admin
a042316d6d
Stand up the felhom-agent project (module gitea.dooplex.hu/admin/felhom-agent, binary felhom-agent) and the internal/proxmox package: the typed library every other agent module calls to talk to Proxmox. - API-first Client (hand-rolled REST over net/http, PVEAPIToken auth) with typed read ops (version/nodes/status/lxc/config/storage) and async mutating ops (restore/vzdump/snapshot/rollback/delete-snapshot/setconfig/start/stop), each returning a UPID. WaitTask polls task status until stopped and asserts exitstatus OK (authz can surface at task exec, not the POST — phase1-2 §1.3). - Fenced Privileged (root-CLI) backend for the THREE proven exceptions only (keyctl pct create, USB mount/fstab, SMART/sensors); each cites why it can't be the API. Fence is structural (Client never shells out, Privileged never HTTPs) and asserted in routing_test.go. - TLS: SHA-256 leaf-cert pinning or CA file; insecure mode explicit + off by default. No blanket verification disable. - 403 -> privilege-named APIError; failed task -> privilege-named TaskError. - JSON config + env overrides (token never logged); slog logging. - cmd/felhom-agent --selftest (read-only health report) + gated --selftest=task (reversible snapshot/rollback/delete exercise of WaitTask). No daemon loop yet. - Types grounded in the spike findings and exact JSON shapes captured live from demo-felhom (PVE 9.2.2). Unit tests use a mock transport + runner. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
51 lines
1.2 KiB
Go
51 lines
1.2 KiB
Go
package proxmox
|
|
|
|
import (
|
|
"context"
|
|
"io"
|
|
"net/http"
|
|
"strings"
|
|
)
|
|
|
|
// mockDoer is an injectable HTTP transport for the API client. It records call
|
|
// count and routes each request to fn.
|
|
type mockDoer struct {
|
|
calls int
|
|
fn func(*http.Request) (*http.Response, error)
|
|
}
|
|
|
|
func (m *mockDoer) Do(r *http.Request) (*http.Response, error) {
|
|
m.calls++
|
|
return m.fn(r)
|
|
}
|
|
|
|
// jsonResp builds an HTTP response with a JSON body.
|
|
func jsonResp(code int, body string) *http.Response {
|
|
return &http.Response{
|
|
StatusCode: code,
|
|
Body: io.NopCloser(strings.NewReader(body)),
|
|
Header: http.Header{"Content-Type": []string{"application/json"}},
|
|
}
|
|
}
|
|
|
|
// newTestClient wraps a mockDoer in a Client (bypassing NewClient's real transport).
|
|
func newTestClient(d doer) *Client {
|
|
return &Client{base: "https://host:8006/api2/json", node: "demo-felhom", token: "u@pve!t=secret", http: d}
|
|
}
|
|
|
|
// mockRunner records privileged command invocations and returns canned output.
|
|
type mockRunner struct {
|
|
calls int
|
|
lastCmd string
|
|
lastArg []string
|
|
out []byte
|
|
err error
|
|
}
|
|
|
|
func (m *mockRunner) Run(_ context.Context, name string, args ...string) ([]byte, []byte, error) {
|
|
m.calls++
|
|
m.lastCmd = name
|
|
m.lastArg = args
|
|
return m.out, nil, m.err
|
|
}
|