mirror of
https://github.com/minio/minio.git
synced 2024-12-24 06:05:55 -05:00
Introduce new config subnet api_key
(#13793)
The earlier approach of using a license token for communicating with SUBNET is being replaced with a simpler mechanism of API keys. Unlike the license which is a JWT token, these API keys will be simple UUID tokens and don't have any embedded information in them. SUBNET would generate the API key on cluster registration, and then it would be saved in this config, to be used for subsequent communication with SUBNET.
This commit is contained in:
parent
7460fb8349
commit
d29df6714a
@ -193,6 +193,9 @@ func minioConfigToConsoleFeatures() {
|
|||||||
if globalSubnetConfig.License != "" {
|
if globalSubnetConfig.License != "" {
|
||||||
os.Setenv("CONSOLE_SUBNET_LICENSE", globalSubnetConfig.License)
|
os.Setenv("CONSOLE_SUBNET_LICENSE", globalSubnetConfig.License)
|
||||||
}
|
}
|
||||||
|
if globalSubnetConfig.APIKey != "" {
|
||||||
|
os.Setenv("CONSOLE_SUBNET_API_KEY", globalSubnetConfig.APIKey)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func initConsoleServer() (*restapi.Server, error) {
|
func initConsoleServer() (*restapi.Server, error) {
|
||||||
|
@ -191,7 +191,7 @@ func initHelp() {
|
|||||||
config.HelpKV{
|
config.HelpKV{
|
||||||
Key: config.SubnetSubSys,
|
Key: config.SubnetSubSys,
|
||||||
Type: "string",
|
Type: "string",
|
||||||
Description: "set subnet config for the cluster e.g. license token",
|
Description: "set subnet config for the cluster e.g. api key",
|
||||||
Optional: true,
|
Optional: true,
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
@ -233,7 +233,7 @@ func initHelp() {
|
|||||||
config.NotifyRedisSubSys: notify.HelpRedis,
|
config.NotifyRedisSubSys: notify.HelpRedis,
|
||||||
config.NotifyWebhookSubSys: notify.HelpWebhook,
|
config.NotifyWebhookSubSys: notify.HelpWebhook,
|
||||||
config.NotifyESSubSys: notify.HelpES,
|
config.NotifyESSubSys: notify.HelpES,
|
||||||
config.SubnetSubSys: subnet.HelpLicense,
|
config.SubnetSubSys: subnet.HelpSubnet,
|
||||||
}
|
}
|
||||||
|
|
||||||
config.RegisterHelpSubSys(helpMap)
|
config.RegisterHelpSubSys(helpMap)
|
||||||
|
@ -60,7 +60,8 @@ const (
|
|||||||
RegionName = "name"
|
RegionName = "name"
|
||||||
AccessKey = "access_key"
|
AccessKey = "access_key"
|
||||||
SecretKey = "secret_key"
|
SecretKey = "secret_key"
|
||||||
License = "license"
|
License = "license" // Deprecated Dec 2021
|
||||||
|
APIKey = "api_key"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Top level config constants.
|
// Top level config constants.
|
||||||
|
@ -39,7 +39,8 @@ const (
|
|||||||
EnvSiteName = "MINIO_SITE_NAME"
|
EnvSiteName = "MINIO_SITE_NAME"
|
||||||
EnvSiteRegion = "MINIO_SITE_REGION"
|
EnvSiteRegion = "MINIO_SITE_REGION"
|
||||||
|
|
||||||
EnvMinIOSubnetLicense = "MINIO_SUBNET_LICENSE"
|
EnvMinIOSubnetLicense = "MINIO_SUBNET_LICENSE" // Deprecated Dec 2021
|
||||||
|
EnvMinIOSubnetAPIKey = "MINIO_SUBNET_API_KEY"
|
||||||
EnvMinIOServerURL = "MINIO_SERVER_URL"
|
EnvMinIOServerURL = "MINIO_SERVER_URL"
|
||||||
EnvMinIOBrowserRedirectURL = "MINIO_BROWSER_REDIRECT_URL"
|
EnvMinIOBrowserRedirectURL = "MINIO_BROWSER_REDIRECT_URL"
|
||||||
EnvRootDiskThresholdSize = "MINIO_ROOTDISK_THRESHOLD_SIZE"
|
EnvRootDiskThresholdSize = "MINIO_ROOTDISK_THRESHOLD_SIZE"
|
||||||
|
@ -18,7 +18,6 @@
|
|||||||
package subnet
|
package subnet
|
||||||
|
|
||||||
import (
|
import (
|
||||||
jwtgo "github.com/golang-jwt/jwt/v4"
|
|
||||||
"github.com/minio/minio/internal/config"
|
"github.com/minio/minio/internal/config"
|
||||||
"github.com/minio/pkg/env"
|
"github.com/minio/pkg/env"
|
||||||
)
|
)
|
||||||
@ -27,17 +26,27 @@ var (
|
|||||||
// DefaultKVS - default KV config for subnet settings
|
// DefaultKVS - default KV config for subnet settings
|
||||||
DefaultKVS = config.KVS{
|
DefaultKVS = config.KVS{
|
||||||
config.KV{
|
config.KV{
|
||||||
Key: config.License,
|
Key: config.License, // Deprecated Dec 2021
|
||||||
|
Value: "",
|
||||||
|
},
|
||||||
|
config.KV{
|
||||||
|
Key: config.APIKey,
|
||||||
Value: "",
|
Value: "",
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
// HelpLicense - provides help for license config
|
// HelpSubnet - provides help for subnet api key config
|
||||||
HelpLicense = config.HelpKVS{
|
HelpSubnet = config.HelpKVS{
|
||||||
config.HelpKV{
|
config.HelpKV{
|
||||||
Key: config.License,
|
Key: config.License, // Deprecated Dec 2021
|
||||||
Type: "string",
|
Type: "string",
|
||||||
Description: "Subnet license token for the cluster",
|
Description: "[DEPRECATED use api_key] Subnet license token for the cluster",
|
||||||
|
Optional: true,
|
||||||
|
},
|
||||||
|
config.HelpKV{
|
||||||
|
Key: config.APIKey,
|
||||||
|
Type: "string",
|
||||||
|
Description: "Subnet api key for the cluster",
|
||||||
Optional: true,
|
Optional: true,
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
@ -45,18 +54,11 @@ var (
|
|||||||
|
|
||||||
// Config represents the subnet related configuration
|
// Config represents the subnet related configuration
|
||||||
type Config struct {
|
type Config struct {
|
||||||
// The subnet license token
|
// The subnet license token - Deprecated Dec 2021
|
||||||
License string `json:"license"`
|
License string `json:"license"`
|
||||||
}
|
|
||||||
|
|
||||||
func validateLicenseFormat(lic string) error {
|
// The subnet api key
|
||||||
if len(lic) == 0 {
|
APIKey string `json:"api_key"`
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
// Only verifying that the string is a parseable JWT token as of now
|
|
||||||
_, _, err := new(jwtgo.Parser).ParseUnverified(lic, jwtgo.MapClaims{})
|
|
||||||
return err
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// LookupConfig - lookup config and override with valid environment settings if any.
|
// LookupConfig - lookup config and override with valid environment settings if any.
|
||||||
@ -66,6 +68,7 @@ func LookupConfig(kvs config.KVS) (cfg Config, err error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
cfg.License = env.Get(config.EnvMinIOSubnetLicense, kvs.Get(config.License))
|
cfg.License = env.Get(config.EnvMinIOSubnetLicense, kvs.Get(config.License))
|
||||||
|
cfg.APIKey = env.Get(config.EnvMinIOSubnetAPIKey, kvs.Get(config.APIKey))
|
||||||
|
|
||||||
return cfg, validateLicenseFormat(cfg.License)
|
return cfg, nil
|
||||||
}
|
}
|
Loading…
Reference in New Issue
Block a user