mirrors/omni
1
0
Fork 0
mirror of https://github.com/siderolabs/omni.git synced 2026-04-17 22:11:42 +02:00
Code Issues Packages Projects Releases Wiki Activity
omni/internal/pkg/auth/context.go
Utku Ozdemir 590ea2e370
feat: add per-key creation and last-active tracking for service accounts 
Add creation timestamps and per-key last-active tracking to service account key listings. The `omnictl serviceaccount list` command now shows KEY CREATED and KEY LAST ACTIVE columns for each public key, alongside the existing SA-level LAST ACTIVE.

A new PublicKeyLastActive resource tracks per-key usage. The activity interceptor now extracts the signing key fingerprint from the auth context and records last-used timestamps per key, with independent debouncing. The ServiceAccountStatusController aggregates this data into the service account status for display.

A cleanup controller removes PublicKeyLastActive resources when their corresponding public key is torn down.

Closes: siderolabs/omni#2661
Signed-off-by: Utku Ozdemir <utku.ozdemir@siderolabs.com>
2026-04-14 21:12:30 +02:00

34 lines
1.2 KiB
Go
Raw Permalink Blame History

// Copyright (c) 2026 Sidero Labs, Inc.
//
// Use of this software is governed by the Business Source License
// included in the LICENSE file.
package auth
import (
"github.com/siderolabs/go-api-signature/pkg/message"
"github.com/siderolabs/omni/internal/pkg/auth/role"
)
// EnabledAuthContextKey is the context key for enabled authentication.
type EnabledAuthContextKey struct{ Enabled bool }
// GRPCMessageContextKey is the context key for the GRPC message. It is only set if authentication is enabled.
type GRPCMessageContextKey struct{ Message *message.GRPC }
// VerifiedEmailContextKey is the context key for the verified email address.
type VerifiedEmailContextKey struct{ Email string }
// UserIDContextKey is the context key for the user ID. Value has the type string.
type UserIDContextKey struct{ UserID string }
// RoleContextKey is the context key for the role. Value has the type role.Role.
type RoleContextKey struct{ Role role.Role }
// IdentityContextKey is the context key for the user identity.
type IdentityContextKey struct{ Identity string }
// FingerprintContextKey is the context key for the public key fingerprint used to sign the request.
type FingerprintContextKey struct{ Fingerprint string }
Reference in New Issue View Git Blame Copy Permalink