refactor: improve error handling, validation and proper cleanup

internal/proxmox/README.md

@@ -52,11 +52,11 @@ graph TD
 ```go
 type Config struct {
     URL       string            `json:"url" validate:"required,url"`
-    Username  string            `json:"username" validate:"required_without=TokenID Secret"`
-    Password  strutils.Redacted `json:"password" validate:"required_without=TokenID Secret"`
-    Realm     string            `json:"realm" validate:"required_without=TokenID Secret"`
-    TokenID   string            `json:"token_id" validate:"required_without=Username Password"`
-    Secret    strutils.Redacted `json:"secret" validate:"required_without=Username Password"`
+    Username  string            `json:"username" validate:"required_without_all=TokenID Secret"`
+    Password  strutils.Redacted `json:"password" validate:"required_without_all=TokenID Secret"`
+    Realm     string            `json:"realm"`
+    TokenID   string            `json:"token_id" validate:"required_without_all=Username Password"`
+    Secret    strutils.Redacted `json:"secret" validate:"required_without_all=Username Password"`
     NoTLSVerify bool            `json:"no_tls_verify"`
 
     client *Client

internal/proxmox/client.go

@@ -65,6 +65,9 @@ func (c *Client) UpdateClusterInfo(ctx context.Context) (err error) {
 }
 
 func (c *Client) UpdateResources(ctx context.Context) error {
+	if c.Cluster == nil {
+		return errors.New("cluster not initialized, call UpdateClusterInfo first")
+	}
 	resourcesSlice, err := c.Cluster.Resources(ctx, "vm")
 	if err != nil {
 		return err

internal/proxmox/config.go

@@ -18,12 +18,12 @@ import (
 type Config struct {
 	URL string `json:"url" validate:"required,url"`
 
-	Username string            `json:"username" validate:"required_without=TokenID Secret"`
-	Password strutils.Redacted `json:"password" validate:"required_without=TokenID Secret"`
-	Realm    string            `json:"realm" validate:"required_without=TokenID Secret"`
+	Username string            `json:"username" validate:"required_without_all=TokenID Secret"`
+	Password strutils.Redacted `json:"password" validate:"required_without_all=TokenID Secret"`
+	Realm    string            `json:"realm"` // default is "pam"
 
-	TokenID string            `json:"token_id" validate:"required_without=Username Password"`
-	Secret  strutils.Redacted `json:"secret" validate:"required_without=Username Password"`
+	TokenID string            `json:"token_id" validate:"required_without_all=Username Password"`
+	Secret  strutils.Redacted `json:"secret" validate:"required_without_all=Username Password"`
 
 	NoTLSVerify bool `json:"no_tls_verify" yaml:"no_tls_verify,omitempty"`
 
@@ -65,6 +65,9 @@ func (c *Config) Init(ctx context.Context) gperr.Error {
 	}
 	useCredentials := false
 	if c.Username != "" && c.Password != "" {
+		if c.Realm == "" {
+			c.Realm = "pam"
+		}
 		opts = append(opts, proxmox.WithCredentials(&proxmox.Credentials{
 			Username: c.Username,
 			Password: c.Password.String(),

internal/proxmox/node_command.go

@@ -50,6 +50,7 @@ func (n *Node) NodeCommand(ctx context.Context, command string) (io.ReadCloser,
 	// Send command
 	cmd := []byte(command + "\n")
 	if err := handleSend(cmd); err != nil {
+		closeFn()
 		return nil, err
 	}
 
@@ -70,6 +71,7 @@ func (n *Node) NodeCommand(ctx context.Context, command string) (io.ReadCloser,
 		for {
 			select {
 			case <-ctx.Done():
+				_ = pw.CloseWithError(ctx.Err())
 				return
 			case msg := <-recv:
 				// skip the header message like
@@ -106,7 +108,6 @@ func (n *Node) NodeCommand(ctx context.Context, command string) (io.ReadCloser,
 			case err := <-errs:
 				if err != nil {
 					if websocket.IsUnexpectedCloseError(err, websocket.CloseGoingAway, websocket.CloseAbnormalClosure) {
-						_ = pw.Close()
 						return
 					}
 					_ = pw.CloseWithError(err)