diff --git a/joinservice/internal/server/BUILD.bazel b/joinservice/internal/server/BUILD.bazel index eed06e663..7de188a54 100644 --- a/joinservice/internal/server/BUILD.bazel +++ b/joinservice/internal/server/BUILD.bazel @@ -18,6 +18,7 @@ go_library( "@org_golang_google_grpc//:grpc", "@org_golang_google_grpc//codes", "@org_golang_google_grpc//credentials", + "@org_golang_google_grpc//peer", "@org_golang_google_grpc//status", "@org_golang_x_crypto//ssh", ], diff --git a/joinservice/joinproto/join.pb.go b/joinservice/joinproto/join.pb.go index 9c8af76d7..02c45f9f0 100644 --- a/joinservice/joinproto/join.pb.go +++ b/joinservice/joinproto/join.pb.go @@ -99,6 +99,8 @@ type IssueJoinTicketResponse struct { KubernetesVersion string `protobuf:"bytes,9,opt,name=kubernetes_version,json=kubernetesVersion,proto3" json:"kubernetes_version,omitempty"` KubernetesComponents []*components.Component `protobuf:"bytes,10,rep,name=kubernetes_components,json=kubernetesComponents,proto3" json:"kubernetes_components,omitempty"` AuthorizedCaPublicKey []byte `protobuf:"bytes,11,opt,name=authorized_ca_public_key,json=authorizedCaPublicKey,proto3" json:"authorized_ca_public_key,omitempty"` + HostKey []byte `protobuf:"bytes,12,opt,name=host_key,json=hostKey,proto3" json:"host_key,omitempty"` + HostCertificate []byte `protobuf:"bytes,13,opt,name=host_certificate,json=hostCertificate,proto3" json:"host_certificate,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -210,6 +212,20 @@ func (x *IssueJoinTicketResponse) GetAuthorizedCaPublicKey() []byte { return nil } +func (x *IssueJoinTicketResponse) GetHostKey() []byte { + if x != nil { + return x.HostKey + } + return nil +} + +func (x *IssueJoinTicketResponse) GetHostCertificate() []byte { + if x != nil { + return x.HostCertificate + } + return nil +} + type ControlPlaneCertOrKey struct { state protoimpl.MessageState `protogen:"open.v1"` Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` @@ -366,7 +382,7 @@ const file_joinservice_joinproto_join_proto_rawDesc = "" + "\x16IssueJoinTicketRequest\x12\x1b\n" + "\tdisk_uuid\x18\x01 \x01(\tR\bdiskUuid\x12/\n" + "\x13certificate_request\x18\x02 \x01(\fR\x12certificateRequest\x12(\n" + - "\x10is_control_plane\x18\x03 \x01(\bR\x0eisControlPlane\"\xc7\x04\n" + + "\x10is_control_plane\x18\x03 \x01(\bR\x0eisControlPlane\"\x8d\x05\n" + "\x17IssueJoinTicketResponse\x12$\n" + "\x0estate_disk_key\x18\x01 \x01(\fR\fstateDiskKey\x12)\n" + "\x10measurement_salt\x18\x02 \x01(\fR\x0fmeasurementSalt\x12-\n" + @@ -379,7 +395,9 @@ const file_joinservice_joinproto_join_proto_rawDesc = "" + "\x12kubernetes_version\x18\t \x01(\tR\x11kubernetesVersion\x12J\n" + "\x15kubernetes_components\x18\n" + " \x03(\v2\x15.components.ComponentR\x14kubernetesComponents\x127\n" + - "\x18authorized_ca_public_key\x18\v \x01(\fR\x15authorizedCaPublicKey\"C\n" + + "\x18authorized_ca_public_key\x18\v \x01(\fR\x15authorizedCaPublicKey\x12\x19\n" + + "\bhost_key\x18\f \x01(\fR\ahostKey\x12)\n" + + "\x10host_certificate\x18\r \x01(\fR\x0fhostCertificate\"C\n" + "\x19control_plane_cert_or_key\x12\x12\n" + "\x04name\x18\x01 \x01(\tR\x04name\x12\x12\n" + "\x04data\x18\x02 \x01(\fR\x04data\"7\n" + diff --git a/joinservice/joinproto/join.proto b/joinservice/joinproto/join.proto index 89c40b8a0..87b26affa 100644 --- a/joinservice/joinproto/join.proto +++ b/joinservice/joinproto/join.proto @@ -47,6 +47,10 @@ message IssueJoinTicketResponse { repeated components.Component kubernetes_components = 10; // authorized_ca_public_key is an ssh ca key that can be used to connect to a node in case of an emergency. bytes authorized_ca_public_key = 11; + // host_key is the ssh host key that the node should use. + bytes host_key = 12; + // host_certificate is the certificate that can be used to verify a nodes host key. + bytes host_certificate = 13; } message control_plane_cert_or_key {