2021-04-18 12:41:13 -07:00
|
|
|
// Copyright (c) 2015-2021 MinIO, Inc.
|
|
|
|
//
|
|
|
|
// This file is part of MinIO Object Storage stack
|
|
|
|
//
|
|
|
|
// This program is free software: you can redistribute it and/or modify
|
|
|
|
// it under the terms of the GNU Affero General Public License as published by
|
|
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
|
|
// (at your option) any later version.
|
|
|
|
//
|
|
|
|
// This program is distributed in the hope that it will be useful
|
|
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
// GNU Affero General Public License for more details.
|
|
|
|
//
|
|
|
|
// You should have received a copy of the GNU Affero General Public License
|
|
|
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
2019-10-22 22:59:13 -07:00
|
|
|
|
|
|
|
package opa
|
|
|
|
|
|
|
|
import (
|
2021-06-01 14:59:40 -07:00
|
|
|
"github.com/minio/minio/internal/config"
|
2019-10-22 22:59:13 -07:00
|
|
|
)
|
|
|
|
|
|
|
|
// Legacy OPA envs
|
|
|
|
const (
|
|
|
|
EnvIamOpaURL = "MINIO_IAM_OPA_URL"
|
|
|
|
EnvIamOpaAuthToken = "MINIO_IAM_OPA_AUTHTOKEN"
|
|
|
|
)
|
|
|
|
|
|
|
|
// SetPolicyOPAConfig - One time migration code needed, for migrating from older config to new for PolicyOPAConfig.
|
|
|
|
func SetPolicyOPAConfig(s config.Config, opaArgs Args) {
|
2019-11-13 17:38:05 -08:00
|
|
|
if opaArgs.URL == nil || opaArgs.URL.String() == "" {
|
|
|
|
// Do not enable if opaArgs was empty.
|
|
|
|
return
|
|
|
|
}
|
2019-10-22 22:59:13 -07:00
|
|
|
s[config.PolicyOPASubSys][config.Default] = config.KVS{
|
2019-11-20 15:10:24 -08:00
|
|
|
config.KV{
|
|
|
|
Key: URL,
|
|
|
|
Value: opaArgs.URL.String(),
|
|
|
|
},
|
|
|
|
config.KV{
|
|
|
|
Key: AuthToken,
|
|
|
|
Value: opaArgs.AuthToken,
|
|
|
|
},
|
2019-10-22 22:59:13 -07:00
|
|
|
}
|
|
|
|
}
|