go
go copied to clipboard
golang
x/build: revamp the security model used by gomote
This is a tracking issue for the redesign of the authentication for the gomote application. The gomote application will have the authentication method changed as well as the addition of an authorization layer. This work will be broken down into many steps which will be added here as they are fully decided upon:
- [x] Collect metrics on gomote usage #48579
- [ ] Update the gomote client to notify users of an upcoming change to authentication #48726
- [x] Determine if a new DNS address is needed for gomote testing #48727
- [x] Enable IAP #48728
- [x] Configure HTTPS Load Balancers #49191
- [x] Add Authentication #48729
- [x] Add Authorization #48730
- [x] Add proxy #48733
- [x] Add gomote manager #48735
- [x] Implement the gomote API #48742
- [x] Add new gomote client commands #48737
- [x] Add authentication to gomote client #48739
- [x] Add certificate authentication to SSH Server #52594
- [ ] Create IAM groups #48741
- [x] List instances on farmer.golang.org
- [ ] Ask users to request accounts #48725
@golang/release
Change https://golang.org/cl/352809 mentions this issue: cmd/coordinator: add metrics for gomote usage
Change https://golang.org/cl/356589 mentions this issue: internal/gomote/protos: add a skeleton for a gomote api
Change https://golang.org/cl/358915 mentions this issue: internal/access: add access package
Change https://golang.org/cl/361098 mentions this issue: internal/gomote, cmd/coordinator: add GRPC gomote server
Change https://golang.org/cl/365735 mentions this issue: deploy: add GRPC servers to build.golang.org
Change https://golang.org/cl/367554 mentions this issue: cmd/coordinator: set buildenv when on GCE
Change https://golang.org/cl/370661 mentions this issue: dashboard: add privileged flag for builders
Change https://golang.org/cl/377335 mentions this issue: buildenv: update iap backend service IDs
Change https://go.dev/cl/391155 mentions this issue: internal/secret: add certificate authority entries for gomotes.
Change https://go.dev/cl/391516 mentions this issue: internal/gomote, internal/coordinator/remote: add the sign SSH key endpoint implementation
Change https://go.dev/cl/382494 mentions this issue: internal/gomote, buildlet: add execute command implementation
Change https://go.dev/cl/397334 mentions this issue: all: update cloud.google.com/go/storage version
Change https://go.dev/cl/397354 mentions this issue: all: update cloud.google.com/go/storage version
Change https://go.dev/cl/397595 mentions this issue: internal/gomote, internal/gomote/protos: add the upload file endpoint
Change https://go.dev/cl/397596 mentions this issue: internal/gomote, internal/gomote/protos: implement write files from URL
Change https://go.dev/cl/397598 mentions this issue: internal/gomote, internal/gomote/protos: add read tgz endpoint
Change https://go.dev/cl/397597 mentions this issue: internal/gomote: enable downloads from GCS bucket in WriteTGZFromURL
Change https://go.dev/cl/397656 mentions this issue: cmd/gomote: add gomote GRPC client and authentication
Change https://go.dev/cl/398054 mentions this issue: cmd/gomote: implement GRPC create command
Change https://go.dev/cl/398056 mentions this issue: cmd/gomote: implements GRPC list command
Change https://go.dev/cl/398055 mentions this issue: cmd/gomote: implements GRPC destroy command
Change https://go.dev/cl/398496 mentions this issue: cmd/gomote: implements GRPC run command
Change https://go.dev/cl/398495 mentions this issue: cmd/gomote: implements GRPC ls command
Change https://go.dev/cl/398497 mentions this issue: cmd/coordinator: increase backend server timeout
Change https://go.dev/cl/398696 mentions this issue: cmd/gomote: implements GRPC put14 command
Change https://go.dev/cl/398695 mentions this issue: cmd/gomote: implements GRPC ping command
Change https://go.dev/cl/405258 mentions this issue: cmd/coordinator, internal/coordinator/remote: add gomote instances to status
Change https://go.dev/cl/405255 mentions this issue: cmd/coordinator, internal/coordinator/remote: move SSH server to internal package
Change https://go.dev/cl/405257 mentions this issue: cmd/coordinator, internal/coordinator/remote: move handlers into internal package
Change https://go.dev/cl/405514 mentions this issue: cmd/gomote: implements GRPC ssh command
Change https://go.dev/cl/405515 mentions this issue: cmd/gomote: implements GRPC rm command
Change https://go.dev/cl/405535 mentions this issue: internal/gomote: add object name to UploadFile endpoint
Change https://go.dev/cl/406014 mentions this issue: internal/gomote: various updates
Change https://go.dev/cl/406015 mentions this issue: cmd/gomote: implements GRPC put command
Change https://go.dev/cl/405256 mentions this issue: internal/coordinator/remote: add certificate authentication to server
Change https://go.dev/cl/406334 mentions this issue: deploy: correct IAP backend timeout
Change https://go.dev/cl/406857 mentions this issue: cmd/gomote: implements GRPC gettar command
Change https://go.dev/cl/407878 mentions this issue: cmd/gomote: implements GRPC puttar command
Change https://go.dev/cl/410818 mentions this issue: internal/gomote,cmd/gomote: implements GRPC add bootstrap
Change https://go.dev/cl/410819 mentions this issue: cmd/gomote: implements GRPC push command
Change https://go.dev/cl/411065 mentions this issue: internal/gomote: fix ExecuteCommand
Change https://go.dev/cl/412374 mentions this issue: cmd/gomote: adds missing field to GRPC push
Change https://go.dev/cl/423999 mentions this issue: cmd/gomote: make the GRPC gomote API the default