Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Capture LastUsed time for ClusterAuthTokens #28

Merged
merged 10 commits into from
Oct 8, 2024
Merged

Capture LastUsed time for ClusterAuthTokens #28

merged 10 commits into from
Oct 8, 2024

Conversation

andreas-kupries
Copy link
Contributor

@andreas-kupries andreas-kupries commented Aug 14, 2024
edited by pmatseykanets
Loading

rancher/rancher#45732

Related changes:

If ACE was used to authenticate a request capture the last used time for the token in the corresponding ClusterAuthToken, which is then sync'ed back to the upstream Token object.

@andreas-kupries andreas-kupries self-assigned this Aug 14, 2024
This was referenced Aug 14, 2024
Merged
Merged
@andreas-kupries andreas-kupries changed the title Support LastUsedAt for ClusterAuthToken Support for new field ClusterAuthToken.LastUsedAt Aug 16, 2024
andreas-kupries
andreas-kupries commented Oct 1, 2024
View reviewed changes
Copy link
Contributor Author

@andreas-kupries andreas-kupries left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Interesting trick with an anonymous nested function to get an early block abort without aborting the outer sequence.

Given that k-a-a is unversioned how does it work now distinguishing an old rancher not supporting last-used-at, versus one which supports it ?

@pmatseykanets
Copy link
Contributor

Given that k-a-a is unversioned how does it work now distinguishing an old rancher not supporting last-used-at, versus one which supports it?

It is versioned, it's just the same version can be (but doesn't have to be) used across multiple release lines. The version is pinned here. We can tag this change with v0.3.0 and use it only for v2.10+ leaving the room for potential updates/hotfixes for lower release lines. Now even without that, since the field is optional it may work just fine as is, needs to be tested well though.

@andreas-kupries
Copy link
Contributor Author

Given that k-a-a is unversioned how does it work now distinguishing an old rancher not supporting last-used-at, versus one which supports it?

It is versioned, it's just the same version can be (but doesn't have to be) used across multiple release lines. The version is pinned here. We can tag this change with v0.3.0 and use it only for v2.10+ leaving the room for potential updates/hotfixes for lower release lines. Now even without that, since the field is optional it may work just fine as is, needs to be tested well though.

💡

@pmatseykanets pmatseykanets changed the title Support for new field ClusterAuthToken.LastUsedAt Capture LastUsed time for ClusterAuthTokens Oct 1, 2024
andreas-kupries and others added 8 commits October 7, 2024 22:17
@andreas-kupries @pmatseykanets
fix: get a wrangler context to where we need it; extraction of a toke…
f9e9f8a 
…n wrangler client
@andreas-kupries @pmatseykanets
feat: management of lastUsedAt (lua) for cluster auth tokens (cat)
d417778 
beware: figure out how to distinguish cat's supporting lua vs not
note: likely requires proper init of lua on cat creation
note: find the places creating cats
@andreas-kupries @pmatseykanets
fixup go.mod
b8e7c5c
@andreas-kupries @pmatseykanets
fix: logic error in the field update.
a87ccea 
finalize: internal docs about code reasoning.
@andreas-kupries @pmatseykanets
test: redirect rancher packages to the branch/PR declaring LastUsedAt…
643ebd8 
… support.

note: commit had to be in rancher reppo itself, not in a forked repo for go to pick it up.
@andreas-kupries @pmatseykanets
fixup: linter error
f898389
@pmatseykanets
Use existing logic for updating ClusterAuthToken
ba86dee
@pmatseykanets
Refactor receiver name
0d109c0
@pmatseykanets pmatseykanets mentioned this pull request Oct 8, 2024
Merged
2 tasks
@pmatseykanets pmatseykanets merged commit 5f7f885 into rancher:master Oct 8, 2024
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@crobby crobby crobby approved these changes

@JonCrowther JonCrowther JonCrowther approved these changes

@bigkevmcd bigkevmcd Awaiting requested review from bigkevmcd

Assignees

@pmatseykanets pmatseykanets

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@andreas-kupries @pmatseykanets @crobby @JonCrowther