1package api 2 3// keyringRequest is used for performing Keyring operations 4type keyringRequest struct { 5 Key string 6} 7 8// KeyringResponse is returned when listing the gossip encryption keys 9type KeyringResponse struct { 10 // Whether this response is for a WAN ring 11 WAN bool 12 13 // The datacenter name this request corresponds to 14 Datacenter string 15 16 // Segment has the network segment this request corresponds to. 17 Segment string 18 19 // Messages has information or errors from serf 20 Messages map[string]string `json:",omitempty"` 21 22 // A map of the encryption keys to the number of nodes they're installed on 23 Keys map[string]int 24 25 // A map of the encryption primary keys to the number of nodes they're installed on 26 PrimaryKeys map[string]int 27 28 // The total number of nodes in this ring 29 NumNodes int 30} 31 32// KeyringInstall is used to install a new gossip encryption key into the cluster 33func (op *Operator) KeyringInstall(key string, q *WriteOptions) error { 34 r := op.c.newRequest("POST", "/v1/operator/keyring") 35 r.setWriteOptions(q) 36 r.obj = keyringRequest{ 37 Key: key, 38 } 39 _, resp, err := requireOK(op.c.doRequest(r)) 40 if err != nil { 41 return err 42 } 43 closeResponseBody(resp) 44 return nil 45} 46 47// KeyringList is used to list the gossip keys installed in the cluster 48func (op *Operator) KeyringList(q *QueryOptions) ([]*KeyringResponse, error) { 49 r := op.c.newRequest("GET", "/v1/operator/keyring") 50 r.setQueryOptions(q) 51 _, resp, err := requireOK(op.c.doRequest(r)) 52 if err != nil { 53 return nil, err 54 } 55 defer closeResponseBody(resp) 56 57 var out []*KeyringResponse 58 if err := decodeBody(resp, &out); err != nil { 59 return nil, err 60 } 61 return out, nil 62} 63 64// KeyringRemove is used to remove a gossip encryption key from the cluster 65func (op *Operator) KeyringRemove(key string, q *WriteOptions) error { 66 r := op.c.newRequest("DELETE", "/v1/operator/keyring") 67 r.setWriteOptions(q) 68 r.obj = keyringRequest{ 69 Key: key, 70 } 71 _, resp, err := requireOK(op.c.doRequest(r)) 72 if err != nil { 73 return err 74 } 75 closeResponseBody(resp) 76 return nil 77} 78 79// KeyringUse is used to change the active gossip encryption key 80func (op *Operator) KeyringUse(key string, q *WriteOptions) error { 81 r := op.c.newRequest("PUT", "/v1/operator/keyring") 82 r.setWriteOptions(q) 83 r.obj = keyringRequest{ 84 Key: key, 85 } 86 _, resp, err := requireOK(op.c.doRequest(r)) 87 if err != nil { 88 return err 89 } 90 closeResponseBody(resp) 91 return nil 92} 93