Passing the strict lint checks requires a number of backwards-
incompatible changes:
- Rename the NodePrivileged service to NodePrivilegedService.
This is only used in CLI tooling, which are upgraded at the same
time as the server binary.
- The Publicrpc service was renamed to PublicRPCService.
- The EmitterChain type is renamed to ChainID.
- The default value for the ChainID type is renamed to
CHAIN_ID_UNSPECIFIED. This value wasn't referenced anywhere.
- The response and request types for GetLastHeartbeats were updated
to match the rpc method name.
Change-Id: I3954130d3b25ab1f859390407bba3d3c02ffe03c
As discussed with Justin, we no longer need this endpoint.
Removing it means we no longer have to worry about
long-lived connections.
Change-Id: I75020652d383a6b5f79a3cad1b52ae87d323f012
This makes the publicrpc service available to the admin CLI
regardless of whether the publicrpc socket is enabled on the node.
Change-Id: If0265f3cd14af44a7f8e9726af796f8879dd7a4b
This allows us to use UNIX filesystem permissions for access control.
Previously, any process in the network namespace could connect to it,
which is insecure for obvious reasons.
Verified that correct permissions are set:
```
# ls -lisa /run/bridge/
total 8
31996269 4 drwxrwxrwx 2 root root 4096 Nov 23 21:58 .
14676759 4 drwxr-xr-x 1 root root 4096 Nov 23 21:58 ..
31996306 0 srwx------ 1 root root 0 Nov 23 21:58 agent.sock
```
Fixes#119