Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Secure stingray #82

Merged
merged 4 commits into from
Jun 30, 2023
Merged

Secure stingray #82

merged 4 commits into from
Jun 30, 2023

Conversation

jacobsalmela
Copy link
Collaborator

@jacobsalmela jacobsalmela commented Jun 30, 2023
edited
Loading

Summary and Scope

  • removes a fake testdata fixture in favor of the more realistic ones we have now
  • gives better advice when an inventory is unstable (you cannot currently run validate without an active session as the previous advice would suggest`
  • simplifies ux by having the user pass in a host instead of multiple urls

Tested on vshasta that passing the single host worked.

ncn-m002:~/jsalmela/cani # bin/cani alpha session start csm   --csm-keycloak-username vshasta   --csm-keycloak-password vshasta --csm-api-host api-gw-service-nmn.local
12:57PM INF /root/.cani/canidb.json does not exist, creating default datastore
12:57PM INF No API Gateway token provided, getting one from provider api-gw-service-nmn.local
2023/06/30 12:57:23 [DEBUG] POST https://api-gw-service-nmn.local/keycloak/realms/shasta/protocol/openid-connect/token
12:57PM INF Validated CANI inventory
2023/06/30 12:57:23 [DEBUG] GET https://api-gw-service-nmn.local/apis/sls/v1/dumpstate
12:57PM INF Validated external inventory provider
12:57PM INF Session is now ACTIVE with provider csm and datastore /root/.cani/canidb.json

Risks and Mitigations

@jacobsalmela jacobsalmela self-assigned this Jun 30, 2023
@jacobsalmela jacobsalmela force-pushed the secure-stingray branch 3 times, most recently from e8df874 to acddef0 Compare June 30, 2023 16:11
@jacobsalmela jacobsalmela marked this pull request as ready for review June 30, 2023 16:14
@jacobsalmela
use a single host for better ux when starting a session
b237c72 
Signed-off-by: Jacob Salmela <jacob.salmela@hpe.com>
@jacobsalmela
provide slightly better advice when external inventory is unstable
c01f62e 
Signed-off-by: Jacob Salmela <jacob.salmela@hpe.com>
@jacobsalmela
remove unused
9e0f9c5 
Signed-off-by: Jacob Salmela <jacob.salmela@hpe.com>
@jacobsalmela
remove default SLS/HSM urls and use providerHost
bde154b 
Signed-off-by: Jacob Salmela <jacob.salmela@hpe.com>
@jacobsalmela jacobsalmela merged commit fd3e92e into main Jun 30, 2023
5 checks passed
@jacobsalmela jacobsalmela deleted the secure-stingray branch June 30, 2023 19:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rsjostrand-hpe rsjostrand-hpe rsjostrand-hpe approved these changes

Assignees

@jacobsalmela jacobsalmela

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jacobsalmela @rsjostrand-hpe