Verify agent id for agent token for receptive agents (!1720) · Merge requests · GitLab.org / cluster-integration / GitLab Agent for Kubernetes

Mikhail Mazurskiy requested to merge ash2k/receptive-check-id into master Aug 14, 2024

Please see kas->agentk communications support (!1547 - merged) for instructions how to set it up locally with GDK and test. One difference - because of Use proper oneof relationship for receptive age... (!1719 - merged), the config will look slightly differently:

response := &GetReceptiveAgentsResponse{
	Agents: []*ReceptiveAgent{
		{
			Id:  3,
			Url: "grpc://127.0.0.1:8082",
			AuthConfig: &ReceptiveAgent_Jwt{
				Jwt: &ReceptiveAgentJWTAuth{
					PrivateKey: "xmsx8F0hdcZekEQCrZukljF+/c0ySpO8hocwsgdP9Hc=",
				},
			},
		},
	},
}

For the above private key you can use this public key (same as in linked MR):

VxyWiODWg9ksJin2TJf1LS03wSfIRrv4Ae1zIWYrWt8=

I tested this locally and I got this with invalid ID:

{"time":"2024-08-14T19:20:17.647522+10:00","level":"WARN","msg":"GetConfiguration.Recv failed","error":"rpc error: code = Unauthenticated desc = provided agent token belongs to a different agent id"}
{"time":"2024-08-14T19:20:17.64973+10:00","level":"ERROR","msg":"Failed to register agent pod. Please make sure the agent version matches the server version","mod_name":"agent_registrar","error":"rpc error: code = Unauthenticated desc = provided agent token belongs to a different agent id"}

With the matching ID it works fine, as it should.

Verify agent id for agent token for receptive agents

Merge request reports