mc/mcr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Phase 10: gRPC admin API with interceptor chain

Browse Source 
Proto definitions for 4 services (RegistryService, PolicyService,
AuditService, AdminService) with hand-written Go stubs using JSON
codec until protobuf tooling is available.

Interceptor chain: logging (method, peer IP, duration, never logs
auth metadata) → auth (bearer token via MCIAS, Health bypasses) →
admin (role check for GC, policy, delete, audit RPCs).

All RPCs share business logic with REST handlers via internal/db
and internal/gc packages. TLS 1.3 minimum on gRPC listener.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Kyle Isom
2026-03-19 20:46:21 -07:00
parent 562b69e875
commit 185b68ff6d
30 changed files with 3616 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
internal/grpcserver/admin.go Normal file
View File

@@ -0,0 +1,16 @@
package grpcserver
import (
"context"
pb "git.wntrmute.dev/kyle/mcr/gen/mcr/v1"
)
// adminService implements pb.AdminServiceServer.
type adminService struct {
pb.UnimplementedAdminServiceServer
}
func (s *adminService) Health(_ context.Context, _ *pb.HealthRequest) (*pb.HealthResponse, error) {
return &pb.HealthResponse{Status: "ok"}, nil
}