pptx704
2c66959b92
Implements the full host ↔ control plane connection flow:
- Host CRUD endpoints (POST/GET/DELETE /v1/hosts) with role-based access:
regular hosts admin-only, BYOC hosts for admins and team owners
- One-time registration token flow: admin creates host → gets token (1hr TTL
in Redis + Postgres audit trail) → host agent registers with specs → gets
long-lived JWT (1yr)
- Host agent registration client with automatic spec detection (arch, CPU,
memory, disk) and token persistence to disk
- Periodic heartbeat (30s) via POST /v1/hosts/{id}/heartbeat with X-Host-Token
auth and host ID cross-check
- Token regeneration endpoint (POST /v1/hosts/{id}/token) for retry after
failed registration
- Tag management (add/remove/list) with team-scoped access control
- Host JWT with typ:"host" claim, cross-use prevention in both VerifyJWT and
VerifyHostJWT
- requireHostToken middleware for host agent authentication
- DB-level race protection: RegisterHost uses AND status='pending' with
rows-affected check; Redis GetDel for atomic token consume
- Migration for future mTLS support (cert_fingerprint, mtls_enabled columns)
- Host agent flags: --register (one-time token), --address (required ip:port)
- serviceErrToHTTP extended with "forbidden" → 403 mapping
- OpenAPI spec, .env.example, and README updated
123 lines
3.3 KiB
Go
123 lines
3.3 KiB
Go
package api
|
|
|
|
import (
|
|
"bufio"
|
|
"encoding/json"
|
|
"errors"
|
|
"fmt"
|
|
"log/slog"
|
|
"net"
|
|
"net/http"
|
|
"strings"
|
|
"time"
|
|
|
|
"connectrpc.com/connect"
|
|
)
|
|
|
|
type errorResponse struct {
|
|
Error errorDetail `json:"error"`
|
|
}
|
|
|
|
type errorDetail struct {
|
|
Code string `json:"code"`
|
|
Message string `json:"message"`
|
|
}
|
|
|
|
func writeJSON(w http.ResponseWriter, status int, v any) {
|
|
w.Header().Set("Content-Type", "application/json")
|
|
w.WriteHeader(status)
|
|
_ = json.NewEncoder(w).Encode(v)
|
|
}
|
|
|
|
func writeError(w http.ResponseWriter, status int, code, message string) {
|
|
writeJSON(w, status, errorResponse{
|
|
Error: errorDetail{Code: code, Message: message},
|
|
})
|
|
}
|
|
|
|
// agentErrToHTTP maps a Connect RPC error to an HTTP status, error code, and message.
|
|
func agentErrToHTTP(err error) (int, string, string) {
|
|
switch connect.CodeOf(err) {
|
|
case connect.CodeNotFound:
|
|
return http.StatusNotFound, "not_found", err.Error()
|
|
case connect.CodeInvalidArgument:
|
|
return http.StatusBadRequest, "invalid_request", err.Error()
|
|
case connect.CodeFailedPrecondition:
|
|
return http.StatusConflict, "conflict", err.Error()
|
|
default:
|
|
return http.StatusBadGateway, "agent_error", err.Error()
|
|
}
|
|
}
|
|
|
|
// requestLogger returns middleware that logs each request.
|
|
func requestLogger() func(http.Handler) http.Handler {
|
|
return func(next http.Handler) http.Handler {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
start := time.Now()
|
|
sw := &statusWriter{ResponseWriter: w, status: http.StatusOK}
|
|
next.ServeHTTP(sw, r)
|
|
slog.Info("request",
|
|
"method", r.Method,
|
|
"path", r.URL.Path,
|
|
"status", sw.status,
|
|
"duration", time.Since(start),
|
|
)
|
|
})
|
|
}
|
|
}
|
|
|
|
func decodeJSON(r *http.Request, v any) error {
|
|
return json.NewDecoder(r.Body).Decode(v)
|
|
}
|
|
|
|
// serviceErrToHTTP maps a service-layer error to an HTTP status, code, and message.
|
|
// It inspects the underlying Connect RPC error if present, otherwise returns 500.
|
|
func serviceErrToHTTP(err error) (int, string, string) {
|
|
msg := err.Error()
|
|
|
|
// Check for Connect RPC errors wrapped by the service layer.
|
|
var connectErr *connect.Error
|
|
if errors.As(err, &connectErr) {
|
|
return agentErrToHTTP(connectErr)
|
|
}
|
|
|
|
// Map well-known service error patterns.
|
|
switch {
|
|
case strings.Contains(msg, "not found"):
|
|
return http.StatusNotFound, "not_found", msg
|
|
case strings.Contains(msg, "not running"), strings.Contains(msg, "not paused"):
|
|
return http.StatusConflict, "invalid_state", msg
|
|
case strings.Contains(msg, "forbidden"):
|
|
return http.StatusForbidden, "forbidden", msg
|
|
case strings.Contains(msg, "invalid"):
|
|
return http.StatusBadRequest, "invalid_request", msg
|
|
default:
|
|
return http.StatusInternalServerError, "internal_error", msg
|
|
}
|
|
}
|
|
|
|
type statusWriter struct {
|
|
http.ResponseWriter
|
|
status int
|
|
}
|
|
|
|
func (w *statusWriter) WriteHeader(status int) {
|
|
w.status = status
|
|
w.ResponseWriter.WriteHeader(status)
|
|
}
|
|
|
|
// Hijack implements http.Hijacker, required for WebSocket upgrade.
|
|
func (w *statusWriter) Hijack() (net.Conn, *bufio.ReadWriter, error) {
|
|
if hj, ok := w.ResponseWriter.(http.Hijacker); ok {
|
|
return hj.Hijack()
|
|
}
|
|
return nil, nil, fmt.Errorf("underlying ResponseWriter does not implement http.Hijacker")
|
|
}
|
|
|
|
// Flush implements http.Flusher, required for streaming responses.
|
|
func (w *statusWriter) Flush() {
|
|
if fl, ok := w.ResponseWriter.(http.Flusher); ok {
|
|
fl.Flush()
|
|
}
|
|
}
|