feat: register RHEL VM at startup #188
Conversation
feloy
force-pushed
the
feat-132/register-vm-at-creation-time
branch
from
7135466 to
c4a8a27
Compare
feloy
force-pushed
the
feat-132/register-vm-at-creation-time
branch
from
c4a8a27 to
593db4a
Compare
| }; | ||
| } | ||
|
|
||
| export function parseJwt(token: string): JwtToken { |
There was a problem hiding this comment.
Was reading https://stackoverflow.com/questions/38552003/how-to-decode-jwt-token-in-javascript-without-using-a-library and was questionning why it is so complicated ?
Moreover, this does not validate the JWT token, this is a just here to extract the body, without any validation
There was a problem hiding this comment.
I copied this code from https://github.com/redhat-developer/podman-desktop-redhat-account-ext/blob/main/src/extension.ts#L54, as the usage is very similar.
I understand that the token has been already validated by the auth process, and we don't need to validate it again. @dgolovin WDYT?
There was a problem hiding this comment.
Never finished on my MacOS:
11:25:06 [main] [Info - 09:25:06.982] Logging in https://sso.redhat.com/auth/realms/redhat-external/...
11:25:07 [main] [Info - 09:25:07.56] Configuring redhat-account-auth {auth: https://sso.redhat.com/auth/realms/redhat-external/, api: https://api.openshift.com}
11:25:07 [main] [redhat-authentication] Received /signin
11:25:07 [main] [redhat-authentication] https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/auth?client_id=podman-desktop&scope=openid%20id.username%20email%20api.console%20api.iam.registry_service_accounts&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A62945%2Fsso-redhat-callback&resource=https%3A%2F%2Fapi.openshift.com&code_challenge=E4xjMzD21phRRLtAkZzmpAFEqJNCFJMzMr91dx6TOs&code_challenge_method=S256&nonce=oNyM4o0UYiAalAmtYsxaMoIsAeN-IVnlVZ0Y82hZOY
11:25:24 [main] [redhat-authentication] Received /sso-redhat-callback
11:25:48 [main] [Info - 09:25:48.904] Login successful
11:25:48 [main] [Info - 09:25:48.905] Token available from cache, expires in 876466 milliseconds
11:25:48 [main] [Info - 09:25:48.906] Token available from cache, expires in 876465 milliseconds
11:25:48 [main] [Info - 09:25:48.913] Token available from cache, expires in 876458 milliseconds
11:25:48 [main] [Info - 09:25:48.928] Token available from cache, expires in 876443 milliseconds
11:25:48 [main] [redhat-authentication] Received /
11:25:48 [main] [redhat-authentication] Received /auth.css
11:25:49 [main] [redhat-authentication] Received /favicon.ico
11:25:51 [main] [redhat-authentication] Registry already registered, skipping registration
11:25:51 [main] [Info - 09:25:51.259] Token available from cache, expires in 874112 milliseconds
11:25:51 [main] [redhat-authentication] Executing podman command: machine ssh podman-machine-default sudo subscription-manager
11:25:52 [main] [24014:0626/112552.264003:ERROR:chrome/browser/process_singleton_posix.cc:740] Invalid socket message (wrong length):
11:25:52 [main] url podman-desktop:// does not start with podman-desktop:extension/, skipping.
11:25:52 [main] [redhat-authentication] Executing podman command: machine ssh podman-machine-default sudo subscription-manager status
11:25:53 [main] [redhat-authentication] Subscription manager subscription activation check returned exit code: 1
11:25:53 [main] [redhat-authentication] Executing podman command: machine ssh podman-machine-default sudo mkdir -p /etc/rhsm/facts/ && printf '{\n "supported_architectures": "aarch64,x86_64"
}\n' | sudo tee /etc/rhsm/facts/podman-desktop-redhat-account-ext.facts
11:25:53 [main] [Info - 09:25:53.675] Token available from cache, expires in 871696 milliseconds
11:25:54 [main] [redhat-authentication] Executing podman command: machine ssh podman-machine-default sudo subscription-manager register --force --activationkey podman-desktop --org 7918758
Then after a while I got:
|
it seems that the wrong macadam binary is used (the signature of the |
Yes removed the old version of macadam it is now better. I think we should detect this use case |
Add an option to register a VM at creation time (true by default).
If selected, the
subscription-managercommand will be called in the VM (through SSH) to register the VMTo check that the VM is correctly registered, you can run in the terminal:
Fixes #132