Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add auth. header to /os/v1/config requests #3443

Merged
merged 1 commit into from
Nov 1, 2024
Merged

Add auth. header to /os/v1/config requests #3443

merged 1 commit into from
Nov 1, 2024

Conversation

ab77
Copy link
Contributor

@ab77 ab77 commented Jun 10, 2024
edited by klutchell
Loading

Add auth. header to /os/v1/config requests

Allows the API to identify devices requesting configuration and apply routing logic (e.g. switch from TCP to UDP OpenVPN configuration).

In the not-so-distant future we may chose to begin switching devices from the default TCP OpenVPN configuration, to stateless UDP config, to reduce load on the backend and increase reliability of the VPN (Cloudlink) connections. This change adds Authorization header to requests {{api}}/os/v1/config endpoint, with which the API can begin identifying devices and depending on device config vars/model returning the relevant OpenVPN (or other type of configuration).

.. also balena-os/os-config#75

See: https://balena.fibery.io/Work/Improvement/Add-auth.-header-to-os-v1-config-requests-2176

@ab77 ab77 requested review from majorz, alexgg and Page- June 10, 2024 19:19
@flowzone-app flowzone-app bot enabled auto-merge June 10, 2024 19:23
alexgg
alexgg requested changes Jun 11, 2024
View reviewed changes
Copy link
Contributor

@alexgg alexgg left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ab77 why not PR this directly into os-config? We don't maintain patches in meta-balena for sources we own.

@ab77
Copy link
Contributor Author

ab77 commented Jun 11, 2024
edited
Loading

@ab77 why not PR this directly into os-config? We don't maintain patches in meta-balena for sources we own.

I was under the impression we can not build os-config outside of Yocto to make it work with balenaOS cc @Page- @klutchell

Happy to make the change directly in the os-config via a PR, and personally, I don't particularly care which way this is done, as long as it ships reasonably soon so we can start identifying devices at the config stage @alexgg

@ab77 ab77 requested a review from alexgg June 13, 2024 17:19
@ab77 ab77 closed this Jul 14, 2024
auto-merge was automatically disabled July 14, 2024 22:23

Pull request was closed

@ab77
Copy link
Contributor Author

ab77 commented Sep 12, 2024

@ab77 why not PR this directly into os-config? We don't maintain patches in meta-balena for sources we own.

I was under the impression we can not build os-config outside of Yocto to make it work with balenaOS cc @Page- @klutchell

Happy to make the change directly in the os-config via a PR, and personally, I don't particularly care which way this is done, as long as it ships reasonably soon so we can start identifying devices at the config stage @alexgg

Just for the record, this PR is likely to be more impactful than os-config/pull/75, since the later can't (yet) be built with Rust tooling in the Yocto framework and therefore can't make it into the runtime OS. cc @klutchell @alexgg

@Page- Page- reopened this Sep 17, 2024
@Page-
Copy link
Contributor

Page- commented Sep 17, 2024

@alexgg this was discussed in a brainstorm and decided that merging this should be fine to get the ball rolling on device support and then the scarthgap work of @klutchell and @floion will include removing the patch with the updated os-config

@github-actions GitHub Actions
Copy link

github-actions bot commented Sep 17, 2024
edited
Loading

Website deployed to CF Pages, 👀 preview link https://c1acd4a5.balena-os.pages.dev

@flowzone-app flowzone-app bot merged commit 3ea611a into master Nov 1, 2024
187 of 191 checks passed
@flowzone-app flowzone-app bot deleted the ab77/config-auth branch November 1, 2024 13:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@klutchell klutchell klutchell approved these changes

@alexgg alexgg alexgg approved these changes

@majorz majorz Awaiting requested review from majorz

@Page- Page- Awaiting requested review from Page-

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ab77 @Page- @alexgg @klutchell