mirror of
https://github.com/rcourtman/Pulse.git
synced 2026-05-10 20:25:41 +00:00
b4247fc095
API Enhancements: - Add SHA256 checksum endpoint for binary downloads - Computes checksum on-the-fly when .sha256 suffix is requested - Example: /download/pulse-host-agent?platform=linux&arch=amd64.sha256 - Enables installer scripts to verify binary integrity - Add /uninstall-host-agent.sh endpoint for Linux/macOS uninstall script - Add endpoint to public paths (no auth required) Checksum Implementation: - New serveChecksum() function computes SHA256 hash using crypto/sha256 - Returns plain text checksum in hex format - Supports all binary download endpoints - Zero performance impact (only computed when requested) Install Script Updates: - Add --force/-f flag to skip all interactive prompts - URL/token prompts skipped with --force - Reinstall confirmation skipped with --force - Checksum mismatch still aborts (security first) - Force mode auto-accepts updates and reinstalls - Usage: ./install-host-agent.sh --url $URL --token $TOKEN --force Security Notes: - Checksum verification protects against: - Corrupted downloads due to network issues - Man-in-the-middle binary tampering - Storage corruption on server - Force mode maintains security by aborting on checksum mismatch - No bypass for security-critical validations These improvements enable: - Automated deployments (--force flag) - Binary integrity verification (checksums) - Better security posture (tamper detection) - Standardized uninstall process (endpoint) The /api/version endpoint already exists and returns version info for update checks (no changes needed). |
||
|---|---|---|
| .. | ||
| alerts.go | ||
| alerts_test.go | ||
| auth.go | ||
| auth_scope_test.go | ||
| config_handlers.go | ||
| config_handlers_cluster_test.go | ||
| csrf_store.go | ||
| demo_middleware.go | ||
| diagnostics.go | ||
| DO_NOT_EDIT_FRONTEND_HERE.md | ||
| docker_agents.go | ||
| frontend_embed.go | ||
| guest_metadata.go | ||
| host_agents.go | ||
| http_metrics.go | ||
| middleware.go | ||
| notifications.go | ||
| oidc_handlers.go | ||
| oidc_service.go | ||
| rate_limit_config.go | ||
| rate_limit_config_test.go | ||
| ratelimit.go | ||
| README.md | ||
| recovery_tokens.go | ||
| router.go | ||
| router_integration_test.go | ||
| security.go | ||
| security_oidc.go | ||
| security_setup_fix.go | ||
| security_tokens.go | ||
| security_tokens_test.go | ||
| session_store.go | ||
| settings.go | ||
| system_settings.go | ||
| types.go | ||
| updates.go | ||
Internal API Package
This directory contains the API server implementation for Pulse.
Important Note About frontend-modern/
The frontend-modern/ subdirectory that appears here is:
- AUTO-GENERATED during builds
- NOT the source code - just a build artifact
- IN .gitignore - never committed
- REQUIRED BY GO - The embed directive needs it here
Frontend Development Location
👉 Edit frontend files at: /opt/pulse/frontend-modern/src/
Why This Structure?
Go's //go:embed directive has limitations:
- Cannot use
../paths to access parent directories - Cannot follow symbolic links
- Must embed files within the Go module
This is a known Go limitation and our structure works around it.