added a return statement to CreateCredentialHoldingSecret

improved an error message
adding the generated routers
2025-08-07 11:53:36 +02:00 · 2025-08-06 11:09:13 +02:00 · 2025-08-05 12:24:20 +02:00 · 2025-08-01 17:42:22 +02:00 · 2025-08-01 16:28:49 +02:00 · 2025-08-01 16:23:41 +02:00
5 changed files with 146 additions and 47 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1 @@
-swagger/
+swagger/
 env.env
--- a/4
+++ b/4
@@ -1,3 +1,5 @@
 ARG KUBERNETES_HOST=${KUBERNETES_HOST:-"127.0.0.1"}
 FROM golang:alpine AS deps
 WORKDIR /app
@@ -39,6 +41,8 @@ RUN sed -i 's/http:\/\/127.0.0.1:8080\/swagger\/swagger.json/swagger.json/g' /ap
 FROM golang:alpine
 ENV KUBERNETES_SERVICE_HOST=$KUBERNETES_HOST
 WORKDIR /app
 COPY --from=builder /app/extracted/oc-datacenter /usr/bin/ 
 COPY --from=builder /app/extracted/swagger /app/swagger
--- a/controllers/minio.go
+++ b/controllers/minio.go
@@ -1,6 +1,7 @@
 package controllers
 import (
 	"encoding/json"
 	"oc-datacenter/infrastructure"
 	oclib "cloud.o-forge.io/core/oc-lib"
@@ -14,60 +15,36 @@ type MinioController struct {
 // @Title CreateServiceAccounnt
-// @Description Add a new ServiceAccount to a Minio server using its ID and an execution ID
+// @Description Add a new ServiceAccount to a Minio server using its ID and an execution ID and store the secret holding the login in the appropriate namespace
-// @Success 200
+// @Success 201
-// @Param	executions	path	string	true	"The executionsID of the execution"
+// @Param	executions	path	string				true	"The executionsID of the execution"
-// @Param	minioId		path	string	true	"The ID of the Minio you want to reach"
+// @Param	minioId		path	string				true	"The ID of the Minio you want to reach"
 // @Param 	retrieve	body	map[string]string	false	"Should be empty or contain "'retrieve': true"
 // @router	/serviceaccount/:minioId/:executions [post]
 func (m *MinioController) CreateServiceAccount() {
 	_, peerID, _ := oclib.ExtractTokenInfo(*m.Ctx.Request)
 	// This part is solely for dev purposes and should be removed once test on 
-
+ 
 	executionsId := m.Ctx.Input.Param(":executions")
 	minioId := m.Ctx.Input.Param(":minioId")
 	var b map[string]interface{}
 	retrieve := false
 	json.Unmarshal(m.Ctx.Input.CopyBody(10000), &b)
 	if r, ok :=  b["retrieve"]; ok {
 		retrieve = r.(bool)
 	}
 	// retrieve the live storage with the minioId 
-	s := oclib.NewRequest(oclib.LibDataEnum(oclib.STORAGE_RESOURCE), "", "", []string{}, nil).LoadOne(minioId)
+	access, secret, ok := m.createServiceAccount(minioId, peerID, executionsId)
-	if s.Err != "" {
+	if !ok {
 		m.Ctx.Output.SetStatus(400)
 		m.Data["json"] = map[string]interface{}{"error": " Could not load the storage resource with id " + minioId + ": " + s.Err}
 		m.ServeJSON()
 		return
 	}
-	live := findLiveStorage(minioId, peerID)
+	if retrieve {
-	if live == nil {
+		m.Ctx.Output.SetStatus(201)
-		m.Ctx.Output.SetStatus(404)
+		m.Data["json"] = map[string]string{"access": access, "secret": secret}
 		m.Data["json"] = map[string]interface{}{"error":"could not find the Minio instance " + s.Err}
 		m.ServeJSON()
 		return
 	}	
 	url := live.Source
 	service := infrastructure.NewMinioService(url)
 	// call the method ctrating the svcacc
 	err := service.CreateClient()
 	if err != nil {
 		m.Ctx.Output.SetStatus(500)
 		m.Data["json"] = map[string]interface{}{"error":"could not create the client for " +  minioId + " : " + err.Error()}
 		m.ServeJSON()
 		return	
 	}
 	access, secret, err := service.CreateCredentials(executionsId)
 	if err != nil {
 		m.Ctx.Output.SetStatus(500)
 		m.Data["json"] = map[string]interface{}{"error":"could not create the service account for " +  minioId + " : " + err.Error()}
 		m.ServeJSON()
 		return
 	}
 	err = service.CreateBucket(executionsId)
 	if err != nil {
 		m.Ctx.Output.SetStatus(500)
 		m.Data["json"] = map[string]interface{}{"error":"could not create the service account for " +  minioId + " : " + err.Error()}
 		m.ServeJSON()
 		return
 	}
@@ -108,6 +85,55 @@ func (m *MinioController) CreateServiceAccount() {
 	m.ServeJSON()
 }
 func (m *MinioController) createServiceAccount(minioId string, peerID string, executionsId string) (string, string, bool) {
 	s := oclib.NewRequest(oclib.LibDataEnum(oclib.STORAGE_RESOURCE), "", "", []string{}, nil).LoadOne(minioId)
 	if s.Err != "" {
 		m.Ctx.Output.SetStatus(400)
 		m.Data["json"] = map[string]interface{}{"error": " Could not load the storage resource with id " + minioId + ": " + s.Err}
 		m.ServeJSON()
 		return "","", false
 	}
 	live := findLiveStorage(minioId, peerID)
 	if live == nil {
 		m.Ctx.Output.SetStatus(404)
 		m.Data["json"] = map[string]interface{}{"error": "could not find the Minio instance for " + minioId}
 		m.ServeJSON()
 		return "", "", false
 	}
 	url := live.Source
 	service := infrastructure.NewMinioService(url)
 	// call the method ctrating the svcacc
 	err := service.CreateClient()
 	if err != nil {
 		m.Ctx.Output.SetStatus(500)
 		m.Data["json"] = map[string]interface{}{"error": "could not create the client for " + minioId + " : " + err.Error()}
 		m.ServeJSON()
 		return "", "", false
 	}
 	access, secret, err := service.CreateCredentials(executionsId)
 	if err != nil {
 		m.Ctx.Output.SetStatus(500)
 		m.Data["json"] = map[string]interface{}{"error": "could not create the service account for " + minioId + " : " + err.Error()}
 		m.ServeJSON()
 		return "", "", false
 	}
 	err = service.CreateBucket(executionsId)
 	if err != nil {
 		m.Ctx.Output.SetStatus(500)
 		m.Data["json"] = map[string]interface{}{"error": "error while creating the service account for " + minioId + " : " + err.Error()}
 		m.ServeJSON()
 		return "", "", false
 	}
 	return access, secret, true
 }
 func findLiveStorage(storageId string, peerId string) *live.LiveStorage {
 	res := oclib.NewRequest(oclib.LibDataEnum(oclib.LIVE_STORAGE),"",peerId,[]string{},nil).LoadAll(false)
 	if res.Err != "" {
@@ -127,4 +153,65 @@ func findLiveStorage(storageId string, peerId string) *live.LiveStorage {
 	}
 	return nil
-}
+}
 // @Title CreateCredentialsSecret
 // @Description Create a Kubernetes secret holding the access and secret keys to a given S3 server and bucket
 // @Success 201
 // @Param	executions	path	string				true	"The executionsID of the execution"
 // @Param	minioId		path	string				true	"The ID of the Minio youto which the credentials give access to"
 // @Param 	creds		body	map[string]string	true	"The credentials to store in the secret"
 // @router	/secret/:minioId/:executions [post]
 func (m *MinioController) CreateCredentialHoldingSecret(){
 	executionsId := m.Ctx.Input.Param(":executions")
 	minioId := m.Ctx.Input.Param(":minioId")
 	var creds map[string]string
 	json.Unmarshal(m.Ctx.Input.CopyBody(10000), &creds)
 	access, aOk := creds["access"]
 	secret, sOk := creds["secret"]  
 	if !aOk || !sOk || len(access) == 0 || len(secret) == 0 {
 		m.Ctx.Output.SetStatus(403)
 		m.Data["json"] = map[string]interface{}{"error": "Missing credentials"}
 		m.ServeJSON()
 	}
 		// test if the namespace exists
 	k, err := infrastructure.NewService()
 	if err != nil {
 		m.Ctx.Output.SetStatus(500)
 		m.Data["json"] = map[string]string{"error": err.Error()}
 		m.ServeJSON()
 		return
 	}
 	ns, err := k.GetNamespace(m.Ctx.Request.Context(), executionsId)
 	if ns == nil {
 		m.Ctx.Output.SetStatus(403)
 		m.Data["json"] = map[string]string{"error":"Could not find the namespace corresponding to executionsID " + executionsId}
 		m.ServeJSON()
 		return
 	}
 	if err != nil {
 		m.Ctx.Output.SetStatus(500)
 		m.Data["json"] = map[string]string{"error": "Error when trying to check if namespace " + executionsId + " exists : " + err.Error()}
 		m.ServeJSON()
 		return
 	}
 	// store the credentials in the namespace
 	err = k.CreateSecret(m.Ctx.Request.Context(), minioId, executionsId, creds["access"], creds["secret"])
 	if err != nil {
 		m.Ctx.Output.SetStatus(500)
 		m.Data["json"] = map[string]string{"error": "Error when storing Minio serviceAccount credentials in namespace " + executionsId + " exists : " + err.Error()}
 		m.ServeJSON()
 		return
 	}
 	m.Ctx.Output.SetStatus(201)
 	m.ServeJSON()
 }
--- a/infrastructure/minio.go
+++ b/infrastructure/minio.go
@@ -115,8 +115,8 @@ func (m *MinioService) CreateBucket(executionId string) error {
 		return err
 	}
-	err = client.MakeBucket(context.Background(), executionId, minio.MakeBucketOptions{})
+	err = client.MakeBucket(context.Background(), executionId, minio.MakeBucketOptions{ForceCreate: false})
-	if err != nil {
+	if err != nil && err.(minio.ErrorResponse).Code != "BucketAlreadyOwnedByYou" {
 		l.Error().Msg("Error when creating the bucket for namespace " + executionId)
 		return err
 	}
--- a/routers/commentsRouter.go
+++ b/routers/commentsRouter.go
@@ -196,6 +196,15 @@ func init() {
            Filters: nil,
            Params: nil})
    beego.GlobalControllerRouter["oc-datacenter/controllers:MinioController"] = append(beego.GlobalControllerRouter["oc-datacenter/controllers:MinioController"],
        beego.ControllerComments{
            Method: "CreateCredentialHoldingSecret",
            Router: `/secret/:minioId/:executions`,
            AllowHTTPMethods: []string{"post"},
            MethodParams: param.Make(),
            Filters: nil,
            Params: nil})
    beego.GlobalControllerRouter["oc-datacenter/controllers:MinioController"] = append(beego.GlobalControllerRouter["oc-datacenter/controllers:MinioController"],
        beego.ControllerComments{
            Method: "CreateServiceAccount",
Author	SHA1	Message	Date
pb	feb46e2934	added a return statement to CreateCredentialHoldingSecret	2025-08-07 11:53:36 +02:00
pb	67c312d0d6	improved an error message	2025-08-06 11:09:13 +02:00
pb	10b4dac141	adding the generated routers	2025-08-05 12:24:20 +02:00
pb	ebb330e3fa	added the route that creates a secret from the s3 credentials	2025-08-01 17:42:22 +02:00
pb	25d1c7ca39	corrected how retrieve is instanciated	2025-08-01 16:28:49 +02:00
pb	a788373c0f	corrected the way we create buckets	2025-08-01 16:23:41 +02:00
pb	c45824d3f2	added a body read to the POST /minio/serviceaccount so that we can specify if the service account credentials should be returned to the caller or used to create a secret on the same peer as the minio	2025-08-01 13:02:12 +02:00