oc-datacenter/infrastructure/minio.go

package infrastructure

import (
	"context"
	"encoding/json"
	"oc-datacenter/conf"

	"github.com/minio/madmin-go/v4"
	"github.com/minio/minio-go/v7/pkg/credentials"

	"github.com/necmettindev/randomstring"
)
	
type MinioService struct{
	Url			string
	RootKey		string
	RootSecret	string
	MinioClient *madmin.AdminClient
}

type StatementEntry struct {
    Effect    string   `json:"Effect"`
    Action    []string `json:"Action"`
    Resource  string `json:"Resource"`
}

type PolicyDocument struct {
    Version   	string           `json:"Version"`
    Statement 	[]StatementEntry `json:"Statement"`
}


func NewMinioService(url string) *MinioService {
	return &MinioService{	
						Url: url, 
						RootKey: conf.GetConfig().MinioRootKey,
						RootSecret: conf.GetConfig().MinioRootSecret,
					}
}

func (m *MinioService) CreateClient() error {
	cred := credentials.NewStaticV4(m.RootKey,m.RootSecret,"")
	cli, err := madmin.NewWithOptions(m.Url, &madmin.Options{Creds: cred, Secure: false}) // Maybe in the future we should use the secure option ?
	if err != nil {
		return err
	}

	m.MinioClient = cli
	return nil
}

func (m *MinioService) CreateCredentials(executionId string) (string,string,error){

	policy := PolicyDocument{
		Version: "2012-10-17",
		Statement: []StatementEntry{
			{
				Effect:   "Allow",
				Action:   []string{"s3:GetObject", "s3:PutObject"},
				Resource: "arn:aws:s3:::"+executionId+"/*",
			},
		},
	}

	p, err := json.Marshal(policy)
	if err != nil {
		return "","",err
	}

	randAccess, randSecret := getRandomCreds()

	req := madmin.AddServiceAccountReq{
		Policy: p,
		TargetUser: m.RootKey,
		AccessKey: randAccess,
		SecretKey: randSecret,
	}
	
	res, err := m.MinioClient.AddServiceAccount(context.Background(), req)
	if err != nil {
		return "", "", err
	}

	
	return res.AccessKey, res.SecretKey, nil

}

func getRandomCreds() (string, string){
	opts := randomstring.GenerationOptions{
		Length: 20,
	}

	a, _ := randomstring.GenerateString(opts)

	opts.Length = 40
	s, _ := randomstring.GenerateString(opts)

	return a,s

}

func (m *MinioService) CreateBucket(executionId string) error {

	return nil
}
started implementing the routes and service to interract with a given Minio server 2025-06-26 10:31:48 +02:00			`package infrastructure`

			`import (`
			`"context"`
			`"encoding/json"`
			`"oc-datacenter/conf"`

			`"github.com/minio/madmin-go/v4"`
			`"github.com/minio/minio-go/v7/pkg/credentials"`

			`"github.com/necmettindev/randomstring"`
			`)`

			`type MinioService struct{`
			`Url string`
			`RootKey string`
			`RootSecret string`
			`MinioClient *madmin.AdminClient`
			`}`

			`type StatementEntry struct {`
			Effect string `json:"Effect"`
			Action []string `json:"Action"`
			Resource string `json:"Resource"`
			`}`

			`type PolicyDocument struct {`
			Version string `json:"Version"`
			Statement []StatementEntry `json:"Statement"`
			`}`


			`func NewMinioService(url string) *MinioService {`
			`return &MinioService{`
			`Url: url,`
			`RootKey: conf.GetConfig().MinioRootKey,`
			`RootSecret: conf.GetConfig().MinioRootSecret,`
			`}`
			`}`

			`func (m *MinioService) CreateClient() error {`
			`cred := credentials.NewStaticV4(m.RootKey,m.RootSecret,"")`
			`cli, err := madmin.NewWithOptions(m.Url, &madmin.Options{Creds: cred, Secure: false}) // Maybe in the future we should use the secure option ?`
			`if err != nil {`
			`return err`
			`}`

			`m.MinioClient = cli`
			`return nil`
			`}`

			`func (m *MinioService) CreateCredentials(executionId string) (string,string,error){`

			`policy := PolicyDocument{`
			`Version: "2012-10-17",`
			`Statement: []StatementEntry{`
			`{`
			`Effect: "Allow",`
			`Action: []string{"s3:GetObject", "s3:PutObject"},`
			`Resource: "arn:aws:s3:::"+executionId+"/*",`
			`},`
			`},`
			`}`

			`p, err := json.Marshal(policy)`
			`if err != nil {`
			`return "","",err`
			`}`

			`randAccess, randSecret := getRandomCreds()`

			`req := madmin.AddServiceAccountReq{`
			`Policy: p,`
			`TargetUser: m.RootKey,`
			`AccessKey: randAccess,`
			`SecretKey: randSecret,`
			`}`

			`res, err := m.MinioClient.AddServiceAccount(context.Background(), req)`
			`if err != nil {`
			`return "", "", err`
			`}`

implemented the /minio/serviceaccount route to create new serviceAccount in the minio corresponding to the parameter, then store it in secret in the namespace corresponding to the executionsId 2025-06-30 12:33:24 +02:00
started implementing the routes and service to interract with a given Minio server 2025-06-26 10:31:48 +02:00			`return res.AccessKey, res.SecretKey, nil`

			`}`

			`func getRandomCreds() (string, string){`
			`opts := randomstring.GenerationOptions{`
implemented the /minio/serviceaccount route to create new serviceAccount in the minio corresponding to the parameter, then store it in secret in the namespace corresponding to the executionsId 2025-06-30 12:33:24 +02:00			`Length: 20,`
started implementing the routes and service to interract with a given Minio server 2025-06-26 10:31:48 +02:00			`}`

			`a, _ := randomstring.GenerateString(opts)`

implemented the /minio/serviceaccount route to create new serviceAccount in the minio corresponding to the parameter, then store it in secret in the namespace corresponding to the executionsId 2025-06-30 12:33:24 +02:00			`opts.Length = 40`
started implementing the routes and service to interract with a given Minio server 2025-06-26 10:31:48 +02:00			`s, _ := randomstring.GenerateString(opts)`

			`return a,s`

			`}`

			`func (m *MinioService) CreateBucket(executionId string) error {`

			`return nil`
			`}`