Implement Heimdall auth changes (api token storage, SSE endpoints) and a huge refactor#11
Merged
NicoBiernat merged 11 commits intomainfrom Mar 17, 2025
Merged
Implement Heimdall auth changes (api token storage, SSE endpoints) and a huge refactor#11NicoBiernat merged 11 commits intomainfrom
NicoBiernat merged 11 commits intomainfrom
Conversation
…, rework snapshotting, refactor resource API and more
…ctories from leaves)
… close-messages and add TODO
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Rework the HeimdallAuth implementation. We no longer use Redis to share API Tokens and Roles between Heimdall and Beacon.
Beacon queries auth data on demand from Heimdall and caches the data for fast access. The server-sent-events (SSE) connection is kept-alive and Beacon receives updates to the auth data. A closed connection invalidates the provided auth data and ensures that we try to send a new request. It also ensures that a network problem or downtime does not cause users to authenticated for longer than they should be.
Also refactored a huge part of the codebase. There is still a lot to do though.
The biggest changes were to "generify" the resource and directory interfaces and implementations.
Also moved all config options into config.go for easy overview of available options.