1package api 2 3// keyringRequest is used for performing Keyring operations 4type keyringRequest struct { 5 Key string 6} 7 8// KeyringResponse is returned when listing the gossip encryption keys 9type KeyringResponse struct { 10 // Whether this response is for a WAN ring 11 WAN bool 12 13 // The datacenter name this request corresponds to 14 Datacenter string 15 16 // Segment has the network segment this request corresponds to. 17 Segment string 18 19 // Messages has information or errors from serf 20 Messages map[string]string `json:",omitempty"` 21 22 // A map of the encryption keys to the number of nodes they're installed on 23 Keys map[string]int 24 25 // The total number of nodes in this ring 26 NumNodes int 27} 28 29// KeyringInstall is used to install a new gossip encryption key into the cluster 30func (op *Operator) KeyringInstall(key string, q *WriteOptions) error { 31 r := op.c.newRequest("POST", "/v1/operator/keyring") 32 r.setWriteOptions(q) 33 r.obj = keyringRequest{ 34 Key: key, 35 } 36 _, resp, err := requireOK(op.c.doRequest(r)) 37 if err != nil { 38 return err 39 } 40 resp.Body.Close() 41 return nil 42} 43 44// KeyringList is used to list the gossip keys installed in the cluster 45func (op *Operator) KeyringList(q *QueryOptions) ([]*KeyringResponse, error) { 46 r := op.c.newRequest("GET", "/v1/operator/keyring") 47 r.setQueryOptions(q) 48 _, resp, err := requireOK(op.c.doRequest(r)) 49 if err != nil { 50 return nil, err 51 } 52 defer resp.Body.Close() 53 54 var out []*KeyringResponse 55 if err := decodeBody(resp, &out); err != nil { 56 return nil, err 57 } 58 return out, nil 59} 60 61// KeyringRemove is used to remove a gossip encryption key from the cluster 62func (op *Operator) KeyringRemove(key string, q *WriteOptions) error { 63 r := op.c.newRequest("DELETE", "/v1/operator/keyring") 64 r.setWriteOptions(q) 65 r.obj = keyringRequest{ 66 Key: key, 67 } 68 _, resp, err := requireOK(op.c.doRequest(r)) 69 if err != nil { 70 return err 71 } 72 resp.Body.Close() 73 return nil 74} 75 76// KeyringUse is used to change the active gossip encryption key 77func (op *Operator) KeyringUse(key string, q *WriteOptions) error { 78 r := op.c.newRequest("PUT", "/v1/operator/keyring") 79 r.setWriteOptions(q) 80 r.obj = keyringRequest{ 81 Key: key, 82 } 83 _, resp, err := requireOK(op.c.doRequest(r)) 84 if err != nil { 85 return err 86 } 87 resp.Body.Close() 88 return nil 89} 90