Thanks to visit codestin.com
Credit goes to github.com

Skip to content

feat: add endpoint for fetching workspace proxy keys #14789

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Sep 26, 2024
Merged

feat: add endpoint for fetching workspace proxy keys #14789

merged 7 commits into from
Sep 26, 2024

Conversation

sreya
Copy link
Collaborator

@sreya sreya commented Sep 24, 2024
edited
Loading

This PR adds an endpoint for fetching signing keys from a workspace proxy. I've intentionally decoupled it from the register endpoint since we will need to support fetching keys on demand and it's overkill to have to reregister every time that's necessary. Since we'll support fetching keys on demand we don't need to also be refreshing them every 15s, so decoupling it allows us to set a longer interval (i.e. 10 minutes).

@sreya sreya requested a review from deansheather September 24, 2024 23:21
@sreya
Add crypto-key fetching to API documentation
749522c 
Introduce documentation for new API endpoint to fetch workspace
proxy signing keys. This addition supports enterprise use cases
involving workspace proxies by documenting the models
`CryptoKey`, `CryptoKeyFeature`, and `CryptoKeysResponse`.
@sreya
fix(apidoc): update summary for workspace proxy keys
7c4cc83 
Improve clarity by changing references from "signing keys" to "crypto keys" in API documentation and comments. This aligns terminology across the codebase and documentation, reducing potential confusion.
@sreya
Fix: Filter invalid crypto keys in FakeQuerier function
3d81388
deansheather
deansheather approved these changes Sep 26, 2024
View reviewed changes
enterprise/wsproxy/wsproxysdk/wsproxysdk.go Outdated
Comment on lines 223 to 234
func (c CryptoKey) Active(now time.Time) bool {
now = now.UTC()
isAfterStartsAt := !c.StartsAt.IsZero() && !now.Before(c.StartsAt)
return isAfterStartsAt && !c.Invalid(now)
}

func (c CryptoKey) Invalid(now time.Time) bool {
now = now.UTC()
noSecret := c.Secret == ""
afterDelete := !c.DeletesAt.IsZero() && !now.Before(c.DeletesAt.UTC())
return noSecret || afterDelete
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can this just be a single Valid() call or something instead? I don't understand why you would want to differentiate these two states since in both cases the key can't be used

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Keys can be used for verification prior to their start time but cannot be used for signing. I'll update the names of the methods to reflect that though

@sreya sreya merged commit 3fdeaf7 into main Sep 26, 2024
27 checks passed
@sreya sreya deleted the jon/wsproxyapi branch September 26, 2024 20:01
@github-actions github-actions bot locked and limited conversation to collaborators Sep 26, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@deansheather deansheather deansheather approved these changes

Assignees

@sreya sreya

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@sreya @deansheather