@p0security/cli 0.11.1 → 0.11.2

package/dist/types/ssh.d.ts

@@ -21,19 +21,18 @@ export type CliPermissionSpec<P extends PluginSshRequest, C extends object | und
 export declare const SupportedSshProviders: readonly ["aws", "gcloud"];
 export type SupportedSshProvider = (typeof SupportedSshProviders)[number];
 export type SshProvider<PR extends PluginSshRequest = PluginSshRequest, O extends object | undefined = undefined, SR extends SshRequest = SshRequest, C extends object | undefined = undefined> = {
-    requestToSsh: (request: CliPermissionSpec<PR, O>) => SR;
-    /** Converts a backend request to a CLI request */
-    toCliRequest: (request: Request<PR>, options?: {
-        debug?: boolean;
-    }) => Promise<Request<CliSshRequest>>;
-    ensureInstall: () => Promise<void>;
     /** Logs in the user to the cloud provider */
     cloudProviderLogin: (authn: Authn, request: SR) => Promise<C>;
-    /** Returns the command and its arguments that are going to be injected as the ssh ProxyCommand option */
-    proxyCommand: (request: SR) => string[];
-    /** Each element in the returned array is a command that can be run to reproduce the
-     * steps of logging in the user to the ssh session. */
-    reproCommands: (request: SR) => string[] | undefined;
+    /** Callback to ensure that this provider's CLI utils are installed */
+    ensureInstall: () => Promise<void>;
+    /** A human-readable name for this CSP */
+    friendlyName: string;
+    /** Friendly message to ask the user to log in to the CSP */
+    loginRequiredMessage?: string;
+    /** Regex match for error string indicating that CSP login is required */
+    loginRequiredPattern?: RegExp;
+    /** Amount of time, in ms, to wait between granting access and giving up on attempting an SSH connection */
+    propagationTimeoutMs: number;
     /** Arguments for a pre-test command to verify access propagation prior
      * to actually logging in the user to the ssh session.
      * This must return arguments for a non-interactive command - meaning the `command`
@@ -42,7 +41,23 @@ export type SshProvider<PR extends PluginSshRequest = PluginSshRequest, O extend
      * the actual ssh/scp command.
      */
     preTestAccessPropagationArgs: (cmdArgs: CommandArgs) => CommandArgs | undefined;
-    maxRetries: number;
-    friendlyName: string;
+    /** Returns the command and its arguments that are going to be injected as the ssh ProxyCommand option */
+    proxyCommand: (request: SR) => string[];
+    /** Each element in the returned array is a command that can be run to reproduce the
+     * steps of logging in the user to the ssh session. */
+    reproCommands: (request: SR) => string[] | undefined;
+    /** Unwraps this provider's types */
+    requestToSsh: (request: CliPermissionSpec<PR, O>) => SR;
+    /** Regex matches for error strings indicating that the provider has not yet fully provisioned node acces */
+    unprovisionedAccessPatterns: readonly {
+        /** If the error matches this string, indicates that access is not provisioned */
+        readonly pattern: RegExp;
+        /** Maximum amount of time to wait for provisioning after encountering this error */
+        readonly validationWindowMs?: number;
+    }[];
+    /** Converts a backend request to a CLI request */
+    toCliRequest: (request: Request<PR>, options?: {
+        debug?: boolean;
+    }) => Promise<Request<CliSshRequest>>;
 };
 export type SshRequest = AwsSshRequest | GcpSshRequest;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@p0security/cli",
-  "version": "0.11.1",
+  "version": "0.11.2",
   "description": "Execute infra CLI commands with P0 grants",
   "main": "index.ts",
   "repository": {
@@ -65,8 +65,8 @@
     "eslint-plugin-promise": "^6.1.1",
     "jest": "^29.7.0",
     "prettier": "^3.2.4",
-    "ts-node": "^10.9.2",
-    "ts-jest": "^29.1.2"
+    "ts-jest": "^29.1.2",
+    "ts-node": "^10.9.2"
   },
   "scripts": {
     "build": "tsc && cp -r public dist/",