diff --git a/.semgrep.yml b/.semgrep.yml new file mode 100644 index 0000000..f43f269 --- /dev/null +++ b/.semgrep.yml @@ -0,0 +1,100 @@ +# AutoGlue Semgrep configuration +# Use with: opengrep scan --config .semgrep.yml . + +rules: + + # + # 1. Suppress known benign “direct write to ResponseWriter” warnings + # + - id: autoglue.ignore.direct-write-static + message: Ignore direct writes for static or binary responses + languages: [go] + severity: INFO + metadata: + category: suppression + project: autoglue + patterns: + - pattern: | + _, _ = $W.Write($DATA) + pattern-inside: | + func $F($X...) { + ... + } + paths: + include: + - internal/api/utils.go + - internal/handlers/ssh_keys.go + + + # + # 2. Enforce Allowed Origins checking in writePostMessageHTML + # + - id: autoglue.auth.require-origin-validation + message: > + writePostMessageHTML must validate `origin` against known allowed origins + to prevent token exfiltration via crafted state/redirect parameters. + languages: [go] + severity: ERROR + metadata: + category: security + project: autoglue + + # Look for the JS snippet inside the Go string literal using a regex. + # This is NOT Go code, so we must use pattern-regex, not pattern. + pattern-regex: | + window\.opener\.postMessage\(\{ type: 'autoglue:auth', payload: data \}, .*?\); + + paths: + include: + - internal/handlers/auth.go + + + # + # 3. Require httpOnly+Secure cookies for JWT cookies + # + - id: autoglue.cookies.ensure-secure-jwt + message: > + JWT cookies must always have a Secure field (true in prod, false only for localhost dev). + languages: [go] + severity: WARNING + metadata: + category: security + project: autoglue + + patterns: + # 1) Find any SetCookie for ag_jwt + - pattern: | + http.SetCookie($W, &http.Cookie{ + Name: "ag_jwt", + ... + }) + # 2) BUT ignore cases where the Secure field is present + - pattern-not: | + http.SetCookie($W, &http.Cookie{ + Name: "ag_jwt", + Secure: $SECURE, + ... + }) + + paths: + include: + - internal/handlers/auth.go + + + # + # 4. Ban path.Clean for user-controlled paths + # + - id: autoglue.filesystem.no-path-clean + message: Use securejoin instead of path.Clean() for file paths. + languages: [go] + severity: WARNING + metadata: + category: security + project: autoglue + + pattern: | + path.Clean($X) + + paths: + include: + - internal/web/static.go diff --git a/Makefile b/Makefile index 2605c3a..e1573a9 100644 --- a/Makefile +++ b/Makefile @@ -30,6 +30,7 @@ UI_SSG_ROUTES ?= /,/login,/docs,/pricing # Go versioning (go.mod uses major.minor; you’re on 1.25.4) GO_VERSION ?= 1.25.4 +SWAG_FLAGS ?= --v3.1 --outputTypes json,yaml,go # SDK / package settings (TypeScript) SDK_TS_OUTDIR ?= sdk/ts @@ -112,10 +113,11 @@ $(DOCS_JSON) $(DOCS_YAML): $(GO_SRCS) @echo ">> Generating Swagger docs..." @if ! command -v swag >/dev/null 2>&1; then \ echo "Installing swag/v2 CLI @v2.0.0-rc4..."; \ - $(GOINSTALL) github.com/swaggo/swag/v2/cmd/swag@v2.0.0-rc4; \ + $(GOINSTALL) github.com/swaggo/swag/v2/cmd/swag@latest; \ fi @rm -rf docs/swagger.* docs/docs.go - @swag init -g $(MAIN) -o docs + @swag fmt -d . + @swag init $(SWAG_FLAGS) -g $(MAIN) -o docs # --- spec validation + tag guard --- validate-spec: $(DOCS_JSON) ## Validate docs/swagger.json and pin the core OpenAPI Generator version diff --git a/README.md b/README.md index 30841a2..a13911f 100644 --- a/README.md +++ b/README.md @@ -60,6 +60,7 @@ Create your org (http://localhost:8080/me) - you should be redirected here after Once you have an org - create a set of api keys for your org: They will be in the format of: +Example values only; these are not real secrets. ```text Org Key: org_lnJwmyyWH7JC-JgZo5v3Kw Org Secret: fqd9yebGMfK6h5HSgWn4sXrwr9xlFbvbIYtNylRElMQ diff --git a/atlas.hcl b/atlas.hcl new file mode 100644 index 0000000..19e8eab --- /dev/null +++ b/atlas.hcl @@ -0,0 +1,20 @@ +data "external_schema" "gorm" { + program = [ + "go", + "run", + "-mod=mod", + "ariga.io/atlas-provider-gorm", + "load", + "--path", "./internal/models", + "--dialect", "postgres", + ] +} + +env "gorm" { + src = data.external_schema.gorm.url + dev = "postgres://autoglue:autoglue@localhost:5432/autoglue_dev" +} + +env "gorm-src" { + src = data.external_schema.gorm.url +} \ No newline at end of file diff --git a/cmd/serve.go b/cmd/serve.go index 7037e48..0013a57 100644 --- a/cmd/serve.go +++ b/cmd/serve.go @@ -134,7 +134,7 @@ var serveCmd = &cobra.Command{ dbURL = cfg.DbURL } - studio, err := api.PgwebHandler( + studio, err := api.MountDbStudio( dbURL, "db-studio", false, diff --git a/docs/docs.go b/docs/docs.go index 2e04ad8..c92a99b 100644 --- a/docs/docs.go +++ b/docs/docs.go @@ -5,14 +5,22 @@ package docs import "github.com/swaggo/swag/v2" const docTemplate = `{ - "schemes": {{ marshal .Schemes }},"swagger":"2.0","info":{"description":"{{escape .Description}}","title":"{{.Title}}","contact":{"name":"GlueOps"},"version":"{{.Version}}"},"host":"{{.Host}}","basePath":"{{.BasePath}}","paths":{"/.well-known/jwks.json":{"get":{"description":"Returns the JSON Web Key Set for token verification","produces":["application/json"],"tags":["Auth"],"summary":"Get JWKS","operationId":"getJWKS","responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.JWKS"}}}}},"/admin/archer/jobs":{"get":{"security":[{"BearerAuth":[]}],"description":"Paginated background jobs with optional filters. Search ` + "`" + `q` + "`" + ` may match id, type, error, payload (implementation-dependent).","consumes":["application/json"],"produces":["application/json"],"tags":["ArcherAdmin"],"summary":"List Archer jobs (admin)","operationId":"AdminListArcherJobs","parameters":[{"enum":["queued","running","succeeded","failed","canceled","retrying","scheduled"],"type":"string","description":"Filter by status","name":"status","in":"query"},{"type":"string","description":"Filter by queue name / worker name","name":"queue","in":"query"},{"type":"string","description":"Free-text search","name":"q","in":"query"},{"type":"integer","default":1,"description":"Page number","name":"page","in":"query"},{"maximum":100,"minimum":1,"type":"integer","default":25,"description":"Items per page","name":"page_size","in":"query"}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.PageJob"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"forbidden","schema":{"type":"string"}},"500":{"description":"internal error","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]}],"description":"Create a job immediately or schedule it for the future via ` + "`" + `run_at` + "`" + `.","consumes":["application/json"],"produces":["application/json"],"tags":["ArcherAdmin"],"summary":"Enqueue a new Archer job (admin)","operationId":"AdminEnqueueArcherJob","parameters":[{"description":"Job parameters","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.EnqueueRequest"}}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.Job"}},"400":{"description":"invalid json or missing fields","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"forbidden","schema":{"type":"string"}},"500":{"description":"internal error","schema":{"type":"string"}}}}},"/admin/archer/jobs/{id}/cancel":{"post":{"security":[{"BearerAuth":[]}],"description":"Set job status to canceled if cancellable. For running jobs, this only affects future picks; wire to Archer if you need active kill.","consumes":["application/json"],"produces":["application/json"],"tags":["ArcherAdmin"],"summary":"Cancel an Archer job (admin)","operationId":"AdminCancelArcherJob","parameters":[{"type":"string","description":"Job ID","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.Job"}},"400":{"description":"invalid job or not cancellable","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"forbidden","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}}}}},"/admin/archer/jobs/{id}/retry":{"post":{"security":[{"BearerAuth":[]}],"description":"Marks the job retriable (DB flip). Swap this for an Archer admin call if you expose one.","consumes":["application/json"],"produces":["application/json"],"tags":["ArcherAdmin"],"summary":"Retry a failed/canceled Archer job (admin)","operationId":"AdminRetryArcherJob","parameters":[{"type":"string","description":"Job ID","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.Job"}},"400":{"description":"invalid job or not eligible","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"forbidden","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}}}}},"/admin/archer/queues":{"get":{"security":[{"BearerAuth":[]}],"description":"Summary metrics per queue (pending, running, failed, scheduled).","consumes":["application/json"],"produces":["application/json"],"tags":["ArcherAdmin"],"summary":"List Archer queues (admin)","operationId":"AdminListArcherQueues","responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.QueueInfo"}}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"forbidden","schema":{"type":"string"}},"500":{"description":"internal error","schema":{"type":"string"}}}}},"/annotations":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns annotations for the organization in X-Org-ID. Filters: ` + "`" + `key` + "`" + `, ` + "`" + `value` + "`" + `, and ` + "`" + `q` + "`" + ` (key contains). Add ` + "`" + `include=node_pools` + "`" + ` to include linked node pools.","consumes":["application/json"],"produces":["application/json"],"tags":["Annotations"],"summary":"List annotations (org scoped)","operationId":"ListAnnotations","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Exact key","name":"key","in":"query"},{"type":"string","description":"Exact value","name":"value","in":"query"},{"type":"string","description":"key contains (case-insensitive)","name":"q","in":"query"}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.AnnotationResponse"}}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"failed to list annotations","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Creates an annotation.","consumes":["application/json"],"produces":["application/json"],"tags":["Annotations"],"summary":"Create annotation (org scoped)","operationId":"CreateAnnotation","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"description":"Annotation payload","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.CreateAnnotationRequest"}}],"responses":{"201":{"description":"Created","schema":{"$ref":"#/definitions/dto.AnnotationResponse"}},"400":{"description":"invalid json / missing fields","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"create failed","schema":{"type":"string"}}}}},"/annotations/{id}":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns one annotation. Add ` + "`" + `include=node_pools` + "`" + ` to include node pools.","consumes":["application/json"],"produces":["application/json"],"tags":["Annotations"],"summary":"Get annotation by ID (org scoped)","operationId":"GetAnnotation","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Annotation ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.AnnotationResponse"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"fetch failed","schema":{"type":"string"}}}},"delete":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Permanently deletes the annotation.","consumes":["application/json"],"produces":["application/json"],"tags":["Annotations"],"summary":"Delete annotation (org scoped)","operationId":"DeleteAnnotation","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Annotation ID (UUID)","name":"id","in":"path","required":true}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"delete failed","schema":{"type":"string"}}}},"patch":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Partially update annotation fields.","consumes":["application/json"],"produces":["application/json"],"tags":["Annotations"],"summary":"Update annotation (org scoped)","operationId":"UpdateAnnotation","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Annotation ID (UUID)","name":"id","in":"path","required":true},{"description":"Fields to update","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.UpdateAnnotationRequest"}}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.AnnotationResponse"}},"400":{"description":"invalid id / invalid json","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"update failed","schema":{"type":"string"}}}}},"/auth/logout":{"post":{"consumes":["application/json"],"produces":["application/json"],"tags":["Auth"],"summary":"Revoke refresh token family (logout everywhere)","operationId":"Logout","parameters":[{"description":"Refresh token","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.LogoutRequest"}}],"responses":{"204":{"description":"No Content"}}}},"/auth/refresh":{"post":{"consumes":["application/json"],"produces":["application/json"],"tags":["Auth"],"summary":"Rotate refresh token","operationId":"Refresh","parameters":[{"description":"Refresh token","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.RefreshRequest"}}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.TokenPair"}}}}},"/auth/{provider}/callback":{"get":{"produces":["application/json"],"tags":["Auth"],"summary":"Handle social login callback","operationId":"AuthCallback","parameters":[{"type":"string","description":"google|github","name":"provider","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.TokenPair"}}}}},"/auth/{provider}/start":{"post":{"description":"Returns provider authorization URL for the frontend to redirect","produces":["application/json"],"tags":["Auth"],"summary":"Begin social login","operationId":"AuthStart","parameters":[{"type":"string","description":"google|github","name":"provider","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.AuthStartResponse"}}}}},"/clusters":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns clusters for the organization in X-Org-ID. Filter by ` + "`" + `q` + "`" + ` (name contains).","produces":["application/json"],"tags":["Clusters"],"summary":"List clusters (org scoped)","operationId":"ListClusters","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Name contains (case-insensitive)","name":"q","in":"query"}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.ClusterResponse"}}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"failed to list clusters","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Creates a cluster. If ` + "`" + `kubeconfig` + "`" + ` is provided, it will be encrypted per-organization and stored securely (never returned).","consumes":["application/json"],"produces":["application/json"],"tags":["Clusters"],"summary":"Create cluster (org scoped)","operationId":"CreateCluster","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"description":"payload","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.CreateClusterRequest"}}],"responses":{"201":{"description":"Created","schema":{"$ref":"#/definitions/dto.ClusterResponse"}},"400":{"description":"invalid json","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"create failed","schema":{"type":"string"}}}}},"/credentials":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns credential metadata for the current org. Secrets are never returned.","consumes":["application/json"],"produces":["application/json"],"tags":["Credentials"],"summary":"List credentials (metadata only)","operationId":"ListCredentials","parameters":[{"type":"string","description":"Organization ID (UUID)","name":"X-Org-ID","in":"header"},{"type":"string","description":"Filter by provider (e.g., aws)","name":"provider","in":"query"},{"type":"string","description":"Filter by kind (e.g., aws_access_key)","name":"kind","in":"query"},{"type":"string","description":"Filter by scope kind (provider/service/resource)","name":"scope_kind","in":"query"}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.CredentialOut"}}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"internal server error","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["Credentials"],"summary":"Create a credential (encrypts secret)","operationId":"CreateCredential","parameters":[{"type":"string","description":"Organization ID (UUID)","name":"X-Org-ID","in":"header"},{"description":"Credential payload","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.CreateCredentialRequest"}}],"responses":{"201":{"description":"Created","schema":{"$ref":"#/definitions/dto.CredentialOut"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"internal server error","schema":{"type":"string"}}}}},"/credentials/{id}":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["Credentials"],"summary":"Get credential by ID (metadata only)","operationId":"GetCredential","parameters":[{"type":"string","description":"Organization ID (UUID)","name":"X-Org-ID","in":"header"},{"type":"string","description":"Credential ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.CredentialOut"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"internal server error","schema":{"type":"string"}}}},"delete":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["Credentials"],"summary":"Delete credential","operationId":"DeleteCredential","parameters":[{"type":"string","description":"Organization ID (UUID)","name":"X-Org-ID","in":"header"},{"type":"string","description":"Credential ID (UUID)","name":"id","in":"path","required":true}],"responses":{"204":{"description":"No Content"},"404":{"description":"not found","schema":{"type":"string"}}}},"patch":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["Credentials"],"summary":"Update credential metadata and/or rotate secret","operationId":"UpdateCredential","parameters":[{"type":"string","description":"Organization ID (UUID)","name":"X-Org-ID","in":"header"},{"type":"string","description":"Credential ID (UUID)","name":"id","in":"path","required":true},{"description":"Fields to update","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.UpdateCredentialRequest"}}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.CredentialOut"}},"403":{"description":"X-Org-ID required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}}}}},"/credentials/{id}/reveal":{"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["Credentials"],"summary":"Reveal decrypted secret (one-time read)","operationId":"RevealCredential","parameters":[{"type":"string","description":"Organization ID (UUID)","name":"X-Org-ID","in":"header"},{"type":"string","description":"Credential ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"type":"object","additionalProperties":true}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}}}}},"/dns/domains":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns domains for X-Org-ID. Filters: ` + "`" + `domain_name` + "`" + `, ` + "`" + `status` + "`" + `, ` + "`" + `q` + "`" + ` (contains).","consumes":["application/json"],"produces":["application/json"],"tags":["DNS"],"summary":"List domains (org scoped)","operationId":"ListDomains","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Exact domain name (lowercase, no trailing dot)","name":"domain_name","in":"query"},{"type":"string","description":"pending|provisioning|ready|failed","name":"status","in":"query"},{"type":"string","description":"Domain contains (case-insensitive)","name":"q","in":"query"}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.DomainResponse"}}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"db error","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Creates a domain bound to a Route 53 scoped credential. Archer will backfill ZoneID if omitted.","consumes":["application/json"],"produces":["application/json"],"tags":["DNS"],"summary":"Create a domain (org scoped)","operationId":"CreateDomain","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"description":"Domain payload","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.CreateDomainRequest"}}],"responses":{"201":{"description":"Created","schema":{"$ref":"#/definitions/dto.DomainResponse"}},"400":{"description":"validation error","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"db error","schema":{"type":"string"}}}}},"/dns/domains/{domain_id}/records":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Filters: ` + "`" + `name` + "`" + `, ` + "`" + `type` + "`" + `, ` + "`" + `status` + "`" + `.","consumes":["application/json"],"produces":["application/json"],"tags":["DNS"],"summary":"List record sets for a domain","operationId":"ListRecordSets","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Domain ID (UUID)","name":"domain_id","in":"path","required":true},{"type":"string","description":"Exact relative name or FQDN (server normalizes)","name":"name","in":"query"},{"type":"string","description":"RR type (A, AAAA, CNAME, TXT, MX, NS, SRV, CAA)","name":"type","in":"query"},{"type":"string","description":"pending|provisioning|ready|failed","name":"status","in":"query"}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.RecordSetResponse"}}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"domain not found","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["DNS"],"summary":"Create a record set (pending; Archer will UPSERT to Route 53)","operationId":"CreateRecordSet","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Domain ID (UUID)","name":"domain_id","in":"path","required":true},{"description":"Record set payload","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.CreateRecordSetRequest"}}],"responses":{"201":{"description":"Created","schema":{"$ref":"#/definitions/dto.RecordSetResponse"}},"400":{"description":"validation error","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"domain not found","schema":{"type":"string"}}}}},"/dns/domains/{id}":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["DNS"],"summary":"Get a domain (org scoped)","operationId":"GetDomain","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Domain ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.DomainResponse"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}}}},"delete":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["DNS"],"summary":"Delete a domain","operationId":"DeleteDomain","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Domain ID (UUID)","name":"id","in":"path","required":true}],"responses":{"204":{"description":"No Content"},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}}}},"patch":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["DNS"],"summary":"Update a domain (org scoped)","operationId":"UpdateDomain","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Domain ID (UUID)","name":"id","in":"path","required":true},{"description":"Fields to update","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.UpdateDomainRequest"}}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.DomainResponse"}},"400":{"description":"validation error","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}}}}},"/dns/records/{id}":{"delete":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["DNS"],"summary":"Delete a record set (API removes row; worker can optionally handle external deletion policy)","operationId":"DeleteRecordSet","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Record Set ID (UUID)","name":"id","in":"path","required":true}],"responses":{"204":{"description":"No Content"},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}}}},"patch":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["DNS"],"summary":"Update a record set (flips to pending for reconciliation)","operationId":"UpdateRecordSet","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Record Set ID (UUID)","name":"id","in":"path","required":true},{"description":"Fields to update","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.UpdateRecordSetRequest"}}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.RecordSetResponse"}},"400":{"description":"validation error","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}}}}},"/healthz":{"get":{"description":"Returns 200 OK when the service is up","consumes":["application/json"],"produces":["application/json"],"tags":["Health"],"summary":"Basic health check","operationId":"HealthCheck // operationId","responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/handlers.HealthStatus"}}}}},"/labels":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns node labels for the organization in X-Org-ID. Filters: ` + "`" + `key` + "`" + `, ` + "`" + `value` + "`" + `, and ` + "`" + `q` + "`" + ` (key contains). Add ` + "`" + `include=node_pools` + "`" + ` to include linked node groups.","consumes":["application/json"],"produces":["application/json"],"tags":["Labels"],"summary":"List node labels (org scoped)","operationId":"ListLabels","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Exact key","name":"key","in":"query"},{"type":"string","description":"Exact value","name":"value","in":"query"},{"type":"string","description":"Key contains (case-insensitive)","name":"q","in":"query"}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.LabelResponse"}}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"failed to list node taints","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Creates a label.","consumes":["application/json"],"produces":["application/json"],"tags":["Labels"],"summary":"Create label (org scoped)","operationId":"CreateLabel","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"description":"Label payload","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.CreateLabelRequest"}}],"responses":{"201":{"description":"Created","schema":{"$ref":"#/definitions/dto.LabelResponse"}},"400":{"description":"invalid json / missing fields / invalid node_pool_ids","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"create failed","schema":{"type":"string"}}}}},"/labels/{id}":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns one label.","consumes":["application/json"],"produces":["application/json"],"tags":["Labels"],"summary":"Get label by ID (org scoped)","operationId":"GetLabel","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Label ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.LabelResponse"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"fetch failed","schema":{"type":"string"}}}},"delete":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Permanently deletes the label.","consumes":["application/json"],"produces":["application/json"],"tags":["Labels"],"summary":"Delete label (org scoped)","operationId":"DeleteLabel","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Label ID (UUID)","name":"id","in":"path","required":true}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"delete failed","schema":{"type":"string"}}}},"patch":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Partially update label fields.","consumes":["application/json"],"produces":["application/json"],"tags":["Labels"],"summary":"Update label (org scoped)","operationId":"UpdateLabel","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Label ID (UUID)","name":"id","in":"path","required":true},{"description":"Fields to update","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.UpdateLabelRequest"}}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.LabelResponse"}},"400":{"description":"invalid id / invalid json","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"update failed","schema":{"type":"string"}}}}},"/me":{"get":{"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"produces":["application/json"],"tags":["Me"],"summary":"Get current user profile","operationId":"GetMe","responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/handlers.meResponse"}}}},"patch":{"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["Me"],"summary":"Update current user profile","operationId":"UpdateMe","parameters":[{"description":"Patch profile","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/handlers.updateMeRequest"}}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/models.User"}}}}},"/me/api-keys":{"get":{"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"produces":["application/json"],"tags":["MeAPIKeys"],"summary":"List my API keys","operationId":"ListUserAPIKeys","responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/handlers.userAPIKeyOut"}}}}},"post":{"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"description":"Returns the plaintext key once. Store it securely on the client side.","consumes":["application/json"],"produces":["application/json"],"tags":["MeAPIKeys"],"summary":"Create a new user API key","operationId":"CreateUserAPIKey","parameters":[{"description":"Key options","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/handlers.createUserKeyRequest"}}],"responses":{"201":{"description":"Created","schema":{"$ref":"#/definitions/handlers.userAPIKeyOut"}}}}},"/me/api-keys/{id}":{"delete":{"security":[{"BearerAuth":[]}],"produces":["application/json"],"tags":["MeAPIKeys"],"summary":"Delete a user API key","operationId":"DeleteUserAPIKey","parameters":[{"type":"string","description":"Key ID (UUID)","name":"id","in":"path","required":true}],"responses":{"204":{"description":"No Content"}}}},"/node-pools":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns node pools for the organization in X-Org-ID.","consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"List node pools (org scoped)","operationId":"ListNodePools","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Name contains (case-insensitive)","name":"q","in":"query"}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.NodePoolResponse"}}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"failed to list node pools","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Creates a node pool. Optionally attach initial servers.","consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"Create node pool (org scoped)","operationId":"CreateNodePool","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"description":"NodePool payload","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.CreateNodePoolRequest"}}],"responses":{"201":{"description":"Created","schema":{"$ref":"#/definitions/dto.NodePoolResponse"}},"400":{"description":"invalid json / missing fields / invalid server_ids","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"create failed","schema":{"type":"string"}}}}},"/node-pools/{id}":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns one node pool. Add ` + "`" + `include=servers` + "`" + ` to include servers.","consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"Get node pool by ID (org scoped)","operationId":"GetNodePool","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Pool ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.NodePoolResponse"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"fetch failed","schema":{"type":"string"}}}},"delete":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Permanently deletes the node pool.","consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"Delete node pool (org scoped)","operationId":"DeleteNodePool","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Pool ID (UUID)","name":"id","in":"path","required":true}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"delete failed","schema":{"type":"string"}}}},"patch":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Partially update node pool fields.","consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"Update node pool (org scoped)","operationId":"UpdateNodePool","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Pool ID (UUID)","name":"id","in":"path","required":true},{"description":"Fields to update","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.UpdateNodePoolRequest"}}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.NodePoolResponse"}},"400":{"description":"invalid id / invalid json","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"update failed","schema":{"type":"string"}}}}},"/node-pools/{id}/annotations":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"List annotations attached to a node pool (org scoped)","operationId":"ListNodePoolAnnotations","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Pool ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.AnnotationResponse"}}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"fetch failed","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"Attach annotation to a node pool (org scoped)","operationId":"AttachNodePoolAnnotations","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Group ID (UUID)","name":"id","in":"path","required":true},{"description":"Annotation IDs to attach","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.AttachAnnotationsRequest"}}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id / invalid server_ids","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"attach failed","schema":{"type":"string"}}}}},"/node-pools/{id}/annotations/{annotationId}":{"delete":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"Detach one annotation from a node pool (org scoped)","operationId":"DetachNodePoolAnnotation","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Pool ID (UUID)","name":"id","in":"path","required":true},{"type":"string","description":"Annotation ID (UUID)","name":"annotationId","in":"path","required":true}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"detach failed","schema":{"type":"string"}}}}},"/node-pools/{id}/labels":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"List labels attached to a node pool (org scoped)","operationId":"ListNodePoolLabels","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Label Pool ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.LabelResponse"}}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"fetch failed","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"Attach labels to a node pool (org scoped)","operationId":"AttachNodePoolLabels","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Pool ID (UUID)","name":"id","in":"path","required":true},{"description":"Label IDs to attach","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.AttachLabelsRequest"}}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id / invalid server_ids","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"attach failed","schema":{"type":"string"}}}}},"/node-pools/{id}/labels/{labelId}":{"delete":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"Detach one label from a node pool (org scoped)","operationId":"DetachNodePoolLabel","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Pool ID (UUID)","name":"id","in":"path","required":true},{"type":"string","description":"Label ID (UUID)","name":"labelId","in":"path","required":true}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"detach failed","schema":{"type":"string"}}}}},"/node-pools/{id}/servers":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"List servers attached to a node pool (org scoped)","operationId":"ListNodePoolServers","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Pool ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.ServerResponse"}}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"fetch failed","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"Attach servers to a node pool (org scoped)","operationId":"AttachNodePoolServers","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Pool ID (UUID)","name":"id","in":"path","required":true},{"description":"Server IDs to attach","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.AttachServersRequest"}}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id / invalid server_ids","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"attach failed","schema":{"type":"string"}}}}},"/node-pools/{id}/servers/{serverId}":{"delete":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"Detach one server from a node pool (org scoped)","operationId":"DetachNodePoolServer","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Pool ID (UUID)","name":"id","in":"path","required":true},{"type":"string","description":"Server ID (UUID)","name":"serverId","in":"path","required":true}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"detach failed","schema":{"type":"string"}}}}},"/node-pools/{id}/taints":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"List taints attached to a node pool (org scoped)","operationId":"ListNodePoolTaints","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Pool ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.TaintResponse"}}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"fetch failed","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"Attach taints to a node pool (org scoped)","operationId":"AttachNodePoolTaints","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Pool ID (UUID)","name":"id","in":"path","required":true},{"description":"Taint IDs to attach","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.AttachTaintsRequest"}}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id / invalid taint_ids","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"attach failed","schema":{"type":"string"}}}}},"/node-pools/{id}/taints/{taintId}":{"delete":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"Detach one taint from a node pool (org scoped)","operationId":"DetachNodePoolTaint","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Pool ID (UUID)","name":"id","in":"path","required":true},{"type":"string","description":"Taint ID (UUID)","name":"taintId","in":"path","required":true}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"detach failed","schema":{"type":"string"}}}}},"/orgs":{"get":{"security":[{"BearerAuth":[]}],"produces":["application/json"],"tags":["Orgs"],"summary":"List organizations I belong to","operationId":"listMyOrgs","responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/models.Organization"}}},"401":{"description":"Unauthorized","schema":{"$ref":"#/definitions/utils.ErrorResponse"}}}},"post":{"security":[{"BearerAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["Orgs"],"summary":"Create organization","operationId":"createOrg","parameters":[{"description":"Org payload","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/handlers.orgCreateReq"}}],"responses":{"201":{"description":"Created","schema":{"$ref":"#/definitions/models.Organization"}},"400":{"description":"Bad Request","schema":{"$ref":"#/definitions/utils.ErrorResponse"}},"401":{"description":"Unauthorized","schema":{"$ref":"#/definitions/utils.ErrorResponse"}},"409":{"description":"Conflict","schema":{"$ref":"#/definitions/utils.ErrorResponse"}}}}},"/orgs/{id}":{"get":{"security":[{"BearerAuth":[]}],"produces":["application/json"],"tags":["Orgs"],"summary":"Get organization","operationId":"getOrg","parameters":[{"type":"string","description":"Org ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/models.Organization"}},"401":{"description":"Unauthorized","schema":{"$ref":"#/definitions/utils.ErrorResponse"}},"404":{"description":"Not Found","schema":{"$ref":"#/definitions/utils.ErrorResponse"}}}},"delete":{"security":[{"BearerAuth":[]}],"produces":["application/json"],"tags":["Orgs"],"summary":"Delete organization (owner)","operationId":"deleteOrg","parameters":[{"type":"string","description":"Org ID (UUID)","name":"id","in":"path","required":true}],"responses":{"204":{"description":"Deleted"},"401":{"description":"Unauthorized","schema":{"$ref":"#/definitions/utils.ErrorResponse"}},"404":{"description":"Not Found","schema":{"$ref":"#/definitions/utils.ErrorResponse"}}}},"patch":{"security":[{"BearerAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["Orgs"],"summary":"Update organization (owner/admin)","operationId":"updateOrg","parameters":[{"type":"string","description":"Org ID (UUID)","name":"id","in":"path","required":true},{"description":"Update payload","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/handlers.orgUpdateReq"}}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/models.Organization"}},"401":{"description":"Unauthorized","schema":{"$ref":"#/definitions/utils.ErrorResponse"}},"404":{"description":"Not Found","schema":{"$ref":"#/definitions/utils.ErrorResponse"}}}}},"/orgs/{id}/api-keys":{"get":{"security":[{"BearerAuth":[]}],"produces":["application/json"],"tags":["Orgs"],"summary":"List org-scoped API keys (no secrets)","operationId":"listOrgKeys","parameters":[{"type":"string","description":"Org ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/models.APIKey"}}},"401":{"description":"Unauthorized","schema":{"$ref":"#/definitions/utils.ErrorResponse"}}}},"post":{"security":[{"BearerAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["Orgs"],"summary":"Create org key/secret pair (owner/admin)","operationId":"createOrgKey","parameters":[{"type":"string","description":"Org ID (UUID)","name":"id","in":"path","required":true},{"description":"Key name + optional expiry","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/handlers.orgKeyCreateReq"}}],"responses":{"201":{"description":"Created","schema":{"$ref":"#/definitions/handlers.orgKeyCreateResp"}},"401":{"description":"Unauthorized","schema":{"$ref":"#/definitions/utils.ErrorResponse"}}}}},"/orgs/{id}/api-keys/{key_id}":{"delete":{"security":[{"BearerAuth":[]}],"produces":["application/json"],"tags":["Orgs"],"summary":"Delete org key (owner/admin)","operationId":"deleteOrgKey","parameters":[{"type":"string","description":"Org ID (UUID)","name":"id","in":"path","required":true},{"type":"string","description":"Key ID (UUID)","name":"key_id","in":"path","required":true}],"responses":{"204":{"description":"Deleted"},"401":{"description":"Unauthorized","schema":{"$ref":"#/definitions/utils.ErrorResponse"}}}}},"/orgs/{id}/members":{"get":{"security":[{"BearerAuth":[]}],"produces":["application/json"],"tags":["Orgs"],"summary":"List members in org","operationId":"listMembers","parameters":[{"type":"string","description":"Org ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/handlers.memberOut"}}},"401":{"description":"Unauthorized","schema":{"$ref":"#/definitions/utils.ErrorResponse"}}}},"post":{"security":[{"BearerAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["Orgs"],"summary":"Add or update a member (owner/admin)","operationId":"addOrUpdateMember","parameters":[{"type":"string","description":"Org ID (UUID)","name":"id","in":"path","required":true},{"description":"User \u0026 role","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/handlers.memberUpsertReq"}}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/handlers.memberOut"}},"401":{"description":"Unauthorized","schema":{"$ref":"#/definitions/utils.ErrorResponse"}}}}},"/orgs/{id}/members/{user_id}":{"delete":{"security":[{"BearerAuth":[]}],"produces":["application/json"],"tags":["Orgs"],"summary":"Remove a member (owner/admin)","operationId":"removeMember","parameters":[{"type":"string","description":"Org ID (UUID)","name":"id","in":"path","required":true},{"type":"string","description":"User ID (UUID)","name":"user_id","in":"path","required":true}],"responses":{"204":{"description":"Removed"},"401":{"description":"Unauthorized","schema":{"$ref":"#/definitions/utils.ErrorResponse"}}}}},"/servers":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns servers for the organization in X-Org-ID. Optional filters: status, role.","consumes":["application/json"],"produces":["application/json"],"tags":["Servers"],"summary":"List servers (org scoped)","operationId":"ListServers","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Filter by status (pending|provisioning|ready|failed)","name":"status","in":"query"},{"type":"string","description":"Filter by role","name":"role","in":"query"}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.ServerResponse"}}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"failed to list servers","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Creates a server bound to the org in X-Org-ID. Validates that ssh_key_id belongs to the org.","consumes":["application/json"],"produces":["application/json"],"tags":["Servers"],"summary":"Create server (org scoped)","operationId":"CreateServer","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"description":"Server payload","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.CreateServerRequest"}}],"responses":{"201":{"description":"Created","schema":{"$ref":"#/definitions/dto.ServerResponse"}},"400":{"description":"invalid json / missing fields / invalid status / invalid ssh_key_id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"create failed","schema":{"type":"string"}}}}},"/servers/{id}":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns one server in the given organization.","consumes":["application/json"],"produces":["application/json"],"tags":["Servers"],"summary":"Get server by ID (org scoped)","operationId":"GetServer","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Server ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.ServerResponse"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"fetch failed","schema":{"type":"string"}}}},"delete":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Permanently deletes the server.","consumes":["application/json"],"produces":["application/json"],"tags":["Servers"],"summary":"Delete server (org scoped)","operationId":"DeleteServer","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Server ID (UUID)","name":"id","in":"path","required":true}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"delete failed","schema":{"type":"string"}}}},"patch":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Partially update fields; changing ssh_key_id validates ownership.","consumes":["application/json"],"produces":["application/json"],"tags":["Servers"],"summary":"Update server (org scoped)","operationId":"UpdateServer","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Server ID (UUID)","name":"id","in":"path","required":true},{"description":"Fields to update","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.UpdateServerRequest"}}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.ServerResponse"}},"400":{"description":"invalid id / invalid json / invalid status / invalid ssh_key_id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"update failed","schema":{"type":"string"}}}}},"/servers/{id}/reset-hostkey":{"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Clears the stored SSH host key for this server. The next SSH connection will re-learn the host key (trust-on-first-use).","consumes":["application/json"],"produces":["application/json"],"tags":["Servers"],"summary":"Reset SSH host key (org scoped)","operationId":"ResetServerHostKey","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Server ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.ServerResponse"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"reset failed","schema":{"type":"string"}}}}},"/ssh":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns ssh keys for the organization in X-Org-ID.","consumes":["application/json"],"produces":["application/json"],"tags":["Ssh"],"summary":"List ssh keys (org scoped)","operationId":"ListPublicSshKeys","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.SshResponse"}}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"failed to list keys","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Generates an RSA or ED25519 keypair, saves it, and returns metadata. For RSA you may set bits (2048/3072/4096). Default is 4096. ED25519 ignores bits.","consumes":["application/json"],"produces":["application/json"],"tags":["Ssh"],"summary":"Create ssh keypair (org scoped)","operationId":"CreateSSHKey","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"description":"Key generation options","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.CreateSSHRequest"}}],"responses":{"201":{"description":"Created","schema":{"$ref":"#/definitions/dto.SshResponse"}},"400":{"description":"invalid json / invalid bits","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"generation/create failed","schema":{"type":"string"}}}}},"/ssh/{id}":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns public key fields. Append ` + "`" + `?reveal=true` + "`" + ` to include the private key PEM.","consumes":["application/json"],"produces":["application/json"],"tags":["Ssh"],"summary":"Get ssh key by ID (org scoped)","operationId":"GetSSHKey","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"SSH Key ID (UUID)","name":"id","in":"path","required":true},{"type":"boolean","description":"Reveal private key PEM","name":"reveal","in":"query"}],"responses":{"200":{"description":"When reveal=true","schema":{"$ref":"#/definitions/dto.SshRevealResponse"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"fetch failed","schema":{"type":"string"}}}},"delete":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Permanently deletes a keypair.","consumes":["application/json"],"produces":["application/json"],"tags":["Ssh"],"summary":"Delete ssh keypair (org scoped)","operationId":"DeleteSSHKey","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"SSH Key ID (UUID)","name":"id","in":"path","required":true}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"delete failed","schema":{"type":"string"}}}}},"/ssh/{id}/download":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Download ` + "`" + `part=public|private|both` + "`" + ` of the keypair. ` + "`" + `both` + "`" + ` returns a zip file.","produces":["application/json"],"tags":["Ssh"],"summary":"Download ssh key files by ID (org scoped)","operationId":"DownloadSSHKey","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header","required":true},{"type":"string","description":"SSH Key ID (UUID)","name":"id","in":"path","required":true},{"enum":["public","private","both"],"type":"string","description":"Which part to download","name":"part","in":"query","required":true}],"responses":{"200":{"description":"file content","schema":{"type":"string"}},"400":{"description":"invalid id / invalid part","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"download failed","schema":{"type":"string"}}}}},"/taints":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns node taints for the organization in X-Org-ID. Filters: ` + "`" + `key` + "`" + `, ` + "`" + `value` + "`" + `, and ` + "`" + `q` + "`" + ` (key contains). Add ` + "`" + `include=node_pools` + "`" + ` to include linked node pools.","consumes":["application/json"],"produces":["application/json"],"tags":["Taints"],"summary":"List node pool taints (org scoped)","operationId":"ListTaints","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Exact key","name":"key","in":"query"},{"type":"string","description":"Exact value","name":"value","in":"query"},{"type":"string","description":"key contains (case-insensitive)","name":"q","in":"query"}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.TaintResponse"}}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"failed to list node taints","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Creates a taint.","consumes":["application/json"],"produces":["application/json"],"tags":["Taints"],"summary":"Create node taint (org scoped)","operationId":"CreateTaint","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"description":"Taint payload","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.CreateTaintRequest"}}],"responses":{"201":{"description":"Created","schema":{"$ref":"#/definitions/dto.TaintResponse"}},"400":{"description":"invalid json / missing fields / invalid node_pool_ids","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"create failed","schema":{"type":"string"}}}}},"/taints/{id}":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["Taints"],"summary":"Get node taint by ID (org scoped)","operationId":"GetTaint","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Taint ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.TaintResponse"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"fetch failed","schema":{"type":"string"}}}},"delete":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Permanently deletes the taint.","consumes":["application/json"],"produces":["application/json"],"tags":["Taints"],"summary":"Delete taint (org scoped)","operationId":"DeleteTaint","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Taint ID (UUID)","name":"id","in":"path","required":true}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"delete failed","schema":{"type":"string"}}}},"patch":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Partially update taint fields.","consumes":["application/json"],"produces":["application/json"],"tags":["Taints"],"summary":"Update node taint (org scoped)","operationId":"UpdateTaint","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Taint ID (UUID)","name":"id","in":"path","required":true},{"description":"Fields to update","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.UpdateTaintRequest"}}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.TaintResponse"}},"400":{"description":"invalid id / invalid json","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"update failed","schema":{"type":"string"}}}}},"/version":{"get":{"description":"Returns build/runtime metadata for the running service.","consumes":["application/json"],"produces":["application/json"],"tags":["Meta"],"summary":"Service version information","operationId":"Version // operationId","responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/handlers.VersionResponse"}}}}}},"definitions":{"dto.AnnotationResponse":{"type":"object","properties":{"created_at":{"type":"string"},"id":{"type":"string"},"key":{"type":"string"},"organization_id":{"type":"string"},"updated_at":{"type":"string"},"value":{"type":"string"}}},"dto.AttachAnnotationsRequest":{"type":"object","properties":{"annotation_ids":{"type":"array","items":{"type":"string"}}}},"dto.AttachLabelsRequest":{"type":"object","properties":{"label_ids":{"type":"array","items":{"type":"string"}}}},"dto.AttachServersRequest":{"type":"object","properties":{"server_ids":{"type":"array","items":{"type":"string"}}}},"dto.AttachTaintsRequest":{"type":"object","properties":{"taint_ids":{"type":"array","items":{"type":"string"}}}},"dto.AuthStartResponse":{"type":"object","properties":{"auth_url":{"type":"string","example":"https://accounts.google.com/o/oauth2/v2/auth?client_id=..."}}},"dto.ClusterResponse":{"type":"object","properties":{"bastion_server":{"$ref":"#/definitions/dto.ServerResponse"},"captain_domain":{"type":"string"},"certificate_key":{"type":"string"},"cluster_load_balancer":{"type":"string"},"control_load_balancer":{"type":"string"},"created_at":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"node_pools":{"type":"array","items":{"$ref":"#/definitions/dto.NodePoolResponse"}},"provider":{"type":"string"},"random_token":{"type":"string"},"region":{"type":"string"},"status":{"type":"string"},"updated_at":{"type":"string"}}},"dto.CreateAnnotationRequest":{"type":"object","properties":{"key":{"type":"string"},"value":{"type":"string"}}},"dto.CreateClusterRequest":{"type":"object","properties":{"captain_domain":{"type":"string"},"cluster_load_balancer":{"type":"string"},"control_load_balancer":{"type":"string"},"name":{"type":"string"},"provider":{"type":"string"},"region":{"type":"string"},"status":{"type":"string"}}},"dto.CreateCredentialRequest":{"type":"object","required":["kind","provider","schema_version","scope","scope_kind","scope_version","secret"],"properties":{"account_id":{"type":"string","maxLength":32},"kind":{"description":"aws_access_key, api_token, basic_auth, oauth2","type":"string"},"name":{"description":"human label","type":"string","maxLength":100},"provider":{"type":"string","enum":["aws","cloudflare","hetzner","digitalocean","generic"]},"region":{"type":"string","maxLength":32},"schema_version":{"description":"secret schema version","type":"integer","minimum":1},"scope":{"description":"{\"service\":\"route53\"} or {\"arn\":\"...\"}","type":"object"},"scope_kind":{"type":"string","enum":["provider","service","resource"]},"scope_version":{"description":"scope schema version","type":"integer","minimum":1},"secret":{"description":"encrypted later","type":"object"}}},"dto.CreateDomainRequest":{"type":"object","required":["credential_id","domain_name"],"properties":{"credential_id":{"type":"string"},"domain_name":{"type":"string"},"zone_id":{"type":"string","maxLength":128}}},"dto.CreateLabelRequest":{"type":"object","properties":{"key":{"type":"string"},"value":{"type":"string"}}},"dto.CreateNodePoolRequest":{"type":"object","properties":{"name":{"type":"string"},"role":{"type":"string","enum":["master","worker"]}}},"dto.CreateRecordSetRequest":{"type":"object","required":["name","type"],"properties":{"name":{"description":"Name relative to domain (\"endpoint\") OR FQDN (\"endpoint.example.com\").\nServer normalizes to relative.","type":"string","maxLength":253},"ttl":{"type":"integer","maximum":86400,"minimum":1},"type":{"type":"string"},"values":{"type":"array","items":{"type":"string"}}}},"dto.CreateSSHRequest":{"type":"object","properties":{"bits":{"description":"Only for RSA","type":"integer"},"comment":{"type":"string","example":"deploy@autoglue"},"name":{"type":"string"},"type":{"description":"\"rsa\" (default) or \"ed25519\"","type":"string"}}},"dto.CreateServerRequest":{"type":"object","properties":{"hostname":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"role":{"type":"string","enum":["master","worker","bastion"],"example":"master|worker|bastion"},"ssh_key_id":{"type":"string"},"ssh_user":{"type":"string"},"status":{"type":"string","enum":["pending","provisioning","ready","failed"],"example":"pending|provisioning|ready|failed"}}},"dto.CreateTaintRequest":{"type":"object","properties":{"effect":{"type":"string"},"key":{"type":"string"},"value":{"type":"string"}}},"dto.CredentialOut":{"type":"object","properties":{"account_id":{"type":"string"},"created_at":{"type":"string"},"id":{"type":"string"},"kind":{"type":"string"},"name":{"type":"string"},"provider":{"type":"string"},"region":{"type":"string"},"schema_version":{"type":"integer"},"scope":{"type":"object"},"scope_kind":{"type":"string"},"scope_version":{"type":"integer"},"updated_at":{"type":"string"}}},"dto.DomainResponse":{"type":"object","properties":{"created_at":{"type":"string"},"credential_id":{"type":"string"},"domain_name":{"type":"string"},"id":{"type":"string"},"last_error":{"type":"string"},"organization_id":{"type":"string"},"status":{"type":"string"},"updated_at":{"type":"string"},"zone_id":{"type":"string"}}},"dto.EnqueueRequest":{"type":"object","properties":{"payload":{"type":"object"},"queue":{"type":"string","example":"default"},"run_at":{"type":"string","example":"2025-11-05T08:00:00Z"},"type":{"type":"string","example":"email.send"}}},"dto.JWK":{"type":"object","properties":{"alg":{"type":"string","example":"RS256"},"e":{"type":"string","example":"AQAB"},"kid":{"type":"string","example":"7c6f1d0a-7a98-4e6a-9dbf-6b1af4b9f345"},"kty":{"type":"string","example":"RSA"},"n":{"type":"string"},"use":{"type":"string","example":"sig"},"x":{"type":"string"}}},"dto.JWKS":{"type":"object","properties":{"keys":{"type":"array","items":{"$ref":"#/definitions/dto.JWK"}}}},"dto.Job":{"type":"object","properties":{"attempts":{"type":"integer","example":0},"created_at":{"type":"string","example":"2025-11-04T09:30:00Z"},"id":{"type":"string","example":"01HF7SZK8Z8WG1M3J7S2Z8M2N6"},"last_error":{"type":"string","example":"error message"},"max_attempts":{"type":"integer","example":3},"payload":{},"queue":{"type":"string","example":"default"},"run_at":{"type":"string","example":"2025-11-04T09:30:00Z"},"status":{"enum":["queued|running|succeeded|failed|canceled|retrying|scheduled"],"allOf":[{"$ref":"#/definitions/dto.JobStatus"}],"example":"queued"},"type":{"type":"string","example":"email.send"},"updated_at":{"type":"string","example":"2025-11-04T09:30:00Z"}}},"dto.JobStatus":{"type":"string","enum":["queued","running","succeeded","failed","canceled","retrying","scheduled"],"x-enum-varnames":["StatusQueued","StatusRunning","StatusSucceeded","StatusFailed","StatusCanceled","StatusRetrying","StatusScheduled"]},"dto.LabelResponse":{"type":"object","properties":{"created_at":{"type":"string"},"id":{"type":"string"},"key":{"type":"string"},"organization_id":{"type":"string"},"updated_at":{"type":"string"},"value":{"type":"string"}}},"dto.LogoutRequest":{"type":"object","properties":{"refresh_token":{"type":"string","example":"m0l9o8rT3t0V8d3eFf..."}}},"dto.NodePoolResponse":{"type":"object","properties":{"annotations":{"type":"array","items":{"$ref":"#/definitions/dto.AnnotationResponse"}},"created_at":{"type":"string"},"id":{"type":"string"},"labels":{"type":"array","items":{"$ref":"#/definitions/dto.LabelResponse"}},"name":{"type":"string"},"organization_id":{"type":"string"},"role":{"type":"string","enum":["master","worker"]},"servers":{"type":"array","items":{"$ref":"#/definitions/dto.ServerResponse"}},"taints":{"type":"array","items":{"$ref":"#/definitions/dto.TaintResponse"}},"updated_at":{"type":"string"}}},"dto.PageJob":{"type":"object","properties":{"items":{"type":"array","items":{"$ref":"#/definitions/dto.Job"}},"page":{"type":"integer","example":1},"page_size":{"type":"integer","example":25},"total":{"type":"integer","example":120}}},"dto.QueueInfo":{"type":"object","properties":{"failed":{"type":"integer","example":5},"name":{"type":"string","example":"default"},"pending":{"type":"integer","example":42},"running":{"type":"integer","example":3},"scheduled":{"type":"integer","example":7}}},"dto.RecordSetResponse":{"type":"object","properties":{"created_at":{"type":"string"},"domain_id":{"type":"string"},"fingerprint":{"type":"string"},"id":{"type":"string"},"last_error":{"type":"string"},"name":{"type":"string"},"owner":{"type":"string"},"status":{"type":"string"},"ttl":{"type":"integer"},"type":{"type":"string"},"updated_at":{"type":"string"},"values":{"description":"[]string JSON","type":"object"}}},"dto.RefreshRequest":{"type":"object","properties":{"refresh_token":{"type":"string","example":"m0l9o8rT3t0V8d3eFf..."}}},"dto.ServerResponse":{"type":"object","properties":{"created_at":{"type":"string"},"hostname":{"type":"string"},"id":{"type":"string"},"organization_id":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"role":{"type":"string","enum":["master","worker","bastion"],"example":"master|worker|bastion"},"ssh_key_id":{"type":"string"},"ssh_user":{"type":"string"},"status":{"type":"string","enum":["pending","provisioning","ready","failed"],"example":"pending|provisioning|ready|failed"},"updated_at":{"type":"string"}}},"dto.SshResponse":{"type":"object","properties":{"created_at":{"type":"string"},"fingerprint":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"organization_id":{"type":"string"},"public_key":{"type":"string"},"updated_at":{"type":"string"}}},"dto.SshRevealResponse":{"type":"object","properties":{"created_at":{"type":"string"},"fingerprint":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"organization_id":{"type":"string"},"private_key":{"type":"string"},"public_key":{"type":"string"},"updated_at":{"type":"string"}}},"dto.TaintResponse":{"type":"object","properties":{"created_at":{"type":"string"},"effect":{"type":"string"},"id":{"type":"string"},"key":{"type":"string"},"organization_id":{"type":"string"},"updated_at":{"type":"string"},"value":{"type":"string"}}},"dto.TokenPair":{"type":"object","properties":{"access_token":{"type":"string","example":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ij..."},"expires_in":{"type":"integer","example":3600},"refresh_token":{"type":"string","example":"m0l9o8rT3t0V8d3eFf...."},"token_type":{"type":"string","example":"Bearer"}}},"dto.UpdateAnnotationRequest":{"type":"object","properties":{"key":{"type":"string"},"value":{"type":"string"}}},"dto.UpdateCredentialRequest":{"type":"object","properties":{"account_id":{"type":"string"},"name":{"type":"string"},"region":{"type":"string"},"scope":{"type":"object"},"scope_kind":{"type":"string"},"scope_version":{"type":"integer"},"secret":{"description":"set if rotating","type":"object"}}},"dto.UpdateDomainRequest":{"type":"object","properties":{"credential_id":{"type":"string"},"domain_name":{"type":"string"},"status":{"type":"string","enum":["pending","provisioning","ready","failed"]},"zone_id":{"type":"string","maxLength":128}}},"dto.UpdateLabelRequest":{"type":"object","properties":{"key":{"type":"string"},"value":{"type":"string"}}},"dto.UpdateNodePoolRequest":{"type":"object","properties":{"name":{"type":"string"},"role":{"type":"string","enum":["master","worker"]}}},"dto.UpdateRecordSetRequest":{"type":"object","properties":{"name":{"description":"Any change flips status back to pending (worker will UPSERT)","type":"string","maxLength":253},"status":{"type":"string","enum":["pending","provisioning","ready","failed"]},"ttl":{"type":"integer","maximum":86400,"minimum":1},"type":{"type":"string"},"values":{"type":"array","items":{"type":"string"}}}},"dto.UpdateServerRequest":{"type":"object","properties":{"hostname":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"role":{"type":"string","enum":["master","worker","bastion"],"example":"master|worker|bastion"},"ssh_key_id":{"type":"string"},"ssh_user":{"type":"string"},"status":{"type":"string","enum":["pending","provisioning","ready","failed"],"example":"pending|provisioning|ready|failed"}}},"dto.UpdateTaintRequest":{"type":"object","properties":{"effect":{"type":"string"},"key":{"type":"string"},"value":{"type":"string"}}},"handlers.HealthStatus":{"type":"object","properties":{"status":{"type":"string","example":"ok"}}},"handlers.VersionResponse":{"type":"object","properties":{"built":{"type":"string","example":"2025-11-08T12:34:56Z"},"builtBy":{"type":"string","example":"ci"},"commit":{"type":"string","example":"a1b2c3d"},"commitTime":{"type":"string","example":"2025-11-08T12:31:00Z"},"go":{"type":"string","example":"go1.23.3"},"goArch":{"type":"string","example":"amd64"},"goOS":{"type":"string","example":"linux"},"modified":{"type":"boolean","example":false},"revision":{"type":"string","example":"a1b2c3d4e5f6abcdef"},"vcs":{"type":"string","example":"git"},"version":{"type":"string","example":"1.4.2"}}},"handlers.createUserKeyRequest":{"type":"object","properties":{"expires_in_hours":{"description":"optional TTL","type":"integer"},"name":{"type":"string"}}},"handlers.meResponse":{"type":"object","properties":{"avatar_url":{"type":"string"},"created_at":{"type":"string","format":"date-time"},"display_name":{"type":"string"},"emails":{"type":"array","items":{"$ref":"#/definitions/models.UserEmail"}},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","type":"string","format":"uuid"},"is_admin":{"type":"boolean"},"is_disabled":{"type":"boolean"},"organizations":{"type":"array","items":{"$ref":"#/definitions/models.Organization"}},"primary_email":{"type":"string"},"updated_at":{"type":"string","format":"date-time"}}},"handlers.memberOut":{"type":"object","properties":{"email":{"type":"string"},"role":{"description":"owner/admin/member","type":"string"},"user_id":{"type":"string","format":"uuid"}}},"handlers.memberUpsertReq":{"type":"object","properties":{"role":{"type":"string","example":"member"},"user_id":{"type":"string","format":"uuid"}}},"handlers.orgCreateReq":{"type":"object","properties":{"domain":{"type":"string","example":"acme.com"},"name":{"type":"string","example":"Acme Corp"}}},"handlers.orgKeyCreateReq":{"type":"object","properties":{"expires_in_hours":{"type":"integer","example":720},"name":{"type":"string","example":"automation-bot"}}},"handlers.orgKeyCreateResp":{"type":"object","properties":{"created_at":{"type":"string"},"expires_at":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"org_key":{"description":"shown once:","type":"string"},"org_secret":{"description":"shown once:","type":"string"},"scope":{"description":"\"org\"","type":"string"}}},"handlers.orgUpdateReq":{"type":"object","properties":{"domain":{"type":"string"},"name":{"type":"string"}}},"handlers.updateMeRequest":{"type":"object","properties":{"display_name":{"type":"string"}}},"handlers.userAPIKeyOut":{"type":"object","properties":{"created_at":{"type":"string"},"expires_at":{"type":"string"},"id":{"type":"string","format":"uuid"},"last_used_at":{"type":"string"},"name":{"type":"string"},"plain":{"description":"Shown only on create:","type":"string"},"scope":{"description":"\"user\"","type":"string"}}},"models.APIKey":{"type":"object","properties":{"created_at":{"type":"string","format":"date-time"},"expires_at":{"type":"string","format":"date-time"},"id":{"type":"string","format":"uuid"},"last_used_at":{"type":"string","format":"date-time"},"name":{"type":"string"},"org_id":{"type":"string","format":"uuid"},"prefix":{"type":"string"},"revoked":{"type":"boolean"},"scope":{"type":"string"},"updated_at":{"type":"string","format":"date-time"},"user_id":{"type":"string","format":"uuid"}}},"models.Organization":{"type":"object","properties":{"created_at":{"type":"string","format":"date-time"},"domain":{"type":"string"},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","type":"string","format":"uuid"},"name":{"type":"string"},"updated_at":{"type":"string","format":"date-time"}}},"models.User":{"type":"object","properties":{"avatar_url":{"type":"string"},"created_at":{"type":"string","format":"date-time"},"display_name":{"type":"string"},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","type":"string","format":"uuid"},"is_admin":{"type":"boolean"},"is_disabled":{"type":"boolean"},"primary_email":{"type":"string"},"updated_at":{"type":"string","format":"date-time"}}},"models.UserEmail":{"type":"object","properties":{"created_at":{"type":"string","format":"date-time"},"email":{"type":"string"},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","type":"string","format":"uuid"},"is_primary":{"type":"boolean"},"is_verified":{"type":"boolean"},"updated_at":{"type":"string","format":"date-time"},"user":{"$ref":"#/definitions/models.User"},"user_id":{"type":"string","format":"uuid"}}},"utils.ErrorResponse":{"type":"object","properties":{"code":{"description":"A machine-readable error code, e.g. \"validation_error\"\nexample: validation_error","type":"string"},"message":{"description":"Human-readable message\nexample: slug is required","type":"string"}}}},"securityDefinitions":{"ApiKeyAuth":{"description":"User API key","type":"apiKey","name":"X-API-KEY","in":"header"},"BearerAuth":{"description":"Bearer token authentication","type":"apiKey","name":"Authorization","in":"header"},"OrgKeyAuth":{"description":"Org-level key/secret authentication","type":"apiKey","name":"X-ORG-KEY","in":"header"},"OrgSecretAuth":{"description":"Org-level secret","type":"apiKey","name":"X-ORG-SECRET","in":"header"}}}` + "schemes": {{ marshal .Schemes }}, + "components": {"schemas":{"dto.AnnotationResponse":{"properties":{"created_at":{"type":"string"},"id":{"type":"string"},"key":{"type":"string"},"organization_id":{"type":"string"},"updated_at":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.AttachAnnotationsRequest":{"properties":{"annotation_ids":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.AttachBastionRequest":{"properties":{"server_id":{"type":"string"}},"type":"object"},"dto.AttachCaptainDomainRequest":{"properties":{"domain_id":{"type":"string"}},"type":"object"},"dto.AttachLabelsRequest":{"properties":{"label_ids":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.AttachLoadBalancerRequest":{"properties":{"load_balancer_id":{"type":"string"}},"type":"object"},"dto.AttachRecordSetRequest":{"properties":{"record_set_id":{"type":"string"}},"type":"object"},"dto.AttachServersRequest":{"properties":{"server_ids":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.AttachTaintsRequest":{"properties":{"taint_ids":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.AuthStartResponse":{"properties":{"auth_url":{"example":"https://accounts.google.com/o/oauth2/v2/auth?client_id=...","type":"string"}},"type":"object"},"dto.ClusterResponse":{"properties":{"apps_load_balancer":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"},"bastion_server":{"$ref":"#/components/schemas/dto.ServerResponse"},"captain_domain":{"$ref":"#/components/schemas/dto.DomainResponse"},"certificate_key":{"type":"string"},"control_plane_record_set":{"$ref":"#/components/schemas/dto.RecordSetResponse"},"created_at":{"type":"string"},"glueops_load_balancer":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"},"id":{"type":"string"},"last_error":{"type":"string"},"name":{"type":"string"},"node_pools":{"items":{"$ref":"#/components/schemas/dto.NodePoolResponse"},"type":"array","uniqueItems":false},"provider":{"type":"string"},"random_token":{"type":"string"},"region":{"type":"string"},"status":{"type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.CreateAnnotationRequest":{"properties":{"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.CreateClusterRequest":{"properties":{"name":{"type":"string"},"provider":{"type":"string"},"region":{"type":"string"}},"type":"object"},"dto.CreateCredentialRequest":{"properties":{"account_id":{"maxLength":32,"type":"string"},"kind":{"description":"aws_access_key, api_token, basic_auth, oauth2","type":"string"},"name":{"description":"human label","maxLength":100,"type":"string"},"provider":{"enum":["aws","cloudflare","hetzner","digitalocean","generic"],"type":"string"},"region":{"maxLength":32,"type":"string"},"schema_version":{"description":"secret schema version","minimum":1,"type":"integer"},"scope":{"description":"{\"service\":\"route53\"} or {\"arn\":\"...\"}","type":"object"},"scope_kind":{"enum":["provider","service","resource"],"type":"string"},"scope_version":{"description":"scope schema version","minimum":1,"type":"integer"},"secret":{"description":"encrypted later","type":"object"}},"required":["kind","provider","schema_version","scope","scope_kind","scope_version","secret"],"type":"object"},"dto.CreateDomainRequest":{"properties":{"credential_id":{"type":"string"},"domain_name":{"type":"string"},"zone_id":{"maxLength":128,"type":"string"}},"required":["credential_id","domain_name"],"type":"object"},"dto.CreateLabelRequest":{"properties":{"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.CreateLoadBalancerRequest":{"properties":{"kind":{"enum":["glueops|public"],"example":"public","type":"string"},"name":{"example":"glueops","type":"string"},"private_ip_address":{"example":"192.168.0.2","type":"string"},"public_ip_address":{"example":"8.8.8.8","type":"string"}},"type":"object"},"dto.CreateNodePoolRequest":{"properties":{"name":{"type":"string"},"role":{"enum":["master","worker"],"type":"string"}},"type":"object"},"dto.CreateRecordSetRequest":{"properties":{"name":{"description":"Name relative to domain (\"endpoint\") OR FQDN (\"endpoint.example.com\").\nServer normalizes to relative.","maxLength":253,"type":"string"},"ttl":{"maximum":86400,"minimum":1,"type":"integer"},"type":{"type":"string"},"values":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"required":["name","type"],"type":"object"},"dto.CreateSSHRequest":{"properties":{"bits":{"description":"Only for RSA","type":"integer"},"comment":{"example":"deploy@autoglue","type":"string"},"name":{"type":"string"},"type":{"description":"\"rsa\" (default) or \"ed25519\"","type":"string"}},"type":"object"},"dto.CreateServerRequest":{"properties":{"hostname":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"role":{"enum":["master","worker","bastion"],"example":"master|worker|bastion","type":"string"},"ssh_key_id":{"type":"string"},"ssh_user":{"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"example":"pending|provisioning|ready|failed","type":"string"}},"type":"object"},"dto.CreateTaintRequest":{"properties":{"effect":{"type":"string"},"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.CredentialOut":{"properties":{"account_id":{"type":"string"},"created_at":{"type":"string"},"id":{"type":"string"},"kind":{"type":"string"},"name":{"type":"string"},"provider":{"type":"string"},"region":{"type":"string"},"schema_version":{"type":"integer"},"scope":{"type":"object"},"scope_kind":{"type":"string"},"scope_version":{"type":"integer"},"updated_at":{"type":"string"}},"type":"object"},"dto.DomainResponse":{"properties":{"created_at":{"type":"string"},"credential_id":{"type":"string"},"domain_name":{"type":"string"},"id":{"type":"string"},"last_error":{"type":"string"},"organization_id":{"type":"string"},"status":{"type":"string"},"updated_at":{"type":"string"},"zone_id":{"type":"string"}},"type":"object"},"dto.EnqueueRequest":{"properties":{"payload":{"type":"object"},"queue":{"example":"default","type":"string"},"run_at":{"example":"2025-11-05T08:00:00Z","type":"string"},"type":{"example":"email.send","type":"string"}},"type":"object"},"dto.JWK":{"properties":{"alg":{"example":"RS256","type":"string"},"e":{"example":"AQAB","type":"string"},"kid":{"example":"7c6f1d0a-7a98-4e6a-9dbf-6b1af4b9f345","type":"string"},"kty":{"example":"RSA","type":"string"},"n":{"type":"string"},"use":{"example":"sig","type":"string"},"x":{"type":"string"}},"type":"object"},"dto.JWKS":{"properties":{"keys":{"items":{"$ref":"#/components/schemas/dto.JWK"},"type":"array","uniqueItems":false}},"type":"object"},"dto.Job":{"properties":{"attempts":{"example":0,"type":"integer"},"created_at":{"example":"2025-11-04T09:30:00Z","type":"string"},"id":{"example":"01HF7SZK8Z8WG1M3J7S2Z8M2N6","type":"string"},"last_error":{"example":"error message","type":"string"},"max_attempts":{"example":3,"type":"integer"},"payload":{},"queue":{"example":"default","type":"string"},"run_at":{"example":"2025-11-04T09:30:00Z","type":"string"},"status":{"$ref":"#/components/schemas/dto.JobStatus"},"type":{"example":"email.send","type":"string"},"updated_at":{"example":"2025-11-04T09:30:00Z","type":"string"}},"type":"object"},"dto.JobStatus":{"enum":["queued|running|succeeded|failed|canceled|retrying|scheduled"],"example":"queued","type":"string","x-enum-varnames":["StatusQueued","StatusRunning","StatusSucceeded","StatusFailed","StatusCanceled","StatusRetrying","StatusScheduled"]},"dto.LabelResponse":{"properties":{"created_at":{"type":"string"},"id":{"type":"string"},"key":{"type":"string"},"organization_id":{"type":"string"},"updated_at":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.LoadBalancerResponse":{"properties":{"created_at":{"type":"string"},"id":{"type":"string"},"kind":{"enum":["glueops|public"],"type":"string"},"name":{"type":"string"},"organization_id":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.LogoutRequest":{"properties":{"refresh_token":{"example":"m0l9o8rT3t0V8d3eFf...","type":"string"}},"type":"object"},"dto.NodePoolResponse":{"properties":{"annotations":{"items":{"$ref":"#/components/schemas/dto.AnnotationResponse"},"type":"array","uniqueItems":false},"created_at":{"type":"string"},"id":{"type":"string"},"labels":{"items":{"$ref":"#/components/schemas/dto.LabelResponse"},"type":"array","uniqueItems":false},"name":{"type":"string"},"organization_id":{"type":"string"},"role":{"enum":["master","worker"],"type":"string"},"servers":{"items":{"$ref":"#/components/schemas/dto.ServerResponse"},"type":"array","uniqueItems":false},"taints":{"items":{"$ref":"#/components/schemas/dto.TaintResponse"},"type":"array","uniqueItems":false},"updated_at":{"type":"string"}},"type":"object"},"dto.PageJob":{"properties":{"items":{"items":{"$ref":"#/components/schemas/dto.Job"},"type":"array","uniqueItems":false},"page":{"example":1,"type":"integer"},"page_size":{"example":25,"type":"integer"},"total":{"example":120,"type":"integer"}},"type":"object"},"dto.QueueInfo":{"properties":{"failed":{"example":5,"type":"integer"},"name":{"example":"default","type":"string"},"pending":{"example":42,"type":"integer"},"running":{"example":3,"type":"integer"},"scheduled":{"example":7,"type":"integer"}},"type":"object"},"dto.RecordSetResponse":{"properties":{"created_at":{"type":"string"},"domain_id":{"type":"string"},"fingerprint":{"type":"string"},"id":{"type":"string"},"last_error":{"type":"string"},"name":{"type":"string"},"owner":{"type":"string"},"status":{"type":"string"},"ttl":{"type":"integer"},"type":{"type":"string"},"updated_at":{"type":"string"},"values":{"description":"[]string JSON","type":"object"}},"type":"object"},"dto.RefreshRequest":{"properties":{"refresh_token":{"example":"m0l9o8rT3t0V8d3eFf...","type":"string"}},"type":"object"},"dto.ServerResponse":{"properties":{"created_at":{"type":"string"},"hostname":{"type":"string"},"id":{"type":"string"},"organization_id":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"role":{"enum":["master","worker","bastion"],"example":"master|worker|bastion","type":"string"},"ssh_key_id":{"type":"string"},"ssh_user":{"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"example":"pending|provisioning|ready|failed","type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.SetKubeconfigRequest":{"properties":{"kubeconfig":{"type":"string"}},"type":"object"},"dto.SshResponse":{"properties":{"created_at":{"type":"string"},"fingerprint":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"organization_id":{"type":"string"},"public_key":{"type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.SshRevealResponse":{"properties":{"created_at":{"type":"string"},"fingerprint":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"organization_id":{"type":"string"},"private_key":{"type":"string"},"public_key":{"type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.TaintResponse":{"properties":{"created_at":{"type":"string"},"effect":{"type":"string"},"id":{"type":"string"},"key":{"type":"string"},"organization_id":{"type":"string"},"updated_at":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.TokenPair":{"properties":{"access_token":{"example":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ij...","type":"string"},"expires_in":{"example":3600,"type":"integer"},"refresh_token":{"example":"m0l9o8rT3t0V8d3eFf....","type":"string"},"token_type":{"example":"Bearer","type":"string"}},"type":"object"},"dto.UpdateAnnotationRequest":{"properties":{"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.UpdateClusterRequest":{"properties":{"name":{"type":"string"},"provider":{"type":"string"},"region":{"type":"string"}},"type":"object"},"dto.UpdateCredentialRequest":{"properties":{"account_id":{"type":"string"},"name":{"type":"string"},"region":{"type":"string"},"scope":{"type":"object"},"scope_kind":{"type":"string"},"scope_version":{"type":"integer"},"secret":{"description":"set if rotating","type":"object"}},"type":"object"},"dto.UpdateDomainRequest":{"properties":{"credential_id":{"type":"string"},"domain_name":{"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"type":"string"},"zone_id":{"maxLength":128,"type":"string"}},"type":"object"},"dto.UpdateLabelRequest":{"properties":{"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.UpdateLoadBalancerRequest":{"properties":{"kind":{"enum":["glueops|public"],"example":"public","type":"string"},"name":{"example":"glue","type":"string"},"private_ip_address":{"example":"192.168.0.2","type":"string"},"public_ip_address":{"example":"8.8.8.8","type":"string"}},"type":"object"},"dto.UpdateNodePoolRequest":{"properties":{"name":{"type":"string"},"role":{"enum":["master","worker"],"type":"string"}},"type":"object"},"dto.UpdateRecordSetRequest":{"properties":{"name":{"description":"Any change flips status back to pending (worker will UPSERT)","maxLength":253,"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"type":"string"},"ttl":{"maximum":86400,"minimum":1,"type":"integer"},"type":{"type":"string"},"values":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.UpdateServerRequest":{"properties":{"hostname":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"role":{"enum":["master","worker","bastion"],"example":"master|worker|bastion","type":"string"},"ssh_key_id":{"type":"string"},"ssh_user":{"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"example":"pending|provisioning|ready|failed","type":"string"}},"type":"object"},"dto.UpdateTaintRequest":{"properties":{"effect":{"type":"string"},"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"handlers.HealthStatus":{"properties":{"status":{"example":"ok","type":"string"}},"type":"object"},"handlers.VersionResponse":{"properties":{"built":{"example":"2025-11-08T12:34:56Z","type":"string"},"builtBy":{"example":"ci","type":"string"},"commit":{"example":"a1b2c3d","type":"string"},"commitTime":{"example":"2025-11-08T12:31:00Z","type":"string"},"go":{"example":"go1.23.3","type":"string"},"goArch":{"example":"amd64","type":"string"},"goOS":{"example":"linux","type":"string"},"modified":{"example":false,"type":"boolean"},"revision":{"example":"a1b2c3d4e5f6abcdef","type":"string"},"vcs":{"example":"git","type":"string"},"version":{"example":"1.4.2","type":"string"}},"type":"object"},"handlers.createUserKeyRequest":{"properties":{"expires_in_hours":{"description":"optional TTL","type":"integer"},"name":{"type":"string"}},"type":"object"},"handlers.meResponse":{"properties":{"avatar_url":{"type":"string"},"created_at":{"format":"date-time","type":"string"},"display_name":{"type":"string"},"emails":{"items":{"$ref":"#/components/schemas/models.UserEmail"},"type":"array","uniqueItems":false},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","format":"uuid","type":"string"},"is_admin":{"type":"boolean"},"is_disabled":{"type":"boolean"},"organizations":{"items":{"$ref":"#/components/schemas/models.Organization"},"type":"array","uniqueItems":false},"primary_email":{"type":"string"},"updated_at":{"format":"date-time","type":"string"}},"type":"object"},"handlers.memberOut":{"properties":{"email":{"type":"string"},"role":{"description":"owner/admin/member","type":"string"},"user_id":{"format":"uuid","type":"string"}},"type":"object"},"handlers.memberUpsertReq":{"properties":{"role":{"example":"member","type":"string"},"user_id":{"format":"uuid","type":"string"}},"type":"object"},"handlers.orgCreateReq":{"properties":{"domain":{"example":"acme.com","type":"string"},"name":{"example":"Acme Corp","type":"string"}},"type":"object"},"handlers.orgKeyCreateReq":{"properties":{"expires_in_hours":{"example":720,"type":"integer"},"name":{"example":"automation-bot","type":"string"}},"type":"object"},"handlers.orgKeyCreateResp":{"properties":{"created_at":{"type":"string"},"expires_at":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"org_key":{"description":"shown once:","type":"string"},"org_secret":{"description":"shown once:","type":"string"},"scope":{"description":"\"org\"","type":"string"}},"type":"object"},"handlers.orgUpdateReq":{"properties":{"domain":{"type":"string"},"name":{"type":"string"}},"type":"object"},"handlers.updateMeRequest":{"properties":{"display_name":{"type":"string"}},"type":"object"},"handlers.userAPIKeyOut":{"properties":{"created_at":{"type":"string"},"expires_at":{"type":"string"},"id":{"format":"uuid","type":"string"},"last_used_at":{"type":"string"},"name":{"type":"string"},"plain":{"description":"Shown only on create:","type":"string"},"scope":{"description":"\"user\"","type":"string"}},"type":"object"},"models.APIKey":{"properties":{"created_at":{"format":"date-time","type":"string"},"expires_at":{"format":"date-time","type":"string"},"id":{"format":"uuid","type":"string"},"last_used_at":{"format":"date-time","type":"string"},"name":{"type":"string"},"org_id":{"format":"uuid","type":"string"},"prefix":{"type":"string"},"revoked":{"type":"boolean"},"scope":{"type":"string"},"updated_at":{"format":"date-time","type":"string"},"user_id":{"format":"uuid","type":"string"}},"type":"object"},"models.Organization":{"properties":{"created_at":{"format":"date-time","type":"string"},"domain":{"type":"string"},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","format":"uuid","type":"string"},"name":{"type":"string"},"updated_at":{"format":"date-time","type":"string"}},"type":"object"},"models.User":{"properties":{"avatar_url":{"type":"string"},"created_at":{"format":"date-time","type":"string"},"display_name":{"type":"string"},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","format":"uuid","type":"string"},"is_admin":{"type":"boolean"},"is_disabled":{"type":"boolean"},"primary_email":{"type":"string"},"updated_at":{"format":"date-time","type":"string"}},"type":"object"},"models.UserEmail":{"properties":{"created_at":{"format":"date-time","type":"string"},"email":{"type":"string"},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","format":"uuid","type":"string"},"is_primary":{"type":"boolean"},"is_verified":{"type":"boolean"},"updated_at":{"format":"date-time","type":"string"},"user":{"$ref":"#/components/schemas/models.User"},"user_id":{"format":"uuid","type":"string"}},"type":"object"},"utils.ErrorResponse":{"properties":{"code":{"description":"A machine-readable error code, e.g. \"validation_error\"\nexample: validation_error","type":"string"},"message":{"description":"Human-readable message\nexample: slug is required","type":"string"}},"type":"object"}},"securitySchemes":{"":{"description":"Org-level secret","in":"header","name":"X-ORG-SECRET","type":"apiKey"}}}, + "info": {"contact":{"name":"GlueOps"},"description":"{{escape .Description}}","title":"{{.Title}}","version":"{{.Version}}"}, + "externalDocs": {"description":"","url":""}, + "paths": {"/.well-known/jwks.json":{"get":{"description":"Returns the JSON Web Key Set for token verification","operationId":"getJWKS","responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.JWKS"}}},"description":"OK"}},"summary":"Get JWKS","tags":["Auth"]}},"/admin/archer/jobs":{"get":{"description":"Paginated background jobs with optional filters. Search ` + "`" + `q` + "`" + ` may match id, type, error, payload (implementation-dependent).","operationId":"AdminListArcherJobs","parameters":[{"description":"Filter by status","in":"query","name":"status","schema":{"enum":["queued","running","succeeded","failed","canceled","retrying","scheduled"],"type":"string"}},{"description":"Filter by queue name / worker name","in":"query","name":"queue","schema":{"type":"string"}},{"description":"Free-text search","in":"query","name":"q","schema":{"type":"string"}},{"description":"Page number","in":"query","name":"page","schema":{"default":1,"type":"integer"}},{"description":"Items per page","in":"query","name":"page_size","schema":{"default":25,"maximum":100,"minimum":1,"type":"integer"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.PageJob"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal error"}},"security":[{"BearerAuth":[]}],"summary":"List Archer jobs (admin)","tags":["ArcherAdmin"]},"post":{"description":"Create a job immediately or schedule it for the future via ` + "`" + `run_at` + "`" + `.","operationId":"AdminEnqueueArcherJob","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.EnqueueRequest"}}},"description":"Job parameters","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.Job"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json or missing fields"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal error"}},"security":[{"BearerAuth":[]}],"summary":"Enqueue a new Archer job (admin)","tags":["ArcherAdmin"]}},"/admin/archer/jobs/{id}/cancel":{"post":{"description":"Set job status to canceled if cancellable. For running jobs, this only affects future picks; wire to Archer if you need active kill.","operationId":"AdminCancelArcherJob","parameters":[{"description":"Job ID","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.Job"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid job or not cancellable"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]}],"summary":"Cancel an Archer job (admin)","tags":["ArcherAdmin"]}},"/admin/archer/jobs/{id}/retry":{"post":{"description":"Marks the job retriable (DB flip). Swap this for an Archer admin call if you expose one.","operationId":"AdminRetryArcherJob","parameters":[{"description":"Job ID","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.Job"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid job or not eligible"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]}],"summary":"Retry a failed/canceled Archer job (admin)","tags":["ArcherAdmin"]}},"/admin/archer/queues":{"get":{"description":"Summary metrics per queue (pending, running, failed, scheduled).","operationId":"AdminListArcherQueues","responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.QueueInfo"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal error"}},"security":[{"BearerAuth":[]}],"summary":"List Archer queues (admin)","tags":["ArcherAdmin"]}},"/annotations":{"get":{"description":"Returns annotations for the organization in X-Org-ID. Filters: ` + "`" + `key` + "`" + `, ` + "`" + `value` + "`" + `, and ` + "`" + `q` + "`" + ` (key contains). Add ` + "`" + `include=node_pools` + "`" + ` to include linked node pools.","operationId":"ListAnnotations","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Exact key","in":"query","name":"key","schema":{"type":"string"}},{"description":"Exact value","in":"query","name":"value","schema":{"type":"string"}},{"description":"key contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.AnnotationResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list annotations"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List annotations (org scoped)","tags":["Annotations"]},"post":{"description":"Creates an annotation.","operationId":"CreateAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateAnnotationRequest"}}},"description":"Annotation payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AnnotationResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create annotation (org scoped)","tags":["Annotations"]}},"/annotations/{id}":{"delete":{"description":"Permanently deletes the annotation.","operationId":"DeleteAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Annotation ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete annotation (org scoped)","tags":["Annotations"]},"get":{"description":"Returns one annotation. Add ` + "`" + `include=node_pools` + "`" + ` to include node pools.","operationId":"GetAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Annotation ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AnnotationResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get annotation by ID (org scoped)","tags":["Annotations"]},"patch":{"description":"Partially update annotation fields.","operationId":"UpdateAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Annotation ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateAnnotationRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AnnotationResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update annotation (org scoped)","tags":["Annotations"]}},"/auth/logout":{"post":{"operationId":"Logout","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LogoutRequest"}}},"description":"Refresh token","required":true},"responses":{"204":{"description":"No Content"}},"summary":"Revoke refresh token family (logout everywhere)","tags":["Auth"]}},"/auth/refresh":{"post":{"operationId":"Refresh","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.RefreshRequest"}}},"description":"Refresh token","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TokenPair"}}},"description":"OK"}},"summary":"Rotate refresh token","tags":["Auth"]}},"/auth/{provider}/callback":{"get":{"operationId":"AuthCallback","parameters":[{"description":"google|github","in":"path","name":"provider","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TokenPair"}}},"description":"OK"}},"summary":"Handle social login callback","tags":["Auth"]}},"/auth/{provider}/start":{"post":{"description":"Returns provider authorization URL for the frontend to redirect","operationId":"AuthStart","parameters":[{"description":"google|github","in":"path","name":"provider","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AuthStartResponse"}}},"description":"OK"}},"summary":"Begin social login","tags":["Auth"]}},"/clusters":{"get":{"description":"Returns clusters for the organization in X-Org-ID. Filter by ` + "`" + `q` + "`" + ` (name contains).","operationId":"ListClusters","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Name contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.ClusterResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list clusters"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List clusters (org scoped)","tags":["Clusters"]},"post":{"description":"Creates a cluster. Status is managed by the system and starts as ` + "`" + `pre_pending` + "`" + ` for validation.","operationId":"CreateCluster","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateClusterRequest"}}},"description":"payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create cluster (org scoped)","tags":["Clusters"]}},"/clusters/{clusterID}":{"delete":{"description":"Deletes the cluster. Related resources are cleaned up via DB constraints (e.g. CASCADE).","operationId":"DeleteCluster","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"deleted"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete a cluster (org scoped)","tags":["Clusters"]},"get":{"description":"Returns a cluster with all related resources (domain, record set, load balancers, bastion, node pools).","operationId":"GetCluster","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get a single cluster by ID (org scoped)","tags":["Clusters"]},"patch":{"description":"Updates the cluster name, provider, and/or region. Status is managed by the system.","operationId":"UpdateCluster","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateClusterRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update basic cluster details (org scoped)","tags":["Clusters"]}},"/clusters/{clusterID}/apps-load-balancer":{"delete":{"description":"Clears apps_load_balancer_id on the cluster.","operationId":"DetachAppsLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the apps load balancer from a cluster","tags":["Clusters"]},"post":{"description":"Sets apps_load_balancer_id on the cluster.","operationId":"AttachAppsLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachLoadBalancerRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or load balancer not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach an apps load balancer to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/bastion":{"delete":{"description":"Clears bastion_server_id on the cluster.","operationId":"DetachBastionServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the bastion server from a cluster","tags":["Clusters"]},"post":{"description":"Sets bastion_server_id on the cluster.","operationId":"AttachBastionServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachBastionRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or server not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a bastion server to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/captain-domain":{"delete":{"description":"Clears captain_domain_id on the cluster. This will likely cause the cluster to become incomplete.","operationId":"DetachCaptainDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the captain domain from a cluster","tags":["Clusters"]},"post":{"description":"Sets captain_domain_id on the cluster. Validation of shape happens asynchronously.","operationId":"AttachCaptainDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachCaptainDomainRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or domain not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a captain domain to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/control-plane-record-set":{"delete":{"description":"Clears control_plane_record_set_id on the cluster.","operationId":"DetachControlPlaneRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the control plane record set from a cluster","tags":["Clusters"]},"post":{"description":"Sets control_plane_record_set_id on the cluster.","operationId":"AttachControlPlaneRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachRecordSetRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or record set not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a control plane record set to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/glueops-load-balancer":{"delete":{"description":"Clears glueops_load_balancer_id on the cluster.","operationId":"DetachGlueOpsLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the GlueOps/control-plane load balancer from a cluster","tags":["Clusters"]},"post":{"description":"Sets glueops_load_balancer_id on the cluster.","operationId":"AttachGlueOpsLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachLoadBalancerRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or load balancer not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a GlueOps/control-plane load balancer to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/kubeconfig":{"delete":{"description":"Removes the encrypted kubeconfig, IV, and tag from the cluster record.","operationId":"ClearClusterKubeconfig","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Clear the kubeconfig for a cluster","tags":["Clusters"]},"post":{"description":"Stores the kubeconfig encrypted per organization. The kubeconfig is never returned in responses.","operationId":"SetClusterKubeconfig","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.SetKubeconfigRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Set (or replace) the kubeconfig for a cluster","tags":["Clusters"]}},"/credentials":{"get":{"description":"Returns credential metadata for the current org. Secrets are never returned.","operationId":"ListCredentials","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Filter by provider (e.g., aws)","in":"query","name":"provider","schema":{"type":"string"}},{"description":"Filter by kind (e.g., aws_access_key)","in":"query","name":"kind","schema":{"type":"string"}},{"description":"Filter by scope kind (provider/service/resource)","in":"query","name":"scope_kind","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.CredentialOut"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal server error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List credentials (metadata only)","tags":["Credentials"]},"post":{"operationId":"CreateCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateCredentialRequest"}}},"description":"Credential payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CredentialOut"}}},"description":"Created"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal server error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create a credential (encrypts secret)","tags":["Credentials"]}},"/credentials/{id}":{"delete":{"operationId":"DeleteCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Credential ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete credential","tags":["Credentials"]},"get":{"operationId":"GetCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Credential ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CredentialOut"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal server error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get credential by ID (metadata only)","tags":["Credentials"]},"patch":{"operationId":"UpdateCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Credential ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateCredentialRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CredentialOut"}}},"description":"OK"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"X-Org-ID required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update credential metadata and/or rotate secret","tags":["Credentials"]}},"/credentials/{id}/reveal":{"post":{"operationId":"RevealCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Credential ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"additionalProperties":{},"type":"object"}}},"description":"OK"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Reveal decrypted secret (one-time read)","tags":["Credentials"]}},"/dns/domains":{"get":{"description":"Returns domains for X-Org-ID. Filters: ` + "`" + `domain_name` + "`" + `, ` + "`" + `status` + "`" + `, ` + "`" + `q` + "`" + ` (contains).","operationId":"ListDomains","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Exact domain name (lowercase, no trailing dot)","in":"query","name":"domain_name","schema":{"type":"string"}},{"description":"pending|provisioning|ready|failed","in":"query","name":"status","schema":{"type":"string"}},{"description":"Domain contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.DomainResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List domains (org scoped)","tags":["DNS"]},"post":{"description":"Creates a domain bound to a Route 53 scoped credential. Archer will backfill ZoneID if omitted.","operationId":"CreateDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateDomainRequest"}}},"description":"Domain payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.DomainResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create a domain (org scoped)","tags":["DNS"]}},"/dns/domains/{domain_id}/records":{"get":{"description":"Filters: ` + "`" + `name` + "`" + `, ` + "`" + `type` + "`" + `, ` + "`" + `status` + "`" + `.","operationId":"ListRecordSets","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"domain_id","required":true,"schema":{"type":"string"}},{"description":"Exact relative name or FQDN (server normalizes)","in":"query","name":"name","schema":{"type":"string"}},{"description":"RR type (A, AAAA, CNAME, TXT, MX, NS, SRV, CAA)","in":"query","name":"type","schema":{"type":"string"}},{"description":"pending|provisioning|ready|failed","in":"query","name":"status","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.RecordSetResponse"},"type":"array"}}},"description":"OK"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"domain not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List record sets for a domain","tags":["DNS"]},"post":{"operationId":"CreateRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"domain_id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateRecordSetRequest"}}},"description":"Record set payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.RecordSetResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"domain not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create a record set (pending; Archer will UPSERT to Route 53)","tags":["DNS"]}},"/dns/domains/{id}":{"delete":{"operationId":"DeleteDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete a domain","tags":["DNS"]},"get":{"operationId":"GetDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.DomainResponse"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get a domain (org scoped)","tags":["DNS"]},"patch":{"operationId":"UpdateDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateDomainRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.DomainResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update a domain (org scoped)","tags":["DNS"]}},"/dns/records/{id}":{"delete":{"operationId":"DeleteRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Record Set ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete a record set (API removes row; worker can optionally handle external deletion policy)","tags":["DNS"]},"patch":{"operationId":"UpdateRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Record Set ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateRecordSetRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.RecordSetResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update a record set (flips to pending for reconciliation)","tags":["DNS"]}},"/healthz":{"get":{"description":"Returns 200 OK when the service is up","operationId":"HealthCheck // operationId","responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.HealthStatus"}}},"description":"OK"}},"summary":"Basic health check","tags":["Health"]}},"/labels":{"get":{"description":"Returns node labels for the organization in X-Org-ID. Filters: ` + "`" + `key` + "`" + `, ` + "`" + `value` + "`" + `, and ` + "`" + `q` + "`" + ` (key contains). Add ` + "`" + `include=node_pools` + "`" + ` to include linked node groups.","operationId":"ListLabels","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Exact key","in":"query","name":"key","schema":{"type":"string"}},{"description":"Exact value","in":"query","name":"value","schema":{"type":"string"}},{"description":"Key contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.LabelResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list node taints"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List node labels (org scoped)","tags":["Labels"]},"post":{"description":"Creates a label.","operationId":"CreateLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateLabelRequest"}}},"description":"Label payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LabelResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields / invalid node_pool_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create label (org scoped)","tags":["Labels"]}},"/labels/{id}":{"delete":{"description":"Permanently deletes the label.","operationId":"DeleteLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Label ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete label (org scoped)","tags":["Labels"]},"get":{"description":"Returns one label.","operationId":"GetLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Label ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LabelResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get label by ID (org scoped)","tags":["Labels"]},"patch":{"description":"Partially update label fields.","operationId":"UpdateLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Label ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateLabelRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LabelResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update label (org scoped)","tags":["Labels"]}},"/load-balancers":{"get":{"description":"Returns load balancers for the organization in X-Org-ID.","operationId":"ListLoadBalancers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list clusters"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List load balancers (org scoped)","tags":["LoadBalancers"]},"post":{"operationId":"CreateLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateLoadBalancerRequest"}}},"description":"Record set payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"domain not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create a load balancer","tags":["LoadBalancers"]}},"/load-balancers/{id}":{"delete":{"operationId":"DeleteLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Load Balancer ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete a load balancer","tags":["LoadBalancers"]},"get":{"description":"Returns load balancer for the organization in X-Org-ID.","operationId":"GetLoadBalancers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"LoadBalancer ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list clusters"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get a load balancer (org scoped)","tags":["LoadBalancers"]},"patch":{"operationId":"UpdateLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Load Balancer ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateLoadBalancerRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update a load balancer (org scoped)","tags":["LoadBalancers"]}},"/me":{"get":{"operationId":"GetMe","responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.meResponse"}}},"description":"OK"}},"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"summary":"Get current user profile","tags":["Me"]},"patch":{"operationId":"UpdateMe","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.updateMeRequest"}}},"description":"Patch profile","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/models.User"}}},"description":"OK"}},"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"summary":"Update current user profile","tags":["Me"]}},"/me/api-keys":{"get":{"operationId":"ListUserAPIKeys","responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/handlers.userAPIKeyOut"},"type":"array"}}},"description":"OK"}},"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"summary":"List my API keys","tags":["MeAPIKeys"]},"post":{"description":"Returns the plaintext key once. Store it securely on the client side.","operationId":"CreateUserAPIKey","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.createUserKeyRequest"}}},"description":"Key options","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.userAPIKeyOut"}}},"description":"Created"}},"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"summary":"Create a new user API key","tags":["MeAPIKeys"]}},"/me/api-keys/{id}":{"delete":{"operationId":"DeleteUserAPIKey","parameters":[{"description":"Key ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"}},"security":[{"BearerAuth":[]}],"summary":"Delete a user API key","tags":["MeAPIKeys"]}},"/node-pools":{"get":{"description":"Returns node pools for the organization in X-Org-ID.","operationId":"ListNodePools","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Name contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.NodePoolResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list node pools"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List node pools (org scoped)","tags":["NodePools"]},"post":{"description":"Creates a node pool. Optionally attach initial servers.","operationId":"CreateNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateNodePoolRequest"}}},"description":"NodePool payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.NodePoolResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields / invalid server_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}":{"delete":{"description":"Permanently deletes the node pool.","operationId":"DeleteNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete node pool (org scoped)","tags":["NodePools"]},"get":{"description":"Returns one node pool. Add ` + "`" + `include=servers` + "`" + ` to include servers.","operationId":"GetNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.NodePoolResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get node pool by ID (org scoped)","tags":["NodePools"]},"patch":{"description":"Partially update node pool fields.","operationId":"UpdateNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateNodePoolRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.NodePoolResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/annotations":{"get":{"operationId":"ListNodePoolAnnotations","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.AnnotationResponse"},"type":"array"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List annotations attached to a node pool (org scoped)","tags":["NodePools"]},"post":{"operationId":"AttachNodePoolAnnotations","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Group ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachAnnotationsRequest"}}},"description":"Annotation IDs to attach","required":true},"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid server_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"attach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach annotation to a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/annotations/{annotationId}":{"delete":{"operationId":"DetachNodePoolAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Annotation ID (UUID)","in":"path","name":"annotationId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"detach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach one annotation from a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/labels":{"get":{"operationId":"ListNodePoolLabels","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Label Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.LabelResponse"},"type":"array"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List labels attached to a node pool (org scoped)","tags":["NodePools"]},"post":{"operationId":"AttachNodePoolLabels","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachLabelsRequest"}}},"description":"Label IDs to attach","required":true},"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid server_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"attach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach labels to a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/labels/{labelId}":{"delete":{"operationId":"DetachNodePoolLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Label ID (UUID)","in":"path","name":"labelId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"detach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach one label from a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/servers":{"get":{"operationId":"ListNodePoolServers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.ServerResponse"},"type":"array"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List servers attached to a node pool (org scoped)","tags":["NodePools"]},"post":{"operationId":"AttachNodePoolServers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachServersRequest"}}},"description":"Server IDs to attach","required":true},"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid server_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"attach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach servers to a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/servers/{serverId}":{"delete":{"operationId":"DetachNodePoolServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"serverId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"detach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach one server from a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/taints":{"get":{"operationId":"ListNodePoolTaints","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.TaintResponse"},"type":"array"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List taints attached to a node pool (org scoped)","tags":["NodePools"]},"post":{"operationId":"AttachNodePoolTaints","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachTaintsRequest"}}},"description":"Taint IDs to attach","required":true},"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid taint_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"attach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach taints to a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/taints/{taintId}":{"delete":{"operationId":"DetachNodePoolTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Taint ID (UUID)","in":"path","name":"taintId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"detach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach one taint from a node pool (org scoped)","tags":["NodePools"]}},"/orgs":{"get":{"operationId":"listMyOrgs","responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/models.Organization"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"List organizations I belong to","tags":["Orgs"]},"post":{"operationId":"createOrg","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.orgCreateReq"}}},"description":"Org payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/models.Organization"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Bad Request"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"},"409":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Conflict"}},"security":[{"BearerAuth":[]}],"summary":"Create organization","tags":["Orgs"]}},"/orgs/{id}":{"delete":{"operationId":"deleteOrg","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"Deleted"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Not Found"}},"security":[{"BearerAuth":[]}],"summary":"Delete organization (owner)","tags":["Orgs"]},"get":{"operationId":"getOrg","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/models.Organization"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Not Found"}},"security":[{"BearerAuth":[]}],"summary":"Get organization","tags":["Orgs"]},"patch":{"operationId":"updateOrg","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.orgUpdateReq"}}},"description":"Update payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/models.Organization"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Not Found"}},"security":[{"BearerAuth":[]}],"summary":"Update organization (owner/admin)","tags":["Orgs"]}},"/orgs/{id}/api-keys":{"get":{"operationId":"listOrgKeys","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/models.APIKey"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"List org-scoped API keys (no secrets)","tags":["Orgs"]},"post":{"operationId":"createOrgKey","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.orgKeyCreateReq"}}},"description":"Key name + optional expiry","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.orgKeyCreateResp"}}},"description":"Created"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"Create org key/secret pair (owner/admin)","tags":["Orgs"]}},"/orgs/{id}/api-keys/{key_id}":{"delete":{"operationId":"deleteOrgKey","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Key ID (UUID)","in":"path","name":"key_id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"Deleted"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"Delete org key (owner/admin)","tags":["Orgs"]}},"/orgs/{id}/members":{"get":{"operationId":"listMembers","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/handlers.memberOut"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"List members in org","tags":["Orgs"]},"post":{"operationId":"addOrUpdateMember","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.memberUpsertReq"}}},"description":"User \u0026 role","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.memberOut"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"Add or update a member (owner/admin)","tags":["Orgs"]}},"/orgs/{id}/members/{user_id}":{"delete":{"operationId":"removeMember","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"User ID (UUID)","in":"path","name":"user_id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"Removed"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"Remove a member (owner/admin)","tags":["Orgs"]}},"/servers":{"get":{"description":"Returns servers for the organization in X-Org-ID. Optional filters: status, role.","operationId":"ListServers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Filter by status (pending|provisioning|ready|failed)","in":"query","name":"status","schema":{"type":"string"}},{"description":"Filter by role","in":"query","name":"role","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.ServerResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list servers"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List servers (org scoped)","tags":["Servers"]},"post":{"description":"Creates a server bound to the org in X-Org-ID. Validates that ssh_key_id belongs to the org.","operationId":"CreateServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateServerRequest"}}},"description":"Server payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ServerResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields / invalid status / invalid ssh_key_id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create server (org scoped)","tags":["Servers"]}},"/servers/{id}":{"delete":{"description":"Permanently deletes the server.","operationId":"DeleteServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete server (org scoped)","tags":["Servers"]},"get":{"description":"Returns one server in the given organization.","operationId":"GetServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ServerResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get server by ID (org scoped)","tags":["Servers"]},"patch":{"description":"Partially update fields; changing ssh_key_id validates ownership.","operationId":"UpdateServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateServerRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ServerResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json / invalid status / invalid ssh_key_id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update server (org scoped)","tags":["Servers"]}},"/servers/{id}/reset-hostkey":{"post":{"description":"Clears the stored SSH host key for this server. The next SSH connection will re-learn the host key (trust-on-first-use).","operationId":"ResetServerHostKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ServerResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"reset failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Reset SSH host key (org scoped)","tags":["Servers"]}},"/ssh":{"get":{"description":"Returns ssh keys for the organization in X-Org-ID.","operationId":"ListPublicSshKeys","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.SshResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list keys"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List ssh keys (org scoped)","tags":["Ssh"]},"post":{"description":"Generates an RSA or ED25519 keypair, saves it, and returns metadata. For RSA you may set bits (2048/3072/4096). Default is 4096. ED25519 ignores bits.","operationId":"CreateSSHKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateSSHRequest"}}},"description":"Key generation options","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.SshResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / invalid bits"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"generation/create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create ssh keypair (org scoped)","tags":["Ssh"]}},"/ssh/{id}":{"delete":{"description":"Permanently deletes a keypair.","operationId":"DeleteSSHKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"SSH Key ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete ssh keypair (org scoped)","tags":["Ssh"]},"get":{"description":"Returns public key fields. Append ` + "`" + `?reveal=true` + "`" + ` to include the private key PEM.","operationId":"GetSSHKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"SSH Key ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Reveal private key PEM","in":"query","name":"reveal","schema":{"type":"boolean"}}],"responses":{"200":{"content":{"application/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/dto.SshResponse"},{"$ref":"#/components/schemas/dto.SshRevealResponse"}]}}},"description":"When reveal=true"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get ssh key by ID (org scoped)","tags":["Ssh"]}},"/ssh/{id}/download":{"get":{"description":"Download ` + "`" + `part=public|private|both` + "`" + ` of the keypair. ` + "`" + `both` + "`" + ` returns a zip file.","operationId":"DownloadSSHKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","required":true,"schema":{"type":"string"}},{"description":"SSH Key ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Which part to download","in":"query","name":"part","required":true,"schema":{"enum":["public","private","both"],"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"file content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid part"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"download failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Download ssh key files by ID (org scoped)","tags":["Ssh"]}},"/taints":{"get":{"description":"Returns node taints for the organization in X-Org-ID. Filters: ` + "`" + `key` + "`" + `, ` + "`" + `value` + "`" + `, and ` + "`" + `q` + "`" + ` (key contains). Add ` + "`" + `include=node_pools` + "`" + ` to include linked node pools.","operationId":"ListTaints","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Exact key","in":"query","name":"key","schema":{"type":"string"}},{"description":"Exact value","in":"query","name":"value","schema":{"type":"string"}},{"description":"key contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.TaintResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list node taints"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List node pool taints (org scoped)","tags":["Taints"]},"post":{"description":"Creates a taint.","operationId":"CreateTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateTaintRequest"}}},"description":"Taint payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TaintResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields / invalid node_pool_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create node taint (org scoped)","tags":["Taints"]}},"/taints/{id}":{"delete":{"description":"Permanently deletes the taint.","operationId":"DeleteTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Taint ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete taint (org scoped)","tags":["Taints"]},"get":{"operationId":"GetTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Taint ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TaintResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get node taint by ID (org scoped)","tags":["Taints"]},"patch":{"description":"Partially update taint fields.","operationId":"UpdateTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Taint ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateTaintRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TaintResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update node taint (org scoped)","tags":["Taints"]}},"/version":{"get":{"description":"Returns build/runtime metadata for the running service.","operationId":"Version // operationId","responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.VersionResponse"}}},"description":"OK"}},"summary":"Service version information","tags":["Meta"]}}}, + "openapi": "3.1.0", + "servers": [ + {"description":"Production API","url":"https://autoglue.onglueops.rocks/api/v1"}, + {"description":"Staging API","url":"https://autoglue.apps.nonprod.earth.onglueops.rocks/api/v1"}, + {"description":"Local dev","url":"http://localhost:8080/api/v1"} + ] +}` // SwaggerInfo holds exported Swagger Info so clients can modify it var SwaggerInfo = &swag.Spec{ Version: "1.0", - Host: "", - BasePath: "/api/v1", - Schemes: []string{"http", "https"}, Title: "AutoGlue API", Description: "API for managing K3s clusters across cloud providers", InfoInstanceName: "swagger", diff --git a/docs/swagger.json b/docs/swagger.json index bce8979..b6967dd 100644 --- a/docs/swagger.json +++ b/docs/swagger.json @@ -1 +1,12 @@ -{"schemes":["http","https"],"swagger":"2.0","info":{"description":"API for managing K3s clusters across cloud providers","title":"AutoGlue API","contact":{"name":"GlueOps"},"version":"1.0"},"basePath":"/api/v1","paths":{"/.well-known/jwks.json":{"get":{"description":"Returns the JSON Web Key Set for token verification","produces":["application/json"],"tags":["Auth"],"summary":"Get JWKS","operationId":"getJWKS","responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.JWKS"}}}}},"/admin/archer/jobs":{"get":{"security":[{"BearerAuth":[]}],"description":"Paginated background jobs with optional filters. Search `q` may match id, type, error, payload (implementation-dependent).","consumes":["application/json"],"produces":["application/json"],"tags":["ArcherAdmin"],"summary":"List Archer jobs (admin)","operationId":"AdminListArcherJobs","parameters":[{"enum":["queued","running","succeeded","failed","canceled","retrying","scheduled"],"type":"string","description":"Filter by status","name":"status","in":"query"},{"type":"string","description":"Filter by queue name / worker name","name":"queue","in":"query"},{"type":"string","description":"Free-text search","name":"q","in":"query"},{"type":"integer","default":1,"description":"Page number","name":"page","in":"query"},{"maximum":100,"minimum":1,"type":"integer","default":25,"description":"Items per page","name":"page_size","in":"query"}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.PageJob"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"forbidden","schema":{"type":"string"}},"500":{"description":"internal error","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]}],"description":"Create a job immediately or schedule it for the future via `run_at`.","consumes":["application/json"],"produces":["application/json"],"tags":["ArcherAdmin"],"summary":"Enqueue a new Archer job (admin)","operationId":"AdminEnqueueArcherJob","parameters":[{"description":"Job parameters","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.EnqueueRequest"}}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.Job"}},"400":{"description":"invalid json or missing fields","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"forbidden","schema":{"type":"string"}},"500":{"description":"internal error","schema":{"type":"string"}}}}},"/admin/archer/jobs/{id}/cancel":{"post":{"security":[{"BearerAuth":[]}],"description":"Set job status to canceled if cancellable. For running jobs, this only affects future picks; wire to Archer if you need active kill.","consumes":["application/json"],"produces":["application/json"],"tags":["ArcherAdmin"],"summary":"Cancel an Archer job (admin)","operationId":"AdminCancelArcherJob","parameters":[{"type":"string","description":"Job ID","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.Job"}},"400":{"description":"invalid job or not cancellable","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"forbidden","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}}}}},"/admin/archer/jobs/{id}/retry":{"post":{"security":[{"BearerAuth":[]}],"description":"Marks the job retriable (DB flip). Swap this for an Archer admin call if you expose one.","consumes":["application/json"],"produces":["application/json"],"tags":["ArcherAdmin"],"summary":"Retry a failed/canceled Archer job (admin)","operationId":"AdminRetryArcherJob","parameters":[{"type":"string","description":"Job ID","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.Job"}},"400":{"description":"invalid job or not eligible","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"forbidden","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}}}}},"/admin/archer/queues":{"get":{"security":[{"BearerAuth":[]}],"description":"Summary metrics per queue (pending, running, failed, scheduled).","consumes":["application/json"],"produces":["application/json"],"tags":["ArcherAdmin"],"summary":"List Archer queues (admin)","operationId":"AdminListArcherQueues","responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.QueueInfo"}}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"forbidden","schema":{"type":"string"}},"500":{"description":"internal error","schema":{"type":"string"}}}}},"/annotations":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns annotations for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node pools.","consumes":["application/json"],"produces":["application/json"],"tags":["Annotations"],"summary":"List annotations (org scoped)","operationId":"ListAnnotations","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Exact key","name":"key","in":"query"},{"type":"string","description":"Exact value","name":"value","in":"query"},{"type":"string","description":"key contains (case-insensitive)","name":"q","in":"query"}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.AnnotationResponse"}}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"failed to list annotations","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Creates an annotation.","consumes":["application/json"],"produces":["application/json"],"tags":["Annotations"],"summary":"Create annotation (org scoped)","operationId":"CreateAnnotation","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"description":"Annotation payload","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.CreateAnnotationRequest"}}],"responses":{"201":{"description":"Created","schema":{"$ref":"#/definitions/dto.AnnotationResponse"}},"400":{"description":"invalid json / missing fields","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"create failed","schema":{"type":"string"}}}}},"/annotations/{id}":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns one annotation. Add `include=node_pools` to include node pools.","consumes":["application/json"],"produces":["application/json"],"tags":["Annotations"],"summary":"Get annotation by ID (org scoped)","operationId":"GetAnnotation","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Annotation ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.AnnotationResponse"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"fetch failed","schema":{"type":"string"}}}},"delete":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Permanently deletes the annotation.","consumes":["application/json"],"produces":["application/json"],"tags":["Annotations"],"summary":"Delete annotation (org scoped)","operationId":"DeleteAnnotation","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Annotation ID (UUID)","name":"id","in":"path","required":true}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"delete failed","schema":{"type":"string"}}}},"patch":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Partially update annotation fields.","consumes":["application/json"],"produces":["application/json"],"tags":["Annotations"],"summary":"Update annotation (org scoped)","operationId":"UpdateAnnotation","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Annotation ID (UUID)","name":"id","in":"path","required":true},{"description":"Fields to update","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.UpdateAnnotationRequest"}}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.AnnotationResponse"}},"400":{"description":"invalid id / invalid json","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"update failed","schema":{"type":"string"}}}}},"/auth/logout":{"post":{"consumes":["application/json"],"produces":["application/json"],"tags":["Auth"],"summary":"Revoke refresh token family (logout everywhere)","operationId":"Logout","parameters":[{"description":"Refresh token","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.LogoutRequest"}}],"responses":{"204":{"description":"No Content"}}}},"/auth/refresh":{"post":{"consumes":["application/json"],"produces":["application/json"],"tags":["Auth"],"summary":"Rotate refresh token","operationId":"Refresh","parameters":[{"description":"Refresh token","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.RefreshRequest"}}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.TokenPair"}}}}},"/auth/{provider}/callback":{"get":{"produces":["application/json"],"tags":["Auth"],"summary":"Handle social login callback","operationId":"AuthCallback","parameters":[{"type":"string","description":"google|github","name":"provider","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.TokenPair"}}}}},"/auth/{provider}/start":{"post":{"description":"Returns provider authorization URL for the frontend to redirect","produces":["application/json"],"tags":["Auth"],"summary":"Begin social login","operationId":"AuthStart","parameters":[{"type":"string","description":"google|github","name":"provider","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.AuthStartResponse"}}}}},"/clusters":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns clusters for the organization in X-Org-ID. Filter by `q` (name contains).","produces":["application/json"],"tags":["Clusters"],"summary":"List clusters (org scoped)","operationId":"ListClusters","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Name contains (case-insensitive)","name":"q","in":"query"}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.ClusterResponse"}}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"failed to list clusters","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Creates a cluster. If `kubeconfig` is provided, it will be encrypted per-organization and stored securely (never returned).","consumes":["application/json"],"produces":["application/json"],"tags":["Clusters"],"summary":"Create cluster (org scoped)","operationId":"CreateCluster","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"description":"payload","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.CreateClusterRequest"}}],"responses":{"201":{"description":"Created","schema":{"$ref":"#/definitions/dto.ClusterResponse"}},"400":{"description":"invalid json","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"create failed","schema":{"type":"string"}}}}},"/credentials":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns credential metadata for the current org. Secrets are never returned.","consumes":["application/json"],"produces":["application/json"],"tags":["Credentials"],"summary":"List credentials (metadata only)","operationId":"ListCredentials","parameters":[{"type":"string","description":"Organization ID (UUID)","name":"X-Org-ID","in":"header"},{"type":"string","description":"Filter by provider (e.g., aws)","name":"provider","in":"query"},{"type":"string","description":"Filter by kind (e.g., aws_access_key)","name":"kind","in":"query"},{"type":"string","description":"Filter by scope kind (provider/service/resource)","name":"scope_kind","in":"query"}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.CredentialOut"}}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"internal server error","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["Credentials"],"summary":"Create a credential (encrypts secret)","operationId":"CreateCredential","parameters":[{"type":"string","description":"Organization ID (UUID)","name":"X-Org-ID","in":"header"},{"description":"Credential payload","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.CreateCredentialRequest"}}],"responses":{"201":{"description":"Created","schema":{"$ref":"#/definitions/dto.CredentialOut"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"internal server error","schema":{"type":"string"}}}}},"/credentials/{id}":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["Credentials"],"summary":"Get credential by ID (metadata only)","operationId":"GetCredential","parameters":[{"type":"string","description":"Organization ID (UUID)","name":"X-Org-ID","in":"header"},{"type":"string","description":"Credential ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.CredentialOut"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"internal server error","schema":{"type":"string"}}}},"delete":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["Credentials"],"summary":"Delete credential","operationId":"DeleteCredential","parameters":[{"type":"string","description":"Organization ID (UUID)","name":"X-Org-ID","in":"header"},{"type":"string","description":"Credential ID (UUID)","name":"id","in":"path","required":true}],"responses":{"204":{"description":"No Content"},"404":{"description":"not found","schema":{"type":"string"}}}},"patch":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["Credentials"],"summary":"Update credential metadata and/or rotate secret","operationId":"UpdateCredential","parameters":[{"type":"string","description":"Organization ID (UUID)","name":"X-Org-ID","in":"header"},{"type":"string","description":"Credential ID (UUID)","name":"id","in":"path","required":true},{"description":"Fields to update","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.UpdateCredentialRequest"}}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.CredentialOut"}},"403":{"description":"X-Org-ID required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}}}}},"/credentials/{id}/reveal":{"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["Credentials"],"summary":"Reveal decrypted secret (one-time read)","operationId":"RevealCredential","parameters":[{"type":"string","description":"Organization ID (UUID)","name":"X-Org-ID","in":"header"},{"type":"string","description":"Credential ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"type":"object","additionalProperties":true}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}}}}},"/dns/domains":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns domains for X-Org-ID. Filters: `domain_name`, `status`, `q` (contains).","consumes":["application/json"],"produces":["application/json"],"tags":["DNS"],"summary":"List domains (org scoped)","operationId":"ListDomains","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Exact domain name (lowercase, no trailing dot)","name":"domain_name","in":"query"},{"type":"string","description":"pending|provisioning|ready|failed","name":"status","in":"query"},{"type":"string","description":"Domain contains (case-insensitive)","name":"q","in":"query"}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.DomainResponse"}}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"db error","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Creates a domain bound to a Route 53 scoped credential. Archer will backfill ZoneID if omitted.","consumes":["application/json"],"produces":["application/json"],"tags":["DNS"],"summary":"Create a domain (org scoped)","operationId":"CreateDomain","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"description":"Domain payload","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.CreateDomainRequest"}}],"responses":{"201":{"description":"Created","schema":{"$ref":"#/definitions/dto.DomainResponse"}},"400":{"description":"validation error","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"db error","schema":{"type":"string"}}}}},"/dns/domains/{domain_id}/records":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Filters: `name`, `type`, `status`.","consumes":["application/json"],"produces":["application/json"],"tags":["DNS"],"summary":"List record sets for a domain","operationId":"ListRecordSets","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Domain ID (UUID)","name":"domain_id","in":"path","required":true},{"type":"string","description":"Exact relative name or FQDN (server normalizes)","name":"name","in":"query"},{"type":"string","description":"RR type (A, AAAA, CNAME, TXT, MX, NS, SRV, CAA)","name":"type","in":"query"},{"type":"string","description":"pending|provisioning|ready|failed","name":"status","in":"query"}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.RecordSetResponse"}}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"domain not found","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["DNS"],"summary":"Create a record set (pending; Archer will UPSERT to Route 53)","operationId":"CreateRecordSet","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Domain ID (UUID)","name":"domain_id","in":"path","required":true},{"description":"Record set payload","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.CreateRecordSetRequest"}}],"responses":{"201":{"description":"Created","schema":{"$ref":"#/definitions/dto.RecordSetResponse"}},"400":{"description":"validation error","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"domain not found","schema":{"type":"string"}}}}},"/dns/domains/{id}":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["DNS"],"summary":"Get a domain (org scoped)","operationId":"GetDomain","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Domain ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.DomainResponse"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}}}},"delete":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["DNS"],"summary":"Delete a domain","operationId":"DeleteDomain","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Domain ID (UUID)","name":"id","in":"path","required":true}],"responses":{"204":{"description":"No Content"},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}}}},"patch":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["DNS"],"summary":"Update a domain (org scoped)","operationId":"UpdateDomain","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Domain ID (UUID)","name":"id","in":"path","required":true},{"description":"Fields to update","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.UpdateDomainRequest"}}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.DomainResponse"}},"400":{"description":"validation error","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}}}}},"/dns/records/{id}":{"delete":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["DNS"],"summary":"Delete a record set (API removes row; worker can optionally handle external deletion policy)","operationId":"DeleteRecordSet","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Record Set ID (UUID)","name":"id","in":"path","required":true}],"responses":{"204":{"description":"No Content"},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}}}},"patch":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["DNS"],"summary":"Update a record set (flips to pending for reconciliation)","operationId":"UpdateRecordSet","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Record Set ID (UUID)","name":"id","in":"path","required":true},{"description":"Fields to update","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.UpdateRecordSetRequest"}}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.RecordSetResponse"}},"400":{"description":"validation error","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}}}}},"/healthz":{"get":{"description":"Returns 200 OK when the service is up","consumes":["application/json"],"produces":["application/json"],"tags":["Health"],"summary":"Basic health check","operationId":"HealthCheck // operationId","responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/handlers.HealthStatus"}}}}},"/labels":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns node labels for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node groups.","consumes":["application/json"],"produces":["application/json"],"tags":["Labels"],"summary":"List node labels (org scoped)","operationId":"ListLabels","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Exact key","name":"key","in":"query"},{"type":"string","description":"Exact value","name":"value","in":"query"},{"type":"string","description":"Key contains (case-insensitive)","name":"q","in":"query"}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.LabelResponse"}}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"failed to list node taints","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Creates a label.","consumes":["application/json"],"produces":["application/json"],"tags":["Labels"],"summary":"Create label (org scoped)","operationId":"CreateLabel","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"description":"Label payload","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.CreateLabelRequest"}}],"responses":{"201":{"description":"Created","schema":{"$ref":"#/definitions/dto.LabelResponse"}},"400":{"description":"invalid json / missing fields / invalid node_pool_ids","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"create failed","schema":{"type":"string"}}}}},"/labels/{id}":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns one label.","consumes":["application/json"],"produces":["application/json"],"tags":["Labels"],"summary":"Get label by ID (org scoped)","operationId":"GetLabel","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Label ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.LabelResponse"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"fetch failed","schema":{"type":"string"}}}},"delete":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Permanently deletes the label.","consumes":["application/json"],"produces":["application/json"],"tags":["Labels"],"summary":"Delete label (org scoped)","operationId":"DeleteLabel","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Label ID (UUID)","name":"id","in":"path","required":true}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"delete failed","schema":{"type":"string"}}}},"patch":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Partially update label fields.","consumes":["application/json"],"produces":["application/json"],"tags":["Labels"],"summary":"Update label (org scoped)","operationId":"UpdateLabel","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Label ID (UUID)","name":"id","in":"path","required":true},{"description":"Fields to update","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.UpdateLabelRequest"}}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.LabelResponse"}},"400":{"description":"invalid id / invalid json","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"update failed","schema":{"type":"string"}}}}},"/me":{"get":{"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"produces":["application/json"],"tags":["Me"],"summary":"Get current user profile","operationId":"GetMe","responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/handlers.meResponse"}}}},"patch":{"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["Me"],"summary":"Update current user profile","operationId":"UpdateMe","parameters":[{"description":"Patch profile","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/handlers.updateMeRequest"}}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/models.User"}}}}},"/me/api-keys":{"get":{"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"produces":["application/json"],"tags":["MeAPIKeys"],"summary":"List my API keys","operationId":"ListUserAPIKeys","responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/handlers.userAPIKeyOut"}}}}},"post":{"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"description":"Returns the plaintext key once. Store it securely on the client side.","consumes":["application/json"],"produces":["application/json"],"tags":["MeAPIKeys"],"summary":"Create a new user API key","operationId":"CreateUserAPIKey","parameters":[{"description":"Key options","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/handlers.createUserKeyRequest"}}],"responses":{"201":{"description":"Created","schema":{"$ref":"#/definitions/handlers.userAPIKeyOut"}}}}},"/me/api-keys/{id}":{"delete":{"security":[{"BearerAuth":[]}],"produces":["application/json"],"tags":["MeAPIKeys"],"summary":"Delete a user API key","operationId":"DeleteUserAPIKey","parameters":[{"type":"string","description":"Key ID (UUID)","name":"id","in":"path","required":true}],"responses":{"204":{"description":"No Content"}}}},"/node-pools":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns node pools for the organization in X-Org-ID.","consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"List node pools (org scoped)","operationId":"ListNodePools","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Name contains (case-insensitive)","name":"q","in":"query"}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.NodePoolResponse"}}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"failed to list node pools","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Creates a node pool. Optionally attach initial servers.","consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"Create node pool (org scoped)","operationId":"CreateNodePool","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"description":"NodePool payload","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.CreateNodePoolRequest"}}],"responses":{"201":{"description":"Created","schema":{"$ref":"#/definitions/dto.NodePoolResponse"}},"400":{"description":"invalid json / missing fields / invalid server_ids","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"create failed","schema":{"type":"string"}}}}},"/node-pools/{id}":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns one node pool. Add `include=servers` to include servers.","consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"Get node pool by ID (org scoped)","operationId":"GetNodePool","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Pool ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.NodePoolResponse"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"fetch failed","schema":{"type":"string"}}}},"delete":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Permanently deletes the node pool.","consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"Delete node pool (org scoped)","operationId":"DeleteNodePool","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Pool ID (UUID)","name":"id","in":"path","required":true}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"delete failed","schema":{"type":"string"}}}},"patch":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Partially update node pool fields.","consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"Update node pool (org scoped)","operationId":"UpdateNodePool","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Pool ID (UUID)","name":"id","in":"path","required":true},{"description":"Fields to update","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.UpdateNodePoolRequest"}}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.NodePoolResponse"}},"400":{"description":"invalid id / invalid json","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"update failed","schema":{"type":"string"}}}}},"/node-pools/{id}/annotations":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"List annotations attached to a node pool (org scoped)","operationId":"ListNodePoolAnnotations","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Pool ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.AnnotationResponse"}}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"fetch failed","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"Attach annotation to a node pool (org scoped)","operationId":"AttachNodePoolAnnotations","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Group ID (UUID)","name":"id","in":"path","required":true},{"description":"Annotation IDs to attach","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.AttachAnnotationsRequest"}}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id / invalid server_ids","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"attach failed","schema":{"type":"string"}}}}},"/node-pools/{id}/annotations/{annotationId}":{"delete":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"Detach one annotation from a node pool (org scoped)","operationId":"DetachNodePoolAnnotation","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Pool ID (UUID)","name":"id","in":"path","required":true},{"type":"string","description":"Annotation ID (UUID)","name":"annotationId","in":"path","required":true}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"detach failed","schema":{"type":"string"}}}}},"/node-pools/{id}/labels":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"List labels attached to a node pool (org scoped)","operationId":"ListNodePoolLabels","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Label Pool ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.LabelResponse"}}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"fetch failed","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"Attach labels to a node pool (org scoped)","operationId":"AttachNodePoolLabels","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Pool ID (UUID)","name":"id","in":"path","required":true},{"description":"Label IDs to attach","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.AttachLabelsRequest"}}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id / invalid server_ids","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"attach failed","schema":{"type":"string"}}}}},"/node-pools/{id}/labels/{labelId}":{"delete":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"Detach one label from a node pool (org scoped)","operationId":"DetachNodePoolLabel","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Pool ID (UUID)","name":"id","in":"path","required":true},{"type":"string","description":"Label ID (UUID)","name":"labelId","in":"path","required":true}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"detach failed","schema":{"type":"string"}}}}},"/node-pools/{id}/servers":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"List servers attached to a node pool (org scoped)","operationId":"ListNodePoolServers","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Pool ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.ServerResponse"}}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"fetch failed","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"Attach servers to a node pool (org scoped)","operationId":"AttachNodePoolServers","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Pool ID (UUID)","name":"id","in":"path","required":true},{"description":"Server IDs to attach","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.AttachServersRequest"}}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id / invalid server_ids","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"attach failed","schema":{"type":"string"}}}}},"/node-pools/{id}/servers/{serverId}":{"delete":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"Detach one server from a node pool (org scoped)","operationId":"DetachNodePoolServer","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Pool ID (UUID)","name":"id","in":"path","required":true},{"type":"string","description":"Server ID (UUID)","name":"serverId","in":"path","required":true}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"detach failed","schema":{"type":"string"}}}}},"/node-pools/{id}/taints":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"List taints attached to a node pool (org scoped)","operationId":"ListNodePoolTaints","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Pool ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.TaintResponse"}}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"fetch failed","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"Attach taints to a node pool (org scoped)","operationId":"AttachNodePoolTaints","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Pool ID (UUID)","name":"id","in":"path","required":true},{"description":"Taint IDs to attach","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.AttachTaintsRequest"}}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id / invalid taint_ids","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"attach failed","schema":{"type":"string"}}}}},"/node-pools/{id}/taints/{taintId}":{"delete":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["NodePools"],"summary":"Detach one taint from a node pool (org scoped)","operationId":"DetachNodePoolTaint","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Pool ID (UUID)","name":"id","in":"path","required":true},{"type":"string","description":"Taint ID (UUID)","name":"taintId","in":"path","required":true}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"detach failed","schema":{"type":"string"}}}}},"/orgs":{"get":{"security":[{"BearerAuth":[]}],"produces":["application/json"],"tags":["Orgs"],"summary":"List organizations I belong to","operationId":"listMyOrgs","responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/models.Organization"}}},"401":{"description":"Unauthorized","schema":{"$ref":"#/definitions/utils.ErrorResponse"}}}},"post":{"security":[{"BearerAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["Orgs"],"summary":"Create organization","operationId":"createOrg","parameters":[{"description":"Org payload","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/handlers.orgCreateReq"}}],"responses":{"201":{"description":"Created","schema":{"$ref":"#/definitions/models.Organization"}},"400":{"description":"Bad Request","schema":{"$ref":"#/definitions/utils.ErrorResponse"}},"401":{"description":"Unauthorized","schema":{"$ref":"#/definitions/utils.ErrorResponse"}},"409":{"description":"Conflict","schema":{"$ref":"#/definitions/utils.ErrorResponse"}}}}},"/orgs/{id}":{"get":{"security":[{"BearerAuth":[]}],"produces":["application/json"],"tags":["Orgs"],"summary":"Get organization","operationId":"getOrg","parameters":[{"type":"string","description":"Org ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/models.Organization"}},"401":{"description":"Unauthorized","schema":{"$ref":"#/definitions/utils.ErrorResponse"}},"404":{"description":"Not Found","schema":{"$ref":"#/definitions/utils.ErrorResponse"}}}},"delete":{"security":[{"BearerAuth":[]}],"produces":["application/json"],"tags":["Orgs"],"summary":"Delete organization (owner)","operationId":"deleteOrg","parameters":[{"type":"string","description":"Org ID (UUID)","name":"id","in":"path","required":true}],"responses":{"204":{"description":"Deleted"},"401":{"description":"Unauthorized","schema":{"$ref":"#/definitions/utils.ErrorResponse"}},"404":{"description":"Not Found","schema":{"$ref":"#/definitions/utils.ErrorResponse"}}}},"patch":{"security":[{"BearerAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["Orgs"],"summary":"Update organization (owner/admin)","operationId":"updateOrg","parameters":[{"type":"string","description":"Org ID (UUID)","name":"id","in":"path","required":true},{"description":"Update payload","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/handlers.orgUpdateReq"}}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/models.Organization"}},"401":{"description":"Unauthorized","schema":{"$ref":"#/definitions/utils.ErrorResponse"}},"404":{"description":"Not Found","schema":{"$ref":"#/definitions/utils.ErrorResponse"}}}}},"/orgs/{id}/api-keys":{"get":{"security":[{"BearerAuth":[]}],"produces":["application/json"],"tags":["Orgs"],"summary":"List org-scoped API keys (no secrets)","operationId":"listOrgKeys","parameters":[{"type":"string","description":"Org ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/models.APIKey"}}},"401":{"description":"Unauthorized","schema":{"$ref":"#/definitions/utils.ErrorResponse"}}}},"post":{"security":[{"BearerAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["Orgs"],"summary":"Create org key/secret pair (owner/admin)","operationId":"createOrgKey","parameters":[{"type":"string","description":"Org ID (UUID)","name":"id","in":"path","required":true},{"description":"Key name + optional expiry","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/handlers.orgKeyCreateReq"}}],"responses":{"201":{"description":"Created","schema":{"$ref":"#/definitions/handlers.orgKeyCreateResp"}},"401":{"description":"Unauthorized","schema":{"$ref":"#/definitions/utils.ErrorResponse"}}}}},"/orgs/{id}/api-keys/{key_id}":{"delete":{"security":[{"BearerAuth":[]}],"produces":["application/json"],"tags":["Orgs"],"summary":"Delete org key (owner/admin)","operationId":"deleteOrgKey","parameters":[{"type":"string","description":"Org ID (UUID)","name":"id","in":"path","required":true},{"type":"string","description":"Key ID (UUID)","name":"key_id","in":"path","required":true}],"responses":{"204":{"description":"Deleted"},"401":{"description":"Unauthorized","schema":{"$ref":"#/definitions/utils.ErrorResponse"}}}}},"/orgs/{id}/members":{"get":{"security":[{"BearerAuth":[]}],"produces":["application/json"],"tags":["Orgs"],"summary":"List members in org","operationId":"listMembers","parameters":[{"type":"string","description":"Org ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/handlers.memberOut"}}},"401":{"description":"Unauthorized","schema":{"$ref":"#/definitions/utils.ErrorResponse"}}}},"post":{"security":[{"BearerAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["Orgs"],"summary":"Add or update a member (owner/admin)","operationId":"addOrUpdateMember","parameters":[{"type":"string","description":"Org ID (UUID)","name":"id","in":"path","required":true},{"description":"User \u0026 role","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/handlers.memberUpsertReq"}}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/handlers.memberOut"}},"401":{"description":"Unauthorized","schema":{"$ref":"#/definitions/utils.ErrorResponse"}}}}},"/orgs/{id}/members/{user_id}":{"delete":{"security":[{"BearerAuth":[]}],"produces":["application/json"],"tags":["Orgs"],"summary":"Remove a member (owner/admin)","operationId":"removeMember","parameters":[{"type":"string","description":"Org ID (UUID)","name":"id","in":"path","required":true},{"type":"string","description":"User ID (UUID)","name":"user_id","in":"path","required":true}],"responses":{"204":{"description":"Removed"},"401":{"description":"Unauthorized","schema":{"$ref":"#/definitions/utils.ErrorResponse"}}}}},"/servers":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns servers for the organization in X-Org-ID. Optional filters: status, role.","consumes":["application/json"],"produces":["application/json"],"tags":["Servers"],"summary":"List servers (org scoped)","operationId":"ListServers","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Filter by status (pending|provisioning|ready|failed)","name":"status","in":"query"},{"type":"string","description":"Filter by role","name":"role","in":"query"}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.ServerResponse"}}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"failed to list servers","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Creates a server bound to the org in X-Org-ID. Validates that ssh_key_id belongs to the org.","consumes":["application/json"],"produces":["application/json"],"tags":["Servers"],"summary":"Create server (org scoped)","operationId":"CreateServer","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"description":"Server payload","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.CreateServerRequest"}}],"responses":{"201":{"description":"Created","schema":{"$ref":"#/definitions/dto.ServerResponse"}},"400":{"description":"invalid json / missing fields / invalid status / invalid ssh_key_id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"create failed","schema":{"type":"string"}}}}},"/servers/{id}":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns one server in the given organization.","consumes":["application/json"],"produces":["application/json"],"tags":["Servers"],"summary":"Get server by ID (org scoped)","operationId":"GetServer","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Server ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.ServerResponse"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"fetch failed","schema":{"type":"string"}}}},"delete":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Permanently deletes the server.","consumes":["application/json"],"produces":["application/json"],"tags":["Servers"],"summary":"Delete server (org scoped)","operationId":"DeleteServer","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Server ID (UUID)","name":"id","in":"path","required":true}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"delete failed","schema":{"type":"string"}}}},"patch":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Partially update fields; changing ssh_key_id validates ownership.","consumes":["application/json"],"produces":["application/json"],"tags":["Servers"],"summary":"Update server (org scoped)","operationId":"UpdateServer","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Server ID (UUID)","name":"id","in":"path","required":true},{"description":"Fields to update","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.UpdateServerRequest"}}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.ServerResponse"}},"400":{"description":"invalid id / invalid json / invalid status / invalid ssh_key_id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"update failed","schema":{"type":"string"}}}}},"/servers/{id}/reset-hostkey":{"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Clears the stored SSH host key for this server. The next SSH connection will re-learn the host key (trust-on-first-use).","consumes":["application/json"],"produces":["application/json"],"tags":["Servers"],"summary":"Reset SSH host key (org scoped)","operationId":"ResetServerHostKey","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Server ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.ServerResponse"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"reset failed","schema":{"type":"string"}}}}},"/ssh":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns ssh keys for the organization in X-Org-ID.","consumes":["application/json"],"produces":["application/json"],"tags":["Ssh"],"summary":"List ssh keys (org scoped)","operationId":"ListPublicSshKeys","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.SshResponse"}}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"failed to list keys","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Generates an RSA or ED25519 keypair, saves it, and returns metadata. For RSA you may set bits (2048/3072/4096). Default is 4096. ED25519 ignores bits.","consumes":["application/json"],"produces":["application/json"],"tags":["Ssh"],"summary":"Create ssh keypair (org scoped)","operationId":"CreateSSHKey","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"description":"Key generation options","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.CreateSSHRequest"}}],"responses":{"201":{"description":"Created","schema":{"$ref":"#/definitions/dto.SshResponse"}},"400":{"description":"invalid json / invalid bits","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"generation/create failed","schema":{"type":"string"}}}}},"/ssh/{id}":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns public key fields. Append `?reveal=true` to include the private key PEM.","consumes":["application/json"],"produces":["application/json"],"tags":["Ssh"],"summary":"Get ssh key by ID (org scoped)","operationId":"GetSSHKey","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"SSH Key ID (UUID)","name":"id","in":"path","required":true},{"type":"boolean","description":"Reveal private key PEM","name":"reveal","in":"query"}],"responses":{"200":{"description":"When reveal=true","schema":{"$ref":"#/definitions/dto.SshRevealResponse"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"fetch failed","schema":{"type":"string"}}}},"delete":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Permanently deletes a keypair.","consumes":["application/json"],"produces":["application/json"],"tags":["Ssh"],"summary":"Delete ssh keypair (org scoped)","operationId":"DeleteSSHKey","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"SSH Key ID (UUID)","name":"id","in":"path","required":true}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"delete failed","schema":{"type":"string"}}}}},"/ssh/{id}/download":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Download `part=public|private|both` of the keypair. `both` returns a zip file.","produces":["application/json"],"tags":["Ssh"],"summary":"Download ssh key files by ID (org scoped)","operationId":"DownloadSSHKey","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header","required":true},{"type":"string","description":"SSH Key ID (UUID)","name":"id","in":"path","required":true},{"enum":["public","private","both"],"type":"string","description":"Which part to download","name":"part","in":"query","required":true}],"responses":{"200":{"description":"file content","schema":{"type":"string"}},"400":{"description":"invalid id / invalid part","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"download failed","schema":{"type":"string"}}}}},"/taints":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Returns node taints for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node pools.","consumes":["application/json"],"produces":["application/json"],"tags":["Taints"],"summary":"List node pool taints (org scoped)","operationId":"ListTaints","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Exact key","name":"key","in":"query"},{"type":"string","description":"Exact value","name":"value","in":"query"},{"type":"string","description":"key contains (case-insensitive)","name":"q","in":"query"}],"responses":{"200":{"description":"OK","schema":{"type":"array","items":{"$ref":"#/definitions/dto.TaintResponse"}}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"failed to list node taints","schema":{"type":"string"}}}},"post":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Creates a taint.","consumes":["application/json"],"produces":["application/json"],"tags":["Taints"],"summary":"Create node taint (org scoped)","operationId":"CreateTaint","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"description":"Taint payload","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.CreateTaintRequest"}}],"responses":{"201":{"description":"Created","schema":{"$ref":"#/definitions/dto.TaintResponse"}},"400":{"description":"invalid json / missing fields / invalid node_pool_ids","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"create failed","schema":{"type":"string"}}}}},"/taints/{id}":{"get":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"consumes":["application/json"],"produces":["application/json"],"tags":["Taints"],"summary":"Get node taint by ID (org scoped)","operationId":"GetTaint","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Taint ID (UUID)","name":"id","in":"path","required":true}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.TaintResponse"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"fetch failed","schema":{"type":"string"}}}},"delete":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Permanently deletes the taint.","consumes":["application/json"],"produces":["application/json"],"tags":["Taints"],"summary":"Delete taint (org scoped)","operationId":"DeleteTaint","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Taint ID (UUID)","name":"id","in":"path","required":true}],"responses":{"204":{"description":"No Content","schema":{"type":"string"}},"400":{"description":"invalid id","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"500":{"description":"delete failed","schema":{"type":"string"}}}},"patch":{"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"description":"Partially update taint fields.","consumes":["application/json"],"produces":["application/json"],"tags":["Taints"],"summary":"Update node taint (org scoped)","operationId":"UpdateTaint","parameters":[{"type":"string","description":"Organization UUID","name":"X-Org-ID","in":"header"},{"type":"string","description":"Node Taint ID (UUID)","name":"id","in":"path","required":true},{"description":"Fields to update","name":"body","in":"body","required":true,"schema":{"$ref":"#/definitions/dto.UpdateTaintRequest"}}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/dto.TaintResponse"}},"400":{"description":"invalid id / invalid json","schema":{"type":"string"}},"401":{"description":"Unauthorized","schema":{"type":"string"}},"403":{"description":"organization required","schema":{"type":"string"}},"404":{"description":"not found","schema":{"type":"string"}},"500":{"description":"update failed","schema":{"type":"string"}}}}},"/version":{"get":{"description":"Returns build/runtime metadata for the running service.","consumes":["application/json"],"produces":["application/json"],"tags":["Meta"],"summary":"Service version information","operationId":"Version // operationId","responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/handlers.VersionResponse"}}}}}},"definitions":{"dto.AnnotationResponse":{"type":"object","properties":{"created_at":{"type":"string"},"id":{"type":"string"},"key":{"type":"string"},"organization_id":{"type":"string"},"updated_at":{"type":"string"},"value":{"type":"string"}}},"dto.AttachAnnotationsRequest":{"type":"object","properties":{"annotation_ids":{"type":"array","items":{"type":"string"}}}},"dto.AttachLabelsRequest":{"type":"object","properties":{"label_ids":{"type":"array","items":{"type":"string"}}}},"dto.AttachServersRequest":{"type":"object","properties":{"server_ids":{"type":"array","items":{"type":"string"}}}},"dto.AttachTaintsRequest":{"type":"object","properties":{"taint_ids":{"type":"array","items":{"type":"string"}}}},"dto.AuthStartResponse":{"type":"object","properties":{"auth_url":{"type":"string","example":"https://accounts.google.com/o/oauth2/v2/auth?client_id=..."}}},"dto.ClusterResponse":{"type":"object","properties":{"bastion_server":{"$ref":"#/definitions/dto.ServerResponse"},"captain_domain":{"type":"string"},"certificate_key":{"type":"string"},"cluster_load_balancer":{"type":"string"},"control_load_balancer":{"type":"string"},"created_at":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"node_pools":{"type":"array","items":{"$ref":"#/definitions/dto.NodePoolResponse"}},"provider":{"type":"string"},"random_token":{"type":"string"},"region":{"type":"string"},"status":{"type":"string"},"updated_at":{"type":"string"}}},"dto.CreateAnnotationRequest":{"type":"object","properties":{"key":{"type":"string"},"value":{"type":"string"}}},"dto.CreateClusterRequest":{"type":"object","properties":{"captain_domain":{"type":"string"},"cluster_load_balancer":{"type":"string"},"control_load_balancer":{"type":"string"},"name":{"type":"string"},"provider":{"type":"string"},"region":{"type":"string"},"status":{"type":"string"}}},"dto.CreateCredentialRequest":{"type":"object","required":["kind","provider","schema_version","scope","scope_kind","scope_version","secret"],"properties":{"account_id":{"type":"string","maxLength":32},"kind":{"description":"aws_access_key, api_token, basic_auth, oauth2","type":"string"},"name":{"description":"human label","type":"string","maxLength":100},"provider":{"type":"string","enum":["aws","cloudflare","hetzner","digitalocean","generic"]},"region":{"type":"string","maxLength":32},"schema_version":{"description":"secret schema version","type":"integer","minimum":1},"scope":{"description":"{\"service\":\"route53\"} or {\"arn\":\"...\"}","type":"object"},"scope_kind":{"type":"string","enum":["provider","service","resource"]},"scope_version":{"description":"scope schema version","type":"integer","minimum":1},"secret":{"description":"encrypted later","type":"object"}}},"dto.CreateDomainRequest":{"type":"object","required":["credential_id","domain_name"],"properties":{"credential_id":{"type":"string"},"domain_name":{"type":"string"},"zone_id":{"type":"string","maxLength":128}}},"dto.CreateLabelRequest":{"type":"object","properties":{"key":{"type":"string"},"value":{"type":"string"}}},"dto.CreateNodePoolRequest":{"type":"object","properties":{"name":{"type":"string"},"role":{"type":"string","enum":["master","worker"]}}},"dto.CreateRecordSetRequest":{"type":"object","required":["name","type"],"properties":{"name":{"description":"Name relative to domain (\"endpoint\") OR FQDN (\"endpoint.example.com\").\nServer normalizes to relative.","type":"string","maxLength":253},"ttl":{"type":"integer","maximum":86400,"minimum":1},"type":{"type":"string"},"values":{"type":"array","items":{"type":"string"}}}},"dto.CreateSSHRequest":{"type":"object","properties":{"bits":{"description":"Only for RSA","type":"integer"},"comment":{"type":"string","example":"deploy@autoglue"},"name":{"type":"string"},"type":{"description":"\"rsa\" (default) or \"ed25519\"","type":"string"}}},"dto.CreateServerRequest":{"type":"object","properties":{"hostname":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"role":{"type":"string","enum":["master","worker","bastion"],"example":"master|worker|bastion"},"ssh_key_id":{"type":"string"},"ssh_user":{"type":"string"},"status":{"type":"string","enum":["pending","provisioning","ready","failed"],"example":"pending|provisioning|ready|failed"}}},"dto.CreateTaintRequest":{"type":"object","properties":{"effect":{"type":"string"},"key":{"type":"string"},"value":{"type":"string"}}},"dto.CredentialOut":{"type":"object","properties":{"account_id":{"type":"string"},"created_at":{"type":"string"},"id":{"type":"string"},"kind":{"type":"string"},"name":{"type":"string"},"provider":{"type":"string"},"region":{"type":"string"},"schema_version":{"type":"integer"},"scope":{"type":"object"},"scope_kind":{"type":"string"},"scope_version":{"type":"integer"},"updated_at":{"type":"string"}}},"dto.DomainResponse":{"type":"object","properties":{"created_at":{"type":"string"},"credential_id":{"type":"string"},"domain_name":{"type":"string"},"id":{"type":"string"},"last_error":{"type":"string"},"organization_id":{"type":"string"},"status":{"type":"string"},"updated_at":{"type":"string"},"zone_id":{"type":"string"}}},"dto.EnqueueRequest":{"type":"object","properties":{"payload":{"type":"object"},"queue":{"type":"string","example":"default"},"run_at":{"type":"string","example":"2025-11-05T08:00:00Z"},"type":{"type":"string","example":"email.send"}}},"dto.JWK":{"type":"object","properties":{"alg":{"type":"string","example":"RS256"},"e":{"type":"string","example":"AQAB"},"kid":{"type":"string","example":"7c6f1d0a-7a98-4e6a-9dbf-6b1af4b9f345"},"kty":{"type":"string","example":"RSA"},"n":{"type":"string"},"use":{"type":"string","example":"sig"},"x":{"type":"string"}}},"dto.JWKS":{"type":"object","properties":{"keys":{"type":"array","items":{"$ref":"#/definitions/dto.JWK"}}}},"dto.Job":{"type":"object","properties":{"attempts":{"type":"integer","example":0},"created_at":{"type":"string","example":"2025-11-04T09:30:00Z"},"id":{"type":"string","example":"01HF7SZK8Z8WG1M3J7S2Z8M2N6"},"last_error":{"type":"string","example":"error message"},"max_attempts":{"type":"integer","example":3},"payload":{},"queue":{"type":"string","example":"default"},"run_at":{"type":"string","example":"2025-11-04T09:30:00Z"},"status":{"enum":["queued|running|succeeded|failed|canceled|retrying|scheduled"],"allOf":[{"$ref":"#/definitions/dto.JobStatus"}],"example":"queued"},"type":{"type":"string","example":"email.send"},"updated_at":{"type":"string","example":"2025-11-04T09:30:00Z"}}},"dto.JobStatus":{"type":"string","enum":["queued","running","succeeded","failed","canceled","retrying","scheduled"],"x-enum-varnames":["StatusQueued","StatusRunning","StatusSucceeded","StatusFailed","StatusCanceled","StatusRetrying","StatusScheduled"]},"dto.LabelResponse":{"type":"object","properties":{"created_at":{"type":"string"},"id":{"type":"string"},"key":{"type":"string"},"organization_id":{"type":"string"},"updated_at":{"type":"string"},"value":{"type":"string"}}},"dto.LogoutRequest":{"type":"object","properties":{"refresh_token":{"type":"string","example":"m0l9o8rT3t0V8d3eFf..."}}},"dto.NodePoolResponse":{"type":"object","properties":{"annotations":{"type":"array","items":{"$ref":"#/definitions/dto.AnnotationResponse"}},"created_at":{"type":"string"},"id":{"type":"string"},"labels":{"type":"array","items":{"$ref":"#/definitions/dto.LabelResponse"}},"name":{"type":"string"},"organization_id":{"type":"string"},"role":{"type":"string","enum":["master","worker"]},"servers":{"type":"array","items":{"$ref":"#/definitions/dto.ServerResponse"}},"taints":{"type":"array","items":{"$ref":"#/definitions/dto.TaintResponse"}},"updated_at":{"type":"string"}}},"dto.PageJob":{"type":"object","properties":{"items":{"type":"array","items":{"$ref":"#/definitions/dto.Job"}},"page":{"type":"integer","example":1},"page_size":{"type":"integer","example":25},"total":{"type":"integer","example":120}}},"dto.QueueInfo":{"type":"object","properties":{"failed":{"type":"integer","example":5},"name":{"type":"string","example":"default"},"pending":{"type":"integer","example":42},"running":{"type":"integer","example":3},"scheduled":{"type":"integer","example":7}}},"dto.RecordSetResponse":{"type":"object","properties":{"created_at":{"type":"string"},"domain_id":{"type":"string"},"fingerprint":{"type":"string"},"id":{"type":"string"},"last_error":{"type":"string"},"name":{"type":"string"},"owner":{"type":"string"},"status":{"type":"string"},"ttl":{"type":"integer"},"type":{"type":"string"},"updated_at":{"type":"string"},"values":{"description":"[]string JSON","type":"object"}}},"dto.RefreshRequest":{"type":"object","properties":{"refresh_token":{"type":"string","example":"m0l9o8rT3t0V8d3eFf..."}}},"dto.ServerResponse":{"type":"object","properties":{"created_at":{"type":"string"},"hostname":{"type":"string"},"id":{"type":"string"},"organization_id":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"role":{"type":"string","enum":["master","worker","bastion"],"example":"master|worker|bastion"},"ssh_key_id":{"type":"string"},"ssh_user":{"type":"string"},"status":{"type":"string","enum":["pending","provisioning","ready","failed"],"example":"pending|provisioning|ready|failed"},"updated_at":{"type":"string"}}},"dto.SshResponse":{"type":"object","properties":{"created_at":{"type":"string"},"fingerprint":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"organization_id":{"type":"string"},"public_key":{"type":"string"},"updated_at":{"type":"string"}}},"dto.SshRevealResponse":{"type":"object","properties":{"created_at":{"type":"string"},"fingerprint":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"organization_id":{"type":"string"},"private_key":{"type":"string"},"public_key":{"type":"string"},"updated_at":{"type":"string"}}},"dto.TaintResponse":{"type":"object","properties":{"created_at":{"type":"string"},"effect":{"type":"string"},"id":{"type":"string"},"key":{"type":"string"},"organization_id":{"type":"string"},"updated_at":{"type":"string"},"value":{"type":"string"}}},"dto.TokenPair":{"type":"object","properties":{"access_token":{"type":"string","example":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ij..."},"expires_in":{"type":"integer","example":3600},"refresh_token":{"type":"string","example":"m0l9o8rT3t0V8d3eFf...."},"token_type":{"type":"string","example":"Bearer"}}},"dto.UpdateAnnotationRequest":{"type":"object","properties":{"key":{"type":"string"},"value":{"type":"string"}}},"dto.UpdateCredentialRequest":{"type":"object","properties":{"account_id":{"type":"string"},"name":{"type":"string"},"region":{"type":"string"},"scope":{"type":"object"},"scope_kind":{"type":"string"},"scope_version":{"type":"integer"},"secret":{"description":"set if rotating","type":"object"}}},"dto.UpdateDomainRequest":{"type":"object","properties":{"credential_id":{"type":"string"},"domain_name":{"type":"string"},"status":{"type":"string","enum":["pending","provisioning","ready","failed"]},"zone_id":{"type":"string","maxLength":128}}},"dto.UpdateLabelRequest":{"type":"object","properties":{"key":{"type":"string"},"value":{"type":"string"}}},"dto.UpdateNodePoolRequest":{"type":"object","properties":{"name":{"type":"string"},"role":{"type":"string","enum":["master","worker"]}}},"dto.UpdateRecordSetRequest":{"type":"object","properties":{"name":{"description":"Any change flips status back to pending (worker will UPSERT)","type":"string","maxLength":253},"status":{"type":"string","enum":["pending","provisioning","ready","failed"]},"ttl":{"type":"integer","maximum":86400,"minimum":1},"type":{"type":"string"},"values":{"type":"array","items":{"type":"string"}}}},"dto.UpdateServerRequest":{"type":"object","properties":{"hostname":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"role":{"type":"string","enum":["master","worker","bastion"],"example":"master|worker|bastion"},"ssh_key_id":{"type":"string"},"ssh_user":{"type":"string"},"status":{"type":"string","enum":["pending","provisioning","ready","failed"],"example":"pending|provisioning|ready|failed"}}},"dto.UpdateTaintRequest":{"type":"object","properties":{"effect":{"type":"string"},"key":{"type":"string"},"value":{"type":"string"}}},"handlers.HealthStatus":{"type":"object","properties":{"status":{"type":"string","example":"ok"}}},"handlers.VersionResponse":{"type":"object","properties":{"built":{"type":"string","example":"2025-11-08T12:34:56Z"},"builtBy":{"type":"string","example":"ci"},"commit":{"type":"string","example":"a1b2c3d"},"commitTime":{"type":"string","example":"2025-11-08T12:31:00Z"},"go":{"type":"string","example":"go1.23.3"},"goArch":{"type":"string","example":"amd64"},"goOS":{"type":"string","example":"linux"},"modified":{"type":"boolean","example":false},"revision":{"type":"string","example":"a1b2c3d4e5f6abcdef"},"vcs":{"type":"string","example":"git"},"version":{"type":"string","example":"1.4.2"}}},"handlers.createUserKeyRequest":{"type":"object","properties":{"expires_in_hours":{"description":"optional TTL","type":"integer"},"name":{"type":"string"}}},"handlers.meResponse":{"type":"object","properties":{"avatar_url":{"type":"string"},"created_at":{"type":"string","format":"date-time"},"display_name":{"type":"string"},"emails":{"type":"array","items":{"$ref":"#/definitions/models.UserEmail"}},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","type":"string","format":"uuid"},"is_admin":{"type":"boolean"},"is_disabled":{"type":"boolean"},"organizations":{"type":"array","items":{"$ref":"#/definitions/models.Organization"}},"primary_email":{"type":"string"},"updated_at":{"type":"string","format":"date-time"}}},"handlers.memberOut":{"type":"object","properties":{"email":{"type":"string"},"role":{"description":"owner/admin/member","type":"string"},"user_id":{"type":"string","format":"uuid"}}},"handlers.memberUpsertReq":{"type":"object","properties":{"role":{"type":"string","example":"member"},"user_id":{"type":"string","format":"uuid"}}},"handlers.orgCreateReq":{"type":"object","properties":{"domain":{"type":"string","example":"acme.com"},"name":{"type":"string","example":"Acme Corp"}}},"handlers.orgKeyCreateReq":{"type":"object","properties":{"expires_in_hours":{"type":"integer","example":720},"name":{"type":"string","example":"automation-bot"}}},"handlers.orgKeyCreateResp":{"type":"object","properties":{"created_at":{"type":"string"},"expires_at":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"org_key":{"description":"shown once:","type":"string"},"org_secret":{"description":"shown once:","type":"string"},"scope":{"description":"\"org\"","type":"string"}}},"handlers.orgUpdateReq":{"type":"object","properties":{"domain":{"type":"string"},"name":{"type":"string"}}},"handlers.updateMeRequest":{"type":"object","properties":{"display_name":{"type":"string"}}},"handlers.userAPIKeyOut":{"type":"object","properties":{"created_at":{"type":"string"},"expires_at":{"type":"string"},"id":{"type":"string","format":"uuid"},"last_used_at":{"type":"string"},"name":{"type":"string"},"plain":{"description":"Shown only on create:","type":"string"},"scope":{"description":"\"user\"","type":"string"}}},"models.APIKey":{"type":"object","properties":{"created_at":{"type":"string","format":"date-time"},"expires_at":{"type":"string","format":"date-time"},"id":{"type":"string","format":"uuid"},"last_used_at":{"type":"string","format":"date-time"},"name":{"type":"string"},"org_id":{"type":"string","format":"uuid"},"prefix":{"type":"string"},"revoked":{"type":"boolean"},"scope":{"type":"string"},"updated_at":{"type":"string","format":"date-time"},"user_id":{"type":"string","format":"uuid"}}},"models.Organization":{"type":"object","properties":{"created_at":{"type":"string","format":"date-time"},"domain":{"type":"string"},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","type":"string","format":"uuid"},"name":{"type":"string"},"updated_at":{"type":"string","format":"date-time"}}},"models.User":{"type":"object","properties":{"avatar_url":{"type":"string"},"created_at":{"type":"string","format":"date-time"},"display_name":{"type":"string"},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","type":"string","format":"uuid"},"is_admin":{"type":"boolean"},"is_disabled":{"type":"boolean"},"primary_email":{"type":"string"},"updated_at":{"type":"string","format":"date-time"}}},"models.UserEmail":{"type":"object","properties":{"created_at":{"type":"string","format":"date-time"},"email":{"type":"string"},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","type":"string","format":"uuid"},"is_primary":{"type":"boolean"},"is_verified":{"type":"boolean"},"updated_at":{"type":"string","format":"date-time"},"user":{"$ref":"#/definitions/models.User"},"user_id":{"type":"string","format":"uuid"}}},"utils.ErrorResponse":{"type":"object","properties":{"code":{"description":"A machine-readable error code, e.g. \"validation_error\"\nexample: validation_error","type":"string"},"message":{"description":"Human-readable message\nexample: slug is required","type":"string"}}}},"securityDefinitions":{"ApiKeyAuth":{"description":"User API key","type":"apiKey","name":"X-API-KEY","in":"header"},"BearerAuth":{"description":"Bearer token authentication","type":"apiKey","name":"Authorization","in":"header"},"OrgKeyAuth":{"description":"Org-level key/secret authentication","type":"apiKey","name":"X-ORG-KEY","in":"header"},"OrgSecretAuth":{"description":"Org-level secret","type":"apiKey","name":"X-ORG-SECRET","in":"header"}}} \ No newline at end of file +{ + "components": {"schemas":{"dto.AnnotationResponse":{"properties":{"created_at":{"type":"string"},"id":{"type":"string"},"key":{"type":"string"},"organization_id":{"type":"string"},"updated_at":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.AttachAnnotationsRequest":{"properties":{"annotation_ids":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.AttachBastionRequest":{"properties":{"server_id":{"type":"string"}},"type":"object"},"dto.AttachCaptainDomainRequest":{"properties":{"domain_id":{"type":"string"}},"type":"object"},"dto.AttachLabelsRequest":{"properties":{"label_ids":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.AttachLoadBalancerRequest":{"properties":{"load_balancer_id":{"type":"string"}},"type":"object"},"dto.AttachRecordSetRequest":{"properties":{"record_set_id":{"type":"string"}},"type":"object"},"dto.AttachServersRequest":{"properties":{"server_ids":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.AttachTaintsRequest":{"properties":{"taint_ids":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.AuthStartResponse":{"properties":{"auth_url":{"example":"https://accounts.google.com/o/oauth2/v2/auth?client_id=...","type":"string"}},"type":"object"},"dto.ClusterResponse":{"properties":{"apps_load_balancer":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"},"bastion_server":{"$ref":"#/components/schemas/dto.ServerResponse"},"captain_domain":{"$ref":"#/components/schemas/dto.DomainResponse"},"certificate_key":{"type":"string"},"control_plane_record_set":{"$ref":"#/components/schemas/dto.RecordSetResponse"},"created_at":{"type":"string"},"glueops_load_balancer":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"},"id":{"type":"string"},"last_error":{"type":"string"},"name":{"type":"string"},"node_pools":{"items":{"$ref":"#/components/schemas/dto.NodePoolResponse"},"type":"array","uniqueItems":false},"provider":{"type":"string"},"random_token":{"type":"string"},"region":{"type":"string"},"status":{"type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.CreateAnnotationRequest":{"properties":{"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.CreateClusterRequest":{"properties":{"name":{"type":"string"},"provider":{"type":"string"},"region":{"type":"string"}},"type":"object"},"dto.CreateCredentialRequest":{"properties":{"account_id":{"maxLength":32,"type":"string"},"kind":{"description":"aws_access_key, api_token, basic_auth, oauth2","type":"string"},"name":{"description":"human label","maxLength":100,"type":"string"},"provider":{"enum":["aws","cloudflare","hetzner","digitalocean","generic"],"type":"string"},"region":{"maxLength":32,"type":"string"},"schema_version":{"description":"secret schema version","minimum":1,"type":"integer"},"scope":{"description":"{\"service\":\"route53\"} or {\"arn\":\"...\"}","type":"object"},"scope_kind":{"enum":["provider","service","resource"],"type":"string"},"scope_version":{"description":"scope schema version","minimum":1,"type":"integer"},"secret":{"description":"encrypted later","type":"object"}},"required":["kind","provider","schema_version","scope","scope_kind","scope_version","secret"],"type":"object"},"dto.CreateDomainRequest":{"properties":{"credential_id":{"type":"string"},"domain_name":{"type":"string"},"zone_id":{"maxLength":128,"type":"string"}},"required":["credential_id","domain_name"],"type":"object"},"dto.CreateLabelRequest":{"properties":{"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.CreateLoadBalancerRequest":{"properties":{"kind":{"enum":["glueops|public"],"example":"public","type":"string"},"name":{"example":"glueops","type":"string"},"private_ip_address":{"example":"192.168.0.2","type":"string"},"public_ip_address":{"example":"8.8.8.8","type":"string"}},"type":"object"},"dto.CreateNodePoolRequest":{"properties":{"name":{"type":"string"},"role":{"enum":["master","worker"],"type":"string"}},"type":"object"},"dto.CreateRecordSetRequest":{"properties":{"name":{"description":"Name relative to domain (\"endpoint\") OR FQDN (\"endpoint.example.com\").\nServer normalizes to relative.","maxLength":253,"type":"string"},"ttl":{"maximum":86400,"minimum":1,"type":"integer"},"type":{"type":"string"},"values":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"required":["name","type"],"type":"object"},"dto.CreateSSHRequest":{"properties":{"bits":{"description":"Only for RSA","type":"integer"},"comment":{"example":"deploy@autoglue","type":"string"},"name":{"type":"string"},"type":{"description":"\"rsa\" (default) or \"ed25519\"","type":"string"}},"type":"object"},"dto.CreateServerRequest":{"properties":{"hostname":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"role":{"enum":["master","worker","bastion"],"example":"master|worker|bastion","type":"string"},"ssh_key_id":{"type":"string"},"ssh_user":{"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"example":"pending|provisioning|ready|failed","type":"string"}},"type":"object"},"dto.CreateTaintRequest":{"properties":{"effect":{"type":"string"},"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.CredentialOut":{"properties":{"account_id":{"type":"string"},"created_at":{"type":"string"},"id":{"type":"string"},"kind":{"type":"string"},"name":{"type":"string"},"provider":{"type":"string"},"region":{"type":"string"},"schema_version":{"type":"integer"},"scope":{"type":"object"},"scope_kind":{"type":"string"},"scope_version":{"type":"integer"},"updated_at":{"type":"string"}},"type":"object"},"dto.DomainResponse":{"properties":{"created_at":{"type":"string"},"credential_id":{"type":"string"},"domain_name":{"type":"string"},"id":{"type":"string"},"last_error":{"type":"string"},"organization_id":{"type":"string"},"status":{"type":"string"},"updated_at":{"type":"string"},"zone_id":{"type":"string"}},"type":"object"},"dto.EnqueueRequest":{"properties":{"payload":{"type":"object"},"queue":{"example":"default","type":"string"},"run_at":{"example":"2025-11-05T08:00:00Z","type":"string"},"type":{"example":"email.send","type":"string"}},"type":"object"},"dto.JWK":{"properties":{"alg":{"example":"RS256","type":"string"},"e":{"example":"AQAB","type":"string"},"kid":{"example":"7c6f1d0a-7a98-4e6a-9dbf-6b1af4b9f345","type":"string"},"kty":{"example":"RSA","type":"string"},"n":{"type":"string"},"use":{"example":"sig","type":"string"},"x":{"type":"string"}},"type":"object"},"dto.JWKS":{"properties":{"keys":{"items":{"$ref":"#/components/schemas/dto.JWK"},"type":"array","uniqueItems":false}},"type":"object"},"dto.Job":{"properties":{"attempts":{"example":0,"type":"integer"},"created_at":{"example":"2025-11-04T09:30:00Z","type":"string"},"id":{"example":"01HF7SZK8Z8WG1M3J7S2Z8M2N6","type":"string"},"last_error":{"example":"error message","type":"string"},"max_attempts":{"example":3,"type":"integer"},"payload":{},"queue":{"example":"default","type":"string"},"run_at":{"example":"2025-11-04T09:30:00Z","type":"string"},"status":{"$ref":"#/components/schemas/dto.JobStatus"},"type":{"example":"email.send","type":"string"},"updated_at":{"example":"2025-11-04T09:30:00Z","type":"string"}},"type":"object"},"dto.JobStatus":{"enum":["queued|running|succeeded|failed|canceled|retrying|scheduled"],"example":"queued","type":"string","x-enum-varnames":["StatusQueued","StatusRunning","StatusSucceeded","StatusFailed","StatusCanceled","StatusRetrying","StatusScheduled"]},"dto.LabelResponse":{"properties":{"created_at":{"type":"string"},"id":{"type":"string"},"key":{"type":"string"},"organization_id":{"type":"string"},"updated_at":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.LoadBalancerResponse":{"properties":{"created_at":{"type":"string"},"id":{"type":"string"},"kind":{"enum":["glueops|public"],"type":"string"},"name":{"type":"string"},"organization_id":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.LogoutRequest":{"properties":{"refresh_token":{"example":"m0l9o8rT3t0V8d3eFf...","type":"string"}},"type":"object"},"dto.NodePoolResponse":{"properties":{"annotations":{"items":{"$ref":"#/components/schemas/dto.AnnotationResponse"},"type":"array","uniqueItems":false},"created_at":{"type":"string"},"id":{"type":"string"},"labels":{"items":{"$ref":"#/components/schemas/dto.LabelResponse"},"type":"array","uniqueItems":false},"name":{"type":"string"},"organization_id":{"type":"string"},"role":{"enum":["master","worker"],"type":"string"},"servers":{"items":{"$ref":"#/components/schemas/dto.ServerResponse"},"type":"array","uniqueItems":false},"taints":{"items":{"$ref":"#/components/schemas/dto.TaintResponse"},"type":"array","uniqueItems":false},"updated_at":{"type":"string"}},"type":"object"},"dto.PageJob":{"properties":{"items":{"items":{"$ref":"#/components/schemas/dto.Job"},"type":"array","uniqueItems":false},"page":{"example":1,"type":"integer"},"page_size":{"example":25,"type":"integer"},"total":{"example":120,"type":"integer"}},"type":"object"},"dto.QueueInfo":{"properties":{"failed":{"example":5,"type":"integer"},"name":{"example":"default","type":"string"},"pending":{"example":42,"type":"integer"},"running":{"example":3,"type":"integer"},"scheduled":{"example":7,"type":"integer"}},"type":"object"},"dto.RecordSetResponse":{"properties":{"created_at":{"type":"string"},"domain_id":{"type":"string"},"fingerprint":{"type":"string"},"id":{"type":"string"},"last_error":{"type":"string"},"name":{"type":"string"},"owner":{"type":"string"},"status":{"type":"string"},"ttl":{"type":"integer"},"type":{"type":"string"},"updated_at":{"type":"string"},"values":{"description":"[]string JSON","type":"object"}},"type":"object"},"dto.RefreshRequest":{"properties":{"refresh_token":{"example":"m0l9o8rT3t0V8d3eFf...","type":"string"}},"type":"object"},"dto.ServerResponse":{"properties":{"created_at":{"type":"string"},"hostname":{"type":"string"},"id":{"type":"string"},"organization_id":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"role":{"enum":["master","worker","bastion"],"example":"master|worker|bastion","type":"string"},"ssh_key_id":{"type":"string"},"ssh_user":{"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"example":"pending|provisioning|ready|failed","type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.SetKubeconfigRequest":{"properties":{"kubeconfig":{"type":"string"}},"type":"object"},"dto.SshResponse":{"properties":{"created_at":{"type":"string"},"fingerprint":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"organization_id":{"type":"string"},"public_key":{"type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.SshRevealResponse":{"properties":{"created_at":{"type":"string"},"fingerprint":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"organization_id":{"type":"string"},"private_key":{"type":"string"},"public_key":{"type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.TaintResponse":{"properties":{"created_at":{"type":"string"},"effect":{"type":"string"},"id":{"type":"string"},"key":{"type":"string"},"organization_id":{"type":"string"},"updated_at":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.TokenPair":{"properties":{"access_token":{"example":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ij...","type":"string"},"expires_in":{"example":3600,"type":"integer"},"refresh_token":{"example":"m0l9o8rT3t0V8d3eFf....","type":"string"},"token_type":{"example":"Bearer","type":"string"}},"type":"object"},"dto.UpdateAnnotationRequest":{"properties":{"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.UpdateClusterRequest":{"properties":{"name":{"type":"string"},"provider":{"type":"string"},"region":{"type":"string"}},"type":"object"},"dto.UpdateCredentialRequest":{"properties":{"account_id":{"type":"string"},"name":{"type":"string"},"region":{"type":"string"},"scope":{"type":"object"},"scope_kind":{"type":"string"},"scope_version":{"type":"integer"},"secret":{"description":"set if rotating","type":"object"}},"type":"object"},"dto.UpdateDomainRequest":{"properties":{"credential_id":{"type":"string"},"domain_name":{"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"type":"string"},"zone_id":{"maxLength":128,"type":"string"}},"type":"object"},"dto.UpdateLabelRequest":{"properties":{"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.UpdateLoadBalancerRequest":{"properties":{"kind":{"enum":["glueops|public"],"example":"public","type":"string"},"name":{"example":"glue","type":"string"},"private_ip_address":{"example":"192.168.0.2","type":"string"},"public_ip_address":{"example":"8.8.8.8","type":"string"}},"type":"object"},"dto.UpdateNodePoolRequest":{"properties":{"name":{"type":"string"},"role":{"enum":["master","worker"],"type":"string"}},"type":"object"},"dto.UpdateRecordSetRequest":{"properties":{"name":{"description":"Any change flips status back to pending (worker will UPSERT)","maxLength":253,"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"type":"string"},"ttl":{"maximum":86400,"minimum":1,"type":"integer"},"type":{"type":"string"},"values":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.UpdateServerRequest":{"properties":{"hostname":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"role":{"enum":["master","worker","bastion"],"example":"master|worker|bastion","type":"string"},"ssh_key_id":{"type":"string"},"ssh_user":{"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"example":"pending|provisioning|ready|failed","type":"string"}},"type":"object"},"dto.UpdateTaintRequest":{"properties":{"effect":{"type":"string"},"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"handlers.HealthStatus":{"properties":{"status":{"example":"ok","type":"string"}},"type":"object"},"handlers.VersionResponse":{"properties":{"built":{"example":"2025-11-08T12:34:56Z","type":"string"},"builtBy":{"example":"ci","type":"string"},"commit":{"example":"a1b2c3d","type":"string"},"commitTime":{"example":"2025-11-08T12:31:00Z","type":"string"},"go":{"example":"go1.23.3","type":"string"},"goArch":{"example":"amd64","type":"string"},"goOS":{"example":"linux","type":"string"},"modified":{"example":false,"type":"boolean"},"revision":{"example":"a1b2c3d4e5f6abcdef","type":"string"},"vcs":{"example":"git","type":"string"},"version":{"example":"1.4.2","type":"string"}},"type":"object"},"handlers.createUserKeyRequest":{"properties":{"expires_in_hours":{"description":"optional TTL","type":"integer"},"name":{"type":"string"}},"type":"object"},"handlers.meResponse":{"properties":{"avatar_url":{"type":"string"},"created_at":{"format":"date-time","type":"string"},"display_name":{"type":"string"},"emails":{"items":{"$ref":"#/components/schemas/models.UserEmail"},"type":"array","uniqueItems":false},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","format":"uuid","type":"string"},"is_admin":{"type":"boolean"},"is_disabled":{"type":"boolean"},"organizations":{"items":{"$ref":"#/components/schemas/models.Organization"},"type":"array","uniqueItems":false},"primary_email":{"type":"string"},"updated_at":{"format":"date-time","type":"string"}},"type":"object"},"handlers.memberOut":{"properties":{"email":{"type":"string"},"role":{"description":"owner/admin/member","type":"string"},"user_id":{"format":"uuid","type":"string"}},"type":"object"},"handlers.memberUpsertReq":{"properties":{"role":{"example":"member","type":"string"},"user_id":{"format":"uuid","type":"string"}},"type":"object"},"handlers.orgCreateReq":{"properties":{"domain":{"example":"acme.com","type":"string"},"name":{"example":"Acme Corp","type":"string"}},"type":"object"},"handlers.orgKeyCreateReq":{"properties":{"expires_in_hours":{"example":720,"type":"integer"},"name":{"example":"automation-bot","type":"string"}},"type":"object"},"handlers.orgKeyCreateResp":{"properties":{"created_at":{"type":"string"},"expires_at":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"org_key":{"description":"shown once:","type":"string"},"org_secret":{"description":"shown once:","type":"string"},"scope":{"description":"\"org\"","type":"string"}},"type":"object"},"handlers.orgUpdateReq":{"properties":{"domain":{"type":"string"},"name":{"type":"string"}},"type":"object"},"handlers.updateMeRequest":{"properties":{"display_name":{"type":"string"}},"type":"object"},"handlers.userAPIKeyOut":{"properties":{"created_at":{"type":"string"},"expires_at":{"type":"string"},"id":{"format":"uuid","type":"string"},"last_used_at":{"type":"string"},"name":{"type":"string"},"plain":{"description":"Shown only on create:","type":"string"},"scope":{"description":"\"user\"","type":"string"}},"type":"object"},"models.APIKey":{"properties":{"created_at":{"format":"date-time","type":"string"},"expires_at":{"format":"date-time","type":"string"},"id":{"format":"uuid","type":"string"},"last_used_at":{"format":"date-time","type":"string"},"name":{"type":"string"},"org_id":{"format":"uuid","type":"string"},"prefix":{"type":"string"},"revoked":{"type":"boolean"},"scope":{"type":"string"},"updated_at":{"format":"date-time","type":"string"},"user_id":{"format":"uuid","type":"string"}},"type":"object"},"models.Organization":{"properties":{"created_at":{"format":"date-time","type":"string"},"domain":{"type":"string"},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","format":"uuid","type":"string"},"name":{"type":"string"},"updated_at":{"format":"date-time","type":"string"}},"type":"object"},"models.User":{"properties":{"avatar_url":{"type":"string"},"created_at":{"format":"date-time","type":"string"},"display_name":{"type":"string"},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","format":"uuid","type":"string"},"is_admin":{"type":"boolean"},"is_disabled":{"type":"boolean"},"primary_email":{"type":"string"},"updated_at":{"format":"date-time","type":"string"}},"type":"object"},"models.UserEmail":{"properties":{"created_at":{"format":"date-time","type":"string"},"email":{"type":"string"},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","format":"uuid","type":"string"},"is_primary":{"type":"boolean"},"is_verified":{"type":"boolean"},"updated_at":{"format":"date-time","type":"string"},"user":{"$ref":"#/components/schemas/models.User"},"user_id":{"format":"uuid","type":"string"}},"type":"object"},"utils.ErrorResponse":{"properties":{"code":{"description":"A machine-readable error code, e.g. \"validation_error\"\nexample: validation_error","type":"string"},"message":{"description":"Human-readable message\nexample: slug is required","type":"string"}},"type":"object"}},"securitySchemes":{"":{"description":"Org-level secret","in":"header","name":"X-ORG-SECRET","type":"apiKey"}}}, + "info": {"contact":{"name":"GlueOps"},"description":"API for managing K3s clusters across cloud providers","title":"AutoGlue API","version":"1.0"}, + "externalDocs": {"description":"","url":""}, + "paths": {"/.well-known/jwks.json":{"get":{"description":"Returns the JSON Web Key Set for token verification","operationId":"getJWKS","responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.JWKS"}}},"description":"OK"}},"summary":"Get JWKS","tags":["Auth"]}},"/admin/archer/jobs":{"get":{"description":"Paginated background jobs with optional filters. Search `q` may match id, type, error, payload (implementation-dependent).","operationId":"AdminListArcherJobs","parameters":[{"description":"Filter by status","in":"query","name":"status","schema":{"enum":["queued","running","succeeded","failed","canceled","retrying","scheduled"],"type":"string"}},{"description":"Filter by queue name / worker name","in":"query","name":"queue","schema":{"type":"string"}},{"description":"Free-text search","in":"query","name":"q","schema":{"type":"string"}},{"description":"Page number","in":"query","name":"page","schema":{"default":1,"type":"integer"}},{"description":"Items per page","in":"query","name":"page_size","schema":{"default":25,"maximum":100,"minimum":1,"type":"integer"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.PageJob"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal error"}},"security":[{"BearerAuth":[]}],"summary":"List Archer jobs (admin)","tags":["ArcherAdmin"]},"post":{"description":"Create a job immediately or schedule it for the future via `run_at`.","operationId":"AdminEnqueueArcherJob","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.EnqueueRequest"}}},"description":"Job parameters","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.Job"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json or missing fields"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal error"}},"security":[{"BearerAuth":[]}],"summary":"Enqueue a new Archer job (admin)","tags":["ArcherAdmin"]}},"/admin/archer/jobs/{id}/cancel":{"post":{"description":"Set job status to canceled if cancellable. For running jobs, this only affects future picks; wire to Archer if you need active kill.","operationId":"AdminCancelArcherJob","parameters":[{"description":"Job ID","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.Job"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid job or not cancellable"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]}],"summary":"Cancel an Archer job (admin)","tags":["ArcherAdmin"]}},"/admin/archer/jobs/{id}/retry":{"post":{"description":"Marks the job retriable (DB flip). Swap this for an Archer admin call if you expose one.","operationId":"AdminRetryArcherJob","parameters":[{"description":"Job ID","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.Job"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid job or not eligible"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]}],"summary":"Retry a failed/canceled Archer job (admin)","tags":["ArcherAdmin"]}},"/admin/archer/queues":{"get":{"description":"Summary metrics per queue (pending, running, failed, scheduled).","operationId":"AdminListArcherQueues","responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.QueueInfo"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal error"}},"security":[{"BearerAuth":[]}],"summary":"List Archer queues (admin)","tags":["ArcherAdmin"]}},"/annotations":{"get":{"description":"Returns annotations for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node pools.","operationId":"ListAnnotations","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Exact key","in":"query","name":"key","schema":{"type":"string"}},{"description":"Exact value","in":"query","name":"value","schema":{"type":"string"}},{"description":"key contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.AnnotationResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list annotations"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List annotations (org scoped)","tags":["Annotations"]},"post":{"description":"Creates an annotation.","operationId":"CreateAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateAnnotationRequest"}}},"description":"Annotation payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AnnotationResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create annotation (org scoped)","tags":["Annotations"]}},"/annotations/{id}":{"delete":{"description":"Permanently deletes the annotation.","operationId":"DeleteAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Annotation ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete annotation (org scoped)","tags":["Annotations"]},"get":{"description":"Returns one annotation. Add `include=node_pools` to include node pools.","operationId":"GetAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Annotation ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AnnotationResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get annotation by ID (org scoped)","tags":["Annotations"]},"patch":{"description":"Partially update annotation fields.","operationId":"UpdateAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Annotation ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateAnnotationRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AnnotationResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update annotation (org scoped)","tags":["Annotations"]}},"/auth/logout":{"post":{"operationId":"Logout","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LogoutRequest"}}},"description":"Refresh token","required":true},"responses":{"204":{"description":"No Content"}},"summary":"Revoke refresh token family (logout everywhere)","tags":["Auth"]}},"/auth/refresh":{"post":{"operationId":"Refresh","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.RefreshRequest"}}},"description":"Refresh token","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TokenPair"}}},"description":"OK"}},"summary":"Rotate refresh token","tags":["Auth"]}},"/auth/{provider}/callback":{"get":{"operationId":"AuthCallback","parameters":[{"description":"google|github","in":"path","name":"provider","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TokenPair"}}},"description":"OK"}},"summary":"Handle social login callback","tags":["Auth"]}},"/auth/{provider}/start":{"post":{"description":"Returns provider authorization URL for the frontend to redirect","operationId":"AuthStart","parameters":[{"description":"google|github","in":"path","name":"provider","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AuthStartResponse"}}},"description":"OK"}},"summary":"Begin social login","tags":["Auth"]}},"/clusters":{"get":{"description":"Returns clusters for the organization in X-Org-ID. Filter by `q` (name contains).","operationId":"ListClusters","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Name contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.ClusterResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list clusters"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List clusters (org scoped)","tags":["Clusters"]},"post":{"description":"Creates a cluster. Status is managed by the system and starts as `pre_pending` for validation.","operationId":"CreateCluster","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateClusterRequest"}}},"description":"payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create cluster (org scoped)","tags":["Clusters"]}},"/clusters/{clusterID}":{"delete":{"description":"Deletes the cluster. Related resources are cleaned up via DB constraints (e.g. CASCADE).","operationId":"DeleteCluster","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"deleted"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete a cluster (org scoped)","tags":["Clusters"]},"get":{"description":"Returns a cluster with all related resources (domain, record set, load balancers, bastion, node pools).","operationId":"GetCluster","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get a single cluster by ID (org scoped)","tags":["Clusters"]},"patch":{"description":"Updates the cluster name, provider, and/or region. Status is managed by the system.","operationId":"UpdateCluster","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateClusterRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update basic cluster details (org scoped)","tags":["Clusters"]}},"/clusters/{clusterID}/apps-load-balancer":{"delete":{"description":"Clears apps_load_balancer_id on the cluster.","operationId":"DetachAppsLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the apps load balancer from a cluster","tags":["Clusters"]},"post":{"description":"Sets apps_load_balancer_id on the cluster.","operationId":"AttachAppsLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachLoadBalancerRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or load balancer not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach an apps load balancer to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/bastion":{"delete":{"description":"Clears bastion_server_id on the cluster.","operationId":"DetachBastionServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the bastion server from a cluster","tags":["Clusters"]},"post":{"description":"Sets bastion_server_id on the cluster.","operationId":"AttachBastionServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachBastionRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or server not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a bastion server to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/captain-domain":{"delete":{"description":"Clears captain_domain_id on the cluster. This will likely cause the cluster to become incomplete.","operationId":"DetachCaptainDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the captain domain from a cluster","tags":["Clusters"]},"post":{"description":"Sets captain_domain_id on the cluster. Validation of shape happens asynchronously.","operationId":"AttachCaptainDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachCaptainDomainRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or domain not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a captain domain to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/control-plane-record-set":{"delete":{"description":"Clears control_plane_record_set_id on the cluster.","operationId":"DetachControlPlaneRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the control plane record set from a cluster","tags":["Clusters"]},"post":{"description":"Sets control_plane_record_set_id on the cluster.","operationId":"AttachControlPlaneRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachRecordSetRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or record set not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a control plane record set to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/glueops-load-balancer":{"delete":{"description":"Clears glueops_load_balancer_id on the cluster.","operationId":"DetachGlueOpsLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the GlueOps/control-plane load balancer from a cluster","tags":["Clusters"]},"post":{"description":"Sets glueops_load_balancer_id on the cluster.","operationId":"AttachGlueOpsLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachLoadBalancerRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or load balancer not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a GlueOps/control-plane load balancer to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/kubeconfig":{"delete":{"description":"Removes the encrypted kubeconfig, IV, and tag from the cluster record.","operationId":"ClearClusterKubeconfig","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Clear the kubeconfig for a cluster","tags":["Clusters"]},"post":{"description":"Stores the kubeconfig encrypted per organization. The kubeconfig is never returned in responses.","operationId":"SetClusterKubeconfig","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.SetKubeconfigRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Set (or replace) the kubeconfig for a cluster","tags":["Clusters"]}},"/credentials":{"get":{"description":"Returns credential metadata for the current org. Secrets are never returned.","operationId":"ListCredentials","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Filter by provider (e.g., aws)","in":"query","name":"provider","schema":{"type":"string"}},{"description":"Filter by kind (e.g., aws_access_key)","in":"query","name":"kind","schema":{"type":"string"}},{"description":"Filter by scope kind (provider/service/resource)","in":"query","name":"scope_kind","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.CredentialOut"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal server error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List credentials (metadata only)","tags":["Credentials"]},"post":{"operationId":"CreateCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateCredentialRequest"}}},"description":"Credential payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CredentialOut"}}},"description":"Created"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal server error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create a credential (encrypts secret)","tags":["Credentials"]}},"/credentials/{id}":{"delete":{"operationId":"DeleteCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Credential ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete credential","tags":["Credentials"]},"get":{"operationId":"GetCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Credential ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CredentialOut"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal server error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get credential by ID (metadata only)","tags":["Credentials"]},"patch":{"operationId":"UpdateCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Credential ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateCredentialRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CredentialOut"}}},"description":"OK"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"X-Org-ID required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update credential metadata and/or rotate secret","tags":["Credentials"]}},"/credentials/{id}/reveal":{"post":{"operationId":"RevealCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Credential ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"additionalProperties":{},"type":"object"}}},"description":"OK"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Reveal decrypted secret (one-time read)","tags":["Credentials"]}},"/dns/domains":{"get":{"description":"Returns domains for X-Org-ID. Filters: `domain_name`, `status`, `q` (contains).","operationId":"ListDomains","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Exact domain name (lowercase, no trailing dot)","in":"query","name":"domain_name","schema":{"type":"string"}},{"description":"pending|provisioning|ready|failed","in":"query","name":"status","schema":{"type":"string"}},{"description":"Domain contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.DomainResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List domains (org scoped)","tags":["DNS"]},"post":{"description":"Creates a domain bound to a Route 53 scoped credential. Archer will backfill ZoneID if omitted.","operationId":"CreateDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateDomainRequest"}}},"description":"Domain payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.DomainResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create a domain (org scoped)","tags":["DNS"]}},"/dns/domains/{domain_id}/records":{"get":{"description":"Filters: `name`, `type`, `status`.","operationId":"ListRecordSets","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"domain_id","required":true,"schema":{"type":"string"}},{"description":"Exact relative name or FQDN (server normalizes)","in":"query","name":"name","schema":{"type":"string"}},{"description":"RR type (A, AAAA, CNAME, TXT, MX, NS, SRV, CAA)","in":"query","name":"type","schema":{"type":"string"}},{"description":"pending|provisioning|ready|failed","in":"query","name":"status","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.RecordSetResponse"},"type":"array"}}},"description":"OK"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"domain not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List record sets for a domain","tags":["DNS"]},"post":{"operationId":"CreateRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"domain_id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateRecordSetRequest"}}},"description":"Record set payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.RecordSetResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"domain not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create a record set (pending; Archer will UPSERT to Route 53)","tags":["DNS"]}},"/dns/domains/{id}":{"delete":{"operationId":"DeleteDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete a domain","tags":["DNS"]},"get":{"operationId":"GetDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.DomainResponse"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get a domain (org scoped)","tags":["DNS"]},"patch":{"operationId":"UpdateDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateDomainRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.DomainResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update a domain (org scoped)","tags":["DNS"]}},"/dns/records/{id}":{"delete":{"operationId":"DeleteRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Record Set ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete a record set (API removes row; worker can optionally handle external deletion policy)","tags":["DNS"]},"patch":{"operationId":"UpdateRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Record Set ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateRecordSetRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.RecordSetResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update a record set (flips to pending for reconciliation)","tags":["DNS"]}},"/healthz":{"get":{"description":"Returns 200 OK when the service is up","operationId":"HealthCheck // operationId","responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.HealthStatus"}}},"description":"OK"}},"summary":"Basic health check","tags":["Health"]}},"/labels":{"get":{"description":"Returns node labels for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node groups.","operationId":"ListLabels","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Exact key","in":"query","name":"key","schema":{"type":"string"}},{"description":"Exact value","in":"query","name":"value","schema":{"type":"string"}},{"description":"Key contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.LabelResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list node taints"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List node labels (org scoped)","tags":["Labels"]},"post":{"description":"Creates a label.","operationId":"CreateLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateLabelRequest"}}},"description":"Label payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LabelResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields / invalid node_pool_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create label (org scoped)","tags":["Labels"]}},"/labels/{id}":{"delete":{"description":"Permanently deletes the label.","operationId":"DeleteLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Label ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete label (org scoped)","tags":["Labels"]},"get":{"description":"Returns one label.","operationId":"GetLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Label ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LabelResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get label by ID (org scoped)","tags":["Labels"]},"patch":{"description":"Partially update label fields.","operationId":"UpdateLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Label ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateLabelRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LabelResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update label (org scoped)","tags":["Labels"]}},"/load-balancers":{"get":{"description":"Returns load balancers for the organization in X-Org-ID.","operationId":"ListLoadBalancers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list clusters"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List load balancers (org scoped)","tags":["LoadBalancers"]},"post":{"operationId":"CreateLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateLoadBalancerRequest"}}},"description":"Record set payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"domain not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create a load balancer","tags":["LoadBalancers"]}},"/load-balancers/{id}":{"delete":{"operationId":"DeleteLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Load Balancer ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete a load balancer","tags":["LoadBalancers"]},"get":{"description":"Returns load balancer for the organization in X-Org-ID.","operationId":"GetLoadBalancers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"LoadBalancer ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list clusters"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get a load balancer (org scoped)","tags":["LoadBalancers"]},"patch":{"operationId":"UpdateLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Load Balancer ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateLoadBalancerRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update a load balancer (org scoped)","tags":["LoadBalancers"]}},"/me":{"get":{"operationId":"GetMe","responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.meResponse"}}},"description":"OK"}},"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"summary":"Get current user profile","tags":["Me"]},"patch":{"operationId":"UpdateMe","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.updateMeRequest"}}},"description":"Patch profile","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/models.User"}}},"description":"OK"}},"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"summary":"Update current user profile","tags":["Me"]}},"/me/api-keys":{"get":{"operationId":"ListUserAPIKeys","responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/handlers.userAPIKeyOut"},"type":"array"}}},"description":"OK"}},"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"summary":"List my API keys","tags":["MeAPIKeys"]},"post":{"description":"Returns the plaintext key once. Store it securely on the client side.","operationId":"CreateUserAPIKey","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.createUserKeyRequest"}}},"description":"Key options","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.userAPIKeyOut"}}},"description":"Created"}},"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"summary":"Create a new user API key","tags":["MeAPIKeys"]}},"/me/api-keys/{id}":{"delete":{"operationId":"DeleteUserAPIKey","parameters":[{"description":"Key ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"}},"security":[{"BearerAuth":[]}],"summary":"Delete a user API key","tags":["MeAPIKeys"]}},"/node-pools":{"get":{"description":"Returns node pools for the organization in X-Org-ID.","operationId":"ListNodePools","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Name contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.NodePoolResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list node pools"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List node pools (org scoped)","tags":["NodePools"]},"post":{"description":"Creates a node pool. Optionally attach initial servers.","operationId":"CreateNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateNodePoolRequest"}}},"description":"NodePool payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.NodePoolResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields / invalid server_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}":{"delete":{"description":"Permanently deletes the node pool.","operationId":"DeleteNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete node pool (org scoped)","tags":["NodePools"]},"get":{"description":"Returns one node pool. Add `include=servers` to include servers.","operationId":"GetNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.NodePoolResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get node pool by ID (org scoped)","tags":["NodePools"]},"patch":{"description":"Partially update node pool fields.","operationId":"UpdateNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateNodePoolRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.NodePoolResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/annotations":{"get":{"operationId":"ListNodePoolAnnotations","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.AnnotationResponse"},"type":"array"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List annotations attached to a node pool (org scoped)","tags":["NodePools"]},"post":{"operationId":"AttachNodePoolAnnotations","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Group ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachAnnotationsRequest"}}},"description":"Annotation IDs to attach","required":true},"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid server_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"attach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach annotation to a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/annotations/{annotationId}":{"delete":{"operationId":"DetachNodePoolAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Annotation ID (UUID)","in":"path","name":"annotationId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"detach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach one annotation from a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/labels":{"get":{"operationId":"ListNodePoolLabels","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Label Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.LabelResponse"},"type":"array"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List labels attached to a node pool (org scoped)","tags":["NodePools"]},"post":{"operationId":"AttachNodePoolLabels","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachLabelsRequest"}}},"description":"Label IDs to attach","required":true},"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid server_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"attach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach labels to a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/labels/{labelId}":{"delete":{"operationId":"DetachNodePoolLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Label ID (UUID)","in":"path","name":"labelId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"detach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach one label from a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/servers":{"get":{"operationId":"ListNodePoolServers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.ServerResponse"},"type":"array"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List servers attached to a node pool (org scoped)","tags":["NodePools"]},"post":{"operationId":"AttachNodePoolServers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachServersRequest"}}},"description":"Server IDs to attach","required":true},"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid server_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"attach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach servers to a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/servers/{serverId}":{"delete":{"operationId":"DetachNodePoolServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"serverId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"detach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach one server from a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/taints":{"get":{"operationId":"ListNodePoolTaints","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.TaintResponse"},"type":"array"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List taints attached to a node pool (org scoped)","tags":["NodePools"]},"post":{"operationId":"AttachNodePoolTaints","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachTaintsRequest"}}},"description":"Taint IDs to attach","required":true},"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid taint_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"attach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach taints to a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/taints/{taintId}":{"delete":{"operationId":"DetachNodePoolTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Taint ID (UUID)","in":"path","name":"taintId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"detach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach one taint from a node pool (org scoped)","tags":["NodePools"]}},"/orgs":{"get":{"operationId":"listMyOrgs","responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/models.Organization"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"List organizations I belong to","tags":["Orgs"]},"post":{"operationId":"createOrg","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.orgCreateReq"}}},"description":"Org payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/models.Organization"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Bad Request"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"},"409":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Conflict"}},"security":[{"BearerAuth":[]}],"summary":"Create organization","tags":["Orgs"]}},"/orgs/{id}":{"delete":{"operationId":"deleteOrg","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"Deleted"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Not Found"}},"security":[{"BearerAuth":[]}],"summary":"Delete organization (owner)","tags":["Orgs"]},"get":{"operationId":"getOrg","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/models.Organization"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Not Found"}},"security":[{"BearerAuth":[]}],"summary":"Get organization","tags":["Orgs"]},"patch":{"operationId":"updateOrg","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.orgUpdateReq"}}},"description":"Update payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/models.Organization"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Not Found"}},"security":[{"BearerAuth":[]}],"summary":"Update organization (owner/admin)","tags":["Orgs"]}},"/orgs/{id}/api-keys":{"get":{"operationId":"listOrgKeys","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/models.APIKey"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"List org-scoped API keys (no secrets)","tags":["Orgs"]},"post":{"operationId":"createOrgKey","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.orgKeyCreateReq"}}},"description":"Key name + optional expiry","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.orgKeyCreateResp"}}},"description":"Created"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"Create org key/secret pair (owner/admin)","tags":["Orgs"]}},"/orgs/{id}/api-keys/{key_id}":{"delete":{"operationId":"deleteOrgKey","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Key ID (UUID)","in":"path","name":"key_id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"Deleted"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"Delete org key (owner/admin)","tags":["Orgs"]}},"/orgs/{id}/members":{"get":{"operationId":"listMembers","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/handlers.memberOut"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"List members in org","tags":["Orgs"]},"post":{"operationId":"addOrUpdateMember","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.memberUpsertReq"}}},"description":"User \u0026 role","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.memberOut"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"Add or update a member (owner/admin)","tags":["Orgs"]}},"/orgs/{id}/members/{user_id}":{"delete":{"operationId":"removeMember","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"User ID (UUID)","in":"path","name":"user_id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"Removed"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"Remove a member (owner/admin)","tags":["Orgs"]}},"/servers":{"get":{"description":"Returns servers for the organization in X-Org-ID. Optional filters: status, role.","operationId":"ListServers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Filter by status (pending|provisioning|ready|failed)","in":"query","name":"status","schema":{"type":"string"}},{"description":"Filter by role","in":"query","name":"role","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.ServerResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list servers"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List servers (org scoped)","tags":["Servers"]},"post":{"description":"Creates a server bound to the org in X-Org-ID. Validates that ssh_key_id belongs to the org.","operationId":"CreateServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateServerRequest"}}},"description":"Server payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ServerResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields / invalid status / invalid ssh_key_id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create server (org scoped)","tags":["Servers"]}},"/servers/{id}":{"delete":{"description":"Permanently deletes the server.","operationId":"DeleteServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete server (org scoped)","tags":["Servers"]},"get":{"description":"Returns one server in the given organization.","operationId":"GetServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ServerResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get server by ID (org scoped)","tags":["Servers"]},"patch":{"description":"Partially update fields; changing ssh_key_id validates ownership.","operationId":"UpdateServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateServerRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ServerResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json / invalid status / invalid ssh_key_id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update server (org scoped)","tags":["Servers"]}},"/servers/{id}/reset-hostkey":{"post":{"description":"Clears the stored SSH host key for this server. The next SSH connection will re-learn the host key (trust-on-first-use).","operationId":"ResetServerHostKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ServerResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"reset failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Reset SSH host key (org scoped)","tags":["Servers"]}},"/ssh":{"get":{"description":"Returns ssh keys for the organization in X-Org-ID.","operationId":"ListPublicSshKeys","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.SshResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list keys"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List ssh keys (org scoped)","tags":["Ssh"]},"post":{"description":"Generates an RSA or ED25519 keypair, saves it, and returns metadata. For RSA you may set bits (2048/3072/4096). Default is 4096. ED25519 ignores bits.","operationId":"CreateSSHKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateSSHRequest"}}},"description":"Key generation options","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.SshResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / invalid bits"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"generation/create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create ssh keypair (org scoped)","tags":["Ssh"]}},"/ssh/{id}":{"delete":{"description":"Permanently deletes a keypair.","operationId":"DeleteSSHKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"SSH Key ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete ssh keypair (org scoped)","tags":["Ssh"]},"get":{"description":"Returns public key fields. Append `?reveal=true` to include the private key PEM.","operationId":"GetSSHKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"SSH Key ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Reveal private key PEM","in":"query","name":"reveal","schema":{"type":"boolean"}}],"responses":{"200":{"content":{"application/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/dto.SshResponse"},{"$ref":"#/components/schemas/dto.SshRevealResponse"}]}}},"description":"When reveal=true"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get ssh key by ID (org scoped)","tags":["Ssh"]}},"/ssh/{id}/download":{"get":{"description":"Download `part=public|private|both` of the keypair. `both` returns a zip file.","operationId":"DownloadSSHKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","required":true,"schema":{"type":"string"}},{"description":"SSH Key ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Which part to download","in":"query","name":"part","required":true,"schema":{"enum":["public","private","both"],"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"file content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid part"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"download failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Download ssh key files by ID (org scoped)","tags":["Ssh"]}},"/taints":{"get":{"description":"Returns node taints for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node pools.","operationId":"ListTaints","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Exact key","in":"query","name":"key","schema":{"type":"string"}},{"description":"Exact value","in":"query","name":"value","schema":{"type":"string"}},{"description":"key contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.TaintResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list node taints"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List node pool taints (org scoped)","tags":["Taints"]},"post":{"description":"Creates a taint.","operationId":"CreateTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateTaintRequest"}}},"description":"Taint payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TaintResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields / invalid node_pool_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create node taint (org scoped)","tags":["Taints"]}},"/taints/{id}":{"delete":{"description":"Permanently deletes the taint.","operationId":"DeleteTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Taint ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete taint (org scoped)","tags":["Taints"]},"get":{"operationId":"GetTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Taint ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TaintResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get node taint by ID (org scoped)","tags":["Taints"]},"patch":{"description":"Partially update taint fields.","operationId":"UpdateTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Taint ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateTaintRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TaintResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update node taint (org scoped)","tags":["Taints"]}},"/version":{"get":{"description":"Returns build/runtime metadata for the running service.","operationId":"Version // operationId","responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.VersionResponse"}}},"description":"OK"}},"summary":"Service version information","tags":["Meta"]}}}, + "openapi": "3.1.0", + "servers": [ + {"description":"Production API","url":"https://autoglue.onglueops.rocks/api/v1"}, + {"description":"Staging API","url":"https://autoglue.apps.nonprod.earth.onglueops.rocks/api/v1"}, + {"description":"Local dev","url":"http://localhost:8080/api/v1"} + ] +} \ No newline at end of file diff --git a/docs/swagger.yaml b/docs/swagger.yaml index 1945026..fdbc429 100644 --- a/docs/swagger.yaml +++ b/docs/swagger.yaml @@ -1,1159 +1,1275 @@ -basePath: /api/v1 -definitions: - dto.AnnotationResponse: - properties: - created_at: - type: string - id: - type: string - key: - type: string - organization_id: - type: string - updated_at: - type: string - value: - type: string - type: object - dto.AttachAnnotationsRequest: - properties: - annotation_ids: - items: +components: + schemas: + dto.AnnotationResponse: + properties: + created_at: type: string - type: array - type: object - dto.AttachLabelsRequest: - properties: - label_ids: - items: + id: type: string - type: array - type: object - dto.AttachServersRequest: - properties: - server_ids: - items: + key: type: string - type: array - type: object - dto.AttachTaintsRequest: - properties: - taint_ids: - items: + organization_id: type: string - type: array - type: object - dto.AuthStartResponse: - properties: - auth_url: - example: https://accounts.google.com/o/oauth2/v2/auth?client_id=... - type: string - type: object - dto.ClusterResponse: - properties: - bastion_server: - $ref: '#/definitions/dto.ServerResponse' - captain_domain: - type: string - certificate_key: - type: string - cluster_load_balancer: - type: string - control_load_balancer: - type: string - created_at: - type: string - id: - type: string - name: - type: string - node_pools: - items: - $ref: '#/definitions/dto.NodePoolResponse' - type: array - provider: - type: string - random_token: - type: string - region: - type: string - status: - type: string - updated_at: - type: string - type: object - dto.CreateAnnotationRequest: - properties: - key: - type: string - value: - type: string - type: object - dto.CreateClusterRequest: - properties: - captain_domain: - type: string - cluster_load_balancer: - type: string - control_load_balancer: - type: string - name: - type: string - provider: - type: string - region: - type: string - status: - type: string - type: object - dto.CreateCredentialRequest: - properties: - account_id: - maxLength: 32 - type: string - kind: - description: aws_access_key, api_token, basic_auth, oauth2 - type: string - name: - description: human label - maxLength: 100 - type: string - provider: - enum: - - aws - - cloudflare - - hetzner - - digitalocean - - generic - type: string - region: - maxLength: 32 - type: string - schema_version: - description: secret schema version - minimum: 1 - type: integer - scope: - description: '{"service":"route53"} or {"arn":"..."}' - type: object - scope_kind: - enum: - - provider - - service - - resource - type: string - scope_version: - description: scope schema version - minimum: 1 - type: integer - secret: - description: encrypted later - type: object - required: - - kind - - provider - - schema_version - - scope - - scope_kind - - scope_version - - secret - type: object - dto.CreateDomainRequest: - properties: - credential_id: - type: string - domain_name: - type: string - zone_id: - maxLength: 128 - type: string - required: - - credential_id - - domain_name - type: object - dto.CreateLabelRequest: - properties: - key: - type: string - value: - type: string - type: object - dto.CreateNodePoolRequest: - properties: - name: - type: string - role: - enum: - - master - - worker - type: string - type: object - dto.CreateRecordSetRequest: - properties: - name: - description: |- - Name relative to domain ("endpoint") OR FQDN ("endpoint.example.com"). - Server normalizes to relative. - maxLength: 253 - type: string - ttl: - maximum: 86400 - minimum: 1 - type: integer - type: - type: string - values: - items: + updated_at: type: string - type: array - required: - - name - - type - type: object - dto.CreateSSHRequest: - properties: - bits: - description: Only for RSA - type: integer - comment: - example: deploy@autoglue - type: string - name: - type: string - type: - description: '"rsa" (default) or "ed25519"' - type: string - type: object - dto.CreateServerRequest: - properties: - hostname: - type: string - private_ip_address: - type: string - public_ip_address: - type: string - role: - enum: - - master - - worker - - bastion - example: master|worker|bastion - type: string - ssh_key_id: - type: string - ssh_user: - type: string - status: - enum: - - pending - - provisioning - - ready - - failed - example: pending|provisioning|ready|failed - type: string - type: object - dto.CreateTaintRequest: - properties: - effect: - type: string - key: - type: string - value: - type: string - type: object - dto.CredentialOut: - properties: - account_id: - type: string - created_at: - type: string - id: - type: string - kind: - type: string - name: - type: string - provider: - type: string - region: - type: string - schema_version: - type: integer - scope: - type: object - scope_kind: - type: string - scope_version: - type: integer - updated_at: - type: string - type: object - dto.DomainResponse: - properties: - created_at: - type: string - credential_id: - type: string - domain_name: - type: string - id: - type: string - last_error: - type: string - organization_id: - type: string - status: - type: string - updated_at: - type: string - zone_id: - type: string - type: object - dto.EnqueueRequest: - properties: - payload: - type: object - queue: - example: default - type: string - run_at: - example: "2025-11-05T08:00:00Z" - type: string - type: - example: email.send - type: string - type: object - dto.JWK: - properties: - alg: - example: RS256 - type: string - e: - example: AQAB - type: string - kid: - example: 7c6f1d0a-7a98-4e6a-9dbf-6b1af4b9f345 - type: string - kty: - example: RSA - type: string - "n": - type: string - use: - example: sig - type: string - x: - type: string - type: object - dto.JWKS: - properties: - keys: - items: - $ref: '#/definitions/dto.JWK' - type: array - type: object - dto.Job: - properties: - attempts: - example: 0 - type: integer - created_at: - example: "2025-11-04T09:30:00Z" - type: string - id: - example: 01HF7SZK8Z8WG1M3J7S2Z8M2N6 - type: string - last_error: - example: error message - type: string - max_attempts: - example: 3 - type: integer - payload: {} - queue: - example: default - type: string - run_at: - example: "2025-11-04T09:30:00Z" - type: string - status: - allOf: - - $ref: '#/definitions/dto.JobStatus' - enum: - - queued|running|succeeded|failed|canceled|retrying|scheduled - example: queued - type: - example: email.send - type: string - updated_at: - example: "2025-11-04T09:30:00Z" - type: string - type: object - dto.JobStatus: - enum: - - queued - - running - - succeeded - - failed - - canceled - - retrying - - scheduled - type: string - x-enum-varnames: - - StatusQueued - - StatusRunning - - StatusSucceeded - - StatusFailed - - StatusCanceled - - StatusRetrying - - StatusScheduled - dto.LabelResponse: - properties: - created_at: - type: string - id: - type: string - key: - type: string - organization_id: - type: string - updated_at: - type: string - value: - type: string - type: object - dto.LogoutRequest: - properties: - refresh_token: - example: m0l9o8rT3t0V8d3eFf... - type: string - type: object - dto.NodePoolResponse: - properties: - annotations: - items: - $ref: '#/definitions/dto.AnnotationResponse' - type: array - created_at: - type: string - id: - type: string - labels: - items: - $ref: '#/definitions/dto.LabelResponse' - type: array - name: - type: string - organization_id: - type: string - role: - enum: - - master - - worker - type: string - servers: - items: - $ref: '#/definitions/dto.ServerResponse' - type: array - taints: - items: - $ref: '#/definitions/dto.TaintResponse' - type: array - updated_at: - type: string - type: object - dto.PageJob: - properties: - items: - items: - $ref: '#/definitions/dto.Job' - type: array - page: - example: 1 - type: integer - page_size: - example: 25 - type: integer - total: - example: 120 - type: integer - type: object - dto.QueueInfo: - properties: - failed: - example: 5 - type: integer - name: - example: default - type: string - pending: - example: 42 - type: integer - running: - example: 3 - type: integer - scheduled: - example: 7 - type: integer - type: object - dto.RecordSetResponse: - properties: - created_at: - type: string - domain_id: - type: string - fingerprint: - type: string - id: - type: string - last_error: - type: string - name: - type: string - owner: - type: string - status: - type: string - ttl: - type: integer - type: - type: string - updated_at: - type: string - values: - description: '[]string JSON' - type: object - type: object - dto.RefreshRequest: - properties: - refresh_token: - example: m0l9o8rT3t0V8d3eFf... - type: string - type: object - dto.ServerResponse: - properties: - created_at: - type: string - hostname: - type: string - id: - type: string - organization_id: - type: string - private_ip_address: - type: string - public_ip_address: - type: string - role: - enum: - - master - - worker - - bastion - example: master|worker|bastion - type: string - ssh_key_id: - type: string - ssh_user: - type: string - status: - enum: - - pending - - provisioning - - ready - - failed - example: pending|provisioning|ready|failed - type: string - updated_at: - type: string - type: object - dto.SshResponse: - properties: - created_at: - type: string - fingerprint: - type: string - id: - type: string - name: - type: string - organization_id: - type: string - public_key: - type: string - updated_at: - type: string - type: object - dto.SshRevealResponse: - properties: - created_at: - type: string - fingerprint: - type: string - id: - type: string - name: - type: string - organization_id: - type: string - private_key: - type: string - public_key: - type: string - updated_at: - type: string - type: object - dto.TaintResponse: - properties: - created_at: - type: string - effect: - type: string - id: - type: string - key: - type: string - organization_id: - type: string - updated_at: - type: string - value: - type: string - type: object - dto.TokenPair: - properties: - access_token: - example: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ij... - type: string - expires_in: - example: 3600 - type: integer - refresh_token: - example: m0l9o8rT3t0V8d3eFf.... - type: string - token_type: - example: Bearer - type: string - type: object - dto.UpdateAnnotationRequest: - properties: - key: - type: string - value: - type: string - type: object - dto.UpdateCredentialRequest: - properties: - account_id: - type: string - name: - type: string - region: - type: string - scope: - type: object - scope_kind: - type: string - scope_version: - type: integer - secret: - description: set if rotating - type: object - type: object - dto.UpdateDomainRequest: - properties: - credential_id: - type: string - domain_name: - type: string - status: - enum: - - pending - - provisioning - - ready - - failed - type: string - zone_id: - maxLength: 128 - type: string - type: object - dto.UpdateLabelRequest: - properties: - key: - type: string - value: - type: string - type: object - dto.UpdateNodePoolRequest: - properties: - name: - type: string - role: - enum: - - master - - worker - type: string - type: object - dto.UpdateRecordSetRequest: - properties: - name: - description: Any change flips status back to pending (worker will UPSERT) - maxLength: 253 - type: string - status: - enum: - - pending - - provisioning - - ready - - failed - type: string - ttl: - maximum: 86400 - minimum: 1 - type: integer - type: - type: string - values: - items: + value: type: string - type: array - type: object - dto.UpdateServerRequest: - properties: - hostname: - type: string - private_ip_address: - type: string - public_ip_address: - type: string - role: - enum: - - master - - worker - - bastion - example: master|worker|bastion - type: string - ssh_key_id: - type: string - ssh_user: - type: string - status: - enum: - - pending - - provisioning - - ready - - failed - example: pending|provisioning|ready|failed - type: string - type: object - dto.UpdateTaintRequest: - properties: - effect: - type: string - key: - type: string - value: - type: string - type: object - handlers.HealthStatus: - properties: - status: - example: ok - type: string - type: object - handlers.VersionResponse: - properties: - built: - example: "2025-11-08T12:34:56Z" - type: string - builtBy: - example: ci - type: string - commit: - example: a1b2c3d - type: string - commitTime: - example: "2025-11-08T12:31:00Z" - type: string - go: - example: go1.23.3 - type: string - goArch: - example: amd64 - type: string - goOS: - example: linux - type: string - modified: - example: false - type: boolean - revision: - example: a1b2c3d4e5f6abcdef - type: string - vcs: - example: git - type: string - version: - example: 1.4.2 - type: string - type: object - handlers.createUserKeyRequest: - properties: - expires_in_hours: - description: optional TTL - type: integer - name: - type: string - type: object - handlers.meResponse: - properties: - avatar_url: - type: string - created_at: - format: date-time - type: string - display_name: - type: string - emails: + type: object + dto.AttachAnnotationsRequest: + properties: + annotation_ids: + items: + type: string + type: array + uniqueItems: false + type: object + dto.AttachBastionRequest: + properties: + server_id: + type: string + type: object + dto.AttachCaptainDomainRequest: + properties: + domain_id: + type: string + type: object + dto.AttachLabelsRequest: + properties: + label_ids: + items: + type: string + type: array + uniqueItems: false + type: object + dto.AttachLoadBalancerRequest: + properties: + load_balancer_id: + type: string + type: object + dto.AttachRecordSetRequest: + properties: + record_set_id: + type: string + type: object + dto.AttachServersRequest: + properties: + server_ids: + items: + type: string + type: array + uniqueItems: false + type: object + dto.AttachTaintsRequest: + properties: + taint_ids: + items: + type: string + type: array + uniqueItems: false + type: object + dto.AuthStartResponse: + properties: + auth_url: + example: https://accounts.google.com/o/oauth2/v2/auth?client_id=... + type: string + type: object + dto.ClusterResponse: + properties: + apps_load_balancer: + $ref: '#/components/schemas/dto.LoadBalancerResponse' + bastion_server: + $ref: '#/components/schemas/dto.ServerResponse' + captain_domain: + $ref: '#/components/schemas/dto.DomainResponse' + certificate_key: + type: string + control_plane_record_set: + $ref: '#/components/schemas/dto.RecordSetResponse' + created_at: + type: string + glueops_load_balancer: + $ref: '#/components/schemas/dto.LoadBalancerResponse' + id: + type: string + last_error: + type: string + name: + type: string + node_pools: + items: + $ref: '#/components/schemas/dto.NodePoolResponse' + type: array + uniqueItems: false + provider: + type: string + random_token: + type: string + region: + type: string + status: + type: string + updated_at: + type: string + type: object + dto.CreateAnnotationRequest: + properties: + key: + type: string + value: + type: string + type: object + dto.CreateClusterRequest: + properties: + name: + type: string + provider: + type: string + region: + type: string + type: object + dto.CreateCredentialRequest: + properties: + account_id: + maxLength: 32 + type: string + kind: + description: aws_access_key, api_token, basic_auth, oauth2 + type: string + name: + description: human label + maxLength: 100 + type: string + provider: + enum: + - aws + - cloudflare + - hetzner + - digitalocean + - generic + type: string + region: + maxLength: 32 + type: string + schema_version: + description: secret schema version + minimum: 1 + type: integer + scope: + description: '{"service":"route53"} or {"arn":"..."}' + type: object + scope_kind: + enum: + - provider + - service + - resource + type: string + scope_version: + description: scope schema version + minimum: 1 + type: integer + secret: + description: encrypted later + type: object + required: + - kind + - provider + - schema_version + - scope + - scope_kind + - scope_version + - secret + type: object + dto.CreateDomainRequest: + properties: + credential_id: + type: string + domain_name: + type: string + zone_id: + maxLength: 128 + type: string + required: + - credential_id + - domain_name + type: object + dto.CreateLabelRequest: + properties: + key: + type: string + value: + type: string + type: object + dto.CreateLoadBalancerRequest: + properties: + kind: + enum: + - glueops|public + example: public + type: string + name: + example: glueops + type: string + private_ip_address: + example: 192.168.0.2 + type: string + public_ip_address: + example: 8.8.8.8 + type: string + type: object + dto.CreateNodePoolRequest: + properties: + name: + type: string + role: + enum: + - master + - worker + type: string + type: object + dto.CreateRecordSetRequest: + properties: + name: + description: |- + Name relative to domain ("endpoint") OR FQDN ("endpoint.example.com"). + Server normalizes to relative. + maxLength: 253 + type: string + ttl: + maximum: 86400 + minimum: 1 + type: integer + type: + type: string + values: + items: + type: string + type: array + uniqueItems: false + required: + - name + - type + type: object + dto.CreateSSHRequest: + properties: + bits: + description: Only for RSA + type: integer + comment: + example: deploy@autoglue + type: string + name: + type: string + type: + description: '"rsa" (default) or "ed25519"' + type: string + type: object + dto.CreateServerRequest: + properties: + hostname: + type: string + private_ip_address: + type: string + public_ip_address: + type: string + role: + enum: + - master + - worker + - bastion + example: master|worker|bastion + type: string + ssh_key_id: + type: string + ssh_user: + type: string + status: + enum: + - pending + - provisioning + - ready + - failed + example: pending|provisioning|ready|failed + type: string + type: object + dto.CreateTaintRequest: + properties: + effect: + type: string + key: + type: string + value: + type: string + type: object + dto.CredentialOut: + properties: + account_id: + type: string + created_at: + type: string + id: + type: string + kind: + type: string + name: + type: string + provider: + type: string + region: + type: string + schema_version: + type: integer + scope: + type: object + scope_kind: + type: string + scope_version: + type: integer + updated_at: + type: string + type: object + dto.DomainResponse: + properties: + created_at: + type: string + credential_id: + type: string + domain_name: + type: string + id: + type: string + last_error: + type: string + organization_id: + type: string + status: + type: string + updated_at: + type: string + zone_id: + type: string + type: object + dto.EnqueueRequest: + properties: + payload: + type: object + queue: + example: default + type: string + run_at: + example: "2025-11-05T08:00:00Z" + type: string + type: + example: email.send + type: string + type: object + dto.JWK: + properties: + alg: + example: RS256 + type: string + e: + example: AQAB + type: string + kid: + example: 7c6f1d0a-7a98-4e6a-9dbf-6b1af4b9f345 + type: string + kty: + example: RSA + type: string + "n": + type: string + use: + example: sig + type: string + x: + type: string + type: object + dto.JWKS: + properties: + keys: + items: + $ref: '#/components/schemas/dto.JWK' + type: array + uniqueItems: false + type: object + dto.Job: + properties: + attempts: + example: 0 + type: integer + created_at: + example: "2025-11-04T09:30:00Z" + type: string + id: + example: 01HF7SZK8Z8WG1M3J7S2Z8M2N6 + type: string + last_error: + example: error message + type: string + max_attempts: + example: 3 + type: integer + payload: {} + queue: + example: default + type: string + run_at: + example: "2025-11-04T09:30:00Z" + type: string + status: + $ref: '#/components/schemas/dto.JobStatus' + type: + example: email.send + type: string + updated_at: + example: "2025-11-04T09:30:00Z" + type: string + type: object + dto.JobStatus: + enum: + - queued|running|succeeded|failed|canceled|retrying|scheduled + example: queued + type: string + x-enum-varnames: + - StatusQueued + - StatusRunning + - StatusSucceeded + - StatusFailed + - StatusCanceled + - StatusRetrying + - StatusScheduled + dto.LabelResponse: + properties: + created_at: + type: string + id: + type: string + key: + type: string + organization_id: + type: string + updated_at: + type: string + value: + type: string + type: object + dto.LoadBalancerResponse: + properties: + created_at: + type: string + id: + type: string + kind: + enum: + - glueops|public + type: string + name: + type: string + organization_id: + type: string + private_ip_address: + type: string + public_ip_address: + type: string + updated_at: + type: string + type: object + dto.LogoutRequest: + properties: + refresh_token: + example: m0l9o8rT3t0V8d3eFf... + type: string + type: object + dto.NodePoolResponse: + properties: + annotations: + items: + $ref: '#/components/schemas/dto.AnnotationResponse' + type: array + uniqueItems: false + created_at: + type: string + id: + type: string + labels: + items: + $ref: '#/components/schemas/dto.LabelResponse' + type: array + uniqueItems: false + name: + type: string + organization_id: + type: string + role: + enum: + - master + - worker + type: string + servers: + items: + $ref: '#/components/schemas/dto.ServerResponse' + type: array + uniqueItems: false + taints: + items: + $ref: '#/components/schemas/dto.TaintResponse' + type: array + uniqueItems: false + updated_at: + type: string + type: object + dto.PageJob: + properties: items: - $ref: '#/definitions/models.UserEmail' - type: array - id: - description: 'example: 3fa85f64-5717-4562-b3fc-2c963f66afa6' - format: uuid - type: string - is_admin: - type: boolean - is_disabled: - type: boolean - organizations: - items: - $ref: '#/definitions/models.Organization' - type: array - primary_email: - type: string - updated_at: - format: date-time - type: string - type: object - handlers.memberOut: - properties: - email: - type: string - role: - description: owner/admin/member - type: string - user_id: - format: uuid - type: string - type: object - handlers.memberUpsertReq: - properties: - role: - example: member - type: string - user_id: - format: uuid - type: string - type: object - handlers.orgCreateReq: - properties: - domain: - example: acme.com - type: string - name: - example: Acme Corp - type: string - type: object - handlers.orgKeyCreateReq: - properties: - expires_in_hours: - example: 720 - type: integer - name: - example: automation-bot - type: string - type: object - handlers.orgKeyCreateResp: - properties: - created_at: - type: string - expires_at: - type: string - id: - type: string - name: - type: string - org_key: - description: 'shown once:' - type: string - org_secret: - description: 'shown once:' - type: string - scope: - description: '"org"' - type: string - type: object - handlers.orgUpdateReq: - properties: - domain: - type: string - name: - type: string - type: object - handlers.updateMeRequest: - properties: - display_name: - type: string - type: object - handlers.userAPIKeyOut: - properties: - created_at: - type: string - expires_at: - type: string - id: - format: uuid - type: string - last_used_at: - type: string - name: - type: string - plain: - description: 'Shown only on create:' - type: string - scope: - description: '"user"' - type: string - type: object - models.APIKey: - properties: - created_at: - format: date-time - type: string - expires_at: - format: date-time - type: string - id: - format: uuid - type: string - last_used_at: - format: date-time - type: string - name: - type: string - org_id: - format: uuid - type: string - prefix: - type: string - revoked: - type: boolean - scope: - type: string - updated_at: - format: date-time - type: string - user_id: - format: uuid - type: string - type: object - models.Organization: - properties: - created_at: - format: date-time - type: string - domain: - type: string - id: - description: 'example: 3fa85f64-5717-4562-b3fc-2c963f66afa6' - format: uuid - type: string - name: - type: string - updated_at: - format: date-time - type: string - type: object - models.User: - properties: - avatar_url: - type: string - created_at: - format: date-time - type: string - display_name: - type: string - id: - description: 'example: 3fa85f64-5717-4562-b3fc-2c963f66afa6' - format: uuid - type: string - is_admin: - type: boolean - is_disabled: - type: boolean - primary_email: - type: string - updated_at: - format: date-time - type: string - type: object - models.UserEmail: - properties: - created_at: - format: date-time - type: string - email: - type: string - id: - description: 'example: 3fa85f64-5717-4562-b3fc-2c963f66afa6' - format: uuid - type: string - is_primary: - type: boolean - is_verified: - type: boolean - updated_at: - format: date-time - type: string - user: - $ref: '#/definitions/models.User' - user_id: - format: uuid - type: string - type: object - utils.ErrorResponse: - properties: - code: - description: |- - A machine-readable error code, e.g. "validation_error" - example: validation_error - type: string - message: - description: |- - Human-readable message - example: slug is required - type: string - type: object + items: + $ref: '#/components/schemas/dto.Job' + type: array + uniqueItems: false + page: + example: 1 + type: integer + page_size: + example: 25 + type: integer + total: + example: 120 + type: integer + type: object + dto.QueueInfo: + properties: + failed: + example: 5 + type: integer + name: + example: default + type: string + pending: + example: 42 + type: integer + running: + example: 3 + type: integer + scheduled: + example: 7 + type: integer + type: object + dto.RecordSetResponse: + properties: + created_at: + type: string + domain_id: + type: string + fingerprint: + type: string + id: + type: string + last_error: + type: string + name: + type: string + owner: + type: string + status: + type: string + ttl: + type: integer + type: + type: string + updated_at: + type: string + values: + description: '[]string JSON' + type: object + type: object + dto.RefreshRequest: + properties: + refresh_token: + example: m0l9o8rT3t0V8d3eFf... + type: string + type: object + dto.ServerResponse: + properties: + created_at: + type: string + hostname: + type: string + id: + type: string + organization_id: + type: string + private_ip_address: + type: string + public_ip_address: + type: string + role: + enum: + - master + - worker + - bastion + example: master|worker|bastion + type: string + ssh_key_id: + type: string + ssh_user: + type: string + status: + enum: + - pending + - provisioning + - ready + - failed + example: pending|provisioning|ready|failed + type: string + updated_at: + type: string + type: object + dto.SetKubeconfigRequest: + properties: + kubeconfig: + type: string + type: object + dto.SshResponse: + properties: + created_at: + type: string + fingerprint: + type: string + id: + type: string + name: + type: string + organization_id: + type: string + public_key: + type: string + updated_at: + type: string + type: object + dto.SshRevealResponse: + properties: + created_at: + type: string + fingerprint: + type: string + id: + type: string + name: + type: string + organization_id: + type: string + private_key: + type: string + public_key: + type: string + updated_at: + type: string + type: object + dto.TaintResponse: + properties: + created_at: + type: string + effect: + type: string + id: + type: string + key: + type: string + organization_id: + type: string + updated_at: + type: string + value: + type: string + type: object + dto.TokenPair: + properties: + access_token: + example: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ij... + type: string + expires_in: + example: 3600 + type: integer + refresh_token: + example: m0l9o8rT3t0V8d3eFf.... + type: string + token_type: + example: Bearer + type: string + type: object + dto.UpdateAnnotationRequest: + properties: + key: + type: string + value: + type: string + type: object + dto.UpdateClusterRequest: + properties: + name: + type: string + provider: + type: string + region: + type: string + type: object + dto.UpdateCredentialRequest: + properties: + account_id: + type: string + name: + type: string + region: + type: string + scope: + type: object + scope_kind: + type: string + scope_version: + type: integer + secret: + description: set if rotating + type: object + type: object + dto.UpdateDomainRequest: + properties: + credential_id: + type: string + domain_name: + type: string + status: + enum: + - pending + - provisioning + - ready + - failed + type: string + zone_id: + maxLength: 128 + type: string + type: object + dto.UpdateLabelRequest: + properties: + key: + type: string + value: + type: string + type: object + dto.UpdateLoadBalancerRequest: + properties: + kind: + enum: + - glueops|public + example: public + type: string + name: + example: glue + type: string + private_ip_address: + example: 192.168.0.2 + type: string + public_ip_address: + example: 8.8.8.8 + type: string + type: object + dto.UpdateNodePoolRequest: + properties: + name: + type: string + role: + enum: + - master + - worker + type: string + type: object + dto.UpdateRecordSetRequest: + properties: + name: + description: Any change flips status back to pending (worker will UPSERT) + maxLength: 253 + type: string + status: + enum: + - pending + - provisioning + - ready + - failed + type: string + ttl: + maximum: 86400 + minimum: 1 + type: integer + type: + type: string + values: + items: + type: string + type: array + uniqueItems: false + type: object + dto.UpdateServerRequest: + properties: + hostname: + type: string + private_ip_address: + type: string + public_ip_address: + type: string + role: + enum: + - master + - worker + - bastion + example: master|worker|bastion + type: string + ssh_key_id: + type: string + ssh_user: + type: string + status: + enum: + - pending + - provisioning + - ready + - failed + example: pending|provisioning|ready|failed + type: string + type: object + dto.UpdateTaintRequest: + properties: + effect: + type: string + key: + type: string + value: + type: string + type: object + handlers.HealthStatus: + properties: + status: + example: ok + type: string + type: object + handlers.VersionResponse: + properties: + built: + example: "2025-11-08T12:34:56Z" + type: string + builtBy: + example: ci + type: string + commit: + example: a1b2c3d + type: string + commitTime: + example: "2025-11-08T12:31:00Z" + type: string + go: + example: go1.23.3 + type: string + goArch: + example: amd64 + type: string + goOS: + example: linux + type: string + modified: + example: false + type: boolean + revision: + example: a1b2c3d4e5f6abcdef + type: string + vcs: + example: git + type: string + version: + example: 1.4.2 + type: string + type: object + handlers.createUserKeyRequest: + properties: + expires_in_hours: + description: optional TTL + type: integer + name: + type: string + type: object + handlers.meResponse: + properties: + avatar_url: + type: string + created_at: + format: date-time + type: string + display_name: + type: string + emails: + items: + $ref: '#/components/schemas/models.UserEmail' + type: array + uniqueItems: false + id: + description: 'example: 3fa85f64-5717-4562-b3fc-2c963f66afa6' + format: uuid + type: string + is_admin: + type: boolean + is_disabled: + type: boolean + organizations: + items: + $ref: '#/components/schemas/models.Organization' + type: array + uniqueItems: false + primary_email: + type: string + updated_at: + format: date-time + type: string + type: object + handlers.memberOut: + properties: + email: + type: string + role: + description: owner/admin/member + type: string + user_id: + format: uuid + type: string + type: object + handlers.memberUpsertReq: + properties: + role: + example: member + type: string + user_id: + format: uuid + type: string + type: object + handlers.orgCreateReq: + properties: + domain: + example: acme.com + type: string + name: + example: Acme Corp + type: string + type: object + handlers.orgKeyCreateReq: + properties: + expires_in_hours: + example: 720 + type: integer + name: + example: automation-bot + type: string + type: object + handlers.orgKeyCreateResp: + properties: + created_at: + type: string + expires_at: + type: string + id: + type: string + name: + type: string + org_key: + description: 'shown once:' + type: string + org_secret: + description: 'shown once:' + type: string + scope: + description: '"org"' + type: string + type: object + handlers.orgUpdateReq: + properties: + domain: + type: string + name: + type: string + type: object + handlers.updateMeRequest: + properties: + display_name: + type: string + type: object + handlers.userAPIKeyOut: + properties: + created_at: + type: string + expires_at: + type: string + id: + format: uuid + type: string + last_used_at: + type: string + name: + type: string + plain: + description: 'Shown only on create:' + type: string + scope: + description: '"user"' + type: string + type: object + models.APIKey: + properties: + created_at: + format: date-time + type: string + expires_at: + format: date-time + type: string + id: + format: uuid + type: string + last_used_at: + format: date-time + type: string + name: + type: string + org_id: + format: uuid + type: string + prefix: + type: string + revoked: + type: boolean + scope: + type: string + updated_at: + format: date-time + type: string + user_id: + format: uuid + type: string + type: object + models.Organization: + properties: + created_at: + format: date-time + type: string + domain: + type: string + id: + description: 'example: 3fa85f64-5717-4562-b3fc-2c963f66afa6' + format: uuid + type: string + name: + type: string + updated_at: + format: date-time + type: string + type: object + models.User: + properties: + avatar_url: + type: string + created_at: + format: date-time + type: string + display_name: + type: string + id: + description: 'example: 3fa85f64-5717-4562-b3fc-2c963f66afa6' + format: uuid + type: string + is_admin: + type: boolean + is_disabled: + type: boolean + primary_email: + type: string + updated_at: + format: date-time + type: string + type: object + models.UserEmail: + properties: + created_at: + format: date-time + type: string + email: + type: string + id: + description: 'example: 3fa85f64-5717-4562-b3fc-2c963f66afa6' + format: uuid + type: string + is_primary: + type: boolean + is_verified: + type: boolean + updated_at: + format: date-time + type: string + user: + $ref: '#/components/schemas/models.User' + user_id: + format: uuid + type: string + type: object + utils.ErrorResponse: + properties: + code: + description: |- + A machine-readable error code, e.g. "validation_error" + example: validation_error + type: string + message: + description: |- + Human-readable message + example: slug is required + type: string + type: object + securitySchemes: + "": + description: Org-level secret + in: header + name: X-ORG-SECRET + type: apiKey +externalDocs: + description: "" + url: "" info: contact: name: GlueOps description: API for managing K3s clusters across cloud providers title: AutoGlue API version: "1.0" +openapi: 3.1.0 paths: /.well-known/jwks.json: get: description: Returns the JSON Web Key Set for token verification operationId: getJWKS - produces: - - application/json responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.JWKS' description: OK - schema: - $ref: '#/definitions/dto.JWKS' summary: Get JWKS tags: - Auth /admin/archer/jobs: get: - consumes: - - application/json description: Paginated background jobs with optional filters. Search `q` may match id, type, error, payload (implementation-dependent). operationId: AdminListArcherJobs parameters: - description: Filter by status - enum: - - queued - - running - - succeeded - - failed - - canceled - - retrying - - scheduled in: query name: status - type: string + schema: + enum: + - queued + - running + - succeeded + - failed + - canceled + - retrying + - scheduled + type: string - description: Filter by queue name / worker name in: query name: queue - type: string + schema: + type: string - description: Free-text search in: query name: q - type: string - - default: 1 - description: Page number + schema: + type: string + - description: Page number in: query name: page - type: integer - - default: 25 - description: Items per page + schema: + default: 1 + type: integer + - description: Items per page in: query - maximum: 100 - minimum: 1 name: page_size - type: integer - produces: - - application/json + schema: + default: 25 + maximum: 100 + minimum: 1 + type: integer responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.PageJob' description: OK - schema: - $ref: '#/definitions/dto.PageJob' "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: forbidden - schema: - type: string "500": + content: + application/json: + schema: + type: string description: internal error - schema: - type: string security: - BearerAuth: [] summary: List Archer jobs (admin) tags: - ArcherAdmin post: - consumes: - - application/json description: Create a job immediately or schedule it for the future via `run_at`. operationId: AdminEnqueueArcherJob - parameters: - - description: Job parameters - in: body - name: body + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.EnqueueRequest' + description: Job parameters required: true - schema: - $ref: '#/definitions/dto.EnqueueRequest' - produces: - - application/json responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.Job' description: OK - schema: - $ref: '#/definitions/dto.Job' "400": + content: + application/json: + schema: + type: string description: invalid json or missing fields - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: forbidden - schema: - type: string "500": + content: + application/json: + schema: + type: string description: internal error - schema: - type: string security: - BearerAuth: [] summary: Enqueue a new Archer job (admin) @@ -1161,8 +1277,6 @@ paths: - ArcherAdmin /admin/archer/jobs/{id}/cancel: post: - consumes: - - application/json description: Set job status to canceled if cancellable. For running jobs, this only affects future picks; wire to Archer if you need active kill. operationId: AdminCancelArcherJob @@ -1171,30 +1285,44 @@ paths: in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string + requestBody: + content: + application/json: + schema: + type: object responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.Job' description: OK - schema: - $ref: '#/definitions/dto.Job' "400": + content: + application/json: + schema: + type: string description: invalid job or not cancellable - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: forbidden - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string security: - BearerAuth: [] summary: Cancel an Archer job (admin) @@ -1202,8 +1330,6 @@ paths: - ArcherAdmin /admin/archer/jobs/{id}/retry: post: - consumes: - - application/json description: Marks the job retriable (DB flip). Swap this for an Archer admin call if you expose one. operationId: AdminRetryArcherJob @@ -1212,30 +1338,44 @@ paths: in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string + requestBody: + content: + application/json: + schema: + type: object responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.Job' description: OK - schema: - $ref: '#/definitions/dto.Job' "400": + content: + application/json: + schema: + type: string description: invalid job or not eligible - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: forbidden - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string security: - BearerAuth: [] summary: Retry a failed/canceled Archer job (admin) @@ -1243,31 +1383,35 @@ paths: - ArcherAdmin /admin/archer/queues: get: - consumes: - - application/json description: Summary metrics per queue (pending, running, failed, scheduled). operationId: AdminListArcherQueues - produces: - - application/json responses: "200": + content: + application/json: + schema: + items: + $ref: '#/components/schemas/dto.QueueInfo' + type: array description: OK - schema: - items: - $ref: '#/definitions/dto.QueueInfo' - type: array "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: forbidden - schema: - type: string "500": + content: + application/json: + schema: + type: string description: internal error - schema: - type: string security: - BearerAuth: [] summary: List Archer queues (admin) @@ -1275,8 +1419,6 @@ paths: - ArcherAdmin /annotations: get: - consumes: - - application/json description: 'Returns annotations for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node pools.' @@ -1285,40 +1427,50 @@ paths: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Exact key in: query name: key - type: string + schema: + type: string - description: Exact value in: query name: value - type: string + schema: + type: string - description: key contains (case-insensitive) in: query name: q - type: string - produces: - - application/json + schema: + type: string responses: "200": + content: + application/json: + schema: + items: + $ref: '#/components/schemas/dto.AnnotationResponse' + type: array description: OK - schema: - items: - $ref: '#/definitions/dto.AnnotationResponse' - type: array "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "500": + content: + application/json: + schema: + type: string description: failed to list annotations - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -1327,44 +1479,52 @@ paths: tags: - Annotations post: - consumes: - - application/json description: Creates an annotation. operationId: CreateAnnotation parameters: - description: Organization UUID in: header name: X-Org-ID - type: string - - description: Annotation payload - in: body - name: body - required: true schema: - $ref: '#/definitions/dto.CreateAnnotationRequest' - produces: - - application/json + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.CreateAnnotationRequest' + description: Annotation payload + required: true responses: "201": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.AnnotationResponse' description: Created - schema: - $ref: '#/definitions/dto.AnnotationResponse' "400": + content: + application/json: + schema: + type: string description: invalid json / missing fields - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "500": + content: + application/json: + schema: + type: string description: create failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -1374,43 +1534,47 @@ paths: - Annotations /annotations/{id}: delete: - consumes: - - application/json description: Permanently deletes the annotation. operationId: DeleteAnnotation parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Annotation ID (UUID) in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string responses: "204": description: No Content - schema: - type: string "400": + content: + application/json: + schema: + type: string description: invalid id - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "500": + content: + application/json: + schema: + type: string description: delete failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -1419,8 +1583,6 @@ paths: tags: - Annotations get: - consumes: - - application/json description: Returns one annotation. Add `include=node_pools` to include node pools. operationId: GetAnnotation @@ -1428,39 +1590,51 @@ paths: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Annotation ID (UUID) in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.AnnotationResponse' description: OK - schema: - $ref: '#/definitions/dto.AnnotationResponse' "400": + content: + application/json: + schema: + type: string description: invalid id - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string "500": + content: + application/json: + schema: + type: string description: fetch failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -1469,53 +1643,64 @@ paths: tags: - Annotations patch: - consumes: - - application/json description: Partially update annotation fields. operationId: UpdateAnnotation parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Annotation ID (UUID) in: path name: id required: true - type: string - - description: Fields to update - in: body - name: body - required: true schema: - $ref: '#/definitions/dto.UpdateAnnotationRequest' - produces: - - application/json + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.UpdateAnnotationRequest' + description: Fields to update + required: true responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.AnnotationResponse' description: OK - schema: - $ref: '#/definitions/dto.AnnotationResponse' "400": + content: + application/json: + schema: + type: string description: invalid id / invalid json - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string "500": + content: + application/json: + schema: + type: string description: update failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -1531,14 +1716,15 @@ paths: in: path name: provider required: true - type: string - produces: - - application/json + schema: + type: string responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.TokenPair' description: OK - schema: - $ref: '#/definitions/dto.TokenPair' summary: Handle social login callback tags: - Auth @@ -1551,31 +1737,28 @@ paths: in: path name: provider required: true - type: string - produces: - - application/json + schema: + type: string responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.AuthStartResponse' description: OK - schema: - $ref: '#/definitions/dto.AuthStartResponse' summary: Begin social login tags: - Auth /auth/logout: post: - consumes: - - application/json operationId: Logout - parameters: - - description: Refresh token - in: body - name: body + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.LogoutRequest' + description: Refresh token required: true - schema: - $ref: '#/definitions/dto.LogoutRequest' - produces: - - application/json responses: "204": description: No Content @@ -1584,23 +1767,21 @@ paths: - Auth /auth/refresh: post: - consumes: - - application/json operationId: Refresh - parameters: - - description: Refresh token - in: body - name: body + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.RefreshRequest' + description: Refresh token required: true - schema: - $ref: '#/definitions/dto.RefreshRequest' - produces: - - application/json responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.TokenPair' description: OK - schema: - $ref: '#/definitions/dto.TokenPair' summary: Rotate refresh token tags: - Auth @@ -1613,32 +1794,40 @@ paths: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Name contains (case-insensitive) in: query name: q - type: string - produces: - - application/json + schema: + type: string responses: "200": + content: + application/json: + schema: + items: + $ref: '#/components/schemas/dto.ClusterResponse' + type: array description: OK - schema: - items: - $ref: '#/definitions/dto.ClusterResponse' - type: array "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "500": + content: + application/json: + schema: + type: string description: failed to list clusters - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -1647,45 +1836,53 @@ paths: tags: - Clusters post: - consumes: - - application/json - description: Creates a cluster. If `kubeconfig` is provided, it will be encrypted - per-organization and stored securely (never returned). + description: Creates a cluster. Status is managed by the system and starts as + `pre_pending` for validation. operationId: CreateCluster parameters: - description: Organization UUID in: header name: X-Org-ID - type: string - - description: payload - in: body - name: body - required: true schema: - $ref: '#/definitions/dto.CreateClusterRequest' - produces: - - application/json + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.CreateClusterRequest' + description: payload + required: true responses: "201": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.ClusterResponse' description: Created - schema: - $ref: '#/definitions/dto.ClusterResponse' "400": + content: + application/json: + schema: + type: string description: invalid json - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "500": + content: + application/json: + schema: + type: string description: create failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -1693,10 +1890,956 @@ paths: summary: Create cluster (org scoped) tags: - Clusters + /clusters/{clusterID}: + delete: + description: Deletes the cluster. Related resources are cleaned up via DB constraints + (e.g. CASCADE). + operationId: DeleteCluster + parameters: + - description: Organization UUID + in: header + name: X-Org-ID + schema: + type: string + - description: Cluster ID + in: path + name: clusterID + required: true + schema: + type: string + responses: + "204": + content: + application/json: + schema: + type: string + description: deleted + "400": + content: + application/json: + schema: + type: string + description: bad request + "401": + content: + application/json: + schema: + type: string + description: Unauthorized + "403": + content: + application/json: + schema: + type: string + description: organization required + "404": + content: + application/json: + schema: + type: string + description: cluster not found + "500": + content: + application/json: + schema: + type: string + description: db error + security: + - BearerAuth: [] + - OrgKeyAuth: [] + - OrgSecretAuth: [] + summary: Delete a cluster (org scoped) + tags: + - Clusters + get: + description: Returns a cluster with all related resources (domain, record set, + load balancers, bastion, node pools). + operationId: GetCluster + parameters: + - description: Organization UUID + in: header + name: X-Org-ID + schema: + type: string + - description: Cluster ID + in: path + name: clusterID + required: true + schema: + type: string + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.ClusterResponse' + description: OK + "400": + content: + application/json: + schema: + type: string + description: bad request + "401": + content: + application/json: + schema: + type: string + description: Unauthorized + "403": + content: + application/json: + schema: + type: string + description: organization required + "404": + content: + application/json: + schema: + type: string + description: cluster not found + "500": + content: + application/json: + schema: + type: string + description: db error + security: + - BearerAuth: [] + - OrgKeyAuth: [] + - OrgSecretAuth: [] + summary: Get a single cluster by ID (org scoped) + tags: + - Clusters + patch: + description: Updates the cluster name, provider, and/or region. Status is managed + by the system. + operationId: UpdateCluster + parameters: + - description: Organization UUID + in: header + name: X-Org-ID + schema: + type: string + - description: Cluster ID + in: path + name: clusterID + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.UpdateClusterRequest' + description: payload + required: true + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.ClusterResponse' + description: OK + "400": + content: + application/json: + schema: + type: string + description: bad request + "401": + content: + application/json: + schema: + type: string + description: Unauthorized + "403": + content: + application/json: + schema: + type: string + description: organization required + "404": + content: + application/json: + schema: + type: string + description: cluster not found + "500": + content: + application/json: + schema: + type: string + description: db error + security: + - BearerAuth: [] + - OrgKeyAuth: [] + - OrgSecretAuth: [] + summary: Update basic cluster details (org scoped) + tags: + - Clusters + /clusters/{clusterID}/apps-load-balancer: + delete: + description: Clears apps_load_balancer_id on the cluster. + operationId: DetachAppsLoadBalancer + parameters: + - description: Organization UUID + in: header + name: X-Org-ID + schema: + type: string + - description: Cluster ID + in: path + name: clusterID + required: true + schema: + type: string + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.ClusterResponse' + description: OK + "400": + content: + application/json: + schema: + type: string + description: bad request + "401": + content: + application/json: + schema: + type: string + description: Unauthorized + "403": + content: + application/json: + schema: + type: string + description: organization required + "404": + content: + application/json: + schema: + type: string + description: cluster not found + "500": + content: + application/json: + schema: + type: string + description: db error + security: + - BearerAuth: [] + - OrgKeyAuth: [] + - OrgSecretAuth: [] + summary: Detach the apps load balancer from a cluster + tags: + - Clusters + post: + description: Sets apps_load_balancer_id on the cluster. + operationId: AttachAppsLoadBalancer + parameters: + - description: Organization UUID + in: header + name: X-Org-ID + schema: + type: string + - description: Cluster ID + in: path + name: clusterID + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.AttachLoadBalancerRequest' + description: payload + required: true + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.ClusterResponse' + description: OK + "400": + content: + application/json: + schema: + type: string + description: bad request + "401": + content: + application/json: + schema: + type: string + description: Unauthorized + "403": + content: + application/json: + schema: + type: string + description: organization required + "404": + content: + application/json: + schema: + type: string + description: cluster or load balancer not found + "500": + content: + application/json: + schema: + type: string + description: db error + security: + - BearerAuth: [] + - OrgKeyAuth: [] + - OrgSecretAuth: [] + summary: Attach an apps load balancer to a cluster + tags: + - Clusters + /clusters/{clusterID}/bastion: + delete: + description: Clears bastion_server_id on the cluster. + operationId: DetachBastionServer + parameters: + - description: Organization UUID + in: header + name: X-Org-ID + schema: + type: string + - description: Cluster ID + in: path + name: clusterID + required: true + schema: + type: string + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.ClusterResponse' + description: OK + "400": + content: + application/json: + schema: + type: string + description: bad request + "401": + content: + application/json: + schema: + type: string + description: Unauthorized + "403": + content: + application/json: + schema: + type: string + description: organization required + "404": + content: + application/json: + schema: + type: string + description: cluster not found + "500": + content: + application/json: + schema: + type: string + description: db error + security: + - BearerAuth: [] + - OrgKeyAuth: [] + - OrgSecretAuth: [] + summary: Detach the bastion server from a cluster + tags: + - Clusters + post: + description: Sets bastion_server_id on the cluster. + operationId: AttachBastionServer + parameters: + - description: Organization UUID + in: header + name: X-Org-ID + schema: + type: string + - description: Cluster ID + in: path + name: clusterID + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.AttachBastionRequest' + description: payload + required: true + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.ClusterResponse' + description: OK + "400": + content: + application/json: + schema: + type: string + description: bad request + "401": + content: + application/json: + schema: + type: string + description: Unauthorized + "403": + content: + application/json: + schema: + type: string + description: organization required + "404": + content: + application/json: + schema: + type: string + description: cluster or server not found + "500": + content: + application/json: + schema: + type: string + description: db error + security: + - BearerAuth: [] + - OrgKeyAuth: [] + - OrgSecretAuth: [] + summary: Attach a bastion server to a cluster + tags: + - Clusters + /clusters/{clusterID}/captain-domain: + delete: + description: Clears captain_domain_id on the cluster. This will likely cause + the cluster to become incomplete. + operationId: DetachCaptainDomain + parameters: + - description: Organization UUID + in: header + name: X-Org-ID + schema: + type: string + - description: Cluster ID + in: path + name: clusterID + required: true + schema: + type: string + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.ClusterResponse' + description: OK + "400": + content: + application/json: + schema: + type: string + description: bad request + "401": + content: + application/json: + schema: + type: string + description: Unauthorized + "403": + content: + application/json: + schema: + type: string + description: organization required + "404": + content: + application/json: + schema: + type: string + description: cluster not found + "500": + content: + application/json: + schema: + type: string + description: db error + security: + - BearerAuth: [] + - OrgKeyAuth: [] + - OrgSecretAuth: [] + summary: Detach the captain domain from a cluster + tags: + - Clusters + post: + description: Sets captain_domain_id on the cluster. Validation of shape happens + asynchronously. + operationId: AttachCaptainDomain + parameters: + - description: Organization UUID + in: header + name: X-Org-ID + schema: + type: string + - description: Cluster ID + in: path + name: clusterID + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.AttachCaptainDomainRequest' + description: payload + required: true + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.ClusterResponse' + description: OK + "400": + content: + application/json: + schema: + type: string + description: bad request + "401": + content: + application/json: + schema: + type: string + description: Unauthorized + "403": + content: + application/json: + schema: + type: string + description: organization required + "404": + content: + application/json: + schema: + type: string + description: cluster or domain not found + "500": + content: + application/json: + schema: + type: string + description: db error + security: + - BearerAuth: [] + - OrgKeyAuth: [] + - OrgSecretAuth: [] + summary: Attach a captain domain to a cluster + tags: + - Clusters + /clusters/{clusterID}/control-plane-record-set: + delete: + description: Clears control_plane_record_set_id on the cluster. + operationId: DetachControlPlaneRecordSet + parameters: + - description: Organization UUID + in: header + name: X-Org-ID + schema: + type: string + - description: Cluster ID + in: path + name: clusterID + required: true + schema: + type: string + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.ClusterResponse' + description: OK + "400": + content: + application/json: + schema: + type: string + description: bad request + "401": + content: + application/json: + schema: + type: string + description: Unauthorized + "403": + content: + application/json: + schema: + type: string + description: organization required + "404": + content: + application/json: + schema: + type: string + description: cluster not found + "500": + content: + application/json: + schema: + type: string + description: db error + security: + - BearerAuth: [] + - OrgKeyAuth: [] + - OrgSecretAuth: [] + summary: Detach the control plane record set from a cluster + tags: + - Clusters + post: + description: Sets control_plane_record_set_id on the cluster. + operationId: AttachControlPlaneRecordSet + parameters: + - description: Organization UUID + in: header + name: X-Org-ID + schema: + type: string + - description: Cluster ID + in: path + name: clusterID + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.AttachRecordSetRequest' + description: payload + required: true + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.ClusterResponse' + description: OK + "400": + content: + application/json: + schema: + type: string + description: bad request + "401": + content: + application/json: + schema: + type: string + description: Unauthorized + "403": + content: + application/json: + schema: + type: string + description: organization required + "404": + content: + application/json: + schema: + type: string + description: cluster or record set not found + "500": + content: + application/json: + schema: + type: string + description: db error + security: + - BearerAuth: [] + - OrgKeyAuth: [] + - OrgSecretAuth: [] + summary: Attach a control plane record set to a cluster + tags: + - Clusters + /clusters/{clusterID}/glueops-load-balancer: + delete: + description: Clears glueops_load_balancer_id on the cluster. + operationId: DetachGlueOpsLoadBalancer + parameters: + - description: Organization UUID + in: header + name: X-Org-ID + schema: + type: string + - description: Cluster ID + in: path + name: clusterID + required: true + schema: + type: string + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.ClusterResponse' + description: OK + "400": + content: + application/json: + schema: + type: string + description: bad request + "401": + content: + application/json: + schema: + type: string + description: Unauthorized + "403": + content: + application/json: + schema: + type: string + description: organization required + "404": + content: + application/json: + schema: + type: string + description: cluster not found + "500": + content: + application/json: + schema: + type: string + description: db error + security: + - BearerAuth: [] + - OrgKeyAuth: [] + - OrgSecretAuth: [] + summary: Detach the GlueOps/control-plane load balancer from a cluster + tags: + - Clusters + post: + description: Sets glueops_load_balancer_id on the cluster. + operationId: AttachGlueOpsLoadBalancer + parameters: + - description: Organization UUID + in: header + name: X-Org-ID + schema: + type: string + - description: Cluster ID + in: path + name: clusterID + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.AttachLoadBalancerRequest' + description: payload + required: true + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.ClusterResponse' + description: OK + "400": + content: + application/json: + schema: + type: string + description: bad request + "401": + content: + application/json: + schema: + type: string + description: Unauthorized + "403": + content: + application/json: + schema: + type: string + description: organization required + "404": + content: + application/json: + schema: + type: string + description: cluster or load balancer not found + "500": + content: + application/json: + schema: + type: string + description: db error + security: + - BearerAuth: [] + - OrgKeyAuth: [] + - OrgSecretAuth: [] + summary: Attach a GlueOps/control-plane load balancer to a cluster + tags: + - Clusters + /clusters/{clusterID}/kubeconfig: + delete: + description: Removes the encrypted kubeconfig, IV, and tag from the cluster + record. + operationId: ClearClusterKubeconfig + parameters: + - description: Organization UUID + in: header + name: X-Org-ID + schema: + type: string + - description: Cluster ID + in: path + name: clusterID + required: true + schema: + type: string + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.ClusterResponse' + description: OK + "400": + content: + application/json: + schema: + type: string + description: bad request + "401": + content: + application/json: + schema: + type: string + description: Unauthorized + "403": + content: + application/json: + schema: + type: string + description: organization required + "404": + content: + application/json: + schema: + type: string + description: cluster not found + "500": + content: + application/json: + schema: + type: string + description: db error + security: + - BearerAuth: [] + - OrgKeyAuth: [] + - OrgSecretAuth: [] + summary: Clear the kubeconfig for a cluster + tags: + - Clusters + post: + description: Stores the kubeconfig encrypted per organization. The kubeconfig + is never returned in responses. + operationId: SetClusterKubeconfig + parameters: + - description: Organization UUID + in: header + name: X-Org-ID + schema: + type: string + - description: Cluster ID + in: path + name: clusterID + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.SetKubeconfigRequest' + description: payload + required: true + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.ClusterResponse' + description: OK + "400": + content: + application/json: + schema: + type: string + description: bad request + "401": + content: + application/json: + schema: + type: string + description: Unauthorized + "403": + content: + application/json: + schema: + type: string + description: organization required + "404": + content: + application/json: + schema: + type: string + description: cluster not found + "500": + content: + application/json: + schema: + type: string + description: db error + security: + - BearerAuth: [] + - OrgKeyAuth: [] + - OrgSecretAuth: [] + summary: Set (or replace) the kubeconfig for a cluster + tags: + - Clusters /credentials: get: - consumes: - - application/json description: Returns credential metadata for the current org. Secrets are never returned. operationId: ListCredentials @@ -1704,40 +2847,50 @@ paths: - description: Organization ID (UUID) in: header name: X-Org-ID - type: string + schema: + type: string - description: Filter by provider (e.g., aws) in: query name: provider - type: string + schema: + type: string - description: Filter by kind (e.g., aws_access_key) in: query name: kind - type: string + schema: + type: string - description: Filter by scope kind (provider/service/resource) in: query name: scope_kind - type: string - produces: - - application/json + schema: + type: string responses: "200": + content: + application/json: + schema: + items: + $ref: '#/components/schemas/dto.CredentialOut' + type: array description: OK - schema: - items: - $ref: '#/definitions/dto.CredentialOut' - type: array "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "500": + content: + application/json: + schema: + type: string description: internal server error - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -1746,39 +2899,45 @@ paths: tags: - Credentials post: - consumes: - - application/json operationId: CreateCredential parameters: - description: Organization ID (UUID) in: header name: X-Org-ID - type: string - - description: Credential payload - in: body - name: body - required: true schema: - $ref: '#/definitions/dto.CreateCredentialRequest' - produces: - - application/json + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.CreateCredentialRequest' + description: Credential payload + required: true responses: "201": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.CredentialOut' description: Created - schema: - $ref: '#/definitions/dto.CredentialOut' "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "500": + content: + application/json: + schema: + type: string description: internal server error - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -1788,28 +2947,28 @@ paths: - Credentials /credentials/{id}: delete: - consumes: - - application/json operationId: DeleteCredential parameters: - description: Organization ID (UUID) in: header name: X-Org-ID - type: string + schema: + type: string - description: Credential ID (UUID) in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string responses: "204": description: No Content "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -1818,38 +2977,44 @@ paths: tags: - Credentials get: - consumes: - - application/json operationId: GetCredential parameters: - description: Organization ID (UUID) in: header name: X-Org-ID - type: string + schema: + type: string - description: Credential ID (UUID) in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.CredentialOut' description: OK - schema: - $ref: '#/definitions/dto.CredentialOut' "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "500": + content: + application/json: + schema: + type: string description: internal server error - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -1858,40 +3023,45 @@ paths: tags: - Credentials patch: - consumes: - - application/json operationId: UpdateCredential parameters: - description: Organization ID (UUID) in: header name: X-Org-ID - type: string + schema: + type: string - description: Credential ID (UUID) in: path name: id required: true - type: string - - description: Fields to update - in: body - name: body - required: true schema: - $ref: '#/definitions/dto.UpdateCredentialRequest' - produces: - - application/json + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.UpdateCredentialRequest' + description: Fields to update + required: true responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.CredentialOut' description: OK - schema: - $ref: '#/definitions/dto.CredentialOut' "403": + content: + application/json: + schema: + type: string description: X-Org-ID required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -1901,35 +3071,44 @@ paths: - Credentials /credentials/{id}/reveal: post: - consumes: - - application/json operationId: RevealCredential parameters: - description: Organization ID (UUID) in: header name: X-Org-ID - type: string + schema: + type: string - description: Credential ID (UUID) in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string + requestBody: + content: + application/json: + schema: + type: object responses: "200": + content: + application/json: + schema: + additionalProperties: {} + type: object description: OK - schema: - additionalProperties: true - type: object "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -1939,8 +3118,6 @@ paths: - Credentials /dns/domains: get: - consumes: - - application/json description: 'Returns domains for X-Org-ID. Filters: `domain_name`, `status`, `q` (contains).' operationId: ListDomains @@ -1948,40 +3125,50 @@ paths: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Exact domain name (lowercase, no trailing dot) in: query name: domain_name - type: string + schema: + type: string - description: pending|provisioning|ready|failed in: query name: status - type: string + schema: + type: string - description: Domain contains (case-insensitive) in: query name: q - type: string - produces: - - application/json + schema: + type: string responses: "200": + content: + application/json: + schema: + items: + $ref: '#/components/schemas/dto.DomainResponse' + type: array description: OK - schema: - items: - $ref: '#/definitions/dto.DomainResponse' - type: array "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "500": + content: + application/json: + schema: + type: string description: db error - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -1990,8 +3177,6 @@ paths: tags: - DNS post: - consumes: - - application/json description: Creates a domain bound to a Route 53 scoped credential. Archer will backfill ZoneID if omitted. operationId: CreateDomain @@ -1999,36 +3184,46 @@ paths: - description: Organization UUID in: header name: X-Org-ID - type: string - - description: Domain payload - in: body - name: body - required: true schema: - $ref: '#/definitions/dto.CreateDomainRequest' - produces: - - application/json + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.CreateDomainRequest' + description: Domain payload + required: true responses: "201": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.DomainResponse' description: Created - schema: - $ref: '#/definitions/dto.DomainResponse' "400": + content: + application/json: + schema: + type: string description: validation error - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "500": + content: + application/json: + schema: + type: string description: db error - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -2038,49 +3233,56 @@ paths: - DNS /dns/domains/{domain_id}/records: get: - consumes: - - application/json description: 'Filters: `name`, `type`, `status`.' operationId: ListRecordSets parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Domain ID (UUID) in: path name: domain_id required: true - type: string + schema: + type: string - description: Exact relative name or FQDN (server normalizes) in: query name: name - type: string + schema: + type: string - description: RR type (A, AAAA, CNAME, TXT, MX, NS, SRV, CAA) in: query name: type - type: string + schema: + type: string - description: pending|provisioning|ready|failed in: query name: status - type: string - produces: - - application/json + schema: + type: string responses: "200": + content: + application/json: + schema: + items: + $ref: '#/components/schemas/dto.RecordSetResponse' + type: array description: OK - schema: - items: - $ref: '#/definitions/dto.RecordSetResponse' - type: array "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: domain not found - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -2089,44 +3291,51 @@ paths: tags: - DNS post: - consumes: - - application/json operationId: CreateRecordSet parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Domain ID (UUID) in: path name: domain_id required: true - type: string - - description: Record set payload - in: body - name: body - required: true schema: - $ref: '#/definitions/dto.CreateRecordSetRequest' - produces: - - application/json + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.CreateRecordSetRequest' + description: Record set payload + required: true responses: "201": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.RecordSetResponse' description: Created - schema: - $ref: '#/definitions/dto.RecordSetResponse' "400": + content: + application/json: + schema: + type: string description: validation error - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: domain not found - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -2136,32 +3345,34 @@ paths: - DNS /dns/domains/{id}: delete: - consumes: - - application/json operationId: DeleteDomain parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Domain ID (UUID) in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string responses: "204": description: No Content "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -2170,38 +3381,44 @@ paths: tags: - DNS get: - consumes: - - application/json operationId: GetDomain parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Domain ID (UUID) in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.DomainResponse' description: OK - schema: - $ref: '#/definitions/dto.DomainResponse' "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -2210,44 +3427,51 @@ paths: tags: - DNS patch: - consumes: - - application/json operationId: UpdateDomain parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Domain ID (UUID) in: path name: id required: true - type: string - - description: Fields to update - in: body - name: body - required: true schema: - $ref: '#/definitions/dto.UpdateDomainRequest' - produces: - - application/json + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.UpdateDomainRequest' + description: Fields to update + required: true responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.DomainResponse' description: OK - schema: - $ref: '#/definitions/dto.DomainResponse' "400": + content: + application/json: + schema: + type: string description: validation error - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -2257,32 +3481,34 @@ paths: - DNS /dns/records/{id}: delete: - consumes: - - application/json operationId: DeleteRecordSet parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Record Set ID (UUID) in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string responses: "204": description: No Content "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -2292,44 +3518,51 @@ paths: tags: - DNS patch: - consumes: - - application/json operationId: UpdateRecordSet parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Record Set ID (UUID) in: path name: id required: true - type: string - - description: Fields to update - in: body - name: body - required: true schema: - $ref: '#/definitions/dto.UpdateRecordSetRequest' - produces: - - application/json + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.UpdateRecordSetRequest' + description: Fields to update + required: true responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.RecordSetResponse' description: OK - schema: - $ref: '#/definitions/dto.RecordSetResponse' "400": + content: + application/json: + schema: + type: string description: validation error - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -2339,24 +3572,20 @@ paths: - DNS /healthz: get: - consumes: - - application/json description: Returns 200 OK when the service is up operationId: HealthCheck // operationId - produces: - - application/json responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/handlers.HealthStatus' description: OK - schema: - $ref: '#/definitions/handlers.HealthStatus' summary: Basic health check tags: - Health /labels: get: - consumes: - - application/json description: 'Returns node labels for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node groups.' @@ -2365,40 +3594,50 @@ paths: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Exact key in: query name: key - type: string + schema: + type: string - description: Exact value in: query name: value - type: string + schema: + type: string - description: Key contains (case-insensitive) in: query name: q - type: string - produces: - - application/json + schema: + type: string responses: "200": + content: + application/json: + schema: + items: + $ref: '#/components/schemas/dto.LabelResponse' + type: array description: OK - schema: - items: - $ref: '#/definitions/dto.LabelResponse' - type: array "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "500": + content: + application/json: + schema: + type: string description: failed to list node taints - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -2407,44 +3646,52 @@ paths: tags: - Labels post: - consumes: - - application/json description: Creates a label. operationId: CreateLabel parameters: - description: Organization UUID in: header name: X-Org-ID - type: string - - description: Label payload - in: body - name: body - required: true schema: - $ref: '#/definitions/dto.CreateLabelRequest' - produces: - - application/json + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.CreateLabelRequest' + description: Label payload + required: true responses: "201": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.LabelResponse' description: Created - schema: - $ref: '#/definitions/dto.LabelResponse' "400": + content: + application/json: + schema: + type: string description: invalid json / missing fields / invalid node_pool_ids - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "500": + content: + application/json: + schema: + type: string description: create failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -2454,43 +3701,47 @@ paths: - Labels /labels/{id}: delete: - consumes: - - application/json description: Permanently deletes the label. operationId: DeleteLabel parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Label ID (UUID) in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string responses: "204": description: No Content - schema: - type: string "400": + content: + application/json: + schema: + type: string description: invalid id - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "500": + content: + application/json: + schema: + type: string description: delete failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -2499,47 +3750,57 @@ paths: tags: - Labels get: - consumes: - - application/json description: Returns one label. operationId: GetLabel parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Label ID (UUID) in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.LabelResponse' description: OK - schema: - $ref: '#/definitions/dto.LabelResponse' "400": + content: + application/json: + schema: + type: string description: invalid id - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string "500": + content: + application/json: + schema: + type: string description: fetch failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -2548,53 +3809,64 @@ paths: tags: - Labels patch: - consumes: - - application/json description: Partially update label fields. operationId: UpdateLabel parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Label ID (UUID) in: path name: id required: true - type: string - - description: Fields to update - in: body - name: body - required: true schema: - $ref: '#/definitions/dto.UpdateLabelRequest' - produces: - - application/json + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.UpdateLabelRequest' + description: Fields to update + required: true responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.LabelResponse' description: OK - schema: - $ref: '#/definitions/dto.LabelResponse' "400": + content: + application/json: + schema: + type: string description: invalid id / invalid json - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string "500": + content: + application/json: + schema: + type: string description: update failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -2602,16 +3874,246 @@ paths: summary: Update label (org scoped) tags: - Labels + /load-balancers: + get: + description: Returns load balancers for the organization in X-Org-ID. + operationId: ListLoadBalancers + parameters: + - description: Organization UUID + in: header + name: X-Org-ID + schema: + type: string + responses: + "200": + content: + application/json: + schema: + items: + $ref: '#/components/schemas/dto.LoadBalancerResponse' + type: array + description: OK + "401": + content: + application/json: + schema: + type: string + description: Unauthorized + "403": + content: + application/json: + schema: + type: string + description: organization required + "500": + content: + application/json: + schema: + type: string + description: failed to list clusters + security: + - BearerAuth: [] + - OrgKeyAuth: [] + - OrgSecretAuth: [] + summary: List load balancers (org scoped) + tags: + - LoadBalancers + post: + operationId: CreateLoadBalancer + parameters: + - description: Organization UUID + in: header + name: X-Org-ID + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.CreateLoadBalancerRequest' + description: Record set payload + required: true + responses: + "201": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.LoadBalancerResponse' + description: Created + "400": + content: + application/json: + schema: + type: string + description: validation error + "403": + content: + application/json: + schema: + type: string + description: organization required + "404": + content: + application/json: + schema: + type: string + description: domain not found + security: + - BearerAuth: [] + - OrgKeyAuth: [] + - OrgSecretAuth: [] + summary: Create a load balancer + tags: + - LoadBalancers + /load-balancers/{id}: + delete: + operationId: DeleteLoadBalancer + parameters: + - description: Organization UUID + in: header + name: X-Org-ID + schema: + type: string + - description: Load Balancer ID (UUID) + in: path + name: id + required: true + schema: + type: string + responses: + "204": + description: No Content + "403": + content: + application/json: + schema: + type: string + description: organization required + "404": + content: + application/json: + schema: + type: string + description: not found + security: + - BearerAuth: [] + - OrgKeyAuth: [] + - OrgSecretAuth: [] + summary: Delete a load balancer + tags: + - LoadBalancers + get: + description: Returns load balancer for the organization in X-Org-ID. + operationId: GetLoadBalancers + parameters: + - description: Organization UUID + in: header + name: X-Org-ID + schema: + type: string + - description: LoadBalancer ID (UUID) + in: path + name: id + required: true + schema: + type: string + responses: + "200": + content: + application/json: + schema: + items: + $ref: '#/components/schemas/dto.LoadBalancerResponse' + type: array + description: OK + "401": + content: + application/json: + schema: + type: string + description: Unauthorized + "403": + content: + application/json: + schema: + type: string + description: organization required + "500": + content: + application/json: + schema: + type: string + description: failed to list clusters + security: + - BearerAuth: [] + - OrgKeyAuth: [] + - OrgSecretAuth: [] + summary: Get a load balancer (org scoped) + tags: + - LoadBalancers + patch: + operationId: UpdateLoadBalancer + parameters: + - description: Organization UUID + in: header + name: X-Org-ID + schema: + type: string + - description: Load Balancer ID (UUID) + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.UpdateLoadBalancerRequest' + description: Fields to update + required: true + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.LoadBalancerResponse' + description: OK + "400": + content: + application/json: + schema: + type: string + description: validation error + "403": + content: + application/json: + schema: + type: string + description: organization required + "404": + content: + application/json: + schema: + type: string + description: not found + security: + - BearerAuth: [] + - OrgKeyAuth: [] + - OrgSecretAuth: [] + summary: Update a load balancer (org scoped) + tags: + - LoadBalancers /me: get: operationId: GetMe - produces: - - application/json responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/handlers.meResponse' description: OK - schema: - $ref: '#/definitions/handlers.meResponse' security: - BearerAuth: [] - ApiKeyAuth: [] @@ -2619,23 +4121,21 @@ paths: tags: - Me patch: - consumes: - - application/json operationId: UpdateMe - parameters: - - description: Patch profile - in: body - name: body + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/handlers.updateMeRequest' + description: Patch profile required: true - schema: - $ref: '#/definitions/handlers.updateMeRequest' - produces: - - application/json responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/models.User' description: OK - schema: - $ref: '#/definitions/models.User' security: - BearerAuth: [] - ApiKeyAuth: [] @@ -2645,15 +4145,15 @@ paths: /me/api-keys: get: operationId: ListUserAPIKeys - produces: - - application/json responses: "200": + content: + application/json: + schema: + items: + $ref: '#/components/schemas/handlers.userAPIKeyOut' + type: array description: OK - schema: - items: - $ref: '#/definitions/handlers.userAPIKeyOut' - type: array security: - BearerAuth: [] - ApiKeyAuth: [] @@ -2661,25 +4161,23 @@ paths: tags: - MeAPIKeys post: - consumes: - - application/json description: Returns the plaintext key once. Store it securely on the client side. operationId: CreateUserAPIKey - parameters: - - description: Key options - in: body - name: body + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/handlers.createUserKeyRequest' + description: Key options required: true - schema: - $ref: '#/definitions/handlers.createUserKeyRequest' - produces: - - application/json responses: "201": + content: + application/json: + schema: + $ref: '#/components/schemas/handlers.userAPIKeyOut' description: Created - schema: - $ref: '#/definitions/handlers.userAPIKeyOut' security: - BearerAuth: [] - ApiKeyAuth: [] @@ -2694,9 +4192,8 @@ paths: in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string responses: "204": description: No Content @@ -2707,40 +4204,46 @@ paths: - MeAPIKeys /node-pools: get: - consumes: - - application/json description: Returns node pools for the organization in X-Org-ID. operationId: ListNodePools parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Name contains (case-insensitive) in: query name: q - type: string - produces: - - application/json + schema: + type: string responses: "200": + content: + application/json: + schema: + items: + $ref: '#/components/schemas/dto.NodePoolResponse' + type: array description: OK - schema: - items: - $ref: '#/definitions/dto.NodePoolResponse' - type: array "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "500": + content: + application/json: + schema: + type: string description: failed to list node pools - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -2749,44 +4252,52 @@ paths: tags: - NodePools post: - consumes: - - application/json description: Creates a node pool. Optionally attach initial servers. operationId: CreateNodePool parameters: - description: Organization UUID in: header name: X-Org-ID - type: string - - description: NodePool payload - in: body - name: body - required: true schema: - $ref: '#/definitions/dto.CreateNodePoolRequest' - produces: - - application/json + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.CreateNodePoolRequest' + description: NodePool payload + required: true responses: "201": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.NodePoolResponse' description: Created - schema: - $ref: '#/definitions/dto.NodePoolResponse' "400": + content: + application/json: + schema: + type: string description: invalid json / missing fields / invalid server_ids - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "500": + content: + application/json: + schema: + type: string description: create failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -2796,43 +4307,47 @@ paths: - NodePools /node-pools/{id}: delete: - consumes: - - application/json description: Permanently deletes the node pool. operationId: DeleteNodePool parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Node Pool ID (UUID) in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string responses: "204": description: No Content - schema: - type: string "400": + content: + application/json: + schema: + type: string description: invalid id - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "500": + content: + application/json: + schema: + type: string description: delete failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -2841,47 +4356,57 @@ paths: tags: - NodePools get: - consumes: - - application/json description: Returns one node pool. Add `include=servers` to include servers. operationId: GetNodePool parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Node Pool ID (UUID) in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.NodePoolResponse' description: OK - schema: - $ref: '#/definitions/dto.NodePoolResponse' "400": + content: + application/json: + schema: + type: string description: invalid id - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string "500": + content: + application/json: + schema: + type: string description: fetch failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -2890,53 +4415,64 @@ paths: tags: - NodePools patch: - consumes: - - application/json description: Partially update node pool fields. operationId: UpdateNodePool parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Node Pool ID (UUID) in: path name: id required: true - type: string - - description: Fields to update - in: body - name: body - required: true schema: - $ref: '#/definitions/dto.UpdateNodePoolRequest' - produces: - - application/json + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.UpdateNodePoolRequest' + description: Fields to update + required: true responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.NodePoolResponse' description: OK - schema: - $ref: '#/definitions/dto.NodePoolResponse' "400": + content: + application/json: + schema: + type: string description: invalid id / invalid json - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string "500": + content: + application/json: + schema: + type: string description: update failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -2946,48 +4482,58 @@ paths: - NodePools /node-pools/{id}/annotations: get: - consumes: - - application/json operationId: ListNodePoolAnnotations parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Node Pool ID (UUID) in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string responses: "200": + content: + application/json: + schema: + items: + $ref: '#/components/schemas/dto.AnnotationResponse' + type: array description: OK - schema: - items: - $ref: '#/definitions/dto.AnnotationResponse' - type: array "400": + content: + application/json: + schema: + type: string description: invalid id - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string "500": + content: + application/json: + schema: + type: string description: fetch failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -2996,52 +4542,63 @@ paths: tags: - NodePools post: - consumes: - - application/json operationId: AttachNodePoolAnnotations parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Node Group ID (UUID) in: path name: id required: true - type: string - - description: Annotation IDs to attach - in: body - name: body - required: true schema: - $ref: '#/definitions/dto.AttachAnnotationsRequest' - produces: - - application/json + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.AttachAnnotationsRequest' + description: Annotation IDs to attach + required: true responses: "204": + content: + application/json: + schema: + type: string description: No Content - schema: - type: string "400": + content: + application/json: + schema: + type: string description: invalid id / invalid server_ids - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string "500": + content: + application/json: + schema: + type: string description: attach failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -3051,51 +4608,62 @@ paths: - NodePools /node-pools/{id}/annotations/{annotationId}: delete: - consumes: - - application/json operationId: DetachNodePoolAnnotation parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Node Pool ID (UUID) in: path name: id required: true - type: string + schema: + type: string - description: Annotation ID (UUID) in: path name: annotationId required: true - type: string - produces: - - application/json + schema: + type: string responses: "204": + content: + application/json: + schema: + type: string description: No Content - schema: - type: string "400": + content: + application/json: + schema: + type: string description: invalid id - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string "500": + content: + application/json: + schema: + type: string description: detach failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -3105,48 +4673,58 @@ paths: - NodePools /node-pools/{id}/labels: get: - consumes: - - application/json operationId: ListNodePoolLabels parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Label Pool ID (UUID) in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string responses: "200": + content: + application/json: + schema: + items: + $ref: '#/components/schemas/dto.LabelResponse' + type: array description: OK - schema: - items: - $ref: '#/definitions/dto.LabelResponse' - type: array "400": + content: + application/json: + schema: + type: string description: invalid id - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string "500": + content: + application/json: + schema: + type: string description: fetch failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -3155,52 +4733,63 @@ paths: tags: - NodePools post: - consumes: - - application/json operationId: AttachNodePoolLabels parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Node Pool ID (UUID) in: path name: id required: true - type: string - - description: Label IDs to attach - in: body - name: body - required: true schema: - $ref: '#/definitions/dto.AttachLabelsRequest' - produces: - - application/json + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.AttachLabelsRequest' + description: Label IDs to attach + required: true responses: "204": + content: + application/json: + schema: + type: string description: No Content - schema: - type: string "400": + content: + application/json: + schema: + type: string description: invalid id / invalid server_ids - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string "500": + content: + application/json: + schema: + type: string description: attach failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -3210,51 +4799,62 @@ paths: - NodePools /node-pools/{id}/labels/{labelId}: delete: - consumes: - - application/json operationId: DetachNodePoolLabel parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Node Pool ID (UUID) in: path name: id required: true - type: string + schema: + type: string - description: Label ID (UUID) in: path name: labelId required: true - type: string - produces: - - application/json + schema: + type: string responses: "204": + content: + application/json: + schema: + type: string description: No Content - schema: - type: string "400": + content: + application/json: + schema: + type: string description: invalid id - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string "500": + content: + application/json: + schema: + type: string description: detach failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -3264,48 +4864,58 @@ paths: - NodePools /node-pools/{id}/servers: get: - consumes: - - application/json operationId: ListNodePoolServers parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Node Pool ID (UUID) in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string responses: "200": + content: + application/json: + schema: + items: + $ref: '#/components/schemas/dto.ServerResponse' + type: array description: OK - schema: - items: - $ref: '#/definitions/dto.ServerResponse' - type: array "400": + content: + application/json: + schema: + type: string description: invalid id - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string "500": + content: + application/json: + schema: + type: string description: fetch failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -3314,52 +4924,63 @@ paths: tags: - NodePools post: - consumes: - - application/json operationId: AttachNodePoolServers parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Node Pool ID (UUID) in: path name: id required: true - type: string - - description: Server IDs to attach - in: body - name: body - required: true schema: - $ref: '#/definitions/dto.AttachServersRequest' - produces: - - application/json + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.AttachServersRequest' + description: Server IDs to attach + required: true responses: "204": + content: + application/json: + schema: + type: string description: No Content - schema: - type: string "400": + content: + application/json: + schema: + type: string description: invalid id / invalid server_ids - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string "500": + content: + application/json: + schema: + type: string description: attach failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -3369,51 +4990,62 @@ paths: - NodePools /node-pools/{id}/servers/{serverId}: delete: - consumes: - - application/json operationId: DetachNodePoolServer parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Node Pool ID (UUID) in: path name: id required: true - type: string + schema: + type: string - description: Server ID (UUID) in: path name: serverId required: true - type: string - produces: - - application/json + schema: + type: string responses: "204": + content: + application/json: + schema: + type: string description: No Content - schema: - type: string "400": + content: + application/json: + schema: + type: string description: invalid id - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string "500": + content: + application/json: + schema: + type: string description: detach failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -3423,48 +5055,58 @@ paths: - NodePools /node-pools/{id}/taints: get: - consumes: - - application/json operationId: ListNodePoolTaints parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Node Pool ID (UUID) in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string responses: "200": + content: + application/json: + schema: + items: + $ref: '#/components/schemas/dto.TaintResponse' + type: array description: OK - schema: - items: - $ref: '#/definitions/dto.TaintResponse' - type: array "400": + content: + application/json: + schema: + type: string description: invalid id - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string "500": + content: + application/json: + schema: + type: string description: fetch failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -3473,52 +5115,63 @@ paths: tags: - NodePools post: - consumes: - - application/json operationId: AttachNodePoolTaints parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Node Pool ID (UUID) in: path name: id required: true - type: string - - description: Taint IDs to attach - in: body - name: body - required: true schema: - $ref: '#/definitions/dto.AttachTaintsRequest' - produces: - - application/json + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.AttachTaintsRequest' + description: Taint IDs to attach + required: true responses: "204": + content: + application/json: + schema: + type: string description: No Content - schema: - type: string "400": + content: + application/json: + schema: + type: string description: invalid id / invalid taint_ids - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string "500": + content: + application/json: + schema: + type: string description: attach failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -3528,51 +5181,62 @@ paths: - NodePools /node-pools/{id}/taints/{taintId}: delete: - consumes: - - application/json operationId: DetachNodePoolTaint parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Node Pool ID (UUID) in: path name: id required: true - type: string + schema: + type: string - description: Taint ID (UUID) in: path name: taintId required: true - type: string - produces: - - application/json + schema: + type: string responses: "204": + content: + application/json: + schema: + type: string description: No Content - schema: - type: string "400": + content: + application/json: + schema: + type: string description: invalid id - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string "500": + content: + application/json: + schema: + type: string description: detach failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -3583,54 +5247,60 @@ paths: /orgs: get: operationId: listMyOrgs - produces: - - application/json responses: "200": + content: + application/json: + schema: + items: + $ref: '#/components/schemas/models.Organization' + type: array description: OK - schema: - items: - $ref: '#/definitions/models.Organization' - type: array "401": + content: + application/json: + schema: + $ref: '#/components/schemas/utils.ErrorResponse' description: Unauthorized - schema: - $ref: '#/definitions/utils.ErrorResponse' security: - BearerAuth: [] summary: List organizations I belong to tags: - Orgs post: - consumes: - - application/json operationId: createOrg - parameters: - - description: Org payload - in: body - name: body + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/handlers.orgCreateReq' + description: Org payload required: true - schema: - $ref: '#/definitions/handlers.orgCreateReq' - produces: - - application/json responses: "201": + content: + application/json: + schema: + $ref: '#/components/schemas/models.Organization' description: Created - schema: - $ref: '#/definitions/models.Organization' "400": + content: + application/json: + schema: + $ref: '#/components/schemas/utils.ErrorResponse' description: Bad Request - schema: - $ref: '#/definitions/utils.ErrorResponse' "401": + content: + application/json: + schema: + $ref: '#/components/schemas/utils.ErrorResponse' description: Unauthorized - schema: - $ref: '#/definitions/utils.ErrorResponse' "409": + content: + application/json: + schema: + $ref: '#/components/schemas/utils.ErrorResponse' description: Conflict - schema: - $ref: '#/definitions/utils.ErrorResponse' security: - BearerAuth: [] summary: Create organization @@ -3644,20 +5314,23 @@ paths: in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string responses: "204": description: Deleted "401": + content: + application/json: + schema: + $ref: '#/components/schemas/utils.ErrorResponse' description: Unauthorized - schema: - $ref: '#/definitions/utils.ErrorResponse' "404": + content: + application/json: + schema: + $ref: '#/components/schemas/utils.ErrorResponse' description: Not Found - schema: - $ref: '#/definitions/utils.ErrorResponse' security: - BearerAuth: [] summary: Delete organization (owner) @@ -3670,58 +5343,67 @@ paths: in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/models.Organization' description: OK - schema: - $ref: '#/definitions/models.Organization' "401": + content: + application/json: + schema: + $ref: '#/components/schemas/utils.ErrorResponse' description: Unauthorized - schema: - $ref: '#/definitions/utils.ErrorResponse' "404": + content: + application/json: + schema: + $ref: '#/components/schemas/utils.ErrorResponse' description: Not Found - schema: - $ref: '#/definitions/utils.ErrorResponse' security: - BearerAuth: [] summary: Get organization tags: - Orgs patch: - consumes: - - application/json operationId: updateOrg parameters: - description: Org ID (UUID) in: path name: id required: true - type: string - - description: Update payload - in: body - name: body - required: true schema: - $ref: '#/definitions/handlers.orgUpdateReq' - produces: - - application/json + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/handlers.orgUpdateReq' + description: Update payload + required: true responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/models.Organization' description: OK - schema: - $ref: '#/definitions/models.Organization' "401": + content: + application/json: + schema: + $ref: '#/components/schemas/utils.ErrorResponse' description: Unauthorized - schema: - $ref: '#/definitions/utils.ErrorResponse' "404": + content: + application/json: + schema: + $ref: '#/components/schemas/utils.ErrorResponse' description: Not Found - schema: - $ref: '#/definitions/utils.ErrorResponse' security: - BearerAuth: [] summary: Update organization (owner/admin) @@ -3735,52 +5417,57 @@ paths: in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string responses: "200": + content: + application/json: + schema: + items: + $ref: '#/components/schemas/models.APIKey' + type: array description: OK - schema: - items: - $ref: '#/definitions/models.APIKey' - type: array "401": + content: + application/json: + schema: + $ref: '#/components/schemas/utils.ErrorResponse' description: Unauthorized - schema: - $ref: '#/definitions/utils.ErrorResponse' security: - BearerAuth: [] summary: List org-scoped API keys (no secrets) tags: - Orgs post: - consumes: - - application/json operationId: createOrgKey parameters: - description: Org ID (UUID) in: path name: id required: true - type: string - - description: Key name + optional expiry - in: body - name: body - required: true schema: - $ref: '#/definitions/handlers.orgKeyCreateReq' - produces: - - application/json + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/handlers.orgKeyCreateReq' + description: Key name + optional expiry + required: true responses: "201": + content: + application/json: + schema: + $ref: '#/components/schemas/handlers.orgKeyCreateResp' description: Created - schema: - $ref: '#/definitions/handlers.orgKeyCreateResp' "401": + content: + application/json: + schema: + $ref: '#/components/schemas/utils.ErrorResponse' description: Unauthorized - schema: - $ref: '#/definitions/utils.ErrorResponse' security: - BearerAuth: [] summary: Create org key/secret pair (owner/admin) @@ -3794,21 +5481,23 @@ paths: in: path name: id required: true - type: string + schema: + type: string - description: Key ID (UUID) in: path name: key_id required: true - type: string - produces: - - application/json + schema: + type: string responses: "204": description: Deleted "401": + content: + application/json: + schema: + $ref: '#/components/schemas/utils.ErrorResponse' description: Unauthorized - schema: - $ref: '#/definitions/utils.ErrorResponse' security: - BearerAuth: [] summary: Delete org key (owner/admin) @@ -3822,52 +5511,57 @@ paths: in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string responses: "200": + content: + application/json: + schema: + items: + $ref: '#/components/schemas/handlers.memberOut' + type: array description: OK - schema: - items: - $ref: '#/definitions/handlers.memberOut' - type: array "401": + content: + application/json: + schema: + $ref: '#/components/schemas/utils.ErrorResponse' description: Unauthorized - schema: - $ref: '#/definitions/utils.ErrorResponse' security: - BearerAuth: [] summary: List members in org tags: - Orgs post: - consumes: - - application/json operationId: addOrUpdateMember parameters: - description: Org ID (UUID) in: path name: id required: true - type: string - - description: User & role - in: body - name: body - required: true schema: - $ref: '#/definitions/handlers.memberUpsertReq' - produces: - - application/json + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/handlers.memberUpsertReq' + description: User & role + required: true responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/handlers.memberOut' description: OK - schema: - $ref: '#/definitions/handlers.memberOut' "401": + content: + application/json: + schema: + $ref: '#/components/schemas/utils.ErrorResponse' description: Unauthorized - schema: - $ref: '#/definitions/utils.ErrorResponse' security: - BearerAuth: [] summary: Add or update a member (owner/admin) @@ -3881,21 +5575,23 @@ paths: in: path name: id required: true - type: string + schema: + type: string - description: User ID (UUID) in: path name: user_id required: true - type: string - produces: - - application/json + schema: + type: string responses: "204": description: Removed "401": + content: + application/json: + schema: + $ref: '#/components/schemas/utils.ErrorResponse' description: Unauthorized - schema: - $ref: '#/definitions/utils.ErrorResponse' security: - BearerAuth: [] summary: Remove a member (owner/admin) @@ -3903,8 +5599,6 @@ paths: - Orgs /servers: get: - consumes: - - application/json description: 'Returns servers for the organization in X-Org-ID. Optional filters: status, role.' operationId: ListServers @@ -3912,36 +5606,45 @@ paths: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Filter by status (pending|provisioning|ready|failed) in: query name: status - type: string + schema: + type: string - description: Filter by role in: query name: role - type: string - produces: - - application/json + schema: + type: string responses: "200": + content: + application/json: + schema: + items: + $ref: '#/components/schemas/dto.ServerResponse' + type: array description: OK - schema: - items: - $ref: '#/definitions/dto.ServerResponse' - type: array "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "500": + content: + application/json: + schema: + type: string description: failed to list servers - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -3950,8 +5653,6 @@ paths: tags: - Servers post: - consumes: - - application/json description: Creates a server bound to the org in X-Org-ID. Validates that ssh_key_id belongs to the org. operationId: CreateServer @@ -3959,36 +5660,46 @@ paths: - description: Organization UUID in: header name: X-Org-ID - type: string - - description: Server payload - in: body - name: body - required: true schema: - $ref: '#/definitions/dto.CreateServerRequest' - produces: - - application/json + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.CreateServerRequest' + description: Server payload + required: true responses: "201": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.ServerResponse' description: Created - schema: - $ref: '#/definitions/dto.ServerResponse' "400": + content: + application/json: + schema: + type: string description: invalid json / missing fields / invalid status / invalid ssh_key_id - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "500": + content: + application/json: + schema: + type: string description: create failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -3998,43 +5709,47 @@ paths: - Servers /servers/{id}: delete: - consumes: - - application/json description: Permanently deletes the server. operationId: DeleteServer parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Server ID (UUID) in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string responses: "204": description: No Content - schema: - type: string "400": + content: + application/json: + schema: + type: string description: invalid id - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "500": + content: + application/json: + schema: + type: string description: delete failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -4043,47 +5758,57 @@ paths: tags: - Servers get: - consumes: - - application/json description: Returns one server in the given organization. operationId: GetServer parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Server ID (UUID) in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.ServerResponse' description: OK - schema: - $ref: '#/definitions/dto.ServerResponse' "400": + content: + application/json: + schema: + type: string description: invalid id - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string "500": + content: + application/json: + schema: + type: string description: fetch failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -4092,53 +5817,64 @@ paths: tags: - Servers patch: - consumes: - - application/json description: Partially update fields; changing ssh_key_id validates ownership. operationId: UpdateServer parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Server ID (UUID) in: path name: id required: true - type: string - - description: Fields to update - in: body - name: body - required: true schema: - $ref: '#/definitions/dto.UpdateServerRequest' - produces: - - application/json + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.UpdateServerRequest' + description: Fields to update + required: true responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.ServerResponse' description: OK - schema: - $ref: '#/definitions/dto.ServerResponse' "400": + content: + application/json: + schema: + type: string description: invalid id / invalid json / invalid status / invalid ssh_key_id - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string "500": + content: + application/json: + schema: + type: string description: update failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -4148,8 +5884,6 @@ paths: - Servers /servers/{id}/reset-hostkey: post: - consumes: - - application/json description: Clears the stored SSH host key for this server. The next SSH connection will re-learn the host key (trust-on-first-use). operationId: ResetServerHostKey @@ -4157,39 +5891,56 @@ paths: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Server ID (UUID) in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string + requestBody: + content: + application/json: + schema: + type: object responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.ServerResponse' description: OK - schema: - $ref: '#/definitions/dto.ServerResponse' "400": + content: + application/json: + schema: + type: string description: invalid id - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string "500": + content: + application/json: + schema: + type: string description: reset failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -4199,36 +5950,41 @@ paths: - Servers /ssh: get: - consumes: - - application/json description: Returns ssh keys for the organization in X-Org-ID. operationId: ListPublicSshKeys parameters: - description: Organization UUID in: header name: X-Org-ID - type: string - produces: - - application/json + schema: + type: string responses: "200": + content: + application/json: + schema: + items: + $ref: '#/components/schemas/dto.SshResponse' + type: array description: OK - schema: - items: - $ref: '#/definitions/dto.SshResponse' - type: array "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "500": + content: + application/json: + schema: + type: string description: failed to list keys - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -4237,8 +5993,6 @@ paths: tags: - Ssh post: - consumes: - - application/json description: Generates an RSA or ED25519 keypair, saves it, and returns metadata. For RSA you may set bits (2048/3072/4096). Default is 4096. ED25519 ignores bits. @@ -4247,36 +6001,46 @@ paths: - description: Organization UUID in: header name: X-Org-ID - type: string - - description: Key generation options - in: body - name: body - required: true schema: - $ref: '#/definitions/dto.CreateSSHRequest' - produces: - - application/json + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.CreateSSHRequest' + description: Key generation options + required: true responses: "201": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.SshResponse' description: Created - schema: - $ref: '#/definitions/dto.SshResponse' "400": + content: + application/json: + schema: + type: string description: invalid json / invalid bits - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "500": + content: + application/json: + schema: + type: string description: generation/create failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -4286,43 +6050,47 @@ paths: - Ssh /ssh/{id}: delete: - consumes: - - application/json description: Permanently deletes a keypair. operationId: DeleteSSHKey parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: SSH Key ID (UUID) in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string responses: "204": description: No Content - schema: - type: string "400": + content: + application/json: + schema: + type: string description: invalid id - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "500": + content: + application/json: + schema: + type: string description: delete failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -4331,8 +6099,6 @@ paths: tags: - Ssh get: - consumes: - - application/json description: Returns public key fields. Append `?reveal=true` to include the private key PEM. operationId: GetSSHKey @@ -4340,43 +6106,58 @@ paths: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: SSH Key ID (UUID) in: path name: id required: true - type: string + schema: + type: string - description: Reveal private key PEM in: query name: reveal - type: boolean - produces: - - application/json + schema: + type: boolean responses: "200": + content: + application/json: + schema: + oneOf: + - $ref: '#/components/schemas/dto.SshResponse' + - $ref: '#/components/schemas/dto.SshRevealResponse' description: When reveal=true - schema: - $ref: '#/definitions/dto.SshRevealResponse' "400": + content: + application/json: + schema: + type: string description: invalid id - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string "500": + content: + application/json: + schema: + type: string description: fetch failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -4394,48 +6175,61 @@ paths: in: header name: X-Org-ID required: true - type: string + schema: + type: string - description: SSH Key ID (UUID) in: path name: id required: true - type: string + schema: + type: string - description: Which part to download - enum: - - public - - private - - both in: query name: part required: true - type: string - produces: - - application/json + schema: + enum: + - public + - private + - both + type: string responses: "200": + content: + application/json: + schema: + type: string description: file content - schema: - type: string "400": + content: + application/json: + schema: + type: string description: invalid id / invalid part - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string "500": + content: + application/json: + schema: + type: string description: download failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -4445,8 +6239,6 @@ paths: - Ssh /taints: get: - consumes: - - application/json description: 'Returns node taints for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node pools.' @@ -4455,40 +6247,50 @@ paths: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Exact key in: query name: key - type: string + schema: + type: string - description: Exact value in: query name: value - type: string + schema: + type: string - description: key contains (case-insensitive) in: query name: q - type: string - produces: - - application/json + schema: + type: string responses: "200": + content: + application/json: + schema: + items: + $ref: '#/components/schemas/dto.TaintResponse' + type: array description: OK - schema: - items: - $ref: '#/definitions/dto.TaintResponse' - type: array "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "500": + content: + application/json: + schema: + type: string description: failed to list node taints - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -4497,44 +6299,52 @@ paths: tags: - Taints post: - consumes: - - application/json description: Creates a taint. operationId: CreateTaint parameters: - description: Organization UUID in: header name: X-Org-ID - type: string - - description: Taint payload - in: body - name: body - required: true schema: - $ref: '#/definitions/dto.CreateTaintRequest' - produces: - - application/json + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.CreateTaintRequest' + description: Taint payload + required: true responses: "201": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.TaintResponse' description: Created - schema: - $ref: '#/definitions/dto.TaintResponse' "400": + content: + application/json: + schema: + type: string description: invalid json / missing fields / invalid node_pool_ids - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "500": + content: + application/json: + schema: + type: string description: create failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -4544,43 +6354,47 @@ paths: - Taints /taints/{id}: delete: - consumes: - - application/json description: Permanently deletes the taint. operationId: DeleteTaint parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Node Taint ID (UUID) in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string responses: "204": description: No Content - schema: - type: string "400": + content: + application/json: + schema: + type: string description: invalid id - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "500": + content: + application/json: + schema: + type: string description: delete failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -4589,46 +6403,56 @@ paths: tags: - Taints get: - consumes: - - application/json operationId: GetTaint parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Node Taint ID (UUID) in: path name: id required: true - type: string - produces: - - application/json + schema: + type: string responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.TaintResponse' description: OK - schema: - $ref: '#/definitions/dto.TaintResponse' "400": + content: + application/json: + schema: + type: string description: invalid id - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string "500": + content: + application/json: + schema: + type: string description: fetch failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -4637,53 +6461,64 @@ paths: tags: - Taints patch: - consumes: - - application/json description: Partially update taint fields. operationId: UpdateTaint parameters: - description: Organization UUID in: header name: X-Org-ID - type: string + schema: + type: string - description: Node Taint ID (UUID) in: path name: id required: true - type: string - - description: Fields to update - in: body - name: body - required: true schema: - $ref: '#/definitions/dto.UpdateTaintRequest' - produces: - - application/json + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/dto.UpdateTaintRequest' + description: Fields to update + required: true responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/dto.TaintResponse' description: OK - schema: - $ref: '#/definitions/dto.TaintResponse' "400": + content: + application/json: + schema: + type: string description: invalid id / invalid json - schema: - type: string "401": + content: + application/json: + schema: + type: string description: Unauthorized - schema: - type: string "403": + content: + application/json: + schema: + type: string description: organization required - schema: - type: string "404": + content: + application/json: + schema: + type: string description: not found - schema: - type: string "500": + content: + application/json: + schema: + type: string description: update failed - schema: - type: string security: - BearerAuth: [] - OrgKeyAuth: [] @@ -4693,42 +6528,22 @@ paths: - Taints /version: get: - consumes: - - application/json description: Returns build/runtime metadata for the running service. operationId: Version // operationId - produces: - - application/json responses: "200": + content: + application/json: + schema: + $ref: '#/components/schemas/handlers.VersionResponse' description: OK - schema: - $ref: '#/definitions/handlers.VersionResponse' summary: Service version information tags: - Meta -schemes: -- http -- https -securityDefinitions: - ApiKeyAuth: - description: User API key - in: header - name: X-API-KEY - type: apiKey - BearerAuth: - description: Bearer token authentication - in: header - name: Authorization - type: apiKey - OrgKeyAuth: - description: Org-level key/secret authentication - in: header - name: X-ORG-KEY - type: apiKey - OrgSecretAuth: - description: Org-level secret - in: header - name: X-ORG-SECRET - type: apiKey -swagger: "2.0" +servers: +- description: Production API + url: https://autoglue.onglueops.rocks/api/v1 +- description: Staging API + url: https://autoglue.apps.nonprod.earth.onglueops.rocks/api/v1 +- description: Local dev + url: http://localhost:8080/api/v1 diff --git a/go.mod b/go.mod index 17c67a8..498263d 100644 --- a/go.mod +++ b/go.mod @@ -3,6 +3,7 @@ module github.com/glueops/autoglue go 1.25.4 require ( + ariga.io/atlas-provider-gorm v0.6.0 github.com/alexedwards/argon2id v1.0.0 github.com/aws/aws-sdk-go-v2 v1.39.6 github.com/aws/aws-sdk-go-v2/config v1.31.18 @@ -11,6 +12,7 @@ require ( github.com/aws/aws-sdk-go-v2/service/s3 v1.90.0 github.com/coreos/go-oidc/v3 v3.16.0 github.com/dyaksa/archer v1.1.3 + github.com/fergusstrange/embedded-postgres v1.33.0 github.com/gin-gonic/gin v1.11.0 github.com/go-chi/chi/v5 v5.2.3 github.com/go-chi/cors v1.2.2 @@ -23,7 +25,6 @@ require ( github.com/sosedoff/pgweb v0.16.2 github.com/spf13/cobra v1.10.1 github.com/spf13/viper v1.21.0 - github.com/swaggo/http-swagger/v2 v2.0.2 github.com/swaggo/swag/v2 v2.0.0-rc4 golang.org/x/crypto v0.44.0 golang.org/x/oauth2 v0.33.0 @@ -34,8 +35,20 @@ require ( ) require ( + ariga.io/atlas v0.36.2-0.20250806044935-5bb51a0a956e // indirect + cel.dev/expr v0.24.0 // indirect + cloud.google.com/go v0.121.6 // indirect + cloud.google.com/go/auth v0.16.4 // indirect + cloud.google.com/go/auth/oauth2adapt v0.2.8 // indirect + cloud.google.com/go/compute/metadata v0.8.0 // indirect + cloud.google.com/go/iam v1.5.2 // indirect + cloud.google.com/go/longrunning v0.6.7 // indirect + cloud.google.com/go/monitoring v1.24.2 // indirect + cloud.google.com/go/spanner v1.84.1 // indirect filippo.io/edwards25519 v1.1.0 // indirect github.com/BurntSushi/toml v1.1.0 // indirect + github.com/GoogleCloudPlatform/grpc-gcp-go/grpcgcp v1.5.3 // indirect + github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.29.0 // indirect github.com/KyleBanks/depth v1.2.1 // indirect github.com/ScaleFT/sshkeys v0.0.0-20200327173127-6142f742bca5 // indirect github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.3 // indirect @@ -55,13 +68,19 @@ require ( github.com/beorn7/perks v1.0.1 // indirect github.com/bytedance/sonic v1.14.0 // indirect github.com/bytedance/sonic/loader v0.3.0 // indirect - github.com/cespare/xxhash/v2 v2.2.0 // indirect + github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/cloudwego/base64x v0.1.6 // indirect + github.com/cncf/xds/go v0.0.0-20250501225837-2ac532fd4443 // indirect github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a // indirect + github.com/envoyproxy/go-control-plane/envoy v1.32.4 // indirect + github.com/envoyproxy/protoc-gen-validate v1.2.1 // indirect + github.com/felixge/httpsnoop v1.0.4 // indirect github.com/fsnotify/fsnotify v1.9.0 // indirect github.com/gabriel-vasile/mimetype v1.4.10 // indirect github.com/gin-contrib/sse v1.1.0 // indirect github.com/go-jose/go-jose/v4 v4.1.3 // indirect + github.com/go-logr/logr v1.4.3 // indirect + github.com/go-logr/stdr v1.2.2 // indirect github.com/go-openapi/jsonpointer v0.19.6 // indirect github.com/go-openapi/jsonreference v0.20.2 // indirect github.com/go-openapi/spec v0.20.9 // indirect @@ -72,6 +91,15 @@ require ( github.com/go-viper/mapstructure/v2 v2.4.0 // indirect github.com/goccy/go-json v0.10.5 // indirect github.com/goccy/go-yaml v1.18.0 // indirect + github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9 // indirect + github.com/golang-sql/sqlexp v0.1.0 // indirect + github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect + github.com/google/s2a-go v0.1.9 // indirect + github.com/googleapis/enterprise-certificate-proxy v0.3.6 // indirect + github.com/googleapis/gax-go/v2 v2.15.0 // indirect + github.com/googleapis/go-gorm-spanner v1.8.6 // indirect + github.com/googleapis/go-sql-spanner v1.17.0 // indirect + github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/jackc/pgpassfile v1.0.0 // indirect github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 // indirect @@ -89,14 +117,17 @@ require ( github.com/mailru/easyjson v0.7.7 // indirect github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-isatty v0.0.20 // indirect + github.com/mattn/go-sqlite3 v1.14.28 // indirect + github.com/microsoft/go-mssqldb v1.7.2 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/mr-tron/base58 v1.2.0 // indirect github.com/pelletier/go-toml/v2 v2.2.4 // indirect github.com/pkg/errors v0.9.1 // indirect + github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 // indirect github.com/prometheus/client_golang v1.19.1 // indirect - github.com/prometheus/client_model v0.5.0 // indirect + github.com/prometheus/client_model v0.6.1 // indirect github.com/prometheus/common v0.48.0 // indirect github.com/prometheus/procfs v0.12.0 // indirect github.com/quic-go/qpack v0.5.1 // indirect @@ -107,14 +138,25 @@ require ( github.com/spf13/afero v1.15.0 // indirect github.com/spf13/cast v1.10.0 // indirect github.com/spf13/pflag v1.0.10 // indirect + github.com/spiffe/go-spiffe/v2 v2.5.0 // indirect github.com/subosito/gotenv v1.6.0 // indirect github.com/sv-tools/openapi v0.2.1 // indirect - github.com/swaggo/files/v2 v2.0.0 // indirect - github.com/swaggo/swag v1.8.1 // indirect github.com/tuvistavie/securerandom v0.0.0-20140719024926-15512123a948 // indirect github.com/twitchyliquid64/golang-asm v0.15.1 // indirect github.com/ugorji/go/codec v1.3.0 // indirect + github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect + github.com/zeebo/errs v1.4.0 // indirect github.com/zeebo/xxh3 v1.0.2 // indirect + go.opencensus.io v0.24.0 // indirect + go.opentelemetry.io/auto/sdk v1.1.0 // indirect + go.opentelemetry.io/contrib/detectors/gcp v1.37.0 // indirect + go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.62.0 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.62.0 // indirect + go.opentelemetry.io/otel v1.37.0 // indirect + go.opentelemetry.io/otel/metric v1.37.0 // indirect + go.opentelemetry.io/otel/sdk v1.37.0 // indirect + go.opentelemetry.io/otel/sdk/metric v1.37.0 // indirect + go.opentelemetry.io/otel/trace v1.37.0 // indirect go.uber.org/mock v0.5.0 // indirect go.yaml.in/yaml/v3 v3.0.4 // indirect golang.org/x/arch v0.20.0 // indirect @@ -123,8 +165,16 @@ require ( golang.org/x/sync v0.18.0 // indirect golang.org/x/sys v0.38.0 // indirect golang.org/x/text v0.31.0 // indirect + golang.org/x/time v0.12.0 // indirect golang.org/x/tools v0.38.0 // indirect + google.golang.org/api v0.247.0 // indirect + google.golang.org/genproto v0.0.0-20250804133106-a7a43d27e69b // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20250804133106-a7a43d27e69b // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20250811230008-5f3141c8851a // indirect + google.golang.org/grpc v1.74.2 // indirect google.golang.org/protobuf v1.36.9 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect - gorm.io/driver/mysql v1.5.6 // indirect + gorm.io/driver/mysql v1.5.7 // indirect + gorm.io/driver/sqlite v1.6.0 // indirect + gorm.io/driver/sqlserver v1.6.0 // indirect ) diff --git a/go.sum b/go.sum index 82363e2..6fbbaf6 100644 --- a/go.sum +++ b/go.sum @@ -1,33 +1,678 @@ +ariga.io/atlas v0.36.2-0.20250806044935-5bb51a0a956e h1:7upp27oOT/fmM5Dz3z9k8cmYwKJ2NAzuTqfT/rEP+50= +ariga.io/atlas v0.36.2-0.20250806044935-5bb51a0a956e/go.mod h1:Ex5l1xHsnWQUc3wYnrJ9gD7RUEzG76P7ZRQp8wNr0wc= +ariga.io/atlas-provider-gorm v0.6.0 h1:nJx1jLKr8pKeIxuYX3NmBuchWR9VldopWyElnPakRDw= +ariga.io/atlas-provider-gorm v0.6.0/go.mod h1:iod/+0ODkmcNBJsmNrs76btfETyqC+zCyy7sh7aXaig= +cel.dev/expr v0.24.0 h1:56OvJKSH3hDGL0ml5uSxZmz3/3Pq4tJ+fb1unVLAFcY= +cel.dev/expr v0.24.0/go.mod h1:hLPLo1W4QUmuYdA72RBX06QTs6MXw941piREPl3Yfiw= +cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= +cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= +cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= +cloud.google.com/go v0.44.3/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= +cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= +cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= +cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= +cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4= +cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M= +cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc= +cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKVk= +cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs= +cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc= +cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY= +cloud.google.com/go v0.72.0/go.mod h1:M+5Vjvlc2wnp6tjzE102Dw08nGShTscUx2nZMufOKPI= +cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmWk= +cloud.google.com/go v0.75.0/go.mod h1:VGuuCn7PG0dwsd5XPVm2Mm3wlh3EL55/79EKB6hlPTY= +cloud.google.com/go v0.78.0/go.mod h1:QjdrLG0uq+YwhjoVOLsS1t7TW8fs36kLs4XO5R5ECHg= +cloud.google.com/go v0.79.0/go.mod h1:3bzgcEeQlzbuEAYu4mrWhKqWjmpprinYgKJLgKHnbb8= +cloud.google.com/go v0.81.0/go.mod h1:mk/AM35KwGk/Nm2YSeZbxXdrNK3KZOYHmLkOqC2V6E0= +cloud.google.com/go v0.83.0/go.mod h1:Z7MJUsANfY0pYPdw0lbnivPx4/vhy/e2FEkSkF7vAVY= +cloud.google.com/go v0.84.0/go.mod h1:RazrYuxIK6Kb7YrzzhPoLmCVzl7Sup4NrbKPg8KHSUM= +cloud.google.com/go v0.87.0/go.mod h1:TpDYlFy7vuLzZMMZ+B6iRiELaY7z/gJPaqbMx6mlWcY= +cloud.google.com/go v0.90.0/go.mod h1:kRX0mNRHe0e2rC6oNakvwQqzyDmg57xJ+SZU1eT2aDQ= +cloud.google.com/go v0.93.3/go.mod h1:8utlLll2EF5XMAV15woO4lSbWQlk8rer9aLOfLh7+YI= +cloud.google.com/go v0.94.1/go.mod h1:qAlAugsXlC+JWO+Bke5vCtc9ONxjQT3drlTTnAplMW4= +cloud.google.com/go v0.97.0/go.mod h1:GF7l59pYBVlXQIBLx3a761cZ41F9bBH3JUlihCt2Udc= +cloud.google.com/go v0.99.0/go.mod h1:w0Xx2nLzqWJPuozYQX+hFfCSI8WioryfRDzkoI/Y2ZA= +cloud.google.com/go v0.100.1/go.mod h1:fs4QogzfH5n2pBXBP9vRiU+eCny7lD2vmFZy79Iuw1U= +cloud.google.com/go v0.100.2/go.mod h1:4Xra9TjzAeYHrl5+oeLlzbM2k3mjVhZh4UqTZ//w99A= +cloud.google.com/go v0.102.0/go.mod h1:oWcCzKlqJ5zgHQt9YsaeTY9KzIvjyy0ArmiBUgpQ+nc= +cloud.google.com/go v0.102.1/go.mod h1:XZ77E9qnTEnrgEOvr4xzfdX5TRo7fB4T2F4O6+34hIU= +cloud.google.com/go v0.104.0/go.mod h1:OO6xxXdJyvuJPcEPBLN9BJPD+jep5G1+2U5B5gkRYtA= +cloud.google.com/go v0.105.0/go.mod h1:PrLgOJNe5nfE9UMxKxgXj4mD3voiP+YQ6gdt6KMFOKM= +cloud.google.com/go v0.107.0/go.mod h1:wpc2eNrD7hXUTy8EKS10jkxpZBjASrORK7goS+3YX2I= +cloud.google.com/go v0.110.0/go.mod h1:SJnCLqQ0FCFGSZMUNUf84MV3Aia54kn7pi8st7tMzaY= +cloud.google.com/go v0.121.6 h1:waZiuajrI28iAf40cWgycWNgaXPO06dupuS+sgibK6c= +cloud.google.com/go v0.121.6/go.mod h1:coChdst4Ea5vUpiALcYKXEpR1S9ZgXbhEzzMcMR66vI= +cloud.google.com/go/accessapproval v1.4.0/go.mod h1:zybIuC3KpDOvotz59lFe5qxRZx6C75OtwbisN56xYB4= +cloud.google.com/go/accessapproval v1.5.0/go.mod h1:HFy3tuiGvMdcd/u+Cu5b9NkO1pEICJ46IR82PoUdplw= +cloud.google.com/go/accessapproval v1.6.0/go.mod h1:R0EiYnwV5fsRFiKZkPHr6mwyk2wxUJ30nL4j2pcFY2E= +cloud.google.com/go/accesscontextmanager v1.3.0/go.mod h1:TgCBehyr5gNMz7ZaH9xubp+CE8dkrszb4oK9CWyvD4o= +cloud.google.com/go/accesscontextmanager v1.4.0/go.mod h1:/Kjh7BBu/Gh83sv+K60vN9QE5NJcd80sU33vIe2IFPE= +cloud.google.com/go/accesscontextmanager v1.6.0/go.mod h1:8XCvZWfYw3K/ji0iVnp+6pu7huxoQTLmxAbVjbloTtM= +cloud.google.com/go/accesscontextmanager v1.7.0/go.mod h1:CEGLewx8dwa33aDAZQujl7Dx+uYhS0eay198wB/VumQ= +cloud.google.com/go/aiplatform v1.22.0/go.mod h1:ig5Nct50bZlzV6NvKaTwmplLLddFx0YReh9WfTO5jKw= +cloud.google.com/go/aiplatform v1.24.0/go.mod h1:67UUvRBKG6GTayHKV8DBv2RtR1t93YRu5B1P3x99mYY= +cloud.google.com/go/aiplatform v1.27.0/go.mod h1:Bvxqtl40l0WImSb04d0hXFU7gDOiq9jQmorivIiWcKg= +cloud.google.com/go/aiplatform v1.35.0/go.mod h1:7MFT/vCaOyZT/4IIFfxH4ErVg/4ku6lKv3w0+tFTgXQ= +cloud.google.com/go/aiplatform v1.36.1/go.mod h1:WTm12vJRPARNvJ+v6P52RDHCNe4AhvjcIZ/9/RRHy/k= +cloud.google.com/go/aiplatform v1.37.0/go.mod h1:IU2Cv29Lv9oCn/9LkFiiuKfwrRTq+QQMbW+hPCxJGZw= +cloud.google.com/go/analytics v0.11.0/go.mod h1:DjEWCu41bVbYcKyvlws9Er60YE4a//bK6mnhWvQeFNI= +cloud.google.com/go/analytics v0.12.0/go.mod h1:gkfj9h6XRf9+TS4bmuhPEShsh3hH8PAZzm/41OOhQd4= +cloud.google.com/go/analytics v0.17.0/go.mod h1:WXFa3WSym4IZ+JiKmavYdJwGG/CvpqiqczmL59bTD9M= +cloud.google.com/go/analytics v0.18.0/go.mod h1:ZkeHGQlcIPkw0R/GW+boWHhCOR43xz9RN/jn7WcqfIE= +cloud.google.com/go/analytics v0.19.0/go.mod h1:k8liqf5/HCnOUkbawNtrWWc+UAzyDlW89doe8TtoDsE= +cloud.google.com/go/apigateway v1.3.0/go.mod h1:89Z8Bhpmxu6AmUxuVRg/ECRGReEdiP3vQtk4Z1J9rJk= +cloud.google.com/go/apigateway v1.4.0/go.mod h1:pHVY9MKGaH9PQ3pJ4YLzoj6U5FUDeDFBllIz7WmzJoc= +cloud.google.com/go/apigateway v1.5.0/go.mod h1:GpnZR3Q4rR7LVu5951qfXPJCHquZt02jf7xQx7kpqN8= +cloud.google.com/go/apigeeconnect v1.3.0/go.mod h1:G/AwXFAKo0gIXkPTVfZDd2qA1TxBXJ3MgMRBQkIi9jc= +cloud.google.com/go/apigeeconnect v1.4.0/go.mod h1:kV4NwOKqjvt2JYR0AoIWo2QGfoRtn/pkS3QlHp0Ni04= +cloud.google.com/go/apigeeconnect v1.5.0/go.mod h1:KFaCqvBRU6idyhSNyn3vlHXc8VMDJdRmwDF6JyFRqZ8= +cloud.google.com/go/apigeeregistry v0.4.0/go.mod h1:EUG4PGcsZvxOXAdyEghIdXwAEi/4MEaoqLMLDMIwKXY= +cloud.google.com/go/apigeeregistry v0.5.0/go.mod h1:YR5+s0BVNZfVOUkMa5pAR2xGd0A473vA5M7j247o1wM= +cloud.google.com/go/apigeeregistry v0.6.0/go.mod h1:BFNzW7yQVLZ3yj0TKcwzb8n25CFBri51GVGOEUcgQsc= +cloud.google.com/go/apikeys v0.4.0/go.mod h1:XATS/yqZbaBK0HOssf+ALHp8jAlNHUgyfprvNcBIszU= +cloud.google.com/go/apikeys v0.5.0/go.mod h1:5aQfwY4D+ewMMWScd3hm2en3hCj+BROlyrt3ytS7KLI= +cloud.google.com/go/apikeys v0.6.0/go.mod h1:kbpXu5upyiAlGkKrJgQl8A0rKNNJ7dQ377pdroRSSi8= +cloud.google.com/go/appengine v1.4.0/go.mod h1:CS2NhuBuDXM9f+qscZ6V86m1MIIqPj3WC/UoEuR1Sno= +cloud.google.com/go/appengine v1.5.0/go.mod h1:TfasSozdkFI0zeoxW3PTBLiNqRmzraodCWatWI9Dmak= +cloud.google.com/go/appengine v1.6.0/go.mod h1:hg6i0J/BD2cKmDJbaFSYHFyZkgBEfQrDg/X0V5fJn84= +cloud.google.com/go/appengine v1.7.0/go.mod h1:eZqpbHFCqRGa2aCdope7eC0SWLV1j0neb/QnMJVWx6A= +cloud.google.com/go/appengine v1.7.1/go.mod h1:IHLToyb/3fKutRysUlFO0BPt5j7RiQ45nrzEJmKTo6E= +cloud.google.com/go/area120 v0.5.0/go.mod h1:DE/n4mp+iqVyvxHN41Vf1CR602GiHQjFPusMFW6bGR4= +cloud.google.com/go/area120 v0.6.0/go.mod h1:39yFJqWVgm0UZqWTOdqkLhjoC7uFfgXRC8g/ZegeAh0= +cloud.google.com/go/area120 v0.7.0/go.mod h1:a3+8EUD1SX5RUcCs3MY5YasiO1z6yLiNLRiFrykbynY= +cloud.google.com/go/area120 v0.7.1/go.mod h1:j84i4E1RboTWjKtZVWXPqvK5VHQFJRF2c1Nm69pWm9k= +cloud.google.com/go/artifactregistry v1.6.0/go.mod h1:IYt0oBPSAGYj/kprzsBjZ/4LnG/zOcHyFHjWPCi6SAQ= +cloud.google.com/go/artifactregistry v1.7.0/go.mod h1:mqTOFOnGZx8EtSqK/ZWcsm/4U8B77rbcLP6ruDU2Ixk= +cloud.google.com/go/artifactregistry v1.8.0/go.mod h1:w3GQXkJX8hiKN0v+at4b0qotwijQbYUqF2GWkZzAhC0= +cloud.google.com/go/artifactregistry v1.9.0/go.mod h1:2K2RqvA2CYvAeARHRkLDhMDJ3OXy26h3XW+3/Jh2uYc= +cloud.google.com/go/artifactregistry v1.11.1/go.mod h1:lLYghw+Itq9SONbCa1YWBoWs1nOucMH0pwXN1rOBZFI= +cloud.google.com/go/artifactregistry v1.11.2/go.mod h1:nLZns771ZGAwVLzTX/7Al6R9ehma4WUEhZGWV6CeQNQ= +cloud.google.com/go/artifactregistry v1.12.0/go.mod h1:o6P3MIvtzTOnmvGagO9v/rOjjA0HmhJ+/6KAXrmYDCI= +cloud.google.com/go/artifactregistry v1.13.0/go.mod h1:uy/LNfoOIivepGhooAUpL1i30Hgee3Cu0l4VTWHUC08= +cloud.google.com/go/asset v1.5.0/go.mod h1:5mfs8UvcM5wHhqtSv8J1CtxxaQq3AdBxxQi2jGW/K4o= +cloud.google.com/go/asset v1.7.0/go.mod h1:YbENsRK4+xTiL+Ofoj5Ckf+O17kJtgp3Y3nn4uzZz5s= +cloud.google.com/go/asset v1.8.0/go.mod h1:mUNGKhiqIdbr8X7KNayoYvyc4HbbFO9URsjbytpUaW0= +cloud.google.com/go/asset v1.9.0/go.mod h1:83MOE6jEJBMqFKadM9NLRcs80Gdw76qGuHn8m3h8oHQ= +cloud.google.com/go/asset v1.10.0/go.mod h1:pLz7uokL80qKhzKr4xXGvBQXnzHn5evJAEAtZiIb0wY= +cloud.google.com/go/asset v1.11.1/go.mod h1:fSwLhbRvC9p9CXQHJ3BgFeQNM4c9x10lqlrdEUYXlJo= +cloud.google.com/go/asset v1.12.0/go.mod h1:h9/sFOa4eDIyKmH6QMpm4eUK3pDojWnUhTgJlk762Hg= +cloud.google.com/go/asset v1.13.0/go.mod h1:WQAMyYek/b7NBpYq/K4KJWcRqzoalEsxz/t/dTk4THw= +cloud.google.com/go/assuredworkloads v1.5.0/go.mod h1:n8HOZ6pff6re5KYfBXcFvSViQjDwxFkAkmUFffJRbbY= +cloud.google.com/go/assuredworkloads v1.6.0/go.mod h1:yo2YOk37Yc89Rsd5QMVECvjaMKymF9OP+QXWlKXUkXw= +cloud.google.com/go/assuredworkloads v1.7.0/go.mod h1:z/736/oNmtGAyU47reJgGN+KVoYoxeLBoj4XkKYscNI= +cloud.google.com/go/assuredworkloads v1.8.0/go.mod h1:AsX2cqyNCOvEQC8RMPnoc0yEarXQk6WEKkxYfL6kGIo= +cloud.google.com/go/assuredworkloads v1.9.0/go.mod h1:kFuI1P78bplYtT77Tb1hi0FMxM0vVpRC7VVoJC3ZoT0= +cloud.google.com/go/assuredworkloads v1.10.0/go.mod h1:kwdUQuXcedVdsIaKgKTp9t0UJkE5+PAVNhdQm4ZVq2E= +cloud.google.com/go/auth v0.16.4 h1:fXOAIQmkApVvcIn7Pc2+5J8QTMVbUGLscnSVNl11su8= +cloud.google.com/go/auth v0.16.4/go.mod h1:j10ncYwjX/g3cdX7GpEzsdM+d+ZNsXAbb6qXA7p1Y5M= +cloud.google.com/go/auth/oauth2adapt v0.2.8 h1:keo8NaayQZ6wimpNSmW5OPc283g65QNIiLpZnkHRbnc= +cloud.google.com/go/auth/oauth2adapt v0.2.8/go.mod h1:XQ9y31RkqZCcwJWNSx2Xvric3RrU88hAYYbjDWYDL+c= +cloud.google.com/go/automl v1.5.0/go.mod h1:34EjfoFGMZ5sgJ9EoLsRtdPSNZLcfflJR39VbVNS2M0= +cloud.google.com/go/automl v1.6.0/go.mod h1:ugf8a6Fx+zP0D59WLhqgTDsQI9w07o64uf/Is3Nh5p8= +cloud.google.com/go/automl v1.7.0/go.mod h1:RL9MYCCsJEOmt0Wf3z9uzG0a7adTT1fe+aObgSpkCt8= +cloud.google.com/go/automl v1.8.0/go.mod h1:xWx7G/aPEe/NP+qzYXktoBSDfjO+vnKMGgsApGJJquM= +cloud.google.com/go/automl v1.12.0/go.mod h1:tWDcHDp86aMIuHmyvjuKeeHEGq76lD7ZqfGLN6B0NuU= +cloud.google.com/go/baremetalsolution v0.3.0/go.mod h1:XOrocE+pvK1xFfleEnShBlNAXf+j5blPPxrhjKgnIFc= +cloud.google.com/go/baremetalsolution v0.4.0/go.mod h1:BymplhAadOO/eBa7KewQ0Ppg4A4Wplbn+PsFKRLo0uI= +cloud.google.com/go/baremetalsolution v0.5.0/go.mod h1:dXGxEkmR9BMwxhzBhV0AioD0ULBmuLZI8CdwalUxuss= +cloud.google.com/go/batch v0.3.0/go.mod h1:TR18ZoAekj1GuirsUsR1ZTKN3FC/4UDnScjT8NXImFE= +cloud.google.com/go/batch v0.4.0/go.mod h1:WZkHnP43R/QCGQsZ+0JyG4i79ranE2u8xvjq/9+STPE= +cloud.google.com/go/batch v0.7.0/go.mod h1:vLZN95s6teRUqRQ4s3RLDsH8PvboqBK+rn1oevL159g= +cloud.google.com/go/beyondcorp v0.2.0/go.mod h1:TB7Bd+EEtcw9PCPQhCJtJGjk/7TC6ckmnSFS+xwTfm4= +cloud.google.com/go/beyondcorp v0.3.0/go.mod h1:E5U5lcrcXMsCuoDNyGrpyTm/hn7ne941Jz2vmksAxW8= +cloud.google.com/go/beyondcorp v0.4.0/go.mod h1:3ApA0mbhHx6YImmuubf5pyW8srKnCEPON32/5hj+RmM= +cloud.google.com/go/beyondcorp v0.5.0/go.mod h1:uFqj9X+dSfrheVp7ssLTaRHd2EHqSL4QZmH4e8WXGGU= +cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= +cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= +cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= +cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg= +cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc= +cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= +cloud.google.com/go/bigquery v1.42.0/go.mod h1:8dRTJxhtG+vwBKzE5OseQn/hiydoQN3EedCaOdYmxRA= +cloud.google.com/go/bigquery v1.43.0/go.mod h1:ZMQcXHsl+xmU1z36G2jNGZmKp9zNY5BUua5wDgmNCfw= +cloud.google.com/go/bigquery v1.44.0/go.mod h1:0Y33VqXTEsbamHJvJHdFmtqHvMIY28aK1+dFsvaChGc= +cloud.google.com/go/bigquery v1.47.0/go.mod h1:sA9XOgy0A8vQK9+MWhEQTY6Tix87M/ZurWFIxmF9I/E= +cloud.google.com/go/bigquery v1.48.0/go.mod h1:QAwSz+ipNgfL5jxiaK7weyOhzdoAy1zFm0Nf1fysJac= +cloud.google.com/go/bigquery v1.49.0/go.mod h1:Sv8hMmTFFYBlt/ftw2uN6dFdQPzBlREY9yBh7Oy7/4Q= +cloud.google.com/go/bigquery v1.50.0/go.mod h1:YrleYEh2pSEbgTBZYMJ5SuSr0ML3ypjRB1zgf7pvQLU= +cloud.google.com/go/billing v1.4.0/go.mod h1:g9IdKBEFlItS8bTtlrZdVLWSSdSyFUZKXNS02zKMOZY= +cloud.google.com/go/billing v1.5.0/go.mod h1:mztb1tBc3QekhjSgmpf/CV4LzWXLzCArwpLmP2Gm88s= +cloud.google.com/go/billing v1.6.0/go.mod h1:WoXzguj+BeHXPbKfNWkqVtDdzORazmCjraY+vrxcyvI= +cloud.google.com/go/billing v1.7.0/go.mod h1:q457N3Hbj9lYwwRbnlD7vUpyjq6u5U1RAOArInEiD5Y= +cloud.google.com/go/billing v1.12.0/go.mod h1:yKrZio/eu+okO/2McZEbch17O5CB5NpZhhXG6Z766ss= +cloud.google.com/go/billing v1.13.0/go.mod h1:7kB2W9Xf98hP9Sr12KfECgfGclsH3CQR0R08tnRlRbc= +cloud.google.com/go/binaryauthorization v1.1.0/go.mod h1:xwnoWu3Y84jbuHa0zd526MJYmtnVXn0syOjaJgy4+dM= +cloud.google.com/go/binaryauthorization v1.2.0/go.mod h1:86WKkJHtRcv5ViNABtYMhhNWRrD1Vpi//uKEy7aYEfI= +cloud.google.com/go/binaryauthorization v1.3.0/go.mod h1:lRZbKgjDIIQvzYQS1p99A7/U1JqvqeZg0wiI5tp6tg0= +cloud.google.com/go/binaryauthorization v1.4.0/go.mod h1:tsSPQrBd77VLplV70GUhBf/Zm3FsKmgSqgm4UmiDItk= +cloud.google.com/go/binaryauthorization v1.5.0/go.mod h1:OSe4OU1nN/VswXKRBmciKpo9LulY41gch5c68htf3/Q= +cloud.google.com/go/certificatemanager v1.3.0/go.mod h1:n6twGDvcUBFu9uBgt4eYvvf3sQ6My8jADcOVwHmzadg= +cloud.google.com/go/certificatemanager v1.4.0/go.mod h1:vowpercVFyqs8ABSmrdV+GiFf2H/ch3KyudYQEMM590= +cloud.google.com/go/certificatemanager v1.6.0/go.mod h1:3Hh64rCKjRAX8dXgRAyOcY5vQ/fE1sh8o+Mdd6KPgY8= +cloud.google.com/go/channel v1.8.0/go.mod h1:W5SwCXDJsq/rg3tn3oG0LOxpAo6IMxNa09ngphpSlnk= +cloud.google.com/go/channel v1.9.0/go.mod h1:jcu05W0my9Vx4mt3/rEHpfxc9eKi9XwsdDL8yBMbKUk= +cloud.google.com/go/channel v1.11.0/go.mod h1:IdtI0uWGqhEeatSB62VOoJ8FSUhJ9/+iGkJVqp74CGE= +cloud.google.com/go/channel v1.12.0/go.mod h1:VkxCGKASi4Cq7TbXxlaBezonAYpp1GCnKMY6tnMQnLU= +cloud.google.com/go/cloudbuild v1.3.0/go.mod h1:WequR4ULxlqvMsjDEEEFnOG5ZSRSgWOywXYDb1vPE6U= +cloud.google.com/go/cloudbuild v1.4.0/go.mod h1:5Qwa40LHiOXmz3386FrjrYM93rM/hdRr7b53sySrTqA= +cloud.google.com/go/cloudbuild v1.6.0/go.mod h1:UIbc/w9QCbH12xX+ezUsgblrWv+Cv4Tw83GiSMHOn9M= +cloud.google.com/go/cloudbuild v1.7.0/go.mod h1:zb5tWh2XI6lR9zQmsm1VRA+7OCuve5d8S+zJUul8KTg= +cloud.google.com/go/cloudbuild v1.9.0/go.mod h1:qK1d7s4QlO0VwfYn5YuClDGg2hfmLZEb4wQGAbIgL1s= +cloud.google.com/go/clouddms v1.3.0/go.mod h1:oK6XsCDdW4Ib3jCCBugx+gVjevp2TMXFtgxvPSee3OM= +cloud.google.com/go/clouddms v1.4.0/go.mod h1:Eh7sUGCC+aKry14O1NRljhjyrr0NFC0G2cjwX0cByRk= +cloud.google.com/go/clouddms v1.5.0/go.mod h1:QSxQnhikCLUw13iAbffF2CZxAER3xDGNHjsTAkQJcQA= +cloud.google.com/go/cloudtasks v1.5.0/go.mod h1:fD92REy1x5woxkKEkLdvavGnPJGEn8Uic9nWuLzqCpY= +cloud.google.com/go/cloudtasks v1.6.0/go.mod h1:C6Io+sxuke9/KNRkbQpihnW93SWDU3uXt92nu85HkYI= +cloud.google.com/go/cloudtasks v1.7.0/go.mod h1:ImsfdYWwlWNJbdgPIIGJWC+gemEGTBK/SunNQQNCAb4= +cloud.google.com/go/cloudtasks v1.8.0/go.mod h1:gQXUIwCSOI4yPVK7DgTVFiiP0ZW/eQkydWzwVMdHxrI= +cloud.google.com/go/cloudtasks v1.9.0/go.mod h1:w+EyLsVkLWHcOaqNEyvcKAsWp9p29dL6uL9Nst1cI7Y= +cloud.google.com/go/cloudtasks v1.10.0/go.mod h1:NDSoTLkZ3+vExFEWu2UJV1arUyzVDAiZtdWcsUyNwBs= +cloud.google.com/go/compute v0.1.0/go.mod h1:GAesmwr110a34z04OlxYkATPBEfVhkymfTBXtfbBFow= +cloud.google.com/go/compute v1.3.0/go.mod h1:cCZiE1NHEtai4wiufUhW8I8S1JKkAnhnQJWM7YD99wM= +cloud.google.com/go/compute v1.5.0/go.mod h1:9SMHyhJlzhlkJqrPAc839t2BZFTSk6Jdj6mkzQJeu0M= +cloud.google.com/go/compute v1.6.0/go.mod h1:T29tfhtVbq1wvAPo0E3+7vhgmkOYeXjhFvz/FMzPu0s= +cloud.google.com/go/compute v1.6.1/go.mod h1:g85FgpzFvNULZ+S8AYq87axRKuf2Kh7deLqV/jJ3thU= +cloud.google.com/go/compute v1.7.0/go.mod h1:435lt8av5oL9P3fv1OEzSbSUe+ybHXGMPQHHZWZxy9U= +cloud.google.com/go/compute v1.10.0/go.mod h1:ER5CLbMxl90o2jtNbGSbtfOpQKR0t15FOtRsugnLrlU= +cloud.google.com/go/compute v1.12.0/go.mod h1:e8yNOBcBONZU1vJKCvCoDw/4JQsA0dpM4x/6PIIOocU= +cloud.google.com/go/compute v1.12.1/go.mod h1:e8yNOBcBONZU1vJKCvCoDw/4JQsA0dpM4x/6PIIOocU= +cloud.google.com/go/compute v1.13.0/go.mod h1:5aPTS0cUNMIc1CE546K+Th6weJUNQErARyZtRXDJ8GE= +cloud.google.com/go/compute v1.14.0/go.mod h1:YfLtxrj9sU4Yxv+sXzZkyPjEyPBZfXHUvjxega5vAdo= +cloud.google.com/go/compute v1.15.1/go.mod h1:bjjoF/NtFUrkD/urWfdHaKuOPDR5nWIs63rR+SXhcpA= +cloud.google.com/go/compute v1.18.0/go.mod h1:1X7yHxec2Ga+Ss6jPyjxRxpu2uu7PLgsOVXvgU0yacs= +cloud.google.com/go/compute v1.19.0/go.mod h1:rikpw2y+UMidAe9tISo04EHNOIf42RLYF/q8Bs93scU= +cloud.google.com/go/compute v1.19.1/go.mod h1:6ylj3a05WF8leseCdIf77NK0g1ey+nj5IKd5/kvShxE= +cloud.google.com/go/compute/metadata v0.1.0/go.mod h1:Z1VN+bulIf6bt4P/C37K4DyZYZEXYonfTBHHFPO/4UU= +cloud.google.com/go/compute/metadata v0.2.0/go.mod h1:zFmK7XCadkQkj6TtorcaGlCW1hT1fIilQDwofLpJ20k= +cloud.google.com/go/compute/metadata v0.2.1/go.mod h1:jgHgmJd2RKBGzXqF5LR2EZMGxBkeanZ9wwa75XHJgOM= +cloud.google.com/go/compute/metadata v0.2.3/go.mod h1:VAV5nSsACxMJvgaAuX6Pk2AawlZn8kiOGuCv6gTkwuA= +cloud.google.com/go/compute/metadata v0.8.0 h1:HxMRIbao8w17ZX6wBnjhcDkW6lTFpgcaobyVfZWqRLA= +cloud.google.com/go/compute/metadata v0.8.0/go.mod h1:sYOGTp851OV9bOFJ9CH7elVvyzopvWQFNNghtDQ/Biw= +cloud.google.com/go/contactcenterinsights v1.3.0/go.mod h1:Eu2oemoePuEFc/xKFPjbTuPSj0fYJcPls9TFlPNnHHY= +cloud.google.com/go/contactcenterinsights v1.4.0/go.mod h1:L2YzkGbPsv+vMQMCADxJoT9YiTTnSEd6fEvCeHTYVck= +cloud.google.com/go/contactcenterinsights v1.6.0/go.mod h1:IIDlT6CLcDoyv79kDv8iWxMSTZhLxSCofVV5W6YFM/w= +cloud.google.com/go/container v1.6.0/go.mod h1:Xazp7GjJSeUYo688S+6J5V+n/t+G5sKBTFkKNudGRxg= +cloud.google.com/go/container v1.7.0/go.mod h1:Dp5AHtmothHGX3DwwIHPgq45Y8KmNsgN3amoYfxVkLo= +cloud.google.com/go/container v1.13.1/go.mod h1:6wgbMPeQRw9rSnKBCAJXnds3Pzj03C4JHamr8asWKy4= +cloud.google.com/go/container v1.14.0/go.mod h1:3AoJMPhHfLDxLvrlVWaK57IXzaPnLaZq63WX59aQBfM= +cloud.google.com/go/container v1.15.0/go.mod h1:ft+9S0WGjAyjDggg5S06DXj+fHJICWg8L7isCQe9pQA= +cloud.google.com/go/containeranalysis v0.5.1/go.mod h1:1D92jd8gRR/c0fGMlymRgxWD3Qw9C1ff6/T7mLgVL8I= +cloud.google.com/go/containeranalysis v0.6.0/go.mod h1:HEJoiEIu+lEXM+k7+qLCci0h33lX3ZqoYFdmPcoO7s4= +cloud.google.com/go/containeranalysis v0.7.0/go.mod h1:9aUL+/vZ55P2CXfuZjS4UjQ9AgXoSw8Ts6lemfmxBxI= +cloud.google.com/go/containeranalysis v0.9.0/go.mod h1:orbOANbwk5Ejoom+s+DUCTTJ7IBdBQJDcSylAx/on9s= +cloud.google.com/go/datacatalog v1.3.0/go.mod h1:g9svFY6tuR+j+hrTw3J2dNcmI0dzmSiyOzm8kpLq0a0= +cloud.google.com/go/datacatalog v1.5.0/go.mod h1:M7GPLNQeLfWqeIm3iuiruhPzkt65+Bx8dAKvScX8jvs= +cloud.google.com/go/datacatalog v1.6.0/go.mod h1:+aEyF8JKg+uXcIdAmmaMUmZ3q1b/lKLtXCmXdnc0lbc= +cloud.google.com/go/datacatalog v1.7.0/go.mod h1:9mEl4AuDYWw81UGc41HonIHH7/sn52H0/tc8f8ZbZIE= +cloud.google.com/go/datacatalog v1.8.0/go.mod h1:KYuoVOv9BM8EYz/4eMFxrr4DUKhGIOXxZoKYF5wdISM= +cloud.google.com/go/datacatalog v1.8.1/go.mod h1:RJ58z4rMp3gvETA465Vg+ag8BGgBdnRPEMMSTr5Uv+M= +cloud.google.com/go/datacatalog v1.12.0/go.mod h1:CWae8rFkfp6LzLumKOnmVh4+Zle4A3NXLzVJ1d1mRm0= +cloud.google.com/go/datacatalog v1.13.0/go.mod h1:E4Rj9a5ZtAxcQJlEBTLgMTphfP11/lNaAshpoBgemX8= +cloud.google.com/go/dataflow v0.6.0/go.mod h1:9QwV89cGoxjjSR9/r7eFDqqjtvbKxAK2BaYU6PVk9UM= +cloud.google.com/go/dataflow v0.7.0/go.mod h1:PX526vb4ijFMesO1o202EaUmouZKBpjHsTlCtB4parQ= +cloud.google.com/go/dataflow v0.8.0/go.mod h1:Rcf5YgTKPtQyYz8bLYhFoIV/vP39eL7fWNcSOyFfLJE= +cloud.google.com/go/dataform v0.3.0/go.mod h1:cj8uNliRlHpa6L3yVhDOBrUXH+BPAO1+KFMQQNSThKo= +cloud.google.com/go/dataform v0.4.0/go.mod h1:fwV6Y4Ty2yIFL89huYlEkwUPtS7YZinZbzzj5S9FzCE= +cloud.google.com/go/dataform v0.5.0/go.mod h1:GFUYRe8IBa2hcomWplodVmUx/iTL0FrsauObOM3Ipr0= +cloud.google.com/go/dataform v0.6.0/go.mod h1:QPflImQy33e29VuapFdf19oPbE4aYTJxr31OAPV+ulA= +cloud.google.com/go/dataform v0.7.0/go.mod h1:7NulqnVozfHvWUBpMDfKMUESr+85aJsC/2O0o3jWPDE= +cloud.google.com/go/datafusion v1.4.0/go.mod h1:1Zb6VN+W6ALo85cXnM1IKiPw+yQMKMhB9TsTSRDo/38= +cloud.google.com/go/datafusion v1.5.0/go.mod h1:Kz+l1FGHB0J+4XF2fud96WMmRiq/wj8N9u007vyXZ2w= +cloud.google.com/go/datafusion v1.6.0/go.mod h1:WBsMF8F1RhSXvVM8rCV3AeyWVxcC2xY6vith3iw3S+8= +cloud.google.com/go/datalabeling v0.5.0/go.mod h1:TGcJ0G2NzcsXSE/97yWjIZO0bXj0KbVlINXMG9ud42I= +cloud.google.com/go/datalabeling v0.6.0/go.mod h1:WqdISuk/+WIGeMkpw/1q7bK/tFEZxsrFJOJdY2bXvTQ= +cloud.google.com/go/datalabeling v0.7.0/go.mod h1:WPQb1y08RJbmpM3ww0CSUAGweL0SxByuW2E+FU+wXcM= +cloud.google.com/go/dataplex v1.3.0/go.mod h1:hQuRtDg+fCiFgC8j0zV222HvzFQdRd+SVX8gdmFcZzA= +cloud.google.com/go/dataplex v1.4.0/go.mod h1:X51GfLXEMVJ6UN47ESVqvlsRplbLhcsAt0kZCCKsU0A= +cloud.google.com/go/dataplex v1.5.2/go.mod h1:cVMgQHsmfRoI5KFYq4JtIBEUbYwc3c7tXmIDhRmNNVQ= +cloud.google.com/go/dataplex v1.6.0/go.mod h1:bMsomC/aEJOSpHXdFKFGQ1b0TDPIeL28nJObeO1ppRs= +cloud.google.com/go/dataproc v1.7.0/go.mod h1:CKAlMjII9H90RXaMpSxQ8EU6dQx6iAYNPcYPOkSbi8s= +cloud.google.com/go/dataproc v1.8.0/go.mod h1:5OW+zNAH0pMpw14JVrPONsxMQYMBqJuzORhIBfBn9uI= +cloud.google.com/go/dataproc v1.12.0/go.mod h1:zrF3aX0uV3ikkMz6z4uBbIKyhRITnxvr4i3IjKsKrw4= +cloud.google.com/go/dataqna v0.5.0/go.mod h1:90Hyk596ft3zUQ8NkFfvICSIfHFh1Bc7C4cK3vbhkeo= +cloud.google.com/go/dataqna v0.6.0/go.mod h1:1lqNpM7rqNLVgWBJyk5NF6Uen2PHym0jtVJonplVsDA= +cloud.google.com/go/dataqna v0.7.0/go.mod h1:Lx9OcIIeqCrw1a6KdO3/5KMP1wAmTc0slZWwP12Qq3c= +cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= +cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= +cloud.google.com/go/datastore v1.10.0/go.mod h1:PC5UzAmDEkAmkfaknstTYbNpgE49HAgW2J1gcgUfmdM= +cloud.google.com/go/datastore v1.11.0/go.mod h1:TvGxBIHCS50u8jzG+AW/ppf87v1of8nwzFNgEZU1D3c= +cloud.google.com/go/datastream v1.2.0/go.mod h1:i/uTP8/fZwgATHS/XFu0TcNUhuA0twZxxQ3EyCUQMwo= +cloud.google.com/go/datastream v1.3.0/go.mod h1:cqlOX8xlyYF/uxhiKn6Hbv6WjwPPuI9W2M9SAXwaLLQ= +cloud.google.com/go/datastream v1.4.0/go.mod h1:h9dpzScPhDTs5noEMQVWP8Wx8AFBRyS0s8KWPx/9r0g= +cloud.google.com/go/datastream v1.5.0/go.mod h1:6TZMMNPwjUqZHBKPQ1wwXpb0d5VDVPl2/XoS5yi88q4= +cloud.google.com/go/datastream v1.6.0/go.mod h1:6LQSuswqLa7S4rPAOZFVjHIG3wJIjZcZrw8JDEDJuIs= +cloud.google.com/go/datastream v1.7.0/go.mod h1:uxVRMm2elUSPuh65IbZpzJNMbuzkcvu5CjMqVIUHrww= +cloud.google.com/go/deploy v1.4.0/go.mod h1:5Xghikd4VrmMLNaF6FiRFDlHb59VM59YoDQnOUdsH/c= +cloud.google.com/go/deploy v1.5.0/go.mod h1:ffgdD0B89tToyW/U/D2eL0jN2+IEV/3EMuXHA0l4r+s= +cloud.google.com/go/deploy v1.6.0/go.mod h1:f9PTHehG/DjCom3QH0cntOVRm93uGBDt2vKzAPwpXQI= +cloud.google.com/go/deploy v1.8.0/go.mod h1:z3myEJnA/2wnB4sgjqdMfgxCA0EqC3RBTNcVPs93mtQ= +cloud.google.com/go/dialogflow v1.15.0/go.mod h1:HbHDWs33WOGJgn6rfzBW1Kv807BE3O1+xGbn59zZWI4= +cloud.google.com/go/dialogflow v1.16.1/go.mod h1:po6LlzGfK+smoSmTBnbkIZY2w8ffjz/RcGSS+sh1el0= +cloud.google.com/go/dialogflow v1.17.0/go.mod h1:YNP09C/kXA1aZdBgC/VtXX74G/TKn7XVCcVumTflA+8= +cloud.google.com/go/dialogflow v1.18.0/go.mod h1:trO7Zu5YdyEuR+BhSNOqJezyFQ3aUzz0njv7sMx/iek= +cloud.google.com/go/dialogflow v1.19.0/go.mod h1:JVmlG1TwykZDtxtTXujec4tQ+D8SBFMoosgy+6Gn0s0= +cloud.google.com/go/dialogflow v1.29.0/go.mod h1:b+2bzMe+k1s9V+F2jbJwpHPzrnIyHihAdRFMtn2WXuM= +cloud.google.com/go/dialogflow v1.31.0/go.mod h1:cuoUccuL1Z+HADhyIA7dci3N5zUssgpBJmCzI6fNRB4= +cloud.google.com/go/dialogflow v1.32.0/go.mod h1:jG9TRJl8CKrDhMEcvfcfFkkpp8ZhgPz3sBGmAUYJ2qE= +cloud.google.com/go/dlp v1.6.0/go.mod h1:9eyB2xIhpU0sVwUixfBubDoRwP+GjeUoxxeueZmqvmM= +cloud.google.com/go/dlp v1.7.0/go.mod h1:68ak9vCiMBjbasxeVD17hVPxDEck+ExiHavX8kiHG+Q= +cloud.google.com/go/dlp v1.9.0/go.mod h1:qdgmqgTyReTz5/YNSSuueR8pl7hO0o9bQ39ZhtgkWp4= +cloud.google.com/go/documentai v1.7.0/go.mod h1:lJvftZB5NRiFSX4moiye1SMxHx0Bc3x1+p9e/RfXYiU= +cloud.google.com/go/documentai v1.8.0/go.mod h1:xGHNEB7CtsnySCNrCFdCyyMz44RhFEEX2Q7UD0c5IhU= +cloud.google.com/go/documentai v1.9.0/go.mod h1:FS5485S8R00U10GhgBC0aNGrJxBP8ZVpEeJ7PQDZd6k= +cloud.google.com/go/documentai v1.10.0/go.mod h1:vod47hKQIPeCfN2QS/jULIvQTugbmdc0ZvxxfQY1bg4= +cloud.google.com/go/documentai v1.16.0/go.mod h1:o0o0DLTEZ+YnJZ+J4wNfTxmDVyrkzFvttBXXtYRMHkM= +cloud.google.com/go/documentai v1.18.0/go.mod h1:F6CK6iUH8J81FehpskRmhLq/3VlwQvb7TvwOceQ2tbs= +cloud.google.com/go/domains v0.6.0/go.mod h1:T9Rz3GasrpYk6mEGHh4rymIhjlnIuB4ofT1wTxDeT4Y= +cloud.google.com/go/domains v0.7.0/go.mod h1:PtZeqS1xjnXuRPKE/88Iru/LdfoRyEHYA9nFQf4UKpg= +cloud.google.com/go/domains v0.8.0/go.mod h1:M9i3MMDzGFXsydri9/vW+EWz9sWb4I6WyHqdlAk0idE= +cloud.google.com/go/edgecontainer v0.1.0/go.mod h1:WgkZ9tp10bFxqO8BLPqv2LlfmQF1X8lZqwW4r1BTajk= +cloud.google.com/go/edgecontainer v0.2.0/go.mod h1:RTmLijy+lGpQ7BXuTDa4C4ssxyXT34NIuHIgKuP4s5w= +cloud.google.com/go/edgecontainer v0.3.0/go.mod h1:FLDpP4nykgwwIfcLt6zInhprzw0lEi2P1fjO6Ie0qbc= +cloud.google.com/go/edgecontainer v1.0.0/go.mod h1:cttArqZpBB2q58W/upSG++ooo6EsblxDIolxa3jSjbY= +cloud.google.com/go/errorreporting v0.3.0/go.mod h1:xsP2yaAp+OAW4OIm60An2bbLpqIhKXdWR/tawvl7QzU= +cloud.google.com/go/essentialcontacts v1.3.0/go.mod h1:r+OnHa5jfj90qIfZDO/VztSFqbQan7HV75p8sA+mdGI= +cloud.google.com/go/essentialcontacts v1.4.0/go.mod h1:8tRldvHYsmnBCHdFpvU+GL75oWiBKl80BiqlFh9tp+8= +cloud.google.com/go/essentialcontacts v1.5.0/go.mod h1:ay29Z4zODTuwliK7SnX8E86aUF2CTzdNtvv42niCX0M= +cloud.google.com/go/eventarc v1.7.0/go.mod h1:6ctpF3zTnaQCxUjHUdcfgcA1A2T309+omHZth7gDfmc= +cloud.google.com/go/eventarc v1.8.0/go.mod h1:imbzxkyAU4ubfsaKYdQg04WS1NvncblHEup4kvF+4gw= +cloud.google.com/go/eventarc v1.10.0/go.mod h1:u3R35tmZ9HvswGRBnF48IlYgYeBcPUCjkr4BTdem2Kw= +cloud.google.com/go/eventarc v1.11.0/go.mod h1:PyUjsUKPWoRBCHeOxZd/lbOOjahV41icXyUY5kSTvVY= +cloud.google.com/go/filestore v1.3.0/go.mod h1:+qbvHGvXU1HaKX2nD0WEPo92TP/8AQuCVEBXNY9z0+w= +cloud.google.com/go/filestore v1.4.0/go.mod h1:PaG5oDfo9r224f8OYXURtAsY+Fbyq/bLYoINEK8XQAI= +cloud.google.com/go/filestore v1.5.0/go.mod h1:FqBXDWBp4YLHqRnVGveOkHDf8svj9r5+mUDLupOWEDs= +cloud.google.com/go/filestore v1.6.0/go.mod h1:di5unNuss/qfZTw2U9nhFqo8/ZDSc466dre85Kydllg= +cloud.google.com/go/firestore v1.9.0/go.mod h1:HMkjKHNTtRyZNiMzu7YAsLr9K3X2udY2AMwDaMEQiiE= +cloud.google.com/go/functions v1.6.0/go.mod h1:3H1UA3qiIPRWD7PeZKLvHZ9SaQhR26XIJcC0A5GbvAk= +cloud.google.com/go/functions v1.7.0/go.mod h1:+d+QBcWM+RsrgZfV9xo6KfA1GlzJfxcfZcRPEhDDfzg= +cloud.google.com/go/functions v1.8.0/go.mod h1:RTZ4/HsQjIqIYP9a9YPbU+QFoQsAlYgrwOXJWHn1POY= +cloud.google.com/go/functions v1.9.0/go.mod h1:Y+Dz8yGguzO3PpIjhLTbnqV1CWmgQ5UwtlpzoyquQ08= +cloud.google.com/go/functions v1.10.0/go.mod h1:0D3hEOe3DbEvCXtYOZHQZmD+SzYsi1YbI7dGvHfldXw= +cloud.google.com/go/functions v1.12.0/go.mod h1:AXWGrF3e2C/5ehvwYo/GH6O5s09tOPksiKhz+hH8WkA= +cloud.google.com/go/functions v1.13.0/go.mod h1:EU4O007sQm6Ef/PwRsI8N2umygGqPBS/IZQKBQBcJ3c= +cloud.google.com/go/gaming v1.5.0/go.mod h1:ol7rGcxP/qHTRQE/RO4bxkXq+Fix0j6D4LFPzYTIrDM= +cloud.google.com/go/gaming v1.6.0/go.mod h1:YMU1GEvA39Qt3zWGyAVA9bpYz/yAhTvaQ1t2sK4KPUA= +cloud.google.com/go/gaming v1.7.0/go.mod h1:LrB8U7MHdGgFG851iHAfqUdLcKBdQ55hzXy9xBJz0+w= +cloud.google.com/go/gaming v1.8.0/go.mod h1:xAqjS8b7jAVW0KFYeRUxngo9My3f33kFmua++Pi+ggM= +cloud.google.com/go/gaming v1.9.0/go.mod h1:Fc7kEmCObylSWLO334NcO+O9QMDyz+TKC4v1D7X+Bc0= +cloud.google.com/go/gkebackup v0.2.0/go.mod h1:XKvv/4LfG829/B8B7xRkk8zRrOEbKtEam6yNfuQNH60= +cloud.google.com/go/gkebackup v0.3.0/go.mod h1:n/E671i1aOQvUxT541aTkCwExO/bTer2HDlj4TsBRAo= +cloud.google.com/go/gkebackup v0.4.0/go.mod h1:byAyBGUwYGEEww7xsbnUTBHIYcOPy/PgUWUtOeRm9Vg= +cloud.google.com/go/gkeconnect v0.5.0/go.mod h1:c5lsNAg5EwAy7fkqX/+goqFsU1Da/jQFqArp+wGNr/o= +cloud.google.com/go/gkeconnect v0.6.0/go.mod h1:Mln67KyU/sHJEBY8kFZ0xTeyPtzbq9StAVvEULYK16A= +cloud.google.com/go/gkeconnect v0.7.0/go.mod h1:SNfmVqPkaEi3bF/B3CNZOAYPYdg7sU+obZ+QTky2Myw= +cloud.google.com/go/gkehub v0.9.0/go.mod h1:WYHN6WG8w9bXU0hqNxt8rm5uxnk8IH+lPY9J2TV7BK0= +cloud.google.com/go/gkehub v0.10.0/go.mod h1:UIPwxI0DsrpsVoWpLB0stwKCP+WFVG9+y977wO+hBH0= +cloud.google.com/go/gkehub v0.11.0/go.mod h1:JOWHlmN+GHyIbuWQPl47/C2RFhnFKH38jH9Ascu3n0E= +cloud.google.com/go/gkehub v0.12.0/go.mod h1:djiIwwzTTBrF5NaXCGv3mf7klpEMcST17VBTVVDcuaw= +cloud.google.com/go/gkemulticloud v0.3.0/go.mod h1:7orzy7O0S+5kq95e4Hpn7RysVA7dPs8W/GgfUtsPbrA= +cloud.google.com/go/gkemulticloud v0.4.0/go.mod h1:E9gxVBnseLWCk24ch+P9+B2CoDFJZTyIgLKSalC7tuI= +cloud.google.com/go/gkemulticloud v0.5.0/go.mod h1:W0JDkiyi3Tqh0TJr//y19wyb1yf8llHVto2Htf2Ja3Y= +cloud.google.com/go/grafeas v0.2.0/go.mod h1:KhxgtF2hb0P191HlY5besjYm6MqTSTj3LSI+M+ByZHc= +cloud.google.com/go/gsuiteaddons v1.3.0/go.mod h1:EUNK/J1lZEZO8yPtykKxLXI6JSVN2rg9bN8SXOa0bgM= +cloud.google.com/go/gsuiteaddons v1.4.0/go.mod h1:rZK5I8hht7u7HxFQcFei0+AtfS9uSushomRlg+3ua1o= +cloud.google.com/go/gsuiteaddons v1.5.0/go.mod h1:TFCClYLd64Eaa12sFVmUyG62tk4mdIsI7pAnSXRkcFo= +cloud.google.com/go/iam v0.1.0/go.mod h1:vcUNEa0pEm0qRVpmWepWaFMIAI8/hjB9mO8rNCJtF6c= +cloud.google.com/go/iam v0.3.0/go.mod h1:XzJPvDayI+9zsASAFO68Hk07u3z+f+JrT2xXNdp4bnY= +cloud.google.com/go/iam v0.5.0/go.mod h1:wPU9Vt0P4UmCux7mqtRu6jcpPAb74cP1fh50J3QpkUc= +cloud.google.com/go/iam v0.6.0/go.mod h1:+1AH33ueBne5MzYccyMHtEKqLE4/kJOibtffMHDMFMc= +cloud.google.com/go/iam v0.7.0/go.mod h1:H5Br8wRaDGNc8XP3keLc4unfUUZeyH3Sfl9XpQEYOeg= +cloud.google.com/go/iam v0.8.0/go.mod h1:lga0/y3iH6CX7sYqypWJ33hf7kkfXJag67naqGESjkE= +cloud.google.com/go/iam v0.11.0/go.mod h1:9PiLDanza5D+oWFZiH1uG+RnRCfEGKoyl6yo4cgWZGY= +cloud.google.com/go/iam v0.12.0/go.mod h1:knyHGviacl11zrtZUoDuYpDgLjvr28sLQaG0YB2GYAY= +cloud.google.com/go/iam v0.13.0/go.mod h1:ljOg+rcNfzZ5d6f1nAUJ8ZIxOaZUVoS14bKCtaLZ/D0= +cloud.google.com/go/iam v1.5.2 h1:qgFRAGEmd8z6dJ/qyEchAuL9jpswyODjA2lS+w234g8= +cloud.google.com/go/iam v1.5.2/go.mod h1:SE1vg0N81zQqLzQEwxL2WI6yhetBdbNQuTvIKCSkUHE= +cloud.google.com/go/iap v1.4.0/go.mod h1:RGFwRJdihTINIe4wZ2iCP0zF/qu18ZwyKxrhMhygBEc= +cloud.google.com/go/iap v1.5.0/go.mod h1:UH/CGgKd4KyohZL5Pt0jSKE4m3FR51qg6FKQ/z/Ix9A= +cloud.google.com/go/iap v1.6.0/go.mod h1:NSuvI9C/j7UdjGjIde7t7HBz+QTwBcapPE07+sSRcLk= +cloud.google.com/go/iap v1.7.0/go.mod h1:beqQx56T9O1G1yNPph+spKpNibDlYIiIixiqsQXxLIo= +cloud.google.com/go/iap v1.7.1/go.mod h1:WapEwPc7ZxGt2jFGB/C/bm+hP0Y6NXzOYGjpPnmMS74= +cloud.google.com/go/ids v1.1.0/go.mod h1:WIuwCaYVOzHIj2OhN9HAwvW+DBdmUAdcWlFxRl+KubM= +cloud.google.com/go/ids v1.2.0/go.mod h1:5WXvp4n25S0rA/mQWAg1YEEBBq6/s+7ml1RDCW1IrcY= +cloud.google.com/go/ids v1.3.0/go.mod h1:JBdTYwANikFKaDP6LtW5JAi4gubs57SVNQjemdt6xV4= +cloud.google.com/go/iot v1.3.0/go.mod h1:r7RGh2B61+B8oz0AGE+J72AhA0G7tdXItODWsaA2oLs= +cloud.google.com/go/iot v1.4.0/go.mod h1:dIDxPOn0UvNDUMD8Ger7FIaTuvMkj+aGk94RPP0iV+g= +cloud.google.com/go/iot v1.5.0/go.mod h1:mpz5259PDl3XJthEmh9+ap0affn/MqNSP4My77Qql9o= +cloud.google.com/go/iot v1.6.0/go.mod h1:IqdAsmE2cTYYNO1Fvjfzo9po179rAtJeVGUvkLN3rLE= +cloud.google.com/go/kms v1.4.0/go.mod h1:fajBHndQ+6ubNw6Ss2sSd+SWvjL26RNo/dr7uxsnnOA= +cloud.google.com/go/kms v1.5.0/go.mod h1:QJS2YY0eJGBg3mnDfuaCyLauWwBJiHRboYxJ++1xJNg= +cloud.google.com/go/kms v1.6.0/go.mod h1:Jjy850yySiasBUDi6KFUwUv2n1+o7QZFyuUJg6OgjA0= +cloud.google.com/go/kms v1.8.0/go.mod h1:4xFEhYFqvW+4VMELtZyxomGSYtSQKzM178ylFW4jMAg= +cloud.google.com/go/kms v1.9.0/go.mod h1:qb1tPTgfF9RQP8e1wq4cLFErVuTJv7UsSC915J8dh3w= +cloud.google.com/go/kms v1.10.0/go.mod h1:ng3KTUtQQU9bPX3+QGLsflZIHlkbn8amFAMY63m8d24= +cloud.google.com/go/kms v1.10.1/go.mod h1:rIWk/TryCkR59GMC3YtHtXeLzd634lBbKenvyySAyYI= +cloud.google.com/go/language v1.4.0/go.mod h1:F9dRpNFQmJbkaop6g0JhSBXCNlO90e1KWx5iDdxbWic= +cloud.google.com/go/language v1.6.0/go.mod h1:6dJ8t3B+lUYfStgls25GusK04NLh3eDLQnWM3mdEbhI= +cloud.google.com/go/language v1.7.0/go.mod h1:DJ6dYN/W+SQOjF8e1hLQXMF21AkH2w9wiPzPCJa2MIE= +cloud.google.com/go/language v1.8.0/go.mod h1:qYPVHf7SPoNNiCL2Dr0FfEFNil1qi3pQEyygwpgVKB8= +cloud.google.com/go/language v1.9.0/go.mod h1:Ns15WooPM5Ad/5no/0n81yUetis74g3zrbeJBE+ptUY= +cloud.google.com/go/lifesciences v0.5.0/go.mod h1:3oIKy8ycWGPUyZDR/8RNnTOYevhaMLqh5vLUXs9zvT8= +cloud.google.com/go/lifesciences v0.6.0/go.mod h1:ddj6tSX/7BOnhxCSd3ZcETvtNr8NZ6t/iPhY2Tyfu08= +cloud.google.com/go/lifesciences v0.8.0/go.mod h1:lFxiEOMqII6XggGbOnKiyZ7IBwoIqA84ClvoezaA/bo= +cloud.google.com/go/logging v1.6.1/go.mod h1:5ZO0mHHbvm8gEmeEUHrmDlTDSu5imF6MUP9OfilNXBw= +cloud.google.com/go/logging v1.7.0/go.mod h1:3xjP2CjkM3ZkO73aj4ASA5wRPGGCRrPIAeNqVNkzY8M= +cloud.google.com/go/longrunning v0.1.1/go.mod h1:UUFxuDWkv22EuY93jjmDMFT5GPQKeFVJBIF6QlTqdsE= +cloud.google.com/go/longrunning v0.3.0/go.mod h1:qth9Y41RRSUE69rDcOn6DdK3HfQfsUI0YSmW3iIlLJc= +cloud.google.com/go/longrunning v0.4.1/go.mod h1:4iWDqhBZ70CvZ6BfETbvam3T8FMvLK+eFj0E6AaRQTo= +cloud.google.com/go/longrunning v0.6.7 h1:IGtfDWHhQCgCjwQjV9iiLnUta9LBCo8R9QmAFsS/PrE= +cloud.google.com/go/longrunning v0.6.7/go.mod h1:EAFV3IZAKmM56TyiE6VAP3VoTzhZzySwI/YI1s/nRsY= +cloud.google.com/go/managedidentities v1.3.0/go.mod h1:UzlW3cBOiPrzucO5qWkNkh0w33KFtBJU281hacNvsdE= +cloud.google.com/go/managedidentities v1.4.0/go.mod h1:NWSBYbEMgqmbZsLIyKvxrYbtqOsxY1ZrGM+9RgDqInM= +cloud.google.com/go/managedidentities v1.5.0/go.mod h1:+dWcZ0JlUmpuxpIDfyP5pP5y0bLdRwOS4Lp7gMni/LA= +cloud.google.com/go/maps v0.1.0/go.mod h1:BQM97WGyfw9FWEmQMpZ5T6cpovXXSd1cGmFma94eubI= +cloud.google.com/go/maps v0.6.0/go.mod h1:o6DAMMfb+aINHz/p/jbcY+mYeXBoZoxTfdSQ8VAJaCw= +cloud.google.com/go/maps v0.7.0/go.mod h1:3GnvVl3cqeSvgMcpRlQidXsPYuDGQ8naBis7MVzpXsY= +cloud.google.com/go/mediatranslation v0.5.0/go.mod h1:jGPUhGTybqsPQn91pNXw0xVHfuJ3leR1wj37oU3y1f4= +cloud.google.com/go/mediatranslation v0.6.0/go.mod h1:hHdBCTYNigsBxshbznuIMFNe5QXEowAuNmmC7h8pu5w= +cloud.google.com/go/mediatranslation v0.7.0/go.mod h1:LCnB/gZr90ONOIQLgSXagp8XUW1ODs2UmUMvcgMfI2I= +cloud.google.com/go/memcache v1.4.0/go.mod h1:rTOfiGZtJX1AaFUrOgsMHX5kAzaTQ8azHiuDoTPzNsE= +cloud.google.com/go/memcache v1.5.0/go.mod h1:dk3fCK7dVo0cUU2c36jKb4VqKPS22BTkf81Xq617aWM= +cloud.google.com/go/memcache v1.6.0/go.mod h1:XS5xB0eQZdHtTuTF9Hf8eJkKtR3pVRCcvJwtm68T3rA= +cloud.google.com/go/memcache v1.7.0/go.mod h1:ywMKfjWhNtkQTxrWxCkCFkoPjLHPW6A7WOTVI8xy3LY= +cloud.google.com/go/memcache v1.9.0/go.mod h1:8oEyzXCu+zo9RzlEaEjHl4KkgjlNDaXbCQeQWlzNFJM= +cloud.google.com/go/metastore v1.5.0/go.mod h1:2ZNrDcQwghfdtCwJ33nM0+GrBGlVuh8rakL3vdPY3XY= +cloud.google.com/go/metastore v1.6.0/go.mod h1:6cyQTls8CWXzk45G55x57DVQ9gWg7RiH65+YgPsNh9s= +cloud.google.com/go/metastore v1.7.0/go.mod h1:s45D0B4IlsINu87/AsWiEVYbLaIMeUSoxlKKDqBGFS8= +cloud.google.com/go/metastore v1.8.0/go.mod h1:zHiMc4ZUpBiM7twCIFQmJ9JMEkDSyZS9U12uf7wHqSI= +cloud.google.com/go/metastore v1.10.0/go.mod h1:fPEnH3g4JJAk+gMRnrAnoqyv2lpUCqJPWOodSaf45Eo= +cloud.google.com/go/monitoring v1.7.0/go.mod h1:HpYse6kkGo//7p6sT0wsIC6IBDET0RhIsnmlA53dvEk= +cloud.google.com/go/monitoring v1.8.0/go.mod h1:E7PtoMJ1kQXWxPjB6mv2fhC5/15jInuulFdYYtlcvT4= +cloud.google.com/go/monitoring v1.12.0/go.mod h1:yx8Jj2fZNEkL/GYZyTLS4ZtZEZN8WtDEiEqG4kLK50w= +cloud.google.com/go/monitoring v1.13.0/go.mod h1:k2yMBAB1H9JT/QETjNkgdCGD9bPF712XiLTVr+cBrpw= +cloud.google.com/go/monitoring v1.24.2 h1:5OTsoJ1dXYIiMiuL+sYscLc9BumrL3CarVLL7dd7lHM= +cloud.google.com/go/monitoring v1.24.2/go.mod h1:x7yzPWcgDRnPEv3sI+jJGBkwl5qINf+6qY4eq0I9B4U= +cloud.google.com/go/networkconnectivity v1.4.0/go.mod h1:nOl7YL8odKyAOtzNX73/M5/mGZgqqMeryi6UPZTk/rA= +cloud.google.com/go/networkconnectivity v1.5.0/go.mod h1:3GzqJx7uhtlM3kln0+x5wyFvuVH1pIBJjhCpjzSt75o= +cloud.google.com/go/networkconnectivity v1.6.0/go.mod h1:OJOoEXW+0LAxHh89nXd64uGG+FbQoeH8DtxCHVOMlaM= +cloud.google.com/go/networkconnectivity v1.7.0/go.mod h1:RMuSbkdbPwNMQjB5HBWD5MpTBnNm39iAVpC3TmsExt8= +cloud.google.com/go/networkconnectivity v1.10.0/go.mod h1:UP4O4sWXJG13AqrTdQCD9TnLGEbtNRqjuaaA7bNjF5E= +cloud.google.com/go/networkconnectivity v1.11.0/go.mod h1:iWmDD4QF16VCDLXUqvyspJjIEtBR/4zq5hwnY2X3scM= +cloud.google.com/go/networkmanagement v1.4.0/go.mod h1:Q9mdLLRn60AsOrPc8rs8iNV6OHXaGcDdsIQe1ohekq8= +cloud.google.com/go/networkmanagement v1.5.0/go.mod h1:ZnOeZ/evzUdUsnvRt792H0uYEnHQEMaz+REhhzJRcf4= +cloud.google.com/go/networkmanagement v1.6.0/go.mod h1:5pKPqyXjB/sgtvB5xqOemumoQNB7y95Q7S+4rjSOPYY= +cloud.google.com/go/networksecurity v0.5.0/go.mod h1:xS6fOCoqpVC5zx15Z/MqkfDwH4+m/61A3ODiDV1xmiQ= +cloud.google.com/go/networksecurity v0.6.0/go.mod h1:Q5fjhTr9WMI5mbpRYEbiexTzROf7ZbDzvzCrNl14nyU= +cloud.google.com/go/networksecurity v0.7.0/go.mod h1:mAnzoxx/8TBSyXEeESMy9OOYwo1v+gZ5eMRnsT5bC8k= +cloud.google.com/go/networksecurity v0.8.0/go.mod h1:B78DkqsxFG5zRSVuwYFRZ9Xz8IcQ5iECsNrPn74hKHU= +cloud.google.com/go/notebooks v1.2.0/go.mod h1:9+wtppMfVPUeJ8fIWPOq1UnATHISkGXGqTkxeieQ6UY= +cloud.google.com/go/notebooks v1.3.0/go.mod h1:bFR5lj07DtCPC7YAAJ//vHskFBxA5JzYlH68kXVdk34= +cloud.google.com/go/notebooks v1.4.0/go.mod h1:4QPMngcwmgb6uw7Po99B2xv5ufVoIQ7nOGDyL4P8AgA= +cloud.google.com/go/notebooks v1.5.0/go.mod h1:q8mwhnP9aR8Hpfnrc5iN5IBhrXUy8S2vuYs+kBJ/gu0= +cloud.google.com/go/notebooks v1.7.0/go.mod h1:PVlaDGfJgj1fl1S3dUwhFMXFgfYGhYQt2164xOMONmE= +cloud.google.com/go/notebooks v1.8.0/go.mod h1:Lq6dYKOYOWUCTvw5t2q1gp1lAp0zxAxRycayS0iJcqQ= +cloud.google.com/go/optimization v1.1.0/go.mod h1:5po+wfvX5AQlPznyVEZjGJTMr4+CAkJf2XSTQOOl9l4= +cloud.google.com/go/optimization v1.2.0/go.mod h1:Lr7SOHdRDENsh+WXVmQhQTrzdu9ybg0NecjHidBq6xs= +cloud.google.com/go/optimization v1.3.1/go.mod h1:IvUSefKiwd1a5p0RgHDbWCIbDFgKuEdB+fPPuP0IDLI= +cloud.google.com/go/orchestration v1.3.0/go.mod h1:Sj5tq/JpWiB//X/q3Ngwdl5K7B7Y0KZ7bfv0wL6fqVA= +cloud.google.com/go/orchestration v1.4.0/go.mod h1:6W5NLFWs2TlniBphAViZEVhrXRSMgUGDfW7vrWKvsBk= +cloud.google.com/go/orchestration v1.6.0/go.mod h1:M62Bevp7pkxStDfFfTuCOaXgaaqRAga1yKyoMtEoWPQ= +cloud.google.com/go/orgpolicy v1.4.0/go.mod h1:xrSLIV4RePWmP9P3tBl8S93lTmlAxjm06NSm2UTmKvE= +cloud.google.com/go/orgpolicy v1.5.0/go.mod h1:hZEc5q3wzwXJaKrsx5+Ewg0u1LxJ51nNFlext7Tanwc= +cloud.google.com/go/orgpolicy v1.10.0/go.mod h1:w1fo8b7rRqlXlIJbVhOMPrwVljyuW5mqssvBtU18ONc= +cloud.google.com/go/osconfig v1.7.0/go.mod h1:oVHeCeZELfJP7XLxcBGTMBvRO+1nQ5tFG9VQTmYS2Fs= +cloud.google.com/go/osconfig v1.8.0/go.mod h1:EQqZLu5w5XA7eKizepumcvWx+m8mJUhEwiPqWiZeEdg= +cloud.google.com/go/osconfig v1.9.0/go.mod h1:Yx+IeIZJ3bdWmzbQU4fxNl8xsZ4amB+dygAwFPlvnNo= +cloud.google.com/go/osconfig v1.10.0/go.mod h1:uMhCzqC5I8zfD9zDEAfvgVhDS8oIjySWh+l4WK6GnWw= +cloud.google.com/go/osconfig v1.11.0/go.mod h1:aDICxrur2ogRd9zY5ytBLV89KEgT2MKB2L/n6x1ooPw= +cloud.google.com/go/oslogin v1.4.0/go.mod h1:YdgMXWRaElXz/lDk1Na6Fh5orF7gvmJ0FGLIs9LId4E= +cloud.google.com/go/oslogin v1.5.0/go.mod h1:D260Qj11W2qx/HVF29zBg+0fd6YCSjSqLUkY/qEenQU= +cloud.google.com/go/oslogin v1.6.0/go.mod h1:zOJ1O3+dTU8WPlGEkFSh7qeHPPSoxrcMbbK1Nm2iX70= +cloud.google.com/go/oslogin v1.7.0/go.mod h1:e04SN0xO1UNJ1M5GP0vzVBFicIe4O53FOfcixIqTyXo= +cloud.google.com/go/oslogin v1.9.0/go.mod h1:HNavntnH8nzrn8JCTT5fj18FuJLFJc4NaZJtBnQtKFs= +cloud.google.com/go/phishingprotection v0.5.0/go.mod h1:Y3HZknsK9bc9dMi+oE8Bim0lczMU6hrX0UpADuMefr0= +cloud.google.com/go/phishingprotection v0.6.0/go.mod h1:9Y3LBLgy0kDTcYET8ZH3bq/7qni15yVUoAxiFxnlSUA= +cloud.google.com/go/phishingprotection v0.7.0/go.mod h1:8qJI4QKHoda/sb/7/YmMQ2omRLSLYSu9bU0EKCNI+Lk= +cloud.google.com/go/policytroubleshooter v1.3.0/go.mod h1:qy0+VwANja+kKrjlQuOzmlvscn4RNsAc0e15GGqfMxg= +cloud.google.com/go/policytroubleshooter v1.4.0/go.mod h1:DZT4BcRw3QoO8ota9xw/LKtPa8lKeCByYeKTIf/vxdE= +cloud.google.com/go/policytroubleshooter v1.5.0/go.mod h1:Rz1WfV+1oIpPdN2VvvuboLVRsB1Hclg3CKQ53j9l8vw= +cloud.google.com/go/policytroubleshooter v1.6.0/go.mod h1:zYqaPTsmfvpjm5ULxAyD/lINQxJ0DDsnWOP/GZ7xzBc= +cloud.google.com/go/privatecatalog v0.5.0/go.mod h1:XgosMUvvPyxDjAVNDYxJ7wBW8//hLDDYmnsNcMGq1K0= +cloud.google.com/go/privatecatalog v0.6.0/go.mod h1:i/fbkZR0hLN29eEWiiwue8Pb+GforiEIBnV9yrRUOKI= +cloud.google.com/go/privatecatalog v0.7.0/go.mod h1:2s5ssIFO69F5csTXcwBP7NPFTZvps26xGzvQ2PQaBYg= +cloud.google.com/go/privatecatalog v0.8.0/go.mod h1:nQ6pfaegeDAq/Q5lrfCQzQLhubPiZhSaNhIgfJlnIXs= +cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= +cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= +cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= +cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU= +cloud.google.com/go/pubsub v1.26.0/go.mod h1:QgBH3U/jdJy/ftjPhTkyXNj543Tin1pRYcdcPRnFIRI= +cloud.google.com/go/pubsub v1.27.1/go.mod h1:hQN39ymbV9geqBnfQq6Xf63yNhUAhv9CZhzp5O6qsW0= +cloud.google.com/go/pubsub v1.28.0/go.mod h1:vuXFpwaVoIPQMGXqRyUQigu/AX1S3IWugR9xznmcXX8= +cloud.google.com/go/pubsub v1.30.0/go.mod h1:qWi1OPS0B+b5L+Sg6Gmc9zD1Y+HaM0MdUr7LsupY1P4= +cloud.google.com/go/pubsublite v1.5.0/go.mod h1:xapqNQ1CuLfGi23Yda/9l4bBCKz/wC3KIJ5gKcxveZg= +cloud.google.com/go/pubsublite v1.6.0/go.mod h1:1eFCS0U11xlOuMFV/0iBqw3zP12kddMeCbj/F3FSj9k= +cloud.google.com/go/pubsublite v1.7.0/go.mod h1:8hVMwRXfDfvGm3fahVbtDbiLePT3gpoiJYJY+vxWxVM= +cloud.google.com/go/recaptchaenterprise v1.3.1/go.mod h1:OdD+q+y4XGeAlxRaMn1Y7/GveP6zmq76byL6tjPE7d4= +cloud.google.com/go/recaptchaenterprise/v2 v2.1.0/go.mod h1:w9yVqajwroDNTfGuhmOjPDN//rZGySaf6PtFVcSCa7o= +cloud.google.com/go/recaptchaenterprise/v2 v2.2.0/go.mod h1:/Zu5jisWGeERrd5HnlS3EUGb/D335f9k51B/FVil0jk= +cloud.google.com/go/recaptchaenterprise/v2 v2.3.0/go.mod h1:O9LwGCjrhGHBQET5CA7dd5NwwNQUErSgEDit1DLNTdo= +cloud.google.com/go/recaptchaenterprise/v2 v2.4.0/go.mod h1:Am3LHfOuBstrLrNCBrlI5sbwx9LBg3te2N6hGvHn2mE= +cloud.google.com/go/recaptchaenterprise/v2 v2.5.0/go.mod h1:O8LzcHXN3rz0j+LBC91jrwI3R+1ZSZEWrfL7XHgNo9U= +cloud.google.com/go/recaptchaenterprise/v2 v2.6.0/go.mod h1:RPauz9jeLtB3JVzg6nCbe12qNoaa8pXc4d/YukAmcnA= +cloud.google.com/go/recaptchaenterprise/v2 v2.7.0/go.mod h1:19wVj/fs5RtYtynAPJdDTb69oW0vNHYDBTbB4NvMD9c= +cloud.google.com/go/recommendationengine v0.5.0/go.mod h1:E5756pJcVFeVgaQv3WNpImkFP8a+RptV6dDLGPILjvg= +cloud.google.com/go/recommendationengine v0.6.0/go.mod h1:08mq2umu9oIqc7tDy8sx+MNJdLG0fUi3vaSVbztHgJ4= +cloud.google.com/go/recommendationengine v0.7.0/go.mod h1:1reUcE3GIu6MeBz/h5xZJqNLuuVjNg1lmWMPyjatzac= +cloud.google.com/go/recommender v1.5.0/go.mod h1:jdoeiBIVrJe9gQjwd759ecLJbxCDED4A6p+mqoqDvTg= +cloud.google.com/go/recommender v1.6.0/go.mod h1:+yETpm25mcoiECKh9DEScGzIRyDKpZ0cEhWGo+8bo+c= +cloud.google.com/go/recommender v1.7.0/go.mod h1:XLHs/W+T8olwlGOgfQenXBTbIseGclClff6lhFVe9Bs= +cloud.google.com/go/recommender v1.8.0/go.mod h1:PkjXrTT05BFKwxaUxQmtIlrtj0kph108r02ZZQ5FE70= +cloud.google.com/go/recommender v1.9.0/go.mod h1:PnSsnZY7q+VL1uax2JWkt/UegHssxjUVVCrX52CuEmQ= +cloud.google.com/go/redis v1.7.0/go.mod h1:V3x5Jq1jzUcg+UNsRvdmsfuFnit1cfe3Z/PGyq/lm4Y= +cloud.google.com/go/redis v1.8.0/go.mod h1:Fm2szCDavWzBk2cDKxrkmWBqoCiL1+Ctwq7EyqBCA/A= +cloud.google.com/go/redis v1.9.0/go.mod h1:HMYQuajvb2D0LvMgZmLDZW8V5aOC/WxstZHiy4g8OiA= +cloud.google.com/go/redis v1.10.0/go.mod h1:ThJf3mMBQtW18JzGgh41/Wld6vnDDc/F/F35UolRZPM= +cloud.google.com/go/redis v1.11.0/go.mod h1:/X6eicana+BWcUda5PpwZC48o37SiFVTFSs0fWAJ7uQ= +cloud.google.com/go/resourcemanager v1.3.0/go.mod h1:bAtrTjZQFJkiWTPDb1WBjzvc6/kifjj4QBYuKCCoqKA= +cloud.google.com/go/resourcemanager v1.4.0/go.mod h1:MwxuzkumyTX7/a3n37gmsT3py7LIXwrShilPh3P1tR0= +cloud.google.com/go/resourcemanager v1.5.0/go.mod h1:eQoXNAiAvCf5PXxWxXjhKQoTMaUSNrEfg+6qdf/wots= +cloud.google.com/go/resourcemanager v1.6.0/go.mod h1:YcpXGRs8fDzcUl1Xw8uOVmI8JEadvhRIkoXXUNVYcVo= +cloud.google.com/go/resourcemanager v1.7.0/go.mod h1:HlD3m6+bwhzj9XCouqmeiGuni95NTrExfhoSrkC/3EI= +cloud.google.com/go/resourcesettings v1.3.0/go.mod h1:lzew8VfESA5DQ8gdlHwMrqZs1S9V87v3oCnKCWoOuQU= +cloud.google.com/go/resourcesettings v1.4.0/go.mod h1:ldiH9IJpcrlC3VSuCGvjR5of/ezRrOxFtpJoJo5SmXg= +cloud.google.com/go/resourcesettings v1.5.0/go.mod h1:+xJF7QSG6undsQDfsCJyqWXyBwUoJLhetkRMDRnIoXA= +cloud.google.com/go/retail v1.8.0/go.mod h1:QblKS8waDmNUhghY2TI9O3JLlFk8jybHeV4BF19FrE4= +cloud.google.com/go/retail v1.9.0/go.mod h1:g6jb6mKuCS1QKnH/dpu7isX253absFl6iE92nHwlBUY= +cloud.google.com/go/retail v1.10.0/go.mod h1:2gDk9HsL4HMS4oZwz6daui2/jmKvqShXKQuB2RZ+cCc= +cloud.google.com/go/retail v1.11.0/go.mod h1:MBLk1NaWPmh6iVFSz9MeKG/Psyd7TAgm6y/9L2B4x9Y= +cloud.google.com/go/retail v1.12.0/go.mod h1:UMkelN/0Z8XvKymXFbD4EhFJlYKRx1FGhQkVPU5kF14= +cloud.google.com/go/run v0.2.0/go.mod h1:CNtKsTA1sDcnqqIFR3Pb5Tq0usWxJJvsWOCPldRU3Do= +cloud.google.com/go/run v0.3.0/go.mod h1:TuyY1+taHxTjrD0ZFk2iAR+xyOXEA0ztb7U3UNA0zBo= +cloud.google.com/go/run v0.8.0/go.mod h1:VniEnuBwqjigv0A7ONfQUaEItaiCRVujlMqerPPiktM= +cloud.google.com/go/run v0.9.0/go.mod h1:Wwu+/vvg8Y+JUApMwEDfVfhetv30hCG4ZwDR/IXl2Qg= +cloud.google.com/go/scheduler v1.4.0/go.mod h1:drcJBmxF3aqZJRhmkHQ9b3uSSpQoltBPGPxGAWROx6s= +cloud.google.com/go/scheduler v1.5.0/go.mod h1:ri073ym49NW3AfT6DZi21vLZrG07GXr5p3H1KxN5QlI= +cloud.google.com/go/scheduler v1.6.0/go.mod h1:SgeKVM7MIwPn3BqtcBntpLyrIJftQISRrYB5ZtT+KOk= +cloud.google.com/go/scheduler v1.7.0/go.mod h1:jyCiBqWW956uBjjPMMuX09n3x37mtyPJegEWKxRsn44= +cloud.google.com/go/scheduler v1.8.0/go.mod h1:TCET+Y5Gp1YgHT8py4nlg2Sew8nUHMqcpousDgXJVQc= +cloud.google.com/go/scheduler v1.9.0/go.mod h1:yexg5t+KSmqu+njTIh3b7oYPheFtBWGcbVUYF1GGMIc= +cloud.google.com/go/secretmanager v1.6.0/go.mod h1:awVa/OXF6IiyaU1wQ34inzQNc4ISIDIrId8qE5QGgKA= +cloud.google.com/go/secretmanager v1.8.0/go.mod h1:hnVgi/bN5MYHd3Gt0SPuTPPp5ENina1/LxM+2W9U9J4= +cloud.google.com/go/secretmanager v1.9.0/go.mod h1:b71qH2l1yHmWQHt9LC80akm86mX8AL6X1MA01dW8ht4= +cloud.google.com/go/secretmanager v1.10.0/go.mod h1:MfnrdvKMPNra9aZtQFvBcvRU54hbPD8/HayQdlUgJpU= +cloud.google.com/go/security v1.5.0/go.mod h1:lgxGdyOKKjHL4YG3/YwIL2zLqMFCKs0UbQwgyZmfJl4= +cloud.google.com/go/security v1.7.0/go.mod h1:mZklORHl6Bg7CNnnjLH//0UlAlaXqiG7Lb9PsPXLfD0= +cloud.google.com/go/security v1.8.0/go.mod h1:hAQOwgmaHhztFhiQ41CjDODdWP0+AE1B3sX4OFlq+GU= +cloud.google.com/go/security v1.9.0/go.mod h1:6Ta1bO8LXI89nZnmnsZGp9lVoVWXqsVbIq/t9dzI+2Q= +cloud.google.com/go/security v1.10.0/go.mod h1:QtOMZByJVlibUT2h9afNDWRZ1G96gVywH8T5GUSb9IA= +cloud.google.com/go/security v1.12.0/go.mod h1:rV6EhrpbNHrrxqlvW0BWAIawFWq3X90SduMJdFwtLB8= +cloud.google.com/go/security v1.13.0/go.mod h1:Q1Nvxl1PAgmeW0y3HTt54JYIvUdtcpYKVfIB8AOMZ+0= +cloud.google.com/go/securitycenter v1.13.0/go.mod h1:cv5qNAqjY84FCN6Y9z28WlkKXyWsgLO832YiWwkCWcU= +cloud.google.com/go/securitycenter v1.14.0/go.mod h1:gZLAhtyKv85n52XYWt6RmeBdydyxfPeTrpToDPw4Auc= +cloud.google.com/go/securitycenter v1.15.0/go.mod h1:PeKJ0t8MoFmmXLXWm41JidyzI3PJjd8sXWaVqg43WWk= +cloud.google.com/go/securitycenter v1.16.0/go.mod h1:Q9GMaLQFUD+5ZTabrbujNWLtSLZIZF7SAR0wWECrjdk= +cloud.google.com/go/securitycenter v1.18.1/go.mod h1:0/25gAzCM/9OL9vVx4ChPeM/+DlfGQJDwBy/UC8AKK0= +cloud.google.com/go/securitycenter v1.19.0/go.mod h1:LVLmSg8ZkkyaNy4u7HCIshAngSQ8EcIRREP3xBnyfag= +cloud.google.com/go/servicecontrol v1.4.0/go.mod h1:o0hUSJ1TXJAmi/7fLJAedOovnujSEvjKCAFNXPQ1RaU= +cloud.google.com/go/servicecontrol v1.5.0/go.mod h1:qM0CnXHhyqKVuiZnGKrIurvVImCs8gmqWsDoqe9sU1s= +cloud.google.com/go/servicecontrol v1.10.0/go.mod h1:pQvyvSRh7YzUF2efw7H87V92mxU8FnFDawMClGCNuAA= +cloud.google.com/go/servicecontrol v1.11.0/go.mod h1:kFmTzYzTUIuZs0ycVqRHNaNhgR+UMUpw9n02l/pY+mc= +cloud.google.com/go/servicecontrol v1.11.1/go.mod h1:aSnNNlwEFBY+PWGQ2DoM0JJ/QUXqV5/ZD9DOLB7SnUk= +cloud.google.com/go/servicedirectory v1.4.0/go.mod h1:gH1MUaZCgtP7qQiI+F+A+OpeKF/HQWgtAddhTbhL2bs= +cloud.google.com/go/servicedirectory v1.5.0/go.mod h1:QMKFL0NUySbpZJ1UZs3oFAmdvVxhhxB6eJ/Vlp73dfg= +cloud.google.com/go/servicedirectory v1.6.0/go.mod h1:pUlbnWsLH9c13yGkxCmfumWEPjsRs1RlmJ4pqiNjVL4= +cloud.google.com/go/servicedirectory v1.7.0/go.mod h1:5p/U5oyvgYGYejufvxhgwjL8UVXjkuw7q5XcG10wx1U= +cloud.google.com/go/servicedirectory v1.8.0/go.mod h1:srXodfhY1GFIPvltunswqXpVxFPpZjf8nkKQT7XcXaY= +cloud.google.com/go/servicedirectory v1.9.0/go.mod h1:29je5JjiygNYlmsGz8k6o+OZ8vd4f//bQLtvzkPPT/s= +cloud.google.com/go/servicemanagement v1.4.0/go.mod h1:d8t8MDbezI7Z2R1O/wu8oTggo3BI2GKYbdG4y/SJTco= +cloud.google.com/go/servicemanagement v1.5.0/go.mod h1:XGaCRe57kfqu4+lRxaFEAuqmjzF0r+gWHjWqKqBvKFo= +cloud.google.com/go/servicemanagement v1.6.0/go.mod h1:aWns7EeeCOtGEX4OvZUWCCJONRZeFKiptqKf1D0l/Jc= +cloud.google.com/go/servicemanagement v1.8.0/go.mod h1:MSS2TDlIEQD/fzsSGfCdJItQveu9NXnUniTrq/L8LK4= +cloud.google.com/go/serviceusage v1.3.0/go.mod h1:Hya1cozXM4SeSKTAgGXgj97GlqUvF5JaoXacR1JTP/E= +cloud.google.com/go/serviceusage v1.4.0/go.mod h1:SB4yxXSaYVuUBYUml6qklyONXNLt83U0Rb+CXyhjEeU= +cloud.google.com/go/serviceusage v1.5.0/go.mod h1:w8U1JvqUqwJNPEOTQjrMHkw3IaIFLoLsPLvsE3xueec= +cloud.google.com/go/serviceusage v1.6.0/go.mod h1:R5wwQcbOWsyuOfbP9tGdAnCAc6B9DRwPG1xtWMDeuPA= +cloud.google.com/go/shell v1.3.0/go.mod h1:VZ9HmRjZBsjLGXusm7K5Q5lzzByZmJHf1d0IWHEN5X4= +cloud.google.com/go/shell v1.4.0/go.mod h1:HDxPzZf3GkDdhExzD/gs8Grqk+dmYcEjGShZgYa9URw= +cloud.google.com/go/shell v1.6.0/go.mod h1:oHO8QACS90luWgxP3N9iZVuEiSF84zNyLytb+qE2f9A= +cloud.google.com/go/spanner v1.41.0/go.mod h1:MLYDBJR/dY4Wt7ZaMIQ7rXOTLjYrmxLE/5ve9vFfWos= +cloud.google.com/go/spanner v1.44.0/go.mod h1:G8XIgYdOK+Fbcpbs7p2fiprDw4CaZX63whnSMLVBxjk= +cloud.google.com/go/spanner v1.45.0/go.mod h1:FIws5LowYz8YAE1J8fOS7DJup8ff7xJeetWEo5REA2M= +cloud.google.com/go/spanner v1.84.1 h1:ShH4Y3YeDtmHa55dFiSS3YtQ0dmCuP0okfAoHp/d68w= +cloud.google.com/go/spanner v1.84.1/go.mod h1:3GMEIjOcXINJSvb42H3M6TdlGCDzaCFpiiNQpjHPlCM= +cloud.google.com/go/speech v1.6.0/go.mod h1:79tcr4FHCimOp56lwC01xnt/WPJZc4v3gzyT7FoBkCM= +cloud.google.com/go/speech v1.7.0/go.mod h1:KptqL+BAQIhMsj1kOP2la5DSEEerPDuOP/2mmkhHhZQ= +cloud.google.com/go/speech v1.8.0/go.mod h1:9bYIl1/tjsAnMgKGHKmBZzXKEkGgtU+MpdDPTE9f7y0= +cloud.google.com/go/speech v1.9.0/go.mod h1:xQ0jTcmnRFFM2RfX/U+rk6FQNUF6DQlydUSyoooSpco= +cloud.google.com/go/speech v1.14.1/go.mod h1:gEosVRPJ9waG7zqqnsHpYTOoAS4KouMRLDFMekpJ0J0= +cloud.google.com/go/speech v1.15.0/go.mod h1:y6oH7GhqCaZANH7+Oe0BhgIogsNInLlz542tg3VqeYI= +cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= +cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= +cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= +cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= +cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= +cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3fOKtUw0Xmo= +cloud.google.com/go/storage v1.22.1/go.mod h1:S8N1cAStu7BOeFfE8KAQzmyyLkK8p/vmRq6kuBTW58Y= +cloud.google.com/go/storage v1.23.0/go.mod h1:vOEEDNFnciUMhBeT6hsJIn3ieU5cFRmzeLgDvXzfIXc= +cloud.google.com/go/storage v1.27.0/go.mod h1:x9DOL8TK/ygDUMieqwfhdpQryTeEkhGKMi80i/iqR2s= +cloud.google.com/go/storage v1.28.1/go.mod h1:Qnisd4CqDdo6BGs2AD5LLnEsmSQ80wQ5ogcBBKhU86Y= +cloud.google.com/go/storage v1.29.0/go.mod h1:4puEjyTKnku6gfKoTfNOU/W+a9JyuVNxjpS5GBrB8h4= +cloud.google.com/go/storagetransfer v1.5.0/go.mod h1:dxNzUopWy7RQevYFHewchb29POFv3/AaBgnhqzqiK0w= +cloud.google.com/go/storagetransfer v1.6.0/go.mod h1:y77xm4CQV/ZhFZH75PLEXY0ROiS7Gh6pSKrM8dJyg6I= +cloud.google.com/go/storagetransfer v1.7.0/go.mod h1:8Giuj1QNb1kfLAiWM1bN6dHzfdlDAVC9rv9abHot2W4= +cloud.google.com/go/storagetransfer v1.8.0/go.mod h1:JpegsHHU1eXg7lMHkvf+KE5XDJ7EQu0GwNJbbVGanEw= +cloud.google.com/go/talent v1.1.0/go.mod h1:Vl4pt9jiHKvOgF9KoZo6Kob9oV4lwd/ZD5Cto54zDRw= +cloud.google.com/go/talent v1.2.0/go.mod h1:MoNF9bhFQbiJ6eFD3uSsg0uBALw4n4gaCaEjBw9zo8g= +cloud.google.com/go/talent v1.3.0/go.mod h1:CmcxwJ/PKfRgd1pBjQgU6W3YBwiewmUzQYH5HHmSCmM= +cloud.google.com/go/talent v1.4.0/go.mod h1:ezFtAgVuRf8jRsvyE6EwmbTK5LKciD4KVnHuDEFmOOA= +cloud.google.com/go/talent v1.5.0/go.mod h1:G+ODMj9bsasAEJkQSzO2uHQWXHHXUomArjWQQYkqK6c= +cloud.google.com/go/texttospeech v1.4.0/go.mod h1:FX8HQHA6sEpJ7rCMSfXuzBcysDAuWusNNNvN9FELDd8= +cloud.google.com/go/texttospeech v1.5.0/go.mod h1:oKPLhR4n4ZdQqWKURdwxMy0uiTS1xU161C8W57Wkea4= +cloud.google.com/go/texttospeech v1.6.0/go.mod h1:YmwmFT8pj1aBblQOI3TfKmwibnsfvhIBzPXcW4EBovc= +cloud.google.com/go/tpu v1.3.0/go.mod h1:aJIManG0o20tfDQlRIej44FcwGGl/cD0oiRyMKG19IQ= +cloud.google.com/go/tpu v1.4.0/go.mod h1:mjZaX8p0VBgllCzF6wcU2ovUXN9TONFLd7iz227X2Xg= +cloud.google.com/go/tpu v1.5.0/go.mod h1:8zVo1rYDFuW2l4yZVY0R0fb/v44xLh3llq7RuV61fPM= +cloud.google.com/go/trace v1.3.0/go.mod h1:FFUE83d9Ca57C+K8rDl/Ih8LwOzWIV1krKgxg6N0G28= +cloud.google.com/go/trace v1.4.0/go.mod h1:UG0v8UBqzusp+z63o7FK74SdFE+AXpCLdFb1rshXG+Y= +cloud.google.com/go/trace v1.8.0/go.mod h1:zH7vcsbAhklH8hWFig58HvxcxyQbaIqMarMg9hn5ECA= +cloud.google.com/go/trace v1.9.0/go.mod h1:lOQqpE5IaWY0Ixg7/r2SjixMuc6lfTFeO4QGM4dQWOk= +cloud.google.com/go/translate v1.3.0/go.mod h1:gzMUwRjvOqj5i69y/LYLd8RrNQk+hOmIXTi9+nb3Djs= +cloud.google.com/go/translate v1.4.0/go.mod h1:06Dn/ppvLD6WvA5Rhdp029IX2Mi3Mn7fpMRLPvXT5Wg= +cloud.google.com/go/translate v1.5.0/go.mod h1:29YDSYveqqpA1CQFD7NQuP49xymq17RXNaUDdc0mNu0= +cloud.google.com/go/translate v1.6.0/go.mod h1:lMGRudH1pu7I3n3PETiOB2507gf3HnfLV8qlkHZEyos= +cloud.google.com/go/translate v1.7.0/go.mod h1:lMGRudH1pu7I3n3PETiOB2507gf3HnfLV8qlkHZEyos= +cloud.google.com/go/video v1.8.0/go.mod h1:sTzKFc0bUSByE8Yoh8X0mn8bMymItVGPfTuUBUyRgxk= +cloud.google.com/go/video v1.9.0/go.mod h1:0RhNKFRF5v92f8dQt0yhaHrEuH95m068JYOvLZYnJSw= +cloud.google.com/go/video v1.12.0/go.mod h1:MLQew95eTuaNDEGriQdcYn0dTwf9oWiA4uYebxM5kdg= +cloud.google.com/go/video v1.13.0/go.mod h1:ulzkYlYgCp15N2AokzKjy7MQ9ejuynOJdf1tR5lGthk= +cloud.google.com/go/video v1.14.0/go.mod h1:SkgaXwT+lIIAKqWAJfktHT/RbgjSuY6DobxEp0C5yTQ= +cloud.google.com/go/video v1.15.0/go.mod h1:SkgaXwT+lIIAKqWAJfktHT/RbgjSuY6DobxEp0C5yTQ= +cloud.google.com/go/videointelligence v1.6.0/go.mod h1:w0DIDlVRKtwPCn/C4iwZIJdvC69yInhW0cfi+p546uU= +cloud.google.com/go/videointelligence v1.7.0/go.mod h1:k8pI/1wAhjznARtVT9U1llUaFNPh7muw8QyOUpavru4= +cloud.google.com/go/videointelligence v1.8.0/go.mod h1:dIcCn4gVDdS7yte/w+koiXn5dWVplOZkE+xwG9FgK+M= +cloud.google.com/go/videointelligence v1.9.0/go.mod h1:29lVRMPDYHikk3v8EdPSaL8Ku+eMzDljjuvRs105XoU= +cloud.google.com/go/videointelligence v1.10.0/go.mod h1:LHZngX1liVtUhZvi2uNS0VQuOzNi2TkY1OakiuoUOjU= +cloud.google.com/go/vision v1.2.0/go.mod h1:SmNwgObm5DpFBme2xpyOyasvBc1aPdjvMk2bBk0tKD0= +cloud.google.com/go/vision/v2 v2.2.0/go.mod h1:uCdV4PpN1S0jyCyq8sIM42v2Y6zOLkZs+4R9LrGYwFo= +cloud.google.com/go/vision/v2 v2.3.0/go.mod h1:UO61abBx9QRMFkNBbf1D8B1LXdS2cGiiCRx0vSpZoUo= +cloud.google.com/go/vision/v2 v2.4.0/go.mod h1:VtI579ll9RpVTrdKdkMzckdnwMyX2JILb+MhPqRbPsY= +cloud.google.com/go/vision/v2 v2.5.0/go.mod h1:MmaezXOOE+IWa+cS7OhRRLK2cNv1ZL98zhqFFZaaH2E= +cloud.google.com/go/vision/v2 v2.6.0/go.mod h1:158Hes0MvOS9Z/bDMSFpjwsUrZ5fPrdwuyyvKSGAGMY= +cloud.google.com/go/vision/v2 v2.7.0/go.mod h1:H89VysHy21avemp6xcf9b9JvZHVehWbET0uT/bcuY/0= +cloud.google.com/go/vmmigration v1.2.0/go.mod h1:IRf0o7myyWFSmVR1ItrBSFLFD/rJkfDCUTO4vLlJvsE= +cloud.google.com/go/vmmigration v1.3.0/go.mod h1:oGJ6ZgGPQOFdjHuocGcLqX4lc98YQ7Ygq8YQwHh9A7g= +cloud.google.com/go/vmmigration v1.5.0/go.mod h1:E4YQ8q7/4W9gobHjQg4JJSgXXSgY21nA5r8swQV+Xxc= +cloud.google.com/go/vmmigration v1.6.0/go.mod h1:bopQ/g4z+8qXzichC7GW1w2MjbErL54rk3/C843CjfY= +cloud.google.com/go/vmwareengine v0.1.0/go.mod h1:RsdNEf/8UDvKllXhMz5J40XxDrNJNN4sagiox+OI208= +cloud.google.com/go/vmwareengine v0.2.2/go.mod h1:sKdctNJxb3KLZkE/6Oui94iw/xs9PRNC2wnNLXsHvH8= +cloud.google.com/go/vmwareengine v0.3.0/go.mod h1:wvoyMvNWdIzxMYSpH/R7y2h5h3WFkx6d+1TIsP39WGY= +cloud.google.com/go/vpcaccess v1.4.0/go.mod h1:aQHVbTWDYUR1EbTApSVvMq1EnT57ppDmQzZ3imqIk4w= +cloud.google.com/go/vpcaccess v1.5.0/go.mod h1:drmg4HLk9NkZpGfCmZ3Tz0Bwnm2+DKqViEpeEpOq0m8= +cloud.google.com/go/vpcaccess v1.6.0/go.mod h1:wX2ILaNhe7TlVa4vC5xce1bCnqE3AeH27RV31lnmZes= +cloud.google.com/go/webrisk v1.4.0/go.mod h1:Hn8X6Zr+ziE2aNd8SliSDWpEnSS1u4R9+xXZmFiHmGE= +cloud.google.com/go/webrisk v1.5.0/go.mod h1:iPG6fr52Tv7sGk0H6qUFzmL3HHZev1htXuWDEEsqMTg= +cloud.google.com/go/webrisk v1.6.0/go.mod h1:65sW9V9rOosnc9ZY7A7jsy1zoHS5W9IAXv6dGqhMQMc= +cloud.google.com/go/webrisk v1.7.0/go.mod h1:mVMHgEYH0r337nmt1JyLthzMr6YxwN1aAIEc2fTcq7A= +cloud.google.com/go/webrisk v1.8.0/go.mod h1:oJPDuamzHXgUc+b8SiHRcVInZQuybnvEW72PqTc7sSg= +cloud.google.com/go/websecurityscanner v1.3.0/go.mod h1:uImdKm2wyeXQevQJXeh8Uun/Ym1VqworNDlBXQevGMo= +cloud.google.com/go/websecurityscanner v1.4.0/go.mod h1:ebit/Fp0a+FWu5j4JOmJEV8S8CzdTkAS77oDsiSqYWQ= +cloud.google.com/go/websecurityscanner v1.5.0/go.mod h1:Y6xdCPy81yi0SQnDY1xdNTNpfY1oAgXUlcfN3B3eSng= +cloud.google.com/go/workflows v1.6.0/go.mod h1:6t9F5h/unJz41YqfBmqSASJSXccBLtD1Vwf+KmJENM0= +cloud.google.com/go/workflows v1.7.0/go.mod h1:JhSrZuVZWuiDfKEFxU0/F1PQjmpnpcoISEXH2bcHC3M= +cloud.google.com/go/workflows v1.8.0/go.mod h1:ysGhmEajwZxGn1OhGOGKsTXc5PyxOc0vfKf5Af+to4M= +cloud.google.com/go/workflows v1.9.0/go.mod h1:ZGkj1aFIOd9c8Gerkjjq7OW7I5+l6cSvT3ujaO/WwSA= +cloud.google.com/go/workflows v1.10.0/go.mod h1:fZ8LmRmZQWacon9UCX1r/g/DfAXx5VcPALq2CxzdePw= +dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA= filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4= +gioui.org v0.0.0-20210308172011-57750fc8a0a6/go.mod h1:RSH6KIUZ0p2xy5zHDxgAM4zumjgTw83q2ge/PI+yyw8= +git.sr.ht/~sbinet/gg v0.3.1/go.mod h1:KGYtlADtqsqANL9ueOFkWymvzUvLMQllU5Ixo+8v3pc= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.0.0/go.mod h1:uGG2W01BaETf0Ozp+QxxKJdMBNRWPdstHG0Fmdwn1/U= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.1.2/go.mod h1:uGG2W01BaETf0Ozp+QxxKJdMBNRWPdstHG0Fmdwn1/U= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.1 h1:lGlwhPtrX6EVml1hO0ivjkUxsSyl4dsiw9qcA1k/3IQ= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.1/go.mod h1:RKUqNu35KJYcVG/fqTRqmuXJZYNhYkBrnC/hX7yGbTA= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.1.0/go.mod h1:bhXu1AjYL+wutSL/kpSq6s7733q2Rb0yuot9Zgfqa/0= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1 h1:sO0/P7g68FrryJzljemN+6GTssUXdANk6aJ7T1ZxnsQ= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1/go.mod h1:h8hyGFDsU5HMivxiS2iYFZsgDbU9OnnJ163x5UGVKYo= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.0.0/go.mod h1:eWRD7oawr1Mu1sLCawqVc0CUiF43ia3qQMxLscsKQ9w= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.1 h1:6oNBlSdi1QqM1PNW7FPA6xOGA5UNsXnkaYZz9vdPGhA= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.1/go.mod h1:s4kgfzA0covAXNicZHDMN58jExvcng2mC/DepXiF1EI= +github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys v1.0.1 h1:MyVTgWR8qd/Jw1Le0NZebGBUCLbtak3bJ3z1OlqZBpw= +github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys v1.0.1/go.mod h1:GpPjLhVR9dnUoJMyHWSPy71xY9/lcmpzIPZXmF0FCVY= +github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.0.0 h1:D3occbWoio4EBLkbkevetNMAVX197GkzbUMtqjGWn80= +github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.0.0/go.mod h1:bTSOgj05NGRuHHhQwAdPnYr9TOdNmKlZTgGLL6nyAdI= +github.com/AzureAD/microsoft-authentication-library-for-go v0.5.1/go.mod h1:Vt9sXTKwMyGcOxSmLDMnGPgqsUg7m8pe215qMLrDXw4= +github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1 h1:DzHpqpoJVaCgOUdVHxE8QB52S6NiVdDQvGlny1qvPqA= +github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= +github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/toml v1.1.0 h1:ksErzDEI1khOiGPgpwuI7x2ebx/uXQNw7xJpn9Eq1+I= github.com/BurntSushi/toml v1.1.0/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= +github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/DATA-DOG/go-sqlmock v1.5.2 h1:OcvFkGmslmlZibjAjaHm3L//6LiuBgolP7OputlJIzU= github.com/DATA-DOG/go-sqlmock v1.5.2/go.mod h1:88MAG/4G7SMwSE3CeA0ZKzrT5CiOU3OJ+JlNzwDqpNU= +github.com/GoogleCloudPlatform/grpc-gcp-go/grpcgcp v1.5.3 h1:2afWGsMzkIcN8Qm4mgPJKZWyroE5QBszMiDMYEBrnfw= +github.com/GoogleCloudPlatform/grpc-gcp-go/grpcgcp v1.5.3/go.mod h1:dppbR7CwXD4pgtV9t3wD1812RaLDcBjtblcDF5f1vI0= +github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.29.0 h1:UQUsRi8WTzhZntp5313l+CHIAT95ojUI2lpP/ExlZa4= +github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.29.0/go.mod h1:Cz6ft6Dkn3Et6l2v2a9/RpN7epQ1GtDlO6lj8bEcOvw= +github.com/JohnCGriffin/overflow v0.0.0-20211019200055-46fa312c352c/go.mod h1:X0CRv0ky0k6m906ixxpzmDRLvX58TFUKS2eePweuyxk= github.com/KyleBanks/depth v1.2.1 h1:5h8fQADFrWtarTdtDudMmGsC7GPbOAu6RVB3ffsVFHc= github.com/KyleBanks/depth v1.2.1/go.mod h1:jzSb9d0L43HxTQfT+oSA1EEp2q+ne2uh6XgeJcm8brE= +github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= github.com/ScaleFT/sshkeys v0.0.0-20200327173127-6142f742bca5 h1:VauE2GcJNZFun2Och6tIT2zJZK1v6jxALQDA9BIji/E= github.com/ScaleFT/sshkeys v0.0.0-20200327173127-6142f742bca5/go.mod h1:gxOHeajFfvGQh/fxlC8oOKBe23xnnJTif00IFFbiT+o= -github.com/agiledragon/gomonkey/v2 v2.3.1 h1:k+UnUY0EMNYUFUAQVETGY9uUTxjMdnUkP0ARyJS1zzs= -github.com/agiledragon/gomonkey/v2 v2.3.1/go.mod h1:ap1AmDzcVOAz1YpeJ3TCzIgstoaWLA6jbbgxfB4w2iY= +github.com/ajstarks/deck v0.0.0-20200831202436-30c9fc6549a9/go.mod h1:JynElWSGnm/4RlzPXRlREEwqTHAN3T56Bv2ITsFT3gY= +github.com/ajstarks/deck/generate v0.0.0-20210309230005-c3f852c02e19/go.mod h1:T13YZdzov6OU0A1+RfKZiZN9ca6VeKdBdyDV+BY97Tk= +github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw= +github.com/ajstarks/svgo v0.0.0-20211024235047-1546f124cd8b/go.mod h1:1KcenG0jGWcpt8ov532z81sp/kMMUG485J2InIOyADM= +github.com/alecthomas/kong v1.9.0 h1:Wgg0ll5Ys7xDnpgYBuBn/wPeLGAuK0NvYmEcisJgrIs= +github.com/alecthomas/kong v1.9.0/go.mod h1:p2vqieVMeTAnaC83txKtXe8FLke2X07aruPWXyMPQrU= github.com/alexedwards/argon2id v1.0.0 h1:wJzDx66hqWX7siL/SRUmgz3F8YMrd/nfX/xHHcQQP0w= github.com/alexedwards/argon2id v1.0.0/go.mod h1:tYKkqIjzXvZdzPvADMWOEZ+l6+BD6CtBXMj5fnJppiw= +github.com/andybalholm/brotli v1.0.4/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig= +github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= +github.com/apache/arrow/go/v10 v10.0.1/go.mod h1:YvhnlEePVnBS4+0z3fhPfUy7W1Ikj0Ih0vcRo/gZ1M0= +github.com/apache/arrow/go/v11 v11.0.0/go.mod h1:Eg5OsL5H+e299f7u5ssuXsuHQVEGC4xei5aX110hRiI= +github.com/apache/thrift v0.16.0/go.mod h1:PHK3hniurgQaNMZYaCLEqXKsYK8upmhPbmdP2FXSqgU= github.com/aws/aws-sdk-go-v2 v1.39.6 h1:2JrPCVgWJm7bm83BDwY5z8ietmeJUbh3O2ACnn+Xsqk= github.com/aws/aws-sdk-go-v2 v1.39.6/go.mod h1:c9pm7VwuW0UPxAEYGyTmyurVcNrbF6Rt/wixFqDhcjE= github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.3 h1:DHctwEM8P8iTXFxC/QK0MRjwEpWQeM9yzidCRjldUz0= github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.3/go.mod h1:xdCzcZEtnSTKVDOmUZs4l/j3pSV6rpo1WXl5ugNsL8Y= github.com/aws/aws-sdk-go-v2/config v1.31.18 h1:RouG3AcF2fLFhw+Z0qbnuIl9HZ0Kh4E/U9sKwTMRpMI= github.com/aws/aws-sdk-go-v2/config v1.31.18/go.mod h1:aXZ13mSQC8S2VEHwGfL1COMuJ1Zty6pX5xU7hyqjvCg= -github.com/aws/aws-sdk-go-v2/config v1.31.19 h1:qdUtOw4JhZr2YcKO3g0ho/IcFXfXrrb8xlX05Y6EvSw= -github.com/aws/aws-sdk-go-v2/config v1.31.19/go.mod h1:tMJ8bur01t8eEm0atLadkIIFA154OJ4JCKZeQ+o+R7k= -github.com/aws/aws-sdk-go-v2/config v1.31.20 h1:/jWF4Wu90EhKCgjTdy1DGxcbcbNrjfBHvksEL79tfQc= -github.com/aws/aws-sdk-go-v2/config v1.31.20/go.mod h1:95Hh1Tc5VYKL9NJ7tAkDcqeKt+MCXQB1hQZaRdJIZE0= github.com/aws/aws-sdk-go-v2/credentials v1.18.22 h1:hyIVGBHhQPaNP9D4BaVRwpjLMCwMMdAkHqB3gGMiykU= github.com/aws/aws-sdk-go-v2/credentials v1.18.22/go.mod h1:B9E2qHs3/YGfeQZ4jrIE/nPvqxtyafZrJ5EQiZBG6pk= -github.com/aws/aws-sdk-go-v2/credentials v1.18.23 h1:IQILcxVgMO2BVLaJ2aAv21dKWvE1MduNrbvuK43XL2Q= -github.com/aws/aws-sdk-go-v2/credentials v1.18.23/go.mod h1:JRodHszhVdh5TPUknxDzJzrMiznG+M+FfR3WSWKgCI8= -github.com/aws/aws-sdk-go-v2/credentials v1.18.24 h1:iJ2FmPT35EaIB0+kMa6TnQ+PwG5A1prEdAw+PsMzfHg= -github.com/aws/aws-sdk-go-v2/credentials v1.18.24/go.mod h1:U91+DrfjAiXPDEGYhh/x29o4p0qHX5HDqG7y5VViv64= github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.13 h1:T1brd5dR3/fzNFAQch/iBKeX07/ffu/cLu+q+RuzEWk= github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.13/go.mod h1:Peg/GBAQ6JDt+RoBf4meB1wylmAipb7Kg2ZFakZTlwk= github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.13 h1:a+8/MLcWlIxo1lF9xaGt3J/u3yOZx+CdSveSNwjhD40= @@ -50,58 +695,104 @@ github.com/aws/aws-sdk-go-v2/service/route53 v1.59.4 h1:KEszjusgJ2dAqE5nSJY+5AHB github.com/aws/aws-sdk-go-v2/service/route53 v1.59.4/go.mod h1:TUbfYOisWZWyT2qjmlMh93ERw1Ry8G4q/yT2Q8TsDag= github.com/aws/aws-sdk-go-v2/service/s3 v1.90.0 h1:ef6gIJR+xv/JQWwpa5FYirzoQctfSJm7tuDe3SZsUf8= github.com/aws/aws-sdk-go-v2/service/s3 v1.90.0/go.mod h1:+wArOOrcHUevqdto9k1tKOF5++YTe9JEcPSc9Tx2ZSw= -github.com/aws/aws-sdk-go-v2/service/s3 v1.90.1 h1:kKJk9r6iLMfCGy8RL9GWg3n9gUE1IpSwqYP3/5bdL1s= -github.com/aws/aws-sdk-go-v2/service/s3 v1.90.1/go.mod h1:+wArOOrcHUevqdto9k1tKOF5++YTe9JEcPSc9Tx2ZSw= -github.com/aws/aws-sdk-go-v2/service/s3 v1.90.2 h1:DhdbtDl4FdNlj31+xiRXANxEE+eC7n8JQz+/ilwQ8Uc= -github.com/aws/aws-sdk-go-v2/service/s3 v1.90.2/go.mod h1:+wArOOrcHUevqdto9k1tKOF5++YTe9JEcPSc9Tx2ZSw= github.com/aws/aws-sdk-go-v2/service/sso v1.30.1 h1:0JPwLz1J+5lEOfy/g0SURC9cxhbQ1lIMHMa+AHZSzz0= github.com/aws/aws-sdk-go-v2/service/sso v1.30.1/go.mod h1:fKvyjJcz63iL/ftA6RaM8sRCtN4r4zl4tjL3qw5ec7k= -github.com/aws/aws-sdk-go-v2/service/sso v1.30.2 h1:/p6MxkbQoCzaGQT3WO0JwG0FlQyG9RD8VmdmoKc5xqU= -github.com/aws/aws-sdk-go-v2/service/sso v1.30.2/go.mod h1:fKvyjJcz63iL/ftA6RaM8sRCtN4r4zl4tjL3qw5ec7k= -github.com/aws/aws-sdk-go-v2/service/sso v1.30.3 h1:NjShtS1t8r5LUfFVtFeI8xLAHQNTa7UI0VawXlrBMFQ= -github.com/aws/aws-sdk-go-v2/service/sso v1.30.3/go.mod h1:fKvyjJcz63iL/ftA6RaM8sRCtN4r4zl4tjL3qw5ec7k= github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.5 h1:OWs0/j2UYR5LOGi88sD5/lhN6TDLG6SfA7CqsQO9zF0= github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.5/go.mod h1:klO+ejMvYsB4QATfEOIXk8WAEwN4N0aBfJpvC+5SZBo= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.6 h1:0dES42T2dhICCbVB3JSTTn7+Bz93wfJEK1b7jksZIyQ= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.6/go.mod h1:klO+ejMvYsB4QATfEOIXk8WAEwN4N0aBfJpvC+5SZBo= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.7 h1:gTsnx0xXNQ6SBbymoDvcoRHL+q4l/dAFsQuKfDWSaGc= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.7/go.mod h1:klO+ejMvYsB4QATfEOIXk8WAEwN4N0aBfJpvC+5SZBo= github.com/aws/aws-sdk-go-v2/service/sts v1.40.0 h1:ZGDJVmlpPFiNFCb/I42nYVKUanJAdFUiSmUo/32AqPQ= github.com/aws/aws-sdk-go-v2/service/sts v1.40.0/go.mod h1:E19xDjpzPZC7LS2knI9E6BaRFDK43Eul7vd6rSq2HWk= -github.com/aws/aws-sdk-go-v2/service/sts v1.40.1 h1:5sbIM57lHLaEaNWdIx23JH30LNBsSDkjN/QXGcRLAFc= -github.com/aws/aws-sdk-go-v2/service/sts v1.40.1/go.mod h1:E19xDjpzPZC7LS2knI9E6BaRFDK43Eul7vd6rSq2HWk= -github.com/aws/aws-sdk-go-v2/service/sts v1.40.2 h1:HK5ON3KmQV2HcAunnx4sKLB9aPf3gKGwVAf7xnx0QT0= -github.com/aws/aws-sdk-go-v2/service/sts v1.40.2/go.mod h1:E19xDjpzPZC7LS2knI9E6BaRFDK43Eul7vd6rSq2HWk= github.com/aws/smithy-go v1.23.2 h1:Crv0eatJUQhaManss33hS5r40CG3ZFH+21XSkqMrIUM= github.com/aws/smithy-go v1.23.2/go.mod h1:LEj2LM3rBRQJxPZTB4KuzZkaZYnZPnvgIhb4pu07mx0= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= +github.com/boombuler/barcode v1.0.0/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= +github.com/boombuler/barcode v1.0.1/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= github.com/bytedance/sonic v1.14.0 h1:/OfKt8HFw0kh2rj8N0F6C/qPGRESq0BbaNZgcNXXzQQ= github.com/bytedance/sonic v1.14.0/go.mod h1:WoEbx8WTcFJfzCe0hbmyTGrfjt8PzNEBdxlNUO24NhA= github.com/bytedance/sonic/loader v0.3.0 h1:dskwH8edlzNMctoruo8FPTJDF3vLtDT0sXZwvZJyqeA= github.com/bytedance/sonic/loader v0.3.0/go.mod h1:N8A3vUdtUebEY2/VQC0MyhYeKUFosQU6FxH2JmUe6VI= -github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= +github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/census-instrumentation/opencensus-proto v0.3.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/census-instrumentation/opencensus-proto v0.4.1/go.mod h1:4T9NM4+4Vw91VeyqjLS6ao50K5bOcLKN6Q42XnYaRYw= +github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= +github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= +github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= +github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= +github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= +github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cloudwego/base64x v0.1.6 h1:t11wG9AECkCDk5fMSoxmufanudBtJ+/HemLstXDLI2M= github.com/cloudwego/base64x v0.1.6/go.mod h1:OFcloc187FXDaYHvrNIjxSe8ncn0OOM8gEHfghB2IPU= +github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= +github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= +github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= +github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= +github.com/cncf/udpa/go v0.0.0-20220112060539-c52dc94e7fbe/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= +github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20220314180256-7f1daf1720fc/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20230105202645-06c439db220b/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20250501225837-2ac532fd4443 h1:aQ3y1lwWyqYPiWZThqv1aFbZMiM9vblcSArJRf2Irls= +github.com/cncf/xds/go v0.0.0-20250501225837-2ac532fd4443/go.mod h1:W+zGtBO5Y1IgJhy4+A9GOqVhqLpfZi+vwmdNXUehLA8= github.com/coreos/go-oidc/v3 v3.16.0 h1:qRQUCFstKpXwmEjDQTIbyY/5jF00+asXzSkmkoa/mow= github.com/coreos/go-oidc/v3 v3.16.0/go.mod h1:wqPbKFrVnE90vty060SB40FCJ8fTHTxSwyXJqZH+sI8= github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a h1:saTgr5tMLFnmy/yg3qDTft4rE5DY2uJ/cCxCe3q0XTU= github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a/go.mod h1:Bw9BbhOJVNR+t0jCqx2GC6zv0TGBsShs56Y3gfSCvl0= +github.com/dnaeon/go-vcr v1.1.0/go.mod h1:M7tiix8f0r6mKKJ3Yq/kqU1OYf3MnfmBWVbPx/yU9ko= +github.com/dnaeon/go-vcr v1.2.0/go.mod h1:R4UdLID7HZT3taECzJs4YgbbH6PIGXB6W/sc5OLb6RQ= +github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= +github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= github.com/dyaksa/archer v1.1.3 h1:jfe51tSNzzscFpu+Vilm4SKb0Lnv6FR1yaGspjab4x4= github.com/dyaksa/archer v1.1.3/go.mod h1:IYSp67u14JHTNuvvy6gG1eaX2TPywXvfk1FiyZwVEK4= +github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= +github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po= +github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= +github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= +github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ= +github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= +github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE= +github.com/envoyproxy/go-control-plane v0.10.3/go.mod h1:fJJn/j26vwOu972OllsvAgJJM//w9BV6Fxbg2LuVd34= +github.com/envoyproxy/go-control-plane v0.11.1-0.20230524094728-9239064ad72f/go.mod h1:sfYdkwUW4BA3PbKjySwjJy+O4Pu0h62rlqCMHNk+K+Q= +github.com/envoyproxy/go-control-plane v0.13.4 h1:zEqyPVyku6IvWCFwux4x9RxkLOMUL+1vC9xUFv5l2/M= +github.com/envoyproxy/go-control-plane v0.13.4/go.mod h1:kDfuBlDVsSj2MjrLEtRWtHlsWIFcGyB2RMO44Dc5GZA= +github.com/envoyproxy/go-control-plane/envoy v1.32.4 h1:jb83lalDRZSpPWW2Z7Mck/8kXZ5CQAFYVjQcdVIr83A= +github.com/envoyproxy/go-control-plane/envoy v1.32.4/go.mod h1:Gzjc5k8JcJswLjAx1Zm+wSYE20UrLtt7JZMWiWQXQEw= +github.com/envoyproxy/go-control-plane/ratelimit v0.1.0 h1:/G9QYbddjL25KvtKTv3an9lx6VBE2cnb8wp1vEGNYGI= +github.com/envoyproxy/go-control-plane/ratelimit v0.1.0/go.mod h1:Wk+tMFAFbCXaJPzVVHnPgRKdUdwW/KdbRt94AzgRee4= +github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= +github.com/envoyproxy/protoc-gen-validate v0.6.7/go.mod h1:dyJXwwfPK2VSqiB9Klm1J6romD608Ba7Hij42vrOBCo= +github.com/envoyproxy/protoc-gen-validate v0.9.1/go.mod h1:OKNgG7TCp5pF4d6XftA0++PMirau2/yoOwVac3AbF2w= +github.com/envoyproxy/protoc-gen-validate v0.10.1/go.mod h1:DRjgyB0I43LtJapqN6NiRwroiAU2PaFuvk/vjgh61ss= +github.com/envoyproxy/protoc-gen-validate v1.2.1 h1:DEo3O99U8j4hBFwbJfrz9VtgcDfUKS7KJ7spH3d86P8= +github.com/envoyproxy/protoc-gen-validate v1.2.1/go.mod h1:d/C80l/jxXLdfEIhX1W2TmLfsJ31lvEjwamM4DxlWXU= +github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= +github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= +github.com/fergusstrange/embedded-postgres v1.33.0 h1:ka8vmRpm4IDsES7NPXQ/NThAp1fc/f+crcXYjCW7wK0= +github.com/fergusstrange/embedded-postgres v1.33.0/go.mod h1:w0YvnCgf19o6tskInrOOACtnqfVlOvluz3hlNLY7tRk= +github.com/fogleman/gg v1.2.1-0.20190220221249-0403632d5b90/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k= +github.com/fogleman/gg v1.3.0/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k= github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8= github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0= github.com/fsnotify/fsnotify v1.9.0 h1:2Ml+OJNzbYCTzsxtv8vKSFD9PbJjmhYF14k/jKC7S9k= github.com/fsnotify/fsnotify v1.9.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0= github.com/gabriel-vasile/mimetype v1.4.10 h1:zyueNbySn/z8mJZHLt6IPw0KoZsiQNszIpU+bX4+ZK0= github.com/gabriel-vasile/mimetype v1.4.10/go.mod h1:d+9Oxyo1wTzWdyVUPMmXFvp4F9tea18J8ufA774AB3s= +github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/gin-contrib/sse v1.1.0 h1:n0w2GMuUpWDVp7qSpvze6fAu9iRxJY4Hmj6AmBOU05w= github.com/gin-contrib/sse v1.1.0/go.mod h1:hxRZ5gVpWMT7Z0B0gSNYqqsSCNIJMjzvm6fqCz9vjwM= github.com/gin-gonic/gin v1.11.0 h1:OW/6PLjyusp2PPXtyxKHU0RbX6I/l28FTdDlae5ueWk= @@ -112,8 +803,23 @@ github.com/go-chi/cors v1.2.2 h1:Jmey33TE+b+rB7fT8MUy1u0I4L+NARQlK6LhzKPSyQE= github.com/go-chi/cors v1.2.2/go.mod h1:sSbTewc+6wYHBBCW7ytsFSn836hqM7JxpglAy2Vzc58= github.com/go-chi/httprate v0.15.0 h1:j54xcWV9KGmPf/X4H32/aTH+wBlrvxL7P+SdnRqxh5g= github.com/go-chi/httprate v0.15.0/go.mod h1:rzGHhVrsBn3IMLYDOZQsSU4fJNWcjui4fWKJcCId1R4= +github.com/go-fonts/dejavu v0.1.0/go.mod h1:4Wt4I4OU2Nq9asgDCteaAaWZOV24E+0/Pwo0gppep4g= +github.com/go-fonts/latin-modern v0.2.0/go.mod h1:rQVLdDMK+mK1xscDwsqM5J8U2jrRa3T0ecnM9pNujks= +github.com/go-fonts/liberation v0.1.1/go.mod h1:K6qoJYypsmfVjWg8KOVDQhLc8UDgIK2HYqyqAO9z7GY= +github.com/go-fonts/liberation v0.2.0/go.mod h1:K6qoJYypsmfVjWg8KOVDQhLc8UDgIK2HYqyqAO9z7GY= +github.com/go-fonts/stix v0.1.0/go.mod h1:w/c1f0ldAUlJmLBvlbkvVXLAD+tAMqobIIQpmnUIzUY= +github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= +github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= +github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-jose/go-jose/v4 v4.1.3 h1:CVLmWDhDVRa6Mi/IgCgaopNosCaHz7zrMeF9MlZRkrs= github.com/go-jose/go-jose/v4 v4.1.3/go.mod h1:x4oUasVrzR7071A4TnHLGSPpNOm2a21K9Kf04k1rs08= +github.com/go-latex/latex v0.0.0-20210118124228-b3d85cf34e07/go.mod h1:CO1AlKB2CSIqUrmQPqA0gdRIlnLEY0gK5JGjh37zN5U= +github.com/go-latex/latex v0.0.0-20210823091927-c0d11ff05a81/go.mod h1:SX0U8uGpxhq9o2S/CELCSUxEWWAuoCUcVCQWv7G2OCk= +github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI= +github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= +github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= @@ -127,6 +833,8 @@ github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh github.com/go-openapi/swag v0.19.15/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/go-pdf/fpdf v0.5.0/go.mod h1:HzcnA+A23uwogo0tp9yU+l3V+KXhiESpt1PMayhOh5M= +github.com/go-pdf/fpdf v0.6.0/go.mod h1:HzcnA+A23uwogo0tp9yU+l3V+KXhiESpt1PMayhOh5M= github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s= github.com/go-playground/assert/v2 v2.2.0/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4= github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA= @@ -141,22 +849,153 @@ github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpv github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg= github.com/go-viper/mapstructure/v2 v2.4.0 h1:EBsztssimR/CONLSZZ04E8qAkxNYq4Qp9LvH92wZUgs= github.com/go-viper/mapstructure/v2 v2.4.0/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM= +github.com/goccy/go-json v0.9.11/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= github.com/goccy/go-json v0.10.5 h1:Fq85nIqj+gXn/S5ahsiTlK3TmC85qgirsdTP/+DeaC4= github.com/goccy/go-json v0.10.5/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M= github.com/goccy/go-yaml v1.18.0 h1:8W7wMFS12Pcas7KU+VVkaiCng+kG8QiFeFwzFb+rwuw= github.com/goccy/go-yaml v1.18.0/go.mod h1:XBurs7gK8ATbW4ZPGKgcbrY1Br56PdM69F7LkFRi1kA= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= +github.com/golang-jwt/jwt v3.2.1+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I= +github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I= +github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= github.com/golang-jwt/jwt/v5 v5.3.0 h1:pv4AsKCKKZuqlgs5sUmn4x8UlGa0kEVt/puTpKx9vvo= github.com/golang-jwt/jwt/v5 v5.3.0/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE= +github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0= github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9 h1:au07oEsX2xN0ktxqI+Sida1w446QrXBRJ0nee3SNZlA= github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0= github.com/golang-sql/sqlexp v0.1.0 h1:ZCD6MBpcuOVfGVqsEmY5/4FtYiKz6tSyUv9LPEDei6A= github.com/golang-sql/sqlexp v0.1.0/go.mod h1:J4ad9Vo8ZCWQ2GMrC4UCQy1JpCbwU9m3EOqtpKwwwHI= +github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/glog v1.0.0/go.mod h1:EWib/APOK0SL3dFbYqvxE3UYd8E6s1ouQ7iEp/0LWV4= +github.com/golang/glog v1.1.0/go.mod h1:pfYeQZ3JWZoXTV5sFc986z3HTpwQs9At6P4ImfuP3NQ= +github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 h1:f+oWsMOmNPc8JmEHVZIycC7hBoQxHH9pNKQORJNozsQ= +github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8/go.mod h1:wcDNUvekVysuuOpQKo3191zZyTpiI6se1N1ULghS0sw= +github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= +github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= +github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= +github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= +github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= +github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8= +github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs= +github.com/golang/mock v1.7.0-rc.1 h1:YojYx61/OLFsiv6Rw1Z96LpldJIy31o+UHmwAUMJ6/U= +github.com/golang/mock v1.7.0-rc.1/go.mod h1:s42URUywIqd+OcERslBJvOjepvNymP31m3q8d/GkuRs= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk= +github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= +github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= +github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= +github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= +github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= +github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= +github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= +github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx4u74HPM= +github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= +github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= +github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= +github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= +github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/flatbuffers v2.0.8+incompatible/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8= +github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE= +github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= +github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= +github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= +github.com/google/martian/v3 v3.2.1/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk= +github.com/google/martian/v3 v3.3.2/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk= +github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= +github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= +github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20201218002935-b9804c9f04c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20210122040257-d980be63207e/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= +github.com/google/s2a-go v0.1.9 h1:LGD7gtMgezd8a/Xak7mEWL0PjoTQFvpRudN895yqKW0= +github.com/google/s2a-go v0.1.9/go.mod h1:YA0Ei2ZQL3acow2O62kdp9UlnvMmU7kA6Eutn0dXayM= +github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/googleapis/enterprise-certificate-proxy v0.0.0-20220520183353-fd19c99a87aa/go.mod h1:17drOmN3MwGY7t0e+Ei9b45FFGA3fBs3x36SsCg1hq8= +github.com/googleapis/enterprise-certificate-proxy v0.1.0/go.mod h1:17drOmN3MwGY7t0e+Ei9b45FFGA3fBs3x36SsCg1hq8= +github.com/googleapis/enterprise-certificate-proxy v0.2.0/go.mod h1:8C0jb7/mgJe/9KK8Lm7X9ctZC2t60YyIpYEI16jx0Qg= +github.com/googleapis/enterprise-certificate-proxy v0.2.1/go.mod h1:AwSRAtLfXpU5Nm3pW+v7rGDHp09LsPtGY9MduiEsR9k= +github.com/googleapis/enterprise-certificate-proxy v0.2.3/go.mod h1:AwSRAtLfXpU5Nm3pW+v7rGDHp09LsPtGY9MduiEsR9k= +github.com/googleapis/enterprise-certificate-proxy v0.3.6 h1:GW/XbdyBFQ8Qe+YAmFU9uHLo7OnF5tL52HFAgMmyrf4= +github.com/googleapis/enterprise-certificate-proxy v0.3.6/go.mod h1:MkHOF77EYAE7qfSuSS9PU6g4Nt4e11cnsDUowfwewLA= +github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= +github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= +github.com/googleapis/gax-go/v2 v2.1.0/go.mod h1:Q3nei7sK6ybPYH7twZdmQpAd1MKb7pfu6SK+H1/DsU0= +github.com/googleapis/gax-go/v2 v2.1.1/go.mod h1:hddJymUZASv3XPyGkUpKj8pPO47Rmb0eJc8R6ouapiM= +github.com/googleapis/gax-go/v2 v2.2.0/go.mod h1:as02EH8zWkzwUoLbBaFeQ+arQaj/OthfcblKl4IGNaM= +github.com/googleapis/gax-go/v2 v2.3.0/go.mod h1:b8LNqSzNabLiUpXKkY7HAR5jr6bIT99EXz9pXxye9YM= +github.com/googleapis/gax-go/v2 v2.4.0/go.mod h1:XOTVJ59hdnfJLIP/dh8n5CGryZR2LxK9wbMD5+iXC6c= +github.com/googleapis/gax-go/v2 v2.5.1/go.mod h1:h6B0KMMFNtI2ddbGJn3T3ZbwkeT6yqEF02fYlzkUCyo= +github.com/googleapis/gax-go/v2 v2.6.0/go.mod h1:1mjbznJAPHFpesgE5ucqfYEscaz5kMdcIDwU/6+DDoY= +github.com/googleapis/gax-go/v2 v2.7.0/go.mod h1:TEop28CZZQ2y+c0VxMUmu1lV+fQx57QpBWsYpwqHJx8= +github.com/googleapis/gax-go/v2 v2.7.1/go.mod h1:4orTrqY6hXxxaUL4LHIPl6lGo8vAE38/qKbhSAKP6QI= +github.com/googleapis/gax-go/v2 v2.15.0 h1:SyjDc1mGgZU5LncH8gimWo9lW1DtIfPibOG81vgd/bo= +github.com/googleapis/gax-go/v2 v2.15.0/go.mod h1:zVVkkxAQHa1RQpg9z2AUCMnKhi0Qld9rcmyfL1OZhoc= +github.com/googleapis/go-gorm-spanner v1.8.6 h1:a7tp91LPLnGkTwe375yhNLwCu1ac6COehZ4RzQo04g8= +github.com/googleapis/go-gorm-spanner v1.8.6/go.mod h1:ZpiB7Qd2sJxuUH6H6tsD71Nj9Q9IaR/6EUuTrxeM4tg= +github.com/googleapis/go-sql-spanner v1.17.0 h1:tYEOVY/uFAdtx5nw8XDdTccTqImPeUM2Ct4sk+Id0EI= +github.com/googleapis/go-sql-spanner v1.17.0/go.mod h1:L7dnHbQARFksUgYhTFM/cbfoIUtNrJ9ENZSoZ5cK58Q= +github.com/googleapis/go-type-adapters v1.0.0/go.mod h1:zHW75FOG2aur7gAO2B+MLby+cLsWGBF62rFAi7WjWO4= +github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g= +github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4= +github.com/gorilla/sessions v1.2.1/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM= +github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.7.0/go.mod h1:hgWBS7lorOAVIJEQMi4ZsPv9hVvWI6+ch50m39Pf2Ks= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.11.3/go.mod h1:o//XUCC/F+yRGJoPO/VU0GSB0f8Nhgmxx0VIRUvaC0w= +github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= +github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs4luLUK2k= +github.com/hashicorp/golang-lru/v2 v2.0.7/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM= +github.com/iancoleman/strcase v0.2.0/go.mod h1:iwCmte+B7n89clKwxIoIXy/HfoL7AsD47ZCWhYzw7ho= +github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= +github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM= @@ -167,6 +1006,12 @@ github.com/jackc/pgx/v5 v5.6.0 h1:SWJzexBzPL5jb0GEsrPMLIsi/3jOo7RHlzTjcAeDrPY= github.com/jackc/pgx/v5 v5.6.0/go.mod h1:DNZ/vlrUnhWCoFGxHAG8U2ljioxukquj7utPDgtQdTw= github.com/jackc/puddle/v2 v2.2.2 h1:PR8nw+E/1w0GLuRFSmiioY6UooMp6KJv0/61nB7icHo= github.com/jackc/puddle/v2 v2.2.2/go.mod h1:vriiEXHvEE654aYKXXjOvZM39qJ0q+azkZFrfEOc3H4= +github.com/jcmturner/aescts/v2 v2.0.0/go.mod h1:AiaICIRyfYg35RUkr8yESTqvSy7csK90qZ5xfvvsoNs= +github.com/jcmturner/dnsutils/v2 v2.0.0/go.mod h1:b0TnjGOvI/n42bZa+hmXL+kFJZsFT7G4t3HTlQ184QM= +github.com/jcmturner/gofork v1.0.0/go.mod h1:MK8+TM0La+2rjBD4jE12Kj1pCCxK7d2LK/UM3ncEo0o= +github.com/jcmturner/goidentity/v6 v6.0.1/go.mod h1:X1YW3bgtvwAXju7V3LCIMpY0Gbxyjn/mY9zx4tFonSg= +github.com/jcmturner/gokrb5/v8 v8.4.2/go.mod h1:sb+Xq/fTY5yktf/VxLsE3wlfPqQjp0aWNYyvBVK62bc= +github.com/jcmturner/rpc/v2 v2.0.3/go.mod h1:VUJYCIDm3PVOEHw8sgt091/20OJjskO/YJki3ELg/Hc= github.com/jessevdk/go-flags v1.5.0 h1:1jKYvbxEjfUl0fmqTCOfonvskHHXMjBySTLW4y9LFvc= github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4= github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E= @@ -181,21 +1026,37 @@ github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8Hm github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= +github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= +github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= +github.com/jung-kurt/gofpdf v1.0.0/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes= +github.com/jung-kurt/gofpdf v1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes= +github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/klauspost/asmfmt v1.3.2/go.mod h1:AG8TuvYojzulgDAMCnYn50l/5QV3Bs/tp6j0HLHbNSE= +github.com/klauspost/compress v1.15.9/go.mod h1:PhcZ0MbTNciWF3rruxRgKxI5NkcHHrHUDtV4Yw2GlzU= +github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= github.com/klauspost/cpuid/v2 v2.3.0 h1:S4CRMLnYUhGeDFDqkGriYKdfoFlDnMtqTiI/sFzhA9Y= github.com/klauspost/cpuid/v2 v2.3.0/go.mod h1:hqwkgyIinND0mEev00jJYCxPNVRVXFQeu1XKlok6oO0= +github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= +github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ= github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI= github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw= github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= +github.com/lyft/protoc-gen-star v0.6.0/go.mod h1:TGAoBVkt8w7MPG72TrKIu85MIdXwDuzJYeZuUPFPNwA= +github.com/lyft/protoc-gen-star v0.6.1/go.mod h1:TGAoBVkt8w7MPG72TrKIu85MIdXwDuzJYeZuUPFPNwA= +github.com/lyft/protoc-gen-star/v2 v2.0.1/go.mod h1:RcCdONR2ScXaYnQC5tUzxzlpA3WVYF7/opLeUgcQs/o= github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= @@ -203,15 +1064,20 @@ github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0 github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= +github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= -github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o4kU= -github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y= +github.com/mattn/go-sqlite3 v1.14.14/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= +github.com/mattn/go-sqlite3 v1.14.28 h1:ThEiQrnbtumT+QMknw63Befp/ce/nUPgBPMlRFEum7A= +github.com/mattn/go-sqlite3 v1.14.28/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y= +github.com/microsoft/go-mssqldb v0.19.0/go.mod h1:ukJCBnnzLzpVF0qYRT+eg1e+eSwjeQ7IvenUv8QPook= github.com/microsoft/go-mssqldb v1.7.2 h1:CHkFJiObW7ItKTJfHo1QX7QBBD1iV+mn1eOyRP3b/PA= github.com/microsoft/go-mssqldb v1.7.2/go.mod h1:kOvZKUdrhhFQmxLZqbwUV0rHkNkZpthMITIb2Ko1IoA= +github.com/minio/asm2plan9s v0.0.0-20200509001527-cdd76441f9d8/go.mod h1:mC1jAcsrzbxHt8iiaC+zU4b1ylILSosueou12R++wfY= +github.com/minio/c2goasm v0.0.0-20190812172519-36a3d3bbc4f3/go.mod h1:RagcQ7I8IeTMnF8JTXieKnO4Z6JCsikNEzj0DwauVzE= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -219,21 +1085,39 @@ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/modocache/gover v0.0.0-20171022184752-b58185e213c5/go.mod h1:caMODM3PzxT8aQXRPkAt8xlV/e7d7w8GM5g0fa5F0D8= +github.com/montanaflynn/stats v0.6.6/go.mod h1:etXPPgVO6n31NxCd9KQUMvCM+ve0ruNzt6R8Bnaayow= github.com/mr-tron/base58 v1.2.0 h1:T/HDJBh4ZCPbU39/+c3rRvE0uKBQlU27+QI8LJ4t64o= github.com/mr-tron/base58 v1.2.0/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= -github.com/otiai10/copy v1.7.0 h1:hVoPiN+t+7d2nzzwMiDHPSOogsWAStewq3TwU05+clE= -github.com/otiai10/copy v1.7.0/go.mod h1:rmRl6QPdJj6EiUqXQ/4Nn2lLXoNQjFCQbbNrxgc/t3U= github.com/pelletier/go-toml/v2 v2.2.4 h1:mye9XuhQ6gvn5h28+VilKrrPoQVanw5PMw/TB0t5Ec4= github.com/pelletier/go-toml/v2 v2.2.4/go.mod h1:2gIqNv+qfxSVS7cM2xJQKtLSTLUE9V8t9Stt+h56mCY= +github.com/phpdave11/gofpdf v1.4.2/go.mod h1:zpO6xFn9yxo3YLyMvW8HcKWVdbNqgIfOOp2dXMnm1mY= +github.com/phpdave11/gofpdi v1.0.12/go.mod h1:vBmVV0Do6hSBHC8uKUQ71JGW+ZGQq74llk/7bXwjDoI= +github.com/phpdave11/gofpdi v1.0.13/go.mod h1:vBmVV0Do6hSBHC8uKUQ71JGW+ZGQq74llk/7bXwjDoI= +github.com/pierrec/lz4/v4 v4.1.15/go.mod h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4= +github.com/pkg/browser v0.0.0-20210115035449-ce105d075bb4/go.mod h1:N6UoU20jOqggOuDwUaBQpluzLNDqif3kq9z2wpdYEfQ= +github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8/go.mod h1:HKlIX3XHQyzLZPlr7++PzdhaXEj94dEiJgZDTsxEqUI= +github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c h1:+mdjkGKdHQG3305AYmdv1U2eRNDiU2ErMBj1gwrq8eQ= +github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c/go.mod h1:7rwL4CYBLnjLxUqIJNnCWiEdr3bn6IUYi15bNlnbCCU= +github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= +github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI= +github.com/pkg/sftp v1.13.1/go.mod h1:3HaPG6Dq1ILlpPZRO0HVMrsydcdLt6HRDccSgb87qRg= +github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 h1:GFCKgmp0tecUJ0sJuv4pzYCqS9+RGSn52M3FUwPs+uo= +github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10/go.mod h1:t/avpk3KcrXxUnYOhZhMXJlSEyie6gQbtLq5NM3loB8= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/prometheus/client_golang v1.19.1 h1:wZWJDwK+NameRJuPGDhlnFgx8e8HN3XHQeLaYJFJBOE= github.com/prometheus/client_golang v1.19.1/go.mod h1:mP78NwGzrVks5S2H6ab8+ZZGJLZUq1hoULYBAYBw1Ho= -github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw= -github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI= +github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/prometheus/client_model v0.3.0/go.mod h1:LDGWKZIo7rky3hgvBe+caln+Dr3dPggB5dvjtD7w9+w= +github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= +github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= github.com/prometheus/common v0.48.0 h1:QO8U2CdOzSn1BBsmXJXduaaW+dY/5QLjfB8svtSzKKE= github.com/prometheus/common v0.48.0/go.mod h1:0/KsvlIEfPQCQ5I2iNSAWKPZziNCvRs5EC6ILDTlAPc= github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= @@ -242,20 +1126,33 @@ github.com/quic-go/qpack v0.5.1 h1:giqksBPnT/HDtZ6VhtFKgoLOWmlyo9Ei6u9PqzIMbhI= github.com/quic-go/qpack v0.5.1/go.mod h1:+PC4XFrEskIVkcLzpEkbLqq1uCoxPhQuvK5rH1ZgaEg= github.com/quic-go/quic-go v0.54.0 h1:6s1YB9QotYI6Ospeiguknbp2Znb/jZYjZLRXn9kMQBg= github.com/quic-go/quic-go v0.54.0/go.mod h1:e68ZEaCdyviluZmy44P6Iey98v/Wfz6HCjQEm+l8zTY= -github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= -github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= +github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo= +github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= +github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= +github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= +github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= +github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII= +github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o= github.com/rs/xid v1.6.0/go.mod h1:7XoLgs4eV+QndskICGsho+ADou8ySMSjJKDIan90Nz0= github.com/rs/zerolog v1.34.0 h1:k43nTLIwcTVQAncfCw4KZ2VY6ukYoZaBPNOE8txlOeY= github.com/rs/zerolog v1.34.0/go.mod h1:bJsvje4Z08ROH4Nhs5iH600c3IkWhwp44iRc54W6wYQ= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= +github.com/ruudk/golang-pdf417 v0.0.0-20181029194003-1af4ab5afa58/go.mod h1:6lfFZQK844Gfx8o5WFuvpxWRwnSoipWe/p622j1v06w= +github.com/ruudk/golang-pdf417 v0.0.0-20201230142125-a7e3863a1245/go.mod h1:pQAZKsJ8yyVxGRWYNEm9oFB8ieLgKFnamEyDmSA0BRk= github.com/sagikazarmark/locafero v0.11.0 h1:1iurJgmM9G3PA/I+wWYIOw/5SyBtxapeHDcg+AAIFXc= github.com/sagikazarmark/locafero v0.11.0/go.mod h1:nVIGvgyzw595SUSUE6tvCp3YYTeHs15MvlmU87WwIik= +github.com/shopspring/decimal v1.4.0 h1:bxl37RwXBklmTi0C79JfXCEBD1cqqHt0bbgBAGFp81k= +github.com/shopspring/decimal v1.4.0/go.mod h1:gawqmDU56v4yIKSwfBSFip1HdCCXN8/+DMd9qYNcwME= github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0= github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/sosedoff/pgweb v0.16.2 h1:1F1CWlCLSEgSctMva+nYuUibdhyiCUzlXyU5MQUJbFM= github.com/sosedoff/pgweb v0.16.2/go.mod h1:ER7fsBddI3h7MQKO5RsUPi7Q/PWZYSKcI61kTp369Rw= github.com/sourcegraph/conc v0.3.1-0.20240121214520-5f936abd7ae8 h1:+jumHNA0Wrelhe64i8F6HNlS8pkoyMv5sreGx2Ry5Rw= github.com/sourcegraph/conc v0.3.1-0.20240121214520-5f936abd7ae8/go.mod h1:3n1Cwaq1E1/1lhQhtRK2ts/ZwZEhjcQeJQ1RuC6Q/8U= +github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= +github.com/spf13/afero v1.3.3/go.mod h1:5KUK8ByomD5Ti5Artl0RtHeI5pTF7MIDuXL3yY520V4= +github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I= +github.com/spf13/afero v1.9.2/go.mod h1:iUV7ddyEEZPO5gA3zD4fJt6iStLlL+Lg4m2cihcDf8Y= github.com/spf13/afero v1.15.0 h1:b/YBCLWAJdFWJTN9cLhiXXcD7mzKn9Dm86dNnfyQw1I= github.com/spf13/afero v1.15.0/go.mod h1:NC2ByUVxtQs4b3sIUphxK0NioZnmxgyCrfzeuq8lxMg= github.com/spf13/cast v1.10.0 h1:h2x0u2shc1QuLHfxi+cTJvs30+ZAHOGRic8uyGTDWxY= @@ -267,30 +1164,29 @@ github.com/spf13/pflag v1.0.10 h1:4EBh2KAYBwaONj6b2Ye1GiHfwjqyROoF4RwYO+vPwFk= github.com/spf13/pflag v1.0.10/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/viper v1.21.0 h1:x5S+0EU27Lbphp4UKm1C+1oQO+rKx36vfCoaVebLFSU= github.com/spf13/viper v1.21.0/go.mod h1:P0lhsswPGWD/1lZJ9ny3fYnVqxiegrlNrEmgLjbTCAY= +github.com/spiffe/go-spiffe/v2 v2.5.0 h1:N2I01KCUkv1FAjZXJMwh95KK1ZIQLYbPfhaxw8WS0hE= +github.com/spiffe/go-spiffe/v2 v2.5.0/go.mod h1:P+NxobPc6wXhVtINNtFjNWGBTreew1GBUCwT2wPmb7g= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= +github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8= github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU= github.com/sv-tools/openapi v0.2.1 h1:ES1tMQMJFGibWndMagvdoo34T1Vllxr1Nlm5wz6b1aA= github.com/sv-tools/openapi v0.2.1/go.mod h1:k5VuZamTw1HuiS9p2Wl5YIDWzYnHG6/FgPOSFXLAhGg= -github.com/swaggo/files/v2 v2.0.0 h1:hmAt8Dkynw7Ssz46F6pn8ok6YmGZqHSVLZ+HQM7i0kw= -github.com/swaggo/files/v2 v2.0.0/go.mod h1:24kk2Y9NYEJ5lHuCra6iVwkMjIekMCaFq/0JQj66kyM= -github.com/swaggo/http-swagger/v2 v2.0.2 h1:FKCdLsl+sFCx60KFsyM0rDarwiUSZ8DqbfSyIKC9OBg= -github.com/swaggo/http-swagger/v2 v2.0.2/go.mod h1:r7/GBkAWIfK6E/OLnE8fXnviHiDeAHmgIyooa4xm3AQ= -github.com/swaggo/swag v1.8.1 h1:JuARzFX1Z1njbCGz+ZytBR15TFJwF2Q7fu8puJHhQYI= -github.com/swaggo/swag v1.8.1/go.mod h1:ugemnJsPZm/kRwFUnzBlbHRd0JY9zE1M4F+uy2pAaPQ= github.com/swaggo/swag/v2 v2.0.0-rc4 h1:SZ8cK68gcV6cslwrJMIOqPkJELRwq4gmjvk77MrvHvY= github.com/swaggo/swag/v2 v2.0.0-rc4/go.mod h1:Ow7Y8gF16BTCDn8YxZbyKn8FkMLRUHekv1kROJZpbvE= github.com/tuvistavie/securerandom v0.0.0-20140719024926-15512123a948 h1:yL0l/u242MzDP6D0B5vGC+wxm5WRY+alQZy+dJk3bFI= @@ -299,11 +1195,53 @@ github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08= github.com/ugorji/go/codec v1.3.0 h1:Qd2W2sQawAfG8XSvzwhBeoGq71zXOC/Q1E9y/wUcsUA= github.com/ugorji/go/codec v1.3.0/go.mod h1:pRBVtBSKl77K30Bv8R2P+cLSGaTtex6fsA2Wjqmfxj4= +github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 h1:nIPpBwaJSVYIxUFsDv3M8ofmx9yWTog9BfvIu0q41lo= +github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8/go.mod h1:HUYIGzjTL3rfEspMxjDjgmT5uz5wzYJKVo23qUhYTos= +github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= +github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= github.com/zeebo/assert v1.3.0 h1:g7C04CbJuIDKNPFHmsk4hwZDO5O+kntRxzaUoNXj+IQ= github.com/zeebo/assert v1.3.0/go.mod h1:Pq9JiuJQpG8JLJdtkwrJESF0Foym2/D9XMU5ciN/wJ0= +github.com/zeebo/errs v1.4.0 h1:XNdoD/RRMKP7HD0UhJnIzUy74ISdGGxURlYG8HSWSfM= +github.com/zeebo/errs v1.4.0/go.mod h1:sgbWHsvVuTPHcqJJGQ1WhI5KbWlHYz+2+2C/LSEtCw4= github.com/zeebo/xxh3 v1.0.2 h1:xZmwmqxHZA8AI603jOQ0tMqmBr9lPeFwGg6d+xy9DC0= github.com/zeebo/xxh3 v1.0.2/go.mod h1:5NWz9Sef7zIDm2JHfFlcQvNekmcEl9ekUZQQKCYaDcA= +go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= +go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= +go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= +go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= +go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= +go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= +go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA= +go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A= +go.opentelemetry.io/contrib/detectors/gcp v1.37.0 h1:B+WbN9RPsvobe6q4vP6KgM8/9plR/HNjgGBrfcOlweA= +go.opentelemetry.io/contrib/detectors/gcp v1.37.0/go.mod h1:K5zQ3TT7p2ru9Qkzk0bKtCql0RGkPj9pRjpXgZJZ+rU= +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.62.0 h1:rbRJ8BBoVMsQShESYZ0FkvcITu8X8QNwJogcLUmDNNw= +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.62.0/go.mod h1:ru6KHrNtNHxM4nD/vd6QrLVWgKhxPYgblq4VAtNawTQ= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.62.0 h1:Hf9xI/XLML9ElpiHVDNwvqI0hIFlzV8dgIr35kV1kRU= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.62.0/go.mod h1:NfchwuyNoMcZ5MLHwPrODwUF1HWCXWrL31s8gSAdIKY= +go.opentelemetry.io/otel v1.37.0 h1:9zhNfelUvx0KBfu/gb+ZgeAfAgtWrfHJZcAqFC228wQ= +go.opentelemetry.io/otel v1.37.0/go.mod h1:ehE/umFRLnuLa/vSccNq9oS1ErUlkkK71gMcN34UG8I= +go.opentelemetry.io/otel/metric v1.37.0 h1:mvwbQS5m0tbmqML4NqK+e3aDiO02vsf/WgbsdpcPoZE= +go.opentelemetry.io/otel/metric v1.37.0/go.mod h1:04wGrZurHYKOc+RKeye86GwKiTb9FKm1WHtO+4EVr2E= +go.opentelemetry.io/otel/sdk v1.37.0 h1:ItB0QUqnjesGRvNcmAcU0LyvkVyGJ2xftD29bWdDvKI= +go.opentelemetry.io/otel/sdk v1.37.0/go.mod h1:VredYzxUvuo2q3WRcDnKDjbdvmO0sCzOvVAiY+yUkAg= +go.opentelemetry.io/otel/sdk/metric v1.37.0 h1:90lI228XrB9jCMuSdA0673aubgRobVZFhbjxHHspCPc= +go.opentelemetry.io/otel/sdk/metric v1.37.0/go.mod h1:cNen4ZWfiD37l5NhS+Keb5RXVWZWpRE+9WyVCpbo5ps= +go.opentelemetry.io/otel/trace v1.37.0 h1:HLdcFNbRQBE2imdSEgm/kwqmQj1Or1l/7bW6mxVK7z4= +go.opentelemetry.io/otel/trace v1.37.0/go.mod h1:TlgrlQ+PtQO5XFerSPUYG0JSgGyryXewPGyayAWSBS0= +go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= +go.opentelemetry.io/proto/otlp v0.15.0/go.mod h1:H7XAot3MsfNsj7EXtrA2q5xSNQ10UqI405h3+duxN4U= +go.opentelemetry.io/proto/otlp v0.19.0/go.mod h1:H7XAot3MsfNsj7EXtrA2q5xSNQ10UqI405h3+duxN4U= +go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/mock v0.5.0 h1:KAMbZvZPyBPWgD14IrIQ38QCyjwpvVVV6K/bHl1IwQU= go.uber.org/mock v0.5.0/go.mod h1:ge71pBPLYDk7QIi1LupWxdAykm7KIEFchiOqd6z7qMM= go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc= @@ -311,69 +1249,685 @@ go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= golang.org/x/arch v0.20.0 h1:dx1zTU0MAE98U+TQ8BLl7XsJbgze2WnNKF/8tGp/Q6c= golang.org/x/arch v0.20.0/go.mod h1:bdwinDaKcfZUGpH09BB7ZmOfhalA8lQdzl62l8gGWsk= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200323165209-0ec3e9974c59/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20201112155050-0c6587e931a9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.0.0-20220511200225-c6db032c6c88/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= +golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= +golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8= golang.org/x/crypto v0.44.0 h1:A97SsFvM3AIwEEmTBiaxPPTYpDC47w720rdiiUvgoAU= golang.org/x/crypto v0.44.0/go.mod h1:013i+Nw79BMiQiMsOPcVCB5ZIJbYkerPrGnOa00tvmc= +golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= +golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= +golang.org/x/exp v0.0.0-20191002040644-a1355ae1e2c3/go.mod h1:NOZ3BPKG0ec/BKJQgnvsSFpcKLM5xXVWnvZS97DWHgE= +golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= +golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= +golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= +golang.org/x/exp v0.0.0-20220827204233-334a2380cb91/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE= +golang.org/x/image v0.0.0-20180708004352-c73c2afc3b81/go.mod h1:ux5Hcp/YLpHSI86hEcLt0YII63i6oz57MZXIpbrjZUs= +golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= +golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20190910094157-69e4b8554b2a/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20200119044424-58c23975cae1/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20200430140353-33d19683fad8/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20200618115811-c13761719519/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20201208152932-35266b937fa6/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20210216034530-4410531fe030/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20210607152325-775e3b0c77b9/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM= +golang.org/x/image v0.0.0-20210628002857-a66eb6448b8d/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM= +golang.org/x/image v0.0.0-20211028202545-6944b10bf410/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM= +golang.org/x/image v0.0.0-20220302094943-723b81ca9867/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM= +golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= +golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= +golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= +golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= +golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= +golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= +golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= +golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= +golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.5.0/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro= +golang.org/x/mod v0.5.1/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= +golang.org/x/mod v0.7.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/mod v0.9.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA= golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w= +golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20201010224723-4f7140c49acb/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc= +golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= +golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= +golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= +golang.org/x/net v0.0.0-20220325170049-de3da57026de/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= +golang.org/x/net v0.0.0-20220412020605-290c469a71a5/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= +golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= +golang.org/x/net v0.0.0-20220607020251-c690dde0001d/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.0.0-20220617184016-355a448f1bc9/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.0.0-20220909164309-bea034e7d591/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= +golang.org/x/net v0.0.0-20221012135044-0b7e1fb9d458/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= +golang.org/x/net v0.0.0-20221014081412-f15817d10f9b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= +golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= +golang.org/x/net v0.4.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE= +golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= +golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= +golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= +golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= +golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= +golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= +golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= golang.org/x/net v0.46.0 h1:giFlY12I07fugqwPuWJi68oOnpfqFnJIJzaIIm2JVV4= golang.org/x/net v0.46.0/go.mod h1:Q9BGdFy1y4nkUwiLvT5qtyhAnEHgnQ/zd8PfU6nc210= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= +golang.org/x/oauth2 v0.0.0-20220309155454-6242fa91716a/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= +golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= +golang.org/x/oauth2 v0.0.0-20220608161450-d0670ef3b1eb/go.mod h1:jaDAt6Dkxork7LmZnYtzbRWj0W47D86a3TGe0YHBvmE= +golang.org/x/oauth2 v0.0.0-20220622183110-fd043fe589d2/go.mod h1:jaDAt6Dkxork7LmZnYtzbRWj0W47D86a3TGe0YHBvmE= +golang.org/x/oauth2 v0.0.0-20220822191816-0ebed06d0094/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= +golang.org/x/oauth2 v0.0.0-20220909003341-f21342109be1/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= +golang.org/x/oauth2 v0.0.0-20221006150949-b44042a4b9c1/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= +golang.org/x/oauth2 v0.0.0-20221014153046-6fdb5e3db783/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= +golang.org/x/oauth2 v0.4.0/go.mod h1:RznEsdpjGAINPTOF0UH/t+xJ75L18YO3Ho6Pyn+uRec= +golang.org/x/oauth2 v0.5.0/go.mod h1:9/XBHVqLaWO3/BRHs5jbpYCnOZVjj5V0ndyaAM7KB4I= +golang.org/x/oauth2 v0.6.0/go.mod h1:ycmewcwgD4Rpr3eZJLSB4Kyyljb3qDh40vJ8STE5HKw= +golang.org/x/oauth2 v0.7.0/go.mod h1:hPLQkd9LyjfXTiRohC/41GhcFqxisoUQ99sCUOHO9x4= golang.org/x/oauth2 v0.33.0 h1:4Q+qn+E5z8gPRJfmRy7C2gGG3T4jIprK6aSYgTXGRpo= golang.org/x/oauth2 v0.33.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220601150217-0de741cfad7f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220819030929-7fc1605a5dde/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220929204114-8fcdb60fdcc0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= +golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.9.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I= golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= +golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200219091948-cb0a6d8edb6c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210104204734-6f8348627aad/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210225134936-a50acf3fe073/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210304124612-50617c2ba197/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210603125802-9665404d3644/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210616045830-e2b7044e8c71/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210816183151-1e6c022a8912/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211124211545-fe61309f8881/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211210111614-af8b64212486/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220128215802-99c3d69c2c27/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220209214540-3681064d5158/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220224120231-95c6836cb0e7/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220328115105-d36c6a25d886/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220502124256-b6088ccd6cba/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220610221304-9f5ed59c137d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220615213510-4f61da869c0c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220624220833-87e55d714810/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220829200755-d48e67d00261/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc= golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= +golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= +golang.org/x/term v0.3.0/go.mod h1:q750SLmJuPmVoN1blW3UFBPREJfb1KmY3vwxfr+nFDA= +golang.org/x/term v0.4.0/go.mod h1:9P2UbLfCdcvo3p/nzKvsmas4TnlujnuoV9hGgYzW1lQ= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= +golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= +golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= +golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= +golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= +golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY= golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU= golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254= +golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= +golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.6.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4= golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM= golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM= +golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20220922220347-f3bd1da661af/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.1.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.12.0 h1:ScB/8o8olJvc+CQPWrK3fPZNfh7qgwCrY0zJmoEQLSE= +golang.org/x/time v0.12.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg= +golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190206041539-40960b6deb8e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= +golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20190927191325-030b2cf1153e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200227222343-706bc42d1f0d/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= +golang.org/x/tools v0.0.0-20200312045724-11d5b4c81c7d/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= +golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8= +golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE= +golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20201124115921-2c860bdd6e78/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= +golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.9/go.mod h1:nABZi5QlRsZVlzPpHl034qft6wpY4eDcsTt5AaioBiU= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= +golang.org/x/tools v0.3.0/go.mod h1:/rWhSS2+zyEVwoJf8YAX6L2f0ntZ7Kn/mGgAWcipA5k= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= +golang.org/x/tools v0.7.0/go.mod h1:4pg6aUX35JBAogB10C9AtvVL+qowtN4pT3CGSQex14s= +golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= +golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ= golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20220411194840-2f41105eb62f/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20220517211312-f3a8303e98df/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8= +golang.org/x/xerrors v0.0.0-20220609144429-65e65417b02f/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8= +golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8= +gonum.org/v1/gonum v0.0.0-20180816165407-929014505bf4/go.mod h1:Y+Yx5eoAFn32cQvJDxZx5Dpnq+c3wtXuadVZAcxbbBo= +gonum.org/v1/gonum v0.8.2/go.mod h1:oe/vMfY3deqTw+1EZJhuvEW2iwGF1bW9wwu7XCu0+v0= +gonum.org/v1/gonum v0.9.3/go.mod h1:TZumC3NeyVQskjXqmyWt4S3bINhy7B4eYwW69EbyX+0= +gonum.org/v1/gonum v0.11.0/go.mod h1:fSG4YDCxxUZQJ7rKsQrj0gMOg00Il0Z96/qMA4bVQhA= +gonum.org/v1/netlib v0.0.0-20190313105609-8cb42192e0e0/go.mod h1:wa6Ws7BG/ESfp6dHfk7C6KdzKA7wR7u/rKwOGE66zvw= +gonum.org/v1/plot v0.0.0-20190515093506-e2840ee46a6b/go.mod h1:Wt8AAjI+ypCyYX3nZBvf6cAIx93T+c/OS2HFAYskSZc= +gonum.org/v1/plot v0.9.0/go.mod h1:3Pcqqmp6RHvJI72kgb8fThyUnav364FOsdDo2aGW5lY= +gonum.org/v1/plot v0.10.1/go.mod h1:VZW5OlhkL1mysU9vaqNHnsy86inf6Ot+jB3r+BczCEo= +google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= +google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= +google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= +google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= +google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.19.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= +google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= +google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM= +google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc= +google.golang.org/api v0.35.0/go.mod h1:/XrVsuzM0rZmrsbjJutiuftIzeuTQcEeaYcSk/mQ1dg= +google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34qYtE= +google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8= +google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU= +google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94= +google.golang.org/api v0.47.0/go.mod h1:Wbvgpq1HddcWVtzsVLyfLp8lDg6AA241LmgIL59tHXo= +google.golang.org/api v0.48.0/go.mod h1:71Pr1vy+TAZRPkPs/xlCf5SsU8WjuAWv1Pfjbtukyy4= +google.golang.org/api v0.50.0/go.mod h1:4bNT5pAuq5ji4SRZm+5QIkjny9JAyVD/3gaSihNefaw= +google.golang.org/api v0.51.0/go.mod h1:t4HdrdoNgyN5cbEfm7Lum0lcLDLiise1F8qDKX00sOU= +google.golang.org/api v0.54.0/go.mod h1:7C4bFFOvVDGXjfDTAsgGwDgAxRDeQ4X8NvUedIt6z3k= +google.golang.org/api v0.55.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE= +google.golang.org/api v0.56.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE= +google.golang.org/api v0.57.0/go.mod h1:dVPlbZyBo2/OjBpmvNdpn2GRm6rPy75jyU7bmhdrMgI= +google.golang.org/api v0.61.0/go.mod h1:xQRti5UdCmoCEqFxcz93fTl338AVqDgyaDRuOZ3hg9I= +google.golang.org/api v0.63.0/go.mod h1:gs4ij2ffTRXwuzzgJl/56BdwJaA194ijkfn++9tDuPo= +google.golang.org/api v0.67.0/go.mod h1:ShHKP8E60yPsKNw/w8w+VYaj9H6buA5UqDp8dhbQZ6g= +google.golang.org/api v0.70.0/go.mod h1:Bs4ZM2HGifEvXwd50TtW70ovgJffJYw2oRCOFU/SkfA= +google.golang.org/api v0.71.0/go.mod h1:4PyU6e6JogV1f9eA4voyrTY2batOLdgZ5qZ5HOCc4j8= +google.golang.org/api v0.74.0/go.mod h1:ZpfMZOVRMywNyvJFeqL9HRWBgAuRfSjJFpe9QtRRyDs= +google.golang.org/api v0.75.0/go.mod h1:pU9QmyHLnzlpar1Mjt4IbapUCy8J+6HD6GeELN69ljA= +google.golang.org/api v0.77.0/go.mod h1:pU9QmyHLnzlpar1Mjt4IbapUCy8J+6HD6GeELN69ljA= +google.golang.org/api v0.78.0/go.mod h1:1Sg78yoMLOhlQTeF+ARBoytAcH1NNyyl390YMy6rKmw= +google.golang.org/api v0.80.0/go.mod h1:xY3nI94gbvBrE0J6NHXhxOmW97HG7Khjkku6AFB3Hyg= +google.golang.org/api v0.84.0/go.mod h1:NTsGnUFJMYROtiquksZHBWtHfeMC7iYthki7Eq3pa8o= +google.golang.org/api v0.85.0/go.mod h1:AqZf8Ep9uZ2pyTvgL+x0D3Zt0eoT9b5E8fmzfu6FO2g= +google.golang.org/api v0.90.0/go.mod h1:+Sem1dnrKlrXMR/X0bPnMWyluQe4RsNoYfmNLhOIkzw= +google.golang.org/api v0.93.0/go.mod h1:+Sem1dnrKlrXMR/X0bPnMWyluQe4RsNoYfmNLhOIkzw= +google.golang.org/api v0.95.0/go.mod h1:eADj+UBuxkh5zlrSntJghuNeg8HwQ1w5lTKkuqaETEI= +google.golang.org/api v0.96.0/go.mod h1:w7wJQLTM+wvQpNf5JyEcBoxK0RH7EDrh/L4qfsuJ13s= +google.golang.org/api v0.97.0/go.mod h1:w7wJQLTM+wvQpNf5JyEcBoxK0RH7EDrh/L4qfsuJ13s= +google.golang.org/api v0.98.0/go.mod h1:w7wJQLTM+wvQpNf5JyEcBoxK0RH7EDrh/L4qfsuJ13s= +google.golang.org/api v0.99.0/go.mod h1:1YOf74vkVndF7pG6hIHuINsM7eWwpVTAfNMNiL91A08= +google.golang.org/api v0.100.0/go.mod h1:ZE3Z2+ZOr87Rx7dqFsdRQkRBk36kDtp/h+QpHbB7a70= +google.golang.org/api v0.102.0/go.mod h1:3VFl6/fzoA+qNuS1N1/VfXY4LjoXN/wzeIp7TweWwGo= +google.golang.org/api v0.103.0/go.mod h1:hGtW6nK1AC+d9si/UBhw8Xli+QMOf6xyNAyJw4qU9w0= +google.golang.org/api v0.106.0/go.mod h1:2Ts0XTHNVWxypznxWOYUeI4g3WdP9Pk2Qk58+a/O9MY= +google.golang.org/api v0.107.0/go.mod h1:2Ts0XTHNVWxypznxWOYUeI4g3WdP9Pk2Qk58+a/O9MY= +google.golang.org/api v0.108.0/go.mod h1:2Ts0XTHNVWxypznxWOYUeI4g3WdP9Pk2Qk58+a/O9MY= +google.golang.org/api v0.110.0/go.mod h1:7FC4Vvx1Mooxh8C5HWjzZHcavuS2f6pmJpZx60ca7iI= +google.golang.org/api v0.111.0/go.mod h1:qtFHvU9mhgTJegR31csQ+rwxyUTHOKFqCKWp1J0fdw0= +google.golang.org/api v0.114.0/go.mod h1:ifYI2ZsFK6/uGddGfAD5BMxlnkBqCmqHSDUVi45N5Yg= +google.golang.org/api v0.247.0 h1:tSd/e0QrUlLsrwMKmkbQhYVa109qIintOls2Wh6bngc= +google.golang.org/api v0.247.0/go.mod h1:r1qZOPmxXffXg6xS5uhx16Fa/UFY8QU/K4bfKrnvovM= +google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= +google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= +google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA= +google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200228133532-8c2c7df3a383/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U= +google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= +google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= +google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210108203827-ffc7fda8c3d7/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210222152913-aa3ee6e6a81c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210226172003-ab064af71705/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210303154014-9728d6b83eeb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210329143202-679c6ae281ee/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A= +google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A= +google.golang.org/genproto v0.0.0-20210513213006-bf773b8c8384/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A= +google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= +google.golang.org/genproto v0.0.0-20210604141403-392c879c8b08/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= +google.golang.org/genproto v0.0.0-20210608205507-b6d2f5bf0d7d/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= +google.golang.org/genproto v0.0.0-20210624195500-8bfb893ecb84/go.mod h1:SzzZ/N+nwJDaO1kznhnlzqS8ocJICar6hYhVyhi++24= +google.golang.org/genproto v0.0.0-20210713002101-d411969a0d9a/go.mod h1:AxrInvYm1dci+enl5hChSFPOmmUF1+uAa/UsgNRWd7k= +google.golang.org/genproto v0.0.0-20210716133855-ce7ef5c701ea/go.mod h1:AxrInvYm1dci+enl5hChSFPOmmUF1+uAa/UsgNRWd7k= +google.golang.org/genproto v0.0.0-20210728212813-7823e685a01f/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48= +google.golang.org/genproto v0.0.0-20210805201207-89edb61ffb67/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48= +google.golang.org/genproto v0.0.0-20210813162853-db860fec028c/go.mod h1:cFeNkxwySK631ADgubI+/XFU/xp8FD5KIVV4rj8UC5w= +google.golang.org/genproto v0.0.0-20210821163610-241b8fcbd6c8/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= +google.golang.org/genproto v0.0.0-20210828152312-66f60bf46e71/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= +google.golang.org/genproto v0.0.0-20210831024726-fe130286e0e2/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= +google.golang.org/genproto v0.0.0-20210903162649-d08c68adba83/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= +google.golang.org/genproto v0.0.0-20210909211513-a8c4777a87af/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= +google.golang.org/genproto v0.0.0-20210924002016-3dee208752a0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20211118181313-81c1377c94b1/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20211206160659-862468c7d6e0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20211221195035-429b39de9b1c/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20220126215142-9970aeb2e350/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20220207164111-0872dc986b00/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20220218161850-94dd64e39d7c/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= +google.golang.org/genproto v0.0.0-20220222213610-43724f9ea8cf/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= +google.golang.org/genproto v0.0.0-20220304144024-325a89244dc8/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= +google.golang.org/genproto v0.0.0-20220310185008-1973136f34c6/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= +google.golang.org/genproto v0.0.0-20220324131243-acbaeb5b85eb/go.mod h1:hAL49I2IFola2sVEjAn7MEwsja0xp51I0tlGAf9hz4E= +google.golang.org/genproto v0.0.0-20220329172620-7be39ac1afc7/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= +google.golang.org/genproto v0.0.0-20220407144326-9054f6ed7bac/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= +google.golang.org/genproto v0.0.0-20220413183235-5e96e2839df9/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= +google.golang.org/genproto v0.0.0-20220414192740-2d67ff6cf2b4/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= +google.golang.org/genproto v0.0.0-20220421151946-72621c1f0bd3/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= +google.golang.org/genproto v0.0.0-20220429170224-98d788798c3e/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= +google.golang.org/genproto v0.0.0-20220502173005-c8bf987b8c21/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4= +google.golang.org/genproto v0.0.0-20220505152158-f39f71e6c8f3/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4= +google.golang.org/genproto v0.0.0-20220518221133-4f43b3371335/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4= +google.golang.org/genproto v0.0.0-20220523171625-347a074981d8/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4= +google.golang.org/genproto v0.0.0-20220608133413-ed9918b62aac/go.mod h1:KEWEmljWE5zPzLBa/oHl6DaEt9LmfH6WtH1OHIvleBA= +google.golang.org/genproto v0.0.0-20220616135557-88e70c0c3a90/go.mod h1:KEWEmljWE5zPzLBa/oHl6DaEt9LmfH6WtH1OHIvleBA= +google.golang.org/genproto v0.0.0-20220617124728-180714bec0ad/go.mod h1:KEWEmljWE5zPzLBa/oHl6DaEt9LmfH6WtH1OHIvleBA= +google.golang.org/genproto v0.0.0-20220624142145-8cd45d7dbd1f/go.mod h1:KEWEmljWE5zPzLBa/oHl6DaEt9LmfH6WtH1OHIvleBA= +google.golang.org/genproto v0.0.0-20220628213854-d9e0b6570c03/go.mod h1:KEWEmljWE5zPzLBa/oHl6DaEt9LmfH6WtH1OHIvleBA= +google.golang.org/genproto v0.0.0-20220722212130-b98a9ff5e252/go.mod h1:GkXuJDJ6aQ7lnJcRF+SJVgFdQhypqgl3LB1C9vabdRE= +google.golang.org/genproto v0.0.0-20220801145646-83ce21fca29f/go.mod h1:iHe1svFLAZg9VWz891+QbRMwUv9O/1Ww+/mngYeThbc= +google.golang.org/genproto v0.0.0-20220815135757-37a418bb8959/go.mod h1:dbqgFATTzChvnt+ujMdZwITVAJHFtfyN1qUhDqEiIlk= +google.golang.org/genproto v0.0.0-20220817144833-d7fd3f11b9b1/go.mod h1:dbqgFATTzChvnt+ujMdZwITVAJHFtfyN1qUhDqEiIlk= +google.golang.org/genproto v0.0.0-20220822174746-9e6da59bd2fc/go.mod h1:dbqgFATTzChvnt+ujMdZwITVAJHFtfyN1qUhDqEiIlk= +google.golang.org/genproto v0.0.0-20220829144015-23454907ede3/go.mod h1:dbqgFATTzChvnt+ujMdZwITVAJHFtfyN1qUhDqEiIlk= +google.golang.org/genproto v0.0.0-20220829175752-36a9c930ecbf/go.mod h1:dbqgFATTzChvnt+ujMdZwITVAJHFtfyN1qUhDqEiIlk= +google.golang.org/genproto v0.0.0-20220913154956-18f8339a66a5/go.mod h1:0Nb8Qy+Sk5eDzHnzlStwW3itdNaWoZA5XeSG+R3JHSo= +google.golang.org/genproto v0.0.0-20220914142337-ca0e39ece12f/go.mod h1:0Nb8Qy+Sk5eDzHnzlStwW3itdNaWoZA5XeSG+R3JHSo= +google.golang.org/genproto v0.0.0-20220915135415-7fd63a7952de/go.mod h1:0Nb8Qy+Sk5eDzHnzlStwW3itdNaWoZA5XeSG+R3JHSo= +google.golang.org/genproto v0.0.0-20220916172020-2692e8806bfa/go.mod h1:0Nb8Qy+Sk5eDzHnzlStwW3itdNaWoZA5XeSG+R3JHSo= +google.golang.org/genproto v0.0.0-20220919141832-68c03719ef51/go.mod h1:0Nb8Qy+Sk5eDzHnzlStwW3itdNaWoZA5XeSG+R3JHSo= +google.golang.org/genproto v0.0.0-20220920201722-2b89144ce006/go.mod h1:ht8XFiar2npT/g4vkk7O0WYS1sHOHbdujxbEp7CJWbw= +google.golang.org/genproto v0.0.0-20220926165614-551eb538f295/go.mod h1:woMGP53BroOrRY3xTxlbr8Y3eB/nzAvvFM83q7kG2OI= +google.golang.org/genproto v0.0.0-20220926220553-6981cbe3cfce/go.mod h1:woMGP53BroOrRY3xTxlbr8Y3eB/nzAvvFM83q7kG2OI= +google.golang.org/genproto v0.0.0-20221010155953-15ba04fc1c0e/go.mod h1:3526vdqwhZAwq4wsRUaVG555sVgsNmIjRtO7t/JH29U= +google.golang.org/genproto v0.0.0-20221014173430-6e2ab493f96b/go.mod h1:1vXfmgAz9N9Jx0QA82PqRVauvCz1SGSz739p0f183jM= +google.golang.org/genproto v0.0.0-20221014213838-99cd37c6964a/go.mod h1:1vXfmgAz9N9Jx0QA82PqRVauvCz1SGSz739p0f183jM= +google.golang.org/genproto v0.0.0-20221024153911-1573dae28c9c/go.mod h1:9qHF0xnpdSfF6knlcsnpzUu5y+rpwgbvsyGAZPBMg4s= +google.golang.org/genproto v0.0.0-20221024183307-1bc688fe9f3e/go.mod h1:9qHF0xnpdSfF6knlcsnpzUu5y+rpwgbvsyGAZPBMg4s= +google.golang.org/genproto v0.0.0-20221027153422-115e99e71e1c/go.mod h1:CGI5F/G+E5bKwmfYo09AXuVN4dD894kIKUFmVbP2/Fo= +google.golang.org/genproto v0.0.0-20221109142239-94d6d90a7d66/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= +google.golang.org/genproto v0.0.0-20221114212237-e4508ebdbee1/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= +google.golang.org/genproto v0.0.0-20221117204609-8f9c96812029/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= +google.golang.org/genproto v0.0.0-20221118155620-16455021b5e6/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= +google.golang.org/genproto v0.0.0-20221201164419-0e50fba7f41c/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= +google.golang.org/genproto v0.0.0-20221201204527-e3fa12d562f3/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= +google.golang.org/genproto v0.0.0-20221202195650-67e5cbc046fd/go.mod h1:cTsE614GARnxrLsqKREzmNYJACSWWpAWdNMwnD7c2BE= +google.golang.org/genproto v0.0.0-20221227171554-f9683d7f8bef/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230112194545-e10362b5ecf9/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230113154510-dbe35b8444a5/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230123190316-2c411cf9d197/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230124163310-31e0e69b6fc2/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230125152338-dcaf20b6aeaa/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230127162408-596548ed4efa/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230209215440-0dfe4f8abfcc/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230216225411-c8e22ba71e44/go.mod h1:8B0gmkoRebU8ukX6HP+4wrVQUY1+6PkQ44BSyIlflHA= +google.golang.org/genproto v0.0.0-20230222225845-10f96fb3dbec/go.mod h1:3Dl5ZL0q0isWJt+FVcfpQyirqemEuLAK/iFvg1UP1Hw= +google.golang.org/genproto v0.0.0-20230223222841-637eb2293923/go.mod h1:3Dl5ZL0q0isWJt+FVcfpQyirqemEuLAK/iFvg1UP1Hw= +google.golang.org/genproto v0.0.0-20230303212802-e74f57abe488/go.mod h1:TvhZT5f700eVlTNwND1xoEZQeWTB2RY/65kplwl/bFA= +google.golang.org/genproto v0.0.0-20230306155012-7f2fa6fef1f4/go.mod h1:NWraEVixdDnqcqQ30jipen1STv2r/n24Wb7twVTGR4s= +google.golang.org/genproto v0.0.0-20230320184635-7606e756e683/go.mod h1:NWraEVixdDnqcqQ30jipen1STv2r/n24Wb7twVTGR4s= +google.golang.org/genproto v0.0.0-20230323212658-478b75c54725/go.mod h1:UUQDJDOlWu4KYeJZffbWgBkS1YFobzKbLVfK69pe0Ak= +google.golang.org/genproto v0.0.0-20230330154414-c0448cd141ea/go.mod h1:UUQDJDOlWu4KYeJZffbWgBkS1YFobzKbLVfK69pe0Ak= +google.golang.org/genproto v0.0.0-20230331144136-dcfb400f0633/go.mod h1:UUQDJDOlWu4KYeJZffbWgBkS1YFobzKbLVfK69pe0Ak= +google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1/go.mod h1:nKE/iIaLqn2bQwXBg8f1g2Ylh6r5MN5CmZvuzZCgsCU= +google.golang.org/genproto v0.0.0-20250804133106-a7a43d27e69b h1:eZTgydvqZO44zyTZAvMaSyAxccZZdraiSAGvqOczVvk= +google.golang.org/genproto v0.0.0-20250804133106-a7a43d27e69b/go.mod h1:suyz2QBHQKlGIF92HEEsCfO1SwxXdk7PFLz+Zd9Uah4= +google.golang.org/genproto/googleapis/api v0.0.0-20250804133106-a7a43d27e69b h1:ULiyYQ0FdsJhwwZUwbaXpZF5yUE3h+RA+gxvBu37ucc= +google.golang.org/genproto/googleapis/api v0.0.0-20250804133106-a7a43d27e69b/go.mod h1:oDOGiMSXHL4sDTJvFvIB9nRQCGdLP1o/iVaqQK8zB+M= +google.golang.org/genproto/googleapis/rpc v0.0.0-20250811230008-5f3141c8851a h1:tPE/Kp+x9dMSwUm/uM0JKK0IfdiJkwAbSMSeZBXXJXc= +google.golang.org/genproto/googleapis/rpc v0.0.0-20250811230008-5f3141c8851a/go.mod h1:gw1tLEfykwDz2ET4a12jcXt4couGAm7IwsVaTy0Sflo= +google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= +google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= +google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= +google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= +google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKal+60= +google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk= +google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= +google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= +google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= +google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= +google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= +google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA51WJ8= +google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= +google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= +google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= +google.golang.org/grpc v1.37.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= +google.golang.org/grpc v1.37.1/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= +google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= +google.golang.org/grpc v1.39.0/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE= +google.golang.org/grpc v1.39.1/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE= +google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= +google.golang.org/grpc v1.40.1/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= +google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= +google.golang.org/grpc v1.44.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= +google.golang.org/grpc v1.45.0/go.mod h1:lN7owxKUQEqMfSyQikvvk5tf/6zMPsrK+ONuO11+0rQ= +google.golang.org/grpc v1.46.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk= +google.golang.org/grpc v1.46.2/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk= +google.golang.org/grpc v1.47.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk= +google.golang.org/grpc v1.48.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk= +google.golang.org/grpc v1.49.0/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI= +google.golang.org/grpc v1.50.0/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI= +google.golang.org/grpc v1.50.1/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI= +google.golang.org/grpc v1.51.0/go.mod h1:wgNDFcnuBGmxLKI/qn4T+m5BtEBYXJPvibbUPsAIPww= +google.golang.org/grpc v1.52.3/go.mod h1:pu6fVzoFb+NBYNAvQL08ic+lvB2IojljRYuun5vorUY= +google.golang.org/grpc v1.53.0/go.mod h1:OnIrk0ipVdj4N5d9IUoFUx72/VlD7+jUsHwZgwSMQpw= +google.golang.org/grpc v1.54.0/go.mod h1:PUSEXI6iWghWaB6lXM4knEgpJNu2qUcKfDtNci3EC2g= +google.golang.org/grpc v1.56.3/go.mod h1:I9bI3vqKfayGqPUAwGdOSu7kt6oIJLixfffKrpXqQ9s= +google.golang.org/grpc v1.74.2 h1:WoosgB65DlWVC9FqI82dGsZhWFNBSLjQ84bjROOpMu4= +google.golang.org/grpc v1.74.2/go.mod h1:CtQ+BGjaAIXHs/5YS3i473GqwBBa1zGQNevxdeBEXrM= +google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= +google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= +google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= +google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= +google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= +google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= +google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= +google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= +google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= +google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.29.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= google.golang.org/protobuf v1.36.9 h1:w2gp2mA27hUeUzj9Ex9FBjsBm40zfaDtEWow293U7Iw= google.golang.org/protobuf v1.36.9/go.mod h1:fuxRtAxBytpl4zzqUh6/eyUujkJdNiuEkXntxiD/uRU= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -381,17 +1935,23 @@ gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8 gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= +gopkg.in/natefinch/npipe.v2 v2.0.0-20160621034901-c1b8fa8bdcce/go.mod h1:5AcXVHNjg+BDxry382+8OKon8SEWiKktQR07RKPsv1c= +gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gorm.io/datatypes v1.2.7 h1:ww9GAhF1aGXZY3EB3cJPJ7//JiuQo7DlQA7NNlVaTdk= gorm.io/datatypes v1.2.7/go.mod h1:M2iO+6S3hhi4nAyYe444Pcb0dcIiOMJ7QHaUXxyiNZY= -gorm.io/driver/mysql v1.5.6 h1:Ld4mkIickM+EliaQZQx3uOJDJHtrd70MxAUqWqlx3Y8= -gorm.io/driver/mysql v1.5.6/go.mod h1:sEtPWMiqiN1N1cMXoXmBbd8C6/l+TESwriotuRRpkDM= +gorm.io/driver/mysql v1.5.7 h1:MndhOPYOfEp2rHKgkZIhJ16eVUIRf2HmzgoPmh7FCWo= +gorm.io/driver/mysql v1.5.7/go.mod h1:sEtPWMiqiN1N1cMXoXmBbd8C6/l+TESwriotuRRpkDM= gorm.io/driver/postgres v1.6.0 h1:2dxzU8xJ+ivvqTRph34QX+WrRaJlmfyPqXmoGVjMBa4= gorm.io/driver/postgres v1.6.0/go.mod h1:vUw0mrGgrTK+uPHEhAdV4sfFELrByKVGnaVRkXDhtWo= gorm.io/driver/sqlite v1.6.0 h1:WHRRrIiulaPiPFmDcod6prc4l2VGVWHz80KspNsxSfQ= @@ -399,5 +1959,52 @@ gorm.io/driver/sqlite v1.6.0/go.mod h1:AO9V1qIQddBESngQUKWL9yoH93HIeA1X6V633rBwy gorm.io/driver/sqlserver v1.6.0 h1:VZOBQVsVhkHU/NzNhRJKoANt5pZGQAS1Bwc6m6dgfnc= gorm.io/driver/sqlserver v1.6.0/go.mod h1:WQzt4IJo/WHKnckU9jXBLMJIVNMVeTu25dnOzehntWw= gorm.io/gorm v1.25.7/go.mod h1:hbnx/Oo0ChWMn1BIhpy1oYozzpM15i4YPuHDmfYtwg8= +gorm.io/gorm v1.30.0/go.mod h1:8Z33v652h4//uMA76KjeDH8mJXPm1QNCYrMeatR0DOE= gorm.io/gorm v1.31.1 h1:7CA8FTFz/gRfgqgpeKIBcervUn3xSyPUmr6B2WXJ7kg= gorm.io/gorm v1.31.1/go.mod h1:XyQVbO2k6YkOis7C2437jSit3SsDK72s7n7rsSHd+Gs= +honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= +honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= +honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= +honnef.co/go/tools v0.1.3/go.mod h1:NgwopIslSNH47DimFoV78dnkksY2EFtX0ajyb3K/las= +lukechampine.com/uint128 v1.1.1/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk= +lukechampine.com/uint128 v1.2.0/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk= +modernc.org/cc/v3 v3.36.0/go.mod h1:NFUHyPn4ekoC/JHeZFfZurN6ixxawE1BnVonP/oahEI= +modernc.org/cc/v3 v3.36.2/go.mod h1:NFUHyPn4ekoC/JHeZFfZurN6ixxawE1BnVonP/oahEI= +modernc.org/cc/v3 v3.36.3/go.mod h1:NFUHyPn4ekoC/JHeZFfZurN6ixxawE1BnVonP/oahEI= +modernc.org/ccgo/v3 v3.0.0-20220428102840-41399a37e894/go.mod h1:eI31LL8EwEBKPpNpA4bU1/i+sKOwOrQy8D87zWUcRZc= +modernc.org/ccgo/v3 v3.0.0-20220430103911-bc99d88307be/go.mod h1:bwdAnOoaIt8Ax9YdWGjxWsdkPcZyRPHqrOvJxaKAKGw= +modernc.org/ccgo/v3 v3.16.4/go.mod h1:tGtX0gE9Jn7hdZFeU88slbTh1UtCYKusWOoCJuvkWsQ= +modernc.org/ccgo/v3 v3.16.6/go.mod h1:tGtX0gE9Jn7hdZFeU88slbTh1UtCYKusWOoCJuvkWsQ= +modernc.org/ccgo/v3 v3.16.8/go.mod h1:zNjwkizS+fIFDrDjIAgBSCLkWbJuHF+ar3QRn+Z9aws= +modernc.org/ccgo/v3 v3.16.9/go.mod h1:zNMzC9A9xeNUepy6KuZBbugn3c0Mc9TeiJO4lgvkJDo= +modernc.org/ccorpus v1.11.6/go.mod h1:2gEUTrWqdpH2pXsmTM1ZkjeSrUWDpjMu2T6m29L/ErQ= +modernc.org/httpfs v1.0.6/go.mod h1:7dosgurJGp0sPaRanU53W4xZYKh14wfzX420oZADeHM= +modernc.org/libc v0.0.0-20220428101251-2d5f3daf273b/go.mod h1:p7Mg4+koNjc8jkqwcoFBJx7tXkpj00G77X7A72jXPXA= +modernc.org/libc v1.16.0/go.mod h1:N4LD6DBE9cf+Dzf9buBlzVJndKr/iJHG97vGLHYnb5A= +modernc.org/libc v1.16.1/go.mod h1:JjJE0eu4yeK7tab2n4S1w8tlWd9MxXLRzheaRnAKymU= +modernc.org/libc v1.16.17/go.mod h1:hYIV5VZczAmGZAnG15Vdngn5HSF5cSkbvfz2B7GRuVU= +modernc.org/libc v1.16.19/go.mod h1:p7Mg4+koNjc8jkqwcoFBJx7tXkpj00G77X7A72jXPXA= +modernc.org/libc v1.17.0/go.mod h1:XsgLldpP4aWlPlsjqKRdHPqCxCjISdHfM/yeWC5GyW0= +modernc.org/libc v1.17.1/go.mod h1:FZ23b+8LjxZs7XtFMbSzL/EhPxNbfZbErxEHc7cbD9s= +modernc.org/mathutil v1.2.2/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E= +modernc.org/mathutil v1.4.1/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E= +modernc.org/mathutil v1.5.0/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E= +modernc.org/memory v1.1.1/go.mod h1:/0wo5ibyrQiaoUoH7f9D8dnglAmILJ5/cxZlRECf+Nw= +modernc.org/memory v1.2.0/go.mod h1:/0wo5ibyrQiaoUoH7f9D8dnglAmILJ5/cxZlRECf+Nw= +modernc.org/memory v1.2.1/go.mod h1:PkUhL0Mugw21sHPeskwZW4D6VscE/GQJOnIpCnW6pSU= +modernc.org/opt v0.1.1/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0= +modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0= +modernc.org/sqlite v1.18.1/go.mod h1:6ho+Gow7oX5V+OiOQ6Tr4xeqbx13UZ6t+Fw9IRUG4d4= +modernc.org/strutil v1.1.1/go.mod h1:DE+MQQ/hjKBZS2zNInV5hhcipt5rLPWkmpbGeW5mmdw= +modernc.org/strutil v1.1.3/go.mod h1:MEHNA7PdEnEwLvspRMtWTNnp2nnyvMfkimT1NKNAGbw= +modernc.org/tcl v1.13.1/go.mod h1:XOLfOwzhkljL4itZkK6T72ckMgvj0BDsnKNdZVUOecw= +modernc.org/token v1.0.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM= +modernc.org/z v1.5.1/go.mod h1:eWFB510QWW5Th9YGZT81s+LwvaAs3Q2yr4sP0rmLkv8= +rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= +rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4= +rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= +rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= diff --git a/internal/api/mount_api_routes.go b/internal/api/mount_api_routes.go index c0a10e0..27e4dee 100644 --- a/internal/api/mount_api_routes.go +++ b/internal/api/mount_api_routes.go @@ -32,6 +32,8 @@ func mountAPIRoutes(r chi.Router, db *gorm.DB, jobs *bg.Jobs) { mountAnnotationRoutes(v1, db, authOrg) mountNodePoolRoutes(v1, db, authOrg) mountDNSRoutes(v1, db, authOrg) + mountLoadBalancerRoutes(v1, db, authOrg) + mountClusterRoutes(v1, db, authOrg) }) }) } diff --git a/internal/api/mount_cluster_routes.go b/internal/api/mount_cluster_routes.go new file mode 100644 index 0000000..f105c31 --- /dev/null +++ b/internal/api/mount_cluster_routes.go @@ -0,0 +1,39 @@ +package api + +import ( + "net/http" + + "github.com/glueops/autoglue/internal/handlers" + "github.com/go-chi/chi/v5" + "gorm.io/gorm" +) + +func mountClusterRoutes(r chi.Router, db *gorm.DB, authOrg func(http.Handler) http.Handler) { + r.Route("/clusters", func(c chi.Router) { + c.Use(authOrg) + c.Get("/", handlers.ListClusters(db)) + c.Post("/", handlers.CreateCluster(db)) + + c.Get("/{clusterID}", handlers.GetCluster(db)) + c.Patch("/{clusterID}", handlers.UpdateCluster(db)) + c.Delete("/{clusterID}", handlers.DeleteCluster(db)) + + c.Post("/{clusterID}/captain-domain", handlers.AttachCaptainDomain(db)) + c.Delete("/{clusterID}/captain-domain", handlers.DetachCaptainDomain(db)) + + c.Post("/{clusterID}/control-plane-record-set", handlers.AttachControlPlaneRecordSet(db)) + c.Delete("/{clusterID}/control-plane-record-set", handlers.DetachControlPlaneRecordSet(db)) + + c.Post("/{clusterID}/apps-load-balancer", handlers.AttachAppsLoadBalancer(db)) + c.Delete("/{clusterID}/apps-load-balancer", handlers.DetachAppsLoadBalancer(db)) + c.Post("/{clusterID}/glueops-load-balancer", handlers.AttachGlueOpsLoadBalancer(db)) + c.Delete("/{clusterID}/glueops-load-balancer", handlers.DetachGlueOpsLoadBalancer(db)) + + c.Post("/{clusterID}/bastion", handlers.AttachBastionServer(db)) + c.Delete("/{clusterID}/bastion", handlers.DetachBastionServer(db)) + + c.Post("/{clusterID}/kubeconfig", handlers.SetClusterKubeconfig(db)) + c.Delete("/{clusterID}/kubeconfig", handlers.ClearClusterKubeconfig(db)) + + }) +} diff --git a/internal/api/mount_db_studio.go b/internal/api/mount_db_studio.go index 437421a..5a4e7e0 100644 --- a/internal/api/mount_db_studio.go +++ b/internal/api/mount_db_studio.go @@ -10,7 +10,7 @@ import ( pgcmd "github.com/sosedoff/pgweb/pkg/command" ) -func PgwebHandler(dbURL, prefix string, readonly bool) (http.Handler, error) { +func MountDbStudio(dbURL, prefix string, readonly bool) (http.Handler, error) { // Normalize prefix for pgweb: // - no leading slash // - always trailing slash if not empty diff --git a/internal/api/mount_load_balancer_routes.go b/internal/api/mount_load_balancer_routes.go new file mode 100644 index 0000000..674b51a --- /dev/null +++ b/internal/api/mount_load_balancer_routes.go @@ -0,0 +1,20 @@ +package api + +import ( + "net/http" + + "github.com/glueops/autoglue/internal/handlers" + "github.com/go-chi/chi/v5" + "gorm.io/gorm" +) + +func mountLoadBalancerRoutes(r chi.Router, db *gorm.DB, authOrg func(http.Handler) http.Handler) { + r.Route("/load-balancers", func(l chi.Router) { + l.Use(authOrg) + l.Get("/", handlers.ListLoadBalancers(db)) + l.Post("/", handlers.CreateLoadBalancer(db)) + l.Get("/{id}", handlers.GetLoadBalancer(db)) + l.Patch("/{id}", handlers.UpdateLoadBalancer(db)) + l.Delete("/{id}", handlers.DeleteLoadBalancer(db)) + }) +} diff --git a/internal/api/mount_swagger_routes.go b/internal/api/mount_swagger_routes.go index ae08042..d61c218 100644 --- a/internal/api/mount_swagger_routes.go +++ b/internal/api/mount_swagger_routes.go @@ -1,15 +1,87 @@ package api import ( + "fmt" + "html/template" + "net/http" + "github.com/glueops/autoglue/docs" "github.com/go-chi/chi/v5" - httpSwagger "github.com/swaggo/http-swagger/v2" ) func mountSwaggerRoutes(r chi.Router) { - r.Get("/swagger/*", httpSwagger.Handler( - httpSwagger.URL("swagger.json"), - )) + r.Get("/swagger", RapidDocHandler("/swagger/swagger.yaml")) + r.Get("/swagger/index.html", RapidDocHandler("/swagger/swagger.yaml")) r.Get("/swagger/swagger.json", serveSwaggerFromEmbed(docs.SwaggerJSON, "application/json")) r.Get("/swagger/swagger.yaml", serveSwaggerFromEmbed(docs.SwaggerYAML, "application/x-yaml")) } + +var rapidDocTmpl = template.Must(template.New("redoc").Parse(` + + + + AutoGlue API Docs + + + + + + + + + +`)) + +func RapidDocHandler(specURL string) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + scheme := "http" + if r.TLS != nil || r.Header.Get("X-Forwarded-Proto") == "https" { + scheme = "https" + } + + host := r.Host + defaultServer := fmt.Sprintf("%s://%s/api/v1", scheme, host) + + w.Header().Set("Content-Type", "text/html; charset=utf-8") + if err := rapidDocTmpl.Execute(w, map[string]string{ + "SpecURL": specURL, + "DefaultServer": defaultServer, + }); err != nil { + http.Error(w, "failed to render docs", http.StatusInternalServerError) + return + } + } +} diff --git a/internal/api/mw_security.go b/internal/api/mw_security.go index 2217003..0bf01f0 100644 --- a/internal/api/mw_security.go +++ b/internal/api/mw_security.go @@ -29,14 +29,14 @@ func SecurityHeaders(next http.Handler) http.Handler { "base-uri 'self'", "form-action 'self'", // Vite dev & inline preamble/eval: - "script-src 'self' 'unsafe-inline' 'unsafe-eval' http://localhost:5173", + "script-src 'self' 'unsafe-inline' 'unsafe-eval' http://localhost:5173 https://unpkg.com", // allow dev style + Google Fonts "style-src 'self' 'unsafe-inline' http://localhost:5173 https://fonts.googleapis.com", "img-src 'self' data: blob:", // Google font files "font-src 'self' data: https://fonts.gstatic.com", // HMR connections - "connect-src 'self' http://localhost:5173 ws://localhost:5173 ws://localhost:8080 https://api.github.com", + "connect-src 'self' http://localhost:5173 ws://localhost:5173 ws://localhost:8080 https://api.github.com https://unpkg.com", "frame-ancestors 'none'", }, "; ")) } else { @@ -49,11 +49,11 @@ func SecurityHeaders(next http.Handler) http.Handler { "default-src 'self'", "base-uri 'self'", "form-action 'self'", - "script-src 'self' 'unsafe-inline'", + "script-src 'self' 'unsafe-inline' https://unpkg.com", "style-src 'self' 'unsafe-inline' https://fonts.googleapis.com", "img-src 'self' data: blob:", "font-src 'self' data: https://fonts.gstatic.com", - "connect-src 'self' ws://localhost:8080 https://api.github.com", + "connect-src 'self' ws://localhost:8080 https://api.github.com https://unpkg.com", "frame-ancestors 'none'", }, "; ")) } diff --git a/internal/api/routes.go b/internal/api/routes.go index 0f117fd..8d913e9 100644 --- a/internal/api/routes.go +++ b/internal/api/routes.go @@ -38,6 +38,7 @@ func NewRouter(db *gorm.DB, jobs *bg.Jobs, studio http.Handler) http.Handler { r.Use(SecurityHeaders) r.Use(requestBodyLimit(10 << 20)) r.Use(httprate.LimitByIP(100, 1*time.Minute)) + r.Use(middleware.StripSlashes) allowed := getAllowedOrigins() r.Use(cors.Handler(cors.Options{ @@ -103,18 +104,19 @@ func NewRouter(db *gorm.DB, jobs *bg.Jobs, studio http.Handler) http.Handler { mux := http.NewServeMux() mux.Handle("/api/", r) mux.Handle("/api", r) + mux.Handle("/swagger", r) mux.Handle("/swagger/", r) mux.Handle("/db-studio/", r) mux.Handle("/debug/pprof/", r) mux.Handle("/", proxy) return mux - } - - fmt.Println("Running in production mode") - if h, err := web.SPAHandler(); err == nil { - r.NotFound(h.ServeHTTP) } else { - log.Error().Err(err).Msg("spa handler init failed") + fmt.Println("Running in production mode") + if h, err := web.SPAHandler(); err == nil { + r.NotFound(h.ServeHTTP) + } else { + log.Error().Err(err).Msg("spa handler init failed") + } } return r diff --git a/internal/api/utils.go b/internal/api/utils.go index e9ba419..a906763 100644 --- a/internal/api/utils.go +++ b/internal/api/utils.go @@ -40,6 +40,7 @@ func serveSwaggerFromEmbed(data []byte, contentType string) http.HandlerFunc { return func(w http.ResponseWriter, _ *http.Request) { w.Header().Set("Content-Type", contentType) w.WriteHeader(http.StatusOK) + // nosemgrep: go.lang.security.audit.xss.no-direct-write-to-responsewriter _, _ = w.Write(data) } } diff --git a/internal/app/runtime.go b/internal/app/runtime.go index 673f5e5..952f239 100644 --- a/internal/app/runtime.go +++ b/internal/app/runtime.go @@ -39,10 +39,11 @@ func NewRuntime() *Runtime { &models.Label{}, &models.Annotation{}, &models.NodePool{}, - &models.Cluster{}, &models.Credential{}, &models.Domain{}, &models.RecordSet{}, + &models.LoadBalancer{}, + &models.Cluster{}, ) if err != nil { diff --git a/internal/bg/bastion.go b/internal/bg/bastion.go index d871e66..91ccbed 100644 --- a/internal/bg/bastion.go +++ b/internal/bg/bastion.go @@ -140,10 +140,7 @@ func BastionBootstrapWorker(db *gorm.DB, jobs *Jobs) archer.WorkerFn { _ = setServerStatus(db, s.ID, "failed") continue } - ok++ - // logHostInfo(jobID, s, "done", "host completed", - // "elapsed_ms", time.Since(hostStart).Milliseconds()) } res := BastionBootstrapResult{ diff --git a/internal/handlers/annotations.go b/internal/handlers/annotations.go index c797afe..ced4ca4 100644 --- a/internal/handlers/annotations.go +++ b/internal/handlers/annotations.go @@ -22,7 +22,6 @@ import ( // @Summary List annotations (org scoped) // @Description Returns annotations for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node pools. // @Tags Annotations -// @Accept json // @Produce json // @Param X-Org-ID header string false "Organization UUID" // @Param key query string false "Exact key" @@ -75,7 +74,6 @@ func ListAnnotations(db *gorm.DB) http.HandlerFunc { // @Summary Get annotation by ID (org scoped) // @Description Returns one annotation. Add `include=node_pools` to include node pools. // @Tags Annotations -// @Accept json // @Produce json // @Param X-Org-ID header string false "Organization UUID" // @Param id path string true "Annotation ID (UUID)" @@ -255,11 +253,10 @@ func UpdateAnnotation(db *gorm.DB) http.HandlerFunc { // @Summary Delete annotation (org scoped) // @Description Permanently deletes the annotation. // @Tags Annotations -// @Accept json // @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param id path string true "Annotation ID (UUID)" -// @Success 204 {string} string "No Content" +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "Annotation ID (UUID)" +// @Success 204 "No Content" // @Failure 400 {string} string "invalid id" // @Failure 401 {string} string "Unauthorized" // @Failure 403 {string} string "organization required" diff --git a/internal/handlers/auth.go b/internal/handlers/auth.go index bcb33aa..72bffef 100644 --- a/internal/handlers/auth.go +++ b/internal/handlers/auth.go @@ -2,7 +2,9 @@ package handlers import ( "context" + "encoding/base64" "encoding/json" + "html/template" "net/http" "net/url" "strings" @@ -252,10 +254,11 @@ func AuthCallback(db *gorm.DB) http.HandlerFunc { accessTTL := 1 * time.Hour refreshTTL := 30 * 24 * time.Hour + cfgLoaded, _ := config.Load() access, err := auth.IssueAccessToken(auth.IssueOpts{ Subject: user.ID.String(), - Issuer: cfg.JWTIssuer, - Audience: cfg.JWTAudience, + Issuer: cfgLoaded.JWTIssuer, + Audience: cfgLoaded.JWTAudience, TTL: accessTTL, Claims: map[string]any{ "email": email, @@ -273,7 +276,10 @@ func AuthCallback(db *gorm.DB) http.HandlerFunc { return } - secure := strings.HasPrefix(cfg.OAuthRedirectBase, "https://") + secure := true + if u, err := url.Parse(cfg.OAuthRedirectBase); err == nil && isLocalDev(u) { + secure = false + } if xf := r.Header.Get("X-Forwarded-Proto"); xf != "" { secure = strings.EqualFold(xf, "https") } @@ -291,14 +297,7 @@ func AuthCallback(db *gorm.DB) http.HandlerFunc { // If the state indicates SPA popup mode, postMessage tokens to the opener and close state := r.URL.Query().Get("state") if strings.Contains(state, "mode=spa") { - origin := "" - for _, part := range strings.Split(state, "|") { - if strings.HasPrefix(part, "origin=") { - origin, _ = url.QueryUnescape(strings.TrimPrefix(part, "origin=")) - break - } - } - // fallback: restrict to backend origin if none supplied + origin := canonicalOrigin(cfg.OAuthRedirectBase) if origin == "" { origin = cfg.OAuthRedirectBase } @@ -371,7 +370,10 @@ func Refresh(db *gorm.DB) http.HandlerFunc { return } - secure := strings.HasPrefix(cfg.OAuthRedirectBase, "https://") + secure := true + if uParsed, err := url.Parse(cfg.OAuthRedirectBase); err == nil && isLocalDev(uParsed) { + secure = false + } if xf := r.Header.Get("X-Forwarded-Proto"); xf != "" { secure = strings.EqualFold(xf, "https") } @@ -424,6 +426,11 @@ func Logout(db *gorm.DB) http.HandlerFunc { } clearCookie: + secure := true + if uParsed, err := url.Parse(cfg.OAuthRedirectBase); err == nil && isLocalDev(uParsed) { + secure = false + } + http.SetCookie(w, &http.Cookie{ Name: "ag_jwt", Value: "", @@ -432,11 +439,10 @@ func Logout(db *gorm.DB) http.HandlerFunc { MaxAge: -1, Expires: time.Unix(0, 0), SameSite: http.SameSiteLaxMode, - Secure: strings.HasPrefix(cfg.OAuthRedirectBase, "https"), + Secure: secure, }) w.WriteHeader(204) - } } @@ -506,21 +512,63 @@ func ensureAutoMembership(db *gorm.DB, userID uuid.UUID, email string) error { }).Error } +// postMessage HTML template +var postMessageTpl = template.Must(template.New("postmsg").Parse(` + + + + +`)) + +type postMessageData struct { + Origin string + PayloadB64 string +} + // writePostMessageHTML sends a tiny HTML page that posts tokens to the SPA and closes the window. func writePostMessageHTML(w http.ResponseWriter, origin string, payload dto.TokenPair) { b, _ := json.Marshal(payload) + + data := postMessageData{ + Origin: origin, + PayloadB64: base64.StdEncoding.EncodeToString(b), + } + w.Header().Set("Content-Type", "text/html; charset=utf-8") w.Header().Set("Cache-Control", "no-store") w.WriteHeader(http.StatusOK) - _, _ = w.Write([]byte(``)) + _ = postMessageTpl.Execute(w, data) +} + +// canonicalOrigin returns scheme://host[:port] for a given URL, or "" if invalid. +func canonicalOrigin(raw string) string { + u, err := url.Parse(raw) + if err != nil || u.Scheme == "" || u.Host == "" { + return "" + } + + // Normalize: no path/query/fragment — just the origin. + return (&url.URL{ + Scheme: u.Scheme, + Host: u.Host, + }).String() +} + +func isLocalDev(u *url.URL) bool { + host := strings.ToLower(u.Hostname()) + return u.Scheme == "http" && + (host == "localhost" || host == "127.0.0.1") } diff --git a/internal/handlers/clusters.go b/internal/handlers/clusters.go index 86619e4..cc8f276 100644 --- a/internal/handlers/clusters.go +++ b/internal/handlers/clusters.go @@ -1,6 +1,11 @@ package handlers import ( + "crypto/rand" + "encoding/hex" + "encoding/json" + "errors" + "fmt" "net/http" "strings" "time" @@ -10,6 +15,8 @@ import ( "github.com/glueops/autoglue/internal/handlers/dto" "github.com/glueops/autoglue/internal/models" "github.com/glueops/autoglue/internal/utils" + "github.com/go-chi/chi/v5" + "github.com/google/uuid" "gorm.io/gorm" ) @@ -45,13 +52,16 @@ func ListClusters(db *gorm.DB) http.HandlerFunc { var rows []models.Cluster if err := q. + Preload("CaptainDomain"). + Preload("ControlPlaneRecordSet"). + Preload("AppsLoadBalancer"). + Preload("GlueOpsLoadBalancer"). + Preload("BastionServer"). Preload("NodePools"). Preload("NodePools.Labels"). Preload("NodePools.Annotations"). - Preload("NodePools.Labels"). Preload("NodePools.Taints"). Preload("NodePools.Servers"). - Preload("BastionServer"). Find(&rows).Error; err != nil { utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") return @@ -61,21 +71,80 @@ func ListClusters(db *gorm.DB) http.HandlerFunc { for _, row := range rows { out = append(out, clusterToDTO(row)) } - + utils.WriteJSON(w, http.StatusOK, out) } +} +// GetCluster godoc +// +// @ID GetCluster +// @Summary Get a single cluster by ID (org scoped) +// @Description Returns a cluster with all related resources (domain, record set, load balancers, bastion, node pools). +// @Tags Clusters +// @Produce json +// @Param X-Org-ID header string false "Organization UUID" +// @Param clusterID path string true "Cluster ID" +// @Success 200 {object} dto.ClusterResponse +// @Failure 400 {string} string "bad request" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "cluster not found" +// @Failure 500 {string} string "db error" +// @Router /clusters/{clusterID} [get] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth +func GetCluster(db *gorm.DB) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) + if !ok { + utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID") + return + } + + clusterID, err := uuid.Parse(chi.URLParam(r, "clusterID")) + if err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_cluster_id", "invalid cluster id") + return + } + + var cluster models.Cluster + if err := db. + Where("id = ? AND organization_id = ?", clusterID, orgID). + Preload("CaptainDomain"). + Preload("ControlPlaneRecordSet"). + Preload("AppsLoadBalancer"). + Preload("GlueOpsLoadBalancer"). + Preload("BastionServer"). + Preload("NodePools"). + Preload("NodePools.Labels"). + Preload("NodePools.Annotations"). + Preload("NodePools.Taints"). + Preload("NodePools.Servers"). + First(&cluster).Error; err != nil { + + if errors.Is(err, gorm.ErrRecordNotFound) { + utils.WriteError(w, http.StatusNotFound, "not_found", "cluster not found") + return + } + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + utils.WriteJSON(w, http.StatusOK, clusterToDTO(cluster)) + } } // CreateCluster godoc // // @ID CreateCluster // @Summary Create cluster (org scoped) -// @Description Creates a cluster. If `kubeconfig` is provided, it will be encrypted per-organization and stored securely (never returned). +// @Description Creates a cluster. Status is managed by the system and starts as `pre_pending` for validation. // @Tags Clusters // @Accept json // @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param body body dto.CreateClusterRequest true "payload" +// @Param X-Org-ID header string false "Organization UUID" +// @Param body body dto.CreateClusterRequest true "payload" // @Success 201 {object} dto.ClusterResponse // @Failure 400 {string} string "invalid json" // @Failure 401 {string} string "Unauthorized" @@ -87,10 +156,1144 @@ func ListClusters(db *gorm.DB) http.HandlerFunc { // @Security OrgSecretAuth func CreateCluster(db *gorm.DB) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { + orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) + if !ok { + utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID") + return + } + + var in dto.CreateClusterRequest + if err := json.NewDecoder(r.Body).Decode(&in); err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_json", err.Error()) + return + } + + certificateKey, err := GenerateSecureHex(32) + if err != nil { + utils.WriteError(w, http.StatusInternalServerError, "internal_error", "failed to generate certificate key") + return + } + + randomToken, err := GenerateFormattedToken() + if err != nil { + utils.WriteError(w, http.StatusInternalServerError, "internal_error", "failed to generate random token") + return + } + + c := models.Cluster{ + OrganizationID: orgID, + Name: in.Name, + Provider: in.Provider, + Region: in.Region, + Status: models.ClusterStatusPrePending, + LastError: "", + CertificateKey: certificateKey, + RandomToken: randomToken, + } + + if err := db.Create(&c).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + utils.WriteJSON(w, http.StatusCreated, clusterToDTO(c)) + } +} + +// UpdateCluster godoc +// +// @ID UpdateCluster +// @Summary Update basic cluster details (org scoped) +// @Description Updates the cluster name, provider, and/or region. Status is managed by the system. +// @Tags Clusters +// @Accept json +// @Produce json +// @Param X-Org-ID header string false "Organization UUID" +// @Param clusterID path string true "Cluster ID" +// @Param body body dto.UpdateClusterRequest true "payload" +// @Success 200 {object} dto.ClusterResponse +// @Failure 400 {string} string "bad request" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "cluster not found" +// @Failure 500 {string} string "db error" +// @Router /clusters/{clusterID} [patch] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth +func UpdateCluster(db *gorm.DB) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) + if !ok { + utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID") + return + } + + clusterID, err := uuid.Parse(chi.URLParam(r, "clusterID")) + if err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_cluster_id", "invalid cluster id") + return + } + + var in dto.UpdateClusterRequest + if err := json.NewDecoder(r.Body).Decode(&in); err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_json", err.Error()) + return + } + + var cluster models.Cluster + if err := db.Where("id = ? AND organization_id = ?", clusterID, orgID).First(&cluster).Error; err != nil { + if errors.Is(err, gorm.ErrRecordNotFound) { + utils.WriteError(w, http.StatusNotFound, "not_found", "cluster not found") + return + } + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + // Apply only provided fields + if in.Name != nil { + cluster.Name = *in.Name + } + if in.Provider != nil { + cluster.Provider = *in.Provider + } + if in.Region != nil { + cluster.Region = *in.Region + } + + if err := db.Save(&cluster).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + // Any change to the cluster config may require re-validation. + _ = markClusterNeedsValidation(db, cluster.ID) + + // Preload for a rich response + if err := db.Preload("CaptainDomain"). + Preload("ControlPlaneRecordSet"). + Preload("AppsLoadBalancer"). + Preload("GlueOpsLoadBalancer"). + Preload("BastionServer"). + Preload("NodePools"). + Preload("NodePools.Labels"). + Preload("NodePools.Annotations"). + Preload("NodePools.Taints"). + Preload("NodePools.Servers"). + First(&cluster, "id = ?", cluster.ID).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + utils.WriteJSON(w, http.StatusOK, clusterToDTO(cluster)) + } +} + +// DeleteCluster godoc +// +// @ID DeleteCluster +// @Summary Delete a cluster (org scoped) +// @Description Deletes the cluster. Related resources are cleaned up via DB constraints (e.g. CASCADE). +// @Tags Clusters +// @Produce json +// @Param X-Org-ID header string false "Organization UUID" +// @Param clusterID path string true "Cluster ID" +// @Success 204 {string} string "deleted" +// @Failure 400 {string} string "bad request" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "cluster not found" +// @Failure 500 {string} string "db error" +// @Router /clusters/{clusterID} [delete] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth +func DeleteCluster(db *gorm.DB) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) + if !ok { + utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID") + return + } + + clusterID, err := uuid.Parse(chi.URLParam(r, "clusterID")) + if err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_cluster_id", "invalid cluster id") + return + } + + tx := db.Where("id = ? AND organization_id = ?", clusterID, orgID).Delete(&models.Cluster{}) + if tx.Error != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + if tx.RowsAffected == 0 { + utils.WriteError(w, http.StatusNotFound, "not_found", "cluster not found") + return + } + w.WriteHeader(http.StatusNoContent) } } +// AttachCaptainDomain godoc +// +// @ID AttachCaptainDomain +// @Summary Attach a captain domain to a cluster +// @Description Sets captain_domain_id on the cluster. Validation of shape happens asynchronously. +// @Tags Clusters +// @Accept json +// @Produce json +// @Param X-Org-ID header string false "Organization UUID" +// @Param clusterID path string true "Cluster ID" +// @Param body body dto.AttachCaptainDomainRequest true "payload" +// @Success 200 {object} dto.ClusterResponse +// @Failure 400 {string} string "bad request" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "cluster or domain not found" +// @Failure 500 {string} string "db error" +// @Router /clusters/{clusterID}/captain-domain [post] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth +func AttachCaptainDomain(db *gorm.DB) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) + if !ok { + utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID") + return + } + + clusterID, err := uuid.Parse(chi.URLParam(r, "clusterID")) + if err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_cluster_id", "invalid cluster id") + return + } + + var in dto.AttachCaptainDomainRequest + if err := json.NewDecoder(r.Body).Decode(&in); err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_json", err.Error()) + return + } + + var cluster models.Cluster + if err := db.Where("id = ? AND organization_id = ?", clusterID, orgID).First(&cluster).Error; err != nil { + if errors.Is(err, gorm.ErrRecordNotFound) { + utils.WriteError(w, http.StatusNotFound, "not_found", "cluster not found") + return + } + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + // Ensure domain exists and belongs to the org + var domain models.Domain + if err := db.Where("id = ? AND organization_id = ?", in.DomainID, orgID).First(&domain).Error; err != nil { + if errors.Is(err, gorm.ErrRecordNotFound) { + utils.WriteError(w, http.StatusNotFound, "domain_not_found", "domain not found for organization") + return + } + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + cluster.CaptainDomainID = &domain.ID + if err := db.Save(&cluster).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + if err := markClusterNeedsValidation(db, cluster.ID); err != nil { + // Don't fail the request, just log if you have logging. + } + + // Preload domain for response + if err := db.Preload("CaptainDomain"). + Preload("ControlPlaneRecordSet"). + Preload("AppsLoadBalancer"). + Preload("GlueOpsLoadBalancer"). + Preload("BastionServer"). + Preload("NodePools"). + Preload("NodePools.Labels"). + Preload("NodePools.Annotations"). + Preload("NodePools.Taints"). + Preload("NodePools.Servers"). + First(&cluster, "id = ?", cluster.ID).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + utils.WriteJSON(w, http.StatusOK, clusterToDTO(cluster)) + } +} + +// DetachCaptainDomain godoc +// +// @ID DetachCaptainDomain +// @Summary Detach the captain domain from a cluster +// @Description Clears captain_domain_id on the cluster. This will likely cause the cluster to become incomplete. +// @Tags Clusters +// @Produce json +// @Param X-Org-ID header string false "Organization UUID" +// @Param clusterID path string true "Cluster ID" +// @Success 200 {object} dto.ClusterResponse +// @Failure 400 {string} string "bad request" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "cluster not found" +// @Failure 500 {string} string "db error" +// @Router /clusters/{clusterID}/captain-domain [delete] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth +func DetachCaptainDomain(db *gorm.DB) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) + if !ok { + utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID") + return + } + + clusterID, err := uuid.Parse(chi.URLParam(r, "clusterID")) + if err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_cluster_id", "invalid cluster id") + return + } + + var cluster models.Cluster + if err := db.Where("id = ? AND organization_id = ?", clusterID, orgID).First(&cluster).Error; err != nil { + if errors.Is(err, gorm.ErrRecordNotFound) { + utils.WriteError(w, http.StatusNotFound, "not_found", "cluster not found") + return + } + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + cluster.CaptainDomainID = nil + if err := db.Save(&cluster).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + _ = markClusterNeedsValidation(db, cluster.ID) + + if err := db.Preload("CaptainDomain"). + Preload("ControlPlaneRecordSet"). + Preload("AppsLoadBalancer"). + Preload("GlueOpsLoadBalancer"). + Preload("BastionServer"). + Preload("NodePools"). + Preload("NodePools.Labels"). + Preload("NodePools.Annotations"). + Preload("NodePools.Taints"). + Preload("NodePools.Servers"). + First(&cluster, "id = ?", cluster.ID).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + utils.WriteJSON(w, http.StatusOK, clusterToDTO(cluster)) + } +} + +// AttachControlPlaneRecordSet godoc +// +// @ID AttachControlPlaneRecordSet +// @Summary Attach a control plane record set to a cluster +// @Description Sets control_plane_record_set_id on the cluster. +// @Tags Clusters +// @Accept json +// @Produce json +// @Param X-Org-ID header string false "Organization UUID" +// @Param clusterID path string true "Cluster ID" +// @Param body body dto.AttachRecordSetRequest true "payload" +// @Success 200 {object} dto.ClusterResponse +// @Failure 400 {string} string "bad request" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "cluster or record set not found" +// @Failure 500 {string} string "db error" +// @Router /clusters/{clusterID}/control-plane-record-set [post] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth +func AttachControlPlaneRecordSet(db *gorm.DB) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) + if !ok { + utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID") + return + } + + clusterID, err := uuid.Parse(chi.URLParam(r, "clusterID")) + if err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_cluster_id", "invalid cluster id") + return + } + + var in dto.AttachRecordSetRequest + if err := json.NewDecoder(r.Body).Decode(&in); err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_json", err.Error()) + return + } + + var cluster models.Cluster + if err := db.Where("id = ? AND organization_id = ?", clusterID, orgID).First(&cluster).Error; err != nil { + if errors.Is(err, gorm.ErrRecordNotFound) { + utils.WriteError(w, http.StatusNotFound, "not_found", "cluster not found") + return + } + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + // record sets are indirectly org-scoped via their domain + var rs models.RecordSet + if err := db. + Joins("JOIN domains d ON d.id = record_sets.domain_id"). + Where("record_sets.id = ? AND d.organization_id = ?", in.RecordSetID, orgID). + First(&rs).Error; err != nil { + if errors.Is(err, gorm.ErrRecordNotFound) { + utils.WriteError(w, http.StatusNotFound, "recordset_not_found", "record set not found for organization") + return + } + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + cluster.ControlPlaneRecordSetID = &rs.ID + if err := db.Save(&cluster).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + _ = markClusterNeedsValidation(db, cluster.ID) + + if err := db.Preload("CaptainDomain"). + Preload("ControlPlaneRecordSet"). + Preload("AppsLoadBalancer"). + Preload("GlueOpsLoadBalancer"). + Preload("BastionServer"). + Preload("NodePools"). + Preload("NodePools.Labels"). + Preload("NodePools.Annotations"). + Preload("NodePools.Taints"). + Preload("NodePools.Servers"). + First(&cluster, "id = ?", cluster.ID).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + utils.WriteJSON(w, http.StatusOK, clusterToDTO(cluster)) + } +} + +// DetachControlPlaneRecordSet godoc +// +// @ID DetachControlPlaneRecordSet +// @Summary Detach the control plane record set from a cluster +// @Description Clears control_plane_record_set_id on the cluster. +// @Tags Clusters +// @Produce json +// @Param X-Org-ID header string false "Organization UUID" +// @Param clusterID path string true "Cluster ID" +// @Success 200 {object} dto.ClusterResponse +// @Failure 400 {string} string "bad request" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "cluster not found" +// @Failure 500 {string} string "db error" +// @Router /clusters/{clusterID}/control-plane-record-set [delete] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth +func DetachControlPlaneRecordSet(db *gorm.DB) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) + if !ok { + utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID") + return + } + + clusterID, err := uuid.Parse(chi.URLParam(r, "clusterID")) + if err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_cluster_id", "invalid cluster id") + return + } + + var cluster models.Cluster + if err := db.Where("id = ? AND organization_id = ?", clusterID, orgID).First(&cluster).Error; err != nil { + if errors.Is(err, gorm.ErrRecordNotFound) { + utils.WriteError(w, http.StatusNotFound, "not_found", "cluster not found") + return + } + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + cluster.ControlPlaneRecordSetID = nil + if err := db.Save(&cluster).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + _ = markClusterNeedsValidation(db, cluster.ID) + + if err := db.Preload("CaptainDomain"). + Preload("ControlPlaneRecordSet"). + Preload("AppsLoadBalancer"). + Preload("GlueOpsLoadBalancer"). + Preload("BastionServer"). + Preload("NodePools"). + Preload("NodePools.Labels"). + Preload("NodePools.Annotations"). + Preload("NodePools.Taints"). + Preload("NodePools.Servers"). + First(&cluster, "id = ?", cluster.ID).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + utils.WriteJSON(w, http.StatusOK, clusterToDTO(cluster)) + } +} + +// AttachAppsLoadBalancer godoc +// +// @ID AttachAppsLoadBalancer +// @Summary Attach an apps load balancer to a cluster +// @Description Sets apps_load_balancer_id on the cluster. +// @Tags Clusters +// @Accept json +// @Produce json +// @Param X-Org-ID header string false "Organization UUID" +// @Param clusterID path string true "Cluster ID" +// @Param body body dto.AttachLoadBalancerRequest true "payload" +// @Success 200 {object} dto.ClusterResponse +// @Failure 400 {string} string "bad request" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "cluster or load balancer not found" +// @Failure 500 {string} string "db error" +// @Router /clusters/{clusterID}/apps-load-balancer [post] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth +func AttachAppsLoadBalancer(db *gorm.DB) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) + if !ok { + utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID") + return + } + + clusterID, err := uuid.Parse(chi.URLParam(r, "clusterID")) + if err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_cluster_id", "invalid cluster id") + return + } + + var in dto.AttachLoadBalancerRequest + if err := json.NewDecoder(r.Body).Decode(&in); err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_json", err.Error()) + return + } + + var cluster models.Cluster + if err := db.Where("id = ? AND organization_id = ?", clusterID, orgID).First(&cluster).Error; err != nil { + if errors.Is(err, gorm.ErrRecordNotFound) { + utils.WriteError(w, http.StatusNotFound, "not_found", "cluster not found") + return + } + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + var lb models.LoadBalancer + if err := db.Where("id = ? AND organization_id = ?", in.LoadBalancerID, orgID).First(&lb).Error; err != nil { + if errors.Is(err, gorm.ErrRecordNotFound) { + utils.WriteError(w, http.StatusNotFound, "lb_not_found", "load balancer not found for organization") + return + } + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + cluster.AppsLoadBalancerID = &lb.ID + if err := db.Save(&cluster).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + _ = markClusterNeedsValidation(db, cluster.ID) + + if err := db.Preload("CaptainDomain"). + Preload("ControlPlaneRecordSet"). + Preload("AppsLoadBalancer"). + Preload("GlueOpsLoadBalancer"). + Preload("BastionServer"). + Preload("NodePools"). + Preload("NodePools.Labels"). + Preload("NodePools.Annotations"). + Preload("NodePools.Taints"). + Preload("NodePools.Servers"). + First(&cluster, "id = ?", cluster.ID).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + utils.WriteJSON(w, http.StatusOK, clusterToDTO(cluster)) + } +} + +// DetachAppsLoadBalancer godoc +// +// @ID DetachAppsLoadBalancer +// @Summary Detach the apps load balancer from a cluster +// @Description Clears apps_load_balancer_id on the cluster. +// @Tags Clusters +// @Produce json +// @Param X-Org-ID header string false "Organization UUID" +// @Param clusterID path string true "Cluster ID" +// @Success 200 {object} dto.ClusterResponse +// @Failure 400 {string} string "bad request" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "cluster not found" +// @Failure 500 {string} string "db error" +// @Router /clusters/{clusterID}/apps-load-balancer [delete] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth +func DetachAppsLoadBalancer(db *gorm.DB) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) + if !ok { + utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID") + return + } + + clusterID, err := uuid.Parse(chi.URLParam(r, "clusterID")) + if err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_cluster_id", "invalid cluster id") + return + } + + var cluster models.Cluster + if err := db.Where("id = ? AND organization_id = ?", clusterID, orgID).First(&cluster).Error; err != nil { + if errors.Is(err, gorm.ErrRecordNotFound) { + utils.WriteError(w, http.StatusNotFound, "not_found", "cluster not found") + return + } + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + cluster.AppsLoadBalancerID = nil + if err := db.Save(&cluster).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + _ = markClusterNeedsValidation(db, cluster.ID) + + if err := db.Preload("CaptainDomain"). + Preload("ControlPlaneRecordSet"). + Preload("AppsLoadBalancer"). + Preload("GlueOpsLoadBalancer"). + Preload("BastionServer"). + Preload("NodePools"). + Preload("NodePools.Labels"). + Preload("NodePools.Annotations"). + Preload("NodePools.Taints"). + Preload("NodePools.Servers"). + First(&cluster, "id = ?", cluster.ID).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + utils.WriteJSON(w, http.StatusOK, clusterToDTO(cluster)) + } +} + +// AttachGlueOpsLoadBalancer godoc +// +// @ID AttachGlueOpsLoadBalancer +// @Summary Attach a GlueOps/control-plane load balancer to a cluster +// @Description Sets glueops_load_balancer_id on the cluster. +// @Tags Clusters +// @Accept json +// @Produce json +// @Param X-Org-ID header string false "Organization UUID" +// @Param clusterID path string true "Cluster ID" +// @Param body body dto.AttachLoadBalancerRequest true "payload" +// @Success 200 {object} dto.ClusterResponse +// @Failure 400 {string} string "bad request" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "cluster or load balancer not found" +// @Failure 500 {string} string "db error" +// @Router /clusters/{clusterID}/glueops-load-balancer [post] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth +func AttachGlueOpsLoadBalancer(db *gorm.DB) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) + if !ok { + utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID") + return + } + + clusterID, err := uuid.Parse(chi.URLParam(r, "clusterID")) + if err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_cluster_id", "invalid cluster id") + return + } + + var in dto.AttachLoadBalancerRequest + if err := json.NewDecoder(r.Body).Decode(&in); err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_json", err.Error()) + return + } + + var cluster models.Cluster + if err := db.Where("id = ? AND organization_id = ?", clusterID, orgID).First(&cluster).Error; err != nil { + if errors.Is(err, gorm.ErrRecordNotFound) { + utils.WriteError(w, http.StatusNotFound, "not_found", "cluster not found") + return + } + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + var lb models.LoadBalancer + if err := db.Where("id = ? AND organization_id = ?", in.LoadBalancerID, orgID).First(&lb).Error; err != nil { + if errors.Is(err, gorm.ErrRecordNotFound) { + utils.WriteError(w, http.StatusNotFound, "lb_not_found", "load balancer not found for organization") + return + } + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + cluster.GlueOpsLoadBalancerID = &lb.ID + if err := db.Save(&cluster).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + _ = markClusterNeedsValidation(db, cluster.ID) + + if err := db.Preload("CaptainDomain"). + Preload("ControlPlaneRecordSet"). + Preload("AppsLoadBalancer"). + Preload("GlueOpsLoadBalancer"). + Preload("BastionServer"). + Preload("NodePools"). + Preload("NodePools.Labels"). + Preload("NodePools.Annotations"). + Preload("NodePools.Taints"). + Preload("NodePools.Servers"). + First(&cluster, "id = ?", cluster.ID).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + utils.WriteJSON(w, http.StatusOK, clusterToDTO(cluster)) + } +} + +// DetachGlueOpsLoadBalancer godoc +// +// @ID DetachGlueOpsLoadBalancer +// @Summary Detach the GlueOps/control-plane load balancer from a cluster +// @Description Clears glueops_load_balancer_id on the cluster. +// @Tags Clusters +// @Produce json +// @Param X-Org-ID header string false "Organization UUID" +// @Param clusterID path string true "Cluster ID" +// @Success 200 {object} dto.ClusterResponse +// @Failure 400 {string} string "bad request" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "cluster not found" +// @Failure 500 {string} string "db error" +// @Router /clusters/{clusterID}/glueops-load-balancer [delete] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth +func DetachGlueOpsLoadBalancer(db *gorm.DB) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) + if !ok { + utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID") + return + } + + clusterID, err := uuid.Parse(chi.URLParam(r, "clusterID")) + if err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_cluster_id", "invalid cluster id") + return + } + + var cluster models.Cluster + if err := db.Where("id = ? AND organization_id = ?", clusterID, orgID).First(&cluster).Error; err != nil { + if errors.Is(err, gorm.ErrRecordNotFound) { + utils.WriteError(w, http.StatusNotFound, "not_found", "cluster not found") + return + } + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + cluster.GlueOpsLoadBalancerID = nil + if err := db.Save(&cluster).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + _ = markClusterNeedsValidation(db, cluster.ID) + + if err := db.Preload("CaptainDomain"). + Preload("ControlPlaneRecordSet"). + Preload("AppsLoadBalancer"). + Preload("GlueOpsLoadBalancer"). + Preload("BastionServer"). + Preload("NodePools"). + Preload("NodePools.Labels"). + Preload("NodePools.Annotations"). + Preload("NodePools.Taints"). + Preload("NodePools.Servers"). + First(&cluster, "id = ?", cluster.ID).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + utils.WriteJSON(w, http.StatusOK, clusterToDTO(cluster)) + } +} + +// AttachBastionServer godoc +// +// @ID AttachBastionServer +// @Summary Attach a bastion server to a cluster +// @Description Sets bastion_server_id on the cluster. +// @Tags Clusters +// @Accept json +// @Produce json +// @Param X-Org-ID header string false "Organization UUID" +// @Param clusterID path string true "Cluster ID" +// @Param body body dto.AttachBastionRequest true "payload" +// @Success 200 {object} dto.ClusterResponse +// @Failure 400 {string} string "bad request" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "cluster or server not found" +// @Failure 500 {string} string "db error" +// @Router /clusters/{clusterID}/bastion [post] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth +func AttachBastionServer(db *gorm.DB) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) + if !ok { + utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID") + return + } + + clusterID, err := uuid.Parse(chi.URLParam(r, "clusterID")) + if err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_cluster_id", "invalid cluster id") + return + } + + var in dto.AttachBastionRequest + if err := json.NewDecoder(r.Body).Decode(&in); err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_json", err.Error()) + return + } + + var cluster models.Cluster + if err := db.Where("id = ? AND organization_id = ?", clusterID, orgID).First(&cluster).Error; err != nil { + if errors.Is(err, gorm.ErrRecordNotFound) { + utils.WriteError(w, http.StatusNotFound, "not_found", "cluster not found") + return + } + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + var server models.Server + if err := db.Where("id = ? AND organization_id = ?", in.ServerID, orgID).First(&server).Error; err != nil { + if errors.Is(err, gorm.ErrRecordNotFound) { + utils.WriteError(w, http.StatusNotFound, "server_not_found", "server not found for organization") + return + } + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + cluster.BastionServerID = &server.ID + if err := db.Save(&cluster).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + _ = markClusterNeedsValidation(db, cluster.ID) + + if err := db.Preload("CaptainDomain"). + Preload("ControlPlaneRecordSet"). + Preload("AppsLoadBalancer"). + Preload("GlueOpsLoadBalancer"). + Preload("BastionServer"). + Preload("NodePools"). + Preload("NodePools.Labels"). + Preload("NodePools.Annotations"). + Preload("NodePools.Taints"). + Preload("NodePools.Servers"). + First(&cluster, "id = ?", cluster.ID).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + utils.WriteJSON(w, http.StatusOK, clusterToDTO(cluster)) + } +} + +// DetachBastionServer godoc +// +// @ID DetachBastionServer +// @Summary Detach the bastion server from a cluster +// @Description Clears bastion_server_id on the cluster. +// @Tags Clusters +// @Produce json +// @Param X-Org-ID header string false "Organization UUID" +// @Param clusterID path string true "Cluster ID" +// @Success 200 {object} dto.ClusterResponse +// @Failure 400 {string} string "bad request" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "cluster not found" +// @Failure 500 {string} string "db error" +// @Router /clusters/{clusterID}/bastion [delete] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth +func DetachBastionServer(db *gorm.DB) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) + if !ok { + utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID") + return + } + + clusterID, err := uuid.Parse(chi.URLParam(r, "clusterID")) + if err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_cluster_id", "invalid cluster id") + return + } + + var cluster models.Cluster + if err := db.Where("id = ? AND organization_id = ?", clusterID, orgID).First(&cluster).Error; err != nil { + if errors.Is(err, gorm.ErrRecordNotFound) { + utils.WriteError(w, http.StatusNotFound, "not_found", "cluster not found") + return + } + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + cluster.BastionServerID = nil + if err := db.Save(&cluster).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + _ = markClusterNeedsValidation(db, cluster.ID) + + if err := db.Preload("CaptainDomain"). + Preload("ControlPlaneRecordSet"). + Preload("AppsLoadBalancer"). + Preload("GlueOpsLoadBalancer"). + Preload("BastionServer"). + Preload("NodePools"). + Preload("NodePools.Labels"). + Preload("NodePools.Annotations"). + Preload("NodePools.Taints"). + Preload("NodePools.Servers"). + First(&cluster, "id = ?", cluster.ID).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + utils.WriteJSON(w, http.StatusOK, clusterToDTO(cluster)) + } +} + +// SetClusterKubeconfig godoc +// +// @ID SetClusterKubeconfig +// @Summary Set (or replace) the kubeconfig for a cluster +// @Description Stores the kubeconfig encrypted per organization. The kubeconfig is never returned in responses. +// @Tags Clusters +// @Accept json +// @Produce json +// @Param X-Org-ID header string false "Organization UUID" +// @Param clusterID path string true "Cluster ID" +// @Param body body dto.SetKubeconfigRequest true "payload" +// @Success 200 {object} dto.ClusterResponse +// @Failure 400 {string} string "bad request" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "cluster not found" +// @Failure 500 {string} string "db error" +// @Router /clusters/{clusterID}/kubeconfig [post] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth +func SetClusterKubeconfig(db *gorm.DB) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) + if !ok { + utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID") + return + } + + clusterID, err := uuid.Parse(chi.URLParam(r, "clusterID")) + if err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_cluster_id", "invalid cluster id") + return + } + + var in dto.SetKubeconfigRequest + if err := json.NewDecoder(r.Body).Decode(&in); err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_json", err.Error()) + return + } + + var cluster models.Cluster + if err := db.Where("id = ? AND organization_id = ?", clusterID, orgID).First(&cluster).Error; err != nil { + if errors.Is(err, gorm.ErrRecordNotFound) { + utils.WriteError(w, http.StatusNotFound, "not_found", "cluster not found") + return + } + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + ct, iv, tag, err := utils.EncryptForOrg(orgID, []byte(in.Kubeconfig), db) + if err != nil { + utils.WriteError(w, http.StatusInternalServerError, "encryption_error", "failed to encrypt kubeconfig") + return + } + + cluster.EncryptedKubeconfig = ct + cluster.KubeIV = iv + cluster.KubeTag = tag + + if err := db.Save(&cluster).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + _ = markClusterNeedsValidation(db, cluster.ID) + + if err := db.Preload("CaptainDomain"). + Preload("ControlPlaneRecordSet"). + Preload("AppsLoadBalancer"). + Preload("GlueOpsLoadBalancer"). + Preload("BastionServer"). + Preload("NodePools"). + Preload("NodePools.Labels"). + Preload("NodePools.Annotations"). + Preload("NodePools.Taints"). + Preload("NodePools.Servers"). + First(&cluster, "id = ?", cluster.ID).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + utils.WriteJSON(w, http.StatusOK, clusterToDTO(cluster)) + } +} + +// ClearClusterKubeconfig godoc +// +// @ID ClearClusterKubeconfig +// @Summary Clear the kubeconfig for a cluster +// @Description Removes the encrypted kubeconfig, IV, and tag from the cluster record. +// @Tags Clusters +// @Produce json +// @Param X-Org-ID header string false "Organization UUID" +// @Param clusterID path string true "Cluster ID" +// @Success 200 {object} dto.ClusterResponse +// @Failure 400 {string} string "bad request" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "cluster not found" +// @Failure 500 {string} string "db error" +// @Router /clusters/{clusterID}/kubeconfig [delete] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth +func ClearClusterKubeconfig(db *gorm.DB) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) + if !ok { + utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID") + return + } + + clusterID, err := uuid.Parse(chi.URLParam(r, "clusterID")) + if err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_cluster_id", "invalid cluster id") + return + } + + var cluster models.Cluster + if err := db.Where("id = ? AND organization_id = ?", clusterID, orgID).First(&cluster).Error; err != nil { + if errors.Is(err, gorm.ErrRecordNotFound) { + utils.WriteError(w, http.StatusNotFound, "not_found", "cluster not found") + return + } + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + cluster.EncryptedKubeconfig = "" + cluster.KubeIV = "" + cluster.KubeTag = "" + + if err := db.Save(&cluster).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + _ = markClusterNeedsValidation(db, cluster.ID) + + if err := db.Preload("CaptainDomain"). + Preload("ControlPlaneRecordSet"). + Preload("AppsLoadBalancer"). + Preload("GlueOpsLoadBalancer"). + Preload("BastionServer"). + Preload("NodePools"). + Preload("NodePools.Labels"). + Preload("NodePools.Annotations"). + Preload("NodePools.Taints"). + Preload("NodePools.Servers"). + First(&cluster, "id = ?", cluster.ID).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + + utils.WriteJSON(w, http.StatusOK, clusterToDTO(cluster)) + } +} + // -- Helpers func clusterToDTO(c models.Cluster) dto.ClusterResponse { @@ -100,26 +1303,52 @@ func clusterToDTO(c models.Cluster) dto.ClusterResponse { bastion = &b } + var captainDomain *dto.DomainResponse + if c.CaptainDomainID != nil && c.CaptainDomain.ID != uuid.Nil { + dr := domainToDTO(c.CaptainDomain) + captainDomain = &dr + } + + var controlPlane *dto.RecordSetResponse + if c.ControlPlaneRecordSet != nil { + rr := recordSetToDTO(*c.ControlPlaneRecordSet) + controlPlane = &rr + } + + var appsLB *dto.LoadBalancerResponse + if c.AppsLoadBalancer != nil { + lr := loadBalancerToDTO(*c.AppsLoadBalancer) + appsLB = &lr + } + + var glueOpsLB *dto.LoadBalancerResponse + if c.GlueOpsLoadBalancer != nil { + lr := loadBalancerToDTO(*c.GlueOpsLoadBalancer) + glueOpsLB = &lr + } + nps := make([]dto.NodePoolResponse, 0, len(c.NodePools)) for _, np := range c.NodePools { nps = append(nps, nodePoolToDTO(np)) } return dto.ClusterResponse{ - ID: c.ID, - Name: c.Name, - Provider: c.Provider, - Region: c.Region, - Status: c.Status, - CaptainDomain: c.CaptainDomain, - //ClusterLoadBalancer: c.ClusterLoadBalancer, - RandomToken: c.RandomToken, - CertificateKey: c.CertificateKey, - //ControlLoadBalancer: c.ControlLoadBalancer, - NodePools: nps, - BastionServer: bastion, - CreatedAt: c.CreatedAt, - UpdatedAt: c.UpdatedAt, + ID: c.ID, + Name: c.Name, + CaptainDomain: captainDomain, + ControlPlaneRecordSet: controlPlane, + AppsLoadBalancer: appsLB, + GlueOpsLoadBalancer: glueOpsLB, + BastionServer: bastion, + Provider: c.Provider, + Region: c.Region, + Status: c.Status, + LastError: c.LastError, + RandomToken: c.RandomToken, + CertificateKey: c.CertificateKey, + NodePools: nps, + CreatedAt: c.CreatedAt, + UpdatedAt: c.UpdatedAt, } } @@ -184,3 +1413,74 @@ func serverToDTO(s models.Server) dto.ServerResponse { UpdatedAt: s.UpdatedAt.UTC().Format(time.RFC3339), } } + +func domainToDTO(d models.Domain) dto.DomainResponse { + return dto.DomainResponse{ + ID: d.ID.String(), + OrganizationID: d.OrganizationID.String(), + DomainName: d.DomainName, + ZoneID: d.ZoneID, + Status: d.Status, + LastError: d.LastError, + CredentialID: d.CredentialID.String(), + CreatedAt: d.CreatedAt.UTC().Format(time.RFC3339), + UpdatedAt: d.UpdatedAt.UTC().Format(time.RFC3339), + } +} + +func recordSetToDTO(rs models.RecordSet) dto.RecordSetResponse { + return dto.RecordSetResponse{ + ID: rs.ID.String(), + DomainID: rs.DomainID.String(), + Name: rs.Name, + Type: rs.Type, + TTL: rs.TTL, + Values: []byte(rs.Values), + Fingerprint: rs.Fingerprint, + Status: rs.Status, + Owner: rs.Owner, + LastError: rs.LastError, + CreatedAt: rs.CreatedAt.UTC().Format(time.RFC3339), + UpdatedAt: rs.UpdatedAt.UTC().Format(time.RFC3339), + } +} + +func loadBalancerToDTO(lb models.LoadBalancer) dto.LoadBalancerResponse { + return dto.LoadBalancerResponse{ + ID: lb.ID, + OrganizationID: lb.OrganizationID, + Name: lb.Name, + Kind: lb.Kind, + PublicIPAddress: lb.PublicIPAddress, + PrivateIPAddress: lb.PrivateIPAddress, + CreatedAt: lb.CreatedAt, + UpdatedAt: lb.UpdatedAt, + } +} + +func GenerateSecureHex(n int) (string, error) { + bytes := make([]byte, n) + if _, err := rand.Read(bytes); err != nil { + return "", fmt.Errorf("failed to generate random bytes: %w", err) + } + return hex.EncodeToString(bytes), nil +} + +func GenerateFormattedToken() (string, error) { + part1, err := GenerateSecureHex(3) + if err != nil { + return "", fmt.Errorf("failed to generate token part 1: %w", err) + } + part2, err := GenerateSecureHex(8) + if err != nil { + return "", fmt.Errorf("failed to generate token part 2: %w", err) + } + return fmt.Sprintf("%s.%s", part1, part2), nil +} + +func markClusterNeedsValidation(db *gorm.DB, clusterID uuid.UUID) error { + return db.Model(&models.Cluster{}).Where("id = ?", clusterID).Updates(map[string]any{ + "status": models.ClusterStatusPrePending, + "last_error": "", + }).Error +} diff --git a/internal/handlers/credentials.go b/internal/handlers/credentials.go index 6c57cae..898412d 100644 --- a/internal/handlers/credentials.go +++ b/internal/handlers/credentials.go @@ -23,24 +23,24 @@ import ( ) // ListCredentials godoc -// @ID ListCredentials -// @Summary List credentials (metadata only) -// @Description Returns credential metadata for the current org. Secrets are never returned. -// @Tags Credentials -// @Accept json -// @Produce json -// @Param X-Org-ID header string false "Organization ID (UUID)" -// @Param provider query string false "Filter by provider (e.g., aws)" -// @Param kind query string false "Filter by kind (e.g., aws_access_key)" -// @Param scope_kind query string false "Filter by scope kind (provider/service/resource)" -// @Success 200 {array} dto.CredentialOut -// @Failure 401 {string} string "Unauthorized" -// @Failure 403 {string} string "organization required" -// @Failure 500 {string} string "internal server error" -// @Router /credentials [get] -// @Security BearerAuth -// @Security OrgKeyAuth -// @Security OrgSecretAuth +// +// @ID ListCredentials +// @Summary List credentials (metadata only) +// @Description Returns credential metadata for the current org. Secrets are never returned. +// @Tags Credentials +// @Produce json +// @Param X-Org-ID header string false "Organization ID (UUID)" +// @Param provider query string false "Filter by provider (e.g., aws)" +// @Param kind query string false "Filter by kind (e.g., aws_access_key)" +// @Param scope_kind query string false "Filter by scope kind (provider/service/resource)" +// @Success 200 {array} dto.CredentialOut +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 500 {string} string "internal server error" +// @Router /credentials [get] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth func ListCredentials(db *gorm.DB) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) @@ -73,21 +73,21 @@ func ListCredentials(db *gorm.DB) http.HandlerFunc { } // GetCredential godoc -// @ID GetCredential -// @Summary Get credential by ID (metadata only) -// @Tags Credentials -// @Accept json -// @Produce json -// @Param X-Org-ID header string false "Organization ID (UUID)" -// @Param id path string true "Credential ID (UUID)" -// @Success 200 {object} dto.CredentialOut -// @Failure 401 {string} string "Unauthorized" -// @Failure 403 {string} string "organization required" -// @Failure 500 {string} string "internal server error" -// @Router /credentials/{id} [get] -// @Security BearerAuth -// @Security OrgKeyAuth -// @Security OrgSecretAuth +// +// @ID GetCredential +// @Summary Get credential by ID (metadata only) +// @Tags Credentials +// @Produce json +// @Param X-Org-ID header string false "Organization ID (UUID)" +// @Param id path string true "Credential ID (UUID)" +// @Success 200 {object} dto.CredentialOut +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 500 {string} string "internal server error" +// @Router /credentials/{id} [get] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth func GetCredential(db *gorm.DB) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) @@ -117,21 +117,22 @@ func GetCredential(db *gorm.DB) http.HandlerFunc { } // CreateCredential godoc -// @ID CreateCredential -// @Summary Create a credential (encrypts secret) -// @Tags Credentials -// @Accept json -// @Produce json -// @Param X-Org-ID header string false "Organization ID (UUID)" -// @Param body body dto.CreateCredentialRequest true "Credential payload" -// @Success 201 {object} dto.CredentialOut -// @Failure 401 {string} string "Unauthorized" -// @Failure 403 {string} string "organization required" -// @Failure 500 {string} string "internal server error" -// @Router /credentials [post] -// @Security BearerAuth -// @Security OrgKeyAuth -// @Security OrgSecretAuth +// +// @ID CreateCredential +// @Summary Create a credential (encrypts secret) +// @Tags Credentials +// @Accept json +// @Produce json +// @Param X-Org-ID header string false "Organization ID (UUID)" +// @Param body body dto.CreateCredentialRequest true "Credential payload" +// @Success 201 {object} dto.CredentialOut +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 500 {string} string "internal server error" +// @Router /credentials [post] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth func CreateCredential(db *gorm.DB) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) @@ -166,21 +167,22 @@ func CreateCredential(db *gorm.DB) http.HandlerFunc { } // UpdateCredential godoc -// @ID UpdateCredential -// @Summary Update credential metadata and/or rotate secret -// @Tags Credentials -// @Accept json -// @Produce json -// @Param X-Org-ID header string false "Organization ID (UUID)" -// @Param id path string true "Credential ID (UUID)" -// @Param body body dto.UpdateCredentialRequest true "Fields to update" -// @Success 200 {object} dto.CredentialOut -// @Failure 403 {string} string "X-Org-ID required" -// @Failure 404 {string} string "not found" -// @Router /credentials/{id} [patch] -// @Security BearerAuth -// @Security OrgKeyAuth -// @Security OrgSecretAuth +// +// @ID UpdateCredential +// @Summary Update credential metadata and/or rotate secret +// @Tags Credentials +// @Accept json +// @Produce json +// @Param X-Org-ID header string false "Organization ID (UUID)" +// @Param id path string true "Credential ID (UUID)" +// @Param body body dto.UpdateCredentialRequest true "Fields to update" +// @Success 200 {object} dto.CredentialOut +// @Failure 403 {string} string "X-Org-ID required" +// @Failure 404 {string} string "not found" +// @Router /credentials/{id} [patch] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth func UpdateCredential(db *gorm.DB) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) @@ -296,19 +298,19 @@ func UpdateCredential(db *gorm.DB) http.HandlerFunc { } // DeleteCredential godoc -// @ID DeleteCredential -// @Summary Delete credential -// @Tags Credentials -// @Accept json -// @Produce json -// @Param X-Org-ID header string false "Organization ID (UUID)" -// @Param id path string true "Credential ID (UUID)" -// @Success 204 -// @Failure 404 {string} string "not found" -// @Router /credentials/{id} [delete] -// @Security BearerAuth -// @Security OrgKeyAuth -// @Security OrgSecretAuth +// +// @ID DeleteCredential +// @Summary Delete credential +// @Tags Credentials +// @Produce json +// @Param X-Org-ID header string false "Organization ID (UUID)" +// @Param id path string true "Credential ID (UUID)" +// @Success 204 +// @Failure 404 {string} string "not found" +// @Router /credentials/{id} [delete] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth func DeleteCredential(db *gorm.DB) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) @@ -335,20 +337,21 @@ func DeleteCredential(db *gorm.DB) http.HandlerFunc { } // RevealCredential godoc -// @ID RevealCredential -// @Summary Reveal decrypted secret (one-time read) -// @Tags Credentials -// @Accept json -// @Produce json -// @Param X-Org-ID header string false "Organization ID (UUID)" -// @Param id path string true "Credential ID (UUID)" -// @Success 200 {object} map[string]any -// @Failure 403 {string} string "organization required" -// @Failure 404 {string} string "not found" -// @Router /credentials/{id}/reveal [post] -// @Security BearerAuth -// @Security OrgKeyAuth -// @Security OrgSecretAuth +// +// @ID RevealCredential +// @Summary Reveal decrypted secret (one-time read) +// @Tags Credentials +// @Accept json +// @Produce json +// @Param X-Org-ID header string false "Organization ID (UUID)" +// @Param id path string true "Credential ID (UUID)" +// @Success 200 {object} map[string]any +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "not found" +// @Router /credentials/{id}/reveal [post] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth func RevealCredential(db *gorm.DB) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) diff --git a/internal/handlers/dns.go b/internal/handlers/dns.go index d34bfc2..2528ee6 100644 --- a/internal/handlers/dns.go +++ b/internal/handlers/dns.go @@ -166,7 +166,6 @@ func mustSameOrgDomainWithCredential(db *gorm.DB, orgID uuid.UUID, credID uuid.U // @Summary List domains (org scoped) // @Description Returns domains for X-Org-ID. Filters: `domain_name`, `status`, `q` (contains). // @Tags DNS -// @Accept json // @Produce json // @Param X-Org-ID header string false "Organization UUID" // @Param domain_name query string false "Exact domain name (lowercase, no trailing dot)" @@ -213,21 +212,20 @@ func ListDomains(db *gorm.DB) http.HandlerFunc { // GetDomain godoc // -// @ID GetDomain -// @Summary Get a domain (org scoped) -// @Tags DNS -// @Accept json -// @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param id path string true "Domain ID (UUID)" -// @Success 200 {object} dto.DomainResponse -// @Failure 401 {string} string "Unauthorized" -// @Failure 403 {string} string "organization required" -// @Failure 404 {string} string "not found" -// @Router /dns/domains/{id} [get] -// @Security BearerAuth -// @Security OrgKeyAuth -// @Security OrgSecretAuth +// @ID GetDomain +// @Summary Get a domain (org scoped) +// @Tags DNS +// @Produce json +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "Domain ID (UUID)" +// @Success 200 {object} dto.DomainResponse +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "not found" +// @Router /dns/domains/{id} [get] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth func GetDomain(db *gorm.DB) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) @@ -261,7 +259,7 @@ func GetDomain(db *gorm.DB) http.HandlerFunc { // @Tags DNS // @Accept json // @Produce json -// @Param X-Org-ID header string false "Organization UUID" +// @Param X-Org-ID header string false "Organization UUID" // @Param body body dto.CreateDomainRequest true "Domain payload" // @Success 201 {object} dto.DomainResponse // @Failure 400 {string} string "validation error" @@ -312,22 +310,22 @@ func CreateDomain(db *gorm.DB) http.HandlerFunc { // UpdateDomain godoc // -// @ID UpdateDomain -// @Summary Update a domain (org scoped) -// @Tags DNS -// @Accept json -// @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param id path string true "Domain ID (UUID)" -// @Param body body dto.UpdateDomainRequest true "Fields to update" -// @Success 200 {object} dto.DomainResponse -// @Failure 400 {string} string "validation error" -// @Failure 403 {string} string "organization required" -// @Failure 404 {string} string "not found" -// @Router /dns/domains/{id} [patch] -// @Security BearerAuth -// @Security OrgKeyAuth -// @Security OrgSecretAuth +// @ID UpdateDomain +// @Summary Update a domain (org scoped) +// @Tags DNS +// @Accept json +// @Produce json +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "Domain ID (UUID)" +// @Param body body dto.UpdateDomainRequest true "Fields to update" +// @Success 200 {object} dto.DomainResponse +// @Failure 400 {string} string "validation error" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "not found" +// @Router /dns/domains/{id} [patch] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth func UpdateDomain(db *gorm.DB) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) @@ -390,20 +388,19 @@ func UpdateDomain(db *gorm.DB) http.HandlerFunc { // DeleteDomain godoc // -// @ID DeleteDomain -// @Summary Delete a domain -// @Tags DNS -// @Accept json -// @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param id path string true "Domain ID (UUID)" -// @Success 204 -// @Failure 403 {string} string "organization required" -// @Failure 404 {string} string "not found" -// @Router /dns/domains/{id} [delete] -// @Security BearerAuth -// @Security OrgKeyAuth -// @Security OrgSecretAuth +// @ID DeleteDomain +// @Summary Delete a domain +// @Tags DNS +// @Produce json +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "Domain ID (UUID)" +// @Success 204 +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "not found" +// @Router /dns/domains/{id} [delete] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth func DeleteDomain(db *gorm.DB) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) @@ -437,13 +434,12 @@ func DeleteDomain(db *gorm.DB) http.HandlerFunc { // @Summary List record sets for a domain // @Description Filters: `name`, `type`, `status`. // @Tags DNS -// @Accept json // @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param domain_id path string true "Domain ID (UUID)" -// @Param name query string false "Exact relative name or FQDN (server normalizes)" -// @Param type query string false "RR type (A, AAAA, CNAME, TXT, MX, NS, SRV, CAA)" -// @Param status query string false "pending|provisioning|ready|failed" +// @Param X-Org-ID header string false "Organization UUID" +// @Param domain_id path string true "Domain ID (UUID)" +// @Param name query string false "Exact relative name or FQDN (server normalizes)" +// @Param type query string false "RR type (A, AAAA, CNAME, TXT, MX, NS, SRV, CAA)" +// @Param status query string false "pending|provisioning|ready|failed" // @Success 200 {array} dto.RecordSetResponse // @Failure 403 {string} string "organization required" // @Failure 404 {string} string "domain not found" @@ -509,22 +505,22 @@ func ListRecordSets(db *gorm.DB) http.HandlerFunc { // CreateRecordSet godoc // -// @ID CreateRecordSet -// @Summary Create a record set (pending; Archer will UPSERT to Route 53) -// @Tags DNS -// @Accept json -// @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param domain_id path string true "Domain ID (UUID)" -// @Param body body dto.CreateRecordSetRequest true "Record set payload" -// @Success 201 {object} dto.RecordSetResponse -// @Failure 400 {string} string "validation error" -// @Failure 403 {string} string "organization required" -// @Failure 404 {string} string "domain not found" -// @Router /dns/domains/{domain_id}/records [post] -// @Security BearerAuth -// @Security OrgKeyAuth -// @Security OrgSecretAuth +// @ID CreateRecordSet +// @Summary Create a record set (pending; Archer will UPSERT to Route 53) +// @Tags DNS +// @Accept json +// @Produce json +// @Param X-Org-ID header string false "Organization UUID" +// @Param domain_id path string true "Domain ID (UUID)" +// @Param body body dto.CreateRecordSetRequest true "Record set payload" +// @Success 201 {object} dto.RecordSetResponse +// @Failure 400 {string} string "validation error" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "domain not found" +// @Router /dns/domains/{domain_id}/records [post] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth func CreateRecordSet(db *gorm.DB) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) @@ -610,22 +606,22 @@ func CreateRecordSet(db *gorm.DB) http.HandlerFunc { // UpdateRecordSet godoc // -// @ID UpdateRecordSet -// @Summary Update a record set (flips to pending for reconciliation) -// @Tags DNS -// @Accept json -// @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param id path string true "Record Set ID (UUID)" -// @Param body body dto.UpdateRecordSetRequest true "Fields to update" -// @Success 200 {object} dto.RecordSetResponse -// @Failure 400 {string} string "validation error" -// @Failure 403 {string} string "organization required" -// @Failure 404 {string} string "not found" -// @Router /dns/records/{id} [patch] -// @Security BearerAuth -// @Security OrgKeyAuth -// @Security OrgSecretAuth +// @ID UpdateRecordSet +// @Summary Update a record set (flips to pending for reconciliation) +// @Tags DNS +// @Accept json +// @Produce json +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "Record Set ID (UUID)" +// @Param body body dto.UpdateRecordSetRequest true "Fields to update" +// @Success 200 {object} dto.RecordSetResponse +// @Failure 400 {string} string "validation error" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "not found" +// @Router /dns/records/{id} [patch] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth func UpdateRecordSet(db *gorm.DB) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) @@ -720,20 +716,19 @@ func UpdateRecordSet(db *gorm.DB) http.HandlerFunc { // DeleteRecordSet godoc // -// @ID DeleteRecordSet -// @Summary Delete a record set (API removes row; worker can optionally handle external deletion policy) -// @Tags DNS -// @Accept json -// @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param id path string true "Record Set ID (UUID)" -// @Success 204 -// @Failure 403 {string} string "organization required" -// @Failure 404 {string} string "not found" -// @Router /dns/records/{id} [delete] -// @Security BearerAuth -// @Security OrgKeyAuth -// @Security OrgSecretAuth +// @ID DeleteRecordSet +// @Summary Delete a record set (API removes row; worker can optionally handle external deletion policy) +// @Tags DNS +// @Produce json +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "Record Set ID (UUID)" +// @Success 204 +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "not found" +// @Router /dns/records/{id} [delete] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth func DeleteRecordSet(db *gorm.DB) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) diff --git a/internal/handlers/dto/clusters.go b/internal/handlers/dto/clusters.go index 3636997..fa92fc3 100644 --- a/internal/handlers/dto/clusters.go +++ b/internal/handlers/dto/clusters.go @@ -7,28 +7,52 @@ import ( ) type ClusterResponse struct { - ID uuid.UUID `json:"id"` - Name string `json:"name"` - Provider string `json:"provider"` - Region string `json:"region"` - Status string `json:"status"` - CaptainDomain string `json:"captain_domain"` - ClusterLoadBalancer string `json:"cluster_load_balancer"` - RandomToken string `json:"random_token"` - CertificateKey string `json:"certificate_key"` - ControlLoadBalancer string `json:"control_load_balancer"` - NodePools []NodePoolResponse `json:"node_pools,omitempty"` - BastionServer *ServerResponse `json:"bastion_server,omitempty"` - CreatedAt time.Time `json:"created_at"` - UpdatedAt time.Time `json:"updated_at"` + ID uuid.UUID `json:"id"` + Name string `json:"name"` + CaptainDomain *DomainResponse `json:"captain_domain,omitempty"` + ControlPlaneRecordSet *RecordSetResponse `json:"control_plane_record_set,omitempty"` + AppsLoadBalancer *LoadBalancerResponse `json:"apps_load_balancer,omitempty"` + GlueOpsLoadBalancer *LoadBalancerResponse `json:"glueops_load_balancer,omitempty"` + BastionServer *ServerResponse `json:"bastion_server,omitempty"` + Provider string `json:"provider"` + Region string `json:"region"` + Status string `json:"status"` + LastError string `json:"last_error"` + RandomToken string `json:"random_token"` + CertificateKey string `json:"certificate_key"` + NodePools []NodePoolResponse `json:"node_pools,omitempty"` + CreatedAt time.Time `json:"created_at"` + UpdatedAt time.Time `json:"updated_at"` } type CreateClusterRequest struct { - Name string `json:"name"` - Provider string `json:"provider"` - Region string `json:"region"` - Status string `json:"status"` - CaptainDomain string `json:"captain_domain"` - ClusterLoadBalancer *string `json:"cluster_load_balancer"` - ControlLoadBalancer *string `json:"control_load_balancer"` + Name string `json:"name"` + Provider string `json:"provider"` + Region string `json:"region"` +} + +type UpdateClusterRequest struct { + Name *string `json:"name,omitempty"` + Provider *string `json:"provider,omitempty"` + Region *string `json:"region,omitempty"` +} + +type AttachCaptainDomainRequest struct { + DomainID uuid.UUID `json:"domain_id"` +} + +type AttachRecordSetRequest struct { + RecordSetID uuid.UUID `json:"record_set_id"` +} + +type AttachLoadBalancerRequest struct { + LoadBalancerID uuid.UUID `json:"load_balancer_id"` +} + +type AttachBastionRequest struct { + ServerID uuid.UUID `json:"server_id"` +} + +type SetKubeconfigRequest struct { + Kubeconfig string `json:"kubeconfig"` } diff --git a/internal/handlers/dto/load_balancers.go b/internal/handlers/dto/load_balancers.go new file mode 100644 index 0000000..10cc757 --- /dev/null +++ b/internal/handlers/dto/load_balancers.go @@ -0,0 +1,32 @@ +package dto + +import ( + "time" + + "github.com/google/uuid" +) + +type LoadBalancerResponse struct { + ID uuid.UUID `json:"id"` + OrganizationID uuid.UUID `json:"organization_id"` + Name string `json:"name"` + Kind string `json:"kind" enums:"glueops|public"` + PublicIPAddress string `json:"public_ip_address"` + PrivateIPAddress string `json:"private_ip_address"` + CreatedAt time.Time `json:"created_at"` + UpdatedAt time.Time `json:"updated_at"` +} + +type CreateLoadBalancerRequest struct { + Name string `json:"name" example:"glueops"` + Kind string `json:"kind" example:"public" enums:"glueops|public"` + PublicIPAddress string `json:"public_ip_address" example:"8.8.8.8"` + PrivateIPAddress string `json:"private_ip_address" example:"192.168.0.2"` +} + +type UpdateLoadBalancerRequest struct { + Name *string `json:"name" example:"glue"` + Kind *string `json:"kind" example:"public" enums:"glueops|public"` + PublicIPAddress *string `json:"public_ip_address" example:"8.8.8.8"` + PrivateIPAddress *string `json:"private_ip_address" example:"192.168.0.2"` +} diff --git a/internal/handlers/health.go b/internal/handlers/health.go index c40d2e1..b3d0a56 100644 --- a/internal/handlers/health.go +++ b/internal/handlers/health.go @@ -16,7 +16,6 @@ type HealthStatus struct { // @Description Returns 200 OK when the service is up // @Tags Health // @ID HealthCheck // operationId -// @Accept json // @Produce json // @Success 200 {object} HealthStatus // @Router /healthz [get] diff --git a/internal/handlers/jobs.go b/internal/handlers/jobs.go index d64bc1e..d4ba17e 100644 --- a/internal/handlers/jobs.go +++ b/internal/handlers/jobs.go @@ -25,7 +25,6 @@ import ( // @Summary List Archer jobs (admin) // @Description Paginated background jobs with optional filters. Search `q` may match id, type, error, payload (implementation-dependent). // @Tags ArcherAdmin -// @Accept json // @Produce json // @Param status query string false "Filter by status" Enums(queued,running,succeeded,failed,canceled,retrying,scheduled) // @Param queue query string false "Filter by queue name / worker name" @@ -283,7 +282,6 @@ func AdminCancelArcherJob(db *gorm.DB) http.HandlerFunc { // @Summary List Archer queues (admin) // @Description Summary metrics per queue (pending, running, failed, scheduled). // @Tags ArcherAdmin -// @Accept json // @Produce json // @Success 200 {array} dto.QueueInfo // @Failure 401 {string} string "Unauthorized" diff --git a/internal/handlers/labels.go b/internal/handlers/labels.go index dad73cf..a39423c 100644 --- a/internal/handlers/labels.go +++ b/internal/handlers/labels.go @@ -22,7 +22,6 @@ import ( // @Summary List node labels (org scoped) // @Description Returns node labels for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node groups. // @Tags Labels -// @Accept json // @Produce json // @Param X-Org-ID header string false "Organization UUID" // @Param key query string false "Exact key" @@ -74,7 +73,6 @@ func ListLabels(db *gorm.DB) http.HandlerFunc { // @Summary Get label by ID (org scoped) // @Description Returns one label. // @Tags Labels -// @Accept json // @Produce json // @Param X-Org-ID header string false "Organization UUID" // @Param id path string true "Label ID (UUID)" @@ -253,11 +251,10 @@ func UpdateLabel(db *gorm.DB) http.HandlerFunc { // @Summary Delete label (org scoped) // @Description Permanently deletes the label. // @Tags Labels -// @Accept json // @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param id path string true "Label ID (UUID)" -// @Success 204 {string} string "No Content" +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "Label ID (UUID)" +// @Success 204 "No Content" // @Failure 400 {string} string "invalid id" // @Failure 401 {string} string "Unauthorized" // @Failure 403 {string} string "organization required" diff --git a/internal/handlers/load_balancers.go b/internal/handlers/load_balancers.go new file mode 100644 index 0000000..266b5aa --- /dev/null +++ b/internal/handlers/load_balancers.go @@ -0,0 +1,283 @@ +package handlers + +import ( + "encoding/json" + "errors" + "net/http" + "strings" + + "github.com/glueops/autoglue/internal/api/httpmiddleware" + "github.com/glueops/autoglue/internal/handlers/dto" + "github.com/glueops/autoglue/internal/models" + "github.com/glueops/autoglue/internal/utils" + "github.com/go-chi/chi/v5" + "github.com/google/uuid" + "gorm.io/gorm" +) + +// ListLoadBalancers godoc +// +// @ID ListLoadBalancers +// @Summary List load balancers (org scoped) +// @Description Returns load balancers for the organization in X-Org-ID. +// @Tags LoadBalancers +// @Produce json +// @Param X-Org-ID header string false "Organization UUID" +// @Success 200 {array} dto.LoadBalancerResponse +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 500 {string} string "failed to list clusters" +// @Router /load-balancers [get] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth +func ListLoadBalancers(db *gorm.DB) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) + if !ok { + utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID") + return + } + + var rows []models.LoadBalancer + if err := db.Where("organization_id = ?", orgID).Find(&rows).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + out := make([]dto.LoadBalancerResponse, 0, len(rows)) + for _, row := range rows { + out = append(out, loadBalancerOut(&row)) + } + utils.WriteJSON(w, http.StatusOK, out) + } +} + +// GetLoadBalancer godoc +// +// @ID GetLoadBalancers +// @Summary Get a load balancer (org scoped) +// @Description Returns load balancer for the organization in X-Org-ID. +// @Tags LoadBalancers +// @Produce json +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "LoadBalancer ID (UUID)" +// @Success 200 {array} dto.LoadBalancerResponse +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 500 {string} string "failed to list clusters" +// @Router /load-balancers/{id} [get] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth +func GetLoadBalancer(db *gorm.DB) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) + if !ok { + utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID") + return + } + + id, err := uuid.Parse(chi.URLParam(r, "id")) + if err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_id", "invalid UUID") + return + } + + var row models.LoadBalancer + if err := db.Where("id = ? AND organization_id = ?", id, orgID).First(&row).Error; err != nil { + if errors.Is(err, gorm.ErrRecordNotFound) { + utils.WriteError(w, http.StatusNotFound, "not_found", "load balancer not found") + return + } + utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error") + return + } + out := loadBalancerOut(&row) + utils.WriteJSON(w, http.StatusOK, out) + } +} + +// CreateLoadBalancer godoc +// +// @ID CreateLoadBalancer +// @Summary Create a load balancer +// @Tags LoadBalancers +// @Accept json +// @Produce json +// @Param X-Org-ID header string false "Organization UUID" +// @Param body body dto.CreateLoadBalancerRequest true "Record set payload" +// @Success 201 {object} dto.LoadBalancerResponse +// @Failure 400 {string} string "validation error" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "domain not found" +// @Router /load-balancers [post] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth +func CreateLoadBalancer(db *gorm.DB) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) + if !ok { + utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID") + return + } + + var in dto.CreateLoadBalancerRequest + if err := json.NewDecoder(r.Body).Decode(&in); err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_json", err.Error()) + return + } + + if strings.ToLower(in.Kind) != "glueops" || strings.ToLower(in.Kind) != "public" { + utils.WriteError(w, http.StatusBadRequest, "bad_kind", "invalid kind only 'glueops' or 'public'") + return + } + + row := &models.LoadBalancer{ + OrganizationID: orgID, + Name: in.Name, + Kind: strings.ToLower(in.Kind), + PublicIPAddress: in.PublicIPAddress, + PrivateIPAddress: in.PrivateIPAddress, + } + if err := db.Create(row).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", err.Error()) + return + } + utils.WriteJSON(w, http.StatusCreated, loadBalancerOut(row)) + } +} + +// UpdateLoadBalancer godoc +// +// @ID UpdateLoadBalancer +// @Summary Update a load balancer (org scoped) +// @Tags LoadBalancers +// @Accept json +// @Produce json +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "Load Balancer ID (UUID)" +// @Param body body dto.UpdateLoadBalancerRequest true "Fields to update" +// @Success 200 {object} dto.LoadBalancerResponse +// @Failure 400 {string} string "validation error" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "not found" +// @Router /load-balancers/{id} [patch] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth +func UpdateLoadBalancer(db *gorm.DB) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) + if !ok { + utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID") + return + } + + id, err := uuid.Parse(chi.URLParam(r, "id")) + if err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_id", "invalid UUID") + return + } + + row := &models.LoadBalancer{} + if err := db.Where("organization_id = ? AND id = ?", orgID, id).First(&row).Error; err != nil { + if errors.Is(err, gorm.ErrRecordNotFound) { + utils.WriteError(w, http.StatusNotFound, "not_found", "load balancer not found") + return + } + utils.WriteError(w, http.StatusInternalServerError, "db_error", err.Error()) + return + } + + var in dto.UpdateLoadBalancerRequest + if err := json.NewDecoder(r.Body).Decode(&in); err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_json", err.Error()) + return + } + if in.Name != nil { + row.Name = *in.Name + } + if in.Kind != nil { + if strings.ToLower(*in.Kind) != "glueops" || strings.ToLower(*in.Kind) != "public" { + utils.WriteError(w, http.StatusBadRequest, "bad_kind", "invalid kind only 'glueops' or 'public'") + return + } + row.Kind = strings.ToLower(*in.Kind) + } + if in.PublicIPAddress != nil { + row.PublicIPAddress = *in.PublicIPAddress + } + if in.PrivateIPAddress != nil { + row.PrivateIPAddress = *in.PrivateIPAddress + } + if err := db.Save(row).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", err.Error()) + return + } + utils.WriteJSON(w, http.StatusOK, loadBalancerOut(row)) + + } +} + +// DeleteLoadBalancer godoc +// +// @ID DeleteLoadBalancer +// @Summary Delete a load balancer +// @Tags LoadBalancers +// @Produce json +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "Load Balancer ID (UUID)" +// @Success 204 +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "not found" +// @Router /load-balancers/{id} [delete] +// @Security BearerAuth +// @Security OrgKeyAuth +// @Security OrgSecretAuth +func DeleteLoadBalancer(db *gorm.DB) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + orgID, ok := httpmiddleware.OrgIDFrom(r.Context()) + if !ok { + utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID") + return + } + + id, err := uuid.Parse(chi.URLParam(r, "id")) + if err != nil { + utils.WriteError(w, http.StatusBadRequest, "bad_id", "invalid UUID") + return + } + + row := &models.LoadBalancer{} + if err := db.Where("organization_id = ? AND id = ?", orgID, id).First(&row).Error; err != nil { + if errors.Is(err, gorm.ErrRecordNotFound) { + utils.WriteError(w, http.StatusNotFound, "not_found", "load balancer not found") + return + } + utils.WriteError(w, http.StatusInternalServerError, "db_error", err.Error()) + return + } + + if err := db.Delete(row).Error; err != nil { + utils.WriteError(w, http.StatusInternalServerError, "db_error", err.Error()) + return + } + w.WriteHeader(http.StatusNoContent) + } +} + +// ---------- Out mappers ---------- + +func loadBalancerOut(m *models.LoadBalancer) dto.LoadBalancerResponse { + return dto.LoadBalancerResponse{ + ID: m.ID, + OrganizationID: m.OrganizationID, + Name: m.Name, + Kind: m.Kind, + PublicIPAddress: m.PublicIPAddress, + PrivateIPAddress: m.PrivateIPAddress, + CreatedAt: m.CreatedAt.UTC(), + UpdatedAt: m.UpdatedAt.UTC(), + } +} diff --git a/internal/handlers/node_pools.go b/internal/handlers/node_pools.go index 180e073..45592c4 100644 --- a/internal/handlers/node_pools.go +++ b/internal/handlers/node_pools.go @@ -25,14 +25,13 @@ import ( // @Summary List node pools (org scoped) // @Description Returns node pools for the organization in X-Org-ID. // @Tags NodePools -// @Accept json // @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param q query string false "Name contains (case-insensitive)" -// @Success 200 {array} dto.NodePoolResponse -// @Failure 401 {string} string "Unauthorized" -// @Failure 403 {string} string "organization required" -// @Failure 500 {string} string "failed to list node pools" +// @Param X-Org-ID header string false "Organization UUID" +// @Param q query string false "Name contains (case-insensitive)" +// @Success 200 {array} dto.NodePoolResponse +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 500 {string} string "failed to list node pools" // @Router /node-pools [get] // @Security BearerAuth // @Security OrgKeyAuth @@ -145,16 +144,15 @@ func ListNodePools(db *gorm.DB) http.HandlerFunc { // @Summary Get node pool by ID (org scoped) // @Description Returns one node pool. Add `include=servers` to include servers. // @Tags NodePools -// @Accept json // @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param id path string true "Node Pool ID (UUID)" -// @Success 200 {object} dto.NodePoolResponse -// @Failure 400 {string} string "invalid id" -// @Failure 401 {string} string "Unauthorized" -// @Failure 403 {string} string "organization required" -// @Failure 404 {string} string "not found" -// @Failure 500 {string} string "fetch failed" +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "Node Pool ID (UUID)" +// @Success 200 {object} dto.NodePoolResponse +// @Failure 400 {string} string "invalid id" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "not found" +// @Failure 500 {string} string "fetch failed" // @Router /node-pools/{id} [get] // @Security BearerAuth // @Security OrgKeyAuth @@ -194,13 +192,13 @@ func GetNodePool(db *gorm.DB) http.HandlerFunc { // @Tags NodePools // @Accept json // @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param body body dto.CreateNodePoolRequest true "NodePool payload" -// @Success 201 {object} dto.NodePoolResponse -// @Failure 400 {string} string "invalid json / missing fields / invalid server_ids" -// @Failure 401 {string} string "Unauthorized" -// @Failure 403 {string} string "organization required" -// @Failure 500 {string} string "create failed" +// @Param X-Org-ID header string false "Organization UUID" +// @Param body body dto.CreateNodePoolRequest true "NodePool payload" +// @Success 201 {object} dto.NodePoolResponse +// @Failure 400 {string} string "invalid json / missing fields / invalid server_ids" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 500 {string} string "create failed" // @Router /node-pools [post] // @Security BearerAuth // @Security OrgKeyAuth @@ -257,15 +255,15 @@ func CreateNodePool(db *gorm.DB) http.HandlerFunc { // @Tags NodePools // @Accept json // @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param id path string true "Node Pool ID (UUID)" -// @Param body body dto.UpdateNodePoolRequest true "Fields to update" -// @Success 200 {object} dto.NodePoolResponse -// @Failure 400 {string} string "invalid id / invalid json" -// @Failure 401 {string} string "Unauthorized" -// @Failure 403 {string} string "organization required" -// @Failure 404 {string} string "not found" -// @Failure 500 {string} string "update failed" +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "Node Pool ID (UUID)" +// @Param body body dto.UpdateNodePoolRequest true "Fields to update" +// @Success 200 {object} dto.NodePoolResponse +// @Failure 400 {string} string "invalid id / invalid json" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "not found" +// @Failure 500 {string} string "update failed" // @Router /node-pools/{id} [patch] // @Security BearerAuth // @Security OrgKeyAuth @@ -327,15 +325,14 @@ func UpdateNodePool(db *gorm.DB) http.HandlerFunc { // @Summary Delete node pool (org scoped) // @Description Permanently deletes the node pool. // @Tags NodePools -// @Accept json // @Produce json // @Param X-Org-ID header string false "Organization UUID" // @Param id path string true "Node Pool ID (UUID)" -// @Success 204 {string} string "No Content" -// @Failure 400 {string} string "invalid id" -// @Failure 401 {string} string "Unauthorized" -// @Failure 403 {string} string "organization required" -// @Failure 500 {string} string "delete failed" +// @Success 204 "No Content" +// @Failure 400 {string} string "invalid id" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 500 {string} string "delete failed" // @Router /node-pools/{id} [delete] // @Security BearerAuth // @Security OrgKeyAuth @@ -369,16 +366,15 @@ func DeleteNodePool(db *gorm.DB) http.HandlerFunc { // @ID ListNodePoolServers // @Summary List servers attached to a node pool (org scoped) // @Tags NodePools -// @Accept json // @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param id path string true "Node Pool ID (UUID)" -// @Success 200 {array} dto.ServerResponse -// @Failure 400 {string} string "invalid id" -// @Failure 401 {string} string "Unauthorized" -// @Failure 403 {string} string "organization required" -// @Failure 404 {string} string "not found" -// @Failure 500 {string} string "fetch failed" +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "Node Pool ID (UUID)" +// @Success 200 {array} dto.ServerResponse +// @Failure 400 {string} string "invalid id" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "not found" +// @Failure 500 {string} string "fetch failed" // @Router /node-pools/{id}/servers [get] // @Security BearerAuth // @Security OrgKeyAuth @@ -434,15 +430,15 @@ func ListNodePoolServers(db *gorm.DB) http.HandlerFunc { // @Tags NodePools // @Accept json // @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param id path string true "Node Pool ID (UUID)" -// @Param body body dto.AttachServersRequest true "Server IDs to attach" -// @Success 204 {string} string "No Content" -// @Failure 400 {string} string "invalid id / invalid server_ids" -// @Failure 401 {string} string "Unauthorized" -// @Failure 403 {string} string "organization required" -// @Failure 404 {string} string "not found" -// @Failure 500 {string} string "attach failed" +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "Node Pool ID (UUID)" +// @Param body body dto.AttachServersRequest true "Server IDs to attach" +// @Success 204 {string} string "No Content" +// @Failure 400 {string} string "invalid id / invalid server_ids" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "not found" +// @Failure 500 {string} string "attach failed" // @Router /node-pools/{id}/servers [post] // @Security BearerAuth // @Security OrgKeyAuth @@ -521,17 +517,16 @@ func AttachNodePoolServers(db *gorm.DB) http.HandlerFunc { // @ID DetachNodePoolServer // @Summary Detach one server from a node pool (org scoped) // @Tags NodePools -// @Accept json // @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param id path string true "Node Pool ID (UUID)" -// @Param serverId path string true "Server ID (UUID)" -// @Success 204 {string} string "No Content" -// @Failure 400 {string} string "invalid id" -// @Failure 401 {string} string "Unauthorized" -// @Failure 403 {string} string "organization required" -// @Failure 404 {string} string "not found" -// @Failure 500 {string} string "detach failed" +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "Node Pool ID (UUID)" +// @Param serverId path string true "Server ID (UUID)" +// @Success 204 {string} string "No Content" +// @Failure 400 {string} string "invalid id" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "not found" +// @Failure 500 {string} string "detach failed" // @Router /node-pools/{id}/servers/{serverId} [delete] // @Security BearerAuth // @Security OrgKeyAuth @@ -588,16 +583,15 @@ func DetachNodePoolServer(db *gorm.DB) http.HandlerFunc { // @ID ListNodePoolTaints // @Summary List taints attached to a node pool (org scoped) // @Tags NodePools -// @Accept json // @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param id path string true "Node Pool ID (UUID)" -// @Success 200 {array} dto.TaintResponse -// @Failure 400 {string} string "invalid id" -// @Failure 401 {string} string "Unauthorized" -// @Failure 403 {string} string "organization required" -// @Failure 404 {string} string "not found" -// @Failure 500 {string} string "fetch failed" +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "Node Pool ID (UUID)" +// @Success 200 {array} dto.TaintResponse +// @Failure 400 {string} string "invalid id" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "not found" +// @Failure 500 {string} string "fetch failed" // @Router /node-pools/{id}/taints [get] // @Security BearerAuth // @Security OrgKeyAuth @@ -646,15 +640,15 @@ func ListNodePoolTaints(db *gorm.DB) http.HandlerFunc { // @Tags NodePools // @Accept json // @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param id path string true "Node Pool ID (UUID)" -// @Param body body dto.AttachTaintsRequest true "Taint IDs to attach" -// @Success 204 {string} string "No Content" -// @Failure 400 {string} string "invalid id / invalid taint_ids" -// @Failure 401 {string} string "Unauthorized" -// @Failure 403 {string} string "organization required" -// @Failure 404 {string} string "not found" -// @Failure 500 {string} string "attach failed" +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "Node Pool ID (UUID)" +// @Param body body dto.AttachTaintsRequest true "Taint IDs to attach" +// @Success 204 {string} string "No Content" +// @Failure 400 {string} string "invalid id / invalid taint_ids" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "not found" +// @Failure 500 {string} string "attach failed" // @Router /node-pools/{id}/taints [post] // @Security BearerAuth // @Security OrgKeyAuth @@ -730,17 +724,16 @@ func AttachNodePoolTaints(db *gorm.DB) http.HandlerFunc { // @ID DetachNodePoolTaint // @Summary Detach one taint from a node pool (org scoped) // @Tags NodePools -// @Accept json // @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param id path string true "Node Pool ID (UUID)" -// @Param taintId path string true "Taint ID (UUID)" -// @Success 204 {string} string "No Content" -// @Failure 400 {string} string "invalid id" -// @Failure 401 {string} string "Unauthorized" -// @Failure 403 {string} string "organization required" -// @Failure 404 {string} string "not found" -// @Failure 500 {string} string "detach failed" +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "Node Pool ID (UUID)" +// @Param taintId path string true "Taint ID (UUID)" +// @Success 204 {string} string "No Content" +// @Failure 400 {string} string "invalid id" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "not found" +// @Failure 500 {string} string "detach failed" // @Router /node-pools/{id}/taints/{taintId} [delete] // @Security BearerAuth // @Security OrgKeyAuth @@ -798,16 +791,15 @@ func DetachNodePoolTaint(db *gorm.DB) http.HandlerFunc { // @ID ListNodePoolLabels // @Summary List labels attached to a node pool (org scoped) // @Tags NodePools -// @Accept json // @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param id path string true "Label Pool ID (UUID)" -// @Success 200 {array} dto.LabelResponse -// @Failure 400 {string} string "invalid id" -// @Failure 401 {string} string "Unauthorized" -// @Failure 403 {string} string "organization required" -// @Failure 404 {string} string "not found" -// @Failure 500 {string} string "fetch failed" +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "Label Pool ID (UUID)" +// @Success 200 {array} dto.LabelResponse +// @Failure 400 {string} string "invalid id" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "not found" +// @Failure 500 {string} string "fetch failed" // @Router /node-pools/{id}/labels [get] // @Security BearerAuth // @Security OrgKeyAuth @@ -859,15 +851,15 @@ func ListNodePoolLabels(db *gorm.DB) http.HandlerFunc { // @Tags NodePools // @Accept json // @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param id path string true "Node Pool ID (UUID)" -// @Param body body dto.AttachLabelsRequest true "Label IDs to attach" -// @Success 204 {string} string "No Content" -// @Failure 400 {string} string "invalid id / invalid server_ids" -// @Failure 401 {string} string "Unauthorized" -// @Failure 403 {string} string "organization required" -// @Failure 404 {string} string "not found" -// @Failure 500 {string} string "attach failed" +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "Node Pool ID (UUID)" +// @Param body body dto.AttachLabelsRequest true "Label IDs to attach" +// @Success 204 {string} string "No Content" +// @Failure 400 {string} string "invalid id / invalid server_ids" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "not found" +// @Failure 500 {string} string "attach failed" // @Router /node-pools/{id}/labels [post] // @Security BearerAuth // @Security OrgKeyAuth @@ -940,17 +932,16 @@ func AttachNodePoolLabels(db *gorm.DB) http.HandlerFunc { // @ID DetachNodePoolLabel // @Summary Detach one label from a node pool (org scoped) // @Tags NodePools -// @Accept json // @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param id path string true "Node Pool ID (UUID)" -// @Param labelId path string true "Label ID (UUID)" -// @Success 204 {string} string "No Content" -// @Failure 400 {string} string "invalid id" -// @Failure 401 {string} string "Unauthorized" -// @Failure 403 {string} string "organization required" -// @Failure 404 {string} string "not found" -// @Failure 500 {string} string "detach failed" +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "Node Pool ID (UUID)" +// @Param labelId path string true "Label ID (UUID)" +// @Success 204 {string} string "No Content" +// @Failure 400 {string} string "invalid id" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "not found" +// @Failure 500 {string} string "detach failed" // @Router /node-pools/{id}/labels/{labelId} [delete] // @Security BearerAuth // @Security OrgKeyAuth @@ -1008,16 +999,15 @@ func DetachNodePoolLabel(db *gorm.DB) http.HandlerFunc { // @ID ListNodePoolAnnotations // @Summary List annotations attached to a node pool (org scoped) // @Tags NodePools -// @Accept json // @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param id path string true "Node Pool ID (UUID)" -// @Success 200 {array} dto.AnnotationResponse -// @Failure 400 {string} string "invalid id" -// @Failure 401 {string} string "Unauthorized" -// @Failure 403 {string} string "organization required" -// @Failure 404 {string} string "not found" -// @Failure 500 {string} string "fetch failed" +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "Node Pool ID (UUID)" +// @Success 200 {array} dto.AnnotationResponse +// @Failure 400 {string} string "invalid id" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "not found" +// @Failure 500 {string} string "fetch failed" // @Router /node-pools/{id}/annotations [get] // @Security BearerAuth // @Security OrgKeyAuth @@ -1069,15 +1059,15 @@ func ListNodePoolAnnotations(db *gorm.DB) http.HandlerFunc { // @Tags NodePools // @Accept json // @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param id path string true "Node Group ID (UUID)" -// @Param body body dto.AttachAnnotationsRequest true "Annotation IDs to attach" -// @Success 204 {string} string "No Content" -// @Failure 400 {string} string "invalid id / invalid server_ids" -// @Failure 401 {string} string "Unauthorized" -// @Failure 403 {string} string "organization required" -// @Failure 404 {string} string "not found" -// @Failure 500 {string} string "attach failed" +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "Node Group ID (UUID)" +// @Param body body dto.AttachAnnotationsRequest true "Annotation IDs to attach" +// @Success 204 {string} string "No Content" +// @Failure 400 {string} string "invalid id / invalid server_ids" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "not found" +// @Failure 500 {string} string "attach failed" // @Router /node-pools/{id}/annotations [post] // @Security BearerAuth // @Security OrgKeyAuth @@ -1151,17 +1141,16 @@ func AttachNodePoolAnnotations(db *gorm.DB) http.HandlerFunc { // @ID DetachNodePoolAnnotation // @Summary Detach one annotation from a node pool (org scoped) // @Tags NodePools -// @Accept json // @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param id path string true "Node Pool ID (UUID)" -// @Param annotationId path string true "Annotation ID (UUID)" -// @Success 204 {string} string "No Content" -// @Failure 400 {string} string "invalid id" -// @Failure 401 {string} string "Unauthorized" -// @Failure 403 {string} string "organization required" -// @Failure 404 {string} string "not found" -// @Failure 500 {string} string "detach failed" +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "Node Pool ID (UUID)" +// @Param annotationId path string true "Annotation ID (UUID)" +// @Success 204 {string} string "No Content" +// @Failure 400 {string} string "invalid id" +// @Failure 401 {string} string "Unauthorized" +// @Failure 403 {string} string "organization required" +// @Failure 404 {string} string "not found" +// @Failure 500 {string} string "detach failed" // @Router /node-pools/{id}/annotations/{annotationId} [delete] // @Security BearerAuth // @Security OrgKeyAuth diff --git a/internal/handlers/node_pools_test.go b/internal/handlers/node_pools_test.go new file mode 100644 index 0000000..f3c800c --- /dev/null +++ b/internal/handlers/node_pools_test.go @@ -0,0 +1,381 @@ +package handlers + +import ( + "os" + "testing" + + "github.com/glueops/autoglue/internal/common" + "github.com/glueops/autoglue/internal/models" + "github.com/glueops/autoglue/internal/testutil/pgtest" + "github.com/google/uuid" + "gorm.io/gorm" +) + +func TestMain(m *testing.M) { + code := m.Run() + pgtest.Stop() + os.Exit(code) +} + +func TestParseUUIDs_Success(t *testing.T) { + u1 := uuid.New() + u2 := uuid.New() + + got, err := parseUUIDs([]string{u1.String(), u2.String()}) + if err != nil { + t.Fatalf("parseUUIDs returned error: %v", err) + } + if len(got) != 2 { + t.Fatalf("expected 2 UUIDs, got %d", len(got)) + } + if got[0] != u1 || got[1] != u2 { + t.Fatalf("unexpected UUIDs: got=%v", got) + } +} + +func TestParseUUIDs_Invalid(t *testing.T) { + _, err := parseUUIDs([]string{"not-a-uuid"}) + if err == nil { + t.Fatalf("expected error for invalid UUID, got nil") + } +} + +// --- ensureServersBelongToOrg --- + +func TestEnsureServersBelongToOrg_AllBelong(t *testing.T) { + db := pgtest.DB(t) + + org := models.Organization{Name: "org-a"} + if err := db.Create(&org).Error; err != nil { + t.Fatalf("create org: %v", err) + } + + sshKey := createTestSshKey(t, db, org.ID, "org-a-key") + + s1 := models.Server{ + OrganizationID: org.ID, + Hostname: "srv-1", + SSHUser: "ubuntu", + SshKeyID: sshKey.ID, + Role: "worker", + Status: "pending", + } + s2 := models.Server{ + OrganizationID: org.ID, + Hostname: "srv-2", + SSHUser: "ubuntu", + SshKeyID: sshKey.ID, + Role: "worker", + Status: "pending", + } + + if err := db.Create(&s1).Error; err != nil { + t.Fatalf("create server 1: %v", err) + } + if err := db.Create(&s2).Error; err != nil { + t.Fatalf("create server 2: %v", err) + } + + ids := []uuid.UUID{s1.ID, s2.ID} + if err := ensureServersBelongToOrg(org.ID, ids, db); err != nil { + t.Fatalf("expected no error, got %v", err) + } +} + +func TestEnsureServersBelongToOrg_ForeignOrgFails(t *testing.T) { + db := pgtest.DB(t) + + orgA := models.Organization{Name: "org-a"} + orgB := models.Organization{Name: "org-b"} + + if err := db.Create(&orgA).Error; err != nil { + t.Fatalf("create orgA: %v", err) + } + if err := db.Create(&orgB).Error; err != nil { + t.Fatalf("create orgB: %v", err) + } + + sshKeyA := createTestSshKey(t, db, orgA.ID, "org-a-key") + sshKeyB := createTestSshKey(t, db, orgB.ID, "org-b-key") + + s1 := models.Server{ + OrganizationID: orgA.ID, + Hostname: "srv-a-1", + SSHUser: "ubuntu", + SshKeyID: sshKeyA.ID, + Role: "worker", + Status: "pending", + } + s2 := models.Server{ + OrganizationID: orgB.ID, + Hostname: "srv-b-1", + SSHUser: "ubuntu", + SshKeyID: sshKeyB.ID, + Role: "worker", + Status: "pending", + } + + if err := db.Create(&s1).Error; err != nil { + t.Fatalf("create server s1: %v", err) + } + if err := db.Create(&s2).Error; err != nil { + t.Fatalf("create server s2: %v", err) + } + + ids := []uuid.UUID{s1.ID, s2.ID} + if err := ensureServersBelongToOrg(orgA.ID, ids, db); err == nil { + t.Fatalf("expected error when one server belongs to a different org") + } +} + +// --- ensureTaintsBelongToOrg --- + +func TestEnsureTaintsBelongToOrg_AllBelong(t *testing.T) { + db := pgtest.DB(t) + + org := models.Organization{Name: "org-taints"} + if err := db.Create(&org).Error; err != nil { + t.Fatalf("create org: %v", err) + } + + t1 := models.Taint{ + OrganizationID: org.ID, + Key: "key1", + Value: "val1", + Effect: "NoSchedule", + } + t2 := models.Taint{ + OrganizationID: org.ID, + Key: "key2", + Value: "val2", + Effect: "PreferNoSchedule", + } + + if err := db.Create(&t1).Error; err != nil { + t.Fatalf("create taint 1: %v", err) + } + if err := db.Create(&t2).Error; err != nil { + t.Fatalf("create taint 2: %v", err) + } + + ids := []uuid.UUID{t1.ID, t2.ID} + if err := ensureTaintsBelongToOrg(org.ID, ids, db); err != nil { + t.Fatalf("expected no error, got %v", err) + } +} + +func TestEnsureTaintsBelongToOrg_ForeignOrgFails(t *testing.T) { + db := pgtest.DB(t) + + orgA := models.Organization{Name: "org-a"} + orgB := models.Organization{Name: "org-b"} + if err := db.Create(&orgA).Error; err != nil { + t.Fatalf("create orgA: %v", err) + } + if err := db.Create(&orgB).Error; err != nil { + t.Fatalf("create orgB: %v", err) + } + + t1 := models.Taint{ + OrganizationID: orgA.ID, + Key: "key1", + Value: "val1", + Effect: "NoSchedule", + } + t2 := models.Taint{ + OrganizationID: orgB.ID, + Key: "key2", + Value: "val2", + Effect: "NoSchedule", + } + + if err := db.Create(&t1).Error; err != nil { + t.Fatalf("create taint 1: %v", err) + } + if err := db.Create(&t2).Error; err != nil { + t.Fatalf("create taint 2: %v", err) + } + + ids := []uuid.UUID{t1.ID, t2.ID} + if err := ensureTaintsBelongToOrg(orgA.ID, ids, db); err == nil { + t.Fatalf("expected error when a taint belongs to another org") + } +} + +// --- ensureLabelsBelongToOrg --- + +func TestEnsureLabelsBelongToOrg_AllBelong(t *testing.T) { + db := pgtest.DB(t) + + org := models.Organization{Name: "org-labels"} + if err := db.Create(&org).Error; err != nil { + t.Fatalf("create org: %v", err) + } + + l1 := models.Label{ + AuditFields: common.AuditFields{ + OrganizationID: org.ID, + }, + Key: "env", + Value: "dev", + } + l2 := models.Label{ + AuditFields: common.AuditFields{ + OrganizationID: org.ID, + }, + Key: "env", + Value: "prod", + } + + if err := db.Create(&l1).Error; err != nil { + t.Fatalf("create label 1: %v", err) + } + if err := db.Create(&l2).Error; err != nil { + t.Fatalf("create label 2: %v", err) + } + + ids := []uuid.UUID{l1.ID, l2.ID} + if err := ensureLabelsBelongToOrg(org.ID, ids, db); err != nil { + t.Fatalf("expected no error, got %v", err) + } +} + +func TestEnsureLabelsBelongToOrg_ForeignOrgFails(t *testing.T) { + db := pgtest.DB(t) + + orgA := models.Organization{Name: "org-a"} + orgB := models.Organization{Name: "org-b"} + if err := db.Create(&orgA).Error; err != nil { + t.Fatalf("create orgA: %v", err) + } + if err := db.Create(&orgB).Error; err != nil { + t.Fatalf("create orgB: %v", err) + } + + l1 := models.Label{ + AuditFields: common.AuditFields{ + OrganizationID: orgA.ID, + }, + Key: "env", + Value: "dev", + } + l2 := models.Label{ + AuditFields: common.AuditFields{ + OrganizationID: orgB.ID, + }, + Key: "env", + Value: "prod", + } + + if err := db.Create(&l1).Error; err != nil { + t.Fatalf("create label 1: %v", err) + } + if err := db.Create(&l2).Error; err != nil { + t.Fatalf("create label 2: %v", err) + } + + ids := []uuid.UUID{l1.ID, l2.ID} + if err := ensureLabelsBelongToOrg(orgA.ID, ids, db); err == nil { + t.Fatalf("expected error when a label belongs to another org") + } +} + +// --- ensureAnnotaionsBelongToOrg (typo in original name is preserved) --- + +func TestEnsureAnnotationsBelongToOrg_AllBelong(t *testing.T) { + db := pgtest.DB(t) + + org := models.Organization{Name: "org-annotations"} + if err := db.Create(&org).Error; err != nil { + t.Fatalf("create org: %v", err) + } + + a1 := models.Annotation{ + AuditFields: common.AuditFields{ + OrganizationID: org.ID, + }, + Key: "team", + Value: "core", + } + a2 := models.Annotation{ + AuditFields: common.AuditFields{ + OrganizationID: org.ID, + }, + Key: "team", + Value: "platform", + } + + if err := db.Create(&a1).Error; err != nil { + t.Fatalf("create annotation 1: %v", err) + } + if err := db.Create(&a2).Error; err != nil { + t.Fatalf("create annotation 2: %v", err) + } + + ids := []uuid.UUID{a1.ID, a2.ID} + if err := ensureAnnotaionsBelongToOrg(org.ID, ids, db); err != nil { + t.Fatalf("expected no error, got %v", err) + } +} + +func TestEnsureAnnotationsBelongToOrg_ForeignOrgFails(t *testing.T) { + db := pgtest.DB(t) + + orgA := models.Organization{Name: "org-a"} + orgB := models.Organization{Name: "org-b"} + if err := db.Create(&orgA).Error; err != nil { + t.Fatalf("create orgA: %v", err) + } + if err := db.Create(&orgB).Error; err != nil { + t.Fatalf("create orgB: %v", err) + } + + a1 := models.Annotation{ + AuditFields: common.AuditFields{ + OrganizationID: orgA.ID, + }, + Key: "team", + Value: "core", + } + a2 := models.Annotation{ + AuditFields: common.AuditFields{ + OrganizationID: orgB.ID, + }, + Key: "team", + Value: "platform", + } + + if err := db.Create(&a1).Error; err != nil { + t.Fatalf("create annotation 1: %v", err) + } + if err := db.Create(&a2).Error; err != nil { + t.Fatalf("create annotation 2: %v", err) + } + + ids := []uuid.UUID{a1.ID, a2.ID} + if err := ensureAnnotaionsBelongToOrg(orgA.ID, ids, db); err == nil { + t.Fatalf("expected error when an annotation belongs to another org") + } +} + +func createTestSshKey(t *testing.T, db *gorm.DB, orgID uuid.UUID, name string) models.SshKey { + t.Helper() + + key := models.SshKey{ + AuditFields: common.AuditFields{ + OrganizationID: orgID, + }, + Name: name, + PublicKey: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAITestKey", + EncryptedPrivateKey: "encrypted", + PrivateIV: "iv", + PrivateTag: "tag", + Fingerprint: "fp-" + name, + } + + if err := db.Create(&key).Error; err != nil { + t.Fatalf("create ssh key %s: %v", name, err) + } + + return key +} diff --git a/internal/handlers/servers.go b/internal/handlers/servers.go index c7e837e..271cc5e 100644 --- a/internal/handlers/servers.go +++ b/internal/handlers/servers.go @@ -22,7 +22,6 @@ import ( // @Summary List servers (org scoped) // @Description Returns servers for the organization in X-Org-ID. Optional filters: status, role. // @Tags Servers -// @Accept json // @Produce json // @Param X-Org-ID header string false "Organization UUID" // @Param status query string false "Filter by status (pending|provisioning|ready|failed)" @@ -89,7 +88,6 @@ func ListServers(db *gorm.DB) http.HandlerFunc { // @Summary Get server by ID (org scoped) // @Description Returns one server in the given organization. // @Tags Servers -// @Accept json // @Produce json // @Param X-Org-ID header string false "Organization UUID" // @Param id path string true "Server ID (UUID)" @@ -329,11 +327,10 @@ func UpdateServer(db *gorm.DB) http.HandlerFunc { // @Summary Delete server (org scoped) // @Description Permanently deletes the server. // @Tags Servers -// @Accept json // @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param id path string true "Server ID (UUID)" -// @Success 204 {string} string "No Content" +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "Server ID (UUID)" +// @Success 204 "No Content" // @Failure 400 {string} string "invalid id" // @Failure 401 {string} string "Unauthorized" // @Failure 403 {string} string "organization required" diff --git a/internal/handlers/servers_test.go b/internal/handlers/servers_test.go new file mode 100644 index 0000000..ce5cc5d --- /dev/null +++ b/internal/handlers/servers_test.go @@ -0,0 +1,78 @@ +package handlers + +import ( + "testing" + + "github.com/glueops/autoglue/internal/models" + "github.com/glueops/autoglue/internal/testutil/pgtest" + "github.com/google/uuid" +) + +func TestValidStatus(t *testing.T) { + // known-good statuses from servers.go + valid := []string{"pending", "provisioning", "ready", "failed"} + for _, s := range valid { + if !validStatus(s) { + t.Errorf("expected validStatus(%q) = true, got false", s) + } + } + + invalid := []string{"foobar", "unknown"} + for _, s := range invalid { + if validStatus(s) { + t.Errorf("expected validStatus(%q) = false, got true", s) + } + } +} + +func TestEnsureKeyBelongsToOrg_Success(t *testing.T) { + db := pgtest.DB(t) + + org := models.Organization{Name: "servers-org"} + if err := db.Create(&org).Error; err != nil { + t.Fatalf("create org: %v", err) + } + + key := createTestSshKey(t, db, org.ID, "org-key") + + if err := ensureKeyBelongsToOrg(org.ID, key.ID, db); err != nil { + t.Fatalf("expected no error, got %v", err) + } +} + +func TestEnsureKeyBelongsToOrg_WrongOrg(t *testing.T) { + db := pgtest.DB(t) + + orgA := models.Organization{Name: "org-a"} + orgB := models.Organization{Name: "org-b"} + + if err := db.Create(&orgA).Error; err != nil { + t.Fatalf("create orgA: %v", err) + } + if err := db.Create(&orgB).Error; err != nil { + t.Fatalf("create orgB: %v", err) + } + + keyA := createTestSshKey(t, db, orgA.ID, "org-a-key") + + // ask for orgB with a key that belongs to orgA → should fail + if err := ensureKeyBelongsToOrg(orgB.ID, keyA.ID, db); err == nil { + t.Fatalf("expected error when ssh key belongs to a different org, got nil") + } +} + +func TestEnsureKeyBelongsToOrg_NotFound(t *testing.T) { + db := pgtest.DB(t) + + org := models.Organization{Name: "org-nokey"} + if err := db.Create(&org).Error; err != nil { + t.Fatalf("create org: %v", err) + } + + // random keyID that doesn't exist + randomKeyID := uuid.New() + + if err := ensureKeyBelongsToOrg(org.ID, randomKeyID, db); err == nil { + t.Fatalf("expected error when ssh key does not exist, got nil") + } +} diff --git a/internal/handlers/ssh_keys.go b/internal/handlers/ssh_keys.go index 72e5615..430d510 100644 --- a/internal/handlers/ssh_keys.go +++ b/internal/handlers/ssh_keys.go @@ -31,7 +31,6 @@ import ( // @Summary List ssh keys (org scoped) // @Description Returns ssh keys for the organization in X-Org-ID. // @Tags Ssh -// @Accept json // @Produce json // @Param X-Org-ID header string false "Organization UUID" // @Success 200 {array} dto.SshResponse @@ -189,7 +188,6 @@ func CreateSSHKey(db *gorm.DB) http.HandlerFunc { // @Summary Get ssh key by ID (org scoped) // @Description Returns public key fields. Append `?reveal=true` to include the private key PEM. // @Tags Ssh -// @Accept json // @Produce json // @Param X-Org-ID header string false "Organization UUID" // @Param id path string true "SSH Key ID (UUID)" @@ -283,11 +281,10 @@ func GetSSHKey(db *gorm.DB) http.HandlerFunc { // @Summary Delete ssh keypair (org scoped) // @Description Permanently deletes a keypair. // @Tags Ssh -// @Accept json // @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param id path string true "SSH Key ID (UUID)" -// @Success 204 {string} string "No Content" +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "SSH Key ID (UUID)" +// @Success 204 "No Content" // @Failure 400 {string} string "invalid id" // @Failure 401 {string} string "Unauthorized" // @Failure 403 {string} string "organization required" diff --git a/internal/handlers/taints.go b/internal/handlers/taints.go index acb99f2..30e357d 100644 --- a/internal/handlers/taints.go +++ b/internal/handlers/taints.go @@ -22,7 +22,6 @@ import ( // @Summary List node pool taints (org scoped) // @Description Returns node taints for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node pools. // @Tags Taints -// @Accept json // @Produce json // @Param X-Org-ID header string false "Organization UUID" // @Param key query string false "Exact key" @@ -70,7 +69,6 @@ func ListTaints(db *gorm.DB) http.HandlerFunc { // @ID GetTaint // @Summary Get node taint by ID (org scoped) // @Tags Taints -// @Accept json // @Produce json // @Param X-Org-ID header string false "Organization UUID" // @Param id path string true "Node Taint ID (UUID)" @@ -279,11 +277,10 @@ func UpdateTaint(db *gorm.DB) http.HandlerFunc { // @Summary Delete taint (org scoped) // @Description Permanently deletes the taint. // @Tags Taints -// @Accept json // @Produce json -// @Param X-Org-ID header string false "Organization UUID" -// @Param id path string true "Node Taint ID (UUID)" -// @Success 204 {string} string "No Content" +// @Param X-Org-ID header string false "Organization UUID" +// @Param id path string true "Node Taint ID (UUID)" +// @Success 204 "No Content" // @Failure 400 {string} string "invalid id" // @Failure 401 {string} string "Unauthorized" // @Failure 403 {string} string "organization required" diff --git a/internal/handlers/version.go b/internal/handlers/version.go index 15f3d6f..07e2c18 100644 --- a/internal/handlers/version.go +++ b/internal/handlers/version.go @@ -30,7 +30,6 @@ type VersionResponse struct { // @Description Returns build/runtime metadata for the running service. // @Tags Meta // @ID Version // operationId -// @Accept json // @Produce json // @Success 200 {object} VersionResponse // @Router /version [get] diff --git a/internal/models/cluster.go b/internal/models/cluster.go index 71400c0..bb97f69 100644 --- a/internal/models/cluster.go +++ b/internal/models/cluster.go @@ -6,28 +6,47 @@ import ( "github.com/google/uuid" ) +const ( + ClusterStatusPrePending = "pre_pending" // needs validation + ClusterStatusIncomplete = "incomplete" // invalid/missing shape + ClusterStatusPending = "pending" // valid shape, waiting for provisioning + ClusterStatusProvisioning = "provisioning" + ClusterStatusReady = "ready" + ClusterStatusFailed = "failed" // provisioning/runtime failure +) + type Cluster struct { - ID uuid.UUID `gorm:"type:uuid;default:gen_random_uuid();primaryKey" json:"id"` - OrganizationID uuid.UUID `gorm:"type:uuid;not null" json:"organization_id"` - Organization Organization `gorm:"foreignKey:OrganizationID;constraint:OnDelete:CASCADE" json:"organization"` - Name string `gorm:"not null" json:"name"` - Provider string `json:"provider"` - Region string `json:"region"` - Status string `json:"status"` - CaptainDomain string `gorm:"not null" json:"captain_domain"` // nonprod.earth.onglueops.rocks - AppsLoadBalancer string `json:"cluster_load_balancer"` // {public_ip: 1.2.3.4, private_ip: 10.0.30.1, name: apps.CaqptainDomain} - GlueOpsLoadBalancer string `json:"control_load_balancer"` // {public_ip: 5.6.7.8, private_ip: 10.0.22.1, name: CaptainDomain} + ID uuid.UUID `gorm:"type:uuid;default:gen_random_uuid();primaryKey" json:"id"` + OrganizationID uuid.UUID `gorm:"type:uuid;not null" json:"organization_id"` + Organization Organization `gorm:"foreignKey:OrganizationID;constraint:OnDelete:CASCADE" json:"organization"` - ControlPlane string `json:"control_plane"` // <- dns cntlpn + Name string `gorm:"not null" json:"name"` + Provider string `json:"provider"` + Region string `json:"region"` - RandomToken string `json:"random_token"` - CertificateKey string `json:"certificate_key"` - EncryptedKubeconfig string `gorm:"type:text" json:"-"` - KubeIV string `json:"-"` - KubeTag string `json:"-"` - NodePools []NodePool `gorm:"many2many:cluster_node_pools;constraint:OnDelete:CASCADE" json:"node_pools,omitempty"` - BastionServerID *uuid.UUID `gorm:"type:uuid" json:"bastion_server_id,omitempty"` - BastionServer *Server `gorm:"foreignKey:BastionServerID" json:"bastion_server,omitempty"` - CreatedAt time.Time `json:"created_at,omitempty" gorm:"type:timestamptz;column:created_at;not null;default:now()"` - UpdatedAt time.Time `json:"updated_at,omitempty" gorm:"type:timestamptz;autoUpdateTime;column:updated_at;not null;default:now()"` + Status string `gorm:"type:varchar(20);not null;default:'pre_pending'" json:"status"` + LastError string `gorm:"type:text;not null;default:''" json:"last_error"` + + CaptainDomainID *uuid.UUID `gorm:"type:uuid" json:"captain_domain_id"` + CaptainDomain Domain `gorm:"foreignKey:CaptainDomainID" json:"captain_domain"` + ControlPlaneRecordSetID *uuid.UUID `gorm:"type:uuid" json:"control_plane_record_set_id,omitempty"` + ControlPlaneRecordSet *RecordSet `gorm:"foreignKey:ControlPlaneRecordSetID" json:"control_plane_record_set,omitempty"` + AppsLoadBalancerID *uuid.UUID `gorm:"type:uuid" json:"apps_load_balancer_id,omitempty"` + AppsLoadBalancer *LoadBalancer `gorm:"foreignKey:AppsLoadBalancerID" json:"apps_load_balancer,omitempty"` + GlueOpsLoadBalancerID *uuid.UUID `gorm:"type:uuid" json:"glueops_load_balancer_id,omitempty"` + GlueOpsLoadBalancer *LoadBalancer `gorm:"foreignKey:GlueOpsLoadBalancerID" json:"glueops_load_balancer,omitempty"` + BastionServerID *uuid.UUID `gorm:"type:uuid" json:"bastion_server_id,omitempty"` + BastionServer *Server `gorm:"foreignKey:BastionServerID" json:"bastion_server,omitempty"` + + NodePools []NodePool `gorm:"many2many:cluster_node_pools;constraint:OnDelete:CASCADE" json:"node_pools,omitempty"` + + RandomToken string `json:"random_token"` + CertificateKey string `json:"certificate_key"` + + EncryptedKubeconfig string `gorm:"type:text" json:"-"` + KubeIV string `json:"-"` + KubeTag string `json:"-"` + + CreatedAt time.Time `json:"created_at,omitempty" gorm:"type:timestamptz;column:created_at;not null;default:now()"` + UpdatedAt time.Time `json:"updated_at,omitempty" gorm:"type:timestamptz;autoUpdateTime;column:updated_at;not null;default:now()"` } diff --git a/internal/models/load_balancer.go b/internal/models/load_balancer.go new file mode 100644 index 0000000..5a11b13 --- /dev/null +++ b/internal/models/load_balancer.go @@ -0,0 +1,19 @@ +package models + +import ( + "time" + + "github.com/google/uuid" +) + +type LoadBalancer struct { + ID uuid.UUID `json:"id" gorm:"primaryKey;type:uuid;default:gen_random_uuid()"` + OrganizationID uuid.UUID `json:"organization_id" gorm:"type:uuid;index"` + Organization Organization `json:"organization" gorm:"foreignKey:OrganizationID;constraint:OnDelete:CASCADE"` + Name string `json:"name" gorm:"not null"` + Kind string `json:"kind" gorm:"not null"` + PublicIPAddress string `json:"public_ip_address" gorm:"not null"` + PrivateIPAddress string `json:"private_ip_address" gorm:"not null"` + CreatedAt time.Time `json:"created_at,omitempty" gorm:"type:timestamptz;column:created_at;not null;default:now()"` + UpdatedAt time.Time `json:"updated_at,omitempty" gorm:"type:timestamptz;autoUpdateTime;column:updated_at;not null;default:now()"` +} diff --git a/internal/testutil/pgtest/pgtest.go b/internal/testutil/pgtest/pgtest.go new file mode 100644 index 0000000..6ffd2f3 --- /dev/null +++ b/internal/testutil/pgtest/pgtest.go @@ -0,0 +1,119 @@ +package pgtest + +import ( + "fmt" + "log" + "sync" + "testing" + "time" + + embeddedpostgres "github.com/fergusstrange/embedded-postgres" + "github.com/glueops/autoglue/internal/db" + "github.com/glueops/autoglue/internal/models" + "gorm.io/driver/postgres" + "gorm.io/gorm" +) + +var ( + once sync.Once + epg *embeddedpostgres.EmbeddedPostgres + gdb *gorm.DB + initErr error + dsn string +) + +// initDB is called once via sync.Once. It starts embedded Postgres, +// opens a GORM connection and runs the same migrations as NewRuntime. +func initDB() { + const port uint32 = 55432 + + cfg := embeddedpostgres. + DefaultConfig(). + Database("autoglue_test"). + Username("autoglue"). + Password("autoglue"). + Port(port). + StartTimeout(30 * time.Second) + + epg = embeddedpostgres.NewDatabase(cfg) + if err := epg.Start(); err != nil { + initErr = fmt.Errorf("start embedded postgres: %w", err) + return + } + + dsn = fmt.Sprintf( + "host=127.0.0.1 port=%d user=%s password=%s dbname=%s sslmode=disable", + port, + "autoglue", + "autoglue", + "autoglue_test", + ) + + dbConn, err := gorm.Open(postgres.Open(dsn), &gorm.Config{}) + if err != nil { + initErr = fmt.Errorf("open gorm: %w", err) + return + } + + // Use the same model list as app.NewRuntime so schema matches prod + if err := db.Run( + dbConn, + &models.Job{}, + &models.MasterKey{}, + &models.SigningKey{}, + &models.User{}, + &models.Organization{}, + &models.Account{}, + &models.Membership{}, + &models.APIKey{}, + &models.UserEmail{}, + &models.RefreshToken{}, + &models.OrganizationKey{}, + &models.SshKey{}, + &models.Server{}, + &models.Taint{}, + &models.Label{}, + &models.Annotation{}, + &models.NodePool{}, + &models.Cluster{}, + &models.Credential{}, + &models.Domain{}, + &models.RecordSet{}, + ); err != nil { + initErr = fmt.Errorf("migrate: %w", err) + return + } + + gdb = dbConn +} + +// DB returns a lazily-initialized *gorm.DB backed by embedded Postgres. +// +// Call this from any test that needs a real DB. If init fails, the test +// will fail immediately with a clear message. +func DB(t *testing.T) *gorm.DB { + t.Helper() + once.Do(initDB) + if initErr != nil { + t.Fatalf("failed to init embedded postgres: %v", initErr) + } + return gdb +} + +// URL returns the DSN for the embedded Postgres instance, useful for code +// that expects a DB URL (e.g. bg.NewJobs). +func URL(t *testing.T) string { + t.Helper() + DB(t) // ensure initialized + return dsn +} + +// Stop stops the embedded Postgres process. Call from TestMain in at +// least one package, or let the OS clean it up on process exit. +func Stop() { + if epg != nil { + if err := epg.Stop(); err != nil { + log.Printf("stop embedded postgres: %v", err) + } + } +} diff --git a/internal/web/static.go b/internal/web/static.go index 4d5a652..6e3b91d 100644 --- a/internal/web/static.go +++ b/internal/web/static.go @@ -67,7 +67,13 @@ func SPAHandler() (http.Handler, error) { return } - filePath := strings.TrimPrefix(path.Clean(r.URL.Path), "/") + raw := strings.TrimSpace(r.URL.Path) + if raw == "" || raw == "/" { + raw = "/index.html" + } + + clean := path.Clean("/" + raw) // nosemgrep: autoglue.filesystem.no-path-clean + filePath := strings.TrimPrefix(clean, "/") if filePath == "" { filePath = "index.html" } diff --git a/main.go b/main.go index 700a931..d21063a 100644 --- a/main.go +++ b/main.go @@ -1,21 +1,20 @@ package main import ( - "os" - "github.com/glueops/autoglue/cmd" - "github.com/glueops/autoglue/docs" - "github.com/joho/godotenv" ) // @title AutoGlue API // @version 1.0 // @description API for managing K3s clusters across cloud providers - // @contact.name GlueOps -// @BasePath /api/v1 -// @schemes http https +// @servers.url https://autoglue.onglueops.rocks/api/v1 +// @servers.description Production API +// @servers.url https://autoglue.apps.nonprod.earth.onglueops.rocks/api/v1 +// @servers.description Staging API +// @servers.url http://localhost:8080/api/v1 +// @servers.description Local dev // @securityDefinitions.apikey BearerAuth // @in header @@ -38,7 +37,5 @@ import ( // @description Org-level secret func main() { - _ = godotenv.Load() - docs.SwaggerInfo.Host = os.Getenv("SWAGGER_HOST") cmd.Execute() } diff --git a/postgres/Dockerfile b/postgres/Dockerfile index a1fdc4c..9333ad1 100644 --- a/postgres/Dockerfile +++ b/postgres/Dockerfile @@ -6,5 +6,5 @@ RUN cd /var/lib/postgresql/ && \ openssl req -x509 -in server.req -text -key server.key -out server.crt && \ chmod 600 server.key && \ chown postgres:postgres server.key - +USER non-root CMD ["postgres", "-c", "ssl=on", "-c", "ssl_cert_file=/var/lib/postgresql/server.crt", "-c", "ssl_key_file=/var/lib/postgresql/server.key" ] diff --git a/schema.sql b/schema.sql new file mode 100644 index 0000000..4173526 --- /dev/null +++ b/schema.sql @@ -0,0 +1,430 @@ +-- Add new schema named "public" +CREATE SCHEMA IF NOT EXISTS "public"; +-- Set comment to schema: "public" +COMMENT ON SCHEMA "public" IS 'standard public schema'; +-- Create "jobs" table +CREATE TABLE "public"."jobs" ( + "id" character varying NOT NULL, + "queue_name" character varying NOT NULL, + "status" character varying NOT NULL, + "arguments" jsonb NOT NULL DEFAULT '{}', + "result" jsonb NOT NULL DEFAULT '{}', + "last_error" character varying NULL, + "retry_count" bigint NOT NULL DEFAULT 0, + "max_retry" bigint NOT NULL DEFAULT 0, + "retry_interval" bigint NOT NULL DEFAULT 0, + "scheduled_at" timestamptz NULL DEFAULT now(), + "started_at" timestamptz NULL, + "created_at" timestamptz NOT NULL DEFAULT now(), + "updated_at" timestamptz NOT NULL DEFAULT now(), + PRIMARY KEY ("id") +); +-- Create index "idx_jobs_scheduled_at" to table: "jobs" +CREATE INDEX "idx_jobs_scheduled_at" ON "public"."jobs" ("scheduled_at"); +-- Create index "idx_jobs_started_at" to table: "jobs" +CREATE INDEX "idx_jobs_started_at" ON "public"."jobs" ("started_at"); +-- Create "api_keys" table +CREATE TABLE "public"."api_keys" ( + "id" uuid NOT NULL DEFAULT gen_random_uuid(), + "name" text NOT NULL DEFAULT '', + "key_hash" text NOT NULL, + "scope" text NOT NULL DEFAULT '', + "user_id" text NULL, + "org_id" text NULL, + "secret_hash" text NULL, + "expires_at" timestamptz NULL, + "revoked" boolean NOT NULL DEFAULT false, + "prefix" text NULL, + "last_used_at" timestamptz NULL, + "created_at" timestamptz NOT NULL DEFAULT now(), + "updated_at" timestamptz NOT NULL DEFAULT now(), + PRIMARY KEY ("id") +); +-- Create index "idx_api_keys_key_hash" to table: "api_keys" +CREATE UNIQUE INDEX "idx_api_keys_key_hash" ON "public"."api_keys" ("key_hash"); +-- Create "refresh_tokens" table +CREATE TABLE "public"."refresh_tokens" ( + "id" uuid NOT NULL DEFAULT gen_random_uuid(), + "user_id" text NOT NULL, + "family_id" uuid NOT NULL, + "token_hash" text NOT NULL, + "expires_at" timestamptz NOT NULL, + "revoked_at" timestamptz NULL, + "created_at" timestamptz NOT NULL DEFAULT now(), + PRIMARY KEY ("id") +); +-- Create index "idx_refresh_tokens_family_id" to table: "refresh_tokens" +CREATE INDEX "idx_refresh_tokens_family_id" ON "public"."refresh_tokens" ("family_id"); +-- Create index "idx_refresh_tokens_token_hash" to table: "refresh_tokens" +CREATE UNIQUE INDEX "idx_refresh_tokens_token_hash" ON "public"."refresh_tokens" ("token_hash"); +-- Create index "idx_refresh_tokens_user_id" to table: "refresh_tokens" +CREATE INDEX "idx_refresh_tokens_user_id" ON "public"."refresh_tokens" ("user_id"); +-- Create "signing_keys" table +CREATE TABLE "public"."signing_keys" ( + "id" uuid NOT NULL DEFAULT gen_random_uuid(), + "kid" text NOT NULL, + "alg" text NOT NULL, + "use" text NOT NULL DEFAULT 'sig', + "is_active" boolean NOT NULL DEFAULT true, + "public_pem" text NOT NULL, + "private_pem" text NOT NULL, + "not_before" timestamptz NULL, + "expires_at" timestamptz NULL, + "created_at" timestamptz NOT NULL DEFAULT now(), + "updated_at" timestamptz NOT NULL DEFAULT now(), + "rotated_from" text NULL, + PRIMARY KEY ("id") +); +-- Create index "idx_signing_keys_kid" to table: "signing_keys" +CREATE UNIQUE INDEX "idx_signing_keys_kid" ON "public"."signing_keys" ("kid"); +-- Create "users" table +CREATE TABLE "public"."users" ( + "id" uuid NOT NULL DEFAULT gen_random_uuid(), + "display_name" text NULL, + "primary_email" text NULL, + "avatar_url" text NULL, + "is_disabled" boolean NULL, + "is_admin" boolean NULL DEFAULT false, + "created_at" timestamptz NOT NULL DEFAULT now(), + "updated_at" timestamptz NOT NULL DEFAULT now(), + PRIMARY KEY ("id") +); +-- Create "accounts" table +CREATE TABLE "public"."accounts" ( + "id" uuid NOT NULL DEFAULT gen_random_uuid(), + "user_id" uuid NOT NULL, + "provider" text NOT NULL, + "subject" text NOT NULL, + "email" text NULL, + "email_verified" boolean NOT NULL DEFAULT false, + "profile" jsonb NOT NULL DEFAULT '{}', + "secret_hash" text NULL, + "created_at" timestamptz NOT NULL DEFAULT now(), + "updated_at" timestamptz NOT NULL DEFAULT now(), + PRIMARY KEY ("id"), + CONSTRAINT "fk_accounts_user" FOREIGN KEY ("user_id") REFERENCES "public"."users" ("id") ON UPDATE NO ACTION ON DELETE NO ACTION +); +-- Create index "idx_accounts_user_id" to table: "accounts" +CREATE INDEX "idx_accounts_user_id" ON "public"."accounts" ("user_id"); +-- Create "organizations" table +CREATE TABLE "public"."organizations" ( + "id" uuid NOT NULL DEFAULT gen_random_uuid(), + "name" text NOT NULL, + "domain" text NULL, + "created_at" timestamptz NOT NULL DEFAULT now(), + "updated_at" timestamptz NOT NULL DEFAULT now(), + PRIMARY KEY ("id") +); +-- Create index "idx_organizations_domain" to table: "organizations" +CREATE INDEX "idx_organizations_domain" ON "public"."organizations" ("domain"); +-- Create "annotations" table +CREATE TABLE "public"."annotations" ( + "id" uuid NOT NULL DEFAULT gen_random_uuid(), + "organization_id" uuid NULL, + "created_at" timestamptz NOT NULL DEFAULT now(), + "updated_at" timestamptz NOT NULL DEFAULT now(), + "key" text NOT NULL, + "value" text NOT NULL, + PRIMARY KEY ("id"), + CONSTRAINT "fk_annotations_organization" FOREIGN KEY ("organization_id") REFERENCES "public"."organizations" ("id") ON UPDATE NO ACTION ON DELETE CASCADE +); +-- Create index "idx_annotations_organization_id" to table: "annotations" +CREATE INDEX "idx_annotations_organization_id" ON "public"."annotations" ("organization_id"); +-- Create "credentials" table +CREATE TABLE "public"."credentials" ( + "id" uuid NOT NULL DEFAULT gen_random_uuid(), + "organization_id" uuid NOT NULL, + "provider" character varying(50) NOT NULL, + "kind" character varying(50) NOT NULL, + "scope_kind" character varying(20) NOT NULL, + "scope" jsonb NOT NULL DEFAULT '{}', + "scope_fingerprint" character(64) NOT NULL, + "schema_version" bigint NOT NULL DEFAULT 1, + "name" character varying(100) NOT NULL DEFAULT '', + "scope_version" bigint NOT NULL DEFAULT 1, + "account_id" character varying(32) NULL, + "region" character varying(32) NULL, + "encrypted_data" text NOT NULL, + "iv" text NOT NULL, + "tag" text NOT NULL, + "created_at" timestamptz NOT NULL DEFAULT now(), + "updated_at" timestamptz NOT NULL DEFAULT now(), + PRIMARY KEY ("id"), + CONSTRAINT "fk_credentials_organization" FOREIGN KEY ("organization_id") REFERENCES "public"."organizations" ("id") ON UPDATE NO ACTION ON DELETE CASCADE +); +-- Create index "idx_credentials_organization_id" to table: "credentials" +CREATE INDEX "idx_credentials_organization_id" ON "public"."credentials" ("organization_id"); +-- Create index "idx_credentials_scope_fingerprint" to table: "credentials" +CREATE INDEX "idx_credentials_scope_fingerprint" ON "public"."credentials" ("scope_fingerprint"); +-- Create index "idx_kind_scope" to table: "credentials" +CREATE INDEX "idx_kind_scope" ON "public"."credentials" ("kind", "scope"); +-- Create index "idx_provider_kind" to table: "credentials" +CREATE INDEX "idx_provider_kind" ON "public"."credentials" ("provider", "kind"); +-- Create index "uniq_org_provider_scopekind_scope" to table: "credentials" +CREATE UNIQUE INDEX "uniq_org_provider_scopekind_scope" ON "public"."credentials" ("organization_id", "provider", "scope_kind", "scope_fingerprint"); +-- Create "backups" table +CREATE TABLE "public"."backups" ( + "id" uuid NOT NULL DEFAULT gen_random_uuid(), + "organization_id" uuid NOT NULL, + "enabled" boolean NOT NULL DEFAULT false, + "credential_id" uuid NOT NULL, + "created_at" timestamptz NOT NULL DEFAULT now(), + "updated_at" timestamptz NOT NULL DEFAULT now(), + PRIMARY KEY ("id"), + CONSTRAINT "fk_backups_credential" FOREIGN KEY ("credential_id") REFERENCES "public"."credentials" ("id") ON UPDATE NO ACTION ON DELETE NO ACTION, + CONSTRAINT "fk_backups_organization" FOREIGN KEY ("organization_id") REFERENCES "public"."organizations" ("id") ON UPDATE NO ACTION ON DELETE CASCADE +); +-- Create index "idx_backups_organization_id" to table: "backups" +CREATE INDEX "idx_backups_organization_id" ON "public"."backups" ("organization_id"); +-- Create index "uniq_org_credential" to table: "backups" +CREATE UNIQUE INDEX "uniq_org_credential" ON "public"."backups" ("organization_id", "credential_id"); +-- Create "ssh_keys" table +CREATE TABLE "public"."ssh_keys" ( + "id" uuid NOT NULL DEFAULT gen_random_uuid(), + "organization_id" uuid NULL, + "created_at" timestamptz NOT NULL DEFAULT now(), + "updated_at" timestamptz NOT NULL DEFAULT now(), + "name" text NOT NULL, + "public_key" text NOT NULL, + "encrypted_private_key" text NOT NULL, + "private_iv" text NOT NULL, + "private_tag" text NOT NULL, + "fingerprint" text NOT NULL, + PRIMARY KEY ("id"), + CONSTRAINT "fk_ssh_keys_organization" FOREIGN KEY ("organization_id") REFERENCES "public"."organizations" ("id") ON UPDATE NO ACTION ON DELETE CASCADE +); +-- Create index "idx_ssh_keys_fingerprint" to table: "ssh_keys" +CREATE INDEX "idx_ssh_keys_fingerprint" ON "public"."ssh_keys" ("fingerprint"); +-- Create index "idx_ssh_keys_organization_id" to table: "ssh_keys" +CREATE INDEX "idx_ssh_keys_organization_id" ON "public"."ssh_keys" ("organization_id"); +-- Create "servers" table +CREATE TABLE "public"."servers" ( + "id" uuid NOT NULL DEFAULT gen_random_uuid(), + "organization_id" uuid NOT NULL, + "hostname" text NULL, + "public_ip_address" text NULL, + "private_ip_address" text NOT NULL, + "ssh_user" text NOT NULL, + "ssh_key_id" uuid NOT NULL, + "role" text NOT NULL, + "status" text NULL DEFAULT 'pending', + "ssh_host_key" text NULL, + "ssh_host_key_algo" text NULL, + "created_at" timestamptz NOT NULL DEFAULT now(), + "updated_at" timestamptz NOT NULL DEFAULT now(), + PRIMARY KEY ("id"), + CONSTRAINT "fk_servers_organization" FOREIGN KEY ("organization_id") REFERENCES "public"."organizations" ("id") ON UPDATE NO ACTION ON DELETE CASCADE, + CONSTRAINT "fk_servers_ssh_key" FOREIGN KEY ("ssh_key_id") REFERENCES "public"."ssh_keys" ("id") ON UPDATE NO ACTION ON DELETE NO ACTION +); +-- Create "clusters" table +CREATE TABLE "public"."clusters" ( + "id" uuid NOT NULL DEFAULT gen_random_uuid(), + "organization_id" uuid NOT NULL, + "name" text NOT NULL, + "provider" text NULL, + "region" text NULL, + "status" text NULL, + "captain_domain" text NOT NULL, + "apps_load_balancer" text NULL, + "glue_ops_load_balancer" text NULL, + "control_plane" text NULL, + "random_token" text NULL, + "certificate_key" text NULL, + "encrypted_kubeconfig" text NULL, + "kube_iv" text NULL, + "kube_tag" text NULL, + "bastion_server_id" uuid NULL, + "created_at" timestamptz NOT NULL DEFAULT now(), + "updated_at" timestamptz NOT NULL DEFAULT now(), + PRIMARY KEY ("id"), + CONSTRAINT "fk_clusters_bastion_server" FOREIGN KEY ("bastion_server_id") REFERENCES "public"."servers" ("id") ON UPDATE NO ACTION ON DELETE NO ACTION, + CONSTRAINT "fk_clusters_organization" FOREIGN KEY ("organization_id") REFERENCES "public"."organizations" ("id") ON UPDATE NO ACTION ON DELETE CASCADE +); +-- Create "node_pools" table +CREATE TABLE "public"."node_pools" ( + "id" uuid NOT NULL DEFAULT gen_random_uuid(), + "organization_id" uuid NULL, + "created_at" timestamptz NOT NULL DEFAULT now(), + "updated_at" timestamptz NOT NULL DEFAULT now(), + "name" text NOT NULL, + "role" text NULL, + PRIMARY KEY ("id"), + CONSTRAINT "fk_node_pools_organization" FOREIGN KEY ("organization_id") REFERENCES "public"."organizations" ("id") ON UPDATE NO ACTION ON DELETE CASCADE +); +-- Create index "idx_node_pools_organization_id" to table: "node_pools" +CREATE INDEX "idx_node_pools_organization_id" ON "public"."node_pools" ("organization_id"); +-- Create "cluster_node_pools" table +CREATE TABLE "public"."cluster_node_pools" ( + "node_pool_id" uuid NOT NULL DEFAULT gen_random_uuid(), + "cluster_id" uuid NOT NULL DEFAULT gen_random_uuid(), + PRIMARY KEY ("node_pool_id", "cluster_id"), + CONSTRAINT "fk_cluster_node_pools_cluster" FOREIGN KEY ("cluster_id") REFERENCES "public"."clusters" ("id") ON UPDATE NO ACTION ON DELETE CASCADE, + CONSTRAINT "fk_cluster_node_pools_node_pool" FOREIGN KEY ("node_pool_id") REFERENCES "public"."node_pools" ("id") ON UPDATE NO ACTION ON DELETE CASCADE +); +-- Create "domains" table +CREATE TABLE "public"."domains" ( + "id" uuid NOT NULL DEFAULT gen_random_uuid(), + "organization_id" uuid NOT NULL, + "domain_name" character varying(253) NOT NULL, + "zone_id" character varying(128) NOT NULL DEFAULT '', + "status" character varying(20) NOT NULL DEFAULT 'pending', + "last_error" text NOT NULL DEFAULT '', + "credential_id" uuid NOT NULL, + "created_at" timestamptz NOT NULL DEFAULT now(), + "updated_at" timestamptz NOT NULL DEFAULT now(), + PRIMARY KEY ("id"), + CONSTRAINT "fk_domains_credential" FOREIGN KEY ("credential_id") REFERENCES "public"."credentials" ("id") ON UPDATE NO ACTION ON DELETE NO ACTION, + CONSTRAINT "fk_domains_organization" FOREIGN KEY ("organization_id") REFERENCES "public"."organizations" ("id") ON UPDATE NO ACTION ON DELETE CASCADE +); +-- Create index "idx_domains_organization_id" to table: "domains" +CREATE INDEX "idx_domains_organization_id" ON "public"."domains" ("organization_id"); +-- Create index "uniq_org_domain" to table: "domains" +CREATE UNIQUE INDEX "uniq_org_domain" ON "public"."domains" ("organization_id", "domain_name"); +-- Create "labels" table +CREATE TABLE "public"."labels" ( + "id" uuid NOT NULL DEFAULT gen_random_uuid(), + "organization_id" uuid NULL, + "created_at" timestamptz NOT NULL DEFAULT now(), + "updated_at" timestamptz NOT NULL DEFAULT now(), + "key" text NOT NULL, + "value" text NOT NULL, + PRIMARY KEY ("id"), + CONSTRAINT "fk_labels_organization" FOREIGN KEY ("organization_id") REFERENCES "public"."organizations" ("id") ON UPDATE NO ACTION ON DELETE CASCADE +); +-- Create index "idx_labels_organization_id" to table: "labels" +CREATE INDEX "idx_labels_organization_id" ON "public"."labels" ("organization_id"); +-- Create "load_balancers" table +CREATE TABLE "public"."load_balancers" ( + "id" uuid NOT NULL DEFAULT gen_random_uuid(), + "organization_id" uuid NULL, + "name" text NOT NULL, + "kind" text NOT NULL, + "public_ip_address" text NOT NULL, + "private_ip_address" text NOT NULL, + "created_at" timestamptz NOT NULL DEFAULT now(), + "updated_at" timestamptz NOT NULL DEFAULT now(), + PRIMARY KEY ("id"), + CONSTRAINT "fk_load_balancers_organization" FOREIGN KEY ("organization_id") REFERENCES "public"."organizations" ("id") ON UPDATE NO ACTION ON DELETE CASCADE +); +-- Create index "idx_load_balancers_organization_id" to table: "load_balancers" +CREATE INDEX "idx_load_balancers_organization_id" ON "public"."load_balancers" ("organization_id"); +-- Create "memberships" table +CREATE TABLE "public"."memberships" ( + "id" uuid NOT NULL DEFAULT gen_random_uuid(), + "user_id" uuid NOT NULL, + "organization_id" uuid NOT NULL, + "role" text NOT NULL DEFAULT 'member', + "created_at" timestamptz NOT NULL DEFAULT now(), + "updated_at" timestamptz NOT NULL DEFAULT now(), + PRIMARY KEY ("id"), + CONSTRAINT "fk_memberships_organization" FOREIGN KEY ("organization_id") REFERENCES "public"."organizations" ("id") ON UPDATE NO ACTION ON DELETE CASCADE, + CONSTRAINT "fk_memberships_user" FOREIGN KEY ("user_id") REFERENCES "public"."users" ("id") ON UPDATE NO ACTION ON DELETE NO ACTION +); +-- Create index "idx_memberships_organization_id" to table: "memberships" +CREATE INDEX "idx_memberships_organization_id" ON "public"."memberships" ("organization_id"); +-- Create index "idx_memberships_user_id" to table: "memberships" +CREATE INDEX "idx_memberships_user_id" ON "public"."memberships" ("user_id"); +-- Create "node_annotations" table +CREATE TABLE "public"."node_annotations" ( + "node_pool_id" uuid NOT NULL DEFAULT gen_random_uuid(), + "annotation_id" uuid NOT NULL DEFAULT gen_random_uuid(), + PRIMARY KEY ("node_pool_id", "annotation_id"), + CONSTRAINT "fk_node_annotations_annotation" FOREIGN KEY ("annotation_id") REFERENCES "public"."annotations" ("id") ON UPDATE NO ACTION ON DELETE CASCADE, + CONSTRAINT "fk_node_annotations_node_pool" FOREIGN KEY ("node_pool_id") REFERENCES "public"."node_pools" ("id") ON UPDATE NO ACTION ON DELETE CASCADE +); +-- Create "node_labels" table +CREATE TABLE "public"."node_labels" ( + "node_pool_id" uuid NOT NULL DEFAULT gen_random_uuid(), + "label_id" uuid NOT NULL DEFAULT gen_random_uuid(), + PRIMARY KEY ("node_pool_id", "label_id"), + CONSTRAINT "fk_node_labels_label" FOREIGN KEY ("label_id") REFERENCES "public"."labels" ("id") ON UPDATE NO ACTION ON DELETE CASCADE, + CONSTRAINT "fk_node_labels_node_pool" FOREIGN KEY ("node_pool_id") REFERENCES "public"."node_pools" ("id") ON UPDATE NO ACTION ON DELETE CASCADE +); +-- Create "node_servers" table +CREATE TABLE "public"."node_servers" ( + "server_id" uuid NOT NULL DEFAULT gen_random_uuid(), + "node_pool_id" uuid NOT NULL DEFAULT gen_random_uuid(), + PRIMARY KEY ("server_id", "node_pool_id"), + CONSTRAINT "fk_node_servers_node_pool" FOREIGN KEY ("node_pool_id") REFERENCES "public"."node_pools" ("id") ON UPDATE NO ACTION ON DELETE CASCADE, + CONSTRAINT "fk_node_servers_server" FOREIGN KEY ("server_id") REFERENCES "public"."servers" ("id") ON UPDATE NO ACTION ON DELETE CASCADE +); +-- Create "taints" table +CREATE TABLE "public"."taints" ( + "id" uuid NOT NULL DEFAULT gen_random_uuid(), + "organization_id" uuid NOT NULL, + "key" text NOT NULL, + "value" text NOT NULL, + "effect" text NOT NULL, + "created_at" timestamptz NOT NULL DEFAULT now(), + "updated_at" timestamptz NOT NULL DEFAULT now(), + PRIMARY KEY ("id"), + CONSTRAINT "fk_taints_organization" FOREIGN KEY ("organization_id") REFERENCES "public"."organizations" ("id") ON UPDATE NO ACTION ON DELETE CASCADE +); +-- Create "node_taints" table +CREATE TABLE "public"."node_taints" ( + "taint_id" uuid NOT NULL DEFAULT gen_random_uuid(), + "node_pool_id" uuid NOT NULL DEFAULT gen_random_uuid(), + PRIMARY KEY ("taint_id", "node_pool_id"), + CONSTRAINT "fk_node_taints_node_pool" FOREIGN KEY ("node_pool_id") REFERENCES "public"."node_pools" ("id") ON UPDATE NO ACTION ON DELETE CASCADE, + CONSTRAINT "fk_node_taints_taint" FOREIGN KEY ("taint_id") REFERENCES "public"."taints" ("id") ON UPDATE NO ACTION ON DELETE CASCADE +); +-- Create "master_keys" table +CREATE TABLE "public"."master_keys" ( + "id" uuid NOT NULL DEFAULT gen_random_uuid(), + "key" text NOT NULL, + "is_active" boolean NULL DEFAULT true, + "created_at" timestamptz NOT NULL DEFAULT now(), + "updated_at" timestamptz NOT NULL DEFAULT now(), + PRIMARY KEY ("id") +); +-- Create "organization_keys" table +CREATE TABLE "public"."organization_keys" ( + "id" uuid NOT NULL DEFAULT gen_random_uuid(), + "organization_id" uuid NOT NULL, + "master_key_id" uuid NOT NULL, + "encrypted_key" text NOT NULL, + "iv" text NOT NULL, + "tag" text NOT NULL, + "created_at" timestamptz NOT NULL DEFAULT now(), + "updated_at" timestamptz NOT NULL DEFAULT now(), + PRIMARY KEY ("id"), + CONSTRAINT "fk_organization_keys_master_key" FOREIGN KEY ("master_key_id") REFERENCES "public"."master_keys" ("id") ON UPDATE NO ACTION ON DELETE CASCADE, + CONSTRAINT "fk_organization_keys_organization" FOREIGN KEY ("organization_id") REFERENCES "public"."organizations" ("id") ON UPDATE NO ACTION ON DELETE CASCADE +); +-- Create "record_sets" table +CREATE TABLE "public"."record_sets" ( + "id" uuid NOT NULL DEFAULT gen_random_uuid(), + "domain_id" uuid NOT NULL, + "name" character varying(253) NOT NULL, + "type" character varying(10) NOT NULL, + "ttl" bigint NULL, + "values" jsonb NOT NULL DEFAULT '[]', + "fingerprint" character(64) NOT NULL, + "status" character varying(20) NOT NULL DEFAULT 'pending', + "owner" character varying(16) NOT NULL DEFAULT 'unknown', + "last_error" text NOT NULL DEFAULT '', + "created_at" timestamptz NOT NULL DEFAULT now(), + "updated_at" timestamptz NOT NULL DEFAULT now(), + PRIMARY KEY ("id"), + CONSTRAINT "fk_record_sets_domain" FOREIGN KEY ("domain_id") REFERENCES "public"."domains" ("id") ON UPDATE NO ACTION ON DELETE CASCADE +); +-- Create index "idx_record_sets_domain_id" to table: "record_sets" +CREATE INDEX "idx_record_sets_domain_id" ON "public"."record_sets" ("domain_id"); +-- Create index "idx_record_sets_fingerprint" to table: "record_sets" +CREATE INDEX "idx_record_sets_fingerprint" ON "public"."record_sets" ("fingerprint"); +-- Create index "idx_record_sets_type" to table: "record_sets" +CREATE INDEX "idx_record_sets_type" ON "public"."record_sets" ("type"); +-- Create "user_emails" table +CREATE TABLE "public"."user_emails" ( + "id" uuid NOT NULL DEFAULT gen_random_uuid(), + "user_id" uuid NOT NULL, + "email" text NOT NULL, + "is_verified" boolean NOT NULL DEFAULT false, + "is_primary" boolean NOT NULL DEFAULT false, + "created_at" timestamptz NOT NULL DEFAULT now(), + "updated_at" timestamptz NOT NULL DEFAULT now(), + PRIMARY KEY ("id"), + CONSTRAINT "fk_user_emails_user" FOREIGN KEY ("user_id") REFERENCES "public"."users" ("id") ON UPDATE NO ACTION ON DELETE NO ACTION +); +-- Create index "idx_user_emails_user_id" to table: "user_emails" +CREATE INDEX "idx_user_emails_user_id" ON "public"."user_emails" ("user_id"); diff --git a/tools/pgweb_fetch.go b/tools/pgweb_fetch.go deleted file mode 100644 index b3dcc4a..0000000 --- a/tools/pgweb_fetch.go +++ /dev/null @@ -1,137 +0,0 @@ -//go:build ignore -// +build ignore - -package main - -import ( - "archive/zip" - "crypto/sha256" - "encoding/hex" - "fmt" - "io" - "net/http" - "os" - "path/filepath" -) - -type Target struct { - Name string - URL string - SHA256 string -} - -const version = "0.16.2" - -func main() { - targets := []Target{ - { - Name: "pgweb-linux-amd64", - URL: fmt.Sprintf("https://github.com/sosedoff/pgweb/releases/download/v%s/pgweb_linux_amd64.zip", version), - SHA256: "3d6c2063e1040b8a625eb7c43c9b84f8ed12cfc9a798eacbce85179963ee2554", - }, - { - Name: "pgweb-linux-arm64", - URL: fmt.Sprintf("https://github.com/sosedoff/pgweb/releases/download/v%s/pgweb_linux_arm64.zip", version), - SHA256: "079c698a323ed6431ce7e6343ee5847c7da62afbf45dfb2e78f8289d7b381783", - }, - { - Name: "pgweb-darwin-amd64", - URL: fmt.Sprintf("https://github.com/sosedoff/pgweb/releases/download/v%s/pgweb_darwin_amd64.zip", version), - SHA256: "c0a098e2eb9cf9f7c20161a2947522eb67eacbf2b6c3389c2f8e8c5ed7238957", - }, - { - Name: "pgweb-darwin-arm64", - URL: fmt.Sprintf("https://github.com/sosedoff/pgweb/releases/download/v%s/pgweb_darwin_arm64.zip", version), - SHA256: "c8f5fca847f461ba22a619e2d96cb1656cefdffd8f2aef2340e14fc5b518d3a2", - }, - } - - outDir := filepath.Join("internal", "web", "pgwebbin") - _ = os.MkdirAll(outDir, 0o755) - - for _, t := range targets { - destZip := filepath.Join(outDir, t.Name+".zip") - fmt.Printf("Downloading %s...\n", t.URL) - if err := downloadFile(destZip, t.URL); err != nil { - panic(err) - } - binPath := filepath.Join(outDir, t.Name) - if err := unzipSingle(destZip, binPath); err != nil { - panic(err) - } - _ = os.Remove(destZip) - - // Make executable - if err := os.Chmod(binPath, 0o755); err != nil { - panic(err) - } - fmt.Printf("Saved %s\n", binPath) - - // Compute checksum - sum, _ := fileSHA256(binPath) - fmt.Printf(" SHA256: %s\n", sum) - } -} - -func downloadFile(dest, url string) error { - resp, err := http.Get(url) - if err != nil { - return err - } - defer resp.Body.Close() - if resp.StatusCode != 200 { - return fmt.Errorf("bad status: %s", resp.Status) - } - out, err := os.Create(dest) - if err != nil { - return err - } - defer out.Close() - _, err = io.Copy(out, resp.Body) - return err -} - -func fileSHA256(path string) (string, error) { - f, err := os.Open(path) - if err != nil { - return "", err - } - defer f.Close() - h := sha256.New() - if _, err := io.Copy(h, f); err != nil { - return "", err - } - return hex.EncodeToString(h.Sum(nil)), nil -} - -func unzipSingle(zipPath, outPath string) error { - zr, err := zip.OpenReader(zipPath) - if err != nil { - return err - } - defer zr.Close() - - if len(zr.File) == 0 { - return fmt.Errorf("zip file %s is empty", zipPath) - } - - f := zr.File[0] - - rc, err := f.Open() - if err != nil { - return err - } - defer rc.Close() - - out, err := os.Create(outPath) - if err != nil { - return err - } - defer out.Close() - - if _, err := io.Copy(out, rc); err != nil { - return err - } - - return nil -} diff --git a/ui/eslint.config.js b/ui/eslint.config.js index b19330b..41f1089 100644 --- a/ui/eslint.config.js +++ b/ui/eslint.config.js @@ -1,20 +1,29 @@ -import js from '@eslint/js' -import globals from 'globals' -import reactHooks from 'eslint-plugin-react-hooks' -import reactRefresh from 'eslint-plugin-react-refresh' -import tseslint from 'typescript-eslint' -import { defineConfig, globalIgnores } from 'eslint/config' +import js from "@eslint/js" +import reactHooks from "eslint-plugin-react-hooks" +import reactRefresh from "eslint-plugin-react-refresh" +import { defineConfig, globalIgnores } from "eslint/config" +import globals from "globals" +import tseslint from "typescript-eslint" export default defineConfig([ - globalIgnores(['dist']), + globalIgnores(["dist", "src/sdk", "src/components"]), { - files: ['**/*.{ts,tsx}'], + files: ["**/*.{ts,tsx}"], extends: [ js.configs.recommended, - tseslint.configs.recommended, - reactHooks.configs['recommended-latest'], - reactRefresh.configs.vite, + ...tseslint.configs.recommended, + //reactHooks.configs['recommended-latest'], + //reactRefresh.configs.vite, ], + plugins: { + "react-hooks": reactHooks, + "react-refresh": reactRefresh, + }, + rules: { + ...(reactHooks.configs["recommended-latest"]?.rules ?? {}), + ...(reactRefresh.configs.vite?.rules ?? {}), + "@typescript-eslint/no-explicit-any": "off", + }, languageOptions: { ecmaVersion: 2020, globals: globals.browser, diff --git a/ui/package.json b/ui/package.json index 753396f..0af84c0 100644 --- a/ui/package.json +++ b/ui/package.json @@ -37,8 +37,9 @@ "@radix-ui/react-toggle": "^1.1.10", "@radix-ui/react-toggle-group": "^1.1.11", "@radix-ui/react-tooltip": "^1.2.8", + "@radix-ui/react-use-controllable-state": "^1.2.2", "@tailwindcss/vite": "^4.1.17", - "@tanstack/react-query": "^5.90.7", + "@tanstack/react-query": "^5.90.9", "class-variance-authority": "^0.7.1", "clsx": "^2.1.1", "cmdk": "^1.1.1", @@ -46,14 +47,16 @@ "embla-carousel-react": "^8.6.0", "input-otp": "^1.4.2", "lucide-react": "^0.553.0", + "motion": "^12.23.24", "next-themes": "^0.4.6", + "rapidoc": "^9.3.8", "react": "^19.2.0", "react-day-picker": "^9.11.1", "react-dom": "^19.2.0", "react-hook-form": "^7.66.0", "react-icons": "^5.5.0", "react-resizable-panels": "^3.0.6", - "react-router-dom": "^7.9.5", + "react-router-dom": "^7.9.6", "recharts": "2.15.4", "sonner": "^2.0.7", "tailwind-merge": "^3.4.0", @@ -64,10 +67,10 @@ "devDependencies": { "@eslint/js": "9.39.1", "@ianvs/prettier-plugin-sort-imports": "4.7.0", - "@types/node": "24.10.0", - "@types/react": "19.2.2", - "@types/react-dom": "19.2.2", - "@vitejs/plugin-react": "5.1.0", + "@types/node": "24.10.1", + "@types/react": "19.2.5", + "@types/react-dom": "19.2.3", + "@vitejs/plugin-react": "5.1.1", "eslint": "9.39.1", "eslint-plugin-react-hooks": "7.0.1", "eslint-plugin-react-refresh": "0.4.24", diff --git a/ui/src/App.tsx b/ui/src/App.tsx index 30e8a1f..479845a 100644 --- a/ui/src/App.tsx +++ b/ui/src/App.tsx @@ -6,6 +6,7 @@ import { AnnotationPage } from "@/pages/annotations/annotation-page.tsx" import { Login } from "@/pages/auth/login.tsx" import { CredentialPage } from "@/pages/credentials/credential-page.tsx" import { DnsPage } from "@/pages/dns/dns-page.tsx" +import { DocsPage } from "@/pages/docs/docs-page.tsx" import { JobsPage } from "@/pages/jobs/jobs-page.tsx" import { LabelsPage } from "@/pages/labels/labels-page.tsx" import { MePage } from "@/pages/me/me-page.tsx" @@ -21,6 +22,8 @@ export default function App() { return ( } /> + } /> + }> }> } /> diff --git a/ui/src/api/archer_admin.ts b/ui/src/api/archer_admin.ts index 5162ff7..3cdd635 100644 --- a/ui/src/api/archer_admin.ts +++ b/ui/src/api/archer_admin.ts @@ -4,14 +4,6 @@ import { makeArcherAdminApi } from "@/sdkClient.ts" const archerAdmin = makeArcherAdminApi() -type ListParams = { - status?: "queued" | "running" | "succeeded" | "failed" | "canceled" | "retrying" | "scheduled" - queue?: string - q?: string - page?: number - pageSize?: number -} - export const archerAdminApi = { listJobs: (params: AdminListArcherJobsRequest = {}) => { return withRefresh(async () => { diff --git a/ui/src/layouts/app-shell.tsx b/ui/src/layouts/app-shell.tsx index 9af479c..ed95f3c 100644 --- a/ui/src/layouts/app-shell.tsx +++ b/ui/src/layouts/app-shell.tsx @@ -4,6 +4,7 @@ import { orgStore } from "@/auth/org.ts" import { Footer } from "@/layouts/footer.tsx" import { adminNav, mainNav, orgNav, userNav } from "@/layouts/nav-config.ts" import { OrgSwitcher } from "@/layouts/org-switcher.tsx" +import { ThemePillSwitcher } from "@/layouts/theme-switcher" import { Topbar } from "@/layouts/topbar.tsx" import { NavLink, Outlet } from "react-router-dom" @@ -147,6 +148,7 @@ export const AppShell = () => { cn("flex items-center gap-2", isActive && "text-primary") } @@ -160,6 +162,9 @@ export const AppShell = () => { +
+ +
diff --git a/ui/src/layouts/footer.tsx b/ui/src/layouts/footer.tsx index 25e9cf4..ce9b086 100644 --- a/ui/src/layouts/footer.tsx +++ b/ui/src/layouts/footer.tsx @@ -33,7 +33,7 @@ function asClipboardText(v?: VersionInfo) { return `v${v.version} (${shortCommit(v.commit)}) • built ${v.built} • ${v.go} ${v.goOS}/${v.goArch}` } -export const Footer = memo(function Footer({ className }: { className?: string }) { +export const Footer = memo(function Footer() { const footerQ = useQuery({ queryKey: ["footer"], queryFn: () => metaApi.footer() as Promise, diff --git a/ui/src/layouts/nav-config.ts b/ui/src/layouts/nav-config.ts index b4acbb1..fad9b51 100644 --- a/ui/src/layouts/nav-config.ts +++ b/ui/src/layouts/nav-config.ts @@ -15,11 +15,13 @@ import { import { AiOutlineCluster } from "react-icons/ai" import { GrUserWorker } from "react-icons/gr" import { MdOutlineDns } from "react-icons/md" +import { SiSwagger } from "react-icons/si" export type NavItem = { to: string label: string icon: ComponentType<{ className?: string }> + target?: string } export const mainNav: NavItem[] = [ @@ -45,4 +47,5 @@ export const userNav: NavItem[] = [{ to: "/me", label: "Profile", icon: User2 }] export const adminNav: NavItem[] = [ { to: "/admin/users", label: "Users Admin", icon: Users }, { to: "/admin/jobs", label: "Jobs Admin", icon: GrUserWorker }, + { to: "/docs", label: "API Docs ", icon: SiSwagger, target: "_blank" }, ] diff --git a/ui/src/layouts/theme-switcher.tsx b/ui/src/layouts/theme-switcher.tsx new file mode 100644 index 0000000..1788f74 --- /dev/null +++ b/ui/src/layouts/theme-switcher.tsx @@ -0,0 +1,78 @@ +import { type ComponentType } from "react" +import { motion } from "framer-motion" +import { Monitor, Moon, Sun } from "lucide-react" +import { useTheme } from "next-themes" + +import { cn } from "@/lib/utils" + +type ThemeValue = "light" | "dark" | "system" + +const options: { id: ThemeValue; icon: ComponentType<{ className?: string }>; label: string }[] = [ + { id: "light", icon: Sun, label: "Light" }, + { id: "dark", icon: Moon, label: "Dark" }, + { id: "system", icon: Monitor, label: "System" }, +] + +interface ThemePillSwitcherProps { + className?: string + variant?: "pill" | "wide" + ariaLabel?: string +} + +export const ThemePillSwitcher = ({ + className = "", + variant = "pill", + ariaLabel = "Toggle theme", +}: ThemePillSwitcherProps) => { + const { theme, setTheme } = useTheme() + + const currentTheme = (theme ?? "system") as ThemeValue + const isPill = variant === "pill" + return ( +
+ {options.map(({ id, icon: Icon, label }) => { + const isActive = currentTheme === id + + return ( + + ) + })} +
+ ) +} \ No newline at end of file diff --git a/ui/src/layouts/topbar.tsx b/ui/src/layouts/topbar.tsx index e0219b5..971f759 100644 --- a/ui/src/layouts/topbar.tsx +++ b/ui/src/layouts/topbar.tsx @@ -1,4 +1,5 @@ import { useMemo } from "react" +import { ThemePillSwitcher } from "@/layouts/theme-switcher" import { Link, useLocation } from "react-router-dom" import { useMe } from "@/hooks/use-me.ts" @@ -69,6 +70,7 @@ export const Topbar = () => { + diff --git a/ui/src/pages/annotations/annotation-page.tsx b/ui/src/pages/annotations/annotation-page.tsx index 51a89ed..fc17eeb 100644 --- a/ui/src/pages/annotations/annotation-page.tsx +++ b/ui/src/pages/annotations/annotation-page.tsx @@ -1,6 +1,5 @@ import { useMemo, useState } from "react" import { annotationsApi } from "@/api/annotations.ts" -import { labelsApi } from "@/api/labels.ts" import type { DtoLabelResponse } from "@/sdk" import { zodResolver } from "@hookform/resolvers/zod" import { useMutation, useQuery, useQueryClient } from "@tanstack/react-query" diff --git a/ui/src/pages/credentials/credential-page.tsx b/ui/src/pages/credentials/credential-page.tsx index 902cfbf..5b70b88 100644 --- a/ui/src/pages/credentials/credential-page.tsx +++ b/ui/src/pages/credentials/credential-page.tsx @@ -1,66 +1,28 @@ -import { useMemo, useState } from "react" -import { credentialsApi } from "@/api/credentials" -import { zodResolver } from "@hookform/resolvers/zod" -import { useMutation, useQuery, useQueryClient } from "@tanstack/react-query" -import { - AlertTriangle, - Eye, - Loader2, - MoreHorizontal, - Pencil, - Plus, - Search, - Trash2, -} from "lucide-react" -import { Controller, useForm } from "react-hook-form" -import { toast } from "sonner" -import { z } from "zod" +import { useMemo, useState } from "react"; +import { credentialsApi } from "@/api/credentials"; +import { zodResolver } from "@hookform/resolvers/zod"; +import { useMutation, useQuery, useQueryClient } from "@tanstack/react-query"; +import { AlertTriangle, Eye, Loader2, MoreHorizontal, Pencil, Plus, Search, Trash2 } from "lucide-react"; +import { Controller, useForm } from "react-hook-form"; +import { toast } from "sonner"; +import { z } from "zod"; + + + +import { AlertDialog, AlertDialogAction, AlertDialogCancel, AlertDialogContent, AlertDialogDescription, AlertDialogFooter, AlertDialogHeader, AlertDialogTitle, AlertDialogTrigger } from "@/components/ui/alert-dialog"; +import { Badge } from "@/components/ui/badge"; +import { Button } from "@/components/ui/button"; +import { Dialog, DialogContent, DialogFooter, DialogHeader, DialogTitle, DialogTrigger } from "@/components/ui/dialog"; +import { DropdownMenu, DropdownMenuContent, DropdownMenuItem, DropdownMenuTrigger } from "@/components/ui/dropdown-menu"; +import { Form, FormControl, FormField, FormItem, FormLabel, FormMessage } from "@/components/ui/form"; +import { Input } from "@/components/ui/input"; +import { Select, SelectContent, SelectItem, SelectTrigger, SelectValue } from "@/components/ui/select"; +import { Switch } from "@/components/ui/switch"; +import { Textarea } from "@/components/ui/textarea"; + + + -import { - AlertDialog, - AlertDialogAction, - AlertDialogCancel, - AlertDialogContent, - AlertDialogDescription, - AlertDialogFooter, - AlertDialogHeader, - AlertDialogTitle, - AlertDialogTrigger, -} from "@/components/ui/alert-dialog" -import { Badge } from "@/components/ui/badge" -import { Button } from "@/components/ui/button" -import { - Dialog, - DialogContent, - DialogFooter, - DialogHeader, - DialogTitle, - DialogTrigger, -} from "@/components/ui/dialog" -import { - DropdownMenu, - DropdownMenuContent, - DropdownMenuItem, - DropdownMenuTrigger, -} from "@/components/ui/dropdown-menu" -import { - Form, - FormControl, - FormField, - FormItem, - FormLabel, - FormMessage, -} from "@/components/ui/form" -import { Input } from "@/components/ui/input" -import { - Select, - SelectContent, - SelectItem, - SelectTrigger, - SelectValue, -} from "@/components/ui/select" -import { Switch } from "@/components/ui/switch" -import { Textarea } from "@/components/ui/textarea" // -------------------- Constants -------------------- @@ -192,7 +154,9 @@ function extractErr(e: any): string { try { const msg = (e as any)?.response?.data?.message || (e as any)?.message if (msg) return String(msg) - } catch {} + } catch { + return "Unknown error" + } return "Unknown error" } diff --git a/ui/src/pages/dns/dns-page.tsx b/ui/src/pages/dns/dns-page.tsx index 58f2505..9caf381 100644 --- a/ui/src/pages/dns/dns-page.tsx +++ b/ui/src/pages/dns/dns-page.tsx @@ -224,9 +224,12 @@ export const DnsPage = () => { const r53Credentials = useMemo(() => (credentialQ.data ?? []).filter(isR53), [credentialQ.data]) useEffect(() => { - if (!selected && domainsQ.data && domainsQ.data.length) { - setSelected(domainsQ.data[0]!) + const setSelectedDns = () => { + if (!selected && domainsQ.data && domainsQ.data.length) { + setSelected(domainsQ.data[0]!) + } } + setSelectedDns() }, [domainsQ.data, selected]) const filteredDomains = useMemo(() => { diff --git a/ui/src/pages/docs/docs-page.tsx b/ui/src/pages/docs/docs-page.tsx new file mode 100644 index 0000000..39d30b1 --- /dev/null +++ b/ui/src/pages/docs/docs-page.tsx @@ -0,0 +1,171 @@ +import { useEffect, useRef, useState, type FC } from "react" +import { useTheme } from "next-themes" + +import { Button } from "@/components/ui/button" +import { Input } from "@/components/ui/input" + +import "rapidoc" + +import { Card, CardContent, CardHeader, CardTitle } from "@/components/ui/card.tsx" +import { + Select, + SelectContent, + SelectItem, + SelectTrigger, + SelectValue, +} from "@/components/ui/select.tsx" + +type RdThemeMode = "auto" | "light" | "dark" + +export const DocsPage: FC = () => { + const rdRef = useRef(null) + const { theme, systemTheme, setTheme } = useTheme() + + const [orgId, setOrgId] = useState("") + const [rdThemeMode, setRdThemeMode] = useState("auto") + + useEffect(() => { + const stateSetter = () => { + const stored = localStorage.getItem("autoglue.org") + if (stored) setOrgId(stored) + } + + stateSetter() + }, []) + + useEffect(() => { + const rd = rdRef.current + if (!rd) return + + let effectiveTheme: "light" | "dark" = "light" + if (rdThemeMode === "light") { + effectiveTheme = "light" + } else if (rdThemeMode === "dark") { + effectiveTheme = "dark" + } else { + const appTheme = theme === "system" ? systemTheme : theme + effectiveTheme = appTheme === "dark" ? "dark" : "light" + } + + rd.setAttribute("theme", effectiveTheme) + + if (typeof window !== "undefined") { + const defaultServer = `${window.location.origin}/api/v1` + rd.setAttribute("default-api-server", defaultServer) + } + + if (orgId) { + rd.setAttribute("api-key-name", "X-ORG-ID") + rd.setAttribute("api-key-location", "header") + rd.setAttribute("api-key-value", orgId) + } else { + rd.removeAttribute("api-key-value") + } + }, [theme, systemTheme, rdThemeMode, orgId]) + + const handleSaveOrg = () => { + const trimmed = orgId.trim() + localStorage.setItem("autoglue.org", trimmed) + const rd = rdRef.current + if (!rd) return + + if (trimmed) { + rd.setAttribute("api-key-value", trimmed) + } else { + rd.removeAttribute("api-key-value") + } + } + + const handleResetOrg = () => { + localStorage.removeItem("autoglue.org") + setOrgId("") + const rd = rdRef.current + if (!rd) return + rd.removeAttribute("api-key-value") + } + + return ( +
+ {/* Control bar */} + + + + AutoGlue API Docs +
+
+ {/* Theme selector */} +
+ Docs theme + +
+ + {/* Org ID controls */} +
+ Org ID (X-ORG-ID) + setOrgId(e.target.value)} + placeholder="org_..." + /> + + +
+
+
+ + + + Requests from <rapi-doc> will include: + Cookie: ag_jwt=… and{" "} + X-ORG-ID={orgId} + {!orgId && <> (set an Org ID above to send an X-ORG-ID header)} + + + + {/* @ts-expect-error ts-2339 */} + +
+ ) +} \ No newline at end of file diff --git a/ui/src/pages/org/settings.tsx b/ui/src/pages/org/settings.tsx index 50dca75..5c38c36 100644 --- a/ui/src/pages/org/settings.tsx +++ b/ui/src/pages/org/settings.tsx @@ -1,8 +1,6 @@ -import { useEffect, useMemo } from "react" -import { credentialsApi } from "@/api/credentials.ts" +import { useEffect } from "react" import { withRefresh } from "@/api/with-refresh.ts" import { orgStore } from "@/auth/org.ts" -import type { DtoCredentialOut } from "@/sdk" import { makeOrgsApi } from "@/sdkClient.ts" import { zodResolver } from "@hookform/resolvers/zod" import { useMutation, useQuery, useQueryClient } from "@tanstack/react-query" @@ -22,6 +20,7 @@ import { } from "@/components/ui/form.tsx" import { Input } from "@/components/ui/input.tsx" +/* const isS3 = (c: DtoCredentialOut) => c.provider === "aws" && c.scope_kind === "service" && @@ -35,6 +34,7 @@ const isS3 = (c: DtoCredentialOut) => return false } })() +*/ const schema = z.object({ name: z.string().min(1, "Required"), @@ -54,13 +54,14 @@ export const OrgSettings = () => { queryFn: () => withRefresh(() => api.getOrg({ id: orgId! })), }) + /* const credentialQ = useQuery({ queryKey: ["credentials", "s3"], queryFn: () => credentialsApi.listCredentials(), // client-side filter }) const s3Credentials = useMemo(() => (credentialQ.data ?? []).filter(isS3), [credentialQ.data]) - + */ const form = useForm({ resolver: zodResolver(schema), defaultValues: { @@ -76,7 +77,7 @@ export const OrgSettings = () => { domain: q.data.domain ?? "", }) } - }, [q.data]) + }, [q.data, form]) const updateMut = useMutation({ mutationFn: (v: Partial) => api.updateOrg({ id: orgId!, body: v }), diff --git a/ui/src/pages/servers/server-page.tsx b/ui/src/pages/servers/server-page.tsx index ae118e0..6485bb9 100644 --- a/ui/src/pages/servers/server-page.tsx +++ b/ui/src/pages/servers/server-page.tsx @@ -5,7 +5,7 @@ import { zodResolver } from "@hookform/resolvers/zod" import { useMutation, useQuery, useQueryClient } from "@tanstack/react-query" import { formatDistanceToNow } from "date-fns" import { Plus, Search } from "lucide-react" -import { useForm } from "react-hook-form" +import { useForm, useWatch } from "react-hook-form" import { toast } from "sonner" import { z } from "zod" @@ -136,8 +136,17 @@ export const ServerPage = () => { mode: "onChange", }) - const roleIsBastion = createForm.watch("role") === "bastion" - const pubCreate = createForm.watch("public_ip_address")?.trim() ?? "" + const watchedRoleCreate = useWatch({ + control: createForm.control, + name: "role", + }) + const roleIsBastion = watchedRoleCreate === "bastion" + + const watchedPublicIpCreate = useWatch({ + control: createForm.control, + name: "public_ip_address", + }) + const pubCreate = watchedPublicIpCreate?.trim() ?? "" const needPubCreate = roleIsBastion && pubCreate === "" const createMut = useMutation({ @@ -160,8 +169,19 @@ export const ServerPage = () => { mode: "onChange", }) - const roleIsBastionU = updateForm.watch("role") === "bastion" - const pubUpdate = updateForm.watch("public_ip_address")?.trim() ?? "" + const watchedRoleUpdate = useWatch({ + control: updateForm.control, + name: "role", + }) + + const watchedPublicIpAddressUpdate = useWatch({ + control: updateForm.control, + name: "public_ip_address", + }) + + const roleIsBastionU = watchedRoleUpdate === "bastion" + + const pubUpdate = watchedPublicIpAddressUpdate?.trim() ?? "" const needPubUpdate = roleIsBastionU && pubUpdate === "" const updateMut = useMutation({ diff --git a/ui/src/pages/ssh/ssh-page.tsx b/ui/src/pages/ssh/ssh-page.tsx index c21e37e..7e85869 100644 --- a/ui/src/pages/ssh/ssh-page.tsx +++ b/ui/src/pages/ssh/ssh-page.tsx @@ -4,11 +4,10 @@ import type { DtoCreateSSHRequest, DtoSshRevealResponse } from "@/sdk" import { zodResolver } from "@hookform/resolvers/zod" import { useMutation, useQuery, useQueryClient } from "@tanstack/react-query" import { Download, Eye, Loader2, Plus, Trash2 } from "lucide-react" -import { useForm } from "react-hook-form" +import { useForm, useWatch } from "react-hook-form" import { toast } from "sonner" import { z } from "zod" -import { truncateMiddle } from "@/lib/utils.ts" import { Badge } from "@/components/ui/badge.tsx" import { Button } from "@/components/ui/button.tsx" import { @@ -105,6 +104,11 @@ export const SshPage = () => { }, }) + const watchedType = useWatch({ + control: form.control, + name: "type", + }) + const createMutation = useMutation({ mutationFn: async (values: CreateKeyInput) => { const payload: DtoCreateSSHRequest = { @@ -257,7 +261,7 @@ export const SshPage = () => {