Release v0.14.0 (#1458)

Signed-off-by: Daniel Valdivia <18384552+dvaldivia@users.noreply.github.com>

.github/workflows/compiles.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        go-version: [1.16.x]
+        go-version: [1.17.x]
         os: [ubuntu-latest]
     steps:
       - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}

.github/workflows/crosscompile-1.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        go-version: [1.16.x]
+        go-version: [1.17.x]
         os: [ubuntu-latest]
     steps:
       - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}

.github/workflows/crosscompile-2.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        go-version: [1.16.x]
+        go-version: [1.17.x]
         os: [ubuntu-latest]
     steps:
       - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}

.github/workflows/crosscompile-3.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        go-version: [1.16.x]
+        go-version: [1.17.x]
         os: [ubuntu-latest]
     steps:
       - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}

.github/workflows/crosscompile-4.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        go-version: [1.16.x]
+        go-version: [1.17.x]
         os: [ubuntu-latest]
     steps:
       - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}

.github/workflows/crosscompile-5.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        go-version: [1.16.x]
+        go-version: [1.17.x]
         os: [ubuntu-latest]
     steps:
       - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}

.github/workflows/go-test-pkg.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        go-version: [1.16.x]
+        go-version: [1.17.x]
         os: [ubuntu-latest]
     steps:
       - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}

.github/workflows/go.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        go-version: [1.16.x]
+        go-version: [1.17.x]
         os: [ubuntu-latest]
     steps:
       - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}

.github/workflows/integration.yml

@@ -0,0 +1,63 @@
+name: Go
+
+on:
+  pull_request:
+    branches:
+      - master
+  push:
+    branches:
+      - master
+
+# This ensures that previous jobs for the PR are canceled when the PR is
+# updated.
+concurrency:
+  group: ${{ github.workflow }}-${{ github.head_ref }}
+  cancel-in-progress: true
+
+jobs:
+  minio-test:
+    name: Integration Tests with Latest Distributed MinIO
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        go-version: [1.17.x]
+
+    steps:
+      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
+        uses: actions/setup-go@v2
+        with:
+          go-version: ${{ matrix.go-version }}
+        id: go
+
+      - name: Check out code into the Go module directory
+        uses: actions/checkout@v2
+
+      # To build minio image, we need to clone the repository first
+      - name: clone https://github.com/minio/minio
+        uses: actions/checkout@master
+        with:
+
+          # Repository name with owner. For example, actions/checkout
+          # Default: ${{ github.repository }}
+          repository: minio/minio
+          
+          # Relative path under $GITHUB_WORKSPACE to place the repository
+          # To have two repositories under the same test
+          path: 'minio_repository'
+
+      - name: Build on ${{ matrix.os }}
+        run: |
+          echo "The idea is to build minio image from downloaded repository";
+          cd $GITHUB_WORKSPACE/minio_repository;
+          echo "Get git version to build MinIO Image";
+          VERSION=`git rev-parse HEAD`;
+          echo $VERSION;
+          echo "Create minio image";
+          make docker VERSION=$VERSION;
+          echo "Jumping back to console repository to run the integration test"
+          cd $GITHUB_WORKSPACE;
+          echo "We are going to use the built image on test-integration";
+          VERSION="minio/minio:$VERSION";
+          echo $VERSION;
+          make test-integration MINIO_VERSION=$VERSION;

.github/workflows/lint.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        go-version: [1.16.x]
+        go-version: [1.17.x]
         os: [ubuntu-latest]
     steps:
       - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}

.github/workflows/permissions.yml

@@ -0,0 +1,70 @@
+name: "UI"
+
+on:
+  pull_request:
+    branches:
+      - master
+  push:
+    branches:
+      - master
+
+jobs:
+  permissions:
+    name: Permissions Tests
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        go-version: [ 1.17.x ]
+        os: [ ubuntu-latest ]
+    steps:
+      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
+        uses: actions/setup-go@v2
+        with:
+          go-version: ${{ matrix.go-version }}
+        id: go
+      - uses: actions/setup-node@v2
+        with:
+          node-version: '17'
+      - name: Check out code into the Go module directory
+        uses: actions/checkout@v2
+      - uses: actions/cache@v2
+        with:
+          path: |
+            ~/.cache/go-build
+            ~/go/pkg/mod
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-go-
+      - name: Get yarn cache directory path
+        id: yarn-cache-dir-path
+        run: echo "::set-output name=dir::$(yarn cache dir)"
+
+      - uses: actions/cache@v2
+        id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
+        with:
+          path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
+          key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-yarn-
+      - name: Make assets
+        run: |
+          make assets
+      - name: Build Console on ${{ matrix.os }}
+        env:
+          GO111MODULE: on
+          GOOS: linux
+        run: |
+          make console
+
+      - name: Start Console, front-end app and initialize users/policies
+        run: |
+          (./console server) & (make initialize-permissions)
+
+      - name: Run TestCafe Tests
+        uses: DevExpress/testcafe-action@latest
+        with:
+          args: '"chrome:headless" portal-ui/tests/permissions/ --skip-js-errors '
+
+      - name: Clean up users & policies
+        run: |
+          make cleanup-permissions

.github/workflows/react-no-warnings.yml

@@ -0,0 +1,17 @@
+name: "React Code Has No Warnings"
+on:
+  push:
+  pull_request:
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Install modules
+        working-directory: ./portal-ui
+        run: yarn
+      - name: Check for Warnings in build output
+        working-directory: ./portal-ui
+        continue-on-error: false
+        run: |
+          chmod +x check-warnings.sh  && ./check-warnings.sh 

.golangci.yml

@@ -19,9 +19,17 @@ linters:
     - unparam
     - unused
     - structcheck
+    - goheader
+
+linters-settings:
+  goheader:
+    values:
+      regexp:
+        copyright-holder: Copyright \(c\) (20\d\d\-20\d\d)|2021|({{year}})
+    template-path: .license.tmpl
 
 service:
-  golangci-lint-version: 1.27.0 # use the fixed version to not introduce new linters unexpectedly
+  golangci-lint-version: 1.43.0 # use the fixed version to not introduce new linters unexpectedly
 
 issues:
   exclude-use-default: false
@@ -36,3 +44,4 @@ issues:
 run:
   skip-dirs:
     - pkg/clientgen
+    - pkg/apis/networking.gke.io

.goreleaser.yml

@@ -41,7 +41,7 @@ builds:
 
     flags:
       - -trimpath
-      - --tags=kqueue
+      - --tags=kqueue,operator
 
     ldflags:
       - -s -w -X github.com/minio/console/pkg.ReleaseTag={{.Tag}} -X github.com/minio/console/pkg.CommitID={{.FullCommit}} -X github.com/minio/console/pkg.Version={{.Version}} -X github.com/minio/console/pkg.ShortCommitID={{.ShortCommit}} -X github.com/minio/console/pkg.ReleaseTime={{.Date}}
@@ -86,7 +86,7 @@ nfpms:
 dockers:
 - image_templates:
   - "minio/console:{{ .Tag }}-amd64"
-  use_buildx: true
+  use: buildx
   goarch: amd64
   dockerfile: Dockerfile.release
   extra_files:
@@ -97,7 +97,7 @@ dockers:
   - "--build-arg=TAG={{ .Tag }}"
 - image_templates:
   - "minio/console:{{ .Tag }}-ppc64le"
-  use_buildx: true
+  use: buildx
   goarch: ppc64le
   dockerfile: Dockerfile.release
   extra_files:
@@ -108,7 +108,7 @@ dockers:
   - "--build-arg=TAG={{ .Tag }}"
 - image_templates:
   - "minio/console:{{ .Tag }}-s390x"
-  use_buildx: true
+  use: buildx
   goarch: s390x
   dockerfile: Dockerfile.release
   extra_files:
@@ -119,7 +119,7 @@ dockers:
   - "--build-arg=TAG={{ .Tag }}"
 - image_templates:
   - "minio/console:{{ .Tag }}-arm64"
-  use_buildx: true
+  use: buildx
   goarch: arm64
   goos: linux
   dockerfile: Dockerfile.release
@@ -131,7 +131,7 @@ dockers:
   - "--build-arg=TAG={{ .Tag }}"
 - image_templates:
   - "quay.io/minio/console:{{ .Tag }}-amd64"
-  use_buildx: true
+  use: buildx
   goarch: amd64
   dockerfile: Dockerfile.release
   extra_files:
@@ -142,7 +142,7 @@ dockers:
   - "--build-arg=TAG={{ .Tag }}"
 - image_templates:
   - "quay.io/minio/console:{{ .Tag }}-ppc64le"
-  use_buildx: true
+  use: buildx
   goarch: ppc64le
   dockerfile: Dockerfile.release
   extra_files:
@@ -153,7 +153,7 @@ dockers:
   - "--build-arg=TAG={{ .Tag }}"
 - image_templates:
   - "quay.io/minio/console:{{ .Tag }}-s390x"
-  use_buildx: true
+  use: buildx
   goarch: s390x
   dockerfile: Dockerfile.release
   extra_files:
@@ -164,7 +164,7 @@ dockers:
   - "--build-arg=TAG={{ .Tag }}"
 - image_templates:
   - "quay.io/minio/console:{{ .Tag }}-arm64"
-  use_buildx: true
+  use: buildx
   goarch: arm64
   goos: linux
   dockerfile: Dockerfile.release

.license.tmpl

@@ -0,0 +1,15 @@
+This file is part of MinIO Console Server
+{{copyright-holder}} MinIO, Inc.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU Affero General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU Affero General Public License for more details.
+
+You should have received a copy of the GNU Affero General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.

Dockerfile

@@ -1,4 +1,4 @@
-FROM node:10 as uilayer
+FROM node:14 as uilayer
 
 WORKDIR /app
 
@@ -8,7 +8,7 @@ RUN yarn install
 
 COPY ./portal-ui .
 
-RUN yarn install && make build-static
+RUN make build-static
 
 USER node
 

Dockerfile.assets

@@ -1,4 +1,4 @@
-FROM node:10 as uilayer
+FROM node:14 as uilayer
 
 WORKDIR /app
 

Makefile

@@ -4,13 +4,14 @@ GOPATH := $(shell go env GOPATH)
 BUILD_VERSION:=$(shell git describe --exact-match --tags $(git log -n1 --pretty='%h') 2>/dev/null || git rev-parse --abbrev-ref HEAD 2>/dev/null)
 BUILD_TIME:=$(shell date 2>/dev/null)
 TAG ?= "minio/console:$(BUILD_VERSION)-dev"
+MINIO_VERSION ?= "quay.io/minio/minio:latest"
 
 default: console
 
 .PHONY: console
 console:
 	@echo "Building Console binary to './console'"
-	@(GO111MODULE=on CGO_ENABLED=0 go build -trimpath --tags=kqueue --ldflags "-s -w" -o console ./cmd/console)
+	@(GO111MODULE=on CGO_ENABLED=0 go build -trimpath --tags=kqueue,operator --ldflags "-s -w" -o console ./cmd/console)
 
 k8sdev:
 	@docker build -t $(TAG) --build-arg build_version=$(BUILD_VERSION) --build-arg build_time='$(BUILD_TIME)' .
@@ -19,7 +20,7 @@ k8sdev:
 
 getdeps:
 	@mkdir -p ${GOPATH}/bin
-	@which golangci-lint 1>/dev/null || (echo "Installing golangci-lint" && curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(GOPATH)/bin v1.40.1)
+	@which golangci-lint 1>/dev/null || (echo "Installing golangci-lint" && curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(GOPATH)/bin v1.43.0)
 
 verifiers: getdeps fmt lint
 
@@ -61,7 +62,32 @@ swagger-operator:
 	@swagger generate server -A operator --main-package=operator --server-package=operatorapi --exclude-main -P models.Principal -f ./swagger-operator.yml -r NOTICE
 
 assets:
-	@(cd portal-ui; yarn install; make build-static; yarn prettier --write . --loglevel warn;  cd ..)
+	@(cd portal-ui; yarn install; make build-static; yarn prettier --write . --loglevel warn; cd ..)
+
+test-integration:
+	@echo "docker run with MinIO Version below:"
+	@echo $(MINIO_VERSION)
+	@(docker run -d --name minio --rm -p 9000:9000 $(MINIO_VERSION) server /data{1...4} && sleep 5)
+	@(GO111MODULE=on go test -race -v github.com/minio/console/integration/...)
+	@(docker stop minio)
+
+test-permissions:
+	@(docker run -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
+	@(env bash $(PWD)/portal-ui/tests/scripts/permissions.sh)
+	@(docker stop minio)
+
+test-apply-permissions:
+	@(env bash $(PWD)/portal-ui/tests/scripts/initialize-env.sh)
+
+test-start-docker-minio:
+	@(docker run -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
+
+initialize-permissions: test-start-docker-minio test-apply-permissions
+	@echo "Done initializing permissions test"
+
+cleanup-permissions:
+	@(env bash $(PWD)/portal-ui/tests/scripts/cleanup-env.sh)
+	@(docker stop minio)
 
 test:
 	@(GO111MODULE=on go test -race -v github.com/minio/console/restapi/...)
@@ -79,4 +105,4 @@ clean:
 	@rm -vf console
 
 docker:
-	@docker build -t $(TAG) --build-arg build_version=$(BUILD_VERSION) --build-arg build_time='$(BUILD_TIME)' .
+	@docker buildx build --output=type=docker --platform linux/amd64 -t $(TAG) --build-arg build_version=$(BUILD_VERSION) --build-arg build_time='$(BUILD_TIME)' .

README.md

@@ -53,12 +53,12 @@ docker pull minio/console
 ```
 
 ### Build from source
+> You will need a working Go environment. Therefore, please follow [How to install Go](https://golang.org/doc/install).
+> Minimum version required is go1.17
 
 ```
-GO111MODULE=on go install github.com/minio/console/cmd/console@latest
+go install github.com/minio/console/cmd/console@latest
 ```
-> You will need a working Go environment. Therefore, please follow [How to install Go](https://golang.org/doc/install).
-> Minimum version required is go1.16
 
 ## Setup
 

cluster/cluster.go

@@ -1,4 +1,4 @@
-// This file is part of MinIO Kubernetes Cloud
+// This file is part of MinIO Console Server
 // Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify

cluster/config.go

@@ -1,4 +1,4 @@
-// This file is part of MinIO Kubernetes Cloud
+// This file is part of MinIO Console Server
 // Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify

cluster/const.go

@@ -1,4 +1,4 @@
-// This file is part of MinIO Kubernetes Cloud
+// This file is part of MinIO Console Server
 // Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify

cluster/http_client.go

@@ -1,4 +1,4 @@
-// This file is part of MinIO Kubernetes Cloud
+// This file is part of MinIO Console Server
 // Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
@@ -47,7 +47,7 @@ func (c *HTTPClient) Post(url, contentType string, body io.Reader) (resp *http.R
 	return c.Client.Post(url, contentType, body)
 }
 
-// Do implements http.Client.Do()
+// Do implement http.Client.Do()
 func (c *HTTPClient) Do(req *http.Request) (*http.Response, error) {
 	return c.Client.Do(req)
 }

cmd/console/app_commands.go

@@ -0,0 +1,83 @@
+//go:build operator
+// +build operator
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package main
+
+import (
+	"os"
+	"strconv"
+	"time"
+
+	"github.com/minio/cli"
+	"github.com/minio/console/restapi"
+)
+
+var appCmds = []cli.Command{
+	serverCmd,
+	updateCmd,
+	operatorCmd,
+}
+
+// StartServer starts the console service
+func StartServer(ctx *cli.Context) error {
+	if os.Getenv("CONSOLE_OPERATOR_MODE") != "" && os.Getenv("CONSOLE_OPERATOR_MODE") == "on" {
+		return startOperatorServer(ctx)
+	}
+
+	if err := loadAllCerts(ctx); err != nil {
+		// Log this as a warning and continue running console without TLS certificates
+		restapi.LogError("Unable to load certs: %v", err)
+	}
+
+	var rctx restapi.Context
+	if err := rctx.Load(ctx); err != nil {
+		restapi.LogError("argument validation failed: %v", err)
+		return err
+	}
+
+	server, err := buildServer()
+	if err != nil {
+		restapi.LogError("Unable to initialize console server: %v", err)
+		return err
+	}
+
+	server.Host = rctx.Host
+	server.Port = rctx.HTTPPort
+	// set conservative timesout for uploads
+	server.ReadTimeout = 1 * time.Hour
+	// no timeouts for response for downloads
+	server.WriteTimeout = 0
+	restapi.Port = strconv.Itoa(server.Port)
+	restapi.Hostname = server.Host
+
+	if len(restapi.GlobalPublicCerts) > 0 {
+		// If TLS certificates are provided enforce the HTTPS schema, meaning console will redirect
+		// plain HTTP connections to HTTPS server
+		server.EnabledListeners = []string{"http", "https"}
+		server.TLSPort = rctx.HTTPSPort
+		// Need to store tls-port, tls-host un config variables so secure.middleware can read from there
+		restapi.TLSPort = strconv.Itoa(server.TLSPort)
+		restapi.Hostname = rctx.Host
+		restapi.TLSRedirect = rctx.TLSRedirect
+	}
+
+	defer server.Shutdown()
+
+	return server.Serve()
+}

cmd/console/app_commands_noop.go

@@ -0,0 +1,77 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+//go:build !operator
+// +build !operator
+
+package main
+
+import (
+	"strconv"
+	"time"
+
+	"github.com/minio/cli"
+	"github.com/minio/console/restapi"
+)
+
+var appCmds = []cli.Command{
+	serverCmd,
+	updateCmd,
+}
+
+// StartServer starts the console service
+func StartServer(ctx *cli.Context) error {
+	if err := loadAllCerts(ctx); err != nil {
+		// Log this as a warning and continue running console without TLS certificates
+		restapi.LogError("Unable to load certs: %v", err)
+	}
+
+	var rctx restapi.Context
+	if err := rctx.Load(ctx); err != nil {
+		restapi.LogError("argument validation failed: %v", err)
+		return err
+	}
+
+	server, err := buildServer()
+	if err != nil {
+		restapi.LogError("Unable to initialize console server: %v", err)
+		return err
+	}
+
+	server.Host = rctx.Host
+	server.Port = rctx.HTTPPort
+	// set conservative timesout for uploads
+	server.ReadTimeout = 1 * time.Hour
+	// no timeouts for response for downloads
+	server.WriteTimeout = 0
+	restapi.Port = strconv.Itoa(server.Port)
+	restapi.Hostname = server.Host
+
+	if len(restapi.GlobalPublicCerts) > 0 {
+		// If TLS certificates are provided enforce the HTTPS schema, meaning console will redirect
+		// plain HTTP connections to HTTPS server
+		server.EnabledListeners = []string{"http", "https"}
+		server.TLSPort = rctx.HTTPSPort
+		// Need to store tls-port, tls-host un config variables so secure.middleware can read from there
+		restapi.TLSPort = strconv.Itoa(server.TLSPort)
+		restapi.Hostname = rctx.Host
+		restapi.TLSRedirect = rctx.TLSRedirect
+	}
+
+	defer server.Shutdown()
+
+	return server.Serve()
+}

cmd/console/main.go

@@ -50,12 +50,6 @@ VERSION:
   {{.Version}}
 `
 
-var appCmds = []cli.Command{
-	serverCmd,
-	updateCmd,
-	operatorCmd,
-}
-
 func newApp(name string) *cli.App {
 	// Collection of console commands currently supported are.
 	var commands []cli.Command

cmd/console/operator.go

@@ -1,3 +1,6 @@
+//go:build operator
+// +build operator
+
 // This file is part of MinIO Console Server
 // Copyright (c) 2021 MinIO, Inc.
 //
@@ -21,6 +24,7 @@ import (
 	"io/ioutil"
 	"path/filepath"
 	"strconv"
+	"syscall"
 	"time"
 
 	"github.com/minio/console/restapi"
@@ -173,6 +177,10 @@ func loadOperatorAllCerts(ctx *cli.Context) error {
 		}
 	}
 
+	if restapi.GlobalTLSCertsManager != nil {
+		restapi.GlobalTLSCertsManager.ReloadOnSignal(syscall.SIGHUP)
+	}
+
 	return nil
 }
 
@@ -217,30 +225,5 @@ func startOperatorServer(ctx *cli.Context) error {
 
 	defer server.Shutdown()
 
-	// subnet license refresh process
-	go func() {
-		// start refreshing subnet license after 5 seconds..
-		time.Sleep(time.Second * 5)
-
-		failedAttempts := 0
-		for {
-			if err := operatorapi.RefreshLicense(); err != nil {
-				operatorapi.LogError("Refreshing subnet license failed: %v", err)
-				failedAttempts++
-				// end license refresh after 3 consecutive failed attempts
-				if failedAttempts >= 3 {
-					return
-				}
-				// wait 5 minutes and retry again
-				time.Sleep(time.Minute * 5)
-				continue
-			}
-			// if license refreshed successfully reset the counter
-			failedAttempts = 0
-			// try to refresh license every 24 hrs
-			time.Sleep(time.Hour * 24)
-		}
-	}()
-
 	return server.Serve()
 }

cmd/console/server.go

@@ -19,10 +19,8 @@ package main
 import (
 	"fmt"
 	"io/ioutil"
-	"os"
 	"path/filepath"
-	"strconv"
-	"time"
+	"syscall"
 
 	"github.com/go-openapi/loads"
 	"github.com/jessevdk/go-flags"
@@ -172,53 +170,9 @@ func loadAllCerts(ctx *cli.Context) error {
 		}
 	}
 
+	if restapi.GlobalTLSCertsManager != nil {
+		restapi.GlobalTLSCertsManager.ReloadOnSignal(syscall.SIGHUP)
+	}
+
 	return nil
 }
-
-// StartServer starts the console service
-func StartServer(ctx *cli.Context) error {
-	if os.Getenv("CONSOLE_OPERATOR_MODE") != "" && os.Getenv("CONSOLE_OPERATOR_MODE") == "on" {
-		return startOperatorServer(ctx)
-	}
-
-	if err := loadAllCerts(ctx); err != nil {
-		// Log this as a warning and continue running console without TLS certificates
-		restapi.LogError("Unable to load certs: %v", err)
-	}
-
-	var rctx restapi.Context
-	if err := rctx.Load(ctx); err != nil {
-		restapi.LogError("argument validation failed: %v", err)
-		return err
-	}
-
-	server, err := buildServer()
-	if err != nil {
-		restapi.LogError("Unable to initialize console server: %v", err)
-		return err
-	}
-
-	server.Host = rctx.Host
-	server.Port = rctx.HTTPPort
-	// set conservative timesout for uploads
-	server.ReadTimeout = 1 * time.Hour
-	// no timeouts for response for downloads
-	server.WriteTimeout = 0
-	restapi.Port = strconv.Itoa(server.Port)
-	restapi.Hostname = server.Host
-
-	if len(restapi.GlobalPublicCerts) > 0 {
-		// If TLS certificates are provided enforce the HTTPS schema, meaning console will redirect
-		// plain HTTP connections to HTTPS server
-		server.EnabledListeners = []string{"http", "https"}
-		server.TLSPort = rctx.HTTPSPort
-		// Need to store tls-port, tls-host un config variables so secure.middleware can read from there
-		restapi.TLSPort = strconv.Itoa(server.TLSPort)
-		restapi.Hostname = rctx.Host
-		restapi.TLSRedirect = rctx.TLSRedirect
-	}
-
-	defer server.Shutdown()
-
-	return server.Serve()
-}

compose/.env

@@ -1,61 +0,0 @@
-## PostgreSQL related variables
-
-# Postgres Docker image
-POSTGRES_IMAGE=library/postgres
-
-# Postgres user
-POSTGRES_USER=postgres
-
-# Postgres password
-POSTGRES_PASSWORD=magical_password
-
-# Postgres port number
-POSTGRES_PORT=5432
-
-# Postgres data directory
-PGDATA=/data/postgres
-
-
-## Logsearch related variables
-
-# Logsearch Docker image
-LOGSEARCH_IMAGE=minio/logsearchapi:v4.1.2
-
-# Logsearch storage max
-LOGSEARCH_DISK_CAPACITY_GB=5
-
-# Logsearch port number
-LOGSEARCH_PORT=8080
-
-# Log retention duration
-LOGSEARCH_MAX_RETENTION_MONTHS=1
-
-# Logsearch audit authentication token
-LOGSEARCH_AUDIT_AUTH_TOKEN=c6rkqjZ03ElEUKQ7MtSeYBJ8q_p3GDFPBQAQJlcbBLA=
-
-# Logsearch query authentication token
-LOGSEARCH_QUERY_AUTH_TOKEN=c6rkqjZ03ElEUKQ7MtSeYBJ8q_p3GDFPBQAQJlcbBLA=
-
-
-## Console related variables
-
-# Console Docker image
-CONSOLE_IMAGE=minio/console:v0.8.0
-
-# Salt to encrypt JWT payload
-CONSOLE_PBKDF_PASSPHRASE=top_secret
-
-# Required to encrypt JWT payload
-CONSOLE_PBKDF_SALT=top_secret1
-
-# MinIO Server URL
-CONSOLE_MINIO_SERVER=http://localhost:9000
-
-
-## Prometheus related variables
-
-# Prometheus Docker image
-PROMETHEUS_IMAGE=prom/prometheus:latest
-
-# Prometheus port number
-PROMETHEUS_PORT=9999

compose/README.md

@@ -1,64 +0,0 @@
-
-## Console Docker Compose
-
-This compose file allows users to quickly deploy MinIO Console, LogSearch & Prometheus in a baremetal (non Kubernetes) environment.
-
-### Pre-requisites
-
-1. [MinIO](https://docs.minio.io/docs/distributed-minio-quickstart-guide.html) cluster up and running.
-2. [mc](https://docs.minio.io/docs/minio-client-quickstart-guide.html) configured for this MinIO cluster.
-3. [Docker-Compose](https://docs.docker.com/compose/) installed on the server.
-
-### Getting Started
-
-- Download the contents of `compose` directory on your machine.
-
-- Edit the `prometheus.yaml` file and fill in the correct target (MinIO Endpoint). Optionally setup the `bearer_token` as explained [here](https://github.com/minio/minio/tree/master/docs/metrics/prometheus#31-authenticated-prometheus-config).
-
-- Setup a console admin policy.
-
-```sh
-cat > admin.json << EOF
-{
-	"Version": "2012-10-17",
-	"Statement": [{
-			"Action": [
-				"admin:*"
-			],
-			"Effect": "Allow",
-			"Sid": ""
-		},
-		{
-			"Action": [
-                "s3:*"
-			],
-			"Effect": "Allow",
-			"Resource": [
-				"arn:aws:s3:::*"
-			],
-			"Sid": ""
-		}
-	]
-}
-EOF
-```
-
-Then create this policy on MinIO server: `mc admin policy add myminio consoleAdmin admin.json`.
-
-- Setup user and policy for Console
-
-```
-mc admin user add myminio console console123
-mc admin policy set myminio consoleAdmin user=console
-```
-
-- Configure Webhook target on the MinIO server. Remember to change the `token` value in below URL to the actual token value as set in the `.env` file.
-
-```
-mc admin config set myminio audit_webhook:1 endpoint=http://localhost:8080/api/ingest?token=c6rkqjZ03ElEUKQ7MtSeYBJ8q_p3GDFPBQAQJlcbBLA=
-mc admin service restart myminio
-```
-
-### Configuration
-
-To configure the Console Compose file to custom setup, please take a look at the [`.env`](./.env) file.

compose/docker-compose.yaml

@@ -1,62 +0,0 @@
-version: '3.4'
-services:
-  pg_database:
-    image: ${POSTGRES_IMAGE}
-    network_mode: host
-    environment:
-      - POSTGRES_USER=${POSTGRES_USER}
-      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
-      - PGDATA=${PGDATA}
-      - POSTGRES_DB=minio_logs
-    volumes:
-      - database:${PGDATA}
-    ports:
-      - ${POSTGRES_PORT}:${POSTGRES_PORT}
-
-  log_search:
-    image: ${LOGSEARCH_IMAGE}
-    network_mode: host
-    environment:
-      - LOGSEARCH_AUDIT_AUTH_TOKEN=${LOGSEARCH_AUDIT_AUTH_TOKEN}
-      - LOGSEARCH_QUERY_AUTH_TOKEN=${LOGSEARCH_QUERY_AUTH_TOKEN}
-      - LOGSEARCH_DISK_CAPACITY_GB=${LOGSEARCH_DISK_CAPACITY_GB}
-      - LOGSEARCH_MAX_RETENTION_MONTHS=${LOGSEARCH_MAX_RETENTION_MONTHS}
-      - LOGSEARCH_PG_CONN_STR=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@localhost:${POSTGRES_PORT}/minio_logs?sslmode=disable
-    ports:
-      - ${LOGSEARCH_PORT}:${LOGSEARCH_PORT}
-    command: ["/usr/bin/wait-for-it.sh", "localhost:${POSTGRES_PORT}", "--", "/logsearchapi"]
-    volumes:
-      - ./wait-for-it.sh:/usr/bin/wait-for-it.sh
-    depends_on:
-      - pg_database
-
-  console:
-    image: ${CONSOLE_IMAGE}
-    network_mode: host
-    environment:
-      - CONSOLE_PBKDF_PASSPHRASE=${CONSOLE_PBKDF_PASSPHRASE}
-      - CONSOLE_PBKDF_SALT=${CONSOLE_PBKDF_SALT}
-      - LOGSEARCH_QUERY_AUTH_TOKEN=${LOGSEARCH_QUERY_AUTH_TOKEN}
-      - CONSOLE_MINIO_SERVER=${CONSOLE_MINIO_SERVER}
-      - CONSOLE_LOG_QUERY_URL=http://localhost:${LOGSEARCH_PORT}
-      - CONSOLE_PROMETHEUS_URL=http://localhost:${PROMETHEUS_PORT}
-    ports:
-      - "9090:9090"
-    command: server
-    depends_on:
-      - log_search
-      - prometheus
-
-  prometheus:
-    image: ${PROMETHEUS_IMAGE}
-    network_mode: host
-    ports:
-      - ${PROMETHEUS_PORT}:${PROMETHEUS_PORT}
-    command:
-      - --config.file=/etc/prometheus/prometheus.yml
-      - --web.listen-address=:${PROMETHEUS_PORT}
-    volumes:
-      - ./prometheus.yml:/etc/prometheus/prometheus.yml:ro
-
-volumes:
-  database:

compose/prometheus.yml

@@ -1,15 +0,0 @@
-global:
-  scrape_interval:     10s # Set the scrape interval to every 15 seconds. Default is every 1 minute.
-  evaluation_interval: 30s # Evaluate rules every 15 seconds. The default is every 1 minute.
-  # scrape_timeout is set to the global default (10s).
-
-# A scrape configuration containing exactly one endpoint to scrape:
-# Here it's Prometheus itself.
-scrape_configs:
-    # The job name is added as a label `job=<job_name>` to any timeseries scraped from this config.
-  - job_name: minio-job
-    metrics_path: /minio/v2/metrics/cluster
-    scheme: http
-    static_configs:
-    - targets:
-      - 'localhost:9000'

compose/wait-for-it.sh

@@ -1,182 +0,0 @@
-#!/usr/bin/env bash
-# Use this script to test if a given TCP host/port are available
-
-WAITFORIT_cmdname=${0##*/}
-
-echoerr() { if [[ $WAITFORIT_QUIET -ne 1 ]]; then echo "$@" 1>&2; fi }
-
-usage()
-{
-    cat << USAGE >&2
-Usage:
-    $WAITFORIT_cmdname host:port [-s] [-t timeout] [-- command args]
-    -h HOST | --host=HOST       Host or IP under test
-    -p PORT | --port=PORT       TCP port under test
-                                Alternatively, you specify the host and port as host:port
-    -s | --strict               Only execute subcommand if the test succeeds
-    -q | --quiet                Don't output any status messages
-    -t TIMEOUT | --timeout=TIMEOUT
-                                Timeout in seconds, zero for no timeout
-    -- COMMAND ARGS             Execute command with args after the test finishes
-USAGE
-    exit 1
-}
-
-wait_for()
-{
-    if [[ $WAITFORIT_TIMEOUT -gt 0 ]]; then
-        echoerr "$WAITFORIT_cmdname: waiting $WAITFORIT_TIMEOUT seconds for $WAITFORIT_HOST:$WAITFORIT_PORT"
-    else
-        echoerr "$WAITFORIT_cmdname: waiting for $WAITFORIT_HOST:$WAITFORIT_PORT without a timeout"
-    fi
-    WAITFORIT_start_ts=$(date +%s)
-    while :
-    do
-        if [[ $WAITFORIT_ISBUSY -eq 1 ]]; then
-            nc -z $WAITFORIT_HOST $WAITFORIT_PORT
-            WAITFORIT_result=$?
-        else
-            (echo -n > /dev/tcp/$WAITFORIT_HOST/$WAITFORIT_PORT) >/dev/null 2>&1
-            WAITFORIT_result=$?
-        fi
-        if [[ $WAITFORIT_result -eq 0 ]]; then
-            WAITFORIT_end_ts=$(date +%s)
-            echoerr "$WAITFORIT_cmdname: $WAITFORIT_HOST:$WAITFORIT_PORT is available after $((WAITFORIT_end_ts - WAITFORIT_start_ts)) seconds"
-            break
-        fi
-        sleep 1
-    done
-    return $WAITFORIT_result
-}
-
-wait_for_wrapper()
-{
-    # In order to support SIGINT during timeout: http://unix.stackexchange.com/a/57692
-    if [[ $WAITFORIT_QUIET -eq 1 ]]; then
-        timeout $WAITFORIT_BUSYTIMEFLAG $WAITFORIT_TIMEOUT $0 --quiet --child --host=$WAITFORIT_HOST --port=$WAITFORIT_PORT --timeout=$WAITFORIT_TIMEOUT &
-    else
-        timeout $WAITFORIT_BUSYTIMEFLAG $WAITFORIT_TIMEOUT $0 --child --host=$WAITFORIT_HOST --port=$WAITFORIT_PORT --timeout=$WAITFORIT_TIMEOUT &
-    fi
-    WAITFORIT_PID=$!
-    trap "kill -INT -$WAITFORIT_PID" INT
-    wait $WAITFORIT_PID
-    WAITFORIT_RESULT=$?
-    if [[ $WAITFORIT_RESULT -ne 0 ]]; then
-        echoerr "$WAITFORIT_cmdname: timeout occurred after waiting $WAITFORIT_TIMEOUT seconds for $WAITFORIT_HOST:$WAITFORIT_PORT"
-    fi
-    return $WAITFORIT_RESULT
-}
-
-# process arguments
-while [[ $# -gt 0 ]]
-do
-    case "$1" in
-        *:* )
-        WAITFORIT_hostport=(${1//:/ })
-        WAITFORIT_HOST=${WAITFORIT_hostport[0]}
-        WAITFORIT_PORT=${WAITFORIT_hostport[1]}
-        shift 1
-        ;;
-        --child)
-        WAITFORIT_CHILD=1
-        shift 1
-        ;;
-        -q | --quiet)
-        WAITFORIT_QUIET=1
-        shift 1
-        ;;
-        -s | --strict)
-        WAITFORIT_STRICT=1
-        shift 1
-        ;;
-        -h)
-        WAITFORIT_HOST="$2"
-        if [[ $WAITFORIT_HOST == "" ]]; then break; fi
-        shift 2
-        ;;
-        --host=*)
-        WAITFORIT_HOST="${1#*=}"
-        shift 1
-        ;;
-        -p)
-        WAITFORIT_PORT="$2"
-        if [[ $WAITFORIT_PORT == "" ]]; then break; fi
-        shift 2
-        ;;
-        --port=*)
-        WAITFORIT_PORT="${1#*=}"
-        shift 1
-        ;;
-        -t)
-        WAITFORIT_TIMEOUT="$2"
-        if [[ $WAITFORIT_TIMEOUT == "" ]]; then break; fi
-        shift 2
-        ;;
-        --timeout=*)
-        WAITFORIT_TIMEOUT="${1#*=}"
-        shift 1
-        ;;
-        --)
-        shift
-        WAITFORIT_CLI=("$@")
-        break
-        ;;
-        --help)
-        usage
-        ;;
-        *)
-        echoerr "Unknown argument: $1"
-        usage
-        ;;
-    esac
-done
-
-if [[ "$WAITFORIT_HOST" == "" || "$WAITFORIT_PORT" == "" ]]; then
-    echoerr "Error: you need to provide a host and port to test."
-    usage
-fi
-
-WAITFORIT_TIMEOUT=${WAITFORIT_TIMEOUT:-15}
-WAITFORIT_STRICT=${WAITFORIT_STRICT:-0}
-WAITFORIT_CHILD=${WAITFORIT_CHILD:-0}
-WAITFORIT_QUIET=${WAITFORIT_QUIET:-0}
-
-# Check to see if timeout is from busybox?
-WAITFORIT_TIMEOUT_PATH=$(type -p timeout)
-WAITFORIT_TIMEOUT_PATH=$(realpath $WAITFORIT_TIMEOUT_PATH 2>/dev/null || readlink -f $WAITFORIT_TIMEOUT_PATH)
-
-WAITFORIT_BUSYTIMEFLAG=""
-if [[ $WAITFORIT_TIMEOUT_PATH =~ "busybox" ]]; then
-    WAITFORIT_ISBUSY=1
-    # Check if busybox timeout uses -t flag
-    # (recent Alpine versions don't support -t anymore)
-    if timeout &>/dev/stdout | grep -q -e '-t '; then
-        WAITFORIT_BUSYTIMEFLAG="-t"
-    fi
-else
-    WAITFORIT_ISBUSY=0
-fi
-
-if [[ $WAITFORIT_CHILD -gt 0 ]]; then
-    wait_for
-    WAITFORIT_RESULT=$?
-    exit $WAITFORIT_RESULT
-else
-    if [[ $WAITFORIT_TIMEOUT -gt 0 ]]; then
-        wait_for_wrapper
-        WAITFORIT_RESULT=$?
-    else
-        wait_for
-        WAITFORIT_RESULT=$?
-    fi
-fi
-
-if [[ $WAITFORIT_CLI != "" ]]; then
-    if [[ $WAITFORIT_RESULT -ne 0 && $WAITFORIT_STRICT -eq 1 ]]; then
-        echoerr "$WAITFORIT_cmdname: strict mode, refusing to execute subprocess"
-        exit $WAITFORIT_RESULT
-    fi
-    exec "${WAITFORIT_CLI[@]}"
-else
-    exit $WAITFORIT_RESULT
-fi

go.mod

@@ -1,44 +1,155 @@
 module github.com/minio/console
 
-go 1.16
+go 1.17
 
 require (
 	github.com/blang/semver/v4 v4.0.0
 	github.com/cheggaaa/pb/v3 v3.0.6
-	github.com/coreos/go-oidc v2.2.1+incompatible
 	github.com/dustin/go-humanize v1.0.0
-	github.com/go-openapi/errors v0.19.9
-	github.com/go-openapi/loads v0.20.2
-	github.com/go-openapi/runtime v0.19.24
-	github.com/go-openapi/spec v0.20.3
-	github.com/go-openapi/strfmt v0.20.0
-	github.com/go-openapi/swag v0.19.14
-	github.com/go-openapi/validate v0.20.2
+	github.com/go-openapi/errors v0.20.1
+	github.com/go-openapi/loads v0.21.0
+	github.com/go-openapi/runtime v0.21.0
+	github.com/go-openapi/spec v0.20.4
+	github.com/go-openapi/strfmt v0.21.1
+	github.com/go-openapi/swag v0.19.15
+	github.com/go-openapi/validate v0.20.3
+	github.com/golang-jwt/jwt/v4 v4.1.0
 	github.com/gorilla/websocket v1.4.2
 	github.com/jessevdk/go-flags v1.4.0
+	github.com/klauspost/compress v1.13.6
 	github.com/minio/cli v1.22.0
 	github.com/minio/direct-csi v1.3.5-0.20210601185811-f7776f7961bf
 	github.com/minio/kes v0.11.0
-	github.com/minio/madmin-go v1.0.17
-	github.com/minio/mc v0.0.0-20210626002108-cebf3318546f
-	github.com/minio/minio-go/v7 v7.0.13-0.20210715203016-9e713532886e
-	github.com/minio/operator v0.0.0-20210616045941-65f31f5f78ae
-	github.com/minio/operator/logsearchapi v0.0.0-20210604224119-7e256f98cf90
-	github.com/minio/pkg v1.0.8
-	github.com/minio/selfupdate v0.3.1
+	github.com/minio/madmin-go v1.1.23
+	github.com/minio/mc v0.0.0-20211207230606-23a05f5a17f2
+	github.com/minio/minio-go/v7 v7.0.21
+	github.com/minio/operator v0.0.0-20220110040724-a5d59a342b7f
+	github.com/minio/pkg v1.1.14
+	github.com/minio/selfupdate v0.4.0
 	github.com/mitchellh/go-homedir v1.1.0
-	github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35 // indirect
-	github.com/rs/xid v1.2.1
+	github.com/rs/xid v1.3.0
 	github.com/secure-io/sio-go v0.3.1
 	github.com/stretchr/testify v1.7.0
-	github.com/unrolled/secure v1.0.7
-	golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b
-	golang.org/x/net v0.0.0-20210421230115-4e50805a0758
-	golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d
+	github.com/tidwall/gjson v1.10.2
+	github.com/unrolled/secure v1.0.9
+	golang.org/x/crypto v0.0.0-20211209193657-4570a0811e8b
+	golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2
+	golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c
 	gopkg.in/yaml.v2 v2.4.0
 	k8s.io/api v0.21.1
 	k8s.io/apimachinery v0.21.1
 	k8s.io/client-go v0.21.1
 )
 
+require (
+	github.com/PuerkitoBio/purell v1.1.1 // indirect
+	github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
+	github.com/StackExchange/wmi v1.2.1 // indirect
+	github.com/VividCortex/ewma v1.1.1 // indirect
+	github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef // indirect
+	github.com/beorn7/perks v1.0.1 // indirect
+	github.com/briandowns/spinner v1.16.0 // indirect
+	github.com/cespare/xxhash/v2 v2.1.2 // indirect
+	github.com/cheggaaa/pb v1.0.29 // indirect
+	github.com/coreos/go-semver v0.3.0 // indirect
+	github.com/coreos/go-systemd/v22 v22.3.2 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.0 // indirect
+	github.com/docker/go-units v0.4.0 // indirect
+	github.com/emicklei/go-restful v2.9.5+incompatible // indirect
+	github.com/evanphx/json-patch v4.9.0+incompatible // indirect
+	github.com/fatih/color v1.13.0 // indirect
+	github.com/fatih/structs v1.1.0 // indirect
+	github.com/go-logr/logr v0.4.0 // indirect
+	github.com/go-ole/go-ole v1.2.6 // indirect
+	github.com/go-openapi/analysis v0.20.1 // indirect
+	github.com/go-openapi/jsonpointer v0.19.5 // indirect
+	github.com/go-openapi/jsonreference v0.19.6 // indirect
+	github.com/go-stack/stack v1.8.0 // indirect
+	github.com/goccy/go-json v0.7.9 // indirect
+	github.com/gogo/protobuf v1.3.2 // indirect
+	github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
+	github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b // indirect
+	github.com/golang/protobuf v1.5.2 // indirect
+	github.com/google/go-cmp v0.5.5 // indirect
+	github.com/google/gofuzz v1.1.0 // indirect
+	github.com/google/uuid v1.3.0 // indirect
+	github.com/googleapis/gnostic v0.5.1 // indirect
+	github.com/hashicorp/errwrap v1.1.0 // indirect
+	github.com/hashicorp/go-multierror v1.1.1 // indirect
+	github.com/hashicorp/golang-lru v0.5.4 // indirect
+	github.com/inconshreveable/mousetrap v1.0.0 // indirect
+	github.com/josharian/intern v1.0.0 // indirect
+	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/klauspost/cpuid/v2 v2.0.9 // indirect
+	github.com/lestrrat-go/backoff/v2 v2.0.8 // indirect
+	github.com/lestrrat-go/blackmagic v1.0.0 // indirect
+	github.com/lestrrat-go/httpcc v1.0.0 // indirect
+	github.com/lestrrat-go/iter v1.0.1 // indirect
+	github.com/lestrrat-go/jwx v1.2.7 // indirect
+	github.com/lestrrat-go/option v1.0.0 // indirect
+	github.com/mailru/easyjson v0.7.6 // indirect
+	github.com/mattn/go-colorable v0.1.10 // indirect
+	github.com/mattn/go-ieproxy v0.0.1 // indirect
+	github.com/mattn/go-isatty v0.0.14 // indirect
+	github.com/mattn/go-runewidth v0.0.13 // indirect
+	github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect
+	github.com/mb0/glob v0.0.0-20160210091149-1eb79d2de6c4 // indirect
+	github.com/minio/argon2 v1.0.0 // indirect
+	github.com/minio/colorjson v1.0.1 // indirect
+	github.com/minio/filepath v1.0.0 // indirect
+	github.com/minio/md5-simd v1.1.2 // indirect
+	github.com/minio/sha256-simd v1.0.0 // indirect
+	github.com/mitchellh/mapstructure v1.4.1 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
+	github.com/nxadm/tail v1.4.8 // indirect
+	github.com/oklog/ulid v1.3.1 // indirect
+	github.com/philhofer/fwd v1.1.1 // indirect
+	github.com/pkg/errors v0.9.1 // indirect
+	github.com/pkg/profile v1.6.0 // indirect
+	github.com/pkg/xattr v0.4.3 // indirect
+	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
+	github.com/posener/complete v1.2.3 // indirect
+	github.com/prometheus/client_golang v1.11.0 // indirect
+	github.com/prometheus/client_model v0.2.0 // indirect
+	github.com/prometheus/common v0.31.1 // indirect
+	github.com/prometheus/procfs v0.7.3 // indirect
+	github.com/rivo/uniseg v0.2.0 // indirect
+	github.com/rjeczalik/notify v0.9.2 // indirect
+	github.com/shirou/gopsutil/v3 v3.21.8 // indirect
+	github.com/sirupsen/logrus v1.8.1 // indirect
+	github.com/tidwall/match v1.1.1 // indirect
+	github.com/tidwall/pretty v1.2.0 // indirect
+	github.com/tinylib/msgp v1.1.6 // indirect
+	github.com/tklauser/go-sysconf v0.3.9 // indirect
+	github.com/tklauser/numcpus v0.3.0 // indirect
+	go.etcd.io/etcd/api/v3 v3.5.0 // indirect
+	go.etcd.io/etcd/client/pkg/v3 v3.5.0 // indirect
+	go.etcd.io/etcd/client/v3 v3.5.0 // indirect
+	go.mongodb.org/mongo-driver v1.7.5 // indirect
+	go.uber.org/atomic v1.9.0 // indirect
+	go.uber.org/multierr v1.7.0 // indirect
+	go.uber.org/zap v1.19.1 // indirect
+	golang.org/x/sys v0.0.0-20211015200801-69063c4bb744 // indirect
+	golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect
+	golang.org/x/text v0.3.7 // indirect
+	golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba // indirect
+	google.golang.org/appengine v1.6.6 // indirect
+	google.golang.org/genproto v0.0.0-20210928142010-c7af6a1a74c9 // indirect
+	google.golang.org/grpc v1.41.0 // indirect
+	google.golang.org/protobuf v1.27.1 // indirect
+	gopkg.in/h2non/filetype.v1 v1.0.5 // indirect
+	gopkg.in/inf.v0 v0.9.1 // indirect
+	gopkg.in/ini.v1 v1.63.2 // indirect
+	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
+	k8s.io/klog/v2 v2.8.0 // indirect
+	k8s.io/kube-openapi v0.0.0-20210305001622-591a79e4bda7 // indirect
+	k8s.io/utils v0.0.0-20201110183641-67b214c5f920 // indirect
+	maze.io/x/duration v0.0.0-20160924141736-faac084b6075 // indirect
+	sigs.k8s.io/controller-runtime v0.8.0 // indirect
+	sigs.k8s.io/structured-merge-diff/v4 v4.1.0 // indirect
+	sigs.k8s.io/yaml v1.2.0 // indirect
+)
+
 replace google.golang.org/grpc => google.golang.org/grpc v1.29.1

hack/header.go.txt

@@ -13,11 +13,3 @@
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package acl
-
-const (
-	consoleOperatorMode = "CONSOLE_OPERATOR_MODE"
-	// const for ldap configuration
-	ConsoleLDAPEnabled = "CONSOLE_LDAP_ENABLED"
-)

hack/update-codegen.sh

@@ -1,18 +1,4 @@
 #!/bin/bash
-#
-# Copyright 2020 Google LLC
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     https://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
 
 set -o errexit
 set -o nounset
@@ -20,10 +6,7 @@ set -o pipefail
 
 SCRIPT_ROOT=$(dirname ${BASH_SOURCE})/..
 
-go get -d k8s.io/code-generator/...
-
-# Checkout code-generator to compatible version
-#(cd $GOPATH/src/k8s.io/code-generator && git checkout origin/release-1.14 -B release-1.14)
+GO111MODULE=off go get -d k8s.io/code-generator/...
 
 REPOSITORY=github.com/minio/console
 $GOPATH/src/k8s.io/code-generator/generate-groups.sh all \

integration/buckets_test.go

@@ -0,0 +1,876 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package integration
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"log"
+	"net/http"
+	"os"
+	"strconv"
+	"strings"
+	"testing"
+	"time"
+
+	"github.com/go-openapi/loads"
+	"github.com/minio/console/restapi"
+	"github.com/minio/console/restapi/operations"
+
+	"github.com/minio/console/models"
+
+	"github.com/stretchr/testify/assert"
+)
+
+var token string
+
+func inspectHTTPResponse(httpResponse *http.Response) string {
+	/*
+		Helper function to inspect the content of a HTTP response.
+	*/
+	b, err := io.ReadAll(httpResponse.Body)
+	if err != nil {
+		log.Fatalln(err)
+	}
+	return "Http Response: " + string(b)
+}
+
+func printMessage(message string) {
+	/*
+		Helper function to print HTTP response.
+	*/
+	fmt.Println(message)
+}
+
+func initConsoleServer() (*restapi.Server, error) {
+
+	//os.Setenv("CONSOLE_MINIO_SERVER", "localhost:9000")
+
+	swaggerSpec, err := loads.Embedded(restapi.SwaggerJSON, restapi.FlatSwaggerJSON)
+	if err != nil {
+		return nil, err
+	}
+
+	noLog := func(string, ...interface{}) {
+		// nothing to log
+	}
+
+	// Initialize MinIO loggers
+	restapi.LogInfo = noLog
+	restapi.LogError = noLog
+
+	api := operations.NewConsoleAPI(swaggerSpec)
+	api.Logger = noLog
+
+	server := restapi.NewServer(api)
+	// register all APIs
+	server.ConfigureAPI()
+
+	//restapi.GlobalRootCAs, restapi.GlobalPublicCerts, restapi.GlobalTLSCertsManager = globalRootCAs, globalPublicCerts, globalTLSCerts
+
+	consolePort, _ := strconv.Atoi("9090")
+
+	server.Host = "0.0.0.0"
+	server.Port = consolePort
+	restapi.Port = "9090"
+	restapi.Hostname = "0.0.0.0"
+
+	return server, nil
+}
+
+func TestMain(m *testing.M) {
+
+	// start console server
+	go func() {
+		fmt.Println("start server")
+		srv, err := initConsoleServer()
+		if err != nil {
+			log.Println(err)
+			log.Println("init fail")
+			return
+		}
+		srv.Serve()
+
+	}()
+
+	fmt.Println("sleeping")
+	time.Sleep(2 * time.Second)
+
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	// get login credentials
+
+	requestData := map[string]string{
+		"accessKey": "minioadmin",
+		"secretKey": "minioadmin",
+	}
+
+	requestDataJSON, _ := json.Marshal(requestData)
+
+	requestDataBody := bytes.NewReader(requestDataJSON)
+
+	request, err := http.NewRequest("POST", "http://localhost:9090/api/v1/login", requestDataBody)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	request.Header.Add("Content-Type", "application/json")
+
+	response, err := client.Do(request)
+
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	if response != nil {
+		for _, cookie := range response.Cookies() {
+			if cookie.Name == "token" {
+				token = cookie.Value
+				break
+			}
+		}
+	}
+
+	if token == "" {
+		log.Println("authentication token not found in cookies response")
+		return
+	}
+
+	code := m.Run()
+
+	requestDataAdd := map[string]interface{}{
+		"name": "test1",
+	}
+
+	requestDataJSON, _ = json.Marshal(requestDataAdd)
+
+	requestDataBody = bytes.NewReader(requestDataJSON)
+
+	// get list of buckets
+	request, err = http.NewRequest("DELETE", "http://localhost:9090/api/v1/buckets/test1", requestDataBody)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	response, err = client.Do(request)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	if response != nil {
+		fmt.Println("DELETE StatusCode:", response.StatusCode)
+	}
+
+	os.Exit(code)
+}
+
+func AddBucket(name string, locking bool, versioning bool, quota map[string]interface{}, retention map[string]interface{}) (*http.Response, error) {
+	/*
+	   This is an atomic function that we can re-use to create a bucket on any
+	   desired test.
+	*/
+	// Needed Parameters for API Call
+	requestDataAdd := map[string]interface{}{
+		"name":       name,
+		"locking":    locking,
+		"versioning": versioning,
+		"quota":      quota,
+		"retention":  retention,
+	}
+
+	// Creating the Call by adding the URL and Headers
+	requestDataJSON, _ := json.Marshal(requestDataAdd)
+	requestDataBody := bytes.NewReader(requestDataJSON)
+	request, err := http.NewRequest("POST", "http://localhost:9090/api/v1/buckets", requestDataBody)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	// Performing the call
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func ListBuckets() (*http.Response, error) {
+	/*
+		Helper function to list buckets
+		HTTP Verb: GET
+		{{baseUrl}}/buckets?sort_by=proident velit&offset=-5480083&limit=-5480083
+	*/
+	request, err := http.NewRequest(
+		"GET", "http://localhost:9090/api/v1/buckets", nil)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func BucketInfo(name string) (*http.Response, error) {
+	/*
+		Helper function to test Bucket Info End Point
+		GET: {{baseUrl}}/buckets/:name
+	*/
+	bucketInformationRequest, bucketInformationError := http.NewRequest(
+		"GET", "http://localhost:9090/api/v1/buckets/"+name, nil)
+	if bucketInformationError != nil {
+		log.Println(bucketInformationError)
+	}
+	bucketInformationRequest.Header.Add("Cookie",
+		fmt.Sprintf("token=%s", token))
+	bucketInformationRequest.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(bucketInformationRequest)
+	return response, err
+}
+
+func PutBucketsTags(bucketName string, tags map[string]string) (*http.Response, error) {
+	/*
+		Helper function to put bucket's tags.
+		PUT: {{baseUrl}}/buckets/:bucket_name/tags
+		{
+			"tags": {}
+		}
+	*/
+	requestDataAdd := map[string]interface{}{
+		"tags": tags,
+	}
+	requestDataJSON, _ := json.Marshal(requestDataAdd)
+	requestDataBody := bytes.NewReader(requestDataJSON)
+	request, err := http.NewRequest("PUT",
+		"http://localhost:9090/api/v1/buckets/"+bucketName+"/tags",
+		requestDataBody)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func SetBucketRetention(bucketName string, mode string, unit string, validity int) (*http.Response, error) {
+	/*
+		Helper function to set bucket's retention
+		PUT: {{baseUrl}}/buckets/:bucket_name/retention
+		{
+			"mode":"compliance",
+			"unit":"years",
+			"validity":2
+		}
+	*/
+	requestDataAdd := map[string]interface{}{
+		"mode":     mode,
+		"unit":     unit,
+		"validity": validity,
+	}
+	requestDataJSON, _ := json.Marshal(requestDataAdd)
+	requestDataBody := bytes.NewReader(requestDataJSON)
+	request, err := http.NewRequest("PUT",
+		"http://localhost:9090/api/v1/buckets/"+bucketName+"/retention",
+		requestDataBody)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func GetBucketRetention(bucketName string) (*http.Response, error) {
+	/*
+		Helper function to get the bucket's retention
+	*/
+	request, err := http.NewRequest("GET",
+		"http://localhost:9090/api/v1/buckets/"+bucketName+"/retention",
+		nil)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
+func TestAddBucket(t *testing.T) {
+	assert := assert.New(t)
+
+	response, err := AddBucket("test1", false, false, nil, nil)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	if response != nil {
+		assert.Equal(201, response.StatusCode, "Status Code is incorrect")
+	}
+}
+
+func TestAddBucketLocking(t *testing.T) {
+	/*
+		This function is to test that locking can't be activated if versioning
+		is not enabled.
+		Then, locking will be activated because versioning is activated as well.
+	*/
+	assert := assert.New(t)
+
+	/*
+		This is invalid, versioning has to be true for locking to be true, but
+		test will see and make sure this is not allowed and that we get proper
+		error for this scenario.
+	*/
+	response, err := AddBucket("test1", true, false, nil, nil)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	if response != nil {
+		assert.Equal(400, response.StatusCode, "400 is expected for this test")
+	}
+
+	msg := "TestAddBucketLocking(): Valid scenario versioning true locking true"
+	fmt.Println(msg)
+
+	/*
+		This is valid, versioning is true, then locking can be true as well.
+	*/
+	response, err = AddBucket("thujun", true, true, nil, nil)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	// Verification part, bucket should be created with versioning enabled and
+	// locking enabled, we expect 201 when created.
+	if response != nil {
+		assert.Equal(201, response.StatusCode, "201 is expected for this test")
+	}
+
+	defer response.Body.Close()
+
+	/*
+		To convert an HTTP response body to a string in Go, so you can read the
+		error from the API in case the bucket is invalid for some reason
+	*/
+	b, err := io.ReadAll(response.Body)
+	if err != nil {
+		log.Fatalln(err)
+	}
+	fmt.Println(string(b))
+
+}
+
+func TestGetBucket(t *testing.T) {
+	assert := assert.New(t)
+
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+
+	response, err := AddBucket("test3", false, false, nil, nil)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	// get bucket
+	request, err := http.NewRequest("GET", "http://localhost:9090/api/v1/buckets/test3", nil)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	response, err = client.Do(request)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	if response != nil {
+		assert.Equal(200, response.StatusCode, "Status Code is incorrect")
+	}
+}
+
+func TestSetBucketTags(t *testing.T) {
+	assert := assert.New(t)
+
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+
+	// put bucket
+	response, err := AddBucket("test4", false, false, nil, nil)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	requestDataTags := map[string]interface{}{
+		"tags": map[string]interface{}{
+			"test": "TAG",
+		},
+	}
+
+	requestTagsJSON, _ := json.Marshal(requestDataTags)
+
+	requestTagsBody := bytes.NewBuffer(requestTagsJSON)
+
+	request, err := http.NewRequest(http.MethodPut, "http://localhost:9090/api/v1/buckets/test4/tags", requestTagsBody)
+	request.Close = true
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	response, err = client.Do(request)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	// get bucket
+	request, err = http.NewRequest("GET", "http://localhost:9090/api/v1/buckets/test4", nil)
+	request.Close = true
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	response, err = client.Do(request)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	bodyBytes, _ := ioutil.ReadAll(response.Body)
+
+	bucket := models.Bucket{}
+	err = json.Unmarshal(bodyBytes, &bucket)
+	if err != nil {
+		log.Println(err)
+	}
+
+	assert.Equal("TAG", bucket.Details.Tags["test"], "Failed to add tag")
+}
+
+func TestBucketVersioning(t *testing.T) {
+	assert := assert.New(t)
+
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+
+	request, err := http.NewRequest("GET", "http://localhost:9090/api/v1/session", nil)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+
+	response, err := client.Do(request)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	var distributedSystem bool
+
+	if response != nil {
+
+		bodyBytes, _ := ioutil.ReadAll(response.Body)
+
+		sessionResponse := models.SessionResponse{}
+		err = json.Unmarshal(bodyBytes, &sessionResponse)
+		if err != nil {
+			log.Println(err)
+		}
+
+		distributedSystem = sessionResponse.DistributedMode
+
+	}
+
+	requestDataVersioning := map[string]interface{}{
+		"name":       "test2",
+		"versioning": true,
+		"locking":    false,
+	}
+
+	requestDataJSON, _ := json.Marshal(requestDataVersioning)
+
+	requestDataBody := bytes.NewReader(requestDataJSON)
+
+	response, err = AddBucket("test2", true, false, nil, nil)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	fmt.Println("Versioned bucket creation test status:", response.Status)
+	if distributedSystem {
+		assert.Equal(201, response.StatusCode, "Versioning test Status Code is incorrect - bucket failed to create")
+	} else {
+		assert.NotEqual(201, response.StatusCode, "Versioning test Status Code is incorrect -  versioned bucket created on non-distributed system")
+	}
+
+	request, error := http.NewRequest("DELETE", "http://localhost:9090/api/v1/buckets/test2", requestDataBody)
+	if error != nil {
+		log.Println(error)
+		return
+	}
+
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	response, err = client.Do(request)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	if response != nil {
+		fmt.Println("DELETE StatusCode:", response.StatusCode)
+	}
+
+}
+
+func TestBucketsGet(t *testing.T) {
+	assert := assert.New(t)
+
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+
+	// get list of buckets
+	request, err := http.NewRequest("GET", "http://localhost:9090/api/v1/buckets", nil)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+
+	response, err := client.Do(request)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	if response != nil {
+		assert.Equal(200, response.StatusCode, "Status Code is incorrect")
+		bodyBytes, _ := ioutil.ReadAll(response.Body)
+
+		listBuckets := models.ListBucketsResponse{}
+		err = json.Unmarshal(bodyBytes, &listBuckets)
+		if err != nil {
+			log.Println(err)
+			assert.Nil(err)
+		}
+
+		assert.Greater(len(listBuckets.Buckets), 0, "No bucket was returned")
+		assert.Greater(listBuckets.Total, int64(0), "Total buckets is 0")
+
+	}
+
+}
+
+func TestListBuckets(t *testing.T) {
+	/*
+		Test the list of buckets without query parameters.
+	*/
+	assert := assert.New(t)
+
+	// 1. Create buckets
+	var numberOfBuckets = 3
+	for i := 1; i <= numberOfBuckets; i++ {
+		response, err := AddBucket(
+			"testlistbuckets"+strconv.Itoa(i), false, false, nil, nil)
+		assert.Nil(err)
+		if err != nil {
+			log.Println(err)
+			assert.Fail("Error creating the buckets")
+			return
+		}
+		if response != nil {
+			b, err := io.ReadAll(response.Body)
+			if err != nil {
+				log.Fatalln(err)
+			}
+			assert.Equal(201, response.StatusCode,
+				"Status Code is incorrect: "+string(b)+
+					" Bucket name: TestListBuckets"+strconv.Itoa(i))
+		}
+	}
+
+	// 2. List buckets
+	listBucketsResponse, listBucketsError := ListBuckets()
+	assert.Nil(listBucketsError)
+	if listBucketsError != nil {
+		log.Println(listBucketsError)
+		assert.Fail("Error listing the buckets")
+		return
+	}
+
+	// 3. Verify list of buckets
+	b, err := io.ReadAll(listBucketsResponse.Body)
+	if listBucketsResponse != nil {
+		if err != nil {
+			log.Fatalln(err)
+		}
+		assert.Equal(200, listBucketsResponse.StatusCode,
+			"Status Code is incorrect: "+string(b))
+	}
+	for i := 1; i <= numberOfBuckets; i++ {
+		assert.True(strings.Contains(string(b),
+			"testlistbuckets"+strconv.Itoa(i)))
+	}
+}
+
+func TestBucketInformationSuccessfulResponse(t *testing.T) {
+	/*
+		Test Bucket Info End Point with a Successful Response.
+	*/
+
+	// 1. Create the bucket
+	assert := assert.New(t)
+	response, err := AddBucket("bucketinformation1", false, false, nil, nil)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	if response != nil {
+		assert.Equal(201, response.StatusCode, inspectHTTPResponse(response))
+	}
+
+	// 2. Add a tag to the bucket
+	tags := make(map[string]string)
+	tags["tag1"] = "tag1"
+	putBucketTagResponse, putBucketTagError := PutBucketsTags(
+		"bucketinformation1", tags)
+	if putBucketTagError != nil {
+		log.Println(putBucketTagError)
+		assert.Fail("Error creating the bucket")
+		return
+	}
+	if putBucketTagResponse != nil {
+		assert.Equal(
+			200, putBucketTagResponse.StatusCode,
+			inspectHTTPResponse(putBucketTagResponse))
+	}
+
+	// 3. Get the information
+	bucketInfoResponse, bucketInfoError := BucketInfo("bucketinformation1")
+	if bucketInfoError != nil {
+		log.Println(bucketInfoError)
+		assert.Fail("Error getting the bucket information")
+		return
+	}
+	debugResponse := inspectHTTPResponse(bucketInfoResponse) // call it once
+	if bucketInfoResponse != nil {
+		assert.Equal(200, bucketInfoResponse.StatusCode,
+			debugResponse)
+	}
+	printMessage(debugResponse)
+
+	// 4. Verify the information
+	assert.True(
+		strings.Contains(debugResponse, "bucketinformation1"),
+		inspectHTTPResponse(bucketInfoResponse))
+	assert.True(
+		strings.Contains(debugResponse, "tag1"),
+		inspectHTTPResponse(bucketInfoResponse))
+}
+
+func TestBucketInformationGenericErrorResponse(t *testing.T) {
+	/*
+		Test Bucket Info End Point with a Generic Error Response.
+	*/
+	// 1. Create the bucket
+	assert := assert.New(t)
+	response, err := AddBucket("bucketinformation2", false, false, nil, nil)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		assert.Fail("Error creating the bucket")
+		return
+	}
+	if response != nil {
+		assert.Equal(201, response.StatusCode, inspectHTTPResponse(response))
+	}
+
+	// 2. Add a tag to the bucket
+	tags := make(map[string]string)
+	tags["tag2"] = "tag2"
+	putBucketTagResponse, putBucketTagError := PutBucketsTags(
+		"bucketinformation2", tags)
+	if putBucketTagError != nil {
+		log.Println(putBucketTagError)
+		assert.Fail("Error creating the bucket")
+		return
+	}
+	if putBucketTagResponse != nil {
+		assert.Equal(
+			200, putBucketTagResponse.StatusCode,
+			inspectHTTPResponse(putBucketTagResponse))
+	}
+
+	// 3. Get the information
+	bucketInfoResponse, bucketInfoError := BucketInfo("bucketinformation3")
+	if bucketInfoError != nil {
+		log.Println(bucketInfoError)
+		assert.Fail("Error getting the bucket information")
+		return
+	}
+	finalResponse := inspectHTTPResponse(bucketInfoResponse)
+	if bucketInfoResponse != nil {
+		assert.Equal(200, bucketInfoResponse.StatusCode)
+	}
+
+	// 4. Verify the information
+	// Since bucketinformation3 hasn't been created, then it is expected that
+	// tag2 is not part of the response, this is why assert.False is used.
+	assert.False(strings.Contains(finalResponse, "tag2"), finalResponse)
+}
+
+func TestBucketRetention(t *testing.T) {
+	/*
+		To test bucket retention feature
+	*/
+	// 1. Create the bucket with 2 years validity retention
+	assert := assert.New(t)
+	/*
+		{
+			"name":"setbucketretention1",
+			"versioning":true,
+			"locking":true,
+			"retention":
+				{
+					"mode":"compliance",
+					"unit":"years",
+					"validity":2
+				}
+		}
+	*/
+	retention := make(map[string]interface{})
+	retention["mode"] = "compliance"
+	retention["unit"] = "years"
+	retention["validity"] = 2
+	response, err := AddBucket("setbucketretention1", true, true, nil, retention)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		assert.Fail("Error creating the bucket")
+		return
+	}
+	if response != nil {
+		assert.Equal(201, response.StatusCode, inspectHTTPResponse(response))
+	}
+
+	// 2. Set the bucket's retention from 2 years to 3 years
+	setBucketRetentionResponse, setBucketRetentionError := SetBucketRetention(
+		"setbucketretention1",
+		"compliance",
+		"years",
+		3,
+	)
+	assert.Nil(setBucketRetentionError)
+	if setBucketRetentionError != nil {
+		log.Println(setBucketRetentionError)
+		assert.Fail("Error creating the bucket")
+		return
+	}
+	if setBucketRetentionResponse != nil {
+		assert.Equal(200, setBucketRetentionResponse.StatusCode,
+			inspectHTTPResponse(setBucketRetentionResponse))
+	}
+
+	// 3. Verify the bucket's retention was properly set.
+	getBucketRetentionResponse, getBucketRetentionError := GetBucketRetention(
+		"setbucketretention1",
+	)
+	assert.Nil(getBucketRetentionError)
+	if getBucketRetentionError != nil {
+		log.Println(getBucketRetentionError)
+		assert.Fail("Error creating the bucket")
+		return
+	}
+	finalResponse := inspectHTTPResponse(getBucketRetentionResponse)
+	if getBucketRetentionResponse != nil {
+		assert.Equal(
+			200,
+			getBucketRetentionResponse.StatusCode,
+			finalResponse,
+		)
+	}
+	expected := "Http Response: {\"mode\":\"compliance\",\"unit\":\"years\",\"validity\":3}\n"
+	assert.Equal(expected, finalResponse, finalResponse)
+}

integration/login_test.go

@@ -0,0 +1,71 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package integration
+
+import (
+	"encoding/json"
+	"io/ioutil"
+	"log"
+	"net/http"
+	"testing"
+	"time"
+
+	"github.com/minio/console/models"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestLoginStrategy(t *testing.T) {
+	assert := assert.New(t)
+
+	// image for now:
+	// minio: 9000
+	// console: 9090
+
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	// copy query params
+	request, err := http.NewRequest("GET", "http://localhost:9090/api/v1/login", nil)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	response, err := client.Do(request)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	if response != nil {
+		bodyBytes, _ := ioutil.ReadAll(response.Body)
+
+		loginDetails := models.LoginDetails{}
+
+		err = json.Unmarshal(bodyBytes, &loginDetails)
+		if err != nil {
+			log.Println(err)
+		}
+		assert.Nil(err)
+
+		assert.Equal(models.LoginDetailsLoginStrategyForm, loginDetails.LoginStrategy, "Login Details don't match")
+
+	}
+
+}

integration/users_test.go

@@ -0,0 +1,502 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package integration
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io"
+	"log"
+	"net/http"
+	"strconv"
+	"strings"
+	"testing"
+	"time"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func AddUser(accessKey string, secretKey string, groups []string, policies []string) (*http.Response, error) {
+	/*
+		This is an atomic function to add user and can be reused across
+		different functions.
+	*/
+	client := &http.Client{
+		Timeout: 3 * time.Second,
+	}
+
+	fmt.Println(".......................TestAddUser(): Create Data to add user")
+	requestDataAdd := map[string]interface{}{
+		"accessKey": accessKey,
+		"secretKey": secretKey,
+		"groups":    groups,
+		"policies":  policies,
+	}
+
+	fmt.Println("..............................TestAddUser(): Prepare the POST")
+	requestDataJSON, _ := json.Marshal(requestDataAdd)
+	requestDataBody := bytes.NewReader(requestDataJSON)
+	request, err := http.NewRequest(
+		"POST", "http://localhost:9090/api/v1/users", requestDataBody)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	fmt.Println(".................................TestAddUser(): Make the POST")
+	response, err := client.Do(request)
+	return response, err
+}
+
+func DeleteUser(userName string) (*http.Response, error) {
+	/*
+		This is an atomic function to delete user and can be reused across
+		different functions.
+	*/
+	client := &http.Client{
+		Timeout: 3 * time.Second,
+	}
+	fmt.Println("...................................TestAddUser(): Remove user")
+	request, err := http.NewRequest(
+		"DELETE", "http://localhost:9090/api/v1/user?name="+userName, nil)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	fmt.Println("...............................TestAddUser(): Make the DELETE")
+	response, err := client.Do(request)
+	return response, err
+}
+
+func ListUsers(offset string, limit string) (*http.Response, error) {
+	/*
+		This is an atomic function to list users.
+		{{baseUrl}}/users?offset=-5480083&limit=-5480083
+	*/
+	client := &http.Client{
+		Timeout: 3 * time.Second,
+	}
+	fmt.Println("...................................TestAddUser(): Remove user")
+	request, err := http.NewRequest(
+		"GET",
+		"http://localhost:9090/api/v1/users?offset="+offset+"&limit="+limit,
+		nil)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	fmt.Println("...............................TestAddUser(): Make the DELETE")
+	response, err := client.Do(request)
+	return response, err
+}
+
+func GetUserInformation(userName string) (*http.Response, error) {
+	/*
+		Helper function to get user information via API:
+		{{baseUrl}}/user?name=proident velit
+	*/
+	client := &http.Client{
+		Timeout: 3 * time.Second,
+	}
+	request, err := http.NewRequest(
+		"GET",
+		"http://localhost:9090/api/v1/user?name="+userName,
+		nil)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	response, err := client.Do(request)
+	return response, err
+}
+
+func UpdateUserInformation(name string, status string, groups []string) (*http.Response, error) {
+	/*
+		Helper function to update user information:
+		PUT: {{baseUrl}}/user?name=proident velit
+		Body:
+		{
+			"status": "nisi voluptate amet ea",
+			"groups": [
+				"ipsum eu cupidatat",
+				"aliquip non nulla"
+			]
+		}
+	*/
+	client := &http.Client{
+		Timeout: 3 * time.Second,
+	}
+	requestDataAdd := map[string]interface{}{
+		"status": status,
+		"groups": groups,
+	}
+	requestDataJSON, _ := json.Marshal(requestDataAdd)
+	requestDataBody := bytes.NewReader(requestDataJSON)
+	request, err := http.NewRequest(
+		"PUT", "http://localhost:9090/api/v1/user?name="+name, requestDataBody)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	response, err := client.Do(request)
+	return response, err
+}
+
+func RemoveUser(name string) (*http.Response, error) {
+	/*
+		Helper function to remove user.
+		DELETE: {{baseUrl}}/user?name=proident velit
+	*/
+	client := &http.Client{
+		Timeout: 3 * time.Second,
+	}
+	request, err := http.NewRequest(
+		"DELETE", "http://localhost:9090/api/v1/user?name="+name, nil)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	response, err := client.Do(request)
+	return response, err
+}
+
+func TestAddUser(t *testing.T) {
+	/*
+		This is an API Test to add a user via api/v1/users, the intention
+		is simple, add a user and make sure the response is 201 meaning that the
+		user got added successfully.
+		After test completion, it is expected that user is removed, so other
+		tests like users.ts can run over clean data and we don't collide against
+		it.
+	*/
+
+	assert := assert.New(t)
+
+	// With no groups & no policies
+	var groups = []string{}
+	var policies = []string{}
+
+	fmt.Println(".................................TestAddUser(): Make the POST")
+	response, err := AddUser("accessKey", "secretKey", groups, policies)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	fmt.Println("..................................TestAddUser(): Verification")
+	fmt.Println(".................................TestAddUser(): POST response")
+	fmt.Println(response)
+	fmt.Println("....................................TestAddUser(): POST error")
+	fmt.Println(err)
+	if response != nil {
+		fmt.Println("POST StatusCode:", response.StatusCode)
+		assert.Equal(201, response.StatusCode, "Status Code is incorrect")
+	}
+
+	response, err = DeleteUser("accessKey")
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	fmt.Println("..................................TestAddUser(): Verification")
+	fmt.Println("...............................TestAddUser(): DELETE response")
+	fmt.Println(response)
+	fmt.Println("..................................TestAddUser(): DELETE error")
+	fmt.Println(err)
+	if response != nil {
+		fmt.Println("DELETE StatusCode:", response.StatusCode)
+		assert.Equal(204, response.StatusCode, "has to be 204 when delete user")
+	}
+
+}
+
+func TestListUsers(t *testing.T) {
+	/*
+		This test is intended to list users via API.
+		1. First, it creates the users
+		2. Then, it lists the users <------ 200 is expected when listing them.
+		3. Finally, it deletes the users
+	*/
+
+	assert := assert.New(t)
+
+	// With no groups & no policies
+	var groups = []string{}
+	var policies = []string{}
+
+	// 1. Create the users
+	numberOfUsers := 5
+	for i := 1; i < numberOfUsers; i++ {
+		fmt.Println("............................TestListUsers(): Adding users")
+		fmt.Println(strconv.Itoa(i) + "accessKey" + strconv.Itoa(i))
+		response, err := AddUser(
+			strconv.Itoa(i)+"accessKey"+strconv.Itoa(i),
+			"secretKey"+strconv.Itoa(i), groups, policies)
+		if err != nil {
+			log.Println(err)
+			return
+		}
+		fmt.Println("............................TestListUsers(): Verification")
+		fmt.Println("...........................TestListUsers(): POST response")
+		fmt.Println(response)
+		fmt.Println("..............................TestListUsers(): POST error")
+		fmt.Println(err)
+		if response != nil {
+			fmt.Println("POST StatusCode:", response.StatusCode)
+			assert.Equal(201, response.StatusCode,
+				"Status Code is incorrect on index: "+strconv.Itoa(i))
+		}
+
+		b, err := io.ReadAll(response.Body)
+		if err != nil {
+			log.Fatalln(err)
+		}
+		fmt.Println(string(b))
+	}
+
+	// 2. List the users
+	listResponse, listError := ListUsers("-5480083", "-5480083")
+	if listError != nil {
+		log.Fatalln(listError)
+	}
+	if listResponse != nil {
+		fmt.Println("POST StatusCode:", listResponse.StatusCode)
+		assert.Equal(200, listResponse.StatusCode,
+			"TestListUsers(): Status Code is incorrect when listing users")
+	}
+	b, err := io.ReadAll(listResponse.Body)
+	if err != nil {
+		log.Fatalln(err)
+	}
+	fmt.Println(string(b))
+
+	// 3. Delete the users
+	for i := 1; i < numberOfUsers; i++ {
+		response, err := DeleteUser(
+			strconv.Itoa(i) + "accessKey" + strconv.Itoa(i))
+		if err != nil {
+			log.Println(err)
+			return
+		}
+		fmt.Println("............................TestListUsers(): Verification")
+		fmt.Println(".........................TestListUsers(): DELETE response")
+		fmt.Println(response)
+		fmt.Println("............................TestListUsers(): DELETE error")
+		fmt.Println(err)
+		if response != nil {
+			fmt.Println("DELETE StatusCode:", response.StatusCode)
+			assert.Equal(204,
+				response.StatusCode, "has to be 204 when delete user")
+		}
+	}
+}
+
+func TestGetUserInfo(t *testing.T) {
+	/*
+		Test to get the user information via API.
+	*/
+
+	// 1. Create the user
+	fmt.Println("TestGetUserInfo(): 1. Create the user")
+	assert := assert.New(t)
+	var groups = []string{}
+	var policies = []string{}
+	response, err := AddUser("accessKey", "secretKey", groups, policies)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	if response != nil {
+		fmt.Println("POST StatusCode:", response.StatusCode)
+		assert.Equal(201, response.StatusCode, "Status Code is incorrect")
+	}
+
+	// 2. Get user information
+	fmt.Println("TestGetUserInfo(): 2. Get user information")
+	response, err = GetUserInformation("accessKey")
+	if err != nil {
+		log.Println(err)
+		assert.Fail("There was an error in the response")
+		return
+	}
+
+	// 3. Verify user information
+	fmt.Println("TestGetUserInfo(): 3. Verify user information")
+	if response != nil {
+		fmt.Println("POST StatusCode:", response.StatusCode)
+		assert.Equal(200, response.StatusCode, "Status Code is incorrect")
+	}
+	b, err := io.ReadAll(response.Body)
+	if err != nil {
+		log.Fatalln(err)
+	}
+	fmt.Println(string(b))
+	expected := "{\"accessKey\":\"accessKey\",\"memberOf\":null,\"policy\":[],\"status\":\"enabled\"}\n"
+	obtained := string(b)
+	assert.Equal(expected, obtained, "User Information is wrong")
+}
+
+func TestUpdateUserInfoSuccessfulResponse(t *testing.T) {
+	/*
+		Update User Information Test with Successful Response
+	*/
+
+	assert := assert.New(t)
+
+	// 1. Create an active user
+	var groups = []string{}
+	var policies = []string{}
+	addUserResponse, addUserError := AddUser(
+		"updateuser", "secretKey", groups, policies)
+	if addUserError != nil {
+		log.Println(addUserError)
+		return
+	}
+	if addUserResponse != nil {
+		fmt.Println("StatusCode:", addUserResponse.StatusCode)
+		assert.Equal(
+			201, addUserResponse.StatusCode, "Status Code is incorrect")
+	}
+
+	// 2. Deactivate the user
+	// '{"status":"disabled","groups":[]}'
+	updateUserResponse, UpdateUserError := UpdateUserInformation(
+		"updateuser", "disabled", groups)
+
+	// 3. Verify user got deactivated
+	if UpdateUserError != nil {
+		log.Println(UpdateUserError)
+		return
+	}
+	if updateUserResponse != nil {
+		fmt.Println("StatusCode:", updateUserResponse.StatusCode)
+		assert.Equal(
+			200, updateUserResponse.StatusCode, "Status Code is incorrect")
+	}
+	b, err := io.ReadAll(updateUserResponse.Body)
+	if err != nil {
+		log.Fatalln(err)
+	}
+	assert.True(strings.Contains(string(b), "disabled"))
+
+}
+
+func TestUpdateUserInfoGenericErrorResponse(t *testing.T) {
+	/*
+		Update User Information Test with Generic Error Response
+	*/
+
+	assert := assert.New(t)
+
+	// 1. Create an active user
+	var groups = []string{}
+	var policies = []string{}
+	addUserResponse, addUserError := AddUser(
+		"updateusererror", "secretKey", groups, policies)
+	if addUserError != nil {
+		log.Println(addUserError)
+		return
+	}
+	if addUserResponse != nil {
+		fmt.Println("StatusCode:", addUserResponse.StatusCode)
+		assert.Equal(
+			201, addUserResponse.StatusCode, "Status Code is incorrect")
+	}
+
+	// 2. Deactivate the user with wrong status
+	updateUserResponse, UpdateUserError := UpdateUserInformation(
+		"updateusererror", "inactive", groups)
+
+	// 3. Verify user got deactivated
+	if UpdateUserError != nil {
+		log.Println(UpdateUserError)
+		assert.Fail("There was an error while updating user info")
+		return
+	}
+	if updateUserResponse != nil {
+		fmt.Println("StatusCode:", updateUserResponse.StatusCode)
+		assert.Equal(
+			500, updateUserResponse.StatusCode, "Status Code is incorrect")
+	}
+	b, err := io.ReadAll(updateUserResponse.Body)
+	if err != nil {
+		log.Fatalln(err)
+	}
+	assert.True(strings.Contains(string(b), "status not valid"))
+
+}
+
+func TestRemoveUserSuccessfulResponse(t *testing.T) {
+	/*
+		To test removing a user from API
+	*/
+	assert := assert.New(t)
+
+	// 1. Create an active user
+	var groups = []string{}
+	var policies = []string{}
+	addUserResponse, addUserError := AddUser(
+		"testremoveuser1", "secretKey", groups, policies)
+	if addUserError != nil {
+		log.Println(addUserError)
+		return
+	}
+	if addUserResponse != nil {
+		fmt.Println("StatusCode:", addUserResponse.StatusCode)
+		assert.Equal(
+			201, addUserResponse.StatusCode, "Status Code is incorrect")
+	}
+
+	// 2. Remove the user
+	removeUserResponse, removeUserError := RemoveUser("testremoveuser1")
+	if removeUserError != nil {
+		log.Println(removeUserError)
+		return
+	}
+	if removeUserResponse != nil {
+		fmt.Println("StatusCode:", removeUserResponse.StatusCode)
+		assert.Equal(
+			204, removeUserResponse.StatusCode, "Status Code is incorrect")
+	}
+
+	// 3. Verify the user got removed
+	getUserInfoResponse, getUserInfoError := GetUserInformation(
+		"testremoveuser1")
+	if getUserInfoError != nil {
+		log.Println(getUserInfoError)
+		assert.Fail("There was an error in the response")
+		return
+	}
+	if getUserInfoResponse != nil {
+		fmt.Println("StatusCode:", getUserInfoResponse.StatusCode)
+		assert.Equal(
+			404, getUserInfoResponse.StatusCode, "Status Code is incorrect")
+	}
+	finalResponse := inspectHTTPResponse(getUserInfoResponse)
+	printMessage(finalResponse)
+	assert.True(strings.Contains(
+		finalResponse, "The specified user does not exist"), finalResponse)
+
+}

k8s/console/base/console-cluster-role-binding.yaml

@@ -1,12 +0,0 @@
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: console-sa-binding
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: console-sa-role
-subjects:
-  - kind: ServiceAccount
-    name: console-sa
-    namespace: default

k8s/console/base/console-cluster-role.yaml

@@ -1,222 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: console-sa-role
-rules:
-  - apiGroups:
-      - ""
-    resources:
-      - secrets
-    verbs:
-      - get
-      - watch
-      - create
-      - list
-      - patch
-      - update
-      - deletecollection
-  - apiGroups:
-      - ""
-    resources:
-      - namespaces
-      - pods
-      - services
-      - events
-      - resourcequotas
-      - nodes
-    verbs:
-      - get
-      - watch
-      - create
-      - list
-      - patch
-  - apiGroups:
-      - ""
-    resources:
-      - persistentvolumeclaims
-    verbs:
-      - deletecollection
-      - list
-      - get
-      - watch
-      - update
-  - apiGroups:
-      - "storage.k8s.io"
-    resources:
-      - storageclasses
-    verbs:
-      - get
-      - watch
-      - create
-      - list
-      - patch
-  - apiGroups:
-      - apps
-    resources:
-      - statefulsets
-      - deployments
-    verbs:
-      - get
-      - create
-      - list
-      - patch
-      - watch
-      - update
-      - delete
-  - apiGroups:
-      - batch
-    resources:
-      - jobs
-    verbs:
-      - get
-      - create
-      - list
-      - patch
-      - watch
-      - update
-      - delete
-  - apiGroups:
-      - "certificates.k8s.io"
-    resources:
-      - "certificatesigningrequests"
-      - "certificatesigningrequests/approval"
-      - "certificatesigningrequests/status"
-    verbs:
-      - update
-      - create
-      - get
-  - apiGroups:
-      - minio.min.io
-    resources:
-      - "*"
-    verbs:
-      - "*"
-  - apiGroups:
-      - min.io
-    resources:
-      - "*"
-    verbs:
-      - "*"
-  - apiGroups:
-    - ""
-    resources:
-    - persistentvolumes
-    verbs:
-    - get
-    - list
-    - watch
-    - create
-    - delete
-  - apiGroups:
-    - ""
-    resources:
-    - persistentvolumeclaims
-    verbs:
-    - get
-    - list
-    - watch
-    - update
-  - apiGroups:
-    - ""
-    resources:
-    - events
-    verbs:
-    - create
-    - list
-    - watch
-    - update
-    - patch
-  - apiGroups:
-    - snapshot.storage.k8s.io
-    resources:
-    - volumesnapshots
-    verbs:
-    - get
-    - list
-  - apiGroups:
-    - snapshot.storage.k8s.io
-    resources:
-    - volumesnapshotcontents
-    verbs:
-    - get
-    - list
-  - apiGroups:
-    - storage.k8s.io
-    resources:
-    - csinodes
-    verbs:
-    - get
-    - list
-    - watch
-  - apiGroups:
-    - storage.k8s.io
-    resources:
-    - volumeattachments
-    verbs:
-    - get
-    - list
-    - watch
-  - apiGroups:
-    - ""
-    resources:
-    - endpoints
-    verbs:
-    - get
-    - list
-    - watch
-    - create
-    - update
-    - delete
-  - apiGroups:
-    - coordination.k8s.io
-    resources:
-    - leases
-    verbs:
-    - get
-    - list
-    - watch
-    - create
-    - update
-    - delete
-  - apiGroups:
-    - direct.csi.min.io
-    resources:
-    - volumes
-    verbs:
-    - get
-    - list
-    - watch
-    - create
-    - update
-    - delete
-  - apiGroups:
-    - apiextensions.k8s.io
-    resources:
-    - customresourcedefinitions
-    verbs:
-    - get
-    - list
-    - watch
-    - create
-    - update
-    - delete
-  - apiGroups:
-    - direct.csi.min.io
-    resources:
-    - directcsidrives
-    - directcsivolumes
-    verbs:
-    - get
-    - list
-    - watch
-    - create
-    - update
-    - delete
-  - apiGroups:
-    - ""
-    resources:
-    - pod
-    verbs:
-    - get
-    - list
-    - watch

k8s/console/base/console-configmap.yaml

@@ -1,7 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: console-env
-data:
-  CONSOLE_PORT: "9090"
-  CONSOLE_TLS_PORT: "9443"

k8s/console/base/console-deployment.yaml

@@ -1,26 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: console
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: console
-  template:
-    metadata:
-      labels:
-        app: console
-    spec:
-      serviceAccountName: console-sa
-      containers:
-        - name: console
-          image: minio/console:v0.8.0
-          imagePullPolicy: "IfNotPresent"
-          args:
-            - server
-          ports:
-            - containerPort: 9090
-              name: http
-            - containerPort: 9433
-              name: https

k8s/console/base/console-service-account.yaml

@@ -1,5 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: console-sa
-  namespace: default

k8s/console/base/console-service.yaml

@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: console
-  labels:
-    name: console
-spec:
-  ports:
-    - port: 9090
-      name: http
-    - port: 9443
-      name: https
-  selector:
-    app: console

k8s/console/base/kustomization.yaml

@@ -1,11 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-# beginning of customizations
-resources:
-  - console-service-account.yaml
-  - console-cluster-role.yaml
-  - console-cluster-role-binding.yaml
-  - console-configmap.yaml
-  - console-service.yaml
-  - console-deployment.yaml
-  - https://github.com/minio/operator/?ref=v3.0.10

k8s/operator-console/base/console-cluster-role.yaml

@@ -19,7 +19,6 @@ rules:
       - ""
     resources:
       - namespaces
-      - pods
       - services
       - events
       - resourcequotas
@@ -30,6 +29,18 @@ rules:
       - create
       - list
       - patch
+  - apiGroups:
+      - ""
+    resources:
+      - pods
+    verbs:
+      - get
+      - watch
+      - create
+      - list
+      - patch
+      - delete
+      - deletecollection
   - apiGroups:
       - ""
     resources:

k8s/operator-console/base/console-deployment.yaml

@@ -15,7 +15,7 @@ spec:
       serviceAccountName: console-sa
       containers:
         - name: console
-          image: minio/console:v0.8.0
+          image: minio/console:v0.14.0
           imagePullPolicy: "IfNotPresent"
           env:
             - name: CONSOLE_OPERATOR_MODE

k8s/operator-console/operator/kustomization.yaml

@@ -1,9 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-# beginning of customizations
-#namespace: min-ns
-
-resources:
-  - ../base
-  - https://github.com/minio/operator/?ref=v3.0.29
-

k8s/operator-console/standalone/console-deployment.yaml

@@ -0,0 +1,46 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: console
+  namespace: default
+  labels:
+    name: console
+spec:
+  ports:
+    - port: 9090
+      name: http
+    - port: 9443
+      name: https
+  selector:
+    app: console-standalone
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: console
+  namespace: default
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: console-standalone
+  template:
+    metadata:
+      labels:
+        app: console-standalone
+    spec:
+      containers:
+        - name: console
+          image: minio/console:v0.14.0
+          imagePullPolicy: "IfNotPresent"
+          env:
+            - name: CONSOLE_MINIO_SERVER
+              value: "https://minio.default.svc.cluster.local"
+          args:
+            - server
+          ports:
+            - containerPort: 9090
+              name: http
+            - containerPort: 9433
+              name: https

k8s/tools.go

@@ -1,4 +1,4 @@
-// This file is part of MinIO Kubernetes Cloud
+// This file is part of MinIO Console Server
 // Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify

models/access_rule.go

@@ -0,0 +1,70 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// AccessRule access rule
+//
+// swagger:model accessRule
+type AccessRule struct {
+
+	// access
+	Access string `json:"access,omitempty"`
+
+	// prefix
+	Prefix string `json:"prefix,omitempty"`
+}
+
+// Validate validates this access rule
+func (m *AccessRule) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this access rule based on context it is used
+func (m *AccessRule) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *AccessRule) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *AccessRule) UnmarshalBinary(b []byte) error {
+	var res AccessRule
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/add_user_request.go

@@ -44,6 +44,10 @@ type AddUserRequest struct {
 	// Required: true
 	Groups []string `json:"groups"`
 
+	// policies
+	// Required: true
+	Policies []string `json:"policies"`
+
 	// secret key
 	// Required: true
 	SecretKey *string `json:"secretKey"`
@@ -61,6 +65,10 @@ func (m *AddUserRequest) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}
 
+	if err := m.validatePolicies(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateSecretKey(formats); err != nil {
 		res = append(res, err)
 	}
@@ -89,6 +97,15 @@ func (m *AddUserRequest) validateGroups(formats strfmt.Registry) error {
 	return nil
 }
 
+func (m *AddUserRequest) validatePolicies(formats strfmt.Registry) error {
+
+	if err := validate.Required("policies", "body", m.Policies); err != nil {
+		return err
+	}
+
+	return nil
+}
+
 func (m *AddUserRequest) validateSecretKey(formats strfmt.Registry) error {
 
 	if err := validate.Required("secretKey", "body", m.SecretKey); err != nil {

models/admin_info_response.go

@@ -42,6 +42,12 @@ type AdminInfoResponse struct {
 	// objects
 	Objects int64 `json:"objects,omitempty"`
 
+	// prometheus not ready
+	PrometheusNotReady bool `json:"prometheusNotReady,omitempty"`
+
+	// servers
+	Servers []*ServerProperties `json:"servers"`
+
 	// usage
 	Usage int64 `json:"usage,omitempty"`
 
@@ -53,6 +59,10 @@ type AdminInfoResponse struct {
 func (m *AdminInfoResponse) Validate(formats strfmt.Registry) error {
 	var res []error
 
+	if err := m.validateServers(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateWidgets(formats); err != nil {
 		res = append(res, err)
 	}
@@ -63,6 +73,32 @@ func (m *AdminInfoResponse) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
+func (m *AdminInfoResponse) validateServers(formats strfmt.Registry) error {
+	if swag.IsZero(m.Servers) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Servers); i++ {
+		if swag.IsZero(m.Servers[i]) { // not required
+			continue
+		}
+
+		if m.Servers[i] != nil {
+			if err := m.Servers[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("servers" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("servers" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
 func (m *AdminInfoResponse) validateWidgets(formats strfmt.Registry) error {
 	if swag.IsZero(m.Widgets) { // not required
 		return nil
@@ -77,6 +113,8 @@ func (m *AdminInfoResponse) validateWidgets(formats strfmt.Registry) error {
 			if err := m.Widgets[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("widgets" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("widgets" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -91,6 +129,10 @@ func (m *AdminInfoResponse) validateWidgets(formats strfmt.Registry) error {
 func (m *AdminInfoResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
 
+	if err := m.contextValidateServers(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.contextValidateWidgets(ctx, formats); err != nil {
 		res = append(res, err)
 	}
@@ -101,6 +143,26 @@ func (m *AdminInfoResponse) ContextValidate(ctx context.Context, formats strfmt.
 	return nil
 }
 
+func (m *AdminInfoResponse) contextValidateServers(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.Servers); i++ {
+
+		if m.Servers[i] != nil {
+			if err := m.Servers[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("servers" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("servers" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
 func (m *AdminInfoResponse) contextValidateWidgets(ctx context.Context, formats strfmt.Registry) error {
 
 	for i := 0; i < len(m.Widgets); i++ {
@@ -109,6 +171,8 @@ func (m *AdminInfoResponse) contextValidateWidgets(ctx context.Context, formats
 			if err := m.Widgets[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("widgets" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("widgets" + "." + strconv.Itoa(i))
 				}
 				return err
 			}

models/allocatable_resources_response.go

@@ -0,0 +1,173 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// AllocatableResourcesResponse allocatable resources response
+//
+// swagger:model allocatableResourcesResponse
+type AllocatableResourcesResponse struct {
+
+	// cpu priority
+	CPUPriority *NodeMaxAllocatableResources `json:"cpu_priority,omitempty"`
+
+	// mem priority
+	MemPriority *NodeMaxAllocatableResources `json:"mem_priority,omitempty"`
+
+	// min allocatable cpu
+	MinAllocatableCPU int64 `json:"min_allocatable_cpu,omitempty"`
+
+	// min allocatable mem
+	MinAllocatableMem int64 `json:"min_allocatable_mem,omitempty"`
+}
+
+// Validate validates this allocatable resources response
+func (m *AllocatableResourcesResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateCPUPriority(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateMemPriority(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *AllocatableResourcesResponse) validateCPUPriority(formats strfmt.Registry) error {
+	if swag.IsZero(m.CPUPriority) { // not required
+		return nil
+	}
+
+	if m.CPUPriority != nil {
+		if err := m.CPUPriority.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("cpu_priority")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("cpu_priority")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *AllocatableResourcesResponse) validateMemPriority(formats strfmt.Registry) error {
+	if swag.IsZero(m.MemPriority) { // not required
+		return nil
+	}
+
+	if m.MemPriority != nil {
+		if err := m.MemPriority.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("mem_priority")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("mem_priority")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// ContextValidate validate this allocatable resources response based on the context it is used
+func (m *AllocatableResourcesResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateCPUPriority(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.contextValidateMemPriority(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *AllocatableResourcesResponse) contextValidateCPUPriority(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.CPUPriority != nil {
+		if err := m.CPUPriority.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("cpu_priority")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("cpu_priority")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *AllocatableResourcesResponse) contextValidateMemPriority(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.MemPriority != nil {
+		if err := m.MemPriority.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("mem_priority")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("mem_priority")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *AllocatableResourcesResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *AllocatableResourcesResponse) UnmarshalBinary(b []byte) error {
+	var res AllocatableResourcesResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/annotation.go

@@ -0,0 +1,70 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// Annotation annotation
+//
+// swagger:model annotation
+type Annotation struct {
+
+	// key
+	Key string `json:"key,omitempty"`
+
+	// value
+	Value string `json:"value,omitempty"`
+}
+
+// Validate validates this annotation
+func (m *Annotation) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this annotation based on context it is used
+func (m *Annotation) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *Annotation) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *Annotation) UnmarshalBinary(b []byte) error {
+	var res Annotation
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/aws_configuration.go

@@ -65,6 +65,8 @@ func (m *AwsConfiguration) validateSecretsmanager(formats strfmt.Registry) error
 		if err := m.Secretsmanager.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("secretsmanager")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("secretsmanager")
 			}
 			return err
 		}
@@ -93,6 +95,8 @@ func (m *AwsConfiguration) contextValidateSecretsmanager(ctx context.Context, fo
 		if err := m.Secretsmanager.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("secretsmanager")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("secretsmanager")
 			}
 			return err
 		}
@@ -172,6 +176,8 @@ func (m *AwsConfigurationSecretsmanager) validateCredentials(formats strfmt.Regi
 		if err := m.Credentials.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("secretsmanager" + "." + "credentials")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("secretsmanager" + "." + "credentials")
 			}
 			return err
 		}
@@ -218,6 +224,8 @@ func (m *AwsConfigurationSecretsmanager) contextValidateCredentials(ctx context.
 		if err := m.Credentials.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("secretsmanager" + "." + "credentials")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("secretsmanager" + "." + "credentials")
 			}
 			return err
 		}

models/azure_configuration.go

@@ -0,0 +1,321 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
+// AzureConfiguration azure configuration
+//
+// swagger:model azureConfiguration
+type AzureConfiguration struct {
+
+	// keyvault
+	// Required: true
+	Keyvault *AzureConfigurationKeyvault `json:"keyvault"`
+}
+
+// Validate validates this azure configuration
+func (m *AzureConfiguration) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateKeyvault(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *AzureConfiguration) validateKeyvault(formats strfmt.Registry) error {
+
+	if err := validate.Required("keyvault", "body", m.Keyvault); err != nil {
+		return err
+	}
+
+	if m.Keyvault != nil {
+		if err := m.Keyvault.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("keyvault")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("keyvault")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// ContextValidate validate this azure configuration based on the context it is used
+func (m *AzureConfiguration) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateKeyvault(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *AzureConfiguration) contextValidateKeyvault(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.Keyvault != nil {
+		if err := m.Keyvault.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("keyvault")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("keyvault")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *AzureConfiguration) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *AzureConfiguration) UnmarshalBinary(b []byte) error {
+	var res AzureConfiguration
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
+
+// AzureConfigurationKeyvault azure configuration keyvault
+//
+// swagger:model AzureConfigurationKeyvault
+type AzureConfigurationKeyvault struct {
+
+	// credentials
+	Credentials *AzureConfigurationKeyvaultCredentials `json:"credentials,omitempty"`
+
+	// endpoint
+	// Required: true
+	Endpoint *string `json:"endpoint"`
+}
+
+// Validate validates this azure configuration keyvault
+func (m *AzureConfigurationKeyvault) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateCredentials(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateEndpoint(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *AzureConfigurationKeyvault) validateCredentials(formats strfmt.Registry) error {
+	if swag.IsZero(m.Credentials) { // not required
+		return nil
+	}
+
+	if m.Credentials != nil {
+		if err := m.Credentials.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("keyvault" + "." + "credentials")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("keyvault" + "." + "credentials")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *AzureConfigurationKeyvault) validateEndpoint(formats strfmt.Registry) error {
+
+	if err := validate.Required("keyvault"+"."+"endpoint", "body", m.Endpoint); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ContextValidate validate this azure configuration keyvault based on the context it is used
+func (m *AzureConfigurationKeyvault) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateCredentials(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *AzureConfigurationKeyvault) contextValidateCredentials(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.Credentials != nil {
+		if err := m.Credentials.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("keyvault" + "." + "credentials")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("keyvault" + "." + "credentials")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *AzureConfigurationKeyvault) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *AzureConfigurationKeyvault) UnmarshalBinary(b []byte) error {
+	var res AzureConfigurationKeyvault
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
+
+// AzureConfigurationKeyvaultCredentials azure configuration keyvault credentials
+//
+// swagger:model AzureConfigurationKeyvaultCredentials
+type AzureConfigurationKeyvaultCredentials struct {
+
+	// client id
+	// Required: true
+	ClientID *string `json:"client_id"`
+
+	// client secret
+	// Required: true
+	ClientSecret *string `json:"client_secret"`
+
+	// tenant id
+	// Required: true
+	TenantID *string `json:"tenant_id"`
+}
+
+// Validate validates this azure configuration keyvault credentials
+func (m *AzureConfigurationKeyvaultCredentials) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateClientID(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateClientSecret(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateTenantID(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *AzureConfigurationKeyvaultCredentials) validateClientID(formats strfmt.Registry) error {
+
+	if err := validate.Required("keyvault"+"."+"credentials"+"."+"client_id", "body", m.ClientID); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *AzureConfigurationKeyvaultCredentials) validateClientSecret(formats strfmt.Registry) error {
+
+	if err := validate.Required("keyvault"+"."+"credentials"+"."+"client_secret", "body", m.ClientSecret); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *AzureConfigurationKeyvaultCredentials) validateTenantID(formats strfmt.Registry) error {
+
+	if err := validate.Required("keyvault"+"."+"credentials"+"."+"tenant_id", "body", m.TenantID); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ContextValidate validates this azure configuration keyvault credentials based on context it is used
+func (m *AzureConfigurationKeyvaultCredentials) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *AzureConfigurationKeyvaultCredentials) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *AzureConfigurationKeyvaultCredentials) UnmarshalBinary(b []byte) error {
+	var res AzureConfigurationKeyvaultCredentials
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/bucket.go

@@ -24,6 +24,7 @@ package models
 
 import (
 	"context"
+	"encoding/json"
 
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
@@ -42,11 +43,23 @@ type Bucket struct {
 	// creation date
 	CreationDate string `json:"creation_date,omitempty"`
 
+	// definition
+	Definition string `json:"definition,omitempty"`
+
+	// details
+	Details *BucketDetails `json:"details,omitempty"`
+
 	// name
 	// Required: true
 	// Min Length: 3
 	Name *string `json:"name"`
 
+	// objects
+	Objects int64 `json:"objects,omitempty"`
+
+	// rw access
+	RwAccess *BucketRwAccess `json:"rw_access,omitempty"`
+
 	// size
 	Size int64 `json:"size,omitempty"`
 }
@@ -59,10 +72,18 @@ func (m *Bucket) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}
 
+	if err := m.validateDetails(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateName(formats); err != nil {
 		res = append(res, err)
 	}
 
+	if err := m.validateRwAccess(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -78,6 +99,27 @@ func (m *Bucket) validateAccess(formats strfmt.Registry) error {
 		if err := m.Access.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("access")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("access")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *Bucket) validateDetails(formats strfmt.Registry) error {
+	if swag.IsZero(m.Details) { // not required
+		return nil
+	}
+
+	if m.Details != nil {
+		if err := m.Details.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("details")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("details")
 			}
 			return err
 		}
@@ -99,6 +141,25 @@ func (m *Bucket) validateName(formats strfmt.Registry) error {
 	return nil
 }
 
+func (m *Bucket) validateRwAccess(formats strfmt.Registry) error {
+	if swag.IsZero(m.RwAccess) { // not required
+		return nil
+	}
+
+	if m.RwAccess != nil {
+		if err := m.RwAccess.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("rw_access")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("rw_access")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 // ContextValidate validate this bucket based on the context it is used
 func (m *Bucket) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
@@ -107,6 +168,14 @@ func (m *Bucket) ContextValidate(ctx context.Context, formats strfmt.Registry) e
 		res = append(res, err)
 	}
 
+	if err := m.contextValidateDetails(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.contextValidateRwAccess(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -119,6 +188,40 @@ func (m *Bucket) contextValidateAccess(ctx context.Context, formats strfmt.Regis
 		if err := m.Access.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("access")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("access")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *Bucket) contextValidateDetails(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.Details != nil {
+		if err := m.Details.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("details")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("details")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *Bucket) contextValidateRwAccess(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.RwAccess != nil {
+		if err := m.RwAccess.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("rw_access")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("rw_access")
 			}
 			return err
 		}
@@ -144,3 +247,240 @@ func (m *Bucket) UnmarshalBinary(b []byte) error {
 	*m = res
 	return nil
 }
+
+// BucketDetails bucket details
+//
+// swagger:model BucketDetails
+type BucketDetails struct {
+
+	// locking
+	Locking bool `json:"locking,omitempty"`
+
+	// quota
+	Quota *BucketDetailsQuota `json:"quota,omitempty"`
+
+	// replication
+	Replication bool `json:"replication,omitempty"`
+
+	// tags
+	Tags map[string]string `json:"tags,omitempty"`
+
+	// versioning
+	Versioning bool `json:"versioning,omitempty"`
+
+	// versioning suspended
+	VersioningSuspended bool `json:"versioningSuspended,omitempty"`
+}
+
+// Validate validates this bucket details
+func (m *BucketDetails) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateQuota(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *BucketDetails) validateQuota(formats strfmt.Registry) error {
+	if swag.IsZero(m.Quota) { // not required
+		return nil
+	}
+
+	if m.Quota != nil {
+		if err := m.Quota.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("details" + "." + "quota")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("details" + "." + "quota")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// ContextValidate validate this bucket details based on the context it is used
+func (m *BucketDetails) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateQuota(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *BucketDetails) contextValidateQuota(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.Quota != nil {
+		if err := m.Quota.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("details" + "." + "quota")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("details" + "." + "quota")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *BucketDetails) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *BucketDetails) UnmarshalBinary(b []byte) error {
+	var res BucketDetails
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
+
+// BucketDetailsQuota bucket details quota
+//
+// swagger:model BucketDetailsQuota
+type BucketDetailsQuota struct {
+
+	// quota
+	Quota int64 `json:"quota,omitempty"`
+
+	// type
+	// Enum: [fifo hard]
+	Type string `json:"type,omitempty"`
+}
+
+// Validate validates this bucket details quota
+func (m *BucketDetailsQuota) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateType(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+var bucketDetailsQuotaTypeTypePropEnum []interface{}
+
+func init() {
+	var res []string
+	if err := json.Unmarshal([]byte(`["fifo","hard"]`), &res); err != nil {
+		panic(err)
+	}
+	for _, v := range res {
+		bucketDetailsQuotaTypeTypePropEnum = append(bucketDetailsQuotaTypeTypePropEnum, v)
+	}
+}
+
+const (
+
+	// BucketDetailsQuotaTypeFifo captures enum value "fifo"
+	BucketDetailsQuotaTypeFifo string = "fifo"
+
+	// BucketDetailsQuotaTypeHard captures enum value "hard"
+	BucketDetailsQuotaTypeHard string = "hard"
+)
+
+// prop value enum
+func (m *BucketDetailsQuota) validateTypeEnum(path, location string, value string) error {
+	if err := validate.EnumCase(path, location, value, bucketDetailsQuotaTypeTypePropEnum, true); err != nil {
+		return err
+	}
+	return nil
+}
+
+func (m *BucketDetailsQuota) validateType(formats strfmt.Registry) error {
+	if swag.IsZero(m.Type) { // not required
+		return nil
+	}
+
+	// value enum
+	if err := m.validateTypeEnum("details"+"."+"quota"+"."+"type", "body", m.Type); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ContextValidate validates this bucket details quota based on context it is used
+func (m *BucketDetailsQuota) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *BucketDetailsQuota) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *BucketDetailsQuota) UnmarshalBinary(b []byte) error {
+	var res BucketDetailsQuota
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
+
+// BucketRwAccess bucket rw access
+//
+// swagger:model BucketRwAccess
+type BucketRwAccess struct {
+
+	// read
+	Read bool `json:"read,omitempty"`
+
+	// write
+	Write bool `json:"write,omitempty"`
+}
+
+// Validate validates this bucket rw access
+func (m *BucketRwAccess) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this bucket rw access based on context it is used
+func (m *BucketRwAccess) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *BucketRwAccess) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *BucketRwAccess) UnmarshalBinary(b []byte) error {
+	var res BucketRwAccess
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/bucket_encryption_request.go

@@ -65,6 +65,8 @@ func (m *BucketEncryptionRequest) validateEncType(formats strfmt.Registry) error
 		if err := m.EncType.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("encType")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("encType")
 			}
 			return err
 		}
@@ -93,6 +95,8 @@ func (m *BucketEncryptionRequest) contextValidateEncType(ctx context.Context, fo
 		if err := m.EncType.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("encType")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("encType")
 			}
 			return err
 		}

models/bucket_event_request.go

@@ -68,6 +68,8 @@ func (m *BucketEventRequest) validateConfiguration(formats strfmt.Registry) erro
 		if err := m.Configuration.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("configuration")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("configuration")
 			}
 			return err
 		}
@@ -96,6 +98,8 @@ func (m *BucketEventRequest) contextValidateConfiguration(ctx context.Context, f
 		if err := m.Configuration.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("configuration")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("configuration")
 			}
 			return err
 		}

models/bucket_lifecycle_response.go

@@ -68,6 +68,8 @@ func (m *BucketLifecycleResponse) validateLifecycle(formats strfmt.Registry) err
 			if err := m.Lifecycle[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("lifecycle" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("lifecycle" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -100,6 +102,8 @@ func (m *BucketLifecycleResponse) contextValidateLifecycle(ctx context.Context,
 			if err := m.Lifecycle[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("lifecycle" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("lifecycle" + "." + strconv.Itoa(i))
 				}
 				return err
 			}

models/bucket_object.go

@@ -55,6 +55,9 @@ type BucketObject struct {
 	// legal hold status
 	LegalHoldStatus string `json:"legal_hold_status,omitempty"`
 
+	// metadata
+	Metadata map[string]string `json:"metadata,omitempty"`
+
 	// name
 	Name string `json:"name,omitempty"`
 
@@ -70,6 +73,9 @@ type BucketObject struct {
 	// tags
 	Tags map[string]string `json:"tags,omitempty"`
 
+	// user metadata
+	UserMetadata map[string]string `json:"user_metadata,omitempty"`
+
 	// user tags
 	UserTags map[string]string `json:"user_tags,omitempty"`
 

models/bucket_replication_response.go

@@ -68,6 +68,8 @@ func (m *BucketReplicationResponse) validateRules(formats strfmt.Registry) error
 			if err := m.Rules[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("rules" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("rules" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -100,6 +102,8 @@ func (m *BucketReplicationResponse) contextValidateRules(ctx context.Context, fo
 			if err := m.Rules[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("rules" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("rules" + "." + strconv.Itoa(i))
 				}
 				return err
 			}

models/bucket_replication_rule.go

@@ -49,6 +49,9 @@ type BucketReplicationRule struct {
 	// destination
 	Destination *BucketReplicationDestination `json:"destination,omitempty"`
 
+	// existing objects
+	ExistingObjects bool `json:"existingObjects,omitempty"`
+
 	// health check period
 	HealthCheckPeriod int64 `json:"healthCheckPeriod,omitempty"`
 
@@ -68,6 +71,9 @@ type BucketReplicationRule struct {
 	// Enum: [Enabled Disabled]
 	Status string `json:"status,omitempty"`
 
+	// storage class
+	StorageClass string `json:"storageClass,omitempty"`
+
 	// sync mode
 	// Enum: [async sync]
 	SyncMode *string `json:"syncMode,omitempty"`
@@ -107,6 +113,8 @@ func (m *BucketReplicationRule) validateDestination(formats strfmt.Registry) err
 		if err := m.Destination.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("destination")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("destination")
 			}
 			return err
 		}
@@ -219,6 +227,8 @@ func (m *BucketReplicationRule) contextValidateDestination(ctx context.Context,
 		if err := m.Destination.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("destination")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("destination")
 			}
 			return err
 		}

models/configuration.go

@@ -71,6 +71,8 @@ func (m *Configuration) validateKeyValues(formats strfmt.Registry) error {
 			if err := m.KeyValues[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("key_values" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("key_values" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -103,6 +105,8 @@ func (m *Configuration) contextValidateKeyValues(ctx context.Context, formats st
 			if err := m.KeyValues[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("key_values" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("key_values" + "." + strconv.Itoa(i))
 				}
 				return err
 			}

models/configure_tenant_request.go

@@ -0,0 +1,67 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// ConfigureTenantRequest configure tenant request
+//
+// swagger:model configureTenantRequest
+type ConfigureTenantRequest struct {
+
+	// prometheus enabled
+	PrometheusEnabled bool `json:"prometheusEnabled,omitempty"`
+}
+
+// Validate validates this configure tenant request
+func (m *ConfigureTenantRequest) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this configure tenant request based on context it is used
+func (m *ConfigureTenantRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *ConfigureTenantRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *ConfigureTenantRequest) UnmarshalBinary(b []byte) error {
+	var res ConfigureTenantRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/console_configuration.go

@@ -1,134 +0,0 @@
-// Code generated by go-swagger; DO NOT EDIT.
-
-// This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-//
-
-package models
-
-// This file was generated by the swagger tool.
-// Editing this file might prove futile when you re-run the swagger generate command
-
-import (
-	"context"
-
-	"github.com/go-openapi/errors"
-	"github.com/go-openapi/strfmt"
-	"github.com/go-openapi/swag"
-)
-
-// ConsoleConfiguration console configuration
-//
-// swagger:model consoleConfiguration
-type ConsoleConfiguration struct {
-	MetadataFields
-
-	// image
-	Image string `json:"image,omitempty"`
-}
-
-// UnmarshalJSON unmarshals this object from a JSON structure
-func (m *ConsoleConfiguration) UnmarshalJSON(raw []byte) error {
-	// AO0
-	var aO0 MetadataFields
-	if err := swag.ReadJSON(raw, &aO0); err != nil {
-		return err
-	}
-	m.MetadataFields = aO0
-
-	// AO1
-	var dataAO1 struct {
-		Image string `json:"image,omitempty"`
-	}
-	if err := swag.ReadJSON(raw, &dataAO1); err != nil {
-		return err
-	}
-
-	m.Image = dataAO1.Image
-
-	return nil
-}
-
-// MarshalJSON marshals this object to a JSON structure
-func (m ConsoleConfiguration) MarshalJSON() ([]byte, error) {
-	_parts := make([][]byte, 0, 2)
-
-	aO0, err := swag.WriteJSON(m.MetadataFields)
-	if err != nil {
-		return nil, err
-	}
-	_parts = append(_parts, aO0)
-	var dataAO1 struct {
-		Image string `json:"image,omitempty"`
-	}
-
-	dataAO1.Image = m.Image
-
-	jsonDataAO1, errAO1 := swag.WriteJSON(dataAO1)
-	if errAO1 != nil {
-		return nil, errAO1
-	}
-	_parts = append(_parts, jsonDataAO1)
-	return swag.ConcatJSON(_parts...), nil
-}
-
-// Validate validates this console configuration
-func (m *ConsoleConfiguration) Validate(formats strfmt.Registry) error {
-	var res []error
-
-	// validation for a type composition with MetadataFields
-	if err := m.MetadataFields.Validate(formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-// ContextValidate validate this console configuration based on the context it is used
-func (m *ConsoleConfiguration) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
-	var res []error
-
-	// validation for a type composition with MetadataFields
-	if err := m.MetadataFields.ContextValidate(ctx, formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-// MarshalBinary interface implementation
-func (m *ConsoleConfiguration) MarshalBinary() ([]byte, error) {
-	if m == nil {
-		return nil, nil
-	}
-	return swag.WriteJSON(m)
-}
-
-// UnmarshalBinary interface implementation
-func (m *ConsoleConfiguration) UnmarshalBinary(b []byte) error {
-	var res ConsoleConfiguration
-	if err := swag.ReadJSON(b, &res); err != nil {
-		return err
-	}
-	*m = res
-	return nil
-}

models/create_tenant_request.go

@@ -43,12 +43,6 @@ type CreateTenantRequest struct {
 	// annotations
 	Annotations map[string]string `json:"annotations,omitempty"`
 
-	// console
-	Console *ConsoleConfiguration `json:"console,omitempty"`
-
-	// console image
-	ConsoleImage string `json:"console_image,omitempty"`
-
 	// enable console
 	EnableConsole *bool `json:"enable_console,omitempty"`
 
@@ -118,10 +112,6 @@ type CreateTenantRequest struct {
 func (m *CreateTenantRequest) Validate(formats strfmt.Registry) error {
 	var res []error
 
-	if err := m.validateConsole(formats); err != nil {
-		res = append(res, err)
-	}
-
 	if err := m.validateEncryption(formats); err != nil {
 		res = append(res, err)
 	}
@@ -164,23 +154,6 @@ func (m *CreateTenantRequest) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *CreateTenantRequest) validateConsole(formats strfmt.Registry) error {
-	if swag.IsZero(m.Console) { // not required
-		return nil
-	}
-
-	if m.Console != nil {
-		if err := m.Console.Validate(formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("console")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
 func (m *CreateTenantRequest) validateEncryption(formats strfmt.Registry) error {
 	if swag.IsZero(m.Encryption) { // not required
 		return nil
@@ -190,6 +163,8 @@ func (m *CreateTenantRequest) validateEncryption(formats strfmt.Registry) error
 		if err := m.Encryption.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("encryption")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("encryption")
 			}
 			return err
 		}
@@ -207,6 +182,8 @@ func (m *CreateTenantRequest) validateIdp(formats strfmt.Registry) error {
 		if err := m.Idp.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("idp")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("idp")
 			}
 			return err
 		}
@@ -224,6 +201,8 @@ func (m *CreateTenantRequest) validateImageRegistry(formats strfmt.Registry) err
 		if err := m.ImageRegistry.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("image_registry")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("image_registry")
 			}
 			return err
 		}
@@ -241,6 +220,8 @@ func (m *CreateTenantRequest) validateLogSearchConfiguration(formats strfmt.Regi
 		if err := m.LogSearchConfiguration.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("logSearchConfiguration")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("logSearchConfiguration")
 			}
 			return err
 		}
@@ -286,6 +267,8 @@ func (m *CreateTenantRequest) validatePools(formats strfmt.Registry) error {
 			if err := m.Pools[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("pools" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("pools" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -305,6 +288,8 @@ func (m *CreateTenantRequest) validatePrometheusConfiguration(formats strfmt.Reg
 		if err := m.PrometheusConfiguration.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("prometheusConfiguration")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("prometheusConfiguration")
 			}
 			return err
 		}
@@ -322,6 +307,8 @@ func (m *CreateTenantRequest) validateTLS(formats strfmt.Registry) error {
 		if err := m.TLS.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("tls")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("tls")
 			}
 			return err
 		}
@@ -334,10 +321,6 @@ func (m *CreateTenantRequest) validateTLS(formats strfmt.Registry) error {
 func (m *CreateTenantRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
 
-	if err := m.contextValidateConsole(ctx, formats); err != nil {
-		res = append(res, err)
-	}
-
 	if err := m.contextValidateEncryption(ctx, formats); err != nil {
 		res = append(res, err)
 	}
@@ -372,26 +355,14 @@ func (m *CreateTenantRequest) ContextValidate(ctx context.Context, formats strfm
 	return nil
 }
 
-func (m *CreateTenantRequest) contextValidateConsole(ctx context.Context, formats strfmt.Registry) error {
-
-	if m.Console != nil {
-		if err := m.Console.ContextValidate(ctx, formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("console")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
 func (m *CreateTenantRequest) contextValidateEncryption(ctx context.Context, formats strfmt.Registry) error {
 
 	if m.Encryption != nil {
 		if err := m.Encryption.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("encryption")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("encryption")
 			}
 			return err
 		}
@@ -406,6 +377,8 @@ func (m *CreateTenantRequest) contextValidateIdp(ctx context.Context, formats st
 		if err := m.Idp.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("idp")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("idp")
 			}
 			return err
 		}
@@ -420,6 +393,8 @@ func (m *CreateTenantRequest) contextValidateImageRegistry(ctx context.Context,
 		if err := m.ImageRegistry.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("image_registry")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("image_registry")
 			}
 			return err
 		}
@@ -434,6 +409,8 @@ func (m *CreateTenantRequest) contextValidateLogSearchConfiguration(ctx context.
 		if err := m.LogSearchConfiguration.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("logSearchConfiguration")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("logSearchConfiguration")
 			}
 			return err
 		}
@@ -450,6 +427,8 @@ func (m *CreateTenantRequest) contextValidatePools(ctx context.Context, formats
 			if err := m.Pools[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("pools" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("pools" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -466,6 +445,8 @@ func (m *CreateTenantRequest) contextValidatePrometheusConfiguration(ctx context
 		if err := m.PrometheusConfiguration.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("prometheusConfiguration")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("prometheusConfiguration")
 			}
 			return err
 		}
@@ -480,6 +461,8 @@ func (m *CreateTenantRequest) contextValidateTLS(ctx context.Context, formats st
 		if err := m.TLS.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("tls")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("tls")
 			}
 			return err
 		}

models/create_tenant_response.go

@@ -38,6 +38,9 @@ type CreateTenantResponse struct {
 
 	// console
 	Console []*TenantResponseItem `json:"console"`
+
+	// external ID p
+	ExternalIDP bool `json:"externalIDP,omitempty"`
 }
 
 // Validate validates this create tenant response
@@ -68,6 +71,8 @@ func (m *CreateTenantResponse) validateConsole(formats strfmt.Registry) error {
 			if err := m.Console[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("console" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("console" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -100,6 +105,8 @@ func (m *CreateTenantResponse) contextValidateConsole(ctx context.Context, forma
 			if err := m.Console[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("console" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("console" + "." + strconv.Itoa(i))
 				}
 				return err
 			}

models/encryption_configuration.go

@@ -39,6 +39,9 @@ type EncryptionConfiguration struct {
 	// aws
 	Aws *AwsConfiguration `json:"aws,omitempty"`
 
+	// azure
+	Azure *AzureConfiguration `json:"azure,omitempty"`
+
 	// client
 	Client *KeyPairConfiguration `json:"client,omitempty"`
 
@@ -54,6 +57,9 @@ type EncryptionConfiguration struct {
 	// replicas
 	Replicas string `json:"replicas,omitempty"`
 
+	// security context
+	SecurityContext *SecurityContext `json:"securityContext,omitempty"`
+
 	// server
 	Server *KeyPairConfiguration `json:"server,omitempty"`
 
@@ -74,6 +80,8 @@ func (m *EncryptionConfiguration) UnmarshalJSON(raw []byte) error {
 	var dataAO1 struct {
 		Aws *AwsConfiguration `json:"aws,omitempty"`
 
+		Azure *AzureConfiguration `json:"azure,omitempty"`
+
 		Client *KeyPairConfiguration `json:"client,omitempty"`
 
 		Gcp *GcpConfiguration `json:"gcp,omitempty"`
@@ -84,6 +92,8 @@ func (m *EncryptionConfiguration) UnmarshalJSON(raw []byte) error {
 
 		Replicas string `json:"replicas,omitempty"`
 
+		SecurityContext *SecurityContext `json:"securityContext,omitempty"`
+
 		Server *KeyPairConfiguration `json:"server,omitempty"`
 
 		Vault *VaultConfiguration `json:"vault,omitempty"`
@@ -94,6 +104,8 @@ func (m *EncryptionConfiguration) UnmarshalJSON(raw []byte) error {
 
 	m.Aws = dataAO1.Aws
 
+	m.Azure = dataAO1.Azure
+
 	m.Client = dataAO1.Client
 
 	m.Gcp = dataAO1.Gcp
@@ -104,6 +116,8 @@ func (m *EncryptionConfiguration) UnmarshalJSON(raw []byte) error {
 
 	m.Replicas = dataAO1.Replicas
 
+	m.SecurityContext = dataAO1.SecurityContext
+
 	m.Server = dataAO1.Server
 
 	m.Vault = dataAO1.Vault
@@ -123,6 +137,8 @@ func (m EncryptionConfiguration) MarshalJSON() ([]byte, error) {
 	var dataAO1 struct {
 		Aws *AwsConfiguration `json:"aws,omitempty"`
 
+		Azure *AzureConfiguration `json:"azure,omitempty"`
+
 		Client *KeyPairConfiguration `json:"client,omitempty"`
 
 		Gcp *GcpConfiguration `json:"gcp,omitempty"`
@@ -133,6 +149,8 @@ func (m EncryptionConfiguration) MarshalJSON() ([]byte, error) {
 
 		Replicas string `json:"replicas,omitempty"`
 
+		SecurityContext *SecurityContext `json:"securityContext,omitempty"`
+
 		Server *KeyPairConfiguration `json:"server,omitempty"`
 
 		Vault *VaultConfiguration `json:"vault,omitempty"`
@@ -140,6 +158,8 @@ func (m EncryptionConfiguration) MarshalJSON() ([]byte, error) {
 
 	dataAO1.Aws = m.Aws
 
+	dataAO1.Azure = m.Azure
+
 	dataAO1.Client = m.Client
 
 	dataAO1.Gcp = m.Gcp
@@ -150,6 +170,8 @@ func (m EncryptionConfiguration) MarshalJSON() ([]byte, error) {
 
 	dataAO1.Replicas = m.Replicas
 
+	dataAO1.SecurityContext = m.SecurityContext
+
 	dataAO1.Server = m.Server
 
 	dataAO1.Vault = m.Vault
@@ -175,6 +197,10 @@ func (m *EncryptionConfiguration) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}
 
+	if err := m.validateAzure(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateClient(formats); err != nil {
 		res = append(res, err)
 	}
@@ -187,6 +213,10 @@ func (m *EncryptionConfiguration) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}
 
+	if err := m.validateSecurityContext(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateServer(formats); err != nil {
 		res = append(res, err)
 	}
@@ -211,6 +241,28 @@ func (m *EncryptionConfiguration) validateAws(formats strfmt.Registry) error {
 		if err := m.Aws.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("aws")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("aws")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *EncryptionConfiguration) validateAzure(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.Azure) { // not required
+		return nil
+	}
+
+	if m.Azure != nil {
+		if err := m.Azure.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("azure")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("azure")
 			}
 			return err
 		}
@@ -229,6 +281,8 @@ func (m *EncryptionConfiguration) validateClient(formats strfmt.Registry) error
 		if err := m.Client.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("client")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("client")
 			}
 			return err
 		}
@@ -247,6 +301,8 @@ func (m *EncryptionConfiguration) validateGcp(formats strfmt.Registry) error {
 		if err := m.Gcp.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("gcp")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("gcp")
 			}
 			return err
 		}
@@ -265,6 +321,28 @@ func (m *EncryptionConfiguration) validateGemalto(formats strfmt.Registry) error
 		if err := m.Gemalto.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("gemalto")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("gemalto")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *EncryptionConfiguration) validateSecurityContext(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.SecurityContext) { // not required
+		return nil
+	}
+
+	if m.SecurityContext != nil {
+		if err := m.SecurityContext.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("securityContext")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("securityContext")
 			}
 			return err
 		}
@@ -283,6 +361,8 @@ func (m *EncryptionConfiguration) validateServer(formats strfmt.Registry) error
 		if err := m.Server.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("server")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("server")
 			}
 			return err
 		}
@@ -301,6 +381,8 @@ func (m *EncryptionConfiguration) validateVault(formats strfmt.Registry) error {
 		if err := m.Vault.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("vault")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("vault")
 			}
 			return err
 		}
@@ -322,6 +404,10 @@ func (m *EncryptionConfiguration) ContextValidate(ctx context.Context, formats s
 		res = append(res, err)
 	}
 
+	if err := m.contextValidateAzure(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.contextValidateClient(ctx, formats); err != nil {
 		res = append(res, err)
 	}
@@ -334,6 +420,10 @@ func (m *EncryptionConfiguration) ContextValidate(ctx context.Context, formats s
 		res = append(res, err)
 	}
 
+	if err := m.contextValidateSecurityContext(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.contextValidateServer(ctx, formats); err != nil {
 		res = append(res, err)
 	}
@@ -354,6 +444,24 @@ func (m *EncryptionConfiguration) contextValidateAws(ctx context.Context, format
 		if err := m.Aws.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("aws")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("aws")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *EncryptionConfiguration) contextValidateAzure(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.Azure != nil {
+		if err := m.Azure.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("azure")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("azure")
 			}
 			return err
 		}
@@ -368,6 +476,8 @@ func (m *EncryptionConfiguration) contextValidateClient(ctx context.Context, for
 		if err := m.Client.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("client")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("client")
 			}
 			return err
 		}
@@ -382,6 +492,8 @@ func (m *EncryptionConfiguration) contextValidateGcp(ctx context.Context, format
 		if err := m.Gcp.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("gcp")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("gcp")
 			}
 			return err
 		}
@@ -396,6 +508,24 @@ func (m *EncryptionConfiguration) contextValidateGemalto(ctx context.Context, fo
 		if err := m.Gemalto.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("gemalto")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("gemalto")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *EncryptionConfiguration) contextValidateSecurityContext(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.SecurityContext != nil {
+		if err := m.SecurityContext.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("securityContext")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("securityContext")
 			}
 			return err
 		}
@@ -410,6 +540,8 @@ func (m *EncryptionConfiguration) contextValidateServer(ctx context.Context, for
 		if err := m.Server.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("server")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("server")
 			}
 			return err
 		}
@@ -424,6 +556,8 @@ func (m *EncryptionConfiguration) contextValidateVault(ctx context.Context, form
 		if err := m.Vault.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("vault")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("vault")
 			}
 			return err
 		}

models/error.go

@@ -39,6 +39,10 @@ type Error struct {
 	// code
 	Code int32 `json:"code,omitempty"`
 
+	// detailed message
+	// Required: true
+	DetailedMessage *string `json:"detailedMessage"`
+
 	// message
 	// Required: true
 	Message *string `json:"message"`
@@ -48,6 +52,10 @@ type Error struct {
 func (m *Error) Validate(formats strfmt.Registry) error {
 	var res []error
 
+	if err := m.validateDetailedMessage(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateMessage(formats); err != nil {
 		res = append(res, err)
 	}
@@ -58,6 +66,15 @@ func (m *Error) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
+func (m *Error) validateDetailedMessage(formats strfmt.Registry) error {
+
+	if err := validate.Required("detailedMessage", "body", m.DetailedMessage); err != nil {
+		return err
+	}
+
+	return nil
+}
+
 func (m *Error) validateMessage(formats strfmt.Registry) error {
 
 	if err := validate.Required("message", "body", m.Message); err != nil {

models/event_list_wrapper.go

@@ -49,6 +49,8 @@ func (m EventListWrapper) Validate(formats strfmt.Registry) error {
 			if err := m[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName(strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName(strconv.Itoa(i))
 				}
 				return err
 			}
@@ -72,6 +74,8 @@ func (m EventListWrapper) ContextValidate(ctx context.Context, formats strfmt.Re
 			if err := m[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName(strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName(strconv.Itoa(i))
 				}
 				return err
 			}

models/format_direct_c_s_i_drives_response.go

@@ -68,6 +68,8 @@ func (m *FormatDirectCSIDrivesResponse) validateFormatIssuesList(formats strfmt.
 			if err := m.FormatIssuesList[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("formatIssuesList" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("formatIssuesList" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -100,6 +102,8 @@ func (m *FormatDirectCSIDrivesResponse) contextValidateFormatIssuesList(ctx cont
 			if err := m.FormatIssuesList[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("formatIssuesList" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("formatIssuesList" + "." + strconv.Itoa(i))
 				}
 				return err
 			}

models/gcp_configuration.go

@@ -65,6 +65,8 @@ func (m *GcpConfiguration) validateSecretmanager(formats strfmt.Registry) error
 		if err := m.Secretmanager.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("secretmanager")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("secretmanager")
 			}
 			return err
 		}
@@ -93,6 +95,8 @@ func (m *GcpConfiguration) contextValidateSecretmanager(ctx context.Context, for
 		if err := m.Secretmanager.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("secretmanager")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("secretmanager")
 			}
 			return err
 		}
@@ -162,6 +166,8 @@ func (m *GcpConfigurationSecretmanager) validateCredentials(formats strfmt.Regis
 		if err := m.Credentials.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("secretmanager" + "." + "credentials")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("secretmanager" + "." + "credentials")
 			}
 			return err
 		}
@@ -199,6 +205,8 @@ func (m *GcpConfigurationSecretmanager) contextValidateCredentials(ctx context.C
 		if err := m.Credentials.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("secretmanager" + "." + "credentials")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("secretmanager" + "." + "credentials")
 			}
 			return err
 		}

models/gemalto_configuration.go

@@ -65,6 +65,8 @@ func (m *GemaltoConfiguration) validateKeysecure(formats strfmt.Registry) error
 		if err := m.Keysecure.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("keysecure")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("keysecure")
 			}
 			return err
 		}
@@ -93,6 +95,8 @@ func (m *GemaltoConfiguration) contextValidateKeysecure(ctx context.Context, for
 		if err := m.Keysecure.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("keysecure")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("keysecure")
 			}
 			return err
 		}
@@ -168,6 +172,8 @@ func (m *GemaltoConfigurationKeysecure) validateCredentials(formats strfmt.Regis
 		if err := m.Credentials.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("keysecure" + "." + "credentials")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("keysecure" + "." + "credentials")
 			}
 			return err
 		}
@@ -194,6 +200,8 @@ func (m *GemaltoConfigurationKeysecure) validateTLS(formats strfmt.Registry) err
 		if err := m.TLS.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("keysecure" + "." + "tls")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("keysecure" + "." + "tls")
 			}
 			return err
 		}
@@ -226,6 +234,8 @@ func (m *GemaltoConfigurationKeysecure) contextValidateCredentials(ctx context.C
 		if err := m.Credentials.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("keysecure" + "." + "credentials")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("keysecure" + "." + "credentials")
 			}
 			return err
 		}
@@ -240,6 +250,8 @@ func (m *GemaltoConfigurationKeysecure) contextValidateTLS(ctx context.Context,
 		if err := m.TLS.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("keysecure" + "." + "tls")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("keysecure" + "." + "tls")
 			}
 			return err
 		}

models/get_bucket_retention_config.go

@@ -71,6 +71,8 @@ func (m *GetBucketRetentionConfig) validateMode(formats strfmt.Registry) error {
 	if err := m.Mode.Validate(formats); err != nil {
 		if ve, ok := err.(*errors.Validation); ok {
 			return ve.ValidateName("mode")
+		} else if ce, ok := err.(*errors.CompositeError); ok {
+			return ce.ValidateName("mode")
 		}
 		return err
 	}
@@ -86,6 +88,8 @@ func (m *GetBucketRetentionConfig) validateUnit(formats strfmt.Registry) error {
 	if err := m.Unit.Validate(formats); err != nil {
 		if ve, ok := err.(*errors.Validation); ok {
 			return ve.ValidateName("unit")
+		} else if ce, ok := err.(*errors.CompositeError); ok {
+			return ce.ValidateName("unit")
 		}
 		return err
 	}
@@ -116,6 +120,8 @@ func (m *GetBucketRetentionConfig) contextValidateMode(ctx context.Context, form
 	if err := m.Mode.ContextValidate(ctx, formats); err != nil {
 		if ve, ok := err.(*errors.Validation); ok {
 			return ve.ValidateName("mode")
+		} else if ce, ok := err.(*errors.CompositeError); ok {
+			return ce.ValidateName("mode")
 		}
 		return err
 	}
@@ -128,6 +134,8 @@ func (m *GetBucketRetentionConfig) contextValidateUnit(ctx context.Context, form
 	if err := m.Unit.ContextValidate(ctx, formats); err != nil {
 		if ve, ok := err.(*errors.Validation); ok {
 			return ve.ValidateName("unit")
+		} else if ce, ok := err.(*errors.CompositeError); ok {
+			return ce.ValidateName("unit")
 		}
 		return err
 	}

models/get_direct_c_s_i_drive_list_response.go

@@ -68,6 +68,8 @@ func (m *GetDirectCSIDriveListResponse) validateDrives(formats strfmt.Registry)
 			if err := m.Drives[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("drives" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("drives" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -100,6 +102,8 @@ func (m *GetDirectCSIDriveListResponse) contextValidateDrives(ctx context.Contex
 			if err := m.Drives[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("drives" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("drives" + "." + strconv.Itoa(i))
 				}
 				return err
 			}

models/get_direct_c_s_i_volume_list_response.go

@@ -68,6 +68,8 @@ func (m *GetDirectCSIVolumeListResponse) validateVolumes(formats strfmt.Registry
 			if err := m.Volumes[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("volumes" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("volumes" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -100,6 +102,8 @@ func (m *GetDirectCSIVolumeListResponse) contextValidateVolumes(ctx context.Cont
 			if err := m.Volumes[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("volumes" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("volumes" + "." + strconv.Itoa(i))
 				}
 				return err
 			}

models/has_permission_request.go

@@ -1,129 +0,0 @@
-// Code generated by go-swagger; DO NOT EDIT.
-
-// This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-//
-
-package models
-
-// This file was generated by the swagger tool.
-// Editing this file might prove futile when you re-run the swagger generate command
-
-import (
-	"context"
-	"strconv"
-
-	"github.com/go-openapi/errors"
-	"github.com/go-openapi/strfmt"
-	"github.com/go-openapi/swag"
-)
-
-// HasPermissionRequest has permission request
-//
-// swagger:model hasPermissionRequest
-type HasPermissionRequest struct {
-
-	// actions
-	Actions []*PolicyArgs `json:"actions"`
-}
-
-// Validate validates this has permission request
-func (m *HasPermissionRequest) Validate(formats strfmt.Registry) error {
-	var res []error
-
-	if err := m.validateActions(formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-func (m *HasPermissionRequest) validateActions(formats strfmt.Registry) error {
-	if swag.IsZero(m.Actions) { // not required
-		return nil
-	}
-
-	for i := 0; i < len(m.Actions); i++ {
-		if swag.IsZero(m.Actions[i]) { // not required
-			continue
-		}
-
-		if m.Actions[i] != nil {
-			if err := m.Actions[i].Validate(formats); err != nil {
-				if ve, ok := err.(*errors.Validation); ok {
-					return ve.ValidateName("actions" + "." + strconv.Itoa(i))
-				}
-				return err
-			}
-		}
-
-	}
-
-	return nil
-}
-
-// ContextValidate validate this has permission request based on the context it is used
-func (m *HasPermissionRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
-	var res []error
-
-	if err := m.contextValidateActions(ctx, formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-func (m *HasPermissionRequest) contextValidateActions(ctx context.Context, formats strfmt.Registry) error {
-
-	for i := 0; i < len(m.Actions); i++ {
-
-		if m.Actions[i] != nil {
-			if err := m.Actions[i].ContextValidate(ctx, formats); err != nil {
-				if ve, ok := err.(*errors.Validation); ok {
-					return ve.ValidateName("actions" + "." + strconv.Itoa(i))
-				}
-				return err
-			}
-		}
-
-	}
-
-	return nil
-}
-
-// MarshalBinary interface implementation
-func (m *HasPermissionRequest) MarshalBinary() ([]byte, error) {
-	if m == nil {
-		return nil, nil
-	}
-	return swag.WriteJSON(m)
-}
-
-// UnmarshalBinary interface implementation
-func (m *HasPermissionRequest) UnmarshalBinary(b []byte) error {
-	var res HasPermissionRequest
-	if err := swag.ReadJSON(b, &res); err != nil {
-		return err
-	}
-	*m = res
-	return nil
-}

models/iam_policy.go

@@ -31,20 +31,23 @@ import (
 	"github.com/go-openapi/swag"
 )
 
-// HasPermissionResponse has permission response
+// IamPolicy iam policy
 //
-// swagger:model hasPermissionResponse
-type HasPermissionResponse struct {
+// swagger:model iamPolicy
+type IamPolicy struct {
 
-	// permissions
-	Permissions []*PermissionAction `json:"permissions"`
+	// statement
+	Statement []*IamPolicyStatement `json:"statement"`
+
+	// version
+	Version string `json:"version,omitempty"`
 }
 
-// Validate validates this has permission response
-func (m *HasPermissionResponse) Validate(formats strfmt.Registry) error {
+// Validate validates this iam policy
+func (m *IamPolicy) Validate(formats strfmt.Registry) error {
 	var res []error
 
-	if err := m.validatePermissions(formats); err != nil {
+	if err := m.validateStatement(formats); err != nil {
 		res = append(res, err)
 	}
 
@@ -54,20 +57,22 @@ func (m *HasPermissionResponse) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *HasPermissionResponse) validatePermissions(formats strfmt.Registry) error {
-	if swag.IsZero(m.Permissions) { // not required
+func (m *IamPolicy) validateStatement(formats strfmt.Registry) error {
+	if swag.IsZero(m.Statement) { // not required
 		return nil
 	}
 
-	for i := 0; i < len(m.Permissions); i++ {
-		if swag.IsZero(m.Permissions[i]) { // not required
+	for i := 0; i < len(m.Statement); i++ {
+		if swag.IsZero(m.Statement[i]) { // not required
 			continue
 		}
 
-		if m.Permissions[i] != nil {
-			if err := m.Permissions[i].Validate(formats); err != nil {
+		if m.Statement[i] != nil {
+			if err := m.Statement[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
-					return ve.ValidateName("permissions" + "." + strconv.Itoa(i))
+					return ve.ValidateName("statement" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("statement" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -78,11 +83,11 @@ func (m *HasPermissionResponse) validatePermissions(formats strfmt.Registry) err
 	return nil
 }
 
-// ContextValidate validate this has permission response based on the context it is used
-func (m *HasPermissionResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+// ContextValidate validate this iam policy based on the context it is used
+func (m *IamPolicy) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
 
-	if err := m.contextValidatePermissions(ctx, formats); err != nil {
+	if err := m.contextValidateStatement(ctx, formats); err != nil {
 		res = append(res, err)
 	}
 
@@ -92,14 +97,16 @@ func (m *HasPermissionResponse) ContextValidate(ctx context.Context, formats str
 	return nil
 }
 
-func (m *HasPermissionResponse) contextValidatePermissions(ctx context.Context, formats strfmt.Registry) error {
+func (m *IamPolicy) contextValidateStatement(ctx context.Context, formats strfmt.Registry) error {
 
-	for i := 0; i < len(m.Permissions); i++ {
+	for i := 0; i < len(m.Statement); i++ {
 
-		if m.Permissions[i] != nil {
-			if err := m.Permissions[i].ContextValidate(ctx, formats); err != nil {
+		if m.Statement[i] != nil {
+			if err := m.Statement[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
-					return ve.ValidateName("permissions" + "." + strconv.Itoa(i))
+					return ve.ValidateName("statement" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("statement" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -111,7 +118,7 @@ func (m *HasPermissionResponse) contextValidatePermissions(ctx context.Context,
 }
 
 // MarshalBinary interface implementation
-func (m *HasPermissionResponse) MarshalBinary() ([]byte, error) {
+func (m *IamPolicy) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
@@ -119,8 +126,8 @@ func (m *HasPermissionResponse) MarshalBinary() ([]byte, error) {
 }
 
 // UnmarshalBinary interface implementation
-func (m *HasPermissionResponse) UnmarshalBinary(b []byte) error {
-	var res HasPermissionResponse
+func (m *IamPolicy) UnmarshalBinary(b []byte) error {
+	var res IamPolicy
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}

models/iam_policy_statement.go

@@ -0,0 +1,76 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// IamPolicyStatement iam policy statement
+//
+// swagger:model iamPolicyStatement
+type IamPolicyStatement struct {
+
+	// action
+	Action []string `json:"action"`
+
+	// condition
+	Condition map[string]interface{} `json:"condition,omitempty"`
+
+	// effect
+	Effect string `json:"effect,omitempty"`
+
+	// resource
+	Resource []string `json:"resource"`
+}
+
+// Validate validates this iam policy statement
+func (m *IamPolicyStatement) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this iam policy statement based on context it is used
+func (m *IamPolicyStatement) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *IamPolicyStatement) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *IamPolicyStatement) UnmarshalBinary(b []byte) error {
+	var res IamPolicyStatement
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/idp_configuration.go

@@ -78,6 +78,8 @@ func (m *IdpConfiguration) validateActiveDirectory(formats strfmt.Registry) erro
 		if err := m.ActiveDirectory.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("active_directory")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("active_directory")
 			}
 			return err
 		}
@@ -100,6 +102,8 @@ func (m *IdpConfiguration) validateKeys(formats strfmt.Registry) error {
 			if err := m.Keys[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("keys" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("keys" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -119,6 +123,8 @@ func (m *IdpConfiguration) validateOidc(formats strfmt.Registry) error {
 		if err := m.Oidc.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("oidc")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("oidc")
 			}
 			return err
 		}
@@ -155,6 +161,8 @@ func (m *IdpConfiguration) contextValidateActiveDirectory(ctx context.Context, f
 		if err := m.ActiveDirectory.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("active_directory")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("active_directory")
 			}
 			return err
 		}
@@ -171,6 +179,8 @@ func (m *IdpConfiguration) contextValidateKeys(ctx context.Context, formats strf
 			if err := m.Keys[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("keys" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("keys" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -187,6 +197,8 @@ func (m *IdpConfiguration) contextValidateOidc(ctx context.Context, formats strf
 		if err := m.Oidc.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("oidc")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("oidc")
 			}
 			return err
 		}
@@ -227,9 +239,18 @@ type IdpConfigurationActiveDirectory struct {
 	// group search filter
 	GroupSearchFilter string `json:"group_search_filter,omitempty"`
 
+	// lookup bind dn
+	LookupBindDn string `json:"lookup_bind_dn,omitempty"`
+
+	// lookup bind password
+	LookupBindPassword string `json:"lookup_bind_password,omitempty"`
+
 	// server insecure
 	ServerInsecure bool `json:"server_insecure,omitempty"`
 
+	// server start tls
+	ServerStartTLS bool `json:"server_start_tls,omitempty"`
+
 	// skip tls verification
 	SkipTLSVerification bool `json:"skip_tls_verification,omitempty"`
 
@@ -237,13 +258,20 @@ type IdpConfigurationActiveDirectory struct {
 	// Required: true
 	URL *string `json:"url"`
 
-	// user search filter
-	// Required: true
-	UserSearchFilter *string `json:"user_search_filter"`
+	// user dn search base dn
+	UserDnSearchBaseDn string `json:"user_dn_search_base_dn,omitempty"`
+
+	// user dn search filter
+	UserDnSearchFilter string `json:"user_dn_search_filter,omitempty"`
+
+	// user dns
+	UserDNS []string `json:"user_dns"`
 
 	// username format
-	// Required: true
-	UsernameFormat *string `json:"username_format"`
+	UsernameFormat string `json:"username_format,omitempty"`
+
+	// username search filter
+	UsernameSearchFilter string `json:"username_search_filter,omitempty"`
 }
 
 // Validate validates this idp configuration active directory
@@ -254,14 +282,6 @@ func (m *IdpConfigurationActiveDirectory) Validate(formats strfmt.Registry) erro
 		res = append(res, err)
 	}
 
-	if err := m.validateUserSearchFilter(formats); err != nil {
-		res = append(res, err)
-	}
-
-	if err := m.validateUsernameFormat(formats); err != nil {
-		res = append(res, err)
-	}
-
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -277,24 +297,6 @@ func (m *IdpConfigurationActiveDirectory) validateURL(formats strfmt.Registry) e
 	return nil
 }
 
-func (m *IdpConfigurationActiveDirectory) validateUserSearchFilter(formats strfmt.Registry) error {
-
-	if err := validate.Required("active_directory"+"."+"user_search_filter", "body", m.UserSearchFilter); err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (m *IdpConfigurationActiveDirectory) validateUsernameFormat(formats strfmt.Registry) error {
-
-	if err := validate.Required("active_directory"+"."+"username_format", "body", m.UsernameFormat); err != nil {
-		return err
-	}
-
-	return nil
-}
-
 // ContextValidate validates this idp configuration active directory based on context it is used
 func (m *IdpConfigurationActiveDirectory) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	return nil
@@ -396,41 +398,64 @@ func (m *IdpConfigurationKeysItems0) UnmarshalBinary(b []byte) error {
 // swagger:model IdpConfigurationOidc
 type IdpConfigurationOidc struct {
 
+	// callback url
+	CallbackURL string `json:"callback_url,omitempty"`
+
+	// claim name
+	// Required: true
+	ClaimName *string `json:"claim_name"`
+
 	// client id
 	// Required: true
 	ClientID *string `json:"client_id"`
 
+	// configuration url
+	// Required: true
+	ConfigurationURL *string `json:"configuration_url"`
+
+	// scopes
+	Scopes string `json:"scopes,omitempty"`
+
 	// secret id
 	// Required: true
 	SecretID *string `json:"secret_id"`
-
-	// url
-	// Required: true
-	URL *string `json:"url"`
 }
 
 // Validate validates this idp configuration oidc
 func (m *IdpConfigurationOidc) Validate(formats strfmt.Registry) error {
 	var res []error
 
+	if err := m.validateClaimName(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateClientID(formats); err != nil {
 		res = append(res, err)
 	}
 
+	if err := m.validateConfigurationURL(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateSecretID(formats); err != nil {
 		res = append(res, err)
 	}
 
-	if err := m.validateURL(formats); err != nil {
-		res = append(res, err)
-	}
-
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
 	return nil
 }
 
+func (m *IdpConfigurationOidc) validateClaimName(formats strfmt.Registry) error {
+
+	if err := validate.Required("oidc"+"."+"claim_name", "body", m.ClaimName); err != nil {
+		return err
+	}
+
+	return nil
+}
+
 func (m *IdpConfigurationOidc) validateClientID(formats strfmt.Registry) error {
 
 	if err := validate.Required("oidc"+"."+"client_id", "body", m.ClientID); err != nil {
@@ -440,18 +465,18 @@ func (m *IdpConfigurationOidc) validateClientID(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *IdpConfigurationOidc) validateSecretID(formats strfmt.Registry) error {
+func (m *IdpConfigurationOidc) validateConfigurationURL(formats strfmt.Registry) error {
 
-	if err := validate.Required("oidc"+"."+"secret_id", "body", m.SecretID); err != nil {
+	if err := validate.Required("oidc"+"."+"configuration_url", "body", m.ConfigurationURL); err != nil {
 		return err
 	}
 
 	return nil
 }
 
-func (m *IdpConfigurationOidc) validateURL(formats strfmt.Registry) error {
+func (m *IdpConfigurationOidc) validateSecretID(formats strfmt.Registry) error {
 
-	if err := validate.Required("oidc"+"."+"url", "body", m.URL); err != nil {
+	if err := validate.Required("oidc"+"."+"secret_id", "body", m.SecretID); err != nil {
 		return err
 	}
 

models/label.go

@@ -0,0 +1,70 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// Label label
+//
+// swagger:model label
+type Label struct {
+
+	// key
+	Key string `json:"key,omitempty"`
+
+	// value
+	Value string `json:"value,omitempty"`
+}
+
+// Validate validates this label
+func (m *Label) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this label based on context it is used
+func (m *Label) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *Label) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *Label) UnmarshalBinary(b []byte) error {
+	var res Label
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/list_access_rules_response.go

@@ -0,0 +1,136 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// ListAccessRulesResponse list access rules response
+//
+// swagger:model listAccessRulesResponse
+type ListAccessRulesResponse struct {
+
+	// list of policies
+	AccessRules []*AccessRule `json:"accessRules"`
+
+	// total number of policies
+	Total int64 `json:"total,omitempty"`
+}
+
+// Validate validates this list access rules response
+func (m *ListAccessRulesResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateAccessRules(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *ListAccessRulesResponse) validateAccessRules(formats strfmt.Registry) error {
+	if swag.IsZero(m.AccessRules) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.AccessRules); i++ {
+		if swag.IsZero(m.AccessRules[i]) { // not required
+			continue
+		}
+
+		if m.AccessRules[i] != nil {
+			if err := m.AccessRules[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("accessRules" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("accessRules" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this list access rules response based on the context it is used
+func (m *ListAccessRulesResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateAccessRules(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *ListAccessRulesResponse) contextValidateAccessRules(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.AccessRules); i++ {
+
+		if m.AccessRules[i] != nil {
+			if err := m.AccessRules[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("accessRules" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("accessRules" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *ListAccessRulesResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *ListAccessRulesResponse) UnmarshalBinary(b []byte) error {
+	var res ListAccessRulesResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/list_bucket_events_response.go

@@ -71,6 +71,8 @@ func (m *ListBucketEventsResponse) validateEvents(formats strfmt.Registry) error
 			if err := m.Events[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("events" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("events" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -103,6 +105,8 @@ func (m *ListBucketEventsResponse) contextValidateEvents(ctx context.Context, fo
 			if err := m.Events[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("events" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("events" + "." + strconv.Itoa(i))
 				}
 				return err
 			}

models/list_buckets_response.go

@@ -39,7 +39,7 @@ type ListBucketsResponse struct {
 	// list of resulting buckets
 	Buckets []*Bucket `json:"buckets"`
 
-	// number of buckets accessible to tenant user
+	// number of buckets accessible to the user
 	Total int64 `json:"total,omitempty"`
 }
 
@@ -71,6 +71,8 @@ func (m *ListBucketsResponse) validateBuckets(formats strfmt.Registry) error {
 			if err := m.Buckets[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("buckets" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("buckets" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -103,6 +105,8 @@ func (m *ListBucketsResponse) contextValidateBuckets(ctx context.Context, format
 			if err := m.Buckets[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("buckets" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("buckets" + "." + strconv.Itoa(i))
 				}
 				return err
 			}

models/list_config_response.go

@@ -71,6 +71,8 @@ func (m *ListConfigResponse) validateConfigurations(formats strfmt.Registry) err
 			if err := m.Configurations[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("configurations" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("configurations" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -103,6 +105,8 @@ func (m *ListConfigResponse) contextValidateConfigurations(ctx context.Context,
 			if err := m.Configurations[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("configurations" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("configurations" + "." + strconv.Itoa(i))
 				}
 				return err
 			}

models/list_objects_response.go

@@ -71,6 +71,8 @@ func (m *ListObjectsResponse) validateObjects(formats strfmt.Registry) error {
 			if err := m.Objects[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("objects" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("objects" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -103,6 +105,8 @@ func (m *ListObjectsResponse) contextValidateObjects(ctx context.Context, format
 			if err := m.Objects[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("objects" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("objects" + "." + strconv.Itoa(i))
 				}
 				return err
 			}

models/list_p_v_cs_response.go

@@ -68,6 +68,8 @@ func (m *ListPVCsResponse) validatePvcs(formats strfmt.Registry) error {
 			if err := m.Pvcs[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("pvcs" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("pvcs" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -100,6 +102,8 @@ func (m *ListPVCsResponse) contextValidatePvcs(ctx context.Context, formats strf
 			if err := m.Pvcs[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("pvcs" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("pvcs" + "." + strconv.Itoa(i))
 				}
 				return err
 			}

models/list_policies_response.go

@@ -71,6 +71,8 @@ func (m *ListPoliciesResponse) validatePolicies(formats strfmt.Registry) error {
 			if err := m.Policies[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("policies" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("policies" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -103,6 +105,8 @@ func (m *ListPoliciesResponse) contextValidatePolicies(ctx context.Context, form
 			if err := m.Policies[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("policies" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("policies" + "." + strconv.Itoa(i))
 				}
 				return err
 			}

models/list_remote_buckets_response.go

@@ -71,6 +71,8 @@ func (m *ListRemoteBucketsResponse) validateBuckets(formats strfmt.Registry) err
 			if err := m.Buckets[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("buckets" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("buckets" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -103,6 +105,8 @@ func (m *ListRemoteBucketsResponse) contextValidateBuckets(ctx context.Context,
 			if err := m.Buckets[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("buckets" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("buckets" + "." + strconv.Itoa(i))
 				}
 				return err
 			}

models/list_tenants_response.go

@@ -71,6 +71,8 @@ func (m *ListTenantsResponse) validateTenants(formats strfmt.Registry) error {
 			if err := m.Tenants[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("tenants" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("tenants" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -103,6 +105,8 @@ func (m *ListTenantsResponse) contextValidateTenants(ctx context.Context, format
 			if err := m.Tenants[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("tenants" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("tenants" + "." + strconv.Itoa(i))
 				}
 				return err
 			}

models/list_users_response.go

@@ -68,6 +68,8 @@ func (m *ListUsersResponse) validateUsers(formats strfmt.Registry) error {
 			if err := m.Users[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("users" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("users" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -100,6 +102,8 @@ func (m *ListUsersResponse) contextValidateUsers(ctx context.Context, formats st
 			if err := m.Users[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("users" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("users" + "." + strconv.Itoa(i))
 				}
 				return err
 			}

models/log_search_configuration.go

@@ -25,6 +25,7 @@ package models
 import (
 	"context"
 
+	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 )
@@ -40,6 +41,15 @@ type LogSearchConfiguration struct {
 	// postgres image
 	PostgresImage string `json:"postgres_image,omitempty"`
 
+	// postgres init image
+	PostgresInitImage string `json:"postgres_init_image,omitempty"`
+
+	// postgres security context
+	PostgresSecurityContext *SecurityContext `json:"postgres_securityContext,omitempty"`
+
+	// security context
+	SecurityContext *SecurityContext `json:"securityContext,omitempty"`
+
 	// storage class
 	StorageClass string `json:"storageClass,omitempty"`
 
@@ -49,11 +59,107 @@ type LogSearchConfiguration struct {
 
 // Validate validates this log search configuration
 func (m *LogSearchConfiguration) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validatePostgresSecurityContext(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateSecurityContext(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
 	return nil
 }
 
-// ContextValidate validates this log search configuration based on context it is used
+func (m *LogSearchConfiguration) validatePostgresSecurityContext(formats strfmt.Registry) error {
+	if swag.IsZero(m.PostgresSecurityContext) { // not required
+		return nil
+	}
+
+	if m.PostgresSecurityContext != nil {
+		if err := m.PostgresSecurityContext.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("postgres_securityContext")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("postgres_securityContext")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *LogSearchConfiguration) validateSecurityContext(formats strfmt.Registry) error {
+	if swag.IsZero(m.SecurityContext) { // not required
+		return nil
+	}
+
+	if m.SecurityContext != nil {
+		if err := m.SecurityContext.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("securityContext")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("securityContext")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// ContextValidate validate this log search configuration based on the context it is used
 func (m *LogSearchConfiguration) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidatePostgresSecurityContext(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.contextValidateSecurityContext(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *LogSearchConfiguration) contextValidatePostgresSecurityContext(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.PostgresSecurityContext != nil {
+		if err := m.PostgresSecurityContext.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("postgres_securityContext")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("postgres_securityContext")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *LogSearchConfiguration) contextValidateSecurityContext(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.SecurityContext != nil {
+		if err := m.SecurityContext.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("securityContext")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("securityContext")
+			}
+			return err
+		}
+	}
+
 	return nil
 }
 

models/make_bucket_request.go

@@ -93,6 +93,8 @@ func (m *MakeBucketRequest) validateQuota(formats strfmt.Registry) error {
 		if err := m.Quota.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("quota")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("quota")
 			}
 			return err
 		}
@@ -110,6 +112,8 @@ func (m *MakeBucketRequest) validateRetention(formats strfmt.Registry) error {
 		if err := m.Retention.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("retention")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("retention")
 			}
 			return err
 		}
@@ -142,6 +146,8 @@ func (m *MakeBucketRequest) contextValidateQuota(ctx context.Context, formats st
 		if err := m.Quota.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("quota")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("quota")
 			}
 			return err
 		}
@@ -156,6 +162,8 @@ func (m *MakeBucketRequest) contextValidateRetention(ctx context.Context, format
 		if err := m.Retention.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("retention")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("retention")
 			}
 			return err
 		}

models/metadata.go

@@ -0,0 +1,67 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// Metadata metadata
+//
+// swagger:model metadata
+type Metadata struct {
+
+	// object metadata
+	ObjectMetadata interface{} `json:"objectMetadata,omitempty"`
+}
+
+// Validate validates this metadata
+func (m *Metadata) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this metadata based on context it is used
+func (m *Metadata) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *Metadata) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *Metadata) UnmarshalBinary(b []byte) error {
+	var res Metadata
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}