Open
Conversation
SgtCoDFish
commented
Mar 26, 2026
Contributor
Author
There was a problem hiding this comment.
NB: this is pretty much copy+pasted from client_venafi_cloud.go because the logic is nearly identical. I refactored some of the shared logic out (util.go) but mostly this is the same thing with different names
This will add initial support for NGTS. Auth is based on the existing Venafi Cloud client using a keypair. Signed-off-by: Ashley Davis <ashley.davis@cyberark.com>
inteon
reviewed
Apr 1, 2026
| // NGTSClient is a Client implementation for uploading data readings to NGTS | ||
| // using service account keypair authentication. It follows the Private Key JWT | ||
| // authentication pattern (RFC 7521 + RFC 7523). | ||
| type NGTSClient struct { |
Contributor
There was a problem hiding this comment.
Why are we creating a new client? Can't we reuse the CMSaaS client? The dataplane endpoints should be identical & the authentication using built-in SA should be the same.
Contributor
Author
There was a problem hiding this comment.
- Easier this way to be confident that the existing client is unaffected, meaning the review (which is the bottleneck) is easier
- The pattern already exists of creating new clients for new backends.
- Easier to develop the NGTS client independently and make changes to it going forwards if it's separate. In a high-pressure and quick-to-change environment, I value that flexibility
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This will add initial support for NGTS. Auth is based on the existing Venafi Cloud client using a keypair.
I'm not really able to test this effectively because of various issues with the test env, but I think this is safe enough to merge as-is because it's not customer-facing yet (needs helm chart support before this is realistically usable)
Note there are several TODOs in this PR. They need to be clarified before we can expose this functionality to customers, but I think they're fine for now.