fix: db-studio prefix fixes

Signed-off-by: allanice001 <allanice001@gmail.com>

.github/workflows/docker-publish.yml

@@ -39,7 +39,7 @@ jobs:
       # https://github.com/sigstore/cosign-installer
       - name: Install cosign
         if: github.event_name != 'pull_request'
-        uses: sigstore/cosign-installer@7e8b541eb2e61bf99390e1afd4be13a184e9ebc5 # v3.10.1
+        uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0
         with:
           cosign-release: 'v2.2.4'
 

.gitignore

@@ -137,4 +137,6 @@ notes.txt
 
 .terraform
 .terraform.lock*
-terraform.tfstate*
+terraform.tfstate*
+
+ui/src/sdk

Makefile

@@ -70,7 +70,7 @@ export GO_POST_PROCESS_FILE := gofmt -w
 .DEFAULT_GOAL := help
 
 # --- version metadata (ldflags) ---
-VERSION  := $(shell git describe --tags --always --dirty 2>/dev/null || echo "dev")
+VERSION  := $(shell git describe --tags --always 2>/dev/null || echo "dev")
 COMMIT   := $(shell git rev-parse HEAD 2>/dev/null || echo "none")
 DATE     := $(shell date -u +'%Y-%m-%dT%H:%M:%SZ')
 BUILT_BY := $(shell whoami)
@@ -310,6 +310,9 @@ doctor: ## Print environment diagnostics (shell, versions, generator availabilit
 		$(OGC_BIN) version || true; \
 	}
 
+fetch-pgweb: ## Fetch PGWeb Binaries for embedding
+	go run ./tools/pgweb_fetch.go
+
 help: ## Show this help
 	@grep -hE '^[a-zA-Z0-9_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | \
 	awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}'

cmd/db.go

@@ -0,0 +1,51 @@
+package cmd
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"os"
+	"os/exec"
+	"runtime"
+	"time"
+
+	"github.com/glueops/autoglue/internal/config"
+	"github.com/spf13/cobra"
+)
+
+var dbCmd = &cobra.Command{
+	Use:   "db",
+	Short: "Database utilities",
+}
+
+var dbPsqlCmd = &cobra.Command{
+	Use:   "psql",
+	Short: "Open a psql session to the app database",
+	RunE: func(cmd *cobra.Command, args []string) error {
+		cfg, err := config.Load()
+		if err != nil {
+			return err
+		}
+		if cfg.DbURL == "" {
+			return errors.New("database.url is empty")
+		}
+		psql := "psql"
+		if runtime.GOOS == "windows" {
+			psql = "psql.exe"
+		}
+
+		ctx, cancel := context.WithTimeout(context.Background(), 72*time.Hour)
+		defer cancel()
+
+		psqlCmd := exec.CommandContext(ctx, psql, cfg.DbURL)
+		psqlCmd.Stdin, psqlCmd.Stdout, psqlCmd.Stderr = os.Stdin, os.Stdout, os.Stderr
+		fmt.Println("Launching psql…")
+		return psqlCmd.Run()
+	},
+}
+
+func init() {
+	dbCmd.AddCommand(dbPsqlCmd)
+
+	rootCmd.AddCommand(dbCmd)
+}

cmd/serve.go

@@ -18,6 +18,7 @@ import (
 	"github.com/glueops/autoglue/internal/auth"
 	"github.com/glueops/autoglue/internal/bg"
 	"github.com/glueops/autoglue/internal/config"
+	"github.com/glueops/autoglue/internal/web"
 	"github.com/google/uuid"
 	"github.com/spf13/cobra"
 )
@@ -33,6 +34,8 @@ var serveCmd = &cobra.Command{
 			return err
 		}
 
+		var pgwebInst *web.Pgweb
+
 		jobs, err := bg.NewJobs(rt.DB, cfg.DbURL)
 		if err != nil {
 			log.Fatalf("failed to init background jobs: %v", err)
@@ -119,7 +122,31 @@ var serveCmd = &cobra.Command{
 			}
 		}()
 
-		r := api.NewRouter(rt.DB, jobs)
+		var studioHandler http.Handler
+		r := api.NewRouter(rt.DB, jobs, nil)
+
+		if cfg.DBStudioEnabled {
+			dbURL := cfg.DbURLRO
+			if dbURL == "" {
+				dbURL = cfg.DbURL
+			}
+
+			pgwebInst, err = web.StartPgweb(
+				dbURL,
+				cfg.DBStudioBind,
+				cfg.DBStudioPort,
+				true,
+				cfg.DBStudioUser,
+				cfg.DBStudioPass,
+			)
+			if err != nil {
+				log.Printf("pgweb failed to start: %v", err)
+			} else {
+				studioHandler = http.HandlerFunc(pgwebInst.Proxy())
+				r = api.NewRouter(rt.DB, jobs, studioHandler)
+				log.Printf("pgweb running on http://%s:%s (proxied at /db-studio/)", cfg.DBStudioBind, pgwebInst.Port())
+			}
+		}
 
 		addr := fmt.Sprintf("%s:%s", cfg.Host, cfg.Port)
 
@@ -143,6 +170,9 @@ var serveCmd = &cobra.Command{
 
 		<-ctx.Done()
 		fmt.Println("\n⏳ Shutting down...")
+		if pgwebInst != nil {
+			_ = pgwebInst.Stop(context.Background())
+		}
 		shutdownCtx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
 		defer cancel()
 		return srv.Shutdown(shutdownCtx)

docker-compose.yml

@@ -42,7 +42,7 @@ services:
       - postgres
 
   mailpit:
-    image: axllent/mailpit@sha256:6abc8e633df15eaf785cfcf38bae48e66f64beecdc03121e249d0f9ec15f0707
+    image: axllent/mailpit@sha256:e22dce5b36f93c77082e204a3942fb6b283b7896e057458400a4c88344c3df68
     restart: always
     ports:
       - "1025:1025"

docs/swagger.yaml

@@ -49,6 +49,39 @@ definitions:
         example: https://accounts.google.com/o/oauth2/v2/auth?client_id=...
         type: string
     type: object
+  dto.ClusterResponse:
+    properties:
+      bastion_server:
+        $ref: '#/definitions/dto.ServerResponse'
+      captain_domain:
+        type: string
+      certificate_key:
+        type: string
+      cluster_load_balancer:
+        type: string
+      control_load_balancer:
+        type: string
+      created_at:
+        type: string
+      id:
+        type: string
+      name:
+        type: string
+      node_pools:
+        items:
+          $ref: '#/definitions/dto.NodePoolResponse'
+        type: array
+      provider:
+        type: string
+      random_token:
+        type: string
+      region:
+        type: string
+      status:
+        type: string
+      updated_at:
+        type: string
+    type: object
   dto.CreateAnnotationRequest:
     properties:
       key:
@@ -56,6 +89,75 @@ definitions:
       value:
         type: string
     type: object
+  dto.CreateClusterRequest:
+    properties:
+      captain_domain:
+        type: string
+      cluster_load_balancer:
+        type: string
+      control_load_balancer:
+        type: string
+      name:
+        type: string
+      provider:
+        type: string
+      region:
+        type: string
+      status:
+        type: string
+    type: object
+  dto.CreateCredentialRequest:
+    properties:
+      account_id:
+        maxLength: 32
+        type: string
+      kind:
+        description: aws_access_key, api_token, basic_auth, oauth2
+        type: string
+      name:
+        description: human label
+        maxLength: 100
+        type: string
+      provider:
+        enum:
+        - aws
+        - cloudflare
+        - hetzner
+        - digitalocean
+        - generic
+        type: string
+      region:
+        maxLength: 32
+        type: string
+      schema_version:
+        description: secret schema version
+        minimum: 1
+        type: integer
+      scope:
+        description: '{"service":"route53"} or {"arn":"..."}'
+        type: object
+      scope_kind:
+        enum:
+        - provider
+        - service
+        - resource
+        type: string
+      scope_version:
+        description: scope schema version
+        minimum: 1
+        type: integer
+      secret:
+        description: encrypted later
+        type: object
+    required:
+    - kind
+    - provider
+    - schema_version
+    - scope
+    - scope_kind
+    - scope_version
+    - secret
+    type: object
   dto.CreateLabelRequest:
     properties:
       key:
@@ -124,7 +226,46 @@ definitions:
       value:
         type: string
     type: object
+  dto.CredentialOut:
+    properties:
+      account_id:
+        type: string
+      created_at:
+        type: string
+      id:
+        type: string
+      kind:
+        type: string
+      name:
+        type: string
+      provider:
+        type: string
+      region:
+        type: string
+      schema_version:
+        type: integer
+      scope:
+        type: object
+      scope_kind:
+        type: string
+      scope_version:
+        type: integer
+      updated_at:
+        type: string
+    type: object
   dto.EnqueueRequest:
+    properties:
+      payload:
+        type: object
+      queue:
+        example: default
+        type: string
+      run_at:
+        example: "2025-11-05T08:00:00Z"
+        type: string
+      type:
+        example: email.send
+        type: string
     type: object
   dto.JWK:
     properties:
@@ -416,6 +557,24 @@ definitions:
       value:
         type: string
     type: object
+  dto.UpdateCredentialRequest:
+    properties:
+      account_id:
+        type: string
+      name:
+        type: string
+      region:
+        type: string
+      scope:
+        type: object
+      scope_kind:
+        type: string
+      scope_version:
+        type: integer
+      secret:
+        description: set if rotating
+        type: object
+    type: object
   dto.UpdateLabelRequest:
     properties:
       key:
@@ -1320,6 +1479,339 @@ paths:
       summary: Rotate refresh token
       tags:
       - Auth
+  /clusters:
+    get:
+      description: Returns clusters for the organization in X-Org-ID. Filter by `q`
+        (name contains).
+      operationId: ListClusters
+      parameters:
+      - description: Organization UUID
+        in: header
+        name: X-Org-ID
+        type: string
+      - description: Name contains (case-insensitive)
+        in: query
+        name: q
+        type: string
+      produces:
+      - application/json
+      responses:
+        "200":
+          description: OK
+          schema:
+            items:
+              $ref: '#/definitions/dto.ClusterResponse'
+            type: array
+        "401":
+          description: Unauthorized
+          schema:
+            type: string
+        "403":
+          description: organization required
+          schema:
+            type: string
+        "500":
+          description: failed to list clusters
+          schema:
+            type: string
+      security:
+      - BearerAuth: []
+      - OrgKeyAuth: []
+      - OrgSecretAuth: []
+      summary: List clusters (org scoped)
+      tags:
+      - Clusters
+    post:
+      consumes:
+      - application/json
+      description: Creates a cluster. If `kubeconfig` is provided, it will be encrypted
+        per-organization and stored securely (never returned).
+      operationId: CreateCluster
+      parameters:
+      - description: Organization UUID
+        in: header
+        name: X-Org-ID
+        type: string
+      - description: payload
+        in: body
+        name: body
+        required: true
+        schema:
+          $ref: '#/definitions/dto.CreateClusterRequest'
+      produces:
+      - application/json
+      responses:
+        "201":
+          description: Created
+          schema:
+            $ref: '#/definitions/dto.ClusterResponse'
+        "400":
+          description: invalid json
+          schema:
+            type: string
+        "401":
+          description: Unauthorized
+          schema:
+            type: string
+        "403":
+          description: organization required
+          schema:
+            type: string
+        "500":
+          description: create failed
+          schema:
+            type: string
+      security:
+      - BearerAuth: []
+      - OrgKeyAuth: []
+      - OrgSecretAuth: []
+      summary: Create cluster (org scoped)
+      tags:
+      - Clusters
+  /credentials:
+    get:
+      consumes:
+      - application/json
+      description: Returns credential metadata for the current org. Secrets are never
+        returned.
+      operationId: ListCredentials
+      parameters:
+      - description: Organization ID (UUID)
+        in: header
+        name: X-Org-ID
+        type: string
+      - description: Filter by provider (e.g., aws)
+        in: query
+        name: provider
+        type: string
+      - description: Filter by kind (e.g., aws_access_key)
+        in: query
+        name: kind
+        type: string
+      - description: Filter by scope kind (provider/service/resource)
+        in: query
+        name: scope_kind
+        type: string
+      produces:
+      - application/json
+      responses:
+        "200":
+          description: OK
+          schema:
+            items:
+              $ref: '#/definitions/dto.CredentialOut'
+            type: array
+        "401":
+          description: Unauthorized
+          schema:
+            type: string
+        "403":
+          description: organization required
+          schema:
+            type: string
+        "500":
+          description: internal server error
+          schema:
+            type: string
+      security:
+      - BearerAuth: []
+      - OrgKeyAuth: []
+      - OrgSecretAuth: []
+      summary: List credentials (metadata only)
+      tags:
+      - Credentials
+    post:
+      consumes:
+      - application/json
+      operationId: CreateCredential
+      parameters:
+      - description: Organization ID (UUID)
+        in: header
+        name: X-Org-ID
+        type: string
+      - description: Credential payload
+        in: body
+        name: body
+        required: true
+        schema:
+          $ref: '#/definitions/dto.CreateCredentialRequest'
+      produces:
+      - application/json
+      responses:
+        "201":
+          description: Created
+          schema:
+            $ref: '#/definitions/dto.CredentialOut'
+        "401":
+          description: Unauthorized
+          schema:
+            type: string
+        "403":
+          description: organization required
+          schema:
+            type: string
+        "500":
+          description: internal server error
+          schema:
+            type: string
+      security:
+      - BearerAuth: []
+      - OrgKeyAuth: []
+      - OrgSecretAuth: []
+      summary: Create a credential (encrypts secret)
+      tags:
+      - Credentials
+  /credentials/{id}:
+    delete:
+      consumes:
+      - application/json
+      operationId: DeleteCredential
+      parameters:
+      - description: Organization ID (UUID)
+        in: header
+        name: X-Org-ID
+        type: string
+      - description: Credential ID (UUID)
+        in: path
+        name: id
+        required: true
+        type: string
+      produces:
+      - application/json
+      responses:
+        "204":
+          description: No Content
+        "404":
+          description: not found
+          schema:
+            type: string
+      security:
+      - BearerAuth: []
+      - OrgKeyAuth: []
+      - OrgSecretAuth: []
+      summary: Delete credential
+      tags:
+      - Credentials
+    get:
+      consumes:
+      - application/json
+      operationId: GetCredential
+      parameters:
+      - description: Organization ID (UUID)
+        in: header
+        name: X-Org-ID
+        type: string
+      - description: Credential ID (UUID)
+        in: path
+        name: id
+        required: true
+        type: string
+      produces:
+      - application/json
+      responses:
+        "200":
+          description: OK
+          schema:
+            $ref: '#/definitions/dto.CredentialOut'
+        "401":
+          description: Unauthorized
+          schema:
+            type: string
+        "403":
+          description: organization required
+          schema:
+            type: string
+        "500":
+          description: internal server error
+          schema:
+            type: string
+      security:
+      - BearerAuth: []
+      - OrgKeyAuth: []
+      - OrgSecretAuth: []
+      summary: Get credential by ID (metadata only)
+      tags:
+      - Credentials
+    patch:
+      consumes:
+      - application/json
+      operationId: UpdateCredential
+      parameters:
+      - description: Organization ID (UUID)
+        in: header
+        name: X-Org-ID
+        type: string
+      - description: Credential ID (UUID)
+        in: path
+        name: id
+        required: true
+        type: string
+      - description: Fields to update
+        in: body
+        name: body
+        required: true
+        schema:
+          $ref: '#/definitions/dto.UpdateCredentialRequest'
+      produces:
+      - application/json
+      responses:
+        "200":
+          description: OK
+          schema:
+            $ref: '#/definitions/dto.CredentialOut'
+        "403":
+          description: X-Org-ID required
+          schema:
+            type: string
+        "404":
+          description: not found
+          schema:
+            type: string
+      security:
+      - BearerAuth: []
+      - OrgKeyAuth: []
+      - OrgSecretAuth: []
+      summary: Update credential metadata and/or rotate secret
+      tags:
+      - Credentials
+  /credentials/{id}/reveal:
+    post:
+      consumes:
+      - application/json
+      operationId: RevealCredential
+      parameters:
+      - description: Organization ID (UUID)
+        in: header
+        name: X-Org-ID
+        type: string
+      - description: Credential ID (UUID)
+        in: path
+        name: id
+        required: true
+        type: string
+      produces:
+      - application/json
+      responses:
+        "200":
+          description: OK
+          schema:
+            additionalProperties: true
+            type: object
+        "403":
+          description: organization required
+          schema:
+            type: string
+        "404":
+          description: not found
+          schema:
+            type: string
+      security:
+      - BearerAuth: []
+      - OrgKeyAuth: []
+      - OrgSecretAuth: []
+      summary: Reveal decrypted secret (one-time read)
+      tags:
+      - Credentials
   /healthz:
     get:
       consumes:

go.mod

@@ -9,6 +9,7 @@ require (
 	github.com/go-chi/chi/v5 v5.2.3
 	github.com/go-chi/cors v1.2.2
 	github.com/go-chi/httprate v0.15.0
+	github.com/go-playground/validator/v10 v10.28.0
 	github.com/golang-jwt/jwt/v5 v5.3.0
 	github.com/google/uuid v1.6.0
 	github.com/joho/godotenv v1.5.1
@@ -18,7 +19,7 @@ require (
 	github.com/swaggo/http-swagger/v2 v2.0.2
 	github.com/swaggo/swag/v2 v2.0.0-rc4
 	golang.org/x/crypto v0.43.0
-	golang.org/x/oauth2 v0.32.0
+	golang.org/x/oauth2 v0.33.0
 	gopkg.in/yaml.v3 v3.0.1
 	gorm.io/datatypes v1.2.7
 	gorm.io/driver/postgres v1.6.0
@@ -29,11 +30,14 @@ require (
 	filippo.io/edwards25519 v1.1.0 // indirect
 	github.com/KyleBanks/depth v1.2.1 // indirect
 	github.com/fsnotify/fsnotify v1.9.0 // indirect
+	github.com/gabriel-vasile/mimetype v1.4.10 // indirect
 	github.com/go-jose/go-jose/v4 v4.1.3 // indirect
 	github.com/go-openapi/jsonpointer v0.19.6 // indirect
 	github.com/go-openapi/jsonreference v0.20.2 // indirect
 	github.com/go-openapi/spec v0.20.9 // indirect
 	github.com/go-openapi/swag v0.22.3 // indirect
+	github.com/go-playground/locales v0.14.1 // indirect
+	github.com/go-playground/universal-translator v0.18.1 // indirect
 	github.com/go-sql-driver/mysql v1.8.1 // indirect
 	github.com/go-viper/mapstructure/v2 v2.4.0 // indirect
 	github.com/goccy/go-json v0.10.5 // indirect
@@ -46,6 +50,7 @@ require (
 	github.com/jinzhu/now v1.1.5 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/klauspost/cpuid/v2 v2.2.10 // indirect
+	github.com/leodido/go-urn v1.4.0 // indirect
 	github.com/lib/pq v1.10.9 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect

go.sum

@@ -22,6 +22,8 @@ github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHk
 github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0=
 github.com/fsnotify/fsnotify v1.9.0 h1:2Ml+OJNzbYCTzsxtv8vKSFD9PbJjmhYF14k/jKC7S9k=
 github.com/fsnotify/fsnotify v1.9.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0=
+github.com/gabriel-vasile/mimetype v1.4.10 h1:zyueNbySn/z8mJZHLt6IPw0KoZsiQNszIpU+bX4+ZK0=
+github.com/gabriel-vasile/mimetype v1.4.10/go.mod h1:d+9Oxyo1wTzWdyVUPMmXFvp4F9tea18J8ufA774AB3s=
 github.com/go-chi/chi/v5 v5.2.3 h1:WQIt9uxdsAbgIYgid+BpYc+liqQZGMHRaUwp0JUcvdE=
 github.com/go-chi/chi/v5 v5.2.3/go.mod h1:L2yAIGWB3H+phAw1NxKwWM+7eUH/lU8pOMm5hHcoops=
 github.com/go-chi/cors v1.2.2 h1:Jmey33TE+b+rB7fT8MUy1u0I4L+NARQlK6LhzKPSyQE=
@@ -43,6 +45,14 @@ github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh
 github.com/go-openapi/swag v0.19.15/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ=
 github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g=
 github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14=
+github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s=
+github.com/go-playground/assert/v2 v2.2.0/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4=
+github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA=
+github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY=
+github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY=
+github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
+github.com/go-playground/validator/v10 v10.28.0 h1:Q7ibns33JjyW48gHkuFT91qX48KG0ktULL6FgHdG688=
+github.com/go-playground/validator/v10 v10.28.0/go.mod h1:GoI6I1SjPBh9p7ykNE/yj3fFYbyDOpwMn5KXd+m2hUU=
 github.com/go-sql-driver/mysql v1.7.0/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
 github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpvNJ1Y=
 github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg=
@@ -89,6 +99,8 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
+github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ=
+github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI=
 github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw=
 github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
 github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
@@ -181,8 +193,8 @@ golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v
 golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
 golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
-golang.org/x/oauth2 v0.32.0 h1:jsCblLleRMDrxMN29H3z/k1KliIvpLgCkE6R8FXXNgY=
+golang.org/x/oauth2 v0.33.0 h1:4Q+qn+E5z8gPRJfmRy7C2gGG3T4jIprK6aSYgTXGRpo=
-golang.org/x/oauth2 v0.32.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA=
+golang.org/x/oauth2 v0.33.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=

internal/api/httpmiddleware/auth.go

@@ -49,6 +49,14 @@ func AuthMiddleware(db *gorm.DB, requireOrg bool) func(http.Handler) http.Handle
 				} else if appKey := r.Header.Get("X-APP-KEY"); appKey != "" {
 					secret := r.Header.Get("X-APP-SECRET")
 					user = auth.ValidateAppKeyPair(appKey, secret, db)
+				} else if c, err := r.Cookie("ag_jwt"); err == nil {
+					tok := strings.TrimSpace(c.Value)
+					if strings.HasPrefix(strings.ToLower(tok), "bearer ") {
+						tok = tok[7:]
+					}
+					if tok != "" {
+						user = auth.ValidateJWT(tok, db)
+					}
 				}
 
 				if user == nil {

internal/api/routes.go

@@ -27,7 +27,7 @@ import (
 	httpSwagger "github.com/swaggo/http-swagger/v2"
 )
 
-func NewRouter(db *gorm.DB, jobs *bg.Jobs) http.Handler {
+func NewRouter(db *gorm.DB, jobs *bg.Jobs, studio http.Handler) http.Handler {
 	zerolog.TimeFieldFormat = time.RFC3339
 
 	l := log.Output(zerolog.ConsoleWriter{Out: os.Stdout, TimeFormat: "15:04:05"})
@@ -127,6 +127,16 @@ func NewRouter(db *gorm.DB, jobs *bg.Jobs) http.Handler {
 				})
 			})
 
+			v1.Route("/credentials", func(c chi.Router) {
+				c.Use(authOrg)
+				c.Get("/", handlers.ListCredentials(db))
+				c.Post("/", handlers.CreateCredential(db))
+				c.Get("/{id}", handlers.GetCredential(db))
+				c.Patch("/{id}", handlers.UpdateCredential(db))
+				c.Delete("/{id}", handlers.DeleteCredential(db))
+				c.Post("/{id}/reveal", handlers.RevealCredential(db))
+			})
+
 			v1.Route("/ssh", func(s chi.Router) {
 				s.Use(authOrg)
 				s.Get("/", handlers.ListPublicSshKeys(db))
@@ -202,6 +212,17 @@ func NewRouter(db *gorm.DB, jobs *bg.Jobs) http.Handler {
 			})
 		})
 	})
+
+	if studio != nil {
+		r.Group(func(gr chi.Router) {
+			authUser := httpmiddleware.AuthMiddleware(db, false)
+			adminOnly := httpmiddleware.RequirePlatformAdmin()
+			gr.Use(authUser)
+			gr.Use(adminOnly)
+			gr.Mount("/db-studio", studio)
+		})
+	}
+
 	if config.IsDebug() {
 		r.Route("/debug/pprof", func(pr chi.Router) {
 			pr.Get("/", httpPprof.Index)
@@ -241,6 +262,7 @@ func NewRouter(db *gorm.DB, jobs *bg.Jobs) http.Handler {
 		mux.Handle("/api/", r)
 		mux.Handle("/api", r)
 		mux.Handle("/swagger/", r)
+		mux.Handle("/db-studio/", r)
 		mux.Handle("/debug/pprof/", r)
 		// Everything else (/, /brand-preview, assets) → proxy (no middlewares)
 		mux.Handle("/", proxy)

internal/app/runtime.go

@@ -40,6 +40,7 @@ func NewRuntime() *Runtime {
 		&models.Annotation{},
 		&models.NodePool{},
 		&models.Cluster{},
+		&models.Credential{},
 	)
 
 	if err != nil {

internal/config/config.go

@@ -13,6 +13,7 @@ import (
 
 type Config struct {
 	DbURL              string
+	DbURLRO            string
 	Port               string
 	Host               string
 	JWTIssuer          string
@@ -29,6 +30,12 @@ type Config struct {
 	Debug       bool
 	Swagger     bool
 	SwaggerHost string
+
+	DBStudioEnabled bool
+	DBStudioBind    string
+	DBStudioPort    string
+	DBStudioUser    string
+	DBStudioPass    string
 }
 
 var (
@@ -48,6 +55,12 @@ func Load() (Config, error) {
 		v.SetDefault("bind.address", "127.0.0.1")
 		v.SetDefault("bind.port", "8080")
 		v.SetDefault("database.url", "postgres://user:pass@localhost:5432/db?sslmode=disable")
+		v.SetDefault("database.url_ro", "")
+		v.SetDefault("db_studio.enabled", false)
+		v.SetDefault("db_studio.bind", "127.0.0.1")
+		v.SetDefault("db_studio.port", "0") // 0 = random
+		v.SetDefault("db_studio.user", "")
+		v.SetDefault("db_studio.pass", "")
 
 		v.SetDefault("ui.dev", false)
 		v.SetDefault("env", "development")
@@ -63,6 +76,7 @@ func Load() (Config, error) {
 			"bind.address",
 			"bind.port",
 			"database.url",
+			"database.url_ro",
 			"jwt.issuer",
 			"jwt.audience",
 			"jwt.private.enc.key",
@@ -76,6 +90,11 @@ func Load() (Config, error) {
 			"debug",
 			"swagger",
 			"swagger.host",
+			"db_studio.enabled",
+			"db_studio.bind",
+			"db_studio.port",
+			"db_studio.user",
+			"db_studio.pass",
 		}
 		for _, k := range keys {
 			_ = v.BindEnv(k)
@@ -84,6 +103,7 @@ func Load() (Config, error) {
 		// Build config
 		cfg := Config{
 			DbURL:              v.GetString("database.url"),
+			DbURLRO:            v.GetString("database.url_ro"),
 			Port:               v.GetString("bind.port"),
 			Host:               v.GetString("bind.address"),
 			JWTIssuer:          v.GetString("jwt.issuer"),
@@ -100,6 +120,12 @@ func Load() (Config, error) {
 			Debug:       v.GetBool("debug"),
 			Swagger:     v.GetBool("swagger"),
 			SwaggerHost: v.GetString("swagger.host"),
+
+			DBStudioEnabled: v.GetBool("db_studio.enabled"),
+			DBStudioBind:    v.GetString("db_studio.bind"),
+			DBStudioPort:    v.GetString("db_studio.port"),
+			DBStudioUser:    v.GetString("db_studio.user"),
+			DBStudioPass:    v.GetString("db_studio.pass"),
 		}
 
 		// Validate

internal/handlers/auth.go

@@ -273,6 +273,21 @@ func AuthCallback(db *gorm.DB) http.HandlerFunc {
 			return
 		}
 
+		secure := strings.HasPrefix(cfg.OAuthRedirectBase, "https://")
+		if xf := r.Header.Get("X-Forwarded-Proto"); xf != "" {
+			secure = strings.EqualFold(xf, "https")
+		}
+
+		http.SetCookie(w, &http.Cookie{
+			Name:     "ag_jwt",
+			Value:    "Bearer " + access,
+			Path:     "/",
+			HttpOnly: true,
+			SameSite: http.SameSiteLaxMode,
+			Secure:   secure,
+			MaxAge:   int((time.Hour * 8).Seconds()),
+		})
+
 		// If the state indicates SPA popup mode, postMessage tokens to the opener and close
 		state := r.URL.Query().Get("state")
 		if strings.Contains(state, "mode=spa") {
@@ -377,6 +392,7 @@ func Refresh(db *gorm.DB) http.HandlerFunc {
 //	@Router		/auth/logout [post]
 func Logout(db *gorm.DB) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
+		cfg, _ := config.Load()
 		var req dto.LogoutRequest
 		if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
 			utils.WriteError(w, 400, "invalid_json", err.Error())
@@ -385,13 +401,27 @@ func Logout(db *gorm.DB) http.HandlerFunc {
 		rec, err := auth.ValidateRefreshToken(db, req.RefreshToken)
 		if err != nil {
 			w.WriteHeader(204) // already invalid/revoked
-			return
+			goto clearCookie
 		}
 		if err := auth.RevokeFamily(db, rec.FamilyID); err != nil {
 			utils.WriteError(w, 500, "revoke_failed", err.Error())
 			return
 		}
+
+	clearCookie:
+		http.SetCookie(w, &http.Cookie{
+			Name:     "ag_jwt",
+			Value:    "",
+			Path:     "/",
+			HttpOnly: true,
+			MaxAge:   -1,
+			Expires:  time.Unix(0, 0),
+			SameSite: http.SameSiteLaxMode,
+			Secure:   strings.HasPrefix(cfg.OAuthRedirectBase, "https"),
+		})
+
 		w.WriteHeader(204)
+
 	}
 }
 

internal/handlers/clusters.go

@@ -0,0 +1,186 @@
+package handlers
+
+import (
+	"net/http"
+	"strings"
+	"time"
+
+	"github.com/glueops/autoglue/internal/api/httpmiddleware"
+	"github.com/glueops/autoglue/internal/common"
+	"github.com/glueops/autoglue/internal/handlers/dto"
+	"github.com/glueops/autoglue/internal/models"
+	"github.com/glueops/autoglue/internal/utils"
+	"gorm.io/gorm"
+)
+
+// ListClusters godoc
+//
+//	@ID				ListClusters
+//	@Summary		List clusters (org scoped)
+//	@Description	Returns clusters for the organization in X-Org-ID. Filter by `q` (name contains).
+//	@Tags			Clusters
+//	@Produce		json
+//	@Param			X-Org-ID	header		string	false	"Organization UUID"
+//	@Param			q			query		string	false	"Name contains (case-insensitive)"
+//	@Success		200			{array}		dto.ClusterResponse
+//	@Failure		401			{string}	string	"Unauthorized"
+//	@Failure		403			{string}	string	"organization required"
+//	@Failure		500			{string}	string	"failed to list clusters"
+//	@Router			/clusters [get]
+//	@Security		BearerAuth
+//	@Security		OrgKeyAuth
+//	@Security		OrgSecretAuth
+func ListClusters(db *gorm.DB) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		orgID, ok := httpmiddleware.OrgIDFrom(r.Context())
+		if !ok {
+			utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID")
+			return
+		}
+
+		q := db.Where("organization_id = ?", orgID)
+		if needle := strings.TrimSpace(r.URL.Query().Get("q")); needle != "" {
+			q = q.Where(`name ILIKE ?`, "%"+needle+"%")
+		}
+
+		var rows []models.Cluster
+		if err := q.
+			Preload("NodePools").
+			Preload("NodePools.Labels").
+			Preload("NodePools.Annotations").
+			Preload("NodePools.Labels").
+			Preload("NodePools.Taints").
+			Preload("NodePools.Servers").
+			Preload("BastionServer").
+			Find(&rows).Error; err != nil {
+			utils.WriteError(w, http.StatusInternalServerError, "db_error", "db error")
+			return
+		}
+
+		out := make([]dto.ClusterResponse, 0, len(rows))
+		for _, row := range rows {
+			out = append(out, clusterToDTO(row))
+		}
+
+	}
+
+}
+
+// CreateCluster godoc
+//
+//	@ID				CreateCluster
+//	@Summary		Create cluster (org scoped)
+//	@Description	Creates a cluster. If `kubeconfig` is provided, it will be encrypted per-organization and stored securely (never returned).
+//	@Tags			Clusters
+//	@Accept			json
+//	@Produce		json
+//	@Param			X-Org-ID	header	string	false	"Organization UUID"
+//	@Param			body		body	dto.CreateClusterRequest	true	"payload"
+//	@Success		201			{object}	dto.ClusterResponse
+//	@Failure		400			{string}	string	"invalid json"
+//	@Failure		401			{string}	string	"Unauthorized"
+//	@Failure		403			{string}	string	"organization required"
+//	@Failure		500			{string}	string	"create failed"
+//	@Router			/clusters [post]
+//	@Security		BearerAuth
+//	@Security		OrgKeyAuth
+//	@Security		OrgSecretAuth
+func CreateCluster(db *gorm.DB) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		w.WriteHeader(http.StatusNoContent)
+	}
+}
+
+// -- Helpers
+
+func clusterToDTO(c models.Cluster) dto.ClusterResponse {
+	var bastion *dto.ServerResponse
+	if c.BastionServer != nil {
+		b := serverToDTO(*c.BastionServer)
+		bastion = &b
+	}
+
+	nps := make([]dto.NodePoolResponse, 0, len(c.NodePools))
+	for _, np := range c.NodePools {
+		nps = append(nps, nodePoolToDTO(np))
+	}
+
+	return dto.ClusterResponse{
+		ID:            c.ID,
+		Name:          c.Name,
+		Provider:      c.Provider,
+		Region:        c.Region,
+		Status:        c.Status,
+		CaptainDomain: c.CaptainDomain,
+		//ClusterLoadBalancer: c.ClusterLoadBalancer,
+		RandomToken:    c.RandomToken,
+		CertificateKey: c.CertificateKey,
+		//ControlLoadBalancer: c.ControlLoadBalancer,
+		NodePools:     nps,
+		BastionServer: bastion,
+		CreatedAt:     c.CreatedAt,
+		UpdatedAt:     c.UpdatedAt,
+	}
+}
+
+func nodePoolToDTO(np models.NodePool) dto.NodePoolResponse {
+	labels := make([]dto.LabelResponse, 0, len(np.Labels))
+	for _, l := range np.Labels {
+		labels = append(labels, dto.LabelResponse{
+			Key:   l.Key,
+			Value: l.Value,
+		})
+	}
+
+	annotations := make([]dto.AnnotationResponse, 0, len(np.Annotations))
+	for _, a := range np.Annotations {
+		annotations = append(annotations, dto.AnnotationResponse{
+			Key:   a.Key,
+			Value: a.Value,
+		})
+	}
+
+	taints := make([]dto.TaintResponse, 0, len(np.Taints))
+	for _, t := range np.Taints {
+		taints = append(taints, dto.TaintResponse{
+			Key:    t.Key,
+			Value:  t.Value,
+			Effect: t.Effect,
+		})
+	}
+
+	servers := make([]dto.ServerResponse, 0, len(np.Servers))
+	for _, s := range np.Servers {
+		servers = append(servers, serverToDTO(s))
+	}
+
+	return dto.NodePoolResponse{
+		AuditFields: common.AuditFields{
+			ID:             np.ID,
+			OrganizationID: np.OrganizationID,
+			CreatedAt:      np.CreatedAt,
+			UpdatedAt:      np.UpdatedAt,
+		},
+		Name:        np.Name,
+		Role:        dto.NodeRole(np.Role),
+		Labels:      labels,
+		Annotations: annotations,
+		Taints:      taints,
+		Servers:     servers,
+	}
+}
+
+func serverToDTO(s models.Server) dto.ServerResponse {
+	return dto.ServerResponse{
+		ID:               s.ID,
+		Hostname:         s.Hostname,
+		PrivateIPAddress: s.PrivateIPAddress,
+		PublicIPAddress:  s.PublicIPAddress,
+		Role:             s.Role,
+		Status:           s.Status,
+		SSHUser:          s.SSHUser,
+		SshKeyID:         s.SshKeyID,
+		CreatedAt:        s.CreatedAt.UTC().Format(time.RFC3339),
+		UpdatedAt:        s.UpdatedAt.UTC().Format(time.RFC3339),
+	}
+}

internal/handlers/credentials.go

@@ -0,0 +1,561 @@
+package handlers
+
+import (
+	"bytes"
+	"context"
+	"crypto/sha256"
+	"encoding/hex"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"net/http"
+	"sort"
+	"time"
+
+	"github.com/glueops/autoglue/internal/api/httpmiddleware"
+	"github.com/glueops/autoglue/internal/handlers/dto"
+	"github.com/glueops/autoglue/internal/models"
+	"github.com/glueops/autoglue/internal/utils"
+	"github.com/go-chi/chi/v5"
+	"github.com/google/uuid"
+	"gorm.io/datatypes"
+	"gorm.io/gorm"
+)
+
+// ListCredentials godoc
+// @ID ListCredentials
+// @Summary List credentials (metadata only)
+// @Description Returns credential metadata for the current org. Secrets are never returned.
+// @Tags Credentials
+// @Accept json
+// @Produce json
+// @Param X-Org-ID header string false "Organization ID (UUID)"
+// @Param provider query string false "Filter by provider (e.g., aws)"
+// @Param kind query string false "Filter by kind (e.g., aws_access_key)"
+// @Param scope_kind query string false "Filter by scope kind (provider/service/resource)"
+// @Success 200 {array} dto.CredentialOut
+// @Failure		401	{string}	string	"Unauthorized"
+// @Failure		403	{string}	string	"organization required"
+// @Failure 500 {string} string "internal server error"
+// @Router /credentials [get]
+// @Security		BearerAuth
+// @Security		OrgKeyAuth
+// @Security		OrgSecretAuth
+func ListCredentials(db *gorm.DB) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		orgID, ok := httpmiddleware.OrgIDFrom(r.Context())
+		if !ok {
+			utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID")
+			return
+		}
+		q := db.Where("organization_id = ?", orgID)
+		if v := r.URL.Query().Get("provider"); v != "" {
+			q = q.Where("provider = ?", v)
+		}
+		if v := r.URL.Query().Get("kind"); v != "" {
+			q = q.Where("kind = ?", v)
+		}
+		if v := r.URL.Query().Get("scope_kind"); v != "" {
+			q = q.Where("scope_kind = ?", v)
+		}
+
+		var rows []models.Credential
+		if err := q.Order("updated_at DESC").Find(&rows).Error; err != nil {
+			utils.WriteError(w, http.StatusInternalServerError, "db_error", err.Error())
+			return
+		}
+		out := make([]dto.CredentialOut, 0, len(rows))
+		for i := range rows {
+			out = append(out, credOut(&rows[i]))
+		}
+		utils.WriteJSON(w, http.StatusOK, out)
+	}
+}
+
+// GetCredential godoc
+// @ID GetCredential
+// @Summary Get credential by ID (metadata only)
+// @Tags Credentials
+// @Accept json
+// @Produce json
+// @Param X-Org-ID header string false "Organization ID (UUID)"
+// @Param id path string true "Credential ID (UUID)"
+// @Success 200 {object} dto.CredentialOut
+// @Failure		401	{string}	string	"Unauthorized"
+// @Failure		403	{string}	string	"organization required"
+// @Failure 500 {string} string "internal server error"
+// @Router /credentials/{id} [get]
+// @Security		BearerAuth
+// @Security		OrgKeyAuth
+// @Security		OrgSecretAuth
+func GetCredential(db *gorm.DB) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		orgID, ok := httpmiddleware.OrgIDFrom(r.Context())
+		if !ok {
+			utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID")
+			return
+		}
+
+		idStr := chi.URLParam(r, "id")
+		id, err := uuid.Parse(idStr)
+		if err != nil {
+			utils.WriteError(w, http.StatusBadRequest, "bad_id", "invalid UUID")
+			return
+		}
+
+		var row models.Credential
+		if err := db.Where("organization_id = ? AND id = ?", orgID, id).First(&row).Error; err != nil {
+			if errors.Is(err, gorm.ErrRecordNotFound) {
+				utils.WriteError(w, http.StatusNotFound, "not_found", "credential not found")
+				return
+			}
+			utils.WriteError(w, http.StatusInternalServerError, "db_error", err.Error())
+			return
+		}
+		utils.WriteJSON(w, http.StatusOK, credOut(&row))
+	}
+}
+
+// CreateCredential godoc
+// @ID CreateCredential
+// @Summary Create a credential (encrypts secret)
+// @Tags Credentials
+// @Accept json
+// @Produce json
+// @Param X-Org-ID header string false "Organization ID (UUID)"
+// @Param body body dto.CreateCredentialRequest true "Credential payload"
+// @Success 201 {object} dto.CredentialOut
+// @Failure		401	{string}	string	"Unauthorized"
+// @Failure		403	{string}	string	"organization required"
+// @Failure 500 {string} string "internal server error"
+// @Router /credentials [post]
+// @Security		BearerAuth
+// @Security		OrgKeyAuth
+// @Security		OrgSecretAuth
+func CreateCredential(db *gorm.DB) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		orgID, ok := httpmiddleware.OrgIDFrom(r.Context())
+		if !ok {
+			utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID")
+			return
+		}
+
+		var in dto.CreateCredentialRequest
+		if err := json.NewDecoder(r.Body).Decode(&in); err != nil {
+			utils.WriteError(w, http.StatusBadRequest, "bad_json", err.Error())
+			return
+		}
+
+		if err := dto.Validate.Struct(in); err != nil {
+			utils.WriteError(w, http.StatusBadRequest, "validation_error", err.Error())
+			return
+		}
+
+		cred, err := SaveCredentialWithScope(
+			r.Context(), db, orgID,
+			in.Provider, in.Kind, in.SchemaVersion,
+			in.ScopeKind, in.ScopeVersion, json.RawMessage(in.Scope), json.RawMessage(in.Secret),
+			in.Name, in.AccountID, in.Region,
+		)
+		if err != nil {
+			utils.WriteError(w, http.StatusBadRequest, "save_failed", err.Error())
+			return
+		}
+		utils.WriteJSON(w, http.StatusCreated, credOut(cred))
+	}
+}
+
+// UpdateCredential godoc
+// @ID UpdateCredential
+// @Summary Update credential metadata and/or rotate secret
+// @Tags Credentials
+// @Accept json
+// @Produce json
+// @Param X-Org-ID header string false "Organization ID (UUID)"
+// @Param id path string true "Credential ID (UUID)"
+// @Param body body dto.UpdateCredentialRequest true "Fields to update"
+// @Success 200 {object} dto.CredentialOut
+// @Failure		403	{string}	string	"X-Org-ID required"
+// @Failure		404	{string}	string	"not found"
+// @Router /credentials/{id} [patch]
+// @Security		BearerAuth
+// @Security		OrgKeyAuth
+// @Security		OrgSecretAuth
+func UpdateCredential(db *gorm.DB) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		orgID, ok := httpmiddleware.OrgIDFrom(r.Context())
+		if !ok {
+			utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID")
+			return
+		}
+
+		id, err := uuid.Parse(chi.URLParam(r, "id"))
+		if err != nil {
+			utils.WriteError(w, http.StatusBadRequest, "bad_id", "invalid UUID")
+			return
+		}
+
+		var row models.Credential
+		if err := db.Where("organization_id = ? AND id = ?", orgID, id).First(&row).Error; err != nil {
+			if errors.Is(err, gorm.ErrRecordNotFound) {
+				utils.WriteError(w, http.StatusNotFound, "not_found", "credential not found")
+				return
+			}
+			utils.WriteError(w, http.StatusInternalServerError, "db_error", err.Error())
+			return
+		}
+
+		var in dto.UpdateCredentialRequest
+		if err := json.NewDecoder(r.Body).Decode(&in); err != nil {
+			utils.WriteError(w, http.StatusBadRequest, "bad_json", err.Error())
+			return
+		}
+
+		// Update metadata
+		if in.Name != nil {
+			row.Name = *in.Name
+		}
+		if in.AccountID != nil {
+			row.AccountID = *in.AccountID
+		}
+		if in.Region != nil {
+			row.Region = *in.Region
+		}
+
+		// Update scope (re-validate + fingerprint)
+		if in.ScopeKind != nil || in.Scope != nil || in.ScopeVersion != nil {
+			newKind := row.ScopeKind
+			if in.ScopeKind != nil {
+				newKind = *in.ScopeKind
+			}
+			newVersion := row.ScopeVersion
+			if in.ScopeVersion != nil {
+				newVersion = *in.ScopeVersion
+			}
+			if in.Scope == nil {
+				utils.WriteError(w, http.StatusBadRequest, "validation_error", "scope must be provided when changing scope kind/version")
+				return
+			}
+			prScopes := dto.ScopeRegistry[row.Provider]
+			kScopes := prScopes[newKind]
+			sdef := kScopes[newVersion]
+			dst := sdef.New()
+			if err := json.Unmarshal(*in.Scope, dst); err != nil {
+				utils.WriteError(w, http.StatusBadRequest, "invalid_scope_json", err.Error())
+				return
+			}
+			if err := sdef.Validate(dst); err != nil {
+				utils.WriteError(w, http.StatusBadRequest, "invalid_scope", err.Error())
+				return
+			}
+			canonScope, err := canonicalJSON(dst)
+			if err != nil {
+				utils.WriteError(w, http.StatusInternalServerError, "canon_error", err.Error())
+				return
+			}
+			row.Scope = canonScope
+			row.ScopeKind = newKind
+			row.ScopeVersion = newVersion
+			row.ScopeFingerprint = sha256Hex(canonScope)
+		}
+
+		// Rotate secret
+		if in.Secret != nil {
+			// validate against current Provider/Kind/SchemaVersion
+			def := dto.CredentialRegistry[row.Provider][row.Kind][row.SchemaVersion]
+			dst := def.New()
+			if err := json.Unmarshal(*in.Secret, dst); err != nil {
+				utils.WriteError(w, http.StatusBadRequest, "invalid_secret_json", err.Error())
+				return
+			}
+			if err := def.Validate(dst); err != nil {
+				utils.WriteError(w, http.StatusBadRequest, "invalid_secret", err.Error())
+				return
+			}
+			canonSecret, err := canonicalJSON(dst)
+			if err != nil {
+				utils.WriteError(w, http.StatusInternalServerError, "canon_error", err.Error())
+				return
+			}
+			cipher, iv, tag, err := utils.EncryptForOrg(orgID, canonSecret, db)
+			if err != nil {
+				utils.WriteError(w, http.StatusInternalServerError, "encrypt_error", err.Error())
+				return
+			}
+			row.EncryptedData = cipher
+			row.IV = iv
+			row.Tag = tag
+		}
+
+		if err := db.Save(&row).Error; err != nil {
+			utils.WriteError(w, http.StatusInternalServerError, "db_error", err.Error())
+			return
+		}
+		utils.WriteJSON(w, http.StatusOK, credOut(&row))
+	}
+}
+
+// DeleteCredential godoc
+// @ID DeleteCredential
+// @Summary Delete credential
+// @Tags Credentials
+// @Accept json
+// @Produce json
+// @Param X-Org-ID header string false "Organization ID (UUID)"
+// @Param id path string true "Credential ID (UUID)"
+// @Success 204
+// @Failure		404	{string}	string	"not found"
+// @Router /credentials/{id} [delete]
+// @Security		BearerAuth
+// @Security		OrgKeyAuth
+// @Security		OrgSecretAuth
+func DeleteCredential(db *gorm.DB) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		orgID, ok := httpmiddleware.OrgIDFrom(r.Context())
+		if !ok {
+			utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID")
+			return
+		}
+		id, err := uuid.Parse(chi.URLParam(r, "id"))
+		if err != nil {
+			utils.WriteError(w, http.StatusBadRequest, "bad_id", "invalid UUID")
+			return
+		}
+		res := db.Where("organization_id = ? AND id = ?", orgID, id).Delete(&models.Credential{})
+		if res.Error != nil {
+			utils.WriteError(w, http.StatusInternalServerError, "db_error", res.Error.Error())
+			return
+		}
+		if res.RowsAffected == 0 {
+			utils.WriteError(w, http.StatusNotFound, "not_found", "credential not found")
+			return
+		}
+		w.WriteHeader(http.StatusNoContent)
+	}
+}
+
+// RevealCredential godoc
+// @ID RevealCredential
+// @Summary Reveal decrypted secret (one-time read)
+// @Tags Credentials
+// @Accept json
+// @Produce json
+// @Param X-Org-ID header string false "Organization ID (UUID)"
+// @Param id path string true "Credential ID (UUID)"
+// @Success 200 {object} map[string]any
+// @Failure		403	{string}	string	"organization required"
+// @Failure		404	{string}	string	"not found"
+// @Router /credentials/{id}/reveal [post]
+// @Security		BearerAuth
+// @Security		OrgKeyAuth
+// @Security		OrgSecretAuth
+func RevealCredential(db *gorm.DB) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		orgID, ok := httpmiddleware.OrgIDFrom(r.Context())
+		if !ok {
+			utils.WriteError(w, http.StatusForbidden, "org_required", "specify X-Org-ID")
+			return
+		}
+
+		id, err := uuid.Parse(chi.URLParam(r, "id"))
+		if err != nil {
+			utils.WriteError(w, http.StatusBadRequest, "bad_id", "invalid UUID")
+			return
+		}
+
+		var row models.Credential
+		if err := db.Where("organization_id = ? AND id = ?", orgID, id).First(&row).Error; err != nil {
+			if errors.Is(err, gorm.ErrRecordNotFound) {
+				utils.WriteError(w, http.StatusNotFound, "not_found", "credential not found")
+				return
+			}
+			utils.WriteError(w, http.StatusInternalServerError, "db_error", err.Error())
+			return
+		}
+
+		plain, err := utils.DecryptForOrg(orgID, row.EncryptedData, row.IV, row.Tag, db)
+		if err != nil {
+			utils.WriteError(w, http.StatusInternalServerError, "decrypt_error", err.Error())
+			return
+		}
+
+		utils.WriteJSON(w, http.StatusOK, plain)
+	}
+}
+
+// -- Helpers
+
+func canonicalJSON(v any) ([]byte, error) {
+	b, err := json.Marshal(v)
+	if err != nil {
+		return nil, err
+	}
+	var m any
+	if err := json.Unmarshal(b, &m); err != nil {
+		return nil, err
+	}
+	return marshalSorted(m)
+}
+
+func marshalSorted(v any) ([]byte, error) {
+	switch vv := v.(type) {
+	case map[string]any:
+		keys := make([]string, 0, len(vv))
+		for k := range vv {
+			keys = append(keys, k)
+		}
+		sort.Strings(keys)
+		buf := bytes.NewBufferString("{")
+		for i, k := range keys {
+			if i > 0 {
+				buf.WriteByte(',')
+			}
+			kb, _ := json.Marshal(k)
+			buf.Write(kb)
+			buf.WriteByte(':')
+			b, err := marshalSorted(vv[k])
+			if err != nil {
+				return nil, err
+			}
+			buf.Write(b)
+		}
+		buf.WriteByte('}')
+		return buf.Bytes(), nil
+	case []any:
+		buf := bytes.NewBufferString("[")
+		for i, e := range vv {
+			if i > 0 {
+				buf.WriteByte(',')
+			}
+			b, err := marshalSorted(e)
+			if err != nil {
+				return nil, err
+			}
+			buf.Write(b)
+		}
+		buf.WriteByte(']')
+		return buf.Bytes(), nil
+	default:
+		return json.Marshal(v)
+	}
+}
+
+func sha256Hex(b []byte) string {
+	sum := sha256.Sum256(b)
+	return hex.EncodeToString(sum[:])
+}
+
+// SaveCredentialWithScope validates secret+scope, encrypts, fingerprints, and stores.
+func SaveCredentialWithScope(
+	ctx context.Context,
+	db *gorm.DB,
+	orgID uuid.UUID,
+	provider, kind string,
+	schemaVersion int,
+	scopeKind string,
+	scopeVersion int,
+	rawScope json.RawMessage,
+	rawSecret json.RawMessage,
+	name, accountID, region string,
+) (*models.Credential, error) {
+	// 1) secret shape
+	pv, ok := dto.CredentialRegistry[provider]
+	if !ok {
+		return nil, fmt.Errorf("unknown provider %q", provider)
+	}
+	kv, ok := pv[kind]
+	if !ok {
+		return nil, fmt.Errorf("unknown kind %q for provider %q", kind, provider)
+	}
+	def, ok := kv[schemaVersion]
+	if !ok {
+		return nil, fmt.Errorf("unsupported schema version %d for %s/%s", schemaVersion, provider, kind)
+	}
+
+	secretDst := def.New()
+	if err := json.Unmarshal(rawSecret, secretDst); err != nil {
+		return nil, fmt.Errorf("payload is not valid JSON for %s/%s: %w", provider, kind, err)
+	}
+	if err := def.Validate(secretDst); err != nil {
+		return nil, fmt.Errorf("invalid %s/%s: %w", provider, kind, err)
+	}
+
+	// 2) scope shape
+	prScopes, ok := dto.ScopeRegistry[provider]
+	if !ok {
+		return nil, fmt.Errorf("no scopes registered for provider %q", provider)
+	}
+	kScopes, ok := prScopes[scopeKind]
+	if !ok {
+		return nil, fmt.Errorf("invalid scope_kind %q for provider %q", scopeKind, provider)
+	}
+	sdef, ok := kScopes[scopeVersion]
+	if !ok {
+		return nil, fmt.Errorf("unsupported scope version %d for %s/%s", scopeVersion, provider, scopeKind)
+	}
+
+	scopeDst := sdef.New()
+	if err := json.Unmarshal(rawScope, scopeDst); err != nil {
+		return nil, fmt.Errorf("invalid scope JSON: %w", err)
+	}
+	if err := sdef.Validate(scopeDst); err != nil {
+		return nil, fmt.Errorf("invalid scope: %w", err)
+	}
+
+	// 3) canonicalize scope (also what we persist in plaintext)
+	canonScope, err := canonicalJSON(scopeDst)
+	if err != nil {
+		return nil, err
+	}
+	fp := sha256Hex(canonScope) // or HMAC if you have a server-side key
+
+	// 4) canonicalize + encrypt secret
+	canonSecret, err := canonicalJSON(secretDst)
+	if err != nil {
+		return nil, err
+	}
+	cipher, iv, tag, err := utils.EncryptForOrg(orgID, canonSecret, db)
+	if err != nil {
+		return nil, fmt.Errorf("encrypt: %w", err)
+	}
+
+	cred := &models.Credential{
+		OrganizationID:   orgID,
+		Provider:         provider,
+		Kind:             kind,
+		SchemaVersion:    schemaVersion,
+		Name:             name,
+		ScopeKind:        scopeKind,
+		Scope:            datatypes.JSON(canonScope),
+		ScopeVersion:     scopeVersion,
+		AccountID:        accountID,
+		Region:           region,
+		ScopeFingerprint: fp,
+		EncryptedData:    cipher,
+		IV:               iv,
+		Tag:              tag,
+	}
+
+	if err := db.WithContext(ctx).Create(cred).Error; err != nil {
+		return nil, err
+	}
+	return cred, nil
+}
+
+// credOut converts model → response DTO
+func credOut(c *models.Credential) dto.CredentialOut {
+	return dto.CredentialOut{
+		ID:            c.ID.String(),
+		Provider:      c.Provider,
+		Kind:          c.Kind,
+		SchemaVersion: c.SchemaVersion,
+		Name:          c.Name,
+		ScopeKind:     c.ScopeKind,
+		ScopeVersion:  c.ScopeVersion,
+		Scope:         dto.RawJSON(c.Scope),
+		AccountID:     c.AccountID,
+		Region:        c.Region,
+		CreatedAt:     c.CreatedAt.UTC().Format(time.RFC3339),
+		UpdatedAt:     c.UpdatedAt.UTC().Format(time.RFC3339),
+	}
+}

internal/handlers/dto/clusters.go

@@ -0,0 +1,34 @@
+package dto
+
+import (
+	"time"
+
+	"github.com/google/uuid"
+)
+
+type ClusterResponse struct {
+	ID                  uuid.UUID          `json:"id"`
+	Name                string             `json:"name"`
+	Provider            string             `json:"provider"`
+	Region              string             `json:"region"`
+	Status              string             `json:"status"`
+	CaptainDomain       string             `json:"captain_domain"`
+	ClusterLoadBalancer string             `json:"cluster_load_balancer"`
+	RandomToken         string             `json:"random_token"`
+	CertificateKey      string             `json:"certificate_key"`
+	ControlLoadBalancer string             `json:"control_load_balancer"`
+	NodePools           []NodePoolResponse `json:"node_pools,omitempty"`
+	BastionServer       *ServerResponse    `json:"bastion_server,omitempty"`
+	CreatedAt           time.Time          `json:"created_at"`
+	UpdatedAt           time.Time          `json:"updated_at"`
+}
+
+type CreateClusterRequest struct {
+	Name                string  `json:"name"`
+	Provider            string  `json:"provider"`
+	Region              string  `json:"region"`
+	Status              string  `json:"status"`
+	CaptainDomain       string  `json:"captain_domain"`
+	ClusterLoadBalancer *string `json:"cluster_load_balancer"`
+	ControlLoadBalancer *string `json:"control_load_balancer"`
+}

internal/handlers/dto/credentials.go

@@ -0,0 +1,138 @@
+package dto
+
+import (
+	"encoding/json"
+
+	"github.com/go-playground/validator/v10"
+)
+
+// RawJSON is a swagger-friendly wrapper for json.RawMessage.
+type RawJSON = json.RawMessage
+
+var Validate = validator.New()
+
+func init() {
+	_ = Validate.RegisterValidation("awsarn", func(fl validator.FieldLevel) bool {
+		v := fl.Field().String()
+		return len(v) > 10 && len(v) < 2048 && len(v) >= 4 && v[:4] == "arn:"
+	})
+}
+
+/*** Shapes for secrets ***/
+
+type AWSCredential struct {
+	AccessKeyID     string `json:"access_key_id" validate:"required,alphanum,len=20"`
+	SecretAccessKey string `json:"secret_access_key" validate:"required"`
+	Region          string `json:"region" validate:"omitempty"`
+}
+
+type BasicAuth struct {
+	Username string `json:"username" validate:"required"`
+	Password string `json:"password" validate:"required"`
+}
+
+type APIToken struct {
+	Token string `json:"token" validate:"required"`
+}
+
+type OAuth2Credential struct {
+	ClientID     string `json:"client_id" validate:"required"`
+	ClientSecret string `json:"client_secret" validate:"required"`
+	RefreshToken string `json:"refresh_token" validate:"required"`
+}
+
+/*** Shapes for scopes ***/
+
+type AWSProviderScope struct{}
+
+type AWSServiceScope struct {
+	Service string `json:"service" validate:"required,oneof=route53 s3 ec2 iam rds dynamodb"`
+}
+
+type AWSResourceScope struct {
+	ARN string `json:"arn" validate:"required,awsarn"`
+}
+
+/*** Registries ***/
+
+type ProviderDef struct {
+	New      func() any
+	Validate func(any) error
+}
+
+type ScopeDef struct {
+	New         func() any
+	Validate    func(any) error
+	Specificity int // 0=provider, 1=service, 2=resource
+}
+
+// Secret shapes per provider/kind/version
+
+var CredentialRegistry = map[string]map[string]map[int]ProviderDef{
+	"aws": {
+		"aws_access_key": {
+			1: {New: func() any { return &AWSCredential{} }, Validate: func(x any) error { return Validate.Struct(x) }},
+		},
+	},
+	"cloudflare":   {"api_token": {1: {New: func() any { return &APIToken{} }, Validate: func(x any) error { return Validate.Struct(x) }}}},
+	"hetzner":      {"api_token": {1: {New: func() any { return &APIToken{} }, Validate: func(x any) error { return Validate.Struct(x) }}}},
+	"digitalocean": {"api_token": {1: {New: func() any { return &APIToken{} }, Validate: func(x any) error { return Validate.Struct(x) }}}},
+	"generic": {
+		"basic_auth": {1: {New: func() any { return &BasicAuth{} }, Validate: func(x any) error { return Validate.Struct(x) }}},
+		"oauth2":     {1: {New: func() any { return &OAuth2Credential{} }, Validate: func(x any) error { return Validate.Struct(x) }}},
+	},
+}
+
+// Scope shapes per provider/scopeKind/version
+
+var ScopeRegistry = map[string]map[string]map[int]ScopeDef{
+	"aws": {
+		"provider": {1: {New: func() any { return &AWSProviderScope{} }, Validate: func(any) error { return nil }, Specificity: 0}},
+		"service":  {1: {New: func() any { return &AWSServiceScope{} }, Validate: func(x any) error { return Validate.Struct(x) }, Specificity: 1}},
+		"resource": {1: {New: func() any { return &AWSResourceScope{} }, Validate: func(x any) error { return Validate.Struct(x) }, Specificity: 2}},
+	},
+}
+
+/*** API DTOs used by swagger ***/
+
+// CreateCredentialRequest represents the POST /credentials payload
+type CreateCredentialRequest struct {
+	Provider      string  `json:"provider" validate:"required,oneof=aws cloudflare hetzner digitalocean generic"`
+	Kind          string  `json:"kind" validate:"required"`                 // aws_access_key, api_token, basic_auth, oauth2
+	SchemaVersion int     `json:"schema_version" validate:"required,gte=1"` // secret schema version
+	Name          string  `json:"name" validate:"omitempty,max=100"`        // human label
+	ScopeKind     string  `json:"scope_kind" validate:"required,oneof=provider service resource"`
+	ScopeVersion  int     `json:"scope_version" validate:"required,gte=1"`        // scope schema version
+	Scope         RawJSON `json:"scope" validate:"required" swaggertype:"object"` // {"service":"route53"} or {"arn":"..."}
+	AccountID     string  `json:"account_id,omitempty" validate:"omitempty,max=32"`
+	Region        string  `json:"region,omitempty" validate:"omitempty,max=32"`
+	Secret        RawJSON `json:"secret" validate:"required" swaggertype:"object"` // encrypted later
+}
+
+// UpdateCredentialRequest represents PATCH /credentials/{id}
+type UpdateCredentialRequest struct {
+	Name         *string  `json:"name,omitempty"`
+	AccountID    *string  `json:"account_id,omitempty"`
+	Region       *string  `json:"region,omitempty"`
+	ScopeKind    *string  `json:"scope_kind,omitempty"`
+	ScopeVersion *int     `json:"scope_version,omitempty"`
+	Scope        *RawJSON `json:"scope,omitempty" swaggertype:"object"`
+	Secret       *RawJSON `json:"secret,omitempty" swaggertype:"object"` // set if rotating
+
+}
+
+// CredentialOut is what we return (no secrets)
+type CredentialOut struct {
+	ID            string  `json:"id"`
+	Provider      string  `json:"provider"`
+	Kind          string  `json:"kind"`
+	SchemaVersion int     `json:"schema_version"`
+	Name          string  `json:"name"`
+	ScopeKind     string  `json:"scope_kind"`
+	ScopeVersion  int     `json:"scope_version"`
+	Scope         RawJSON `json:"scope" swaggertype:"object"`
+	AccountID     string  `json:"account_id,omitempty"`
+	Region        string  `json:"region,omitempty"`
+	CreatedAt     string  `json:"created_at"`
+	UpdatedAt     string  `json:"updated_at"`
+}

internal/handlers/dto/jobs.go

@@ -57,6 +57,6 @@ type PageJob struct {
 type EnqueueRequest struct {
 	Queue   string          `json:"queue" example:"default"`
 	Type    string          `json:"type" example:"email.send"`
-	Payload json.RawMessage `json:"payload"`
+	Payload json.RawMessage `json:"payload" swaggertype:"object"`
 	RunAt   *time.Time      `json:"run_at" example:"2025-11-05T08:00:00Z"`
 }

internal/models/cluster.go

@@ -14,16 +14,20 @@ type Cluster struct {
 	Provider            string       `json:"provider"`
 	Region              string       `json:"region"`
 	Status              string       `json:"status"`
-	CaptainDomain       string       `gorm:"not null" json:"captain_domain"`
+	CaptainDomain       string       `gorm:"not null" json:"captain_domain"` // nonprod.earth.onglueops.rocks
-	ClusterLoadBalancer string       `json:"cluster_load_balancer"`
+	AppsLoadBalancer    string       `json:"cluster_load_balancer"`          // {public_ip: 1.2.3.4, private_ip: 10.0.30.1, name: apps.CaqptainDomain}
-	RandomToken         string       `json:"random_token"`
+	GlueOpsLoadBalancer string       `json:"control_load_balancer"`          // {public_ip: 5.6.7.8, private_ip: 10.0.22.1, name: CaptainDomain}
-	CertificateKey      string       `json:"certificate_key"`
+
-	EncryptedKubeconfig string       `gorm:"type:text" json:"-"`
+	ControlPlane string `json:"control_plane"` // <- dns cntlpn
-	KubeIV              string       `json:"-"`
+
-	KubeTag             string       `json:"-"`
+	RandomToken         string     `json:"random_token"`
-	NodePools           []NodePool   `gorm:"many2many:cluster_node_pools;constraint:OnDelete:CASCADE" json:"node_pools,omitempty"`
+	CertificateKey      string     `json:"certificate_key"`
-	BastionServerID     *uuid.UUID   `gorm:"type:uuid" json:"bastion_server_id,omitempty"`
+	EncryptedKubeconfig string     `gorm:"type:text" json:"-"`
-	BastionServer       *Server      `gorm:"foreignKey:BastionServerID" json:"bastion_server,omitempty"`
+	KubeIV              string     `json:"-"`
-	CreatedAt           time.Time    `json:"created_at,omitempty" gorm:"type:timestamptz;column:created_at;not null;default:now()"`
+	KubeTag             string     `json:"-"`
-	UpdatedAt           time.Time    `json:"updated_at,omitempty" gorm:"type:timestamptz;autoUpdateTime;column:updated_at;not null;default:now()"`
+	NodePools           []NodePool `gorm:"many2many:cluster_node_pools;constraint:OnDelete:CASCADE" json:"node_pools,omitempty"`
+	BastionServerID     *uuid.UUID `gorm:"type:uuid" json:"bastion_server_id,omitempty"`
+	BastionServer       *Server    `gorm:"foreignKey:BastionServerID" json:"bastion_server,omitempty"`
+	CreatedAt           time.Time  `json:"created_at,omitempty" gorm:"type:timestamptz;column:created_at;not null;default:now()"`
+	UpdatedAt           time.Time  `json:"updated_at,omitempty" gorm:"type:timestamptz;autoUpdateTime;column:updated_at;not null;default:now()"`
 }

internal/models/credential.go

@@ -0,0 +1,29 @@
+package models
+
+import (
+	"time"
+
+	"github.com/google/uuid"
+	"gorm.io/datatypes"
+)
+
+type Credential struct {
+	ID               uuid.UUID      `gorm:"type:uuid;primaryKey;default:gen_random_uuid()"`
+	OrganizationID   uuid.UUID      `gorm:"type:uuid;not null;index" json:"organization_id"`
+	Organization     Organization   `gorm:"foreignKey:OrganizationID;constraint:OnDelete:CASCADE" json:"organization"`
+	Provider         string         `gorm:"type:varchar(50);not null;uniqueIndex:uniq_org_provider_scopekind_scope,priority:2;index:idx_provider_kind"`
+	Kind             string         `gorm:"type:varchar(50);not null;index:idx_provider_kind;index:idx_kind_scope"`
+	ScopeKind        string         `gorm:"type:varchar(20);not null;uniqueIndex:uniq_org_provider_scopekind_scope,priority:3"`
+	Scope            datatypes.JSON `gorm:"type:jsonb;not null;default:'{}';index:idx_kind_scope"`
+	ScopeFingerprint string         `gorm:"type:char(64);not null;uniqueIndex:uniq_org_provider_scopekind_scope,priority:4;index"`
+	SchemaVersion    int            `gorm:"not null;default:1"`
+	Name             string         `gorm:"type:varchar(100);not null;default:''"`
+	ScopeVersion     int            `gorm:"not null;default:1"`
+	AccountID        string         `gorm:"type:varchar(32)"`
+	Region           string         `gorm:"type:varchar(32)"`
+	EncryptedData    string         `gorm:"not null"`
+	IV               string         `gorm:"not null"`
+	Tag              string         `gorm:"not null"`
+	CreatedAt        time.Time      `json:"created_at,omitempty" gorm:"type:timestamptz;column:created_at;not null;default:now()" format:"date-time"`
+	UpdatedAt        time.Time      `json:"updated_at,omitempty" gorm:"type:timestamptz;autoUpdateTime;column:updated_at;not null;default:now()" format:"date-time"`
+}

internal/models/domain.go

@@ -0,0 +1,21 @@
+package models
+
+import (
+	"time"
+
+	"github.com/google/uuid"
+)
+
+type Domain struct {
+	ID             uuid.UUID    `gorm:"type:uuid;primaryKey;default:gen_random_uuid()"`
+	OrganizationID uuid.UUID    `gorm:"type:uuid;not null;uniqueIndex:idx_credentials_org_provider" json:"organization_id"`
+	Organization   Organization `gorm:"foreignKey:OrganizationID;constraint:OnDelete:CASCADE" json:"organization"`
+	ClusterID      *uuid.UUID   `gorm:"type:uuid" json:"cluster_id,omitempty"`
+	Cluster        *Cluster     `gorm:"foreignKey:ClusterID" json:"cluster,omitempty"`
+	DomainName     string       `gorm:"not null;index" json:"domain_name,omitempty"`
+	DomainID       string
+	CredentialID   uuid.UUID  `gorm:"type:uuid;not null" json:"credential_id"`
+	Credential     Credential `gorm:"foreignKey:CredentialID" json:"credential,omitempty"`
+	CreatedAt      time.Time  `json:"created_at,omitempty" gorm:"type:timestamptz;column:created_at;not null;default:now()"`
+	UpdatedAt      time.Time  `json:"updated_at,omitempty" gorm:"type:timestamptz;autoUpdateTime;column:updated_at;not null;default:now()"`
+}

internal/models/node_pool.go

@@ -12,7 +12,7 @@ type NodePool struct {
 	Annotations  []Annotation `gorm:"many2many:node_annotations;constraint:OnDelete:CASCADE" json:"annotations,omitempty"`
 	Labels       []Label      `gorm:"many2many:node_labels;constraint:OnDelete:CASCADE" json:"labels,omitempty"`
 	Taints       []Taint      `gorm:"many2many:node_taints;constraint:OnDelete:CASCADE" json:"taints,omitempty"`
-	//Clusters       []Cluster    `gorm:"many2many:cluster_node_pools;constraint:OnDelete:CASCADE" json:"clusters,omitempty"`
+	Clusters     []Cluster    `gorm:"many2many:cluster_node_pools;constraint:OnDelete:CASCADE" json:"clusters,omitempty"`
 	//Topology  string    `gorm:"not null,default:'stacked'" json:"topology,omitempty"` // stacked or external
 	Role string `gorm:"not null,default:'worker'" json:"role,omitempty"` // master, worker, or etcd (etcd only if topology = external
 }

internal/web/dist/index.html

@@ -5,9 +5,9 @@
     <link rel="icon" type="image/svg+xml" href="/vite.svg" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
     <title>AutoGlue</title>
-    <script type="module" crossorigin src="/assets/index-DCrfJ1uu.js"></script>
+    <script type="module" crossorigin src="/assets/index-52pog1DZ.js"></script>
     <link rel="modulepreload" crossorigin href="/assets/react-B75e6Si-.js">
-    <link rel="stylesheet" crossorigin href="/assets/index-CImaF4Hs.css">
+    <link rel="stylesheet" crossorigin href="/assets/index-tX4seA_J.css">
   </head>
   <body>
     <div id="root"></div>

internal/web/pgweb_embed.go

@@ -0,0 +1,85 @@
+package web
+
+import (
+	"crypto/sha256"
+	"embed"
+	"encoding/hex"
+	"errors"
+	"fmt"
+	"io"
+	"os"
+	"path/filepath"
+	"runtime"
+)
+
+//go:embed pgwebbin/*
+var pgwebFS embed.FS
+
+type pgwebAsset struct {
+	Path   string
+	SHA256 string
+}
+
+var pgwebIndex = map[string]pgwebAsset{
+	"linux/amd64":  {Path: "pgwebbin/pgweb-linux-amd64", SHA256: ""},
+	"linux/arm64":  {Path: "pgwebbin/pgweb-linux-arm64", SHA256: ""},
+	"darwin/amd64": {Path: "pgwebbin/pgweb-darwin-amd64", SHA256: ""},
+	"darwin/arm64": {Path: "pgwebbin/pgweb-darwin-arm64", SHA256: ""},
+}
+
+func ExtractPgweb() (string, error) {
+	key := runtime.GOOS + "/" + runtime.GOARCH
+	as, ok := pgwebIndex[key]
+	if !ok {
+		return "", fmt.Errorf("pgweb not embedded for %s", key)
+	}
+	f, err := pgwebFS.Open(as.Path)
+	if err != nil {
+		return "", fmt.Errorf("embedded pgweb missing: %w", err)
+	}
+	defer f.Close()
+
+	tmpDir, err := os.MkdirTemp("", "pgweb-*")
+	if err != nil {
+		return "", err
+	}
+
+	filename := "pgweb"
+	if runtime.GOOS == "windows" {
+		filename += ".exe"
+	}
+	outPath := filepath.Join(tmpDir, filename)
+
+	out, err := os.OpenFile(outPath, os.O_CREATE|os.O_WRONLY|os.O_TRUNC, 0o700)
+	if err != nil {
+		return "", err
+	}
+	defer out.Close()
+
+	h := sha256.New()
+	if _, err = io.Copy(io.MultiWriter(out, h), f); err != nil {
+		return "", err
+	}
+
+	if as.SHA256 != "" {
+		got := hex.EncodeToString(h.Sum(nil))
+		if got != as.SHA256 {
+			return "", fmt.Errorf("pgweb checksum mismatch: got=%s want=%s", got, as.SHA256)
+		}
+	}
+
+	// Make sure it’s executable on Unix; Windows ignores this.
+	_ = os.Chmod(outPath, 0o700)
+	return outPath, nil
+}
+
+func CleanupPgweb(pgwebPath string) error {
+	if pgwebPath == "" {
+		return nil
+	}
+	dir := filepath.Dir(pgwebPath)
+	if dir == "" || dir == "/" || dir == "." {
+		return errors.New("refusing to remove suspicious directory")
+	}
+	return os.RemoveAll(dir)
+}

internal/web/pgweb_proxy.go

@@ -0,0 +1,107 @@
+package web
+
+import (
+	"context"
+	"fmt"
+	"net"
+	"net/http"
+	"net/http/httputil"
+	"net/url"
+	"os"
+	"os/exec"
+	"time"
+)
+
+type Pgweb struct {
+	cmd  *exec.Cmd
+	host string
+	port string
+	bin  string
+}
+
+func StartPgweb(dbURL, host, port string, readonly bool, user, pass string) (*Pgweb, error) {
+	// pick random port if 0/empty
+	if port == "" || port == "0" {
+		l, err := net.Listen("tcp", net.JoinHostPort(host, "0"))
+		if err != nil {
+			return nil, err
+		}
+		defer l.Close()
+		_, p, _ := net.SplitHostPort(l.Addr().String())
+		port = p
+	}
+
+	args := []string{
+		"--url", dbURL,
+		"--bind", host,
+		"--listen", port,
+		"--prefix", "/db-studio",
+		"--skip-open",
+	}
+	if readonly {
+		args = append(args, "--readonly")
+	}
+	if user != "" && pass != "" {
+		args = append(args, "--auth-user", user, "--auth-pass", pass)
+	}
+
+	pgwebBinary, err := ExtractPgweb()
+	if err != nil {
+		return nil, fmt.Errorf("pgweb extract: %w", err)
+	}
+
+	cmd := exec.Command(pgwebBinary, args...)
+	cmd.Stdout = os.Stdout
+	cmd.Stderr = os.Stderr
+
+	if err := cmd.Start(); err != nil {
+		return nil, err
+	}
+
+	// wait for port to be ready
+	deadline := time.Now().Add(4 * time.Second)
+	for time.Now().Before(deadline) {
+		c, err := net.DialTimeout("tcp", net.JoinHostPort(host, port), 200*time.Millisecond)
+		if err == nil {
+			_ = c.Close()
+			return &Pgweb{cmd: cmd, host: host, port: port}, nil
+		}
+		time.Sleep(120 * time.Millisecond)
+	}
+	// still return object so caller can Stop()
+	//return &Pgweb{cmd: cmd, host: host, port: port, bin: pgwebBinary}, nil
+	return nil, fmt.Errorf("pgweb did not become ready on %s:%s", host, port)
+}
+
+func (p *Pgweb) Proxy() http.HandlerFunc {
+	target, _ := url.Parse("http://" + net.JoinHostPort(p.host, p.port))
+	proxy := httputil.NewSingleHostReverseProxy(target)
+	proxy.FlushInterval = 100 * time.Millisecond
+	return func(w http.ResponseWriter, r *http.Request) {
+		r.Host = target.Host
+		// Let pgweb handle its paths; we mount it at a prefix.
+		proxy.ServeHTTP(w, r)
+	}
+}
+
+func (p *Pgweb) Stop(ctx context.Context) error {
+	if p == nil || p.cmd == nil || p.cmd.Process == nil {
+		return nil
+	}
+	_ = p.cmd.Process.Kill()
+	done := make(chan struct{})
+	go func() { _, _ = p.cmd.Process.Wait(); close(done) }()
+	select {
+	case <-done:
+		if p.bin != "" {
+			_ = CleanupPgweb(p.bin)
+		}
+	case <-ctx.Done():
+		return ctx.Err()
+	}
+	return nil
+}
+
+func (p *Pgweb) Port() string {
+	return p.port
+}

internal/web/static.go

@@ -61,6 +61,7 @@ func SPAHandler() (http.Handler, error) {
 		if strings.HasPrefix(r.URL.Path, "/api/") ||
 			r.URL.Path == "/api" ||
 			strings.HasPrefix(r.URL.Path, "/swagger") ||
+			strings.HasPrefix(r.URL.Path, "/db-studio") ||
 			strings.HasPrefix(r.URL.Path, "/debug/pprof") {
 			http.NotFound(w, r)
 			return

tools/pgweb_fetch.go

@@ -0,0 +1,171 @@
+//go:build ignore
+// +build ignore
+
+package main
+
+import (
+	"archive/zip"
+	"crypto/sha256"
+	"encoding/hex"
+	"fmt"
+	"io"
+	"net/http"
+	"os"
+	"path/filepath"
+)
+
+type Target struct {
+	Name   string
+	URL    string
+	SHA256 string
+}
+
+const version = "0.16.2"
+
+func main() {
+	targets := []Target{
+		{
+			Name:   "pgweb-linux-amd64",
+			URL:    fmt.Sprintf("https://github.com/sosedoff/pgweb/releases/download/v%s/pgweb_linux_amd64.zip", version),
+			SHA256: "",
+		},
+		{
+			Name:   "pgweb-linux-arm64",
+			URL:    fmt.Sprintf("https://github.com/sosedoff/pgweb/releases/download/v%s/pgweb_linux_arm64.zip", version),
+			SHA256: "",
+		},
+		{
+			Name:   "pgweb-darwin-amd64",
+			URL:    fmt.Sprintf("https://github.com/sosedoff/pgweb/releases/download/v%s/pgweb_darwin_amd64.zip", version),
+			SHA256: "",
+		},
+		{
+			Name:   "pgweb-darwin-arm64",
+			URL:    fmt.Sprintf("https://github.com/sosedoff/pgweb/releases/download/v%s/pgweb_darwin_arm64.zip", version),
+			SHA256: "",
+		},
+	}
+
+	outDir := filepath.Join("internal", "web", "pgwebbin")
+	_ = os.MkdirAll(outDir, 0o755)
+
+	for _, t := range targets {
+		destZip := filepath.Join(outDir, t.Name+".zip")
+		fmt.Printf("Downloading %s...\n", t.URL)
+		if err := downloadFile(destZip, t.URL); err != nil {
+			panic(err)
+		}
+		binPath := filepath.Join(outDir, t.Name)
+		if err := unzipSingle(destZip, binPath); err != nil {
+			panic(err)
+		}
+		_ = os.Remove(destZip)
+
+		// Make executable
+		if err := os.Chmod(binPath, 0o755); err != nil {
+			panic(err)
+		}
+		fmt.Printf("Saved %s\n", binPath)
+
+		// Compute checksum
+		sum, _ := fileSHA256(binPath)
+		fmt.Printf("  SHA256: %s\n", sum)
+	}
+}
+
+func downloadFile(dest, url string) error {
+	resp, err := http.Get(url)
+	if err != nil {
+		return err
+	}
+	defer resp.Body.Close()
+	if resp.StatusCode != 200 {
+		return fmt.Errorf("bad status: %s", resp.Status)
+	}
+	out, err := os.Create(dest)
+	if err != nil {
+		return err
+	}
+	defer out.Close()
+	_, err = io.Copy(out, resp.Body)
+	return err
+}
+
+func fileSHA256(path string) (string, error) {
+	f, err := os.Open(path)
+	if err != nil {
+		return "", err
+	}
+	defer f.Close()
+	h := sha256.New()
+	if _, err := io.Copy(h, f); err != nil {
+		return "", err
+	}
+	return hex.EncodeToString(h.Sum(nil)), nil
+}
+
+func unzipSingle(zipPath, outPath string) error {
+	// minimal unzip: because pgweb zip has only one binary
+	r, err := os.Open(zipPath)
+	if err != nil {
+		return err
+	}
+	defer r.Close()
+
+	// use archive/zip
+	stat, err := os.Stat(zipPath)
+	if err != nil {
+		return err
+	}
+	return unzipFile(zipPath, outPath, stat.Size())
+}
+
+func unzipFile(zipFile, outFile string, _ int64) error {
+	r, err := os.Open(zipFile)
+	if err != nil {
+		return err
+	}
+	defer r.Close()
+	fi, _ := r.Stat()
+
+	// rely on standard zip reader
+	data, err := io.ReadAll(r)
+	if err != nil {
+		return err
+	}
+	tmpZip := filepath.Join(os.TempDir(), fi.Name())
+	if err := os.WriteFile(tmpZip, data, 0o644); err != nil {
+		return err
+	}
+	defer os.Remove(tmpZip)
+
+	zr, err := os.Open(tmpZip)
+	if err != nil {
+		return err
+	}
+	defer zr.Close()
+	// extract using standard lib
+	zr2, err := zip.OpenReader(tmpZip)
+	if err != nil {
+		return err
+	}
+	defer zr2.Close()
+	for _, f := range zr2.File {
+		rc, err := f.Open()
+		if err != nil {
+			return err
+		}
+		defer rc.Close()
+		out, err := os.Create(outFile)
+		if err != nil {
+			return err
+		}
+		if _, err := io.Copy(out, rc); err != nil {
+			out.Close()
+			return err
+		}
+		out.Close()
+		break
+	}
+	return nil
+}

ui/package.json

@@ -56,7 +56,7 @@
     "react-router-dom": "^7.9.5",
     "recharts": "2.15.4",
     "sonner": "^2.0.7",
-    "tailwind-merge": "^3.3.1",
+    "tailwind-merge": "^3.4.0",
     "tailwindcss": "^4.1.17",
     "vaul": "^1.1.2",
     "zod": "^4.1.12"
@@ -65,12 +65,10 @@
     "@eslint/js": "9.39.1",
     "@ianvs/prettier-plugin-sort-imports": "4.7.0",
     "@types/node": "24.10.0",
-    "@types/react": "^19.2.2",
+    "@types/react": "19.2.2",
-    "@types/react-dom": "^19.2.2",
+    "@types/react-dom": "19.2.2",
     "@vitejs/plugin-react": "5.1.0",
     "eslint": "9.39.1",
-    "eslint-config-prettier": "10.1.8",
-    "eslint-plugin-prettier": "5.5.4",
     "eslint-plugin-react-hooks": "7.0.1",
     "eslint-plugin-react-refresh": "0.4.24",
     "globals": "16.5.0",

ui/src/App.tsx

@@ -4,6 +4,7 @@ import { Route, Routes } from "react-router-dom"
 import { ProtectedRoute } from "@/components/protected-route.tsx"
 import { AnnotationPage } from "@/pages/annotations/annotation-page.tsx"
 import { Login } from "@/pages/auth/login.tsx"
+import { CredentialPage } from "@/pages/credentials/credential-page.tsx"
 import { JobsPage } from "@/pages/jobs/jobs-page.tsx"
 import { LabelsPage } from "@/pages/labels/labels-page.tsx"
 import { MePage } from "@/pages/me/me-page.tsx"
@@ -33,6 +34,7 @@ export default function App() {
           <Route path="/labels" element={<LabelsPage />} />
           <Route path="/annotations" element={<AnnotationPage />} />
           <Route path="/node-pools" element={<NodePoolsPage />} />
+          <Route path="/credentials" element={<CredentialPage />} />
 
           <Route path="/admin/jobs" element={<JobsPage />} />
         </Route>

ui/src/api/archer_admin.ts

@@ -18,7 +18,12 @@ export const archerAdminApi = {
       return await archerAdmin.adminListArcherJobs(params)
     })
   },
-  enqueue: (body: { queue: string; type: string; payload?: unknown; run_at?: string }) => {
+  enqueue: (body: {
+    queue: string
+    type: string
+    payload?: object | undefined
+    run_at?: string
+  }) => {
     return withRefresh(async () => {
       return await archerAdmin.adminEnqueueArcherJob({ body })
     })

ui/src/api/credentials.ts

@@ -0,0 +1,32 @@
+import { withRefresh } from "@/api/with-refresh.ts"
+import type { DtoCreateCredentialRequest, DtoUpdateCredentialRequest } from "@/sdk"
+import { makeCredentialsApi } from "@/sdkClient.ts"
+
+const credentials = makeCredentialsApi()
+
+export const credentialsApi = {
+  listCredentials: () =>
+    withRefresh(async () => {
+      return await credentials.listCredentials()
+    }),
+  createCredential: async (body: DtoCreateCredentialRequest) =>
+    withRefresh(async () => {
+      return await credentials.createCredential({ body })
+    }),
+  getCredential: async (id: string) =>
+    withRefresh(async () => {
+      return await credentials.getCredential({ id })
+    }),
+  deleteCredential: async (id: string) =>
+    withRefresh(async () => {
+      await credentials.deleteCredential({ id })
+    }),
+  updateCredential: async (id: string, body: DtoUpdateCredentialRequest) =>
+    withRefresh(async () => {
+      return await credentials.updateCredential({ id, body })
+    }),
+  revealCredential: async (id: string) =>
+    withRefresh(async () => {
+      return await credentials.revealCredential({ id })
+    }),
+}

ui/src/api/labels.ts

@@ -2,7 +2,6 @@ import { withRefresh } from "@/api/with-refresh.ts"
 import type { DtoCreateLabelRequest, DtoUpdateLabelRequest } from "@/sdk"
 import { makeLabelsApi } from "@/sdkClient.ts"
 
-
 const labels = makeLabelsApi()
 
 export const labelsApi = {

ui/src/layouts/nav-config.ts

@@ -5,6 +5,7 @@ import {
   ComponentIcon,
   FileKey2Icon,
   KeyRound,
+  LockKeyholeIcon,
   ServerIcon,
   SprayCanIcon,
   TagsIcon,
@@ -28,6 +29,7 @@ export const mainNav: NavItem[] = [
   { to: "/taints", label: "Taints", icon: SprayCanIcon },
   { to: "/servers", label: "Servers", icon: ServerIcon },
   { to: "/ssh", label: "SSH Keys", icon: FileKey2Icon },
+  { to: "/credentials", label: "Credentials", icon: LockKeyholeIcon },
 ]
 
 export const orgNav: NavItem[] = [

ui/src/pages/jobs/jobs-page.tsx

@@ -145,8 +145,12 @@ export const JobsPage: FC = () => {
 
   // Mutations
   const enqueueM = useMutation({
-    mutationFn: (body: { queue: string; type: string; payload?: unknown; run_at?: string }) =>
+    mutationFn: (body: {
-      archerAdminApi.enqueue(body),
+      queue: string
+      type: string
+      payload?: object | undefined
+      run_at?: string
+    }) => archerAdminApi.enqueue(body),
     onSuccess: () => qc.invalidateQueries({ queryKey: ["archer", "jobs"] }),
   })
   const retryM = useMutation({
@@ -462,7 +466,7 @@ function EnqueueDialog({
   onSubmit: (body: {
     queue: string
     type: string
-    payload?: unknown
+    payload?: object | undefined
     run_at?: string
   }) => Promise<unknown>
   submitting?: boolean

ui/src/pages/org/settings.tsx

@@ -8,7 +8,6 @@ import { useForm } from "react-hook-form"
 import { toast } from "sonner"
 import { z } from "zod"
 
-
 import { Button } from "@/components/ui/button.tsx"
 import { Card, CardContent, CardHeader, CardTitle } from "@/components/ui/card.tsx"
 import {

ui/src/sdk/.gitignore

@@ -1,4 +0,0 @@
-wwwroot/*.js
-node_modules
-typings
-dist

ui/src/sdk/.npmignore

@@ -1 +0,0 @@
-README.md

ui/src/sdk/.openapi-generator-ignore

@@ -1,23 +0,0 @@
-# OpenAPI Generator Ignore
-# Generated by openapi-generator https://github.com/openapitools/openapi-generator
-
-# Use this file to prevent files from being overwritten by the generator.
-# The patterns follow closely to .gitignore or .dockerignore.
-
-# As an example, the C# client generator defines ApiClient.cs.
-# You can make changes and tell OpenAPI Generator to ignore just this file by uncommenting the following line:
-#ApiClient.cs
-
-# You can match any string of characters against a directory, file or extension with a single asterisk (*):
-#foo/*/qux
-# The above matches foo/bar/qux and foo/baz/qux, but not foo/bar/baz/qux
-
-# You can recursively match patterns against a directory, file or extension with a double asterisk (**):
-#foo/**/qux
-# This matches foo/bar/qux, foo/baz/qux, and foo/bar/baz/qux
-
-# You can also negate patterns with an exclamation (!).
-# For example, you can ignore all files in a docs folder with the file extension .md:
-#docs/*.md
-# Then explicitly reverse the ignore rule for a single file:
-#!docs/README.md

ui/src/sdk/.openapi-generator/FILES

@@ -1,135 +0,0 @@
-.gitignore
-.npmignore
-.openapi-generator-ignore
-README.md
-docs/AnnotationsApi.md
-docs/ArcherAdminApi.md
-docs/AuthApi.md
-docs/DtoAnnotationResponse.md
-docs/DtoAttachAnnotationsRequest.md
-docs/DtoAttachLabelsRequest.md
-docs/DtoAttachServersRequest.md
-docs/DtoAttachTaintsRequest.md
-docs/DtoAuthStartResponse.md
-docs/DtoCreateAnnotationRequest.md
-docs/DtoCreateLabelRequest.md
-docs/DtoCreateNodePoolRequest.md
-docs/DtoCreateSSHRequest.md
-docs/DtoCreateServerRequest.md
-docs/DtoCreateTaintRequest.md
-docs/DtoJWK.md
-docs/DtoJWKS.md
-docs/DtoJob.md
-docs/DtoJobStatus.md
-docs/DtoLabelResponse.md
-docs/DtoLogoutRequest.md
-docs/DtoNodePoolResponse.md
-docs/DtoPageJob.md
-docs/DtoQueueInfo.md
-docs/DtoRefreshRequest.md
-docs/DtoServerResponse.md
-docs/DtoSshResponse.md
-docs/DtoSshRevealResponse.md
-docs/DtoTaintResponse.md
-docs/DtoTokenPair.md
-docs/DtoUpdateAnnotationRequest.md
-docs/DtoUpdateLabelRequest.md
-docs/DtoUpdateNodePoolRequest.md
-docs/DtoUpdateServerRequest.md
-docs/DtoUpdateTaintRequest.md
-docs/HandlersCreateUserKeyRequest.md
-docs/HandlersHealthStatus.md
-docs/HandlersMeResponse.md
-docs/HandlersMemberOut.md
-docs/HandlersMemberUpsertReq.md
-docs/HandlersOrgCreateReq.md
-docs/HandlersOrgKeyCreateReq.md
-docs/HandlersOrgKeyCreateResp.md
-docs/HandlersOrgUpdateReq.md
-docs/HandlersUpdateMeRequest.md
-docs/HandlersUserAPIKeyOut.md
-docs/HandlersVersionResponse.md
-docs/HealthApi.md
-docs/LabelsApi.md
-docs/MeAPIKeysApi.md
-docs/MeApi.md
-docs/MetaApi.md
-docs/ModelsAPIKey.md
-docs/ModelsOrganization.md
-docs/ModelsUser.md
-docs/ModelsUserEmail.md
-docs/NodePoolsApi.md
-docs/OrgsApi.md
-docs/ServersApi.md
-docs/SshApi.md
-docs/TaintsApi.md
-docs/UtilsErrorResponse.md
-package.json
-src/apis/AnnotationsApi.ts
-src/apis/ArcherAdminApi.ts
-src/apis/AuthApi.ts
-src/apis/HealthApi.ts
-src/apis/LabelsApi.ts
-src/apis/MeAPIKeysApi.ts
-src/apis/MeApi.ts
-src/apis/MetaApi.ts
-src/apis/NodePoolsApi.ts
-src/apis/OrgsApi.ts
-src/apis/ServersApi.ts
-src/apis/SshApi.ts
-src/apis/TaintsApi.ts
-src/apis/index.ts
-src/index.ts
-src/models/DtoAnnotationResponse.ts
-src/models/DtoAttachAnnotationsRequest.ts
-src/models/DtoAttachLabelsRequest.ts
-src/models/DtoAttachServersRequest.ts
-src/models/DtoAttachTaintsRequest.ts
-src/models/DtoAuthStartResponse.ts
-src/models/DtoCreateAnnotationRequest.ts
-src/models/DtoCreateLabelRequest.ts
-src/models/DtoCreateNodePoolRequest.ts
-src/models/DtoCreateSSHRequest.ts
-src/models/DtoCreateServerRequest.ts
-src/models/DtoCreateTaintRequest.ts
-src/models/DtoJWK.ts
-src/models/DtoJWKS.ts
-src/models/DtoJob.ts
-src/models/DtoJobStatus.ts
-src/models/DtoLabelResponse.ts
-src/models/DtoLogoutRequest.ts
-src/models/DtoNodePoolResponse.ts
-src/models/DtoPageJob.ts
-src/models/DtoQueueInfo.ts
-src/models/DtoRefreshRequest.ts
-src/models/DtoServerResponse.ts
-src/models/DtoSshResponse.ts
-src/models/DtoSshRevealResponse.ts
-src/models/DtoTaintResponse.ts
-src/models/DtoTokenPair.ts
-src/models/DtoUpdateAnnotationRequest.ts
-src/models/DtoUpdateLabelRequest.ts
-src/models/DtoUpdateNodePoolRequest.ts
-src/models/DtoUpdateServerRequest.ts
-src/models/DtoUpdateTaintRequest.ts
-src/models/HandlersCreateUserKeyRequest.ts
-src/models/HandlersHealthStatus.ts
-src/models/HandlersMeResponse.ts
-src/models/HandlersMemberOut.ts
-src/models/HandlersMemberUpsertReq.ts
-src/models/HandlersOrgCreateReq.ts
-src/models/HandlersOrgKeyCreateReq.ts
-src/models/HandlersOrgKeyCreateResp.ts
-src/models/HandlersOrgUpdateReq.ts
-src/models/HandlersUpdateMeRequest.ts
-src/models/HandlersUserAPIKeyOut.ts
-src/models/HandlersVersionResponse.ts
-src/models/ModelsAPIKey.ts
-src/models/ModelsOrganization.ts
-src/models/ModelsUser.ts
-src/models/ModelsUserEmail.ts
-src/models/UtilsErrorResponse.ts
-src/models/index.ts
-src/runtime.ts
-tsconfig.esm.json
-tsconfig.json

ui/src/sdk/.openapi-generator/VERSION

@@ -1 +0,0 @@
-7.17.0

ui/src/sdk/apis/AnnotationsApi.ts

@@ -1,352 +0,0 @@
-/* tslint:disable */
-/* eslint-disable */
-/**
- * AutoGlue API
- * API for managing K3s clusters across cloud providers
- *
- * The version of the OpenAPI document: 1.0
- * 
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-
-
-import * as runtime from "../runtime"
-import type { DtoAnnotationResponse, DtoCreateAnnotationRequest, DtoUpdateAnnotationRequest, } from "../models/index"
-import {
-  DtoAnnotationResponseFromJSON,
-  DtoCreateAnnotationRequestToJSON,
-  DtoUpdateAnnotationRequestToJSON,
-} from "../models/index"
-
-export interface CreateAnnotationRequest {
-    body: DtoCreateAnnotationRequest;
-    xOrgID?: string;
-}
-
-export interface DeleteAnnotationRequest {
-    id: string;
-    xOrgID?: string;
-}
-
-export interface GetAnnotationRequest {
-    id: string;
-    xOrgID?: string;
-}
-
-export interface ListAnnotationsRequest {
-    xOrgID?: string;
-    key?: string;
-    value?: string;
-    q?: string;
-}
-
-export interface UpdateAnnotationRequest {
-    id: string;
-    body: DtoUpdateAnnotationRequest;
-    xOrgID?: string;
-}
-
-/**
- * 
- */
-export class AnnotationsApi extends runtime.BaseAPI {
-
-    /**
-     * Creates an annotation.
-     * Create annotation (org scoped)
-     */
-    async createAnnotationRaw(requestParameters: CreateAnnotationRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<DtoAnnotationResponse>> {
-        if (requestParameters['body'] == null) {
-            throw new runtime.RequiredError(
-                'body',
-                'Required parameter "body" was null or undefined when calling createAnnotation().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        headerParameters['Content-Type'] = 'application/json';
-
-        if (requestParameters['xOrgID'] != null) {
-            headerParameters['X-Org-ID'] = String(requestParameters['xOrgID']);
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-KEY"] = await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-SECRET"] = await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/annotations`;
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'POST',
-            headers: headerParameters,
-            query: queryParameters,
-            body: DtoCreateAnnotationRequestToJSON(requestParameters['body']),
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => DtoAnnotationResponseFromJSON(jsonValue));
-    }
-
-    /**
-     * Creates an annotation.
-     * Create annotation (org scoped)
-     */
-    async createAnnotation(requestParameters: CreateAnnotationRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<DtoAnnotationResponse> {
-        const response = await this.createAnnotationRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Permanently deletes the annotation.
-     * Delete annotation (org scoped)
-     */
-    async deleteAnnotationRaw(requestParameters: DeleteAnnotationRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<string>> {
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling deleteAnnotation().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (requestParameters['xOrgID'] != null) {
-            headerParameters['X-Org-ID'] = String(requestParameters['xOrgID']);
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-KEY"] = await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-SECRET"] = await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/annotations/{id}`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'DELETE',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        if (this.isJsonMime(response.headers.get('content-type'))) {
-            return new runtime.JSONApiResponse<string>(response);
-        } else {
-            return new runtime.TextApiResponse(response) as any;
-        }
-    }
-
-    /**
-     * Permanently deletes the annotation.
-     * Delete annotation (org scoped)
-     */
-    async deleteAnnotation(requestParameters: DeleteAnnotationRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<string> {
-        const response = await this.deleteAnnotationRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Returns one annotation. Add `include=node_pools` to include node pools.
-     * Get annotation by ID (org scoped)
-     */
-    async getAnnotationRaw(requestParameters: GetAnnotationRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<DtoAnnotationResponse>> {
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling getAnnotation().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (requestParameters['xOrgID'] != null) {
-            headerParameters['X-Org-ID'] = String(requestParameters['xOrgID']);
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-KEY"] = await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-SECRET"] = await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/annotations/{id}`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'GET',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => DtoAnnotationResponseFromJSON(jsonValue));
-    }
-
-    /**
-     * Returns one annotation. Add `include=node_pools` to include node pools.
-     * Get annotation by ID (org scoped)
-     */
-    async getAnnotation(requestParameters: GetAnnotationRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<DtoAnnotationResponse> {
-        const response = await this.getAnnotationRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Returns annotations for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node pools.
-     * List annotations (org scoped)
-     */
-    async listAnnotationsRaw(requestParameters: ListAnnotationsRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<Array<DtoAnnotationResponse>>> {
-        const queryParameters: any = {};
-
-        if (requestParameters['key'] != null) {
-            queryParameters['key'] = requestParameters['key'];
-        }
-
-        if (requestParameters['value'] != null) {
-            queryParameters['value'] = requestParameters['value'];
-        }
-
-        if (requestParameters['q'] != null) {
-            queryParameters['q'] = requestParameters['q'];
-        }
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (requestParameters['xOrgID'] != null) {
-            headerParameters['X-Org-ID'] = String(requestParameters['xOrgID']);
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-KEY"] = await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-SECRET"] = await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/annotations`;
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'GET',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => jsonValue.map(DtoAnnotationResponseFromJSON));
-    }
-
-    /**
-     * Returns annotations for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node pools.
-     * List annotations (org scoped)
-     */
-    async listAnnotations(requestParameters: ListAnnotationsRequest = {}, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<Array<DtoAnnotationResponse>> {
-        const response = await this.listAnnotationsRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Partially update annotation fields.
-     * Update annotation (org scoped)
-     */
-    async updateAnnotationRaw(requestParameters: UpdateAnnotationRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<DtoAnnotationResponse>> {
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling updateAnnotation().'
-            );
-        }
-
-        if (requestParameters['body'] == null) {
-            throw new runtime.RequiredError(
-                'body',
-                'Required parameter "body" was null or undefined when calling updateAnnotation().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        headerParameters['Content-Type'] = 'application/json';
-
-        if (requestParameters['xOrgID'] != null) {
-            headerParameters['X-Org-ID'] = String(requestParameters['xOrgID']);
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-KEY"] = await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-SECRET"] = await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/annotations/{id}`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'PATCH',
-            headers: headerParameters,
-            query: queryParameters,
-            body: DtoUpdateAnnotationRequestToJSON(requestParameters['body']),
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => DtoAnnotationResponseFromJSON(jsonValue));
-    }
-
-    /**
-     * Partially update annotation fields.
-     * Update annotation (org scoped)
-     */
-    async updateAnnotation(requestParameters: UpdateAnnotationRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<DtoAnnotationResponse> {
-        const response = await this.updateAnnotationRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-}

ui/src/sdk/apis/ArcherAdminApi.ts

@@ -1,280 +0,0 @@
-/* tslint:disable */
-/* eslint-disable */
-/**
- * AutoGlue API
- * API for managing K3s clusters across cloud providers
- *
- * The version of the OpenAPI document: 1.0
- * 
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-
-
-import * as runtime from "../runtime"
-import type { DtoJob, DtoPageJob, DtoQueueInfo, } from "../models/index"
-import { DtoJobFromJSON, DtoPageJobFromJSON, DtoQueueInfoFromJSON, } from "../models/index"
-
-export interface AdminCancelArcherJobRequest {
-    id: string;
-}
-
-export interface AdminEnqueueArcherJobRequest {
-    body: object;
-}
-
-export interface AdminListArcherJobsRequest {
-    status?: AdminListArcherJobsStatusEnum;
-    queue?: string;
-    q?: string;
-    page?: number;
-    pageSize?: number;
-}
-
-export interface AdminRetryArcherJobRequest {
-    id: string;
-}
-
-/**
- * 
- */
-export class ArcherAdminApi extends runtime.BaseAPI {
-
-    /**
-     * Set job status to canceled if cancellable. For running jobs, this only affects future picks; wire to Archer if you need active kill.
-     * Cancel an Archer job (admin)
-     */
-    async adminCancelArcherJobRaw(requestParameters: AdminCancelArcherJobRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<DtoJob>> {
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling adminCancelArcherJob().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/admin/archer/jobs/{id}/cancel`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'POST',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => DtoJobFromJSON(jsonValue));
-    }
-
-    /**
-     * Set job status to canceled if cancellable. For running jobs, this only affects future picks; wire to Archer if you need active kill.
-     * Cancel an Archer job (admin)
-     */
-    async adminCancelArcherJob(requestParameters: AdminCancelArcherJobRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<DtoJob> {
-        const response = await this.adminCancelArcherJobRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Create a job immediately or schedule it for the future via `run_at`.
-     * Enqueue a new Archer job (admin)
-     */
-    async adminEnqueueArcherJobRaw(requestParameters: AdminEnqueueArcherJobRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<DtoJob>> {
-        if (requestParameters['body'] == null) {
-            throw new runtime.RequiredError(
-                'body',
-                'Required parameter "body" was null or undefined when calling adminEnqueueArcherJob().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        headerParameters['Content-Type'] = 'application/json';
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/admin/archer/jobs`;
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'POST',
-            headers: headerParameters,
-            query: queryParameters,
-            body: requestParameters['body'] as any,
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => DtoJobFromJSON(jsonValue));
-    }
-
-    /**
-     * Create a job immediately or schedule it for the future via `run_at`.
-     * Enqueue a new Archer job (admin)
-     */
-    async adminEnqueueArcherJob(requestParameters: AdminEnqueueArcherJobRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<DtoJob> {
-        const response = await this.adminEnqueueArcherJobRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Paginated background jobs with optional filters. Search `q` may match id, type, error, payload (implementation-dependent).
-     * List Archer jobs (admin)
-     */
-    async adminListArcherJobsRaw(requestParameters: AdminListArcherJobsRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<DtoPageJob>> {
-        const queryParameters: any = {};
-
-        if (requestParameters['status'] != null) {
-            queryParameters['status'] = requestParameters['status'];
-        }
-
-        if (requestParameters['queue'] != null) {
-            queryParameters['queue'] = requestParameters['queue'];
-        }
-
-        if (requestParameters['q'] != null) {
-            queryParameters['q'] = requestParameters['q'];
-        }
-
-        if (requestParameters['page'] != null) {
-            queryParameters['page'] = requestParameters['page'];
-        }
-
-        if (requestParameters['pageSize'] != null) {
-            queryParameters['page_size'] = requestParameters['pageSize'];
-        }
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/admin/archer/jobs`;
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'GET',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => DtoPageJobFromJSON(jsonValue));
-    }
-
-    /**
-     * Paginated background jobs with optional filters. Search `q` may match id, type, error, payload (implementation-dependent).
-     * List Archer jobs (admin)
-     */
-    async adminListArcherJobs(requestParameters: AdminListArcherJobsRequest = {}, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<DtoPageJob> {
-        const response = await this.adminListArcherJobsRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Summary metrics per queue (pending, running, failed, scheduled).
-     * List Archer queues (admin)
-     */
-    async adminListArcherQueuesRaw(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<Array<DtoQueueInfo>>> {
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/admin/archer/queues`;
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'GET',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => jsonValue.map(DtoQueueInfoFromJSON));
-    }
-
-    /**
-     * Summary metrics per queue (pending, running, failed, scheduled).
-     * List Archer queues (admin)
-     */
-    async adminListArcherQueues(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<Array<DtoQueueInfo>> {
-        const response = await this.adminListArcherQueuesRaw(initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Marks the job retriable (DB flip). Swap this for an Archer admin call if you expose one.
-     * Retry a failed/canceled Archer job (admin)
-     */
-    async adminRetryArcherJobRaw(requestParameters: AdminRetryArcherJobRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<DtoJob>> {
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling adminRetryArcherJob().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/admin/archer/jobs/{id}/retry`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'POST',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => DtoJobFromJSON(jsonValue));
-    }
-
-    /**
-     * Marks the job retriable (DB flip). Swap this for an Archer admin call if you expose one.
-     * Retry a failed/canceled Archer job (admin)
-     */
-    async adminRetryArcherJob(requestParameters: AdminRetryArcherJobRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<DtoJob> {
-        const response = await this.adminRetryArcherJobRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-}
-
-/**
- * @export
- */
-export const AdminListArcherJobsStatusEnum = {
-    queued: 'queued',
-    running: 'running',
-    succeeded: 'succeeded',
-    failed: 'failed',
-    canceled: 'canceled',
-    retrying: 'retrying',
-    scheduled: 'scheduled'
-} as const;
-export type AdminListArcherJobsStatusEnum = typeof AdminListArcherJobsStatusEnum[keyof typeof AdminListArcherJobsStatusEnum];

ui/src/sdk/apis/AuthApi.ts

@@ -1,231 +0,0 @@
-/* tslint:disable */
-/* eslint-disable */
-/**
- * AutoGlue API
- * API for managing K3s clusters across cloud providers
- *
- * The version of the OpenAPI document: 1.0
- * 
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-
-
-import * as runtime from "../runtime"
-import type { DtoAuthStartResponse, DtoJWKS, DtoLogoutRequest, DtoRefreshRequest, DtoTokenPair, } from "../models/index"
-import {
-  DtoAuthStartResponseFromJSON,
-  DtoJWKSFromJSON,
-  DtoLogoutRequestToJSON,
-  DtoRefreshRequestToJSON,
-  DtoTokenPairFromJSON,
-} from "../models/index"
-
-export interface AuthCallbackRequest {
-    provider: string;
-}
-
-export interface AuthStartRequest {
-    provider: string;
-}
-
-export interface LogoutRequest {
-    body: DtoLogoutRequest;
-}
-
-export interface RefreshRequest {
-    body: DtoRefreshRequest;
-}
-
-/**
- * 
- */
-export class AuthApi extends runtime.BaseAPI {
-
-    /**
-     * Handle social login callback
-     */
-    async authCallbackRaw(requestParameters: AuthCallbackRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<DtoTokenPair>> {
-        if (requestParameters['provider'] == null) {
-            throw new runtime.RequiredError(
-                'provider',
-                'Required parameter "provider" was null or undefined when calling authCallback().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-
-        let urlPath = `/auth/{provider}/callback`;
-        urlPath = urlPath.replace(`{${"provider"}}`, encodeURIComponent(String(requestParameters['provider'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'GET',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => DtoTokenPairFromJSON(jsonValue));
-    }
-
-    /**
-     * Handle social login callback
-     */
-    async authCallback(requestParameters: AuthCallbackRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<DtoTokenPair> {
-        const response = await this.authCallbackRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Returns provider authorization URL for the frontend to redirect
-     * Begin social login
-     */
-    async authStartRaw(requestParameters: AuthStartRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<DtoAuthStartResponse>> {
-        if (requestParameters['provider'] == null) {
-            throw new runtime.RequiredError(
-                'provider',
-                'Required parameter "provider" was null or undefined when calling authStart().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-
-        let urlPath = `/auth/{provider}/start`;
-        urlPath = urlPath.replace(`{${"provider"}}`, encodeURIComponent(String(requestParameters['provider'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'POST',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => DtoAuthStartResponseFromJSON(jsonValue));
-    }
-
-    /**
-     * Returns provider authorization URL for the frontend to redirect
-     * Begin social login
-     */
-    async authStart(requestParameters: AuthStartRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<DtoAuthStartResponse> {
-        const response = await this.authStartRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Returns the JSON Web Key Set for token verification
-     * Get JWKS
-     */
-    async getJWKSRaw(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<DtoJWKS>> {
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-
-        let urlPath = `/.well-known/jwks.json`;
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'GET',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => DtoJWKSFromJSON(jsonValue));
-    }
-
-    /**
-     * Returns the JSON Web Key Set for token verification
-     * Get JWKS
-     */
-    async getJWKS(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<DtoJWKS> {
-        const response = await this.getJWKSRaw(initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Revoke refresh token family (logout everywhere)
-     */
-    async logoutRaw(requestParameters: LogoutRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<void>> {
-        if (requestParameters['body'] == null) {
-            throw new runtime.RequiredError(
-                'body',
-                'Required parameter "body" was null or undefined when calling logout().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        headerParameters['Content-Type'] = 'application/json';
-
-
-        let urlPath = `/auth/logout`;
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'POST',
-            headers: headerParameters,
-            query: queryParameters,
-            body: DtoLogoutRequestToJSON(requestParameters['body']),
-        }, initOverrides);
-
-        return new runtime.VoidApiResponse(response);
-    }
-
-    /**
-     * Revoke refresh token family (logout everywhere)
-     */
-    async logout(requestParameters: LogoutRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<void> {
-        await this.logoutRaw(requestParameters, initOverrides);
-    }
-
-    /**
-     * Rotate refresh token
-     */
-    async refreshRaw(requestParameters: RefreshRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<DtoTokenPair>> {
-        if (requestParameters['body'] == null) {
-            throw new runtime.RequiredError(
-                'body',
-                'Required parameter "body" was null or undefined when calling refresh().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        headerParameters['Content-Type'] = 'application/json';
-
-
-        let urlPath = `/auth/refresh`;
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'POST',
-            headers: headerParameters,
-            query: queryParameters,
-            body: DtoRefreshRequestToJSON(requestParameters['body']),
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => DtoTokenPairFromJSON(jsonValue));
-    }
-
-    /**
-     * Rotate refresh token
-     */
-    async refresh(requestParameters: RefreshRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<DtoTokenPair> {
-        const response = await this.refreshRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-}

ui/src/sdk/apis/HealthApi.ts

@@ -1,56 +0,0 @@
-/* tslint:disable */
-/* eslint-disable */
-/**
- * AutoGlue API
- * API for managing K3s clusters across cloud providers
- *
- * The version of the OpenAPI document: 1.0
- * 
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-
-
-import * as runtime from "../runtime"
-import type { HandlersHealthStatus, } from "../models/index"
-import { HandlersHealthStatusFromJSON, } from "../models/index"
-
-/**
- * 
- */
-export class HealthApi extends runtime.BaseAPI {
-
-    /**
-     * Returns 200 OK when the service is up
-     * Basic health check
-     */
-    async healthCheckOperationIdRaw(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<HandlersHealthStatus>> {
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-
-        let urlPath = `/healthz`;
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'GET',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => HandlersHealthStatusFromJSON(jsonValue));
-    }
-
-    /**
-     * Returns 200 OK when the service is up
-     * Basic health check
-     */
-    async healthCheckOperationId(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<HandlersHealthStatus> {
-        const response = await this.healthCheckOperationIdRaw(initOverrides);
-        return await response.value();
-    }
-
-}

ui/src/sdk/apis/LabelsApi.ts

@@ -1,348 +0,0 @@
-/* tslint:disable */
-/* eslint-disable */
-/**
- * AutoGlue API
- * API for managing K3s clusters across cloud providers
- *
- * The version of the OpenAPI document: 1.0
- * 
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-
-
-import * as runtime from "../runtime"
-import type { DtoCreateLabelRequest, DtoLabelResponse, DtoUpdateLabelRequest, } from "../models/index"
-import { DtoCreateLabelRequestToJSON, DtoLabelResponseFromJSON, DtoUpdateLabelRequestToJSON, } from "../models/index"
-
-export interface CreateLabelRequest {
-    body: DtoCreateLabelRequest;
-    xOrgID?: string;
-}
-
-export interface DeleteLabelRequest {
-    id: string;
-    xOrgID?: string;
-}
-
-export interface GetLabelRequest {
-    id: string;
-    xOrgID?: string;
-}
-
-export interface ListLabelsRequest {
-    xOrgID?: string;
-    key?: string;
-    value?: string;
-    q?: string;
-}
-
-export interface UpdateLabelRequest {
-    id: string;
-    body: DtoUpdateLabelRequest;
-    xOrgID?: string;
-}
-
-/**
- * 
- */
-export class LabelsApi extends runtime.BaseAPI {
-
-    /**
-     * Creates a label.
-     * Create label (org scoped)
-     */
-    async createLabelRaw(requestParameters: CreateLabelRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<DtoLabelResponse>> {
-        if (requestParameters['body'] == null) {
-            throw new runtime.RequiredError(
-                'body',
-                'Required parameter "body" was null or undefined when calling createLabel().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        headerParameters['Content-Type'] = 'application/json';
-
-        if (requestParameters['xOrgID'] != null) {
-            headerParameters['X-Org-ID'] = String(requestParameters['xOrgID']);
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-KEY"] = await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-SECRET"] = await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/labels`;
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'POST',
-            headers: headerParameters,
-            query: queryParameters,
-            body: DtoCreateLabelRequestToJSON(requestParameters['body']),
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => DtoLabelResponseFromJSON(jsonValue));
-    }
-
-    /**
-     * Creates a label.
-     * Create label (org scoped)
-     */
-    async createLabel(requestParameters: CreateLabelRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<DtoLabelResponse> {
-        const response = await this.createLabelRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Permanently deletes the label.
-     * Delete label (org scoped)
-     */
-    async deleteLabelRaw(requestParameters: DeleteLabelRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<string>> {
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling deleteLabel().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (requestParameters['xOrgID'] != null) {
-            headerParameters['X-Org-ID'] = String(requestParameters['xOrgID']);
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-KEY"] = await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-SECRET"] = await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/labels/{id}`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'DELETE',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        if (this.isJsonMime(response.headers.get('content-type'))) {
-            return new runtime.JSONApiResponse<string>(response);
-        } else {
-            return new runtime.TextApiResponse(response) as any;
-        }
-    }
-
-    /**
-     * Permanently deletes the label.
-     * Delete label (org scoped)
-     */
-    async deleteLabel(requestParameters: DeleteLabelRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<string> {
-        const response = await this.deleteLabelRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Returns one label.
-     * Get label by ID (org scoped)
-     */
-    async getLabelRaw(requestParameters: GetLabelRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<DtoLabelResponse>> {
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling getLabel().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (requestParameters['xOrgID'] != null) {
-            headerParameters['X-Org-ID'] = String(requestParameters['xOrgID']);
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-KEY"] = await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-SECRET"] = await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/labels/{id}`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'GET',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => DtoLabelResponseFromJSON(jsonValue));
-    }
-
-    /**
-     * Returns one label.
-     * Get label by ID (org scoped)
-     */
-    async getLabel(requestParameters: GetLabelRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<DtoLabelResponse> {
-        const response = await this.getLabelRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Returns node labels for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node groups.
-     * List node labels (org scoped)
-     */
-    async listLabelsRaw(requestParameters: ListLabelsRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<Array<DtoLabelResponse>>> {
-        const queryParameters: any = {};
-
-        if (requestParameters['key'] != null) {
-            queryParameters['key'] = requestParameters['key'];
-        }
-
-        if (requestParameters['value'] != null) {
-            queryParameters['value'] = requestParameters['value'];
-        }
-
-        if (requestParameters['q'] != null) {
-            queryParameters['q'] = requestParameters['q'];
-        }
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (requestParameters['xOrgID'] != null) {
-            headerParameters['X-Org-ID'] = String(requestParameters['xOrgID']);
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-KEY"] = await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-SECRET"] = await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/labels`;
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'GET',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => jsonValue.map(DtoLabelResponseFromJSON));
-    }
-
-    /**
-     * Returns node labels for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node groups.
-     * List node labels (org scoped)
-     */
-    async listLabels(requestParameters: ListLabelsRequest = {}, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<Array<DtoLabelResponse>> {
-        const response = await this.listLabelsRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Partially update label fields.
-     * Update label (org scoped)
-     */
-    async updateLabelRaw(requestParameters: UpdateLabelRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<DtoLabelResponse>> {
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling updateLabel().'
-            );
-        }
-
-        if (requestParameters['body'] == null) {
-            throw new runtime.RequiredError(
-                'body',
-                'Required parameter "body" was null or undefined when calling updateLabel().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        headerParameters['Content-Type'] = 'application/json';
-
-        if (requestParameters['xOrgID'] != null) {
-            headerParameters['X-Org-ID'] = String(requestParameters['xOrgID']);
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-KEY"] = await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-SECRET"] = await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/labels/{id}`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'PATCH',
-            headers: headerParameters,
-            query: queryParameters,
-            body: DtoUpdateLabelRequestToJSON(requestParameters['body']),
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => DtoLabelResponseFromJSON(jsonValue));
-    }
-
-    /**
-     * Partially update label fields.
-     * Update label (org scoped)
-     */
-    async updateLabel(requestParameters: UpdateLabelRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<DtoLabelResponse> {
-        const response = await this.updateLabelRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-}

ui/src/sdk/apis/MeAPIKeysApi.ts

@@ -1,159 +0,0 @@
-/* tslint:disable */
-/* eslint-disable */
-/**
- * AutoGlue API
- * API for managing K3s clusters across cloud providers
- *
- * The version of the OpenAPI document: 1.0
- * 
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-
-
-import * as runtime from "../runtime"
-import type { HandlersCreateUserKeyRequest, HandlersUserAPIKeyOut, } from "../models/index"
-import { HandlersCreateUserKeyRequestToJSON, HandlersUserAPIKeyOutFromJSON, } from "../models/index"
-
-export interface CreateUserAPIKeyRequest {
-    body: HandlersCreateUserKeyRequest;
-}
-
-export interface DeleteUserAPIKeyRequest {
-    id: string;
-}
-
-/**
- * 
- */
-export class MeAPIKeysApi extends runtime.BaseAPI {
-
-    /**
-     * Returns the plaintext key once. Store it securely on the client side.
-     * Create a new user API key
-     */
-    async createUserAPIKeyRaw(requestParameters: CreateUserAPIKeyRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<HandlersUserAPIKeyOut>> {
-        if (requestParameters['body'] == null) {
-            throw new runtime.RequiredError(
-                'body',
-                'Required parameter "body" was null or undefined when calling createUserAPIKey().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        headerParameters['Content-Type'] = 'application/json';
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-API-KEY"] = await this.configuration.apiKey("X-API-KEY"); // ApiKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/me/api-keys`;
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'POST',
-            headers: headerParameters,
-            query: queryParameters,
-            body: HandlersCreateUserKeyRequestToJSON(requestParameters['body']),
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => HandlersUserAPIKeyOutFromJSON(jsonValue));
-    }
-
-    /**
-     * Returns the plaintext key once. Store it securely on the client side.
-     * Create a new user API key
-     */
-    async createUserAPIKey(requestParameters: CreateUserAPIKeyRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<HandlersUserAPIKeyOut> {
-        const response = await this.createUserAPIKeyRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Delete a user API key
-     */
-    async deleteUserAPIKeyRaw(requestParameters: DeleteUserAPIKeyRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<void>> {
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling deleteUserAPIKey().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/me/api-keys/{id}`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'DELETE',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.VoidApiResponse(response);
-    }
-
-    /**
-     * Delete a user API key
-     */
-    async deleteUserAPIKey(requestParameters: DeleteUserAPIKeyRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<void> {
-        await this.deleteUserAPIKeyRaw(requestParameters, initOverrides);
-    }
-
-    /**
-     * List my API keys
-     */
-    async listUserAPIKeysRaw(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<Array<HandlersUserAPIKeyOut>>> {
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-API-KEY"] = await this.configuration.apiKey("X-API-KEY"); // ApiKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/me/api-keys`;
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'GET',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => jsonValue.map(HandlersUserAPIKeyOutFromJSON));
-    }
-
-    /**
-     * List my API keys
-     */
-    async listUserAPIKeys(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<Array<HandlersUserAPIKeyOut>> {
-        const response = await this.listUserAPIKeysRaw(initOverrides);
-        return await response.value();
-    }
-
-}

ui/src/sdk/apis/MeApi.ts

@@ -1,113 +0,0 @@
-/* tslint:disable */
-/* eslint-disable */
-/**
- * AutoGlue API
- * API for managing K3s clusters across cloud providers
- *
- * The version of the OpenAPI document: 1.0
- * 
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-
-
-import * as runtime from "../runtime"
-import type { HandlersMeResponse, HandlersUpdateMeRequest, ModelsUser, } from "../models/index"
-import { HandlersMeResponseFromJSON, HandlersUpdateMeRequestToJSON, ModelsUserFromJSON, } from "../models/index"
-
-export interface UpdateMeRequest {
-    body: HandlersUpdateMeRequest;
-}
-
-/**
- * 
- */
-export class MeApi extends runtime.BaseAPI {
-
-    /**
-     * Get current user profile
-     */
-    async getMeRaw(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<HandlersMeResponse>> {
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-API-KEY"] = await this.configuration.apiKey("X-API-KEY"); // ApiKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/me`;
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'GET',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => HandlersMeResponseFromJSON(jsonValue));
-    }
-
-    /**
-     * Get current user profile
-     */
-    async getMe(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<HandlersMeResponse> {
-        const response = await this.getMeRaw(initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Update current user profile
-     */
-    async updateMeRaw(requestParameters: UpdateMeRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<ModelsUser>> {
-        if (requestParameters['body'] == null) {
-            throw new runtime.RequiredError(
-                'body',
-                'Required parameter "body" was null or undefined when calling updateMe().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        headerParameters['Content-Type'] = 'application/json';
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-API-KEY"] = await this.configuration.apiKey("X-API-KEY"); // ApiKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/me`;
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'PATCH',
-            headers: headerParameters,
-            query: queryParameters,
-            body: HandlersUpdateMeRequestToJSON(requestParameters['body']),
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => ModelsUserFromJSON(jsonValue));
-    }
-
-    /**
-     * Update current user profile
-     */
-    async updateMe(requestParameters: UpdateMeRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<ModelsUser> {
-        const response = await this.updateMeRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-}

ui/src/sdk/apis/MetaApi.ts

@@ -1,56 +0,0 @@
-/* tslint:disable */
-/* eslint-disable */
-/**
- * AutoGlue API
- * API for managing K3s clusters across cloud providers
- *
- * The version of the OpenAPI document: 1.0
- * 
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-
-
-import * as runtime from "../runtime"
-import type { HandlersVersionResponse, } from "../models/index"
-import { HandlersVersionResponseFromJSON, } from "../models/index"
-
-/**
- * 
- */
-export class MetaApi extends runtime.BaseAPI {
-
-    /**
-     * Returns build/runtime metadata for the running service.
-     * Service version information
-     */
-    async versionOperationIdRaw(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<HandlersVersionResponse>> {
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-
-        let urlPath = `/version`;
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'GET',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => HandlersVersionResponseFromJSON(jsonValue));
-    }
-
-    /**
-     * Returns build/runtime metadata for the running service.
-     * Service version information
-     */
-    async versionOperationId(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<HandlersVersionResponse> {
-        const response = await this.versionOperationIdRaw(initOverrides);
-        return await response.value();
-    }
-
-}

ui/src/sdk/apis/OrgsApi.ts

@@ -1,576 +0,0 @@
-/* tslint:disable */
-/* eslint-disable */
-/**
- * AutoGlue API
- * API for managing K3s clusters across cloud providers
- *
- * The version of the OpenAPI document: 1.0
- * 
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-
-
-import * as runtime from "../runtime"
-import type {
-  HandlersMemberOut,
-  HandlersMemberUpsertReq,
-  HandlersOrgCreateReq,
-  HandlersOrgKeyCreateReq,
-  HandlersOrgKeyCreateResp,
-  HandlersOrgUpdateReq,
-  ModelsAPIKey,
-  ModelsOrganization,
-} from "../models/index"
-import {
-  HandlersMemberOutFromJSON,
-  HandlersMemberUpsertReqToJSON,
-  HandlersOrgCreateReqToJSON,
-  HandlersOrgKeyCreateReqToJSON,
-  HandlersOrgKeyCreateRespFromJSON,
-  HandlersOrgUpdateReqToJSON,
-  ModelsAPIKeyFromJSON,
-  ModelsOrganizationFromJSON,
-} from "../models/index"
-
-export interface AddOrUpdateMemberRequest {
-    id: string;
-    body: HandlersMemberUpsertReq;
-}
-
-export interface CreateOrgRequest {
-    body: HandlersOrgCreateReq;
-}
-
-export interface CreateOrgKeyRequest {
-    id: string;
-    body: HandlersOrgKeyCreateReq;
-}
-
-export interface DeleteOrgRequest {
-    id: string;
-}
-
-export interface DeleteOrgKeyRequest {
-    id: string;
-    keyId: string;
-}
-
-export interface GetOrgRequest {
-    id: string;
-}
-
-export interface ListMembersRequest {
-    id: string;
-}
-
-export interface ListOrgKeysRequest {
-    id: string;
-}
-
-export interface RemoveMemberRequest {
-    id: string;
-    userId: string;
-}
-
-export interface UpdateOrgRequest {
-    id: string;
-    body: HandlersOrgUpdateReq;
-}
-
-/**
- * 
- */
-export class OrgsApi extends runtime.BaseAPI {
-
-    /**
-     * Add or update a member (owner/admin)
-     */
-    async addOrUpdateMemberRaw(requestParameters: AddOrUpdateMemberRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<HandlersMemberOut>> {
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling addOrUpdateMember().'
-            );
-        }
-
-        if (requestParameters['body'] == null) {
-            throw new runtime.RequiredError(
-                'body',
-                'Required parameter "body" was null or undefined when calling addOrUpdateMember().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        headerParameters['Content-Type'] = 'application/json';
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/orgs/{id}/members`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'POST',
-            headers: headerParameters,
-            query: queryParameters,
-            body: HandlersMemberUpsertReqToJSON(requestParameters['body']),
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => HandlersMemberOutFromJSON(jsonValue));
-    }
-
-    /**
-     * Add or update a member (owner/admin)
-     */
-    async addOrUpdateMember(requestParameters: AddOrUpdateMemberRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<HandlersMemberOut> {
-        const response = await this.addOrUpdateMemberRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Create organization
-     */
-    async createOrgRaw(requestParameters: CreateOrgRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<ModelsOrganization>> {
-        if (requestParameters['body'] == null) {
-            throw new runtime.RequiredError(
-                'body',
-                'Required parameter "body" was null or undefined when calling createOrg().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        headerParameters['Content-Type'] = 'application/json';
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/orgs`;
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'POST',
-            headers: headerParameters,
-            query: queryParameters,
-            body: HandlersOrgCreateReqToJSON(requestParameters['body']),
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => ModelsOrganizationFromJSON(jsonValue));
-    }
-
-    /**
-     * Create organization
-     */
-    async createOrg(requestParameters: CreateOrgRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<ModelsOrganization> {
-        const response = await this.createOrgRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Create org key/secret pair (owner/admin)
-     */
-    async createOrgKeyRaw(requestParameters: CreateOrgKeyRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<HandlersOrgKeyCreateResp>> {
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling createOrgKey().'
-            );
-        }
-
-        if (requestParameters['body'] == null) {
-            throw new runtime.RequiredError(
-                'body',
-                'Required parameter "body" was null or undefined when calling createOrgKey().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        headerParameters['Content-Type'] = 'application/json';
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/orgs/{id}/api-keys`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'POST',
-            headers: headerParameters,
-            query: queryParameters,
-            body: HandlersOrgKeyCreateReqToJSON(requestParameters['body']),
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => HandlersOrgKeyCreateRespFromJSON(jsonValue));
-    }
-
-    /**
-     * Create org key/secret pair (owner/admin)
-     */
-    async createOrgKey(requestParameters: CreateOrgKeyRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<HandlersOrgKeyCreateResp> {
-        const response = await this.createOrgKeyRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Delete organization (owner)
-     */
-    async deleteOrgRaw(requestParameters: DeleteOrgRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<void>> {
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling deleteOrg().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/orgs/{id}`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'DELETE',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.VoidApiResponse(response);
-    }
-
-    /**
-     * Delete organization (owner)
-     */
-    async deleteOrg(requestParameters: DeleteOrgRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<void> {
-        await this.deleteOrgRaw(requestParameters, initOverrides);
-    }
-
-    /**
-     * Delete org key (owner/admin)
-     */
-    async deleteOrgKeyRaw(requestParameters: DeleteOrgKeyRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<void>> {
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling deleteOrgKey().'
-            );
-        }
-
-        if (requestParameters['keyId'] == null) {
-            throw new runtime.RequiredError(
-                'keyId',
-                'Required parameter "keyId" was null or undefined when calling deleteOrgKey().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/orgs/{id}/api-keys/{key_id}`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-        urlPath = urlPath.replace(`{${"key_id"}}`, encodeURIComponent(String(requestParameters['keyId'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'DELETE',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.VoidApiResponse(response);
-    }
-
-    /**
-     * Delete org key (owner/admin)
-     */
-    async deleteOrgKey(requestParameters: DeleteOrgKeyRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<void> {
-        await this.deleteOrgKeyRaw(requestParameters, initOverrides);
-    }
-
-    /**
-     * Get organization
-     */
-    async getOrgRaw(requestParameters: GetOrgRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<ModelsOrganization>> {
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling getOrg().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/orgs/{id}`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'GET',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => ModelsOrganizationFromJSON(jsonValue));
-    }
-
-    /**
-     * Get organization
-     */
-    async getOrg(requestParameters: GetOrgRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<ModelsOrganization> {
-        const response = await this.getOrgRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * List members in org
-     */
-    async listMembersRaw(requestParameters: ListMembersRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<Array<HandlersMemberOut>>> {
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling listMembers().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/orgs/{id}/members`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'GET',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => jsonValue.map(HandlersMemberOutFromJSON));
-    }
-
-    /**
-     * List members in org
-     */
-    async listMembers(requestParameters: ListMembersRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<Array<HandlersMemberOut>> {
-        const response = await this.listMembersRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * List organizations I belong to
-     */
-    async listMyOrgsRaw(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<Array<ModelsOrganization>>> {
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/orgs`;
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'GET',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => jsonValue.map(ModelsOrganizationFromJSON));
-    }
-
-    /**
-     * List organizations I belong to
-     */
-    async listMyOrgs(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<Array<ModelsOrganization>> {
-        const response = await this.listMyOrgsRaw(initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * List org-scoped API keys (no secrets)
-     */
-    async listOrgKeysRaw(requestParameters: ListOrgKeysRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<Array<ModelsAPIKey>>> {
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling listOrgKeys().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/orgs/{id}/api-keys`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'GET',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => jsonValue.map(ModelsAPIKeyFromJSON));
-    }
-
-    /**
-     * List org-scoped API keys (no secrets)
-     */
-    async listOrgKeys(requestParameters: ListOrgKeysRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<Array<ModelsAPIKey>> {
-        const response = await this.listOrgKeysRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Remove a member (owner/admin)
-     */
-    async removeMemberRaw(requestParameters: RemoveMemberRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<void>> {
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling removeMember().'
-            );
-        }
-
-        if (requestParameters['userId'] == null) {
-            throw new runtime.RequiredError(
-                'userId',
-                'Required parameter "userId" was null or undefined when calling removeMember().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/orgs/{id}/members/{user_id}`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-        urlPath = urlPath.replace(`{${"user_id"}}`, encodeURIComponent(String(requestParameters['userId'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'DELETE',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.VoidApiResponse(response);
-    }
-
-    /**
-     * Remove a member (owner/admin)
-     */
-    async removeMember(requestParameters: RemoveMemberRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<void> {
-        await this.removeMemberRaw(requestParameters, initOverrides);
-    }
-
-    /**
-     * Update organization (owner/admin)
-     */
-    async updateOrgRaw(requestParameters: UpdateOrgRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<ModelsOrganization>> {
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling updateOrg().'
-            );
-        }
-
-        if (requestParameters['body'] == null) {
-            throw new runtime.RequiredError(
-                'body',
-                'Required parameter "body" was null or undefined when calling updateOrg().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        headerParameters['Content-Type'] = 'application/json';
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/orgs/{id}`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'PATCH',
-            headers: headerParameters,
-            query: queryParameters,
-            body: HandlersOrgUpdateReqToJSON(requestParameters['body']),
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => ModelsOrganizationFromJSON(jsonValue));
-    }
-
-    /**
-     * Update organization (owner/admin)
-     */
-    async updateOrg(requestParameters: UpdateOrgRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<ModelsOrganization> {
-        const response = await this.updateOrgRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-}

ui/src/sdk/apis/ServersApi.ts

@@ -1,343 +0,0 @@
-/* tslint:disable */
-/* eslint-disable */
-/**
- * AutoGlue API
- * API for managing K3s clusters across cloud providers
- *
- * The version of the OpenAPI document: 1.0
- * 
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-
-
-import * as runtime from "../runtime"
-import type { DtoCreateServerRequest, DtoServerResponse, DtoUpdateServerRequest, } from "../models/index"
-import { DtoCreateServerRequestToJSON, DtoServerResponseFromJSON, DtoUpdateServerRequestToJSON, } from "../models/index"
-
-export interface CreateServerRequest {
-    body: DtoCreateServerRequest;
-    xOrgID?: string;
-}
-
-export interface DeleteServerRequest {
-    id: string;
-    xOrgID?: string;
-}
-
-export interface GetServerRequest {
-    id: string;
-    xOrgID?: string;
-}
-
-export interface ListServersRequest {
-    xOrgID?: string;
-    status?: string;
-    role?: string;
-}
-
-export interface UpdateServerRequest {
-    id: string;
-    body: DtoUpdateServerRequest;
-    xOrgID?: string;
-}
-
-/**
- * 
- */
-export class ServersApi extends runtime.BaseAPI {
-
-    /**
-     * Creates a server bound to the org in X-Org-ID. Validates that ssh_key_id belongs to the org.
-     * Create server (org scoped)
-     */
-    async createServerRaw(requestParameters: CreateServerRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<DtoServerResponse>> {
-        if (requestParameters['body'] == null) {
-            throw new runtime.RequiredError(
-                'body',
-                'Required parameter "body" was null or undefined when calling createServer().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        headerParameters['Content-Type'] = 'application/json';
-
-        if (requestParameters['xOrgID'] != null) {
-            headerParameters['X-Org-ID'] = String(requestParameters['xOrgID']);
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-KEY"] = await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-SECRET"] = await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/servers`;
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'POST',
-            headers: headerParameters,
-            query: queryParameters,
-            body: DtoCreateServerRequestToJSON(requestParameters['body']),
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => DtoServerResponseFromJSON(jsonValue));
-    }
-
-    /**
-     * Creates a server bound to the org in X-Org-ID. Validates that ssh_key_id belongs to the org.
-     * Create server (org scoped)
-     */
-    async createServer(requestParameters: CreateServerRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<DtoServerResponse> {
-        const response = await this.createServerRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Permanently deletes the server.
-     * Delete server (org scoped)
-     */
-    async deleteServerRaw(requestParameters: DeleteServerRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<string>> {
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling deleteServer().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (requestParameters['xOrgID'] != null) {
-            headerParameters['X-Org-ID'] = String(requestParameters['xOrgID']);
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-KEY"] = await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-SECRET"] = await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/servers/{id}`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'DELETE',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        if (this.isJsonMime(response.headers.get('content-type'))) {
-            return new runtime.JSONApiResponse<string>(response);
-        } else {
-            return new runtime.TextApiResponse(response) as any;
-        }
-    }
-
-    /**
-     * Permanently deletes the server.
-     * Delete server (org scoped)
-     */
-    async deleteServer(requestParameters: DeleteServerRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<string> {
-        const response = await this.deleteServerRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Returns one server in the given organization.
-     * Get server by ID (org scoped)
-     */
-    async getServerRaw(requestParameters: GetServerRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<DtoServerResponse>> {
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling getServer().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (requestParameters['xOrgID'] != null) {
-            headerParameters['X-Org-ID'] = String(requestParameters['xOrgID']);
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-KEY"] = await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-SECRET"] = await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/servers/{id}`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'GET',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => DtoServerResponseFromJSON(jsonValue));
-    }
-
-    /**
-     * Returns one server in the given organization.
-     * Get server by ID (org scoped)
-     */
-    async getServer(requestParameters: GetServerRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<DtoServerResponse> {
-        const response = await this.getServerRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Returns servers for the organization in X-Org-ID. Optional filters: status, role.
-     * List servers (org scoped)
-     */
-    async listServersRaw(requestParameters: ListServersRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<Array<DtoServerResponse>>> {
-        const queryParameters: any = {};
-
-        if (requestParameters['status'] != null) {
-            queryParameters['status'] = requestParameters['status'];
-        }
-
-        if (requestParameters['role'] != null) {
-            queryParameters['role'] = requestParameters['role'];
-        }
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (requestParameters['xOrgID'] != null) {
-            headerParameters['X-Org-ID'] = String(requestParameters['xOrgID']);
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-KEY"] = await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-SECRET"] = await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/servers`;
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'GET',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => jsonValue.map(DtoServerResponseFromJSON));
-    }
-
-    /**
-     * Returns servers for the organization in X-Org-ID. Optional filters: status, role.
-     * List servers (org scoped)
-     */
-    async listServers(requestParameters: ListServersRequest = {}, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<Array<DtoServerResponse>> {
-        const response = await this.listServersRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Partially update fields; changing ssh_key_id validates ownership.
-     * Update server (org scoped)
-     */
-    async updateServerRaw(requestParameters: UpdateServerRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<DtoServerResponse>> {
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling updateServer().'
-            );
-        }
-
-        if (requestParameters['body'] == null) {
-            throw new runtime.RequiredError(
-                'body',
-                'Required parameter "body" was null or undefined when calling updateServer().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        headerParameters['Content-Type'] = 'application/json';
-
-        if (requestParameters['xOrgID'] != null) {
-            headerParameters['X-Org-ID'] = String(requestParameters['xOrgID']);
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-KEY"] = await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-SECRET"] = await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/servers/{id}`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'PATCH',
-            headers: headerParameters,
-            query: queryParameters,
-            body: DtoUpdateServerRequestToJSON(requestParameters['body']),
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => DtoServerResponseFromJSON(jsonValue));
-    }
-
-    /**
-     * Partially update fields; changing ssh_key_id validates ownership.
-     * Update server (org scoped)
-     */
-    async updateServer(requestParameters: UpdateServerRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<DtoServerResponse> {
-        const response = await this.updateServerRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-}

ui/src/sdk/apis/SshApi.ts

@@ -1,360 +0,0 @@
-/* tslint:disable */
-/* eslint-disable */
-/**
- * AutoGlue API
- * API for managing K3s clusters across cloud providers
- *
- * The version of the OpenAPI document: 1.0
- * 
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-
-
-import * as runtime from "../runtime"
-import type { DtoCreateSSHRequest, DtoSshResponse, DtoSshRevealResponse, } from "../models/index"
-import { DtoCreateSSHRequestToJSON, DtoSshResponseFromJSON, DtoSshRevealResponseFromJSON, } from "../models/index"
-
-export interface CreateSSHKeyRequest {
-    body: DtoCreateSSHRequest;
-    xOrgID?: string;
-}
-
-export interface DeleteSSHKeyRequest {
-    id: string;
-    xOrgID?: string;
-}
-
-export interface DownloadSSHKeyRequest {
-    xOrgID: string;
-    id: string;
-    part: DownloadSSHKeyPartEnum;
-}
-
-export interface GetSSHKeyRequest {
-    id: string;
-    xOrgID?: string;
-    reveal?: boolean;
-}
-
-export interface ListPublicSshKeysRequest {
-    xOrgID?: string;
-}
-
-/**
- * 
- */
-export class SshApi extends runtime.BaseAPI {
-
-    /**
-     * Generates an RSA or ED25519 keypair, saves it, and returns metadata. For RSA you may set bits (2048/3072/4096). Default is 4096. ED25519 ignores bits.
-     * Create ssh keypair (org scoped)
-     */
-    async createSSHKeyRaw(requestParameters: CreateSSHKeyRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<DtoSshResponse>> {
-        if (requestParameters['body'] == null) {
-            throw new runtime.RequiredError(
-                'body',
-                'Required parameter "body" was null or undefined when calling createSSHKey().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        headerParameters['Content-Type'] = 'application/json';
-
-        if (requestParameters['xOrgID'] != null) {
-            headerParameters['X-Org-ID'] = String(requestParameters['xOrgID']);
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-KEY"] = await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-SECRET"] = await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/ssh`;
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'POST',
-            headers: headerParameters,
-            query: queryParameters,
-            body: DtoCreateSSHRequestToJSON(requestParameters['body']),
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => DtoSshResponseFromJSON(jsonValue));
-    }
-
-    /**
-     * Generates an RSA or ED25519 keypair, saves it, and returns metadata. For RSA you may set bits (2048/3072/4096). Default is 4096. ED25519 ignores bits.
-     * Create ssh keypair (org scoped)
-     */
-    async createSSHKey(requestParameters: CreateSSHKeyRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<DtoSshResponse> {
-        const response = await this.createSSHKeyRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Permanently deletes a keypair.
-     * Delete ssh keypair (org scoped)
-     */
-    async deleteSSHKeyRaw(requestParameters: DeleteSSHKeyRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<string>> {
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling deleteSSHKey().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (requestParameters['xOrgID'] != null) {
-            headerParameters['X-Org-ID'] = String(requestParameters['xOrgID']);
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-KEY"] = await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-SECRET"] = await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/ssh/{id}`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'DELETE',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        if (this.isJsonMime(response.headers.get('content-type'))) {
-            return new runtime.JSONApiResponse<string>(response);
-        } else {
-            return new runtime.TextApiResponse(response) as any;
-        }
-    }
-
-    /**
-     * Permanently deletes a keypair.
-     * Delete ssh keypair (org scoped)
-     */
-    async deleteSSHKey(requestParameters: DeleteSSHKeyRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<string> {
-        const response = await this.deleteSSHKeyRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Download `part=public|private|both` of the keypair. `both` returns a zip file.
-     * Download ssh key files by ID (org scoped)
-     */
-    async downloadSSHKeyRaw(requestParameters: DownloadSSHKeyRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<string>> {
-        if (requestParameters['xOrgID'] == null) {
-            throw new runtime.RequiredError(
-                'xOrgID',
-                'Required parameter "xOrgID" was null or undefined when calling downloadSSHKey().'
-            );
-        }
-
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling downloadSSHKey().'
-            );
-        }
-
-        if (requestParameters['part'] == null) {
-            throw new runtime.RequiredError(
-                'part',
-                'Required parameter "part" was null or undefined when calling downloadSSHKey().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        if (requestParameters['part'] != null) {
-            queryParameters['part'] = requestParameters['part'];
-        }
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (requestParameters['xOrgID'] != null) {
-            headerParameters['X-Org-ID'] = String(requestParameters['xOrgID']);
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-KEY"] = await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-SECRET"] = await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/ssh/{id}/download`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'GET',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        if (this.isJsonMime(response.headers.get('content-type'))) {
-            return new runtime.JSONApiResponse<string>(response);
-        } else {
-            return new runtime.TextApiResponse(response) as any;
-        }
-    }
-
-    /**
-     * Download `part=public|private|both` of the keypair. `both` returns a zip file.
-     * Download ssh key files by ID (org scoped)
-     */
-    async downloadSSHKey(requestParameters: DownloadSSHKeyRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<string> {
-        const response = await this.downloadSSHKeyRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Returns public key fields. Append `?reveal=true` to include the private key PEM.
-     * Get ssh key by ID (org scoped)
-     */
-    async getSSHKeyRaw(requestParameters: GetSSHKeyRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<DtoSshRevealResponse>> {
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling getSSHKey().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        if (requestParameters['reveal'] != null) {
-            queryParameters['reveal'] = requestParameters['reveal'];
-        }
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (requestParameters['xOrgID'] != null) {
-            headerParameters['X-Org-ID'] = String(requestParameters['xOrgID']);
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-KEY"] = await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-SECRET"] = await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/ssh/{id}`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'GET',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => DtoSshRevealResponseFromJSON(jsonValue));
-    }
-
-    /**
-     * Returns public key fields. Append `?reveal=true` to include the private key PEM.
-     * Get ssh key by ID (org scoped)
-     */
-    async getSSHKey(requestParameters: GetSSHKeyRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<DtoSshRevealResponse> {
-        const response = await this.getSSHKeyRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Returns ssh keys for the organization in X-Org-ID.
-     * List ssh keys (org scoped)
-     */
-    async listPublicSshKeysRaw(requestParameters: ListPublicSshKeysRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<Array<DtoSshResponse>>> {
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (requestParameters['xOrgID'] != null) {
-            headerParameters['X-Org-ID'] = String(requestParameters['xOrgID']);
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-KEY"] = await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-SECRET"] = await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/ssh`;
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'GET',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => jsonValue.map(DtoSshResponseFromJSON));
-    }
-
-    /**
-     * Returns ssh keys for the organization in X-Org-ID.
-     * List ssh keys (org scoped)
-     */
-    async listPublicSshKeys(requestParameters: ListPublicSshKeysRequest = {}, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<Array<DtoSshResponse>> {
-        const response = await this.listPublicSshKeysRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-}
-
-/**
- * @export
- */
-export const DownloadSSHKeyPartEnum = {
-    public: 'public',
-    private: 'private',
-    both: 'both'
-} as const;
-export type DownloadSSHKeyPartEnum = typeof DownloadSSHKeyPartEnum[keyof typeof DownloadSSHKeyPartEnum];

ui/src/sdk/apis/TaintsApi.ts

@@ -1,346 +0,0 @@
-/* tslint:disable */
-/* eslint-disable */
-/**
- * AutoGlue API
- * API for managing K3s clusters across cloud providers
- *
- * The version of the OpenAPI document: 1.0
- * 
- *
- * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
- * https://openapi-generator.tech
- * Do not edit the class manually.
- */
-
-
-import * as runtime from "../runtime"
-import type { DtoCreateTaintRequest, DtoTaintResponse, DtoUpdateTaintRequest, } from "../models/index"
-import { DtoCreateTaintRequestToJSON, DtoTaintResponseFromJSON, DtoUpdateTaintRequestToJSON, } from "../models/index"
-
-export interface CreateTaintRequest {
-    body: DtoCreateTaintRequest;
-    xOrgID?: string;
-}
-
-export interface DeleteTaintRequest {
-    id: string;
-    xOrgID?: string;
-}
-
-export interface GetTaintRequest {
-    id: string;
-    xOrgID?: string;
-}
-
-export interface ListTaintsRequest {
-    xOrgID?: string;
-    key?: string;
-    value?: string;
-    q?: string;
-}
-
-export interface UpdateTaintRequest {
-    id: string;
-    body: DtoUpdateTaintRequest;
-    xOrgID?: string;
-}
-
-/**
- * 
- */
-export class TaintsApi extends runtime.BaseAPI {
-
-    /**
-     * Creates a taint.
-     * Create node taint (org scoped)
-     */
-    async createTaintRaw(requestParameters: CreateTaintRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<DtoTaintResponse>> {
-        if (requestParameters['body'] == null) {
-            throw new runtime.RequiredError(
-                'body',
-                'Required parameter "body" was null or undefined when calling createTaint().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        headerParameters['Content-Type'] = 'application/json';
-
-        if (requestParameters['xOrgID'] != null) {
-            headerParameters['X-Org-ID'] = String(requestParameters['xOrgID']);
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-KEY"] = await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-SECRET"] = await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/taints`;
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'POST',
-            headers: headerParameters,
-            query: queryParameters,
-            body: DtoCreateTaintRequestToJSON(requestParameters['body']),
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => DtoTaintResponseFromJSON(jsonValue));
-    }
-
-    /**
-     * Creates a taint.
-     * Create node taint (org scoped)
-     */
-    async createTaint(requestParameters: CreateTaintRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<DtoTaintResponse> {
-        const response = await this.createTaintRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Permanently deletes the taint.
-     * Delete taint (org scoped)
-     */
-    async deleteTaintRaw(requestParameters: DeleteTaintRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<string>> {
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling deleteTaint().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (requestParameters['xOrgID'] != null) {
-            headerParameters['X-Org-ID'] = String(requestParameters['xOrgID']);
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-KEY"] = await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-SECRET"] = await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/taints/{id}`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'DELETE',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        if (this.isJsonMime(response.headers.get('content-type'))) {
-            return new runtime.JSONApiResponse<string>(response);
-        } else {
-            return new runtime.TextApiResponse(response) as any;
-        }
-    }
-
-    /**
-     * Permanently deletes the taint.
-     * Delete taint (org scoped)
-     */
-    async deleteTaint(requestParameters: DeleteTaintRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<string> {
-        const response = await this.deleteTaintRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Get node taint by ID (org scoped)
-     */
-    async getTaintRaw(requestParameters: GetTaintRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<DtoTaintResponse>> {
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling getTaint().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (requestParameters['xOrgID'] != null) {
-            headerParameters['X-Org-ID'] = String(requestParameters['xOrgID']);
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-KEY"] = await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-SECRET"] = await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/taints/{id}`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'GET',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => DtoTaintResponseFromJSON(jsonValue));
-    }
-
-    /**
-     * Get node taint by ID (org scoped)
-     */
-    async getTaint(requestParameters: GetTaintRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<DtoTaintResponse> {
-        const response = await this.getTaintRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Returns node taints for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node pools.
-     * List node pool taints (org scoped)
-     */
-    async listTaintsRaw(requestParameters: ListTaintsRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<Array<DtoTaintResponse>>> {
-        const queryParameters: any = {};
-
-        if (requestParameters['key'] != null) {
-            queryParameters['key'] = requestParameters['key'];
-        }
-
-        if (requestParameters['value'] != null) {
-            queryParameters['value'] = requestParameters['value'];
-        }
-
-        if (requestParameters['q'] != null) {
-            queryParameters['q'] = requestParameters['q'];
-        }
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        if (requestParameters['xOrgID'] != null) {
-            headerParameters['X-Org-ID'] = String(requestParameters['xOrgID']);
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-KEY"] = await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-SECRET"] = await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/taints`;
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'GET',
-            headers: headerParameters,
-            query: queryParameters,
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => jsonValue.map(DtoTaintResponseFromJSON));
-    }
-
-    /**
-     * Returns node taints for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node pools.
-     * List node pool taints (org scoped)
-     */
-    async listTaints(requestParameters: ListTaintsRequest = {}, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<Array<DtoTaintResponse>> {
-        const response = await this.listTaintsRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-    /**
-     * Partially update taint fields.
-     * Update node taint (org scoped)
-     */
-    async updateTaintRaw(requestParameters: UpdateTaintRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<DtoTaintResponse>> {
-        if (requestParameters['id'] == null) {
-            throw new runtime.RequiredError(
-                'id',
-                'Required parameter "id" was null or undefined when calling updateTaint().'
-            );
-        }
-
-        if (requestParameters['body'] == null) {
-            throw new runtime.RequiredError(
-                'body',
-                'Required parameter "body" was null or undefined when calling updateTaint().'
-            );
-        }
-
-        const queryParameters: any = {};
-
-        const headerParameters: runtime.HTTPHeaders = {};
-
-        headerParameters['Content-Type'] = 'application/json';
-
-        if (requestParameters['xOrgID'] != null) {
-            headerParameters['X-Org-ID'] = String(requestParameters['xOrgID']);
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-KEY"] = await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["X-ORG-SECRET"] = await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
-        }
-
-        if (this.configuration && this.configuration.apiKey) {
-            headerParameters["Authorization"] = await this.configuration.apiKey("Authorization"); // BearerAuth authentication
-        }
-
-
-        let urlPath = `/taints/{id}`;
-        urlPath = urlPath.replace(`{${"id"}}`, encodeURIComponent(String(requestParameters['id'])));
-
-        const response = await this.request({
-            path: urlPath,
-            method: 'PATCH',
-            headers: headerParameters,
-            query: queryParameters,
-            body: DtoUpdateTaintRequestToJSON(requestParameters['body']),
-        }, initOverrides);
-
-        return new runtime.JSONApiResponse(response, (jsonValue) => DtoTaintResponseFromJSON(jsonValue));
-    }
-
-    /**
-     * Partially update taint fields.
-     * Update node taint (org scoped)
-     */
-    async updateTaint(requestParameters: UpdateTaintRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<DtoTaintResponse> {
-        const response = await this.updateTaintRaw(requestParameters, initOverrides);
-        return await response.value();
-    }
-
-}

ui/src/sdk/apis/index.ts

@@ -1,15 +0,0 @@
-/* tslint:disable */
-/* eslint-disable */
-export * from './AnnotationsApi';
-export * from './ArcherAdminApi';
-export * from './AuthApi';
-export * from './HealthApi';
-export * from './LabelsApi';
-export * from './MeApi';
-export * from './MeAPIKeysApi';
-export * from './MetaApi';
-export * from './NodePoolsApi';
-export * from './OrgsApi';
-export * from './ServersApi';
-export * from './SshApi';
-export * from './TaintsApi';

ui/src/sdk/docs/AnnotationsApi.md

@@ -1,433 +0,0 @@
-# AnnotationsApi
-
-All URIs are relative to */api/v1*
-
-| Method | HTTP request | Description |
-|------------- | ------------- | -------------|
-| [**createAnnotation**](AnnotationsApi.md#createannotation) | **POST** /annotations | Create annotation (org scoped) |
-| [**deleteAnnotation**](AnnotationsApi.md#deleteannotation) | **DELETE** /annotations/{id} | Delete annotation (org scoped) |
-| [**getAnnotation**](AnnotationsApi.md#getannotation) | **GET** /annotations/{id} | Get annotation by ID (org scoped) |
-| [**listAnnotations**](AnnotationsApi.md#listannotations) | **GET** /annotations | List annotations (org scoped) |
-| [**updateAnnotation**](AnnotationsApi.md#updateannotation) | **PATCH** /annotations/{id} | Update annotation (org scoped) |
-
-
-
-## createAnnotation
-
-> DtoAnnotationResponse createAnnotation(body, xOrgID)
-
-Create annotation (org scoped)
-
-Creates an annotation.
-
-### Example
-
-```ts
-import {
-  Configuration,
-  AnnotationsApi,
-} from '@glueops/autoglue-sdk-go';
-import type { CreateAnnotationRequest } from '@glueops/autoglue-sdk-go';
-
-async function example() {
-  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
-  const config = new Configuration({ 
-    // To configure API key authorization: OrgKeyAuth
-    apiKey: "YOUR API KEY",
-    // To configure API key authorization: OrgSecretAuth
-    apiKey: "YOUR API KEY",
-    // To configure API key authorization: BearerAuth
-    apiKey: "YOUR API KEY",
-  });
-  const api = new AnnotationsApi(config);
-
-  const body = {
-    // DtoCreateAnnotationRequest | Annotation payload
-    body: ...,
-    // string | Organization UUID (optional)
-    xOrgID: xOrgID_example,
-  } satisfies CreateAnnotationRequest;
-
-  try {
-    const data = await api.createAnnotation(body);
-    console.log(data);
-  } catch (error) {
-    console.error(error);
-  }
-}
-
-// Run the test
-example().catch(console.error);
-```
-
-### Parameters
-
-
-| Name | Type | Description  | Notes |
-|------------- | ------------- | ------------- | -------------|
-| **body** | [DtoCreateAnnotationRequest](DtoCreateAnnotationRequest.md) | Annotation payload | |
-| **xOrgID** | `string` | Organization UUID | [Optional] [Defaults to `undefined`] |
-
-### Return type
-
-[**DtoAnnotationResponse**](DtoAnnotationResponse.md)
-
-### Authorization
-
-[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
-
-### HTTP request headers
-
-- **Content-Type**: `application/json`
-- **Accept**: `application/json`
-
-
-### HTTP response details
-| Status code | Description | Response headers |
-|-------------|-------------|------------------|
-| **201** | Created |  -  |
-| **400** | invalid json / missing fields |  -  |
-| **401** | Unauthorized |  -  |
-| **403** | organization required |  -  |
-| **500** | create failed |  -  |
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-
-## deleteAnnotation
-
-> string deleteAnnotation(id, xOrgID)
-
-Delete annotation (org scoped)
-
-Permanently deletes the annotation.
-
-### Example
-
-```ts
-import {
-  Configuration,
-  AnnotationsApi,
-} from '@glueops/autoglue-sdk-go';
-import type { DeleteAnnotationRequest } from '@glueops/autoglue-sdk-go';
-
-async function example() {
-  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
-  const config = new Configuration({ 
-    // To configure API key authorization: OrgKeyAuth
-    apiKey: "YOUR API KEY",
-    // To configure API key authorization: OrgSecretAuth
-    apiKey: "YOUR API KEY",
-    // To configure API key authorization: BearerAuth
-    apiKey: "YOUR API KEY",
-  });
-  const api = new AnnotationsApi(config);
-
-  const body = {
-    // string | Annotation ID (UUID)
-    id: id_example,
-    // string | Organization UUID (optional)
-    xOrgID: xOrgID_example,
-  } satisfies DeleteAnnotationRequest;
-
-  try {
-    const data = await api.deleteAnnotation(body);
-    console.log(data);
-  } catch (error) {
-    console.error(error);
-  }
-}
-
-// Run the test
-example().catch(console.error);
-```
-
-### Parameters
-
-
-| Name | Type | Description  | Notes |
-|------------- | ------------- | ------------- | -------------|
-| **id** | `string` | Annotation ID (UUID) | [Defaults to `undefined`] |
-| **xOrgID** | `string` | Organization UUID | [Optional] [Defaults to `undefined`] |
-
-### Return type
-
-**string**
-
-### Authorization
-
-[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
-
-### HTTP request headers
-
-- **Content-Type**: Not defined
-- **Accept**: `application/json`
-
-
-### HTTP response details
-| Status code | Description | Response headers |
-|-------------|-------------|------------------|
-| **204** | No Content |  -  |
-| **400** | invalid id |  -  |
-| **401** | Unauthorized |  -  |
-| **403** | organization required |  -  |
-| **500** | delete failed |  -  |
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-
-## getAnnotation
-
-> DtoAnnotationResponse getAnnotation(id, xOrgID)
-
-Get annotation by ID (org scoped)
-
-Returns one annotation. Add `include=node_pools` to include node pools.
-
-### Example
-
-```ts
-import {
-  Configuration,
-  AnnotationsApi,
-} from '@glueops/autoglue-sdk-go';
-import type { GetAnnotationRequest } from '@glueops/autoglue-sdk-go';
-
-async function example() {
-  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
-  const config = new Configuration({ 
-    // To configure API key authorization: OrgKeyAuth
-    apiKey: "YOUR API KEY",
-    // To configure API key authorization: OrgSecretAuth
-    apiKey: "YOUR API KEY",
-    // To configure API key authorization: BearerAuth
-    apiKey: "YOUR API KEY",
-  });
-  const api = new AnnotationsApi(config);
-
-  const body = {
-    // string | Annotation ID (UUID)
-    id: id_example,
-    // string | Organization UUID (optional)
-    xOrgID: xOrgID_example,
-  } satisfies GetAnnotationRequest;
-
-  try {
-    const data = await api.getAnnotation(body);
-    console.log(data);
-  } catch (error) {
-    console.error(error);
-  }
-}
-
-// Run the test
-example().catch(console.error);
-```
-
-### Parameters
-
-
-| Name | Type | Description  | Notes |
-|------------- | ------------- | ------------- | -------------|
-| **id** | `string` | Annotation ID (UUID) | [Defaults to `undefined`] |
-| **xOrgID** | `string` | Organization UUID | [Optional] [Defaults to `undefined`] |
-
-### Return type
-
-[**DtoAnnotationResponse**](DtoAnnotationResponse.md)
-
-### Authorization
-
-[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
-
-### HTTP request headers
-
-- **Content-Type**: Not defined
-- **Accept**: `application/json`
-
-
-### HTTP response details
-| Status code | Description | Response headers |
-|-------------|-------------|------------------|
-| **200** | OK |  -  |
-| **400** | invalid id |  -  |
-| **401** | Unauthorized |  -  |
-| **403** | organization required |  -  |
-| **404** | not found |  -  |
-| **500** | fetch failed |  -  |
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-
-## listAnnotations
-
-> Array<DtoAnnotationResponse> listAnnotations(xOrgID, key, value, q)
-
-List annotations (org scoped)
-
-Returns annotations for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node pools.
-
-### Example
-
-```ts
-import {
-  Configuration,
-  AnnotationsApi,
-} from '@glueops/autoglue-sdk-go';
-import type { ListAnnotationsRequest } from '@glueops/autoglue-sdk-go';
-
-async function example() {
-  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
-  const config = new Configuration({ 
-    // To configure API key authorization: OrgKeyAuth
-    apiKey: "YOUR API KEY",
-    // To configure API key authorization: OrgSecretAuth
-    apiKey: "YOUR API KEY",
-    // To configure API key authorization: BearerAuth
-    apiKey: "YOUR API KEY",
-  });
-  const api = new AnnotationsApi(config);
-
-  const body = {
-    // string | Organization UUID (optional)
-    xOrgID: xOrgID_example,
-    // string | Exact key (optional)
-    key: key_example,
-    // string | Exact value (optional)
-    value: value_example,
-    // string | key contains (case-insensitive) (optional)
-    q: q_example,
-  } satisfies ListAnnotationsRequest;
-
-  try {
-    const data = await api.listAnnotations(body);
-    console.log(data);
-  } catch (error) {
-    console.error(error);
-  }
-}
-
-// Run the test
-example().catch(console.error);
-```
-
-### Parameters
-
-
-| Name | Type | Description  | Notes |
-|------------- | ------------- | ------------- | -------------|
-| **xOrgID** | `string` | Organization UUID | [Optional] [Defaults to `undefined`] |
-| **key** | `string` | Exact key | [Optional] [Defaults to `undefined`] |
-| **value** | `string` | Exact value | [Optional] [Defaults to `undefined`] |
-| **q** | `string` | key contains (case-insensitive) | [Optional] [Defaults to `undefined`] |
-
-### Return type
-
-[**Array<DtoAnnotationResponse>**](DtoAnnotationResponse.md)
-
-### Authorization
-
-[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
-
-### HTTP request headers
-
-- **Content-Type**: Not defined
-- **Accept**: `application/json`
-
-
-### HTTP response details
-| Status code | Description | Response headers |
-|-------------|-------------|------------------|
-| **200** | OK |  -  |
-| **401** | Unauthorized |  -  |
-| **403** | organization required |  -  |
-| **500** | failed to list annotations |  -  |
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-
-## updateAnnotation
-
-> DtoAnnotationResponse updateAnnotation(id, body, xOrgID)
-
-Update annotation (org scoped)
-
-Partially update annotation fields.
-
-### Example
-
-```ts
-import {
-  Configuration,
-  AnnotationsApi,
-} from '@glueops/autoglue-sdk-go';
-import type { UpdateAnnotationRequest } from '@glueops/autoglue-sdk-go';
-
-async function example() {
-  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
-  const config = new Configuration({ 
-    // To configure API key authorization: OrgKeyAuth
-    apiKey: "YOUR API KEY",
-    // To configure API key authorization: OrgSecretAuth
-    apiKey: "YOUR API KEY",
-    // To configure API key authorization: BearerAuth
-    apiKey: "YOUR API KEY",
-  });
-  const api = new AnnotationsApi(config);
-
-  const body = {
-    // string | Annotation ID (UUID)
-    id: id_example,
-    // DtoUpdateAnnotationRequest | Fields to update
-    body: ...,
-    // string | Organization UUID (optional)
-    xOrgID: xOrgID_example,
-  } satisfies UpdateAnnotationRequest;
-
-  try {
-    const data = await api.updateAnnotation(body);
-    console.log(data);
-  } catch (error) {
-    console.error(error);
-  }
-}
-
-// Run the test
-example().catch(console.error);
-```
-
-### Parameters
-
-
-| Name | Type | Description  | Notes |
-|------------- | ------------- | ------------- | -------------|
-| **id** | `string` | Annotation ID (UUID) | [Defaults to `undefined`] |
-| **body** | [DtoUpdateAnnotationRequest](DtoUpdateAnnotationRequest.md) | Fields to update | |
-| **xOrgID** | `string` | Organization UUID | [Optional] [Defaults to `undefined`] |
-
-### Return type
-
-[**DtoAnnotationResponse**](DtoAnnotationResponse.md)
-
-### Authorization
-
-[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
-
-### HTTP request headers
-
-- **Content-Type**: `application/json`
-- **Accept**: `application/json`
-
-
-### HTTP response details
-| Status code | Description | Response headers |
-|-------------|-------------|------------------|
-| **200** | OK |  -  |
-| **400** | invalid id / invalid json |  -  |
-| **401** | Unauthorized |  -  |
-| **403** | organization required |  -  |
-| **404** | not found |  -  |
-| **500** | update failed |  -  |
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-

ui/src/sdk/docs/ArcherAdminApi.md

@@ -1,390 +0,0 @@
-# ArcherAdminApi
-
-All URIs are relative to */api/v1*
-
-| Method | HTTP request | Description |
-|------------- | ------------- | -------------|
-| [**adminCancelArcherJob**](ArcherAdminApi.md#admincancelarcherjob) | **POST** /admin/archer/jobs/{id}/cancel | Cancel an Archer job (admin) |
-| [**adminEnqueueArcherJob**](ArcherAdminApi.md#adminenqueuearcherjob) | **POST** /admin/archer/jobs | Enqueue a new Archer job (admin) |
-| [**adminListArcherJobs**](ArcherAdminApi.md#adminlistarcherjobs) | **GET** /admin/archer/jobs | List Archer jobs (admin) |
-| [**adminListArcherQueues**](ArcherAdminApi.md#adminlistarcherqueues) | **GET** /admin/archer/queues | List Archer queues (admin) |
-| [**adminRetryArcherJob**](ArcherAdminApi.md#adminretryarcherjob) | **POST** /admin/archer/jobs/{id}/retry | Retry a failed/canceled Archer job (admin) |
-
-
-
-## adminCancelArcherJob
-
-> DtoJob adminCancelArcherJob(id)
-
-Cancel an Archer job (admin)
-
-Set job status to canceled if cancellable. For running jobs, this only affects future picks; wire to Archer if you need active kill.
-
-### Example
-
-```ts
-import {
-  Configuration,
-  ArcherAdminApi,
-} from '@glueops/autoglue-sdk-go';
-import type { AdminCancelArcherJobRequest } from '@glueops/autoglue-sdk-go';
-
-async function example() {
-  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
-  const config = new Configuration({ 
-    // To configure API key authorization: BearerAuth
-    apiKey: "YOUR API KEY",
-  });
-  const api = new ArcherAdminApi(config);
-
-  const body = {
-    // string | Job ID
-    id: id_example,
-  } satisfies AdminCancelArcherJobRequest;
-
-  try {
-    const data = await api.adminCancelArcherJob(body);
-    console.log(data);
-  } catch (error) {
-    console.error(error);
-  }
-}
-
-// Run the test
-example().catch(console.error);
-```
-
-### Parameters
-
-
-| Name | Type | Description  | Notes |
-|------------- | ------------- | ------------- | -------------|
-| **id** | `string` | Job ID | [Defaults to `undefined`] |
-
-### Return type
-
-[**DtoJob**](DtoJob.md)
-
-### Authorization
-
-[BearerAuth](../README.md#BearerAuth)
-
-### HTTP request headers
-
-- **Content-Type**: Not defined
-- **Accept**: `application/json`
-
-
-### HTTP response details
-| Status code | Description | Response headers |
-|-------------|-------------|------------------|
-| **200** | OK |  -  |
-| **400** | invalid job or not cancellable |  -  |
-| **401** | Unauthorized |  -  |
-| **403** | forbidden |  -  |
-| **404** | not found |  -  |
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-
-## adminEnqueueArcherJob
-
-> DtoJob adminEnqueueArcherJob(body)
-
-Enqueue a new Archer job (admin)
-
-Create a job immediately or schedule it for the future via `run_at`.
-
-### Example
-
-```ts
-import {
-  Configuration,
-  ArcherAdminApi,
-} from '@glueops/autoglue-sdk-go';
-import type { AdminEnqueueArcherJobRequest } from '@glueops/autoglue-sdk-go';
-
-async function example() {
-  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
-  const config = new Configuration({ 
-    // To configure API key authorization: BearerAuth
-    apiKey: "YOUR API KEY",
-  });
-  const api = new ArcherAdminApi(config);
-
-  const body = {
-    // object | Job parameters
-    body: Object,
-  } satisfies AdminEnqueueArcherJobRequest;
-
-  try {
-    const data = await api.adminEnqueueArcherJob(body);
-    console.log(data);
-  } catch (error) {
-    console.error(error);
-  }
-}
-
-// Run the test
-example().catch(console.error);
-```
-
-### Parameters
-
-
-| Name | Type | Description  | Notes |
-|------------- | ------------- | ------------- | -------------|
-| **body** | `object` | Job parameters | |
-
-### Return type
-
-[**DtoJob**](DtoJob.md)
-
-### Authorization
-
-[BearerAuth](../README.md#BearerAuth)
-
-### HTTP request headers
-
-- **Content-Type**: `application/json`
-- **Accept**: `application/json`
-
-
-### HTTP response details
-| Status code | Description | Response headers |
-|-------------|-------------|------------------|
-| **200** | OK |  -  |
-| **400** | invalid json or missing fields |  -  |
-| **401** | Unauthorized |  -  |
-| **403** | forbidden |  -  |
-| **500** | internal error |  -  |
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-
-## adminListArcherJobs
-
-> DtoPageJob adminListArcherJobs(status, queue, q, page, pageSize)
-
-List Archer jobs (admin)
-
-Paginated background jobs with optional filters. Search `q` may match id, type, error, payload (implementation-dependent).
-
-### Example
-
-```ts
-import {
-  Configuration,
-  ArcherAdminApi,
-} from '@glueops/autoglue-sdk-go';
-import type { AdminListArcherJobsRequest } from '@glueops/autoglue-sdk-go';
-
-async function example() {
-  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
-  const config = new Configuration({ 
-    // To configure API key authorization: BearerAuth
-    apiKey: "YOUR API KEY",
-  });
-  const api = new ArcherAdminApi(config);
-
-  const body = {
-    // 'queued' | 'running' | 'succeeded' | 'failed' | 'canceled' | 'retrying' | 'scheduled' | Filter by status (optional)
-    status: status_example,
-    // string | Filter by queue name / worker name (optional)
-    queue: queue_example,
-    // string | Free-text search (optional)
-    q: q_example,
-    // number | Page number (optional)
-    page: 56,
-    // number | Items per page (optional)
-    pageSize: 56,
-  } satisfies AdminListArcherJobsRequest;
-
-  try {
-    const data = await api.adminListArcherJobs(body);
-    console.log(data);
-  } catch (error) {
-    console.error(error);
-  }
-}
-
-// Run the test
-example().catch(console.error);
-```
-
-### Parameters
-
-
-| Name | Type | Description  | Notes |
-|------------- | ------------- | ------------- | -------------|
-| **status** | `queued`, `running`, `succeeded`, `failed`, `canceled`, `retrying`, `scheduled` | Filter by status | [Optional] [Defaults to `undefined`] [Enum: queued, running, succeeded, failed, canceled, retrying, scheduled] |
-| **queue** | `string` | Filter by queue name / worker name | [Optional] [Defaults to `undefined`] |
-| **q** | `string` | Free-text search | [Optional] [Defaults to `undefined`] |
-| **page** | `number` | Page number | [Optional] [Defaults to `1`] |
-| **pageSize** | `number` | Items per page | [Optional] [Defaults to `25`] |
-
-### Return type
-
-[**DtoPageJob**](DtoPageJob.md)
-
-### Authorization
-
-[BearerAuth](../README.md#BearerAuth)
-
-### HTTP request headers
-
-- **Content-Type**: Not defined
-- **Accept**: `application/json`
-
-
-### HTTP response details
-| Status code | Description | Response headers |
-|-------------|-------------|------------------|
-| **200** | OK |  -  |
-| **401** | Unauthorized |  -  |
-| **403** | forbidden |  -  |
-| **500** | internal error |  -  |
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-
-## adminListArcherQueues
-
-> Array<DtoQueueInfo> adminListArcherQueues()
-
-List Archer queues (admin)
-
-Summary metrics per queue (pending, running, failed, scheduled).
-
-### Example
-
-```ts
-import {
-  Configuration,
-  ArcherAdminApi,
-} from '@glueops/autoglue-sdk-go';
-import type { AdminListArcherQueuesRequest } from '@glueops/autoglue-sdk-go';
-
-async function example() {
-  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
-  const config = new Configuration({ 
-    // To configure API key authorization: BearerAuth
-    apiKey: "YOUR API KEY",
-  });
-  const api = new ArcherAdminApi(config);
-
-  try {
-    const data = await api.adminListArcherQueues();
-    console.log(data);
-  } catch (error) {
-    console.error(error);
-  }
-}
-
-// Run the test
-example().catch(console.error);
-```
-
-### Parameters
-
-This endpoint does not need any parameter.
-
-### Return type
-
-[**Array<DtoQueueInfo>**](DtoQueueInfo.md)
-
-### Authorization
-
-[BearerAuth](../README.md#BearerAuth)
-
-### HTTP request headers
-
-- **Content-Type**: Not defined
-- **Accept**: `application/json`
-
-
-### HTTP response details
-| Status code | Description | Response headers |
-|-------------|-------------|------------------|
-| **200** | OK |  -  |
-| **401** | Unauthorized |  -  |
-| **403** | forbidden |  -  |
-| **500** | internal error |  -  |
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-
-## adminRetryArcherJob
-
-> DtoJob adminRetryArcherJob(id)
-
-Retry a failed/canceled Archer job (admin)
-
-Marks the job retriable (DB flip). Swap this for an Archer admin call if you expose one.
-
-### Example
-
-```ts
-import {
-  Configuration,
-  ArcherAdminApi,
-} from '@glueops/autoglue-sdk-go';
-import type { AdminRetryArcherJobRequest } from '@glueops/autoglue-sdk-go';
-
-async function example() {
-  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
-  const config = new Configuration({ 
-    // To configure API key authorization: BearerAuth
-    apiKey: "YOUR API KEY",
-  });
-  const api = new ArcherAdminApi(config);
-
-  const body = {
-    // string | Job ID
-    id: id_example,
-  } satisfies AdminRetryArcherJobRequest;
-
-  try {
-    const data = await api.adminRetryArcherJob(body);
-    console.log(data);
-  } catch (error) {
-    console.error(error);
-  }
-}
-
-// Run the test
-example().catch(console.error);
-```
-
-### Parameters
-
-
-| Name | Type | Description  | Notes |
-|------------- | ------------- | ------------- | -------------|
-| **id** | `string` | Job ID | [Defaults to `undefined`] |
-
-### Return type
-
-[**DtoJob**](DtoJob.md)
-
-### Authorization
-
-[BearerAuth](../README.md#BearerAuth)
-
-### HTTP request headers
-
-- **Content-Type**: Not defined
-- **Accept**: `application/json`
-
-
-### HTTP response details
-| Status code | Description | Response headers |
-|-------------|-------------|------------------|
-| **200** | OK |  -  |
-| **400** | invalid job or not eligible |  -  |
-| **401** | Unauthorized |  -  |
-| **403** | forbidden |  -  |
-| **404** | not found |  -  |
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-

ui/src/sdk/docs/AuthApi.md

@@ -1,334 +0,0 @@
-# AuthApi
-
-All URIs are relative to */api/v1*
-
-| Method | HTTP request | Description |
-|------------- | ------------- | -------------|
-| [**authCallback**](AuthApi.md#authcallback) | **GET** /auth/{provider}/callback | Handle social login callback |
-| [**authStart**](AuthApi.md#authstart) | **POST** /auth/{provider}/start | Begin social login |
-| [**getJWKS**](AuthApi.md#getjwks) | **GET** /.well-known/jwks.json | Get JWKS |
-| [**logout**](AuthApi.md#logout) | **POST** /auth/logout | Revoke refresh token family (logout everywhere) |
-| [**refresh**](AuthApi.md#refresh) | **POST** /auth/refresh | Rotate refresh token |
-
-
-
-## authCallback
-
-> DtoTokenPair authCallback(provider)
-
-Handle social login callback
-
-### Example
-
-```ts
-import {
-  Configuration,
-  AuthApi,
-} from '@glueops/autoglue-sdk-go';
-import type { AuthCallbackRequest } from '@glueops/autoglue-sdk-go';
-
-async function example() {
-  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
-  const api = new AuthApi();
-
-  const body = {
-    // string | google|github
-    provider: provider_example,
-  } satisfies AuthCallbackRequest;
-
-  try {
-    const data = await api.authCallback(body);
-    console.log(data);
-  } catch (error) {
-    console.error(error);
-  }
-}
-
-// Run the test
-example().catch(console.error);
-```
-
-### Parameters
-
-
-| Name | Type | Description  | Notes |
-|------------- | ------------- | ------------- | -------------|
-| **provider** | `string` | google|github | [Defaults to `undefined`] |
-
-### Return type
-
-[**DtoTokenPair**](DtoTokenPair.md)
-
-### Authorization
-
-No authorization required
-
-### HTTP request headers
-
-- **Content-Type**: Not defined
-- **Accept**: `application/json`
-
-
-### HTTP response details
-| Status code | Description | Response headers |
-|-------------|-------------|------------------|
-| **200** | OK |  -  |
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-
-## authStart
-
-> DtoAuthStartResponse authStart(provider)
-
-Begin social login
-
-Returns provider authorization URL for the frontend to redirect
-
-### Example
-
-```ts
-import {
-  Configuration,
-  AuthApi,
-} from '@glueops/autoglue-sdk-go';
-import type { AuthStartRequest } from '@glueops/autoglue-sdk-go';
-
-async function example() {
-  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
-  const api = new AuthApi();
-
-  const body = {
-    // string | google|github
-    provider: provider_example,
-  } satisfies AuthStartRequest;
-
-  try {
-    const data = await api.authStart(body);
-    console.log(data);
-  } catch (error) {
-    console.error(error);
-  }
-}
-
-// Run the test
-example().catch(console.error);
-```
-
-### Parameters
-
-
-| Name | Type | Description  | Notes |
-|------------- | ------------- | ------------- | -------------|
-| **provider** | `string` | google|github | [Defaults to `undefined`] |
-
-### Return type
-
-[**DtoAuthStartResponse**](DtoAuthStartResponse.md)
-
-### Authorization
-
-No authorization required
-
-### HTTP request headers
-
-- **Content-Type**: Not defined
-- **Accept**: `application/json`
-
-
-### HTTP response details
-| Status code | Description | Response headers |
-|-------------|-------------|------------------|
-| **200** | OK |  -  |
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-
-## getJWKS
-
-> DtoJWKS getJWKS()
-
-Get JWKS
-
-Returns the JSON Web Key Set for token verification
-
-### Example
-
-```ts
-import {
-  Configuration,
-  AuthApi,
-} from '@glueops/autoglue-sdk-go';
-import type { GetJWKSRequest } from '@glueops/autoglue-sdk-go';
-
-async function example() {
-  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
-  const api = new AuthApi();
-
-  try {
-    const data = await api.getJWKS();
-    console.log(data);
-  } catch (error) {
-    console.error(error);
-  }
-}
-
-// Run the test
-example().catch(console.error);
-```
-
-### Parameters
-
-This endpoint does not need any parameter.
-
-### Return type
-
-[**DtoJWKS**](DtoJWKS.md)
-
-### Authorization
-
-No authorization required
-
-### HTTP request headers
-
-- **Content-Type**: Not defined
-- **Accept**: `application/json`
-
-
-### HTTP response details
-| Status code | Description | Response headers |
-|-------------|-------------|------------------|
-| **200** | OK |  -  |
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-
-## logout
-
-> logout(body)
-
-Revoke refresh token family (logout everywhere)
-
-### Example
-
-```ts
-import {
-  Configuration,
-  AuthApi,
-} from '@glueops/autoglue-sdk-go';
-import type { LogoutRequest } from '@glueops/autoglue-sdk-go';
-
-async function example() {
-  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
-  const api = new AuthApi();
-
-  const body = {
-    // DtoLogoutRequest | Refresh token
-    body: ...,
-  } satisfies LogoutRequest;
-
-  try {
-    const data = await api.logout(body);
-    console.log(data);
-  } catch (error) {
-    console.error(error);
-  }
-}
-
-// Run the test
-example().catch(console.error);
-```
-
-### Parameters
-
-
-| Name | Type | Description  | Notes |
-|------------- | ------------- | ------------- | -------------|
-| **body** | [DtoLogoutRequest](DtoLogoutRequest.md) | Refresh token | |
-
-### Return type
-
-`void` (Empty response body)
-
-### Authorization
-
-No authorization required
-
-### HTTP request headers
-
-- **Content-Type**: `application/json`
-- **Accept**: Not defined
-
-
-### HTTP response details
-| Status code | Description | Response headers |
-|-------------|-------------|------------------|
-| **204** | No Content |  -  |
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-
-## refresh
-
-> DtoTokenPair refresh(body)
-
-Rotate refresh token
-
-### Example
-
-```ts
-import {
-  Configuration,
-  AuthApi,
-} from '@glueops/autoglue-sdk-go';
-import type { RefreshRequest } from '@glueops/autoglue-sdk-go';
-
-async function example() {
-  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
-  const api = new AuthApi();
-
-  const body = {
-    // DtoRefreshRequest | Refresh token
-    body: ...,
-  } satisfies RefreshRequest;
-
-  try {
-    const data = await api.refresh(body);
-    console.log(data);
-  } catch (error) {
-    console.error(error);
-  }
-}
-
-// Run the test
-example().catch(console.error);
-```
-
-### Parameters
-
-
-| Name | Type | Description  | Notes |
-|------------- | ------------- | ------------- | -------------|
-| **body** | [DtoRefreshRequest](DtoRefreshRequest.md) | Refresh token | |
-
-### Return type
-
-[**DtoTokenPair**](DtoTokenPair.md)
-
-### Authorization
-
-No authorization required
-
-### HTTP request headers
-
-- **Content-Type**: `application/json`
-- **Accept**: `application/json`
-
-
-### HTTP response details
-| Status code | Description | Response headers |
-|-------------|-------------|------------------|
-| **200** | OK |  -  |
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-

ui/src/sdk/docs/DtoAnnotationResponse.md

@@ -1,44 +0,0 @@
-
-# DtoAnnotationResponse
-
-
-## Properties
-
-Name | Type
------------- | -------------
-`created_at` | string
-`id` | string
-`key` | string
-`organization_id` | string
-`updated_at` | string
-`value` | string
-
-## Example
-
-```typescript
-import type { DtoAnnotationResponse } from '@glueops/autoglue-sdk-go'
-
-// TODO: Update the object below with actual values
-const example = {
-  "created_at": null,
-  "id": null,
-  "key": null,
-  "organization_id": null,
-  "updated_at": null,
-  "value": null,
-} satisfies DtoAnnotationResponse
-
-console.log(example)
-
-// Convert the instance to a JSON string
-const exampleJSON: string = JSON.stringify(example)
-console.log(exampleJSON)
-
-// Parse the JSON string back to an object
-const exampleParsed = JSON.parse(exampleJSON) as DtoAnnotationResponse
-console.log(exampleParsed)
-```
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-

ui/src/sdk/docs/DtoAttachAnnotationsRequest.md

@@ -1,34 +0,0 @@
-
-# DtoAttachAnnotationsRequest
-
-
-## Properties
-
-Name | Type
------------- | -------------
-`annotation_ids` | Array<string>
-
-## Example
-
-```typescript
-import type { DtoAttachAnnotationsRequest } from '@glueops/autoglue-sdk-go'
-
-// TODO: Update the object below with actual values
-const example = {
-  "annotation_ids": null,
-} satisfies DtoAttachAnnotationsRequest
-
-console.log(example)
-
-// Convert the instance to a JSON string
-const exampleJSON: string = JSON.stringify(example)
-console.log(exampleJSON)
-
-// Parse the JSON string back to an object
-const exampleParsed = JSON.parse(exampleJSON) as DtoAttachAnnotationsRequest
-console.log(exampleParsed)
-```
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-

ui/src/sdk/docs/DtoAttachLabelsRequest.md

@@ -1,34 +0,0 @@
-
-# DtoAttachLabelsRequest
-
-
-## Properties
-
-Name | Type
------------- | -------------
-`label_ids` | Array<string>
-
-## Example
-
-```typescript
-import type { DtoAttachLabelsRequest } from '@glueops/autoglue-sdk-go'
-
-// TODO: Update the object below with actual values
-const example = {
-  "label_ids": null,
-} satisfies DtoAttachLabelsRequest
-
-console.log(example)
-
-// Convert the instance to a JSON string
-const exampleJSON: string = JSON.stringify(example)
-console.log(exampleJSON)
-
-// Parse the JSON string back to an object
-const exampleParsed = JSON.parse(exampleJSON) as DtoAttachLabelsRequest
-console.log(exampleParsed)
-```
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-

ui/src/sdk/docs/DtoAttachServersRequest.md

@@ -1,34 +0,0 @@
-
-# DtoAttachServersRequest
-
-
-## Properties
-
-Name | Type
------------- | -------------
-`server_ids` | Array<string>
-
-## Example
-
-```typescript
-import type { DtoAttachServersRequest } from '@glueops/autoglue-sdk-go'
-
-// TODO: Update the object below with actual values
-const example = {
-  "server_ids": null,
-} satisfies DtoAttachServersRequest
-
-console.log(example)
-
-// Convert the instance to a JSON string
-const exampleJSON: string = JSON.stringify(example)
-console.log(exampleJSON)
-
-// Parse the JSON string back to an object
-const exampleParsed = JSON.parse(exampleJSON) as DtoAttachServersRequest
-console.log(exampleParsed)
-```
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-

ui/src/sdk/docs/DtoAttachTaintsRequest.md

@@ -1,34 +0,0 @@
-
-# DtoAttachTaintsRequest
-
-
-## Properties
-
-Name | Type
------------- | -------------
-`taint_ids` | Array<string>
-
-## Example
-
-```typescript
-import type { DtoAttachTaintsRequest } from '@glueops/autoglue-sdk-go'
-
-// TODO: Update the object below with actual values
-const example = {
-  "taint_ids": null,
-} satisfies DtoAttachTaintsRequest
-
-console.log(example)
-
-// Convert the instance to a JSON string
-const exampleJSON: string = JSON.stringify(example)
-console.log(exampleJSON)
-
-// Parse the JSON string back to an object
-const exampleParsed = JSON.parse(exampleJSON) as DtoAttachTaintsRequest
-console.log(exampleParsed)
-```
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-

ui/src/sdk/docs/DtoAuthStartResponse.md

@@ -1,34 +0,0 @@
-
-# DtoAuthStartResponse
-
-
-## Properties
-
-Name | Type
------------- | -------------
-`auth_url` | string
-
-## Example
-
-```typescript
-import type { DtoAuthStartResponse } from '@glueops/autoglue-sdk-go'
-
-// TODO: Update the object below with actual values
-const example = {
-  "auth_url": https://accounts.google.com/o/oauth2/v2/auth?client_id=...,
-} satisfies DtoAuthStartResponse
-
-console.log(example)
-
-// Convert the instance to a JSON string
-const exampleJSON: string = JSON.stringify(example)
-console.log(exampleJSON)
-
-// Parse the JSON string back to an object
-const exampleParsed = JSON.parse(exampleJSON) as DtoAuthStartResponse
-console.log(exampleParsed)
-```
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-

ui/src/sdk/docs/DtoCreateAnnotationRequest.md

@@ -1,36 +0,0 @@
-
-# DtoCreateAnnotationRequest
-
-
-## Properties
-
-Name | Type
------------- | -------------
-`key` | string
-`value` | string
-
-## Example
-
-```typescript
-import type { DtoCreateAnnotationRequest } from '@glueops/autoglue-sdk-go'
-
-// TODO: Update the object below with actual values
-const example = {
-  "key": null,
-  "value": null,
-} satisfies DtoCreateAnnotationRequest
-
-console.log(example)
-
-// Convert the instance to a JSON string
-const exampleJSON: string = JSON.stringify(example)
-console.log(exampleJSON)
-
-// Parse the JSON string back to an object
-const exampleParsed = JSON.parse(exampleJSON) as DtoCreateAnnotationRequest
-console.log(exampleParsed)
-```
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-

ui/src/sdk/docs/DtoCreateLabelRequest.md

@@ -1,36 +0,0 @@
-
-# DtoCreateLabelRequest
-
-
-## Properties
-
-Name | Type
------------- | -------------
-`key` | string
-`value` | string
-
-## Example
-
-```typescript
-import type { DtoCreateLabelRequest } from '@glueops/autoglue-sdk-go'
-
-// TODO: Update the object below with actual values
-const example = {
-  "key": null,
-  "value": null,
-} satisfies DtoCreateLabelRequest
-
-console.log(example)
-
-// Convert the instance to a JSON string
-const exampleJSON: string = JSON.stringify(example)
-console.log(exampleJSON)
-
-// Parse the JSON string back to an object
-const exampleParsed = JSON.parse(exampleJSON) as DtoCreateLabelRequest
-console.log(exampleParsed)
-```
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-

ui/src/sdk/docs/DtoCreateNodePoolRequest.md

@@ -1,36 +0,0 @@
-
-# DtoCreateNodePoolRequest
-
-
-## Properties
-
-Name | Type
------------- | -------------
-`name` | string
-`role` | string
-
-## Example
-
-```typescript
-import type { DtoCreateNodePoolRequest } from '@glueops/autoglue-sdk-go'
-
-// TODO: Update the object below with actual values
-const example = {
-  "name": null,
-  "role": null,
-} satisfies DtoCreateNodePoolRequest
-
-console.log(example)
-
-// Convert the instance to a JSON string
-const exampleJSON: string = JSON.stringify(example)
-console.log(exampleJSON)
-
-// Parse the JSON string back to an object
-const exampleParsed = JSON.parse(exampleJSON) as DtoCreateNodePoolRequest
-console.log(exampleParsed)
-```
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-

ui/src/sdk/docs/DtoCreateSSHRequest.md

@@ -1,40 +0,0 @@
-
-# DtoCreateSSHRequest
-
-
-## Properties
-
-Name | Type
------------- | -------------
-`bits` | number
-`comment` | string
-`name` | string
-`type` | string
-
-## Example
-
-```typescript
-import type { DtoCreateSSHRequest } from '@glueops/autoglue-sdk-go'
-
-// TODO: Update the object below with actual values
-const example = {
-  "bits": null,
-  "comment": deploy@autoglue,
-  "name": null,
-  "type": null,
-} satisfies DtoCreateSSHRequest
-
-console.log(example)
-
-// Convert the instance to a JSON string
-const exampleJSON: string = JSON.stringify(example)
-console.log(exampleJSON)
-
-// Parse the JSON string back to an object
-const exampleParsed = JSON.parse(exampleJSON) as DtoCreateSSHRequest
-console.log(exampleParsed)
-```
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-

ui/src/sdk/docs/DtoCreateServerRequest.md

@@ -1,46 +0,0 @@
-
-# DtoCreateServerRequest
-
-
-## Properties
-
-Name | Type
------------- | -------------
-`hostname` | string
-`private_ip_address` | string
-`public_ip_address` | string
-`role` | string
-`ssh_key_id` | string
-`ssh_user` | string
-`status` | string
-
-## Example
-
-```typescript
-import type { DtoCreateServerRequest } from '@glueops/autoglue-sdk-go'
-
-// TODO: Update the object below with actual values
-const example = {
-  "hostname": null,
-  "private_ip_address": null,
-  "public_ip_address": null,
-  "role": master|worker|bastion,
-  "ssh_key_id": null,
-  "ssh_user": null,
-  "status": pending|provisioning|ready|failed,
-} satisfies DtoCreateServerRequest
-
-console.log(example)
-
-// Convert the instance to a JSON string
-const exampleJSON: string = JSON.stringify(example)
-console.log(exampleJSON)
-
-// Parse the JSON string back to an object
-const exampleParsed = JSON.parse(exampleJSON) as DtoCreateServerRequest
-console.log(exampleParsed)
-```
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-

ui/src/sdk/docs/DtoCreateTaintRequest.md

@@ -1,38 +0,0 @@
-
-# DtoCreateTaintRequest
-
-
-## Properties
-
-Name | Type
------------- | -------------
-`effect` | string
-`key` | string
-`value` | string
-
-## Example
-
-```typescript
-import type { DtoCreateTaintRequest } from '@glueops/autoglue-sdk-go'
-
-// TODO: Update the object below with actual values
-const example = {
-  "effect": null,
-  "key": null,
-  "value": null,
-} satisfies DtoCreateTaintRequest
-
-console.log(example)
-
-// Convert the instance to a JSON string
-const exampleJSON: string = JSON.stringify(example)
-console.log(exampleJSON)
-
-// Parse the JSON string back to an object
-const exampleParsed = JSON.parse(exampleJSON) as DtoCreateTaintRequest
-console.log(exampleParsed)
-```
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-

ui/src/sdk/docs/DtoJWK.md

@@ -1,46 +0,0 @@
-
-# DtoJWK
-
-
-## Properties
-
-Name | Type
------------- | -------------
-`alg` | string
-`e` | string
-`kid` | string
-`kty` | string
-`n` | string
-`use` | string
-`x` | string
-
-## Example
-
-```typescript
-import type { DtoJWK } from '@glueops/autoglue-sdk-go'
-
-// TODO: Update the object below with actual values
-const example = {
-  "alg": RS256,
-  "e": AQAB,
-  "kid": 7c6f1d0a-7a98-4e6a-9dbf-6b1af4b9f345,
-  "kty": RSA,
-  "n": null,
-  "use": sig,
-  "x": null,
-} satisfies DtoJWK
-
-console.log(example)
-
-// Convert the instance to a JSON string
-const exampleJSON: string = JSON.stringify(example)
-console.log(exampleJSON)
-
-// Parse the JSON string back to an object
-const exampleParsed = JSON.parse(exampleJSON) as DtoJWK
-console.log(exampleParsed)
-```
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-

ui/src/sdk/docs/DtoJWKS.md

@@ -1,34 +0,0 @@
-
-# DtoJWKS
-
-
-## Properties
-
-Name | Type
------------- | -------------
-`keys` | [Array<DtoJWK>](DtoJWK.md)
-
-## Example
-
-```typescript
-import type { DtoJWKS } from '@glueops/autoglue-sdk-go'
-
-// TODO: Update the object below with actual values
-const example = {
-  "keys": null,
-} satisfies DtoJWKS
-
-console.log(example)
-
-// Convert the instance to a JSON string
-const exampleJSON: string = JSON.stringify(example)
-console.log(exampleJSON)
-
-// Parse the JSON string back to an object
-const exampleParsed = JSON.parse(exampleJSON) as DtoJWKS
-console.log(exampleParsed)
-```
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-

ui/src/sdk/docs/DtoJob.md

@@ -1,54 +0,0 @@
-
-# DtoJob
-
-
-## Properties
-
-Name | Type
------------- | -------------
-`attempts` | number
-`created_at` | string
-`id` | string
-`last_error` | string
-`max_attempts` | number
-`payload` | object
-`queue` | string
-`run_at` | string
-`status` | [DtoJobStatus](DtoJobStatus.md)
-`type` | string
-`updated_at` | string
-
-## Example
-
-```typescript
-import type { DtoJob } from '@glueops/autoglue-sdk-go'
-
-// TODO: Update the object below with actual values
-const example = {
-  "attempts": 0,
-  "created_at": 2025-11-04T09:30:00Z,
-  "id": 01HF7SZK8Z8WG1M3J7S2Z8M2N6,
-  "last_error": error message,
-  "max_attempts": 3,
-  "payload": null,
-  "queue": default,
-  "run_at": 2025-11-04T09:30:00Z,
-  "status": null,
-  "type": email.send,
-  "updated_at": 2025-11-04T09:30:00Z,
-} satisfies DtoJob
-
-console.log(example)
-
-// Convert the instance to a JSON string
-const exampleJSON: string = JSON.stringify(example)
-console.log(exampleJSON)
-
-// Parse the JSON string back to an object
-const exampleParsed = JSON.parse(exampleJSON) as DtoJob
-console.log(exampleParsed)
-```
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-

ui/src/sdk/docs/DtoJobStatus.md

@@ -1,32 +0,0 @@
-
-# DtoJobStatus
-
-
-## Properties
-
-Name | Type
------------- | -------------
-
-## Example
-
-```typescript
-import type { DtoJobStatus } from '@glueops/autoglue-sdk-go'
-
-// TODO: Update the object below with actual values
-const example = {
-} satisfies DtoJobStatus
-
-console.log(example)
-
-// Convert the instance to a JSON string
-const exampleJSON: string = JSON.stringify(example)
-console.log(exampleJSON)
-
-// Parse the JSON string back to an object
-const exampleParsed = JSON.parse(exampleJSON) as DtoJobStatus
-console.log(exampleParsed)
-```
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-

ui/src/sdk/docs/DtoLabelResponse.md

@@ -1,44 +0,0 @@
-
-# DtoLabelResponse
-
-
-## Properties
-
-Name | Type
------------- | -------------
-`created_at` | string
-`id` | string
-`key` | string
-`organization_id` | string
-`updated_at` | string
-`value` | string
-
-## Example
-
-```typescript
-import type { DtoLabelResponse } from '@glueops/autoglue-sdk-go'
-
-// TODO: Update the object below with actual values
-const example = {
-  "created_at": null,
-  "id": null,
-  "key": null,
-  "organization_id": null,
-  "updated_at": null,
-  "value": null,
-} satisfies DtoLabelResponse
-
-console.log(example)
-
-// Convert the instance to a JSON string
-const exampleJSON: string = JSON.stringify(example)
-console.log(exampleJSON)
-
-// Parse the JSON string back to an object
-const exampleParsed = JSON.parse(exampleJSON) as DtoLabelResponse
-console.log(exampleParsed)
-```
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-

ui/src/sdk/docs/DtoLogoutRequest.md

@@ -1,34 +0,0 @@
-
-# DtoLogoutRequest
-
-
-## Properties
-
-Name | Type
------------- | -------------
-`refresh_token` | string
-
-## Example
-
-```typescript
-import type { DtoLogoutRequest } from '@glueops/autoglue-sdk-go'
-
-// TODO: Update the object below with actual values
-const example = {
-  "refresh_token": m0l9o8rT3t0V8d3eFf...,
-} satisfies DtoLogoutRequest
-
-console.log(example)
-
-// Convert the instance to a JSON string
-const exampleJSON: string = JSON.stringify(example)
-console.log(exampleJSON)
-
-// Parse the JSON string back to an object
-const exampleParsed = JSON.parse(exampleJSON) as DtoLogoutRequest
-console.log(exampleParsed)
-```
-
-[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
-
-