mirror of
https://github.com/minio/minio.git
synced 2024-12-26 15:15:55 -05:00
f3248a4b37
This change adds a `Secret` property to `HelpKV` to identify secrets like passwords and auth tokens that should not be revealed by the server in its configuration fetching APIs. Configuration reporting APIs now do not return secrets.
203 lines
5.4 KiB
Go
203 lines
5.4 KiB
Go
// Copyright (c) 2015-2021 MinIO, Inc.
|
|
//
|
|
// This file is part of MinIO Object Storage stack
|
|
//
|
|
// This program is free software: you can redistribute it and/or modify
|
|
// it under the terms of the GNU Affero General Public License as published by
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
// (at your option) any later version.
|
|
//
|
|
// This program is distributed in the hope that it will be useful
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU Affero General Public License for more details.
|
|
//
|
|
// You should have received a copy of the GNU Affero General Public License
|
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
package logger
|
|
|
|
import (
|
|
"github.com/minio/minio/internal/config"
|
|
)
|
|
|
|
// Help template for logger http and audit
|
|
var (
|
|
Help = config.HelpKVS{
|
|
config.HelpKV{
|
|
Key: Endpoint,
|
|
Description: `HTTP(s) endpoint e.g. "http://localhost:8080/minio/logs/server"`,
|
|
Type: "url",
|
|
Sensitive: true,
|
|
},
|
|
config.HelpKV{
|
|
Key: AuthToken,
|
|
Description: `opaque string or JWT authorization token`,
|
|
Optional: true,
|
|
Type: "string",
|
|
Sensitive: true,
|
|
Secret: true,
|
|
},
|
|
config.HelpKV{
|
|
Key: ClientCert,
|
|
Description: "mTLS certificate for Logger Webhook authentication",
|
|
Optional: true,
|
|
Type: "string",
|
|
Sensitive: true,
|
|
},
|
|
config.HelpKV{
|
|
Key: ClientKey,
|
|
Description: "mTLS certificate key for Logger Webhook authentication",
|
|
Optional: true,
|
|
Type: "string",
|
|
Sensitive: true,
|
|
},
|
|
config.HelpKV{
|
|
Key: QueueSize,
|
|
Description: "configure channel queue size for Logger Webhook targets",
|
|
Optional: true,
|
|
Type: "number",
|
|
},
|
|
config.HelpKV{
|
|
Key: Proxy,
|
|
Description: "proxy url endpoint e.g. http(s)://proxy",
|
|
Optional: true,
|
|
Type: "string",
|
|
},
|
|
config.HelpKV{
|
|
Key: config.Comment,
|
|
Description: config.DefaultComment,
|
|
Optional: true,
|
|
Type: "sentence",
|
|
},
|
|
}
|
|
|
|
HelpWebhook = config.HelpKVS{
|
|
config.HelpKV{
|
|
Key: Endpoint,
|
|
Description: `HTTP(s) endpoint e.g. "http://localhost:8080/minio/logs/audit"`,
|
|
Type: "url",
|
|
Sensitive: true,
|
|
},
|
|
config.HelpKV{
|
|
Key: AuthToken,
|
|
Description: `opaque string or JWT authorization token`,
|
|
Optional: true,
|
|
Type: "string",
|
|
Sensitive: true,
|
|
Secret: true,
|
|
},
|
|
config.HelpKV{
|
|
Key: ClientCert,
|
|
Description: "mTLS certificate for Audit Webhook authentication",
|
|
Optional: true,
|
|
Type: "string",
|
|
Sensitive: true,
|
|
},
|
|
config.HelpKV{
|
|
Key: ClientKey,
|
|
Description: "mTLS certificate key for Audit Webhook authentication",
|
|
Optional: true,
|
|
Type: "string",
|
|
Sensitive: true,
|
|
},
|
|
config.HelpKV{
|
|
Key: QueueSize,
|
|
Description: "configure channel queue size for Audit Webhook targets",
|
|
Optional: true,
|
|
Type: "number",
|
|
},
|
|
config.HelpKV{
|
|
Key: config.Comment,
|
|
Description: config.DefaultComment,
|
|
Optional: true,
|
|
Type: "sentence",
|
|
},
|
|
}
|
|
|
|
HelpKafka = config.HelpKVS{
|
|
config.HelpKV{
|
|
Key: KafkaBrokers,
|
|
Description: "comma separated list of Kafka broker addresses",
|
|
Type: "csv",
|
|
},
|
|
config.HelpKV{
|
|
Key: KafkaTopic,
|
|
Description: "Kafka topic used for bucket notifications",
|
|
Optional: true,
|
|
Type: "string",
|
|
},
|
|
config.HelpKV{
|
|
Key: KafkaSASLUsername,
|
|
Description: "username for SASL/PLAIN or SASL/SCRAM authentication",
|
|
Optional: true,
|
|
Type: "string",
|
|
Sensitive: true,
|
|
},
|
|
config.HelpKV{
|
|
Key: KafkaSASLPassword,
|
|
Description: "password for SASL/PLAIN or SASL/SCRAM authentication",
|
|
Optional: true,
|
|
Type: "string",
|
|
Sensitive: true,
|
|
Secret: true,
|
|
},
|
|
config.HelpKV{
|
|
Key: KafkaSASLMechanism,
|
|
Description: "sasl authentication mechanism, default 'plain'",
|
|
Optional: true,
|
|
Type: "string",
|
|
},
|
|
config.HelpKV{
|
|
Key: KafkaTLSClientAuth,
|
|
Description: "clientAuth determines the Kafka server's policy for TLS client auth",
|
|
Optional: true,
|
|
Type: "string",
|
|
},
|
|
config.HelpKV{
|
|
Key: KafkaSASL,
|
|
Description: "set to 'on' to enable SASL authentication",
|
|
Optional: true,
|
|
Type: "on|off",
|
|
},
|
|
config.HelpKV{
|
|
Key: KafkaTLS,
|
|
Description: "set to 'on' to enable TLS",
|
|
Optional: true,
|
|
Type: "on|off",
|
|
},
|
|
config.HelpKV{
|
|
Key: KafkaTLSSkipVerify,
|
|
Description: `trust server TLS without verification, defaults to "on" (verify)`,
|
|
Optional: true,
|
|
Type: "on|off",
|
|
},
|
|
config.HelpKV{
|
|
Key: KafkaClientTLSCert,
|
|
Description: "path to client certificate for mTLS auth",
|
|
Optional: true,
|
|
Type: "path",
|
|
Sensitive: true,
|
|
},
|
|
config.HelpKV{
|
|
Key: KafkaClientTLSKey,
|
|
Description: "path to client key for mTLS auth",
|
|
Optional: true,
|
|
Type: "path",
|
|
Sensitive: true,
|
|
},
|
|
config.HelpKV{
|
|
Key: KafkaVersion,
|
|
Description: "specify the version of the Kafka cluster",
|
|
Optional: true,
|
|
Type: "string",
|
|
},
|
|
config.HelpKV{
|
|
Key: config.Comment,
|
|
Description: config.DefaultComment,
|
|
Optional: true,
|
|
Type: "sentence",
|
|
},
|
|
}
|
|
)
|