steve
b6f8de1dcc
Cleanup pass over the repo so CI can enforce lint going forward
without the only-new-issues escape hatch:
* gofumpt -w across the tree (31 hits, all formatting)
* misspell --fix (25 hits, US-locale spelling) — but reverted on
api.JobCancelled = "cancelled" since that literal is the wire +
DB CHECK constraint value, plus matched the case in store/fleet.go
back to "cancelled" and added //nolint:misspell on both for the
next time someone reaches for the auto-fix
* Wrap every `defer rows.Close()` / `defer stmt.Close()` /
`defer res.Body.Close()` in `defer func() { _ = .Close() }()`
to satisfy errcheck without losing the close itself
* websocket.Dial callers (1 prod, 4 tests) now capture + close the
upgrade response Body — coder/websocket can return res with a nil
Body on success, so the test deferred-closes guard against that
* Annotate the two genuine-by-design nilerr cases with //nolint
comments explaining why nil-on-error is the contract (cookie
missing = no session; ctx cancelled mid-backoff = clean shutdown)
* Add brief godoc on the 10 exported const groups + types that
revive flagged (api.HostOS/HostArch/JobKind/JobStatus/LogStream/
ErrorCode, restic.EventKind, store.Role, web.FS)
* Drop the unused (*Server).userByID method
* Inline the unparam baseView(active) — every UI page is under
the dashboard primary nav today
Result: `golangci-lint run ./...` reports 0 issues. CI lint job
no longer needs only-new-issues: true; X-06 follow-up entry in
tasks.md removed.
68 lines
2.0 KiB
Go
68 lines
2.0 KiB
Go
package wsclient
|
|
|
|
import (
|
|
"bytes"
|
|
"context"
|
|
"encoding/json"
|
|
"fmt"
|
|
"io"
|
|
stdhttp "net/http"
|
|
"strings"
|
|
"time"
|
|
|
|
"gitea.dcglab.co.uk/steve/restic-manager/internal/api"
|
|
)
|
|
|
|
// EnrollRequest is what we POST to /api/agents/enroll.
|
|
type EnrollRequest struct {
|
|
Token string `json:"token"`
|
|
HostName string `json:"hostname"`
|
|
OS api.HostOS `json:"os"`
|
|
Arch api.HostArch `json:"arch"`
|
|
AgentVersion string `json:"agent_version"`
|
|
ResticVersion string `json:"restic_version"`
|
|
}
|
|
|
|
// EnrollResponse is what the server hands back.
|
|
type EnrollResponse struct {
|
|
HostID string `json:"host_id"`
|
|
AgentToken string `json:"agent_token"`
|
|
CertPinSHA256 string `json:"cert_pin_sha256,omitempty"`
|
|
}
|
|
|
|
// Enroll exchanges a one-time enrollment token for persistent agent
|
|
// credentials. Called by the install script on first run.
|
|
func Enroll(ctx context.Context, serverURL string, req EnrollRequest) (*EnrollResponse, error) {
|
|
body, err := json.Marshal(req)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("agent enroll: marshal: %w", err)
|
|
}
|
|
postURL := strings.TrimRight(serverURL, "/") + "/api/agents/enroll"
|
|
|
|
httpReq, err := stdhttp.NewRequestWithContext(ctx, stdhttp.MethodPost, postURL, bytes.NewReader(body))
|
|
if err != nil {
|
|
return nil, fmt.Errorf("agent enroll: build request: %w", err)
|
|
}
|
|
httpReq.Header.Set("Content-Type", "application/json")
|
|
|
|
client := &stdhttp.Client{Timeout: 30 * time.Second}
|
|
res, err := client.Do(httpReq)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("agent enroll: post: %w", err)
|
|
}
|
|
defer func() { _ = res.Body.Close() }()
|
|
rawRes, _ := io.ReadAll(res.Body)
|
|
if res.StatusCode != stdhttp.StatusCreated {
|
|
return nil, fmt.Errorf("agent enroll: server returned %d: %s",
|
|
res.StatusCode, rawRes)
|
|
}
|
|
var er EnrollResponse
|
|
if err := json.Unmarshal(rawRes, &er); err != nil {
|
|
return nil, fmt.Errorf("agent enroll: parse response: %w", err)
|
|
}
|
|
if er.AgentToken == "" || er.HostID == "" {
|
|
return nil, fmt.Errorf("agent enroll: incomplete response: %+v", er)
|
|
}
|
|
return &er, nil
|
|
}
|