cli: add recover command #634
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
katexochen
force-pushed
the
p/recoveryapi
branch
from
e1f6ea4 to
20fd0ef
Compare
msanft
approved these changes
Jun 26, 2024
@msanft please take some time to familiarize yourself with the recovery logic. |
burgerdev
reviewed
Jun 26, 2024
cli/cmd/generate.go
Outdated
Comment on lines
408
to
421
| var publicKey []byte | ||
| switch block.Type { | ||
| case "PUBLIC KEY": | ||
| publicKey = block.Bytes | ||
| case "RSA PRIVATE KEY": | ||
| privateKey, err := x509.ParsePKCS1PrivateKey(block.Bytes) | ||
| if err != nil { | ||
| return fmt.Errorf("parsing RSA private key: %w", err) | ||
| } | ||
| publicKey = x509.MarshalPKCS1PublicKey(&privateKey.PublicKey) | ||
| default: | ||
| return fmt.Errorf("unsupported PEM block type: %s", block.Type) | ||
| } | ||
| manifst.SeedshareOwnerPubKeys = append(manifst.SeedshareOwnerPubKeys, manifest.NewHexString(publicKey)) |
There was a problem hiding this comment.
It would be good if we could use manifest.MarshalSeedShareOwnerKey so that we have a single place where algorithms are chosen.
There was a problem hiding this comment.
We should follow up and also move the workload owner key stuff into the manifest package.
katexochen
force-pushed
the
p/recoveryapi
branch
3 times, most recently
from
fd25872 to
d6b2606
Compare
davidweisse
reviewed
Jun 26, 2024
katexochen
force-pushed
the
p/recoveryapi
branch
from
fb3a70c to
1805b98
Compare
|
I think we don't need this anymore: recoveryapi.Port. |
katexochen
force-pushed
the
p/recoveryapi
branch
from
1805b98 to
40ea106
Compare
burgerdev
approved these changes
Jun 26, 2024
katexochen
force-pushed
the
p/recoveryapi
branch
from
40ea106 to
2624dac
Compare
Signed-off-by: Paul Meyer <[email protected]>
Signed-off-by: Paul Meyer <[email protected]>
katexochen
force-pushed
the
p/recoveryapi
branch
from
2624dac to
05df4dc
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This introduces a new command
recoverthat let's you recover the Coordinator state after a restart.https://docs.edgeless.systems/contrast/architecture/secrets