canonical · bschimke95 · Aug 26, 2024 · Aug 21, 2024 · Aug 23, 2024 · Aug 26, 2024
@@ -9,9 +9,10 @@ k8s get-join-token <node-name> [flags]
 ### Options
 
 ```
-  -h, --help               help for get-join-token
-      --timeout duration   the max time to wait for the command to execute (default 1m30s)
-      --worker             generate a join token for a worker node
+      --expires-in duration   the time until the token expires (default 24h0m0s)
+  -h, --help                  help for get-join-token
+      --timeout duration      the max time to wait for the command to execute (default 1m30s)
+      --worker                generate a join token for a worker node
 ```
 
 ### SEE ALSO

@@ -13,6 +13,7 @@ func newGetJoinTokenCmd(env cmdutil.ExecutionEnvironment) *cobra.Command {
 	var opts struct {
 		worker  bool
 		timeout time.Duration
+		ttl     time.Duration
 	}
 	cmd := &cobra.Command{
 		Use:    "get-join-token <node-name>",
@@ -39,7 +40,7 @@ func newGetJoinTokenCmd(env cmdutil.ExecutionEnvironment) *cobra.Command {
 
 			ctx, cancel := context.WithTimeout(cmd.Context(), opts.timeout)
 			cobra.OnFinalize(cancel)
-			token, err := client.GetJoinToken(ctx, apiv1.GetJoinTokenRequest{Name: name, Worker: opts.worker})
+			token, err := client.GetJoinToken(ctx, apiv1.GetJoinTokenRequest{Name: name, Worker: opts.worker, TTL: opts.ttl})
 			if err != nil {
 				cmd.PrintErrf("Error: Could not generate a join token for %q.\n\nThe error was: %v\n", name, err)
 				env.Exit(1)
@@ -52,5 +53,7 @@ func newGetJoinTokenCmd(env cmdutil.ExecutionEnvironment) *cobra.Command {
 
 	cmd.Flags().BoolVar(&opts.worker, "worker", false, "generate a join token for a worker node")
 	cmd.Flags().DurationVar(&opts.timeout, "timeout", 90*time.Second, "the max time to wait for the command to execute")
+	// The CLI uses verbose names for flags instead of abbreviations. Internally and for the API, the common TTL (time-to-live) name is used.
+	cmd.Flags().DurationVar(&opts.ttl, "expires-in", 24*time.Hour, "the time until the token expires")
 	return cmd
 }
@@ -5,7 +5,7 @@ go 1.22.6
 require (
 	dario.cat/mergo v1.0.0
 	github.com/canonical/go-dqlite v1.22.0
-	github.com/canonical/k8s-snap-api v1.0.2
+	github.com/canonical/k8s-snap-api v1.0.3
 	github.com/canonical/lxd v0.0.0-20240730172021-8e39e5d4f55f
 	github.com/canonical/microcluster/v2 v2.0.2
 	github.com/go-logr/logr v1.4.2

@@ -101,8 +101,8 @@ github.com/canonical/go-dqlite v1.22.0 h1:DuJmfcREl4gkQJyvZzjl2GHFZROhbPyfdjDRQX
 github.com/canonical/go-dqlite v1.22.0/go.mod h1:Uvy943N8R4CFUAs59A1NVaziWY9nJ686lScY7ywurfg=
 github.com/canonical/k8s-microcluster/v2 v2.1.0 h1:zoK/fYzEkhCKAWf6NcZHG6+3U2c4PqkDTUVtwju951I=
 github.com/canonical/k8s-microcluster/v2 v2.1.0/go.mod h1:09N/J8tuijpAJdOER+e8IVWpn9cjzw9KzZvIunii/pA=
-github.com/canonical/k8s-snap-api v1.0.2 h1:9tyIneGQ6dPouX/8DH/HBqQIk+PF+MtQB3Qwt43Cuu4=
-github.com/canonical/k8s-snap-api v1.0.2/go.mod h1:LDPoIYCeYnfgOFrwVPJ/4edGU264w7BB7g0GsVi36AY=
+github.com/canonical/k8s-snap-api v1.0.3 h1:unMuIdLgdjlYj3bhkTQoHzphNrJG54IV23mAi1EBB38=
+github.com/canonical/k8s-snap-api v1.0.3/go.mod h1:LDPoIYCeYnfgOFrwVPJ/4edGU264w7BB7g0GsVi36AY=
 github.com/canonical/lxd v0.0.0-20240730172021-8e39e5d4f55f h1:bTaF5FmQk66wI8ILr+pzelTY6iNLXE9c2Ks2HG4Sp5U=
 github.com/canonical/lxd v0.0.0-20240730172021-8e39e5d4f55f/go.mod h1:BVyKLSsJLTLX3o6WW0f5YDOO+J5HE3Np2WwYVrug0sY=
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=

@@ -31,7 +31,7 @@ func (e *Endpoints) postClusterJoinTokens(s state.State, r *http.Request) respon
 	if req.Worker {
 		token, err = getOrCreateWorkerToken(r.Context(), s, hostname)
 	} else {
-		token, err = getOrCreateJoinToken(r.Context(), e.provider.MicroCluster(), hostname)
+		token, err = getOrCreateJoinToken(r.Context(), e.provider.MicroCluster(), hostname, req.TTL)
 	}
 	if err != nil {
 		return response.InternalError(fmt.Errorf("failed to create token: %w", err))
@@ -40,7 +40,7 @@ func (e *Endpoints) postClusterJoinTokens(s state.State, r *http.Request) respon
 	return response.SyncResponse(true, &apiv1.GetJoinTokenResponse{EncodedToken: token})
 }
 
-func getOrCreateJoinToken(ctx context.Context, m *microcluster.MicroCluster, tokenName string) (string, error) {
+func getOrCreateJoinToken(ctx context.Context, m *microcluster.MicroCluster, tokenName string, ttl time.Duration) (string, error) {
 	// grab token if it exists and return it
 	records, err := m.ListJoinTokens(ctx)
 	if err != nil {
@@ -54,9 +54,11 @@ func getOrCreateJoinToken(ctx context.Context, m *microcluster.MicroCluster, tok
 		fmt.Println("No token exists yet. Creating a new token.")
 	}
 
-	// if token does not exist, create a new one
-	// TODO(ben): make token expiry configurable
-	token, err := m.NewJoinToken(ctx, tokenName, 24*time.Hour)
+	if ttl == 0 {
+		ttl = 24 * time.Hour
+	}
+
+	token, err := m.NewJoinToken(ctx, tokenName, ttl)
 	if err != nil {
 		return "", fmt.Errorf("failed to generate a new microcluster join token: %w", err)
 	}