1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-19 20:10:55 +01:00
Commit graph

38 commits

Author SHA1 Message Date
epriestley
706c21375e Remove empty implementations of describeAutomaticCapabilities()
Summary:
This has been replaced by `PolicyCodex` after D16830. Also:

  - Rebuild Celerity map to fix grumpy unit test.
  - Fix one issue on the policy exception workflow to accommodate the new code.

Test Plan:
  - `arc unit --everything`
  - Viewed policy explanations.
  - Viewed policy errors.

Reviewers: chad

Reviewed By: chad

Subscribers: hach-que, PHID-OPKG-gm6ozazyms6q6i22gyam

Differential Revision: https://secure.phabricator.com/D16831
2016-11-09 15:24:22 -08:00
epriestley
6f6ca0102d Send forced mail on SSH key edits
Summary:
Ref T10917. This cheats fairly heavily to generate SSH key mail:

  - Generate normal transaction mail.
  - Force it to go to the user.
  - Use `setForceDelivery()` to force it to actually be delivered.
  - Add some warning language to the mail body.

This doesn't move us much closer to Glorious Infrastructure for this whole class of events, but should do what it needs to for now and doesn't really require anything sketchy.

Test Plan: Created and edited SSH keys, got security notice mail.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10917

Differential Revision: https://secure.phabricator.com/D15948
2016-05-19 15:01:25 -07:00
epriestley
2a3c3b2b98 Provide bin/nuance import and ngram indexes for sources
Summary:
Ref T10537. More infrastructure:

  - Put a `bin/nuance` in place with `bin/nuance import`. This has no useful behavior yet.
  - Allow sources to be searched by substring. This supports `bin/nuance import --source whatever` so you don't have to dig up PHIDs.

Test Plan:
  - Applied migrations.
  - Ran `bin/nuance import --source ...` (no meaningful effect, but works fine).
  - Searched for sources by substring in the UI.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10537

Differential Revision: https://secure.phabricator.com/D15436
2016-03-08 10:30:24 -08:00
epriestley
7d4b323da2 Store Almanac "service types" instead of "service classes"
Summary:
Ref T10449. Currently, we store classes (like "AlmanacClusterRepositoryServiceType") in the database.

Instead, store types (like "cluster.repository").

This is a small change, but types are a little more flexible (they let us freely reanme classes), a little cleaner (fewer magic strings in the codebase), and a little better for API usage (they're more human readable).

Make this minor usability change now, before we unprototype.

Also make services searchable by type.

Also remove old Almanac API endpoints.

Test Plan:
  - Ran migration, verified all data migrated properly.
  - Created, edited, rebound, and changed properties of services.
  - Searched for services by service type.
  - Reviewed available Conduit methods.

Reviewers: chad

Reviewed By: chad

Subscribers: yelirekim

Maniphest Tasks: T10449

Differential Revision: https://secure.phabricator.com/D15346
2016-02-26 06:21:50 -08:00
epriestley
4c97d88aa4 Allow Almanac bindings to be disabled and unused interfaces to be removed
Summary:
Fixes T9762. Ref T10246.

**Disabling Bindings**: Previously, there was no formal way to disable bindings. The internal callers sometimes check some informal property on the binding, but this is a common need and deserves first-class support in the UI. Allow bindings to be disabled.

**Deleting Interfaces**: Previously, you could not delete interfaces. Now, you can delete unused interfaces.

Also some minor cleanup and slightly less mysterious documentation.

Test Plan: Disabled bindings and deleted interfaces.

Reviewers: chad

Reviewed By: chad

Subscribers: yelirekim

Maniphest Tasks: T9762, T10246

Differential Revision: https://secure.phabricator.com/D15345
2016-02-26 06:21:23 -08:00
epriestley
944539a786 Simplify locking of Almanac cluster services
Summary:
Fixes T6741. Ref T10246. Broadly, we want to protect Almanac cluster services:

  - Today, against users in the Phacility cluster accidentally breaking their own instances.
  - In the future, against attackers compromising administrative accounts and adding a new "cluster database" which points at hardware they control.

The way this works right now is really complicated: there's a global "can create cluster services" setting, and then separate per-service and per-device locks.

Instead, change "Can Create Cluster Services" into "Can Manage Cluster Services". Require this permission (in addition to normal permissions) to edit or create any cluster service.

This permission can be locked to "No One" via config (as we do in the Phacility cluster) so we only need this one simple setting.

There's also zero reason to individually lock //some// of the cluster services.

Also improve extended policy errors.

The UI here is still a little heavy-handed, but should be good enough for the moment.

Test Plan:
  - Ran migrations.
  - Verified that cluster services and bindings reported that they belonged to the cluster.
  - Edited a cluster binding.
  - Verified that the bound device was marked as a cluster device
  - Moved a cluster binding, verified the old device was unmarked as a cluster device.
  - Tried to edit a cluster device as an unprivileged user, got a sensible error.

{F1126552}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T6741, T10246

Differential Revision: https://secure.phabricator.com/D15339
2016-02-25 03:38:39 -08:00
epriestley
f7d5904e4b Expose modern *.search Conduit endpoints in Almanac
Summary: Fixes T10411. Ref T10246. There are probably still some rough edges with this, but replace the old-school endpoints with modern ones so we don't unprototype with deprecated stuff.

Test Plan:
  - Made a bunch of calls to the new endpoints with various constraints/attachments.
  - Created and edited services, devices, interfaces, bindings, and properties on everything.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10246, T10411

Differential Revision: https://secure.phabricator.com/D15329
2016-02-23 08:20:57 -08:00
epriestley
24104be67d Use EditEngine for Almanac Services, Devices, and Networks
Summary:
Ref T10411. This cleans up / modernizes things and lets me get an `almanac.network.edit` API in the future.

This is mostly straightforward, except that Services have an extra "choose type" screen in front of them.

Test Plan:
  - Created and edited Almanac networks, services, and devices.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10411

Differential Revision: https://secure.phabricator.com/D15326
2016-02-22 11:28:38 -08:00
epriestley
ab86523ac4 Allow Almanac properties to be deleted, use EditEngine instead of CustomField
Summary:
Fixes T10410. Immediate impact of this is that you can now actually delete properties from Almanac services, devices and bindings.

The meat of the change is switching from CustomField to EditEngine for most of the actual editing logic. CustomField creates a lot of problems with using EditEngine for everything else (D15326), and weird, hard-to-resolve bugs like this one (not being able to delete stuff).

Using EditEngine to do this stuff instead seems like it works out much better -- I did this in ProfilePanel first and am happy with how it looks.

This also makes the internal storage for properties JSON instead of raw text.

Test Plan:
  - Created, edited and deleted properties on services, devices and bindings.
  - Edited and reset builtin properties on repository services.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10410

Differential Revision: https://secure.phabricator.com/D15327
2016-02-22 11:28:26 -08:00
epriestley
411331469a Apply namespace locking rules in Almanac
Summary:
Ref T10246. Ref T6741.

When you have a namespace like "phacility.net", require users creating services and devices within it to have edit permission on the namespace.

This primarily allows us to lock down future device names in the cluster, so instances can't break themselves once they get access to Almanac.

Test Plan:
  - Configured a `phacility.net` namespace, locked myself out of it.
  - Could not create new `stuff.phacility.net` services/devices.
  - Could still edit existing devices I had permission for.
  - Configured a `free.phacility.net` namespace with more liberal policies.
  - Could create `me.free.phacility.net`.
  - Still could not create `other.phacility.net`.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T6741, T10246

Differential Revision: https://secure.phabricator.com/D15325
2016-02-22 04:58:53 -08:00
epriestley
db50d0fb11 Rough-in Almanac namespaces
Summary:
Ref T6741. Ref T10246.

Root problem: to provide Drydock in the cluster, we need to expose Almanac, and doing so would let users accidentally or intentionally create a bunch of `repo006.phacility.net` devices/services which could conflict with the real ones we manage.

There's currently no way to say "you can't create anything named `*.blah.net`". This adds "namespaces", which let you do that (well, not yet, but they will after the next diff).

After the next diff, if you try to create `repo003.phacility.net`, but the namespace `phacility.net` already exists and you don't have permission to edit it, you'll be asked to choose a different name.

Also various modernizations and some new docs.

Test Plan:
  - Created cool namespaces like `this.computer`.
  - Almanac namespaces don't actually enforce policies yet.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T6741, T10246

Differential Revision: https://secure.phabricator.com/D15324
2016-02-22 04:58:35 -08:00
epriestley
50debecf52 Allow Almanac namespaces to be searched by ngram index
Summary: Ref T6741. Ref T10246. This is largely modernization, but will partially support namespace locking in Almanac.

Test Plan:
Searched for Almanac networks by name substring.

{F1121740}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T6741, T10246

Differential Revision: https://secure.phabricator.com/D15322
2016-02-22 04:58:18 -08:00
epriestley
959bb16d0f Allow Almanac services to be searched by substring
Summary: Ref T10246. Build an ngram index for Almanac services, and use it to support improved search.

Test Plan: {F1121725}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10246

Differential Revision: https://secure.phabricator.com/D15321
2016-02-22 04:58:03 -08:00
epriestley
1b6ddae6b2 Allow Almanac devices to be queried and sorted by name
Summary:
Ref T10205. Ref T10246. This is general modernization, but also supports fixing the interface datasource in T10205.

  - Update Query.
  - Update SearchEngine.
  - Use an ngrams index for searching names efficiently.

Test Plan:
  - Ran migrations.
  - Searched Almanac devices by name.
  - Created a new device, searched for it by name.

{F1121303}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10205, T10246

Differential Revision: https://secure.phabricator.com/D15319
2016-02-21 10:44:46 -08:00
Joshua Spence
67b6c532bc Allow device bindings to be destroyed
Summary: Ref T9762. Currently it is not possible to destroy an Alamanac device because any associate bindings cannot be destroyed.

Test Plan: Destroyed an Almanac device.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin

Maniphest Tasks: T9762

Differential Revision: https://secure.phabricator.com/D14461
2015-11-16 07:14:55 +11:00
Bob Trahan
3ef0721ada Reduce PhabricatorUser::getOmnipotentUser calls by adding a getViewer method to PhbaricatorDestructionEngine
Summary:
Fixes T6956. Before this change, we called PhabricatorUser::getOmnipotentUser in the various delete methods to query the data. Now, we use $engine->getViewer(), since its always a good thing to have less calls to PhabricatorUser::getOmnipotentUser thrown around the codebase.

I used the "codemod" tool to audit the existing calls to PhabricatorDestructorEngine (all of them) so ostensibly this gets all the spots. If I missed something though, its still going to work, so this change is very low risk.

Test Plan: ./bin/remove destroy P1; visit P1 and get a 404

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6956

Differential Revision: https://secure.phabricator.com/D12866
2015-05-15 14:07:17 -07:00
epriestley
c7178b7e7b Move property transaction construction to Almanac
Summary: Ref T7627. This centralizes this transaction construction code so the unit tests and Instances can both use it.

Test Plan: See D12116.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7627

Differential Revision: https://secure.phabricator.com/D12118
2015-03-23 09:10:42 -07:00
Joshua Spence
d6b882a804 Fix visiblity of LiskDAO::getConfiguration()
Summary: Ref T6822.

Test Plan: `grep`

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: hach-que, Korvin, epriestley

Maniphest Tasks: T6822

Differential Revision: https://secure.phabricator.com/D11370
2015-01-14 06:54:13 +11:00
epriestley
340373f7bb Almanac: forced interface PHIDs, prefix/suffix device query, DestructibleInterface
Summary: Ref T5833. Ref T6238. These are general capabilities which are particularly useful for synchronizing cluster specifications to instances.

Test Plan:
  - Synchronized networks, devices, interfaces, services, bindings and properties to a managed instance.
  - Used typeahead.
  - Destroyed networks, devices, and services. Saw interfaces and bindings destroyed.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6238, T5833

Differential Revision: https://secure.phabricator.com/D11024
2014-12-22 12:50:44 -08:00
epriestley
d2df3064bc Allow Almanac services to be locked
Summary:
Fixes T6741. This allows Almanac services to be locked from the CLI. Locked services (and their bindings, interfaces and devices) can not be edited. This serves two similar use cases:

  - For normal installs, you can protect cluster configuration from an attacker who compromises an account (or generally harden services which are intended to be difficult to edit).
  - For Phacility, we can lock externally-managed instance cluster configuration without having to pull any spooky tricks.

Test Plan:
  - Locked and unlocked services.
  - Verified locking a service locks connected properties, bindings, binding properties, interfaces, devices, and device properties.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6741

Differential Revision: https://secure.phabricator.com/D11006
2014-12-18 14:31:36 -08:00
epriestley
3fa519da74 Allow Almanac service types to define default properties
Summary:
Ref T5833. This allows Almanac ServiceTypes to define default properties for a service, which show up in the UI and are more easily editable.

Overall, this makes it much easier to make structured/usable/consistent service records: you can check a checkbox that says "prevent new allocations" instead of needing to know the meaning of a key.

Test Plan: {F251593}

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5833

Differential Revision: https://secure.phabricator.com/D10996
2014-12-17 11:10:50 -08:00
epriestley
c85327ca3e Give AlmanacServices a service type
Summary:
Ref T5833. This allows services to be typed, to distinguish between different kinds of services. This makes a few things easier:

  - It's easier for clients to select the services they're interested in (see note in T5873 about Phacility). This isn't a full-power solution, but gets is some of the way there.
  - It's easier to set appropriate permissions around when modifications to the Phabricator cluster are allowed. These service nodes need to be demarcated as special in some way no matter what (see T6741). This also defines a new policy for users who are permitted to create services.
  - It's easier to browse/review/understand services.
  - Future diffs will allow ServiceTypes to specify more service structure (for example, default properties) to make it easier to configure services correctly. Instead of a free-for-all, you'll get a useful list of things that consumers of the service expect to read.

The "custom" service type allows unstructured/freeform services to be created.

Test Plan:
  - Created a new service (and hit error cases).
  - Edited an existing service.
  - Saw service types on list and detail views.
  - Poked around new permission stuff.
  - Ran `almanac.queryservices` with service class specification.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5833

Differential Revision: https://secure.phabricator.com/D10995
2014-12-17 11:10:27 -08:00
epriestley
4505724cc4 Allow repositories to be bound to an AlmanacService
Summary:
Ref T2783. This is primarily exploratory and just figuring out what we're blocked on:

  - Allow a Repository to be bound to a Service. The Service may eventually define multiple read/write nodes, etc.
    - There's no UI to do this binding yet, you have to touch the database manually.
  - If a repository is bound to a Service, effect Conduit calls via calls to the remote service instead of executing them in-process.
    - These don't actually work yet since there's no authentication (see T5955).

Test Plan:
  - Made a nice Service with a nice Binding to a nice Interface on a nice Device.
  - Force-associated a repository with the service using a raw MySQL query.
  - Saw Phabricator try to make a remote call to the service (on localhost) and fail because of missing auth stuff.
  - Also ran `almanac.queryservices`.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2783

Differential Revision: https://secure.phabricator.com/D10982
2014-12-12 12:07:11 -08:00
Bob Trahan
6ab3f06b6e Transactions - adding willRenderTimeline to handle tricky cases
Summary: Fixes T6693.

Test Plan:
Made a bunch of comments on a diff with differential, being sure to leave inlines here and there. This reproduced the issue in T6693. With this patch this issue no longer reproduces!

Successfully "showed older changes" in Maniphest too.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6693

Differential Revision: https://secure.phabricator.com/D10931
2014-12-04 13:58:52 -08:00
Bob Trahan
69cc5df645 Transactions - deploy buildTransactionTimeline against a few more applications
Summary:
Ref T4712. Thus far, it seems that most "non-standard" things can be done pretty easily in the controller. Aside from deploying, this diff had to fix a few bugs / missing implementations of stuff.

(Notably, PhabricatorAuthProviderConfig, HeraldRule, PhabricatorSlowvotePoll, and AlmanacNetwork needed to implement PhabricatorApplicationTransactionInterface, PhabricatorAuthAuthProviderPHIDType had to be added, and a rendering bug in transactions of type PhabricatorOAuth2AuthProvider had to be fixed.)

Test Plan: Almanac - looked at binding, device, network, and service view controllers and verified timeline displayed properly. Herald - looked at a rule and verified timeline. Slowvote - looked at a vote and verified timeline. Auth - looked at an auth provider (Facebook) and verified proper display of transactions within timeline.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T4712

Differential Revision: https://secure.phabricator.com/D10921
2014-12-02 14:33:59 -08:00
epriestley
5e0f218fe4 Allow device SSH keys to be trusted
Summary:
Ref T6240. Some discussion in that task. In instance/cluster environments, daemons need to make Conduit calls that bypass policy checks.

We can't just let anyone add SSH keys with this capability to the web directly, because then an adminstrator could just add a key they own and start signing requests with it, bypassing policy checks.

Add a `bin/almanac trust-key --id <x>` workflow for trusting keys. Only trusted keys can sign requests.

Test Plan:
  - Generated a user key.
  - Generated a device key.
  - Trusted a device key.
  - Untrusted a device key.
  - Hit the various errors on trust/untrust.
  - Tried to edit a trusted key.

{F236010}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6240

Differential Revision: https://secure.phabricator.com/D10878
2014-11-20 17:33:30 -08:00
epriestley
2ac987714b Add almanac.queryservices Conduit API method
Summary:
Ref T5833. Just building one query for now which returns the whole binding + interface + network + device tree. Maybe this will get split up in the future.

This will allow web hosts to call the central Almanac and pull instance configuration, authenticating with SSH.

Test Plan: {F234443}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: chad, epriestley

Maniphest Tasks: T5833

Differential Revision: https://secure.phabricator.com/D10862
2014-11-16 13:54:11 -08:00
epriestley
af6ffd8c7b Allow Almanac devices to have SSH keys
Summary: Ref T5833. Expose a key management interface for Almanac devices.

Test Plan: {F231962}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5833

Differential Revision: https://secure.phabricator.com/D10825
2014-11-11 08:20:08 -08:00
epriestley
2b495f1f03 Implement PhabricatorProjectInterface on Almanac Services and Devices
Summary:
Ref T5833. Allow services and devices to be tagged with projects.

(These fluff apply implementations are a good example of the issue discussed in T6403.)

Test Plan: {F229569}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5833

Differential Revision: https://secure.phabricator.com/D10782
2014-11-05 15:30:00 -08:00
epriestley
fcad9435ea Allow Almanac Devices and Bindings to have properties
Summary:
Ref T5833. Adds support for arbitrary properites to Almanac devices and bindings.

  - For Devices, this allows you to maybe mark what `rack` a server is on, the `serial` number of a router, etc.
  - For Bindings, this allows you to maybe mark that a bound device is `active`, provide `credentials`, expose it as `readonly`, etc.

Test Plan: Added properties to Devices and Bindings.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5833

Differential Revision: https://secure.phabricator.com/D10781
2014-11-05 15:28:36 -08:00
epriestley
2f1b5ae010 Give Almanac generic, custom-field-based properties
Summary:
Ref T5833. Currently, we have an `AlmanacDeviceProperty`, but it doesn't use CustomFields and is specific to devices. Make this more generic:

  - Reuse most of the CustomField infrastructure (so we can eventually get easy support for nice editor UIs, etc).
  - Make properties more generic so Services, Bindings and Devices can all have them.

The major difference between this implementation and existing CustomField implementations is that all other implementations are application-authoritative: the application code determines what the available list of fields is.

I want Almanac to be a bit more freeform (basically: you can write whatever properties you want, and we'll put nice UIs on them if we have a nice UI available). For example, we might have some sort of "ServiceTemplate" that says "a database binding should usually have the fields 'writable', 'active', 'credential'", which would do things like offer these as options and put a nice UI on them, but you should also be able to write whatever other properties you want and add services without building a specific service template for them.

This involves a little bit of rule bending, but ends up pretty clean. We can adjust CustomField to accommodate this a bit more gracefully later on if it makes sense.

Test Plan: {F229172}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5833

Differential Revision: https://secure.phabricator.com/D10777
2014-11-05 15:27:16 -08:00
epriestley
d5b70e2c1c Add AlmanacBinding, to bind a service to an interface
Summary: Ref T5833. Allows you to bind a service (like `db.example.com`) to one or more interfaces (for example, to specify a pool with one read/write host and two read-only hosts). You can't configure which hosts have which properties yet, but you can add all the relevant interfaces to the service. Next diff will start supporting service, binding, and device properties like "is writable", "is active", etc., so that Almanac will be able to express operations like "change which database is writable", "disable writes", "bring a device down", etc.

Test Plan: See screenshots.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5833

Differential Revision: https://secure.phabricator.com/D10745
2014-10-27 13:39:36 -07:00
epriestley
e6d946661d Minor, fix some missing column schema
Auditors: btrahan
2014-10-17 05:06:54 -07:00
epriestley
3e516e40f3 Build AlmanacInterface
Summary: Ref T5833. An interface is an IP (maybe v4, maybe v6) and port on a specified network (public internet, VPN, NAT block, etc).

Test Plan: See screenshots.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5833

Differential Revision: https://secure.phabricator.com/D10718
2014-10-17 05:04:24 -07:00
epriestley
3e704f6c78 Build AlmanacNetwork
Summary: Ref T5833. This differentiates address spaces like the public internet from VPNs, so when a service is available at `192.168.0.1`, we'll know it's on some specific NAT block or whatever.

Test Plan: See screenshots.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5833

Differential Revision: https://secure.phabricator.com/D10715
2014-10-17 05:04:02 -07:00
epriestley
247cb94d5a Build AlmanacDevice UI
Summary: Ref T5833. The "uninteresting" part of this object is virtually identical to AlmanacService.

Test Plan: See screenshots.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5833

Differential Revision: https://secure.phabricator.com/D10714
2014-10-17 05:02:14 -07:00
epriestley
796921021b Build AlmanacService
Summary: Ref T5833. See that task for functional goals and some discussion of design.

Test Plan: See screenshots.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5833

Differential Revision: https://secure.phabricator.com/D10713
2014-10-17 05:01:57 -07:00
James Rhodes
8fbebce501 Implement storage of a host ID and a public key for authorizing Conduit between servers
Summary:
Ref T4209.  This creates storage for public keys against authorized hosts, such that servers can be authorized to make Conduit calls as the omnipotent user.

Servers are registered into this system by running the following command once:

```
bin/almanac register
```

NOTE: This doesn't implement authorization between servers, just the storage of public keys.

Placing this against Almanac seemed like the most sensible place, since I'm imagining in future that the `register` command will accept more information (like the hostname of the server so it can be found in the service directory).

Test Plan: Ran `bin/almanac register` and saw the host (and public key information) appear in the database.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T4209

Differential Revision: https://secure.phabricator.com/D10400
2014-10-03 22:52:41 +10:00