ibm-cloud / bluemix-go Goto Github PK
View Code? Open in Web Editor NEWGo library for accessing the Bluemix API
License: Apache License 2.0
Go library for accessing the Bluemix API
License: Apache License 2.0
When a resource instance for hpvs is required to be created via terraform it need a sshkey to be passed in . The current client structure does not permit that
CreateServiceInstanceRequest struct {
Name string json:"name"
ServicePlanID string json:"resource_plan_id"
ResourceGroupID string json:"resource_group_id"
Crn string json:"crn,omitempty"
Tags []string json:"tags,omitempty"
Parameters map[string]interface{} json:"parameters,omitempty"
TargetCrn string json:"target_crn"
}
If we are to create the hpvs via terraform this structure needs to be update to add the SSHKey as well.
Some examples still use the old path [1]: github.com/IBM-Bluemix/bluemix-go
.... Although this does not produce any error, will it be better to update the path to ``github.com/IBM-Cloud/...?
Some services e.g., Watson discovery and conversation has to be deleted with the parameter async=true
.
This parameter should be exposed in the method definition, e.g.,
Create(req ServiceInstanceCreateRequest, async bool) (*ServiceInstanceFields, error)
Delete(instanceGUID string, async bool) error
The API sometimes timeouts due to different network errors. On some occasions we can simply retry to see if things can work again. We had the implementation in the rest client. But we are re-using the code from the bluemix-cli-sdk now which doesn't have it.
We need to see the appropriate place to put the logic to be re-usable across the SDK.
Support interacting with cluster addons
Swagger docs: https://containers.cloud.ibm.com/global/swagger-global-api/#/clusters/ManageClusterAddons
As /v1/kube-versions
is deprecated now, we need to support /v1/versions
to get available k8s and openshift versions.
https://containers.cloud.ibm.com/global/swagger-global-api/#/util/GetKubeVersions
These should be added to make current functions variadic so as not to break existing APIs
https://github.com/IBM-Bluemix/bluemix-go/blob/master/api/mccp/mccpv2/spaces.go#L212
https://apidocs.cloudfoundry.org/272/spaces/creating_a_space.html - no mention of accepts_incomplete and async
Find all such instances.
Add support for resource services
https://github.com/IBM-Cloud/bluemix-go/blob/master/api/cis/cisv1/dns.go#L110
The method used should be Put according to CIS documentation. This fails with 405 Method not allowed error
.
Need to be able to list the vlans within a DC for provisioning a cluster.
https://us-south.containers.bluemix.net/swagger-api/#!/properties/GetDatacenterVLANs
I have the code working for the support of this, please let me know how to contribute
Request failed with status code: 400, BXNIM0106E: Validation of property 'response_type' with value '[uaa, cloud_iam]' failed. Valid values: 'cloud_iam'
bluemix-go/authentication/iam.go
Line 107 in 00b345f
Thoughts?
Based upon the bluemix container doc, container cluster does not belong to a particular space.
The latest bluemix-go failed to download a container configuration file with empty space string.
There are many important packages, like mccp, account. Refresh the godoc does not help solve the issue.
Have a customer who reports that he cannot find this option in bluemix console:
"Login to Bluemix to create one if you don't already have one. Follow Manage -> Account -> Users. Click on Bluemix API Keys"
https://github.com/IBM-Cloud/bluemix-go
The correct way to create an API key for your user identity in the Bluemix UI is as follows:
Go to Manage > Security > Platform API keys.
Click Create API key.
Enter a name and description for your API key.
Click Create API key.
https://console.bluemix.net/docs/iam/userid_keys.html#userapikey
The sdk for kubernete cluster seems out of date. Can it be updated with the latest API spec?
This appears to be orphaned code as after 2 years this is still at v0.1.
Is this library going to be replaced with a production lib anytime soon?
My config looks like
config := &bluemixgo.Config{
IBMID: "[email protected]",
IBMIDPassword: "XXXXXXX",
Region: "us-south",
}
sess, err := session.New(config)
if err != nil {
return nil, fmt.Errorf("fail to create bx session %v", err)
}
I got the following error
REQUEST: [2017-07-07T15:58:40Z]
POST /UAALoginServerWAR/oauth/token HTTP/1.1
Host: login.ng.bluemix.net
Accept: application/json
Authorization: [PRIVATE DATA HIDDEN]
Content-Type: application/x-www-form-urlencoded
User-Agent: Blumix-go SDK 0.1 / linux
grant_type=password&password=[PRIVATE DATA HIDDEN]&scope=&username=kangh%40us.ibm.com
RESPONSE: [2017-07-07T15:58:40Z] Elapsed: 614ms
HTTP/1.1 403 Forbidden
Connection: close
Content-Length: 146
Cache-Control: max-age=0, no-cache, no-store
Content-Language: en-US
Content-Security-Policy: default-src 'self' www.ibm.com 'unsafe-inline';
Content-Type: application/json;charset=UTF-8
Date: Fri, 07 Jul 2017 15:58:40 GMT
Expires: Fri, 07 Jul 2017 15:58:40 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=2592000 ; includeSubDomains
X-Backside-Transport: FAIL FAIL
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Global-Transaction-Id: 817351727
X-Powered-By: Servlet/3.1
X-Xss-Protection: 1
{"error_description":"BMXLS0202E: You are using a federated user ID, please use one time code to login with option --sso.","error":"unauthorized"}
FATA[2017-17-07 15:58:40] fail to create bx mccpv2 session: Request failed with status code: 403, unauthorized: BMXLS0202E: You are using a federated user ID, please use one time code to login with option --sso.
My question is what is the correct configuration I can use to connect to my bluemix account. Thanks.
I noticed that the bluemix-go has been moved from IBM-Bluemix namespace to IBM-Cloud. Will this affect the godoc reference page [1]? I think several packages are missing such as mccpv2, containers, etc; the refresh link does not help either.
Implement the CRUD listed here:
https://apidocs.cloudfoundry.org/235/#service-bindings
The method CreateKey(CreateServiceKeyRequest) has the ability to create multiple service credential with the same name for a cloud instance.
This is not allowed in the IBM Cloud console UI as it gives a warning "Service Credential with the same name already exists".
Can we have the same functionality in the SDK as well?
serviceKey, err = resourceSession.CreateKey(controller.CreateServiceKeyRequest{
Name: "ift-cloud-object-202002121943",
SourceCRN: parseInstanceCRN,
Parameters: map[string]interface{}{
"HMAC": true,
},
})
When executed n times, the cloud instance has n "ift-cloud-object-202002121943" service credential.
It seems that the v2container all resolves to /v2/vpc
path for get, list, create, delete clusters. Is there any plan to support the classic
type?
Or people should just use v1container for those type of clusters?
Thanks.
When uploading or downloading large streams of data, the tracing facility imposes a large tax. Perhaps the default should allow it to be disabled.
Work around is to define a cluster HTTPClient in the config without the trace wrapper.
func NewHTTPClient(config *ibmcloud.Config) *http.Client {
return &http.Client{
Transport: makeTransport(config),
Timeout: config.HTTPTimeout,
}
}
func makeTransport(config *ibmcloud.Config) http.RoundTripper {
return &http.Transport{
Proxy: http.ProxyFromEnvironment,
Dial: (&net.Dialer{
Timeout: 50 * time.Second,
KeepAlive: 30 * time.Second,
}).Dial,
TLSHandshakeTimeout: 20 * time.Second,
DisableCompression: true,
TLSClientConfig: &tls.Config{
InsecureSkipVerify: config.SSLDisable,
},
}
}
...
c.HTTPConfig = NewHTTPClient(c)
When I follow the sample code to provision a discovery service and then update the servicekey. The update call returns the following error:
ServerErrorResponse: {
"description": "An operation for service instance test-1-discovery is in progress.",
"error_code": "CF-AsyncServiceInstanceOperationInProgress",
"code": 60016
}
My code looks like
myService, err := serviceInstanceAPI.Create(mccpv2.ServiceInstanceCreateRequest
updatedInstance, err := serviceInstanceAPI.Update(myService.Metadata.GUID, mccpv2.ServiceInstanceUpdateRequest{
Name: helpers.String(service.InstanceName),
})
My question is is there anyway to check the status of the service instance by the GUID and then call the update. Thanks.
Problem
Cloud Internet Services has the concept of a Monitor. This model represents a health check. Along with things like URL
and method
, their REST API allows for users to specify a port
for the monitor (see API Docs). The Go SDK does not currently have the port
field available.
Solution
Add the Port field to both cisv1.Monitor
and cisv1.MonitorBody
types.
CF configuration will be changed, so the CloudController's /v2/info
endpoint will return
{
...
"authorization_endpoint": "https://iam.cloud.ibm.com/cloudfoundry/login/us-south",
"token_endpoint": "https://uaa.us-south.cf.cloud.ibm.com",
...
}
Hi, I saw the following error when deleting a discovery instance. However, I could not find any field in the bluemix client config. Could anyone help? Thanks.
{
"description": "The following error occurred in the region 'US South': Service instance test-discovery: Service broker error: {\"error\"=>\"AsyncRequired\", \"description\"=>\"This service plan requires client support for asynchronous service operations.\"}",
"error_code": "CF-ServiceBrokerBadResponse",
"code": 10001,
"http": {
"uri": "https://provision-broker.ng.bluemix.net/bmx/provisioning/brokers/1867973154-7bc1c9a9-9fd7-462f-930e-96f5557c2f5a/v2/service_instances/bdfd19ba-f8ad-4a97-979a-aff3e3a59329",
"method": "DELETE",
"status": 422
},
Error deleting cluster: Request failed with status code: 401, ServerErrorResponse: {"incidentID":"1a0c067f-6813-4746-99e1-c33882bf8452","code":"E0058","description":"Your Bluemix account, organization, and space must be specified. If you are using the CLI, run bx login and make selections for each of these prompts or use 'bx target' to make individual selections. If you are using the API, include the headers X-Auth-Resource-Account, X-Auth-Resource-Org, and X-Auth-Resource-Space headers. Run 'bx iam accounts' to retrieve the account ID for the X-Auth-Resource-Account header, 'bx iam org \u003corg\u003e --guid' to retrieve the org ID for the X-Auth-Resource-Org header, and 'bx iam space \u003cspace_name\u003e --guid' to retrieve the space ID for the X-Auth-Resource-Space header.","type":"Authentication"}
Should return all results (or at least provide a way to do so).
It looks like keyprotect is not yet supported by this API. Will it be or is work on this being done?
Work around is to remove uaa from the response_type list in iam.go:
https://github.com/IBM-Cloud/bluemix-go/blob/master/authentication/iam.go#L107
I checked the example folder and saw examples creating container cluster. However, I could not find any document about creating other blue mix services, e.g., watson conversation. Will this go sdk support such operation? Thanks.
Hello Bluemix go team,
We are using the RegistryServiceAPI to inspect some images. The RegistryServiceAPI works just fine for any image (at any region) expect for images in the global icr.io
registry.
We tried solving this by unsetting the region or setting the region to "GLOBAL" but it still doesn't work.
We still get an error when we inspect an image in the icr.io
or private.icr.io
registry.
The error received is something like :
{
"code": "CRI0106E",
"message": "The registry in the supplied image name doesn't match the registry that the request was sent to. Correct the image name, and try again.",
"request-id": "61373bca-f318-4066-9fb7-eba642dcd3b3"
}
We know for sure that the image name is correct and the image is already in the registry and is accessible to the given API key - as we run the ibmcloud cr image-inspect
to inspect the exact same image and it doesn't throw any error.
$ ibmcloud cr image-inspect icr.io/obs/team-name/image:1.11.1
The output is something like :
Inspecting image 'icr.io/obs/team-name/image:1.11.1'...
{
"Id": "sha256:6a03a21e44f68xxxxxxxxxxxxxxxxxxxxxxx",
"Parent": "",
"Comment": "",
"Created": "2021-11-17T09:06:33.94142403Z",
"Container": "",
"ContainerConfig": {
"Hostname": "",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": null,
"Cmd": null,
"Image": "",
"Volumes": {},
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": null
},
"DockerVersion": "",
"Author": "",
"Config": {
"Hostname": "",
"Domainname": "",
"User": "1337:1337",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"container=oci"
],
"Cmd": null,
"ArgsEscaped": true,
"Image": "",
"Volumes": {},
"WorkingDir": "",
"Entrypoint": [
"/usr/local/bin/pilot-discovery"
],
"OnBuild": null,
"ManifestType": "application/vnd.docker.distribution.manifest.v2+json"
}
OK
How to reproduce this bug ?
Create an image in the global icr.io registry
Login to ibmcloud
and Inspect the image with ibmcloud cr image-inspect
.. it will work just fine.
Try to inspect the exact same image with the bluemix-go api - you will get an error similar to the one in the description.
Thanks in advance for your support.
I see there is an example of creating a kubernetes cluster by bluemix-go/api/container/containerv1
.
Is there any way to create cloudant or watson conversation instances? Could you provide some example? Thanks.
I tried to curl cloud.ibm.com -v
in ipv6 environment, cloud.ibm.com
cannot be resolved. so my question is does cloud.ibm.com support ipv6? I am calling this API to provision managed kubernetes or ocp cluster. Thanks.
Getting the following error when invoking iamauth.AuthenticateAPIKey(apikey)
:
Request failed with status code: 400, BXNIM0106E:
Validation of property 'response_type' with value '[uaa, cloud_iam]' failed.
Valid values: 'cloud_iam'
Which points to the following line in authentication/iam.go
:
Field("response_type", "cloud_iam,uaa").
If I set the response_type
to just cloud_iam
, as the error message above suggests, the API returns successfully.
One of our application uses the SDK for talking to the CIS API.
The SDK handles the case where the access token expires but does not handle the case where the refresh token itself expires. We get the following error:
Authentication failed, Unable to refresh auth token: Request failed with status code: 400, BXNIM0408E: Provided refresh token is expired. Try again later
The only way to fix the issue is to restart the application where we get a new refresh token. Can this be handled within the IAM GO API ?
The data source ibm_container_cluster_config downloads the kubectl config yaml and the CA certificate. If the cluster name contains the string "kube", the CA file is subsequently deleted here:
https://github.com/IBM-Bluemix/bluemix-go/blob/b49bb614b336a07449499e79bc04c806d02d65d6/api/container/containerv1/clusters.go#L225
This leaves the downloaded cluster configuration in an unusable state:
error: unable to read certificate-authority .../631d734bca9ca12d1960a58aea06b21af4485745_kubepoc-be1a169f_k8sconfig/ca-ams03-kubepoc-be1a169f.pem for kubepoc-be1a169f due to open .../631d734bca9ca12d1960a58aea06b21af4485745_kubepoc-be1a169f_k8sconfig/ca-ams03-kubepoc-be1a169f.pem: no such file or directory
I looked through the code but not sure if I'm just missing it somewhere. How can I manage DNS zones and entries with the library?
What is the right protocol to deal with the IAM token for CLI tools? The 1h TTL would indicate that you want to reuse the token, but there is no logic in the SDK to serialize the state of the IAMAuthRepository.
Is that something folks manage themselves or is this something that will be implemented in a future release of the SDK?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.