Wizard: add satellite registration #2963
Conversation
avitova
force-pushed
the
sat-reg
branch
3 times, most recently
from
cc5aed1 to
6c11792
Compare
Screencast.From.2025-03-05.10-51-23.mp4So this is the UI change. We try to find the JWT token, in case it is not there, we disable the "next" button. We also show an error if the token is expired, but in that case, we let users through. |
Codecov ReportAttention: Patch coverage is
@@ Coverage Diff @@
## main #2963 +/- ##
==========================================
- Coverage 82.09% 81.53% -0.57%
==========================================
Files 209 212 +3
Lines 23517 23754 +237
Branches 2329 2339 +10
==========================================
+ Hits 19306 19367 +61
- Misses 4182 4358 +176
Partials 29 29
Continue to review full report in Codecov by Sentry.
🚀 New features to boost your workflow:
|
|
Love the validation guardrails! |
package.json
Outdated
| @@ -19,6 +19,7 @@ | |||
| "@sentry/webpack-plugin": "3.2.1", | |||
| "@unleash/proxy-client-react": "4.5.2", | |||
| "classnames": "2.5.1", | |||
| "jwt-decode": "^4.0.0", | |||
There was a problem hiding this comment.
New dependency! Can you please remove the ^? We rely on Dependabot to handle everything.
Also, I'd be curious to know about the decision to use jwt-decode. What was your selection criteria?
There was a problem hiding this comment.
I'm re-reading my comment and I realized it is a bit curt. 😅
jwt-decode is probably fine but it would be nice to know why we chose it, especially in the commit message for the future - is it the most popular or well maintained library for this? Did we look into any alternatives, etc...? I don't have any specific problem with jwt-decode itself I'm just totally ignorant so some extra context would be nice. 😄
There was a problem hiding this comment.
Alright, that makes sense. I removed the ^, and added information into the commit, hopefully that's what you meant. :)
|
+1 on pining the dep version, otherwise looks great! ❤️ One question - could Also can't see the flag in stage unleash, could you please add it there as well? We might even want to gate it behind a preview constraint as this will probably affect IQE 🤔 |
src/Components/CreateImageWizard/steps/Registration/components/SatelliteRegistrationCommand.tsx
Outdated
Show resolved
Hide resolved
| @@ -0,0 +1,5 @@ | |||
| export const isValidPEM = (cert: string): boolean => { | |||
| return /-----BEGIN CERTIFICATE-----[\s\S]+-----END CERTIFICATE-----/.test( | |||
There was a problem hiding this comment.
Nit: isn't [\s\S]+ equal to .+?
There was a problem hiding this comment.
Hmmm, I tried to figure this out as well, we'd need to add "s" at the end of the regex, something like this:
/-----BEGIN CERTIFICATE-----.+-----END CERTIFICATE-----/s
Otherwise it would not accept certificates with more lines. I can do that if it makes the regex a bit more clear.
| const decoded = jwtDecode(token); | ||
| if (decoded.exp) { | ||
| const currentTime = Date.now() / 1000; | ||
| if (decoded.exp < currentTime) { |
There was a problem hiding this comment.
Improvement idea, not a blocker: this could potentially have a buffer.
I mean the image build takes about 15 minutes, so token expiring in half an hour doesn't give you much room to use the image 😛
We might want to figure out a warning intead in a follow-up :)
There was a problem hiding this comment.
I like this idea, and I can do that as a followup. I still need to add the Satellite registration to the review step, add the command + certificate to the blueprint, so that it is saved. This could fit in too. ✏️ 📓
|
Ugh there is a conflict already, that was fast 🤔 |
Uhm, I'd like to add also isDer/isCer, but I need to look into that one. On top of that, the plan might be that users could paste more certificates into one textfield, and we'd parse them all. But I think we should do this as a followup. But yeah, it will likely be a bit more complicated.
Done, that's a good point, thanks! |
Got it! I don't have anything against splitting validators into separate files. Just curious 👍 Thinking about it we should probably do a bit of a cleanup around utilities and unsorted files in the Wizard folder, but that's completely outside of this PR's scope 😅 |
| <HelperText> | ||
| {/* TODO: Add link to our docs */} | ||
| <HelperTextItem> | ||
| To generate command from Satellite, follow the documentation. |
There was a problem hiding this comment.
Should we link the current Satellite registration for now? :)
https://docs.redhat.com/en/documentation/red_hat_satellite/6.16/html-single/managing_hosts/index#Customizing_the_Registration_Templates_managing-hosts
There was a problem hiding this comment.
We could, both no link and using a temporary relevant link work for me. We just need to remember to open a follow up when the new documentation is ready. 👍
|
Switch from a single checkbox to two radios might impact IQE, @tkoscieln could you please check if the tests will need an adjustment? |
|
Ah, right, that's the ci.int failure :/ |
|
@regexowl will do! |
The jwt decode dependency helps us to keep track of the token that is present in the Satellite command. jwt-decode is the most popular dependency for the job, and very easy to use.
|
Oopsie, did not see the approval. I just put the docs link and fixed a bug, hope y'all do not mind. ✨ |
There was a problem hiding this comment.
I'm still fine, we need to fix the tests tho.
@tkoscieln would you do that and then merge this PR? or what's the process now?
|
I'll deploy the PR locally and see if it breaks something. If not, we can merge, if yes, I will do the necessary adjustments and then we can merge |
|
the failures in the CI seems to be related :) |
|
Well, I'll do the adjustment then 😃 |
This adds an option to paste the Satellite registration command + CA. Saving this information into the blueprint is still not done; I will create a follow-up; this is big PR as is.