When a new machine is provisioned, it will trigger the _POST
/host/online_ webhook, indicating that it is online and ready to be
provisioned via configuration policy. It submits its hostname and SSH
public keys so the Ansible controller can connect to it. This
information is passed to the controller via an AMQP message, published
to a queue which the controller will consume in order to being
provisioning.
The controller itself will eventually be scheduled as a Kubernetes Job.
I want to get an alert whenever a new transaction is added to Firefly.
This will be particularly helpful now that _xactmon_ is creating
transactions automatically based on notifications from Commerce, Chase,
etc.
These notifications are really only useful for real-time monitoring of
builds starting and finishing. There's no reason to cache them for
clients who were not connected when they were originally sent.
Using the [Generic Event Plugin][0], we can receive a notification from
Jenkins when builds start and finish. We'll relay these to *ntfy* on a
unique topic that I will subscribe to on my desktop. That way, I can
get desktop notifications about jobs while I am working, which will be
particularly useful while developing and troubleshooting pipelines.
[0]: https://plugins.jenkins.io/generic-event/
The *POST /sshkeys/sign* operation accepts a host name and a list of SSH
host public keys and returns a signed SSH host certificate for each key.
It uses the `step ssh certificate` command to sign the certificates,
which in turn contacts the configured *step-ca* service. This operation
will allow hosts to obtain their initial certificates. Once obtained,
the certificates can be renewed directly using the `step ssh renew`
command with the SSH private keys themselves for authentication.
Dustin