cluster/prodvider: emit crdb certs This emits short-lived user credentials for a `dev-user` in crdb-waw1 any time someone prodaccesses. Change-Id: I0266a05c1f02225d762cfd2ca61976af0658639d

commit: 02e1598eb3f7d4441b1f47892f7e073bccc5ca35 [log] [tgz]
author: Serge Bazanski <q3k@hackerspace.pl> Wed Mar 17 22:39:00 2021 +0000
committer: q3k <q3k@hackerspace.pl> Wed May 19 22:13:22 2021 +0000
tree: 70f31bd45dc0ab0ba47c0ad1f2351db0ec188aed
parent: bade46d45f2c37a3b66d2c0642d5e6a3f626ce73 [diff] [blame]
diff --git a/cluster/prodvider/proto/prodvider.proto b/cluster/prodvider/proto/prodvider.proto
index ba5bf9d..3987f9a 100644
--- a/cluster/prodvider/proto/prodvider.proto
+++ b/cluster/prodvider/proto/prodvider.proto

@@ -16,6 +16,7 @@
     Result result = 1;
     KubernetesKeys kubernetes_keys = 2;
     HSPKIKeys hspki_keys = 3;
+    CockroachDBKeys crdb_keys = 4;
 }
 
 message KubernetesKeys {
@@ -32,6 +33,17 @@
     string principal = 4;
 }
 
+message CockroachDBKeys {
+    message Cluster {
+        string name = 1;
+        bytes ca = 2;
+        bytes cert = 3;
+        bytes key = 4;
+        string username = 5;
+    }
+    repeated Cluster clusters = 2;
+}
+
 service Prodvider {
     rpc Authenticate(AuthenticateRequest) returns (AuthenticateResponse);
 }
commit	02e1598eb3f7d4441b1f47892f7e073bccc5ca35	[log] [tgz]
author	Serge Bazanski <q3k@hackerspace.pl>	Wed Mar 17 22:39:00 2021 +0000
committer	q3k <q3k@hackerspace.pl>	Wed May 19 22:13:22 2021 +0000
tree	70f31bd45dc0ab0ba47c0ad1f2351db0ec188aed
parent	bade46d45f2c37a3b66d2c0642d5e6a3f626ce73 [diff] [blame]