Floitsch/build artemis service.split.10#1236
Open
floitsch wants to merge 7 commits into
Open
Conversation
Introduce AdminBrokerCli interface for admin operations (org/profile/member management) previously handled by the separate ArtemisServerCli. The Supabase broker implements this interface directly. - Remove Artemis dependency from all CLI commands - Remove Artemis service image embedding from envelope customization - Make --broker flag on auth commands a hidden no-op for backward compat - Deprecate --artemis flag in config (warn but continue processing) - Gut sdk list command (data source removed with Artemis server) - Validate organization at fleet init time via broker when supported - Clean up dead CONFIG-ARTEMIS-DEFAULT-KEY reference in server-config docs: map existing codebase
…n checks Follow-up cleanup to commit 31a8a76 ("Remove separate Artemis server, consolidate operations through broker"). The interface split (BrokerCli / AdminBrokerCli) was sound but left structural artifacts. - Delete the orphan src/cli/artemis.toit (the Artemis class is no longer referenced anywhere). Move the live helpers get-artemis-container, service-path-in-repository, and the ARTEMIS-SERVICE-GIT-URL constant into src/cli/firmware.toit, where the only caller (customize-envelope in broker.toit) already imports from. Drop now-unused .artemis imports from broker.toit and service/run/simulate.toit. - Replace Broker.supports-admin + Broker.admin-connection with a single Broker.admin-connection-or-null -> AdminBrokerCli? accessor. Update the only supports-admin caller in fleet.toit. - Add with-admin-broker and broker-as-admin-or-null helpers in cmds/utils_.toit. Replace three duplicated 'is AdminBrokerCli' patterns: with-org-admin in cmds/org.toit, with-profile-admin in cmds/profile.toit, and the inline check in cmds/fleet.toit init. Also replace a secondary inline check in cmds/org.toit default-org. The src/cli/artemis_servers/ tree and the auth methods on BrokerCli remain for now: deletion is blocked on tests/artemis-server-test.toit which still drives ArtemisServerCli, and the auth restructuring requires a decision on how 'auth login' should behave against an HTTP broker that has no real auth.
Continues the cleanup of the broker/admin split started in commit b09895b. With this change, the BrokerCli interface no longer carries auth methods, and the legacy artemis_servers/ tree is gone. Test migration: - Replace tests/artemis-server-test.toit with tests/admin-broker-test.toit. The new test exercises AdminBrokerCli (which is what the consolidated broker exposes for admin operations) against Supabase only — the HTTP broker has no admin support, and the historical HTTP variant of the test no longer corresponds to a real code path. - Drop the notify-created admin-event test; that operation was removed during the original consolidation (31a8a76) and isn't in the new interface. - Register the new test under SUPABASE_ARTEMIS_TESTS in tests/CMakeLists.txt. Code: - Delete src/cli/artemis_servers/ entirely (the old ArtemisServerCli interface and its HTTP/Supabase implementations). - Move auth methods (sign-up, sign-in (both overloads), update, logout, ensure-authenticated) off BrokerCli. The interface no longer 'implements Authenticatable'. AdminBrokerCli now extends BrokerCli AND implements Authenticatable, since admin operations always need auth. - BrokerCliSupabase explicitly 'implements Authenticatable' as well — Supabase auth is needed for device-broker requests even when the instance has no organizations table. - Drop the five no-op auth stubs from brokers/http/base.toit. The HTTP broker no longer pretends to support auth. UX behavior preserved: - 'auth login' / 'auth signup' / 'auth update' / 'auth logout' against a non-Authenticatable broker emit an info message and exit successfully (matching the prior silent no-op for HTTP test brokers). - 'fleet login' follows the same pattern. - The Broker wrapper's lazy auth init skips ensure-authenticated for brokers that don't implement Authenticatable. Updated tests/broker-test.toit and tests/pod-registry-test.toit to cast to Authenticatable before calling auth methods (HTTP variant is a no-op; Supabase variant authenticates).
The patch-upload helpers (upload-trivial-patches, diff-and-upload, the static id and compute-applied-hash helpers) are used both when uploading a pod (so devices can pull trivial patches) and when rolling out an update (so devices can pull diff patches against their current firmware). Moving them out of broker.toit into a small dedicated module prepares for the upcoming PodStore extraction, where pod uploads need to trigger trivial patch uploads without dragging the rest of the broker god-object along. The new FirmwarePatchUploader is bound to a (broker, organization, server-config) triple at construction time and is reused via a lazy accessor on the Broker wrapper. No behavior change: callers still hit the broker's firmware bucket with the same patch IDs and cache keys.
Pod-registry operations (descriptions, entries, tags, parts, manifests) were 14 of the ~20 methods on the Broker wrapper class. They form a self-contained concern: a store of pods scoped to a (fleet, organization) pair. Pulling them out lets future implementations (filesystem-backed for git-managed fleets, HTTP-only for public release pages) plug in without touching the device-broker code. - New interface PodStore in src/cli/pod-store.toit. Moves UploadResult here too, and renames PodBroker -> PodInfo (the old name was misleading after extraction; it's a single pod's metadata, not a broker-of-pods). - New class BrokerPodStore in src/cli/brokers/broker-pod-store.toit implements PodStore by delegating to a BrokerCli plus a FirmwarePatchUploader (for the side-effect of pre-uploading trivial firmware patches when a pod is uploaded). - Broker wrapper exposes a lazy `pod-store -> BrokerPodStore` accessor and drops the 14 pod methods plus their UploadResult/PodBroker types. Net diff in broker.toit: -307 lines. - Fleet's pod-related methods (upload, download, list-pods, delete, add-tags, remove-tags, pod, get-pod-id, pod-exists) and the inline pod-entry/description lookup in `status` now go through broker.pod-store instead of broker. The fleet-id and organization-id parameters that used to thread through every pod-registry call are now constructor parameters of BrokerPodStore. This matches the pod-registry SQL schema, where (fleet_id, name) is a hard uniqueness constraint — not incidental plumbing. No behavior change: cache keys, broker requests, and CLI output are identical.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.