From 18ab291fd655f380ead04db213577c1a97c660e4 Mon Sep 17 00:00:00 2001 From: Alex Plotnick Date: Tue, 28 Jun 2022 18:51:41 -0600 Subject: [PATCH 1/3] Bump OMICRON_VERSION Includes new OAuth Device Authorization Grant support. --- OMICRON_VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/OMICRON_VERSION b/OMICRON_VERSION index 9bbdc79..2dfa73c 100644 --- a/OMICRON_VERSION +++ b/OMICRON_VERSION @@ -1 +1 @@ -6b0f285 \ No newline at end of file +e4126a1e \ No newline at end of file From a761275179912996216f6999492e77de9e1df562 Mon Sep 17 00:00:00 2001 From: github-actions <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 29 Jun 2022 00:53:01 +0000 Subject: [PATCH 2/3] Autogenerate config update --- Api.ts | 908 ++++++++++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 829 insertions(+), 79 deletions(-) diff --git a/Api.ts b/Api.ts index 0a3e7df..9b478d6 100644 --- a/Api.ts +++ b/Api.ts @@ -23,10 +23,35 @@ export type DatumType = | "histogram_i64" | "histogram_f64"; +export type DerEncodedKeyPair = { + /** + * request signing private key (base64 encoded der file) + */ + privateKey: string; + /** + * request signing public certificate (base64 encoded der file) + */ + publicCert: string; +}; + +export type DeviceAccessTokenRequestParams = { + clientId: string; + deviceCode: string; + grantType: string; +}; + +export type DeviceAuthRequestParams = { + clientId: string; +}; + +export type DeviceAuthVerifyParams = { + userCode: string; +}; + export type Digest = { type: "sha256"; value: string }; /** - * Client view of an {@link Disk} + * Client view of a {@link Disk} */ export type Disk = { blockSize: ByteCount; @@ -122,6 +147,20 @@ export type DiskState = | { state: "destroyed" } | { state: "faulted" }; +/** + * OS image distribution + */ +export type Distribution = { + /** + * The name of the distribution (e.g. "alpine" or "ubuntu") + */ + name: Name; + /** + * The version of the distribution (e.g. "3.10" or "18.04") + */ + version: string; +}; + /** * Error information from a response. */ @@ -150,18 +189,18 @@ export type FieldSource = "target" | "metric"; */ export type FieldType = "string" | "i64" | "ip_addr" | "uuid" | "bool"; -export type FleetRoles = "admin" | "collaborator" | "viewer"; +export type FleetRole = "admin" | "collaborator" | "viewer"; /** * Client view of a `Policy`, which describes how this resource may be accessed * * Note that the Policy only describes access granted explicitly for this resource. The policies of parent resources can also cause a user to have access to this resource. */ -export type FleetRolesPolicy = { +export type FleetRolePolicy = { /** * Roles directly assigned on this resource */ - roleAssignments: FleetRolesRoleAssignment[]; + roleAssignments: FleetRoleRoleAssignment[]; }; /** @@ -169,10 +208,10 @@ export type FleetRolesPolicy = { * * The resource is not part of this structure. Rather, `RoleAssignment`s are put into a `Policy` and that Policy is applied to a particular resource. */ -export type FleetRolesRoleAssignment = { +export type FleetRoleRoleAssignment = { identityId: string; identityType: IdentityType; - roleName: FleetRoles; + roleName: FleetRole; }; /** @@ -191,6 +230,10 @@ export type GlobalImage = { * Hash of the image contents, if applicable */ digest?: Digest | null; + /** + * Image distribution + */ + distribution: string; /** * unique, immutable, system-controlled identifier for each resource */ @@ -216,9 +259,29 @@ export type GlobalImage = { */ url?: string | null; /** - * Version of this, if any + * Image version */ - version?: string | null; + version: string; +}; + +/** + * Create-time parameters for an {@link GlobalImage} + */ +export type GlobalImageCreate = { + /** + * block size in bytes + */ + blockSize: BlockSize; + description: string; + /** + * OS image distribution + */ + distribution: Distribution; + name: Name; + /** + * The source of the image's contents. + */ + source: ImageSource; }; /** @@ -235,11 +298,61 @@ export type GlobalImageResultsPage = { nextPage?: string | null; }; +/** + * Client view of an {@link IdentityProvider} + */ +export type IdentityProvider = { + /** + * human-readable free-form text about a resource + */ + description: string; + /** + * unique, immutable, system-controlled identifier for each resource + */ + id: string; + /** + * unique, mutable, user-controlled identifier for each resource + */ + name: Name; + /** + * Identity provider type + */ + providerType: IdentityProviderType; + /** + * timestamp when this resource was created + */ + timeCreated: Date; + /** + * timestamp when this resource was last modified + */ + timeModified: Date; +}; + +/** + * A single page of results + */ +export type IdentityProviderResultsPage = { + /** + * list of items on this page of results + */ + items: IdentityProvider[]; + /** + * token used to fetch the next page of results (if any) + */ + nextPage?: string | null; +}; + +export type IdentityProviderType = "saml"; + /** * Describes what kind of identity is described by an id */ export type IdentityType = "silo_user"; +export type IdpMetadataSource = + | { type: "url"; url: string } + | { data: string; type: "base64_encoded_xml" }; + /** * Client view of project Images */ @@ -324,8 +437,9 @@ export type ImageResultsPage = { * The source of the underlying image. */ export type ImageSource = - | { src: string; type: "url" } - | { src: string; type: "snapshot" }; + | { type: "url"; url: string } + | { id: string; type: "snapshot" } + | { type: "you_can_boot_anything_as_long_as_its_alpine" }; /** * Client view of an {@link Instance} @@ -428,7 +542,7 @@ export type InstanceDiskAttachment = * Migration parameters for an {@link Instance} */ export type InstanceMigrate = { - dstSledUuid: string; + dstSledId: string; }; /** @@ -453,6 +567,20 @@ export type InstanceResultsPage = { nextPage?: string | null; }; +/** + * Contents of an Instance's serial console buffer. + */ +export type InstanceSerialConsoleData = { + /** + * The bytes starting from the requested offset up to either the end of the buffer or the request's `max_bytes`. Provided as a u8 array rather than a string, as it may not be UTF-8. + */ + data: number[]; + /** + * The absolute offset since boot (suitable for use as `byte_offset` in a subsequent request) of the last byte returned in `data`. + */ + lastByteOffset: number; +}; + /** * Running state of an Instance (primarily: booted or stopped) * @@ -472,6 +600,86 @@ export type InstanceState = export type IpNet = Ipv4Net | Ipv6Net; +/** + * Identity-related metadata that's included in nearly all public API objects + */ +export type IpPool = { + /** + * human-readable free-form text about a resource + */ + description: string; + /** + * unique, immutable, system-controlled identifier for each resource + */ + id: string; + /** + * unique, mutable, user-controlled identifier for each resource + */ + name: Name; + /** + * timestamp when this resource was created + */ + timeCreated: Date; + /** + * timestamp when this resource was last modified + */ + timeModified: Date; +}; + +/** + * Create-time parameters for an IP Pool. + * + * See {@link IpPool} + */ +export type IpPoolCreate = { + description: string; + name: Name; +}; + +export type IpPoolRange = { + id: string; + range: IpRange; + timeCreated: Date; +}; + +/** + * A single page of results + */ +export type IpPoolRangeResultsPage = { + /** + * list of items on this page of results + */ + items: IpPoolRange[]; + /** + * token used to fetch the next page of results (if any) + */ + nextPage?: string | null; +}; + +/** + * A single page of results + */ +export type IpPoolResultsPage = { + /** + * list of items on this page of results + */ + items: IpPool[]; + /** + * token used to fetch the next page of results (if any) + */ + nextPage?: string | null; +}; + +/** + * Parameters for updating an IP Pool + */ +export type IpPoolUpdate = { + description?: string | null; + name?: Name | null; +}; + +export type IpRange = Ipv4Range | Ipv6Range; + /** * An IPv4 subnet, including prefix and subnet mask */ @@ -481,6 +689,16 @@ export type Ipv4Net = string; export const ipv4NetPattern = "(^(10.(25[0-5]|[1-2][0-4][0-9]|[1-9][0-9]|[0-9].){2}(25[0-5]|[1-2][0-4][0-9]|[1-9][0-9]|[0-9])/(1[0-9]|2[0-8]|[8-9]))$)|(^(172.16.(25[0-5]|[1-2][0-4][0-9]|[1-9][0-9]|[0-9]).(25[0-5]|[1-2][0-4][0-9]|[1-9][0-9]|[0-9])/(1[2-9]|2[0-8]))$)|(^(192.168.(25[0-5]|[1-2][0-4][0-9]|[1-9][0-9]|[0-9]).(25[0-5]|[1-2][0-4][0-9]|[1-9][0-9]|[0-9])/(1[6-9]|2[0-8]))$)"; +/** + * A non-decreasing IPv4 address range, inclusive of both ends. + * + * The first address must be less than or equal to the last address. + */ +export type Ipv4Range = { + first: string; + last: string; +}; + /** * An IPv6 subnet, including prefix and subnet mask */ @@ -490,6 +708,16 @@ export type Ipv6Net = string; export const ipv6NetPattern = "^(fd|FD)[0-9a-fA-F]{2}:((([0-9a-fA-F]{1,4}:){6}[0-9a-fA-F]{1,4})|(([0-9a-fA-F]{1,4}:){1,6}:))/(6[4-9]|[7-9][0-9]|1[0-1][0-9]|12[0-6])$"; +/** + * A non-decreasing IPv6 address range, inclusive of both ends. + * + * The first address must be less than or equal to the last address. + */ +export type Ipv6Range = { + first: string; + last: string; +}; + /** * An inclusive-inclusive range of IP ports. The second port may be omitted to represent a single port */ @@ -498,10 +726,6 @@ export type L4PortRange = string; /** Regex pattern for validating L4PortRange */ export const l4PortRangePattern = "^[0-9]{1,5}(-[0-9]{1,5})?$"; -export type LoginParams = { - username: string; -}; - /** * A Media Access Control address, in EUI-48 format */ @@ -546,6 +770,10 @@ export type NetworkInterface = { * unique, mutable, user-controlled identifier for each resource */ name: Name; + /** + * True if this interface is the primary for the instance to which it's attached. + */ + primary: boolean; /** * The subnet to which the interface belongs. */ @@ -598,6 +826,24 @@ export type NetworkInterfaceResultsPage = { nextPage?: string | null; }; +/** + * Parameters for updating a {@link NetworkInterface}. + * + * Note that modifying IP addresses for an interface is not yet supported, a new interface must be created instead. + */ +export type NetworkInterfaceUpdate = { + description?: string | null; + /** + * Make a secondary interface the instance's primary interface. + * + * If applied to a secondary interface, that interface will become the primary on the next reboot of the instance. Note that this may have implications for routing between instances, as the new primary interface will be on a distinct subnet from the previous primary interface. + * + * Note that this can only be used to select a new primary interface for an instance. Requests to change the primary interface into a secondary will return an error. + */ + makePrimary?: boolean | null; + name?: Name | null; +}; + /** * Client view of an {@link Organization} */ @@ -646,18 +892,18 @@ export type OrganizationResultsPage = { nextPage?: string | null; }; -export type OrganizationRoles = "admin" | "collaborator"; +export type OrganizationRole = "admin" | "collaborator" | "viewer"; /** * Client view of a `Policy`, which describes how this resource may be accessed * * Note that the Policy only describes access granted explicitly for this resource. The policies of parent resources can also cause a user to have access to this resource. */ -export type OrganizationRolesPolicy = { +export type OrganizationRolePolicy = { /** * Roles directly assigned on this resource */ - roleAssignments: OrganizationRolesRoleAssignment[]; + roleAssignments: OrganizationRoleRoleAssignment[]; }; /** @@ -665,10 +911,10 @@ export type OrganizationRolesPolicy = { * * The resource is not part of this structure. Rather, `RoleAssignment`s are put into a `Policy` and that Policy is applied to a particular resource. */ -export type OrganizationRolesRoleAssignment = { +export type OrganizationRoleRoleAssignment = { identityId: string; identityType: IdentityType; - roleName: OrganizationRoles; + roleName: OrganizationRole; }; /** @@ -728,18 +974,18 @@ export type ProjectResultsPage = { nextPage?: string | null; }; -export type ProjectRoles = "admin" | "collaborator" | "viewer"; +export type ProjectRole = "admin" | "collaborator" | "viewer"; /** * Client view of a `Policy`, which describes how this resource may be accessed * * Note that the Policy only describes access granted explicitly for this resource. The policies of parent resources can also cause a user to have access to this resource. */ -export type ProjectRolesPolicy = { +export type ProjectRolePolicy = { /** * Roles directly assigned on this resource */ - roleAssignments: ProjectRolesRoleAssignment[]; + roleAssignments: ProjectRoleRoleAssignment[]; }; /** @@ -747,10 +993,10 @@ export type ProjectRolesPolicy = { * * The resource is not part of this structure. Rather, `RoleAssignment`s are put into a `Policy` and that Policy is applied to a particular resource. */ -export type ProjectRolesRoleAssignment = { +export type ProjectRoleRoleAssignment = { identityId: string; identityType: IdentityType; - roleName: ProjectRoles; + roleName: ProjectRole; }; /** @@ -765,18 +1011,10 @@ export type ProjectUpdate = { * Client view of an {@link Rack} */ export type Rack = { - /** - * human-readable free-form text about a resource - */ - description: string; /** * unique, immutable, system-controlled identifier for each resource */ id: string; - /** - * unique, mutable, user-controlled identifier for each resource - */ - name: Name; /** * timestamp when this resource was created */ @@ -964,6 +1202,92 @@ export type SagaState = | { state: "succeeded" } | { errorInfo: SagaErrorInfo; errorNodeName: string; state: "failed" }; +/** + * Identity-related metadata that's included in nearly all public API objects + */ +export type SamlIdentityProvider = { + /** + * service provider endpoint where the response will be sent + */ + acsUrl: string; + /** + * human-readable free-form text about a resource + */ + description: string; + /** + * unique, immutable, system-controlled identifier for each resource + */ + id: string; + /** + * idp's entity id + */ + idpEntityId: string; + /** + * unique, mutable, user-controlled identifier for each resource + */ + name: Name; + /** + * optional request signing public certificate (base64 encoded der file) + */ + publicCert?: string | null; + /** + * service provider endpoint where the idp should send log out requests + */ + sloUrl: string; + /** + * sp's client id + */ + spClientId: string; + /** + * customer's technical contact for saml configuration + */ + technicalContactEmail: string; + /** + * timestamp when this resource was created + */ + timeCreated: Date; + /** + * timestamp when this resource was last modified + */ + timeModified: Date; +}; + +/** + * Create-time identity-related parameters + */ +export type SamlIdentityProviderCreate = { + /** + * service provider endpoint where the response will be sent + */ + acsUrl: string; + description: string; + /** + * idp's entity id + */ + idpEntityId: string; + /** + * the source of an identity provider metadata descriptor + */ + idpMetadataSource: IdpMetadataSource; + name: Name; + /** + * optional request signing key pair + */ + signingKeypair?: DerEncodedKeyPair | null; + /** + * service provider endpoint where the idp should send log out requests + */ + sloUrl: string; + /** + * sp's client id + */ + spClientId: string; + /** + * customer's technical contact for saml configuration + */ + technicalContactEmail: string; +}; + /** * Client view of currently authed user. */ @@ -999,6 +1323,10 @@ export type Silo = { * timestamp when this resource was last modified */ timeModified: Date; + /** + * User provision type + */ + userProvisionType: UserProvisionType; }; /** @@ -1008,6 +1336,7 @@ export type SiloCreate = { description: string; discoverable: boolean; name: Name; + userProvisionType: UserProvisionType; }; /** @@ -1024,18 +1353,18 @@ export type SiloResultsPage = { nextPage?: string | null; }; -export type SiloRoles = "admin" | "collaborator" | "viewer"; +export type SiloRole = "admin" | "collaborator" | "viewer"; /** * Client view of a `Policy`, which describes how this resource may be accessed * * Note that the Policy only describes access granted explicitly for this resource. The policies of parent resources can also cause a user to have access to this resource. */ -export type SiloRolesPolicy = { +export type SiloRolePolicy = { /** * Roles directly assigned on this resource */ - roleAssignments: SiloRolesRoleAssignment[]; + roleAssignments: SiloRoleRoleAssignment[]; }; /** @@ -1043,28 +1372,20 @@ export type SiloRolesPolicy = { * * The resource is not part of this structure. Rather, `RoleAssignment`s are put into a `Policy` and that Policy is applied to a particular resource. */ -export type SiloRolesRoleAssignment = { +export type SiloRoleRoleAssignment = { identityId: string; identityType: IdentityType; - roleName: SiloRoles; + roleName: SiloRole; }; /** * Client view of an {@link Sled} */ export type Sled = { - /** - * human-readable free-form text about a resource - */ - description: string; /** * unique, immutable, system-controlled identifier for each resource */ id: string; - /** - * unique, mutable, user-controlled identifier for each resource - */ - name: Name; serviceAddress: string; /** * timestamp when this resource was created @@ -1145,6 +1466,10 @@ export type SnapshotResultsPage = { nextPage?: string | null; }; +export type SpoofLoginBody = { + username: string; +}; + /** * Client view of a {@link SshKey} */ @@ -1244,6 +1569,13 @@ export type TimeseriesSchemaResultsPage = { * Client view of a {@link User} */ export type User = { + id: string; +}; + +/** + * Client view of a {@link UserBuiltin} + */ +export type UserBuiltin = { /** * human-readable free-form text about a resource */ @@ -1266,6 +1598,25 @@ export type User = { timeModified: Date; }; +/** + * A single page of results + */ +export type UserBuiltinResultsPage = { + /** + * list of items on this page of results + */ + items: UserBuiltin[]; + /** + * token used to fetch the next page of results (if any) + */ + nextPage?: string | null; +}; + +/** + * How users will be provisioned in a silo during authentication. + */ +export type UserProvisionType = "fixed" | "jit"; + /** * A single page of results */ @@ -1680,6 +2031,16 @@ export type NameOrIdSortMode = | "name_descending" | "id_ascending"; +export interface DeviceAuthRequestParams {} + +export interface DeviceAuthConfirmParams {} + +export interface DeviceAccessTokenParams {} + +export interface DeviceAuthVerifyParams { + userCode?: string; +} + export interface HardwareRacksGetParams { limit?: number | null; @@ -1700,30 +2061,80 @@ export interface HardwareSledsGetParams { sortBy?: IdSortMode; } -export interface HardwareSledsGetSledParams { - sledId: string; +export interface HardwareSledsGetSledParams { + sledId: string; +} + +export interface ImagesGetParams { + limit?: number | null; + + pageToken?: string | null; + + sortBy?: NameSortMode; +} + +export interface ImagesPostParams {} + +export interface ImagesGetImageParams { + imageName: Name; +} + +export interface ImagesDeleteImageParams { + imageName: Name; +} + +export interface IpPoolsGetParams { + limit?: number | null; + + pageToken?: string | null; + + sortBy?: NameOrIdSortMode; +} + +export interface IpPoolsPostParams {} + +export interface IpPoolsGetIpPoolParams { + poolName: Name; +} + +export interface IpPoolsPutIpPoolParams { + poolName: Name; +} + +export interface IpPoolsDeleteIpPoolParams { + poolName: Name; } -export interface ImagesGetParams { +export interface IpPoolRangesGetParams { + poolName: Name; + limit?: number | null; pageToken?: string | null; - - sortBy?: NameSortMode; } -export interface ImagesPostParams {} - -export interface ImagesGetImageParams { - imageName: Name; +export interface IpPoolRangesAddParams { + poolName: Name; } -export interface ImagesDeleteImageParams { - imageName: Name; +export interface IpPoolRangesDeleteParams { + poolName: Name; } export interface SpoofLoginParams {} +export interface LoginParams { + providerName: Name; + + siloName: Name; +} + +export interface ConsumeCredentialsParams { + providerName: Name; + + siloName: Name; +} + export interface LogoutParams {} export interface OrganizationsGetParams { @@ -1960,6 +2371,16 @@ export interface InstanceNetworkInterfacesGetInterfaceParams { projectName: Name; } +export interface InstanceNetworkInterfacesPutInterfaceParams { + instanceName: Name; + + interfaceName: Name; + + orgName: Name; + + projectName: Name; +} + export interface InstanceNetworkInterfacesDeleteInterfaceParams { instanceName: Name; @@ -1978,6 +2399,20 @@ export interface ProjectInstancesInstanceRebootParams { projectName: Name; } +export interface ProjectInstancesInstanceSerialGetParams { + instanceName: Name; + + orgName: Name; + + projectName: Name; + + fromStart?: number | null; + + maxBytes?: number | null; + + mostRecent?: number | null; +} + export interface ProjectInstancesInstanceStartParams { instanceName: Name; @@ -2344,6 +2779,16 @@ export interface SilosDeleteSiloParams { siloName: Name; } +export interface SilosGetIdentityProvidersParams { + siloName: Name; + + limit?: number | null; + + pageToken?: string | null; + + sortBy?: NameSortMode; +} + export interface SilosGetSiloPolicyParams { siloName: Name; } @@ -2352,6 +2797,16 @@ export interface SilosPutSiloPolicyParams { siloName: Name; } +export interface SiloSamlIdpCreateParams { + siloName: Name; +} + +export interface SiloSamlIdpFetchParams { + providerName: Name; + + siloName: Name; +} + export interface TimeseriesSchemaGetParams { limit?: number | null; @@ -2360,7 +2815,15 @@ export interface TimeseriesSchemaGetParams { export interface UpdatesRefreshParams {} -export interface UsersGetParams { +export interface SiloUsersGetParams { + limit?: number | null; + + pageToken?: string | null; + + sortBy?: IdSortMode; +} + +export interface BuiltinUsersGetParams { limit?: number | null; pageToken?: string | null; @@ -2368,7 +2831,7 @@ export interface UsersGetParams { sortBy?: NameSortMode; } -export interface UsersGetUserParams { +export interface BuiltinUsersGetUserParams { userName: Name; } @@ -2589,6 +3052,61 @@ export class HttpClient { export class Api extends HttpClient { methods = { + /** + * Start an OAuth 2.0 Device Authorization Grant + */ + deviceAuthRequest: ( + query: DeviceAuthRequestParams, + params: RequestParams = {} + ) => + this.request({ + path: `/device/auth`, + method: "POST", + ...params, + }), + + /** + * Confirm an OAuth 2.0 Device Authorization Grant + */ + deviceAuthConfirm: ( + query: DeviceAuthConfirmParams, + body: DeviceAuthVerifyParams, + params: RequestParams = {} + ) => + this.request({ + path: `/device/confirm`, + method: "POST", + body, + ...params, + }), + + /** + * Request a device access token + */ + deviceAccessToken: ( + query: DeviceAccessTokenParams, + params: RequestParams = {} + ) => + this.request({ + path: `/device/token`, + method: "POST", + ...params, + }), + + /** + * Verify an OAuth 2.0 Device Authorization Grant + */ + deviceAuthVerify: ( + query: DeviceAuthVerifyParams, + params: RequestParams = {} + ) => + this.request({ + path: `/device/verify`, + method: "GET", + query, + ...params, + }), + /** * List racks in the system. */ @@ -2659,7 +3177,7 @@ export class Api extends HttpClient { */ imagesPost: ( query: ImagesPostParams, - body: ImageCreate, + body: GlobalImageCreate, params: RequestParams = {} ) => this.request({ @@ -2695,9 +3213,120 @@ export class Api extends HttpClient { ...params, }), + /** + * List IP Pools. + */ + ipPoolsGet: (query: IpPoolsGetParams, params: RequestParams = {}) => + this.request({ + path: `/ip-pools`, + method: "GET", + query, + ...params, + }), + + /** + * Create a new IP Pool. + */ + ipPoolsPost: ( + query: IpPoolsPostParams, + body: IpPoolCreate, + params: RequestParams = {} + ) => + this.request({ + path: `/ip-pools`, + method: "POST", + body, + ...params, + }), + + /** + * Fetch a single IP Pool. + */ + ipPoolsGetIpPool: ( + { poolName }: IpPoolsGetIpPoolParams, + params: RequestParams = {} + ) => + this.request({ + path: `/ip-pools/${poolName}`, + method: "GET", + ...params, + }), + + /** + * Update an IP Pool. + */ + ipPoolsPutIpPool: ( + { poolName }: IpPoolsPutIpPoolParams, + body: IpPoolUpdate, + params: RequestParams = {} + ) => + this.request({ + path: `/ip-pools/${poolName}`, + method: "PUT", + body, + ...params, + }), + + /** + * Delete an IP Pool. + */ + ipPoolsDeleteIpPool: ( + { poolName }: IpPoolsDeleteIpPoolParams, + params: RequestParams = {} + ) => + this.request({ + path: `/ip-pools/${poolName}`, + method: "DELETE", + ...params, + }), + + /** + * List the ranges of IP addresses within an existing IP Pool. + */ + ipPoolRangesGet: ( + { poolName, ...query }: IpPoolRangesGetParams, + params: RequestParams = {} + ) => + this.request({ + path: `/ip-pools/${poolName}/ranges`, + method: "GET", + query, + ...params, + }), + + /** + * Add a new range to an existing IP Pool. + */ + ipPoolRangesAdd: ( + { poolName }: IpPoolRangesAddParams, + body: IpRange, + params: RequestParams = {} + ) => + this.request({ + path: `/ip-pools/${poolName}/ranges/add`, + method: "POST", + body, + ...params, + }), + + /** + * Remove a range from an existing IP Pool. + */ + ipPoolRangesDelete: ( + { poolName }: IpPoolRangesDeleteParams, + body: IpRange, + params: RequestParams = {} + ) => + this.request({ + path: `/ip-pools/${poolName}/ranges/delete`, + method: "POST", + body, + ...params, + }), + spoofLogin: ( query: SpoofLoginParams, - body: LoginParams, + body: SpoofLoginBody, params: RequestParams = {} ) => this.request({ @@ -2707,6 +3336,32 @@ export class Api extends HttpClient { ...params, }), + /** + * Ask the user to login to their identity provider + */ + login: ( + { providerName, siloName }: LoginParams, + params: RequestParams = {} + ) => + this.request({ + path: `/login/${siloName}/${providerName}`, + method: "GET", + ...params, + }), + + /** + * Consume some sort of credentials, and authenticate a user. + */ + consumeCredentials: ( + { providerName, siloName }: ConsumeCredentialsParams, + params: RequestParams = {} + ) => + this.request({ + path: `/login/${siloName}/${providerName}`, + method: "POST", + ...params, + }), + logout: (query: LogoutParams, params: RequestParams = {}) => this.request({ path: `/logout`, @@ -2791,7 +3446,7 @@ export class Api extends HttpClient { { orgName }: OrganizationGetPolicyParams, params: RequestParams = {} ) => - this.request({ + this.request({ path: `/organizations/${orgName}/policy`, method: "GET", ...params, @@ -2802,10 +3457,10 @@ export class Api extends HttpClient { */ organizationPutPolicy: ( { orgName }: OrganizationPutPolicyParams, - body: OrganizationRolesPolicy, + body: OrganizationRolePolicy, params: RequestParams = {} ) => - this.request({ + this.request({ path: `/organizations/${orgName}/policy`, method: "PUT", body, @@ -3164,6 +3819,26 @@ export class Api extends HttpClient { ...params, }), + /** + * Update information about an instance's network interface + */ + instanceNetworkInterfacesPutInterface: ( + { + instanceName, + interfaceName, + orgName, + projectName, + }: InstanceNetworkInterfacesPutInterfaceParams, + body: NetworkInterfaceUpdate, + params: RequestParams = {} + ) => + this.request({ + path: `/organizations/${orgName}/projects/${projectName}/instances/${instanceName}/network-interfaces/${interfaceName}`, + method: "PUT", + body, + ...params, + }), + /** * Detach a network interface from an instance. */ @@ -3199,6 +3874,25 @@ export class Api extends HttpClient { ...params, }), + /** + * Get contents of an instance's serial console. + */ + projectInstancesInstanceSerialGet: ( + { + instanceName, + orgName, + projectName, + ...query + }: ProjectInstancesInstanceSerialGetParams, + params: RequestParams = {} + ) => + this.request({ + path: `/organizations/${orgName}/projects/${projectName}/instances/${instanceName}/serial`, + method: "GET", + query, + ...params, + }), + /** * Boot an instance. */ @@ -3240,7 +3934,7 @@ export class Api extends HttpClient { { orgName, projectName }: OrganizationProjectsGetProjectPolicyParams, params: RequestParams = {} ) => - this.request({ + this.request({ path: `/organizations/${orgName}/projects/${projectName}/policy`, method: "GET", ...params, @@ -3251,10 +3945,10 @@ export class Api extends HttpClient { */ organizationProjectsPutProjectPolicy: ( { orgName, projectName }: OrganizationProjectsPutProjectPolicyParams, - body: ProjectRolesPolicy, + body: ProjectRolePolicy, params: RequestParams = {} ) => - this.request({ + this.request({ path: `/organizations/${orgName}/projects/${projectName}/policy`, method: "PUT", body, @@ -3686,7 +4380,7 @@ export class Api extends HttpClient { * Fetch the top-level IAM policy */ policyGet: (query: PolicyGetParams, params: RequestParams = {}) => - this.request({ + this.request({ path: `/policy`, method: "GET", ...params, @@ -3697,10 +4391,10 @@ export class Api extends HttpClient { */ policyPut: ( query: PolicyPutParams, - body: FleetRolesPolicy, + body: FleetRolePolicy, params: RequestParams = {} ) => - this.request({ + this.request({ path: `/policy`, method: "PUT", body, @@ -3866,6 +4560,20 @@ export class Api extends HttpClient { ...params, }), + /** + * List Silo identity providers + */ + silosGetIdentityProviders: ( + { siloName, ...query }: SilosGetIdentityProvidersParams, + params: RequestParams = {} + ) => + this.request({ + path: `/silos/${siloName}/identity_providers`, + method: "GET", + query, + ...params, + }), + /** * Fetch the IAM policy for this Silo */ @@ -3873,7 +4581,7 @@ export class Api extends HttpClient { { siloName }: SilosGetSiloPolicyParams, params: RequestParams = {} ) => - this.request({ + this.request({ path: `/silos/${siloName}/policy`, method: "GET", ...params, @@ -3884,16 +4592,44 @@ export class Api extends HttpClient { */ silosPutSiloPolicy: ( { siloName }: SilosPutSiloPolicyParams, - body: SiloRolesPolicy, + body: SiloRolePolicy, params: RequestParams = {} ) => - this.request({ + this.request({ path: `/silos/${siloName}/policy`, method: "PUT", body, ...params, }), + /** + * Create a new SAML identity provider for a silo. + */ + siloSamlIdpCreate: ( + { siloName }: SiloSamlIdpCreateParams, + body: SamlIdentityProviderCreate, + params: RequestParams = {} + ) => + this.request({ + path: `/silos/${siloName}/saml_identity_providers`, + method: "POST", + body, + ...params, + }), + + /** + * GET a silo's SAML identity provider + */ + siloSamlIdpFetch: ( + { providerName, siloName }: SiloSamlIdpFetchParams, + params: RequestParams = {} + ) => + this.request({ + path: `/silos/${siloName}/saml_identity_providers/${providerName}`, + method: "GET", + ...params, + }), + /** * List all timeseries schema */ @@ -3919,9 +4655,9 @@ export class Api extends HttpClient { }), /** - * List the built-in system users + * List users */ - usersGet: (query: UsersGetParams, params: RequestParams = {}) => + siloUsersGet: (query: SiloUsersGetParams, params: RequestParams = {}) => this.request({ path: `/users`, method: "GET", @@ -3929,15 +4665,29 @@ export class Api extends HttpClient { ...params, }), + /** + * List the built-in system users + */ + builtinUsersGet: ( + query: BuiltinUsersGetParams, + params: RequestParams = {} + ) => + this.request({ + path: `/users_builtin`, + method: "GET", + query, + ...params, + }), + /** * Fetch a specific built-in system user */ - usersGetUser: ( - { userName }: UsersGetUserParams, + builtinUsersGetUser: ( + { userName }: BuiltinUsersGetUserParams, params: RequestParams = {} ) => - this.request({ - path: `/users/${userName}`, + this.request({ + path: `/users_builtin/${userName}`, method: "GET", ...params, }), From f6cb126247a947eaa19ac462a427730b458b038e Mon Sep 17 00:00:00 2001 From: David Crespo Date: Wed, 29 Jun 2022 21:42:42 -0500 Subject: [PATCH 3/3] update API even more --- Api.ts | 12 ++++++++---- OMICRON_VERSION | 2 +- README.md | 2 +- generator/package.json | 1 - generator/update-spec.sh | 11 ----------- 5 files changed, 10 insertions(+), 18 deletions(-) delete mode 100755 generator/update-spec.sh diff --git a/Api.ts b/Api.ts index 9b478d6..d0c1935 100644 --- a/Api.ts +++ b/Api.ts @@ -34,17 +34,17 @@ export type DerEncodedKeyPair = { publicCert: string; }; -export type DeviceAccessTokenRequestParams = { +export type DeviceAccessTokenRequest = { clientId: string; deviceCode: string; grantType: string; }; -export type DeviceAuthRequestParams = { +export type DeviceAuthRequest = { clientId: string; }; -export type DeviceAuthVerifyParams = { +export type DeviceAuthVerify = { userCode: string; }; @@ -1569,6 +1569,10 @@ export type TimeseriesSchemaResultsPage = { * Client view of a {@link User} */ export type User = { + /** + * Human-readable name that can identify the user + */ + displayName: string; id: string; }; @@ -3070,7 +3074,7 @@ export class Api extends HttpClient { */ deviceAuthConfirm: ( query: DeviceAuthConfirmParams, - body: DeviceAuthVerifyParams, + body: DeviceAuthVerify, params: RequestParams = {} ) => this.request({ diff --git a/OMICRON_VERSION b/OMICRON_VERSION index 2dfa73c..75ac9eb 100644 --- a/OMICRON_VERSION +++ b/OMICRON_VERSION @@ -1 +1 @@ -e4126a1e \ No newline at end of file +7c6155e \ No newline at end of file diff --git a/README.md b/README.md index 24a758a..23525b4 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ This will be automated, but to generate the client (`Api.ts`) manually: ``` -# optional: update omicron sha in OMICRON_VERSION and run `npm run update-spec` +# optional: update omicron sha in OMICRON_VERSION cd generator npm i npm run gen diff --git a/generator/package.json b/generator/package.json index cb13d24..2a23d9d 100644 --- a/generator/package.json +++ b/generator/package.json @@ -4,7 +4,6 @@ "description": "Minimal TS OpenAPI client generator", "main": "index.ts", "scripts": { - "update-spec": "./update-spec.sh", "gen": "./gen.sh $(cat ../OMICRON_VERSION) | prettier --parser typescript > ../Api.ts", "gen-from": "./gen.sh", "test": "vitest", diff --git a/generator/update-spec.sh b/generator/update-spec.sh deleted file mode 100755 index 7d1c661..0000000 --- a/generator/update-spec.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/usr/bin/env bash - -set -o errexit -set -o pipefail - -# Nexus will eventually have proper version numbers, but for now we are keyed to -# a SHA in the omicron repo -OMICRON_VERSION=$(cat ../OMICRON_VERSION) -SPEC_URL="https://raw.githubusercontent.com/oxidecomputer/omicron/$OMICRON_VERSION/openapi/nexus.json" - -curl --fail "$SPEC_URL" -o ../spec.json