Repurpose Get/SetConfig as import/export support (#8578)

master
Harshavardhana 5 years ago committed by GitHub
parent 720442b1a2
commit 78eb3b78bb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 40
      cmd/admin-handlers-config-kv.go
  2. 6
      cmd/config/identity/openid/help.go
  3. 6
      cmd/config/identity/openid/jwt.go

@ -185,6 +185,8 @@ func (a adminAPIHandlers) SetConfigKVHandler(w http.ResponseWriter, r *http.Requ
if globalConfigEncrypted { if globalConfigEncrypted {
saveConfig(context.Background(), objectAPI, backendEncryptedFile, backendEncryptedMigrationComplete) saveConfig(context.Background(), objectAPI, backendEncryptedFile, backendEncryptedMigrationComplete)
} }
writeSuccessResponseHeadersOnly(w)
} }
// GetConfigKVHandler - GET /minio/admin/v2/get-config-kv?key={key} // GetConfigKVHandler - GET /minio/admin/v2/get-config-kv?key={key}
@ -422,17 +424,28 @@ func (a adminAPIHandlers) SetConfigHandler(w http.ResponseWriter, r *http.Reques
} }
password := globalActiveCred.SecretKey password := globalActiveCred.SecretKey
configBytes, err := madmin.DecryptData(password, io.LimitReader(r.Body, r.ContentLength)) kvBytes, err := madmin.DecryptData(password, io.LimitReader(r.Body, r.ContentLength))
if err != nil { if err != nil {
logger.LogIf(ctx, err, logger.Application) logger.LogIf(ctx, err, logger.Application)
writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(ErrAdminConfigBadJSON), r.URL) writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(ErrAdminConfigBadJSON), r.URL)
return return
} }
var cfg config.Config cfg := newServerConfig()
if err = json.Unmarshal(configBytes, &cfg); err != nil { scanner := bufio.NewScanner(bytes.NewReader(kvBytes))
logger.LogIf(ctx, err) for scanner.Scan() {
writeCustomErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(ErrAdminConfigBadJSON), err.Error(), r.URL) // Skip any empty lines, or comment like characters
if scanner.Text() == "" || strings.HasPrefix(scanner.Text(), config.KvComment) {
continue
}
if err = cfg.SetKVS(scanner.Text(), defaultKVS()); err != nil {
writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
return
}
}
if err = scanner.Err(); err != nil {
writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
return return
} }
@ -441,17 +454,23 @@ func (a adminAPIHandlers) SetConfigHandler(w http.ResponseWriter, r *http.Reques
return return
} }
// Update the actual server config on disk.
if err = saveServerConfig(ctx, objectAPI, cfg); err != nil { if err = saveServerConfig(ctx, objectAPI, cfg); err != nil {
writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL) writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
return return
} }
// Write to the config input KV to history.
if err = saveServerConfigHistory(ctx, objectAPI, kvBytes); err != nil {
writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
return
}
// Make sure to write backend is encrypted // Make sure to write backend is encrypted
if globalConfigEncrypted { if globalConfigEncrypted {
saveConfig(context.Background(), objectAPI, backendEncryptedFile, backendEncryptedMigrationComplete) saveConfig(context.Background(), objectAPI, backendEncryptedFile, backendEncryptedMigrationComplete)
} }
// Reply to the client before restarting minio server.
writeSuccessResponseHeadersOnly(w) writeSuccessResponseHeadersOnly(w)
} }
@ -471,14 +490,11 @@ func (a adminAPIHandlers) GetConfigHandler(w http.ResponseWriter, r *http.Reques
return return
} }
configData, err := json.MarshalIndent(config, "", "\t") var buf = &bytes.Buffer{}
if err != nil { buf.WriteString(config.String())
writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
return
}
password := globalActiveCred.SecretKey password := globalActiveCred.SecretKey
econfigData, err := madmin.EncryptData(password, configData) econfigData, err := madmin.EncryptData(password, buf.Bytes())
if err != nil { if err != nil {
writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL) writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
return return

@ -26,6 +26,12 @@ var (
Description: `OpenID discovery documented endpoint. eg: "https://accounts.google.com/.well-known/openid-configuration"`, Description: `OpenID discovery documented endpoint. eg: "https://accounts.google.com/.well-known/openid-configuration"`,
Type: "url", Type: "url",
}, },
config.HelpKV{
Key: ClaimPrefix,
Description: `OpenID JWT claim namespace prefix. eg: "customer"`,
Optional: true,
Type: "string",
},
config.HelpKV{ config.HelpKV{
Key: config.Comment, Key: config.Comment,
Description: "A comment to describe the OpenID identity setting", Description: "A comment to describe the OpenID identity setting",

@ -263,15 +263,15 @@ var (
Value: config.StateOff, Value: config.StateOff,
}, },
config.KV{ config.KV{
Key: JwksURL, Key: ConfigURL,
Value: "", Value: "",
}, },
config.KV{ config.KV{
Key: ConfigURL, Key: ClaimPrefix,
Value: "", Value: "",
}, },
config.KV{ config.KV{
Key: ClaimPrefix, Key: JwksURL,
Value: "", Value: "",
}, },
} }

Loading…
Cancel
Save