Updated assets file (#562)

Co-authored-by: Benjamin Perez <benjamin@bexsoft.net>

.dockerignore

@@ -4,3 +4,4 @@ target/
 console
 !console/
 portal-ui/node_modules/
+.git/

.github/workflows/go.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        go-version: [1.13.x, 1.14.x]
+        go-version: [1.15.x]
         os: [ubuntu-latest]
     steps:
       - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
@@ -33,4 +33,5 @@ jobs:
         run: |
           make verifiers
           make test
+          make crosscompile
           make console

.github/workflows/react.yml

@@ -0,0 +1,15 @@
+name: "React Tests"
+on:
+  push:
+  pull_request:
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Install modules
+        working-directory: ./portal-ui
+        run: yarn
+      - name: Run tests
+        working-directory: ./portal-ui
+        run: yarn test

.gitignore

@@ -24,6 +24,11 @@ console
 
 dist/
 
+# Ignore node_modules
+
+portal-ui/node_modules/
+portal-ui/build/
+
 # Ignore tls cert and key
 private.key
 public.crt

.goreleaser.yml

@@ -12,6 +12,10 @@ before:
   hooks:
     # you may remove this if you don't use vgo
     - go mod tidy
+    - docker build -f Dockerfile.assets -t consoleassets .
+    - docker create --name extract consoleassets
+    - docker cp extract:/app/bindata_assetfs.go ./portal-ui/
+    - docker rm extract
 
 builds:
   -

DEVELOPMENT.md

@@ -11,40 +11,7 @@ $ docker run --rm -p 389:389 -p 636:636 --name my-openldap-container --detach os
 Run the `billy.ldif` file using `ldapadd` command to create a new user and assign it to a group.
 
 ```
-$ cat > billy.ldif << EOF
+$ docker cp console/docs/ldap/billy.ldif my-openldap-container:/container/service/slapd/assets/test/billy.ldif
-# LDIF fragment to create group branch under root
-dn: uid=billy,dc=example,dc=org
-uid: billy
-cn: billy
-sn: 3
-objectClass: top
-objectClass: posixAccount
-objectClass: inetOrgPerson
-loginShell: /bin/bash
-homeDirectory: /home/billy
-uidNumber: 14583102
-gidNumber: 14564100
-userPassword: {SSHA}j3lBh1Seqe4rqF1+NuWmjhvtAni1JC5A
-mail: billy@example.org
-gecos: Billy User
-# Create base group
-dn: ou=groups,dc=example,dc=org
-objectclass:organizationalunit
-ou: groups
-description: generic groups branch
-# create consoleAdmin group (this already exists on minio and have a policy of s3::*)
-dn: cn=consoleAdmin,ou=groups,dc=example,dc=org
-objectClass: top
-objectClass: posixGroup
-gidNumber: 678
-# Assing group to new user
-dn: cn=consoleAdmin,ou=groups,dc=example,dc=org
-changetype: modify
-add: memberuid
-memberuid: billy
-EOF
-
-$ docker cp billy.ldif my-openldap-container:/container/service/slapd/assets/test/billy.ldif
 $ docker exec my-openldap-container ldapadd -x -D "cn=admin,dc=example,dc=org" -w admin -f /container/service/slapd/assets/test/billy.ldif -H ldap://localhost -ZZ
 ```
 
@@ -119,9 +86,6 @@ export MINIO_IDENTITY_LDAP_SERVER_INSECURE=on
 ## Run Console
 
 ```
-export CONSOLE_ACCESS_KEY=minio
-export CONSOLE_SECRET_KEY=minio123
-...
 export CONSOLE_LDAP_ENABLED=on
 ./console server
 ```

Dockerfile

@@ -1,4 +1,25 @@
-FROM golang:1.13
+FROM golang:1.15 as binlayer
+
+RUN go get github.com/go-bindata/go-bindata/... && go get github.com/elazarl/go-bindata-assetfs/...
+
+FROM node:10 as uilayer
+
+WORKDIR /app
+
+COPY --from=binlayer /go/bin/go-bindata-assetfs /bin/
+COPY --from=binlayer /go/bin/go-bindata /bin/
+
+COPY ./portal-ui/package.json ./
+COPY ./portal-ui/yarn.lock ./
+RUN yarn install
+
+COPY ./portal-ui .
+
+RUN yarn install && make build-static
+
+USER node
+
+FROM golang:1.15 as golayer
 
 RUN apt-get update -y && apt-get install -y ca-certificates
 
@@ -12,6 +33,8 @@ RUN go mod download
 ADD . /go/src/github.com/minio/console/
 WORKDIR /go/src/github.com/minio/console/
 
+COPY --from=uilayer /app/bindata_assetfs.go /go/src/github.com/minio/console/portal-ui/bindata_assetfs.go
+
 ENV CGO_ENABLED=0
 
 RUN go build -ldflags "-w -s" -a -o console ./cmd/console
@@ -20,7 +43,7 @@ FROM scratch
 MAINTAINER MinIO Development "dev@min.io"
 EXPOSE 9090
 
-COPY --from=0 /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
+COPY --from=golayer /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
-COPY --from=0 /go/src/github.com/minio/console/console .
+COPY --from=golayer /go/src/github.com/minio/console/console .
 
 ENTRYPOINT ["/console"]

Dockerfile.assets

@@ -0,0 +1,20 @@
+FROM golang:1.15 as binlayer
+
+RUN go get github.com/go-bindata/go-bindata/... && go get github.com/elazarl/go-bindata-assetfs/...
+
+FROM node:10 as uilayer
+
+WORKDIR /app
+
+COPY --from=binlayer /go/bin/go-bindata-assetfs /bin/
+COPY --from=binlayer /go/bin/go-bindata /bin/
+
+COPY ./portal-ui/package.json ./
+COPY ./portal-ui/yarn.lock ./
+RUN yarn install
+
+COPY ./portal-ui .
+
+RUN yarn install && make build-static
+
+USER node

Dockerfile.release

@@ -1,12 +1,21 @@
-FROM ubuntu:18.04 as certs
+FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3
 
-RUN apt-get update -y && apt-get install -y ca-certificates
+COPY CREDITS /licenses/CREDITS
+COPY LICENSE /licenses/LICENSE
+
+LABEL name="MinIO" \
+      vendor="MinIO Inc <dev@min.io>" \
+      maintainer="MinIO Inc <dev@min.io>" \
+      version="v0.4.6" \
+      release="v0.4.6" \
+      summary="A graphical user interface for MinIO" \
+      description="MinIO object storage is fundamentally different. Designed for performance and the S3 API, it is 100% open-source. MinIO is ideal for large, private cloud environments with stringent security requirements and delivers mission-critical availability across a diverse range of workloads."
+
+RUN \
+     microdnf update --nodocs && \
+     microdnf install ca-certificates --nodocs
      
-FROM scratch
-MAINTAINER MinIO Development "dev@min.io"
 EXPOSE 9090
 COPY console /console
 
-COPY --from=certs /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
-
 ENTRYPOINT ["/console"]

Makefile

@@ -30,6 +30,9 @@ fmt:
 	@GO111MODULE=on gofmt -d cmd/
 	@GO111MODULE=on gofmt -d cluster/
 
+crosscompile:
+	@(env bash $(PWD)/cross-compile.sh)
+
 lint:
 	@echo "Running $@ check"
 	@GO111MODULE=on ${GOPATH}/bin/golangci-lint cache clean
@@ -47,7 +50,7 @@ swagger-gen:
 	@swagger generate server -A console --main-package=console --exclude-main -P models.Principal -f ./swagger.yml -r NOTICE
 
 assets:
-	@(cd portal-ui; yarn install; make build-static; cd ..)
+	@(cd portal-ui; yarn install; make build-static; yarn prettier --write . --loglevel warn;  cd ..)
 
 test:
 	@(GO111MODULE=on go test -race -v github.com/minio/console/restapi/...)

README.md

@@ -3,7 +3,7 @@
 A graphical user interface for [MinIO](https://github.com/minio/minio)
 
 
-| Dashboard  | Adding A User |
+| Dashboard  | Creating a bucket |
 | ------------- | ------------- |
 | ![Dashboard](images/pic1.png)  | ![Dashboard](images/pic2.png) |
 
@@ -13,7 +13,7 @@ All `console` needs is a MinIO user with admin privileges and URL pointing to yo
 > Note: We don't recommend using MinIO's Operator Credentials
 
 1. Create a user for `console` using `mc`. 
-```
+```bash
 $ set +o history
 $ mc admin user add myminio console YOURCONSOLESECRET
 $ set -o history
@@ -21,7 +21,7 @@ $ set -o history
 
 2. Create a policy for `console` with access to everything (for testing and debugging)
 
-```
+```json
 $ cat > consoleAdmin.json << EOF
 {
 	"Version": "2012-10-17",
@@ -57,7 +57,7 @@ $ mc admin policy set myminio consoleAdmin user=console
 
 ### Note
 Additionally, you can create policies to limit the privileges for `console` users, for example, if you want the user to only have access to dashboard, buckets, notifications and watch page, the policy should look like this:
-```
+```json
 {
 	"Version": "2012-10-17",
 	"Statement": [{
@@ -100,26 +100,53 @@ Additionally, you can create policies to limit the privileges for `console` user
 ## Run Console server
 To run the server:
 
-```
+```bash
-export CONSOLE_HMAC_JWT_SECRET=YOURJWTSIGNINGSECRET
+# Salt to encrypt JWT payload
-
-#required to encrypt jwet payload
 export CONSOLE_PBKDF_PASSPHRASE=SECRET
 
 #required to encrypt jwet payload
 export CONSOLE_PBKDF_SALT=SECRET
 
-export CONSOLE_ACCESS_KEY=console
+# MinIO endpoint
-export CONSOLE_SECRET_KEY=YOURCONSOLESECRET
 export CONSOLE_MINIO_SERVER=http://localhost:9000
 ./console server
 ```
 
-## Connect Console to a Minio using TLS and a self-signed certificate
+## Run Console with TLS enable
+
+Copy your `public.crt` and `private.key` to `~/.console/certs`, then:
+
+```bash
+./console server
+```
+
+Additionally, `Console` has support for multiple certificates, clients can request them using `SNI`. It expects the following structure:
+
+```bash
+ certs/
+  │
+  ├─ public.crt
+  ├─ private.key
+  │
+  ├─ example.com/
+  │   │
+  │   ├─ public.crt
+  │   └─ private.key
+  └─ foobar.org/
+     │
+     ├─ public.crt
+     └─ private.key
+  ...
 
 ```
-...
+
-export CONSOLE_MINIO_SERVER_TLS_ROOT_CAS=<certificate_file_name>
+Therefore, we read all filenames in the cert directory and check
+for each directory whether it contains a public.crt and private.key.
+
+## Connect Console to a Minio using TLS and a self-signed certificate
+
+Copy the MinIO `ca.crt` under `~/.console/certs/CAs`, then:
+```
 export CONSOLE_MINIO_SERVER=https://localhost:9000
 ./console server
 ```

cluster/cluster.go

@@ -1,5 +1,5 @@
 // This file is part of MinIO Kubernetes Cloud
-// Copyright (c) 2019 MinIO, Inc.
+// Copyright (c) 2020 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by

cluster/config.go

@@ -1,5 +1,5 @@
 // This file is part of MinIO Kubernetes Cloud
-// Copyright (c) 2019 MinIO, Inc.
+// Copyright (c) 2020 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -31,7 +31,6 @@ import (
 
 var (
 	errCantDetermineMinIOImage = errors.New("can't determine MinIO Image")
-	errCantDetermineMCImage    = errors.New("can't determine MC Image")
 )
 
 func GetK8sAPIServer() string {
@@ -64,13 +63,8 @@ func GetNsFromFile() string {
 	return string(dat)
 }
 
-// This operation will run only once at console startup
+// Namespace will run only once at console startup
-var namespace = GetNsFromFile()
+var Namespace = GetNsFromFile()
-
-// Returns the namespace in which the controller is installed
-func GetNs() string {
-	return env.Get(ConsoleNamespace, namespace)
-}
 
 // getLatestMinIOImage returns the latest docker image for MinIO if found on the internet
 func getLatestMinIOImage(client HTTPClientI) (*string, error) {
@@ -125,44 +119,3 @@ func GetLatestMinioImage(client HTTPClientI) (*string, error) {
 	}
 	return latestMinIOImage, nil
 }
-
-// getLatestMCImage returns the latest docker image for MC if found on the internet
-func getLatestMCImage() (*string, error) {
-	// Create an http client with a 4 second timeout
-	client := http.Client{
-		Timeout: 4 * time.Second,
-	}
-	resp, err := client.Get("https://dl.min.io/client/mc/release/linux-amd64/")
-	if err != nil {
-		return nil, err
-	}
-	defer resp.Body.Close()
-
-	body, err := ioutil.ReadAll(resp.Body)
-	if err != nil {
-		return nil, err
-	}
-	var re = regexp.MustCompile(`(?m)\.\/mc\.(RELEASE.*?Z)"`)
-	// look for a single match
-	matches := re.FindAllStringSubmatch(string(body), 1)
-	for i := range matches {
-		release := matches[i][1]
-		dockerImage := fmt.Sprintf("minio/mc:%s", release)
-		return &dockerImage, nil
-	}
-	return nil, errCantDetermineMCImage
-}
-
-var latestMCImage, errLatestMCImage = getLatestMCImage()
-
-func GetMCImage() (*string, error) {
-	image := strings.TrimSpace(env.Get(ConsoleMCImage, ""))
-	// if there is a preferred image configured by the user we'll always return that
-	if image != "" {
-		return &image, nil
-	}
-	if errLatestMCImage != nil {
-		return nil, errLatestMCImage
-	}
-	return latestMCImage, nil
-}

cluster/const.go

@@ -1,5 +1,5 @@
 // This file is part of MinIO Kubernetes Cloud
-// Copyright (c) 2019 MinIO, Inc.
+// Copyright (c) 2020 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -21,5 +21,4 @@ const (
 	ConsoleK8SAPIServerTLSRootCA = "CONSOLE_K8S_API_SERVER_TLS_ROOT_CA"
 	ConsoleMinioImage            = "CONSOLE_MINIO_IMAGE"
 	ConsoleMCImage               = "CONSOLE_MC_IMAGE"
-	ConsoleNamespace             = "CONSOLE_NAMESPACE"
 )

cluster/http_client.go

@@ -17,6 +17,7 @@
 package cluster
 
 import (
+	"io"
 	"net/http"
 )
 
@@ -25,6 +26,8 @@ import (
 // that are used within this project.
 type HTTPClientI interface {
 	Get(url string) (resp *http.Response, err error)
+	Post(url, contentType string, body io.Reader) (resp *http.Response, err error)
+	Do(req *http.Request) (*http.Response, error)
 }
 
 // HTTPClient Interface implementation
@@ -38,3 +41,13 @@ type HTTPClient struct {
 func (c *HTTPClient) Get(url string) (resp *http.Response, err error) {
 	return c.Client.Get(url)
 }
+
+// Post implements http.Client.Post()
+func (c *HTTPClient) Post(url, contentType string, body io.Reader) (resp *http.Response, err error) {
+	return c.Client.Post(url, contentType, body)
+}
+
+// Do implements http.Client.Do()
+func (c *HTTPClient) Do(req *http.Request) (*http.Response, error) {
+	return c.Client.Do(req)
+}

cmd/console/main.go

@@ -76,21 +76,19 @@ func newApp(name string) *cli.App {
 
 	findClosestCommands := func(command string) []string {
 		var closestCommands []string
-		for _, value := range commandsTree.PrefixMatch(command) {
+		closestCommands = append(closestCommands, commandsTree.PrefixMatch(command)...)
-			closestCommands = append(closestCommands, value.(string))
-		}
 
 		sort.Strings(closestCommands)
 		// Suggest other close commands - allow missed, wrongly added and
 		// even transposed characters
 		for _, value := range commandsTree.Walk(commandsTree.Root()) {
-			if sort.SearchStrings(closestCommands, value.(string)) < len(closestCommands) {
+			if sort.SearchStrings(closestCommands, value) < len(closestCommands) {
 				continue
 			}
 			// 2 is arbitrary and represents the max
 			// allowed number of typed errors
-			if words.DamerauLevenshteinDistance(command, value.(string)) < 2 {
+			if words.DamerauLevenshteinDistance(command, value) < 2 {
-				closestCommands = append(closestCommands, value.(string))
+				closestCommands = append(closestCommands, value)
 			}
 		}
 

cmd/console/server.go

@@ -20,10 +20,12 @@ import (
 	"fmt"
 	"log"
 	"os"
+	"path/filepath"
 
 	"github.com/go-openapi/loads"
 	"github.com/jessevdk/go-flags"
 	"github.com/minio/cli"
+	"github.com/minio/console/pkg/certs"
 	"github.com/minio/console/restapi"
 	"github.com/minio/console/restapi/operations"
 )
@@ -56,14 +58,9 @@ var serverCmd = cli.Command{
 			Usage: "HTTPS server port",
 		},
 		cli.StringFlag{
-			Name:  "tls-certificate",
+			Name:  "certs-dir",
-			Value: "",
+			Value: certs.GlobalCertsCADir.Get(),
-			Usage: "filename of public cert",
+			Usage: "path to certs directory",
-		},
-		cli.StringFlag{
-			Name:  "tls-key",
-			Value: "",
-			Usage: "filename of private key",
 		},
 	},
 }
@@ -82,7 +79,9 @@ func startServer(ctx *cli.Context) error {
 	parser := flags.NewParser(server, flags.Default)
 	parser.ShortDescription = "MinIO Console Server"
 	parser.LongDescription = swaggerSpec.Spec().Info.Description
+
 	server.ConfigureFlags()
+
 	for _, optsGroup := range api.CommandLineOptionsGroups {
 		_, err := parser.AddGroup(optsGroup.ShortDescription, optsGroup.LongDescription, optsGroup.Options)
 		if err != nil {
@@ -106,12 +105,18 @@ func startServer(ctx *cli.Context) error {
 	restapi.Hostname = ctx.String("host")
 	restapi.Port = fmt.Sprintf("%v", ctx.Int("port"))
 
-	tlsCertificatePath := ctx.String("tls-certificate")
+	// Set all certs and CAs directories path
-	tlsCertificateKeyPath := ctx.String("tls-key")
+	certs.GlobalCertsDir, _ = certs.NewConfigDirFromCtx(ctx, "certs-dir", certs.DefaultCertsDir.Get)
+	certs.GlobalCertsCADir = &certs.ConfigDir{Path: filepath.Join(certs.GlobalCertsDir.Get(), certs.CertsCADir)}
 
-	if tlsCertificatePath != "" && tlsCertificateKeyPath != "" {
+	// check if certs and CAs directories exists or can be created
-		server.TLSCertificate = flags.Filename(tlsCertificatePath)
+	if err := certs.MkdirAllIgnorePerm(certs.GlobalCertsCADir.Get()); err != nil {
-		server.TLSCertificateKey = flags.Filename(tlsCertificateKeyPath)
+		log.Println(fmt.Sprintf("Unable to create certs CA directory at %s", certs.GlobalCertsCADir.Get()))
+	}
+	// load the certificates and the CAs
+	restapi.GlobalRootCAs, restapi.GlobalPublicCerts, restapi.GlobalTLSCertsManager = certs.GetAllCertificatesAndCAs()
+
+	if len(restapi.GlobalPublicCerts) > 0 {
 		// If TLS certificates are provided enforce the HTTPS schema, meaning console will redirect
 		// plain HTTP connections to HTTPS server
 		server.EnabledListeners = []string{"http", "https"}

cross-compile.sh

@@ -0,0 +1,34 @@
+#!/bin/bash
+
+set -e
+# Enable tracing if set.
+[ -n "$BASH_XTRACEFD" ] && set -x
+
+_init() {
+    ## All binaries are static make sure to disable CGO.
+    export CGO_ENABLED=0
+
+    ## List of architectures and OS to test coss compilation.
+    SUPPORTED_OSARCH="linux/ppc64le linux/mips64 linux/arm64 linux/s390x darwin/amd64 freebsd/amd64 windows/amd64 linux/arm linux/386 netbsd/amd64"
+}
+
+_build() {
+    local osarch=$1
+    IFS=/ read -r -a arr <<<"$osarch"
+    os="${arr[0]}"
+    arch="${arr[1]}"
+    package=$(go list -f '{{.ImportPath}}' ./cmd/console)
+    printf -- "--> %15s:%s\n" "${osarch}" "${package}"
+
+    # go build -trimpath to build the binary.
+    GOOS=$os GOARCH=$arch GO111MODULE=on go build -trimpath --tags=kqueue --ldflags "-s -w" -o /dev/null ./cmd/console
+}
+
+main() {
+    echo "Testing builds for OS/Arch: ${SUPPORTED_OSARCH}"
+    for each_osarch in ${SUPPORTED_OSARCH}; do
+        _build "${each_osarch}"
+    done
+}
+
+_init && main "$@"

docs/console_operator_mode.md

@@ -2,7 +2,7 @@
 
 `Console` will authenticate against `Kubernetes`using bearer tokens via HTTP `Authorization` header. The user will provide this token once
 in the login form, Console will validate it against Kubernetes (list apis) and if valid will generate and return a new Console sessions 
-with encrypted claims (the user Service account token will be inside the JWT in the data field)
+with encrypted claims (the user Service account token will be inside the session encrypted token
 
 # Kubernetes
 

docs/ldap/billy.ldif

@@ -0,0 +1,35 @@
+# LDIF fragment to create group branch under root
+dn: uid=billy,dc=example,dc=org
+uid: billy
+cn: billy
+sn: 3
+objectClass: top
+objectClass: posixAccount
+objectClass: inetOrgPerson
+loginShell: /bin/bash
+homeDirectory: /home/billy
+uidNumber: 14583102
+gidNumber: 14564100
+userPassword: {SSHA}j3lBh1Seqe4rqF1+NuWmjhvtAni1JC5A
+mail: billy@example.org
+gecos: Billy User
+
+# Create base group
+dn: ou=groups,dc=example,dc=org
+objectclass:organizationalunit
+ou: groups
+description: generic groups branch
+
+# create consoleAdmin group (this already exists on minio and have a policy of s3::*)
+dn: cn=consoleAdmin,ou=groups,dc=example,dc=org
+objectClass: top
+objectClass: posixGroup
+gidNumber: 678
+
+# Assing group to new user
+dn: cn=consoleAdmin,ou=groups,dc=example,dc=org
+changetype: modify
+add: memberuid
+memberuid: billy
+
+

go.mod

@@ -1,6 +1,6 @@
 module github.com/minio/console
 
-go 1.13
+go 1.15
 
 require (
 	github.com/coreos/go-oidc v2.2.1+incompatible
@@ -16,19 +16,23 @@ require (
 	github.com/jessevdk/go-flags v1.4.0
 	github.com/minio/cli v1.22.0
 	github.com/minio/kes v0.11.0
-	github.com/minio/mc v0.0.0-20200808005614-7e52c104bee1
+	github.com/minio/mc v0.0.0-20201220181029-41c804b179de
-	github.com/minio/minio v0.0.0-20200808024306-2a9819aff876
+	github.com/minio/minio v0.0.0-20201221162327-6df6ac0f3410
-	github.com/minio/minio-go/v7 v7.0.5-0.20200807085956-d7db33ea7618
+	github.com/minio/minio-go/v7 v7.0.7-0.20201217170524-3baf9ea06f7c
-	github.com/minio/operator v0.0.0-20200806194125-c2ff646f4af1
+	github.com/minio/operator v0.0.0-20201204220226-9901d1d0766c
+	github.com/minio/operator/logsearchapi v0.0.0-20201217190212-bf6546b09012
+	github.com/mitchellh/go-homedir v1.1.0
 	github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35 // indirect
 	github.com/secure-io/sio-go v0.3.1
 	github.com/stretchr/testify v1.6.1
 	github.com/unrolled/secure v1.0.7
-	golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de
+	golang.org/x/crypto v0.0.0-20201124201722-c8d3bf9c5392
-	golang.org/x/net v0.0.0-20200707034311-ab3426394381
+	golang.org/x/net v0.0.0-20201010224723-4f7140c49acb
-	golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45
+	golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d
 	gopkg.in/yaml.v2 v2.3.0
 	k8s.io/api v0.18.6
-	k8s.io/apimachinery v0.18.6
+	k8s.io/apimachinery v0.18.8
 	k8s.io/client-go v0.18.6
 )
+
+replace github.com/minio/operator v0.0.0-20201204220226-9901d1d0766c => github.com/dvaldivia/operator v0.0.0-20201230052356-04efc0ea5890

k8s/console/base/console-cluster-role.yaml

@@ -7,7 +7,6 @@ rules:
       - ""
     resources:
       - namespaces
-      - secrets
       - pods
       - services
       - events
@@ -18,6 +17,18 @@ rules:
       - create
       - list
       - patch
+  - apiGroups:
+      - ""
+    resources:
+      - secrets
+    verbs:
+      - get
+      - watch
+      - create
+      - list
+      - patch
+      - deletecollection
+      - delete
   - apiGroups:
       - "storage.k8s.io"
     resources:

k8s/console/base/console-deployment.yaml

@@ -15,7 +15,7 @@ spec:
       serviceAccountName: console-sa
       containers:
         - name: console
-          image: minio/console:v0.3.18
+          image: minio/console:v0.4.6
           imagePullPolicy: "IfNotPresent"
           args:
             - server

k8s/operator-console/base/console-deployment.yaml

@@ -15,7 +15,7 @@ spec:
       serviceAccountName: console-sa
       containers:
         - name: console
-          image: minio/console:v0.3.18
+          image: minio/console:v0.4.6
           imagePullPolicy: "IfNotPresent"
           env:
             - name: CONSOLE_OPERATOR_MODE

k8s/operator-console/base/kustomization.yaml

@@ -8,4 +8,3 @@ resources:
   - console-configmap.yaml
   - console-service.yaml
   - console-deployment.yaml
-  - https://github.com/minio/operator/?ref=v3.0.10

k8s/operator-console/operator/kustomization.yaml

@@ -0,0 +1,9 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+# beginning of customizations
+#namespace: min-ns
+
+resources:
+  - ../base
+  - https://github.com/minio/operator/?ref=v3.0.29
+

k8s/tools.go

@@ -1,5 +1,5 @@
 // This file is part of MinIO Kubernetes Cloud
-// Copyright (c) 2019 MinIO, Inc.
+// Copyright (c) 2020 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by

models/account_change_password_request.go

@@ -0,0 +1,98 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
+// AccountChangePasswordRequest account change password request
+//
+// swagger:model accountChangePasswordRequest
+type AccountChangePasswordRequest struct {
+
+	// current secret key
+	// Required: true
+	CurrentSecretKey *string `json:"current_secret_key"`
+
+	// new secret key
+	// Required: true
+	NewSecretKey *string `json:"new_secret_key"`
+}
+
+// Validate validates this account change password request
+func (m *AccountChangePasswordRequest) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateCurrentSecretKey(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateNewSecretKey(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *AccountChangePasswordRequest) validateCurrentSecretKey(formats strfmt.Registry) error {
+
+	if err := validate.Required("current_secret_key", "body", m.CurrentSecretKey); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *AccountChangePasswordRequest) validateNewSecretKey(formats strfmt.Registry) error {
+
+	if err := validate.Required("new_secret_key", "body", m.NewSecretKey); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *AccountChangePasswordRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *AccountChangePasswordRequest) UnmarshalBinary(b []byte) error {
+	var res AccountChangePasswordRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/add_bucket_replication.go

@@ -0,0 +1,63 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// AddBucketReplication add bucket replication
+//
+// swagger:model addBucketReplication
+type AddBucketReplication struct {
+
+	// arn
+	Arn string `json:"arn,omitempty"`
+
+	// destination bucket
+	DestinationBucket string `json:"destination_bucket,omitempty"`
+}
+
+// Validate validates this add bucket replication
+func (m *AddBucketReplication) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *AddBucketReplication) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *AddBucketReplication) UnmarshalBinary(b []byte) error {
+	var res AddBucketReplication
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/admin_info_response.go

@@ -23,6 +23,9 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"strconv"
+
+	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 )
@@ -40,10 +43,47 @@ type AdminInfoResponse struct {
 
 	// usage
 	Usage int64 `json:"usage,omitempty"`
+
+	// widgets
+	Widgets []*Widget `json:"widgets"`
 }
 
 // Validate validates this admin info response
 func (m *AdminInfoResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateWidgets(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *AdminInfoResponse) validateWidgets(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.Widgets) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Widgets); i++ {
+		if swag.IsZero(m.Widgets[i]) { // not required
+			continue
+		}
+
+		if m.Widgets[i] != nil {
+			if err := m.Widgets[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("widgets" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
 	return nil
 }
 

models/bucket_encryption_info.go

@@ -0,0 +1,63 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// BucketEncryptionInfo bucket encryption info
+//
+// swagger:model bucketEncryptionInfo
+type BucketEncryptionInfo struct {
+
+	// algorithm
+	Algorithm string `json:"algorithm,omitempty"`
+
+	// kms master key ID
+	KmsMasterKeyID string `json:"kmsMasterKeyID,omitempty"`
+}
+
+// Validate validates this bucket encryption info
+func (m *BucketEncryptionInfo) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *BucketEncryptionInfo) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *BucketEncryptionInfo) UnmarshalBinary(b []byte) error {
+	var res BucketEncryptionInfo
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/bucket_encryption_request.go

@@ -28,29 +28,23 @@ import (
 	"github.com/go-openapi/swag"
 )
 
-// NodeInfo node info
+// BucketEncryptionRequest bucket encryption request
 //
-// swagger:model nodeInfo
+// swagger:model bucketEncryptionRequest
-type NodeInfo struct {
+type BucketEncryptionRequest struct {
 
-	// Represents the resources of a node that are available for scheduling.
+	// enc type
-	AllocatableResources map[string]int64 `json:"allocatable_resources,omitempty"`
+	EncType BucketEncryptionType `json:"encType,omitempty"`
 
-	// name
+	// kms key ID
-	Name string `json:"name,omitempty"`
+	KmsKeyID string `json:"kmsKeyID,omitempty"`
-
-	// taints
-	Taints *NodeTaints `json:"taints,omitempty"`
-
-	// Represents the total resources of a node.
-	TotalResources map[string]int64 `json:"total_resources,omitempty"`
 }
 
-// Validate validates this node info
+// Validate validates this bucket encryption request
-func (m *NodeInfo) Validate(formats strfmt.Registry) error {
+func (m *BucketEncryptionRequest) Validate(formats strfmt.Registry) error {
 	var res []error
 
-	if err := m.validateTaints(formats); err != nil {
+	if err := m.validateEncType(formats); err != nil {
 		res = append(res, err)
 	}
 
@@ -60,26 +54,24 @@ func (m *NodeInfo) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *NodeInfo) validateTaints(formats strfmt.Registry) error {
+func (m *BucketEncryptionRequest) validateEncType(formats strfmt.Registry) error {
 
-	if swag.IsZero(m.Taints) { // not required
+	if swag.IsZero(m.EncType) { // not required
 		return nil
 	}
 
-	if m.Taints != nil {
+	if err := m.EncType.Validate(formats); err != nil {
-		if err := m.Taints.Validate(formats); err != nil {
 		if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("taints")
+			return ve.ValidateName("encType")
 		}
 		return err
 	}
-	}
 
 	return nil
 }
 
 // MarshalBinary interface implementation
-func (m *NodeInfo) MarshalBinary() ([]byte, error) {
+func (m *BucketEncryptionRequest) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
@@ -87,8 +79,8 @@ func (m *NodeInfo) MarshalBinary() ([]byte, error) {
 }
 
 // UnmarshalBinary interface implementation
-func (m *NodeInfo) UnmarshalBinary(b []byte) error {
+func (m *BucketEncryptionRequest) UnmarshalBinary(b []byte) error {
-	var res NodeInfo
+	var res BucketEncryptionRequest
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}

models/bucket_encryption_type.go

@@ -0,0 +1,80 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"encoding/json"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/validate"
+)
+
+// BucketEncryptionType bucket encryption type
+//
+// swagger:model bucketEncryptionType
+type BucketEncryptionType string
+
+const (
+
+	// BucketEncryptionTypeSseS3 captures enum value "sse-s3"
+	BucketEncryptionTypeSseS3 BucketEncryptionType = "sse-s3"
+
+	// BucketEncryptionTypeSseKms captures enum value "sse-kms"
+	BucketEncryptionTypeSseKms BucketEncryptionType = "sse-kms"
+)
+
+// for schema
+var bucketEncryptionTypeEnum []interface{}
+
+func init() {
+	var res []BucketEncryptionType
+	if err := json.Unmarshal([]byte(`["sse-s3","sse-kms"]`), &res); err != nil {
+		panic(err)
+	}
+	for _, v := range res {
+		bucketEncryptionTypeEnum = append(bucketEncryptionTypeEnum, v)
+	}
+}
+
+func (m BucketEncryptionType) validateBucketEncryptionTypeEnum(path, location string, value BucketEncryptionType) error {
+	if err := validate.EnumCase(path, location, value, bucketEncryptionTypeEnum, true); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Validate validates this bucket encryption type
+func (m BucketEncryptionType) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	// value enum
+	if err := m.validateBucketEncryptionTypeEnum("", "body", m); err != nil {
+		return err
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}

models/bucket_object.go

@@ -0,0 +1,99 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// BucketObject bucket object
+//
+// swagger:model bucketObject
+type BucketObject struct {
+
+	// content type
+	ContentType string `json:"content_type,omitempty"`
+
+	// expiration
+	Expiration string `json:"expiration,omitempty"`
+
+	// expiration rule id
+	ExpirationRuleID string `json:"expiration_rule_id,omitempty"`
+
+	// is delete marker
+	IsDeleteMarker bool `json:"is_delete_marker,omitempty"`
+
+	// is latest
+	IsLatest bool `json:"is_latest,omitempty"`
+
+	// last modified
+	LastModified string `json:"last_modified,omitempty"`
+
+	// legal hold status
+	LegalHoldStatus string `json:"legal_hold_status,omitempty"`
+
+	// name
+	Name string `json:"name,omitempty"`
+
+	// retention mode
+	RetentionMode string `json:"retention_mode,omitempty"`
+
+	// retention until date
+	RetentionUntilDate string `json:"retention_until_date,omitempty"`
+
+	// size
+	Size int64 `json:"size,omitempty"`
+
+	// tags
+	Tags map[string]string `json:"tags,omitempty"`
+
+	// user tags
+	UserTags map[string]string `json:"user_tags,omitempty"`
+
+	// version id
+	VersionID string `json:"version_id,omitempty"`
+}
+
+// Validate validates this bucket object
+func (m *BucketObject) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *BucketObject) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *BucketObject) UnmarshalBinary(b []byte) error {
+	var res BucketObject
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/bucket_replication_destination.go

@@ -0,0 +1,60 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// BucketReplicationDestination bucket replication destination
+//
+// swagger:model bucketReplicationDestination
+type BucketReplicationDestination struct {
+
+	// bucket
+	Bucket string `json:"bucket,omitempty"`
+}
+
+// Validate validates this bucket replication destination
+func (m *BucketReplicationDestination) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *BucketReplicationDestination) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *BucketReplicationDestination) UnmarshalBinary(b []byte) error {
+	var res BucketReplicationDestination
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/bucket_replication_response.go

@@ -30,20 +30,20 @@ import (
 	"github.com/go-openapi/swag"
 )
 
-// ClusterResources cluster resources
+// BucketReplicationResponse bucket replication response
 //
-// swagger:model clusterResources
+// swagger:model bucketReplicationResponse
-type ClusterResources struct {
+type BucketReplicationResponse struct {
 
-	// nodes
+	// rules
-	Nodes []*NodeInfo `json:"nodes"`
+	Rules []*BucketReplicationRule `json:"rules"`
 }
 
-// Validate validates this cluster resources
+// Validate validates this bucket replication response
-func (m *ClusterResources) Validate(formats strfmt.Registry) error {
+func (m *BucketReplicationResponse) Validate(formats strfmt.Registry) error {
 	var res []error
 
-	if err := m.validateNodes(formats); err != nil {
+	if err := m.validateRules(formats); err != nil {
 		res = append(res, err)
 	}
 
@@ -53,21 +53,21 @@ func (m *ClusterResources) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *ClusterResources) validateNodes(formats strfmt.Registry) error {
+func (m *BucketReplicationResponse) validateRules(formats strfmt.Registry) error {
 
-	if swag.IsZero(m.Nodes) { // not required
+	if swag.IsZero(m.Rules) { // not required
 		return nil
 	}
 
-	for i := 0; i < len(m.Nodes); i++ {
+	for i := 0; i < len(m.Rules); i++ {
-		if swag.IsZero(m.Nodes[i]) { // not required
+		if swag.IsZero(m.Rules[i]) { // not required
 			continue
 		}
 
-		if m.Nodes[i] != nil {
+		if m.Rules[i] != nil {
-			if err := m.Nodes[i].Validate(formats); err != nil {
+			if err := m.Rules[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
-					return ve.ValidateName("nodes" + "." + strconv.Itoa(i))
+					return ve.ValidateName("rules" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -79,7 +79,7 @@ func (m *ClusterResources) validateNodes(formats strfmt.Registry) error {
 }
 
 // MarshalBinary interface implementation
-func (m *ClusterResources) MarshalBinary() ([]byte, error) {
+func (m *BucketReplicationResponse) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
@@ -87,8 +87,8 @@ func (m *ClusterResources) MarshalBinary() ([]byte, error) {
 }
 
 // UnmarshalBinary interface implementation
-func (m *ClusterResources) UnmarshalBinary(b []byte) error {
+func (m *BucketReplicationResponse) UnmarshalBinary(b []byte) error {
-	var res ClusterResources
+	var res BucketReplicationResponse
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}

models/bucket_replication_rule.go

@@ -0,0 +1,173 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"encoding/json"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
+// BucketReplicationRule bucket replication rule
+//
+// swagger:model bucketReplicationRule
+type BucketReplicationRule struct {
+
+	// delete marker replication
+	DeleteMarkerReplication *BucketReplicationRuleMarker `json:"delete_marker_replication,omitempty"`
+
+	// destination
+	Destination *BucketReplicationDestination `json:"destination,omitempty"`
+
+	// id
+	ID string `json:"id,omitempty"`
+
+	// priority
+	Priority int32 `json:"priority,omitempty"`
+
+	// status
+	// Enum: [Enabled Disabled]
+	Status string `json:"status,omitempty"`
+}
+
+// Validate validates this bucket replication rule
+func (m *BucketReplicationRule) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateDeleteMarkerReplication(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateDestination(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateStatus(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *BucketReplicationRule) validateDeleteMarkerReplication(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.DeleteMarkerReplication) { // not required
+		return nil
+	}
+
+	if m.DeleteMarkerReplication != nil {
+		if err := m.DeleteMarkerReplication.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("delete_marker_replication")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *BucketReplicationRule) validateDestination(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.Destination) { // not required
+		return nil
+	}
+
+	if m.Destination != nil {
+		if err := m.Destination.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("destination")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+var bucketReplicationRuleTypeStatusPropEnum []interface{}
+
+func init() {
+	var res []string
+	if err := json.Unmarshal([]byte(`["Enabled","Disabled"]`), &res); err != nil {
+		panic(err)
+	}
+	for _, v := range res {
+		bucketReplicationRuleTypeStatusPropEnum = append(bucketReplicationRuleTypeStatusPropEnum, v)
+	}
+}
+
+const (
+
+	// BucketReplicationRuleStatusEnabled captures enum value "Enabled"
+	BucketReplicationRuleStatusEnabled string = "Enabled"
+
+	// BucketReplicationRuleStatusDisabled captures enum value "Disabled"
+	BucketReplicationRuleStatusDisabled string = "Disabled"
+)
+
+// prop value enum
+func (m *BucketReplicationRule) validateStatusEnum(path, location string, value string) error {
+	if err := validate.EnumCase(path, location, value, bucketReplicationRuleTypeStatusPropEnum, true); err != nil {
+		return err
+	}
+	return nil
+}
+
+func (m *BucketReplicationRule) validateStatus(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.Status) { // not required
+		return nil
+	}
+
+	// value enum
+	if err := m.validateStatusEnum("status", "body", m.Status); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *BucketReplicationRule) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *BucketReplicationRule) UnmarshalBinary(b []byte) error {
+	var res BucketReplicationRule
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/bucket_replication_rule_marker.go

@@ -0,0 +1,117 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"encoding/json"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
+// BucketReplicationRuleMarker bucket replication rule marker
+//
+// swagger:model bucketReplicationRuleMarker
+type BucketReplicationRuleMarker struct {
+
+	// status
+	// Enum: [Enabled Disabled]
+	Status string `json:"status,omitempty"`
+}
+
+// Validate validates this bucket replication rule marker
+func (m *BucketReplicationRuleMarker) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateStatus(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+var bucketReplicationRuleMarkerTypeStatusPropEnum []interface{}
+
+func init() {
+	var res []string
+	if err := json.Unmarshal([]byte(`["Enabled","Disabled"]`), &res); err != nil {
+		panic(err)
+	}
+	for _, v := range res {
+		bucketReplicationRuleMarkerTypeStatusPropEnum = append(bucketReplicationRuleMarkerTypeStatusPropEnum, v)
+	}
+}
+
+const (
+
+	// BucketReplicationRuleMarkerStatusEnabled captures enum value "Enabled"
+	BucketReplicationRuleMarkerStatusEnabled string = "Enabled"
+
+	// BucketReplicationRuleMarkerStatusDisabled captures enum value "Disabled"
+	BucketReplicationRuleMarkerStatusDisabled string = "Disabled"
+)
+
+// prop value enum
+func (m *BucketReplicationRuleMarker) validateStatusEnum(path, location string, value string) error {
+	if err := validate.EnumCase(path, location, value, bucketReplicationRuleMarkerTypeStatusPropEnum, true); err != nil {
+		return err
+	}
+	return nil
+}
+
+func (m *BucketReplicationRuleMarker) validateStatus(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.Status) { // not required
+		return nil
+	}
+
+	// value enum
+	if err := m.validateStatusEnum("status", "body", m.Status); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *BucketReplicationRuleMarker) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *BucketReplicationRuleMarker) UnmarshalBinary(b []byte) error {
+	var res BucketReplicationRuleMarker
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/bucket_versioning_response.go

@@ -0,0 +1,60 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// BucketVersioningResponse bucket versioning response
+//
+// swagger:model bucketVersioningResponse
+type BucketVersioningResponse struct {
+
+	// is versioned
+	IsVersioned bool `json:"is_versioned,omitempty"`
+}
+
+// Validate validates this bucket versioning response
+func (m *BucketVersioningResponse) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *BucketVersioningResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *BucketVersioningResponse) UnmarshalBinary(b []byte) error {
+	var res BucketVersioningResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/console_configuration.go

@@ -0,0 +1,117 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// ConsoleConfiguration console configuration
+//
+// swagger:model consoleConfiguration
+type ConsoleConfiguration struct {
+	MetadataFields
+
+	// image
+	Image string `json:"image,omitempty"`
+}
+
+// UnmarshalJSON unmarshals this object from a JSON structure
+func (m *ConsoleConfiguration) UnmarshalJSON(raw []byte) error {
+	// AO0
+	var aO0 MetadataFields
+	if err := swag.ReadJSON(raw, &aO0); err != nil {
+		return err
+	}
+	m.MetadataFields = aO0
+
+	// AO1
+	var dataAO1 struct {
+		Image string `json:"image,omitempty"`
+	}
+	if err := swag.ReadJSON(raw, &dataAO1); err != nil {
+		return err
+	}
+
+	m.Image = dataAO1.Image
+
+	return nil
+}
+
+// MarshalJSON marshals this object to a JSON structure
+func (m ConsoleConfiguration) MarshalJSON() ([]byte, error) {
+	_parts := make([][]byte, 0, 2)
+
+	aO0, err := swag.WriteJSON(m.MetadataFields)
+	if err != nil {
+		return nil, err
+	}
+	_parts = append(_parts, aO0)
+	var dataAO1 struct {
+		Image string `json:"image,omitempty"`
+	}
+
+	dataAO1.Image = m.Image
+
+	jsonDataAO1, errAO1 := swag.WriteJSON(dataAO1)
+	if errAO1 != nil {
+		return nil, errAO1
+	}
+	_parts = append(_parts, jsonDataAO1)
+	return swag.ConcatJSON(_parts...), nil
+}
+
+// Validate validates this console configuration
+func (m *ConsoleConfiguration) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	// validation for a type composition with MetadataFields
+	if err := m.MetadataFields.Validate(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *ConsoleConfiguration) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *ConsoleConfiguration) UnmarshalBinary(b []byte) error {
+	var res ConsoleConfiguration
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/create_remote_bucket.go

@@ -0,0 +1,162 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
+// CreateRemoteBucket create remote bucket
+//
+// swagger:model createRemoteBucket
+type CreateRemoteBucket struct {
+
+	// access key
+	// Required: true
+	// Min Length: 3
+	AccessKey *string `json:"accessKey"`
+
+	// region
+	Region string `json:"region,omitempty"`
+
+	// secret key
+	// Required: true
+	// Min Length: 8
+	SecretKey *string `json:"secretKey"`
+
+	// source bucket
+	// Required: true
+	SourceBucket *string `json:"sourceBucket"`
+
+	// target bucket
+	// Required: true
+	TargetBucket *string `json:"targetBucket"`
+
+	// target URL
+	// Required: true
+	TargetURL *string `json:"targetURL"`
+}
+
+// Validate validates this create remote bucket
+func (m *CreateRemoteBucket) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateAccessKey(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateSecretKey(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateSourceBucket(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateTargetBucket(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateTargetURL(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *CreateRemoteBucket) validateAccessKey(formats strfmt.Registry) error {
+
+	if err := validate.Required("accessKey", "body", m.AccessKey); err != nil {
+		return err
+	}
+
+	if err := validate.MinLength("accessKey", "body", string(*m.AccessKey), 3); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *CreateRemoteBucket) validateSecretKey(formats strfmt.Registry) error {
+
+	if err := validate.Required("secretKey", "body", m.SecretKey); err != nil {
+		return err
+	}
+
+	if err := validate.MinLength("secretKey", "body", string(*m.SecretKey), 8); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *CreateRemoteBucket) validateSourceBucket(formats strfmt.Registry) error {
+
+	if err := validate.Required("sourceBucket", "body", m.SourceBucket); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *CreateRemoteBucket) validateTargetBucket(formats strfmt.Registry) error {
+
+	if err := validate.Required("targetBucket", "body", m.TargetBucket); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *CreateRemoteBucket) validateTargetURL(formats strfmt.Registry) error {
+
+	if err := validate.Required("targetURL", "body", m.TargetURL); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *CreateRemoteBucket) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *CreateRemoteBucket) UnmarshalBinary(b []byte) error {
+	var res CreateRemoteBucket
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/create_tenant_request.go

@@ -42,6 +42,9 @@ type CreateTenantRequest struct {
 	// annotations
 	Annotations map[string]string `json:"annotations,omitempty"`
 
+	// console
+	Console *ConsoleConfiguration `json:"console,omitempty"`
+
 	// console image
 	ConsoleImage string `json:"console_image,omitempty"`
 
@@ -60,6 +63,12 @@ type CreateTenantRequest struct {
 	// erasure coding parity
 	ErasureCodingParity int64 `json:"erasureCodingParity,omitempty"`
 
+	// expose console
+	ExposeConsole bool `json:"expose_console,omitempty"`
+
+	// expose minio
+	ExposeMinio bool `json:"expose_minio,omitempty"`
+
 	// idp
 	Idp *IdpConfiguration `json:"idp,omitempty"`
 
@@ -72,6 +81,9 @@ type CreateTenantRequest struct {
 	// image registry
 	ImageRegistry *ImageRegistry `json:"image_registry,omitempty"`
 
+	// labels
+	Labels map[string]string `json:"labels,omitempty"`
+
 	// mounth path
 	MounthPath string `json:"mounth_path,omitempty"`
 
@@ -84,24 +96,25 @@ type CreateTenantRequest struct {
 	// Required: true
 	Namespace *string `json:"namespace"`
 
+	// pools
+	// Required: true
+	Pools []*Pool `json:"pools"`
+
 	// secret key
 	SecretKey string `json:"secret_key,omitempty"`
 
-	// service name
-	ServiceName string `json:"service_name,omitempty"`
-
 	// tls
 	TLS *TLSConfiguration `json:"tls,omitempty"`
-
-	// zones
-	// Required: true
-	Zones []*Zone `json:"zones"`
 }
 
 // Validate validates this create tenant request
 func (m *CreateTenantRequest) Validate(formats strfmt.Registry) error {
 	var res []error
 
+	if err := m.validateConsole(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateEncryption(formats); err != nil {
 		res = append(res, err)
 	}
@@ -122,11 +135,11 @@ func (m *CreateTenantRequest) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}
 
-	if err := m.validateTLS(formats); err != nil {
+	if err := m.validatePools(formats); err != nil {
 		res = append(res, err)
 	}
 
-	if err := m.validateZones(formats); err != nil {
+	if err := m.validateTLS(formats); err != nil {
 		res = append(res, err)
 	}
 
@@ -136,6 +149,24 @@ func (m *CreateTenantRequest) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
+func (m *CreateTenantRequest) validateConsole(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.Console) { // not required
+		return nil
+	}
+
+	if m.Console != nil {
+		if err := m.Console.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("console")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 func (m *CreateTenantRequest) validateEncryption(formats strfmt.Registry) error {
 
 	if swag.IsZero(m.Encryption) { // not required
@@ -212,6 +243,31 @@ func (m *CreateTenantRequest) validateNamespace(formats strfmt.Registry) error {
 	return nil
 }
 
+func (m *CreateTenantRequest) validatePools(formats strfmt.Registry) error {
+
+	if err := validate.Required("pools", "body", m.Pools); err != nil {
+		return err
+	}
+
+	for i := 0; i < len(m.Pools); i++ {
+		if swag.IsZero(m.Pools[i]) { // not required
+			continue
+		}
+
+		if m.Pools[i] != nil {
+			if err := m.Pools[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("pools" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
 func (m *CreateTenantRequest) validateTLS(formats strfmt.Registry) error {
 
 	if swag.IsZero(m.TLS) { // not required
@@ -230,31 +286,6 @@ func (m *CreateTenantRequest) validateTLS(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *CreateTenantRequest) validateZones(formats strfmt.Registry) error {
-
-	if err := validate.Required("zones", "body", m.Zones); err != nil {
-		return err
-	}
-
-	for i := 0; i < len(m.Zones); i++ {
-		if swag.IsZero(m.Zones[i]) { // not required
-			continue
-		}
-
-		if m.Zones[i] != nil {
-			if err := m.Zones[i].Validate(formats); err != nil {
-				if ve, ok := err.(*errors.Validation); ok {
-					return ve.ValidateName("zones" + "." + strconv.Itoa(i))
-				}
-				return err
-			}
-		}
-
-	}
-
-	return nil
-}
-
 // MarshalBinary interface implementation
 func (m *CreateTenantRequest) MarshalBinary() ([]byte, error) {
 	if m == nil {

models/create_tenant_response.go

@@ -33,14 +33,8 @@ import (
 // swagger:model createTenantResponse
 type CreateTenantResponse struct {
 
-	// access key
-	AccessKey string `json:"access_key,omitempty"`
-
 	// console
 	Console *CreateTenantResponseConsole `json:"console,omitempty"`
-
-	// secret key
-	SecretKey string `json:"secret_key,omitempty"`
 }
 
 // Validate validates this create tenant response

models/encryption_configuration.go

@@ -32,6 +32,7 @@ import (
 //
 // swagger:model encryptionConfiguration
 type EncryptionConfiguration struct {
+	MetadataFields
 
 	// aws
 	Aws *AwsConfiguration `json:"aws,omitempty"`
@@ -52,10 +53,100 @@ type EncryptionConfiguration struct {
 	Vault *VaultConfiguration `json:"vault,omitempty"`
 }
 
+// UnmarshalJSON unmarshals this object from a JSON structure
+func (m *EncryptionConfiguration) UnmarshalJSON(raw []byte) error {
+	// AO0
+	var aO0 MetadataFields
+	if err := swag.ReadJSON(raw, &aO0); err != nil {
+		return err
+	}
+	m.MetadataFields = aO0
+
+	// AO1
+	var dataAO1 struct {
+		Aws *AwsConfiguration `json:"aws,omitempty"`
+
+		Client *KeyPairConfiguration `json:"client,omitempty"`
+
+		Gemalto *GemaltoConfiguration `json:"gemalto,omitempty"`
+
+		Image string `json:"image,omitempty"`
+
+		Server *KeyPairConfiguration `json:"server,omitempty"`
+
+		Vault *VaultConfiguration `json:"vault,omitempty"`
+	}
+	if err := swag.ReadJSON(raw, &dataAO1); err != nil {
+		return err
+	}
+
+	m.Aws = dataAO1.Aws
+
+	m.Client = dataAO1.Client
+
+	m.Gemalto = dataAO1.Gemalto
+
+	m.Image = dataAO1.Image
+
+	m.Server = dataAO1.Server
+
+	m.Vault = dataAO1.Vault
+
+	return nil
+}
+
+// MarshalJSON marshals this object to a JSON structure
+func (m EncryptionConfiguration) MarshalJSON() ([]byte, error) {
+	_parts := make([][]byte, 0, 2)
+
+	aO0, err := swag.WriteJSON(m.MetadataFields)
+	if err != nil {
+		return nil, err
+	}
+	_parts = append(_parts, aO0)
+	var dataAO1 struct {
+		Aws *AwsConfiguration `json:"aws,omitempty"`
+
+		Client *KeyPairConfiguration `json:"client,omitempty"`
+
+		Gemalto *GemaltoConfiguration `json:"gemalto,omitempty"`
+
+		Image string `json:"image,omitempty"`
+
+		Server *KeyPairConfiguration `json:"server,omitempty"`
+
+		Vault *VaultConfiguration `json:"vault,omitempty"`
+	}
+
+	dataAO1.Aws = m.Aws
+
+	dataAO1.Client = m.Client
+
+	dataAO1.Gemalto = m.Gemalto
+
+	dataAO1.Image = m.Image
+
+	dataAO1.Server = m.Server
+
+	dataAO1.Vault = m.Vault
+
+	jsonDataAO1, errAO1 := swag.WriteJSON(dataAO1)
+	if errAO1 != nil {
+		return nil, errAO1
+	}
+	_parts = append(_parts, jsonDataAO1)
+	return swag.ConcatJSON(_parts...), nil
+}
+
 // Validate validates this encryption configuration
 func (m *EncryptionConfiguration) Validate(formats strfmt.Registry) error {
 	var res []error
 
+	// validation for a type composition with MetadataFields
+	if err := m.MetadataFields.Validate(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateAws(formats); err != nil {
 		res = append(res, err)
 	}

models/error.go

@@ -35,7 +35,7 @@ import (
 type Error struct {
 
 	// code
-	Code int64 `json:"code,omitempty"`
+	Code int32 `json:"code,omitempty"`
 
 	// message
 	// Required: true

models/get_bucket_retention_config.go

@@ -0,0 +1,112 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// GetBucketRetentionConfig get bucket retention config
+//
+// swagger:model getBucketRetentionConfig
+type GetBucketRetentionConfig struct {
+
+	// mode
+	Mode ObjectRetentionMode `json:"mode,omitempty"`
+
+	// unit
+	Unit ObjectRetentionUnit `json:"unit,omitempty"`
+
+	// validity
+	Validity int32 `json:"validity,omitempty"`
+}
+
+// Validate validates this get bucket retention config
+func (m *GetBucketRetentionConfig) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateMode(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateUnit(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *GetBucketRetentionConfig) validateMode(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.Mode) { // not required
+		return nil
+	}
+
+	if err := m.Mode.Validate(formats); err != nil {
+		if ve, ok := err.(*errors.Validation); ok {
+			return ve.ValidateName("mode")
+		}
+		return err
+	}
+
+	return nil
+}
+
+func (m *GetBucketRetentionConfig) validateUnit(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.Unit) { // not required
+		return nil
+	}
+
+	if err := m.Unit.Validate(formats); err != nil {
+		if ve, ok := err.(*errors.Validation); ok {
+			return ve.ValidateName("unit")
+		}
+		return err
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *GetBucketRetentionConfig) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *GetBucketRetentionConfig) UnmarshalBinary(b []byte) error {
+	var res GetBucketRetentionConfig
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/iam_entity.go

@@ -0,0 +1,48 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/validate"
+)
+
+// IamEntity iam entity
+//
+// swagger:model iamEntity
+type IamEntity string
+
+// Validate validates this iam entity
+func (m IamEntity) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := validate.Pattern("", "body", string(m), `^[\w+=,.@-]{1,64}$`); err != nil {
+		return err
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}

models/license.go

@@ -0,0 +1,75 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// License license
+//
+// swagger:model license
+type License struct {
+
+	// account id
+	AccountID int64 `json:"account_id,omitempty"`
+
+	// email
+	Email string `json:"email,omitempty"`
+
+	// expires at
+	ExpiresAt string `json:"expires_at,omitempty"`
+
+	// organization
+	Organization string `json:"organization,omitempty"`
+
+	// plan
+	Plan string `json:"plan,omitempty"`
+
+	// storage capacity
+	StorageCapacity int64 `json:"storage_capacity,omitempty"`
+}
+
+// Validate validates this license
+func (m *License) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *License) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *License) UnmarshalBinary(b []byte) error {
+	var res License
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/list_objects_response.go

@@ -0,0 +1,100 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// ListObjectsResponse list objects response
+//
+// swagger:model listObjectsResponse
+type ListObjectsResponse struct {
+
+	// list of resulting objects
+	Objects []*BucketObject `json:"objects"`
+
+	// number of objects
+	Total int64 `json:"total,omitempty"`
+}
+
+// Validate validates this list objects response
+func (m *ListObjectsResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateObjects(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *ListObjectsResponse) validateObjects(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.Objects) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Objects); i++ {
+		if swag.IsZero(m.Objects[i]) { // not required
+			continue
+		}
+
+		if m.Objects[i] != nil {
+			if err := m.Objects[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("objects" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *ListObjectsResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *ListObjectsResponse) UnmarshalBinary(b []byte) error {
+	var res ListObjectsResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/list_remote_buckets_response.go

@@ -0,0 +1,100 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// ListRemoteBucketsResponse list remote buckets response
+//
+// swagger:model listRemoteBucketsResponse
+type ListRemoteBucketsResponse struct {
+
+	// list of remote buckets
+	Buckets []*RemoteBucket `json:"buckets"`
+
+	// number of remote buckets accessible to user
+	Total int64 `json:"total,omitempty"`
+}
+
+// Validate validates this list remote buckets response
+func (m *ListRemoteBucketsResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateBuckets(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *ListRemoteBucketsResponse) validateBuckets(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.Buckets) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Buckets); i++ {
+		if swag.IsZero(m.Buckets[i]) { // not required
+			continue
+		}
+
+		if m.Buckets[i] != nil {
+			if err := m.Buckets[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("buckets" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *ListRemoteBucketsResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *ListRemoteBucketsResponse) UnmarshalBinary(b []byte) error {
+	var res ListRemoteBucketsResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/log_search_response.go

@@ -0,0 +1,60 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// LogSearchResponse log search response
+//
+// swagger:model logSearchResponse
+type LogSearchResponse struct {
+
+	// list of log search responses
+	Results interface{} `json:"results,omitempty"`
+}
+
+// Validate validates this log search response
+func (m *LogSearchResponse) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *LogSearchResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *LogSearchResponse) UnmarshalBinary(b []byte) error {
+	var res LogSearchResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/make_bucket_request.go

@@ -37,6 +37,15 @@ type MakeBucketRequest struct {
 	// name
 	// Required: true
 	Name *string `json:"name"`
+
+	// quota
+	Quota *SetBucketQuota `json:"quota,omitempty"`
+
+	// retention
+	Retention *PutBucketRetentionRequest `json:"retention,omitempty"`
+
+	// versioning
+	Versioning bool `json:"versioning,omitempty"`
 }
 
 // Validate validates this make bucket request
@@ -47,6 +56,14 @@ func (m *MakeBucketRequest) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}
 
+	if err := m.validateQuota(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateRetention(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -62,6 +79,42 @@ func (m *MakeBucketRequest) validateName(formats strfmt.Registry) error {
 	return nil
 }
 
+func (m *MakeBucketRequest) validateQuota(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.Quota) { // not required
+		return nil
+	}
+
+	if m.Quota != nil {
+		if err := m.Quota.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("quota")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *MakeBucketRequest) validateRetention(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.Retention) { // not required
+		return nil
+	}
+
+	if m.Retention != nil {
+		if err := m.Retention.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("retention")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 // MarshalBinary interface implementation
 func (m *MakeBucketRequest) MarshalBinary() ([]byte, error) {
 	if m == nil {

models/max_allocatable_mem_response.go

@@ -0,0 +1,60 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// MaxAllocatableMemResponse max allocatable mem response
+//
+// swagger:model maxAllocatableMemResponse
+type MaxAllocatableMemResponse struct {
+
+	// max memory
+	MaxMemory int64 `json:"max_memory,omitempty"`
+}
+
+// Validate validates this max allocatable mem response
+func (m *MaxAllocatableMemResponse) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *MaxAllocatableMemResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *MaxAllocatableMemResponse) UnmarshalBinary(b []byte) error {
+	var res MaxAllocatableMemResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/metadata_fields.go

@@ -0,0 +1,66 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// MetadataFields metadata fields
+//
+// swagger:model metadataFields
+type MetadataFields struct {
+
+	// annotations
+	Annotations map[string]string `json:"annotations,omitempty"`
+
+	// labels
+	Labels map[string]string `json:"labels,omitempty"`
+
+	// node selector
+	NodeSelector map[string]string `json:"node_selector,omitempty"`
+}
+
+// Validate validates this metadata fields
+func (m *MetadataFields) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *MetadataFields) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *MetadataFields) UnmarshalBinary(b []byte) error {
+	var res MetadataFields
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/object_legal_hold_status.go

@@ -0,0 +1,80 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"encoding/json"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/validate"
+)
+
+// ObjectLegalHoldStatus object legal hold status
+//
+// swagger:model objectLegalHoldStatus
+type ObjectLegalHoldStatus string
+
+const (
+
+	// ObjectLegalHoldStatusEnabled captures enum value "enabled"
+	ObjectLegalHoldStatusEnabled ObjectLegalHoldStatus = "enabled"
+
+	// ObjectLegalHoldStatusDisabled captures enum value "disabled"
+	ObjectLegalHoldStatusDisabled ObjectLegalHoldStatus = "disabled"
+)
+
+// for schema
+var objectLegalHoldStatusEnum []interface{}
+
+func init() {
+	var res []ObjectLegalHoldStatus
+	if err := json.Unmarshal([]byte(`["enabled","disabled"]`), &res); err != nil {
+		panic(err)
+	}
+	for _, v := range res {
+		objectLegalHoldStatusEnum = append(objectLegalHoldStatusEnum, v)
+	}
+}
+
+func (m ObjectLegalHoldStatus) validateObjectLegalHoldStatusEnum(path, location string, value ObjectLegalHoldStatus) error {
+	if err := validate.EnumCase(path, location, value, objectLegalHoldStatusEnum, true); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Validate validates this object legal hold status
+func (m ObjectLegalHoldStatus) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	// value enum
+	if err := m.validateObjectLegalHoldStatusEnum("", "body", m); err != nil {
+		return err
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}

models/object_retention_mode.go

@@ -0,0 +1,80 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"encoding/json"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/validate"
+)
+
+// ObjectRetentionMode object retention mode
+//
+// swagger:model objectRetentionMode
+type ObjectRetentionMode string
+
+const (
+
+	// ObjectRetentionModeGovernance captures enum value "governance"
+	ObjectRetentionModeGovernance ObjectRetentionMode = "governance"
+
+	// ObjectRetentionModeCompliance captures enum value "compliance"
+	ObjectRetentionModeCompliance ObjectRetentionMode = "compliance"
+)
+
+// for schema
+var objectRetentionModeEnum []interface{}
+
+func init() {
+	var res []ObjectRetentionMode
+	if err := json.Unmarshal([]byte(`["governance","compliance"]`), &res); err != nil {
+		panic(err)
+	}
+	for _, v := range res {
+		objectRetentionModeEnum = append(objectRetentionModeEnum, v)
+	}
+}
+
+func (m ObjectRetentionMode) validateObjectRetentionModeEnum(path, location string, value ObjectRetentionMode) error {
+	if err := validate.EnumCase(path, location, value, objectRetentionModeEnum, true); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Validate validates this object retention mode
+func (m ObjectRetentionMode) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	// value enum
+	if err := m.validateObjectRetentionModeEnum("", "body", m); err != nil {
+		return err
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}

models/object_retention_unit.go

@@ -0,0 +1,80 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"encoding/json"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/validate"
+)
+
+// ObjectRetentionUnit object retention unit
+//
+// swagger:model objectRetentionUnit
+type ObjectRetentionUnit string
+
+const (
+
+	// ObjectRetentionUnitDays captures enum value "days"
+	ObjectRetentionUnitDays ObjectRetentionUnit = "days"
+
+	// ObjectRetentionUnitYears captures enum value "years"
+	ObjectRetentionUnitYears ObjectRetentionUnit = "years"
+)
+
+// for schema
+var objectRetentionUnitEnum []interface{}
+
+func init() {
+	var res []ObjectRetentionUnit
+	if err := json.Unmarshal([]byte(`["days","years"]`), &res); err != nil {
+		panic(err)
+	}
+	for _, v := range res {
+		objectRetentionUnitEnum = append(objectRetentionUnitEnum, v)
+	}
+}
+
+func (m ObjectRetentionUnit) validateObjectRetentionUnitEnum(path, location string, value ObjectRetentionUnit) error {
+	if err := validate.EnumCase(path, location, value, objectRetentionUnitEnum, true); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Validate validates this object retention unit
+func (m ObjectRetentionUnit) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	// value enum
+	if err := m.validateObjectRetentionUnitEnum("", "body", m); err != nil {
+		return err
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}

models/parity_response.go

@@ -0,0 +1,37 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"github.com/go-openapi/strfmt"
+)
+
+// ParityResponse parity response
+//
+// swagger:model parityResponse
+type ParityResponse []string
+
+// Validate validates this parity response
+func (m ParityResponse) Validate(formats strfmt.Registry) error {
+	return nil
+}

models/pool.go

@@ -29,13 +29,13 @@ import (
 	"github.com/go-openapi/validate"
 )
 
-// Zone zone
+// Pool pool
 //
-// swagger:model zone
+// swagger:model pool
-type Zone struct {
+type Pool struct {
 
 	// affinity
-	Affinity *ZoneAffinity `json:"affinity,omitempty"`
+	Affinity *PoolAffinity `json:"affinity,omitempty"`
 
 	// name
 	Name string `json:"name,omitempty"`
@@ -44,26 +44,26 @@ type Zone struct {
 	NodeSelector map[string]string `json:"node_selector,omitempty"`
 
 	// resources
-	Resources *ZoneResources `json:"resources,omitempty"`
+	Resources *PoolResources `json:"resources,omitempty"`
 
 	// servers
 	// Required: true
 	Servers *int64 `json:"servers"`
 
 	// tolerations
-	Tolerations ZoneTolerations `json:"tolerations,omitempty"`
+	Tolerations PoolTolerations `json:"tolerations,omitempty"`
 
 	// volume configuration
 	// Required: true
-	VolumeConfiguration *ZoneVolumeConfiguration `json:"volume_configuration"`
+	VolumeConfiguration *PoolVolumeConfiguration `json:"volume_configuration"`
 
 	// volumes per server
 	// Required: true
 	VolumesPerServer *int32 `json:"volumes_per_server"`
 }
 
-// Validate validates this zone
+// Validate validates this pool
-func (m *Zone) Validate(formats strfmt.Registry) error {
+func (m *Pool) Validate(formats strfmt.Registry) error {
 	var res []error
 
 	if err := m.validateAffinity(formats); err != nil {
@@ -96,7 +96,7 @@ func (m *Zone) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *Zone) validateAffinity(formats strfmt.Registry) error {
+func (m *Pool) validateAffinity(formats strfmt.Registry) error {
 
 	if swag.IsZero(m.Affinity) { // not required
 		return nil
@@ -114,7 +114,7 @@ func (m *Zone) validateAffinity(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *Zone) validateResources(formats strfmt.Registry) error {
+func (m *Pool) validateResources(formats strfmt.Registry) error {
 
 	if swag.IsZero(m.Resources) { // not required
 		return nil
@@ -132,7 +132,7 @@ func (m *Zone) validateResources(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *Zone) validateServers(formats strfmt.Registry) error {
+func (m *Pool) validateServers(formats strfmt.Registry) error {
 
 	if err := validate.Required("servers", "body", m.Servers); err != nil {
 		return err
@@ -141,7 +141,7 @@ func (m *Zone) validateServers(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *Zone) validateTolerations(formats strfmt.Registry) error {
+func (m *Pool) validateTolerations(formats strfmt.Registry) error {
 
 	if swag.IsZero(m.Tolerations) { // not required
 		return nil
@@ -157,7 +157,7 @@ func (m *Zone) validateTolerations(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *Zone) validateVolumeConfiguration(formats strfmt.Registry) error {
+func (m *Pool) validateVolumeConfiguration(formats strfmt.Registry) error {
 
 	if err := validate.Required("volume_configuration", "body", m.VolumeConfiguration); err != nil {
 		return err
@@ -175,7 +175,7 @@ func (m *Zone) validateVolumeConfiguration(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *Zone) validateVolumesPerServer(formats strfmt.Registry) error {
+func (m *Pool) validateVolumesPerServer(formats strfmt.Registry) error {
 
 	if err := validate.Required("volumes_per_server", "body", m.VolumesPerServer); err != nil {
 		return err
@@ -185,7 +185,7 @@ func (m *Zone) validateVolumesPerServer(formats strfmt.Registry) error {
 }
 
 // MarshalBinary interface implementation
-func (m *Zone) MarshalBinary() ([]byte, error) {
+func (m *Pool) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
@@ -193,8 +193,8 @@ func (m *Zone) MarshalBinary() ([]byte, error) {
 }
 
 // UnmarshalBinary interface implementation
-func (m *Zone) UnmarshalBinary(b []byte) error {
+func (m *Pool) UnmarshalBinary(b []byte) error {
-	var res Zone
+	var res Pool
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
@@ -202,10 +202,13 @@ func (m *Zone) UnmarshalBinary(b []byte) error {
 	return nil
 }
 
-// ZoneVolumeConfiguration zone volume configuration
+// PoolVolumeConfiguration pool volume configuration
 //
-// swagger:model ZoneVolumeConfiguration
+// swagger:model PoolVolumeConfiguration
-type ZoneVolumeConfiguration struct {
+type PoolVolumeConfiguration struct {
+
+	// annotations
+	Annotations map[string]string `json:"annotations,omitempty"`
 
 	// labels
 	Labels map[string]string `json:"labels,omitempty"`
@@ -218,8 +221,8 @@ type ZoneVolumeConfiguration struct {
 	StorageClassName string `json:"storage_class_name,omitempty"`
 }
 
-// Validate validates this zone volume configuration
+// Validate validates this pool volume configuration
-func (m *ZoneVolumeConfiguration) Validate(formats strfmt.Registry) error {
+func (m *PoolVolumeConfiguration) Validate(formats strfmt.Registry) error {
 	var res []error
 
 	if err := m.validateSize(formats); err != nil {
@@ -232,7 +235,7 @@ func (m *ZoneVolumeConfiguration) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *ZoneVolumeConfiguration) validateSize(formats strfmt.Registry) error {
+func (m *PoolVolumeConfiguration) validateSize(formats strfmt.Registry) error {
 
 	if err := validate.Required("volume_configuration"+"."+"size", "body", m.Size); err != nil {
 		return err
@@ -242,7 +245,7 @@ func (m *ZoneVolumeConfiguration) validateSize(formats strfmt.Registry) error {
 }
 
 // MarshalBinary interface implementation
-func (m *ZoneVolumeConfiguration) MarshalBinary() ([]byte, error) {
+func (m *PoolVolumeConfiguration) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
@@ -250,8 +253,8 @@ func (m *ZoneVolumeConfiguration) MarshalBinary() ([]byte, error) {
 }
 
 // UnmarshalBinary interface implementation
-func (m *ZoneVolumeConfiguration) UnmarshalBinary(b []byte) error {
+func (m *PoolVolumeConfiguration) UnmarshalBinary(b []byte) error {
-	var res ZoneVolumeConfiguration
+	var res PoolVolumeConfiguration
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}

models/pool_affinity.go

@@ -31,23 +31,23 @@ import (
 	"github.com/go-openapi/validate"
 )
 
-// ZoneAffinity If specified, affinity will define the pod's scheduling constraints
+// PoolAffinity If specified, affinity will define the pod's scheduling constraints
 //
-// swagger:model zoneAffinity
+// swagger:model poolAffinity
-type ZoneAffinity struct {
+type PoolAffinity struct {
 
 	// node affinity
-	NodeAffinity *ZoneAffinityNodeAffinity `json:"nodeAffinity,omitempty"`
+	NodeAffinity *PoolAffinityNodeAffinity `json:"nodeAffinity,omitempty"`
 
 	// pod affinity
-	PodAffinity *ZoneAffinityPodAffinity `json:"podAffinity,omitempty"`
+	PodAffinity *PoolAffinityPodAffinity `json:"podAffinity,omitempty"`
 
 	// pod anti affinity
-	PodAntiAffinity *ZoneAffinityPodAntiAffinity `json:"podAntiAffinity,omitempty"`
+	PodAntiAffinity *PoolAffinityPodAntiAffinity `json:"podAntiAffinity,omitempty"`
 }
 
-// Validate validates this zone affinity
+// Validate validates this pool affinity
-func (m *ZoneAffinity) Validate(formats strfmt.Registry) error {
+func (m *PoolAffinity) Validate(formats strfmt.Registry) error {
 	var res []error
 
 	if err := m.validateNodeAffinity(formats); err != nil {
@@ -68,7 +68,7 @@ func (m *ZoneAffinity) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *ZoneAffinity) validateNodeAffinity(formats strfmt.Registry) error {
+func (m *PoolAffinity) validateNodeAffinity(formats strfmt.Registry) error {
 
 	if swag.IsZero(m.NodeAffinity) { // not required
 		return nil
@@ -86,7 +86,7 @@ func (m *ZoneAffinity) validateNodeAffinity(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *ZoneAffinity) validatePodAffinity(formats strfmt.Registry) error {
+func (m *PoolAffinity) validatePodAffinity(formats strfmt.Registry) error {
 
 	if swag.IsZero(m.PodAffinity) { // not required
 		return nil
@@ -104,7 +104,7 @@ func (m *ZoneAffinity) validatePodAffinity(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *ZoneAffinity) validatePodAntiAffinity(formats strfmt.Registry) error {
+func (m *PoolAffinity) validatePodAntiAffinity(formats strfmt.Registry) error {
 
 	if swag.IsZero(m.PodAntiAffinity) { // not required
 		return nil
@@ -123,7 +123,7 @@ func (m *ZoneAffinity) validatePodAntiAffinity(formats strfmt.Registry) error {
 }
 
 // MarshalBinary interface implementation
-func (m *ZoneAffinity) MarshalBinary() ([]byte, error) {
+func (m *PoolAffinity) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
@@ -131,8 +131,8 @@ func (m *ZoneAffinity) MarshalBinary() ([]byte, error) {
 }
 
 // UnmarshalBinary interface implementation
-func (m *ZoneAffinity) UnmarshalBinary(b []byte) error {
+func (m *PoolAffinity) UnmarshalBinary(b []byte) error {
-	var res ZoneAffinity
+	var res PoolAffinity
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
@@ -140,20 +140,20 @@ func (m *ZoneAffinity) UnmarshalBinary(b []byte) error {
 	return nil
 }
 
-// ZoneAffinityNodeAffinity Describes node affinity scheduling rules for the pod.
+// PoolAffinityNodeAffinity Describes node affinity scheduling rules for the pod.
 //
-// swagger:model ZoneAffinityNodeAffinity
+// swagger:model PoolAffinityNodeAffinity
-type ZoneAffinityNodeAffinity struct {
+type PoolAffinityNodeAffinity struct {
 
 	// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.
-	PreferredDuringSchedulingIgnoredDuringExecution []*ZoneAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 `json:"preferredDuringSchedulingIgnoredDuringExecution"`
+	PreferredDuringSchedulingIgnoredDuringExecution []*PoolAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 `json:"preferredDuringSchedulingIgnoredDuringExecution"`
 
 	// required during scheduling ignored during execution
-	RequiredDuringSchedulingIgnoredDuringExecution *ZoneAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution `json:"requiredDuringSchedulingIgnoredDuringExecution,omitempty"`
+	RequiredDuringSchedulingIgnoredDuringExecution *PoolAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution `json:"requiredDuringSchedulingIgnoredDuringExecution,omitempty"`
 }
 
-// Validate validates this zone affinity node affinity
+// Validate validates this pool affinity node affinity
-func (m *ZoneAffinityNodeAffinity) Validate(formats strfmt.Registry) error {
+func (m *PoolAffinityNodeAffinity) Validate(formats strfmt.Registry) error {
 	var res []error
 
 	if err := m.validatePreferredDuringSchedulingIgnoredDuringExecution(formats); err != nil {
@@ -170,7 +170,7 @@ func (m *ZoneAffinityNodeAffinity) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *ZoneAffinityNodeAffinity) validatePreferredDuringSchedulingIgnoredDuringExecution(formats strfmt.Registry) error {
+func (m *PoolAffinityNodeAffinity) validatePreferredDuringSchedulingIgnoredDuringExecution(formats strfmt.Registry) error {
 
 	if swag.IsZero(m.PreferredDuringSchedulingIgnoredDuringExecution) { // not required
 		return nil
@@ -195,7 +195,7 @@ func (m *ZoneAffinityNodeAffinity) validatePreferredDuringSchedulingIgnoredDurin
 	return nil
 }
 
-func (m *ZoneAffinityNodeAffinity) validateRequiredDuringSchedulingIgnoredDuringExecution(formats strfmt.Registry) error {
+func (m *PoolAffinityNodeAffinity) validateRequiredDuringSchedulingIgnoredDuringExecution(formats strfmt.Registry) error {
 
 	if swag.IsZero(m.RequiredDuringSchedulingIgnoredDuringExecution) { // not required
 		return nil
@@ -214,7 +214,7 @@ func (m *ZoneAffinityNodeAffinity) validateRequiredDuringSchedulingIgnoredDuring
 }
 
 // MarshalBinary interface implementation
-func (m *ZoneAffinityNodeAffinity) MarshalBinary() ([]byte, error) {
+func (m *PoolAffinityNodeAffinity) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
@@ -222,8 +222,8 @@ func (m *ZoneAffinityNodeAffinity) MarshalBinary() ([]byte, error) {
 }
 
 // UnmarshalBinary interface implementation
-func (m *ZoneAffinityNodeAffinity) UnmarshalBinary(b []byte) error {
+func (m *PoolAffinityNodeAffinity) UnmarshalBinary(b []byte) error {
-	var res ZoneAffinityNodeAffinity
+	var res PoolAffinityNodeAffinity
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
@@ -231,10 +231,10 @@ func (m *ZoneAffinityNodeAffinity) UnmarshalBinary(b []byte) error {
 	return nil
 }
 
-// ZoneAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
+// PoolAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
 //
-// swagger:model ZoneAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0
+// swagger:model PoolAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0
-type ZoneAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 struct {
+type PoolAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 struct {
 
 	// A node selector term, associated with the corresponding weight.
 	// Required: true
@@ -245,8 +245,8 @@ type ZoneAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItem
 	Weight *int32 `json:"weight"`
 }
 
-// Validate validates this zone affinity node affinity preferred during scheduling ignored during execution items0
+// Validate validates this pool affinity node affinity preferred during scheduling ignored during execution items0
-func (m *ZoneAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) Validate(formats strfmt.Registry) error {
+func (m *PoolAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) Validate(formats strfmt.Registry) error {
 	var res []error
 
 	if err := m.validatePreference(formats); err != nil {
@@ -263,7 +263,7 @@ func (m *ZoneAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution
 	return nil
 }
 
-func (m *ZoneAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) validatePreference(formats strfmt.Registry) error {
+func (m *PoolAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) validatePreference(formats strfmt.Registry) error {
 
 	if err := validate.Required("preference", "body", m.Preference); err != nil {
 		return err
@@ -281,7 +281,7 @@ func (m *ZoneAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution
 	return nil
 }
 
-func (m *ZoneAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) validateWeight(formats strfmt.Registry) error {
+func (m *PoolAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) validateWeight(formats strfmt.Registry) error {
 
 	if err := validate.Required("weight", "body", m.Weight); err != nil {
 		return err
@@ -291,7 +291,7 @@ func (m *ZoneAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution
 }
 
 // MarshalBinary interface implementation
-func (m *ZoneAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) MarshalBinary() ([]byte, error) {
+func (m *PoolAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
@@ -299,8 +299,8 @@ func (m *ZoneAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution
 }
 
 // UnmarshalBinary interface implementation
-func (m *ZoneAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) UnmarshalBinary(b []byte) error {
+func (m *PoolAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) UnmarshalBinary(b []byte) error {
-	var res ZoneAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0
+	var res PoolAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
@@ -308,18 +308,18 @@ func (m *ZoneAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution
 	return nil
 }
 
-// ZoneAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.
+// PoolAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.
 //
-// swagger:model ZoneAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution
+// swagger:model PoolAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution
-type ZoneAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution struct {
+type PoolAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution struct {
 
 	// Required. A list of node selector terms. The terms are ORed.
 	// Required: true
 	NodeSelectorTerms []*NodeSelectorTerm `json:"nodeSelectorTerms"`
 }
 
-// Validate validates this zone affinity node affinity required during scheduling ignored during execution
+// Validate validates this pool affinity node affinity required during scheduling ignored during execution
-func (m *ZoneAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution) Validate(formats strfmt.Registry) error {
+func (m *PoolAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution) Validate(formats strfmt.Registry) error {
 	var res []error
 
 	if err := m.validateNodeSelectorTerms(formats); err != nil {
@@ -332,7 +332,7 @@ func (m *ZoneAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution)
 	return nil
 }
 
-func (m *ZoneAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution) validateNodeSelectorTerms(formats strfmt.Registry) error {
+func (m *PoolAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution) validateNodeSelectorTerms(formats strfmt.Registry) error {
 
 	if err := validate.Required("nodeAffinity"+"."+"requiredDuringSchedulingIgnoredDuringExecution"+"."+"nodeSelectorTerms", "body", m.NodeSelectorTerms); err != nil {
 		return err
@@ -358,7 +358,7 @@ func (m *ZoneAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution)
 }
 
 // MarshalBinary interface implementation
-func (m *ZoneAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution) MarshalBinary() ([]byte, error) {
+func (m *PoolAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
@@ -366,8 +366,8 @@ func (m *ZoneAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution)
 }
 
 // UnmarshalBinary interface implementation
-func (m *ZoneAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution) UnmarshalBinary(b []byte) error {
+func (m *PoolAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution) UnmarshalBinary(b []byte) error {
-	var res ZoneAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution
+	var res PoolAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
@@ -375,20 +375,20 @@ func (m *ZoneAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution)
 	return nil
 }
 
-// ZoneAffinityPodAffinity Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).
+// PoolAffinityPodAffinity Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, pool, etc. as some other pod(s)).
 //
-// swagger:model ZoneAffinityPodAffinity
+// swagger:model PoolAffinityPodAffinity
-type ZoneAffinityPodAffinity struct {
+type PoolAffinityPodAffinity struct {
 
 	// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
-	PreferredDuringSchedulingIgnoredDuringExecution []*ZoneAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 `json:"preferredDuringSchedulingIgnoredDuringExecution"`
+	PreferredDuringSchedulingIgnoredDuringExecution []*PoolAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 `json:"preferredDuringSchedulingIgnoredDuringExecution"`
 
 	// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
 	RequiredDuringSchedulingIgnoredDuringExecution []*PodAffinityTerm `json:"requiredDuringSchedulingIgnoredDuringExecution"`
 }
 
-// Validate validates this zone affinity pod affinity
+// Validate validates this pool affinity pod affinity
-func (m *ZoneAffinityPodAffinity) Validate(formats strfmt.Registry) error {
+func (m *PoolAffinityPodAffinity) Validate(formats strfmt.Registry) error {
 	var res []error
 
 	if err := m.validatePreferredDuringSchedulingIgnoredDuringExecution(formats); err != nil {
@@ -405,7 +405,7 @@ func (m *ZoneAffinityPodAffinity) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *ZoneAffinityPodAffinity) validatePreferredDuringSchedulingIgnoredDuringExecution(formats strfmt.Registry) error {
+func (m *PoolAffinityPodAffinity) validatePreferredDuringSchedulingIgnoredDuringExecution(formats strfmt.Registry) error {
 
 	if swag.IsZero(m.PreferredDuringSchedulingIgnoredDuringExecution) { // not required
 		return nil
@@ -430,7 +430,7 @@ func (m *ZoneAffinityPodAffinity) validatePreferredDuringSchedulingIgnoredDuring
 	return nil
 }
 
-func (m *ZoneAffinityPodAffinity) validateRequiredDuringSchedulingIgnoredDuringExecution(formats strfmt.Registry) error {
+func (m *PoolAffinityPodAffinity) validateRequiredDuringSchedulingIgnoredDuringExecution(formats strfmt.Registry) error {
 
 	if swag.IsZero(m.RequiredDuringSchedulingIgnoredDuringExecution) { // not required
 		return nil
@@ -456,7 +456,7 @@ func (m *ZoneAffinityPodAffinity) validateRequiredDuringSchedulingIgnoredDuringE
 }
 
 // MarshalBinary interface implementation
-func (m *ZoneAffinityPodAffinity) MarshalBinary() ([]byte, error) {
+func (m *PoolAffinityPodAffinity) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
@@ -464,8 +464,8 @@ func (m *ZoneAffinityPodAffinity) MarshalBinary() ([]byte, error) {
 }
 
 // UnmarshalBinary interface implementation
-func (m *ZoneAffinityPodAffinity) UnmarshalBinary(b []byte) error {
+func (m *PoolAffinityPodAffinity) UnmarshalBinary(b []byte) error {
-	var res ZoneAffinityPodAffinity
+	var res PoolAffinityPodAffinity
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
@@ -473,10 +473,10 @@ func (m *ZoneAffinityPodAffinity) UnmarshalBinary(b []byte) error {
 	return nil
 }
 
-// ZoneAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
+// PoolAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
 //
-// swagger:model ZoneAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0
+// swagger:model PoolAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0
-type ZoneAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 struct {
+type PoolAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 struct {
 
 	// pod affinity term
 	// Required: true
@@ -487,8 +487,8 @@ type ZoneAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems
 	Weight *int32 `json:"weight"`
 }
 
-// Validate validates this zone affinity pod affinity preferred during scheduling ignored during execution items0
+// Validate validates this pool affinity pod affinity preferred during scheduling ignored during execution items0
-func (m *ZoneAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) Validate(formats strfmt.Registry) error {
+func (m *PoolAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) Validate(formats strfmt.Registry) error {
 	var res []error
 
 	if err := m.validatePodAffinityTerm(formats); err != nil {
@@ -505,7 +505,7 @@ func (m *ZoneAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionI
 	return nil
 }
 
-func (m *ZoneAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) validatePodAffinityTerm(formats strfmt.Registry) error {
+func (m *PoolAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) validatePodAffinityTerm(formats strfmt.Registry) error {
 
 	if err := validate.Required("podAffinityTerm", "body", m.PodAffinityTerm); err != nil {
 		return err
@@ -523,7 +523,7 @@ func (m *ZoneAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionI
 	return nil
 }
 
-func (m *ZoneAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) validateWeight(formats strfmt.Registry) error {
+func (m *PoolAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) validateWeight(formats strfmt.Registry) error {
 
 	if err := validate.Required("weight", "body", m.Weight); err != nil {
 		return err
@@ -533,7 +533,7 @@ func (m *ZoneAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionI
 }
 
 // MarshalBinary interface implementation
-func (m *ZoneAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) MarshalBinary() ([]byte, error) {
+func (m *PoolAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
@@ -541,8 +541,8 @@ func (m *ZoneAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionI
 }
 
 // UnmarshalBinary interface implementation
-func (m *ZoneAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) UnmarshalBinary(b []byte) error {
+func (m *PoolAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) UnmarshalBinary(b []byte) error {
-	var res ZoneAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0
+	var res PoolAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
@@ -550,20 +550,20 @@ func (m *ZoneAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionI
 	return nil
 }
 
-// ZoneAffinityPodAntiAffinity Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).
+// PoolAffinityPodAntiAffinity Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, pool, etc. as some other pod(s)).
 //
-// swagger:model ZoneAffinityPodAntiAffinity
+// swagger:model PoolAffinityPodAntiAffinity
-type ZoneAffinityPodAntiAffinity struct {
+type PoolAffinityPodAntiAffinity struct {
 
 	// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
-	PreferredDuringSchedulingIgnoredDuringExecution []*ZoneAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 `json:"preferredDuringSchedulingIgnoredDuringExecution"`
+	PreferredDuringSchedulingIgnoredDuringExecution []*PoolAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 `json:"preferredDuringSchedulingIgnoredDuringExecution"`
 
 	// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
 	RequiredDuringSchedulingIgnoredDuringExecution []*PodAffinityTerm `json:"requiredDuringSchedulingIgnoredDuringExecution"`
 }
 
-// Validate validates this zone affinity pod anti affinity
+// Validate validates this pool affinity pod anti affinity
-func (m *ZoneAffinityPodAntiAffinity) Validate(formats strfmt.Registry) error {
+func (m *PoolAffinityPodAntiAffinity) Validate(formats strfmt.Registry) error {
 	var res []error
 
 	if err := m.validatePreferredDuringSchedulingIgnoredDuringExecution(formats); err != nil {
@@ -580,7 +580,7 @@ func (m *ZoneAffinityPodAntiAffinity) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *ZoneAffinityPodAntiAffinity) validatePreferredDuringSchedulingIgnoredDuringExecution(formats strfmt.Registry) error {
+func (m *PoolAffinityPodAntiAffinity) validatePreferredDuringSchedulingIgnoredDuringExecution(formats strfmt.Registry) error {
 
 	if swag.IsZero(m.PreferredDuringSchedulingIgnoredDuringExecution) { // not required
 		return nil
@@ -605,7 +605,7 @@ func (m *ZoneAffinityPodAntiAffinity) validatePreferredDuringSchedulingIgnoredDu
 	return nil
 }
 
-func (m *ZoneAffinityPodAntiAffinity) validateRequiredDuringSchedulingIgnoredDuringExecution(formats strfmt.Registry) error {
+func (m *PoolAffinityPodAntiAffinity) validateRequiredDuringSchedulingIgnoredDuringExecution(formats strfmt.Registry) error {
 
 	if swag.IsZero(m.RequiredDuringSchedulingIgnoredDuringExecution) { // not required
 		return nil
@@ -631,7 +631,7 @@ func (m *ZoneAffinityPodAntiAffinity) validateRequiredDuringSchedulingIgnoredDur
 }
 
 // MarshalBinary interface implementation
-func (m *ZoneAffinityPodAntiAffinity) MarshalBinary() ([]byte, error) {
+func (m *PoolAffinityPodAntiAffinity) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
@@ -639,8 +639,8 @@ func (m *ZoneAffinityPodAntiAffinity) MarshalBinary() ([]byte, error) {
 }
 
 // UnmarshalBinary interface implementation
-func (m *ZoneAffinityPodAntiAffinity) UnmarshalBinary(b []byte) error {
+func (m *PoolAffinityPodAntiAffinity) UnmarshalBinary(b []byte) error {
-	var res ZoneAffinityPodAntiAffinity
+	var res PoolAffinityPodAntiAffinity
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
@@ -648,10 +648,10 @@ func (m *ZoneAffinityPodAntiAffinity) UnmarshalBinary(b []byte) error {
 	return nil
 }
 
-// ZoneAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
+// PoolAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
 //
-// swagger:model ZoneAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0
+// swagger:model PoolAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0
-type ZoneAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 struct {
+type PoolAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 struct {
 
 	// pod affinity term
 	// Required: true
@@ -662,8 +662,8 @@ type ZoneAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionI
 	Weight *int32 `json:"weight"`
 }
 
-// Validate validates this zone affinity pod anti affinity preferred during scheduling ignored during execution items0
+// Validate validates this pool affinity pod anti affinity preferred during scheduling ignored during execution items0
-func (m *ZoneAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) Validate(formats strfmt.Registry) error {
+func (m *PoolAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) Validate(formats strfmt.Registry) error {
 	var res []error
 
 	if err := m.validatePodAffinityTerm(formats); err != nil {
@@ -680,7 +680,7 @@ func (m *ZoneAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecut
 	return nil
 }
 
-func (m *ZoneAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) validatePodAffinityTerm(formats strfmt.Registry) error {
+func (m *PoolAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) validatePodAffinityTerm(formats strfmt.Registry) error {
 
 	if err := validate.Required("podAffinityTerm", "body", m.PodAffinityTerm); err != nil {
 		return err
@@ -698,7 +698,7 @@ func (m *ZoneAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecut
 	return nil
 }
 
-func (m *ZoneAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) validateWeight(formats strfmt.Registry) error {
+func (m *PoolAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) validateWeight(formats strfmt.Registry) error {
 
 	if err := validate.Required("weight", "body", m.Weight); err != nil {
 		return err
@@ -708,7 +708,7 @@ func (m *ZoneAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecut
 }
 
 // MarshalBinary interface implementation
-func (m *ZoneAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) MarshalBinary() ([]byte, error) {
+func (m *PoolAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
@@ -716,8 +716,8 @@ func (m *ZoneAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecut
 }
 
 // UnmarshalBinary interface implementation
-func (m *ZoneAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) UnmarshalBinary(b []byte) error {
+func (m *PoolAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0) UnmarshalBinary(b []byte) error {
-	var res ZoneAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0
+	var res PoolAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}

models/pool_resources.go

@@ -27,10 +27,10 @@ import (
 	"github.com/go-openapi/swag"
 )
 
-// ZoneResources If provided, use these requests and limit for cpu/memory resource allocation
+// PoolResources If provided, use these requests and limit for cpu/memory resource allocation
 //
-// swagger:model zoneResources
+// swagger:model poolResources
-type ZoneResources struct {
+type PoolResources struct {
 
 	// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
 	Limits map[string]int64 `json:"limits,omitempty"`
@@ -39,13 +39,13 @@ type ZoneResources struct {
 	Requests map[string]int64 `json:"requests,omitempty"`
 }
 
-// Validate validates this zone resources
+// Validate validates this pool resources
-func (m *ZoneResources) Validate(formats strfmt.Registry) error {
+func (m *PoolResources) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
 // MarshalBinary interface implementation
-func (m *ZoneResources) MarshalBinary() ([]byte, error) {
+func (m *PoolResources) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
@@ -53,8 +53,8 @@ func (m *ZoneResources) MarshalBinary() ([]byte, error) {
 }
 
 // UnmarshalBinary interface implementation
-func (m *ZoneResources) UnmarshalBinary(b []byte) error {
+func (m *PoolResources) UnmarshalBinary(b []byte) error {
-	var res ZoneResources
+	var res PoolResources
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}

models/pool_toleration_seconds.go

@@ -29,18 +29,18 @@ import (
 	"github.com/go-openapi/validate"
 )
 
-// ZoneTolerationSeconds TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
+// PoolTolerationSeconds TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
 //
-// swagger:model zoneTolerationSeconds
+// swagger:model poolTolerationSeconds
-type ZoneTolerationSeconds struct {
+type PoolTolerationSeconds struct {
 
 	// seconds
 	// Required: true
 	Seconds *int64 `json:"seconds"`
 }
 
-// Validate validates this zone toleration seconds
+// Validate validates this pool toleration seconds
-func (m *ZoneTolerationSeconds) Validate(formats strfmt.Registry) error {
+func (m *PoolTolerationSeconds) Validate(formats strfmt.Registry) error {
 	var res []error
 
 	if err := m.validateSeconds(formats); err != nil {
@@ -53,7 +53,7 @@ func (m *ZoneTolerationSeconds) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *ZoneTolerationSeconds) validateSeconds(formats strfmt.Registry) error {
+func (m *PoolTolerationSeconds) validateSeconds(formats strfmt.Registry) error {
 
 	if err := validate.Required("seconds", "body", m.Seconds); err != nil {
 		return err
@@ -63,7 +63,7 @@ func (m *ZoneTolerationSeconds) validateSeconds(formats strfmt.Registry) error {
 }
 
 // MarshalBinary interface implementation
-func (m *ZoneTolerationSeconds) MarshalBinary() ([]byte, error) {
+func (m *PoolTolerationSeconds) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
@@ -71,8 +71,8 @@ func (m *ZoneTolerationSeconds) MarshalBinary() ([]byte, error) {
 }
 
 // UnmarshalBinary interface implementation
-func (m *ZoneTolerationSeconds) UnmarshalBinary(b []byte) error {
+func (m *PoolTolerationSeconds) UnmarshalBinary(b []byte) error {
-	var res ZoneTolerationSeconds
+	var res PoolTolerationSeconds
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}

models/pool_tolerations.go

@@ -30,13 +30,13 @@ import (
 	"github.com/go-openapi/swag"
 )
 
-// ZoneTolerations Tolerations allows users to set entries like effect, key, operator, value.
+// PoolTolerations Tolerations allows users to set entries like effect, key, operator, value.
 //
-// swagger:model zoneTolerations
+// swagger:model poolTolerations
-type ZoneTolerations []*ZoneTolerationsItems0
+type PoolTolerations []*PoolTolerationsItems0
 
-// Validate validates this zone tolerations
+// Validate validates this pool tolerations
-func (m ZoneTolerations) Validate(formats strfmt.Registry) error {
+func (m PoolTolerations) Validate(formats strfmt.Registry) error {
 	var res []error
 
 	for i := 0; i < len(m); i++ {
@@ -61,10 +61,10 @@ func (m ZoneTolerations) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
-// ZoneTolerationsItems0 The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
+// PoolTolerationsItems0 The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
 //
-// swagger:model ZoneTolerationsItems0
+// swagger:model PoolTolerationsItems0
-type ZoneTolerationsItems0 struct {
+type PoolTolerationsItems0 struct {
 
 	// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
 	Effect string `json:"effect,omitempty"`
@@ -76,14 +76,14 @@ type ZoneTolerationsItems0 struct {
 	Operator string `json:"operator,omitempty"`
 
 	// toleration seconds
-	TolerationSeconds *ZoneTolerationSeconds `json:"tolerationSeconds,omitempty"`
+	TolerationSeconds *PoolTolerationSeconds `json:"tolerationSeconds,omitempty"`
 
 	// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
 	Value string `json:"value,omitempty"`
 }
 
-// Validate validates this zone tolerations items0
+// Validate validates this pool tolerations items0
-func (m *ZoneTolerationsItems0) Validate(formats strfmt.Registry) error {
+func (m *PoolTolerationsItems0) Validate(formats strfmt.Registry) error {
 	var res []error
 
 	if err := m.validateTolerationSeconds(formats); err != nil {
@@ -96,7 +96,7 @@ func (m *ZoneTolerationsItems0) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *ZoneTolerationsItems0) validateTolerationSeconds(formats strfmt.Registry) error {
+func (m *PoolTolerationsItems0) validateTolerationSeconds(formats strfmt.Registry) error {
 
 	if swag.IsZero(m.TolerationSeconds) { // not required
 		return nil
@@ -115,7 +115,7 @@ func (m *ZoneTolerationsItems0) validateTolerationSeconds(formats strfmt.Registr
 }
 
 // MarshalBinary interface implementation
-func (m *ZoneTolerationsItems0) MarshalBinary() ([]byte, error) {
+func (m *PoolTolerationsItems0) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
@@ -123,8 +123,8 @@ func (m *ZoneTolerationsItems0) MarshalBinary() ([]byte, error) {
 }
 
 // UnmarshalBinary interface implementation
-func (m *ZoneTolerationsItems0) UnmarshalBinary(b []byte) error {
+func (m *PoolTolerationsItems0) UnmarshalBinary(b []byte) error {
-	var res ZoneTolerationsItems0
+	var res PoolTolerationsItems0
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}

models/pool_update_request.go

@@ -31,21 +31,21 @@ import (
 	"github.com/go-openapi/validate"
 )
 
-// ZoneUpdateRequest zone update request
+// PoolUpdateRequest pool update request
 //
-// swagger:model zoneUpdateRequest
+// swagger:model poolUpdateRequest
-type ZoneUpdateRequest struct {
+type PoolUpdateRequest struct {
 
-	// zones
+	// pools
 	// Required: true
-	Zones []*Zone `json:"zones"`
+	Pools []*Pool `json:"pools"`
 }
 
-// Validate validates this zone update request
+// Validate validates this pool update request
-func (m *ZoneUpdateRequest) Validate(formats strfmt.Registry) error {
+func (m *PoolUpdateRequest) Validate(formats strfmt.Registry) error {
 	var res []error
 
-	if err := m.validateZones(formats); err != nil {
+	if err := m.validatePools(formats); err != nil {
 		res = append(res, err)
 	}
 
@@ -55,21 +55,21 @@ func (m *ZoneUpdateRequest) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *ZoneUpdateRequest) validateZones(formats strfmt.Registry) error {
+func (m *PoolUpdateRequest) validatePools(formats strfmt.Registry) error {
 
-	if err := validate.Required("zones", "body", m.Zones); err != nil {
+	if err := validate.Required("pools", "body", m.Pools); err != nil {
 		return err
 	}
 
-	for i := 0; i < len(m.Zones); i++ {
+	for i := 0; i < len(m.Pools); i++ {
-		if swag.IsZero(m.Zones[i]) { // not required
+		if swag.IsZero(m.Pools[i]) { // not required
 			continue
 		}
 
-		if m.Zones[i] != nil {
+		if m.Pools[i] != nil {
-			if err := m.Zones[i].Validate(formats); err != nil {
+			if err := m.Pools[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
-					return ve.ValidateName("zones" + "." + strconv.Itoa(i))
+					return ve.ValidateName("pools" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -81,7 +81,7 @@ func (m *ZoneUpdateRequest) validateZones(formats strfmt.Registry) error {
 }
 
 // MarshalBinary interface implementation
-func (m *ZoneUpdateRequest) MarshalBinary() ([]byte, error) {
+func (m *PoolUpdateRequest) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
@@ -89,8 +89,8 @@ func (m *ZoneUpdateRequest) MarshalBinary() ([]byte, error) {
 }
 
 // UnmarshalBinary interface implementation
-func (m *ZoneUpdateRequest) UnmarshalBinary(b []byte) error {
+func (m *PoolUpdateRequest) UnmarshalBinary(b []byte) error {
-	var res ZoneUpdateRequest
+	var res PoolUpdateRequest
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}

models/principal.go

@@ -32,17 +32,23 @@ import (
 // swagger:model principal
 type Principal struct {
 
-	// access key ID
+	// s t s access key ID
-	AccessKeyID string `json:"accessKeyID,omitempty"`
+	STSAccessKeyID string `json:"STSAccessKeyID,omitempty"`
+
+	// s t s secret access key
+	STSSecretAccessKey string `json:"STSSecretAccessKey,omitempty"`
+
+	// s t s session token
+	STSSessionToken string `json:"STSSessionToken,omitempty"`
+
+	// account access key
+	AccountAccessKey string `json:"accountAccessKey,omitempty"`
+
+	// account secret key
+	AccountSecretKey string `json:"accountSecretKey,omitempty"`
 
 	// actions
 	Actions []string `json:"actions"`
-
-	// secret access key
-	SecretAccessKey string `json:"secretAccessKey,omitempty"`
-
-	// session token
-	SessionToken string `json:"sessionToken,omitempty"`
 }
 
 // Validate validates this principal

models/put_bucket_retention_request.go

@@ -0,0 +1,121 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
+// PutBucketRetentionRequest put bucket retention request
+//
+// swagger:model putBucketRetentionRequest
+type PutBucketRetentionRequest struct {
+
+	// mode
+	// Required: true
+	Mode ObjectRetentionMode `json:"mode"`
+
+	// unit
+	// Required: true
+	Unit ObjectRetentionUnit `json:"unit"`
+
+	// validity
+	// Required: true
+	Validity *int32 `json:"validity"`
+}
+
+// Validate validates this put bucket retention request
+func (m *PutBucketRetentionRequest) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateMode(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateUnit(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateValidity(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *PutBucketRetentionRequest) validateMode(formats strfmt.Registry) error {
+
+	if err := m.Mode.Validate(formats); err != nil {
+		if ve, ok := err.(*errors.Validation); ok {
+			return ve.ValidateName("mode")
+		}
+		return err
+	}
+
+	return nil
+}
+
+func (m *PutBucketRetentionRequest) validateUnit(formats strfmt.Registry) error {
+
+	if err := m.Unit.Validate(formats); err != nil {
+		if ve, ok := err.(*errors.Validation); ok {
+			return ve.ValidateName("unit")
+		}
+		return err
+	}
+
+	return nil
+}
+
+func (m *PutBucketRetentionRequest) validateValidity(formats strfmt.Registry) error {
+
+	if err := validate.Required("validity", "body", m.Validity); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *PutBucketRetentionRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *PutBucketRetentionRequest) UnmarshalBinary(b []byte) error {
+	var res PutBucketRetentionRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/put_object_legal_hold_request.go

@@ -0,0 +1,83 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// PutObjectLegalHoldRequest put object legal hold request
+//
+// swagger:model putObjectLegalHoldRequest
+type PutObjectLegalHoldRequest struct {
+
+	// status
+	// Required: true
+	Status ObjectLegalHoldStatus `json:"status"`
+}
+
+// Validate validates this put object legal hold request
+func (m *PutObjectLegalHoldRequest) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateStatus(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *PutObjectLegalHoldRequest) validateStatus(formats strfmt.Registry) error {
+
+	if err := m.Status.Validate(formats); err != nil {
+		if ve, ok := err.(*errors.Validation); ok {
+			return ve.ValidateName("status")
+		}
+		return err
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *PutObjectLegalHoldRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *PutObjectLegalHoldRequest) UnmarshalBinary(b []byte) error {
+	var res PutObjectLegalHoldRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/put_object_retention_request.go

@@ -0,0 +1,104 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
+// PutObjectRetentionRequest put object retention request
+//
+// swagger:model putObjectRetentionRequest
+type PutObjectRetentionRequest struct {
+
+	// expires
+	// Required: true
+	Expires *string `json:"expires"`
+
+	// governance bypass
+	GovernanceBypass bool `json:"governance_bypass,omitempty"`
+
+	// mode
+	// Required: true
+	Mode ObjectRetentionMode `json:"mode"`
+}
+
+// Validate validates this put object retention request
+func (m *PutObjectRetentionRequest) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateExpires(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateMode(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *PutObjectRetentionRequest) validateExpires(formats strfmt.Registry) error {
+
+	if err := validate.Required("expires", "body", m.Expires); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *PutObjectRetentionRequest) validateMode(formats strfmt.Registry) error {
+
+	if err := m.Mode.Validate(formats); err != nil {
+		if ve, ok := err.(*errors.Validation); ok {
+			return ve.ValidateName("mode")
+		}
+		return err
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *PutObjectRetentionRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *PutObjectRetentionRequest) UnmarshalBinary(b []byte) error {
+	var res PutObjectRetentionRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/put_object_tags_request.go

@@ -27,28 +27,22 @@ import (
 	"github.com/go-openapi/swag"
 )
 
-// NodeTaints node taints
+// PutObjectTagsRequest put object tags request
 //
-// swagger:model nodeTaints
+// swagger:model putObjectTagsRequest
-type NodeTaints struct {
+type PutObjectTagsRequest struct {
 
-	// no execute
+	// tags
-	NoExecute []string `json:"no_execute"`
+	Tags map[string]string `json:"tags,omitempty"`
-
-	// no schedule
-	NoSchedule []string `json:"no_schedule"`
-
-	// prefer no schedule
-	PreferNoSchedule []string `json:"prefer_no_schedule"`
 }
 
-// Validate validates this node taints
+// Validate validates this put object tags request
-func (m *NodeTaints) Validate(formats strfmt.Registry) error {
+func (m *PutObjectTagsRequest) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
 // MarshalBinary interface implementation
-func (m *NodeTaints) MarshalBinary() ([]byte, error) {
+func (m *PutObjectTagsRequest) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
@@ -56,8 +50,8 @@ func (m *NodeTaints) MarshalBinary() ([]byte, error) {
 }
 
 // UnmarshalBinary interface implementation
-func (m *NodeTaints) UnmarshalBinary(b []byte) error {
+func (m *PutObjectTagsRequest) UnmarshalBinary(b []byte) error {
-	var res NodeTaints
+	var res PutObjectTagsRequest
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}

models/remote_bucket.go

@@ -0,0 +1,200 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"encoding/json"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
+// RemoteBucket remote bucket
+//
+// swagger:model remoteBucket
+type RemoteBucket struct {
+
+	// access key
+	// Required: true
+	// Min Length: 3
+	AccessKey *string `json:"accessKey"`
+
+	// remote a r n
+	// Required: true
+	RemoteARN *string `json:"remoteARN"`
+
+	// secret key
+	// Min Length: 8
+	SecretKey string `json:"secretKey,omitempty"`
+
+	// service
+	// Enum: [replication]
+	Service string `json:"service,omitempty"`
+
+	// source bucket
+	// Required: true
+	SourceBucket *string `json:"sourceBucket"`
+
+	// status
+	Status string `json:"status,omitempty"`
+
+	// target bucket
+	TargetBucket string `json:"targetBucket,omitempty"`
+
+	// target URL
+	TargetURL string `json:"targetURL,omitempty"`
+}
+
+// Validate validates this remote bucket
+func (m *RemoteBucket) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateAccessKey(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateRemoteARN(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateSecretKey(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateService(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateSourceBucket(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *RemoteBucket) validateAccessKey(formats strfmt.Registry) error {
+
+	if err := validate.Required("accessKey", "body", m.AccessKey); err != nil {
+		return err
+	}
+
+	if err := validate.MinLength("accessKey", "body", string(*m.AccessKey), 3); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *RemoteBucket) validateRemoteARN(formats strfmt.Registry) error {
+
+	if err := validate.Required("remoteARN", "body", m.RemoteARN); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *RemoteBucket) validateSecretKey(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.SecretKey) { // not required
+		return nil
+	}
+
+	if err := validate.MinLength("secretKey", "body", string(m.SecretKey), 8); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+var remoteBucketTypeServicePropEnum []interface{}
+
+func init() {
+	var res []string
+	if err := json.Unmarshal([]byte(`["replication"]`), &res); err != nil {
+		panic(err)
+	}
+	for _, v := range res {
+		remoteBucketTypeServicePropEnum = append(remoteBucketTypeServicePropEnum, v)
+	}
+}
+
+const (
+
+	// RemoteBucketServiceReplication captures enum value "replication"
+	RemoteBucketServiceReplication string = "replication"
+)
+
+// prop value enum
+func (m *RemoteBucket) validateServiceEnum(path, location string, value string) error {
+	if err := validate.EnumCase(path, location, value, remoteBucketTypeServicePropEnum, true); err != nil {
+		return err
+	}
+	return nil
+}
+
+func (m *RemoteBucket) validateService(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.Service) { // not required
+		return nil
+	}
+
+	// value enum
+	if err := m.validateServiceEnum("service", "body", m.Service); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *RemoteBucket) validateSourceBucket(formats strfmt.Registry) error {
+
+	if err := validate.Required("sourceBucket", "body", m.SourceBucket); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *RemoteBucket) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *RemoteBucket) UnmarshalBinary(b []byte) error {
+	var res RemoteBucket
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/result_target.go

@@ -0,0 +1,103 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// ResultTarget result target
+//
+// swagger:model resultTarget
+type ResultTarget struct {
+
+	// legend format
+	LegendFormat string `json:"legendFormat,omitempty"`
+
+	// result
+	Result []*WidgetResult `json:"result"`
+
+	// result type
+	ResultType string `json:"resultType,omitempty"`
+}
+
+// Validate validates this result target
+func (m *ResultTarget) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateResult(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *ResultTarget) validateResult(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.Result) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Result); i++ {
+		if swag.IsZero(m.Result[i]) { // not required
+			continue
+		}
+
+		if m.Result[i] != nil {
+			if err := m.Result[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("result" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *ResultTarget) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *ResultTarget) UnmarshalBinary(b []byte) error {
+	var res ResultTarget
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/session_response.go

@@ -36,6 +36,9 @@ import (
 // swagger:model sessionResponse
 type SessionResponse struct {
 
+	// operator
+	Operator bool `json:"operator,omitempty"`
+
 	// pages
 	Pages []string `json:"pages"`
 

models/set_bucket_quota.go

@@ -0,0 +1,137 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"encoding/json"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
+// SetBucketQuota set bucket quota
+//
+// swagger:model setBucketQuota
+type SetBucketQuota struct {
+
+	// amount
+	Amount int64 `json:"amount,omitempty"`
+
+	// enabled
+	// Required: true
+	Enabled *bool `json:"enabled"`
+
+	// quota type
+	// Enum: [fifo hard]
+	QuotaType string `json:"quota_type,omitempty"`
+}
+
+// Validate validates this set bucket quota
+func (m *SetBucketQuota) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateEnabled(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateQuotaType(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *SetBucketQuota) validateEnabled(formats strfmt.Registry) error {
+
+	if err := validate.Required("enabled", "body", m.Enabled); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+var setBucketQuotaTypeQuotaTypePropEnum []interface{}
+
+func init() {
+	var res []string
+	if err := json.Unmarshal([]byte(`["fifo","hard"]`), &res); err != nil {
+		panic(err)
+	}
+	for _, v := range res {
+		setBucketQuotaTypeQuotaTypePropEnum = append(setBucketQuotaTypeQuotaTypePropEnum, v)
+	}
+}
+
+const (
+
+	// SetBucketQuotaQuotaTypeFifo captures enum value "fifo"
+	SetBucketQuotaQuotaTypeFifo string = "fifo"
+
+	// SetBucketQuotaQuotaTypeHard captures enum value "hard"
+	SetBucketQuotaQuotaTypeHard string = "hard"
+)
+
+// prop value enum
+func (m *SetBucketQuota) validateQuotaTypeEnum(path, location string, value string) error {
+	if err := validate.EnumCase(path, location, value, setBucketQuotaTypeQuotaTypePropEnum, true); err != nil {
+		return err
+	}
+	return nil
+}
+
+func (m *SetBucketQuota) validateQuotaType(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.QuotaType) { // not required
+		return nil
+	}
+
+	// value enum
+	if err := m.validateQuotaTypeEnum("quota_type", "body", m.QuotaType); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *SetBucketQuota) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *SetBucketQuota) UnmarshalBinary(b []byte) error {
+	var res SetBucketQuota
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/set_bucket_versioning.go

@@ -0,0 +1,60 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// SetBucketVersioning set bucket versioning
+//
+// swagger:model setBucketVersioning
+type SetBucketVersioning struct {
+
+	// versioning
+	Versioning bool `json:"versioning,omitempty"`
+}
+
+// Validate validates this set bucket versioning
+func (m *SetBucketVersioning) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *SetBucketVersioning) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *SetBucketVersioning) UnmarshalBinary(b []byte) error {
+	var res SetBucketVersioning
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/set_config_response.go

@@ -0,0 +1,60 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// SetConfigResponse set config response
+//
+// swagger:model setConfigResponse
+type SetConfigResponse struct {
+
+	// Returns wheter server needs to restart to apply changes or not
+	Restart bool `json:"restart,omitempty"`
+}
+
+// Validate validates this set config response
+func (m *SetConfigResponse) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *SetConfigResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *SetConfigResponse) UnmarshalBinary(b []byte) error {
+	var res SetConfigResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/set_notification_endpoint_response.go

@@ -0,0 +1,117 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
+// SetNotificationEndpointResponse set notification endpoint response
+//
+// swagger:model setNotificationEndpointResponse
+type SetNotificationEndpointResponse struct {
+
+	// account id
+	// Required: true
+	AccountID *string `json:"account_id"`
+
+	// properties
+	// Required: true
+	Properties map[string]string `json:"properties"`
+
+	// restart
+	Restart bool `json:"restart,omitempty"`
+
+	// service
+	// Required: true
+	Service NofiticationService `json:"service"`
+}
+
+// Validate validates this set notification endpoint response
+func (m *SetNotificationEndpointResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateAccountID(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateProperties(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateService(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *SetNotificationEndpointResponse) validateAccountID(formats strfmt.Registry) error {
+
+	if err := validate.Required("account_id", "body", m.AccountID); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *SetNotificationEndpointResponse) validateProperties(formats strfmt.Registry) error {
+
+	return nil
+}
+
+func (m *SetNotificationEndpointResponse) validateService(formats strfmt.Registry) error {
+
+	if err := m.Service.Validate(formats); err != nil {
+		if ve, ok := err.(*errors.Validation); ok {
+			return ve.ValidateName("service")
+		}
+		return err
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *SetNotificationEndpointResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *SetNotificationEndpointResponse) UnmarshalBinary(b []byte) error {
+	var res SetNotificationEndpointResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/set_policy_multiple_request.go

@@ -0,0 +1,119 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// SetPolicyMultipleRequest set policy multiple request
+//
+// swagger:model setPolicyMultipleRequest
+type SetPolicyMultipleRequest struct {
+
+	// groups
+	Groups []IamEntity `json:"groups"`
+
+	// users
+	Users []IamEntity `json:"users"`
+}
+
+// Validate validates this set policy multiple request
+func (m *SetPolicyMultipleRequest) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateGroups(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateUsers(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *SetPolicyMultipleRequest) validateGroups(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.Groups) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Groups); i++ {
+
+		if err := m.Groups[i].Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("groups" + "." + strconv.Itoa(i))
+			}
+			return err
+		}
+
+	}
+
+	return nil
+}
+
+func (m *SetPolicyMultipleRequest) validateUsers(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.Users) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Users); i++ {
+
+		if err := m.Users[i].Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("users" + "." + strconv.Itoa(i))
+			}
+			return err
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *SetPolicyMultipleRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *SetPolicyMultipleRequest) UnmarshalBinary(b []byte) error {
+	var res SetPolicyMultipleRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/subscription_validate_request.go

@@ -0,0 +1,66 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// SubscriptionValidateRequest subscription validate request
+//
+// swagger:model subscriptionValidateRequest
+type SubscriptionValidateRequest struct {
+
+	// email
+	Email string `json:"email,omitempty"`
+
+	// license
+	License string `json:"license,omitempty"`
+
+	// password
+	Password string `json:"password,omitempty"`
+}
+
+// Validate validates this subscription validate request
+func (m *SubscriptionValidateRequest) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *SubscriptionValidateRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *SubscriptionValidateRequest) UnmarshalBinary(b []byte) error {
+	var res SubscriptionValidateRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/tenant.go

@@ -35,12 +35,24 @@ import (
 // swagger:model tenant
 type Tenant struct {
 
+	// console image
+	ConsoleImage string `json:"console_image,omitempty"`
+
 	// creation date
 	CreationDate string `json:"creation_date,omitempty"`
 
 	// current state
 	CurrentState string `json:"currentState,omitempty"`
 
+	// deletion date
+	DeletionDate string `json:"deletion_date,omitempty"`
+
+	// enable prometheus
+	EnablePrometheus bool `json:"enable_prometheus,omitempty"`
+
+	// endpoints
+	Endpoints *TenantEndpoints `json:"endpoints,omitempty"`
+
 	// image
 	Image string `json:"image,omitempty"`
 
@@ -50,18 +62,29 @@ type Tenant struct {
 	// namespace
 	Namespace string `json:"namespace,omitempty"`
 
+	// pools
+	Pools []*Pool `json:"pools"`
+
+	// subnet license
+	SubnetLicense *License `json:"subnet_license,omitempty"`
+
 	// total size
 	TotalSize int64 `json:"total_size,omitempty"`
-
-	// zones
-	Zones []*Zone `json:"zones"`
 }
 
 // Validate validates this tenant
 func (m *Tenant) Validate(formats strfmt.Registry) error {
 	var res []error
 
-	if err := m.validateZones(formats); err != nil {
+	if err := m.validateEndpoints(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validatePools(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateSubnetLicense(formats); err != nil {
 		res = append(res, err)
 	}
 
@@ -71,26 +94,62 @@ func (m *Tenant) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *Tenant) validateZones(formats strfmt.Registry) error {
+func (m *Tenant) validateEndpoints(formats strfmt.Registry) error {
 
-	if swag.IsZero(m.Zones) { // not required
+	if swag.IsZero(m.Endpoints) { // not required
 		return nil
 	}
 
-	for i := 0; i < len(m.Zones); i++ {
+	if m.Endpoints != nil {
-		if swag.IsZero(m.Zones[i]) { // not required
+		if err := m.Endpoints.Validate(formats); err != nil {
-			continue
-		}
-
-		if m.Zones[i] != nil {
-			if err := m.Zones[i].Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
-					return ve.ValidateName("zones" + "." + strconv.Itoa(i))
+				return ve.ValidateName("endpoints")
 			}
 			return err
 		}
 	}
 
+	return nil
+}
+
+func (m *Tenant) validatePools(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.Pools) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Pools); i++ {
+		if swag.IsZero(m.Pools[i]) { // not required
+			continue
+		}
+
+		if m.Pools[i] != nil {
+			if err := m.Pools[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("pools" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+func (m *Tenant) validateSubnetLicense(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.SubnetLicense) { // not required
+		return nil
+	}
+
+	if m.SubnetLicense != nil {
+		if err := m.SubnetLicense.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("subnet_license")
+			}
+			return err
+		}
 	}
 
 	return nil
@@ -113,3 +172,38 @@ func (m *Tenant) UnmarshalBinary(b []byte) error {
 	*m = res
 	return nil
 }
+
+// TenantEndpoints tenant endpoints
+//
+// swagger:model TenantEndpoints
+type TenantEndpoints struct {
+
+	// console
+	Console string `json:"console,omitempty"`
+
+	// minio
+	Minio string `json:"minio,omitempty"`
+}
+
+// Validate validates this tenant endpoints
+func (m *TenantEndpoints) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *TenantEndpoints) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *TenantEndpoints) UnmarshalBinary(b []byte) error {
+	var res TenantEndpoints
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/tenant_list.go

@@ -38,6 +38,9 @@ type TenantList struct {
 	// current state
 	CurrentState string `json:"currentState,omitempty"`
 
+	// deletion date
+	DeletionDate string `json:"deletion_date,omitempty"`
+
 	// instance count
 	InstanceCount int64 `json:"instance_count,omitempty"`
 
@@ -47,14 +50,14 @@ type TenantList struct {
 	// namespace
 	Namespace string `json:"namespace,omitempty"`
 
+	// pool count
+	PoolCount int64 `json:"pool_count,omitempty"`
+
 	// total size
 	TotalSize int64 `json:"total_size,omitempty"`
 
 	// volume count
 	VolumeCount int64 `json:"volume_count,omitempty"`
-
-	// zone count
-	ZoneCount int64 `json:"zone_count,omitempty"`
 }
 
 // Validate validates this tenant list

models/tls_configuration.go

@@ -23,6 +23,8 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"strconv"
+
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
@@ -37,7 +39,7 @@ type TLSConfiguration struct {
 	Console *KeyPairConfiguration `json:"console,omitempty"`
 
 	// minio
-	Minio *KeyPairConfiguration `json:"minio,omitempty"`
+	Minio []*KeyPairConfiguration `json:"minio"`
 }
 
 // Validate validates this tls configuration
@@ -82,15 +84,22 @@ func (m *TLSConfiguration) validateMinio(formats strfmt.Registry) error {
 		return nil
 	}
 
-	if m.Minio != nil {
+	for i := 0; i < len(m.Minio); i++ {
-		if err := m.Minio.Validate(formats); err != nil {
+		if swag.IsZero(m.Minio[i]) { // not required
+			continue
+		}
+
+		if m.Minio[i] != nil {
+			if err := m.Minio[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("minio")
+					return ve.ValidateName("minio" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
 		}
 
+	}
+
 	return nil
 }
 

models/update_tenant_request.go

@@ -38,6 +38,9 @@ type UpdateTenantRequest struct {
 	// Pattern: ^((.*?)/(.*?):(.+))$
 	ConsoleImage string `json:"console_image,omitempty"`
 
+	// enable prometheus
+	EnablePrometheus bool `json:"enable_prometheus,omitempty"`
+
 	// image
 	// Pattern: ^((.*?)/(.*?):(.+))$
 	Image string `json:"image,omitempty"`

models/widget.go

@@ -0,0 +1,219 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// Widget widget
+//
+// swagger:model widget
+type Widget struct {
+
+	// options
+	Options *WidgetOptions `json:"options,omitempty"`
+
+	// targets
+	Targets []*ResultTarget `json:"targets"`
+
+	// title
+	Title string `json:"title,omitempty"`
+
+	// type
+	Type string `json:"type,omitempty"`
+}
+
+// Validate validates this widget
+func (m *Widget) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateOptions(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateTargets(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *Widget) validateOptions(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.Options) { // not required
+		return nil
+	}
+
+	if m.Options != nil {
+		if err := m.Options.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("options")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *Widget) validateTargets(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.Targets) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Targets); i++ {
+		if swag.IsZero(m.Targets[i]) { // not required
+			continue
+		}
+
+		if m.Targets[i] != nil {
+			if err := m.Targets[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("targets" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *Widget) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *Widget) UnmarshalBinary(b []byte) error {
+	var res Widget
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
+
+// WidgetOptions widget options
+//
+// swagger:model WidgetOptions
+type WidgetOptions struct {
+
+	// reduce options
+	ReduceOptions *WidgetOptionsReduceOptions `json:"reduceOptions,omitempty"`
+}
+
+// Validate validates this widget options
+func (m *WidgetOptions) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateReduceOptions(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *WidgetOptions) validateReduceOptions(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.ReduceOptions) { // not required
+		return nil
+	}
+
+	if m.ReduceOptions != nil {
+		if err := m.ReduceOptions.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("options" + "." + "reduceOptions")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *WidgetOptions) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *WidgetOptions) UnmarshalBinary(b []byte) error {
+	var res WidgetOptions
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
+
+// WidgetOptionsReduceOptions widget options reduce options
+//
+// swagger:model WidgetOptionsReduceOptions
+type WidgetOptionsReduceOptions struct {
+
+	// calcs
+	Calcs []string `json:"calcs"`
+}
+
+// Validate validates this widget options reduce options
+func (m *WidgetOptionsReduceOptions) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *WidgetOptionsReduceOptions) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *WidgetOptionsReduceOptions) UnmarshalBinary(b []byte) error {
+	var res WidgetOptionsReduceOptions
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/widget_result.go

@@ -0,0 +1,63 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2020 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// WidgetResult widget result
+//
+// swagger:model widgetResult
+type WidgetResult struct {
+
+	// metric
+	Metric map[string]string `json:"metric,omitempty"`
+
+	// values
+	Values []interface{} `json:"values"`
+}
+
+// Validate validates this widget result
+func (m *WidgetResult) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *WidgetResult) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *WidgetResult) UnmarshalBinary(b []byte) error {
+	var res WidgetResult
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

package-lock.json

@@ -1,3 +0,0 @@
-{
-  "lockfileVersion": 1
-}

pkg/acl/endpoints.go

@@ -22,22 +22,28 @@ import (
 
 // endpoints definition
 var (
-	configuration   = "/configurations-list"
+	configuration       = "/settings"
 	users               = "/users"
 	groups              = "/groups"
 	iamPolicies         = "/policies"
 	dashboard           = "/dashboard"
 	profiling           = "/profiling"
-	trace           = "/trace"
-	logs            = "/logs"
-	watch           = "/watch"
-	notifications   = "/notification-endpoints"
 	buckets             = "/buckets"
 	bucketsDetail       = "/buckets/:bucketName"
-	serviceAccounts = "/service-accounts"
+	serviceAccounts     = "/account"
 	tenants             = "/tenants"
-	tenantsDetail   = "/tenants/:tenantName"
+	tenantsDetail       = "/namespaces/:tenantNamespace/tenants/:tenantName"
+	remoteBuckets       = "/remote-buckets"
+	replication         = "/replication"
+	objectBrowser       = "/object-browser/:bucket/*"
+	objectBrowserBucket = "/object-browser/:bucket"
+	mainObjectBrowser   = "/object-browser"
+	license             = "/license"
+	watch               = "/watch"
 	heal                = "/heal"
+	trace               = "/trace"
+	logs                = "/logs"
+	healthInfo          = "/health-info"
 )
 
 type ConfigurationActionSet struct {
@@ -55,16 +61,6 @@ var configurationActionSet = ConfigurationActionSet{
 	),
 }
 
-// logsActionSet contains the list of admin actions required for this endpoint to work
-var logsActionSet = ConfigurationActionSet{
-	actionTypes: iampolicy.NewActionSet(
-		iampolicy.AllAdminActions,
-	),
-	actions: iampolicy.NewActionSet(
-		iampolicy.ConsoleLogAdminAction,
-	),
-}
-
 // dashboardActionSet contains the list of admin actions required for this endpoint to work
 var dashboardActionSet = ConfigurationActionSet{
 	actionTypes: iampolicy.NewActionSet(
@@ -113,16 +109,6 @@ var profilingActionSet = ConfigurationActionSet{
 	),
 }
 
-// traceActionSet contains the list of admin actions required for this endpoint to work
-var traceActionSet = ConfigurationActionSet{
-	actionTypes: iampolicy.NewActionSet(
-		iampolicy.AllAdminActions,
-	),
-	actions: iampolicy.NewActionSet(
-		iampolicy.TraceAdminAction,
-	),
-}
-
 // usersActionSet contains the list of admin actions required for this endpoint to work
 var usersActionSet = ConfigurationActionSet{
 	actionTypes: iampolicy.NewActionSet(
@@ -138,28 +124,6 @@ var usersActionSet = ConfigurationActionSet{
 	),
 }
 
-// watchActionSet contains the list of admin actions required for this endpoint to work
-var watchActionSet = ConfigurationActionSet{
-	actionTypes: iampolicy.NewActionSet(
-		iampolicy.AllAdminActions,
-	),
-	actions: iampolicy.NewActionSet(
-		iampolicy.ListenBucketNotificationAction,
-	),
-}
-
-// notificationsActionSet contains the list of admin actions required for this endpoint to work
-var notificationsActionSet = ConfigurationActionSet{
-	actionTypes: iampolicy.NewActionSet(
-		iampolicy.AllActions,
-	),
-	actions: iampolicy.NewActionSet(
-		iampolicy.ListenBucketNotificationAction,
-		iampolicy.PutBucketNotificationAction,
-		iampolicy.GetBucketNotificationAction,
-	),
-}
-
 // bucketsActionSet contains the list of admin actions required for this endpoint to work
 var bucketsActionSet = ConfigurationActionSet{
 	actionTypes: iampolicy.NewActionSet(
@@ -198,6 +162,46 @@ var tenantsActionSet = ConfigurationActionSet{
 	actions:     iampolicy.NewActionSet(),
 }
 
+var remoteBucketsActionSet = ConfigurationActionSet{
+	actionTypes: iampolicy.NewActionSet(
+		iampolicy.AllAdminActions,
+	),
+	actions: iampolicy.NewActionSet(
+		iampolicy.ConfigUpdateAdminAction,
+	),
+}
+
+var replicationActionSet = ConfigurationActionSet{
+	actionTypes: iampolicy.NewActionSet(
+		iampolicy.AllAdminActions,
+	),
+	actions: iampolicy.NewActionSet(
+		iampolicy.ConfigUpdateAdminAction,
+	),
+}
+
+// objectBrowserActionSet no actions needed for this module to work
+var objectBrowserActionSet = ConfigurationActionSet{
+	actionTypes: iampolicy.NewActionSet(),
+	actions:     iampolicy.NewActionSet(),
+}
+
+// licenseActionSet no actions needed for this module to work
+var licenseActionSet = ConfigurationActionSet{
+	actionTypes: iampolicy.NewActionSet(),
+	actions:     iampolicy.NewActionSet(),
+}
+
+// watchActionSet contains the list of admin actions required for this endpoint to work
+var watchActionSet = ConfigurationActionSet{
+	actionTypes: iampolicy.NewActionSet(
+		iampolicy.AllAdminActions,
+	),
+	actions: iampolicy.NewActionSet(
+		iampolicy.ListenBucketNotificationAction,
+	),
+}
+
 // healActionSet contains the list of admin actions required for this endpoint to work
 var healActionSet = ConfigurationActionSet{
 	actionTypes: iampolicy.NewActionSet(
@@ -208,6 +212,36 @@ var healActionSet = ConfigurationActionSet{
 	),
 }
 
+// logsActionSet contains the list of admin actions required for this endpoint to work
+var logsActionSet = ConfigurationActionSet{
+	actionTypes: iampolicy.NewActionSet(
+		iampolicy.AllAdminActions,
+	),
+	actions: iampolicy.NewActionSet(
+		iampolicy.ConsoleLogAdminAction,
+	),
+}
+
+// traceActionSet contains the list of admin actions required for this endpoint to work
+var traceActionSet = ConfigurationActionSet{
+	actionTypes: iampolicy.NewActionSet(
+		iampolicy.AllAdminActions,
+	),
+	actions: iampolicy.NewActionSet(
+		iampolicy.TraceAdminAction,
+	),
+}
+
+// healthInfoActionSet contains the list of admin actions required for this endpoint to work
+var healthInfoActionSet = ConfigurationActionSet{
+	actionTypes: iampolicy.NewActionSet(
+		iampolicy.AllAdminActions,
+	),
+	actions: iampolicy.NewActionSet(
+		iampolicy.HealthInfoAdminAction,
+	),
+}
+
 // endpointRules contains the mapping between endpoints and ActionSets, additional rules can be added here
 var endpointRules = map[string]ConfigurationActionSet{
 	configuration:       configurationActionSet,
@@ -216,20 +250,27 @@ var endpointRules = map[string]ConfigurationActionSet{
 	iamPolicies:         iamPoliciesActionSet,
 	dashboard:           dashboardActionSet,
 	profiling:           profilingActionSet,
-	trace:           traceActionSet,
-	logs:            logsActionSet,
-	watch:           watchActionSet,
-	notifications:   notificationsActionSet,
 	buckets:             bucketsActionSet,
 	bucketsDetail:       bucketsActionSet,
 	serviceAccounts:     serviceAccountsActionSet,
+	remoteBuckets:       remoteBucketsActionSet,
+	replication:         replicationActionSet,
+	objectBrowser:       objectBrowserActionSet,
+	mainObjectBrowser:   objectBrowserActionSet,
+	objectBrowserBucket: objectBrowserActionSet,
+	license:             licenseActionSet,
+	watch:               watchActionSet,
 	heal:                healActionSet,
+	trace:               traceActionSet,
+	logs:                logsActionSet,
+	healthInfo:          healthInfoActionSet,
 }
 
 // operatorRules contains the mapping between endpoints and ActionSets for operator only mode
 var operatorRules = map[string]ConfigurationActionSet{
 	tenants:       tenantsActionSet,
 	tenantsDetail: tenantsActionSet,
+	license:       licenseActionSet,
 }
 
 // operatorOnly ENV variable
@@ -290,12 +331,9 @@ func GetAuthorizedEndpoints(actions []string) []string {
 		rangeTake = operatorRules
 	}
 
-	if len(actions) == 0 {
-		return []string{}
-	}
 	// Prepare new ActionSet structure that will hold all the user actions
 	userAllowedAction := actionsStringToActionSet(actions)
-	allowedEndpoints := []string{}
+	var allowedEndpoints []string
 	for endpoint, rules := range rangeTake {
 		// check if user policy matches s3:* or admin:* typesIntersection
 		endpointActionTypes := rules.actionTypes

pkg/acl/endpoints_test.go

@@ -50,7 +50,7 @@ func TestGetAuthorizedEndpoints(t *testing.T) {
 			args: args{
 				[]string{"admin:ServerInfo"},
 			},
-			want: 2,
+			want: 6,
 		},
 		{
 			name: "policies endpoint",
@@ -63,7 +63,7 @@ func TestGetAuthorizedEndpoints(t *testing.T) {
 					"admin:ListUserPolicies",
 				},
 			},
-			want: 2,
+			want: 6,
 		},
 		{
 			name: "all admin endpoints",
@@ -72,7 +72,7 @@ func TestGetAuthorizedEndpoints(t *testing.T) {
 					"admin:*",
 				},
 			},
-			want: 11,
+			want: 18,
 		},
 		{
 			name: "all s3 endpoints",
@@ -81,7 +81,7 @@ func TestGetAuthorizedEndpoints(t *testing.T) {
 					"s3:*",
 				},
 			},
-			want: 4,
+			want: 7,
 		},
 		{
 			name: "all admin and s3 endpoints",
@@ -91,14 +91,14 @@ func TestGetAuthorizedEndpoints(t *testing.T) {
 					"s3:*",
 				},
 			},
-			want: 14,
+			want: 20,
 		},
 		{
-			name: "no endpoints",
+			name: "Console User - default endpoints",
 			args: args{
 				[]string{},
 			},
-			want: 0,
+			want: 5,
 		},
 	}
 
@@ -116,7 +116,7 @@ func TestOperatorOnlyEndpoints(t *testing.T) {
 					"admin:*",
 				},
 			},
-			want: 2,
+			want: 3,
 		},
 		{
 			name: "Operator Only - all s3 endpoints",
@@ -125,7 +125,7 @@ func TestOperatorOnlyEndpoints(t *testing.T) {
 					"s3:*",
 				},
 			},
-			want: 2,
+			want: 3,
 		},
 		{
 			name: "Operator Only - all admin and s3 endpoints",
@@ -135,14 +135,14 @@ func TestOperatorOnlyEndpoints(t *testing.T) {
 					"s3:*",
 				},
 			},
-			want: 2,
+			want: 3,
 		},
 		{
-			name: "Operator Only - no endpoints",
+			name: "Operator Only - default endpoints",
 			args: args{
 				[]string{},
 			},
-			want: 0,
+			want: 3,
 		},
 	}
 
@@ -177,7 +177,7 @@ func TestGetActionsStringFromPolicy(t *testing.T) {
 			args: args{
 				policy: &iampolicy.AdminDiagnostics,
 			},
-			want: 6,
+			want: 7,
 		},
 	}
 	for _, tt := range tests {

pkg/auth/idp.go

@@ -20,26 +20,28 @@ import (
 	"context"
 
 	"github.com/minio/console/pkg/auth/idp/oauth2"
+
+	"github.com/minio/minio-go/v7/pkg/credentials"
 )
 
-// IdentityProviderClient interface with all functions to be implemented
+// IdentityProviderI interface with all functions to be implemented
-// by mock when testing, it should include all IdentityProviderClient respective api calls
+// by mock when testing, it should include all IdentityProvider respective api calls
 // that are used within this project.
-type IdentityProviderClient interface {
+type IdentityProviderI interface {
-	VerifyIdentity(ctx context.Context, code, state string) (*oauth2.User, error)
+	VerifyIdentity(ctx context.Context, code, state string) (*credentials.Credentials, error)
 	GenerateLoginURL() string
 }
 
 // Interface implementation
 //
-// Define the structure of a IdentityProvider Client and define the functions that are actually used
+// Define the structure of a IdentityProvider with Client inside and define the functions that are used
 // during the authentication flow.
 type IdentityProvider struct {
-	Client IdentityProviderClient
+	Client *oauth2.Provider
 }
 
 // VerifyIdentity will verify the user identity against the idp using the authorization code flow
-func (c IdentityProvider) VerifyIdentity(ctx context.Context, code, state string) (*oauth2.User, error) {
+func (c IdentityProvider) VerifyIdentity(ctx context.Context, code, state string) (*credentials.Credentials, error) {
 	return c.Client.VerifyIdentity(ctx, code, state)
 }
 

pkg/auth/idp/oauth2/config.go

@@ -19,10 +19,16 @@
 package oauth2
 
 import (
+	"strings"
+
 	"github.com/minio/console/pkg/auth/utils"
 	"github.com/minio/minio/pkg/env"
 )
 
+func GetSTSEndpoint() string {
+	return strings.TrimSpace(env.Get(ConsoleMinIOServer, "http://localhost:9000"))
+}
+
 func GetIdpURL() string {
 	return env.Get(ConsoleIdpURL, "")
 }
@@ -40,10 +46,6 @@ func GetIdpCallbackURL() string {
 	return env.Get(ConsoleIdpCallbackURL, "")
 }
 
-func GetIdpAdminRoles() string {
-	return env.Get(ConsoleIdpAdminRoles, "")
-}
-
 func IsIdpEnabled() bool {
 	return GetIdpURL() != "" &&
 		GetIdpClientID() != "" &&
@@ -64,8 +66,3 @@ var defaultSaltForIdpHmac = utils.RandomCharString(64)
 func getSaltForIdpHmac() string {
 	return env.Get(ConsoleIdpHmacSalt, defaultSaltForIdpHmac)
 }
-
-// GetSaltForIdpHmac returns the policy to be assigned to the users authenticating via an IDP
-func GetIDPPolicyForUser() string {
-	return env.Get(ConsoleIdpPolicyUser, "consoleAdmin")
-}

pkg/auth/idp/oauth2/const.go

@@ -18,12 +18,11 @@ package oauth2
 
 const (
 	// const for idp configuration
+	ConsoleMinIOServer       = "CONSOLE_MINIO_SERVER"
 	ConsoleIdpURL            = "CONSOLE_IDP_URL"
 	ConsoleIdpClientID       = "CONSOLE_IDP_CLIENT_ID"
 	ConsoleIdpSecret         = "CONSOLE_IDP_SECRET"
 	ConsoleIdpCallbackURL    = "CONSOLE_IDP_CALLBACK"
-	ConsoleIdpAdminRoles     = "CONSOLE_IDP_ADMIN_ROLES"
 	ConsoleIdpHmacPassphrase = "CONSOLE_IDP_HMAC_PASSPHRASE"
 	ConsoleIdpHmacSalt       = "CONSOLE_IDP_HMAC_SALT"
-	ConsoleIdpPolicyUser     = "CONSOLE_IDP_POLICY_USER"
 )

pkg/auth/idp/oauth2/provider.go

@@ -26,6 +26,9 @@ import (
 	"net/http"
 	"net/url"
 	"strings"
+	"time"
+
+	"github.com/minio/minio-go/v7/pkg/credentials"
 
 	"github.com/coreos/go-oidc"
 	"github.com/minio/console/pkg/auth/utils"
@@ -110,14 +113,13 @@ func NewOauth2ProviderClient(ctx context.Context, scopes []string) (*Provider, e
 		scopes = []string{oidc.ScopeOpenID, "profile", "app_metadata", "user_metadata", "email"}
 	}
 	client := new(Provider)
-	config := xoauth2.Config{
+	client.oauth2Config = &xoauth2.Config{
 		ClientID:     GetIdpClientID(),
 		ClientSecret: GetIdpSecret(),
 		RedirectURL:  GetIdpCallbackURL(),
 		Endpoint:     provider.Endpoint(),
 		Scopes:       scopes,
 	}
-	client.oauth2Config = &config
 	client.oidcProvider = provider
 	client.ClientID = GetIdpClientID()
 
@@ -137,7 +139,7 @@ type User struct {
 	LastLogin         string                 `json:"last_login"`
 	LastPasswordReset string                 `json:"last_password_reset"`
 	LoginsCount       int                    `json:"logins_count"`
-	Mltifactor        string                 `json:"multifactor"`
+	MultiFactor       string                 `json:"multifactor"`
 	Name              string                 `json:"name"`
 	Nickname          string                 `json:"nickname"`
 	PhoneNumber       string                 `json:"phone_number"`
@@ -150,39 +152,31 @@ type User struct {
 }
 
 // VerifyIdentity will contact the configured IDP and validate the user identity based on the authorization code
-func (client *Provider) VerifyIdentity(ctx context.Context, code, state string) (*User, error) {
+func (client *Provider) VerifyIdentity(ctx context.Context, code, state string) (*credentials.Credentials, error) {
 	// verify the provided state is valid (prevents CSRF attacks)
 	if !validateOauth2State(state) {
 		return nil, errGeneric
 	}
-	// verify the authorization code against the identity oidcProvider
+	getWebTokenExpiry := func() (*credentials.WebIdentityToken, error) {
-	// idp will return a token in exchange
+		oauth2Token, err := client.oauth2Config.Exchange(ctx, code)
-	token, err := client.oauth2Config.Exchange(ctx, code)
 		if err != nil {
-		log.Println("Failed to verify authorization code", err)
+			return nil, err
-		return nil, errGeneric
 		}
-	// extract and check id_token field is provided in the response
+		if !oauth2Token.Valid() {
-	rawIDToken, ok := token.Extra("id_token").(string)
+			return nil, errors.New("invalid token")
-	if !ok {
-		log.Println("No id_token field in oauth2 token")
-		return nil, errGeneric
 		}
-	config := &oidc.Config{
+
-		ClientID: client.ClientID,
+		return &credentials.WebIdentityToken{
+			Token:  oauth2Token.Extra("id_token").(string),
+			Expiry: int(oauth2Token.Expiry.Sub(time.Now().UTC()).Seconds()),
+		}, nil
 	}
-	idToken, err := client.oidcProvider.Verifier(config).Verify(ctx, rawIDToken)
+	stsEndpoint := GetSTSEndpoint()
+	sts, err := credentials.NewSTSWebIdentity(stsEndpoint, getWebTokenExpiry)
 	if err != nil {
-		log.Println("Failed to verify ID token", err)
+		return nil, err
-		return nil, errGeneric
 	}
-	var profile User
+	return sts, nil
-	// Populate the profile object using the claims included in the token
-	if err := idToken.Claims(&profile); err != nil {
-		log.Println("Failed to read profile information", err)
-		return nil, errGeneric
-	}
-	return &profile, nil
 }
 
 // validateOauth2State validates the provided state was originated using the same

pkg/auth/idp/oauth2/provider_test.go

@@ -69,30 +69,3 @@ func TestGenerateLoginURL(t *testing.T) {
 	url := oauth2Provider.GenerateLoginURL()
 	funcAssert.NotEqual("", url)
 }
-
-func TestVerifyIdentity(t *testing.T) {
-	ctx := context.Background()
-	funcAssert := assert.New(t)
-	// mock data
-	oauth2Provider := Provider{
-		oauth2Config: Oauth2configMock{},
-		oidcProvider: &oidc.Provider{},
-	}
-	// Test-1 : VerifyIdentity() should fail because of bad state token
-	_, err := oauth2Provider.VerifyIdentity(ctx, "AAABBBCCCDDDEEEFFF", "badtoken")
-	funcAssert.NotNil(err)
-	// Test-2 : VerifyIdentity() should fail because no id_token is provided by the idp
-	oauth2ConfigExchangeMock = func(ctx context.Context, code string, opts ...oauth2.AuthCodeOption) (*oauth2.Token, error) {
-		return &oauth2.Token{}, nil
-	}
-	state := GetRandomStateWithHMAC(32)
-	code := "AAABBBCCCDDDEEEFFF"
-	_, err = oauth2Provider.VerifyIdentity(ctx, code, state)
-	funcAssert.NotNil(err)
-	// Test-3 : VerifyIdentity() should fail because no id_token is provided by the idp
-	// TODO
-	// Test-4 : VerifyIdentity() should fail because oidcProvider.Verifier returned an error
-	// TODO
-	// Test-5 : VerifyIdentity() should fail because idToken.Claims contains invalid fields
-	// TODO
-}

pkg/auth/ldap.go

@@ -18,7 +18,7 @@ package auth
 
 import (
 	"errors"
-	"log"
+	"net/http"
 
 	"github.com/minio/minio-go/v7/pkg/credentials"
 )
@@ -27,13 +27,14 @@ var (
 	errInvalidCredentials = errors.New("invalid Login")
 )
 
-// GetConsoleCredentialsFromLDAP authenticates the user against MinIO when the LDAP integration is enabled
+// GetCredentialsFromLDAP authenticates the user against MinIO when the LDAP integration is enabled
 // if the authentication succeed *credentials.Login object is returned and we continue with the normal STSAssumeRole flow
-func GetConsoleCredentialsFromLDAP(endpoint, ldapUser, ldapPassword string) (*credentials.Credentials, error) {
+func GetCredentialsFromLDAP(client *http.Client, endpoint, ldapUser, ldapPassword string) (*credentials.Credentials, error) {
-	creds, err := credentials.NewLDAPIdentity(endpoint, ldapUser, ldapPassword)
+	creds := credentials.New(&credentials.LDAPIdentity{
-	if err != nil {
+		Client:       client,
-		log.Println("LDAP authentication error: ", err)
+		STSEndpoint:  endpoint,
-		return nil, errInvalidCredentials
+		LDAPUsername: ldapUser,
-	}
+		LDAPPassword: ldapPassword,
+	})
 	return creds, nil
 }

pkg/auth/token.go

@@ -24,6 +24,7 @@ import (
 	"crypto/sha1"
 	"crypto/sha256"
 	"encoding/base64"
+	"encoding/json"
 	"errors"
 	"fmt"
 	"io"
@@ -58,12 +59,14 @@ func IsSessionTokenValid(token string) bool {
 	return err == nil
 }
 
-// DecryptedClaims claims struct for decrypted credentials
+// TokenClaims claims struct for decrypted credentials
-type DecryptedClaims struct {
+type TokenClaims struct {
-	AccessKeyID     string
+	STSAccessKeyID     string   `json:"stsAccessKeyID,omitempty"`
-	SecretAccessKey string
+	STSSecretAccessKey string   `json:"stsSecretAccessKey,omitempty"`
-	SessionToken    string
+	STSSessionToken    string   `json:"stsSessionToken,omitempty"`
-	Actions         []string
+	AccountAccessKey   string   `json:"accountAccessKey,omitempty"`
+	AccountSecretKey   string   `json:"accountSecretKey,omitempty"`
+	Actions            []string `json:"actions,omitempty"`
 }
 
 // SessionTokenAuthenticate takes a session token, decode it, extract claims and validate the signature
@@ -71,12 +74,15 @@ type DecryptedClaims struct {
 //
 // returns claims after validation in the following format:
 //
-//	type DecryptedClaims struct {
+//	type TokenClaims struct {
-//		AccessKeyID
+//		STSAccessKeyID
-//		SecretAccessKey
+//		STSSecretAccessKey
-//		SessionToken
+//		STSSessionToken
+//		AccountAccessKey
+//		AccountSecretKey
+//		Actions
 //	}
-func SessionTokenAuthenticate(token string) (*DecryptedClaims, error) {
+func SessionTokenAuthenticate(token string) (*TokenClaims, error) {
 	if token == "" {
 		return nil, errNoAuthToken
 	}
@@ -94,9 +100,16 @@ func SessionTokenAuthenticate(token string) (*DecryptedClaims, error) {
 
 // NewEncryptedTokenForClient generates a new session token with claims based on the provided STS credentials, first
 // encrypts the claims and the sign them
-func NewEncryptedTokenForClient(credentials *credentials.Value, actions []string) (string, error) {
+func NewEncryptedTokenForClient(credentials *credentials.Value, accountAccessKey, accountSecretKey string, actions []string) (string, error) {
 	if credentials != nil {
-		encryptedClaims, err := encryptClaims(credentials.AccessKeyID, credentials.SecretAccessKey, credentials.SessionToken, actions)
+		encryptedClaims, err := encryptClaims(&TokenClaims{
+			STSAccessKeyID:     credentials.AccessKeyID,
+			STSSecretAccessKey: credentials.SecretAccessKey,
+			STSSessionToken:    credentials.SessionToken,
+			AccountAccessKey:   accountAccessKey,
+			AccountSecretKey:   accountSecretKey,
+			Actions:            actions,
+		})
 		if err != nil {
 			return "", err
 		}
@@ -107,8 +120,11 @@ func NewEncryptedTokenForClient(credentials *credentials.Value, actions []string
 
 // encryptClaims() receives the STS claims, concatenate them and encrypt them using AES-GCM
 // returns a base64 encoded ciphertext
-func encryptClaims(accessKeyID, secretAccessKey, sessionToken string, actions []string) (string, error) {
+func encryptClaims(credentials *TokenClaims) (string, error) {
-	payload := []byte(fmt.Sprintf("%s#%s#%s#%s", accessKeyID, secretAccessKey, sessionToken, strings.Join(actions, ",")))
+	payload, err := json.Marshal(credentials)
+	if err != nil {
+		return "", err
+	}
 	ciphertext, err := encrypt(payload, []byte{})
 	if err != nil {
 		log.Println(err)
@@ -117,8 +133,8 @@ func encryptClaims(accessKeyID, secretAccessKey, sessionToken string, actions []
 	return base64.StdEncoding.EncodeToString(ciphertext), nil
 }
 
-// decryptClaims() receives base64 encoded ciphertext, decode it, decrypt it (AES-GCM) and produces a *DecryptedClaims object
+// decryptClaims() receives base64 encoded ciphertext, decode it, decrypt it (AES-GCM) and produces a *TokenClaims object
-func decryptClaims(ciphertext string) (*DecryptedClaims, error) {
+func decryptClaims(ciphertext string) (*TokenClaims, error) {
 	decoded, err := base64.StdEncoding.DecodeString(ciphertext)
 	if err != nil {
 		log.Println(err)
@@ -129,19 +145,13 @@ func decryptClaims(ciphertext string) (*DecryptedClaims, error) {
 		log.Println(err)
 		return nil, errClaimsFormat
 	}
-	s := strings.Split(string(plaintext), "#")
+	tokenClaims := &TokenClaims{}
-	// Validate that the decrypted string has the right format "accessKeyID:secretAccessKey:sessionToken"
+	err = json.Unmarshal(plaintext, tokenClaims)
-	if len(s) != 4 {
+	if err != nil {
+		log.Println(err)
 		return nil, errClaimsFormat
 	}
-	accessKeyID, secretAccessKey, sessionToken, actions := s[0], s[1], s[2], s[3]
+	return tokenClaims, nil
-	actionsList := strings.Split(actions, ",")
-	return &DecryptedClaims{
-		AccessKeyID:     accessKeyID,
-		SecretAccessKey: secretAccessKey,
-		SessionToken:    sessionToken,
-		Actions:         actionsList,
-	}, nil
 }
 
 const (
@@ -155,10 +165,10 @@ const (
 // or data key provided as plaintext.
 //
 // The returned ciphertext data consists of:
-//    iv | AEAD ID | nonce | encrypted data
+//    AEAD ID | iv | nonce | encrypted data
-//     32      1        12      ~ len(data)
+//       1      16		 12     ~ len(data)
 func encrypt(plaintext, associatedData []byte) ([]byte, error) {
-	iv, err := sioutil.Random(32) // 32 bit IV
+	iv, err := sioutil.Random(16) // 16 bytes IV
 	if err != nil {
 		return nil, err
 	}
@@ -186,7 +196,7 @@ func encrypt(plaintext, associatedData []byte) ([]byte, error) {
 		}
 	case c20p1305:
 		var sealingKey []byte
-		sealingKey, err = chacha20.HChaCha20(derivedKey, iv)
+		sealingKey, err = chacha20.HChaCha20(derivedKey, iv) // HChaCha20 expects nonce of 16 bytes
 		if err != nil {
 			return nil, err
 		}
@@ -202,11 +212,11 @@ func encrypt(plaintext, associatedData []byte) ([]byte, error) {
 
 	sealedBytes := aead.Seal(nil, nonce, plaintext, associatedData)
 
-	// ciphertext = iv | AEAD ID | nonce | sealed bytes
+	// ciphertext = AEAD ID | iv | nonce | sealed bytes
 
 	var buf bytes.Buffer
-	buf.Write(iv)
 	buf.WriteByte(algorithm)
+	buf.Write(iv)
 	buf.Write(nonce)
 	buf.Write(sealedBytes)
 
@@ -218,16 +228,16 @@ func encrypt(plaintext, associatedData []byte) ([]byte, error) {
 // and a pbkdf2 derived key
 func decrypt(ciphertext []byte, associatedData []byte) ([]byte, error) {
 	var (
-		iv        [32]byte
 		algorithm [1]byte
+		iv        [16]byte
 		nonce     [12]byte // This depends on the AEAD but both used ciphers have the same nonce length.
 	)
 
 	r := bytes.NewReader(ciphertext)
-	if _, err := io.ReadFull(r, iv[:]); err != nil {
+	if _, err := io.ReadFull(r, algorithm[:]); err != nil {
 		return nil, err
 	}
-	if _, err := io.ReadFull(r, algorithm[:]); err != nil {
+	if _, err := io.ReadFull(r, iv[:]); err != nil {
 		return nil, err
 	}
 	if _, err := io.ReadFull(r, nonce[:]); err != nil {
@@ -249,7 +259,7 @@ func decrypt(ciphertext []byte, associatedData []byte) ([]byte, error) {
 			return nil, err
 		}
 	case c20p1305:
-		sealingKey, err := chacha20.HChaCha20(derivedKey, iv[:])
+		sealingKey, err := chacha20.HChaCha20(derivedKey, iv[:]) // HChaCha20 expects nonce of 16 bytes
 		if err != nil {
 			return nil, err
 		}
@@ -315,9 +325,11 @@ func GetClaimsFromTokenInRequest(req *http.Request) (*models.Principal, error) {
 		return nil, err
 	}
 	return &models.Principal{
-		AccessKeyID:     claims.AccessKeyID,
+		STSAccessKeyID:     claims.STSAccessKeyID,
 		Actions:            claims.Actions,
-		SecretAccessKey: claims.SecretAccessKey,
+		STSSecretAccessKey: claims.STSSecretAccessKey,
-		SessionToken:    claims.SessionToken,
+		STSSessionToken:    claims.STSSessionToken,
+		AccountAccessKey:   claims.AccountAccessKey,
+		AccountSecretKey:   claims.AccountSecretKey,
 	}, nil
 }

pkg/auth/token/config.go

@@ -23,10 +23,9 @@ import (
 	"github.com/minio/minio/pkg/env"
 )
 
-// ConsoleSTSAndJWTDurationSeconds returns the default session duration for the STS requested tokens and the generated JWTs.
+// ConsoleSTSDurationSeconds returns the default session duration for the STS requested tokens.
-// Ideally both values should match so jwt and Minio sts sessions expires at the same time.
+func GetConsoleSTSDurationInSeconds() int {
-func GetConsoleSTSAndJWTDurationInSeconds() int {
+	duration, err := strconv.Atoi(env.Get(ConsoleSTSDurationSeconds, "3600"))
-	duration, err := strconv.Atoi(env.Get(ConsoleSTSAndJWTDurationSeconds, "3600"))
 	if err != nil {
 		duration = 3600
 	}

pkg/auth/token/const.go

@@ -17,7 +17,7 @@
 package token
 
 const (
-	ConsoleSTSAndJWTDurationSeconds = "CONSOLE_STS_AND_JWT_DURATION_SECONDS"
+	ConsoleSTSDurationSeconds = "CONSOLE_STS_DURATION_SECONDS"
 	ConsolePBKDFPassphrase    = "CONSOLE_PBKDF_PASSPHRASE"
 	ConsolePBKDFSalt          = "CONSOLE_PBKDF_SALT"
 )