Skip to content

feat: generate jwt tokens from signing key#3969

Merged
sweatybridge merged 8 commits into
developfrom
push-key
Aug 15, 2025
Merged

feat: generate jwt tokens from signing key#3969
sweatybridge merged 8 commits into
developfrom
push-key

Conversation

@sweatybridge

@sweatybridge sweatybridge commented Aug 1, 2025

Copy link
Copy Markdown
Contributor

What kind of change does this PR introduce?

feature

What is the new behavior?

  • Generates local anon and service role keys from signing key.
  • Resolves only public keys when injecting to services.

Additional context

TODO:

  • handle multiple standby keys

@sweatybridge sweatybridge requested a review from a team as a code owner August 1, 2025 17:29
@coveralls

coveralls commented Aug 1, 2025

Copy link
Copy Markdown

Pull Request Test Coverage Report for Build 16976524820

Warning: This coverage report may be inaccurate.

This pull request's base commit is no longer the HEAD commit of its target branch. This means it includes changes from outside the original pull request, including, potentially, unrelated coverage changes.

Details

  • 11 of 13 (84.62%) changed or added relevant lines in 1 file are covered.
  • 391 unchanged lines in 14 files lost coverage.
  • Overall coverage decreased (-0.5%) to 54.808%

Changes Missing Coverage Covered Lines Changed/Added Lines %
internal/gen/signingkeys/signingkeys.go 11 13 84.62%
Files with Coverage Reduction New Missed Lines %
internal/storage/rm/rm.go 2 80.61%
internal/gen/keys/keys.go 5 12.9%
internal/branches/list/list.go 7 0.0%
internal/db/diff/pgschema.go 12 0.0%
internal/db/pull/pull.go 15 79.49%
internal/db/diff/diff.go 18 69.34%
cmd/root.go 21 0.0%
internal/branches/get/get.go 22 0.0%
internal/db/diff/migra.go 28 53.33%
internal/utils/flags/db_url.go 28 61.49%
Totals Coverage Status
Change from base Build 16677900504: -0.5%
Covered Lines: 6196
Relevant Lines: 11305

💛 - Coveralls

@hf

hf commented Aug 4, 2025

Copy link
Copy Markdown
Contributor

Pushing a signing key is OK but it should come with a huge warning that the security of the key relies on the security of the device and person making the push.

Comment thread pkg/config/apikeys.go Outdated
Comment thread pkg/config/apikeys.go
Comment thread pkg/config/apikeys.go Outdated
@sweatybridge sweatybridge changed the title feat: push signing keys to remote feat: generate jwt tokens from signing key Aug 12, 2025
@sweatybridge sweatybridge merged commit a29d61d into develop Aug 15, 2025
11 checks passed
@sweatybridge sweatybridge deleted the push-key branch August 15, 2025 03:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants