mirror of
https://github.com/GlueOps/autoglue.git
synced 2026-02-13 12:50:05 +01:00
7985b310c5
Refactor routing logic (Chi can be a pain when you're managing large sets of routes, but its one of the better options when considering a potential gRPC future)
Upgrade API Generation to fully support OAS3.1
Update swagger interface to RapiDoc - the old swagger interface doesnt support OAS3.1 yet
Docs are now embedded as part of the UI - once logged in they pick up the cookies and org id from what gets set by the UI, but you can override it
Other updates include better portability of the db-studio
Signed-off-by: allanice001 <allanice001@gmail.com>
6550 lines
162 KiB
YAML
6550 lines
162 KiB
YAML
components:
|
|
schemas:
|
|
dto.AnnotationResponse:
|
|
properties:
|
|
created_at:
|
|
type: string
|
|
id:
|
|
type: string
|
|
key:
|
|
type: string
|
|
organization_id:
|
|
type: string
|
|
updated_at:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
dto.AttachAnnotationsRequest:
|
|
properties:
|
|
annotation_ids:
|
|
items:
|
|
type: string
|
|
type: array
|
|
uniqueItems: false
|
|
type: object
|
|
dto.AttachBastionRequest:
|
|
properties:
|
|
server_id:
|
|
type: string
|
|
type: object
|
|
dto.AttachCaptainDomainRequest:
|
|
properties:
|
|
domain_id:
|
|
type: string
|
|
type: object
|
|
dto.AttachLabelsRequest:
|
|
properties:
|
|
label_ids:
|
|
items:
|
|
type: string
|
|
type: array
|
|
uniqueItems: false
|
|
type: object
|
|
dto.AttachLoadBalancerRequest:
|
|
properties:
|
|
load_balancer_id:
|
|
type: string
|
|
type: object
|
|
dto.AttachRecordSetRequest:
|
|
properties:
|
|
record_set_id:
|
|
type: string
|
|
type: object
|
|
dto.AttachServersRequest:
|
|
properties:
|
|
server_ids:
|
|
items:
|
|
type: string
|
|
type: array
|
|
uniqueItems: false
|
|
type: object
|
|
dto.AttachTaintsRequest:
|
|
properties:
|
|
taint_ids:
|
|
items:
|
|
type: string
|
|
type: array
|
|
uniqueItems: false
|
|
type: object
|
|
dto.AuthStartResponse:
|
|
properties:
|
|
auth_url:
|
|
example: https://accounts.google.com/o/oauth2/v2/auth?client_id=...
|
|
type: string
|
|
type: object
|
|
dto.ClusterResponse:
|
|
properties:
|
|
apps_load_balancer:
|
|
$ref: '#/components/schemas/dto.LoadBalancerResponse'
|
|
bastion_server:
|
|
$ref: '#/components/schemas/dto.ServerResponse'
|
|
captain_domain:
|
|
$ref: '#/components/schemas/dto.DomainResponse'
|
|
certificate_key:
|
|
type: string
|
|
control_plane_record_set:
|
|
$ref: '#/components/schemas/dto.RecordSetResponse'
|
|
created_at:
|
|
type: string
|
|
glueops_load_balancer:
|
|
$ref: '#/components/schemas/dto.LoadBalancerResponse'
|
|
id:
|
|
type: string
|
|
last_error:
|
|
type: string
|
|
name:
|
|
type: string
|
|
node_pools:
|
|
items:
|
|
$ref: '#/components/schemas/dto.NodePoolResponse'
|
|
type: array
|
|
uniqueItems: false
|
|
provider:
|
|
type: string
|
|
random_token:
|
|
type: string
|
|
region:
|
|
type: string
|
|
status:
|
|
type: string
|
|
updated_at:
|
|
type: string
|
|
type: object
|
|
dto.CreateAnnotationRequest:
|
|
properties:
|
|
key:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
dto.CreateClusterRequest:
|
|
properties:
|
|
name:
|
|
type: string
|
|
provider:
|
|
type: string
|
|
region:
|
|
type: string
|
|
type: object
|
|
dto.CreateCredentialRequest:
|
|
properties:
|
|
account_id:
|
|
maxLength: 32
|
|
type: string
|
|
kind:
|
|
description: aws_access_key, api_token, basic_auth, oauth2
|
|
type: string
|
|
name:
|
|
description: human label
|
|
maxLength: 100
|
|
type: string
|
|
provider:
|
|
enum:
|
|
- aws
|
|
- cloudflare
|
|
- hetzner
|
|
- digitalocean
|
|
- generic
|
|
type: string
|
|
region:
|
|
maxLength: 32
|
|
type: string
|
|
schema_version:
|
|
description: secret schema version
|
|
minimum: 1
|
|
type: integer
|
|
scope:
|
|
description: '{"service":"route53"} or {"arn":"..."}'
|
|
type: object
|
|
scope_kind:
|
|
enum:
|
|
- provider
|
|
- service
|
|
- resource
|
|
type: string
|
|
scope_version:
|
|
description: scope schema version
|
|
minimum: 1
|
|
type: integer
|
|
secret:
|
|
description: encrypted later
|
|
type: object
|
|
required:
|
|
- kind
|
|
- provider
|
|
- schema_version
|
|
- scope
|
|
- scope_kind
|
|
- scope_version
|
|
- secret
|
|
type: object
|
|
dto.CreateDomainRequest:
|
|
properties:
|
|
credential_id:
|
|
type: string
|
|
domain_name:
|
|
type: string
|
|
zone_id:
|
|
maxLength: 128
|
|
type: string
|
|
required:
|
|
- credential_id
|
|
- domain_name
|
|
type: object
|
|
dto.CreateLabelRequest:
|
|
properties:
|
|
key:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
dto.CreateLoadBalancerRequest:
|
|
properties:
|
|
kind:
|
|
enum:
|
|
- glueops|public
|
|
example: public
|
|
type: string
|
|
name:
|
|
example: glueops
|
|
type: string
|
|
private_ip_address:
|
|
example: 192.168.0.2
|
|
type: string
|
|
public_ip_address:
|
|
example: 8.8.8.8
|
|
type: string
|
|
type: object
|
|
dto.CreateNodePoolRequest:
|
|
properties:
|
|
name:
|
|
type: string
|
|
role:
|
|
enum:
|
|
- master
|
|
- worker
|
|
type: string
|
|
type: object
|
|
dto.CreateRecordSetRequest:
|
|
properties:
|
|
name:
|
|
description: |-
|
|
Name relative to domain ("endpoint") OR FQDN ("endpoint.example.com").
|
|
Server normalizes to relative.
|
|
maxLength: 253
|
|
type: string
|
|
ttl:
|
|
maximum: 86400
|
|
minimum: 1
|
|
type: integer
|
|
type:
|
|
type: string
|
|
values:
|
|
items:
|
|
type: string
|
|
type: array
|
|
uniqueItems: false
|
|
required:
|
|
- name
|
|
- type
|
|
type: object
|
|
dto.CreateSSHRequest:
|
|
properties:
|
|
bits:
|
|
description: Only for RSA
|
|
type: integer
|
|
comment:
|
|
example: deploy@autoglue
|
|
type: string
|
|
name:
|
|
type: string
|
|
type:
|
|
description: '"rsa" (default) or "ed25519"'
|
|
type: string
|
|
type: object
|
|
dto.CreateServerRequest:
|
|
properties:
|
|
hostname:
|
|
type: string
|
|
private_ip_address:
|
|
type: string
|
|
public_ip_address:
|
|
type: string
|
|
role:
|
|
enum:
|
|
- master
|
|
- worker
|
|
- bastion
|
|
example: master|worker|bastion
|
|
type: string
|
|
ssh_key_id:
|
|
type: string
|
|
ssh_user:
|
|
type: string
|
|
status:
|
|
enum:
|
|
- pending
|
|
- provisioning
|
|
- ready
|
|
- failed
|
|
example: pending|provisioning|ready|failed
|
|
type: string
|
|
type: object
|
|
dto.CreateTaintRequest:
|
|
properties:
|
|
effect:
|
|
type: string
|
|
key:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
dto.CredentialOut:
|
|
properties:
|
|
account_id:
|
|
type: string
|
|
created_at:
|
|
type: string
|
|
id:
|
|
type: string
|
|
kind:
|
|
type: string
|
|
name:
|
|
type: string
|
|
provider:
|
|
type: string
|
|
region:
|
|
type: string
|
|
schema_version:
|
|
type: integer
|
|
scope:
|
|
type: object
|
|
scope_kind:
|
|
type: string
|
|
scope_version:
|
|
type: integer
|
|
updated_at:
|
|
type: string
|
|
type: object
|
|
dto.DomainResponse:
|
|
properties:
|
|
created_at:
|
|
type: string
|
|
credential_id:
|
|
type: string
|
|
domain_name:
|
|
type: string
|
|
id:
|
|
type: string
|
|
last_error:
|
|
type: string
|
|
organization_id:
|
|
type: string
|
|
status:
|
|
type: string
|
|
updated_at:
|
|
type: string
|
|
zone_id:
|
|
type: string
|
|
type: object
|
|
dto.EnqueueRequest:
|
|
properties:
|
|
payload:
|
|
type: object
|
|
queue:
|
|
example: default
|
|
type: string
|
|
run_at:
|
|
example: "2025-11-05T08:00:00Z"
|
|
type: string
|
|
type:
|
|
example: email.send
|
|
type: string
|
|
type: object
|
|
dto.JWK:
|
|
properties:
|
|
alg:
|
|
example: RS256
|
|
type: string
|
|
e:
|
|
example: AQAB
|
|
type: string
|
|
kid:
|
|
example: 7c6f1d0a-7a98-4e6a-9dbf-6b1af4b9f345
|
|
type: string
|
|
kty:
|
|
example: RSA
|
|
type: string
|
|
"n":
|
|
type: string
|
|
use:
|
|
example: sig
|
|
type: string
|
|
x:
|
|
type: string
|
|
type: object
|
|
dto.JWKS:
|
|
properties:
|
|
keys:
|
|
items:
|
|
$ref: '#/components/schemas/dto.JWK'
|
|
type: array
|
|
uniqueItems: false
|
|
type: object
|
|
dto.Job:
|
|
properties:
|
|
attempts:
|
|
example: 0
|
|
type: integer
|
|
created_at:
|
|
example: "2025-11-04T09:30:00Z"
|
|
type: string
|
|
id:
|
|
example: 01HF7SZK8Z8WG1M3J7S2Z8M2N6
|
|
type: string
|
|
last_error:
|
|
example: error message
|
|
type: string
|
|
max_attempts:
|
|
example: 3
|
|
type: integer
|
|
payload: {}
|
|
queue:
|
|
example: default
|
|
type: string
|
|
run_at:
|
|
example: "2025-11-04T09:30:00Z"
|
|
type: string
|
|
status:
|
|
$ref: '#/components/schemas/dto.JobStatus'
|
|
type:
|
|
example: email.send
|
|
type: string
|
|
updated_at:
|
|
example: "2025-11-04T09:30:00Z"
|
|
type: string
|
|
type: object
|
|
dto.JobStatus:
|
|
enum:
|
|
- queued|running|succeeded|failed|canceled|retrying|scheduled
|
|
example: queued
|
|
type: string
|
|
x-enum-varnames:
|
|
- StatusQueued
|
|
- StatusRunning
|
|
- StatusSucceeded
|
|
- StatusFailed
|
|
- StatusCanceled
|
|
- StatusRetrying
|
|
- StatusScheduled
|
|
dto.LabelResponse:
|
|
properties:
|
|
created_at:
|
|
type: string
|
|
id:
|
|
type: string
|
|
key:
|
|
type: string
|
|
organization_id:
|
|
type: string
|
|
updated_at:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
dto.LoadBalancerResponse:
|
|
properties:
|
|
created_at:
|
|
type: string
|
|
id:
|
|
type: string
|
|
kind:
|
|
enum:
|
|
- glueops|public
|
|
type: string
|
|
name:
|
|
type: string
|
|
organization_id:
|
|
type: string
|
|
private_ip_address:
|
|
type: string
|
|
public_ip_address:
|
|
type: string
|
|
updated_at:
|
|
type: string
|
|
type: object
|
|
dto.LogoutRequest:
|
|
properties:
|
|
refresh_token:
|
|
example: m0l9o8rT3t0V8d3eFf...
|
|
type: string
|
|
type: object
|
|
dto.NodePoolResponse:
|
|
properties:
|
|
annotations:
|
|
items:
|
|
$ref: '#/components/schemas/dto.AnnotationResponse'
|
|
type: array
|
|
uniqueItems: false
|
|
created_at:
|
|
type: string
|
|
id:
|
|
type: string
|
|
labels:
|
|
items:
|
|
$ref: '#/components/schemas/dto.LabelResponse'
|
|
type: array
|
|
uniqueItems: false
|
|
name:
|
|
type: string
|
|
organization_id:
|
|
type: string
|
|
role:
|
|
enum:
|
|
- master
|
|
- worker
|
|
type: string
|
|
servers:
|
|
items:
|
|
$ref: '#/components/schemas/dto.ServerResponse'
|
|
type: array
|
|
uniqueItems: false
|
|
taints:
|
|
items:
|
|
$ref: '#/components/schemas/dto.TaintResponse'
|
|
type: array
|
|
uniqueItems: false
|
|
updated_at:
|
|
type: string
|
|
type: object
|
|
dto.PageJob:
|
|
properties:
|
|
items:
|
|
items:
|
|
$ref: '#/components/schemas/dto.Job'
|
|
type: array
|
|
uniqueItems: false
|
|
page:
|
|
example: 1
|
|
type: integer
|
|
page_size:
|
|
example: 25
|
|
type: integer
|
|
total:
|
|
example: 120
|
|
type: integer
|
|
type: object
|
|
dto.QueueInfo:
|
|
properties:
|
|
failed:
|
|
example: 5
|
|
type: integer
|
|
name:
|
|
example: default
|
|
type: string
|
|
pending:
|
|
example: 42
|
|
type: integer
|
|
running:
|
|
example: 3
|
|
type: integer
|
|
scheduled:
|
|
example: 7
|
|
type: integer
|
|
type: object
|
|
dto.RecordSetResponse:
|
|
properties:
|
|
created_at:
|
|
type: string
|
|
domain_id:
|
|
type: string
|
|
fingerprint:
|
|
type: string
|
|
id:
|
|
type: string
|
|
last_error:
|
|
type: string
|
|
name:
|
|
type: string
|
|
owner:
|
|
type: string
|
|
status:
|
|
type: string
|
|
ttl:
|
|
type: integer
|
|
type:
|
|
type: string
|
|
updated_at:
|
|
type: string
|
|
values:
|
|
description: '[]string JSON'
|
|
type: object
|
|
type: object
|
|
dto.RefreshRequest:
|
|
properties:
|
|
refresh_token:
|
|
example: m0l9o8rT3t0V8d3eFf...
|
|
type: string
|
|
type: object
|
|
dto.ServerResponse:
|
|
properties:
|
|
created_at:
|
|
type: string
|
|
hostname:
|
|
type: string
|
|
id:
|
|
type: string
|
|
organization_id:
|
|
type: string
|
|
private_ip_address:
|
|
type: string
|
|
public_ip_address:
|
|
type: string
|
|
role:
|
|
enum:
|
|
- master
|
|
- worker
|
|
- bastion
|
|
example: master|worker|bastion
|
|
type: string
|
|
ssh_key_id:
|
|
type: string
|
|
ssh_user:
|
|
type: string
|
|
status:
|
|
enum:
|
|
- pending
|
|
- provisioning
|
|
- ready
|
|
- failed
|
|
example: pending|provisioning|ready|failed
|
|
type: string
|
|
updated_at:
|
|
type: string
|
|
type: object
|
|
dto.SetKubeconfigRequest:
|
|
properties:
|
|
kubeconfig:
|
|
type: string
|
|
type: object
|
|
dto.SshResponse:
|
|
properties:
|
|
created_at:
|
|
type: string
|
|
fingerprint:
|
|
type: string
|
|
id:
|
|
type: string
|
|
name:
|
|
type: string
|
|
organization_id:
|
|
type: string
|
|
public_key:
|
|
type: string
|
|
updated_at:
|
|
type: string
|
|
type: object
|
|
dto.SshRevealResponse:
|
|
properties:
|
|
created_at:
|
|
type: string
|
|
fingerprint:
|
|
type: string
|
|
id:
|
|
type: string
|
|
name:
|
|
type: string
|
|
organization_id:
|
|
type: string
|
|
private_key:
|
|
type: string
|
|
public_key:
|
|
type: string
|
|
updated_at:
|
|
type: string
|
|
type: object
|
|
dto.TaintResponse:
|
|
properties:
|
|
created_at:
|
|
type: string
|
|
effect:
|
|
type: string
|
|
id:
|
|
type: string
|
|
key:
|
|
type: string
|
|
organization_id:
|
|
type: string
|
|
updated_at:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
dto.TokenPair:
|
|
properties:
|
|
access_token:
|
|
example: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ij...
|
|
type: string
|
|
expires_in:
|
|
example: 3600
|
|
type: integer
|
|
refresh_token:
|
|
example: m0l9o8rT3t0V8d3eFf....
|
|
type: string
|
|
token_type:
|
|
example: Bearer
|
|
type: string
|
|
type: object
|
|
dto.UpdateAnnotationRequest:
|
|
properties:
|
|
key:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
dto.UpdateClusterRequest:
|
|
properties:
|
|
name:
|
|
type: string
|
|
provider:
|
|
type: string
|
|
region:
|
|
type: string
|
|
type: object
|
|
dto.UpdateCredentialRequest:
|
|
properties:
|
|
account_id:
|
|
type: string
|
|
name:
|
|
type: string
|
|
region:
|
|
type: string
|
|
scope:
|
|
type: object
|
|
scope_kind:
|
|
type: string
|
|
scope_version:
|
|
type: integer
|
|
secret:
|
|
description: set if rotating
|
|
type: object
|
|
type: object
|
|
dto.UpdateDomainRequest:
|
|
properties:
|
|
credential_id:
|
|
type: string
|
|
domain_name:
|
|
type: string
|
|
status:
|
|
enum:
|
|
- pending
|
|
- provisioning
|
|
- ready
|
|
- failed
|
|
type: string
|
|
zone_id:
|
|
maxLength: 128
|
|
type: string
|
|
type: object
|
|
dto.UpdateLabelRequest:
|
|
properties:
|
|
key:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
dto.UpdateLoadBalancerRequest:
|
|
properties:
|
|
kind:
|
|
enum:
|
|
- glueops|public
|
|
example: public
|
|
type: string
|
|
name:
|
|
example: glue
|
|
type: string
|
|
private_ip_address:
|
|
example: 192.168.0.2
|
|
type: string
|
|
public_ip_address:
|
|
example: 8.8.8.8
|
|
type: string
|
|
type: object
|
|
dto.UpdateNodePoolRequest:
|
|
properties:
|
|
name:
|
|
type: string
|
|
role:
|
|
enum:
|
|
- master
|
|
- worker
|
|
type: string
|
|
type: object
|
|
dto.UpdateRecordSetRequest:
|
|
properties:
|
|
name:
|
|
description: Any change flips status back to pending (worker will UPSERT)
|
|
maxLength: 253
|
|
type: string
|
|
status:
|
|
enum:
|
|
- pending
|
|
- provisioning
|
|
- ready
|
|
- failed
|
|
type: string
|
|
ttl:
|
|
maximum: 86400
|
|
minimum: 1
|
|
type: integer
|
|
type:
|
|
type: string
|
|
values:
|
|
items:
|
|
type: string
|
|
type: array
|
|
uniqueItems: false
|
|
type: object
|
|
dto.UpdateServerRequest:
|
|
properties:
|
|
hostname:
|
|
type: string
|
|
private_ip_address:
|
|
type: string
|
|
public_ip_address:
|
|
type: string
|
|
role:
|
|
enum:
|
|
- master
|
|
- worker
|
|
- bastion
|
|
example: master|worker|bastion
|
|
type: string
|
|
ssh_key_id:
|
|
type: string
|
|
ssh_user:
|
|
type: string
|
|
status:
|
|
enum:
|
|
- pending
|
|
- provisioning
|
|
- ready
|
|
- failed
|
|
example: pending|provisioning|ready|failed
|
|
type: string
|
|
type: object
|
|
dto.UpdateTaintRequest:
|
|
properties:
|
|
effect:
|
|
type: string
|
|
key:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
handlers.HealthStatus:
|
|
properties:
|
|
status:
|
|
example: ok
|
|
type: string
|
|
type: object
|
|
handlers.VersionResponse:
|
|
properties:
|
|
built:
|
|
example: "2025-11-08T12:34:56Z"
|
|
type: string
|
|
builtBy:
|
|
example: ci
|
|
type: string
|
|
commit:
|
|
example: a1b2c3d
|
|
type: string
|
|
commitTime:
|
|
example: "2025-11-08T12:31:00Z"
|
|
type: string
|
|
go:
|
|
example: go1.23.3
|
|
type: string
|
|
goArch:
|
|
example: amd64
|
|
type: string
|
|
goOS:
|
|
example: linux
|
|
type: string
|
|
modified:
|
|
example: false
|
|
type: boolean
|
|
revision:
|
|
example: a1b2c3d4e5f6abcdef
|
|
type: string
|
|
vcs:
|
|
example: git
|
|
type: string
|
|
version:
|
|
example: 1.4.2
|
|
type: string
|
|
type: object
|
|
handlers.createUserKeyRequest:
|
|
properties:
|
|
expires_in_hours:
|
|
description: optional TTL
|
|
type: integer
|
|
name:
|
|
type: string
|
|
type: object
|
|
handlers.meResponse:
|
|
properties:
|
|
avatar_url:
|
|
type: string
|
|
created_at:
|
|
format: date-time
|
|
type: string
|
|
display_name:
|
|
type: string
|
|
emails:
|
|
items:
|
|
$ref: '#/components/schemas/models.UserEmail'
|
|
type: array
|
|
uniqueItems: false
|
|
id:
|
|
description: 'example: 3fa85f64-5717-4562-b3fc-2c963f66afa6'
|
|
format: uuid
|
|
type: string
|
|
is_admin:
|
|
type: boolean
|
|
is_disabled:
|
|
type: boolean
|
|
organizations:
|
|
items:
|
|
$ref: '#/components/schemas/models.Organization'
|
|
type: array
|
|
uniqueItems: false
|
|
primary_email:
|
|
type: string
|
|
updated_at:
|
|
format: date-time
|
|
type: string
|
|
type: object
|
|
handlers.memberOut:
|
|
properties:
|
|
email:
|
|
type: string
|
|
role:
|
|
description: owner/admin/member
|
|
type: string
|
|
user_id:
|
|
format: uuid
|
|
type: string
|
|
type: object
|
|
handlers.memberUpsertReq:
|
|
properties:
|
|
role:
|
|
example: member
|
|
type: string
|
|
user_id:
|
|
format: uuid
|
|
type: string
|
|
type: object
|
|
handlers.orgCreateReq:
|
|
properties:
|
|
domain:
|
|
example: acme.com
|
|
type: string
|
|
name:
|
|
example: Acme Corp
|
|
type: string
|
|
type: object
|
|
handlers.orgKeyCreateReq:
|
|
properties:
|
|
expires_in_hours:
|
|
example: 720
|
|
type: integer
|
|
name:
|
|
example: automation-bot
|
|
type: string
|
|
type: object
|
|
handlers.orgKeyCreateResp:
|
|
properties:
|
|
created_at:
|
|
type: string
|
|
expires_at:
|
|
type: string
|
|
id:
|
|
type: string
|
|
name:
|
|
type: string
|
|
org_key:
|
|
description: 'shown once:'
|
|
type: string
|
|
org_secret:
|
|
description: 'shown once:'
|
|
type: string
|
|
scope:
|
|
description: '"org"'
|
|
type: string
|
|
type: object
|
|
handlers.orgUpdateReq:
|
|
properties:
|
|
domain:
|
|
type: string
|
|
name:
|
|
type: string
|
|
type: object
|
|
handlers.updateMeRequest:
|
|
properties:
|
|
display_name:
|
|
type: string
|
|
type: object
|
|
handlers.userAPIKeyOut:
|
|
properties:
|
|
created_at:
|
|
type: string
|
|
expires_at:
|
|
type: string
|
|
id:
|
|
format: uuid
|
|
type: string
|
|
last_used_at:
|
|
type: string
|
|
name:
|
|
type: string
|
|
plain:
|
|
description: 'Shown only on create:'
|
|
type: string
|
|
scope:
|
|
description: '"user"'
|
|
type: string
|
|
type: object
|
|
models.APIKey:
|
|
properties:
|
|
created_at:
|
|
format: date-time
|
|
type: string
|
|
expires_at:
|
|
format: date-time
|
|
type: string
|
|
id:
|
|
format: uuid
|
|
type: string
|
|
last_used_at:
|
|
format: date-time
|
|
type: string
|
|
name:
|
|
type: string
|
|
org_id:
|
|
format: uuid
|
|
type: string
|
|
prefix:
|
|
type: string
|
|
revoked:
|
|
type: boolean
|
|
scope:
|
|
type: string
|
|
updated_at:
|
|
format: date-time
|
|
type: string
|
|
user_id:
|
|
format: uuid
|
|
type: string
|
|
type: object
|
|
models.Organization:
|
|
properties:
|
|
created_at:
|
|
format: date-time
|
|
type: string
|
|
domain:
|
|
type: string
|
|
id:
|
|
description: 'example: 3fa85f64-5717-4562-b3fc-2c963f66afa6'
|
|
format: uuid
|
|
type: string
|
|
name:
|
|
type: string
|
|
updated_at:
|
|
format: date-time
|
|
type: string
|
|
type: object
|
|
models.User:
|
|
properties:
|
|
avatar_url:
|
|
type: string
|
|
created_at:
|
|
format: date-time
|
|
type: string
|
|
display_name:
|
|
type: string
|
|
id:
|
|
description: 'example: 3fa85f64-5717-4562-b3fc-2c963f66afa6'
|
|
format: uuid
|
|
type: string
|
|
is_admin:
|
|
type: boolean
|
|
is_disabled:
|
|
type: boolean
|
|
primary_email:
|
|
type: string
|
|
updated_at:
|
|
format: date-time
|
|
type: string
|
|
type: object
|
|
models.UserEmail:
|
|
properties:
|
|
created_at:
|
|
format: date-time
|
|
type: string
|
|
email:
|
|
type: string
|
|
id:
|
|
description: 'example: 3fa85f64-5717-4562-b3fc-2c963f66afa6'
|
|
format: uuid
|
|
type: string
|
|
is_primary:
|
|
type: boolean
|
|
is_verified:
|
|
type: boolean
|
|
updated_at:
|
|
format: date-time
|
|
type: string
|
|
user:
|
|
$ref: '#/components/schemas/models.User'
|
|
user_id:
|
|
format: uuid
|
|
type: string
|
|
type: object
|
|
utils.ErrorResponse:
|
|
properties:
|
|
code:
|
|
description: |-
|
|
A machine-readable error code, e.g. "validation_error"
|
|
example: validation_error
|
|
type: string
|
|
message:
|
|
description: |-
|
|
Human-readable message
|
|
example: slug is required
|
|
type: string
|
|
type: object
|
|
securitySchemes:
|
|
"":
|
|
description: Org-level secret
|
|
in: header
|
|
name: X-ORG-SECRET
|
|
type: apiKey
|
|
externalDocs:
|
|
description: ""
|
|
url: ""
|
|
info:
|
|
contact:
|
|
name: GlueOps
|
|
description: API for managing K3s clusters across cloud providers
|
|
title: AutoGlue API
|
|
version: "1.0"
|
|
openapi: 3.1.0
|
|
paths:
|
|
/.well-known/jwks.json:
|
|
get:
|
|
description: Returns the JSON Web Key Set for token verification
|
|
operationId: getJWKS
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.JWKS'
|
|
description: OK
|
|
summary: Get JWKS
|
|
tags:
|
|
- Auth
|
|
/admin/archer/jobs:
|
|
get:
|
|
description: Paginated background jobs with optional filters. Search `q` may
|
|
match id, type, error, payload (implementation-dependent).
|
|
operationId: AdminListArcherJobs
|
|
parameters:
|
|
- description: Filter by status
|
|
in: query
|
|
name: status
|
|
schema:
|
|
enum:
|
|
- queued
|
|
- running
|
|
- succeeded
|
|
- failed
|
|
- canceled
|
|
- retrying
|
|
- scheduled
|
|
type: string
|
|
- description: Filter by queue name / worker name
|
|
in: query
|
|
name: queue
|
|
schema:
|
|
type: string
|
|
- description: Free-text search
|
|
in: query
|
|
name: q
|
|
schema:
|
|
type: string
|
|
- description: Page number
|
|
in: query
|
|
name: page
|
|
schema:
|
|
default: 1
|
|
type: integer
|
|
- description: Items per page
|
|
in: query
|
|
name: page_size
|
|
schema:
|
|
default: 25
|
|
maximum: 100
|
|
minimum: 1
|
|
type: integer
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.PageJob'
|
|
description: OK
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: forbidden
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: internal error
|
|
security:
|
|
- BearerAuth: []
|
|
summary: List Archer jobs (admin)
|
|
tags:
|
|
- ArcherAdmin
|
|
post:
|
|
description: Create a job immediately or schedule it for the future via `run_at`.
|
|
operationId: AdminEnqueueArcherJob
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.EnqueueRequest'
|
|
description: Job parameters
|
|
required: true
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.Job'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid json or missing fields
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: forbidden
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: internal error
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Enqueue a new Archer job (admin)
|
|
tags:
|
|
- ArcherAdmin
|
|
/admin/archer/jobs/{id}/cancel:
|
|
post:
|
|
description: Set job status to canceled if cancellable. For running jobs, this
|
|
only affects future picks; wire to Archer if you need active kill.
|
|
operationId: AdminCancelArcherJob
|
|
parameters:
|
|
- description: Job ID
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: object
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.Job'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid job or not cancellable
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: forbidden
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Cancel an Archer job (admin)
|
|
tags:
|
|
- ArcherAdmin
|
|
/admin/archer/jobs/{id}/retry:
|
|
post:
|
|
description: Marks the job retriable (DB flip). Swap this for an Archer admin
|
|
call if you expose one.
|
|
operationId: AdminRetryArcherJob
|
|
parameters:
|
|
- description: Job ID
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: object
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.Job'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid job or not eligible
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: forbidden
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Retry a failed/canceled Archer job (admin)
|
|
tags:
|
|
- ArcherAdmin
|
|
/admin/archer/queues:
|
|
get:
|
|
description: Summary metrics per queue (pending, running, failed, scheduled).
|
|
operationId: AdminListArcherQueues
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
items:
|
|
$ref: '#/components/schemas/dto.QueueInfo'
|
|
type: array
|
|
description: OK
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: forbidden
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: internal error
|
|
security:
|
|
- BearerAuth: []
|
|
summary: List Archer queues (admin)
|
|
tags:
|
|
- ArcherAdmin
|
|
/annotations:
|
|
get:
|
|
description: 'Returns annotations for the organization in X-Org-ID. Filters:
|
|
`key`, `value`, and `q` (key contains). Add `include=node_pools` to include
|
|
linked node pools.'
|
|
operationId: ListAnnotations
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Exact key
|
|
in: query
|
|
name: key
|
|
schema:
|
|
type: string
|
|
- description: Exact value
|
|
in: query
|
|
name: value
|
|
schema:
|
|
type: string
|
|
- description: key contains (case-insensitive)
|
|
in: query
|
|
name: q
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
items:
|
|
$ref: '#/components/schemas/dto.AnnotationResponse'
|
|
type: array
|
|
description: OK
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: failed to list annotations
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: List annotations (org scoped)
|
|
tags:
|
|
- Annotations
|
|
post:
|
|
description: Creates an annotation.
|
|
operationId: CreateAnnotation
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.CreateAnnotationRequest'
|
|
description: Annotation payload
|
|
required: true
|
|
responses:
|
|
"201":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.AnnotationResponse'
|
|
description: Created
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid json / missing fields
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: create failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Create annotation (org scoped)
|
|
tags:
|
|
- Annotations
|
|
/annotations/{id}:
|
|
delete:
|
|
description: Permanently deletes the annotation.
|
|
operationId: DeleteAnnotation
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Annotation ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"204":
|
|
description: No Content
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: delete failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Delete annotation (org scoped)
|
|
tags:
|
|
- Annotations
|
|
get:
|
|
description: Returns one annotation. Add `include=node_pools` to include node
|
|
pools.
|
|
operationId: GetAnnotation
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Annotation ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.AnnotationResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: fetch failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Get annotation by ID (org scoped)
|
|
tags:
|
|
- Annotations
|
|
patch:
|
|
description: Partially update annotation fields.
|
|
operationId: UpdateAnnotation
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Annotation ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.UpdateAnnotationRequest'
|
|
description: Fields to update
|
|
required: true
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.AnnotationResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id / invalid json
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: update failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Update annotation (org scoped)
|
|
tags:
|
|
- Annotations
|
|
/auth/{provider}/callback:
|
|
get:
|
|
operationId: AuthCallback
|
|
parameters:
|
|
- description: google|github
|
|
in: path
|
|
name: provider
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.TokenPair'
|
|
description: OK
|
|
summary: Handle social login callback
|
|
tags:
|
|
- Auth
|
|
/auth/{provider}/start:
|
|
post:
|
|
description: Returns provider authorization URL for the frontend to redirect
|
|
operationId: AuthStart
|
|
parameters:
|
|
- description: google|github
|
|
in: path
|
|
name: provider
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.AuthStartResponse'
|
|
description: OK
|
|
summary: Begin social login
|
|
tags:
|
|
- Auth
|
|
/auth/logout:
|
|
post:
|
|
operationId: Logout
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.LogoutRequest'
|
|
description: Refresh token
|
|
required: true
|
|
responses:
|
|
"204":
|
|
description: No Content
|
|
summary: Revoke refresh token family (logout everywhere)
|
|
tags:
|
|
- Auth
|
|
/auth/refresh:
|
|
post:
|
|
operationId: Refresh
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.RefreshRequest'
|
|
description: Refresh token
|
|
required: true
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.TokenPair'
|
|
description: OK
|
|
summary: Rotate refresh token
|
|
tags:
|
|
- Auth
|
|
/clusters:
|
|
get:
|
|
description: Returns clusters for the organization in X-Org-ID. Filter by `q`
|
|
(name contains).
|
|
operationId: ListClusters
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Name contains (case-insensitive)
|
|
in: query
|
|
name: q
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
items:
|
|
$ref: '#/components/schemas/dto.ClusterResponse'
|
|
type: array
|
|
description: OK
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: failed to list clusters
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: List clusters (org scoped)
|
|
tags:
|
|
- Clusters
|
|
post:
|
|
description: Creates a cluster. Status is managed by the system and starts as
|
|
`pre_pending` for validation.
|
|
operationId: CreateCluster
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.CreateClusterRequest'
|
|
description: payload
|
|
required: true
|
|
responses:
|
|
"201":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.ClusterResponse'
|
|
description: Created
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid json
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: create failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Create cluster (org scoped)
|
|
tags:
|
|
- Clusters
|
|
/clusters/{clusterID}:
|
|
delete:
|
|
description: Deletes the cluster. Related resources are cleaned up via DB constraints
|
|
(e.g. CASCADE).
|
|
operationId: DeleteCluster
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Cluster ID
|
|
in: path
|
|
name: clusterID
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"204":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: deleted
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: bad request
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: cluster not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: db error
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Delete a cluster (org scoped)
|
|
tags:
|
|
- Clusters
|
|
get:
|
|
description: Returns a cluster with all related resources (domain, record set,
|
|
load balancers, bastion, node pools).
|
|
operationId: GetCluster
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Cluster ID
|
|
in: path
|
|
name: clusterID
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.ClusterResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: bad request
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: cluster not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: db error
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Get a single cluster by ID (org scoped)
|
|
tags:
|
|
- Clusters
|
|
patch:
|
|
description: Updates the cluster name, provider, and/or region. Status is managed
|
|
by the system.
|
|
operationId: UpdateCluster
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Cluster ID
|
|
in: path
|
|
name: clusterID
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.UpdateClusterRequest'
|
|
description: payload
|
|
required: true
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.ClusterResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: bad request
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: cluster not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: db error
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Update basic cluster details (org scoped)
|
|
tags:
|
|
- Clusters
|
|
/clusters/{clusterID}/apps-load-balancer:
|
|
delete:
|
|
description: Clears apps_load_balancer_id on the cluster.
|
|
operationId: DetachAppsLoadBalancer
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Cluster ID
|
|
in: path
|
|
name: clusterID
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.ClusterResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: bad request
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: cluster not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: db error
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Detach the apps load balancer from a cluster
|
|
tags:
|
|
- Clusters
|
|
post:
|
|
description: Sets apps_load_balancer_id on the cluster.
|
|
operationId: AttachAppsLoadBalancer
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Cluster ID
|
|
in: path
|
|
name: clusterID
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.AttachLoadBalancerRequest'
|
|
description: payload
|
|
required: true
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.ClusterResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: bad request
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: cluster or load balancer not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: db error
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Attach an apps load balancer to a cluster
|
|
tags:
|
|
- Clusters
|
|
/clusters/{clusterID}/bastion:
|
|
delete:
|
|
description: Clears bastion_server_id on the cluster.
|
|
operationId: DetachBastionServer
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Cluster ID
|
|
in: path
|
|
name: clusterID
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.ClusterResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: bad request
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: cluster not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: db error
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Detach the bastion server from a cluster
|
|
tags:
|
|
- Clusters
|
|
post:
|
|
description: Sets bastion_server_id on the cluster.
|
|
operationId: AttachBastionServer
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Cluster ID
|
|
in: path
|
|
name: clusterID
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.AttachBastionRequest'
|
|
description: payload
|
|
required: true
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.ClusterResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: bad request
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: cluster or server not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: db error
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Attach a bastion server to a cluster
|
|
tags:
|
|
- Clusters
|
|
/clusters/{clusterID}/captain-domain:
|
|
delete:
|
|
description: Clears captain_domain_id on the cluster. This will likely cause
|
|
the cluster to become incomplete.
|
|
operationId: DetachCaptainDomain
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Cluster ID
|
|
in: path
|
|
name: clusterID
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.ClusterResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: bad request
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: cluster not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: db error
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Detach the captain domain from a cluster
|
|
tags:
|
|
- Clusters
|
|
post:
|
|
description: Sets captain_domain_id on the cluster. Validation of shape happens
|
|
asynchronously.
|
|
operationId: AttachCaptainDomain
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Cluster ID
|
|
in: path
|
|
name: clusterID
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.AttachCaptainDomainRequest'
|
|
description: payload
|
|
required: true
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.ClusterResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: bad request
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: cluster or domain not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: db error
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Attach a captain domain to a cluster
|
|
tags:
|
|
- Clusters
|
|
/clusters/{clusterID}/control-plane-record-set:
|
|
delete:
|
|
description: Clears control_plane_record_set_id on the cluster.
|
|
operationId: DetachControlPlaneRecordSet
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Cluster ID
|
|
in: path
|
|
name: clusterID
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.ClusterResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: bad request
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: cluster not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: db error
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Detach the control plane record set from a cluster
|
|
tags:
|
|
- Clusters
|
|
post:
|
|
description: Sets control_plane_record_set_id on the cluster.
|
|
operationId: AttachControlPlaneRecordSet
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Cluster ID
|
|
in: path
|
|
name: clusterID
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.AttachRecordSetRequest'
|
|
description: payload
|
|
required: true
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.ClusterResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: bad request
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: cluster or record set not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: db error
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Attach a control plane record set to a cluster
|
|
tags:
|
|
- Clusters
|
|
/clusters/{clusterID}/glueops-load-balancer:
|
|
delete:
|
|
description: Clears glueops_load_balancer_id on the cluster.
|
|
operationId: DetachGlueOpsLoadBalancer
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Cluster ID
|
|
in: path
|
|
name: clusterID
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.ClusterResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: bad request
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: cluster not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: db error
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Detach the GlueOps/control-plane load balancer from a cluster
|
|
tags:
|
|
- Clusters
|
|
post:
|
|
description: Sets glueops_load_balancer_id on the cluster.
|
|
operationId: AttachGlueOpsLoadBalancer
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Cluster ID
|
|
in: path
|
|
name: clusterID
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.AttachLoadBalancerRequest'
|
|
description: payload
|
|
required: true
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.ClusterResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: bad request
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: cluster or load balancer not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: db error
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Attach a GlueOps/control-plane load balancer to a cluster
|
|
tags:
|
|
- Clusters
|
|
/clusters/{clusterID}/kubeconfig:
|
|
delete:
|
|
description: Removes the encrypted kubeconfig, IV, and tag from the cluster
|
|
record.
|
|
operationId: ClearClusterKubeconfig
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Cluster ID
|
|
in: path
|
|
name: clusterID
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.ClusterResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: bad request
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: cluster not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: db error
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Clear the kubeconfig for a cluster
|
|
tags:
|
|
- Clusters
|
|
post:
|
|
description: Stores the kubeconfig encrypted per organization. The kubeconfig
|
|
is never returned in responses.
|
|
operationId: SetClusterKubeconfig
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Cluster ID
|
|
in: path
|
|
name: clusterID
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.SetKubeconfigRequest'
|
|
description: payload
|
|
required: true
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.ClusterResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: bad request
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: cluster not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: db error
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Set (or replace) the kubeconfig for a cluster
|
|
tags:
|
|
- Clusters
|
|
/credentials:
|
|
get:
|
|
description: Returns credential metadata for the current org. Secrets are never
|
|
returned.
|
|
operationId: ListCredentials
|
|
parameters:
|
|
- description: Organization ID (UUID)
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Filter by provider (e.g., aws)
|
|
in: query
|
|
name: provider
|
|
schema:
|
|
type: string
|
|
- description: Filter by kind (e.g., aws_access_key)
|
|
in: query
|
|
name: kind
|
|
schema:
|
|
type: string
|
|
- description: Filter by scope kind (provider/service/resource)
|
|
in: query
|
|
name: scope_kind
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
items:
|
|
$ref: '#/components/schemas/dto.CredentialOut'
|
|
type: array
|
|
description: OK
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: internal server error
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: List credentials (metadata only)
|
|
tags:
|
|
- Credentials
|
|
post:
|
|
operationId: CreateCredential
|
|
parameters:
|
|
- description: Organization ID (UUID)
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.CreateCredentialRequest'
|
|
description: Credential payload
|
|
required: true
|
|
responses:
|
|
"201":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.CredentialOut'
|
|
description: Created
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: internal server error
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Create a credential (encrypts secret)
|
|
tags:
|
|
- Credentials
|
|
/credentials/{id}:
|
|
delete:
|
|
operationId: DeleteCredential
|
|
parameters:
|
|
- description: Organization ID (UUID)
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Credential ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"204":
|
|
description: No Content
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Delete credential
|
|
tags:
|
|
- Credentials
|
|
get:
|
|
operationId: GetCredential
|
|
parameters:
|
|
- description: Organization ID (UUID)
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Credential ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.CredentialOut'
|
|
description: OK
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: internal server error
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Get credential by ID (metadata only)
|
|
tags:
|
|
- Credentials
|
|
patch:
|
|
operationId: UpdateCredential
|
|
parameters:
|
|
- description: Organization ID (UUID)
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Credential ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.UpdateCredentialRequest'
|
|
description: Fields to update
|
|
required: true
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.CredentialOut'
|
|
description: OK
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: X-Org-ID required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Update credential metadata and/or rotate secret
|
|
tags:
|
|
- Credentials
|
|
/credentials/{id}/reveal:
|
|
post:
|
|
operationId: RevealCredential
|
|
parameters:
|
|
- description: Organization ID (UUID)
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Credential ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: object
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
additionalProperties: {}
|
|
type: object
|
|
description: OK
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Reveal decrypted secret (one-time read)
|
|
tags:
|
|
- Credentials
|
|
/dns/domains:
|
|
get:
|
|
description: 'Returns domains for X-Org-ID. Filters: `domain_name`, `status`,
|
|
`q` (contains).'
|
|
operationId: ListDomains
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Exact domain name (lowercase, no trailing dot)
|
|
in: query
|
|
name: domain_name
|
|
schema:
|
|
type: string
|
|
- description: pending|provisioning|ready|failed
|
|
in: query
|
|
name: status
|
|
schema:
|
|
type: string
|
|
- description: Domain contains (case-insensitive)
|
|
in: query
|
|
name: q
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
items:
|
|
$ref: '#/components/schemas/dto.DomainResponse'
|
|
type: array
|
|
description: OK
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: db error
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: List domains (org scoped)
|
|
tags:
|
|
- DNS
|
|
post:
|
|
description: Creates a domain bound to a Route 53 scoped credential. Archer
|
|
will backfill ZoneID if omitted.
|
|
operationId: CreateDomain
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.CreateDomainRequest'
|
|
description: Domain payload
|
|
required: true
|
|
responses:
|
|
"201":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.DomainResponse'
|
|
description: Created
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: validation error
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: db error
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Create a domain (org scoped)
|
|
tags:
|
|
- DNS
|
|
/dns/domains/{domain_id}/records:
|
|
get:
|
|
description: 'Filters: `name`, `type`, `status`.'
|
|
operationId: ListRecordSets
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Domain ID (UUID)
|
|
in: path
|
|
name: domain_id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
- description: Exact relative name or FQDN (server normalizes)
|
|
in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- description: RR type (A, AAAA, CNAME, TXT, MX, NS, SRV, CAA)
|
|
in: query
|
|
name: type
|
|
schema:
|
|
type: string
|
|
- description: pending|provisioning|ready|failed
|
|
in: query
|
|
name: status
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
items:
|
|
$ref: '#/components/schemas/dto.RecordSetResponse'
|
|
type: array
|
|
description: OK
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: domain not found
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: List record sets for a domain
|
|
tags:
|
|
- DNS
|
|
post:
|
|
operationId: CreateRecordSet
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Domain ID (UUID)
|
|
in: path
|
|
name: domain_id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.CreateRecordSetRequest'
|
|
description: Record set payload
|
|
required: true
|
|
responses:
|
|
"201":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.RecordSetResponse'
|
|
description: Created
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: validation error
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: domain not found
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Create a record set (pending; Archer will UPSERT to Route 53)
|
|
tags:
|
|
- DNS
|
|
/dns/domains/{id}:
|
|
delete:
|
|
operationId: DeleteDomain
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Domain ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"204":
|
|
description: No Content
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Delete a domain
|
|
tags:
|
|
- DNS
|
|
get:
|
|
operationId: GetDomain
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Domain ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.DomainResponse'
|
|
description: OK
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Get a domain (org scoped)
|
|
tags:
|
|
- DNS
|
|
patch:
|
|
operationId: UpdateDomain
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Domain ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.UpdateDomainRequest'
|
|
description: Fields to update
|
|
required: true
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.DomainResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: validation error
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Update a domain (org scoped)
|
|
tags:
|
|
- DNS
|
|
/dns/records/{id}:
|
|
delete:
|
|
operationId: DeleteRecordSet
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Record Set ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"204":
|
|
description: No Content
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Delete a record set (API removes row; worker can optionally handle
|
|
external deletion policy)
|
|
tags:
|
|
- DNS
|
|
patch:
|
|
operationId: UpdateRecordSet
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Record Set ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.UpdateRecordSetRequest'
|
|
description: Fields to update
|
|
required: true
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.RecordSetResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: validation error
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Update a record set (flips to pending for reconciliation)
|
|
tags:
|
|
- DNS
|
|
/healthz:
|
|
get:
|
|
description: Returns 200 OK when the service is up
|
|
operationId: HealthCheck // operationId
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/handlers.HealthStatus'
|
|
description: OK
|
|
summary: Basic health check
|
|
tags:
|
|
- Health
|
|
/labels:
|
|
get:
|
|
description: 'Returns node labels for the organization in X-Org-ID. Filters:
|
|
`key`, `value`, and `q` (key contains). Add `include=node_pools` to include
|
|
linked node groups.'
|
|
operationId: ListLabels
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Exact key
|
|
in: query
|
|
name: key
|
|
schema:
|
|
type: string
|
|
- description: Exact value
|
|
in: query
|
|
name: value
|
|
schema:
|
|
type: string
|
|
- description: Key contains (case-insensitive)
|
|
in: query
|
|
name: q
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
items:
|
|
$ref: '#/components/schemas/dto.LabelResponse'
|
|
type: array
|
|
description: OK
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: failed to list node taints
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: List node labels (org scoped)
|
|
tags:
|
|
- Labels
|
|
post:
|
|
description: Creates a label.
|
|
operationId: CreateLabel
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.CreateLabelRequest'
|
|
description: Label payload
|
|
required: true
|
|
responses:
|
|
"201":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.LabelResponse'
|
|
description: Created
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid json / missing fields / invalid node_pool_ids
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: create failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Create label (org scoped)
|
|
tags:
|
|
- Labels
|
|
/labels/{id}:
|
|
delete:
|
|
description: Permanently deletes the label.
|
|
operationId: DeleteLabel
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Label ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"204":
|
|
description: No Content
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: delete failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Delete label (org scoped)
|
|
tags:
|
|
- Labels
|
|
get:
|
|
description: Returns one label.
|
|
operationId: GetLabel
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Label ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.LabelResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: fetch failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Get label by ID (org scoped)
|
|
tags:
|
|
- Labels
|
|
patch:
|
|
description: Partially update label fields.
|
|
operationId: UpdateLabel
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Label ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.UpdateLabelRequest'
|
|
description: Fields to update
|
|
required: true
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.LabelResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id / invalid json
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: update failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Update label (org scoped)
|
|
tags:
|
|
- Labels
|
|
/load-balancers:
|
|
get:
|
|
description: Returns load balancers for the organization in X-Org-ID.
|
|
operationId: ListLoadBalancers
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
items:
|
|
$ref: '#/components/schemas/dto.LoadBalancerResponse'
|
|
type: array
|
|
description: OK
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: failed to list clusters
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: List load balancers (org scoped)
|
|
tags:
|
|
- LoadBalancers
|
|
post:
|
|
operationId: CreateLoadBalancer
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.CreateLoadBalancerRequest'
|
|
description: Record set payload
|
|
required: true
|
|
responses:
|
|
"201":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.LoadBalancerResponse'
|
|
description: Created
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: validation error
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: domain not found
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Create a load balancer
|
|
tags:
|
|
- LoadBalancers
|
|
/load-balancers/{id}:
|
|
delete:
|
|
operationId: DeleteLoadBalancer
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Load Balancer ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"204":
|
|
description: No Content
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Delete a load balancer
|
|
tags:
|
|
- LoadBalancers
|
|
get:
|
|
description: Returns load balancer for the organization in X-Org-ID.
|
|
operationId: GetLoadBalancers
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: LoadBalancer ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
items:
|
|
$ref: '#/components/schemas/dto.LoadBalancerResponse'
|
|
type: array
|
|
description: OK
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: failed to list clusters
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Get a load balancer (org scoped)
|
|
tags:
|
|
- LoadBalancers
|
|
patch:
|
|
operationId: UpdateLoadBalancer
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Load Balancer ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.UpdateLoadBalancerRequest'
|
|
description: Fields to update
|
|
required: true
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.LoadBalancerResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: validation error
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Update a load balancer (org scoped)
|
|
tags:
|
|
- LoadBalancers
|
|
/me:
|
|
get:
|
|
operationId: GetMe
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/handlers.meResponse'
|
|
description: OK
|
|
security:
|
|
- BearerAuth: []
|
|
- ApiKeyAuth: []
|
|
summary: Get current user profile
|
|
tags:
|
|
- Me
|
|
patch:
|
|
operationId: UpdateMe
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/handlers.updateMeRequest'
|
|
description: Patch profile
|
|
required: true
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/models.User'
|
|
description: OK
|
|
security:
|
|
- BearerAuth: []
|
|
- ApiKeyAuth: []
|
|
summary: Update current user profile
|
|
tags:
|
|
- Me
|
|
/me/api-keys:
|
|
get:
|
|
operationId: ListUserAPIKeys
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
items:
|
|
$ref: '#/components/schemas/handlers.userAPIKeyOut'
|
|
type: array
|
|
description: OK
|
|
security:
|
|
- BearerAuth: []
|
|
- ApiKeyAuth: []
|
|
summary: List my API keys
|
|
tags:
|
|
- MeAPIKeys
|
|
post:
|
|
description: Returns the plaintext key once. Store it securely on the client
|
|
side.
|
|
operationId: CreateUserAPIKey
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/handlers.createUserKeyRequest'
|
|
description: Key options
|
|
required: true
|
|
responses:
|
|
"201":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/handlers.userAPIKeyOut'
|
|
description: Created
|
|
security:
|
|
- BearerAuth: []
|
|
- ApiKeyAuth: []
|
|
summary: Create a new user API key
|
|
tags:
|
|
- MeAPIKeys
|
|
/me/api-keys/{id}:
|
|
delete:
|
|
operationId: DeleteUserAPIKey
|
|
parameters:
|
|
- description: Key ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"204":
|
|
description: No Content
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Delete a user API key
|
|
tags:
|
|
- MeAPIKeys
|
|
/node-pools:
|
|
get:
|
|
description: Returns node pools for the organization in X-Org-ID.
|
|
operationId: ListNodePools
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Name contains (case-insensitive)
|
|
in: query
|
|
name: q
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
items:
|
|
$ref: '#/components/schemas/dto.NodePoolResponse'
|
|
type: array
|
|
description: OK
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: failed to list node pools
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: List node pools (org scoped)
|
|
tags:
|
|
- NodePools
|
|
post:
|
|
description: Creates a node pool. Optionally attach initial servers.
|
|
operationId: CreateNodePool
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.CreateNodePoolRequest'
|
|
description: NodePool payload
|
|
required: true
|
|
responses:
|
|
"201":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.NodePoolResponse'
|
|
description: Created
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid json / missing fields / invalid server_ids
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: create failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Create node pool (org scoped)
|
|
tags:
|
|
- NodePools
|
|
/node-pools/{id}:
|
|
delete:
|
|
description: Permanently deletes the node pool.
|
|
operationId: DeleteNodePool
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Node Pool ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"204":
|
|
description: No Content
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: delete failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Delete node pool (org scoped)
|
|
tags:
|
|
- NodePools
|
|
get:
|
|
description: Returns one node pool. Add `include=servers` to include servers.
|
|
operationId: GetNodePool
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Node Pool ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.NodePoolResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: fetch failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Get node pool by ID (org scoped)
|
|
tags:
|
|
- NodePools
|
|
patch:
|
|
description: Partially update node pool fields.
|
|
operationId: UpdateNodePool
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Node Pool ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.UpdateNodePoolRequest'
|
|
description: Fields to update
|
|
required: true
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.NodePoolResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id / invalid json
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: update failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Update node pool (org scoped)
|
|
tags:
|
|
- NodePools
|
|
/node-pools/{id}/annotations:
|
|
get:
|
|
operationId: ListNodePoolAnnotations
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Node Pool ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
items:
|
|
$ref: '#/components/schemas/dto.AnnotationResponse'
|
|
type: array
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: fetch failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: List annotations attached to a node pool (org scoped)
|
|
tags:
|
|
- NodePools
|
|
post:
|
|
operationId: AttachNodePoolAnnotations
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Node Group ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.AttachAnnotationsRequest'
|
|
description: Annotation IDs to attach
|
|
required: true
|
|
responses:
|
|
"204":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: No Content
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id / invalid server_ids
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: attach failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Attach annotation to a node pool (org scoped)
|
|
tags:
|
|
- NodePools
|
|
/node-pools/{id}/annotations/{annotationId}:
|
|
delete:
|
|
operationId: DetachNodePoolAnnotation
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Node Pool ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
- description: Annotation ID (UUID)
|
|
in: path
|
|
name: annotationId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"204":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: No Content
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: detach failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Detach one annotation from a node pool (org scoped)
|
|
tags:
|
|
- NodePools
|
|
/node-pools/{id}/labels:
|
|
get:
|
|
operationId: ListNodePoolLabels
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Label Pool ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
items:
|
|
$ref: '#/components/schemas/dto.LabelResponse'
|
|
type: array
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: fetch failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: List labels attached to a node pool (org scoped)
|
|
tags:
|
|
- NodePools
|
|
post:
|
|
operationId: AttachNodePoolLabels
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Node Pool ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.AttachLabelsRequest'
|
|
description: Label IDs to attach
|
|
required: true
|
|
responses:
|
|
"204":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: No Content
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id / invalid server_ids
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: attach failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Attach labels to a node pool (org scoped)
|
|
tags:
|
|
- NodePools
|
|
/node-pools/{id}/labels/{labelId}:
|
|
delete:
|
|
operationId: DetachNodePoolLabel
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Node Pool ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
- description: Label ID (UUID)
|
|
in: path
|
|
name: labelId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"204":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: No Content
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: detach failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Detach one label from a node pool (org scoped)
|
|
tags:
|
|
- NodePools
|
|
/node-pools/{id}/servers:
|
|
get:
|
|
operationId: ListNodePoolServers
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Node Pool ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
items:
|
|
$ref: '#/components/schemas/dto.ServerResponse'
|
|
type: array
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: fetch failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: List servers attached to a node pool (org scoped)
|
|
tags:
|
|
- NodePools
|
|
post:
|
|
operationId: AttachNodePoolServers
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Node Pool ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.AttachServersRequest'
|
|
description: Server IDs to attach
|
|
required: true
|
|
responses:
|
|
"204":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: No Content
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id / invalid server_ids
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: attach failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Attach servers to a node pool (org scoped)
|
|
tags:
|
|
- NodePools
|
|
/node-pools/{id}/servers/{serverId}:
|
|
delete:
|
|
operationId: DetachNodePoolServer
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Node Pool ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
- description: Server ID (UUID)
|
|
in: path
|
|
name: serverId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"204":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: No Content
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: detach failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Detach one server from a node pool (org scoped)
|
|
tags:
|
|
- NodePools
|
|
/node-pools/{id}/taints:
|
|
get:
|
|
operationId: ListNodePoolTaints
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Node Pool ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
items:
|
|
$ref: '#/components/schemas/dto.TaintResponse'
|
|
type: array
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: fetch failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: List taints attached to a node pool (org scoped)
|
|
tags:
|
|
- NodePools
|
|
post:
|
|
operationId: AttachNodePoolTaints
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Node Pool ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.AttachTaintsRequest'
|
|
description: Taint IDs to attach
|
|
required: true
|
|
responses:
|
|
"204":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: No Content
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id / invalid taint_ids
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: attach failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Attach taints to a node pool (org scoped)
|
|
tags:
|
|
- NodePools
|
|
/node-pools/{id}/taints/{taintId}:
|
|
delete:
|
|
operationId: DetachNodePoolTaint
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Node Pool ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
- description: Taint ID (UUID)
|
|
in: path
|
|
name: taintId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"204":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: No Content
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: detach failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Detach one taint from a node pool (org scoped)
|
|
tags:
|
|
- NodePools
|
|
/orgs:
|
|
get:
|
|
operationId: listMyOrgs
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
items:
|
|
$ref: '#/components/schemas/models.Organization'
|
|
type: array
|
|
description: OK
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/utils.ErrorResponse'
|
|
description: Unauthorized
|
|
security:
|
|
- BearerAuth: []
|
|
summary: List organizations I belong to
|
|
tags:
|
|
- Orgs
|
|
post:
|
|
operationId: createOrg
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/handlers.orgCreateReq'
|
|
description: Org payload
|
|
required: true
|
|
responses:
|
|
"201":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/models.Organization'
|
|
description: Created
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/utils.ErrorResponse'
|
|
description: Bad Request
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/utils.ErrorResponse'
|
|
description: Unauthorized
|
|
"409":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/utils.ErrorResponse'
|
|
description: Conflict
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Create organization
|
|
tags:
|
|
- Orgs
|
|
/orgs/{id}:
|
|
delete:
|
|
operationId: deleteOrg
|
|
parameters:
|
|
- description: Org ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"204":
|
|
description: Deleted
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/utils.ErrorResponse'
|
|
description: Unauthorized
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/utils.ErrorResponse'
|
|
description: Not Found
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Delete organization (owner)
|
|
tags:
|
|
- Orgs
|
|
get:
|
|
operationId: getOrg
|
|
parameters:
|
|
- description: Org ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/models.Organization'
|
|
description: OK
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/utils.ErrorResponse'
|
|
description: Unauthorized
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/utils.ErrorResponse'
|
|
description: Not Found
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Get organization
|
|
tags:
|
|
- Orgs
|
|
patch:
|
|
operationId: updateOrg
|
|
parameters:
|
|
- description: Org ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/handlers.orgUpdateReq'
|
|
description: Update payload
|
|
required: true
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/models.Organization'
|
|
description: OK
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/utils.ErrorResponse'
|
|
description: Unauthorized
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/utils.ErrorResponse'
|
|
description: Not Found
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Update organization (owner/admin)
|
|
tags:
|
|
- Orgs
|
|
/orgs/{id}/api-keys:
|
|
get:
|
|
operationId: listOrgKeys
|
|
parameters:
|
|
- description: Org ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
items:
|
|
$ref: '#/components/schemas/models.APIKey'
|
|
type: array
|
|
description: OK
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/utils.ErrorResponse'
|
|
description: Unauthorized
|
|
security:
|
|
- BearerAuth: []
|
|
summary: List org-scoped API keys (no secrets)
|
|
tags:
|
|
- Orgs
|
|
post:
|
|
operationId: createOrgKey
|
|
parameters:
|
|
- description: Org ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/handlers.orgKeyCreateReq'
|
|
description: Key name + optional expiry
|
|
required: true
|
|
responses:
|
|
"201":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/handlers.orgKeyCreateResp'
|
|
description: Created
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/utils.ErrorResponse'
|
|
description: Unauthorized
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Create org key/secret pair (owner/admin)
|
|
tags:
|
|
- Orgs
|
|
/orgs/{id}/api-keys/{key_id}:
|
|
delete:
|
|
operationId: deleteOrgKey
|
|
parameters:
|
|
- description: Org ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
- description: Key ID (UUID)
|
|
in: path
|
|
name: key_id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"204":
|
|
description: Deleted
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/utils.ErrorResponse'
|
|
description: Unauthorized
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Delete org key (owner/admin)
|
|
tags:
|
|
- Orgs
|
|
/orgs/{id}/members:
|
|
get:
|
|
operationId: listMembers
|
|
parameters:
|
|
- description: Org ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
items:
|
|
$ref: '#/components/schemas/handlers.memberOut'
|
|
type: array
|
|
description: OK
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/utils.ErrorResponse'
|
|
description: Unauthorized
|
|
security:
|
|
- BearerAuth: []
|
|
summary: List members in org
|
|
tags:
|
|
- Orgs
|
|
post:
|
|
operationId: addOrUpdateMember
|
|
parameters:
|
|
- description: Org ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/handlers.memberUpsertReq'
|
|
description: User & role
|
|
required: true
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/handlers.memberOut'
|
|
description: OK
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/utils.ErrorResponse'
|
|
description: Unauthorized
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Add or update a member (owner/admin)
|
|
tags:
|
|
- Orgs
|
|
/orgs/{id}/members/{user_id}:
|
|
delete:
|
|
operationId: removeMember
|
|
parameters:
|
|
- description: Org ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
- description: User ID (UUID)
|
|
in: path
|
|
name: user_id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"204":
|
|
description: Removed
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/utils.ErrorResponse'
|
|
description: Unauthorized
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Remove a member (owner/admin)
|
|
tags:
|
|
- Orgs
|
|
/servers:
|
|
get:
|
|
description: 'Returns servers for the organization in X-Org-ID. Optional filters:
|
|
status, role.'
|
|
operationId: ListServers
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Filter by status (pending|provisioning|ready|failed)
|
|
in: query
|
|
name: status
|
|
schema:
|
|
type: string
|
|
- description: Filter by role
|
|
in: query
|
|
name: role
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
items:
|
|
$ref: '#/components/schemas/dto.ServerResponse'
|
|
type: array
|
|
description: OK
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: failed to list servers
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: List servers (org scoped)
|
|
tags:
|
|
- Servers
|
|
post:
|
|
description: Creates a server bound to the org in X-Org-ID. Validates that ssh_key_id
|
|
belongs to the org.
|
|
operationId: CreateServer
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.CreateServerRequest'
|
|
description: Server payload
|
|
required: true
|
|
responses:
|
|
"201":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.ServerResponse'
|
|
description: Created
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid json / missing fields / invalid status / invalid ssh_key_id
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: create failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Create server (org scoped)
|
|
tags:
|
|
- Servers
|
|
/servers/{id}:
|
|
delete:
|
|
description: Permanently deletes the server.
|
|
operationId: DeleteServer
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Server ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"204":
|
|
description: No Content
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: delete failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Delete server (org scoped)
|
|
tags:
|
|
- Servers
|
|
get:
|
|
description: Returns one server in the given organization.
|
|
operationId: GetServer
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Server ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.ServerResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: fetch failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Get server by ID (org scoped)
|
|
tags:
|
|
- Servers
|
|
patch:
|
|
description: Partially update fields; changing ssh_key_id validates ownership.
|
|
operationId: UpdateServer
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Server ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.UpdateServerRequest'
|
|
description: Fields to update
|
|
required: true
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.ServerResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id / invalid json / invalid status / invalid ssh_key_id
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: update failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Update server (org scoped)
|
|
tags:
|
|
- Servers
|
|
/servers/{id}/reset-hostkey:
|
|
post:
|
|
description: Clears the stored SSH host key for this server. The next SSH connection
|
|
will re-learn the host key (trust-on-first-use).
|
|
operationId: ResetServerHostKey
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Server ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: object
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.ServerResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: reset failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Reset SSH host key (org scoped)
|
|
tags:
|
|
- Servers
|
|
/ssh:
|
|
get:
|
|
description: Returns ssh keys for the organization in X-Org-ID.
|
|
operationId: ListPublicSshKeys
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
items:
|
|
$ref: '#/components/schemas/dto.SshResponse'
|
|
type: array
|
|
description: OK
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: failed to list keys
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: List ssh keys (org scoped)
|
|
tags:
|
|
- Ssh
|
|
post:
|
|
description: Generates an RSA or ED25519 keypair, saves it, and returns metadata.
|
|
For RSA you may set bits (2048/3072/4096). Default is 4096. ED25519 ignores
|
|
bits.
|
|
operationId: CreateSSHKey
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.CreateSSHRequest'
|
|
description: Key generation options
|
|
required: true
|
|
responses:
|
|
"201":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.SshResponse'
|
|
description: Created
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid json / invalid bits
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: generation/create failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Create ssh keypair (org scoped)
|
|
tags:
|
|
- Ssh
|
|
/ssh/{id}:
|
|
delete:
|
|
description: Permanently deletes a keypair.
|
|
operationId: DeleteSSHKey
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: SSH Key ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"204":
|
|
description: No Content
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: delete failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Delete ssh keypair (org scoped)
|
|
tags:
|
|
- Ssh
|
|
get:
|
|
description: Returns public key fields. Append `?reveal=true` to include the
|
|
private key PEM.
|
|
operationId: GetSSHKey
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: SSH Key ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
- description: Reveal private key PEM
|
|
in: query
|
|
name: reveal
|
|
schema:
|
|
type: boolean
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
oneOf:
|
|
- $ref: '#/components/schemas/dto.SshResponse'
|
|
- $ref: '#/components/schemas/dto.SshRevealResponse'
|
|
description: When reveal=true
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: fetch failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Get ssh key by ID (org scoped)
|
|
tags:
|
|
- Ssh
|
|
/ssh/{id}/download:
|
|
get:
|
|
description: Download `part=public|private|both` of the keypair. `both` returns
|
|
a zip file.
|
|
operationId: DownloadSSHKey
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
required: true
|
|
schema:
|
|
type: string
|
|
- description: SSH Key ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
- description: Which part to download
|
|
in: query
|
|
name: part
|
|
required: true
|
|
schema:
|
|
enum:
|
|
- public
|
|
- private
|
|
- both
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: file content
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id / invalid part
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: download failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Download ssh key files by ID (org scoped)
|
|
tags:
|
|
- Ssh
|
|
/taints:
|
|
get:
|
|
description: 'Returns node taints for the organization in X-Org-ID. Filters:
|
|
`key`, `value`, and `q` (key contains). Add `include=node_pools` to include
|
|
linked node pools.'
|
|
operationId: ListTaints
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Exact key
|
|
in: query
|
|
name: key
|
|
schema:
|
|
type: string
|
|
- description: Exact value
|
|
in: query
|
|
name: value
|
|
schema:
|
|
type: string
|
|
- description: key contains (case-insensitive)
|
|
in: query
|
|
name: q
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
items:
|
|
$ref: '#/components/schemas/dto.TaintResponse'
|
|
type: array
|
|
description: OK
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: failed to list node taints
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: List node pool taints (org scoped)
|
|
tags:
|
|
- Taints
|
|
post:
|
|
description: Creates a taint.
|
|
operationId: CreateTaint
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.CreateTaintRequest'
|
|
description: Taint payload
|
|
required: true
|
|
responses:
|
|
"201":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.TaintResponse'
|
|
description: Created
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid json / missing fields / invalid node_pool_ids
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: create failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Create node taint (org scoped)
|
|
tags:
|
|
- Taints
|
|
/taints/{id}:
|
|
delete:
|
|
description: Permanently deletes the taint.
|
|
operationId: DeleteTaint
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Node Taint ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"204":
|
|
description: No Content
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: delete failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Delete taint (org scoped)
|
|
tags:
|
|
- Taints
|
|
get:
|
|
operationId: GetTaint
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Node Taint ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.TaintResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: fetch failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Get node taint by ID (org scoped)
|
|
tags:
|
|
- Taints
|
|
patch:
|
|
description: Partially update taint fields.
|
|
operationId: UpdateTaint
|
|
parameters:
|
|
- description: Organization UUID
|
|
in: header
|
|
name: X-Org-ID
|
|
schema:
|
|
type: string
|
|
- description: Node Taint ID (UUID)
|
|
in: path
|
|
name: id
|
|
required: true
|
|
schema:
|
|
type: string
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.UpdateTaintRequest'
|
|
description: Fields to update
|
|
required: true
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/dto.TaintResponse'
|
|
description: OK
|
|
"400":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: invalid id / invalid json
|
|
"401":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: Unauthorized
|
|
"403":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: organization required
|
|
"404":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: not found
|
|
"500":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
description: update failed
|
|
security:
|
|
- BearerAuth: []
|
|
- OrgKeyAuth: []
|
|
- OrgSecretAuth: []
|
|
summary: Update node taint (org scoped)
|
|
tags:
|
|
- Taints
|
|
/version:
|
|
get:
|
|
description: Returns build/runtime metadata for the running service.
|
|
operationId: Version // operationId
|
|
responses:
|
|
"200":
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/handlers.VersionResponse'
|
|
description: OK
|
|
summary: Service version information
|
|
tags:
|
|
- Meta
|
|
servers:
|
|
- description: Production API
|
|
url: https://autoglue.onglueops.rocks/api/v1
|
|
- description: Staging API
|
|
url: https://autoglue.apps.nonprod.earth.onglueops.rocks/api/v1
|
|
- description: Local dev
|
|
url: http://localhost:8080/api/v1
|