Release v0.14.0 (#1458)

Signed-off-by: Daniel Valdivia <18384552+dvaldivia@users.noreply.github.com>

.dockerignore

@@ -4,3 +4,4 @@ target/
 console
 !console/
 portal-ui/node_modules/
+.git/

.github/workflows/codeql.yml

@@ -1,52 +0,0 @@
-name: "Code scanning - action"
-
-on:
-  push:
-  pull_request:
-  schedule:
-    - cron: '0 19 * * 0'
-
-jobs:
-  CodeQL-Build:
-
-    # CodeQL runs on ubuntu-latest and windows-latest
-    runs-on: ubuntu-latest
-
-    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v2
-      with:
-        # We must fetch at least the immediate parents so that if this is
-        # a pull request then we can checkout the head.
-        fetch-depth: 2
-
-    # If this run was triggered by a pull request event, then checkout
-    # the head of the pull request instead of the merge commit.
-    - run: git checkout HEAD^2
-      if: ${{ github.event_name == 'pull_request' }}
-      
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
-      # Override language selection by uncommenting this and choosing your languages
-      # with:
-      #   languages: go, javascript, csharp, python, cpp, java
-
-    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-    # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
-
-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 https://git.io/JvXDl
-
-    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
-    #    and modify them (or add more) to build your code if your project
-    #    uses a compiled language
-
-    #- run: |
-    #   make bootstrap
-    #   make release
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1

.github/workflows/compiles.yml

@@ -0,0 +1,34 @@
+name: Go
+
+on:
+  pull_request:
+    branches:
+      - master
+  push:
+    branches:
+      - master
+
+jobs:
+  build:
+    name: Compiles on Go ${{ matrix.go-version }} and ${{ matrix.os }}
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        go-version: [1.17.x]
+        os: [ubuntu-latest]
+    steps:
+      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
+        uses: actions/setup-go@v2
+        with:
+          go-version: ${{ matrix.go-version }}
+        id: go
+
+      - name: Check out code into the Go module directory
+        uses: actions/checkout@v2
+
+      - name: Build on ${{ matrix.os }}
+        env:
+          GO111MODULE: on
+          GOOS: linux
+        run: |
+          make console

.github/workflows/crosscompile-1.yml

@@ -0,0 +1,34 @@
+name: Go
+
+on:
+  pull_request:
+    branches:
+      - master
+  push:
+    branches:
+      - master
+
+jobs:
+  build:
+    name: Cross compile
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        go-version: [1.17.x]
+        os: [ubuntu-latest]
+    steps:
+      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
+        uses: actions/setup-go@v2
+        with:
+          go-version: ${{ matrix.go-version }}
+        id: go
+
+      - name: Check out code into the Go module directory
+        uses: actions/checkout@v2
+
+      - name: Build on ${{ matrix.os }}
+        env:
+          GO111MODULE: on
+          GOOS: linux
+        run: |
+          make crosscompile arg1="'linux/ppc64le linux/mips64'"

.github/workflows/crosscompile-2.yml

@@ -0,0 +1,34 @@
+name: Go
+
+on:
+  pull_request:
+    branches:
+      - master
+  push:
+    branches:
+      - master
+
+jobs:
+  build:
+    name: Cross compile
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        go-version: [1.17.x]
+        os: [ubuntu-latest]
+    steps:
+      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
+        uses: actions/setup-go@v2
+        with:
+          go-version: ${{ matrix.go-version }}
+        id: go
+
+      - name: Check out code into the Go module directory
+        uses: actions/checkout@v2
+
+      - name: Build on ${{ matrix.os }}
+        env:
+          GO111MODULE: on
+          GOOS: linux
+        run: |
+          make crosscompile arg1="'linux/arm64 linux/s390x'"

.github/workflows/crosscompile-3.yml

@@ -0,0 +1,34 @@
+name: Go
+
+on:
+  pull_request:
+    branches:
+      - master
+  push:
+    branches:
+      - master
+
+jobs:
+  build:
+    name: Cross compile
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        go-version: [1.17.x]
+        os: [ubuntu-latest]
+    steps:
+      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
+        uses: actions/setup-go@v2
+        with:
+          go-version: ${{ matrix.go-version }}
+        id: go
+
+      - name: Check out code into the Go module directory
+        uses: actions/checkout@v2
+
+      - name: Build on ${{ matrix.os }}
+        env:
+          GO111MODULE: on
+          GOOS: linux
+        run: |
+          make crosscompile arg1="'darwin/amd64 freebsd/amd64'"

.github/workflows/crosscompile-4.yml

@@ -0,0 +1,34 @@
+name: Go
+
+on:
+  pull_request:
+    branches:
+      - master
+  push:
+    branches:
+      - master
+
+jobs:
+  build:
+    name: Cross compile
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        go-version: [1.17.x]
+        os: [ubuntu-latest]
+    steps:
+      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
+        uses: actions/setup-go@v2
+        with:
+          go-version: ${{ matrix.go-version }}
+        id: go
+
+      - name: Check out code into the Go module directory
+        uses: actions/checkout@v2
+
+      - name: Build on ${{ matrix.os }}
+        env:
+          GO111MODULE: on
+          GOOS: linux
+        run: |
+          make crosscompile arg1="'windows/amd64 linux/arm'"

.github/workflows/crosscompile-5.yml

@@ -0,0 +1,34 @@
+name: Go
+
+on:
+  pull_request:
+    branches:
+      - master
+  push:
+    branches:
+      - master
+
+jobs:
+  build:
+    name: Cross compile
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        go-version: [1.17.x]
+        os: [ubuntu-latest]
+    steps:
+      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
+        uses: actions/setup-go@v2
+        with:
+          go-version: ${{ matrix.go-version }}
+        id: go
+
+      - name: Check out code into the Go module directory
+        uses: actions/checkout@v2
+
+      - name: Build on ${{ matrix.os }}
+        env:
+          GO111MODULE: on
+          GOOS: linux
+        run: |
+          make crosscompile arg1="'linux/386 netbsd/amd64'"

.github/workflows/go-test-pkg.yml

@@ -0,0 +1,34 @@
+name: Go
+
+on:
+  pull_request:
+    branches:
+      - master
+  push:
+    branches:
+      - master
+
+jobs:
+  build:
+    name: Test Pkg on Go ${{ matrix.go-version }} and ${{ matrix.os }}
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        go-version: [1.17.x]
+        os: [ubuntu-latest]
+    steps:
+      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
+        uses: actions/setup-go@v2
+        with:
+          go-version: ${{ matrix.go-version }}
+        id: go
+
+      - name: Check out code into the Go module directory
+        uses: actions/checkout@v2
+
+      - name: Build on ${{ matrix.os }}
+        env:
+          GO111MODULE: on
+          GOOS: linux
+        run: |
+          make test-pkg

.github/workflows/go.yml

@@ -10,11 +10,11 @@ on:
 
 jobs:
   build:
-    name: Test on Go ${{ matrix.go-version }} and ${{ matrix.os }}
+    name: Test Restapi on Go ${{ matrix.go-version }} and ${{ matrix.os }}
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        go-version: [1.15.x]
+        go-version: [1.17.x]
         os: [ubuntu-latest]
     steps:
       - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
@@ -31,6 +31,4 @@ jobs:
           GO111MODULE: on
           GOOS: linux
         run: |
-          make verifiers
           make test
-          make console

.github/workflows/integration.yml

@@ -0,0 +1,63 @@
+name: Go
+
+on:
+  pull_request:
+    branches:
+      - master
+  push:
+    branches:
+      - master
+
+# This ensures that previous jobs for the PR are canceled when the PR is
+# updated.
+concurrency:
+  group: ${{ github.workflow }}-${{ github.head_ref }}
+  cancel-in-progress: true
+
+jobs:
+  minio-test:
+    name: Integration Tests with Latest Distributed MinIO
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        go-version: [1.17.x]
+
+    steps:
+      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
+        uses: actions/setup-go@v2
+        with:
+          go-version: ${{ matrix.go-version }}
+        id: go
+
+      - name: Check out code into the Go module directory
+        uses: actions/checkout@v2
+
+      # To build minio image, we need to clone the repository first
+      - name: clone https://github.com/minio/minio
+        uses: actions/checkout@master
+        with:
+
+          # Repository name with owner. For example, actions/checkout
+          # Default: ${{ github.repository }}
+          repository: minio/minio
+          
+          # Relative path under $GITHUB_WORKSPACE to place the repository
+          # To have two repositories under the same test
+          path: 'minio_repository'
+
+      - name: Build on ${{ matrix.os }}
+        run: |
+          echo "The idea is to build minio image from downloaded repository";
+          cd $GITHUB_WORKSPACE/minio_repository;
+          echo "Get git version to build MinIO Image";
+          VERSION=`git rev-parse HEAD`;
+          echo $VERSION;
+          echo "Create minio image";
+          make docker VERSION=$VERSION;
+          echo "Jumping back to console repository to run the integration test"
+          cd $GITHUB_WORKSPACE;
+          echo "We are going to use the built image on test-integration";
+          VERSION="minio/minio:$VERSION";
+          echo $VERSION;
+          make test-integration MINIO_VERSION=$VERSION;

.github/workflows/lint.yml

@@ -0,0 +1,34 @@
+name: Go
+
+on:
+  pull_request:
+    branches:
+      - master
+  push:
+    branches:
+      - master
+
+jobs:
+  build:
+    name: Checking Lint
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        go-version: [1.17.x]
+        os: [ubuntu-latest]
+    steps:
+      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
+        uses: actions/setup-go@v2
+        with:
+          go-version: ${{ matrix.go-version }}
+        id: go
+
+      - name: Check out code into the Go module directory
+        uses: actions/checkout@v2
+
+      - name: Build on ${{ matrix.os }}
+        env:
+          GO111MODULE: on
+          GOOS: linux
+        run: |
+          make verifiers

.github/workflows/permissions.yml

@@ -0,0 +1,70 @@
+name: "UI"
+
+on:
+  pull_request:
+    branches:
+      - master
+  push:
+    branches:
+      - master
+
+jobs:
+  permissions:
+    name: Permissions Tests
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        go-version: [ 1.17.x ]
+        os: [ ubuntu-latest ]
+    steps:
+      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
+        uses: actions/setup-go@v2
+        with:
+          go-version: ${{ matrix.go-version }}
+        id: go
+      - uses: actions/setup-node@v2
+        with:
+          node-version: '17'
+      - name: Check out code into the Go module directory
+        uses: actions/checkout@v2
+      - uses: actions/cache@v2
+        with:
+          path: |
+            ~/.cache/go-build
+            ~/go/pkg/mod
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-go-
+      - name: Get yarn cache directory path
+        id: yarn-cache-dir-path
+        run: echo "::set-output name=dir::$(yarn cache dir)"
+
+      - uses: actions/cache@v2
+        id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
+        with:
+          path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
+          key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-yarn-
+      - name: Make assets
+        run: |
+          make assets
+      - name: Build Console on ${{ matrix.os }}
+        env:
+          GO111MODULE: on
+          GOOS: linux
+        run: |
+          make console
+
+      - name: Start Console, front-end app and initialize users/policies
+        run: |
+          (./console server) & (make initialize-permissions)
+
+      - name: Run TestCafe Tests
+        uses: DevExpress/testcafe-action@latest
+        with:
+          args: '"chrome:headless" portal-ui/tests/permissions/ --skip-js-errors '
+
+      - name: Clean up users & policies
+        run: |
+          make cleanup-permissions

.github/workflows/react-no-warnings.yml

@@ -0,0 +1,17 @@
+name: "React Code Has No Warnings"
+on:
+  push:
+  pull_request:
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Install modules
+        working-directory: ./portal-ui
+        run: yarn
+      - name: Check for Warnings in build output
+        working-directory: ./portal-ui
+        continue-on-error: false
+        run: |
+          chmod +x check-warnings.sh  && ./check-warnings.sh 

.github/workflows/react.yml

@@ -0,0 +1,15 @@
+name: "React Tests"
+on:
+  push:
+  pull_request:
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Install modules
+        working-directory: ./portal-ui
+        run: yarn
+      - name: Run tests
+        working-directory: ./portal-ui
+        run: yarn test

.gitignore

@@ -24,6 +24,10 @@ console
 
 dist/
 
+# Ignore node_modules
+
+portal-ui/node_modules/
+
 # Ignore tls cert and key
 private.key
 public.crt
@@ -32,3 +36,4 @@ public.crt
 .vscode/
 *.code-workspace
 *~
+.eslintcache

.golangci.yml

@@ -12,17 +12,36 @@ linters:
     - goimports
     - misspell
     - govet
-    - golint
+    - revive
     - ineffassign
     - gosimple
     - deadcode
     - unparam
     - unused
     - structcheck
+    - goheader
+
+linters-settings:
+  goheader:
+    values:
+      regexp:
+        copyright-holder: Copyright \(c\) (20\d\d\-20\d\d)|2021|({{year}})
+    template-path: .license.tmpl
 
 service:
-  golangci-lint-version: 1.27.0 # use the fixed version to not introduce new linters unexpectedly
+  golangci-lint-version: 1.43.0 # use the fixed version to not introduce new linters unexpectedly
 
+issues:
+  exclude-use-default: false
+  exclude:
+      - should have a package comment
+      # TODO(y4m4): Remove once all exported ident. have comments!      
+      - comment on exported function
+      - comment on exported type
+      - should have comment
+      - use leading k in Go names
+      - comment on exported const
 run:
   skip-dirs:
     - pkg/clientgen
+    - pkg/apis/networking.gke.io

.goreleaser.yml

@@ -3,111 +3,193 @@
 project_name: console
 
 release:
-   name_template: "Version {{.Version}}"
+   name_template: "Release version {{.Tag}}"
    github:
     owner: minio
     name: console
+   extra_files:
+     - glob: "*.minisig"
 
 before:
   hooks:
     # you may remove this if you don't use vgo
     - go mod tidy
-    - docker build -f Dockerfile.assets -t consoleassets .
-    - docker create --name extract consoleassets
-    - docker cp extract:/app/bindata_assetfs.go ./portal-ui/
-    - docker rm extract
 
 builds:
   -
     goos:
-      - freebsd
-      - windows
       - linux
       - darwin
+      - windows
     goarch:
       - amd64
+      - ppc64le
+      - s390x
       - arm64
-
     ignore:
-      - goos: darwin
-        goarch: arm64
       - goos: darwin
         goarch: arm
-      - goos: darwin
-        goarch: ppc64le
-      - goos: darwin
-        goarch: s390x
       - goos: windows
         goarch: arm64
       - goos: windows
         goarch: arm
-      - goos: windows
-        goarch: ppc64le
-      - goos: windows
-        goarch: s390x
-      - goos: freebsd
-        goarch: arm
-      - goos: freebsd
-        goarch: arm64
-      - goos: freebsd
-        goarch: ppc64le
-      - goos: freebsd
-        goarch: s390x
 
     env:
       - CGO_ENABLED=0
+
     main: ./cmd/console/
+
     flags:
       - -trimpath
-      - --tags=kqueue
+      - --tags=kqueue,operator
+
     ldflags:
       - -s -w -X github.com/minio/console/pkg.ReleaseTag={{.Tag}} -X github.com/minio/console/pkg.CommitID={{.FullCommit}} -X github.com/minio/console/pkg.Version={{.Version}} -X github.com/minio/console/pkg.ShortCommitID={{.ShortCommit}} -X github.com/minio/console/pkg.ReleaseTime={{.Date}}
+
 archives:
   -
+    name_template: "{{ .ProjectName }}-{{ .Os }}-{{ .Arch }}"
+    format: binary
     replacements:
-      darwin: Darwin
-      linux: Linux
-      windows: Windows
-      freebsd: FreeBSD
-      amd64: x86_64
-    format_overrides:
-      - goos: windows
-        format: zip
-    files:
-      - README.md
-      - LICENSE
-checksum:
-  name_template: 'checksums.txt'
+      arm: arm
+
+signs:
+  -
+    signature: "${artifact}.minisig"
+    cmd: "sh"
+    args:
+      - '-c'
+      - 'minisign -s /media/${USER}/minio/minisign.key -Sm ${artifact} < /media/${USER}/minio/minisign-passphrase'
+    artifacts: all
+
 snapshot:
-  name_template: 'snapshot-{{ time "2006-01-02" }}'
+  name_template: v0.0.0@{{.ShortCommit}}
+
 changelog:
   sort: asc
-  filters:
-    exclude:
-      - '^docs:'
-      - '^test:'
+
 nfpms:
   -
-    vendor: MinIO Inc.
+    vendor: MinIO, Inc.
     homepage: https://github.com/minio/console
-    maintainer: MinIO <minio@minio.io>
+    maintainer: MinIO Development <dev@min.io>
     description: MinIO Console Server
     license: GNU Affero General Public License v3.0
     formats:
       - deb
       - rpm
-    replacements:
-      darwin: Darwin
-      linux: Linux
-      freebsd: FreeBSD
-      amd64: x86_64
+    contents:
+      # Basic file that applies to all packagers
+      - src: systemd/console.service
+        dst: /etc/systemd/system/minio-console.service
+
 dockers:
-  -
-    # GOOS of the built binary that should be used.
-    goos: linux
-    # GOARCH of the built binary that should be used.
-    goarch: amd64
-    dockerfile: Dockerfile.release
-    image_templates:
-      - "minio/console:{{ .Tag }}"
-      - "minio/console:latest"
+- image_templates:
+  - "minio/console:{{ .Tag }}-amd64"
+  use: buildx
+  goarch: amd64
+  dockerfile: Dockerfile.release
+  extra_files:
+    - LICENSE
+    - CREDITS
+  build_flag_templates:
+  - "--platform=linux/amd64"
+  - "--build-arg=TAG={{ .Tag }}"
+- image_templates:
+  - "minio/console:{{ .Tag }}-ppc64le"
+  use: buildx
+  goarch: ppc64le
+  dockerfile: Dockerfile.release
+  extra_files:
+    - LICENSE
+    - CREDITS
+  build_flag_templates:
+  - "--platform=linux/ppc64le"
+  - "--build-arg=TAG={{ .Tag }}"
+- image_templates:
+  - "minio/console:{{ .Tag }}-s390x"
+  use: buildx
+  goarch: s390x
+  dockerfile: Dockerfile.release
+  extra_files:
+    - LICENSE
+    - CREDITS
+  build_flag_templates:
+  - "--platform=linux/s390x"
+  - "--build-arg=TAG={{ .Tag }}"
+- image_templates:
+  - "minio/console:{{ .Tag }}-arm64"
+  use: buildx
+  goarch: arm64
+  goos: linux
+  dockerfile: Dockerfile.release
+  extra_files:
+    - LICENSE
+    - CREDITS
+  build_flag_templates:
+  - "--platform=linux/arm64"
+  - "--build-arg=TAG={{ .Tag }}"
+- image_templates:
+  - "quay.io/minio/console:{{ .Tag }}-amd64"
+  use: buildx
+  goarch: amd64
+  dockerfile: Dockerfile.release
+  extra_files:
+    - LICENSE
+    - CREDITS
+  build_flag_templates:
+  - "--platform=linux/amd64"
+  - "--build-arg=TAG={{ .Tag }}"
+- image_templates:
+  - "quay.io/minio/console:{{ .Tag }}-ppc64le"
+  use: buildx
+  goarch: ppc64le
+  dockerfile: Dockerfile.release
+  extra_files:
+    - LICENSE
+    - CREDITS
+  build_flag_templates:
+  - "--platform=linux/ppc64le"
+  - "--build-arg=TAG={{ .Tag }}"
+- image_templates:
+  - "quay.io/minio/console:{{ .Tag }}-s390x"
+  use: buildx
+  goarch: s390x
+  dockerfile: Dockerfile.release
+  extra_files:
+    - LICENSE
+    - CREDITS
+  build_flag_templates:
+  - "--platform=linux/s390x"
+  - "--build-arg=TAG={{ .Tag }}"
+- image_templates:
+  - "quay.io/minio/console:{{ .Tag }}-arm64"
+  use: buildx
+  goarch: arm64
+  goos: linux
+  dockerfile: Dockerfile.release
+  extra_files:
+    - LICENSE
+    - CREDITS
+  build_flag_templates:
+  - "--platform=linux/arm64"
+  - "--build-arg=TAG={{ .Tag }}"
+docker_manifests:
+- name_template: minio/console:{{ .Tag }}
+  image_templates:
+  - minio/console:{{ .Tag }}-amd64
+  - minio/console:{{ .Tag }}-arm64
+  - minio/console:{{ .Tag }}-ppc64le
+  - minio/console:{{ .Tag }}-s390x
+- name_template: quay.io/minio/console:{{ .Tag }}
+  image_templates:
+  - quay.io/minio/console:{{ .Tag }}-amd64
+  - quay.io/minio/console:{{ .Tag }}-arm64
+  - quay.io/minio/console:{{ .Tag }}-ppc64le
+  - quay.io/minio/console:{{ .Tag }}-s390x
+- name_template: minio/console:latest
+  image_templates:
+  - minio/console:{{ .Tag }}-amd64
+  - minio/console:{{ .Tag }}-arm64
+  - minio/console:{{ .Tag }}-ppc64le
+  - minio/console:{{ .Tag }}-s390x

.license.tmpl

@@ -0,0 +1,15 @@
+This file is part of MinIO Console Server
+{{copyright-holder}} MinIO, Inc.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU Affero General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU Affero General Public License for more details.
+
+You should have received a copy of the GNU Affero General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.

CREDITS

@@ -2836,35 +2836,6 @@ Everyone is permitted to copy and distribute copies of this Agreement, but in or
 This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.
 ================================================================
 
-github.com/elazarl/go-bindata-assetfs
-https://github.com/elazarl/go-bindata-assetfs
-----------------------------------------------------------------
-Copyright (c) 2014, Elazar Leibovich
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
-
-* Redistributions of source code must retain the above copyright notice, this
-  list of conditions and the following disclaimer.
-
-* Redistributions in binary form must reproduce the above copyright notice,
-  this list of conditions and the following disclaimer in the documentation
-  and/or other materials provided with the distribution.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
-OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-================================================================
-
 github.com/evanphx/json-patch
 https://github.com/evanphx/json-patch
 ----------------------------------------------------------------
@@ -13173,28 +13144,28 @@ SOFTWARE.
 github.com/klauspost/readahead
 https://github.com/klauspost/readahead
 ----------------------------------------------------------------
-The MIT License (MIT)
-
-Copyright (c) 2015 Klaus Post
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
-
+The MIT License (MIT)
+
+Copyright (c) 2015 Klaus Post
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+
 
 ================================================================
 

DEVELOPMENT.md

@@ -11,41 +11,8 @@ $ docker run --rm -p 389:389 -p 636:636 --name my-openldap-container --detach os
 Run the `billy.ldif` file using `ldapadd` command to create a new user and assign it to a group.
 
 ```
-$ cat > billy.ldif << EOF
-# LDIF fragment to create group branch under root
-dn: uid=billy,dc=example,dc=org
-uid: billy
-cn: billy
-sn: 3
-objectClass: top
-objectClass: posixAccount
-objectClass: inetOrgPerson
-loginShell: /bin/bash
-homeDirectory: /home/billy
-uidNumber: 14583102
-gidNumber: 14564100
-userPassword: {SSHA}j3lBh1Seqe4rqF1+NuWmjhvtAni1JC5A
-mail: billy@example.org
-gecos: Billy User
-# Create base group
-dn: ou=groups,dc=example,dc=org
-objectclass:organizationalunit
-ou: groups
-description: generic groups branch
-# create consoleAdmin group (this already exists on minio and have a policy of s3::*)
-dn: cn=consoleAdmin,ou=groups,dc=example,dc=org
-objectClass: top
-objectClass: posixGroup
-gidNumber: 678
-# Assing group to new user
-dn: cn=consoleAdmin,ou=groups,dc=example,dc=org
-changetype: modify
-add: memberuid
-memberuid: billy
-EOF
-
-$ docker cp billy.ldif my-openldap-container:/container/service/slapd/assets/test/billy.ldif
-$ docker exec my-openldap-container ldapadd -x -D "cn=admin,dc=example,dc=org" -w admin -f /container/service/slapd/assets/test/billy.ldif -H ldap://localhost -ZZ
+$ docker cp console/docs/ldap/billy.ldif my-openldap-container:/container/service/slapd/assets/test/billy.ldif
+$ docker exec my-openldap-container ldapadd -x -D "cn=admin,dc=example,dc=org" -w admin -f /container/service/slapd/assets/test/billy.ldif -H ldap://localhost
 ```
 
 Query the ldap server to check the user billy was created correctly and got assigned to the consoleAdmin group, you should get a list 
@@ -100,7 +67,7 @@ $ cat > consoleAdmin.json << EOF
 }
 EOF
 $ mc admin policy add myminio consoleAdmin consoleAdmin.json
-$ mc admin policy set myminio consoleAdmin user=billy
+$ mc admin policy set myminio consoleAdmin user="uid=billy,dc=example,dc=org"
 ```
 
 ## Run MinIO
@@ -119,9 +86,6 @@ export MINIO_IDENTITY_LDAP_SERVER_INSECURE=on
 ## Run Console
 
 ```
-export CONSOLE_ACCESS_KEY=minio
-export CONSOLE_SECRET_KEY=minio123
-...
 export CONSOLE_LDAP_ENABLED=on
 ./console server
 ```

Dockerfile

@@ -1,25 +1,18 @@
-FROM golang:1.15 as binlayer
-
-RUN go get github.com/go-bindata/go-bindata/... && go get github.com/elazarl/go-bindata-assetfs/...
-
-FROM node:10 as uilayer
+FROM node:14 as uilayer
 
 WORKDIR /app
 
-COPY --from=binlayer /go/bin/go-bindata-assetfs /bin/
-COPY --from=binlayer /go/bin/go-bindata /bin/
-
 COPY ./portal-ui/package.json ./
 COPY ./portal-ui/yarn.lock ./
 RUN yarn install
 
 COPY ./portal-ui .
 
-RUN yarn install && make build-static
+RUN make build-static
 
 USER node
 
-FROM golang:1.15 as golayer
+FROM golang:1.16 as golayer
 
 RUN apt-get update -y && apt-get install -y ca-certificates
 
@@ -33,16 +26,16 @@ RUN go mod download
 ADD . /go/src/github.com/minio/console/
 WORKDIR /go/src/github.com/minio/console/
 
-COPY --from=uilayer /app/bindata_assetfs.go /go/src/github.com/minio/console/portal-ui/
-
 ENV CGO_ENABLED=0
 
+COPY --from=uilayer /app/build /go/src/github.com/minio/console/portal-ui/build
 RUN go build -ldflags "-w -s" -a -o console ./cmd/console
 
-FROM scratch
+FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3
 MAINTAINER MinIO Development "dev@min.io"
 EXPOSE 9090
 
+
 COPY --from=golayer /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
 COPY --from=golayer /go/src/github.com/minio/console/console .
 

Dockerfile.assets

@@ -1,14 +1,7 @@
-FROM golang:1.15 as binlayer
-
-RUN go get github.com/go-bindata/go-bindata/... && go get github.com/elazarl/go-bindata-assetfs/...
-
-FROM node:10 as uilayer
+FROM node:14 as uilayer
 
 WORKDIR /app
 
-COPY --from=binlayer /go/bin/go-bindata-assetfs /bin/
-COPY --from=binlayer /go/bin/go-bindata /bin/
-
 COPY ./portal-ui/package.json ./
 COPY ./portal-ui/yarn.lock ./
 RUN yarn install

Dockerfile.release

@@ -1,12 +1,23 @@
-FROM ubuntu:18.04 as certs
+FROM registry.access.redhat.com/ubi8/ubi-minimal:8.4
 
-RUN apt-get update -y && apt-get install -y ca-certificates
+ARG TAG
+
+COPY CREDITS /licenses/CREDITS
+COPY LICENSE /licenses/LICENSE
+
+LABEL name="MinIO" \
+      vendor="MinIO Inc <dev@min.io>" \
+      maintainer="MinIO Inc <dev@min.io>" \
+      version="${TAG}" \
+      release="${TAG}" \
+      summary="A graphical user interface for MinIO" \
+      description="MinIO object storage is fundamentally different. Designed for performance and the S3 API, it is 100% open-source. MinIO is ideal for large, private cloud environments with stringent security requirements and delivers mission-critical availability across a diverse range of workloads."
+
+RUN \
+     microdnf update --nodocs && \
+     microdnf install ca-certificates --nodocs
 
-FROM scratch
-MAINTAINER MinIO Development "dev@min.io"
 EXPOSE 9090
 COPY console /console
 
-COPY --from=certs /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
-
 ENTRYPOINT ["/console"]

Makefile

@@ -3,14 +3,15 @@ GOPATH := $(shell go env GOPATH)
 # Sets the build version based on the output of the following command, if we are building for a tag, that's the build else it uses the current git branch as the build
 BUILD_VERSION:=$(shell git describe --exact-match --tags $(git log -n1 --pretty='%h') 2>/dev/null || git rev-parse --abbrev-ref HEAD 2>/dev/null)
 BUILD_TIME:=$(shell date 2>/dev/null)
-TAG ?= "minio/console:$(VERSION)-dev"
+TAG ?= "minio/console:$(BUILD_VERSION)-dev"
+MINIO_VERSION ?= "quay.io/minio/minio:latest"
 
 default: console
 
 .PHONY: console
 console:
 	@echo "Building Console binary to './console'"
-	@(GO111MODULE=on CGO_ENABLED=0 go build -trimpath --tags=kqueue --ldflags "-s -w" -o console ./cmd/console)
+	@(GO111MODULE=on CGO_ENABLED=0 go build -trimpath --tags=kqueue,operator --ldflags "-s -w" -o console ./cmd/console)
 
 k8sdev:
 	@docker build -t $(TAG) --build-arg build_version=$(BUILD_VERSION) --build-arg build_time='$(BUILD_TIME)' .
@@ -19,7 +20,7 @@ k8sdev:
 
 getdeps:
 	@mkdir -p ${GOPATH}/bin
-	@which golangci-lint 1>/dev/null || (echo "Installing golangci-lint" && curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(GOPATH)/bin v1.27.0)
+	@which golangci-lint 1>/dev/null || (echo "Installing golangci-lint" && curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(GOPATH)/bin v1.43.0)
 
 verifiers: getdeps fmt lint
 
@@ -30,6 +31,9 @@ fmt:
 	@GO111MODULE=on gofmt -d cmd/
 	@GO111MODULE=on gofmt -d cluster/
 
+crosscompile:
+	@(env bash $(PWD)/cross-compile.sh $(arg1))
+
 lint:
 	@echo "Running $@ check"
 	@GO111MODULE=on ${GOPATH}/bin/golangci-lint cache clean
@@ -40,17 +44,55 @@ install: console
 	@mkdir -p $(GOPATH)/bin && cp -f $(PWD)/console $(GOPATH)/bin/console
 	@echo "Installation successful. To learn more, try \"console --help\"."
 
-swagger-gen:
-	@echo "Generating swagger server code from yaml"
+swagger-gen: clean-swagger swagger-console swagger-operator
+	@echo "Done Generating swagger server code from yaml"
+
+clean-swagger:
+	@echo "cleaning"
 	@rm -rf models
 	@rm -rf restapi/operations
-	@swagger generate server -A console --main-package=console --exclude-main -P models.Principal -f ./swagger.yml -r NOTICE
+	@rm -rf operatorapi/operations
+
+swagger-console:
+	@echo "Generating swagger server code from yaml"
+	@swagger generate server -A console --main-package=management --server-package=restapi --exclude-main -P models.Principal -f ./swagger-console.yml -r NOTICE
+
+swagger-operator:
+	@echo "Generating swagger server code from yaml"
+	@swagger generate server -A operator --main-package=operator --server-package=operatorapi --exclude-main -P models.Principal -f ./swagger-operator.yml -r NOTICE
 
 assets:
-	@(cd portal-ui; yarn install; make build-static; cd ..)
+	@(cd portal-ui; yarn install; make build-static; yarn prettier --write . --loglevel warn; cd ..)
+
+test-integration:
+	@echo "docker run with MinIO Version below:"
+	@echo $(MINIO_VERSION)
+	@(docker run -d --name minio --rm -p 9000:9000 $(MINIO_VERSION) server /data{1...4} && sleep 5)
+	@(GO111MODULE=on go test -race -v github.com/minio/console/integration/...)
+	@(docker stop minio)
+
+test-permissions:
+	@(docker run -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
+	@(env bash $(PWD)/portal-ui/tests/scripts/permissions.sh)
+	@(docker stop minio)
+
+test-apply-permissions:
+	@(env bash $(PWD)/portal-ui/tests/scripts/initialize-env.sh)
+
+test-start-docker-minio:
+	@(docker run -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
+
+initialize-permissions: test-start-docker-minio test-apply-permissions
+	@echo "Done initializing permissions test"
+
+cleanup-permissions:
+	@(env bash $(PWD)/portal-ui/tests/scripts/cleanup-env.sh)
+	@(docker stop minio)
 
 test:
 	@(GO111MODULE=on go test -race -v github.com/minio/console/restapi/...)
+
+test-pkg:
 	@(GO111MODULE=on go test -race -v github.com/minio/console/pkg/...)
 
 coverage:
@@ -63,4 +105,4 @@ clean:
 	@rm -vf console
 
 docker:
-	@docker build -t $(TAG) --build-arg build_version=$(BUILD_VERSION) --build-arg build_time='$(BUILD_TIME)' .
+	@docker buildx build --output=type=docker --platform linux/amd64 -t $(TAG) --build-arg build_version=$(BUILD_VERSION) --build-arg build_time='$(BUILD_TIME)' .

NOTICE

@@ -1,5 +1,5 @@
 This file is part of MinIO Console Server
-Copyright (c) 2020 MinIO, Inc.
+Copyright (c) 2021 MinIO, Inc.
 
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU Affero General Public License as published by

README.md

@@ -1,28 +1,83 @@
 # MinIO Console
 
+![build](https://github.com/minio/console/workflows/Go/badge.svg) ![license](https://img.shields.io/badge/license-AGPL%20V3-blue)
+
 A graphical user interface for [MinIO](https://github.com/minio/minio)
 
+| Dashboard                     | Creating a bucket             |
+| -------------                 | -------------                 |
+| ![Dashboard](images/pic1.png) | ![Dashboard](images/pic2.png) |
 
-| Dashboard  | Adding A User |
-| ------------- | ------------- |
-| ![Dashboard](images/pic1.png)  | ![Dashboard](images/pic2.png) |
+<!-- markdown-toc start - Don't edit this section. Run M-x markdown-toc-refresh-toc -->
+**Table of Contents**
+
+- [MinIO Console](#minio-console)
+    - [Install](#install)
+        - [Binary Releases](#binary-releases)
+        - [Docker](#docker)
+        - [Build from source](#build-from-source)
+    - [Setup](#setup)
+        - [1. Create a user `console` using `mc`](#1-create-a-user-console-using-mc)
+        - [2. Create a policy for `console` with admin access to all resources (for testing)](#2-create-a-policy-for-console-with-admin-access-to-all-resources-for-testing)
+        - [3. Set the policy for the new `console` user](#3-set-the-policy-for-the-new-console-user)
+    - [Start Console service:](#start-console-service)
+    - [Start Console service with TLS:](#start-console-service-with-tls)
+    - [Connect Console to a Minio using TLS and a self-signed certificate](#connect-console-to-a-minio-using-tls-and-a-self-signed-certificate)
+- [Contribute to console Project](#contribute-to-console-project)
+
+<!-- markdown-toc end -->
+
+## Install
+
+### Binary Releases
+
+| OS      | ARCH    | Binary                                                                                               |
+|:-------:|:-------:|:----------------------------------------------------------------------------------------------------:|
+| Linux   | amd64   | [linux-amd64](https://github.com/minio/console/releases/latest/download/console-linux-amd64)         |
+| Linux   | arm64   | [linux-arm64](https://github.com/minio/console/releases/latest/download/console-linux-arm64)         |
+| Linux   | ppc64le | [linux-ppc64le](https://github.com/minio/console/releases/latest/download/console-linux-ppc64le)     |
+| Linux   | s390x   | [linux-s390x](https://github.com/minio/console/releases/latest/download/console-linux-s390x)         |
+| Apple   | amd64   | [darwin-amd64](https://github.com/minio/console/releases/latest/download/console-darwin-amd64)       |
+| Windows | amd64   | [windows-amd64](https://github.com/minio/console/releases/latest/download/console-windows-amd64.exe) |
+
+You can also verify the binary with [minisign](https://jedisct1.github.io/minisign/) by downloading the corresponding [`.minisig`](https://github.com/minio/console/releases/latest) signature file. Then run:
+```
+minisign -Vm console-<OS>-<ARCH> -P RWTx5Zr1tiHQLwG9keckT0c45M3AGeHD6IvimQHpyRywVWGbP1aVSGav
+```
+
+### Docker
+
+Pull the latest release via:
+```
+docker pull minio/console
+```
+
+### Build from source
+> You will need a working Go environment. Therefore, please follow [How to install Go](https://golang.org/doc/install).
+> Minimum version required is go1.17
+
+```
+go install github.com/minio/console/cmd/console@latest
+```
 
 ## Setup
 
 All `console` needs is a MinIO user with admin privileges and URL pointing to your MinIO deployment.
+
 > Note: We don't recommend using MinIO's Operator Credentials
 
-1. Create a user for `console` using `mc`. 
-```
-$ set +o history
-$ mc admin user add myminio console YOURCONSOLESECRET
-$ set -o history
+### 1. Create a user `console` using `mc`
+
+```bash
+mc admin user add myminio/
+Enter Access Key: console
+Enter Secret Key: xxxxxxxx
 ```
 
-2. Create a policy for `console` with access to everything (for testing and debugging)
+### 2. Create a policy for `console` with admin access to all resources (for testing)
 
-```
-$ cat > consoleAdmin.json << EOF
+```sh
+cat > admin.json << EOF
 {
 	"Version": "2012-10-17",
 	"Statement": [{
@@ -45,19 +100,21 @@ $ cat > consoleAdmin.json << EOF
 	]
 }
 EOF
-$ mc admin policy add myminio consoleAdmin consoleAdmin.json
 ```
 
-3. Set the policy for the new `console` user
-
-```
-$ mc admin policy set myminio consoleAdmin user=console
+```sh
+mc admin policy add myminio/ consoleAdmin admin.json
 ```
 
+### 3. Set the policy for the new `console` user
 
-### Note
-Additionally, you can create policies to limit the privileges for `console` users, for example, if you want the user to only have access to dashboard, buckets, notifications and watch page, the policy should look like this:
+```sh
+mc admin policy set myminio consoleAdmin user=console
 ```
+
+> NOTE: Additionally, you can create policies to limit the privileges for other `console` users, for example, if you want the user to only have access to dashboard, buckets, notifications and watch page, the policy should look like this:
+
+```json
 {
 	"Version": "2012-10-17",
 	"Statement": [{
@@ -97,33 +154,42 @@ Additionally, you can create policies to limit the privileges for `console` user
 }
 ```
 
-## Run Console server
-To run the server:
+## Start Console service:
 
-```
-#required to encrypt jwet payload
+Before running console service, following environment settings must be supplied
+```sh
+# Salt to encrypt JWT payload
 export CONSOLE_PBKDF_PASSPHRASE=SECRET
 
-#required to encrypt jwet payload
+# Required to encrypt JWT payload
 export CONSOLE_PBKDF_SALT=SECRET
 
-export CONSOLE_ACCESS_KEY=console
-export CONSOLE_SECRET_KEY=YOURCONSOLESECRET
+# MinIO Endpoint
 export CONSOLE_MINIO_SERVER=http://localhost:9000
-./console server
 ```
 
-## Run Console with TLS enable
+Now start the console service.
+```
+./console server
+2021-01-19 02:36:08.893735 I | 2021/01/19 02:36:08 server.go:129: Serving console at http://localhost:9090
+```
+
+By default `console` runs on port `9090` this can be changed with `--port` of your choice.
+
+## Start Console service with TLS:
 
 Copy your `public.crt` and `private.key` to `~/.console/certs`, then:
 
-```bash
+```sh
 ./console server
+2021-01-19 02:36:08.893735 I | 2021/01/19 02:36:08 server.go:129: Serving console at http://[::]:9090
+2021-01-19 02:36:08.893735 I | 2021/01/19 02:36:08 server.go:129: Serving console at https://[::]:9443
 ```
 
-Additionally, `Console` has support for multiple certificates, clients can request them using `SNI`. It expects the following structure:
+For advanced users, `console` has support for multiple certificates to service clients through multiple domains.
 
-```bash
+Following tree structure is expected for supporting multiple domains:
+```sh
  certs/
   │
   ├─ public.crt
@@ -141,13 +207,11 @@ Additionally, `Console` has support for multiple certificates, clients can reque
 
 ```
 
-Therefore, we read all filenames in the cert directory and check
-for each directory whether it contains a public.crt and private.key.
-
 ## Connect Console to a Minio using TLS and a self-signed certificate
 
 Copy the MinIO `ca.crt` under `~/.console/certs/CAs`, then:
-```
+
+```sh
 export CONSOLE_MINIO_SERVER=https://localhost:9000
 ./console server
 ```

SECURITY.md

@@ -18,13 +18,13 @@ you need access credentials for a successful exploit).
 
 If you have not received a reply to your email within 48 hours or you have not heard from the security team
 for the past five days please contact the security team directly:
-   - Primary security coordinator: lenin@min.io
-   - Secondary coordinator: daniel@min.io, cesar@min.io
-   - If you receive no response: dev@min.io
+  - Primary security coordinator: lenin@min.io
+  - Secondary coordinator: security@min.io
+  - If you receive no response: dev@min.io
 
 ### Disclosure Process
 
-MinIO uses the following disclosure process:
+MinIO Console uses the following disclosure process:
 
 1. Once the security report is received one member of the security team tries to verify and reproduce
    the issue and determines the impact it has.
@@ -33,8 +33,8 @@ MinIO uses the following disclosure process:
 3. Code is audited to find any potential similar problems.
 4. Fixes are prepared for the latest release.
 5. On the date that the fixes are applied a security advisory will be published on https://blog.min.io.
-   Please inform us in your report email whether MinIO should mention your contribution w.r.t. fixing
-   the security issue. By default MinIO will **not** publish this information to protect your privacy.
+   Please inform us in your report email whether MinIO Console should mention your contribution w.r.t. fixing
+   the security issue. By default MinIO Console will **not** publish this information to protect your privacy.
 
 This process can take some time, especially when coordination is required with maintainers of other projects.
 Every effort will be made to handle the bug in as timely a manner as possible, however it's important that we

VULNERABILITY_REPORT.md

@@ -0,0 +1,38 @@
+## Vulnerability Management Policy
+
+This document formally describes the process of addressing and managing a
+reported vulnerability that has been found in the MinIO Console server code base,
+any directly connected ecosystem component or a direct / indirect dependency
+of the code base.
+
+### Scope
+
+The vulnerability management policy described in this document covers the
+process of investigating, assessing and resolving a vulnerability report
+opened by a MinIO Console employee or an external third party.
+
+Therefore, it lists pre-conditions and actions that should be performed to
+resolve and fix a reported vulnerability.
+
+### Vulnerability Management Process
+
+The vulnerability management process requires that the vulnerability report
+contains the following information:
+
+ - The project / component that contains the reported vulnerability.
+ - A description of the vulnerability. In particular, the type of the
+   reported vulnerability and how it might be exploited. Alternatively,
+   a well-established vulnerability identifier, e.g. CVE number, can be
+   used instead.
+
+Based on the description mentioned above, a MinIO Console engineer or security team
+member investigates:
+
+ - Whether the reported vulnerability exists.
+ - The conditions that are required such that the vulnerability can be exploited.
+ - The steps required to fix the vulnerability.
+
+In general, if the vulnerability exists in one of the MinIO Console code bases
+itself - not in a code dependency - then MinIO Console will, if possible, fix
+the vulnerability or implement reasonable countermeasures such that the
+vulnerability cannot be exploited anymore.

cluster/cluster.go

@@ -1,5 +1,5 @@
-// This file is part of MinIO Kubernetes Cloud
-// Copyright (c) 2019 MinIO, Inc.
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -17,6 +17,7 @@
 package cluster
 
 import (
+	direct "github.com/minio/direct-csi/pkg/clientset"
 	operator "github.com/minio/operator/pkg/client/clientset/versioned"
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/rest"
@@ -63,3 +64,8 @@ func OperatorClient(token string) (*operator.Clientset, error) {
 func K8sClient(token string) (*kubernetes.Clientset, error) {
 	return kubernetes.NewForConfig(GetK8sConfig(token))
 }
+
+// DirectCSIClient returns Direct CSI client using GetK8sConfig for its config
+func DirectCSIClient(token string) (*direct.Clientset, error) {
+	return direct.NewForConfig(GetK8sConfig(token))
+}

cluster/config.go

@@ -1,5 +1,5 @@
-// This file is part of MinIO Kubernetes Cloud
-// Copyright (c) 2019 MinIO, Inc.
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -26,12 +26,11 @@ import (
 	"strings"
 	"time"
 
-	"github.com/minio/minio/pkg/env"
+	"github.com/minio/pkg/env"
 )
 
 var (
 	errCantDetermineMinIOImage = errors.New("can't determine MinIO Image")
-	errCantDetermineMCImage    = errors.New("can't determine MC Image")
 )
 
 func GetK8sAPIServer() string {
@@ -64,13 +63,8 @@ func GetNsFromFile() string {
 	return string(dat)
 }
 
-// This operation will run only once at console startup
-var namespace = GetNsFromFile()
-
-// Returns the namespace in which the controller is installed
-func GetNs() string {
-	return env.Get(ConsoleNamespace, namespace)
-}
+// Namespace will run only once at console startup
+var Namespace = GetNsFromFile()
 
 // getLatestMinIOImage returns the latest docker image for MinIO if found on the internet
 func getLatestMinIOImage(client HTTPClientI) (*string, error) {
@@ -125,44 +119,3 @@ func GetLatestMinioImage(client HTTPClientI) (*string, error) {
 	}
 	return latestMinIOImage, nil
 }
-
-// getLatestMCImage returns the latest docker image for MC if found on the internet
-func getLatestMCImage() (*string, error) {
-	// Create an http client with a 4 second timeout
-	client := http.Client{
-		Timeout: 4 * time.Second,
-	}
-	resp, err := client.Get("https://dl.min.io/client/mc/release/linux-amd64/")
-	if err != nil {
-		return nil, err
-	}
-	defer resp.Body.Close()
-
-	body, err := ioutil.ReadAll(resp.Body)
-	if err != nil {
-		return nil, err
-	}
-	var re = regexp.MustCompile(`(?m)\.\/mc\.(RELEASE.*?Z)"`)
-	// look for a single match
-	matches := re.FindAllStringSubmatch(string(body), 1)
-	for i := range matches {
-		release := matches[i][1]
-		dockerImage := fmt.Sprintf("minio/mc:%s", release)
-		return &dockerImage, nil
-	}
-	return nil, errCantDetermineMCImage
-}
-
-var latestMCImage, errLatestMCImage = getLatestMCImage()
-
-func GetMCImage() (*string, error) {
-	image := strings.TrimSpace(env.Get(ConsoleMCImage, ""))
-	// if there is a preferred image configured by the user we'll always return that
-	if image != "" {
-		return &image, nil
-	}
-	if errLatestMCImage != nil {
-		return nil, errLatestMCImage
-	}
-	return latestMCImage, nil
-}

cluster/const.go

@@ -1,5 +1,5 @@
-// This file is part of MinIO Kubernetes Cloud
-// Copyright (c) 2019 MinIO, Inc.
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -21,5 +21,4 @@ const (
 	ConsoleK8SAPIServerTLSRootCA = "CONSOLE_K8S_API_SERVER_TLS_ROOT_CA"
 	ConsoleMinioImage            = "CONSOLE_MINIO_IMAGE"
 	ConsoleMCImage               = "CONSOLE_MC_IMAGE"
-	ConsoleNamespace             = "CONSOLE_NAMESPACE"
 )

cluster/http_client.go

@@ -1,5 +1,5 @@
-// This file is part of MinIO Kubernetes Cloud
-// Copyright (c) 2020 MinIO, Inc.
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -17,6 +17,7 @@
 package cluster
 
 import (
+	"io"
 	"net/http"
 )
 
@@ -25,6 +26,8 @@ import (
 // that are used within this project.
 type HTTPClientI interface {
 	Get(url string) (resp *http.Response, err error)
+	Post(url, contentType string, body io.Reader) (resp *http.Response, err error)
+	Do(req *http.Request) (*http.Response, error)
 }
 
 // HTTPClient Interface implementation
@@ -38,3 +41,13 @@ type HTTPClient struct {
 func (c *HTTPClient) Get(url string) (resp *http.Response, err error) {
 	return c.Client.Get(url)
 }
+
+// Post implements http.Client.Post()
+func (c *HTTPClient) Post(url, contentType string, body io.Reader) (resp *http.Response, err error) {
+	return c.Client.Post(url, contentType, body)
+}
+
+// Do implement http.Client.Do()
+func (c *HTTPClient) Do(req *http.Request) (*http.Response, error) {
+	return c.Client.Do(req)
+}

cmd/console/app_commands.go

@@ -0,0 +1,83 @@
+//go:build operator
+// +build operator
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package main
+
+import (
+	"os"
+	"strconv"
+	"time"
+
+	"github.com/minio/cli"
+	"github.com/minio/console/restapi"
+)
+
+var appCmds = []cli.Command{
+	serverCmd,
+	updateCmd,
+	operatorCmd,
+}
+
+// StartServer starts the console service
+func StartServer(ctx *cli.Context) error {
+	if os.Getenv("CONSOLE_OPERATOR_MODE") != "" && os.Getenv("CONSOLE_OPERATOR_MODE") == "on" {
+		return startOperatorServer(ctx)
+	}
+
+	if err := loadAllCerts(ctx); err != nil {
+		// Log this as a warning and continue running console without TLS certificates
+		restapi.LogError("Unable to load certs: %v", err)
+	}
+
+	var rctx restapi.Context
+	if err := rctx.Load(ctx); err != nil {
+		restapi.LogError("argument validation failed: %v", err)
+		return err
+	}
+
+	server, err := buildServer()
+	if err != nil {
+		restapi.LogError("Unable to initialize console server: %v", err)
+		return err
+	}
+
+	server.Host = rctx.Host
+	server.Port = rctx.HTTPPort
+	// set conservative timesout for uploads
+	server.ReadTimeout = 1 * time.Hour
+	// no timeouts for response for downloads
+	server.WriteTimeout = 0
+	restapi.Port = strconv.Itoa(server.Port)
+	restapi.Hostname = server.Host
+
+	if len(restapi.GlobalPublicCerts) > 0 {
+		// If TLS certificates are provided enforce the HTTPS schema, meaning console will redirect
+		// plain HTTP connections to HTTPS server
+		server.EnabledListeners = []string{"http", "https"}
+		server.TLSPort = rctx.HTTPSPort
+		// Need to store tls-port, tls-host un config variables so secure.middleware can read from there
+		restapi.TLSPort = strconv.Itoa(server.TLSPort)
+		restapi.Hostname = rctx.Host
+		restapi.TLSRedirect = rctx.TLSRedirect
+	}
+
+	defer server.Shutdown()
+
+	return server.Serve()
+}

cmd/console/app_commands_noop.go

@@ -0,0 +1,77 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+//go:build !operator
+// +build !operator
+
+package main
+
+import (
+	"strconv"
+	"time"
+
+	"github.com/minio/cli"
+	"github.com/minio/console/restapi"
+)
+
+var appCmds = []cli.Command{
+	serverCmd,
+	updateCmd,
+}
+
+// StartServer starts the console service
+func StartServer(ctx *cli.Context) error {
+	if err := loadAllCerts(ctx); err != nil {
+		// Log this as a warning and continue running console without TLS certificates
+		restapi.LogError("Unable to load certs: %v", err)
+	}
+
+	var rctx restapi.Context
+	if err := rctx.Load(ctx); err != nil {
+		restapi.LogError("argument validation failed: %v", err)
+		return err
+	}
+
+	server, err := buildServer()
+	if err != nil {
+		restapi.LogError("Unable to initialize console server: %v", err)
+		return err
+	}
+
+	server.Host = rctx.Host
+	server.Port = rctx.HTTPPort
+	// set conservative timesout for uploads
+	server.ReadTimeout = 1 * time.Hour
+	// no timeouts for response for downloads
+	server.WriteTimeout = 0
+	restapi.Port = strconv.Itoa(server.Port)
+	restapi.Hostname = server.Host
+
+	if len(restapi.GlobalPublicCerts) > 0 {
+		// If TLS certificates are provided enforce the HTTPS schema, meaning console will redirect
+		// plain HTTP connections to HTTPS server
+		server.EnabledListeners = []string{"http", "https"}
+		server.TLSPort = rctx.HTTPSPort
+		// Need to store tls-port, tls-host un config variables so secure.middleware can read from there
+		restapi.TLSPort = strconv.Itoa(server.TLSPort)
+		restapi.Hostname = rctx.Host
+		restapi.TLSRedirect = rctx.TLSRedirect
+	}
+
+	defer server.Shutdown()
+
+	return server.Serve()
+}

cmd/console/main.go

@@ -1,5 +1,5 @@
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -23,13 +23,11 @@ import (
 	"sort"
 	"time"
 
-	"github.com/minio/console/pkg"
-
-	"github.com/minio/minio/pkg/console"
-	"github.com/minio/minio/pkg/trie"
-	"github.com/minio/minio/pkg/words"
-
 	"github.com/minio/cli"
+	"github.com/minio/console/pkg"
+	"github.com/minio/pkg/console"
+	"github.com/minio/pkg/trie"
+	"github.com/minio/pkg/words"
 )
 
 // Help template for Console.
@@ -52,10 +50,6 @@ VERSION:
   {{.Version}}
 `
 
-var appCmds = []cli.Command{
-	serverCmd,
-}
-
 func newApp(name string) *cli.App {
 	// Collection of console commands currently supported are.
 	var commands []cli.Command
@@ -106,7 +100,7 @@ func newApp(name string) *cli.App {
 	app.Author = "MinIO, Inc."
 	app.Usage = "MinIO Console Server"
 	app.Description = `MinIO Console Server`
-	app.Copyright = "(c) 2020 MinIO, Inc."
+	app.Copyright = "(c) 2021 MinIO, Inc."
 	app.Compiled, _ = time.Parse(time.RFC3339, pkg.ReleaseTime)
 	app.Commands = commands
 	app.HideHelpCommand = true // Hide `help, h` command, we already have `minio --help`.

cmd/console/operator.go

@@ -0,0 +1,229 @@
+//go:build operator
+// +build operator
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package main
+
+import (
+	"fmt"
+	"io/ioutil"
+	"path/filepath"
+	"strconv"
+	"syscall"
+	"time"
+
+	"github.com/minio/console/restapi"
+
+	"github.com/go-openapi/loads"
+	"github.com/jessevdk/go-flags"
+	"github.com/minio/cli"
+	"github.com/minio/console/operatorapi"
+	"github.com/minio/console/operatorapi/operations"
+	"github.com/minio/console/pkg/certs"
+)
+
+// starts the server
+var operatorCmd = cli.Command{
+	Name:    "operator",
+	Aliases: []string{"opr"},
+	Usage:   "Start MinIO Operator UI server",
+	Action:  startOperatorServer,
+	Flags: []cli.Flag{
+		cli.StringFlag{
+			Name:  "host",
+			Value: restapi.GetHostname(),
+			Usage: "bind to a specific HOST, HOST can be an IP or hostname",
+		},
+		cli.IntFlag{
+			Name:  "port",
+			Value: restapi.GetPort(),
+			Usage: "bind to specific HTTP port",
+		},
+		// This is kept here for backward compatibility,
+		// hostname's do not have HTTP or HTTPs
+		// hostnames are opaque so using --host
+		// works for both HTTP and HTTPS setup.
+		cli.StringFlag{
+			Name:   "tls-host",
+			Value:  restapi.GetHostname(),
+			Hidden: true,
+		},
+		cli.StringFlag{
+			Name:  "certs-dir",
+			Value: certs.GlobalCertsCADir.Get(),
+			Usage: "path to certs directory",
+		},
+		cli.IntFlag{
+			Name:  "tls-port",
+			Value: restapi.GetTLSPort(),
+			Usage: "bind to specific HTTPS port",
+		},
+		cli.StringFlag{
+			Name:  "tls-redirect",
+			Value: restapi.GetTLSRedirect(),
+			Usage: "toggle HTTP->HTTPS redirect",
+		},
+		cli.StringFlag{
+			Name:   "tls-certificate",
+			Value:  "",
+			Usage:  "path to TLS public certificate",
+			Hidden: true,
+		},
+		cli.StringFlag{
+			Name:   "tls-key",
+			Value:  "",
+			Usage:  "path to TLS private key",
+			Hidden: true,
+		},
+		cli.StringFlag{
+			Name:   "tls-ca",
+			Value:  "",
+			Usage:  "path to TLS Certificate Authority",
+			Hidden: true,
+		},
+	},
+}
+
+func buildOperatorServer() (*operatorapi.Server, error) {
+	swaggerSpec, err := loads.Embedded(operatorapi.SwaggerJSON, operatorapi.FlatSwaggerJSON)
+	if err != nil {
+		return nil, err
+	}
+
+	api := operations.NewOperatorAPI(swaggerSpec)
+	api.Logger = operatorapi.LogInfo
+	server := operatorapi.NewServer(api)
+
+	parser := flags.NewParser(server, flags.Default)
+	parser.ShortDescription = "MinIO Console Server"
+	parser.LongDescription = swaggerSpec.Spec().Info.Description
+
+	server.ConfigureFlags()
+
+	// register all APIs
+	server.ConfigureAPI()
+
+	for _, optsGroup := range api.CommandLineOptionsGroups {
+		_, err := parser.AddGroup(optsGroup.ShortDescription, optsGroup.LongDescription, optsGroup.Options)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	if _, err := parser.Parse(); err != nil {
+		return nil, err
+	}
+
+	return server, nil
+}
+
+func loadOperatorAllCerts(ctx *cli.Context) error {
+	var err error
+	// Set all certs and CAs directories path
+	certs.GlobalCertsDir, _, err = certs.NewConfigDirFromCtx(ctx, "certs-dir", certs.DefaultCertsDir.Get)
+	if err != nil {
+		return err
+	}
+
+	certs.GlobalCertsCADir = &certs.ConfigDir{Path: filepath.Join(certs.GlobalCertsDir.Get(), certs.CertsCADir)}
+	// check if certs and CAs directories exists or can be created
+	if err = certs.MkdirAllIgnorePerm(certs.GlobalCertsCADir.Get()); err != nil {
+		return fmt.Errorf("unable to create certs CA directory at %s: failed with %w", certs.GlobalCertsCADir.Get(), err)
+	}
+
+	// load the certificates and the CAs
+	operatorapi.GlobalRootCAs, operatorapi.GlobalPublicCerts, operatorapi.GlobalTLSCertsManager, err = certs.GetAllCertificatesAndCAs()
+	if err != nil {
+		return fmt.Errorf("unable to load certificates at %s: failed with %w", certs.GlobalCertsDir.Get(), err)
+	}
+
+	{
+		// TLS flags from swagger server, used to support VMware vsphere operator version.
+		swaggerServerCertificate := ctx.String("tls-certificate")
+		swaggerServerCertificateKey := ctx.String("tls-key")
+		swaggerServerCACertificate := ctx.String("tls-ca")
+		// load tls cert and key from swagger server tls-certificate and tls-key flags
+		if swaggerServerCertificate != "" && swaggerServerCertificateKey != "" {
+			if err = operatorapi.GlobalTLSCertsManager.AddCertificate(swaggerServerCertificate, swaggerServerCertificateKey); err != nil {
+				return err
+			}
+			x509Certs, err := certs.ParsePublicCertFile(swaggerServerCertificate)
+			if err == nil {
+				operatorapi.GlobalPublicCerts = append(operatorapi.GlobalPublicCerts, x509Certs...)
+			}
+		}
+
+		// load ca cert from swagger server tls-ca flag
+		if swaggerServerCACertificate != "" {
+			caCert, caCertErr := ioutil.ReadFile(swaggerServerCACertificate)
+			if caCertErr == nil {
+				operatorapi.GlobalRootCAs.AppendCertsFromPEM(caCert)
+			}
+		}
+	}
+
+	if restapi.GlobalTLSCertsManager != nil {
+		restapi.GlobalTLSCertsManager.ReloadOnSignal(syscall.SIGHUP)
+	}
+
+	return nil
+}
+
+// StartServer starts the console service
+func startOperatorServer(ctx *cli.Context) error {
+	if err := loadOperatorAllCerts(ctx); err != nil {
+		// Log this as a warning and continue running console without TLS certificates
+		operatorapi.LogError("Unable to load certs: %v", err)
+	}
+
+	var rctx operatorapi.Context
+	if err := rctx.Load(ctx); err != nil {
+		operatorapi.LogError("argument validation failed: %v", err)
+		return err
+	}
+
+	server, err := buildOperatorServer()
+	if err != nil {
+		operatorapi.LogError("Unable to initialize console server: %v", err)
+		return err
+	}
+
+	server.Host = rctx.Host
+	server.Port = rctx.HTTPPort
+	// set conservative timesout for uploads
+	server.ReadTimeout = 1 * time.Hour
+	// no timeouts for response for downloads
+	server.WriteTimeout = 0
+	operatorapi.Port = strconv.Itoa(server.Port)
+	operatorapi.Hostname = server.Host
+
+	if len(operatorapi.GlobalPublicCerts) > 0 {
+		// If TLS certificates are provided enforce the HTTPS schema, meaning console will redirect
+		// plain HTTP connections to HTTPS server
+		server.EnabledListeners = []string{"http", "https"}
+		server.TLSPort = rctx.HTTPSPort
+		// Need to store tls-port, tls-host un config variables so secure.middleware can read from there
+		operatorapi.TLSPort = strconv.Itoa(server.TLSPort)
+		operatorapi.Hostname = rctx.Host
+		operatorapi.TLSRedirect = rctx.TLSRedirect
+	}
+
+	defer server.Shutdown()
+
+	return server.Serve()
+}

cmd/console/server.go

@@ -1,5 +1,5 @@
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -18,9 +18,9 @@ package main
 
 import (
 	"fmt"
-	"log"
-	"os"
+	"io/ioutil"
 	"path/filepath"
+	"syscall"
 
 	"github.com/go-openapi/loads"
 	"github.com/jessevdk/go-flags"
@@ -28,55 +28,79 @@ import (
 	"github.com/minio/console/pkg/certs"
 	"github.com/minio/console/restapi"
 	"github.com/minio/console/restapi/operations"
-	"github.com/minio/minio/cmd/logger"
-	certsx "github.com/minio/minio/pkg/certs"
 )
 
 // starts the server
 var serverCmd = cli.Command{
 	Name:    "server",
 	Aliases: []string{"srv"},
-	Usage:   "starts Console server",
-	Action:  startServer,
+	Usage:   "Start MinIO Console server",
+	Action:  StartServer,
 	Flags: []cli.Flag{
 		cli.StringFlag{
 			Name:  "host",
 			Value: restapi.GetHostname(),
-			Usage: "HTTP server hostname",
+			Usage: "bind to a specific HOST, HOST can be an IP or hostname",
 		},
 		cli.IntFlag{
 			Name:  "port",
 			Value: restapi.GetPort(),
-			Usage: "HTTP Server port",
+			Usage: "bind to specific HTTP port",
 		},
+		// This is kept here for backward compatibility,
+		// hostname's do not have HTTP or HTTPs
+		// hostnames are opaque so using --host
+		// works for both HTTP and HTTPS setup.
 		cli.StringFlag{
-			Name:  "tls-host",
-			Value: restapi.GetTLSHostname(),
-			Usage: "HTTPS server hostname",
-		},
-		cli.IntFlag{
-			Name:  "tls-port",
-			Value: restapi.GetTLSPort(),
-			Usage: "HTTPS server port",
+			Name:   "tls-host",
+			Value:  restapi.GetHostname(),
+			Hidden: true,
 		},
 		cli.StringFlag{
 			Name:  "certs-dir",
 			Value: certs.GlobalCertsCADir.Get(),
 			Usage: "path to certs directory",
 		},
+		cli.IntFlag{
+			Name:  "tls-port",
+			Value: restapi.GetTLSPort(),
+			Usage: "bind to specific HTTPS port",
+		},
+		cli.StringFlag{
+			Name:  "tls-redirect",
+			Value: restapi.GetTLSRedirect(),
+			Usage: "toggle HTTP->HTTPS redirect",
+		},
+		cli.StringFlag{
+			Name:   "tls-certificate",
+			Value:  "",
+			Usage:  "path to TLS public certificate",
+			Hidden: true,
+		},
+		cli.StringFlag{
+			Name:   "tls-key",
+			Value:  "",
+			Usage:  "path to TLS private key",
+			Hidden: true,
+		},
+		cli.StringFlag{
+			Name:   "tls-ca",
+			Value:  "",
+			Usage:  "path to TLS Certificate Authority",
+			Hidden: true,
+		},
 	},
 }
 
-// starts the controller
-func startServer(ctx *cli.Context) error {
+func buildServer() (*restapi.Server, error) {
 	swaggerSpec, err := loads.Embedded(restapi.SwaggerJSON, restapi.FlatSwaggerJSON)
 	if err != nil {
-		log.Fatalln(err)
+		return nil, err
 	}
 
 	api := operations.NewConsoleAPI(swaggerSpec)
+	api.Logger = restapi.LogInfo
 	server := restapi.NewServer(api)
-	defer server.Shutdown()
 
 	parser := flags.NewParser(server, flags.Default)
 	parser.ShortDescription = "MinIO Console Server"
@@ -84,57 +108,71 @@ func startServer(ctx *cli.Context) error {
 
 	server.ConfigureFlags()
 
+	// register all APIs
+	server.ConfigureAPI()
+
 	for _, optsGroup := range api.CommandLineOptionsGroups {
 		_, err := parser.AddGroup(optsGroup.ShortDescription, optsGroup.LongDescription, optsGroup.Options)
 		if err != nil {
-			log.Fatalln(err)
+			return nil, err
 		}
 	}
 
 	if _, err := parser.Parse(); err != nil {
-		code := 1
-		if fe, ok := err.(*flags.Error); ok {
-			if fe.Type == flags.ErrHelp {
-				code = 0
+		return nil, err
+	}
+
+	return server, nil
+}
+
+func loadAllCerts(ctx *cli.Context) error {
+	var err error
+	// Set all certs and CAs directories path
+	certs.GlobalCertsDir, _, err = certs.NewConfigDirFromCtx(ctx, "certs-dir", certs.DefaultCertsDir.Get)
+	if err != nil {
+		return err
+	}
+
+	certs.GlobalCertsCADir = &certs.ConfigDir{Path: filepath.Join(certs.GlobalCertsDir.Get(), certs.CertsCADir)}
+	// check if certs and CAs directories exists or can be created
+	if err = certs.MkdirAllIgnorePerm(certs.GlobalCertsCADir.Get()); err != nil {
+		return fmt.Errorf("unable to create certs CA directory at %s: failed with %w", certs.GlobalCertsCADir.Get(), err)
+	}
+
+	// load the certificates and the CAs
+	restapi.GlobalRootCAs, restapi.GlobalPublicCerts, restapi.GlobalTLSCertsManager, err = certs.GetAllCertificatesAndCAs()
+	if err != nil {
+		return fmt.Errorf("unable to load certificates at %s: failed with %w", certs.GlobalCertsDir.Get(), err)
+	}
+
+	{
+		// TLS flags from swagger server, used to support VMware vsphere operator version.
+		swaggerServerCertificate := ctx.String("tls-certificate")
+		swaggerServerCertificateKey := ctx.String("tls-key")
+		swaggerServerCACertificate := ctx.String("tls-ca")
+		// load tls cert and key from swagger server tls-certificate and tls-key flags
+		if swaggerServerCertificate != "" && swaggerServerCertificateKey != "" {
+			if err = restapi.GlobalTLSCertsManager.AddCertificate(swaggerServerCertificate, swaggerServerCertificateKey); err != nil {
+				return err
+			}
+			x509Certs, err := certs.ParsePublicCertFile(swaggerServerCertificate)
+			if err == nil {
+				restapi.GlobalPublicCerts = append(restapi.GlobalPublicCerts, x509Certs...)
+			}
+		}
+
+		// load ca cert from swagger server tls-ca flag
+		if swaggerServerCACertificate != "" {
+			caCert, caCertErr := ioutil.ReadFile(swaggerServerCACertificate)
+			if caCertErr == nil {
+				restapi.GlobalRootCAs.AppendCertsFromPEM(caCert)
 			}
 		}
-		os.Exit(code)
 	}
 
-	server.Host = ctx.String("host")
-	server.Port = ctx.Int("port")
-
-	restapi.Hostname = ctx.String("host")
-	restapi.Port = fmt.Sprintf("%v", ctx.Int("port"))
-
-	// Set all certs and CAs directories.
-	certs.GlobalCertsDir, _ = certs.NewConfigDirFromCtx(ctx, "certs-dir", certs.DefaultCertsDir.Get)
-	certs.GlobalCertsCADir = &certs.ConfigDir{Path: filepath.Join(certs.GlobalCertsDir.Get(), certs.CertsCADir)}
-	logger.FatalIf(certs.MkdirAllIgnorePerm(certs.GlobalCertsCADir.Get()), "Unable to create certs CA directory at %s", certs.GlobalCertsCADir.Get())
-
-	// load all CAs from ~/.console/certs/CAs
-	restapi.GlobalRootCAs, err = certsx.GetRootCAs(certs.GlobalCertsCADir.Get())
-	logger.FatalIf(err, "Failed to read root CAs (%v)", err)
-	// load all certs from ~/.console/certs
-	restapi.GlobalPublicCerts, restapi.GlobalTLSCertsManager, err = certs.GetTLSConfig()
-	logger.FatalIf(err, "Unable to load the TLS configuration")
-
-	if len(restapi.GlobalPublicCerts) > 0 && restapi.GlobalRootCAs != nil {
-		// If TLS certificates are provided enforce the HTTPS schema, meaning console will redirect
-		// plain HTTP connections to HTTPS server
-		server.EnabledListeners = []string{"http", "https"}
-		server.TLSPort = ctx.Int("tls-port")
-		server.TLSHost = ctx.String("tls-host")
-		// Need to store tls-port, tls-host un config variables so secure.middleware can read from there
-		restapi.TLSPort = fmt.Sprintf("%v", ctx.Int("tls-port"))
-		restapi.TLSHostname = ctx.String("tls-host")
-		restapi.TLSRedirect = "on"
+	if restapi.GlobalTLSCertsManager != nil {
+		restapi.GlobalTLSCertsManager.ReloadOnSignal(syscall.SIGHUP)
 	}
 
-	server.ConfigureAPI()
-
-	if err := server.Serve(); err != nil {
-		log.Fatalln(err)
-	}
 	return nil
 }

cmd/console/update.go

@@ -0,0 +1,154 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package main
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io"
+	"net"
+	"net/http"
+	"os"
+	"runtime"
+	"strings"
+	"time"
+
+	"github.com/blang/semver/v4"
+	"github.com/cheggaaa/pb/v3"
+	"github.com/minio/cli"
+	"github.com/minio/console/pkg"
+	"github.com/minio/selfupdate"
+)
+
+func getUpdateTransport(timeout time.Duration) http.RoundTripper {
+	var updateTransport http.RoundTripper = &http.Transport{
+		Proxy: http.ProxyFromEnvironment,
+		DialContext: (&net.Dialer{
+			Timeout:   timeout,
+			KeepAlive: timeout,
+			DualStack: true,
+		}).DialContext,
+		IdleConnTimeout:       timeout,
+		TLSHandshakeTimeout:   timeout,
+		ExpectContinueTimeout: timeout,
+		DisableCompression:    true,
+	}
+	return updateTransport
+}
+
+func getUpdateReaderFromURL(u string, transport http.RoundTripper) (io.ReadCloser, int64, error) {
+	clnt := &http.Client{
+		Transport: transport,
+	}
+	req, err := http.NewRequest(http.MethodGet, u, nil)
+	if err != nil {
+		return nil, -1, err
+	}
+
+	resp, err := clnt.Do(req)
+	if err != nil {
+		return nil, -1, err
+	}
+	return resp.Body, resp.ContentLength, nil
+}
+
+const defaultPubKey = "RWTx5Zr1tiHQLwG9keckT0c45M3AGeHD6IvimQHpyRywVWGbP1aVSGav"
+
+func getLatestRelease(tr http.RoundTripper) (string, error) {
+	releaseURL := "https://api.github.com/repos/minio/console/releases/latest"
+
+	body, _, err := getUpdateReaderFromURL(releaseURL, tr)
+	if err != nil {
+		return "", fmt.Errorf("unable to access github release URL %w", err)
+	}
+	defer body.Close()
+
+	lm := make(map[string]interface{})
+	if err = json.NewDecoder(body).Decode(&lm); err != nil {
+		return "", err
+	}
+	rel, ok := lm["tag_name"].(string)
+	if !ok {
+		return "", errors.New("unable to find latest release tag")
+	}
+	return rel, nil
+}
+
+// update console in-place
+var updateCmd = cli.Command{
+	Name:   "update",
+	Usage:  "update console to latest release",
+	Action: updateInplace,
+}
+
+func updateInplace(ctx *cli.Context) error {
+	transport := getUpdateTransport(30 * time.Second)
+	rel, err := getLatestRelease(transport)
+	if err != nil {
+		return err
+	}
+
+	latest, err := semver.Make(strings.TrimPrefix(rel, "v"))
+	if err != nil {
+		return err
+	}
+
+	current, err := semver.Make(pkg.Version)
+	if err != nil {
+		return err
+	}
+
+	if current.GTE(latest) {
+		fmt.Printf("You are already running the latest version v%v.\n", pkg.Version)
+		return nil
+	}
+
+	consoleBin := fmt.Sprintf("https://github.com/minio/console/releases/download/%s/console-%s-%s", rel, runtime.GOOS, runtime.GOARCH)
+	reader, length, err := getUpdateReaderFromURL(consoleBin, transport)
+	if err != nil {
+		return fmt.Errorf("unable to fetch binary from %s: %w", consoleBin, err)
+	}
+
+	minisignPubkey := os.Getenv("CONSOLE_MINISIGN_PUBKEY")
+	if minisignPubkey == "" {
+		minisignPubkey = defaultPubKey
+	}
+
+	v := selfupdate.NewVerifier()
+	if err = v.LoadFromURL(consoleBin+".minisig", minisignPubkey, transport); err != nil {
+		return fmt.Errorf("unable to fetch binary signature for %s: %w", consoleBin, err)
+	}
+	opts := selfupdate.Options{
+		Verifier: v,
+	}
+
+	tmpl := `{{ red "Downloading:" }} {{bar . (red "[") (green "=") (red "]")}} {{speed . | rndcolor }}`
+	bar := pb.ProgressBarTemplate(tmpl).Start64(length)
+	barReader := bar.NewProxyReader(reader)
+	if err = selfupdate.Apply(barReader, opts); err != nil {
+		bar.Finish()
+		if rerr := selfupdate.RollbackError(err); rerr != nil {
+			return rerr
+		}
+		return err
+	}
+
+	bar.Finish()
+	fmt.Printf("Updated 'console' to latest release %s\n", rel)
+	return nil
+}

cross-compile.sh

@@ -0,0 +1,33 @@
+#!/bin/bash
+
+set -e
+# Enable tracing if set.
+[ -n "$BASH_XTRACEFD" ] && set -x
+
+## All binaries are static make sure to disable CGO.
+export CGO_ENABLED=0
+
+## List of architectures and OS to test cross compilation.
+SUPPORTED_OSARCH_DEFAULTS="linux/ppc64le linux/mips64 linux/arm64 linux/s390x darwin/amd64 freebsd/amd64 windows/amd64 linux/arm linux/386 netbsd/amd64"
+SUPPORTED_OSARCH=${1:-$SUPPORTED_OSARCH_DEFAULTS}
+
+_build() {
+    local osarch=$1
+    IFS=/ read -r -a arr <<<"$osarch"
+    os="${arr[0]}"
+    arch="${arr[1]}"
+    package=$(go list -f '{{.ImportPath}}' ./cmd/console)
+    printf -- "--> %15s:%s\n" "${osarch}" "${package}"
+
+    # go build -trimpath to build the binary.
+    GOOS=$os GOARCH=$arch GO111MODULE=on go build -trimpath --tags=kqueue --ldflags "-s -w" -o /dev/null ./cmd/console
+}
+
+main() {
+    echo "Testing builds for OS/Arch: ${SUPPORTED_OSARCH}"
+    for each_osarch in ${SUPPORTED_OSARCH}; do
+        _build "${each_osarch}"
+    done
+}
+
+main "$@"

docs/ldap/billy.ldif

@@ -0,0 +1,35 @@
+# LDIF fragment to create group branch under root
+dn: uid=billy,dc=example,dc=org
+uid: billy
+cn: billy
+sn: 3
+objectClass: top
+objectClass: posixAccount
+objectClass: inetOrgPerson
+loginShell: /bin/bash
+homeDirectory: /home/billy
+uidNumber: 14583102
+gidNumber: 14564100
+userPassword: {SSHA}j3lBh1Seqe4rqF1+NuWmjhvtAni1JC5A
+mail: billy@example.org
+gecos: Billy User
+
+# Create base group
+dn: ou=groups,dc=example,dc=org
+objectclass:organizationalunit
+ou: groups
+description: generic groups branch
+
+# create consoleAdmin group (this already exists on minio and have a policy of s3::*)
+dn: cn=consoleAdmin,ou=groups,dc=example,dc=org
+objectClass: top
+objectClass: posixGroup
+gidNumber: 678
+
+# Assing group to new user
+dn: cn=consoleAdmin,ou=groups,dc=example,dc=org
+changetype: modify
+add: memberuid
+memberuid: billy
+
+

go.mod

@@ -1,35 +1,155 @@
 module github.com/minio/console
 
-go 1.15
+go 1.17
 
 require (
-	github.com/coreos/go-oidc v2.2.1+incompatible
-	github.com/elazarl/go-bindata-assetfs v1.0.0
-	github.com/go-openapi/errors v0.19.6
-	github.com/go-openapi/loads v0.19.5
-	github.com/go-openapi/runtime v0.19.19
-	github.com/go-openapi/spec v0.19.8
-	github.com/go-openapi/strfmt v0.19.5
-	github.com/go-openapi/swag v0.19.9
-	github.com/go-openapi/validate v0.19.10
+	github.com/blang/semver/v4 v4.0.0
+	github.com/cheggaaa/pb/v3 v3.0.6
+	github.com/dustin/go-humanize v1.0.0
+	github.com/go-openapi/errors v0.20.1
+	github.com/go-openapi/loads v0.21.0
+	github.com/go-openapi/runtime v0.21.0
+	github.com/go-openapi/spec v0.20.4
+	github.com/go-openapi/strfmt v0.21.1
+	github.com/go-openapi/swag v0.19.15
+	github.com/go-openapi/validate v0.20.3
+	github.com/golang-jwt/jwt/v4 v4.1.0
 	github.com/gorilla/websocket v1.4.2
 	github.com/jessevdk/go-flags v1.4.0
+	github.com/klauspost/compress v1.13.6
 	github.com/minio/cli v1.22.0
+	github.com/minio/direct-csi v1.3.5-0.20210601185811-f7776f7961bf
 	github.com/minio/kes v0.11.0
-	github.com/minio/mc v0.0.0-20201001165056-7f2df96e4821
-	github.com/minio/minio v0.0.0-20200927172404-27d9bd04e544
-	github.com/minio/minio-go/v7 v7.0.6-0.20200923173112-bc846cb9b089
-	github.com/minio/operator v0.0.0-20201022162018-527e5c32132b
+	github.com/minio/madmin-go v1.1.23
+	github.com/minio/mc v0.0.0-20211207230606-23a05f5a17f2
+	github.com/minio/minio-go/v7 v7.0.21
+	github.com/minio/operator v0.0.0-20220110040724-a5d59a342b7f
+	github.com/minio/pkg v1.1.14
+	github.com/minio/selfupdate v0.4.0
 	github.com/mitchellh/go-homedir v1.1.0
-	github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35 // indirect
+	github.com/rs/xid v1.3.0
 	github.com/secure-io/sio-go v0.3.1
-	github.com/stretchr/testify v1.6.1
-	github.com/unrolled/secure v1.0.7
-	golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a
-	golang.org/x/net v0.0.0-20200904194848-62affa334b73
-	golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d
-	gopkg.in/yaml.v2 v2.3.0
-	k8s.io/api v0.18.6
-	k8s.io/apimachinery v0.18.6
-	k8s.io/client-go v0.18.6
+	github.com/stretchr/testify v1.7.0
+	github.com/tidwall/gjson v1.10.2
+	github.com/unrolled/secure v1.0.9
+	golang.org/x/crypto v0.0.0-20211209193657-4570a0811e8b
+	golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2
+	golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c
+	gopkg.in/yaml.v2 v2.4.0
+	k8s.io/api v0.21.1
+	k8s.io/apimachinery v0.21.1
+	k8s.io/client-go v0.21.1
 )
+
+require (
+	github.com/PuerkitoBio/purell v1.1.1 // indirect
+	github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
+	github.com/StackExchange/wmi v1.2.1 // indirect
+	github.com/VividCortex/ewma v1.1.1 // indirect
+	github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef // indirect
+	github.com/beorn7/perks v1.0.1 // indirect
+	github.com/briandowns/spinner v1.16.0 // indirect
+	github.com/cespare/xxhash/v2 v2.1.2 // indirect
+	github.com/cheggaaa/pb v1.0.29 // indirect
+	github.com/coreos/go-semver v0.3.0 // indirect
+	github.com/coreos/go-systemd/v22 v22.3.2 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.0 // indirect
+	github.com/docker/go-units v0.4.0 // indirect
+	github.com/emicklei/go-restful v2.9.5+incompatible // indirect
+	github.com/evanphx/json-patch v4.9.0+incompatible // indirect
+	github.com/fatih/color v1.13.0 // indirect
+	github.com/fatih/structs v1.1.0 // indirect
+	github.com/go-logr/logr v0.4.0 // indirect
+	github.com/go-ole/go-ole v1.2.6 // indirect
+	github.com/go-openapi/analysis v0.20.1 // indirect
+	github.com/go-openapi/jsonpointer v0.19.5 // indirect
+	github.com/go-openapi/jsonreference v0.19.6 // indirect
+	github.com/go-stack/stack v1.8.0 // indirect
+	github.com/goccy/go-json v0.7.9 // indirect
+	github.com/gogo/protobuf v1.3.2 // indirect
+	github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
+	github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b // indirect
+	github.com/golang/protobuf v1.5.2 // indirect
+	github.com/google/go-cmp v0.5.5 // indirect
+	github.com/google/gofuzz v1.1.0 // indirect
+	github.com/google/uuid v1.3.0 // indirect
+	github.com/googleapis/gnostic v0.5.1 // indirect
+	github.com/hashicorp/errwrap v1.1.0 // indirect
+	github.com/hashicorp/go-multierror v1.1.1 // indirect
+	github.com/hashicorp/golang-lru v0.5.4 // indirect
+	github.com/inconshreveable/mousetrap v1.0.0 // indirect
+	github.com/josharian/intern v1.0.0 // indirect
+	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/klauspost/cpuid/v2 v2.0.9 // indirect
+	github.com/lestrrat-go/backoff/v2 v2.0.8 // indirect
+	github.com/lestrrat-go/blackmagic v1.0.0 // indirect
+	github.com/lestrrat-go/httpcc v1.0.0 // indirect
+	github.com/lestrrat-go/iter v1.0.1 // indirect
+	github.com/lestrrat-go/jwx v1.2.7 // indirect
+	github.com/lestrrat-go/option v1.0.0 // indirect
+	github.com/mailru/easyjson v0.7.6 // indirect
+	github.com/mattn/go-colorable v0.1.10 // indirect
+	github.com/mattn/go-ieproxy v0.0.1 // indirect
+	github.com/mattn/go-isatty v0.0.14 // indirect
+	github.com/mattn/go-runewidth v0.0.13 // indirect
+	github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect
+	github.com/mb0/glob v0.0.0-20160210091149-1eb79d2de6c4 // indirect
+	github.com/minio/argon2 v1.0.0 // indirect
+	github.com/minio/colorjson v1.0.1 // indirect
+	github.com/minio/filepath v1.0.0 // indirect
+	github.com/minio/md5-simd v1.1.2 // indirect
+	github.com/minio/sha256-simd v1.0.0 // indirect
+	github.com/mitchellh/mapstructure v1.4.1 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
+	github.com/nxadm/tail v1.4.8 // indirect
+	github.com/oklog/ulid v1.3.1 // indirect
+	github.com/philhofer/fwd v1.1.1 // indirect
+	github.com/pkg/errors v0.9.1 // indirect
+	github.com/pkg/profile v1.6.0 // indirect
+	github.com/pkg/xattr v0.4.3 // indirect
+	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
+	github.com/posener/complete v1.2.3 // indirect
+	github.com/prometheus/client_golang v1.11.0 // indirect
+	github.com/prometheus/client_model v0.2.0 // indirect
+	github.com/prometheus/common v0.31.1 // indirect
+	github.com/prometheus/procfs v0.7.3 // indirect
+	github.com/rivo/uniseg v0.2.0 // indirect
+	github.com/rjeczalik/notify v0.9.2 // indirect
+	github.com/shirou/gopsutil/v3 v3.21.8 // indirect
+	github.com/sirupsen/logrus v1.8.1 // indirect
+	github.com/tidwall/match v1.1.1 // indirect
+	github.com/tidwall/pretty v1.2.0 // indirect
+	github.com/tinylib/msgp v1.1.6 // indirect
+	github.com/tklauser/go-sysconf v0.3.9 // indirect
+	github.com/tklauser/numcpus v0.3.0 // indirect
+	go.etcd.io/etcd/api/v3 v3.5.0 // indirect
+	go.etcd.io/etcd/client/pkg/v3 v3.5.0 // indirect
+	go.etcd.io/etcd/client/v3 v3.5.0 // indirect
+	go.mongodb.org/mongo-driver v1.7.5 // indirect
+	go.uber.org/atomic v1.9.0 // indirect
+	go.uber.org/multierr v1.7.0 // indirect
+	go.uber.org/zap v1.19.1 // indirect
+	golang.org/x/sys v0.0.0-20211015200801-69063c4bb744 // indirect
+	golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect
+	golang.org/x/text v0.3.7 // indirect
+	golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba // indirect
+	google.golang.org/appengine v1.6.6 // indirect
+	google.golang.org/genproto v0.0.0-20210928142010-c7af6a1a74c9 // indirect
+	google.golang.org/grpc v1.41.0 // indirect
+	google.golang.org/protobuf v1.27.1 // indirect
+	gopkg.in/h2non/filetype.v1 v1.0.5 // indirect
+	gopkg.in/inf.v0 v0.9.1 // indirect
+	gopkg.in/ini.v1 v1.63.2 // indirect
+	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
+	k8s.io/klog/v2 v2.8.0 // indirect
+	k8s.io/kube-openapi v0.0.0-20210305001622-591a79e4bda7 // indirect
+	k8s.io/utils v0.0.0-20201110183641-67b214c5f920 // indirect
+	maze.io/x/duration v0.0.0-20160924141736-faac084b6075 // indirect
+	sigs.k8s.io/controller-runtime v0.8.0 // indirect
+	sigs.k8s.io/structured-merge-diff/v4 v4.1.0 // indirect
+	sigs.k8s.io/yaml v1.2.0 // indirect
+)
+
+replace google.golang.org/grpc => google.golang.org/grpc v1.29.1

hack/header.go.txt

@@ -1,5 +1,5 @@
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -13,9 +13,3 @@
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package acl
-
-const (
-	consoleOperatorMode = "CONSOLE_OPERATOR_MODE"
-)

hack/update-codegen.sh

@@ -1,18 +1,4 @@
 #!/bin/bash
-#
-# Copyright 2020 Google LLC
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     https://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
 
 set -o errexit
 set -o nounset
@@ -20,10 +6,7 @@ set -o pipefail
 
 SCRIPT_ROOT=$(dirname ${BASH_SOURCE})/..
 
-go get -d k8s.io/code-generator/...
-
-# Checkout code-generator to compatible version
-#(cd $GOPATH/src/k8s.io/code-generator && git checkout origin/release-1.14 -B release-1.14)
+GO111MODULE=off go get -d k8s.io/code-generator/...
 
 REPOSITORY=github.com/minio/console
 $GOPATH/src/k8s.io/code-generator/generate-groups.sh all \

integration/buckets_test.go

@@ -0,0 +1,876 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package integration
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"log"
+	"net/http"
+	"os"
+	"strconv"
+	"strings"
+	"testing"
+	"time"
+
+	"github.com/go-openapi/loads"
+	"github.com/minio/console/restapi"
+	"github.com/minio/console/restapi/operations"
+
+	"github.com/minio/console/models"
+
+	"github.com/stretchr/testify/assert"
+)
+
+var token string
+
+func inspectHTTPResponse(httpResponse *http.Response) string {
+	/*
+		Helper function to inspect the content of a HTTP response.
+	*/
+	b, err := io.ReadAll(httpResponse.Body)
+	if err != nil {
+		log.Fatalln(err)
+	}
+	return "Http Response: " + string(b)
+}
+
+func printMessage(message string) {
+	/*
+		Helper function to print HTTP response.
+	*/
+	fmt.Println(message)
+}
+
+func initConsoleServer() (*restapi.Server, error) {
+
+	//os.Setenv("CONSOLE_MINIO_SERVER", "localhost:9000")
+
+	swaggerSpec, err := loads.Embedded(restapi.SwaggerJSON, restapi.FlatSwaggerJSON)
+	if err != nil {
+		return nil, err
+	}
+
+	noLog := func(string, ...interface{}) {
+		// nothing to log
+	}
+
+	// Initialize MinIO loggers
+	restapi.LogInfo = noLog
+	restapi.LogError = noLog
+
+	api := operations.NewConsoleAPI(swaggerSpec)
+	api.Logger = noLog
+
+	server := restapi.NewServer(api)
+	// register all APIs
+	server.ConfigureAPI()
+
+	//restapi.GlobalRootCAs, restapi.GlobalPublicCerts, restapi.GlobalTLSCertsManager = globalRootCAs, globalPublicCerts, globalTLSCerts
+
+	consolePort, _ := strconv.Atoi("9090")
+
+	server.Host = "0.0.0.0"
+	server.Port = consolePort
+	restapi.Port = "9090"
+	restapi.Hostname = "0.0.0.0"
+
+	return server, nil
+}
+
+func TestMain(m *testing.M) {
+
+	// start console server
+	go func() {
+		fmt.Println("start server")
+		srv, err := initConsoleServer()
+		if err != nil {
+			log.Println(err)
+			log.Println("init fail")
+			return
+		}
+		srv.Serve()
+
+	}()
+
+	fmt.Println("sleeping")
+	time.Sleep(2 * time.Second)
+
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	// get login credentials
+
+	requestData := map[string]string{
+		"accessKey": "minioadmin",
+		"secretKey": "minioadmin",
+	}
+
+	requestDataJSON, _ := json.Marshal(requestData)
+
+	requestDataBody := bytes.NewReader(requestDataJSON)
+
+	request, err := http.NewRequest("POST", "http://localhost:9090/api/v1/login", requestDataBody)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	request.Header.Add("Content-Type", "application/json")
+
+	response, err := client.Do(request)
+
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	if response != nil {
+		for _, cookie := range response.Cookies() {
+			if cookie.Name == "token" {
+				token = cookie.Value
+				break
+			}
+		}
+	}
+
+	if token == "" {
+		log.Println("authentication token not found in cookies response")
+		return
+	}
+
+	code := m.Run()
+
+	requestDataAdd := map[string]interface{}{
+		"name": "test1",
+	}
+
+	requestDataJSON, _ = json.Marshal(requestDataAdd)
+
+	requestDataBody = bytes.NewReader(requestDataJSON)
+
+	// get list of buckets
+	request, err = http.NewRequest("DELETE", "http://localhost:9090/api/v1/buckets/test1", requestDataBody)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	response, err = client.Do(request)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	if response != nil {
+		fmt.Println("DELETE StatusCode:", response.StatusCode)
+	}
+
+	os.Exit(code)
+}
+
+func AddBucket(name string, locking bool, versioning bool, quota map[string]interface{}, retention map[string]interface{}) (*http.Response, error) {
+	/*
+	   This is an atomic function that we can re-use to create a bucket on any
+	   desired test.
+	*/
+	// Needed Parameters for API Call
+	requestDataAdd := map[string]interface{}{
+		"name":       name,
+		"locking":    locking,
+		"versioning": versioning,
+		"quota":      quota,
+		"retention":  retention,
+	}
+
+	// Creating the Call by adding the URL and Headers
+	requestDataJSON, _ := json.Marshal(requestDataAdd)
+	requestDataBody := bytes.NewReader(requestDataJSON)
+	request, err := http.NewRequest("POST", "http://localhost:9090/api/v1/buckets", requestDataBody)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	// Performing the call
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func ListBuckets() (*http.Response, error) {
+	/*
+		Helper function to list buckets
+		HTTP Verb: GET
+		{{baseUrl}}/buckets?sort_by=proident velit&offset=-5480083&limit=-5480083
+	*/
+	request, err := http.NewRequest(
+		"GET", "http://localhost:9090/api/v1/buckets", nil)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func BucketInfo(name string) (*http.Response, error) {
+	/*
+		Helper function to test Bucket Info End Point
+		GET: {{baseUrl}}/buckets/:name
+	*/
+	bucketInformationRequest, bucketInformationError := http.NewRequest(
+		"GET", "http://localhost:9090/api/v1/buckets/"+name, nil)
+	if bucketInformationError != nil {
+		log.Println(bucketInformationError)
+	}
+	bucketInformationRequest.Header.Add("Cookie",
+		fmt.Sprintf("token=%s", token))
+	bucketInformationRequest.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(bucketInformationRequest)
+	return response, err
+}
+
+func PutBucketsTags(bucketName string, tags map[string]string) (*http.Response, error) {
+	/*
+		Helper function to put bucket's tags.
+		PUT: {{baseUrl}}/buckets/:bucket_name/tags
+		{
+			"tags": {}
+		}
+	*/
+	requestDataAdd := map[string]interface{}{
+		"tags": tags,
+	}
+	requestDataJSON, _ := json.Marshal(requestDataAdd)
+	requestDataBody := bytes.NewReader(requestDataJSON)
+	request, err := http.NewRequest("PUT",
+		"http://localhost:9090/api/v1/buckets/"+bucketName+"/tags",
+		requestDataBody)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func SetBucketRetention(bucketName string, mode string, unit string, validity int) (*http.Response, error) {
+	/*
+		Helper function to set bucket's retention
+		PUT: {{baseUrl}}/buckets/:bucket_name/retention
+		{
+			"mode":"compliance",
+			"unit":"years",
+			"validity":2
+		}
+	*/
+	requestDataAdd := map[string]interface{}{
+		"mode":     mode,
+		"unit":     unit,
+		"validity": validity,
+	}
+	requestDataJSON, _ := json.Marshal(requestDataAdd)
+	requestDataBody := bytes.NewReader(requestDataJSON)
+	request, err := http.NewRequest("PUT",
+		"http://localhost:9090/api/v1/buckets/"+bucketName+"/retention",
+		requestDataBody)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func GetBucketRetention(bucketName string) (*http.Response, error) {
+	/*
+		Helper function to get the bucket's retention
+	*/
+	request, err := http.NewRequest("GET",
+		"http://localhost:9090/api/v1/buckets/"+bucketName+"/retention",
+		nil)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func TestAddBucket(t *testing.T) {
+	assert := assert.New(t)
+
+	response, err := AddBucket("test1", false, false, nil, nil)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	if response != nil {
+		assert.Equal(201, response.StatusCode, "Status Code is incorrect")
+	}
+}
+
+func TestAddBucketLocking(t *testing.T) {
+	/*
+		This function is to test that locking can't be activated if versioning
+		is not enabled.
+		Then, locking will be activated because versioning is activated as well.
+	*/
+	assert := assert.New(t)
+
+	/*
+		This is invalid, versioning has to be true for locking to be true, but
+		test will see and make sure this is not allowed and that we get proper
+		error for this scenario.
+	*/
+	response, err := AddBucket("test1", true, false, nil, nil)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	if response != nil {
+		assert.Equal(400, response.StatusCode, "400 is expected for this test")
+	}
+
+	msg := "TestAddBucketLocking(): Valid scenario versioning true locking true"
+	fmt.Println(msg)
+
+	/*
+		This is valid, versioning is true, then locking can be true as well.
+	*/
+	response, err = AddBucket("thujun", true, true, nil, nil)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	// Verification part, bucket should be created with versioning enabled and
+	// locking enabled, we expect 201 when created.
+	if response != nil {
+		assert.Equal(201, response.StatusCode, "201 is expected for this test")
+	}
+
+	defer response.Body.Close()
+
+	/*
+		To convert an HTTP response body to a string in Go, so you can read the
+		error from the API in case the bucket is invalid for some reason
+	*/
+	b, err := io.ReadAll(response.Body)
+	if err != nil {
+		log.Fatalln(err)
+	}
+	fmt.Println(string(b))
+
+}
+
+func TestGetBucket(t *testing.T) {
+	assert := assert.New(t)
+
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+
+	response, err := AddBucket("test3", false, false, nil, nil)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	// get bucket
+	request, err := http.NewRequest("GET", "http://localhost:9090/api/v1/buckets/test3", nil)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	response, err = client.Do(request)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	if response != nil {
+		assert.Equal(200, response.StatusCode, "Status Code is incorrect")
+	}
+}
+
+func TestSetBucketTags(t *testing.T) {
+	assert := assert.New(t)
+
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+
+	// put bucket
+	response, err := AddBucket("test4", false, false, nil, nil)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	requestDataTags := map[string]interface{}{
+		"tags": map[string]interface{}{
+			"test": "TAG",
+		},
+	}
+
+	requestTagsJSON, _ := json.Marshal(requestDataTags)
+
+	requestTagsBody := bytes.NewBuffer(requestTagsJSON)
+
+	request, err := http.NewRequest(http.MethodPut, "http://localhost:9090/api/v1/buckets/test4/tags", requestTagsBody)
+	request.Close = true
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	response, err = client.Do(request)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	// get bucket
+	request, err = http.NewRequest("GET", "http://localhost:9090/api/v1/buckets/test4", nil)
+	request.Close = true
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	response, err = client.Do(request)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	bodyBytes, _ := ioutil.ReadAll(response.Body)
+
+	bucket := models.Bucket{}
+	err = json.Unmarshal(bodyBytes, &bucket)
+	if err != nil {
+		log.Println(err)
+	}
+
+	assert.Equal("TAG", bucket.Details.Tags["test"], "Failed to add tag")
+}
+
+func TestBucketVersioning(t *testing.T) {
+	assert := assert.New(t)
+
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+
+	request, err := http.NewRequest("GET", "http://localhost:9090/api/v1/session", nil)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+
+	response, err := client.Do(request)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	var distributedSystem bool
+
+	if response != nil {
+
+		bodyBytes, _ := ioutil.ReadAll(response.Body)
+
+		sessionResponse := models.SessionResponse{}
+		err = json.Unmarshal(bodyBytes, &sessionResponse)
+		if err != nil {
+			log.Println(err)
+		}
+
+		distributedSystem = sessionResponse.DistributedMode
+
+	}
+
+	requestDataVersioning := map[string]interface{}{
+		"name":       "test2",
+		"versioning": true,
+		"locking":    false,
+	}
+
+	requestDataJSON, _ := json.Marshal(requestDataVersioning)
+
+	requestDataBody := bytes.NewReader(requestDataJSON)
+
+	response, err = AddBucket("test2", true, false, nil, nil)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	fmt.Println("Versioned bucket creation test status:", response.Status)
+	if distributedSystem {
+		assert.Equal(201, response.StatusCode, "Versioning test Status Code is incorrect - bucket failed to create")
+	} else {
+		assert.NotEqual(201, response.StatusCode, "Versioning test Status Code is incorrect -  versioned bucket created on non-distributed system")
+	}
+
+	request, error := http.NewRequest("DELETE", "http://localhost:9090/api/v1/buckets/test2", requestDataBody)
+	if error != nil {
+		log.Println(error)
+		return
+	}
+
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	response, err = client.Do(request)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	if response != nil {
+		fmt.Println("DELETE StatusCode:", response.StatusCode)
+	}
+
+}
+
+func TestBucketsGet(t *testing.T) {
+	assert := assert.New(t)
+
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+
+	// get list of buckets
+	request, err := http.NewRequest("GET", "http://localhost:9090/api/v1/buckets", nil)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+
+	response, err := client.Do(request)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	if response != nil {
+		assert.Equal(200, response.StatusCode, "Status Code is incorrect")
+		bodyBytes, _ := ioutil.ReadAll(response.Body)
+
+		listBuckets := models.ListBucketsResponse{}
+		err = json.Unmarshal(bodyBytes, &listBuckets)
+		if err != nil {
+			log.Println(err)
+			assert.Nil(err)
+		}
+
+		assert.Greater(len(listBuckets.Buckets), 0, "No bucket was returned")
+		assert.Greater(listBuckets.Total, int64(0), "Total buckets is 0")
+
+	}
+
+}
+
+func TestListBuckets(t *testing.T) {
+	/*
+		Test the list of buckets without query parameters.
+	*/
+	assert := assert.New(t)
+
+	// 1. Create buckets
+	var numberOfBuckets = 3
+	for i := 1; i <= numberOfBuckets; i++ {
+		response, err := AddBucket(
+			"testlistbuckets"+strconv.Itoa(i), false, false, nil, nil)
+		assert.Nil(err)
+		if err != nil {
+			log.Println(err)
+			assert.Fail("Error creating the buckets")
+			return
+		}
+		if response != nil {
+			b, err := io.ReadAll(response.Body)
+			if err != nil {
+				log.Fatalln(err)
+			}
+			assert.Equal(201, response.StatusCode,
+				"Status Code is incorrect: "+string(b)+
+					" Bucket name: TestListBuckets"+strconv.Itoa(i))
+		}
+	}
+
+	// 2. List buckets
+	listBucketsResponse, listBucketsError := ListBuckets()
+	assert.Nil(listBucketsError)
+	if listBucketsError != nil {
+		log.Println(listBucketsError)
+		assert.Fail("Error listing the buckets")
+		return
+	}
+
+	// 3. Verify list of buckets
+	b, err := io.ReadAll(listBucketsResponse.Body)
+	if listBucketsResponse != nil {
+		if err != nil {
+			log.Fatalln(err)
+		}
+		assert.Equal(200, listBucketsResponse.StatusCode,
+			"Status Code is incorrect: "+string(b))
+	}
+	for i := 1; i <= numberOfBuckets; i++ {
+		assert.True(strings.Contains(string(b),
+			"testlistbuckets"+strconv.Itoa(i)))
+	}
+}
+
+func TestBucketInformationSuccessfulResponse(t *testing.T) {
+	/*
+		Test Bucket Info End Point with a Successful Response.
+	*/
+
+	// 1. Create the bucket
+	assert := assert.New(t)
+	response, err := AddBucket("bucketinformation1", false, false, nil, nil)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	if response != nil {
+		assert.Equal(201, response.StatusCode, inspectHTTPResponse(response))
+	}
+
+	// 2. Add a tag to the bucket
+	tags := make(map[string]string)
+	tags["tag1"] = "tag1"
+	putBucketTagResponse, putBucketTagError := PutBucketsTags(
+		"bucketinformation1", tags)
+	if putBucketTagError != nil {
+		log.Println(putBucketTagError)
+		assert.Fail("Error creating the bucket")
+		return
+	}
+	if putBucketTagResponse != nil {
+		assert.Equal(
+			200, putBucketTagResponse.StatusCode,
+			inspectHTTPResponse(putBucketTagResponse))
+	}
+
+	// 3. Get the information
+	bucketInfoResponse, bucketInfoError := BucketInfo("bucketinformation1")
+	if bucketInfoError != nil {
+		log.Println(bucketInfoError)
+		assert.Fail("Error getting the bucket information")
+		return
+	}
+	debugResponse := inspectHTTPResponse(bucketInfoResponse) // call it once
+	if bucketInfoResponse != nil {
+		assert.Equal(200, bucketInfoResponse.StatusCode,
+			debugResponse)
+	}
+	printMessage(debugResponse)
+
+	// 4. Verify the information
+	assert.True(
+		strings.Contains(debugResponse, "bucketinformation1"),
+		inspectHTTPResponse(bucketInfoResponse))
+	assert.True(
+		strings.Contains(debugResponse, "tag1"),
+		inspectHTTPResponse(bucketInfoResponse))
+}
+
+func TestBucketInformationGenericErrorResponse(t *testing.T) {
+	/*
+		Test Bucket Info End Point with a Generic Error Response.
+	*/
+	// 1. Create the bucket
+	assert := assert.New(t)
+	response, err := AddBucket("bucketinformation2", false, false, nil, nil)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		assert.Fail("Error creating the bucket")
+		return
+	}
+	if response != nil {
+		assert.Equal(201, response.StatusCode, inspectHTTPResponse(response))
+	}
+
+	// 2. Add a tag to the bucket
+	tags := make(map[string]string)
+	tags["tag2"] = "tag2"
+	putBucketTagResponse, putBucketTagError := PutBucketsTags(
+		"bucketinformation2", tags)
+	if putBucketTagError != nil {
+		log.Println(putBucketTagError)
+		assert.Fail("Error creating the bucket")
+		return
+	}
+	if putBucketTagResponse != nil {
+		assert.Equal(
+			200, putBucketTagResponse.StatusCode,
+			inspectHTTPResponse(putBucketTagResponse))
+	}
+
+	// 3. Get the information
+	bucketInfoResponse, bucketInfoError := BucketInfo("bucketinformation3")
+	if bucketInfoError != nil {
+		log.Println(bucketInfoError)
+		assert.Fail("Error getting the bucket information")
+		return
+	}
+	finalResponse := inspectHTTPResponse(bucketInfoResponse)
+	if bucketInfoResponse != nil {
+		assert.Equal(200, bucketInfoResponse.StatusCode)
+	}
+
+	// 4. Verify the information
+	// Since bucketinformation3 hasn't been created, then it is expected that
+	// tag2 is not part of the response, this is why assert.False is used.
+	assert.False(strings.Contains(finalResponse, "tag2"), finalResponse)
+}
+
+func TestBucketRetention(t *testing.T) {
+	/*
+		To test bucket retention feature
+	*/
+	// 1. Create the bucket with 2 years validity retention
+	assert := assert.New(t)
+	/*
+		{
+			"name":"setbucketretention1",
+			"versioning":true,
+			"locking":true,
+			"retention":
+				{
+					"mode":"compliance",
+					"unit":"years",
+					"validity":2
+				}
+		}
+	*/
+	retention := make(map[string]interface{})
+	retention["mode"] = "compliance"
+	retention["unit"] = "years"
+	retention["validity"] = 2
+	response, err := AddBucket("setbucketretention1", true, true, nil, retention)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		assert.Fail("Error creating the bucket")
+		return
+	}
+	if response != nil {
+		assert.Equal(201, response.StatusCode, inspectHTTPResponse(response))
+	}
+
+	// 2. Set the bucket's retention from 2 years to 3 years
+	setBucketRetentionResponse, setBucketRetentionError := SetBucketRetention(
+		"setbucketretention1",
+		"compliance",
+		"years",
+		3,
+	)
+	assert.Nil(setBucketRetentionError)
+	if setBucketRetentionError != nil {
+		log.Println(setBucketRetentionError)
+		assert.Fail("Error creating the bucket")
+		return
+	}
+	if setBucketRetentionResponse != nil {
+		assert.Equal(200, setBucketRetentionResponse.StatusCode,
+			inspectHTTPResponse(setBucketRetentionResponse))
+	}
+
+	// 3. Verify the bucket's retention was properly set.
+	getBucketRetentionResponse, getBucketRetentionError := GetBucketRetention(
+		"setbucketretention1",
+	)
+	assert.Nil(getBucketRetentionError)
+	if getBucketRetentionError != nil {
+		log.Println(getBucketRetentionError)
+		assert.Fail("Error creating the bucket")
+		return
+	}
+	finalResponse := inspectHTTPResponse(getBucketRetentionResponse)
+	if getBucketRetentionResponse != nil {
+		assert.Equal(
+			200,
+			getBucketRetentionResponse.StatusCode,
+			finalResponse,
+		)
+	}
+	expected := "Http Response: {\"mode\":\"compliance\",\"unit\":\"years\",\"validity\":3}\n"
+	assert.Equal(expected, finalResponse, finalResponse)
+}

integration/login_test.go

@@ -0,0 +1,71 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package integration
+
+import (
+	"encoding/json"
+	"io/ioutil"
+	"log"
+	"net/http"
+	"testing"
+	"time"
+
+	"github.com/minio/console/models"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestLoginStrategy(t *testing.T) {
+	assert := assert.New(t)
+
+	// image for now:
+	// minio: 9000
+	// console: 9090
+
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	// copy query params
+	request, err := http.NewRequest("GET", "http://localhost:9090/api/v1/login", nil)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	response, err := client.Do(request)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	if response != nil {
+		bodyBytes, _ := ioutil.ReadAll(response.Body)
+
+		loginDetails := models.LoginDetails{}
+
+		err = json.Unmarshal(bodyBytes, &loginDetails)
+		if err != nil {
+			log.Println(err)
+		}
+		assert.Nil(err)
+
+		assert.Equal(models.LoginDetailsLoginStrategyForm, loginDetails.LoginStrategy, "Login Details don't match")
+
+	}
+
+}

integration/users_test.go

@@ -0,0 +1,502 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package integration
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io"
+	"log"
+	"net/http"
+	"strconv"
+	"strings"
+	"testing"
+	"time"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func AddUser(accessKey string, secretKey string, groups []string, policies []string) (*http.Response, error) {
+	/*
+		This is an atomic function to add user and can be reused across
+		different functions.
+	*/
+	client := &http.Client{
+		Timeout: 3 * time.Second,
+	}
+
+	fmt.Println(".......................TestAddUser(): Create Data to add user")
+	requestDataAdd := map[string]interface{}{
+		"accessKey": accessKey,
+		"secretKey": secretKey,
+		"groups":    groups,
+		"policies":  policies,
+	}
+
+	fmt.Println("..............................TestAddUser(): Prepare the POST")
+	requestDataJSON, _ := json.Marshal(requestDataAdd)
+	requestDataBody := bytes.NewReader(requestDataJSON)
+	request, err := http.NewRequest(
+		"POST", "http://localhost:9090/api/v1/users", requestDataBody)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	fmt.Println(".................................TestAddUser(): Make the POST")
+	response, err := client.Do(request)
+	return response, err
+}
+
+func DeleteUser(userName string) (*http.Response, error) {
+	/*
+		This is an atomic function to delete user and can be reused across
+		different functions.
+	*/
+	client := &http.Client{
+		Timeout: 3 * time.Second,
+	}
+	fmt.Println("...................................TestAddUser(): Remove user")
+	request, err := http.NewRequest(
+		"DELETE", "http://localhost:9090/api/v1/user?name="+userName, nil)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	fmt.Println("...............................TestAddUser(): Make the DELETE")
+	response, err := client.Do(request)
+	return response, err
+}
+
+func ListUsers(offset string, limit string) (*http.Response, error) {
+	/*
+		This is an atomic function to list users.
+		{{baseUrl}}/users?offset=-5480083&limit=-5480083
+	*/
+	client := &http.Client{
+		Timeout: 3 * time.Second,
+	}
+	fmt.Println("...................................TestAddUser(): Remove user")
+	request, err := http.NewRequest(
+		"GET",
+		"http://localhost:9090/api/v1/users?offset="+offset+"&limit="+limit,
+		nil)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	fmt.Println("...............................TestAddUser(): Make the DELETE")
+	response, err := client.Do(request)
+	return response, err
+}
+
+func GetUserInformation(userName string) (*http.Response, error) {
+	/*
+		Helper function to get user information via API:
+		{{baseUrl}}/user?name=proident velit
+	*/
+	client := &http.Client{
+		Timeout: 3 * time.Second,
+	}
+	request, err := http.NewRequest(
+		"GET",
+		"http://localhost:9090/api/v1/user?name="+userName,
+		nil)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	response, err := client.Do(request)
+	return response, err
+}
+
+func UpdateUserInformation(name string, status string, groups []string) (*http.Response, error) {
+	/*
+		Helper function to update user information:
+		PUT: {{baseUrl}}/user?name=proident velit
+		Body:
+		{
+			"status": "nisi voluptate amet ea",
+			"groups": [
+				"ipsum eu cupidatat",
+				"aliquip non nulla"
+			]
+		}
+	*/
+	client := &http.Client{
+		Timeout: 3 * time.Second,
+	}
+	requestDataAdd := map[string]interface{}{
+		"status": status,
+		"groups": groups,
+	}
+	requestDataJSON, _ := json.Marshal(requestDataAdd)
+	requestDataBody := bytes.NewReader(requestDataJSON)
+	request, err := http.NewRequest(
+		"PUT", "http://localhost:9090/api/v1/user?name="+name, requestDataBody)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	response, err := client.Do(request)
+	return response, err
+}
+
+func RemoveUser(name string) (*http.Response, error) {
+	/*
+		Helper function to remove user.
+		DELETE: {{baseUrl}}/user?name=proident velit
+	*/
+	client := &http.Client{
+		Timeout: 3 * time.Second,
+	}
+	request, err := http.NewRequest(
+		"DELETE", "http://localhost:9090/api/v1/user?name="+name, nil)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	response, err := client.Do(request)
+	return response, err
+}
+
+func TestAddUser(t *testing.T) {
+	/*
+		This is an API Test to add a user via api/v1/users, the intention
+		is simple, add a user and make sure the response is 201 meaning that the
+		user got added successfully.
+		After test completion, it is expected that user is removed, so other
+		tests like users.ts can run over clean data and we don't collide against
+		it.
+	*/
+
+	assert := assert.New(t)
+
+	// With no groups & no policies
+	var groups = []string{}
+	var policies = []string{}
+
+	fmt.Println(".................................TestAddUser(): Make the POST")
+	response, err := AddUser("accessKey", "secretKey", groups, policies)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	fmt.Println("..................................TestAddUser(): Verification")
+	fmt.Println(".................................TestAddUser(): POST response")
+	fmt.Println(response)
+	fmt.Println("....................................TestAddUser(): POST error")
+	fmt.Println(err)
+	if response != nil {
+		fmt.Println("POST StatusCode:", response.StatusCode)
+		assert.Equal(201, response.StatusCode, "Status Code is incorrect")
+	}
+
+	response, err = DeleteUser("accessKey")
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	fmt.Println("..................................TestAddUser(): Verification")
+	fmt.Println("...............................TestAddUser(): DELETE response")
+	fmt.Println(response)
+	fmt.Println("..................................TestAddUser(): DELETE error")
+	fmt.Println(err)
+	if response != nil {
+		fmt.Println("DELETE StatusCode:", response.StatusCode)
+		assert.Equal(204, response.StatusCode, "has to be 204 when delete user")
+	}
+
+}
+
+func TestListUsers(t *testing.T) {
+	/*
+		This test is intended to list users via API.
+		1. First, it creates the users
+		2. Then, it lists the users <------ 200 is expected when listing them.
+		3. Finally, it deletes the users
+	*/
+
+	assert := assert.New(t)
+
+	// With no groups & no policies
+	var groups = []string{}
+	var policies = []string{}
+
+	// 1. Create the users
+	numberOfUsers := 5
+	for i := 1; i < numberOfUsers; i++ {
+		fmt.Println("............................TestListUsers(): Adding users")
+		fmt.Println(strconv.Itoa(i) + "accessKey" + strconv.Itoa(i))
+		response, err := AddUser(
+			strconv.Itoa(i)+"accessKey"+strconv.Itoa(i),
+			"secretKey"+strconv.Itoa(i), groups, policies)
+		if err != nil {
+			log.Println(err)
+			return
+		}
+		fmt.Println("............................TestListUsers(): Verification")
+		fmt.Println("...........................TestListUsers(): POST response")
+		fmt.Println(response)
+		fmt.Println("..............................TestListUsers(): POST error")
+		fmt.Println(err)
+		if response != nil {
+			fmt.Println("POST StatusCode:", response.StatusCode)
+			assert.Equal(201, response.StatusCode,
+				"Status Code is incorrect on index: "+strconv.Itoa(i))
+		}
+
+		b, err := io.ReadAll(response.Body)
+		if err != nil {
+			log.Fatalln(err)
+		}
+		fmt.Println(string(b))
+	}
+
+	// 2. List the users
+	listResponse, listError := ListUsers("-5480083", "-5480083")
+	if listError != nil {
+		log.Fatalln(listError)
+	}
+	if listResponse != nil {
+		fmt.Println("POST StatusCode:", listResponse.StatusCode)
+		assert.Equal(200, listResponse.StatusCode,
+			"TestListUsers(): Status Code is incorrect when listing users")
+	}
+	b, err := io.ReadAll(listResponse.Body)
+	if err != nil {
+		log.Fatalln(err)
+	}
+	fmt.Println(string(b))
+
+	// 3. Delete the users
+	for i := 1; i < numberOfUsers; i++ {
+		response, err := DeleteUser(
+			strconv.Itoa(i) + "accessKey" + strconv.Itoa(i))
+		if err != nil {
+			log.Println(err)
+			return
+		}
+		fmt.Println("............................TestListUsers(): Verification")
+		fmt.Println(".........................TestListUsers(): DELETE response")
+		fmt.Println(response)
+		fmt.Println("............................TestListUsers(): DELETE error")
+		fmt.Println(err)
+		if response != nil {
+			fmt.Println("DELETE StatusCode:", response.StatusCode)
+			assert.Equal(204,
+				response.StatusCode, "has to be 204 when delete user")
+		}
+	}
+}
+
+func TestGetUserInfo(t *testing.T) {
+	/*
+		Test to get the user information via API.
+	*/
+
+	// 1. Create the user
+	fmt.Println("TestGetUserInfo(): 1. Create the user")
+	assert := assert.New(t)
+	var groups = []string{}
+	var policies = []string{}
+	response, err := AddUser("accessKey", "secretKey", groups, policies)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	if response != nil {
+		fmt.Println("POST StatusCode:", response.StatusCode)
+		assert.Equal(201, response.StatusCode, "Status Code is incorrect")
+	}
+
+	// 2. Get user information
+	fmt.Println("TestGetUserInfo(): 2. Get user information")
+	response, err = GetUserInformation("accessKey")
+	if err != nil {
+		log.Println(err)
+		assert.Fail("There was an error in the response")
+		return
+	}
+
+	// 3. Verify user information
+	fmt.Println("TestGetUserInfo(): 3. Verify user information")
+	if response != nil {
+		fmt.Println("POST StatusCode:", response.StatusCode)
+		assert.Equal(200, response.StatusCode, "Status Code is incorrect")
+	}
+	b, err := io.ReadAll(response.Body)
+	if err != nil {
+		log.Fatalln(err)
+	}
+	fmt.Println(string(b))
+	expected := "{\"accessKey\":\"accessKey\",\"memberOf\":null,\"policy\":[],\"status\":\"enabled\"}\n"
+	obtained := string(b)
+	assert.Equal(expected, obtained, "User Information is wrong")
+}
+
+func TestUpdateUserInfoSuccessfulResponse(t *testing.T) {
+	/*
+		Update User Information Test with Successful Response
+	*/
+
+	assert := assert.New(t)
+
+	// 1. Create an active user
+	var groups = []string{}
+	var policies = []string{}
+	addUserResponse, addUserError := AddUser(
+		"updateuser", "secretKey", groups, policies)
+	if addUserError != nil {
+		log.Println(addUserError)
+		return
+	}
+	if addUserResponse != nil {
+		fmt.Println("StatusCode:", addUserResponse.StatusCode)
+		assert.Equal(
+			201, addUserResponse.StatusCode, "Status Code is incorrect")
+	}
+
+	// 2. Deactivate the user
+	// '{"status":"disabled","groups":[]}'
+	updateUserResponse, UpdateUserError := UpdateUserInformation(
+		"updateuser", "disabled", groups)
+
+	// 3. Verify user got deactivated
+	if UpdateUserError != nil {
+		log.Println(UpdateUserError)
+		return
+	}
+	if updateUserResponse != nil {
+		fmt.Println("StatusCode:", updateUserResponse.StatusCode)
+		assert.Equal(
+			200, updateUserResponse.StatusCode, "Status Code is incorrect")
+	}
+	b, err := io.ReadAll(updateUserResponse.Body)
+	if err != nil {
+		log.Fatalln(err)
+	}
+	assert.True(strings.Contains(string(b), "disabled"))
+
+}
+
+func TestUpdateUserInfoGenericErrorResponse(t *testing.T) {
+	/*
+		Update User Information Test with Generic Error Response
+	*/
+
+	assert := assert.New(t)
+
+	// 1. Create an active user
+	var groups = []string{}
+	var policies = []string{}
+	addUserResponse, addUserError := AddUser(
+		"updateusererror", "secretKey", groups, policies)
+	if addUserError != nil {
+		log.Println(addUserError)
+		return
+	}
+	if addUserResponse != nil {
+		fmt.Println("StatusCode:", addUserResponse.StatusCode)
+		assert.Equal(
+			201, addUserResponse.StatusCode, "Status Code is incorrect")
+	}
+
+	// 2. Deactivate the user with wrong status
+	updateUserResponse, UpdateUserError := UpdateUserInformation(
+		"updateusererror", "inactive", groups)
+
+	// 3. Verify user got deactivated
+	if UpdateUserError != nil {
+		log.Println(UpdateUserError)
+		assert.Fail("There was an error while updating user info")
+		return
+	}
+	if updateUserResponse != nil {
+		fmt.Println("StatusCode:", updateUserResponse.StatusCode)
+		assert.Equal(
+			500, updateUserResponse.StatusCode, "Status Code is incorrect")
+	}
+	b, err := io.ReadAll(updateUserResponse.Body)
+	if err != nil {
+		log.Fatalln(err)
+	}
+	assert.True(strings.Contains(string(b), "status not valid"))
+
+}
+
+func TestRemoveUserSuccessfulResponse(t *testing.T) {
+	/*
+		To test removing a user from API
+	*/
+	assert := assert.New(t)
+
+	// 1. Create an active user
+	var groups = []string{}
+	var policies = []string{}
+	addUserResponse, addUserError := AddUser(
+		"testremoveuser1", "secretKey", groups, policies)
+	if addUserError != nil {
+		log.Println(addUserError)
+		return
+	}
+	if addUserResponse != nil {
+		fmt.Println("StatusCode:", addUserResponse.StatusCode)
+		assert.Equal(
+			201, addUserResponse.StatusCode, "Status Code is incorrect")
+	}
+
+	// 2. Remove the user
+	removeUserResponse, removeUserError := RemoveUser("testremoveuser1")
+	if removeUserError != nil {
+		log.Println(removeUserError)
+		return
+	}
+	if removeUserResponse != nil {
+		fmt.Println("StatusCode:", removeUserResponse.StatusCode)
+		assert.Equal(
+			204, removeUserResponse.StatusCode, "Status Code is incorrect")
+	}
+
+	// 3. Verify the user got removed
+	getUserInfoResponse, getUserInfoError := GetUserInformation(
+		"testremoveuser1")
+	if getUserInfoError != nil {
+		log.Println(getUserInfoError)
+		assert.Fail("There was an error in the response")
+		return
+	}
+	if getUserInfoResponse != nil {
+		fmt.Println("StatusCode:", getUserInfoResponse.StatusCode)
+		assert.Equal(
+			404, getUserInfoResponse.StatusCode, "Status Code is incorrect")
+	}
+	finalResponse := inspectHTTPResponse(getUserInfoResponse)
+	printMessage(finalResponse)
+	assert.True(strings.Contains(
+		finalResponse, "The specified user does not exist"), finalResponse)
+
+}

k8s/boilerplate.go.txt

@@ -1,5 +1,5 @@
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by

k8s/console/base/console-cluster-role-binding.yaml

@@ -1,12 +0,0 @@
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: console-sa-binding
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: console-sa-role
-subjects:
-  - kind: ServiceAccount
-    name: console-sa
-    namespace: default

k8s/console/base/console-cluster-role.yaml

@@ -1,88 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: console-sa-role
-rules:
-  - apiGroups:
-      - ""
-    resources:
-      - namespaces
-      - pods
-      - services
-      - events
-      - resourcequotas
-    verbs:
-      - get
-      - watch
-      - create
-      - list
-      - patch
-  - apiGroups:
-      - ""
-    resources:
-      - secrets
-    verbs:
-      - get
-      - watch
-      - create
-      - list
-      - patch
-      - deletecollection
-      - delete
-  - apiGroups:
-      - "storage.k8s.io"
-    resources:
-      - storageclasses
-    verbs:
-      - get
-      - watch
-      - create
-      - list
-      - patch
-  - apiGroups:
-      - apps
-    resources:
-      - statefulsets
-      - deployments
-    verbs:
-      - get
-      - create
-      - list
-      - patch
-      - watch
-      - update
-      - delete
-  - apiGroups:
-      - batch
-    resources:
-      - jobs
-    verbs:
-      - get
-      - create
-      - list
-      - patch
-      - watch
-      - update
-      - delete
-  - apiGroups:
-      - "certificates.k8s.io"
-    resources:
-      - "certificatesigningrequests"
-      - "certificatesigningrequests/approval"
-      - "certificatesigningrequests/status"
-    verbs:
-      - update
-      - create
-      - get
-  - apiGroups:
-      - minio.min.io
-    resources:
-      - "*"
-    verbs:
-      - "*"
-  - apiGroups:
-      - min.io
-    resources:
-      - "*"
-    verbs:
-      - "*"

k8s/console/base/console-configmap.yaml

@@ -1,7 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: console-env
-data:
-  CONSOLE_PORT: "9090"
-  CONSOLE_TLS_PORT: "9443"

k8s/console/base/console-deployment.yaml

@@ -1,26 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: console
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: console
-  template:
-    metadata:
-      labels:
-        app: console
-    spec:
-      serviceAccountName: console-sa
-      containers:
-        - name: console
-          image: minio/console:v0.4.5
-          imagePullPolicy: "IfNotPresent"
-          args:
-            - server
-          ports:
-            - containerPort: 9090
-              name: http
-            - containerPort: 9433
-              name: https

k8s/console/base/console-service-account.yaml

@@ -1,5 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: console-sa
-  namespace: default

k8s/console/base/console-service.yaml

@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: console
-  labels:
-    name: console
-spec:
-  ports:
-    - port: 9090
-      name: http
-    - port: 9443
-      name: https
-  selector:
-    app: console

k8s/console/base/kustomization.yaml

@@ -1,11 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-# beginning of customizations
-resources:
-  - console-service-account.yaml
-  - console-cluster-role.yaml
-  - console-cluster-role-binding.yaml
-  - console-configmap.yaml
-  - console-service.yaml
-  - console-deployment.yaml
-  - https://github.com/minio/operator/?ref=v3.0.10

k8s/operator-console/base/console-cluster-role.yaml

@@ -19,7 +19,6 @@ rules:
       - ""
     resources:
       - namespaces
-      - pods
       - services
       - events
       - resourcequotas
@@ -30,6 +29,18 @@ rules:
       - create
       - list
       - patch
+  - apiGroups:
+      - ""
+    resources:
+      - pods
+    verbs:
+      - get
+      - watch
+      - create
+      - list
+      - patch
+      - delete
+      - deletecollection
   - apiGroups:
       - ""
     resources:
@@ -38,6 +49,8 @@ rules:
       - deletecollection
       - list
       - get
+      - watch
+      - update
   - apiGroups:
       - "storage.k8s.io"
     resources:
@@ -95,3 +108,127 @@ rules:
       - "*"
     verbs:
       - "*"
+  - apiGroups:
+    - ""
+    resources:
+    - persistentvolumes
+    verbs:
+    - get
+    - list
+    - watch
+    - create
+    - delete
+  - apiGroups:
+    - ""
+    resources:
+    - persistentvolumeclaims
+    verbs:
+    - get
+    - list
+    - watch
+    - update
+  - apiGroups:
+    - ""
+    resources:
+    - events
+    verbs:
+    - create
+    - list
+    - watch
+    - update
+    - patch
+  - apiGroups:
+    - snapshot.storage.k8s.io
+    resources:
+    - volumesnapshots
+    verbs:
+    - get
+    - list
+  - apiGroups:
+    - snapshot.storage.k8s.io
+    resources:
+    - volumesnapshotcontents
+    verbs:
+    - get
+    - list
+  - apiGroups:
+    - storage.k8s.io
+    resources:
+    - csinodes
+    verbs:
+    - get
+    - list
+    - watch
+  - apiGroups:
+    - storage.k8s.io
+    resources:
+    - volumeattachments
+    verbs:
+    - get
+    - list
+    - watch
+  - apiGroups:
+    - ""
+    resources:
+    - endpoints
+    verbs:
+    - get
+    - list
+    - watch
+    - create
+    - update
+    - delete
+  - apiGroups:
+    - coordination.k8s.io
+    resources:
+    - leases
+    verbs:
+    - get
+    - list
+    - watch
+    - create
+    - update
+    - delete
+  - apiGroups:
+    - direct.csi.min.io
+    resources:
+    - volumes
+    verbs:
+    - get
+    - list
+    - watch
+    - create
+    - update
+    - delete
+  - apiGroups:
+    - apiextensions.k8s.io
+    resources:
+    - customresourcedefinitions
+    verbs:
+    - get
+    - list
+    - watch
+    - create
+    - update
+    - delete
+  - apiGroups:
+    - direct.csi.min.io
+    resources:
+    - directcsidrives
+    - directcsivolumes
+    verbs:
+    - get
+    - list
+    - watch
+    - create
+    - update
+    - delete
+  - apiGroups:
+    - ""
+    resources:
+    - pod
+    - pods/log
+    verbs:
+    - get
+    - list
+    - watch

k8s/operator-console/base/console-deployment.yaml

@@ -15,7 +15,7 @@ spec:
       serviceAccountName: console-sa
       containers:
         - name: console
-          image: minio/console:v0.4.5
+          image: minio/console:v0.14.0
           imagePullPolicy: "IfNotPresent"
           env:
             - name: CONSOLE_OPERATOR_MODE

k8s/operator-console/base/kustomization.yaml

@@ -8,4 +8,3 @@ resources:
   - console-configmap.yaml
   - console-service.yaml
   - console-deployment.yaml
-  - https://github.com/minio/operator/?ref=v3.0.19

k8s/operator-console/standalone/console-deployment.yaml

@@ -0,0 +1,46 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: console
+  namespace: default
+  labels:
+    name: console
+spec:
+  ports:
+    - port: 9090
+      name: http
+    - port: 9443
+      name: https
+  selector:
+    app: console-standalone
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: console
+  namespace: default
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: console-standalone
+  template:
+    metadata:
+      labels:
+        app: console-standalone
+    spec:
+      containers:
+        - name: console
+          image: minio/console:v0.14.0
+          imagePullPolicy: "IfNotPresent"
+          env:
+            - name: CONSOLE_MINIO_SERVER
+              value: "https://minio.default.svc.cluster.local"
+          args:
+            - server
+          ports:
+            - containerPort: 9090
+              name: http
+            - containerPort: 9433
+              name: https

k8s/tools.go

@@ -1,5 +1,5 @@
-// This file is part of MinIO Kubernetes Cloud
-// Copyright (c) 2019 MinIO, Inc.
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -14,7 +14,7 @@
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
-// This package imports things required by build scripts, to force `go mod` to see them as dependencies
+// Package k8s - this package imports things required by build scripts, to force `go mod` to see them as dependencies
 package k8s
 
-//import _ "k8s.io/code-generator"
+// import _ "k8s.io/code-generator"

models/access_rule.go

@@ -0,0 +1,70 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// AccessRule access rule
+//
+// swagger:model accessRule
+type AccessRule struct {
+
+	// access
+	Access string `json:"access,omitempty"`
+
+	// prefix
+	Prefix string `json:"prefix,omitempty"`
+}
+
+// Validate validates this access rule
+func (m *AccessRule) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this access rule based on context it is used
+func (m *AccessRule) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *AccessRule) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *AccessRule) UnmarshalBinary(b []byte) error {
+	var res AccessRule
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/account_change_password_request.go

@@ -0,0 +1,105 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
+// AccountChangePasswordRequest account change password request
+//
+// swagger:model accountChangePasswordRequest
+type AccountChangePasswordRequest struct {
+
+	// current secret key
+	// Required: true
+	CurrentSecretKey *string `json:"current_secret_key"`
+
+	// new secret key
+	// Required: true
+	NewSecretKey *string `json:"new_secret_key"`
+}
+
+// Validate validates this account change password request
+func (m *AccountChangePasswordRequest) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateCurrentSecretKey(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateNewSecretKey(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *AccountChangePasswordRequest) validateCurrentSecretKey(formats strfmt.Registry) error {
+
+	if err := validate.Required("current_secret_key", "body", m.CurrentSecretKey); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *AccountChangePasswordRequest) validateNewSecretKey(formats strfmt.Registry) error {
+
+	if err := validate.Required("new_secret_key", "body", m.NewSecretKey); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ContextValidate validates this account change password request based on context it is used
+func (m *AccountChangePasswordRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *AccountChangePasswordRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *AccountChangePasswordRequest) UnmarshalBinary(b []byte) error {
+	var res AccountChangePasswordRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/add_bucket_lifecycle.go

@@ -0,0 +1,100 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// AddBucketLifecycle add bucket lifecycle
+//
+// swagger:model addBucketLifecycle
+type AddBucketLifecycle struct {
+
+	// Non required, toggle to disable or enable rule
+	Disable bool `json:"disable,omitempty"`
+
+	// Non required, toggle to disable or enable rule
+	ExpiredObjectDeleteMarker bool `json:"expired_object_delete_marker,omitempty"`
+
+	// Required in case of expiry_days or transition fields are not set. it defines an expiry date for ILM
+	ExpiryDate string `json:"expiry_date,omitempty"`
+
+	// Required in case of expiry_date or transition fields are not set. it defines an expiry days for ILM
+	ExpiryDays int32 `json:"expiry_days,omitempty"`
+
+	// Non required, can be set in case of expiration is enabled
+	NoncurrentversionExpirationDays int32 `json:"noncurrentversion_expiration_days,omitempty"`
+
+	// Non required, can be set in case of transition is enabled
+	NoncurrentversionTransitionDays int32 `json:"noncurrentversion_transition_days,omitempty"`
+
+	// Non required, can be set in case of transition is enabled
+	NoncurrentversionTransitionStorageClass string `json:"noncurrentversion_transition_storage_class,omitempty"`
+
+	// Non required field, it matches a prefix to perform ILM operations on it
+	Prefix string `json:"prefix,omitempty"`
+
+	// Required only in case of transition is set. it refers to a tier
+	StorageClass string `json:"storage_class,omitempty"`
+
+	// Non required field, tags to match ILM files
+	Tags string `json:"tags,omitempty"`
+
+	// Required in case of transition_days or expiry fields are not set. it defines a transition date for ILM
+	TransitionDate string `json:"transition_date,omitempty"`
+
+	// Required in case of transition_date or expiry fields are not set. it defines a transition days for ILM
+	TransitionDays int32 `json:"transition_days,omitempty"`
+}
+
+// Validate validates this add bucket lifecycle
+func (m *AddBucketLifecycle) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this add bucket lifecycle based on context it is used
+func (m *AddBucketLifecycle) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *AddBucketLifecycle) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *AddBucketLifecycle) UnmarshalBinary(b []byte) error {
+	var res AddBucketLifecycle
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/add_bucket_replication.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -23,6 +23,8 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"context"
+
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 )
@@ -44,6 +46,11 @@ func (m *AddBucketReplication) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
+// ContextValidate validates this add bucket replication based on context it is used
+func (m *AddBucketReplication) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
 // MarshalBinary interface implementation
 func (m *AddBucketReplication) MarshalBinary() ([]byte, error) {
 	if m == nil {

models/add_group_request.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -23,6 +23,8 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"context"
+
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
@@ -79,6 +81,11 @@ func (m *AddGroupRequest) validateMembers(formats strfmt.Registry) error {
 	return nil
 }
 
+// ContextValidate validates this add group request based on context it is used
+func (m *AddGroupRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
 // MarshalBinary interface implementation
 func (m *AddGroupRequest) MarshalBinary() ([]byte, error) {
 	if m == nil {

models/add_policy_request.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -23,6 +23,8 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"context"
+
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
@@ -79,6 +81,11 @@ func (m *AddPolicyRequest) validatePolicy(formats strfmt.Registry) error {
 	return nil
 }
 
+// ContextValidate validates this add policy request based on context it is used
+func (m *AddPolicyRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
 // MarshalBinary interface implementation
 func (m *AddPolicyRequest) MarshalBinary() ([]byte, error) {
 	if m == nil {

models/add_user_request.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -23,6 +23,8 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"context"
+
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
@@ -42,6 +44,10 @@ type AddUserRequest struct {
 	// Required: true
 	Groups []string `json:"groups"`
 
+	// policies
+	// Required: true
+	Policies []string `json:"policies"`
+
 	// secret key
 	// Required: true
 	SecretKey *string `json:"secretKey"`
@@ -59,6 +65,10 @@ func (m *AddUserRequest) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}
 
+	if err := m.validatePolicies(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateSecretKey(formats); err != nil {
 		res = append(res, err)
 	}
@@ -87,6 +97,15 @@ func (m *AddUserRequest) validateGroups(formats strfmt.Registry) error {
 	return nil
 }
 
+func (m *AddUserRequest) validatePolicies(formats strfmt.Registry) error {
+
+	if err := validate.Required("policies", "body", m.Policies); err != nil {
+		return err
+	}
+
+	return nil
+}
+
 func (m *AddUserRequest) validateSecretKey(formats strfmt.Registry) error {
 
 	if err := validate.Required("secretKey", "body", m.SecretKey); err != nil {
@@ -96,6 +115,11 @@ func (m *AddUserRequest) validateSecretKey(formats strfmt.Registry) error {
 	return nil
 }
 
+// ContextValidate validates this add user request based on context it is used
+func (m *AddUserRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
 // MarshalBinary interface implementation
 func (m *AddUserRequest) MarshalBinary() ([]byte, error) {
 	if m == nil {

models/admin_info_response.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -23,6 +23,10 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 )
@@ -38,12 +42,144 @@ type AdminInfoResponse struct {
 	// objects
 	Objects int64 `json:"objects,omitempty"`
 
+	// prometheus not ready
+	PrometheusNotReady bool `json:"prometheusNotReady,omitempty"`
+
+	// servers
+	Servers []*ServerProperties `json:"servers"`
+
 	// usage
 	Usage int64 `json:"usage,omitempty"`
+
+	// widgets
+	Widgets []*Widget `json:"widgets"`
 }
 
 // Validate validates this admin info response
 func (m *AdminInfoResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateServers(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateWidgets(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *AdminInfoResponse) validateServers(formats strfmt.Registry) error {
+	if swag.IsZero(m.Servers) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Servers); i++ {
+		if swag.IsZero(m.Servers[i]) { // not required
+			continue
+		}
+
+		if m.Servers[i] != nil {
+			if err := m.Servers[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("servers" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("servers" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+func (m *AdminInfoResponse) validateWidgets(formats strfmt.Registry) error {
+	if swag.IsZero(m.Widgets) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Widgets); i++ {
+		if swag.IsZero(m.Widgets[i]) { // not required
+			continue
+		}
+
+		if m.Widgets[i] != nil {
+			if err := m.Widgets[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("widgets" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("widgets" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this admin info response based on the context it is used
+func (m *AdminInfoResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateServers(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.contextValidateWidgets(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *AdminInfoResponse) contextValidateServers(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.Servers); i++ {
+
+		if m.Servers[i] != nil {
+			if err := m.Servers[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("servers" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("servers" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+func (m *AdminInfoResponse) contextValidateWidgets(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.Widgets); i++ {
+
+		if m.Widgets[i] != nil {
+			if err := m.Widgets[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("widgets" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("widgets" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
 	return nil
 }
 

models/allocatable_resources_response.go

@@ -0,0 +1,173 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// AllocatableResourcesResponse allocatable resources response
+//
+// swagger:model allocatableResourcesResponse
+type AllocatableResourcesResponse struct {
+
+	// cpu priority
+	CPUPriority *NodeMaxAllocatableResources `json:"cpu_priority,omitempty"`
+
+	// mem priority
+	MemPriority *NodeMaxAllocatableResources `json:"mem_priority,omitempty"`
+
+	// min allocatable cpu
+	MinAllocatableCPU int64 `json:"min_allocatable_cpu,omitempty"`
+
+	// min allocatable mem
+	MinAllocatableMem int64 `json:"min_allocatable_mem,omitempty"`
+}
+
+// Validate validates this allocatable resources response
+func (m *AllocatableResourcesResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateCPUPriority(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateMemPriority(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *AllocatableResourcesResponse) validateCPUPriority(formats strfmt.Registry) error {
+	if swag.IsZero(m.CPUPriority) { // not required
+		return nil
+	}
+
+	if m.CPUPriority != nil {
+		if err := m.CPUPriority.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("cpu_priority")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("cpu_priority")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *AllocatableResourcesResponse) validateMemPriority(formats strfmt.Registry) error {
+	if swag.IsZero(m.MemPriority) { // not required
+		return nil
+	}
+
+	if m.MemPriority != nil {
+		if err := m.MemPriority.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("mem_priority")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("mem_priority")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// ContextValidate validate this allocatable resources response based on the context it is used
+func (m *AllocatableResourcesResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateCPUPriority(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.contextValidateMemPriority(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *AllocatableResourcesResponse) contextValidateCPUPriority(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.CPUPriority != nil {
+		if err := m.CPUPriority.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("cpu_priority")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("cpu_priority")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *AllocatableResourcesResponse) contextValidateMemPriority(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.MemPriority != nil {
+		if err := m.MemPriority.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("mem_priority")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("mem_priority")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *AllocatableResourcesResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *AllocatableResourcesResponse) UnmarshalBinary(b []byte) error {
+	var res AllocatableResourcesResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/annotation.go

@@ -0,0 +1,70 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// Annotation annotation
+//
+// swagger:model annotation
+type Annotation struct {
+
+	// key
+	Key string `json:"key,omitempty"`
+
+	// value
+	Value string `json:"value,omitempty"`
+}
+
+// Validate validates this annotation
+func (m *Annotation) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this annotation based on context it is used
+func (m *Annotation) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *Annotation) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *Annotation) UnmarshalBinary(b []byte) error {
+	var res Annotation
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/arns_response.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -23,6 +23,8 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"context"
+
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 )
@@ -41,6 +43,11 @@ func (m *ArnsResponse) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
+// ContextValidate validates this arns response based on context it is used
+func (m *ArnsResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
 // MarshalBinary interface implementation
 func (m *ArnsResponse) MarshalBinary() ([]byte, error) {
 	if m == nil {

models/aws_configuration.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -23,6 +23,8 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"context"
+
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
@@ -63,6 +65,38 @@ func (m *AwsConfiguration) validateSecretsmanager(formats strfmt.Registry) error
 		if err := m.Secretsmanager.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("secretsmanager")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("secretsmanager")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// ContextValidate validate this aws configuration based on the context it is used
+func (m *AwsConfiguration) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateSecretsmanager(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *AwsConfiguration) contextValidateSecretsmanager(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.Secretsmanager != nil {
+		if err := m.Secretsmanager.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("secretsmanager")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("secretsmanager")
 			}
 			return err
 		}
@@ -142,6 +176,8 @@ func (m *AwsConfigurationSecretsmanager) validateCredentials(formats strfmt.Regi
 		if err := m.Credentials.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("secretsmanager" + "." + "credentials")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("secretsmanager" + "." + "credentials")
 			}
 			return err
 		}
@@ -168,6 +204,36 @@ func (m *AwsConfigurationSecretsmanager) validateRegion(formats strfmt.Registry)
 	return nil
 }
 
+// ContextValidate validate this aws configuration secretsmanager based on the context it is used
+func (m *AwsConfigurationSecretsmanager) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateCredentials(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *AwsConfigurationSecretsmanager) contextValidateCredentials(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.Credentials != nil {
+		if err := m.Credentials.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("secretsmanager" + "." + "credentials")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("secretsmanager" + "." + "credentials")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 // MarshalBinary interface implementation
 func (m *AwsConfigurationSecretsmanager) MarshalBinary() ([]byte, error) {
 	if m == nil {
@@ -239,6 +305,11 @@ func (m *AwsConfigurationSecretsmanagerCredentials) validateSecretkey(formats st
 	return nil
 }
 
+// ContextValidate validates this aws configuration secretsmanager credentials based on context it is used
+func (m *AwsConfigurationSecretsmanagerCredentials) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
 // MarshalBinary interface implementation
 func (m *AwsConfigurationSecretsmanagerCredentials) MarshalBinary() ([]byte, error) {
 	if m == nil {

models/azure_configuration.go

@@ -0,0 +1,321 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
+// AzureConfiguration azure configuration
+//
+// swagger:model azureConfiguration
+type AzureConfiguration struct {
+
+	// keyvault
+	// Required: true
+	Keyvault *AzureConfigurationKeyvault `json:"keyvault"`
+}
+
+// Validate validates this azure configuration
+func (m *AzureConfiguration) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateKeyvault(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *AzureConfiguration) validateKeyvault(formats strfmt.Registry) error {
+
+	if err := validate.Required("keyvault", "body", m.Keyvault); err != nil {
+		return err
+	}
+
+	if m.Keyvault != nil {
+		if err := m.Keyvault.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("keyvault")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("keyvault")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// ContextValidate validate this azure configuration based on the context it is used
+func (m *AzureConfiguration) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateKeyvault(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *AzureConfiguration) contextValidateKeyvault(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.Keyvault != nil {
+		if err := m.Keyvault.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("keyvault")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("keyvault")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *AzureConfiguration) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *AzureConfiguration) UnmarshalBinary(b []byte) error {
+	var res AzureConfiguration
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
+
+// AzureConfigurationKeyvault azure configuration keyvault
+//
+// swagger:model AzureConfigurationKeyvault
+type AzureConfigurationKeyvault struct {
+
+	// credentials
+	Credentials *AzureConfigurationKeyvaultCredentials `json:"credentials,omitempty"`
+
+	// endpoint
+	// Required: true
+	Endpoint *string `json:"endpoint"`
+}
+
+// Validate validates this azure configuration keyvault
+func (m *AzureConfigurationKeyvault) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateCredentials(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateEndpoint(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *AzureConfigurationKeyvault) validateCredentials(formats strfmt.Registry) error {
+	if swag.IsZero(m.Credentials) { // not required
+		return nil
+	}
+
+	if m.Credentials != nil {
+		if err := m.Credentials.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("keyvault" + "." + "credentials")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("keyvault" + "." + "credentials")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *AzureConfigurationKeyvault) validateEndpoint(formats strfmt.Registry) error {
+
+	if err := validate.Required("keyvault"+"."+"endpoint", "body", m.Endpoint); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ContextValidate validate this azure configuration keyvault based on the context it is used
+func (m *AzureConfigurationKeyvault) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateCredentials(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *AzureConfigurationKeyvault) contextValidateCredentials(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.Credentials != nil {
+		if err := m.Credentials.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("keyvault" + "." + "credentials")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("keyvault" + "." + "credentials")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *AzureConfigurationKeyvault) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *AzureConfigurationKeyvault) UnmarshalBinary(b []byte) error {
+	var res AzureConfigurationKeyvault
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
+
+// AzureConfigurationKeyvaultCredentials azure configuration keyvault credentials
+//
+// swagger:model AzureConfigurationKeyvaultCredentials
+type AzureConfigurationKeyvaultCredentials struct {
+
+	// client id
+	// Required: true
+	ClientID *string `json:"client_id"`
+
+	// client secret
+	// Required: true
+	ClientSecret *string `json:"client_secret"`
+
+	// tenant id
+	// Required: true
+	TenantID *string `json:"tenant_id"`
+}
+
+// Validate validates this azure configuration keyvault credentials
+func (m *AzureConfigurationKeyvaultCredentials) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateClientID(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateClientSecret(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateTenantID(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *AzureConfigurationKeyvaultCredentials) validateClientID(formats strfmt.Registry) error {
+
+	if err := validate.Required("keyvault"+"."+"credentials"+"."+"client_id", "body", m.ClientID); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *AzureConfigurationKeyvaultCredentials) validateClientSecret(formats strfmt.Registry) error {
+
+	if err := validate.Required("keyvault"+"."+"credentials"+"."+"client_secret", "body", m.ClientSecret); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *AzureConfigurationKeyvaultCredentials) validateTenantID(formats strfmt.Registry) error {
+
+	if err := validate.Required("keyvault"+"."+"credentials"+"."+"tenant_id", "body", m.TenantID); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ContextValidate validates this azure configuration keyvault credentials based on context it is used
+func (m *AzureConfigurationKeyvaultCredentials) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *AzureConfigurationKeyvaultCredentials) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *AzureConfigurationKeyvaultCredentials) UnmarshalBinary(b []byte) error {
+	var res AzureConfigurationKeyvaultCredentials
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/bucket.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -23,6 +23,9 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"context"
+	"encoding/json"
+
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
@@ -35,16 +38,28 @@ import (
 type Bucket struct {
 
 	// access
-	Access BucketAccess `json:"access,omitempty"`
+	Access *BucketAccess `json:"access,omitempty"`
 
 	// creation date
 	CreationDate string `json:"creation_date,omitempty"`
 
+	// definition
+	Definition string `json:"definition,omitempty"`
+
+	// details
+	Details *BucketDetails `json:"details,omitempty"`
+
 	// name
 	// Required: true
 	// Min Length: 3
 	Name *string `json:"name"`
 
+	// objects
+	Objects int64 `json:"objects,omitempty"`
+
+	// rw access
+	RwAccess *BucketRwAccess `json:"rw_access,omitempty"`
+
 	// size
 	Size int64 `json:"size,omitempty"`
 }
@@ -57,10 +72,18 @@ func (m *Bucket) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}
 
+	if err := m.validateDetails(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateName(formats); err != nil {
 		res = append(res, err)
 	}
 
+	if err := m.validateRwAccess(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -68,16 +91,38 @@ func (m *Bucket) Validate(formats strfmt.Registry) error {
 }
 
 func (m *Bucket) validateAccess(formats strfmt.Registry) error {
-
 	if swag.IsZero(m.Access) { // not required
 		return nil
 	}
 
-	if err := m.Access.Validate(formats); err != nil {
-		if ve, ok := err.(*errors.Validation); ok {
-			return ve.ValidateName("access")
+	if m.Access != nil {
+		if err := m.Access.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("access")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("access")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *Bucket) validateDetails(formats strfmt.Registry) error {
+	if swag.IsZero(m.Details) { // not required
+		return nil
+	}
+
+	if m.Details != nil {
+		if err := m.Details.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("details")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("details")
+			}
+			return err
 		}
-		return err
 	}
 
 	return nil
@@ -89,13 +134,102 @@ func (m *Bucket) validateName(formats strfmt.Registry) error {
 		return err
 	}
 
-	if err := validate.MinLength("name", "body", string(*m.Name), 3); err != nil {
+	if err := validate.MinLength("name", "body", *m.Name, 3); err != nil {
 		return err
 	}
 
 	return nil
 }
 
+func (m *Bucket) validateRwAccess(formats strfmt.Registry) error {
+	if swag.IsZero(m.RwAccess) { // not required
+		return nil
+	}
+
+	if m.RwAccess != nil {
+		if err := m.RwAccess.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("rw_access")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("rw_access")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// ContextValidate validate this bucket based on the context it is used
+func (m *Bucket) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateAccess(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.contextValidateDetails(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.contextValidateRwAccess(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *Bucket) contextValidateAccess(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.Access != nil {
+		if err := m.Access.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("access")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("access")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *Bucket) contextValidateDetails(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.Details != nil {
+		if err := m.Details.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("details")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("details")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *Bucket) contextValidateRwAccess(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.RwAccess != nil {
+		if err := m.RwAccess.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("rw_access")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("rw_access")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 // MarshalBinary interface implementation
 func (m *Bucket) MarshalBinary() ([]byte, error) {
 	if m == nil {
@@ -113,3 +247,240 @@ func (m *Bucket) UnmarshalBinary(b []byte) error {
 	*m = res
 	return nil
 }
+
+// BucketDetails bucket details
+//
+// swagger:model BucketDetails
+type BucketDetails struct {
+
+	// locking
+	Locking bool `json:"locking,omitempty"`
+
+	// quota
+	Quota *BucketDetailsQuota `json:"quota,omitempty"`
+
+	// replication
+	Replication bool `json:"replication,omitempty"`
+
+	// tags
+	Tags map[string]string `json:"tags,omitempty"`
+
+	// versioning
+	Versioning bool `json:"versioning,omitempty"`
+
+	// versioning suspended
+	VersioningSuspended bool `json:"versioningSuspended,omitempty"`
+}
+
+// Validate validates this bucket details
+func (m *BucketDetails) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateQuota(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *BucketDetails) validateQuota(formats strfmt.Registry) error {
+	if swag.IsZero(m.Quota) { // not required
+		return nil
+	}
+
+	if m.Quota != nil {
+		if err := m.Quota.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("details" + "." + "quota")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("details" + "." + "quota")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// ContextValidate validate this bucket details based on the context it is used
+func (m *BucketDetails) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateQuota(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *BucketDetails) contextValidateQuota(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.Quota != nil {
+		if err := m.Quota.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("details" + "." + "quota")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("details" + "." + "quota")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *BucketDetails) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *BucketDetails) UnmarshalBinary(b []byte) error {
+	var res BucketDetails
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
+
+// BucketDetailsQuota bucket details quota
+//
+// swagger:model BucketDetailsQuota
+type BucketDetailsQuota struct {
+
+	// quota
+	Quota int64 `json:"quota,omitempty"`
+
+	// type
+	// Enum: [fifo hard]
+	Type string `json:"type,omitempty"`
+}
+
+// Validate validates this bucket details quota
+func (m *BucketDetailsQuota) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateType(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+var bucketDetailsQuotaTypeTypePropEnum []interface{}
+
+func init() {
+	var res []string
+	if err := json.Unmarshal([]byte(`["fifo","hard"]`), &res); err != nil {
+		panic(err)
+	}
+	for _, v := range res {
+		bucketDetailsQuotaTypeTypePropEnum = append(bucketDetailsQuotaTypeTypePropEnum, v)
+	}
+}
+
+const (
+
+	// BucketDetailsQuotaTypeFifo captures enum value "fifo"
+	BucketDetailsQuotaTypeFifo string = "fifo"
+
+	// BucketDetailsQuotaTypeHard captures enum value "hard"
+	BucketDetailsQuotaTypeHard string = "hard"
+)
+
+// prop value enum
+func (m *BucketDetailsQuota) validateTypeEnum(path, location string, value string) error {
+	if err := validate.EnumCase(path, location, value, bucketDetailsQuotaTypeTypePropEnum, true); err != nil {
+		return err
+	}
+	return nil
+}
+
+func (m *BucketDetailsQuota) validateType(formats strfmt.Registry) error {
+	if swag.IsZero(m.Type) { // not required
+		return nil
+	}
+
+	// value enum
+	if err := m.validateTypeEnum("details"+"."+"quota"+"."+"type", "body", m.Type); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ContextValidate validates this bucket details quota based on context it is used
+func (m *BucketDetailsQuota) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *BucketDetailsQuota) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *BucketDetailsQuota) UnmarshalBinary(b []byte) error {
+	var res BucketDetailsQuota
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
+
+// BucketRwAccess bucket rw access
+//
+// swagger:model BucketRwAccess
+type BucketRwAccess struct {
+
+	// read
+	Read bool `json:"read,omitempty"`
+
+	// write
+	Write bool `json:"write,omitempty"`
+}
+
+// Validate validates this bucket rw access
+func (m *BucketRwAccess) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this bucket rw access based on context it is used
+func (m *BucketRwAccess) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *BucketRwAccess) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *BucketRwAccess) UnmarshalBinary(b []byte) error {
+	var res BucketRwAccess
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/bucket_access.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -23,6 +23,7 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"context"
 	"encoding/json"
 
 	"github.com/go-openapi/errors"
@@ -35,6 +36,11 @@ import (
 // swagger:model bucketAccess
 type BucketAccess string
 
+func NewBucketAccess(value BucketAccess) *BucketAccess {
+	v := value
+	return &v
+}
+
 const (
 
 	// BucketAccessPRIVATE captures enum value "PRIVATE"
@@ -81,3 +87,8 @@ func (m BucketAccess) Validate(formats strfmt.Registry) error {
 	}
 	return nil
 }
+
+// ContextValidate validates this bucket access based on context it is used
+func (m BucketAccess) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}

models/bucket_encryption_info.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -23,6 +23,8 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"context"
+
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 )
@@ -44,6 +46,11 @@ func (m *BucketEncryptionInfo) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
+// ContextValidate validates this bucket encryption info based on context it is used
+func (m *BucketEncryptionInfo) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
 // MarshalBinary interface implementation
 func (m *BucketEncryptionInfo) MarshalBinary() ([]byte, error) {
 	if m == nil {

models/bucket_encryption_request.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -23,6 +23,8 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"context"
+
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
@@ -34,7 +36,7 @@ import (
 type BucketEncryptionRequest struct {
 
 	// enc type
-	EncType BucketEncryptionType `json:"encType,omitempty"`
+	EncType *BucketEncryptionType `json:"encType,omitempty"`
 
 	// kms key ID
 	KmsKeyID string `json:"kmsKeyID,omitempty"`
@@ -55,16 +57,49 @@ func (m *BucketEncryptionRequest) Validate(formats strfmt.Registry) error {
 }
 
 func (m *BucketEncryptionRequest) validateEncType(formats strfmt.Registry) error {
-
 	if swag.IsZero(m.EncType) { // not required
 		return nil
 	}
 
-	if err := m.EncType.Validate(formats); err != nil {
-		if ve, ok := err.(*errors.Validation); ok {
-			return ve.ValidateName("encType")
+	if m.EncType != nil {
+		if err := m.EncType.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("encType")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("encType")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// ContextValidate validate this bucket encryption request based on the context it is used
+func (m *BucketEncryptionRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateEncType(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *BucketEncryptionRequest) contextValidateEncType(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.EncType != nil {
+		if err := m.EncType.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("encType")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("encType")
+			}
+			return err
 		}
-		return err
 	}
 
 	return nil

models/bucket_encryption_type.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -23,6 +23,7 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"context"
 	"encoding/json"
 
 	"github.com/go-openapi/errors"
@@ -35,13 +36,18 @@ import (
 // swagger:model bucketEncryptionType
 type BucketEncryptionType string
 
+func NewBucketEncryptionType(value BucketEncryptionType) *BucketEncryptionType {
+	v := value
+	return &v
+}
+
 const (
 
-	// BucketEncryptionTypeSseS3 captures enum value "sse-s3"
-	BucketEncryptionTypeSseS3 BucketEncryptionType = "sse-s3"
+	// BucketEncryptionTypeSseDashS3 captures enum value "sse-s3"
+	BucketEncryptionTypeSseDashS3 BucketEncryptionType = "sse-s3"
 
-	// BucketEncryptionTypeSseKms captures enum value "sse-kms"
-	BucketEncryptionTypeSseKms BucketEncryptionType = "sse-kms"
+	// BucketEncryptionTypeSseDashKms captures enum value "sse-kms"
+	BucketEncryptionTypeSseDashKms BucketEncryptionType = "sse-kms"
 )
 
 // for schema
@@ -78,3 +84,8 @@ func (m BucketEncryptionType) Validate(formats strfmt.Registry) error {
 	}
 	return nil
 }
+
+// ContextValidate validates this bucket encryption type based on context it is used
+func (m BucketEncryptionType) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}

models/bucket_event_request.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -23,6 +23,8 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"context"
+
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
@@ -66,6 +68,38 @@ func (m *BucketEventRequest) validateConfiguration(formats strfmt.Registry) erro
 		if err := m.Configuration.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("configuration")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("configuration")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// ContextValidate validate this bucket event request based on the context it is used
+func (m *BucketEventRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateConfiguration(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *BucketEventRequest) contextValidateConfiguration(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.Configuration != nil {
+		if err := m.Configuration.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("configuration")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("configuration")
 			}
 			return err
 		}

models/bucket_lifecycle_response.go

@@ -0,0 +1,133 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// BucketLifecycleResponse bucket lifecycle response
+//
+// swagger:model bucketLifecycleResponse
+type BucketLifecycleResponse struct {
+
+	// lifecycle
+	Lifecycle []*ObjectBucketLifecycle `json:"lifecycle"`
+}
+
+// Validate validates this bucket lifecycle response
+func (m *BucketLifecycleResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateLifecycle(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *BucketLifecycleResponse) validateLifecycle(formats strfmt.Registry) error {
+	if swag.IsZero(m.Lifecycle) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Lifecycle); i++ {
+		if swag.IsZero(m.Lifecycle[i]) { // not required
+			continue
+		}
+
+		if m.Lifecycle[i] != nil {
+			if err := m.Lifecycle[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("lifecycle" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("lifecycle" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this bucket lifecycle response based on the context it is used
+func (m *BucketLifecycleResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateLifecycle(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *BucketLifecycleResponse) contextValidateLifecycle(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.Lifecycle); i++ {
+
+		if m.Lifecycle[i] != nil {
+			if err := m.Lifecycle[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("lifecycle" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("lifecycle" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *BucketLifecycleResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *BucketLifecycleResponse) UnmarshalBinary(b []byte) error {
+	var res BucketLifecycleResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/bucket_ob_locking_response.go

@@ -0,0 +1,67 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// BucketObLockingResponse bucket ob locking response
+//
+// swagger:model bucketObLockingResponse
+type BucketObLockingResponse struct {
+
+	// object locking enabled
+	ObjectLockingEnabled bool `json:"object_locking_enabled,omitempty"`
+}
+
+// Validate validates this bucket ob locking response
+func (m *BucketObLockingResponse) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this bucket ob locking response based on context it is used
+func (m *BucketObLockingResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *BucketObLockingResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *BucketObLockingResponse) UnmarshalBinary(b []byte) error {
+	var res BucketObLockingResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/bucket_object.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -23,6 +23,8 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"context"
+
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 )
@@ -53,6 +55,9 @@ type BucketObject struct {
 	// legal hold status
 	LegalHoldStatus string `json:"legal_hold_status,omitempty"`
 
+	// metadata
+	Metadata map[string]string `json:"metadata,omitempty"`
+
 	// name
 	Name string `json:"name,omitempty"`
 
@@ -68,6 +73,9 @@ type BucketObject struct {
 	// tags
 	Tags map[string]string `json:"tags,omitempty"`
 
+	// user metadata
+	UserMetadata map[string]string `json:"user_metadata,omitempty"`
+
 	// user tags
 	UserTags map[string]string `json:"user_tags,omitempty"`
 
@@ -80,6 +88,11 @@ func (m *BucketObject) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
+// ContextValidate validates this bucket object based on context it is used
+func (m *BucketObject) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
 // MarshalBinary interface implementation
 func (m *BucketObject) MarshalBinary() ([]byte, error) {
 	if m == nil {

models/bucket_quota.go

@@ -0,0 +1,125 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"encoding/json"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
+// BucketQuota bucket quota
+//
+// swagger:model bucketQuota
+type BucketQuota struct {
+
+	// quota
+	Quota int64 `json:"quota,omitempty"`
+
+	// type
+	// Enum: [hard fifo]
+	Type string `json:"type,omitempty"`
+}
+
+// Validate validates this bucket quota
+func (m *BucketQuota) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateType(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+var bucketQuotaTypeTypePropEnum []interface{}
+
+func init() {
+	var res []string
+	if err := json.Unmarshal([]byte(`["hard","fifo"]`), &res); err != nil {
+		panic(err)
+	}
+	for _, v := range res {
+		bucketQuotaTypeTypePropEnum = append(bucketQuotaTypeTypePropEnum, v)
+	}
+}
+
+const (
+
+	// BucketQuotaTypeHard captures enum value "hard"
+	BucketQuotaTypeHard string = "hard"
+
+	// BucketQuotaTypeFifo captures enum value "fifo"
+	BucketQuotaTypeFifo string = "fifo"
+)
+
+// prop value enum
+func (m *BucketQuota) validateTypeEnum(path, location string, value string) error {
+	if err := validate.EnumCase(path, location, value, bucketQuotaTypeTypePropEnum, true); err != nil {
+		return err
+	}
+	return nil
+}
+
+func (m *BucketQuota) validateType(formats strfmt.Registry) error {
+	if swag.IsZero(m.Type) { // not required
+		return nil
+	}
+
+	// value enum
+	if err := m.validateTypeEnum("type", "body", m.Type); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ContextValidate validates this bucket quota based on context it is used
+func (m *BucketQuota) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *BucketQuota) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *BucketQuota) UnmarshalBinary(b []byte) error {
+	var res BucketQuota
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/bucket_replication_destination.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -23,6 +23,8 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"context"
+
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 )
@@ -41,6 +43,11 @@ func (m *BucketReplicationDestination) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
+// ContextValidate validates this bucket replication destination based on context it is used
+func (m *BucketReplicationDestination) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
 // MarshalBinary interface implementation
 func (m *BucketReplicationDestination) MarshalBinary() ([]byte, error) {
 	if m == nil {

models/bucket_replication_response.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -23,6 +23,7 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"context"
 	"strconv"
 
 	"github.com/go-openapi/errors"
@@ -54,7 +55,6 @@ func (m *BucketReplicationResponse) Validate(formats strfmt.Registry) error {
 }
 
 func (m *BucketReplicationResponse) validateRules(formats strfmt.Registry) error {
-
 	if swag.IsZero(m.Rules) { // not required
 		return nil
 	}
@@ -68,6 +68,42 @@ func (m *BucketReplicationResponse) validateRules(formats strfmt.Registry) error
 			if err := m.Rules[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("rules" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("rules" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this bucket replication response based on the context it is used
+func (m *BucketReplicationResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateRules(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *BucketReplicationResponse) contextValidateRules(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.Rules); i++ {
+
+		if m.Rules[i] != nil {
+			if err := m.Rules[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("rules" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("rules" + "." + strconv.Itoa(i))
 				}
 				return err
 			}

models/bucket_replication_rule.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -23,6 +23,7 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"context"
 	"encoding/json"
 
 	"github.com/go-openapi/errors"
@@ -36,31 +37,55 @@ import (
 // swagger:model bucketReplicationRule
 type BucketReplicationRule struct {
 
+	// bandwidth
+	Bandwidth string `json:"bandwidth,omitempty"`
+
 	// delete marker replication
-	DeleteMarkerReplication *BucketReplicationRuleMarker `json:"delete_marker_replication,omitempty"`
+	DeleteMarkerReplication bool `json:"delete_marker_replication,omitempty"`
+
+	// deletes replication
+	DeletesReplication bool `json:"deletes_replication,omitempty"`
 
 	// destination
 	Destination *BucketReplicationDestination `json:"destination,omitempty"`
 
+	// existing objects
+	ExistingObjects bool `json:"existingObjects,omitempty"`
+
+	// health check period
+	HealthCheckPeriod int64 `json:"healthCheckPeriod,omitempty"`
+
 	// id
 	ID string `json:"id,omitempty"`
 
+	// metadata replication
+	MetadataReplication bool `json:"metadata_replication,omitempty"`
+
+	// prefix
+	Prefix string `json:"prefix,omitempty"`
+
 	// priority
 	Priority int32 `json:"priority,omitempty"`
 
 	// status
 	// Enum: [Enabled Disabled]
 	Status string `json:"status,omitempty"`
+
+	// storage class
+	StorageClass string `json:"storageClass,omitempty"`
+
+	// sync mode
+	// Enum: [async sync]
+	SyncMode *string `json:"syncMode,omitempty"`
+
+	// tags
+	Tags string `json:"tags,omitempty"`
 }
 
 // Validate validates this bucket replication rule
 func (m *BucketReplicationRule) Validate(formats strfmt.Registry) error {
 	var res []error
 
-	if err := m.validateDeleteMarkerReplication(formats); err != nil {
-		res = append(res, err)
-	}
-
 	if err := m.validateDestination(formats); err != nil {
 		res = append(res, err)
 	}
@@ -69,32 +94,17 @@ func (m *BucketReplicationRule) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}
 
+	if err := m.validateSyncMode(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
 	return nil
 }
 
-func (m *BucketReplicationRule) validateDeleteMarkerReplication(formats strfmt.Registry) error {
-
-	if swag.IsZero(m.DeleteMarkerReplication) { // not required
-		return nil
-	}
-
-	if m.DeleteMarkerReplication != nil {
-		if err := m.DeleteMarkerReplication.Validate(formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("delete_marker_replication")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
 func (m *BucketReplicationRule) validateDestination(formats strfmt.Registry) error {
-
 	if swag.IsZero(m.Destination) { // not required
 		return nil
 	}
@@ -103,6 +113,8 @@ func (m *BucketReplicationRule) validateDestination(formats strfmt.Registry) err
 		if err := m.Destination.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("destination")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("destination")
 			}
 			return err
 		}
@@ -141,7 +153,6 @@ func (m *BucketReplicationRule) validateStatusEnum(path, location string, value
 }
 
 func (m *BucketReplicationRule) validateStatus(formats strfmt.Registry) error {
-
 	if swag.IsZero(m.Status) { // not required
 		return nil
 	}
@@ -154,6 +165,78 @@ func (m *BucketReplicationRule) validateStatus(formats strfmt.Registry) error {
 	return nil
 }
 
+var bucketReplicationRuleTypeSyncModePropEnum []interface{}
+
+func init() {
+	var res []string
+	if err := json.Unmarshal([]byte(`["async","sync"]`), &res); err != nil {
+		panic(err)
+	}
+	for _, v := range res {
+		bucketReplicationRuleTypeSyncModePropEnum = append(bucketReplicationRuleTypeSyncModePropEnum, v)
+	}
+}
+
+const (
+
+	// BucketReplicationRuleSyncModeAsync captures enum value "async"
+	BucketReplicationRuleSyncModeAsync string = "async"
+
+	// BucketReplicationRuleSyncModeSync captures enum value "sync"
+	BucketReplicationRuleSyncModeSync string = "sync"
+)
+
+// prop value enum
+func (m *BucketReplicationRule) validateSyncModeEnum(path, location string, value string) error {
+	if err := validate.EnumCase(path, location, value, bucketReplicationRuleTypeSyncModePropEnum, true); err != nil {
+		return err
+	}
+	return nil
+}
+
+func (m *BucketReplicationRule) validateSyncMode(formats strfmt.Registry) error {
+	if swag.IsZero(m.SyncMode) { // not required
+		return nil
+	}
+
+	// value enum
+	if err := m.validateSyncModeEnum("syncMode", "body", *m.SyncMode); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ContextValidate validate this bucket replication rule based on the context it is used
+func (m *BucketReplicationRule) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateDestination(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *BucketReplicationRule) contextValidateDestination(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.Destination != nil {
+		if err := m.Destination.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("destination")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("destination")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 // MarshalBinary interface implementation
 func (m *BucketReplicationRule) MarshalBinary() ([]byte, error) {
 	if m == nil {

models/bucket_versioning_response.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -23,6 +23,8 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"context"
+
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 )
@@ -41,6 +43,11 @@ func (m *BucketVersioningResponse) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
+// ContextValidate validates this bucket versioning response based on context it is used
+func (m *BucketVersioningResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
 // MarshalBinary interface implementation
 func (m *BucketVersioningResponse) MarshalBinary() ([]byte, error) {
 	if m == nil {

models/bulk_user_groups.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -23,6 +23,8 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"context"
+
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
@@ -79,6 +81,11 @@ func (m *BulkUserGroups) validateUsers(formats strfmt.Registry) error {
 	return nil
 }
 
+// ContextValidate validates this bulk user groups based on context it is used
+func (m *BulkUserGroups) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
 // MarshalBinary interface implementation
 func (m *BulkUserGroups) MarshalBinary() ([]byte, error) {
 	if m == nil {

models/certificate_info.go

@@ -0,0 +1,76 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// CertificateInfo certificate info
+//
+// swagger:model certificateInfo
+type CertificateInfo struct {
+
+	// domains
+	Domains []string `json:"domains"`
+
+	// expiry
+	Expiry string `json:"expiry,omitempty"`
+
+	// name
+	Name string `json:"name,omitempty"`
+
+	// serial number
+	SerialNumber string `json:"serialNumber,omitempty"`
+}
+
+// Validate validates this certificate info
+func (m *CertificateInfo) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this certificate info based on context it is used
+func (m *CertificateInfo) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *CertificateInfo) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *CertificateInfo) UnmarshalBinary(b []byte) error {
+	var res CertificateInfo
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/change_user_password_request.go

@@ -0,0 +1,105 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
+// ChangeUserPasswordRequest change user password request
+//
+// swagger:model changeUserPasswordRequest
+type ChangeUserPasswordRequest struct {
+
+	// new secret key
+	// Required: true
+	NewSecretKey *string `json:"newSecretKey"`
+
+	// selected user
+	// Required: true
+	SelectedUser *string `json:"selectedUser"`
+}
+
+// Validate validates this change user password request
+func (m *ChangeUserPasswordRequest) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateNewSecretKey(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateSelectedUser(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *ChangeUserPasswordRequest) validateNewSecretKey(formats strfmt.Registry) error {
+
+	if err := validate.Required("newSecretKey", "body", m.NewSecretKey); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *ChangeUserPasswordRequest) validateSelectedUser(formats strfmt.Registry) error {
+
+	if err := validate.Required("selectedUser", "body", m.SelectedUser); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ContextValidate validates this change user password request based on context it is used
+func (m *ChangeUserPasswordRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *ChangeUserPasswordRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *ChangeUserPasswordRequest) UnmarshalBinary(b []byte) error {
+	var res ChangeUserPasswordRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/config_description.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -23,6 +23,8 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"context"
+
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 )
@@ -44,6 +46,11 @@ func (m *ConfigDescription) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
+// ContextValidate validates this config description based on context it is used
+func (m *ConfigDescription) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
 // MarshalBinary interface implementation
 func (m *ConfigDescription) MarshalBinary() ([]byte, error) {
 	if m == nil {

models/configuration.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -23,6 +23,7 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"context"
 	"strconv"
 
 	"github.com/go-openapi/errors"
@@ -57,7 +58,6 @@ func (m *Configuration) Validate(formats strfmt.Registry) error {
 }
 
 func (m *Configuration) validateKeyValues(formats strfmt.Registry) error {
-
 	if swag.IsZero(m.KeyValues) { // not required
 		return nil
 	}
@@ -71,6 +71,42 @@ func (m *Configuration) validateKeyValues(formats strfmt.Registry) error {
 			if err := m.KeyValues[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("key_values" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("key_values" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this configuration based on the context it is used
+func (m *Configuration) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateKeyValues(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *Configuration) contextValidateKeyValues(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.KeyValues); i++ {
+
+		if m.KeyValues[i] != nil {
+			if err := m.KeyValues[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("key_values" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("key_values" + "." + strconv.Itoa(i))
 				}
 				return err
 			}

models/configuration_k_v.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -23,6 +23,8 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"context"
+
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 )
@@ -44,6 +46,11 @@ func (m *ConfigurationKV) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
+// ContextValidate validates this configuration k v based on context it is used
+func (m *ConfigurationKV) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
 // MarshalBinary interface implementation
 func (m *ConfigurationKV) MarshalBinary() ([]byte, error) {
 	if m == nil {

models/configure_tenant_request.go

@@ -0,0 +1,67 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// ConfigureTenantRequest configure tenant request
+//
+// swagger:model configureTenantRequest
+type ConfigureTenantRequest struct {
+
+	// prometheus enabled
+	PrometheusEnabled bool `json:"prometheusEnabled,omitempty"`
+}
+
+// Validate validates this configure tenant request
+func (m *ConfigureTenantRequest) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this configure tenant request based on context it is used
+func (m *ConfigureTenantRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *ConfigureTenantRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *ConfigureTenantRequest) UnmarshalBinary(b []byte) error {
+	var res ConfigureTenantRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/console_configuration.go

@@ -1,117 +0,0 @@
-// Code generated by go-swagger; DO NOT EDIT.
-
-// This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-//
-
-package models
-
-// This file was generated by the swagger tool.
-// Editing this file might prove futile when you re-run the swagger generate command
-
-import (
-	"github.com/go-openapi/errors"
-	"github.com/go-openapi/strfmt"
-	"github.com/go-openapi/swag"
-)
-
-// ConsoleConfiguration console configuration
-//
-// swagger:model consoleConfiguration
-type ConsoleConfiguration struct {
-	MetadataFields
-
-	// image
-	Image string `json:"image,omitempty"`
-}
-
-// UnmarshalJSON unmarshals this object from a JSON structure
-func (m *ConsoleConfiguration) UnmarshalJSON(raw []byte) error {
-	// AO0
-	var aO0 MetadataFields
-	if err := swag.ReadJSON(raw, &aO0); err != nil {
-		return err
-	}
-	m.MetadataFields = aO0
-
-	// AO1
-	var dataAO1 struct {
-		Image string `json:"image,omitempty"`
-	}
-	if err := swag.ReadJSON(raw, &dataAO1); err != nil {
-		return err
-	}
-
-	m.Image = dataAO1.Image
-
-	return nil
-}
-
-// MarshalJSON marshals this object to a JSON structure
-func (m ConsoleConfiguration) MarshalJSON() ([]byte, error) {
-	_parts := make([][]byte, 0, 2)
-
-	aO0, err := swag.WriteJSON(m.MetadataFields)
-	if err != nil {
-		return nil, err
-	}
-	_parts = append(_parts, aO0)
-	var dataAO1 struct {
-		Image string `json:"image,omitempty"`
-	}
-
-	dataAO1.Image = m.Image
-
-	jsonDataAO1, errAO1 := swag.WriteJSON(dataAO1)
-	if errAO1 != nil {
-		return nil, errAO1
-	}
-	_parts = append(_parts, jsonDataAO1)
-	return swag.ConcatJSON(_parts...), nil
-}
-
-// Validate validates this console configuration
-func (m *ConsoleConfiguration) Validate(formats strfmt.Registry) error {
-	var res []error
-
-	// validation for a type composition with MetadataFields
-	if err := m.MetadataFields.Validate(formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-// MarshalBinary interface implementation
-func (m *ConsoleConfiguration) MarshalBinary() ([]byte, error) {
-	if m == nil {
-		return nil, nil
-	}
-	return swag.WriteJSON(m)
-}
-
-// UnmarshalBinary interface implementation
-func (m *ConsoleConfiguration) UnmarshalBinary(b []byte) error {
-	var res ConsoleConfiguration
-	if err := swag.ReadJSON(b, &res); err != nil {
-		return err
-	}
-	*m = res
-	return nil
-}

models/create_remote_bucket.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -23,6 +23,9 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"context"
+	"encoding/json"
+
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
@@ -39,6 +42,12 @@ type CreateRemoteBucket struct {
 	// Min Length: 3
 	AccessKey *string `json:"accessKey"`
 
+	// bandwidth
+	Bandwidth int64 `json:"bandwidth,omitempty"`
+
+	// health check period
+	HealthCheckPeriod int32 `json:"healthCheckPeriod,omitempty"`
+
 	// region
 	Region string `json:"region,omitempty"`
 
@@ -51,6 +60,10 @@ type CreateRemoteBucket struct {
 	// Required: true
 	SourceBucket *string `json:"sourceBucket"`
 
+	// sync mode
+	// Enum: [async sync]
+	SyncMode *string `json:"syncMode,omitempty"`
+
 	// target bucket
 	// Required: true
 	TargetBucket *string `json:"targetBucket"`
@@ -76,6 +89,10 @@ func (m *CreateRemoteBucket) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}
 
+	if err := m.validateSyncMode(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateTargetBucket(formats); err != nil {
 		res = append(res, err)
 	}
@@ -96,7 +113,7 @@ func (m *CreateRemoteBucket) validateAccessKey(formats strfmt.Registry) error {
 		return err
 	}
 
-	if err := validate.MinLength("accessKey", "body", string(*m.AccessKey), 3); err != nil {
+	if err := validate.MinLength("accessKey", "body", *m.AccessKey, 3); err != nil {
 		return err
 	}
 
@@ -109,7 +126,7 @@ func (m *CreateRemoteBucket) validateSecretKey(formats strfmt.Registry) error {
 		return err
 	}
 
-	if err := validate.MinLength("secretKey", "body", string(*m.SecretKey), 8); err != nil {
+	if err := validate.MinLength("secretKey", "body", *m.SecretKey, 8); err != nil {
 		return err
 	}
 
@@ -125,6 +142,48 @@ func (m *CreateRemoteBucket) validateSourceBucket(formats strfmt.Registry) error
 	return nil
 }
 
+var createRemoteBucketTypeSyncModePropEnum []interface{}
+
+func init() {
+	var res []string
+	if err := json.Unmarshal([]byte(`["async","sync"]`), &res); err != nil {
+		panic(err)
+	}
+	for _, v := range res {
+		createRemoteBucketTypeSyncModePropEnum = append(createRemoteBucketTypeSyncModePropEnum, v)
+	}
+}
+
+const (
+
+	// CreateRemoteBucketSyncModeAsync captures enum value "async"
+	CreateRemoteBucketSyncModeAsync string = "async"
+
+	// CreateRemoteBucketSyncModeSync captures enum value "sync"
+	CreateRemoteBucketSyncModeSync string = "sync"
+)
+
+// prop value enum
+func (m *CreateRemoteBucket) validateSyncModeEnum(path, location string, value string) error {
+	if err := validate.EnumCase(path, location, value, createRemoteBucketTypeSyncModePropEnum, true); err != nil {
+		return err
+	}
+	return nil
+}
+
+func (m *CreateRemoteBucket) validateSyncMode(formats strfmt.Registry) error {
+	if swag.IsZero(m.SyncMode) { // not required
+		return nil
+	}
+
+	// value enum
+	if err := m.validateSyncModeEnum("syncMode", "body", *m.SyncMode); err != nil {
+		return err
+	}
+
+	return nil
+}
+
 func (m *CreateRemoteBucket) validateTargetBucket(formats strfmt.Registry) error {
 
 	if err := validate.Required("targetBucket", "body", m.TargetBucket); err != nil {
@@ -143,6 +202,11 @@ func (m *CreateRemoteBucket) validateTargetURL(formats strfmt.Registry) error {
 	return nil
 }
 
+// ContextValidate validates this create remote bucket based on context it is used
+func (m *CreateRemoteBucket) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
 // MarshalBinary interface implementation
 func (m *CreateRemoteBucket) MarshalBinary() ([]byte, error) {
 	if m == nil {

models/create_tenant_request.go

@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 
 // This file is part of MinIO Console Server
-// Copyright (c) 2020 MinIO, Inc.
+// Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -23,6 +23,7 @@ package models
 // Editing this file might prove futile when you re-run the swagger generate command
 
 import (
+	"context"
 	"strconv"
 
 	"github.com/go-openapi/errors"
@@ -42,12 +43,6 @@ type CreateTenantRequest struct {
 	// annotations
 	Annotations map[string]string `json:"annotations,omitempty"`
 
-	// console
-	Console *ConsoleConfiguration `json:"console,omitempty"`
-
-	// console image
-	ConsoleImage string `json:"console_image,omitempty"`
-
 	// enable console
 	EnableConsole *bool `json:"enable_console,omitempty"`
 
@@ -63,6 +58,12 @@ type CreateTenantRequest struct {
 	// erasure coding parity
 	ErasureCodingParity int64 `json:"erasureCodingParity,omitempty"`
 
+	// expose console
+	ExposeConsole bool `json:"expose_console,omitempty"`
+
+	// expose minio
+	ExposeMinio bool `json:"expose_minio,omitempty"`
+
 	// idp
 	Idp *IdpConfiguration `json:"idp,omitempty"`
 
@@ -78,6 +79,9 @@ type CreateTenantRequest struct {
 	// labels
 	Labels map[string]string `json:"labels,omitempty"`
 
+	// log search configuration
+	LogSearchConfiguration *LogSearchConfiguration `json:"logSearchConfiguration,omitempty"`
+
 	// mounth path
 	MounthPath string `json:"mounth_path,omitempty"`
 
@@ -90,25 +94,24 @@ type CreateTenantRequest struct {
 	// Required: true
 	Namespace *string `json:"namespace"`
 
+	// pools
+	// Required: true
+	Pools []*Pool `json:"pools"`
+
+	// prometheus configuration
+	PrometheusConfiguration *PrometheusConfiguration `json:"prometheusConfiguration,omitempty"`
+
 	// secret key
 	SecretKey string `json:"secret_key,omitempty"`
 
 	// tls
 	TLS *TLSConfiguration `json:"tls,omitempty"`
-
-	// zones
-	// Required: true
-	Zones []*Zone `json:"zones"`
 }
 
 // Validate validates this create tenant request
 func (m *CreateTenantRequest) Validate(formats strfmt.Registry) error {
 	var res []error
 
-	if err := m.validateConsole(formats); err != nil {
-		res = append(res, err)
-	}
-
 	if err := m.validateEncryption(formats); err != nil {
 		res = append(res, err)
 	}
@@ -121,6 +124,10 @@ func (m *CreateTenantRequest) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}
 
+	if err := m.validateLogSearchConfiguration(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateName(formats); err != nil {
 		res = append(res, err)
 	}
@@ -129,11 +136,15 @@ func (m *CreateTenantRequest) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}
 
-	if err := m.validateTLS(formats); err != nil {
+	if err := m.validatePools(formats); err != nil {
 		res = append(res, err)
 	}
 
-	if err := m.validateZones(formats); err != nil {
+	if err := m.validatePrometheusConfiguration(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateTLS(formats); err != nil {
 		res = append(res, err)
 	}
 
@@ -143,26 +154,7 @@ func (m *CreateTenantRequest) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *CreateTenantRequest) validateConsole(formats strfmt.Registry) error {
-
-	if swag.IsZero(m.Console) { // not required
-		return nil
-	}
-
-	if m.Console != nil {
-		if err := m.Console.Validate(formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("console")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
 func (m *CreateTenantRequest) validateEncryption(formats strfmt.Registry) error {
-
 	if swag.IsZero(m.Encryption) { // not required
 		return nil
 	}
@@ -171,6 +163,8 @@ func (m *CreateTenantRequest) validateEncryption(formats strfmt.Registry) error
 		if err := m.Encryption.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("encryption")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("encryption")
 			}
 			return err
 		}
@@ -180,7 +174,6 @@ func (m *CreateTenantRequest) validateEncryption(formats strfmt.Registry) error
 }
 
 func (m *CreateTenantRequest) validateIdp(formats strfmt.Registry) error {
-
 	if swag.IsZero(m.Idp) { // not required
 		return nil
 	}
@@ -189,6 +182,8 @@ func (m *CreateTenantRequest) validateIdp(formats strfmt.Registry) error {
 		if err := m.Idp.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("idp")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("idp")
 			}
 			return err
 		}
@@ -198,7 +193,6 @@ func (m *CreateTenantRequest) validateIdp(formats strfmt.Registry) error {
 }
 
 func (m *CreateTenantRequest) validateImageRegistry(formats strfmt.Registry) error {
-
 	if swag.IsZero(m.ImageRegistry) { // not required
 		return nil
 	}
@@ -207,6 +201,27 @@ func (m *CreateTenantRequest) validateImageRegistry(formats strfmt.Registry) err
 		if err := m.ImageRegistry.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("image_registry")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("image_registry")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *CreateTenantRequest) validateLogSearchConfiguration(formats strfmt.Registry) error {
+	if swag.IsZero(m.LogSearchConfiguration) { // not required
+		return nil
+	}
+
+	if m.LogSearchConfiguration != nil {
+		if err := m.LogSearchConfiguration.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("logSearchConfiguration")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("logSearchConfiguration")
 			}
 			return err
 		}
@@ -221,7 +236,7 @@ func (m *CreateTenantRequest) validateName(formats strfmt.Registry) error {
 		return err
 	}
 
-	if err := validate.Pattern("name", "body", string(*m.Name), `^[a-z0-9-]{3,63}$`); err != nil {
+	if err := validate.Pattern("name", "body", *m.Name, `^[a-z0-9-]{3,63}$`); err != nil {
 		return err
 	}
 
@@ -237,16 +252,44 @@ func (m *CreateTenantRequest) validateNamespace(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *CreateTenantRequest) validateTLS(formats strfmt.Registry) error {
+func (m *CreateTenantRequest) validatePools(formats strfmt.Registry) error {
 
-	if swag.IsZero(m.TLS) { // not required
+	if err := validate.Required("pools", "body", m.Pools); err != nil {
+		return err
+	}
+
+	for i := 0; i < len(m.Pools); i++ {
+		if swag.IsZero(m.Pools[i]) { // not required
+			continue
+		}
+
+		if m.Pools[i] != nil {
+			if err := m.Pools[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("pools" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("pools" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+func (m *CreateTenantRequest) validatePrometheusConfiguration(formats strfmt.Registry) error {
+	if swag.IsZero(m.PrometheusConfiguration) { // not required
 		return nil
 	}
 
-	if m.TLS != nil {
-		if err := m.TLS.Validate(formats); err != nil {
+	if m.PrometheusConfiguration != nil {
+		if err := m.PrometheusConfiguration.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("tls")
+				return ve.ValidateName("prometheusConfiguration")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("prometheusConfiguration")
 			}
 			return err
 		}
@@ -255,21 +298,137 @@ func (m *CreateTenantRequest) validateTLS(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *CreateTenantRequest) validateZones(formats strfmt.Registry) error {
-
-	if err := validate.Required("zones", "body", m.Zones); err != nil {
-		return err
+func (m *CreateTenantRequest) validateTLS(formats strfmt.Registry) error {
+	if swag.IsZero(m.TLS) { // not required
+		return nil
 	}
 
-	for i := 0; i < len(m.Zones); i++ {
-		if swag.IsZero(m.Zones[i]) { // not required
-			continue
+	if m.TLS != nil {
+		if err := m.TLS.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("tls")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("tls")
+			}
+			return err
 		}
+	}
 
-		if m.Zones[i] != nil {
-			if err := m.Zones[i].Validate(formats); err != nil {
+	return nil
+}
+
+// ContextValidate validate this create tenant request based on the context it is used
+func (m *CreateTenantRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateEncryption(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.contextValidateIdp(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.contextValidateImageRegistry(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.contextValidateLogSearchConfiguration(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.contextValidatePools(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.contextValidatePrometheusConfiguration(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.contextValidateTLS(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *CreateTenantRequest) contextValidateEncryption(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.Encryption != nil {
+		if err := m.Encryption.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("encryption")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("encryption")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *CreateTenantRequest) contextValidateIdp(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.Idp != nil {
+		if err := m.Idp.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("idp")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("idp")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *CreateTenantRequest) contextValidateImageRegistry(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.ImageRegistry != nil {
+		if err := m.ImageRegistry.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("image_registry")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("image_registry")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *CreateTenantRequest) contextValidateLogSearchConfiguration(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.LogSearchConfiguration != nil {
+		if err := m.LogSearchConfiguration.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("logSearchConfiguration")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("logSearchConfiguration")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *CreateTenantRequest) contextValidatePools(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.Pools); i++ {
+
+		if m.Pools[i] != nil {
+			if err := m.Pools[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
-					return ve.ValidateName("zones" + "." + strconv.Itoa(i))
+					return ve.ValidateName("pools" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("pools" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -280,6 +439,38 @@ func (m *CreateTenantRequest) validateZones(formats strfmt.Registry) error {
 	return nil
 }
 
+func (m *CreateTenantRequest) contextValidatePrometheusConfiguration(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.PrometheusConfiguration != nil {
+		if err := m.PrometheusConfiguration.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("prometheusConfiguration")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("prometheusConfiguration")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *CreateTenantRequest) contextValidateTLS(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.TLS != nil {
+		if err := m.TLS.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("tls")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("tls")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 // MarshalBinary interface implementation
 func (m *CreateTenantRequest) MarshalBinary() ([]byte, error) {
 	if m == nil {