Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / 39d9c24f7167eb853aed0e1865ef8b187adf5bba^! / . / metropolis / node / core / consensus / status.go
commit39d9c24f7167eb853aed0e1865ef8b187adf5bba[log] [tgz]
authorJan Schär <jan@monogon.tech>Tue Sep 24 13:49:55 2024 +0200
committerJan Schär <jan@monogon.tech>Thu Sep 26 11:44:09 2024 +0000
treedc8229e272c2f78eac56bdf4fde135809444f255
parent8d82f8d261b14b73385ba66e44279c53bb9fef13 [diff] [blame]
metropolis: reduce usage of identity.NodeID

Eventually, we want to be able to rotate node keypairs. To allow this,
the node ID needs to become independent of the public key. This change
is a refactoring which starts this work by reducing the usage of
identity.NodeID, the function which derives a node ID from a public key.

Change-Id: I5231ed0a7be37c23327fec93481b00c74374af07
Reviewed-on: https://review.monogon.dev/c/monogon/+/3445
Tested-by: Jenkins CI
Reviewed-by: Lorenz Brun <lorenz@monogon.tech>

diff --git a/metropolis/node/core/consensus/status.go b/metropolis/node/core/consensus/status.go
index ee3efbc..40988e5 100644
--- a/metropolis/node/core/consensus/status.go
+++ b/metropolis/node/core/consensus/status.go

@@ -12,7 +12,6 @@
 
 	"source.monogon.dev/metropolis/node"
 	"source.monogon.dev/metropolis/node/core/consensus/client"
-	"source.monogon.dev/metropolis/node/core/identity"
 	"source.monogon.dev/osbase/event"
 	"source.monogon.dev/osbase/pki"
 )
@@ -87,19 +86,18 @@
 	return s.cl
 }
 
-// AddNode creates a new consensus member corresponding to a given Ed25519 node
-// public key if one does not yet exist. The member will at first be marked as a
+// AddNode creates a new consensus member corresponding to a given node ID
+// if one does not yet exist. The member will at first be marked as a
 // Learner, ensuring it does not take part in quorum until it has finished
 // catching up to the state of the etcd store. As it does, the autopromoter will
 // turn it into a 'full' node and it will start taking part in the quorum and be
 // able to perform all etcd operations.
-func (s *Status) AddNode(ctx context.Context, pk ed25519.PublicKey, opts ...*AddNodeOption) (*JoinCluster, error) {
+func (s *Status) AddNode(ctx context.Context, nodeID string, pk ed25519.PublicKey, opts ...*AddNodeOption) (*JoinCluster, error) {
 	clPKI, err := s.pkiClient()
 	if err != nil {
 		return nil, err
 	}
 
-	nodeID := identity.NodeID(pk)
 	var extraNames []string
 	name := nodeID
 	port := int(node.ConsensusPort)
@@ -117,7 +115,7 @@
 		Name:      nodeID,
 		Namespace: &pkiNamespace,
 		Issuer:    s.ca,
-		Template:  pkiPeerCertificate(pk, extraNames),
+		Template:  pkiPeerCertificate(nodeID, extraNames),
 		Mode:      pki.CertificateExternal,
 		PublicKey: pk,
 	}