From c45824d3f25e6dbff20541f006089347b999a473 Mon Sep 17 00:00:00 2001 From: pb Date: Fri, 1 Aug 2025 13:02:12 +0200 Subject: [PATCH] added a body read to the POST /minio/serviceaccount so that we can specify if the service account credentials should be returned to the caller or used to create a secret on the same peer as the minio --- controllers/minio.go | 104 +++++++++++++++++++++++++++---------------- 1 file changed, 65 insertions(+), 39 deletions(-) diff --git a/controllers/minio.go b/controllers/minio.go index 98b83bd..0214f28 100644 --- a/controllers/minio.go +++ b/controllers/minio.go @@ -1,6 +1,7 @@ package controllers import ( + "encoding/json" "oc-datacenter/infrastructure" oclib "cloud.o-forge.io/core/oc-lib" @@ -14,60 +15,36 @@ type MinioController struct { // @Title CreateServiceAccounnt -// @Description Add a new ServiceAccount to a Minio server using its ID and an execution ID +// @Description Add a new ServiceAccount to a Minio server using its ID and an execution ID and store the secret holding the login in the appropriate namespace // @Success 200 // @Param executions path string true "The executionsID of the execution" // @Param minioId path string true "The ID of the Minio you want to reach" +// @Param retrieve body map[string]string true "Tell the route if the login should be returned in the body" // @router /serviceaccount/:minioId/:executions [post] func (m *MinioController) CreateServiceAccount() { _, peerID, _ := oclib.ExtractTokenInfo(*m.Ctx.Request) // This part is solely for dev purposes and should be removed once test on - + executionsId := m.Ctx.Input.Param(":executions") minioId := m.Ctx.Input.Param(":minioId") + var b map[string]interface{} + var retrieve bool + json.Unmarshal(m.Ctx.Input.CopyBody(10000), &b) + if r, ok := b["retrieve"]; ok { + retrieve = r.(bool) + } + // retrieve the live storage with the minioId - s := oclib.NewRequest(oclib.LibDataEnum(oclib.STORAGE_RESOURCE), "", "", []string{}, nil).LoadOne(minioId) - if s.Err != "" { - m.Ctx.Output.SetStatus(400) - m.Data["json"] = map[string]interface{}{"error": " Could not load the storage resource with id " + minioId + ": " + s.Err} - m.ServeJSON() + access, secret, ok := m.createServiceAccount(minioId, peerID, executionsId) + if !ok { return } - live := findLiveStorage(minioId, peerID) - if live == nil { - m.Ctx.Output.SetStatus(404) - m.Data["json"] = map[string]interface{}{"error":"could not find the Minio instance " + s.Err} - m.ServeJSON() - return - } - - url := live.Source - service := infrastructure.NewMinioService(url) - - // call the method ctrating the svcacc - err := service.CreateClient() - if err != nil { - m.Ctx.Output.SetStatus(500) - m.Data["json"] = map[string]interface{}{"error":"could not create the client for " + minioId + " : " + err.Error()} - m.ServeJSON() - return - } - - access, secret, err := service.CreateCredentials(executionsId) - if err != nil { - m.Ctx.Output.SetStatus(500) - m.Data["json"] = map[string]interface{}{"error":"could not create the service account for " + minioId + " : " + err.Error()} - m.ServeJSON() - return - } - - err = service.CreateBucket(executionsId) - if err != nil { - m.Ctx.Output.SetStatus(500) - m.Data["json"] = map[string]interface{}{"error":"could not create the service account for " + minioId + " : " + err.Error()} + if retrieve { + m.Ctx.Output.SetStatus(201) + m.Data["json"] = map[string]string{"access": access, "secret": secret} m.ServeJSON() return } @@ -108,6 +85,55 @@ func (m *MinioController) CreateServiceAccount() { m.ServeJSON() } + + +func (m *MinioController) createServiceAccount(minioId string, peerID string, executionsId string) (string, string, bool) { + s := oclib.NewRequest(oclib.LibDataEnum(oclib.STORAGE_RESOURCE), "", "", []string{}, nil).LoadOne(minioId) + if s.Err != "" { + m.Ctx.Output.SetStatus(400) + m.Data["json"] = map[string]interface{}{"error": " Could not load the storage resource with id " + minioId + ": " + s.Err} + m.ServeJSON() + return "","", false + } + + live := findLiveStorage(minioId, peerID) + if live == nil { + m.Ctx.Output.SetStatus(404) + m.Data["json"] = map[string]interface{}{"error": "could not find the Minio instance " + s.Err} + m.ServeJSON() + return "", "", false + } + + url := live.Source + service := infrastructure.NewMinioService(url) + + // call the method ctrating the svcacc + err := service.CreateClient() + if err != nil { + m.Ctx.Output.SetStatus(500) + m.Data["json"] = map[string]interface{}{"error": "could not create the client for " + minioId + " : " + err.Error()} + m.ServeJSON() + return "", "", false + } + + access, secret, err := service.CreateCredentials(executionsId) + if err != nil { + m.Ctx.Output.SetStatus(500) + m.Data["json"] = map[string]interface{}{"error": "could not create the service account for " + minioId + " : " + err.Error()} + m.ServeJSON() + return "", "", false + } + + err = service.CreateBucket(executionsId) + if err != nil { + m.Ctx.Output.SetStatus(500) + m.Data["json"] = map[string]interface{}{"error": "could not create the service account for " + minioId + " : " + err.Error()} + m.ServeJSON() + return "", "", false + } + return access, secret, true +} + func findLiveStorage(storageId string, peerId string) *live.LiveStorage { res := oclib.NewRequest(oclib.LibDataEnum(oclib.LIVE_STORAGE),"",peerId,[]string{},nil).LoadAll(false) if res.Err != "" {