core/oc-datacenter
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added a body read to the POST /minio/serviceaccount so that we can specify if the service account credentials should be returned to the caller or used to create a secret on the same peer as the minio

Browse Source
This commit is contained in:
pb 2025-08-01 13:02:12 +02:00
parent 39137c4f2a
commit c45824d3f2
1 changed files with 65 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

102
controllers/minio.go
View File

@ -1,6 +1,7 @@
package controllers package controllers
import ( import (
"encoding/json"
"oc-datacenter/infrastructure" "oc-datacenter/infrastructure"
oclib "cloud.o-forge.io/core/oc-lib" oclib "cloud.o-forge.io/core/oc-lib"
@ -14,10 +15,11 @@ type MinioController struct {
// @Title CreateServiceAccounnt // @Title CreateServiceAccounnt
// @Description Add a new ServiceAccount to a Minio server using its ID and an execution ID // @Description Add a new ServiceAccount to a Minio server using its ID and an execution ID and store the secret holding the login in the appropriate namespace
// @Success 200 // @Success 200
// @Param executions path string true "The executionsID of the execution" // @Param executions path string true "The executionsID of the execution"
// @Param minioId path string true "The ID of the Minio you want to reach" // @Param minioId path string true "The ID of the Minio you want to reach"
// @Param retrieve body map[string]string true "Tell the route if the login should be returned in the body"
// @router /serviceaccount/:minioId/:executions [post] // @router /serviceaccount/:minioId/:executions [post]
func (m *MinioController) CreateServiceAccount() { func (m *MinioController) CreateServiceAccount() {
_, peerID, _ := oclib.ExtractTokenInfo(*m.Ctx.Request) _, peerID, _ := oclib.ExtractTokenInfo(*m.Ctx.Request)
@ -27,47 +29,22 @@ func (m *MinioController) CreateServiceAccount() {
executionsId := m.Ctx.Input.Param(":executions") executionsId := m.Ctx.Input.Param(":executions")
minioId := m.Ctx.Input.Param(":minioId") minioId := m.Ctx.Input.Param(":minioId")
var b map[string]interface{}
var retrieve bool
json.Unmarshal(m.Ctx.Input.CopyBody(10000), &b)
if r, ok := b["retrieve"]; ok {
retrieve = r.(bool)
}
// retrieve the live storage with the minioId // retrieve the live storage with the minioId
s := oclib.NewRequest(oclib.LibDataEnum(oclib.STORAGE_RESOURCE), "", "", []string{}, nil).LoadOne(minioId) access, secret, ok := m.createServiceAccount(minioId, peerID, executionsId)
if s.Err != "" { if !ok {
m.Ctx.Output.SetStatus(400)
m.Data["json"] = map[string]interface{}{"error": " Could not load the storage resource with id " + minioId + ": " + s.Err}
m.ServeJSON()
return return
} }
live := findLiveStorage(minioId, peerID) if retrieve {
if live == nil { m.Ctx.Output.SetStatus(201)
m.Ctx.Output.SetStatus(404) m.Data["json"] = map[string]string{"access": access, "secret": secret}
m.Data["json"] = map[string]interface{}{"error":"could not find the Minio instance " + s.Err}
m.ServeJSON()
return
}
url := live.Source
service := infrastructure.NewMinioService(url)
// call the method ctrating the svcacc
err := service.CreateClient()
if err != nil {
m.Ctx.Output.SetStatus(500)
m.Data["json"] = map[string]interface{}{"error":"could not create the client for " + minioId + " : " + err.Error()}
m.ServeJSON()
return
}
access, secret, err := service.CreateCredentials(executionsId)
if err != nil {
m.Ctx.Output.SetStatus(500)
m.Data["json"] = map[string]interface{}{"error":"could not create the service account for " + minioId + " : " + err.Error()}
m.ServeJSON()
return
}
err = service.CreateBucket(executionsId)
if err != nil {
m.Ctx.Output.SetStatus(500)
m.Data["json"] = map[string]interface{}{"error":"could not create the service account for " + minioId + " : " + err.Error()}
m.ServeJSON() m.ServeJSON()
return return
} }
@ -108,6 +85,55 @@ func (m *MinioController) CreateServiceAccount() {
m.ServeJSON() m.ServeJSON()
} }
func (m *MinioController) createServiceAccount(minioId string, peerID string, executionsId string) (string, string, bool) {
s := oclib.NewRequest(oclib.LibDataEnum(oclib.STORAGE_RESOURCE), "", "", []string{}, nil).LoadOne(minioId)
if s.Err != "" {
m.Ctx.Output.SetStatus(400)
m.Data["json"] = map[string]interface{}{"error": " Could not load the storage resource with id " + minioId + ": " + s.Err}
m.ServeJSON()
return "","", false
}
live := findLiveStorage(minioId, peerID)
if live == nil {
m.Ctx.Output.SetStatus(404)
m.Data["json"] = map[string]interface{}{"error": "could not find the Minio instance " + s.Err}
m.ServeJSON()
return "", "", false
}
url := live.Source
service := infrastructure.NewMinioService(url)
// call the method ctrating the svcacc
err := service.CreateClient()
if err != nil {
m.Ctx.Output.SetStatus(500)
m.Data["json"] = map[string]interface{}{"error": "could not create the client for " + minioId + " : " + err.Error()}
m.ServeJSON()
return "", "", false
}
access, secret, err := service.CreateCredentials(executionsId)
if err != nil {
m.Ctx.Output.SetStatus(500)
m.Data["json"] = map[string]interface{}{"error": "could not create the service account for " + minioId + " : " + err.Error()}
m.ServeJSON()
return "", "", false
}
err = service.CreateBucket(executionsId)
if err != nil {
m.Ctx.Output.SetStatus(500)
m.Data["json"] = map[string]interface{}{"error": "could not create the service account for " + minioId + " : " + err.Error()}
m.ServeJSON()
return "", "", false
}
return access, secret, true
}
func findLiveStorage(storageId string, peerId string) *live.LiveStorage { func findLiveStorage(storageId string, peerId string) *live.LiveStorage {
res := oclib.NewRequest(oclib.LibDataEnum(oclib.LIVE_STORAGE),"",peerId,[]string{},nil).LoadAll(false) res := oclib.NewRequest(oclib.LibDataEnum(oclib.LIVE_STORAGE),"",peerId,[]string{},nil).LoadAll(false)
if res.Err != "" { if res.Err != "" {