assisted-service icon indicating copy to clipboard operation
assisted-service copied to clipboard
verified publisher icon openshift

AGENT-869: Implement a new auth type for ABI

Open pawanpinjarkar opened this issue 1 year ago • 12 comments

  • Introduced a new auth type 'agent-installer-local' for agent based installer
  • This new auth type is mostly similar to the local auth type
  • agent based installer generates the necessary keys and JWT tokens and pass it to assisted service.

List all the issues related to this PR

  • [x] New Feature
  • [ ] Enhancement
  • [ ] Bug fix
  • [ ] Tests
  • [ ] Documentation
  • [ ] CI/CD

What environments does this code impact?

  • [ ] Automation (CI, tools, etc)
  • [ ] Cloud
  • [ ] Operator Managed Deployments
  • [ ] None (Agent based installer)

How was this code tested?

  • [ ] assisted-test-infra environment
  • [x] dev-scripts environment
  • [ ] Reviewer's test appreciated
  • [ ] Waiting for CI to do a full test run
  • [x] Manual (Elaborate on how it was tested) The changes are tested with other relevant changes from agent based installer. The cluster was successfully installed with authentication setup end to end.
  • [x] No tests needed

Checklist

  • [x] Title and description added to both, commit and PR.
  • [x] Relevant issues have been associated (see CONTRIBUTING guide)
  • [x] This change does not require a documentation update (docstring, docs, README, etc)
  • [x] Does this change include unit-tests (note that code changes require unit-tests)

Reviewers Checklist

  • Are the title and description (in both PR and commit) meaningful and clear?
  • Is there a bug required (and linked) for this change?
  • Should this PR be backported?

pawanpinjarkar avatar Apr 10 '24 16:04 pawanpinjarkar

@pawanpinjarkar: This pull request references AGENT-869 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.16.0" version, but no target version was set.

In response to this:

List all the issues related to this PR

  • [ ] New Feature
  • [ ] Enhancement
  • [ ] Bug fix
  • [ ] Tests
  • [ ] Documentation
  • [ ] CI/CD

What environments does this code impact?

  • [ ] Automation (CI, tools, etc)
  • [ ] Cloud
  • [ ] Operator Managed Deployments
  • [x] None

How was this code tested?

  • [ ] assisted-test-infra environment
  • [ ] dev-scripts environment
  • [ ] Reviewer's test appreciated
  • [ ] Waiting for CI to do a full test run
  • [ ] Manual (Elaborate on how it was tested)
  • [x] No tests needed

Checklist

  • [ ] Title and description added to both, commit and PR.
  • [ ] Relevant issues have been associated (see CONTRIBUTING guide)
  • [ ] This change does not require a documentation update (docstring, docs, README, etc)
  • [ ] Does this change include unit-tests (note that code changes require unit-tests)

Reviewers Checklist

  • Are the title and description (in both PR and commit) meaningful and clear?
  • Is there a bug required (and linked) for this change?
  • Should this PR be backported?

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

openshift-ci-robot avatar Apr 10 '24 16:04 openshift-ci-robot

/hold

pawanpinjarkar avatar May 10 '24 20:05 pawanpinjarkar

Codecov Report

Attention: Patch coverage is 55.10204% with 22 lines in your changes missing coverage. Please review.

Project coverage is 68.52%. Comparing base (b1b58d7) to head (29d64c6). Report is 2 commits behind head on master.

Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##           master    #6174      +/-   ##
==========================================
+ Coverage   68.42%   68.52%   +0.10%     
==========================================
  Files         244      245       +1     
  Lines       35999    36198     +199     
==========================================
+ Hits        24631    24805     +174     
- Misses       9192     9213      +21     
- Partials     2176     2180       +4
Files Coverage Δ
internal/bminventory/inventory_v2_handlers.go 56.60% <100.00%> (ø)
internal/cluster/auth.go 78.12% <100.00%> (ø)
pkg/auth/authenticator.go 100.00% <100.00%> (ø)
pkg/auth/agent_local_authenticator.go 51.11% <51.11%> (ø)

... and 5 files with indirect coverage changes

codecov[bot] avatar May 10 '24 20:05 codecov[bot]

/hold cancel

pawanpinjarkar avatar May 13 '24 14:05 pawanpinjarkar

@pawanpinjarkar: This pull request references AGENT-869 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.16.0" version, but no target version was set.

In response to this:

List all the issues related to this PR

  • [x] New Feature
  • [ ] Enhancement
  • [ ] Bug fix
  • [ ] Tests
  • [ ] Documentation
  • [ ] CI/CD

What environments does this code impact?

  • [ ] Automation (CI, tools, etc)
  • [ ] Cloud
  • [ ] Operator Managed Deployments
  • [x] None (Agent based installer)

How was this code tested?

  • [ ] assisted-test-infra environment
  • [x] dev-scripts environment
  • [ ] Reviewer's test appreciated
  • [ ] Waiting for CI to do a full test run
  • [x] Manual (Elaborate on how it was tested) The changes are tested with other relevant changes from agent based installer. The cluster was successfully installed with authentication setup end to end.
  • [x] No tests needed

Checklist

  • [x] Title and description added to both, commit and PR.
  • [x] Relevant issues have been associated (see CONTRIBUTING guide)
  • [x] This change does not require a documentation update (docstring, docs, README, etc)
  • [ ] Does this change include unit-tests (note that code changes require unit-tests)

Reviewers Checklist

  • Are the title and description (in both PR and commit) meaningful and clear?
  • Is there a bug required (and linked) for this change?
  • Should this PR be backported?

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

openshift-ci-robot avatar May 13 '24 14:05 openshift-ci-robot

@pawanpinjarkar: This pull request references AGENT-869 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.16.0" version, but no target version was set.

In response to this:

  • Introduced a new auth type 'agent-installer-local' for agent based installer
  • This new auth type is mostly similar to the local auth type
  • agent based installer generates the necessary keys and JWT tokens and pass it to assisted service.

List all the issues related to this PR

  • [x] New Feature
  • [ ] Enhancement
  • [ ] Bug fix
  • [ ] Tests
  • [ ] Documentation
  • [ ] CI/CD

What environments does this code impact?

  • [ ] Automation (CI, tools, etc)
  • [ ] Cloud
  • [ ] Operator Managed Deployments
  • [x] None (Agent based installer)

How was this code tested?

  • [ ] assisted-test-infra environment
  • [x] dev-scripts environment
  • [ ] Reviewer's test appreciated
  • [ ] Waiting for CI to do a full test run
  • [x] Manual (Elaborate on how it was tested) The changes are tested with other relevant changes from agent based installer. The cluster was successfully installed with authentication setup end to end.
  • [x] No tests needed

Checklist

  • [x] Title and description added to both, commit and PR.
  • [x] Relevant issues have been associated (see CONTRIBUTING guide)
  • [x] This change does not require a documentation update (docstring, docs, README, etc)
  • [ ] Does this change include unit-tests (note that code changes require unit-tests)

Reviewers Checklist

  • Are the title and description (in both PR and commit) meaningful and clear?
  • Is there a bug required (and linked) for this change?
  • Should this PR be backported?

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

openshift-ci-robot avatar May 13 '24 14:05 openshift-ci-robot

/hold cancel

pawanpinjarkar avatar May 13 '24 14:05 pawanpinjarkar

/cc @carbonin

pawanpinjarkar avatar May 13 '24 14:05 pawanpinjarkar

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: pawanpinjarkar Once this PR has been reviewed and has the lgtm label, please ask for approval from carbonin. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment Approvers can cancel approval by writing /approve cancel in a comment

openshift-ci[bot] avatar May 14 '24 22:05 openshift-ci[bot]

@pawanpinjarkar: This pull request references AGENT-869 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.16.0" version, but no target version was set.

In response to this:

  • Introduced a new auth type 'agent-installer-local' for agent based installer
  • This new auth type is mostly similar to the local auth type
  • agent based installer generates the necessary keys and JWT tokens and pass it to assisted service.

List all the issues related to this PR

  • [x] New Feature
  • [ ] Enhancement
  • [ ] Bug fix
  • [ ] Tests
  • [ ] Documentation
  • [ ] CI/CD

What environments does this code impact?

  • [ ] Automation (CI, tools, etc)
  • [ ] Cloud
  • [ ] Operator Managed Deployments
  • [ ] None (Agent based installer)

How was this code tested?

  • [ ] assisted-test-infra environment
  • [x] dev-scripts environment
  • [ ] Reviewer's test appreciated
  • [ ] Waiting for CI to do a full test run
  • [x] Manual (Elaborate on how it was tested) The changes are tested with other relevant changes from agent based installer. The cluster was successfully installed with authentication setup end to end.
  • [x] No tests needed

Checklist

  • [x] Title and description added to both, commit and PR.
  • [x] Relevant issues have been associated (see CONTRIBUTING guide)
  • [x] This change does not require a documentation update (docstring, docs, README, etc)
  • [ ] Does this change include unit-tests (note that code changes require unit-tests)

Reviewers Checklist

  • Are the title and description (in both PR and commit) meaningful and clear?
  • Is there a bug required (and linked) for this change?
  • Should this PR be backported?

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

openshift-ci-robot avatar May 16 '24 12:05 openshift-ci-robot

@pawanpinjarkar: This pull request references AGENT-869 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.16.0" version, but no target version was set.

In response to this:

  • Introduced a new auth type 'agent-installer-local' for agent based installer
  • This new auth type is mostly similar to the local auth type
  • agent based installer generates the necessary keys and JWT tokens and pass it to assisted service.

List all the issues related to this PR

  • [x] New Feature
  • [ ] Enhancement
  • [ ] Bug fix
  • [ ] Tests
  • [ ] Documentation
  • [ ] CI/CD

What environments does this code impact?

  • [ ] Automation (CI, tools, etc)
  • [ ] Cloud
  • [ ] Operator Managed Deployments
  • [ ] None (Agent based installer)

How was this code tested?

  • [ ] assisted-test-infra environment
  • [x] dev-scripts environment
  • [ ] Reviewer's test appreciated
  • [ ] Waiting for CI to do a full test run
  • [x] Manual (Elaborate on how it was tested) The changes are tested with other relevant changes from agent based installer. The cluster was successfully installed with authentication setup end to end.
  • [x] No tests needed

Checklist

  • [x] Title and description added to both, commit and PR.
  • [x] Relevant issues have been associated (see CONTRIBUTING guide)
  • [x] This change does not require a documentation update (docstring, docs, README, etc)
  • [x] Does this change include unit-tests (note that code changes require unit-tests)

Reviewers Checklist

  • Are the title and description (in both PR and commit) meaningful and clear?
  • Is there a bug required (and linked) for this change?
  • Should this PR be backported?

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

openshift-ci-robot avatar May 16 '24 12:05 openshift-ci-robot

@pawanpinjarkar: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/edge-e2e-ai-operator-ztp c8be83fc575d60d352e162181c55001e8de87407 link true /test edge-e2e-ai-operator-ztp
ci/prow/edge-unit-test c8be83fc575d60d352e162181c55001e8de87407 link true /test edge-unit-test

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

openshift-ci[bot] avatar May 16 '24 19:05 openshift-ci[bot]

/retest-required

pawanpinjarkar avatar May 16 '24 22:05 pawanpinjarkar

@pawanpinjarkar: This pull request references AGENT-869 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.16.0" version, but no target version was set.

In response to this:

  • Introduced a new auth type 'agent-installer-local' for agent based installer
  • This new auth type is mostly similar to the local auth type
  • agent based installer generates the necessary keys and JWT tokens and pass it to assisted service.
  • Note: When generating an agent ISO, the Agent installer creates ECDSA public/private keys. However, the systemd services of the Agent installer fail to parse multiline keys accurately. To address this, the keys are encoded in base64 format to condense them into a single line before being transmitted to the assisted service. Upon reception, the assisted service decodes these keys back to their original multiline format for subsequent processing.

List all the issues related to this PR

  • [x] New Feature
  • [ ] Enhancement
  • [ ] Bug fix
  • [ ] Tests
  • [ ] Documentation
  • [ ] CI/CD

What environments does this code impact?

  • [ ] Automation (CI, tools, etc)
  • [ ] Cloud
  • [ ] Operator Managed Deployments
  • [ ] None (Agent based installer)

How was this code tested?

  • [ ] assisted-test-infra environment
  • [x] dev-scripts environment
  • [ ] Reviewer's test appreciated
  • [ ] Waiting for CI to do a full test run
  • [x] Manual (Elaborate on how it was tested) The changes are tested with other relevant changes from agent based installer. The cluster was successfully installed with authentication setup end to end.
  • [x] No tests needed

Checklist

  • [x] Title and description added to both, commit and PR.
  • [x] Relevant issues have been associated (see CONTRIBUTING guide)
  • [x] This change does not require a documentation update (docstring, docs, README, etc)
  • [x] Does this change include unit-tests (note that code changes require unit-tests)

Reviewers Checklist

  • Are the title and description (in both PR and commit) meaningful and clear?
  • Is there a bug required (and linked) for this change?
  • Should this PR be backported?

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

openshift-ci-robot avatar May 16 '24 22:05 openshift-ci-robot

/retest-required

pawanpinjarkar avatar May 29 '24 15:05 pawanpinjarkar

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: carbonin, pawanpinjarkar

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment Approvers can cancel approval by writing /approve cancel in a comment

openshift-ci[bot] avatar Jun 05 '24 20:06 openshift-ci[bot]

/retest-required

Remaining retests: 0 against base HEAD e5d0c57131be7863f7f0fb3a8657d8bb8e60c6ef and 2 for PR HEAD 29d64c6948536393a4c1fa5ed7e01fe563872033 in total

openshift-ci-robot avatar Jun 05 '24 21:06 openshift-ci-robot

@pawanpinjarkar: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

openshift-ci[bot] avatar Jun 05 '24 23:06 openshift-ci[bot]

[ART PR BUILD NOTIFIER]

This PR has been included in build ose-agent-installer-api-server-container-v4.17.0-202406060211.p0.g9c5daaa.assembly.stream.el9 for distgit ose-agent-installer-api-server. All builds following this will include this PR.

openshift-bot avatar Jun 06 '24 03:06 openshift-bot