josh
9bb4b09a04
CI / Lint + build + test (push) Has been cancelled
Post-repair hardware validation pipeline for Proxmox cluster hosts. Go orchestrator + in-image agent + mkosi live image + bundled dnsmasq PXE + SQLite + HTMX/SSE UI + notify registry + janitor + full docs.
27 lines
678 B
Go
27 lines
678 B
Go
package orchestrator
|
|
|
|
import (
|
|
"crypto/rand"
|
|
"crypto/sha256"
|
|
"encoding/hex"
|
|
"fmt"
|
|
)
|
|
|
|
// IssueRunToken returns (plaintext, hashHex). The plaintext is passed
|
|
// to the host via the iPXE kernel cmdline; the hash is persisted in the
|
|
// runs table for later constant-time comparison.
|
|
func IssueRunToken() (string, string, error) {
|
|
b := make([]byte, 32)
|
|
if _, err := rand.Read(b); err != nil {
|
|
return "", "", fmt.Errorf("random: %w", err)
|
|
}
|
|
plain := hex.EncodeToString(b)
|
|
sum := sha256.Sum256([]byte(plain))
|
|
return plain, hex.EncodeToString(sum[:]), nil
|
|
}
|
|
|
|
func HashRunToken(plain string) string {
|
|
sum := sha256.Sum256([]byte(plain))
|
|
return hex.EncodeToString(sum[:])
|
|
}
|