support project api key instead of user key for packet

patrickdevivo · patrickdevivo · commit 020934335502 · 2018-05-22T17:32:20.000-07:00
diff --git a/auth.go b/auth.go
@@ -13,12 +13,11 @@ type PacketAuth struct {
 
 // Verify that a given Auth payload has access to a Packet account
 func (p *PacketAuth) Verify() bool {
-	client := packet.NewClientWithAuth("", p.Payload, nil)
-	user, _, err := client.Users.Current()
+	projectID, err := GetPacketProjectFromAuthPayload(p.Payload)
 	if err != nil {
 		return false
 	}
-	return user.ID != ""
+	return projectID != ""
 }
 
 // CanManageInstance verifies that the passed in authentication can manage the specified instance, if it's a Packet instance
diff --git a/main.go b/main.go
@@ -87,10 +87,6 @@ func main() {
 		log.Fatalf("CONSUL_ENCRYPT env not provided")
 	}
 
-	if PacketProjectID == "" {
-		log.Fatalf("PACKET_PROJECT_ID env not provided")
-	}
-
 	consulCli, err := consul.NewClient(consulClientConfig)
 	if err != nil {
 		log.Fatalf("failed to setup consul client on gRPC server")
diff --git a/packet.go b/packet.go
@@ -4,7 +4,6 @@ import (
 	"encoding/json"
 	"errors"
 	"io/ioutil"
-	"os"
 
 	"github.com/google/uuid"
 	consul "github.com/hashicorp/consul/api"
@@ -13,10 +12,20 @@ import (
 	packet "github.com/packethost/packngo"
 )
 
-var (
-	// PacketProjectID is the packet project id where instances should be created. Figure this out...
-	PacketProjectID = os.Getenv("PACKET_PROJECT_ID")
-)
+// GetPacketProjectFromAuthPayload returns the Packet project of a project level API key
+func GetPacketProjectFromAuthPayload(auth string) (string, error) {
+	packetClient := packet.NewClientWithAuth("", auth, nil)
+	var project map[string]interface{}
+	_, err := packetClient.DoRequest("GET", "/project", "", &project)
+	if err != nil {
+		return "", err
+	}
+	projectID, ok := project["id"]
+	if !ok {
+		return "", errors.New("problem verifying project from auth")
+	}
+	return projectID.(string), nil
+}
 
 // GetPacketInstance gets an instance by ID
 func GetPacketInstance(consulClient *consul.Client, in *pb.GetInstanceRequest) (*pb.Instance, error) {
@@ -38,14 +47,12 @@ func CreatePacketInstance(consulClient *consul.Client, in *pb.CreateInstanceRequ
 	id := uuid.New()
 
 	packetClient := packet.NewClientWithAuth("", in.Auth.Payload, nil)
-	_, _, err := packetClient.Users.Current()
+
+	projID, err := GetPacketProjectFromAuthPayload(in.Auth.Payload)
 	if err != nil {
 		return nil, err
 	}
 
-	// TODO: figure this out...
-	projID := PacketProjectID
-
 	instance, err := instance.CreateInstance(consulClient, instance.CreateInstanceRequest{
 		ID:       id.String(),
 		Owner:    projID,
@@ -88,7 +95,7 @@ func CreatePacketInstance(consulClient *consul.Client, in *pb.CreateInstanceRequ
 		Hostname:     "open-copilot-instance-" + id.String(),
 		ProjectID:    projID,
 		Facility:     "ewr1",
-		Plan:         "baremetal_2",
+		Plan:         "baremetal_1",
 		OS:           "ubuntu_16_04",
 		BillingCycle: "hourly",
 		CustomData:   string(customDataJSON),

Original file line number	Diff line number	Diff line change
`@@ -13,12 +13,11 @@ type PacketAuth struct {`
`13`	`13`
`14`	`14`	`// Verify that a given Auth payload has access to a Packet account`
`15`	`15`	`func (p *PacketAuth) Verify() bool {`
`16`		`- client := packet.NewClientWithAuth("", p.Payload, nil)`
`17`		`- user, _, err := client.Users.Current()`
	`16`	`+ projectID, err := GetPacketProjectFromAuthPayload(p.Payload)`
`18`	`17`	`if err != nil {`
`19`	`18`	`return false`
`20`	`19`	`}`
`21`		`- return user.ID != ""`
	`20`	`+ return projectID != ""`
`22`	`21`	`}`
`23`	`22`
`24`	`23`	`// CanManageInstance verifies that the passed in authentication can manage the specified instance, if it's a Packet instance`