From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pdm-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
	by lore.proxmox.com (Postfix) with ESMTPS id 91C261FF145
	for <inbox@lore.proxmox.com>; Sun, 24 May 2026 00:57:33 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
	by firstgate.proxmox.com (Proxmox) with ESMTP id 371F31CBDC;
	Sun, 24 May 2026 00:57:33 +0200 (CEST)
From: Thomas Lamprecht <t.lamprecht@proxmox.com>
To: pdm-devel@lists.proxmox.com
Subject: [PATCH datacenter-manager v5 00/10] subscription key pool registry
Date: Sun, 24 May 2026 00:56:10 +0200
Message-ID: <20260523225652.3097006-1-t.lamprecht@proxmox.com>
X-Mailer: git-send-email 2.47.3
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2
X-Bm-Transport-Timestamp: 1779576996948
X-SPAM-LEVEL: Spam detection results:  0
	AWL                     0.005 Adjusted score from AWL reputation of From:
 address
	BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
	DMARC_MISSING             0.1 Missing DMARC policy
	KAM_DMARC_STATUS         0.01 Test Rule for DKIM or SPF Failure with Strict
 Alignment
	SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
	SPF_PASS               -0.001 SPF: sender matches SPF record
Message-ID-Hash: 3SED5TWIPKTOYUXHL5CO3W4ZS7GPNSNN
X-Message-ID-Hash: 3SED5TWIPKTOYUXHL5CO3W4ZS7GPNSNN
X-MailFrom: t.lamprecht@proxmox.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop;
 banned-address; emergency; member-moderation; nonmember-moderation;
 administrivia; implicit-dest; max-recipients; max-size; news-moderation;
 no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.10
Precedence: list
List-Id: Proxmox Datacenter Manager development discussion
 <pdm-devel.lists.proxmox.com>
List-Help: <mailto:pdm-devel-request@lists.proxmox.com?subject=help>
List-Owner: <mailto:pdm-devel-owner@lists.proxmox.com>
List-Post: <mailto:pdm-devel@lists.proxmox.com>
List-Subscribe: <mailto:pdm-devel-join@lists.proxmox.com>
List-Unsubscribe: <mailto:pdm-devel-leave@lists.proxmox.com>

v5 of the Subscription Registry. Addresses the review feedback Dominik
raised on v4; this round is mostly polishing and most of in UI one.

For the v3 -> v4 changelog and the design discussion see the v4 cover:
  https://lore.proxmox.com/pdm-devel/20260522085128.2678090-1-t.lamprecht@proxmox.com

Notable v4 -> v5 (see per-patch notes for details):

* Loading feedback: Auto-Assign opens a "computing" dialog at once and
  the registry panel masks while refreshing, so a slow remote no longer
  looks like a no-op (Dominik).
* add-keys dedups duplicate input keys (server and UI) and reports the
  dropped count instead of erroring (Dominik).
* apply-pending continues past a failed entry instead of aborting the
  whole run, and reports the failures (Dominik).
* Node Status panel gets a real toolbar: per-node actions on the left,
  bulk / queue actions on the right; Apply/Discard Pending and
  Auto-Assign move off the old standalone top toolbar, each panel gets
  its own refresh (Dominik).
* Auto-Assign and Adopt All preview grids made non-interactive
  (Dominik).
* Revert is no longer offered for an already-applied binding even when
  Expired/Invalid - freeing it is Clear Key.
* Smaller nits: #[builder] macro, direct CSS imports, an AssignTarget
  struct, column widths, dialog padding.

Lukas's Tested-by from v4 is dropped on the patches that changed
materially since (0005, 0006, 0008, 0009, 0010); 0001-0003 and 0007 keep
their v4 trailers.

Each commit cleanly formats (cargo fmt --check), builds, and passes
cargo test --workspace on its own.

For the record, no blockers for the MVP, the open follow-ups still not
in this series:
* Multi-select on the Auto-Assign proposal (all ticked) so the operator
  can deselect a few nodes before applying, e.g. 100 nodes but skip 3.
* Cross-Integration with the relatively new Auto-Installer feature, as
  the installer now also supports accepting a subscription since PVE 9.2
  ISO.
* Shop-side full reissue, so PDM can drive the actual key rotation
  rather than just freeing the pool binding via Clear Key.
* Shop-bundle import path; the on-disk shadow-file plumbing already
  accommodates the signed SubscriptionInfo blob.
And some left out that might be fine, but I'm not so sure about:
* Per-row Auto-Assign overrides for pinning a specific key to a node.
* Atomic clear-and-assign as one queued change (today swapping a key on
  a node is Clear / Apply / Assign / Apply; the canonical case is an
  Expired live subscription that the operator wants to replace).
* Status column filter on the node-status tree.

Thomas Lamprecht (10):
  api types: subscription level: render full names
  pdm-client: add wait_for_local_task helper
  subscription: pool: add data model and config layer
  subscription: api: add key pool and node status endpoints
  ui: registry: add view with key pool and node status
  cli: client: add subscription key pool management subcommands
  docs: add subscription registry chapter
  subscription: add Clear Key action and per-node revert
  subscription: add Adopt Key action for foreign live subscriptions
  subscription: add Check Subscription action

 Cargo.toml                                    |    4 +-
 cli/client/src/subscriptions.rs               |  406 ++-
 docs/index.rst                                |    1 +
 docs/subscription-registry.rst                |   84 +
 lib/pdm-api-types/Cargo.toml                  |    1 +
 lib/pdm-api-types/src/subscription.rs         |  504 +++-
 lib/pdm-api-types/tests/test_import.rs        |  367 +++
 lib/pdm-client/Cargo.toml                     |    3 +
 lib/pdm-client/src/lib.rs                     |  332 ++-
 lib/pdm-config/src/lib.rs                     |    1 +
 lib/pdm-config/src/setup.rs                   |    7 +
 lib/pdm-config/src/subscriptions.rs           |  118 +
 server/src/api/mod.rs                         |    2 +
 server/src/api/resources.rs                   |   34 +-
 server/src/api/subscriptions/mod.rs           | 2378 +++++++++++++++++
 server/src/context.rs                         |    7 +
 server/src/pbs_client.rs                      |   31 +
 ui/src/configuration/mod.rs                   |    3 +
 ui/src/configuration/subscription_assign.rs   |  328 +++
 ui/src/configuration/subscription_keys.rs     |  588 ++++
 ui/src/configuration/subscription_registry.rs | 1485 ++++++++++
 ui/src/dashboard/subscriptions_list.rs        |   18 +-
 ui/src/main_menu.rs                           |   10 +
 ui/src/widget/pve_node_selector.rs            |   91 +-
 ui/src/widget/remote_selector.rs              |   28 +-
 25 files changed, 6764 insertions(+), 67 deletions(-)
 create mode 100644 docs/subscription-registry.rst
 create mode 100644 lib/pdm-api-types/tests/test_import.rs
 create mode 100644 lib/pdm-config/src/subscriptions.rs
 create mode 100644 server/src/api/subscriptions/mod.rs
 create mode 100644 ui/src/configuration/subscription_assign.rs
 create mode 100644 ui/src/configuration/subscription_keys.rs
 create mode 100644 ui/src/configuration/subscription_registry.rs

-- 
2.47.3