Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

POC: EE-2493: mtls for edge agent #234

Closed
wants to merge 23 commits into from
Closed

POC: EE-2493: mtls for edge agent #234

wants to merge 23 commits into from

Conversation

SvenDowideit
Copy link
Contributor

@SvenDowideit SvenDowideit commented Feb 7, 2022
edited by deviantony
Loading

Replaced by #249

again, based on #228 and #229

and requires the matching portainer PR

@SvenDowideit SvenDowideit mentioned this pull request Feb 7, 2022
Closed
@SvenDowideit
feat(kingpin) use kingpin to parse ENV vars, and thus allow cli-param…
abd7167 
…s _and_ --help

Signed-off-by: Sven Dowideit <[email protected]>
@SvenDowideit
clean out unused env var names
d8c6ef1 
Signed-off-by: Sven Dowideit <[email protected]>
@SvenDowideit
use the ENV text from the README
2852c51 
Signed-off-by: Sven Dowideit <[email protected]>
@SvenDowideit
HostManagementEnabled was hardcoded to true - I presume this was once…
c097edb 
… a feature?

Signed-off-by: Sven Dowideit <[email protected]>
@SvenDowideit
do we need to store a copy of a bool we have access to?
e6fb7b8 
Signed-off-by: Sven Dowideit <[email protected]>
@SvenDowideit
add the LogLevels to the flag options
878e368 
Signed-off-by: Sven Dowideit <[email protected]>
@SvenDowideit
Don't try over-writing the existing /data/agent_edge_key - its 0444
78afca8 
Signed-off-by: Sven Dowideit <[email protected]>
@SvenDowideit
EdgeKey retreival code should be with the other EdgeKey code
8b16707 
Signed-off-by: Sven Dowideit <[email protected]>
@SvenDowideit
PROPOSAL: don't create an edgeManager if we're not in Edge mode
f9918dc 
Signed-off-by: Sven Dowideit <[email protected]>
@SvenDowideit
add todo
4e87a42 
Signed-off-by: Sven Dowideit <[email protected]>
@SvenDowideit
JUST git mv internal/edge/ to edge/
1a8601f 
Signed-off-by: Sven Dowideit <[email protected]>
@SvenDowideit
git mv the scheduler code from filesystem/ to edge/scheduler/
103c91e 
Signed-off-by: Sven Dowideit <[email protected]>
@SvenDowideit
git mv edge/logs.go edge/scheduler/logs.go - jobID in logs == schedul…
4fce9c4 
…e.ID

Signed-off-by: Sven Dowideit <[email protected]>
@SvenDowideit
git mv edge/stack.go edge/stack/stack.go
bc43b5c 
Signed-off-by: Sven Dowideit <[email protected]>
@SvenDowideit
git mv http/client/ edge/client/
7987e9a 
Signed-off-by: Sven Dowideit <[email protected]>
@SvenDowideit
git mv http/edge.go edge/http/edge.go
dbdf5b6 
Signed-off-by: Sven Dowideit <[email protected]>
@SvenDowideit
use github.com/containers/images to pull the image from localhost:500…
e0f9831 
…0, directly into the docker daemon

Signed-off-by: Sven Dowideit <[email protected]>
@SvenDowideit
add --sslcert, --sslkey, --sslcacert to agent
d577451 
Signed-off-by: Sven Dowideit <[email protected]>
@SvenDowideit SvenDowideit force-pushed the feat/EE-2493/add-mtls-for-edge-agent branch from 96b0e2d to d577451 Compare February 10, 2022 22:20
cheloRydel
cheloRydel reviewed Feb 16, 2022
View reviewed changes
agent.go Outdated Show resolved Hide resolved
cmd/agent/main.go Outdated Show resolved Hide resolved
edge/edge.go
manager.key.PortainerInstanceURL,
manager.key.EndpointID,
manager.agentOptions.EdgeID,
GetNewHttpClient(10, manager.agentOptions),
Copy link
Contributor

@cheloRydel cheloRydel Feb 16, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe it's cleaner to pass the manager.agentOptions as param and call GetNewHttpClient internally

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

atm, there are too many things created internally, breaking both the sharing, and hiding the high number of internal members - so I've been pulling it appart and making it more obvious.
Annoyingly, what I was originally trying to acheive started to be too big a refactor, so I'm currently doing the async thing in at a PortainerClient level, so its possibly true.
Main thrust is that the actual http requests are now in the pluggable PortainerClient, and this set of 3 managers all use the same code - except for the different timeouts, they would use the same PortainerClient instance - but that's something where I don't have time to work out the consequenses of the two 10second constants vs the User tuned one.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yep I get that, what I had in mind was to at least pass the timeout value as a parameter and use that to call GetNewHttpClient internally, but it surely can be changed later, it's mostly a readability issue

edge/edge.go Show resolved Hide resolved
edge/edge.go Show resolved Hide resolved
@deviantony deviantony changed the base branch from develop to ce-2.13 February 18, 2022 01:15
deviantony
deviantony reviewed Feb 18, 2022
View reviewed changes
os/options.go Outdated Show resolved Hide resolved
@deviantony deviantony mentioned this pull request Feb 18, 2022
Closed
@deviantony deviantony marked this pull request as draft February 18, 2022 02:44
@cheloRydel cheloRydel mentioned this pull request Mar 2, 2022
Merged
@cheloRydel
Copy link
Contributor

Replaced by #234

@cheloRydel cheloRydel closed this Mar 4, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cheloRydel cheloRydel cheloRydel left review comments

@deviantony deviantony deviantony left review comments

Assignees
No one assigned
Labels
has conflicts
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@SvenDowideit @cheloRydel @deviantony