Skip to content

Commit a260813

Browse files
authored
Provide reason field for retrieving VPN auth key. (#640)
1 parent b447490 commit a260813

File tree

5 files changed

+18
-4
lines changed

5 files changed

+18
-4
lines changed

cmd/metal-api/internal/service/v1/machine.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -262,7 +262,7 @@ type MachineResponse struct {
262262

263263
type MachineConsolePasswordRequest struct {
264264
ID string `json:"id" description:"id of the machine to get the consolepassword for"`
265-
Reason string `json:"reason" description:"reason why the consolepassword is requested, typically a incident number with short description"`
265+
Reason string `json:"reason" description:"reason why the consolepassword is requested, typically an incident number with short description"`
266266
}
267267

268268
type MachineConsolePasswordResponse struct {

cmd/metal-api/internal/service/v1/vpn.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,4 +11,5 @@ type VPNRequest struct {
1111
Pid string `json:"pid" description:"project ID"`
1212
Ephemeral bool `json:"ephemeral" description:"specifies if auth key should be ephemeral"`
1313
Expiration *time.Duration `json:"expiration" description:"expiration time" optional:"true"`
14+
Reason string `json:"reason" description:"reason why the vpn key is requested, typically an incident number with short description"`
1415
}

cmd/metal-api/internal/service/vpn-service.go

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,18 +23,21 @@ import (
2323
type vpnResource struct {
2424
webResource
2525
headscaleClient *headscale.HeadscaleClient
26+
reasonMinLength uint
2627
}
2728

2829
// NewVPN returns a webservice for VPN specific endpoints.
2930
func NewVPN(
3031
log *slog.Logger,
3132
headscaleClient *headscale.HeadscaleClient,
33+
reasonMinLength uint,
3234
) *restful.WebService {
3335
r := vpnResource{
3436
webResource: webResource{
3537
log: log,
3638
},
3739
headscaleClient: headscaleClient,
40+
reasonMinLength: reasonMinLength,
3841
}
3942

4043
return r.webService()
@@ -74,6 +77,11 @@ func (r *vpnResource) getVPNAuthKey(request *restful.Request, response *restful.
7477
return
7578
}
7679

80+
if uint(len(requestPayload.Reason)) < r.reasonMinLength {
81+
r.sendError(request, response, httperrors.BadRequest(fmt.Errorf("reason must be at least %d characters long", r.reasonMinLength)))
82+
return
83+
}
84+
7785
pid := requestPayload.Pid
7886
if ok := r.headscaleClient.UserExists(request.Request.Context(), pid); !ok {
7987
r.sendError(

cmd/metal-api/main.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -778,7 +778,7 @@ func initRestServices(searchAuditBackend auditing.Auditing, allAuditBackends []a
778778
restful.DefaultContainer.Add(service.NewFilesystemLayout(logger.WithGroup("filesystem-layout-service"), ds))
779779
restful.DefaultContainer.Add(service.NewSwitch(logger.WithGroup("switch-service"), ds))
780780
restful.DefaultContainer.Add(healthService)
781-
restful.DefaultContainer.Add(service.NewVPN(logger.WithGroup("vpn-service"), headscaleClient))
781+
restful.DefaultContainer.Add(service.NewVPN(logger.WithGroup("vpn-service"), headscaleClient, reasonMinLength))
782782
restful.DefaultContainer.Add(rest.NewVersion(moduleName, &rest.VersionOpts{
783783
BasePath: service.BasePath,
784784
MinClientVersion: minClientVersion.Original(),

spec/metal-api.json

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2413,7 +2413,7 @@
24132413
"type": "string"
24142414
},
24152415
"reason": {
2416-
"description": "reason why the consolepassword is requested, typically a incident number with short description",
2416+
"description": "reason why the consolepassword is requested, typically an incident number with short description",
24172417
"type": "string"
24182418
}
24192419
},
@@ -5891,11 +5891,16 @@
58915891
"pid": {
58925892
"description": "project ID",
58935893
"type": "string"
5894+
},
5895+
"reason": {
5896+
"description": "reason why the vpn key is requested, typically an incident number with short description",
5897+
"type": "string"
58945898
}
58955899
},
58965900
"required": [
58975901
"ephemeral",
5898-
"pid"
5902+
"pid",
5903+
"reason"
58995904
]
59005905
},
59015906
"v1.VPNResponse": {

0 commit comments

Comments
 (0)