatorSubnetLogin",
+        "parameters": [
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/operatorSubnetLoginRequest"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/operatorSubnetLoginResponse"
+            }
+          },
+          "default": {
+            "description": "Generic error response.",
+            "schema": {
+              "$ref": "#/definitions/error"
+            }
+          }
+        }
+      }
+    },
+    "/subnet/login/mfa": {
+      "post": {
+        "tags": [
+          "OperatorAPI"
+        ],
+        "summary": "Login to subnet using mfa",
+        "operationId": "OperatorSubnetLoginMFA",
+        "parameters": [
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/operatorSubnetLoginMFARequest"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/operatorSubnetLoginResponse"
+            }
+          },
+          "default": {
+            "description": "Generic error response.",
+            "schema": {
+              "$ref": "#/definitions/error"
+            }
+          }
+        }
+      }
+    },
     "/subscription/info": {
       "get": {
         "tags": [
@@ -3547,6 +3674,55 @@ func init() {
         }
       }
     },
+    "operatorSubnetAPIKey": {
+      "type": "object",
+      "properties": {
+        "apiKey": {
+          "type": "string"
+        }
+      }
+    },
+    "operatorSubnetLoginMFARequest": {
+      "type": "object",
+      "required": [
+        "username",
+        "otp",
+        "mfa_token"
+      ],
+      "properties": {
+        "mfa_token": {
+          "type": "string"
+        },
+        "otp": {
+          "type": "string"
+        },
+        "username": {
+          "type": "string"
+        }
+      }
+    },
+    "operatorSubnetLoginRequest": {
+      "type": "object",
+      "properties": {
+        "password": {
+          "type": "string"
+        },
+        "username": {
+          "type": "string"
+        }
+      }
+    },
+    "operatorSubnetLoginResponse": {
+      "type": "object",
+      "properties": {
+        "access_token": {
+          "type": "string"
+        },
+        "mfa_token": {
+          "type": "string"
+        }
+      }
+    },
     "parityResponse": {
       "type": "array",
       "items": {
@@ -6658,6 +6834,133 @@ func init() {
         }
       }
     },
+    "/subnet/apikey": {
+      "get": {
+        "tags": [
+          "OperatorAPI"
+        ],
+        "summary": "Subnet api key",
+        "operationId": "OperatorSubnetApiKey",
+        "parameters": [
+          {
+            "type": "string",
+            "name": "token",
+            "in": "query",
+            "required": true
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/operatorSubnetAPIKey"
+            }
+          },
+          "default": {
+            "description": "Generic error response.",
+            "schema": {
+              "$ref": "#/definitions/error"
+            }
+          }
+        }
+      }
+    },
+    "/subnet/apikey/register": {
+      "post": {
+        "tags": [
+          "OperatorAPI"
+        ],
+        "summary": "Register Operator with Subnet",
+        "operationId": "OperatorSubnetRegisterAPIKey",
+        "parameters": [
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/operatorSubnetAPIKey"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "A successful response."
+          },
+          "default": {
+            "description": "Generic error response.",
+            "schema": {
+              "$ref": "#/definitions/error"
+            }
+          }
+        }
+      }
+    },
+    "/subnet/login": {
+      "post": {
+        "tags": [
+          "OperatorAPI"
+        ],
+        "summary": "Login to subnet",
+        "operationId": "OperatorSubnetLogin",
+        "parameters": [
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/operatorSubnetLoginRequest"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/operatorSubnetLoginResponse"
+            }
+          },
+          "default": {
+            "description": "Generic error response.",
+            "schema": {
+              "$ref": "#/definitions/error"
+            }
+          }
+        }
+      }
+    },
+    "/subnet/login/mfa": {
+      "post": {
+        "tags": [
+          "OperatorAPI"
+        ],
+        "summary": "Login to subnet using mfa",
+        "operationId": "OperatorSubnetLoginMFA",
+        "parameters": [
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/operatorSubnetLoginMFARequest"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/operatorSubnetLoginResponse"
+            }
+          },
+          "default": {
+            "description": "Generic error response.",
+            "schema": {
+              "$ref": "#/definitions/error"
+            }
+          }
+        }
+      }
+    },
     "/subscription/info": {
       "get": {
         "tags": [
@@ -9086,6 +9389,55 @@ func init() {
         }
       }
     },
+    "operatorSubnetAPIKey": {
+      "type": "object",
+      "properties": {
+        "apiKey": {
+          "type": "string"
+        }
+      }
+    },
+    "operatorSubnetLoginMFARequest": {
+      "type": "object",
+      "required": [
+        "username",
+        "otp",
+        "mfa_token"
+      ],
+      "properties": {
+        "mfa_token": {
+          "type": "string"
+        },
+        "otp": {
+          "type": "string"
+        },
+        "username": {
+          "type": "string"
+        }
+      }
+    },
+    "operatorSubnetLoginRequest": {
+      "type": "object",
+      "properties": {
+        "password": {
+          "type": "string"
+        },
+        "username": {
+          "type": "string"
+        }
+      }
+    },
+    "operatorSubnetLoginResponse": {
+      "type": "object",
+      "properties": {
+        "access_token": {
+          "type": "string"
+        },
+        "mfa_token": {
+          "type": "string"
+        }
+      }
+    },
     "parityResponse": {
       "type": "array",
       "items": {

operatorapi/marketplace_test.go

@@ -19,7 +19,9 @@ package operatorapi
 import (
 	"context"
 	"errors"
+	"fmt"
 	"net/http"
+	"net/http/httptest"
 	"os"
 	"testing"
 
@@ -34,6 +36,7 @@ import (
 
 var (
 	testWithError                = false
+	testServerWithError          = false
 	errMock                      = errors.New("mock error")
 	k8sClientGetConfigMapMock    func(ctx context.Context, namespace, configMap string, opts metav1.GetOptions) (*corev1.ConfigMap, error)
 	k8sClientCreateConfigMapMock func(ctx context.Context, namespace string, cm *corev1.ConfigMap, opts metav1.CreateOptions) (*corev1.ConfigMap, error)
@@ -43,9 +46,10 @@ var (
 
 type MarketplaceTestSuite struct {
 	suite.Suite
-	assert    *assert.Assertions
-	kClient   k8sClientMock
-	namespace string
+	assert     *assert.Assertions
+	kClient    k8sClientMock
+	namespace  string
+	postServer *httptest.Server
 }
 
 func (c k8sClientMock) getConfigMap(ctx context.Context, namespace, configMap string, opts metav1.GetOptions) (*corev1.ConfigMap, error) {
@@ -72,6 +76,17 @@ func (suite *MarketplaceTestSuite) SetupSuite() {
 	k8sClientUpdateConfigMapMock = suite.updateConfigMapMock
 	k8sClientDeleteConfigMapMock = suite.deleteConfigMapMock
 	os.Setenv(mpConfigMapKey, "mp-mock-config")
+	suite.postServer = httptest.NewServer(http.HandlerFunc(suite.postHandler))
+}
+
+func (suite *MarketplaceTestSuite) postHandler(
+	w http.ResponseWriter, r *http.Request,
+) {
+	if testServerWithError {
+		w.WriteHeader(400)
+	} else {
+		fmt.Fprintf(w, `{"post": "Post response"}`)
+	}
 }
 
 func (suite *MarketplaceTestSuite) TearDownSuite() {
@@ -173,14 +188,26 @@ func (suite *MarketplaceTestSuite) TestSetMPIntegrationWithError() {
 	os.Unsetenv(mpHostEnvVar)
 }
 
-// TODO: Add mock server for testing microservice
-// func (suite *MarketplaceTestSuite) TestSetMPIntegrationNoError() {
-// 	testWithError = false
-// 	ctx, cancel := context.WithCancel(context.Background())
-// 	defer cancel()
-// 	err := setMPIntegration(ctx, "mock@mock.com", "token", &suite.kClient)
-// 	suite.assert.Nil(err)
-// }
+func (suite *MarketplaceTestSuite) TestSetMPIntegrationNoError() {
+	testWithError = false
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+	os.Setenv(mpHostEnvVar, suite.postServer.URL)
+	err := setMPIntegration(ctx, "mock@mock.com", false, &suite.kClient)
+	suite.assert.Nil(err)
+	os.Unsetenv(mpHostEnvVar)
+}
+
+func (suite *MarketplaceTestSuite) TestSetMPIntegrationWithRequestError() {
+	testWithError = false
+	testServerWithError = true
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+	os.Setenv(mpHostEnvVar, suite.postServer.URL)
+	err := setMPIntegration(ctx, "mock@mock.com", false, &suite.kClient)
+	suite.assert.NotNil(err)
+	os.Unsetenv(mpHostEnvVar)
+}
 
 func TestMarketplace(t *testing.T) {
 	suite.Run(t, new(MarketplaceTestSuite))

operatorapi/operations/operator_api.go

@@ -166,6 +166,18 @@ func NewOperatorAPI(spec *loads.Document) *OperatorAPI {
 		AuthLogoutHandler: auth.LogoutHandlerFunc(func(params auth.LogoutParams, principal *models.Principal) middleware.Responder {
 			return middleware.NotImplemented("operation auth.Logout has not yet been implemented")
 		}),
+		OperatorAPIOperatorSubnetAPIKeyHandler: operator_api.OperatorSubnetAPIKeyHandlerFunc(func(params operator_api.OperatorSubnetAPIKeyParams, principal *models.Principal) middleware.Responder {
+			return middleware.NotImplemented("operation operator_api.OperatorSubnetAPIKey has not yet been implemented")
+		}),
+		OperatorAPIOperatorSubnetLoginHandler: operator_api.OperatorSubnetLoginHandlerFunc(func(params operator_api.OperatorSubnetLoginParams, principal *models.Principal) middleware.Responder {
+			return middleware.NotImplemented("operation operator_api.OperatorSubnetLogin has not yet been implemented")
+		}),
+		OperatorAPIOperatorSubnetLoginMFAHandler: operator_api.OperatorSubnetLoginMFAHandlerFunc(func(params operator_api.OperatorSubnetLoginMFAParams, principal *models.Principal) middleware.Responder {
+			return middleware.NotImplemented("operation operator_api.OperatorSubnetLoginMFA has not yet been implemented")
+		}),
+		OperatorAPIOperatorSubnetRegisterAPIKeyHandler: operator_api.OperatorSubnetRegisterAPIKeyHandlerFunc(func(params operator_api.OperatorSubnetRegisterAPIKeyParams, principal *models.Principal) middleware.Responder {
+			return middleware.NotImplemented("operation operator_api.OperatorSubnetRegisterAPIKey has not yet been implemented")
+		}),
 		OperatorAPIPostMPIntegrationHandler: operator_api.PostMPIntegrationHandlerFunc(func(params operator_api.PostMPIntegrationParams, principal *models.Principal) middleware.Responder {
 			return middleware.NotImplemented("operation operator_api.PostMPIntegration has not yet been implemented")
 		}),
@@ -352,6 +364,14 @@ type OperatorAPI struct {
 	AuthLoginOperatorHandler auth.LoginOperatorHandler
 	// AuthLogoutHandler sets the operation handler for the logout operation
 	AuthLogoutHandler auth.LogoutHandler
+	// OperatorAPIOperatorSubnetAPIKeyHandler sets the operation handler for the operator subnet Api key operation
+	OperatorAPIOperatorSubnetAPIKeyHandler operator_api.OperatorSubnetAPIKeyHandler
+	// OperatorAPIOperatorSubnetLoginHandler sets the operation handler for the operator subnet login operation
+	OperatorAPIOperatorSubnetLoginHandler operator_api.OperatorSubnetLoginHandler
+	// OperatorAPIOperatorSubnetLoginMFAHandler sets the operation handler for the operator subnet login m f a operation
+	OperatorAPIOperatorSubnetLoginMFAHandler operator_api.OperatorSubnetLoginMFAHandler
+	// OperatorAPIOperatorSubnetRegisterAPIKeyHandler sets the operation handler for the operator subnet register API key operation
+	OperatorAPIOperatorSubnetRegisterAPIKeyHandler operator_api.OperatorSubnetRegisterAPIKeyHandler
 	// OperatorAPIPostMPIntegrationHandler sets the operation handler for the post m p integration operation
 	OperatorAPIPostMPIntegrationHandler operator_api.PostMPIntegrationHandler
 	// OperatorAPIPutTenantYAMLHandler sets the operation handler for the put tenant y a m l operation
@@ -581,6 +601,18 @@ func (o *OperatorAPI) Validate() error {
 	if o.AuthLogoutHandler == nil {
 		unregistered = append(unregistered, "auth.LogoutHandler")
 	}
+	if o.OperatorAPIOperatorSubnetAPIKeyHandler == nil {
+		unregistered = append(unregistered, "operator_api.OperatorSubnetAPIKeyHandler")
+	}
+	if o.OperatorAPIOperatorSubnetLoginHandler == nil {
+		unregistered = append(unregistered, "operator_api.OperatorSubnetLoginHandler")
+	}
+	if o.OperatorAPIOperatorSubnetLoginMFAHandler == nil {
+		unregistered = append(unregistered, "operator_api.OperatorSubnetLoginMFAHandler")
+	}
+	if o.OperatorAPIOperatorSubnetRegisterAPIKeyHandler == nil {
+		unregistered = append(unregistered, "operator_api.OperatorSubnetRegisterAPIKeyHandler")
+	}
 	if o.OperatorAPIPostMPIntegrationHandler == nil {
 		unregistered = append(unregistered, "operator_api.PostMPIntegrationHandler")
 	}
@@ -884,6 +916,22 @@ func (o *OperatorAPI) initHandlerCache() {
 		o.handlers["POST"] = make(map[string]http.Handler)
 	}
 	o.handlers["POST"]["/logout"] = auth.NewLogout(o.context, o.AuthLogoutHandler)
+	if o.handlers["GET"] == nil {
+		o.handlers["GET"] = make(map[string]http.Handler)
+	}
+	o.handlers["GET"]["/subnet/apikey"] = operator_api.NewOperatorSubnetAPIKey(o.context, o.OperatorAPIOperatorSubnetAPIKeyHandler)
+	if o.handlers["POST"] == nil {
+		o.handlers["POST"] = make(map[string]http.Handler)
+	}
+	o.handlers["POST"]["/subnet/login"] = operator_api.NewOperatorSubnetLogin(o.context, o.OperatorAPIOperatorSubnetLoginHandler)
+	if o.handlers["POST"] == nil {
+		o.handlers["POST"] = make(map[string]http.Handler)
+	}
+	o.handlers["POST"]["/subnet/login/mfa"] = operator_api.NewOperatorSubnetLoginMFA(o.context, o.OperatorAPIOperatorSubnetLoginMFAHandler)
+	if o.handlers["POST"] == nil {
+		o.handlers["POST"] = make(map[string]http.Handler)
+	}
+	o.handlers["POST"]["/subnet/apikey/register"] = operator_api.NewOperatorSubnetRegisterAPIKey(o.context, o.OperatorAPIOperatorSubnetRegisterAPIKeyHandler)
 	if o.handlers["POST"] == nil {
 		o.handlers["POST"] = make(map[string]http.Handler)
 	}

operatorapi/operations/operator_api/operator_subnet_api_key.go

@@ -0,0 +1,88 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/runtime/middleware"
+
+	"github.com/minio/console/models"
+)
+
+// OperatorSubnetAPIKeyHandlerFunc turns a function with the right signature into a operator subnet Api key handler
+type OperatorSubnetAPIKeyHandlerFunc func(OperatorSubnetAPIKeyParams, *models.Principal) middleware.Responder
+
+// Handle executing the request and returning a response
+func (fn OperatorSubnetAPIKeyHandlerFunc) Handle(params OperatorSubnetAPIKeyParams, principal *models.Principal) middleware.Responder {
+	return fn(params, principal)
+}
+
+// OperatorSubnetAPIKeyHandler interface for that can handle valid operator subnet Api key params
+type OperatorSubnetAPIKeyHandler interface {
+	Handle(OperatorSubnetAPIKeyParams, *models.Principal) middleware.Responder
+}
+
+// NewOperatorSubnetAPIKey creates a new http.Handler for the operator subnet Api key operation
+func NewOperatorSubnetAPIKey(ctx *middleware.Context, handler OperatorSubnetAPIKeyHandler) *OperatorSubnetAPIKey {
+	return &OperatorSubnetAPIKey{Context: ctx, Handler: handler}
+}
+
+/* OperatorSubnetAPIKey swagger:route GET /subnet/apikey OperatorAPI operatorSubnetApiKey
+
+Subnet api key
+
+*/
+type OperatorSubnetAPIKey struct {
+	Context *middleware.Context
+	Handler OperatorSubnetAPIKeyHandler
+}
+
+func (o *OperatorSubnetAPIKey) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
+	route, rCtx, _ := o.Context.RouteInfo(r)
+	if rCtx != nil {
+		*r = *rCtx
+	}
+	var Params = NewOperatorSubnetAPIKeyParams()
+	uprinc, aCtx, err := o.Context.Authorize(r, route)
+	if err != nil {
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+	if aCtx != nil {
+		*r = *aCtx
+	}
+	var principal *models.Principal
+	if uprinc != nil {
+		principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise
+	}
+
+	if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+
+	res := o.Handler.Handle(Params, principal) // actually handle the request
+	o.Context.Respond(rw, r, route.Produces, route, res)
+
+}

operatorapi/operations/operator_api/operator_subnet_api_key_parameters.go

@@ -0,0 +1,99 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/runtime"
+	"github.com/go-openapi/runtime/middleware"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/validate"
+)
+
+// NewOperatorSubnetAPIKeyParams creates a new OperatorSubnetAPIKeyParams object
+//
+// There are no default values defined in the spec.
+func NewOperatorSubnetAPIKeyParams() OperatorSubnetAPIKeyParams {
+
+	return OperatorSubnetAPIKeyParams{}
+}
+
+// OperatorSubnetAPIKeyParams contains all the bound params for the operator subnet Api key operation
+// typically these are obtained from a http.Request
+//
+// swagger:parameters OperatorSubnetApiKey
+type OperatorSubnetAPIKeyParams struct {
+
+	// HTTP Request Object
+	HTTPRequest *http.Request `json:"-"`
+
+	/*
+	  Required: true
+	  In: query
+	*/
+	Token string
+}
+
+// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
+// for simple values it will use straight method calls.
+//
+// To ensure default values, the struct must have been initialized with NewOperatorSubnetAPIKeyParams() beforehand.
+func (o *OperatorSubnetAPIKeyParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
+	var res []error
+
+	o.HTTPRequest = r
+
+	qs := runtime.Values(r.URL.Query())
+
+	qToken, qhkToken, _ := qs.GetOK("token")
+	if err := o.bindToken(qToken, qhkToken, route.Formats); err != nil {
+		res = append(res, err)
+	}
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+// bindToken binds and validates parameter Token from query.
+func (o *OperatorSubnetAPIKeyParams) bindToken(rawData []string, hasKey bool, formats strfmt.Registry) error {
+	if !hasKey {
+		return errors.Required("token", "query", rawData)
+	}
+	var raw string
+	if len(rawData) > 0 {
+		raw = rawData[len(rawData)-1]
+	}
+
+	// Required: true
+	// AllowEmptyValue: false
+
+	if err := validate.RequiredString("token", "query", raw); err != nil {
+		return err
+	}
+	o.Token = raw
+
+	return nil
+}

operatorapi/operations/operator_api/operator_subnet_api_key_responses.go

@@ -0,0 +1,133 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/runtime"
+
+	"github.com/minio/console/models"
+)
+
+// OperatorSubnetAPIKeyOKCode is the HTTP code returned for type OperatorSubnetAPIKeyOK
+const OperatorSubnetAPIKeyOKCode int = 200
+
+/*OperatorSubnetAPIKeyOK A successful response.
+
+swagger:response operatorSubnetApiKeyOK
+*/
+type OperatorSubnetAPIKeyOK struct {
+
+	/*
+	  In: Body
+	*/
+	Payload *models.OperatorSubnetAPIKey `json:"body,omitempty"`
+}
+
+// NewOperatorSubnetAPIKeyOK creates OperatorSubnetAPIKeyOK with default headers values
+func NewOperatorSubnetAPIKeyOK() *OperatorSubnetAPIKeyOK {
+
+	return &OperatorSubnetAPIKeyOK{}
+}
+
+// WithPayload adds the payload to the operator subnet Api key o k response
+func (o *OperatorSubnetAPIKeyOK) WithPayload(payload *models.OperatorSubnetAPIKey) *OperatorSubnetAPIKeyOK {
+	o.Payload = payload
+	return o
+}
+
+// SetPayload sets the payload to the operator subnet Api key o k response
+func (o *OperatorSubnetAPIKeyOK) SetPayload(payload *models.OperatorSubnetAPIKey) {
+	o.Payload = payload
+}
+
+// WriteResponse to the client
+func (o *OperatorSubnetAPIKeyOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.WriteHeader(200)
+	if o.Payload != nil {
+		payload := o.Payload
+		if err := producer.Produce(rw, payload); err != nil {
+			panic(err) // let the recovery middleware deal with this
+		}
+	}
+}
+
+/*OperatorSubnetAPIKeyDefault Generic error response.
+
+swagger:response operatorSubnetApiKeyDefault
+*/
+type OperatorSubnetAPIKeyDefault struct {
+	_statusCode int
+
+	/*
+	  In: Body
+	*/
+	Payload *models.Error `json:"body,omitempty"`
+}
+
+// NewOperatorSubnetAPIKeyDefault creates OperatorSubnetAPIKeyDefault with default headers values
+func NewOperatorSubnetAPIKeyDefault(code int) *OperatorSubnetAPIKeyDefault {
+	if code <= 0 {
+		code = 500
+	}
+
+	return &OperatorSubnetAPIKeyDefault{
+		_statusCode: code,
+	}
+}
+
+// WithStatusCode adds the status to the operator subnet Api key default response
+func (o *OperatorSubnetAPIKeyDefault) WithStatusCode(code int) *OperatorSubnetAPIKeyDefault {
+	o._statusCode = code
+	return o
+}
+
+// SetStatusCode sets the status to the operator subnet Api key default response
+func (o *OperatorSubnetAPIKeyDefault) SetStatusCode(code int) {
+	o._statusCode = code
+}
+
+// WithPayload adds the payload to the operator subnet Api key default response
+func (o *OperatorSubnetAPIKeyDefault) WithPayload(payload *models.Error) *OperatorSubnetAPIKeyDefault {
+	o.Payload = payload
+	return o
+}
+
+// SetPayload sets the payload to the operator subnet Api key default response
+func (o *OperatorSubnetAPIKeyDefault) SetPayload(payload *models.Error) {
+	o.Payload = payload
+}
+
+// WriteResponse to the client
+func (o *OperatorSubnetAPIKeyDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.WriteHeader(o._statusCode)
+	if o.Payload != nil {
+		payload := o.Payload
+		if err := producer.Produce(rw, payload); err != nil {
+			panic(err) // let the recovery middleware deal with this
+		}
+	}
+}

operatorapi/operations/operator_api/operator_subnet_api_key_urlbuilder.go

@@ -0,0 +1,117 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+	"errors"
+	"net/url"
+	golangswaggerpaths "path"
+)
+
+// OperatorSubnetAPIKeyURL generates an URL for the operator subnet Api key operation
+type OperatorSubnetAPIKeyURL struct {
+	Token string
+
+	_basePath string
+	// avoid unkeyed usage
+	_ struct{}
+}
+
+// WithBasePath sets the base path for this url builder, only required when it's different from the
+// base path specified in the swagger spec.
+// When the value of the base path is an empty string
+func (o *OperatorSubnetAPIKeyURL) WithBasePath(bp string) *OperatorSubnetAPIKeyURL {
+	o.SetBasePath(bp)
+	return o
+}
+
+// SetBasePath sets the base path for this url builder, only required when it's different from the
+// base path specified in the swagger spec.
+// When the value of the base path is an empty string
+func (o *OperatorSubnetAPIKeyURL) SetBasePath(bp string) {
+	o._basePath = bp
+}
+
+// Build a url path and query string
+func (o *OperatorSubnetAPIKeyURL) Build() (*url.URL, error) {
+	var _result url.URL
+
+	var _path = "/subnet/apikey"
+
+	_basePath := o._basePath
+	if _basePath == "" {
+		_basePath = "/api/v1"
+	}
+	_result.Path = golangswaggerpaths.Join(_basePath, _path)
+
+	qs := make(url.Values)
+
+	tokenQ := o.Token
+	if tokenQ != "" {
+		qs.Set("token", tokenQ)
+	}
+
+	_result.RawQuery = qs.Encode()
+
+	return &_result, nil
+}
+
+// Must is a helper function to panic when the url builder returns an error
+func (o *OperatorSubnetAPIKeyURL) Must(u *url.URL, err error) *url.URL {
+	if err != nil {
+		panic(err)
+	}
+	if u == nil {
+		panic("url can't be nil")
+	}
+	return u
+}
+
+// String returns the string representation of the path with query string
+func (o *OperatorSubnetAPIKeyURL) String() string {
+	return o.Must(o.Build()).String()
+}
+
+// BuildFull builds a full url with scheme, host, path and query string
+func (o *OperatorSubnetAPIKeyURL) BuildFull(scheme, host string) (*url.URL, error) {
+	if scheme == "" {
+		return nil, errors.New("scheme is required for a full url on OperatorSubnetAPIKeyURL")
+	}
+	if host == "" {
+		return nil, errors.New("host is required for a full url on OperatorSubnetAPIKeyURL")
+	}
+
+	base, err := o.Build()
+	if err != nil {
+		return nil, err
+	}
+
+	base.Scheme = scheme
+	base.Host = host
+	return base, nil
+}
+
+// StringFull returns the string representation of a complete url
+func (o *OperatorSubnetAPIKeyURL) StringFull(scheme, host string) string {
+	return o.Must(o.BuildFull(scheme, host)).String()
+}

operatorapi/operations/operator_api/operator_subnet_login.go

@@ -0,0 +1,88 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/runtime/middleware"
+
+	"github.com/minio/console/models"
+)
+
+// OperatorSubnetLoginHandlerFunc turns a function with the right signature into a operator subnet login handler
+type OperatorSubnetLoginHandlerFunc func(OperatorSubnetLoginParams, *models.Principal) middleware.Responder
+
+// Handle executing the request and returning a response
+func (fn OperatorSubnetLoginHandlerFunc) Handle(params OperatorSubnetLoginParams, principal *models.Principal) middleware.Responder {
+	return fn(params, principal)
+}
+
+// OperatorSubnetLoginHandler interface for that can handle valid operator subnet login params
+type OperatorSubnetLoginHandler interface {
+	Handle(OperatorSubnetLoginParams, *models.Principal) middleware.Responder
+}
+
+// NewOperatorSubnetLogin creates a new http.Handler for the operator subnet login operation
+func NewOperatorSubnetLogin(ctx *middleware.Context, handler OperatorSubnetLoginHandler) *OperatorSubnetLogin {
+	return &OperatorSubnetLogin{Context: ctx, Handler: handler}
+}
+
+/* OperatorSubnetLogin swagger:route POST /subnet/login OperatorAPI operatorSubnetLogin
+
+Login to subnet
+
+*/
+type OperatorSubnetLogin struct {
+	Context *middleware.Context
+	Handler OperatorSubnetLoginHandler
+}
+
+func (o *OperatorSubnetLogin) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
+	route, rCtx, _ := o.Context.RouteInfo(r)
+	if rCtx != nil {
+		*r = *rCtx
+	}
+	var Params = NewOperatorSubnetLoginParams()
+	uprinc, aCtx, err := o.Context.Authorize(r, route)
+	if err != nil {
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+	if aCtx != nil {
+		*r = *aCtx
+	}
+	var principal *models.Principal
+	if uprinc != nil {
+		principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise
+	}
+
+	if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+
+	res := o.Handler.Handle(Params, principal) // actually handle the request
+	o.Context.Respond(rw, r, route.Produces, route, res)
+
+}

operatorapi/operations/operator_api/operator_subnet_login_m_f_a.go

@@ -0,0 +1,88 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/runtime/middleware"
+
+	"github.com/minio/console/models"
+)
+
+// OperatorSubnetLoginMFAHandlerFunc turns a function with the right signature into a operator subnet login m f a handler
+type OperatorSubnetLoginMFAHandlerFunc func(OperatorSubnetLoginMFAParams, *models.Principal) middleware.Responder
+
+// Handle executing the request and returning a response
+func (fn OperatorSubnetLoginMFAHandlerFunc) Handle(params OperatorSubnetLoginMFAParams, principal *models.Principal) middleware.Responder {
+	return fn(params, principal)
+}
+
+// OperatorSubnetLoginMFAHandler interface for that can handle valid operator subnet login m f a params
+type OperatorSubnetLoginMFAHandler interface {
+	Handle(OperatorSubnetLoginMFAParams, *models.Principal) middleware.Responder
+}
+
+// NewOperatorSubnetLoginMFA creates a new http.Handler for the operator subnet login m f a operation
+func NewOperatorSubnetLoginMFA(ctx *middleware.Context, handler OperatorSubnetLoginMFAHandler) *OperatorSubnetLoginMFA {
+	return &OperatorSubnetLoginMFA{Context: ctx, Handler: handler}
+}
+
+/* OperatorSubnetLoginMFA swagger:route POST /subnet/login/mfa OperatorAPI operatorSubnetLoginMFA
+
+Login to subnet using mfa
+
+*/
+type OperatorSubnetLoginMFA struct {
+	Context *middleware.Context
+	Handler OperatorSubnetLoginMFAHandler
+}
+
+func (o *OperatorSubnetLoginMFA) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
+	route, rCtx, _ := o.Context.RouteInfo(r)
+	if rCtx != nil {
+		*r = *rCtx
+	}
+	var Params = NewOperatorSubnetLoginMFAParams()
+	uprinc, aCtx, err := o.Context.Authorize(r, route)
+	if err != nil {
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+	if aCtx != nil {
+		*r = *aCtx
+	}
+	var principal *models.Principal
+	if uprinc != nil {
+		principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise
+	}
+
+	if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+
+	res := o.Handler.Handle(Params, principal) // actually handle the request
+	o.Context.Respond(rw, r, route.Produces, route, res)
+
+}

operatorapi/operations/operator_api/operator_subnet_login_m_f_a_parameters.go

@@ -0,0 +1,102 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"io"
+	"net/http"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/runtime"
+	"github.com/go-openapi/runtime/middleware"
+	"github.com/go-openapi/validate"
+
+	"github.com/minio/console/models"
+)
+
+// NewOperatorSubnetLoginMFAParams creates a new OperatorSubnetLoginMFAParams object
+//
+// There are no default values defined in the spec.
+func NewOperatorSubnetLoginMFAParams() OperatorSubnetLoginMFAParams {
+
+	return OperatorSubnetLoginMFAParams{}
+}
+
+// OperatorSubnetLoginMFAParams contains all the bound params for the operator subnet login m f a operation
+// typically these are obtained from a http.Request
+//
+// swagger:parameters OperatorSubnetLoginMFA
+type OperatorSubnetLoginMFAParams struct {
+
+	// HTTP Request Object
+	HTTPRequest *http.Request `json:"-"`
+
+	/*
+	  Required: true
+	  In: body
+	*/
+	Body *models.OperatorSubnetLoginMFARequest
+}
+
+// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
+// for simple values it will use straight method calls.
+//
+// To ensure default values, the struct must have been initialized with NewOperatorSubnetLoginMFAParams() beforehand.
+func (o *OperatorSubnetLoginMFAParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
+	var res []error
+
+	o.HTTPRequest = r
+
+	if runtime.HasBody(r) {
+		defer r.Body.Close()
+		var body models.OperatorSubnetLoginMFARequest
+		if err := route.Consumer.Consume(r.Body, &body); err != nil {
+			if err == io.EOF {
+				res = append(res, errors.Required("body", "body", ""))
+			} else {
+				res = append(res, errors.NewParseError("body", "body", "", err))
+			}
+		} else {
+			// validate body object
+			if err := body.Validate(route.Formats); err != nil {
+				res = append(res, err)
+			}
+
+			ctx := validate.WithOperationRequest(context.Background())
+			if err := body.ContextValidate(ctx, route.Formats); err != nil {
+				res = append(res, err)
+			}
+
+			if len(res) == 0 {
+				o.Body = &body
+			}
+		}
+	} else {
+		res = append(res, errors.Required("body", "body", ""))
+	}
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}

operatorapi/operations/operator_api/operator_subnet_login_m_f_a_responses.go

@@ -0,0 +1,133 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/runtime"
+
+	"github.com/minio/console/models"
+)
+
+// OperatorSubnetLoginMFAOKCode is the HTTP code returned for type OperatorSubnetLoginMFAOK
+const OperatorSubnetLoginMFAOKCode int = 200
+
+/*OperatorSubnetLoginMFAOK A successful response.
+
+swagger:response operatorSubnetLoginMFAOK
+*/
+type OperatorSubnetLoginMFAOK struct {
+
+	/*
+	  In: Body
+	*/
+	Payload *models.OperatorSubnetLoginResponse `json:"body,omitempty"`
+}
+
+// NewOperatorSubnetLoginMFAOK creates OperatorSubnetLoginMFAOK with default headers values
+func NewOperatorSubnetLoginMFAOK() *OperatorSubnetLoginMFAOK {
+
+	return &OperatorSubnetLoginMFAOK{}
+}
+
+// WithPayload adds the payload to the operator subnet login m f a o k response
+func (o *OperatorSubnetLoginMFAOK) WithPayload(payload *models.OperatorSubnetLoginResponse) *OperatorSubnetLoginMFAOK {
+	o.Payload = payload
+	return o
+}
+
+// SetPayload sets the payload to the operator subnet login m f a o k response
+func (o *OperatorSubnetLoginMFAOK) SetPayload(payload *models.OperatorSubnetLoginResponse) {
+	o.Payload = payload
+}
+
+// WriteResponse to the client
+func (o *OperatorSubnetLoginMFAOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.WriteHeader(200)
+	if o.Payload != nil {
+		payload := o.Payload
+		if err := producer.Produce(rw, payload); err != nil {
+			panic(err) // let the recovery middleware deal with this
+		}
+	}
+}
+
+/*OperatorSubnetLoginMFADefault Generic error response.
+
+swagger:response operatorSubnetLoginMFADefault
+*/
+type OperatorSubnetLoginMFADefault struct {
+	_statusCode int
+
+	/*
+	  In: Body
+	*/
+	Payload *models.Error `json:"body,omitempty"`
+}
+
+// NewOperatorSubnetLoginMFADefault creates OperatorSubnetLoginMFADefault with default headers values
+func NewOperatorSubnetLoginMFADefault(code int) *OperatorSubnetLoginMFADefault {
+	if code <= 0 {
+		code = 500
+	}
+
+	return &OperatorSubnetLoginMFADefault{
+		_statusCode: code,
+	}
+}
+
+// WithStatusCode adds the status to the operator subnet login m f a default response
+func (o *OperatorSubnetLoginMFADefault) WithStatusCode(code int) *OperatorSubnetLoginMFADefault {
+	o._statusCode = code
+	return o
+}
+
+// SetStatusCode sets the status to the operator subnet login m f a default response
+func (o *OperatorSubnetLoginMFADefault) SetStatusCode(code int) {
+	o._statusCode = code
+}
+
+// WithPayload adds the payload to the operator subnet login m f a default response
+func (o *OperatorSubnetLoginMFADefault) WithPayload(payload *models.Error) *OperatorSubnetLoginMFADefault {
+	o.Payload = payload
+	return o
+}
+
+// SetPayload sets the payload to the operator subnet login m f a default response
+func (o *OperatorSubnetLoginMFADefault) SetPayload(payload *models.Error) {
+	o.Payload = payload
+}
+
+// WriteResponse to the client
+func (o *OperatorSubnetLoginMFADefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.WriteHeader(o._statusCode)
+	if o.Payload != nil {
+		payload := o.Payload
+		if err := producer.Produce(rw, payload); err != nil {
+			panic(err) // let the recovery middleware deal with this
+		}
+	}
+}

operatorapi/operations/operator_api/operator_subnet_login_m_f_a_urlbuilder.go

@@ -0,0 +1,104 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+	"errors"
+	"net/url"
+	golangswaggerpaths "path"
+)
+
+// OperatorSubnetLoginMFAURL generates an URL for the operator subnet login m f a operation
+type OperatorSubnetLoginMFAURL struct {
+	_basePath string
+}
+
+// WithBasePath sets the base path for this url builder, only required when it's different from the
+// base path specified in the swagger spec.
+// When the value of the base path is an empty string
+func (o *OperatorSubnetLoginMFAURL) WithBasePath(bp string) *OperatorSubnetLoginMFAURL {
+	o.SetBasePath(bp)
+	return o
+}
+
+// SetBasePath sets the base path for this url builder, only required when it's different from the
+// base path specified in the swagger spec.
+// When the value of the base path is an empty string
+func (o *OperatorSubnetLoginMFAURL) SetBasePath(bp string) {
+	o._basePath = bp
+}
+
+// Build a url path and query string
+func (o *OperatorSubnetLoginMFAURL) Build() (*url.URL, error) {
+	var _result url.URL
+
+	var _path = "/subnet/login/mfa"
+
+	_basePath := o._basePath
+	if _basePath == "" {
+		_basePath = "/api/v1"
+	}
+	_result.Path = golangswaggerpaths.Join(_basePath, _path)
+
+	return &_result, nil
+}
+
+// Must is a helper function to panic when the url builder returns an error
+func (o *OperatorSubnetLoginMFAURL) Must(u *url.URL, err error) *url.URL {
+	if err != nil {
+		panic(err)
+	}
+	if u == nil {
+		panic("url can't be nil")
+	}
+	return u
+}
+
+// String returns the string representation of the path with query string
+func (o *OperatorSubnetLoginMFAURL) String() string {
+	return o.Must(o.Build()).String()
+}
+
+// BuildFull builds a full url with scheme, host, path and query string
+func (o *OperatorSubnetLoginMFAURL) BuildFull(scheme, host string) (*url.URL, error) {
+	if scheme == "" {
+		return nil, errors.New("scheme is required for a full url on OperatorSubnetLoginMFAURL")
+	}
+	if host == "" {
+		return nil, errors.New("host is required for a full url on OperatorSubnetLoginMFAURL")
+	}
+
+	base, err := o.Build()
+	if err != nil {
+		return nil, err
+	}
+
+	base.Scheme = scheme
+	base.Host = host
+	return base, nil
+}
+
+// StringFull returns the string representation of a complete url
+func (o *OperatorSubnetLoginMFAURL) StringFull(scheme, host string) string {
+	return o.Must(o.BuildFull(scheme, host)).String()
+}

operatorapi/operations/operator_api/operator_subnet_login_parameters.go

@@ -0,0 +1,102 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"io"
+	"net/http"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/runtime"
+	"github.com/go-openapi/runtime/middleware"
+	"github.com/go-openapi/validate"
+
+	"github.com/minio/console/models"
+)
+
+// NewOperatorSubnetLoginParams creates a new OperatorSubnetLoginParams object
+//
+// There are no default values defined in the spec.
+func NewOperatorSubnetLoginParams() OperatorSubnetLoginParams {
+
+	return OperatorSubnetLoginParams{}
+}
+
+// OperatorSubnetLoginParams contains all the bound params for the operator subnet login operation
+// typically these are obtained from a http.Request
+//
+// swagger:parameters OperatorSubnetLogin
+type OperatorSubnetLoginParams struct {
+
+	// HTTP Request Object
+	HTTPRequest *http.Request `json:"-"`
+
+	/*
+	  Required: true
+	  In: body
+	*/
+	Body *models.OperatorSubnetLoginRequest
+}
+
+// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
+// for simple values it will use straight method calls.
+//
+// To ensure default values, the struct must have been initialized with NewOperatorSubnetLoginParams() beforehand.
+func (o *OperatorSubnetLoginParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
+	var res []error
+
+	o.HTTPRequest = r
+
+	if runtime.HasBody(r) {
+		defer r.Body.Close()
+		var body models.OperatorSubnetLoginRequest
+		if err := route.Consumer.Consume(r.Body, &body); err != nil {
+			if err == io.EOF {
+				res = append(res, errors.Required("body", "body", ""))
+			} else {
+				res = append(res, errors.NewParseError("body", "body", "", err))
+			}
+		} else {
+			// validate body object
+			if err := body.Validate(route.Formats); err != nil {
+				res = append(res, err)
+			}
+
+			ctx := validate.WithOperationRequest(context.Background())
+			if err := body.ContextValidate(ctx, route.Formats); err != nil {
+				res = append(res, err)
+			}
+
+			if len(res) == 0 {
+				o.Body = &body
+			}
+		}
+	} else {
+		res = append(res, errors.Required("body", "body", ""))
+	}
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}

operatorapi/operations/operator_api/operator_subnet_login_responses.go

@@ -0,0 +1,133 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/runtime"
+
+	"github.com/minio/console/models"
+)
+
+// OperatorSubnetLoginOKCode is the HTTP code returned for type OperatorSubnetLoginOK
+const OperatorSubnetLoginOKCode int = 200
+
+/*OperatorSubnetLoginOK A successful response.
+
+swagger:response operatorSubnetLoginOK
+*/
+type OperatorSubnetLoginOK struct {
+
+	/*
+	  In: Body
+	*/
+	Payload *models.OperatorSubnetLoginResponse `json:"body,omitempty"`
+}
+
+// NewOperatorSubnetLoginOK creates OperatorSubnetLoginOK with default headers values
+func NewOperatorSubnetLoginOK() *OperatorSubnetLoginOK {
+
+	return &OperatorSubnetLoginOK{}
+}
+
+// WithPayload adds the payload to the operator subnet login o k response
+func (o *OperatorSubnetLoginOK) WithPayload(payload *models.OperatorSubnetLoginResponse) *OperatorSubnetLoginOK {
+	o.Payload = payload
+	return o
+}
+
+// SetPayload sets the payload to the operator subnet login o k response
+func (o *OperatorSubnetLoginOK) SetPayload(payload *models.OperatorSubnetLoginResponse) {
+	o.Payload = payload
+}
+
+// WriteResponse to the client
+func (o *OperatorSubnetLoginOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.WriteHeader(200)
+	if o.Payload != nil {
+		payload := o.Payload
+		if err := producer.Produce(rw, payload); err != nil {
+			panic(err) // let the recovery middleware deal with this
+		}
+	}
+}
+
+/*OperatorSubnetLoginDefault Generic error response.
+
+swagger:response operatorSubnetLoginDefault
+*/
+type OperatorSubnetLoginDefault struct {
+	_statusCode int
+
+	/*
+	  In: Body
+	*/
+	Payload *models.Error `json:"body,omitempty"`
+}
+
+// NewOperatorSubnetLoginDefault creates OperatorSubnetLoginDefault with default headers values
+func NewOperatorSubnetLoginDefault(code int) *OperatorSubnetLoginDefault {
+	if code <= 0 {
+		code = 500
+	}
+
+	return &OperatorSubnetLoginDefault{
+		_statusCode: code,
+	}
+}
+
+// WithStatusCode adds the status to the operator subnet login default response
+func (o *OperatorSubnetLoginDefault) WithStatusCode(code int) *OperatorSubnetLoginDefault {
+	o._statusCode = code
+	return o
+}
+
+// SetStatusCode sets the status to the operator subnet login default response
+func (o *OperatorSubnetLoginDefault) SetStatusCode(code int) {
+	o._statusCode = code
+}
+
+// WithPayload adds the payload to the operator subnet login default response
+func (o *OperatorSubnetLoginDefault) WithPayload(payload *models.Error) *OperatorSubnetLoginDefault {
+	o.Payload = payload
+	return o
+}
+
+// SetPayload sets the payload to the operator subnet login default response
+func (o *OperatorSubnetLoginDefault) SetPayload(payload *models.Error) {
+	o.Payload = payload
+}
+
+// WriteResponse to the client
+func (o *OperatorSubnetLoginDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.WriteHeader(o._statusCode)
+	if o.Payload != nil {
+		payload := o.Payload
+		if err := producer.Produce(rw, payload); err != nil {
+			panic(err) // let the recovery middleware deal with this
+		}
+	}
+}

operatorapi/operations/operator_api/operator_subnet_login_urlbuilder.go

@@ -0,0 +1,104 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+	"errors"
+	"net/url"
+	golangswaggerpaths "path"
+)
+
+// OperatorSubnetLoginURL generates an URL for the operator subnet login operation
+type OperatorSubnetLoginURL struct {
+	_basePath string
+}
+
+// WithBasePath sets the base path for this url builder, only required when it's different from the
+// base path specified in the swagger spec.
+// When the value of the base path is an empty string
+func (o *OperatorSubnetLoginURL) WithBasePath(bp string) *OperatorSubnetLoginURL {
+	o.SetBasePath(bp)
+	return o
+}
+
+// SetBasePath sets the base path for this url builder, only required when it's different from the
+// base path specified in the swagger spec.
+// When the value of the base path is an empty string
+func (o *OperatorSubnetLoginURL) SetBasePath(bp string) {
+	o._basePath = bp
+}
+
+// Build a url path and query string
+func (o *OperatorSubnetLoginURL) Build() (*url.URL, error) {
+	var _result url.URL
+
+	var _path = "/subnet/login"
+
+	_basePath := o._basePath
+	if _basePath == "" {
+		_basePath = "/api/v1"
+	}
+	_result.Path = golangswaggerpaths.Join(_basePath, _path)
+
+	return &_result, nil
+}
+
+// Must is a helper function to panic when the url builder returns an error
+func (o *OperatorSubnetLoginURL) Must(u *url.URL, err error) *url.URL {
+	if err != nil {
+		panic(err)
+	}
+	if u == nil {
+		panic("url can't be nil")
+	}
+	return u
+}
+
+// String returns the string representation of the path with query string
+func (o *OperatorSubnetLoginURL) String() string {
+	return o.Must(o.Build()).String()
+}
+
+// BuildFull builds a full url with scheme, host, path and query string
+func (o *OperatorSubnetLoginURL) BuildFull(scheme, host string) (*url.URL, error) {
+	if scheme == "" {
+		return nil, errors.New("scheme is required for a full url on OperatorSubnetLoginURL")
+	}
+	if host == "" {
+		return nil, errors.New("host is required for a full url on OperatorSubnetLoginURL")
+	}
+
+	base, err := o.Build()
+	if err != nil {
+		return nil, err
+	}
+
+	base.Scheme = scheme
+	base.Host = host
+	return base, nil
+}
+
+// StringFull returns the string representation of a complete url
+func (o *OperatorSubnetLoginURL) StringFull(scheme, host string) string {
+	return o.Must(o.BuildFull(scheme, host)).String()
+}

operatorapi/operations/operator_api/operator_subnet_register_api_key.go

@@ -0,0 +1,88 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/runtime/middleware"
+
+	"github.com/minio/console/models"
+)
+
+// OperatorSubnetRegisterAPIKeyHandlerFunc turns a function with the right signature into a operator subnet register API key handler
+type OperatorSubnetRegisterAPIKeyHandlerFunc func(OperatorSubnetRegisterAPIKeyParams, *models.Principal) middleware.Responder
+
+// Handle executing the request and returning a response
+func (fn OperatorSubnetRegisterAPIKeyHandlerFunc) Handle(params OperatorSubnetRegisterAPIKeyParams, principal *models.Principal) middleware.Responder {
+	return fn(params, principal)
+}
+
+// OperatorSubnetRegisterAPIKeyHandler interface for that can handle valid operator subnet register API key params
+type OperatorSubnetRegisterAPIKeyHandler interface {
+	Handle(OperatorSubnetRegisterAPIKeyParams, *models.Principal) middleware.Responder
+}
+
+// NewOperatorSubnetRegisterAPIKey creates a new http.Handler for the operator subnet register API key operation
+func NewOperatorSubnetRegisterAPIKey(ctx *middleware.Context, handler OperatorSubnetRegisterAPIKeyHandler) *OperatorSubnetRegisterAPIKey {
+	return &OperatorSubnetRegisterAPIKey{Context: ctx, Handler: handler}
+}
+
+/* OperatorSubnetRegisterAPIKey swagger:route POST /subnet/apikey/register OperatorAPI operatorSubnetRegisterApiKey
+
+Register Operator with Subnet
+
+*/
+type OperatorSubnetRegisterAPIKey struct {
+	Context *middleware.Context
+	Handler OperatorSubnetRegisterAPIKeyHandler
+}
+
+func (o *OperatorSubnetRegisterAPIKey) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
+	route, rCtx, _ := o.Context.RouteInfo(r)
+	if rCtx != nil {
+		*r = *rCtx
+	}
+	var Params = NewOperatorSubnetRegisterAPIKeyParams()
+	uprinc, aCtx, err := o.Context.Authorize(r, route)
+	if err != nil {
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+	if aCtx != nil {
+		*r = *aCtx
+	}
+	var principal *models.Principal
+	if uprinc != nil {
+		principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise
+	}
+
+	if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+
+	res := o.Handler.Handle(Params, principal) // actually handle the request
+	o.Context.Respond(rw, r, route.Produces, route, res)
+
+}

operatorapi/operations/operator_api/operator_subnet_register_api_key_parameters.go

@@ -0,0 +1,102 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"io"
+	"net/http"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/runtime"
+	"github.com/go-openapi/runtime/middleware"
+	"github.com/go-openapi/validate"
+
+	"github.com/minio/console/models"
+)
+
+// NewOperatorSubnetRegisterAPIKeyParams creates a new OperatorSubnetRegisterAPIKeyParams object
+//
+// There are no default values defined in the spec.
+func NewOperatorSubnetRegisterAPIKeyParams() OperatorSubnetRegisterAPIKeyParams {
+
+	return OperatorSubnetRegisterAPIKeyParams{}
+}
+
+// OperatorSubnetRegisterAPIKeyParams contains all the bound params for the operator subnet register API key operation
+// typically these are obtained from a http.Request
+//
+// swagger:parameters OperatorSubnetRegisterAPIKey
+type OperatorSubnetRegisterAPIKeyParams struct {
+
+	// HTTP Request Object
+	HTTPRequest *http.Request `json:"-"`
+
+	/*
+	  Required: true
+	  In: body
+	*/
+	Body *models.OperatorSubnetAPIKey
+}
+
+// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
+// for simple values it will use straight method calls.
+//
+// To ensure default values, the struct must have been initialized with NewOperatorSubnetRegisterAPIKeyParams() beforehand.
+func (o *OperatorSubnetRegisterAPIKeyParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
+	var res []error
+
+	o.HTTPRequest = r
+
+	if runtime.HasBody(r) {
+		defer r.Body.Close()
+		var body models.OperatorSubnetAPIKey
+		if err := route.Consumer.Consume(r.Body, &body); err != nil {
+			if err == io.EOF {
+				res = append(res, errors.Required("body", "body", ""))
+			} else {
+				res = append(res, errors.NewParseError("body", "body", "", err))
+			}
+		} else {
+			// validate body object
+			if err := body.Validate(route.Formats); err != nil {
+				res = append(res, err)
+			}
+
+			ctx := validate.WithOperationRequest(context.Background())
+			if err := body.ContextValidate(ctx, route.Formats); err != nil {
+				res = append(res, err)
+			}
+
+			if len(res) == 0 {
+				o.Body = &body
+			}
+		}
+	} else {
+		res = append(res, errors.Required("body", "body", ""))
+	}
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}

operatorapi/operations/operator_api/operator_subnet_register_api_key_responses.go

@@ -0,0 +1,113 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/runtime"
+
+	"github.com/minio/console/models"
+)
+
+// OperatorSubnetRegisterAPIKeyOKCode is the HTTP code returned for type OperatorSubnetRegisterAPIKeyOK
+const OperatorSubnetRegisterAPIKeyOKCode int = 200
+
+/*OperatorSubnetRegisterAPIKeyOK A successful response.
+
+swagger:response operatorSubnetRegisterApiKeyOK
+*/
+type OperatorSubnetRegisterAPIKeyOK struct {
+}
+
+// NewOperatorSubnetRegisterAPIKeyOK creates OperatorSubnetRegisterAPIKeyOK with default headers values
+func NewOperatorSubnetRegisterAPIKeyOK() *OperatorSubnetRegisterAPIKeyOK {
+
+	return &OperatorSubnetRegisterAPIKeyOK{}
+}
+
+// WriteResponse to the client
+func (o *OperatorSubnetRegisterAPIKeyOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
+
+	rw.WriteHeader(200)
+}
+
+/*OperatorSubnetRegisterAPIKeyDefault Generic error response.
+
+swagger:response operatorSubnetRegisterApiKeyDefault
+*/
+type OperatorSubnetRegisterAPIKeyDefault struct {
+	_statusCode int
+
+	/*
+	  In: Body
+	*/
+	Payload *models.Error `json:"body,omitempty"`
+}
+
+// NewOperatorSubnetRegisterAPIKeyDefault creates OperatorSubnetRegisterAPIKeyDefault with default headers values
+func NewOperatorSubnetRegisterAPIKeyDefault(code int) *OperatorSubnetRegisterAPIKeyDefault {
+	if code <= 0 {
+		code = 500
+	}
+
+	return &OperatorSubnetRegisterAPIKeyDefault{
+		_statusCode: code,
+	}
+}
+
+// WithStatusCode adds the status to the operator subnet register API key default response
+func (o *OperatorSubnetRegisterAPIKeyDefault) WithStatusCode(code int) *OperatorSubnetRegisterAPIKeyDefault {
+	o._statusCode = code
+	return o
+}
+
+// SetStatusCode sets the status to the operator subnet register API key default response
+func (o *OperatorSubnetRegisterAPIKeyDefault) SetStatusCode(code int) {
+	o._statusCode = code
+}
+
+// WithPayload adds the payload to the operator subnet register API key default response
+func (o *OperatorSubnetRegisterAPIKeyDefault) WithPayload(payload *models.Error) *OperatorSubnetRegisterAPIKeyDefault {
+	o.Payload = payload
+	return o
+}
+
+// SetPayload sets the payload to the operator subnet register API key default response
+func (o *OperatorSubnetRegisterAPIKeyDefault) SetPayload(payload *models.Error) {
+	o.Payload = payload
+}
+
+// WriteResponse to the client
+func (o *OperatorSubnetRegisterAPIKeyDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.WriteHeader(o._statusCode)
+	if o.Payload != nil {
+		payload := o.Payload
+		if err := producer.Produce(rw, payload); err != nil {
+			panic(err) // let the recovery middleware deal with this
+		}
+	}
+}

operatorapi/operations/operator_api/operator_subnet_register_api_key_urlbuilder.go

@@ -0,0 +1,104 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package operator_api
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+	"errors"
+	"net/url"
+	golangswaggerpaths "path"
+)
+
+// OperatorSubnetRegisterAPIKeyURL generates an URL for the operator subnet register API key operation
+type OperatorSubnetRegisterAPIKeyURL struct {
+	_basePath string
+}
+
+// WithBasePath sets the base path for this url builder, only required when it's different from the
+// base path specified in the swagger spec.
+// When the value of the base path is an empty string
+func (o *OperatorSubnetRegisterAPIKeyURL) WithBasePath(bp string) *OperatorSubnetRegisterAPIKeyURL {
+	o.SetBasePath(bp)
+	return o
+}
+
+// SetBasePath sets the base path for this url builder, only required when it's different from the
+// base path specified in the swagger spec.
+// When the value of the base path is an empty string
+func (o *OperatorSubnetRegisterAPIKeyURL) SetBasePath(bp string) {
+	o._basePath = bp
+}
+
+// Build a url path and query string
+func (o *OperatorSubnetRegisterAPIKeyURL) Build() (*url.URL, error) {
+	var _result url.URL
+
+	var _path = "/subnet/apikey/register"
+
+	_basePath := o._basePath
+	if _basePath == "" {
+		_basePath = "/api/v1"
+	}
+	_result.Path = golangswaggerpaths.Join(_basePath, _path)
+
+	return &_result, nil
+}
+
+// Must is a helper function to panic when the url builder returns an error
+func (o *OperatorSubnetRegisterAPIKeyURL) Must(u *url.URL, err error) *url.URL {
+	if err != nil {
+		panic(err)
+	}
+	if u == nil {
+		panic("url can't be nil")
+	}
+	return u
+}
+
+// String returns the string representation of the path with query string
+func (o *OperatorSubnetRegisterAPIKeyURL) String() string {
+	return o.Must(o.Build()).String()
+}
+
+// BuildFull builds a full url with scheme, host, path and query string
+func (o *OperatorSubnetRegisterAPIKeyURL) BuildFull(scheme, host string) (*url.URL, error) {
+	if scheme == "" {
+		return nil, errors.New("scheme is required for a full url on OperatorSubnetRegisterAPIKeyURL")
+	}
+	if host == "" {
+		return nil, errors.New("host is required for a full url on OperatorSubnetRegisterAPIKeyURL")
+	}
+
+	base, err := o.Build()
+	if err != nil {
+		return nil, err
+	}
+
+	base.Scheme = scheme
+	base.Host = host
+	return base, nil
+}
+
+// StringFull returns the string representation of a complete url
+func (o *OperatorSubnetRegisterAPIKeyURL) StringFull(scheme, host string) string {
+	return o.Must(o.BuildFull(scheme, host)).String()
+}

operatorapi/subnet.go

@@ -0,0 +1,43 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package operatorapi
+
+import (
+	"github.com/go-openapi/runtime/middleware"
+	"github.com/minio/console/models"
+	"github.com/minio/console/operatorapi/operations"
+	"github.com/minio/console/operatorapi/operations/operator_api"
+)
+
+func registerOperatorSubnetHandlers(api *operations.OperatorAPI) {
+	api.OperatorAPIOperatorSubnetLoginHandler = operator_api.OperatorSubnetLoginHandlerFunc(func(params operator_api.OperatorSubnetLoginParams, session *models.Principal) middleware.Responder {
+		// TODO: Implement
+		return operator_api.NewOperatorSubnetLoginOK()
+	})
+	api.OperatorAPIOperatorSubnetLoginMFAHandler = operator_api.OperatorSubnetLoginMFAHandlerFunc(func(params operator_api.OperatorSubnetLoginMFAParams, session *models.Principal) middleware.Responder {
+		// TODO: Implement
+		return operator_api.NewOperatorSubnetLoginMFAOK()
+	})
+	api.OperatorAPIOperatorSubnetAPIKeyHandler = operator_api.OperatorSubnetAPIKeyHandlerFunc(func(params operator_api.OperatorSubnetAPIKeyParams, session *models.Principal) middleware.Responder {
+		// TODO: Implement
+		return operator_api.NewOperatorSubnetAPIKeyOK()
+	})
+	api.OperatorAPIOperatorSubnetRegisterAPIKeyHandler = operator_api.OperatorSubnetRegisterAPIKeyHandlerFunc(func(params operator_api.OperatorSubnetRegisterAPIKeyParams, session *models.Principal) middleware.Responder {
+		// TODO: Implement
+		return operator_api.NewOperatorSubnetRegisterAPIKeyOK()
+	})
+}

portal-ui/build/asset-manifest.json

@@ -1,14 +1,14 @@
 {
   "files": {
     "main.css": "./static/css/main.90d417ae.css",
-    "main.js": "./static/js/main.44b939e3.js",
+    "main.js": "./static/js/main.ccc73c66.js",
     "static/js/6914.ed2f1662.chunk.js": "./static/js/6914.ed2f1662.chunk.js",
     "static/js/4209.05b25520.chunk.js": "./static/js/4209.05b25520.chunk.js",
     "static/js/1829.223fb198.chunk.js": "./static/js/1829.223fb198.chunk.js",
     "static/js/4455.596f5a0d.chunk.js": "./static/js/4455.596f5a0d.chunk.js",
     "static/js/5088.7692271b.chunk.js": "./static/js/5088.7692271b.chunk.js",
     "static/js/5140.b1dd0e23.chunk.js": "./static/js/5140.b1dd0e23.chunk.js",
-    "static/js/5997.59dab43a.chunk.js": "./static/js/5997.59dab43a.chunk.js",
+    "static/js/1260.5eb8500b.chunk.js": "./static/js/1260.5eb8500b.chunk.js",
     "static/js/3176.121f3468.chunk.js": "./static/js/3176.121f3468.chunk.js",
     "static/js/6137.2c486126.chunk.js": "./static/js/6137.2c486126.chunk.js",
     "static/js/7045.bc049940.chunk.js": "./static/js/7045.bc049940.chunk.js",
@@ -23,7 +23,7 @@
     "static/js/9611.c217768e.chunk.js": "./static/js/9611.c217768e.chunk.js",
     "static/js/2637.97fe472e.chunk.js": "./static/js/2637.97fe472e.chunk.js",
     "static/css/5503.90c9cdc7.chunk.css": "./static/css/5503.90c9cdc7.chunk.css",
-    "static/js/5503.dad78ff5.chunk.js": "./static/js/5503.dad78ff5.chunk.js",
+    "static/js/5503.79a2f464.chunk.js": "./static/js/5503.79a2f464.chunk.js",
     "static/js/5926.c0387455.chunk.js": "./static/js/5926.c0387455.chunk.js",
     "static/js/701.05206868.chunk.js": "./static/js/701.05206868.chunk.js",
     "static/js/7821.bda18452.chunk.js": "./static/js/7821.bda18452.chunk.js",
@@ -54,7 +54,7 @@
     "static/js/7798.b974925d.chunk.js": "./static/js/7798.b974925d.chunk.js",
     "static/js/8833.8e4bf585.chunk.js": "./static/js/8833.8e4bf585.chunk.js",
     "static/js/9388.20842728.chunk.js": "./static/js/9388.20842728.chunk.js",
-    "static/js/483.96dc1806.chunk.js": "./static/js/483.96dc1806.chunk.js",
+    "static/js/483.ef8155e7.chunk.js": "./static/js/483.ef8155e7.chunk.js",
     "static/js/9467.e157f032.chunk.js": "./static/js/9467.e157f032.chunk.js",
     "static/js/6895.5d78f23b.chunk.js": "./static/js/6895.5d78f23b.chunk.js",
     "static/js/1379.7e93fe73.chunk.js": "./static/js/1379.7e93fe73.chunk.js",
@@ -80,8 +80,8 @@
     "static/js/4934.72071d47.chunk.js": "./static/js/4934.72071d47.chunk.js",
     "static/js/9942.406de82c.chunk.js": "./static/js/9942.406de82c.chunk.js",
     "static/js/7021.2df7e2e0.chunk.js": "./static/js/7021.2df7e2e0.chunk.js",
-    "static/js/2684.52d25845.chunk.js": "./static/js/2684.52d25845.chunk.js",
-    "static/js/6683.f9402dc8.chunk.js": "./static/js/6683.f9402dc8.chunk.js",
+    "static/js/2684.52b792c0.chunk.js": "./static/js/2684.52b792c0.chunk.js",
+    "static/js/6683.993a0cfc.chunk.js": "./static/js/6683.993a0cfc.chunk.js",
     "static/js/8350.ee721e94.chunk.js": "./static/js/8350.ee721e94.chunk.js",
     "static/js/4873.6fb2072e.chunk.js": "./static/js/4873.6fb2072e.chunk.js",
     "static/js/5367.991f75c4.chunk.js": "./static/js/5367.991f75c4.chunk.js",
@@ -141,14 +141,14 @@
     "static/js/5289.39c9d169.chunk.js": "./static/js/5289.39c9d169.chunk.js",
     "index.html": "./index.html",
     "main.90d417ae.css.map": "./static/css/main.90d417ae.css.map",
-    "main.44b939e3.js.map": "./static/js/main.44b939e3.js.map",
+    "main.ccc73c66.js.map": "./static/js/main.ccc73c66.js.map",
     "6914.ed2f1662.chunk.js.map": "./static/js/6914.ed2f1662.chunk.js.map",
     "4209.05b25520.chunk.js.map": "./static/js/4209.05b25520.chunk.js.map",
     "1829.223fb198.chunk.js.map": "./static/js/1829.223fb198.chunk.js.map",
     "4455.596f5a0d.chunk.js.map": "./static/js/4455.596f5a0d.chunk.js.map",
     "5088.7692271b.chunk.js.map": "./static/js/5088.7692271b.chunk.js.map",
     "5140.b1dd0e23.chunk.js.map": "./static/js/5140.b1dd0e23.chunk.js.map",
-    "5997.59dab43a.chunk.js.map": "./static/js/5997.59dab43a.chunk.js.map",
+    "1260.5eb8500b.chunk.js.map": "./static/js/1260.5eb8500b.chunk.js.map",
     "3176.121f3468.chunk.js.map": "./static/js/3176.121f3468.chunk.js.map",
     "6137.2c486126.chunk.js.map": "./static/js/6137.2c486126.chunk.js.map",
     "7045.bc049940.chunk.js.map": "./static/js/7045.bc049940.chunk.js.map",
@@ -163,7 +163,7 @@
     "9611.c217768e.chunk.js.map": "./static/js/9611.c217768e.chunk.js.map",
     "2637.97fe472e.chunk.js.map": "./static/js/2637.97fe472e.chunk.js.map",
     "5503.90c9cdc7.chunk.css.map": "./static/css/5503.90c9cdc7.chunk.css.map",
-    "5503.dad78ff5.chunk.js.map": "./static/js/5503.dad78ff5.chunk.js.map",
+    "5503.79a2f464.chunk.js.map": "./static/js/5503.79a2f464.chunk.js.map",
     "5926.c0387455.chunk.js.map": "./static/js/5926.c0387455.chunk.js.map",
     "701.05206868.chunk.js.map": "./static/js/701.05206868.chunk.js.map",
     "7821.bda18452.chunk.js.map": "./static/js/7821.bda18452.chunk.js.map",
@@ -194,7 +194,7 @@
     "7798.b974925d.chunk.js.map": "./static/js/7798.b974925d.chunk.js.map",
     "8833.8e4bf585.chunk.js.map": "./static/js/8833.8e4bf585.chunk.js.map",
     "9388.20842728.chunk.js.map": "./static/js/9388.20842728.chunk.js.map",
-    "483.96dc1806.chunk.js.map": "./static/js/483.96dc1806.chunk.js.map",
+    "483.ef8155e7.chunk.js.map": "./static/js/483.ef8155e7.chunk.js.map",
     "9467.e157f032.chunk.js.map": "./static/js/9467.e157f032.chunk.js.map",
     "6895.5d78f23b.chunk.js.map": "./static/js/6895.5d78f23b.chunk.js.map",
     "1379.7e93fe73.chunk.js.map": "./static/js/1379.7e93fe73.chunk.js.map",
@@ -220,8 +220,8 @@
     "4934.72071d47.chunk.js.map": "./static/js/4934.72071d47.chunk.js.map",
     "9942.406de82c.chunk.js.map": "./static/js/9942.406de82c.chunk.js.map",
     "7021.2df7e2e0.chunk.js.map": "./static/js/7021.2df7e2e0.chunk.js.map",
-    "2684.52d25845.chunk.js.map": "./static/js/2684.52d25845.chunk.js.map",
-    "6683.f9402dc8.chunk.js.map": "./static/js/6683.f9402dc8.chunk.js.map",
+    "2684.52b792c0.chunk.js.map": "./static/js/2684.52b792c0.chunk.js.map",
+    "6683.993a0cfc.chunk.js.map": "./static/js/6683.993a0cfc.chunk.js.map",
     "8350.ee721e94.chunk.js.map": "./static/js/8350.ee721e94.chunk.js.map",
     "4873.6fb2072e.chunk.js.map": "./static/js/4873.6fb2072e.chunk.js.map",
     "5367.991f75c4.chunk.js.map": "./static/js/5367.991f75c4.chunk.js.map",
@@ -282,6 +282,6 @@
   },
   "entrypoints": [
     "static/css/main.90d417ae.css",
-    "static/js/main.44b939e3.js"
+    "static/js/main.ccc73c66.js"
   ]
 }

portal-ui/build/index.html

@@ -1 +1 @@
-<!doctype html><html lang="en"><head><meta charset="utf-8"/><base href="/"/><meta content="width=device-width,initial-scale=1" name="viewport"/><meta content="#081C42" media="(prefers-color-scheme: light)" name="theme-color"/><meta content="#081C42" media="(prefers-color-scheme: dark)" name="theme-color"/><meta content="MinIO Console" name="description"/><link href="./styles/root-styles.css" rel="stylesheet"/><link href="./apple-icon-180x180.png" rel="apple-touch-icon" sizes="180x180"/><link href="./favicon-32x32.png" rel="icon" sizes="32x32" type="image/png"/><link href="./favicon-96x96.png" rel="icon" sizes="96x96" type="image/png"/><link href="./favicon-16x16.png" rel="icon" sizes="16x16" type="image/png"/><link href="./manifest.json" rel="manifest"/><link color="#3a4e54" href="./safari-pinned-tab.svg" rel="mask-icon"/><title>MinIO Console</title><script defer="defer" src="./static/js/main.44b939e3.js"></script><link href="./static/css/main.90d417ae.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"><div id="preload"><img src="./images/background.svg"/> <img src="./images/background-wave-orig2.svg"/></div><div id="loader-block"><img src="./Loader.svg"/></div></div></body></html>
+<!doctype html><html lang="en"><head><meta charset="utf-8"/><base href="/"/><meta content="width=device-width,initial-scale=1" name="viewport"/><meta content="#081C42" media="(prefers-color-scheme: light)" name="theme-color"/><meta content="#081C42" media="(prefers-color-scheme: dark)" name="theme-color"/><meta content="MinIO Console" name="description"/><link href="./styles/root-styles.css" rel="stylesheet"/><link href="./apple-icon-180x180.png" rel="apple-touch-icon" sizes="180x180"/><link href="./favicon-32x32.png" rel="icon" sizes="32x32" type="image/png"/><link href="./favicon-96x96.png" rel="icon" sizes="96x96" type="image/png"/><link href="./favicon-16x16.png" rel="icon" sizes="16x16" type="image/png"/><link href="./manifest.json" rel="manifest"/><link color="#3a4e54" href="./safari-pinned-tab.svg" rel="mask-icon"/><title>MinIO Console</title><script defer="defer" src="./static/js/main.ccc73c66.js"></script><link href="./static/css/main.90d417ae.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"><div id="preload"><img src="./images/background.svg"/> <img src="./images/background-wave-orig2.svg"/></div><div id="loader-block"><img src="./Loader.svg"/></div></div></body></html>

portal-ui/src/screens/Console/Speedtest/Speedtest.tsx

@@ -88,6 +88,7 @@ const Speedtest = () => {
 
   const [size, setSize] = useState<string>("64");
   const [sizeUnit, setSizeUnit] = useState<string>("MB");
+  const [duration, setDuration] = useState<string>("10");
 
   const [topDate, setTopDate] = useState<number>(0);
   const [currentValue, setCurrentValue] = useState<number>(0);
@@ -107,7 +108,7 @@ const Speedtest = () => {
 
       const wsProt = wsProtocol(url.protocol);
       const c = new W3CWebSocket(
-        `${wsProt}://${url.hostname}:${port}${baseUrl}ws/speedtest?&size=${size}${sizeUnit}`
+        `${wsProt}://${url.hostname}:${port}${baseUrl}ws/speedtest?&size=${size}${sizeUnit}&duration=${duration}s`
       );
 
       const baseDate = moment();
@@ -167,7 +168,7 @@ const Speedtest = () => {
       // reset start status
       setStart(false);
     }
-  }, [size, sizeUnit, start]);
+  }, [size, sizeUnit, start, duration]);
 
   useEffect(() => {
     const actualSeconds = (topDate - currentValue) / 1000;
@@ -197,7 +198,7 @@ const Speedtest = () => {
           >
             <Grid item xs={12} className={classes.boxy}>
               <Grid container>
-                <Grid item md={6} sm={12}>
+                <Grid item md={4} sm={12}>
                   <div className={classes.stepProgressText}>
                     {start ? (
                       <Fragment>
@@ -223,7 +224,7 @@ const Speedtest = () => {
                     />
                   </div>
                 </Grid>
-                <Grid item xs={4}>
+                <Grid item md sm={12}>
                   <div style={{ marginLeft: 10, width: 300 }}>
                     <InputBoxWrapper
                       id={"size"}
@@ -251,7 +252,34 @@ const Speedtest = () => {
                     />
                   </div>
                 </Grid>
-                <Grid item xs={2} textAlign={"right"}>
+                <Grid item md sm={12}>
+                  <div style={{ marginLeft: 10, width: 300 }}>
+                    <InputBoxWrapper
+                      id={"duration"}
+                      name={"duration"}
+                      label={"Duration"}
+                      onChange={(e) => {
+                        if (e.target.validity.valid) {
+                          setDuration(e.target.value);
+                        }
+                      }}
+                      noLabelMinWidth={true}
+                      value={duration}
+                      disabled={start}
+                      overlayObject={
+                        <InputUnitMenu
+                          id={"size-unit"}
+                          onUnitChange={() => {}}
+                          unitSelected={"s"}
+                          unitsList={[{ label: "s", value: "s" }]}
+                          disabled={start}
+                        />
+                      }
+                      pattern={"[0-9]*"}
+                    />
+                  </div>
+                </Grid>
+                <Grid item md={1} sm={12} textAlign={"right"}>
                   <Button
                     onClick={() => {
                       setCurrStatus(null);
@@ -264,7 +292,9 @@ const Speedtest = () => {
                       currStatus !== null && !start ? "contained" : "outlined"
                     }
                     className={`${classes.buttonBackground} ${classes.speedStart}`}
-                    disabled={"10".trim() === "" || size.trim() === "" || start}
+                    disabled={
+                      duration.trim() === "" || size.trim() === "" || start
+                    }
                   >
                     {!start && (
                       <Fragment>

portal-ui/src/screens/Console/Support/Profile.tsx

@@ -1,4 +1,5 @@
 import React, { Fragment, useState } from "react";
+import { IMessageEvent, w3cwebsocket as W3CWebSocket } from "websocket";
 import { Theme } from "@mui/material/styles";
 import createStyles from "@mui/styles/createStyles";
 import withStyles from "@mui/styles/withStyles";
@@ -6,8 +7,7 @@ import { Button, Grid } from "@mui/material";
 import PageHeader from "../Common/PageHeader/PageHeader";
 import PageLayout from "../Common/Layout/PageLayout";
 import CheckboxWrapper from "../Common/FormComponents/CheckboxWrapper/CheckboxWrapper";
-import api from "../../../common/api";
-import { ErrorResponseHandler } from "../../../common/types";
+import { wsProtocol } from "../../../utils/wsUtils";
 import {
   actionsTray,
   containerForHeader,
@@ -52,6 +52,8 @@ interface IProfileProps {
   classes: any;
 }
 
+var c: any = null;
+
 const Profile = ({ classes }: IProfileProps) => {
   const [profilingStarted, setProfilingStarted] = useState<boolean>(false);
   const [types, setTypes] = useState<string[]>([
@@ -85,43 +87,53 @@ const Profile = ({ classes }: IProfileProps) => {
   };
 
   const startProfiling = () => {
-    if (!profilingStarted) {
-      const typeString = types.join(",");
-      setProfilingStarted(true);
-      api
-        .invoke("POST", `/api/v1/profiling/start`, {
-          type: typeString,
-        })
-        .then(() => {})
-        .catch((err: ErrorResponseHandler) => {
-          console.log(err);
-          setProfilingStarted(false);
-        });
+    const typeString = types.join(",");
+
+    const url = new URL(window.location.toString());
+    const isDev = process.env.NODE_ENV === "development";
+    const port = isDev ? "9090" : url.port;
+
+    // check if we are using base path, if not this always is `/`
+    const baseLocation = new URL(document.baseURI);
+    const baseUrl = baseLocation.pathname;
+
+    const wsProt = wsProtocol(url.protocol);
+    c = new W3CWebSocket(
+      `${wsProt}://${url.hostname}:${port}${baseUrl}ws/profile?types=${typeString}`
+    );
+
+    if (c !== null) {
+      c.onopen = () => {
+        setProfilingStarted(true);
+        c.send("ok");
+      };
+      c.onmessage = (message: IMessageEvent) => {
+        // process received message
+        let response = new Blob([message.data], { type: "application/zip" });
+        let filename = "profile.zip";
+        setProfilingStarted(false);
+        var link = document.createElement("a");
+        link.href = window.URL.createObjectURL(response);
+        link.download = filename;
+        document.body.appendChild(link);
+        link.click();
+        document.body.removeChild(link);
+      };
+      c.onclose = () => {
+        console.log("connection closed by server");
+        setProfilingStarted(false);
+      };
+      return () => {
+        c.close(1000);
+        console.log("closing websockets");
+        setProfilingStarted(false);
+      };
     }
   };
 
   const stopProfiling = () => {
-    if (profilingStarted) {
-      const anchor = document.createElement("a");
-      document.body.appendChild(anchor);
-      let path = "/api/v1/profiling/stop";
-      var req = new XMLHttpRequest();
-      req.open("POST", path, true);
-      req.responseType = "blob";
-      req.onreadystatechange = () => {
-        if (req.readyState === 4 && req.status === 200) {
-          let filename = "profile.zip";
-          setProfilingStarted(false);
-          var link = document.createElement("a");
-          link.href = window.URL.createObjectURL(req.response);
-          link.download = filename;
-          document.body.appendChild(link);
-          link.click();
-          document.body.removeChild(link);
-        }
-      };
-      req.send();
-    }
+    c.close(1000);
+    setProfilingStarted(false);
   };
 
   return (

portal-ui/src/screens/Console/Tenants/AddTenant/Steps/IdentityProvider/IDPBuiltIn.tsx

@@ -182,30 +182,28 @@ const IDPBuiltIn = () => {
                 error={validationErrors[`secretkey-${index.toString()}`] || ""}
               />
               <div className={classes.buttonTray}>
-                <Tooltip title="Add User" aria-label="add">
-                  <div className={classes.overlayAction}>
-                    <IconButton
-                      size={"small"}
-                      onClick={() => {
-                        dispatch(addIDPNewKeyPair());
-                      }}
-                    >
-                      <AddIcon />
-                    </IconButton>
-                  </div>
-                </Tooltip>
-                <Tooltip title="Remove" aria-label="add">
-                  <div className={classes.overlayAction}>
-                    <IconButton
-                      size={"small"}
-                      onClick={() => {
-                        dispatch(removeIDPKeyPairAtIndex(index));
-                      }}
-                    >
-                      <RemoveIcon />
-                    </IconButton>
-                  </div>
-                </Tooltip>
+                <div className={classes.overlayAction}>
+                  <IconButton
+                    size={"small"}
+                    onClick={() => {
+                      dispatch(addIDPNewKeyPair());
+                    }}
+                    disabled={index !== accessKeys.length - 1}
+                  >
+                    <AddIcon />
+                  </IconButton>
+                </div>
+                <div className={classes.overlayAction}>
+                  <IconButton
+                    size={"small"}
+                    onClick={() => {
+                      dispatch(removeIDPKeyPairAtIndex(index));
+                    }}
+                    disabled={accessKeys.length <= 1}
+                  >
+                    <RemoveIcon />
+                  </IconButton>
+                </div>
                 <Tooltip title="Randomize Credentials" aria-label="add">
                   <div className={classes.overlayAction}>
                     <IconButton

portal-ui/src/screens/Console/Tenants/AddTenant/Steps/Security.tsx

@@ -30,7 +30,7 @@ import { AppState, useAppDispatch } from "../../../../../store";
 import { KeyPair } from "../../ListTenants/utils";
 import FormSwitchWrapper from "../../../Common/FormComponents/FormSwitchWrapper/FormSwitchWrapper";
 import FileSelector from "../../../Common/FormComponents/FileSelector/FileSelector";
-import AddIcon from "../../../../../icons/AddIcon";
+import AddIcon from "@mui/icons-material/Add";
 import RemoveIcon from "../../../../../icons/RemoveIcon";
 import SectionTitle from "../../../Common/SectionTitle";
 import {
@@ -43,6 +43,7 @@ import {
   isPageValid,
   updateAddField,
 } from "../createTenantSlice";
+import TLSHelpBox from "../../HelpBox/TLSHelpBox";
 
 interface ISecurityProps {
   classes: any;
@@ -223,9 +224,14 @@ const Security = ({ classes }: ISecurityProps) => {
             </Grid>
             {enableCustomCerts && (
               <Fragment>
+                {!enableAutoCert && (
+                  <Grid item xs={12}>
+                    <TLSHelpBox />
+                  </Grid>
+                )}
                 <Grid item xs={12} className={classes.minioCertsContainer}>
                   <SectionTitle>MinIO Certificates</SectionTitle>
-                  {minioCertificates.map((keyPair: KeyPair) => (
+                  {minioCertificates.map((keyPair: KeyPair, index) => (
                     <Grid
                       item
                       xs={12}
@@ -276,6 +282,7 @@ const Security = ({ classes }: ISecurityProps) => {
                             onClick={() => {
                               dispatch(addKeyPair());
                             }}
+                            disabled={index !== minioCertificates.length - 1}
                           >
                             <AddIcon />
                           </IconButton>
@@ -286,6 +293,7 @@ const Security = ({ classes }: ISecurityProps) => {
                             onClick={() => {
                               dispatch(deleteKeyPair(keyPair.id));
                             }}
+                            disabled={minioCertificates.length <= 1}
                           >
                             <RemoveIcon />
                           </IconButton>
@@ -298,7 +306,7 @@ const Security = ({ classes }: ISecurityProps) => {
                 <Grid item xs={12} className={classes.minioCertsContainer}>
                   <SectionTitle>MinIO CA Certificates</SectionTitle>
 
-                  {caCertificates.map((keyPair: KeyPair) => (
+                  {caCertificates.map((keyPair: KeyPair, index) => (
                     <Grid
                       item
                       xs={12}
@@ -332,6 +340,7 @@ const Security = ({ classes }: ISecurityProps) => {
                               onClick={() => {
                                 dispatch(addCaCertificate());
                               }}
+                              disabled={index !== caCertificates.length - 1}
                             >
                               <AddIcon />
                             </IconButton>
@@ -342,6 +351,7 @@ const Security = ({ classes }: ISecurityProps) => {
                               onClick={() => {
                                 dispatch(deleteCaCertificate(keyPair.id));
                               }}
+                              disabled={caCertificates.length <= 1}
                             >
                               <RemoveIcon />
                             </IconButton>

portal-ui/src/screens/Console/Tenants/HelpBox/TLSHelpBox.tsx

@@ -0,0 +1,124 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+import React from "react";
+import { useSelector } from "react-redux";
+import { Box } from "@mui/material";
+import CertificateIcon from "../../../../icons/CertificateIcon";
+import { AppState } from "../../../../store";
+
+const FeatureItem = ({
+  icon,
+  description,
+}: {
+  icon: any;
+  description: string;
+}) => {
+  return (
+    <Box
+      sx={{
+        display: "flex",
+        "& .min-icon": {
+          marginRight: "10px",
+          height: "23px",
+          width: "23px",
+          marginBottom: "10px",
+        },
+      }}
+    >
+      {icon}{" "}
+      <div style={{ fontSize: "14px", fontStyle: "italic", color: "#5E5E5E" }}>
+        {description}
+      </div>
+    </Box>
+  );
+};
+const TLSHelpBox = () => {
+  const namespace = useSelector((state: AppState) => {
+    return state.createTenant.fields.nameTenant.namespace || "<namespace>";
+  });
+
+  const tenantName = useSelector((state: AppState) => {
+    return state.createTenant.fields.nameTenant.tenantName || "<tenant-name>";
+  });
+
+  return (
+    <Box
+      sx={{
+        flex: 1,
+        border: "1px solid #eaeaea",
+        borderRadius: "2px",
+        display: "flex",
+        flexFlow: "column",
+        padding: "20px",
+        marginTop: {
+          xs: "0px",
+        },
+      }}
+    >
+      <Box
+        sx={{
+          display: "flex",
+          flexFlow: "column",
+        }}
+      >
+        <FeatureItem
+          icon={<CertificateIcon />}
+          description={`TLS Certificates Warning`}
+        />
+        <Box sx={{ fontSize: "14px", marginBottom: "15px" }}>
+          Automatic certificate generation is not enabled.
+          <br />
+          <br />
+          If you wish to continue only with <b>custom certificates</b> make sure
+          they are valid for the following internode hostnames, i.e.:
+          <br />
+          <br />
+          <div
+            style={{ fontSize: "14px", fontStyle: "italic", color: "#5E5E5E" }}
+          >
+            minio.{namespace}
+            <br />
+            minio.{namespace}.svc
+            <br />
+            minio.{namespace}.svc.&#x3C;cluster domain&#x3E;
+            <br />
+            *.{tenantName}-hl.{namespace}.svc.&#x3C;cluster domain&#x3E;
+            <br />
+            *.{namespace}.svc.&#x3C;cluster domain&#x3E;
+          </div>
+          <br />
+          Replace <em>&#x3C;tenant-name&#x3E;</em>,{" "}
+          <em>&#x3C;namespace&#x3E;</em> and
+          <em>&#x3C;cluster domain&#x3E;</em> with the actual values for your
+          MinIO tenant.
+          <br />
+          <br />
+          You can learn more at our{" "}
+          <a
+            href="https://docs.min.io/minio/k8s/security/security.html?ref=op#id5"
+            target="_blank"
+            rel="noreferrer"
+          >
+            documentation
+          </a>
+          .
+        </Box>
+      </Box>
+    </Box>
+  );
+};
+
+export default TLSHelpBox;

replication/replication_test.go

@@ -50,7 +50,7 @@ func initConsoleServer() (*restapi.Server, error) {
 	restapi.LogInfo = noLog
 	restapi.LogError = noLog
 
-	api := operations.NewConsoleAPI(swaggerSpec, nil)
+	api := operations.NewConsoleAPI(swaggerSpec)
 	api.Logger = noLog
 
 	server := restapi.NewServer(api)

restapi/admin_arns_test.go

@@ -69,7 +69,7 @@ func TestRegisterAdminArnsHandlers(t *testing.T) {
 	if err != nil {
 		assert.Fail("Error")
 	}
-	api := operations.NewConsoleAPI(swaggerSpec, nil)
+	api := operations.NewConsoleAPI(swaggerSpec)
 	api.SystemArnListHandler = nil
 	registerAdminArnsHandlers(api)
 	if api.SystemArnListHandler == nil {

restapi/admin_profiling.go

@@ -18,59 +18,32 @@ package restapi
 
 import (
 	"context"
-	"io"
+	"io/ioutil"
 	"net/http"
 
-	"github.com/go-openapi/runtime"
-	"github.com/go-openapi/runtime/middleware"
+	"github.com/gorilla/websocket"
 	"github.com/minio/console/models"
-	"github.com/minio/console/restapi/operations"
-	profileApi "github.com/minio/console/restapi/operations/profile"
 	"github.com/minio/madmin-go"
 )
 
-func registerProfilingHandler(api *operations.ConsoleAPI) {
-	// Start Profiling
-	api.ProfileProfilingStartHandler = profileApi.ProfilingStartHandlerFunc(func(params profileApi.ProfilingStartParams, session *models.Principal) middleware.Responder {
-		profilingStartResponse, err := getProfilingStartResponse(session, params)
-		if err != nil {
-			return profileApi.NewProfilingStartDefault(int(err.Code)).WithPayload(err)
-		}
-		return profileApi.NewProfilingStartCreated().WithPayload(profilingStartResponse)
-	})
-	// Stop and download profiling data
-	api.ProfileProfilingStopHandler = profileApi.ProfilingStopHandlerFunc(func(params profileApi.ProfilingStopParams, session *models.Principal) middleware.Responder {
-		profilingStopResponse, err := getProfilingStopResponse(session, params)
-		if err != nil {
-			return profileApi.NewProfilingStopDefault(int(err.Code)).WithPayload(err)
-		}
-		// Custom response writer to set the content-disposition header to tell the
-		// HTTP client the name and extension of the file we are returning
-		return middleware.ResponderFunc(func(w http.ResponseWriter, _ runtime.Producer) {
-			defer profilingStopResponse.Close()
-			w.Header().Set("Content-Type", "application/zip")
-			w.Header().Set("Content-Disposition", "attachment; filename=profile.zip")
-			io.Copy(w, profilingStopResponse)
-		})
-	})
+var items []*models.StartProfilingItem
+
+type profileOptions struct {
+	Types string
 }
 
-// startProfiling() starts the profiling on the Minio server
-// Enable 1 of the 7 profiling mechanisms: "cpu","mem","block","mutex","trace","threads","goroutines"
-// in the Minio server, returns []*models.StartProfilingItem that contains individual status of this operation
-// for each Minio node, ie:
-//
-//	{
-//		"Success": true,
-//		"nodeName": "127.0.0.1:9000"
-//		"errors": ""
-//	}
-func startProfiling(ctx context.Context, client MinioAdmin, profilerType string) ([]*models.StartProfilingItem, error) {
-	profilingResults, err := client.startProfiling(ctx, madmin.ProfilerType(profilerType))
+func getProfileOptionsFromReq(req *http.Request) (*profileOptions, error) {
+	pOptions := profileOptions{}
+	pOptions.Types = req.FormValue("types")
+	return &pOptions, nil
+}
+
+func startProfiling(ctx context.Context, conn WSConn, client MinioAdmin, pOpts *profileOptions) error {
+	profilingResults, err := client.startProfiling(ctx, madmin.ProfilerType(pOpts.Types))
 	if err != nil {
-		return nil, err
+		return err
 	}
-	var items []*models.StartProfilingItem
+	items = []*models.StartProfilingItem{}
 	for _, result := range profilingResults {
 		items = append(items, &models.StartProfilingItem{
 			Success:  result.Success,
@@ -78,57 +51,13 @@ func startProfiling(ctx context.Context, client MinioAdmin, profilerType string)
 			NodeName: result.NodeName,
 		})
 	}
-	return items, nil
-}
-
-// getProfilingStartResponse performs startProfiling() and serializes it to the handler's output
-func getProfilingStartResponse(session *models.Principal, params profileApi.ProfilingStartParams) (*models.StartProfilingList, *models.Error) {
-	ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
-	defer cancel()
-	if params.Body == nil {
-		return nil, ErrorWithContext(ctx, ErrPolicyBodyNotInRequest)
-	}
-	mAdmin, err := NewMinioAdminClient(session)
-	if err != nil {
-		return nil, ErrorWithContext(ctx, err)
-	}
-	// create a MinIO Admin Client interface implementation
-	// defining the client to be used
-	adminClient := AdminClient{Client: mAdmin}
-	profilingItems, err := startProfiling(ctx, adminClient, *params.Body.Type)
-	if err != nil {
-		return nil, ErrorWithContext(ctx, err)
-	}
-	profilingList := &models.StartProfilingList{
-		StartResults: profilingItems,
-		Total:        int64(len(profilingItems)),
-	}
-	return profilingList, nil
-}
-
-// stopProfiling() stop the profiling on the Minio server and returns
-// the generated Zip file as io.ReadCloser
-func stopProfiling(ctx context.Context, client MinioAdmin) (io.ReadCloser, error) {
 	zippedData, err := client.stopProfiling(ctx)
 	if err != nil {
-		return nil, err
+		return err
 	}
-	return zippedData, nil
-}
-
-// getProfilingStopResponse() performs SetPolicy() and serializes it to the handler's output
-func getProfilingStopResponse(session *models.Principal, params profileApi.ProfilingStopParams) (io.ReadCloser, *models.Error) {
-	ctx := params.HTTPRequest.Context()
-	mAdmin, err := NewMinioAdminClient(session)
+	message, err := ioutil.ReadAll(zippedData)
 	if err != nil {
-		return nil, ErrorWithContext(ctx, err)
+		return err
 	}
-	// create a MinIO Admin Client interface implementation
-	// defining the client to be used
-	adminClient := AdminClient{Client: mAdmin}
-	profilingData, err := stopProfiling(ctx, adminClient)
-	if err != nil {
-		return nil, ErrorWithContext(ctx, err)
-	}
-	return profilingData, nil
+	return conn.writeMessage(websocket.BinaryMessage, message)
 }

restapi/admin_profiling_test.go

@@ -21,6 +21,8 @@ import (
 	"context"
 	"errors"
 	"io"
+	"net/http"
+	"net/url"
 	"testing"
 
 	"github.com/minio/madmin-go"
@@ -32,22 +34,38 @@ var (
 	minioStopProfiling  func() (io.ReadCloser, error)
 )
 
-// mock function of startProfiling()
+// mock function for startProfiling()
 func (ac adminClientMock) startProfiling(ctx context.Context, profiler madmin.ProfilerType) ([]madmin.StartProfilingResult, error) {
 	return minioStartProfiling(profiler)
 }
 
-// mock function of stopProfiling()
+// mock function for stopProfiling()
 func (ac adminClientMock) stopProfiling(ctx context.Context) (io.ReadCloser, error) {
 	return minioStopProfiling()
 }
 
+// Implementing fake closingBuffer to mock stopProfiling() (io.ReadCloser, error)
+type ClosingBuffer struct {
+	*bytes.Buffer
+}
+
+// Implementing a fake Close function for io.ReadCloser
+func (cb *ClosingBuffer) Close() error {
+	return nil
+}
+
 func TestStartProfiling(t *testing.T) {
 	ctx, cancel := context.WithCancel(context.Background())
 	defer cancel()
 	assert := assert.New(t)
 	adminClient := adminClientMock{}
-	// Test-1 : startProfiling() Get response from Minio server with one profiling object
+	mockWSConn := mockConn{}
+	function := "startProfiling()"
+	testOptions := &profileOptions{
+		Types: "cpu",
+	}
+
+	// Test-1 : startProfiling() Get response from MinIO server with one profiling object without errors
 	// mock function response from startProfiling()
 	minioStartProfiling = func(profiler madmin.ProfilerType) ([]madmin.StartProfilingResult, error) {
 		return []madmin.StartProfilingResult{
@@ -63,56 +81,40 @@ func TestStartProfiling(t *testing.T) {
 			},
 		}, nil
 	}
-	function := "startProfiling()"
-	cpuProfiler := "cpu"
-	startProfilingResults, err := startProfiling(ctx, adminClient, cpuProfiler)
+	// mock function response from stopProfiling()
+	minioStopProfiling = func() (io.ReadCloser, error) {
+		return &ClosingBuffer{bytes.NewBufferString("In memory string eaeae")}, nil
+	}
+	// mock function response from mockConn.writeMessage()
+	connWriteMessageMock = func(messageType int, p []byte) error {
+		return nil
+	}
+	err := startProfiling(ctx, mockWSConn, adminClient, testOptions)
 	if err != nil {
 		t.Errorf("Failed on %s:, error occurred: %s", function, err.Error())
 	}
-	assert.Equal(2, len(startProfilingResults))
-	// Test-2 : startProfiling() Correctly handles errors returned by Minio
+	assert.Equal(err, nil)
+
+	// Test-2 : startProfiling() Correctly handles errors returned by MinIO
 	// mock function response from startProfiling()
 	minioStartProfiling = func(profiler madmin.ProfilerType) ([]madmin.StartProfilingResult, error) {
 		return nil, errors.New("error")
 	}
-	_, err = startProfiling(ctx, adminClient, cpuProfiler)
+	err = startProfiling(ctx, mockWSConn, adminClient, testOptions)
 	if assert.Error(err) {
 		assert.Equal("error", err.Error())
 	}
-}
 
-// Implementing fake closingBuffer need it to mock stopProfiling() (io.ReadCloser, error)
-type ClosingBuffer struct {
-	*bytes.Buffer
-}
-
-// Implementing a fake Close function for io.ReadCloser
-func (cb *ClosingBuffer) Close() error {
-	return nil
-}
-
-func TestStopProfiling(t *testing.T) {
-	ctx, cancel := context.WithCancel(context.Background())
-	defer cancel()
-	assert := assert.New(t)
-	adminClient := adminClientMock{}
-	// Test-1 : stopProfiling() Get response from Minio server and that response is a readCloser interface
-	// mock function response from startProfiling()
-	minioStopProfiling = func() (io.ReadCloser, error) {
-		return &ClosingBuffer{bytes.NewBufferString("In memory string eaeae")}, nil
+	// Test-3: getProfileOptionsFromReq() correctly returns profile options from request
+	u, _ := url.Parse("ws://localhost/ws/profile?types=cpu,mem,block,mutex,trace,threads,goroutines")
+	req := &http.Request{
+		URL: u,
 	}
-	function := "stopProfiling()"
-	_, err := stopProfiling(ctx, adminClient)
-	if err != nil {
-		t.Errorf("Failed on %s:, error occurred: %s", function, err.Error())
-	}
-	// Test-2 : stopProfiling() Correctly handles errors returned by Minio
-	// mock function response from stopProfiling()
-	minioStopProfiling = func() (io.ReadCloser, error) {
-		return nil, errors.New("error")
-	}
-	_, err = stopProfiling(ctx, adminClient)
-	if assert.Error(err) {
-		assert.Equal("error", err.Error())
+	opts, err := getProfileOptionsFromReq(req)
+	if assert.NoError(err) {
+		expectedOptions := profileOptions{
+			Types: "cpu,mem,block,mutex,trace,threads,goroutines",
+		}
+		assert.Equal(expectedOptions.Types, opts.Types)
 	}
 }

restapi/config.go

@@ -22,6 +22,7 @@ import (
 	"strconv"
 	"strings"
 
+	"github.com/minio/console/pkg/auth/idp/oauth2"
 	xcerts "github.com/minio/pkg/certs"
 	"github.com/minio/pkg/env"
 	xnet "github.com/minio/pkg/net"
@@ -46,6 +47,25 @@ var (
 	ConsoleResourceName = "console-ui"
 )
 
+var (
+	// GlobalRootCAs is CA root certificates, a nil value means system certs pool will be used
+	GlobalRootCAs *x509.CertPool
+	// GlobalPublicCerts has certificates Console will use to serve clients
+	GlobalPublicCerts []*x509.Certificate
+	// GlobalTLSCertsManager custom TLS Manager for SNI support
+	GlobalTLSCertsManager *xcerts.Manager
+)
+
+// MinIOConfig represents application configuration passed in from the MinIO
+// server to the console.
+type MinIOConfig struct {
+	OpenIDProviders oauth2.OpenIDPCfg
+}
+
+// GlobalMinIOConfig is the global application configuration passed in from the
+// MinIO server.
+var GlobalMinIOConfig MinIOConfig
+
 func getMinIOServer() string {
 	return strings.TrimSpace(env.Get(ConsoleMinIOServer, "http://localhost:9000"))
 }
@@ -234,12 +254,3 @@ func getPrometheusJobID() string {
 func getPrometheusExtraLabels() string {
 	return env.Get(PrometheusExtraLabels, "")
 }
-
-var (
-	// GlobalRootCAs is CA root certificates, a nil value means system certs pool will be used
-	GlobalRootCAs *x509.CertPool
-	// GlobalPublicCerts has certificates Console will use to serve clients
-	GlobalPublicCerts []*x509.Certificate
-	// GlobalTLSCertsManager custom TLS Manager for SNI support
-	GlobalTLSCertsManager *xcerts.Manager
-)

restapi/configure_console.go

@@ -118,8 +118,6 @@ func configureAPI(api *operations.ConsoleAPI) http.Handler {
 	registerBucketsLifecycleHandlers(api)
 	// Register service handlers
 	registerServiceHandlers(api)
-	// Register profiling handlers
-	registerProfilingHandler(api)
 	// Register session handlers
 	registerSessionHandlers(api)
 	// Register version handlers

restapi/operations/console_api.go

@@ -38,7 +38,6 @@ import (
 	"github.com/go-openapi/swag"
 
 	"github.com/minio/console/models"
-	"github.com/minio/console/pkg/auth/idp/oauth2"
 	"github.com/minio/console/restapi/operations/account"
 	"github.com/minio/console/restapi/operations/auth"
 	"github.com/minio/console/restapi/operations/bucket"
@@ -59,7 +58,7 @@ import (
 )
 
 // NewConsoleAPI creates a new Console instance
-func NewConsoleAPI(spec *loads.Document, openIDProviders oauth2.OpenIDPCfg) *ConsoleAPI {
+func NewConsoleAPI(spec *loads.Document) *ConsoleAPI {
 	return &ConsoleAPI{
 		handlers:            make(map[string]map[string]http.Handler),
 		formats:             strfmt.Default,
@@ -76,8 +75,6 @@ func NewConsoleAPI(spec *loads.Document, openIDProviders oauth2.OpenIDPCfg) *Con
 		APIKeyAuthenticator: security.APIKeyAuth,
 		BearerAuthenticator: security.BearerAuth,
 
-		OpenIDProviders: openIDProviders,
-
 		JSONConsumer:          runtime.JSONConsumer(),
 		MultipartformConsumer: runtime.DiscardConsumer,
 
@@ -484,9 +481,6 @@ type ConsoleAPI struct {
 	Middleware      func(middleware.Builder) http.Handler
 	useSwaggerUI    bool
 
-	// Configuration passed in from MinIO for MinIO console.
-	OpenIDProviders oauth2.OpenIDPCfg
-
 	// BasicAuthenticator generates a runtime.Authenticator from the supplied basic auth function.
 	// It has a default implementation in the security package, however you can replace it for your particular usage.
 	BasicAuthenticator func(security.UserPassAuthentication) runtime.Authenticator

restapi/user_login.go

@@ -35,7 +35,7 @@ import (
 func registerLoginHandlers(api *operations.ConsoleAPI) {
 	// GET login strategy
 	api.AuthLoginDetailHandler = authApi.LoginDetailHandlerFunc(func(params authApi.LoginDetailParams) middleware.Responder {
-		loginDetails, err := getLoginDetailsResponse(params, api.OpenIDProviders, oauth2.DefaultIDPConfig)
+		loginDetails, err := getLoginDetailsResponse(params, GlobalMinIOConfig.OpenIDProviders, oauth2.DefaultIDPConfig)
 		if err != nil {
 			return authApi.NewLoginDetailDefault(int(err.Code)).WithPayload(err)
 		}
@@ -56,7 +56,7 @@ func registerLoginHandlers(api *operations.ConsoleAPI) {
 	})
 	// POST login using external IDP
 	api.AuthLoginOauth2AuthHandler = authApi.LoginOauth2AuthHandlerFunc(func(params authApi.LoginOauth2AuthParams) middleware.Responder {
-		loginResponse, err := getLoginOauth2AuthResponse(params, api.OpenIDProviders, oauth2.DefaultIDPConfig)
+		loginResponse, err := getLoginOauth2AuthResponse(params, GlobalMinIOConfig.OpenIDProviders, oauth2.DefaultIDPConfig)
 		if err != nil {
 			return authApi.NewLoginOauth2AuthDefault(int(err.Code)).WithPayload(err)
 		}

restapi/ws_handle.go

@@ -250,7 +250,6 @@ func serveWS(w http.ResponseWriter, req *http.Request) {
 			closeWsConn(conn)
 			return
 		}
-
 		wsAdminClient, err := newWebSocketAdminClient(conn, session)
 		if err != nil {
 			ErrorWithContext(ctx, err)
@@ -258,6 +257,20 @@ func serveWS(w http.ResponseWriter, req *http.Request) {
 			return
 		}
 		go wsAdminClient.speedtest(ctx, speedtestOpts)
+	case strings.HasPrefix(wsPath, `/profile`):
+		pOptions, err := getProfileOptionsFromReq(req)
+		if err != nil {
+			ErrorWithContext(ctx, fmt.Errorf("error getting profile options: %v", err))
+			closeWsConn(conn)
+			return
+		}
+		wsAdminClient, err := newWebSocketAdminClient(conn, session)
+		if err != nil {
+			ErrorWithContext(ctx, err)
+			closeWsConn(conn)
+			return
+		}
+		go wsAdminClient.profile(ctx, pOptions)
 
 	default:
 		// path not found
@@ -464,6 +477,21 @@ func (wsc *wsAdminClient) speedtest(ctx context.Context, opts *madmin.SpeedtestO
 	sendWsCloseMessage(wsc.conn, err)
 }
 
+func (wsc *wsAdminClient) profile(ctx context.Context, opts *profileOptions) {
+	defer func() {
+		LogInfo("profile stopped")
+		// close connection after return
+		wsc.conn.close()
+	}()
+	LogInfo("profile started")
+
+	ctx = wsReadClientCtx(ctx, wsc.conn)
+
+	err := startProfiling(ctx, wsc.conn, wsc.client, opts)
+
+	sendWsCloseMessage(wsc.conn, err)
+}
+
 // sendWsCloseMessage sends Websocket Connection Close Message indicating the Status Code
 // see https://tools.ietf.org/html/rfc6455#page-45
 func sendWsCloseMessage(conn WSConn, err error) {

sso-integration/sso_test.go

@@ -62,9 +62,13 @@ func initConsoleServer(consoleIDPURL string) (*restapi.Server, error) {
 	restapi.LogInfo = noLog
 	restapi.LogError = noLog
 
-	api := operations.NewConsoleAPI(swaggerSpec, pcfg)
+	api := operations.NewConsoleAPI(swaggerSpec)
 	api.Logger = noLog
 
+	restapi.GlobalMinIOConfig = restapi.MinIOConfig{
+		OpenIDProviders: pcfg,
+	}
+
 	server := restapi.NewServer(api)
 	// register all APIs
 	server.ConfigureAPI()

swagger-operator.yml

@@ -1397,6 +1397,87 @@ paths:
             $ref: "#/definitions/error"
       tags:
         - OperatorAPI
+  /subnet/login:
+    post:
+      summary: Login to subnet
+      operationId: OperatorSubnetLogin
+      parameters:
+        - name: body
+          in: body
+          required: true
+          schema:
+            $ref: "#/definitions/operatorSubnetLoginRequest"
+      responses:
+        200:
+          description: A successful response.
+          schema:
+            $ref: "#/definitions/operatorSubnetLoginResponse"
+        default:
+          description: Generic error response.
+          schema:
+            $ref: "#/definitions/error"
+      tags:
+        - OperatorAPI
+  /subnet/login/mfa:
+    post:
+      summary: Login to subnet using mfa
+      operationId: OperatorSubnetLoginMFA
+      parameters:
+        - name: body
+          in: body
+          required: true
+          schema:
+            $ref: "#/definitions/operatorSubnetLoginMFARequest"
+      responses:
+        200:
+          description: A successful response.
+          schema:
+            $ref: "#/definitions/operatorSubnetLoginResponse"
+        default:
+          description: Generic error response.
+          schema:
+            $ref: "#/definitions/error"
+      tags:
+        - OperatorAPI
+  /subnet/apikey:
+    get:
+      summary: Subnet api key
+      operationId: OperatorSubnetApiKey
+      parameters:
+        - name: token
+          in: query
+          required: true
+          type: string
+      responses:
+        200:
+          description: A successful response.
+          schema:
+            $ref: "#/definitions/operatorSubnetAPIKey"
+        default:
+          description: Generic error response.
+          schema:
+            $ref: "#/definitions/error"
+      tags:
+        - OperatorAPI
+  /subnet/apikey/register:
+    post:
+      summary: Register Operator with Subnet
+      operationId: OperatorSubnetRegisterAPIKey
+      parameters:
+        - name: body
+          in: body
+          required: true
+          schema:
+            $ref: "#/definitions/operatorSubnetAPIKey"
+      responses:
+        200:
+          description: A successful response.
+        default:
+          description: Generic error response.
+          schema:
+            $ref: "#/definitions/error"
+      tags:
+        - OperatorAPI
 
 definitions:
   error:
@@ -3449,3 +3530,38 @@ definitions:
       isInEU:
         type: boolean
 
+  operatorSubnetLoginRequest:
+    type: object
+    properties:
+      username:
+        type: string
+      password:
+        type: string
+
+  operatorSubnetLoginResponse:
+    type: object
+    properties:
+      access_token:
+        type: string
+      mfa_token:
+        type: string
+
+  operatorSubnetLoginMFARequest:
+    type: object
+    required:
+      - username
+      - otp
+      - mfa_token
+    properties:
+      username:
+        type: string
+      otp:
+        type: string
+      mfa_token:
+        type: string
+
+  operatorSubnetAPIKey:
+    type: object
+    properties:
+      apiKey:
+        type: string