feat(BRE2-736): add ability to register device to Brev#295
feat(BRE2-736): add ability to register device to Brev#295patelspratik merged 5 commits intomainfrom
Conversation
patelspratik
force-pushed
the
BRE2-736-register
branch
2 times, most recently
from
ac1ac18 to
f41d40a
Compare
…nning of SSH sharing.
patelspratik
force-pushed
the
BRE2-736-register
branch
from
93c012b to
8f67b8c
Compare
| @@ -1,44 +1,320 @@ | |||
| // Package register provides the brev register command for DGX Spark registration | |||
| // Package register provides the brev register command for device registration | |||
pkg/cmd/register/register.go
Outdated
| return breverrors.WrapAndTrace(err) | ||
| } | ||
|
|
||
| u, _ := user.Current() |
There was a problem hiding this comment.
Can this not error?
Also, could we call this the osUser or something similar?
pkg/cmd/register/register.go
Outdated
| // Confirmer prompts for yes/no confirmation. | ||
| type Confirmer interface { | ||
| ConfirmYesNo(label string) bool | ||
| } |
There was a problem hiding this comment.
I wonder if this + the Selector is pointing us to having more of a "Terminal" or "Prompter" interface, as I assume they would generally be satisfied by the same struct.
pkg/cmd/register/register.go
Outdated
| t.Vprint(t.Yellow("[Step 1/3] Installing NetBird...")) | ||
| if err := deps.netbird.Install(); err != nil { | ||
| return fmt.Errorf("NetBird installation failed: %w", err) | ||
| } | ||
| t.Vprint(t.Green(" NetBird installed successfully.")) |
There was a problem hiding this comment.
For later discussion, but I do wonder about just saying "we are installing the tunnel" (or whatever). Maybe this will always be netbird, but it feels like a little bit of a behind the scenes detail.
pkg/cmd/register/register.go
Outdated
| if ci := node.GetConnectivityInfo(); ci != nil { | ||
| if cmd := ci.GetRegistrationCommand(); cmd != "" { | ||
| if err := deps.setupRunner.RunSetup(cmd); err != nil { | ||
| t.Vprintf(" Warning: setup command failed: %v\n", err) | ||
| } | ||
| } | ||
| } |
There was a problem hiding this comment.
Should we react to any of these else cases? ci == nil, cmd == ""?
pkg/cmd/ls/ls.go
Outdated
| if ci := n.GetConnectivityInfo(); ci != nil && ci.GetRegistrationCommand() != "" { | ||
| return "REGISTERED" | ||
| } | ||
| return "UNKNOWN" |
There was a problem hiding this comment.
We now have NetworkMemberStatus
|
|
||
| // runSetupCommand executes the setup command returned by the AddNode RPC. | ||
| func runSetupCommand(script string) error { | ||
| cmd := exec.Command("bash", "-c", script) // #nosec G204 |
There was a problem hiding this comment.
I wonder if we should minimally check to see that this command starts with netbird up
There was a problem hiding this comment.
I don't mind that.
pkg/cmd/grantssh/grantssh.go
Outdated
| // PlatformChecker checks whether the current platform is supported. | ||
| type PlatformChecker interface { | ||
| IsCompatible() bool | ||
| } |
There was a problem hiding this comment.
It looks like this same interface is defined several times -- I wonder if we should just have something more general-purpose in the register package here.
There was a problem hiding this comment.
ya, I'm thinking of pulling out like an "interfaces.go" inside of one of these packages or something.
pkg/cmd/grantssh/grantssh.go
Outdated
| // NodeClientFactory creates ConnectRPC ExternalNodeService clients. | ||
| type NodeClientFactory interface { | ||
| NewNodeClient(provider register.TokenProvider, baseURL string) nodev1connect.ExternalNodeServiceClient | ||
| } |
There was a problem hiding this comment.
Same as above -- do we need four different versions of these interfaces?
pkg/cmd/deregister/deregister.go
Outdated
| // NetBirdUninstaller uninstalls the NetBird network agent. | ||
| type NetBirdUninstaller interface { | ||
| Uninstall() error | ||
| } |
There was a problem hiding this comment.
Could we just have a NetBirdManager (rather than an Installer and Uninstaller)? I don't know that we benefit from individual interfaces here.
There was a problem hiding this comment.
ya, I was debating whether it was worth to have this separated out. No strong preference so less code is best code, will fix.
…emory auth store, added reconnect logic, renamed registration, tests
pkg/externalnode/types.go
Outdated
| case nodev1.NetworkMemberStatus_NETWORK_MEMBER_STATUS_DISCONNECTED: | ||
| return "Disconnected" | ||
| case nodev1.NetworkMemberStatus_NETWORK_MEMBER_STATUS_UNSPECIFIED: | ||
| return "Registered" |
There was a problem hiding this comment.
Probably not a bad idea, but "unspecified" is akin to an erroneous state, so this may be fine to put down as "Unknown"
pkg/cmd/register/register.go
Outdated
| if err != nil { | ||
| t.Vprintf(" %s\n", t.Yellow(fmt.Sprintf("Warning: could not fetch node status: %v", err))) | ||
| } else { | ||
| ci := resp.Msg.GetExternalNode().GetConnectivityInfo() |
There was a problem hiding this comment.
Possible nil deref here on GetExternalNode
| t.Vprint(" Run 'brev deregister' first if you want to re-register.") | ||
| return nil | ||
| } | ||
| t.Vprintf(" Node status: %s\n", externalnode.FriendlyNetworkStatus(ci.GetStatus())) |
There was a problem hiding this comment.
Similar here as ci could be nil
|
|
||
| // If the key exists but isn't tagged, replace it with the tagged version | ||
| // so that RemoveBrevAuthorizedKeys can find it later. | ||
| if strings.Contains(string(existing), pubKey) { |
There was a problem hiding this comment.
While this would be crazy if it led to an actual bug, I wonder if for safety we should do an exact match rather than a Contains
pkg/cmd/register/register.go
Outdated
| return nil, fmt.Errorf("brev register is only supported on Linux") | ||
| } | ||
|
|
||
| _, err := s.GetCurrentUser() // ensure active token |
There was a problem hiding this comment.
I wonder if we should unwind this a bit so that runRegister itself does:
- check platform is compatible
- check if registration is already complete
- get current user
- get current org
- ...
Right now it looks like:
- check platform
- get current user
- get org
- check if registration is already complete
- get current user (again!)
- ..
There was a problem hiding this comment.
ah ya didn't fix after my machinations
pkg/cmd/enablessh/enablessh.go
Outdated
|
|
||
| // EnableSSH grants SSH access to the given node for the specified Brev user. | ||
| // It is exported so that the register command can reuse it after registration. | ||
| func EnableSSH( |
There was a problem hiding this comment.
As per this comment, it looks like the register command has its own (mostly identical) copy of this function. Did you intend to use this from there?
pkg/cmd/grantssh/grantssh.go
Outdated
| authKeysPath := filepath.Join(u.HomeDir, ".ssh", "authorized_keys") | ||
| existing, err := os.ReadFile(authKeysPath) // #nosec G304 | ||
| if err != nil { | ||
| return fmt.Errorf("SSH has not been enabled on this device. Run 'brev enable-ssh' first.") |
There was a problem hiding this comment.
Could this be due to read permissions instead of the nonexistence of keys?
There was a problem hiding this comment.
oh ya this is a bad error message, fixing
pkg/cmd/deregister/deregister.go
Outdated
|
|
||
| removeTunnel := deps.prompter.Select( | ||
| "Would you also like to remove the Brev tunnel?", | ||
| []string{"Yes, remove Brev tunnel", "No, keep Brev tunnel installed"}, |
There was a problem hiding this comment.
why would you want to keep the brev tunnel installed?
There was a problem hiding this comment.
when it was called netbird it made more sense, I agree it now does not
| // unquote removes surrounding double quotes from a string. | ||
| func unquote(s string) string { | ||
| s = strings.TrimSpace(s) | ||
| if len(s) >= 2 && s[0] == '"' && s[len(s)-1] == '"' { |
There was a problem hiding this comment.
can be simplified
return strings.TrimPrefix(strings.TrimSuffix(s, "), ")
There was a problem hiding this comment.
oops missed this, will put it in the next
| memAuthStore := store.NewMemoryAuthStore() | ||
| memAuthenticator := auth.StandardLogin("", "", nil) | ||
| memLoginAuth := auth.NewLoginAuth(memAuthStore, memAuthenticator) | ||
| memLoginAuth.WithShouldLogin(func() (bool, error) { return true, nil }) |
| return nil, breverrors.WrapAndTrace(err) | ||
| } | ||
|
|
||
| func getOrgToRegisterFor(s RegisterStore) (*entity.Organization, error) { |
There was a problem hiding this comment.
This function name ends in a preposition and you should feel bad.
3 participants
Uh oh!
There was an error while loading. Please reload this page.