diff --git a/cmd/internal/x/x.gen.go b/cmd/internal/x/x.gen.go index 89d4fdc0d..bd25a8b31 100644 --- a/cmd/internal/x/x.gen.go +++ b/cmd/internal/x/x.gen.go @@ -7761,6 +7761,98 @@ func XUpdateIamRolePolicy(paramId string, params *viper.Viper, body string) (*ge return resp, decoded, nil } +// XUpdateIamAssumeRolePolicy Update IAM Assume role Policy +func XUpdateIamAssumeRolePolicy(paramId string, params *viper.Viper, body string) (*gentleman.Response, map[string]interface{}, error) { + handlerPath := "update-iam-assume-role-policy" + if xSubcommand { + handlerPath = "x " + handlerPath + } + + server := viper.GetString("server") + if server == "" { + server = xServers()[viper.GetInt("server-index")]["url"] + } + + url := server + "/iam-role/{id}:assume-role-policy" + url = strings.Replace(url, "{id}", paramId, 1) + + req := cli.Client.Put().URL(url) + + if body != "" { + req = req.AddHeader("Content-Type", "application/json").BodyString(body) + } + + cli.HandleBefore(handlerPath, params, req) + + resp, err := req.Do() + if err != nil { + return nil, nil, errors.Wrap(err, "Request failed") + } + + var decoded map[string]interface{} + + if resp.StatusCode < 400 { + if err := cli.UnmarshalResponse(resp, &decoded); err != nil { + return nil, nil, errors.Wrap(err, "Unmarshalling response failed") + } + } else { + return nil, nil, errors.Errorf("HTTP %d: %s", resp.StatusCode, resp.String()) + } + + after := cli.HandleAfter(handlerPath, params, resp, decoded) + if after != nil { + decoded = after.(map[string]interface{}) + } + + return resp, decoded, nil +} + +// XAssumeRole Request generation of key/secret allowing calls as of target role. +func XAssumeRole(paramTargetRoleId string, params *viper.Viper, body string) (*gentleman.Response, map[string]interface{}, error) { + handlerPath := "assume-role" + if xSubcommand { + handlerPath = "x " + handlerPath + } + + server := viper.GetString("server") + if server == "" { + server = xServers()[viper.GetInt("server-index")]["url"] + } + + url := server + "/assume-role/{target-role-id}" + url = strings.Replace(url, "{target-role-id}", paramTargetRoleId, 1) + + req := cli.Client.Post().URL(url) + + if body != "" { + req = req.AddHeader("Content-Type", "application/json").BodyString(body) + } + + cli.HandleBefore(handlerPath, params, req) + + resp, err := req.Do() + if err != nil { + return nil, nil, errors.Wrap(err, "Request failed") + } + + var decoded map[string]interface{} + + if resp.StatusCode < 400 { + if err := cli.UnmarshalResponse(resp, &decoded); err != nil { + return nil, nil, errors.Wrap(err, "Unmarshalling response failed") + } + } else { + return nil, nil, errors.Errorf("HTTP %d: %s", resp.StatusCode, resp.String()) + } + + after := cli.HandleAfter(handlerPath, params, resp, decoded) + if after != nil { + decoded = after.(map[string]interface{}) + } + + return resp, decoded, nil +} + // XCreateInstance Create a Compute instance func XCreateInstance(params *viper.Viper, body string) (*gentleman.Response, map[string]interface{}, error) { handlerPath := "create-instance" @@ -19352,6 +19444,45 @@ func xRegister(subcommand bool) { }() + func() { + params := viper.New() + + var examples string + + cmd := &cobra.Command{ + Use: "assume-role target-role-id", + Short: "Request generation of key/secret allowing calls as of target role.", + Long: cli.Markdown("Request generation of key/secret allowing calls as of target role.\n## Request Schema (application/json)\n\nproperties:\n ttl:\n description: TTL in seconds for the generated access key (cannot exceed the max TTL defined in the targeted assume role)\n exclusiveMinimum: true\n format: int64\n minimum: 0\n type: integer\ntype: object\n"), + Example: examples, + Args: cobra.MinimumNArgs(1), + Run: func(cmd *cobra.Command, args []string) { + body, err := cli.GetBody("application/json", args[1:]) + if err != nil { + log.Fatal().Err(err).Msg("Unable to get body") + } + + _, decoded, err := XAssumeRole(args[0], params, body) + if err != nil { + log.Fatal().Err(err).Msg("Error calling operation") + } + + if err := cli.Formatter.Format(decoded); err != nil { + log.Fatal().Err(err).Msg("Formatting failed") + } + + }, + } + + root.AddCommand(cmd) + + cli.SetCustomFlags(cmd) + + if cmd.Flags().HasFlags() { + params.BindPFlags(cmd.Flags()) + } + + }() + func() { params := viper.New() @@ -19391,6 +19522,45 @@ func xRegister(subcommand bool) { }() + func() { + params := viper.New() + + var examples string + + cmd := &cobra.Command{ + Use: "update-iam-assume-role-policy id", + Short: "Update IAM Assume role Policy", + Long: cli.Markdown("\n## Request Schema (application/json)\n\ndescription: Policy\nproperties:\n default-service-strategy:\n description: IAM default service strategy\n enum:\n - allow\n - deny\n type: string\n services:\n additionalProperties:\n $ref: '#/components/schemas/iam-service-policy'\n description: IAM services\n type: object\nrequired:\n- default-service-strategy\n- services\ntype: object\n"), + Example: examples, + Args: cobra.MinimumNArgs(1), + Run: func(cmd *cobra.Command, args []string) { + body, err := cli.GetBody("application/json", args[1:]) + if err != nil { + log.Fatal().Err(err).Msg("Unable to get body") + } + + _, decoded, err := XUpdateIamAssumeRolePolicy(args[0], params, body) + if err != nil { + log.Fatal().Err(err).Msg("Error calling operation") + } + + if err := cli.Formatter.Format(decoded); err != nil { + log.Fatal().Err(err).Msg("Formatting failed") + } + + }, + } + + root.AddCommand(cmd) + + cli.SetCustomFlags(cmd) + + if cmd.Flags().HasFlags() { + params.BindPFlags(cmd.Flags()) + } + + }() + func() { params := viper.New() diff --git a/go.mod b/go.mod index bdd13ccca..7496ac453 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/exoscale/cli -go 1.25.8 +go 1.26 require ( github.com/aws/aws-sdk-go-v2 v1.2.0 @@ -10,7 +10,7 @@ require ( github.com/aws/aws-sdk-go-v2/service/s3 v1.2.0 github.com/aws/smithy-go v1.1.0 github.com/dustin/go-humanize v1.0.1 - github.com/exoscale/egoscale/v3 v3.1.34 + github.com/exoscale/egoscale/v3 v3.1.35-0.20260324150641-0c29a3be5033 github.com/exoscale/openapi-cli-generator v1.2.0 github.com/fatih/camelcase v1.0.0 github.com/hashicorp/go-multierror v1.1.1 diff --git a/go.sum b/go.sum index 940490dd4..382b85ed6 100644 --- a/go.sum +++ b/go.sum @@ -163,6 +163,12 @@ github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7 github.com/envoyproxy/protoc-gen-validate v0.6.2/go.mod h1:2t7qjJNvHPx8IjnBOzl9E9/baC+qXE/TeeyBRzgJDws= github.com/exoscale/egoscale/v3 v3.1.34 h1:POTsCy3IhSR9L8ZN89hiKlfeQ9L+D7NncoKb10WsyaA= github.com/exoscale/egoscale/v3 v3.1.34/go.mod h1:0iY8OxgHJCS5TKqDNhwOW95JBKCnBZl3YGU4Yt+NqkU= +github.com/exoscale/egoscale/v3 v3.1.35-0.20260323151750-6f9883052b39 h1:uV9sbPM13ORcSSLZLvSyI5zAA/fd6rOVkJKVtBiIp4c= +github.com/exoscale/egoscale/v3 v3.1.35-0.20260323151750-6f9883052b39/go.mod h1:/1RTNibUdltIdzBbFxMMewNAkB6KKdxzRE/Icu8K5RU= +github.com/exoscale/egoscale/v3 v3.1.35-0.20260324133407-4ebae7fd5f3d h1:Hrubp7t6YMNjkt/yWkIoFnz4yhHEp3wmh/DqgmW6Tzc= +github.com/exoscale/egoscale/v3 v3.1.35-0.20260324133407-4ebae7fd5f3d/go.mod h1:/1RTNibUdltIdzBbFxMMewNAkB6KKdxzRE/Icu8K5RU= +github.com/exoscale/egoscale/v3 v3.1.35-0.20260324150641-0c29a3be5033 h1:X1HCSxIAJYgJvtmxwoA/Km7GSft9W5X54EBoKO61M1o= +github.com/exoscale/egoscale/v3 v3.1.35-0.20260324150641-0c29a3be5033/go.mod h1:/1RTNibUdltIdzBbFxMMewNAkB6KKdxzRE/Icu8K5RU= github.com/exoscale/openapi-cli-generator v1.2.0 h1:xgTff1bInBP+JZCauD7Jq9GNBFoKK31Cnv5FIAcxtrk= github.com/exoscale/openapi-cli-generator v1.2.0/go.mod h1:TZBnbT7f3hJ5ImyUphJwRM+X5xF/zCQZ6o8a42gQeTs= github.com/fatih/camelcase v1.0.0 h1:hxNvNX/xYBp0ovncs8WyWZrOrpBNub/JfaMvbURyft8= diff --git a/vendor/github.com/exoscale/egoscale/v3/operations.go b/vendor/github.com/exoscale/egoscale/v3/operations.go index 1e5c7c4d3..a95d51c7a 100644 --- a/vendor/github.com/exoscale/egoscale/v3/operations.go +++ b/vendor/github.com/exoscale/egoscale/v3/operations.go @@ -1156,6 +1156,70 @@ func (c Client) GetAPIKey(ctx context.Context, id string) (*IAMAPIKey, error) { return bodyresp, nil } +type AssumeRoleResponse struct { + Key string `json:"key,omitempty"` + Name string `json:"name,omitempty"` + OrgID string `json:"org-id,omitempty"` + RoleID string `json:"role-id,omitempty"` + Secret string `json:"secret,omitempty"` +} + +type AssumeRoleRequest struct { + // TTL in seconds for the generated access key (cannot exceed the max TTL defined in the targeted assume role) + Ttl int64 `json:"ttl,omitempty" validate:"omitempty,gt=0"` +} + +// Request generation of key/secret allowing calls as of target role. +func (c Client) AssumeRole(ctx context.Context, targetRoleID UUID, req AssumeRoleRequest) (*AssumeRoleResponse, error) { + path := fmt.Sprintf("/assume-role/%v", targetRoleID) + + body, err := prepareJSONBody(req) + if err != nil { + return nil, fmt.Errorf("AssumeRole: prepare Json body: %w", err) + } + + request, err := http.NewRequestWithContext(ctx, "POST", c.serverEndpoint+path, body) + if err != nil { + return nil, fmt.Errorf("AssumeRole: new request: %w", err) + } + + request.Header.Add("User-Agent", c.getUserAgent()) + + request.Header.Add("Content-Type", "application/json") + + if err := c.executeRequestInterceptors(ctx, request); err != nil { + return nil, fmt.Errorf("AssumeRole: execute request editors: %w", err) + } + + if err := c.signRequest(request); err != nil { + return nil, fmt.Errorf("AssumeRole: sign request: %w", err) + } + + if c.trace { + dumpRequest(request, "assume-role") + } + + response, err := c.httpClient.Do(request) + if err != nil { + return nil, fmt.Errorf("AssumeRole: http client do: %w", err) + } + + if c.trace { + dumpResponse(response) + } + + if err := handleHTTPErrorResp(response); err != nil { + return nil, fmt.Errorf("AssumeRole: http response: %w", err) + } + + bodyresp := new(AssumeRoleResponse) + if err := prepareJSONResponse(response, bodyresp); err != nil { + return nil, fmt.Errorf("AssumeRole: prepare Json response: %w", err) + } + + return bodyresp, nil +} + type ListBlockStorageVolumesResponse struct { BlockStorageVolumes []BlockStorageVolume `json:"block-storage-volumes,omitempty"` } @@ -9055,8 +9119,52 @@ func (c Client) StopDBAASValkeyMigration(ctx context.Context, name string) (*Ope return bodyresp, nil } +func (c Client) ListDBAASValkeyUsers(ctx context.Context, serviceName string) (*DBAASValkeyUsers, error) { + path := fmt.Sprintf("/dbaas-valkey/%v/user", serviceName) + + request, err := http.NewRequestWithContext(ctx, "GET", c.serverEndpoint+path, nil) + if err != nil { + return nil, fmt.Errorf("ListDBAASValkeyUsers: new request: %w", err) + } + + request.Header.Add("User-Agent", c.getUserAgent()) + + if err := c.executeRequestInterceptors(ctx, request); err != nil { + return nil, fmt.Errorf("ListDBAASValkeyUsers: execute request editors: %w", err) + } + + if err := c.signRequest(request); err != nil { + return nil, fmt.Errorf("ListDBAASValkeyUsers: sign request: %w", err) + } + + if c.trace { + dumpRequest(request, "list-dbaas-valkey-users") + } + + response, err := c.httpClient.Do(request) + if err != nil { + return nil, fmt.Errorf("ListDBAASValkeyUsers: http client do: %w", err) + } + + if c.trace { + dumpResponse(response) + } + + if err := handleHTTPErrorResp(response); err != nil { + return nil, fmt.Errorf("ListDBAASValkeyUsers: http response: %w", err) + } + + bodyresp := new(DBAASValkeyUsers) + if err := prepareJSONResponse(response, bodyresp); err != nil { + return nil, fmt.Errorf("ListDBAASValkeyUsers: prepare Json response: %w", err) + } + + return bodyresp, nil +} + type CreateDBAASValkeyUserRequest struct { - Username DBAASUserUsername `json:"username" validate:"required,gte=1,lte=64"` + AccessControl *DBAASValkeyUserAccessControl `json:"access-control,omitempty"` + Username DBAASUserUsername `json:"username" validate:"required,gte=1,lte=64"` } func (c Client) CreateDBAASValkeyUser(ctx context.Context, serviceName string, req CreateDBAASValkeyUserRequest) (*Operation, error) { @@ -9152,6 +9260,60 @@ func (c Client) DeleteDBAASValkeyUser(ctx context.Context, serviceName string, u return bodyresp, nil } +type UpdateDBAASValkeyUserAccessControlRequest struct { + AccessControl *DBAASValkeyUserAccessControl `json:"access-control,omitempty"` +} + +func (c Client) UpdateDBAASValkeyUserAccessControl(ctx context.Context, serviceName string, username string, req UpdateDBAASValkeyUserAccessControlRequest) (*Operation, error) { + path := fmt.Sprintf("/dbaas-valkey/%v/user/%v", serviceName, username) + + body, err := prepareJSONBody(req) + if err != nil { + return nil, fmt.Errorf("UpdateDBAASValkeyUserAccessControl: prepare Json body: %w", err) + } + + request, err := http.NewRequestWithContext(ctx, "PUT", c.serverEndpoint+path, body) + if err != nil { + return nil, fmt.Errorf("UpdateDBAASValkeyUserAccessControl: new request: %w", err) + } + + request.Header.Add("User-Agent", c.getUserAgent()) + + request.Header.Add("Content-Type", "application/json") + + if err := c.executeRequestInterceptors(ctx, request); err != nil { + return nil, fmt.Errorf("UpdateDBAASValkeyUserAccessControl: execute request editors: %w", err) + } + + if err := c.signRequest(request); err != nil { + return nil, fmt.Errorf("UpdateDBAASValkeyUserAccessControl: sign request: %w", err) + } + + if c.trace { + dumpRequest(request, "update-dbaas-valkey-user-access-control") + } + + response, err := c.httpClient.Do(request) + if err != nil { + return nil, fmt.Errorf("UpdateDBAASValkeyUserAccessControl: http client do: %w", err) + } + + if c.trace { + dumpResponse(response) + } + + if err := handleHTTPErrorResp(response); err != nil { + return nil, fmt.Errorf("UpdateDBAASValkeyUserAccessControl: http response: %w", err) + } + + bodyresp := new(Operation) + if err := prepareJSONResponse(response, bodyresp); err != nil { + return nil, fmt.Errorf("UpdateDBAASValkeyUserAccessControl: prepare Json response: %w", err) + } + + return bodyresp, nil +} + type ResetDBAASValkeyUserPasswordRequest struct { Password DBAASUserPassword `json:"password,omitempty" validate:"omitempty,gte=8,lte=256"` } @@ -11093,6 +11255,12 @@ func ListInstancesWithIPAddress(ipAddress string) ListInstancesOpt { } } +func ListInstancesWithLabels(labels string) ListInstancesOpt { + return func(q url.Values) { + q.Add("labels", fmt.Sprint(labels)) + } +} + // List Compute instances func (c Client) ListInstances(ctx context.Context, opts ...ListInstancesOpt) (*ListInstancesResponse, error) { path := "/instance" @@ -12712,6 +12880,792 @@ func (c Client) RevertInstanceToSnapshot(ctx context.Context, instanceID UUID, r return bodyresp, nil } +// FindListKmsKeysResponseEntry attempts to find an ListKmsKeysResponseEntry by nameOrID. +func (l ListKmsKeysResponse) FindListKmsKeysResponseEntry(nameOrID string) (ListKmsKeysResponseEntry, error) { + var result []ListKmsKeysResponseEntry + for i, elem := range l.KmsKeys { + if string(elem.Name) == nameOrID || string(elem.ID) == nameOrID { + result = append(result, l.KmsKeys[i]) + } + } + if len(result) == 1 { + return result[0], nil + } + + if len(result) > 1 { + return ListKmsKeysResponseEntry{}, fmt.Errorf("%q too many found in ListKmsKeysResponse: %w", nameOrID, ErrConflict) + } + + return ListKmsKeysResponseEntry{}, fmt.Errorf("%q not found in ListKmsKeysResponse: %w", nameOrID, ErrNotFound) +} + +// List KMS Keys details for an organization in a given zone. +func (c Client) ListKmsKeys(ctx context.Context) (*ListKmsKeysResponse, error) { + path := "/kms-key" + + request, err := http.NewRequestWithContext(ctx, "GET", c.serverEndpoint+path, nil) + if err != nil { + return nil, fmt.Errorf("ListKmsKeys: new request: %w", err) + } + + request.Header.Add("User-Agent", c.getUserAgent()) + + if err := c.executeRequestInterceptors(ctx, request); err != nil { + return nil, fmt.Errorf("ListKmsKeys: execute request editors: %w", err) + } + + if err := c.signRequest(request); err != nil { + return nil, fmt.Errorf("ListKmsKeys: sign request: %w", err) + } + + if c.trace { + dumpRequest(request, "list-kms-keys") + } + + response, err := c.httpClient.Do(request) + if err != nil { + return nil, fmt.Errorf("ListKmsKeys: http client do: %w", err) + } + + if c.trace { + dumpResponse(response) + } + + if err := handleHTTPErrorResp(response); err != nil { + return nil, fmt.Errorf("ListKmsKeys: http response: %w", err) + } + + bodyresp := new(ListKmsKeysResponse) + if err := prepareJSONResponse(response, bodyresp); err != nil { + return nil, fmt.Errorf("ListKmsKeys: prepare Json response: %w", err) + } + + return bodyresp, nil +} + +// Create a KMS Key in a given zone with a given name. +func (c Client) CreateKmsKey(ctx context.Context, req CreateKmsKeyRequest) (*CreateKmsKeyResponse, error) { + path := "/kms-key" + + body, err := prepareJSONBody(req) + if err != nil { + return nil, fmt.Errorf("CreateKmsKey: prepare Json body: %w", err) + } + + request, err := http.NewRequestWithContext(ctx, "POST", c.serverEndpoint+path, body) + if err != nil { + return nil, fmt.Errorf("CreateKmsKey: new request: %w", err) + } + + request.Header.Add("User-Agent", c.getUserAgent()) + + request.Header.Add("Content-Type", "application/json") + + if err := c.executeRequestInterceptors(ctx, request); err != nil { + return nil, fmt.Errorf("CreateKmsKey: execute request editors: %w", err) + } + + if err := c.signRequest(request); err != nil { + return nil, fmt.Errorf("CreateKmsKey: sign request: %w", err) + } + + if c.trace { + dumpRequest(request, "create-kms-key") + } + + response, err := c.httpClient.Do(request) + if err != nil { + return nil, fmt.Errorf("CreateKmsKey: http client do: %w", err) + } + + if c.trace { + dumpResponse(response) + } + + if err := handleHTTPErrorResp(response); err != nil { + return nil, fmt.Errorf("CreateKmsKey: http response: %w", err) + } + + bodyresp := new(CreateKmsKeyResponse) + if err := prepareJSONResponse(response, bodyresp); err != nil { + return nil, fmt.Errorf("CreateKmsKey: prepare Json response: %w", err) + } + + return bodyresp, nil +} + +// Retrieve KMS Key details. +func (c Client) GetKmsKey(ctx context.Context, id UUID) (*GetKmsKeyResponse, error) { + path := fmt.Sprintf("/kms-key/%v", id) + + request, err := http.NewRequestWithContext(ctx, "GET", c.serverEndpoint+path, nil) + if err != nil { + return nil, fmt.Errorf("GetKmsKey: new request: %w", err) + } + + request.Header.Add("User-Agent", c.getUserAgent()) + + if err := c.executeRequestInterceptors(ctx, request); err != nil { + return nil, fmt.Errorf("GetKmsKey: execute request editors: %w", err) + } + + if err := c.signRequest(request); err != nil { + return nil, fmt.Errorf("GetKmsKey: sign request: %w", err) + } + + if c.trace { + dumpRequest(request, "get-kms-key") + } + + response, err := c.httpClient.Do(request) + if err != nil { + return nil, fmt.Errorf("GetKmsKey: http client do: %w", err) + } + + if c.trace { + dumpResponse(response) + } + + if err := handleHTTPErrorResp(response); err != nil { + return nil, fmt.Errorf("GetKmsKey: http response: %w", err) + } + + bodyresp := new(GetKmsKeyResponse) + if err := prepareJSONResponse(response, bodyresp); err != nil { + return nil, fmt.Errorf("GetKmsKey: prepare Json response: %w", err) + } + + return bodyresp, nil +} + +// Cancel the scheduled deletion of a KMS Key. +func (c Client) CancelKmsKeyDeletion(ctx context.Context, id UUID) (*SuccessResponse, error) { + path := fmt.Sprintf("/kms-key/%v/cancel-deletion", id) + + request, err := http.NewRequestWithContext(ctx, "POST", c.serverEndpoint+path, nil) + if err != nil { + return nil, fmt.Errorf("CancelKmsKeyDeletion: new request: %w", err) + } + + request.Header.Add("User-Agent", c.getUserAgent()) + + if err := c.executeRequestInterceptors(ctx, request); err != nil { + return nil, fmt.Errorf("CancelKmsKeyDeletion: execute request editors: %w", err) + } + + if err := c.signRequest(request); err != nil { + return nil, fmt.Errorf("CancelKmsKeyDeletion: sign request: %w", err) + } + + if c.trace { + dumpRequest(request, "cancel-kms-key-deletion") + } + + response, err := c.httpClient.Do(request) + if err != nil { + return nil, fmt.Errorf("CancelKmsKeyDeletion: http client do: %w", err) + } + + if c.trace { + dumpResponse(response) + } + + if err := handleHTTPErrorResp(response); err != nil { + return nil, fmt.Errorf("CancelKmsKeyDeletion: http response: %w", err) + } + + bodyresp := new(SuccessResponse) + if err := prepareJSONResponse(response, bodyresp); err != nil { + return nil, fmt.Errorf("CancelKmsKeyDeletion: prepare Json response: %w", err) + } + + return bodyresp, nil +} + +// Decrypt a ciphertext. +func (c Client) Decrypt(ctx context.Context, id UUID, req DecryptRequest) (*DecryptResponse, error) { + path := fmt.Sprintf("/kms-key/%v/decrypt", id) + + body, err := prepareJSONBody(req) + if err != nil { + return nil, fmt.Errorf("Decrypt: prepare Json body: %w", err) + } + + request, err := http.NewRequestWithContext(ctx, "POST", c.serverEndpoint+path, body) + if err != nil { + return nil, fmt.Errorf("Decrypt: new request: %w", err) + } + + request.Header.Add("User-Agent", c.getUserAgent()) + + request.Header.Add("Content-Type", "application/json") + + if err := c.executeRequestInterceptors(ctx, request); err != nil { + return nil, fmt.Errorf("Decrypt: execute request editors: %w", err) + } + + if err := c.signRequest(request); err != nil { + return nil, fmt.Errorf("Decrypt: sign request: %w", err) + } + + if c.trace { + dumpRequest(request, "decrypt") + } + + response, err := c.httpClient.Do(request) + if err != nil { + return nil, fmt.Errorf("Decrypt: http client do: %w", err) + } + + if c.trace { + dumpResponse(response) + } + + if err := handleHTTPErrorResp(response); err != nil { + return nil, fmt.Errorf("Decrypt: http response: %w", err) + } + + bodyresp := new(DecryptResponse) + if err := prepareJSONResponse(response, bodyresp); err != nil { + return nil, fmt.Errorf("Decrypt: prepare Json response: %w", err) + } + + return bodyresp, nil +} + +// Disable a KMS Key +func (c Client) DisableKmsKey(ctx context.Context, id UUID) (*SuccessResponse, error) { + path := fmt.Sprintf("/kms-key/%v/disable", id) + + request, err := http.NewRequestWithContext(ctx, "POST", c.serverEndpoint+path, nil) + if err != nil { + return nil, fmt.Errorf("DisableKmsKey: new request: %w", err) + } + + request.Header.Add("User-Agent", c.getUserAgent()) + + if err := c.executeRequestInterceptors(ctx, request); err != nil { + return nil, fmt.Errorf("DisableKmsKey: execute request editors: %w", err) + } + + if err := c.signRequest(request); err != nil { + return nil, fmt.Errorf("DisableKmsKey: sign request: %w", err) + } + + if c.trace { + dumpRequest(request, "disable-kms-key") + } + + response, err := c.httpClient.Do(request) + if err != nil { + return nil, fmt.Errorf("DisableKmsKey: http client do: %w", err) + } + + if c.trace { + dumpResponse(response) + } + + if err := handleHTTPErrorResp(response); err != nil { + return nil, fmt.Errorf("DisableKmsKey: http response: %w", err) + } + + bodyresp := new(SuccessResponse) + if err := prepareJSONResponse(response, bodyresp); err != nil { + return nil, fmt.Errorf("DisableKmsKey: prepare Json response: %w", err) + } + + return bodyresp, nil +} + +// Disable the periodic rotation of a KMS Key. +func (c Client) DisableKmsKeyRotation(ctx context.Context, id UUID, req DisableKmsKeyRotationRequest) (*DisableKmsKeyRotationResponse, error) { + path := fmt.Sprintf("/kms-key/%v/disable-key-rotation", id) + + body, err := prepareJSONBody(req) + if err != nil { + return nil, fmt.Errorf("DisableKmsKeyRotation: prepare Json body: %w", err) + } + + request, err := http.NewRequestWithContext(ctx, "POST", c.serverEndpoint+path, body) + if err != nil { + return nil, fmt.Errorf("DisableKmsKeyRotation: new request: %w", err) + } + + request.Header.Add("User-Agent", c.getUserAgent()) + + request.Header.Add("Content-Type", "application/json") + + if err := c.executeRequestInterceptors(ctx, request); err != nil { + return nil, fmt.Errorf("DisableKmsKeyRotation: execute request editors: %w", err) + } + + if err := c.signRequest(request); err != nil { + return nil, fmt.Errorf("DisableKmsKeyRotation: sign request: %w", err) + } + + if c.trace { + dumpRequest(request, "disable-kms-key-rotation") + } + + response, err := c.httpClient.Do(request) + if err != nil { + return nil, fmt.Errorf("DisableKmsKeyRotation: http client do: %w", err) + } + + if c.trace { + dumpResponse(response) + } + + if err := handleHTTPErrorResp(response); err != nil { + return nil, fmt.Errorf("DisableKmsKeyRotation: http response: %w", err) + } + + bodyresp := new(DisableKmsKeyRotationResponse) + if err := prepareJSONResponse(response, bodyresp); err != nil { + return nil, fmt.Errorf("DisableKmsKeyRotation: prepare Json response: %w", err) + } + + return bodyresp, nil +} + +// Enable a KMS Key" +func (c Client) EnableKmsKey(ctx context.Context, id UUID) (*SuccessResponse, error) { + path := fmt.Sprintf("/kms-key/%v/enable", id) + + request, err := http.NewRequestWithContext(ctx, "POST", c.serverEndpoint+path, nil) + if err != nil { + return nil, fmt.Errorf("EnableKmsKey: new request: %w", err) + } + + request.Header.Add("User-Agent", c.getUserAgent()) + + if err := c.executeRequestInterceptors(ctx, request); err != nil { + return nil, fmt.Errorf("EnableKmsKey: execute request editors: %w", err) + } + + if err := c.signRequest(request); err != nil { + return nil, fmt.Errorf("EnableKmsKey: sign request: %w", err) + } + + if c.trace { + dumpRequest(request, "enable-kms-key") + } + + response, err := c.httpClient.Do(request) + if err != nil { + return nil, fmt.Errorf("EnableKmsKey: http client do: %w", err) + } + + if c.trace { + dumpResponse(response) + } + + if err := handleHTTPErrorResp(response); err != nil { + return nil, fmt.Errorf("EnableKmsKey: http response: %w", err) + } + + bodyresp := new(SuccessResponse) + if err := prepareJSONResponse(response, bodyresp); err != nil { + return nil, fmt.Errorf("EnableKmsKey: prepare Json response: %w", err) + } + + return bodyresp, nil +} + +// Enable the periodic rotation of a KMS Key. +func (c Client) EnableKmsKeyRotation(ctx context.Context, id UUID, req EnableKmsKeyRotationRequest) (*EnableKmsKeyRotationResponse, error) { + path := fmt.Sprintf("/kms-key/%v/enable-key-rotation", id) + + body, err := prepareJSONBody(req) + if err != nil { + return nil, fmt.Errorf("EnableKmsKeyRotation: prepare Json body: %w", err) + } + + request, err := http.NewRequestWithContext(ctx, "POST", c.serverEndpoint+path, body) + if err != nil { + return nil, fmt.Errorf("EnableKmsKeyRotation: new request: %w", err) + } + + request.Header.Add("User-Agent", c.getUserAgent()) + + request.Header.Add("Content-Type", "application/json") + + if err := c.executeRequestInterceptors(ctx, request); err != nil { + return nil, fmt.Errorf("EnableKmsKeyRotation: execute request editors: %w", err) + } + + if err := c.signRequest(request); err != nil { + return nil, fmt.Errorf("EnableKmsKeyRotation: sign request: %w", err) + } + + if c.trace { + dumpRequest(request, "enable-kms-key-rotation") + } + + response, err := c.httpClient.Do(request) + if err != nil { + return nil, fmt.Errorf("EnableKmsKeyRotation: http client do: %w", err) + } + + if c.trace { + dumpResponse(response) + } + + if err := handleHTTPErrorResp(response); err != nil { + return nil, fmt.Errorf("EnableKmsKeyRotation: http response: %w", err) + } + + bodyresp := new(EnableKmsKeyRotationResponse) + if err := prepareJSONResponse(response, bodyresp); err != nil { + return nil, fmt.Errorf("EnableKmsKeyRotation: prepare Json response: %w", err) + } + + return bodyresp, nil +} + +// Encrypt a plaintext. +func (c Client) Encrypt(ctx context.Context, id UUID, req EncryptRequest) (*EncryptResponse, error) { + path := fmt.Sprintf("/kms-key/%v/encrypt", id) + + body, err := prepareJSONBody(req) + if err != nil { + return nil, fmt.Errorf("Encrypt: prepare Json body: %w", err) + } + + request, err := http.NewRequestWithContext(ctx, "POST", c.serverEndpoint+path, body) + if err != nil { + return nil, fmt.Errorf("Encrypt: new request: %w", err) + } + + request.Header.Add("User-Agent", c.getUserAgent()) + + request.Header.Add("Content-Type", "application/json") + + if err := c.executeRequestInterceptors(ctx, request); err != nil { + return nil, fmt.Errorf("Encrypt: execute request editors: %w", err) + } + + if err := c.signRequest(request); err != nil { + return nil, fmt.Errorf("Encrypt: sign request: %w", err) + } + + if c.trace { + dumpRequest(request, "encrypt") + } + + response, err := c.httpClient.Do(request) + if err != nil { + return nil, fmt.Errorf("Encrypt: http client do: %w", err) + } + + if c.trace { + dumpResponse(response) + } + + if err := handleHTTPErrorResp(response); err != nil { + return nil, fmt.Errorf("Encrypt: http response: %w", err) + } + + bodyresp := new(EncryptResponse) + if err := prepareJSONResponse(response, bodyresp); err != nil { + return nil, fmt.Errorf("Encrypt: prepare Json response: %w", err) + } + + return bodyresp, nil +} + +// Generate a Data Encryption Key from a given KMS Key. +func (c Client) GenerateDataKey(ctx context.Context, id UUID, req GenerateDataKeyRequest) (*GenerateDataKeyResponse, error) { + path := fmt.Sprintf("/kms-key/%v/generate-data-key", id) + + body, err := prepareJSONBody(req) + if err != nil { + return nil, fmt.Errorf("GenerateDataKey: prepare Json body: %w", err) + } + + request, err := http.NewRequestWithContext(ctx, "POST", c.serverEndpoint+path, body) + if err != nil { + return nil, fmt.Errorf("GenerateDataKey: new request: %w", err) + } + + request.Header.Add("User-Agent", c.getUserAgent()) + + request.Header.Add("Content-Type", "application/json") + + if err := c.executeRequestInterceptors(ctx, request); err != nil { + return nil, fmt.Errorf("GenerateDataKey: execute request editors: %w", err) + } + + if err := c.signRequest(request); err != nil { + return nil, fmt.Errorf("GenerateDataKey: sign request: %w", err) + } + + if c.trace { + dumpRequest(request, "generate-data-key") + } + + response, err := c.httpClient.Do(request) + if err != nil { + return nil, fmt.Errorf("GenerateDataKey: http client do: %w", err) + } + + if c.trace { + dumpResponse(response) + } + + if err := handleHTTPErrorResp(response); err != nil { + return nil, fmt.Errorf("GenerateDataKey: http response: %w", err) + } + + bodyresp := new(GenerateDataKeyResponse) + if err := prepareJSONResponse(response, bodyresp); err != nil { + return nil, fmt.Errorf("GenerateDataKey: prepare Json response: %w", err) + } + + return bodyresp, nil +} + +// List all the key material versions of a KMS Key. +func (c Client) ListKmsKeyRotations(ctx context.Context, id UUID) (*ListKmsKeyRotationsResponse, error) { + path := fmt.Sprintf("/kms-key/%v/list-key-rotations", id) + + request, err := http.NewRequestWithContext(ctx, "GET", c.serverEndpoint+path, nil) + if err != nil { + return nil, fmt.Errorf("ListKmsKeyRotations: new request: %w", err) + } + + request.Header.Add("User-Agent", c.getUserAgent()) + + if err := c.executeRequestInterceptors(ctx, request); err != nil { + return nil, fmt.Errorf("ListKmsKeyRotations: execute request editors: %w", err) + } + + if err := c.signRequest(request); err != nil { + return nil, fmt.Errorf("ListKmsKeyRotations: sign request: %w", err) + } + + if c.trace { + dumpRequest(request, "list-kms-key-rotations") + } + + response, err := c.httpClient.Do(request) + if err != nil { + return nil, fmt.Errorf("ListKmsKeyRotations: http client do: %w", err) + } + + if c.trace { + dumpResponse(response) + } + + if err := handleHTTPErrorResp(response); err != nil { + return nil, fmt.Errorf("ListKmsKeyRotations: http response: %w", err) + } + + bodyresp := new(ListKmsKeyRotationsResponse) + if err := prepareJSONResponse(response, bodyresp); err != nil { + return nil, fmt.Errorf("ListKmsKeyRotations: prepare Json response: %w", err) + } + + return bodyresp, nil +} + +// Decrypts an existing ciphertext using its original key material and re-encrypts the underlying plaintext using a specified KMS key or the latest key material of the same KMS Key. +func (c Client) ReEncrypt(ctx context.Context, id UUID, req ReEncryptRequest) (*ReEncryptResponse, error) { + path := fmt.Sprintf("/kms-key/%v/re-encrypt", id) + + body, err := prepareJSONBody(req) + if err != nil { + return nil, fmt.Errorf("ReEncrypt: prepare Json body: %w", err) + } + + request, err := http.NewRequestWithContext(ctx, "POST", c.serverEndpoint+path, body) + if err != nil { + return nil, fmt.Errorf("ReEncrypt: new request: %w", err) + } + + request.Header.Add("User-Agent", c.getUserAgent()) + + request.Header.Add("Content-Type", "application/json") + + if err := c.executeRequestInterceptors(ctx, request); err != nil { + return nil, fmt.Errorf("ReEncrypt: execute request editors: %w", err) + } + + if err := c.signRequest(request); err != nil { + return nil, fmt.Errorf("ReEncrypt: sign request: %w", err) + } + + if c.trace { + dumpRequest(request, "re-encrypt") + } + + response, err := c.httpClient.Do(request) + if err != nil { + return nil, fmt.Errorf("ReEncrypt: http client do: %w", err) + } + + if c.trace { + dumpResponse(response) + } + + if err := handleHTTPErrorResp(response); err != nil { + return nil, fmt.Errorf("ReEncrypt: http response: %w", err) + } + + bodyresp := new(ReEncryptResponse) + if err := prepareJSONResponse(response, bodyresp); err != nil { + return nil, fmt.Errorf("ReEncrypt: prepare Json response: %w", err) + } + + return bodyresp, nil +} + +// Replicate a KMS key to a target zone. +func (c Client) ReplicateKmsKey(ctx context.Context, id UUID, req ReplicateKmsKeyRequest) (*Operation, error) { + path := fmt.Sprintf("/kms-key/%v/replicate", id) + + body, err := prepareJSONBody(req) + if err != nil { + return nil, fmt.Errorf("ReplicateKmsKey: prepare Json body: %w", err) + } + + request, err := http.NewRequestWithContext(ctx, "POST", c.serverEndpoint+path, body) + if err != nil { + return nil, fmt.Errorf("ReplicateKmsKey: new request: %w", err) + } + + request.Header.Add("User-Agent", c.getUserAgent()) + + request.Header.Add("Content-Type", "application/json") + + if err := c.executeRequestInterceptors(ctx, request); err != nil { + return nil, fmt.Errorf("ReplicateKmsKey: execute request editors: %w", err) + } + + if err := c.signRequest(request); err != nil { + return nil, fmt.Errorf("ReplicateKmsKey: sign request: %w", err) + } + + if c.trace { + dumpRequest(request, "replicate-kms-key") + } + + response, err := c.httpClient.Do(request) + if err != nil { + return nil, fmt.Errorf("ReplicateKmsKey: http client do: %w", err) + } + + if c.trace { + dumpResponse(response) + } + + if err := handleHTTPErrorResp(response); err != nil { + return nil, fmt.Errorf("ReplicateKmsKey: http response: %w", err) + } + + bodyresp := new(Operation) + if err := prepareJSONResponse(response, bodyresp); err != nil { + return nil, fmt.Errorf("ReplicateKmsKey: prepare Json response: %w", err) + } + + return bodyresp, nil +} + +// Perform a manual rotation of the key material for a symmetric key. +func (c Client) RotateKmsKey(ctx context.Context, id UUID) (*RotateKmsKeyResponse, error) { + path := fmt.Sprintf("/kms-key/%v/rotate", id) + + request, err := http.NewRequestWithContext(ctx, "POST", c.serverEndpoint+path, nil) + if err != nil { + return nil, fmt.Errorf("RotateKmsKey: new request: %w", err) + } + + request.Header.Add("User-Agent", c.getUserAgent()) + + if err := c.executeRequestInterceptors(ctx, request); err != nil { + return nil, fmt.Errorf("RotateKmsKey: execute request editors: %w", err) + } + + if err := c.signRequest(request); err != nil { + return nil, fmt.Errorf("RotateKmsKey: sign request: %w", err) + } + + if c.trace { + dumpRequest(request, "rotate-kms-key") + } + + response, err := c.httpClient.Do(request) + if err != nil { + return nil, fmt.Errorf("RotateKmsKey: http client do: %w", err) + } + + if c.trace { + dumpResponse(response) + } + + if err := handleHTTPErrorResp(response); err != nil { + return nil, fmt.Errorf("RotateKmsKey: http response: %w", err) + } + + bodyresp := new(RotateKmsKeyResponse) + if err := prepareJSONResponse(response, bodyresp); err != nil { + return nil, fmt.Errorf("RotateKmsKey: prepare Json response: %w", err) + } + + return bodyresp, nil +} + +// Schedule a KMS key for deletion after a delay. +func (c Client) ScheduleKmsKeyDeletion(ctx context.Context, id UUID, req ScheduleKmsKeyDeletionRequest) (*SuccessResponse, error) { + path := fmt.Sprintf("/kms-key/%v/schedule-deletion", id) + + body, err := prepareJSONBody(req) + if err != nil { + return nil, fmt.Errorf("ScheduleKmsKeyDeletion: prepare Json body: %w", err) + } + + request, err := http.NewRequestWithContext(ctx, "POST", c.serverEndpoint+path, body) + if err != nil { + return nil, fmt.Errorf("ScheduleKmsKeyDeletion: new request: %w", err) + } + + request.Header.Add("User-Agent", c.getUserAgent()) + + request.Header.Add("Content-Type", "application/json") + + if err := c.executeRequestInterceptors(ctx, request); err != nil { + return nil, fmt.Errorf("ScheduleKmsKeyDeletion: execute request editors: %w", err) + } + + if err := c.signRequest(request); err != nil { + return nil, fmt.Errorf("ScheduleKmsKeyDeletion: sign request: %w", err) + } + + if c.trace { + dumpRequest(request, "schedule-kms-key-deletion") + } + + response, err := c.httpClient.Do(request) + if err != nil { + return nil, fmt.Errorf("ScheduleKmsKeyDeletion: http client do: %w", err) + } + + if c.trace { + dumpResponse(response) + } + + if err := handleHTTPErrorResp(response); err != nil { + return nil, fmt.Errorf("ScheduleKmsKeyDeletion: http response: %w", err) + } + + bodyresp := new(SuccessResponse) + if err := prepareJSONResponse(response, bodyresp); err != nil { + return nil, fmt.Errorf("ScheduleKmsKeyDeletion: prepare Json response: %w", err) + } + + return bodyresp, nil +} + type ListLoadBalancersResponse struct { LoadBalancers []LoadBalancer `json:"load-balancers,omitempty"` } diff --git a/vendor/github.com/exoscale/egoscale/v3/schemas.go b/vendor/github.com/exoscale/egoscale/v3/schemas.go index 2b6f323ad..04e5d8310 100644 --- a/vendor/github.com/exoscale/egoscale/v3/schemas.go +++ b/vendor/github.com/exoscale/egoscale/v3/schemas.go @@ -188,6 +188,48 @@ type CreateDeploymentRequest struct { Replicas int64 `json:"replicas" validate:"required,gte=1"` } +type CreateKmsKeyRequestUsage string + +const ( + CreateKmsKeyRequestUsageEncryptDecrypt CreateKmsKeyRequestUsage = "encrypt-decrypt" +) + +type CreateKmsKeyRequest struct { + Description string `json:"description" validate:"required"` + MultiZone *bool `json:"multi-zone" validate:"required"` + Name string `json:"name" validate:"required"` + Usage CreateKmsKeyRequestUsage `json:"usage" validate:"required"` +} + +type CreateKmsKeyResponseSource string + +const ( + CreateKmsKeyResponseSourceExoscaleKms CreateKmsKeyResponseSource = "exoscale-kms" +) + +type CreateKmsKeyResponseStatus string + +const ( + CreateKmsKeyResponseStatusEnabled CreateKmsKeyResponseStatus = "enabled" + CreateKmsKeyResponseStatusDisabled CreateKmsKeyResponseStatus = "disabled" + CreateKmsKeyResponseStatusPendingDeletion CreateKmsKeyResponseStatus = "pending-deletion" +) + +type CreateKmsKeyResponse struct { + CreatedAT time.Time `json:"created-at" validate:"required"` + Description string `json:"description" validate:"required"` + ID UUID `json:"id" validate:"required"` + MultiZone *bool `json:"multi-zone" validate:"required"` + Name string `json:"name" validate:"required"` + OriginZone string `json:"origin-zone" validate:"required"` + Policy string `json:"policy" validate:"required"` + Revision *RevisionStamp `json:"revision" validate:"required"` + Source CreateKmsKeyResponseSource `json:"source" validate:"required"` + Status CreateKmsKeyResponseStatus `json:"status" validate:"required"` + StatusSince time.Time `json:"status-since" validate:"required"` + Usage string `json:"usage" validate:"required"` +} + // AI model type CreateModelRequest struct { // Huggingface Token @@ -1857,6 +1899,36 @@ type DBAASUserValkeySecrets struct { Username string `json:"username,omitempty"` } +type DBAASValkeyUser struct { + AccessControl *DBAASValkeyUserAccessControl `json:"access-control,omitempty"` + Type string `json:"type,omitempty"` + Username DBAASUserUsername `json:"username" validate:"required,gte=1,lte=64"` +} + +type DBAASValkeyUserAccessControl struct { + // Use +@ to allow and -@ to disallow. Separate entries with a single space. Example: +@all -@dangerous. + Categories []string `json:"categories,omitempty"` + // Patterns use standard glob syntax and must be separated by a single space. Example: ~* &events. + Channels []string `json:"channels,omitempty"` + // Use + to allow and - to disallow. You can also use @. Separate entries with a single space. Example: +@all -flushall. + Commands []string `json:"commands,omitempty"` + // Patterns use standard glob syntax and must be separated by a single space. Example: cache:* session:*. + Keys []string `json:"keys,omitempty"` +} + +type DBAASValkeyUsers struct { + Users []DBAASValkeyUser `json:"users,omitempty"` +} + +type DecryptRequest struct { + Ciphertext byte `json:"ciphertext" validate:"required"` + EncryptionContext *byte `json:"encryption-context,omitempty"` +} + +type DecryptResponse struct { + Plaintext byte `json:"plaintext" validate:"required"` +} + // Model is in use: deletion forbidden type DeleteModelConflictResponse struct { // Deployments using models @@ -1888,6 +1960,14 @@ type DeployTargetRef struct { ID UUID `json:"id,omitempty"` } +type DisableKmsKeyRotationRequest struct { + ID UUID `json:"id" validate:"required"` +} + +type DisableKmsKeyRotationResponse struct { + Rotation *KeyRotationConfig `json:"rotation" validate:"required"` +} + // DNS domain type DNSDomain struct { // DNS domain creation date @@ -2003,6 +2083,24 @@ type ElasticIPRef struct { ID UUID `json:"id,omitempty"` } +type EnableKmsKeyRotationRequest struct { + ID UUID `json:"id" validate:"required"` + RotationPeriod int `json:"rotation-period,omitempty" validate:"omitempty,gte=90,lte=2560"` +} + +type EnableKmsKeyRotationResponse struct { + Rotation *KeyRotationConfig `json:"rotation" validate:"required"` +} + +type EncryptRequest struct { + EncryptionContext *byte `json:"encryption-context,omitempty"` + Plaintext byte `json:"plaintext" validate:"required"` +} + +type EncryptResponse struct { + Ciphertext byte `json:"ciphertext" validate:"required"` +} + type EnumComponentRoute string const ( @@ -2186,10 +2284,21 @@ type EnvProduct struct { Value string `json:"value,omitempty"` } -// Error +type ErrorResponseErrors struct { + Detail string `json:"detail,omitempty"` + Location string `json:"location,omitempty"` + Path string `json:"path,omitempty"` + Pointer string `json:"pointer,omitempty"` +} + +// RFC 9457 Problem Details error response type ErrorResponse struct { - // Error description - Error string `json:"error,omitempty"` + Detail string `json:"detail" validate:"required"` + Errors []ErrorResponseErrors `json:"errors,omitempty"` + Instance string `json:"instance,omitempty"` + Status int `json:"status" validate:"required,gte=100,lte=599"` + Title string `json:"title" validate:"required"` + Type string `json:"type" validate:"required"` } // A notable Mutation Event which happened on the infrastructure @@ -2226,6 +2335,23 @@ type Event struct { Zone string `json:"zone,omitempty"` } +type GenerateDataKeyRequestKeySpec string + +const ( + GenerateDataKeyRequestKeySpecAES256 GenerateDataKeyRequestKeySpec = "AES-256" +) + +type GenerateDataKeyRequest struct { + BytesCount int `json:"bytes-count,omitempty" validate:"omitempty,gte=1,lte=1024"` + EncryptionContext *byte `json:"encryption-context,omitempty"` + KeySpec GenerateDataKeyRequestKeySpec `json:"key-spec,omitempty"` +} + +type GenerateDataKeyResponse struct { + Ciphertext byte `json:"ciphertext" validate:"required"` + Plaintext byte `json:"plaintext" validate:"required"` +} + // GPU usage for all organizations type GetConfederatioUsageResponse struct { OrganizationsUsages map[string]OrganizationUsage `json:"organizations_usages" validate:"required"` @@ -2292,6 +2418,39 @@ type GetInferenceEngineHelpResponse struct { Parameters []InferenceEngineParameterEntry `json:"parameters,omitempty"` } +type GetKmsKeyResponseSource string + +const ( + GetKmsKeyResponseSourceExoscaleKms GetKmsKeyResponseSource = "exoscale-kms" +) + +type GetKmsKeyResponseStatus string + +const ( + GetKmsKeyResponseStatusEnabled GetKmsKeyResponseStatus = "enabled" + GetKmsKeyResponseStatusDisabled GetKmsKeyResponseStatus = "disabled" + GetKmsKeyResponseStatusPendingDeletion GetKmsKeyResponseStatus = "pending-deletion" +) + +type GetKmsKeyResponse struct { + CreatedAT time.Time `json:"created-at" validate:"required"` + Description string `json:"description" validate:"required"` + ID UUID `json:"id" validate:"required"` + Material *KeyMaterial `json:"material" validate:"required"` + MultiZone *bool `json:"multi-zone" validate:"required"` + Name string `json:"name" validate:"required"` + OriginZone string `json:"origin-zone" validate:"required"` + Policy string `json:"policy" validate:"required"` + Replicas []string `json:"replicas" validate:"required"` + ReplicasStatus []ReplicaState `json:"replicas-status,omitempty"` + Revision *RevisionStamp `json:"revision" validate:"required"` + Rotation *KeyRotationConfig `json:"rotation" validate:"required"` + Source GetKmsKeyResponseSource `json:"source" validate:"required"` + Status GetKmsKeyResponseStatus `json:"status" validate:"required"` + StatusSince time.Time `json:"status-since" validate:"required"` + Usage string `json:"usage" validate:"required"` +} + type GetModelResponseState string const ( @@ -2432,6 +2591,8 @@ type InferenceEngineVersion string const ( InferenceEngineVersion0120 InferenceEngineVersion = "0.12.0" InferenceEngineVersion0151 InferenceEngineVersion = "0.15.1" + InferenceEngineVersion0160 InferenceEngineVersion = "0.16.0" + InferenceEngineVersion0170 InferenceEngineVersion = "0.17.0" ) // Private Network @@ -3820,6 +3981,19 @@ type JSONSchemaValkey struct { Timeout int `json:"timeout,omitempty" validate:"omitempty,gte=0,lte=3.1536e+07"` } +type KeyMaterial struct { + Automatic *bool `json:"automatic" validate:"required"` + CreatedAT time.Time `json:"created-at" validate:"required"` + Version int `json:"version" validate:"required"` +} + +type KeyRotationConfig struct { + Automatic *bool `json:"automatic" validate:"required"` + ManualCount int `json:"manual-count" validate:"required"` + NextAT time.Time `json:"next-at" validate:"required"` + RotationPeriod int `json:"rotation-period" validate:"required"` +} + // Kubelet image GC options type KubeletImageGC struct { HighThreshold int64 `json:"high-threshold,omitempty" validate:"omitempty,gte=0"` @@ -3873,6 +4047,51 @@ type ListDeploymentsResponseEntry struct { UpdatedAT time.Time `json:"updated-at,omitempty"` } +type ListKmsKeyRotationsResponse struct { + Rotations []ListKmsKeyRotationsResponseEntry `json:"rotations" validate:"required"` +} + +type ListKmsKeyRotationsResponseEntry struct { + Automatic *bool `json:"automatic" validate:"required"` + RotatedAT time.Time `json:"rotated-at" validate:"required"` + Version int `json:"version" validate:"required"` +} + +type ListKmsKeysResponse struct { + KmsKeys []ListKmsKeysResponseEntry `json:"kms-keys" validate:"required"` +} + +type ListKmsKeysResponseEntrySource string + +const ( + ListKmsKeysResponseEntrySourceExoscaleKms ListKmsKeysResponseEntrySource = "exoscale-kms" +) + +type ListKmsKeysResponseEntryStatus string + +const ( + ListKmsKeysResponseEntryStatusEnabled ListKmsKeysResponseEntryStatus = "enabled" + ListKmsKeysResponseEntryStatusDisabled ListKmsKeysResponseEntryStatus = "disabled" + ListKmsKeysResponseEntryStatusPendingDeletion ListKmsKeysResponseEntryStatus = "pending-deletion" +) + +type ListKmsKeysResponseEntry struct { + CreatedAT time.Time `json:"created-at" validate:"required"` + Description string `json:"description" validate:"required"` + ID UUID `json:"id" validate:"required"` + Material *KeyMaterial `json:"material" validate:"required"` + MultiZone *bool `json:"multi-zone" validate:"required"` + Name string `json:"name" validate:"required"` + OriginZone string `json:"origin-zone" validate:"required"` + Replicas []string `json:"replicas" validate:"required"` + Revision *RevisionStamp `json:"revision" validate:"required"` + Rotation *KeyRotationConfig `json:"rotation" validate:"required"` + Source ListKmsKeysResponseEntrySource `json:"source" validate:"required"` + Status ListKmsKeysResponseEntryStatus `json:"status" validate:"required"` + StatusSince time.Time `json:"status-since" validate:"required"` + Usage string `json:"usage" validate:"required"` +} + // AI model list type ListModelsResponse struct { Models []ListModelsResponseEntry `json:"models,omitempty"` @@ -4111,6 +4330,12 @@ type Operation struct { State OperationState `json:"state,omitempty"` } +type OperationResourceRef struct { + Command string `json:"command" validate:"required"` + ID UUID `json:"id" validate:"required"` + Link string `json:"link,omitempty"` +} + // Organization type Organization struct { // Organization address @@ -4204,6 +4429,46 @@ type Quota struct { Usage int64 `json:"usage,omitempty"` } +type ReEncryptRequestDestination struct { + // Optional encryption context appended to the AAD. + EncryptionContext *byte `json:"encryption-context,omitempty"` + // The ID of the target key. + Key UUID `json:"key" validate:"required"` +} + +type ReEncryptRequestSource struct { + Ciphertext byte `json:"ciphertext" validate:"required"` + // Optional encryption context appended to the AAD. + EncryptionContext *byte `json:"encryption-context,omitempty"` + // The ID of the source key. + Key UUID `json:"key" validate:"required"` +} + +type ReEncryptRequest struct { + Destination *ReEncryptRequestDestination `json:"destination" validate:"required"` + Source *ReEncryptRequestSource `json:"source" validate:"required"` +} + +type ReEncryptResponse struct { + Ciphertext byte `json:"ciphertext" validate:"required"` +} + +type ReplicaFailure struct { + AttemptedWatermark int `json:"attempted-watermark" validate:"required"` + Error string `json:"error" validate:"required"` + FailedAT time.Time `json:"failed-at" validate:"required"` +} + +type ReplicaState struct { + LastAppliedWatermark int `json:"last-applied-watermark" validate:"required"` + LastFailure *ReplicaFailure `json:"last-failure,omitempty"` + Zone string `json:"zone" validate:"required"` +} + +type ReplicateKmsKeyRequest struct { + Zone string `json:"zone" validate:"required"` +} + // Resource type Resource struct { // Resource ID @@ -4221,12 +4486,26 @@ type ReverseDNSRecord struct { DomainName DomainName `json:"domain-name,omitempty" validate:"omitempty,gte=1,lte=253"` } +type RevisionStamp struct { + AT time.Time `json:"at" validate:"required"` + Seq int `json:"seq" validate:"required,gte=0"` +} + +type RotateKmsKeyResponse struct { + Rotation *KeyRotationConfig `json:"rotation" validate:"required"` +} + // Scale AI deployment type ScaleDeploymentRequest struct { // Number of replicas (>=0) Replicas int64 `json:"replicas" validate:"required,gte=0"` } +type ScheduleKmsKeyDeletionRequest struct { + // Number of days to wait until deletion is final. + DelayDays int `json:"delay-days,omitempty" validate:"omitempty,gte=7,lte=30"` +} + // Security Group type SecurityGroup struct { // Security Group description @@ -4610,6 +4889,16 @@ type SSHKeyRef struct { Name string `json:"name,omitempty" validate:"omitempty,gte=1,lte=255"` } +type SuccessResponseStatus string + +const ( + SuccessResponseStatusSuccess SuccessResponseStatus = "success" +) + +type SuccessResponse struct { + Status SuccessResponseStatus `json:"status" validate:"required"` +} + type TemplateBootMode string const ( diff --git a/vendor/modules.txt b/vendor/modules.txt index d025ba06c..278781d59 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -154,8 +154,8 @@ github.com/dlclark/regexp2/syntax # github.com/dustin/go-humanize v1.0.1 ## explicit; go 1.16 github.com/dustin/go-humanize -# github.com/exoscale/egoscale/v3 v3.1.34 -## explicit; go 1.23.8 +# github.com/exoscale/egoscale/v3 v3.1.35-0.20260324150641-0c29a3be5033 +## explicit; go 1.26 github.com/exoscale/egoscale/v3 github.com/exoscale/egoscale/v3/credentials # github.com/exoscale/openapi-cli-generator v1.2.0