This change adds the following:
- Space UID + Custom harness validation (accountId for top level space, harness identifier for child spaces)
- Repo UID + Custom harness validation (harness identifier)
- Store Unique casing of space / repo path and add Path.ValueUnique (with Unique index) to allow for application layer controlling the case sensitivity (case insensitive standalone vs partially case sensitive harness)
- Token UID (unique index over ownertype + ownerID + tokenUID)
- Add DisplayName for principals (replaces Name to avoid confustion)
- Store Unique casing of principal UID and add Principal.ValueUnique (with unique index) to allow for application layer, per principal type control of case sensitivity (required in embedded mode)
- Generate serviceAccount UID (+Email) Randomly (sa-{space|repo}-{ID}-{random}) - Allows to have a unique UID across all principals while reducing likelyhood of overlaps with users + avoid overlap across spaces / repos.
- Sync casing of space names (accountId orgId projectId) when creating spaces on the fly (to ensure case sensitivity of - harness code) or use the existing space to update casing.
- Update serviceaccount client to match updated NG Manager API
- in embedded mode create spaces for harness resources owning the service account
Adds an EOF flag to data chunks to avoid using []byte("EOF") as end (due to potential false positives).
Furthermore, a few cleanups are done:
- Add TODOs for initial git changes
- Add missing file headers
- Fix typo for license (was licence)
- Fix make wire target
Adds the basic for harness embedded mode:
- Harness dedicated router with custom APIHandler
- Inline Space Creation
- Client for Account/Org/Project
- Bootstrap (Allows for automated creation of admin user and gitness service (used for all platform required ops))
- Inline harness service principal creation
- Ignore flag for ACL.
Simplify the router code by removing the translator. Now that we have Api/Git/WebHandler interfaces, they can be wrapped in handlers to do any custom request translation.
Preparing the support for harness specific API router + http handler, which allows us to have complete control over the rest api naming and functionality, without having to do complex path rewrites or request / reponse rewrites inline.
This change adds the initial stepping stones for harness integration:
- Authentication: JWT/PAT/SAT support
- Authorization: ACL integration (acl currently denies requests as gitness hasn't been integrated yet)
- Remote Clients for Token, User, ServiceAccount, ACL
- User Integration: Syncs harness users during authentication if unknown
- SA integration: syncs harness service accounts during authentication if unknown
- Initial harness API: THIS WILL BE CHANGED IN THE FUTURE!
- single harness subpackage (all marked with harness build flag)
- harness & standalone wire + make build commands
