* Fix typo when passing arguments to tls.LoadX509KeyPair()
* Support TLS 1.2 too
* Do not require a controller to only present a single certificate
* No need to set ServerName since we use InsecureSkipVerify
* Use host's root CA set by default and support normal SNI scenarios
* Simplified bootstrapping of a cluster
Introduced a new convention about a pre-defined `bootstrap-admin` account for `orchard controller run`. Providing `ORCHARD_BOOTSTRAP_ADMIN_TOKEN` will auto-create such user for easier configuration. `bootstrap-admin` can be used for creating other service accounts on the first run and after that can be disposed.
Also change `orchard worker run` to expect controller URL as the only parameter and a bootstrap token passed via an argument instead of using a context that might not be created.
* Missing error check
* Port forwarding support
* .golangci.yml: remove and replace deprecated and archived linters
* Client: pass credentials when calling WebSocket API methods
* API: require ServiceAccountRoleComputeWrite role for port forwarding
* Use Buf
* Rename Poll() RPC method to Watch()
* Split Rendezvous into two parts: Watcher and Proxy (#32)
* Split Rendezvous into two parts: Watcher and Proxy
* Implement Proxy cancellation
* Use Protocol Buffers structure directly in Watcher
* Fix TestWatcher after switching to Protocol Buffers structure
* portForwardVM(): ensure we also check for gin's context
* Initial version of the Orchard orchestration system
* Update README.md
Co-authored-by: Fedor Korotkov <fedor.korotkov@gmail.com>
Co-authored-by: Fedor Korotkov <fedor.korotkov@gmail.com>
Nikolay Edigaryev
Fedor Korotkov