search

tenzir / public-roadmap

The public roadmap of Tenzir
https://docs.tenzir.com/roadmap
4 stars 0 forks source link

Tenzir Token #95

Open dominiklohmann opened 1 year ago

dominiklohmann commented 1 year ago

To connect a node to the platform we currently deploy a YAML configuration that looks like this:

control-endpoint: wss://ws.tenzir.app/production
api-key: j_UGRfOUycV-mfkx2i4MG68phHegxfgXD3dv2gIiXK0
tenant-id: t-9yozslno

We'd like to make a few changes to this to make logging into the app easier.

  1. In the configuration, we want to combine the three options into a single tenzir.token option. This can, for example, be a base64-encoded version of <tenant-id>:<api-key>[:<control-endpoint>], omitting the control endpoint for production deployments for brevity in most tokens. We have a few options here that we should discuss.

  2. In the node, we want to persist this into the platform plugin's state. If no token is provided, we load the token from the state if it exists.

  3. For the command-line, we would like to add a login <token> operator that writes the state, logging the user into the app.

  4. When registering a node, we want to update the instructions so that the user just needs to run TENZIR_TOKEN=<token> curl https://get.tenzir.app | sh, with the token pre-filled in the user interface.

  5. Optional: When using login without a token, show a link to the user at which they can log in via OIDC, select a workspace to connect the node to, and store the generated token in the state.

### Stories
lava commented 1 year ago

Previous discussion: https://github.com/tenzir/issues/issues/581