Skip to content

feat(user): add SSH key management#338

Merged
retr0h merged 11 commits into
mainfrom
feat/ssh-key-management
Apr 1, 2026
Merged

feat(user): add SSH key management#338
retr0h merged 11 commits into
mainfrom
feat/ssh-key-management

Conversation

@retr0h

@retr0h retr0h commented Apr 1, 2026
edited
Loading

Copy link
Copy Markdown
Collaborator

Summary

  • Add SSH authorized key management to the existing user provider
  • Three new operations: list keys, add key, remove key by fingerprint
  • Operates on ~/.ssh/authorized_keys for any system user
  • Nested under existing user endpoints: /node/{hostname}/user/{name}/ssh-key
  • Reuses existing user:read/user:write permissions — no new permissions
  • No state tracking — OSAPI manages any key regardless of who added it
  • Idempotent: AddKey returns changed: false if fingerprint already present

Test plan

  • Unit tests pass (just go::unit)
  • Lint clean (just go::vet)
  • 100% coverage on all new code
  • Verify on Debian host: osapi client node user ssh-key list --target _any --name root
  • Verify add: osapi client node user ssh-key add --target _any --name testuser --key "ssh-ed25519 AAAA... test"
  • Verify remove by fingerprint
  • Verify idempotent add (same key twice → changed: false)
  • Verify --json output for all commands
  • Verify broadcast: --target _all

🤖 Generated with Claude Code

retr0h and others added 11 commits April 1, 2026 10:44
@retr0h @claude
docs: add SSH key management provider design spec
2a6ac93 
Co-Authored-By: Claude <noreply@anthropic.com>
@retr0h @claude
docs: add SSH key management implementation plan
e436ffd 
Co-Authored-By: Claude <noreply@anthropic.com>
@retr0h @claude
feat(user): add SSH key management to user provider
6c33b9d 
Add ListKeys, AddKey, and RemoveKey methods to the user Provider
interface for managing SSH authorized_keys files. Includes Debian
implementation with fingerprint-based idempotency, Darwin/Linux
ErrUnsupported stubs, regenerated mocks, and 100% test coverage.

🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
@retr0h @claude
feat(user): add SSH key operations and agent processor
b6e5541 
Add SSH key operation constants (list, add, remove) to the SDK and job
packages, create the agent processor to dispatch SSH key sub-operations
via the existing user provider, and wire the new "sshKey" case into
the node processor. All functions have 100% test coverage.

🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
@retr0h @claude
feat(user): add SSH key endpoints to OpenAPI spec
b05f316 
Add GET/POST /node/{hostname}/user/{name}/ssh-key and
DELETE /node/{hostname}/user/{name}/ssh-key/{fingerprint}
endpoints to the user OpenAPI spec. Regenerate server code,
combined spec, SDK client, and docs. Include stub handler
methods so the project compiles (implementation in Task 5).

🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
@retr0h @claude
feat(user): add SSH key API handlers with broadcast support
ec61858 
Replace stub SSH key handlers with full implementations for list,
add, and remove operations. Each handler supports single-target and
broadcast routing with proper validation, skipped/failed status
handling, and comprehensive test coverage (unit, HTTP wiring, RBAC).

🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
@retr0h @claude
feat(user): add SSH key SDK methods with tests
2b352e0 
Add ListKeys, AddKey, and RemoveKey methods to UserService with
SSH key types, gen-to-SDK conversion functions, export bridges,
and full httptest coverage for all status code paths.

🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
@retr0h @claude
feat(user): add SSH key CLI commands
f46f055 
Add ssh-key subcommand under user with list, add, and remove
operations for managing SSH authorized keys.

🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
@retr0h @claude
docs: add SSH key management to user docs and SDK example
6c8b7ad 
Co-Authored-By: Claude <noreply@anthropic.com>
@retr0h @claude
refactor(user): fix SSH naming convention (Ssh → SSH)
b4f4dc5 
Fix Go naming convention violations flagged by revive linter.
OpenAPI operationIds changed from SshKey to SSHKey, then
regenerated all code and updated Go identifiers across handlers,
processors, CLI commands, SDK client, and tests.

🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
@retr0h @claude
chore: fix docs formatting
ebf5316 
Co-Authored-By: Claude <noreply@anthropic.com>
@codecov

codecov Bot commented Apr 1, 2026
edited
Loading

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.

Impacted file tree graph

@@           Coverage Diff            @@
##             main     #338    +/-   ##
========================================
  Coverage   99.89%   99.90%            
========================================
  Files         410      415     +5     
  Lines       18979    19569   +590     
========================================
+ Hits        18960    19550   +590     
  Misses         11       11            
  Partials        8        8
Files with missing lines Coverage Δ
internal/agent/processor.go 100.00% <100.00%> (ø)
internal/agent/processor_ssh_key.go 100.00% <100.00%> (ø)
...nternal/controller/api/node/user/ssh_key_create.go 100.00% <100.00%> (ø)
...nternal/controller/api/node/user/ssh_key_delete.go 100.00% <100.00%> (ø)
...ernal/controller/api/node/user/ssh_key_list_get.go 100.00% <100.00%> (ø)
internal/provider/node/user/darwin.go 100.00% <100.00%> (ø)
internal/provider/node/user/debian_ssh_key.go 100.00% <100.00%> (ø)
internal/provider/node/user/linux.go 100.00% <100.00%> (ø)
pkg/sdk/client/user.go 100.00% <100.00%> (ø)
pkg/sdk/client/user_types.go 100.00% <100.00%> (ø)

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 84198cf...ebf5316. Read the comment docs.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@retr0h retr0h merged commit 45d9764 into main Apr 1, 2026
11 checks passed
@retr0h retr0h deleted the feat/ssh-key-management branch April 1, 2026 19:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

kind/docs kind/go kind/yaml test/unit

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@retr0h