Skip to content

feat: register RHEL VM at startup#188

Merged
feloy merged 1 commit into
redhat-developer:mainfrom
feloy:feat-132/register-vm-at-creation-time
Jun 27, 2025
Merged

feat: register RHEL VM at startup#188
feloy merged 1 commit into
redhat-developer:mainfrom
feloy:feat-132/register-vm-at-creation-time

Conversation

@feloy

@feloy feloy commented Jun 25, 2025

Copy link
Copy Markdown
Contributor

Add an option to register a VM at creation time (true by default).

If selected, the subscription-manager command will be called in the VM (through SSH) to register the VM

To check that the VM is correctly registered, you can run in the terminal:

sudo subscription-manager status

Fixes #132

@feloy feloy force-pushed the feat-132/register-vm-at-creation-time branch from 7135466 to c4a8a27 Compare June 25, 2025 14:20
@feloy feloy force-pushed the feat-132/register-vm-at-creation-time branch from c4a8a27 to 593db4a Compare June 26, 2025 07:21
Comment thread src/token.ts
};
}

export function parseJwt(token: string): JwtToken {

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Was reading https://stackoverflow.com/questions/38552003/how-to-decode-jwt-token-in-javascript-without-using-a-library and was questionning why it is so complicated ?

Moreover, this does not validate the JWT token, this is a just here to extract the body, without any validation

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I copied this code from https://github.com/redhat-developer/podman-desktop-redhat-account-ext/blob/main/src/extension.ts#L54, as the usage is very similar.

I understand that the token has been already validated by the auth process, and we don't need to validate it again. @dgolovin WDYT?

@jeffmaury jeffmaury left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Never finished on my MacOS:

11:25:06 [main] [Info  - 09:25:06.982] Logging in https://sso.redhat.com/auth/realms/redhat-external/...

11:25:07 [main] [Info  - 09:25:07.56] Configuring redhat-account-auth {auth: https://sso.redhat.com/auth/realms/redhat-external/, api: https://api.openshift.com}

11:25:07 [main] [redhat-authentication] Received /signin

11:25:07 [main] [redhat-authentication] https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/auth?client_id=podman-desktop&scope=openid%20id.username%20email%20api.console%20api.iam.registry_service_accounts&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A62945%2Fsso-redhat-callback&resource=https%3A%2F%2Fapi.openshift.com&code_challenge=E4xjMzD21phRRLtAkZzmpAFEqJNCFJMzMr91dx6TOs&code_challenge_method=S256&nonce=oNyM4o0UYiAalAmtYsxaMoIsAeN-IVnlVZ0Y82hZOY

11:25:24 [main] [redhat-authentication] Received /sso-redhat-callback

11:25:48 [main] [Info  - 09:25:48.904] Login successful

11:25:48 [main] [Info  - 09:25:48.905] Token available from cache, expires in 876466 milliseconds

11:25:48 [main] [Info  - 09:25:48.906] Token available from cache, expires in 876465 milliseconds

11:25:48 [main] [Info  - 09:25:48.913] Token available from cache, expires in 876458 milliseconds

11:25:48 [main] [Info  - 09:25:48.928] Token available from cache, expires in 876443 milliseconds

11:25:48 [main] [redhat-authentication] Received /

11:25:48 [main] [redhat-authentication] Received /auth.css

11:25:49 [main] [redhat-authentication] Received /favicon.ico

11:25:51 [main] [redhat-authentication] Registry already registered, skipping registration

11:25:51 [main] [Info  - 09:25:51.259] Token available from cache, expires in 874112 milliseconds

11:25:51 [main] [redhat-authentication] Executing podman command: machine ssh podman-machine-default sudo subscription-manager

11:25:52 [main] [24014:0626/112552.264003:ERROR:chrome/browser/process_singleton_posix.cc:740] Invalid socket message (wrong length):
11:25:52 [main] url podman-desktop:// does not start with podman-desktop:extension/, skipping.

11:25:52 [main] [redhat-authentication] Executing podman command: machine ssh podman-machine-default sudo subscription-manager status

11:25:53 [main] [redhat-authentication] Subscription manager subscription activation check returned exit code: 1
11:25:53 [main] [redhat-authentication] Executing podman command: machine ssh podman-machine-default sudo mkdir -p /etc/rhsm/facts/ && printf '{\n  "supported_architectures": "aarch64,x86_64"
}\n' | sudo tee /etc/rhsm/facts/podman-desktop-redhat-account-ext.facts

11:25:53 [main] [Info  - 09:25:53.675] Token available from cache, expires in 871696 milliseconds

11:25:54 [main] [redhat-authentication] Executing podman command: machine ssh podman-machine-default sudo subscription-manager register --force --activationkey podman-desktop --org 7918758

Then after a while I got:

Capture d’écran 2025-06-26 à 11 37 09

@feloy

feloy commented Jun 26, 2025

Copy link
Copy Markdown
Contributor Author

it seems that the wrong macadam binary is used (the signature of the init command a few version ago, removing the --name option and setting the name as a positional parameter)

@jeffmaury

Copy link
Copy Markdown
Member

it seems that the wrong macadam binary is used (the signature of the init command a few version ago, removing the --name option and setting the name as a positional parameter)

Yes removed the old version of macadam it is now better. I think we should detect this use case

@jeffmaury jeffmaury left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@feloy feloy merged commit 599038d into redhat-developer:main Jun 27, 2025
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Register a VM when created (or started)

4 participants