[infra-proxy-service] reset node client key, create client & delete client API

[kvivek1115]

🔩 Description: What code changed, and why?

• Added changes to cover create client https://docs.chef.io/server/api_chef_server/#post-5
• Added changes to cover delete client https://docs.chef.io/server/api_chef_server/#delete-4
• In order to reset the key first delete the key using https://docs.chef.io/server/api_chef_server/#delete-5 then added the key using https://docs.chef.io/server/api_chef_server/#post-6

⛓️ Related Resources

• Fixes: [infra-proxy-service] API to node reset key #4534

👍 Definition of Done

• Infra proxy service is now able to respond create client, delete client and reset client chef server APIs.

👟 How to Build and Test the Change

• rebuild components/infra-proxy-service
• rebuild components/automate-gateway

Steps to test:

• To add data using 3rd internal steps https://github.com/chef/automate/blob/master/dev-docs/adding-data/adding_test_data.md#adding-data-to-infra-views

Client detail API with appended default key data:

curl -sSkH "api-token: $(get_admin_token)" https://a2-dev.test/api/v0/infra/servers/chef-server-dev-test/orgs/chef-org-dev/clients/rhsm-rhel8?pretty
{
  "name": "rhsm-rhel8",
  "client_name": "rhsm-rhel8",
  "org_name": "4thcoffee",
  "validator": false,
  "json_class": "Chef::ApiClient",
  "chef_type": "client",
  "client_key": {
    "name": "default",
    "public_key": "-----BEGIN PUBLIC KEY-----...-----END PUBLIC KEY-----\n",
    "expiration_date": "infinity"
  }
}

Create Client API

curl -sSkH "api-token: $(get_admin_token)" -X POST https://a2-dev.test/api/v0/infra/servers/chef-server-dev-test/orgs/chef-org-dev/clients?pretty -d '{"name": "abctes6t", "create_key": true}'
{
  "name": "abctes6t",
  "client_key": {
    "name": "default",
    "public_key": "-----BEGIN PUBLIC KEY-----...-----END PUBLIC KEY-----\n\n",
    "expiration_date": "infinity",
    "private_key": "-----BEGIN RSA PRIVATE KEY-----...-----END RSA PRIVATE KEY-----"
  }
}

Delete Client API

curl -sSkH "api-token: $(get_admin_token)" -X DELETE https://a2-dev.test/api/v0/infra/servers/chef-server-dev-test/orgs/chef-org-dev/clients/abctes6t?pretty                                              
{
  "name": "abctes6t",
  "client_name": "",
  "org_name": "",
  "validator": false,
  "json_class": "",
  "chef_type": ""
}

Reset Client Key API

curl -sSkH "api-token: $(get_admin_token)" -X PUT https://a2-dev.test/api/v0/infra/servers/chef-server-dev-test/orgs/chef-org-dev/clients/node2/reset?pretty
{
  "name": "default",
  "public_key": "",
  "expiration_date": "",
  "private_key": "-----BEGIN RSA PRIVATE KEY-----...-----END RSA PRIVATE KEY-----"

✅ Checklist

• I have read the CONTRIBUTING document.
• Tests added/updated?
• Docs added/updated?
• All commits have been signed-off for the Developer Certification of Origin.

📷 Screenshots, if applicable

Signed-off-by: Vivek Singh [email protected]

[netlify]

Deploy preview for chef-automate processing.

Building with commit 929d43d

https://app.netlify.com/sites/chef-automate/deploys/6024a0efed69810007630c19

[shaik80]

Facing some trouble in Create Client API
{
“error”: “no server found with ID \“chef-server-dev-test\“”,
“code”: 5,
“message”: “no server found with ID \“chef-server-dev-test\“”,
“details”: [
]
}

[kvivek1115]

@shaik80 hope you have added the chef-server entry provided in the "Steps to test".

Could you please verify with providing the output of:

curl -sSkH "api-token: $(get_admin_token)" https://a2-dev.test/api/v0/infra/servers/chef-server-dev-test?pretty

[kvivek1115]

Updated the client detail API containing public key data:

curl -sSkH "api-token: $(get_admin_token)" https://a2-dev.test/api/v0/infra/servers/chef-server-dev-test/orgs/chef-org-dev/clients/rhsm-rhel8?pretty
{
  "name": "rhsm-rhel8",
  "client_name": "rhsm-rhel8",
  "org_name": "4thcoffee",
  "validator": false,
  "json_class": "Chef::ApiClient",
  "chef_type": "client",
  "client_key": {
    "name": "default",
    "public_key": "-----BEGIN PUBLIC KEY-----...-----END PUBLIC KEY-----\n",
    "expiration_date": "infinity"
  }
}

[punitmundra]

check the other proto file, in case of get/update/delete this policy has differerent way to handle.
option (chef.automate.api.iam.policy).action = "infra:infraServers:delete";

[kvivek1115]

@punitmundra, here we handled it differently, in all action only get & update for all third-level objects like chef server >> chef organizations >> cookbooks| roles| clients | data bags etc.

Please check the detailed discussion in PR #3550

[punitmundra]

fine

[punitmundra]

make the proper alinement

[kvivek1115]

I guess alignment looks okay here, any specific ask?

[msorens]

It looks OK in some editors and it looks wrong in some editors--that is because you are mixing spaces and tabs. Please change to all spaces.
(This applies to several files.)

[kvivek1115]

Yeah, Due to some misconfiguration in my local VSCode. Have fixes for some files, will keep it for future in relevant files.
Thanks!

[punitmundra]

make proper formatting

[kvivek1115]

Ignore if the key already got deleted

[punitmundra]

I have test the code locally and it gives the output as expected.

[punitmundra]

fine

[msorens]

It looks OK in some editors and it looks wrong in some editors--that is because you are mixing spaces and tabs. Please change to all spaces.
(This applies to several files.)

[msorens]

Suggested change

	// ResetClientKey resets an infra client
	// ResetClientKey resets an infra client key

Also, could we explain what it means to reset a client key.

[msorens]

Still: what does it mean to "reset a client key"? Does that mean set the key to null? ...to empty string? ...to a random string? or something else.

[kvivek1115]

In chef infra context, resetting the client key, deletes the associated key pair and generates new key pair again, and then attached it to the client.

[msorens]

OK. That should be in the code comment, too.

[kvivek1115]

@msorens have made the tabs to spaces changes it due to vscode issue microsoft/vscode-go#2871 good to review it again.

[msorens]

Suggested change

	// Deletes the associated key pair and generates new key pair again, and then attached it to the client.
	// Deletes the associated key pair and generates new key pair again, and then attaches it to the client.