This commit changes the way CLI and grpc-gateway communicates with the
gRPC backend to socket, instead of localhost. Unauthenticated access now
goes on the socket, while the network interface will require API key (in
the future).
This commit sets up the API and gRPC endpoints and adds authentication
to them. Currently there is no actual authentication implemented but it
has been prepared for API keys.
In addition, there is a allow put in place for gRPC traffic over
localhost. This has two purposes:
1. grpc-gateway, which is the base of the API, connects to the gRPC
service over localhost.
2. We do not want to break current "on server" behaviour which allows
users to use the cli on the server without any fuzz
This does not have to be reviewed, here is some reasoning:
Go (and go mod) is designed for having code available and we need to
check in the generated code to make sure it is "go gettable". If we dont
we give ourselves a headache trying to setup all the ci, tests etc to
install and generate the code before it runs.
Because the code isnt there, the plugins needed to generate the code
fail to install...
I didnt find any good documentation for this, but there is this github
comment:
https://github.com/golang/go/issues/34514#issuecomment-535406759
This commit moves the TLS configuration into a seperate function.
It also wires up the gRPC interface and prepares handing the API
endpoints to the grpc gateway.
* when listing nodes, a namespace is now optional, when it is not
provided, all nodes are shown
* when deleting, and sharing a node, remove the `namespace` flag, it was
superfluous and unused
* when unsharing a node, specify the namespace as an argument not a
flag, making the UX the same as for sharing.
Also refactor the share/unshare code to reuse the shared bits.
Kristoffer Dalby
Ward Vandewege
Raal Goff
Ward Vandewege