git-echo/linux_patch_api
Private
Public Access
1
0
Fork 0
Code Releases 32 Wiki Activity
Files
0cc752ff3e907f9a86efb621f3567142b9d5dfa5
linux_patch_api/tasks/todo.md
git-echo 1322598581 feat: add auto-enrollment, cert validation, and crash loop fixes 
- Auto-enrollment on startup when certs are missing/invalid and enrollment.manager_url configured
- Certificate validation (existence, parse, expiry, key match, CA trust)
- --enroll exits after completion (no port conflict with systemd service)
- --renew-certs flag for manual cert renewal
- SO_REUSEADDR on TcpListener::bind (prevents Address already in use)
- Polling token persistence for enrollment resume after restart
- Exit code strategy (0=clean, 1=error, 2=enrollment in progress)
- HTTP 409 (host already exists) handling during enrollment
- Move 'Listening on' log after actual bind
- Increase RestartSec to 10s and add StartLimitBurst=5
- Postinst checks for certs and enrollment URL, prints guidance
- EnrollmentConfig.manager_url changed to Option<String>
- cert_renewal_threshold_days and polling_token config fields
- Updated SPEC.md and DEPLOYMENT_GUIDE.md with new workflow
- RCA document for crash loop root cause analysis
- Version bumped to 1.2.0
2026-05-29 10:44:42 -05:00

2.0 KiB
Raw Blame History

Auto-Enrollment Implementation Plan

Overview

Implement auto-enrollment workflow so the agent self-heals when certs are missing or invalid, instead of crash-looping.

Spec Updates

  • Update SPEC.md: Self-Enrollment section, CLI arguments, startup behavior, cert validation, exit codes
  • Update DEPLOYMENT_GUIDE.md: Auto-enrollment deployment method, manual enrollment, config options

Code Changes

  • src/config/loader.rs: Cert validation (CertStatus enum, validate_certs function)
  • src/config/loader.rs: EnrollmentConfig.manager_url changed to Option
  • src/config/loader.rs: cert_renewal_threshold_days and polling_token fields added
  • src/config/loader.rs: save_polling_token() and clear_polling_token() methods
  • src/main.rs: Auto-enrollment path when certs invalid + URL configured
  • src/main.rs: --enroll exits after completion (no fall-through to server startup)
  • src/main.rs: --renew-certs flag for manual cert renewal
  • src/main.rs: SO_REUSEADDR on TcpListener::bind (socket2 crate)
  • src/main.rs: Move "Listening on" log after actual bind
  • src/main.rs: Exit code strategy (0=clean, 1=error, 2=enrollment in progress)
  • src/enroll/client.rs: HTTP 409 (Conflict) handling for host already exists
  • src/enroll/mod.rs: Polling token resume from persisted config
  • src/enroll/mod.rs: Handle ENROLLMENT_CONFLICT gracefully
  • configs/linux-patch-api.service: RestartSec=10s, StartLimitBurst=5, StartLimitIntervalSec=300
  • debian/postinst: Check for certs and enrollment URL, print guidance

Build & Test

  • cargo check passes
  • cargo test passes (107 unit + 7 e2e + 11 integration)

Remaining

  • Build release package
  • Test auto-enrollment on a clean host
  • Test --enroll exits without starting server
  • Test --renew-certs flag
  • Test cert validation (missing, corrupt, expired, key mismatch, untrusted)
  • Test SO_REUSEADDR (restart after crash)
  • Test systemd exit code behavior
  • Deploy to linux-patch-manager-dev for integration testing