@p0security/cli 0.12.0 → 0.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (30) hide show
  1. package/dist/commands/ls.js +24 -4
  2. package/dist/commands/ls.js.map +1 -1
  3. package/dist/commands/scp.js +5 -0
  4. package/dist/commands/scp.js.map +1 -1
  5. package/dist/commands/shared/ssh.d.ts +11 -1
  6. package/dist/commands/shared/ssh.js +6 -5
  7. package/dist/commands/shared/ssh.js.map +1 -1
  8. package/dist/commands/ssh.js +8 -3
  9. package/dist/commands/ssh.js.map +1 -1
  10. package/dist/plugins/aws/ssh.js +1 -0
  11. package/dist/plugins/aws/ssh.js.map +1 -1
  12. package/dist/plugins/azure/auth.d.ts +11 -0
  13. package/dist/plugins/azure/auth.js +56 -0
  14. package/dist/plugins/azure/auth.js.map +1 -0
  15. package/dist/plugins/azure/keygen.d.ts +13 -0
  16. package/dist/plugins/azure/keygen.js +69 -0
  17. package/dist/plugins/azure/keygen.js.map +1 -0
  18. package/dist/plugins/azure/ssh.d.ts +2 -4
  19. package/dist/plugins/azure/ssh.js +86 -20
  20. package/dist/plugins/azure/ssh.js.map +1 -1
  21. package/dist/plugins/azure/tunnel.d.ts +14 -0
  22. package/dist/plugins/azure/tunnel.js +160 -0
  23. package/dist/plugins/azure/tunnel.js.map +1 -0
  24. package/dist/plugins/azure/types.d.ts +14 -8
  25. package/dist/plugins/google/ssh.js +1 -0
  26. package/dist/plugins/google/ssh.js.map +1 -1
  27. package/dist/plugins/ssh/index.js +44 -24
  28. package/dist/plugins/ssh/index.js.map +1 -1
  29. package/dist/types/ssh.d.ts +9 -2
  30. package/package.json +1 -1
package/dist/commands/ls.js CHANGED
@@ -30,6 +30,7 @@ const firestore_1 = require("../drivers/firestore");
30
30
  const stdio_1 = require("../drivers/stdio");
31
31
  const lodash_1 = require("lodash");
32
32
  const pluralize_1 = __importDefault(require("pluralize"));
33
+ const DEFAULT_RESPONSE_SIZE = 15;
33
34
  const lsArgs = (yargs) => yargs
34
35
  .parserConfiguration({ "unknown-options-as-args": true })
35
36
  .help(false)
@@ -40,9 +41,27 @@ const lsArgs = (yargs) => yargs
40
41
  });
41
42
  const lsCommand = (yargs) => yargs.command("ls [arguments..]", "List request-command arguments", lsArgs, (0, firestore_1.fsShutdownGuard)(ls));
42
43
  exports.lsCommand = lsCommand;
44
+ /**
45
+ * If the user has requested a size, replace it with double the requested size,
46
+ * otherwise request double the default.
47
+ *
48
+ * This is done so that we can give the user a sense of the number of results
49
+ * that are not displayed.
50
+ */
51
+ const convertLsSizeArg = (args) => {
52
+ var _a;
53
+ const convertedArgs = [...args];
54
+ const sizeIndex = convertedArgs.findIndex((a) => a === "--size");
55
+ const requestedSize = +((_a = (sizeIndex >= 0
56
+ ? (0, lodash_1.pullAt)(convertedArgs, sizeIndex, sizeIndex + 1)[1]
57
+ : undefined)) !== null && _a !== void 0 ? _a : DEFAULT_RESPONSE_SIZE);
58
+ convertedArgs.push("--size", String(requestedSize * 2));
59
+ return { convertedArgs, requestedSize };
60
+ };
43
61
  const ls = (args) => __awaiter(void 0, void 0, void 0, function* () {
44
62
  const authn = yield (0, auth_1.authenticate)();
45
- const data = yield (0, stdio_1.spinUntil)("Listing accessible resources", (0, api_1.fetchCommand)(authn, args, ["ls", ...args.arguments]));
63
+ const { convertedArgs, requestedSize } = convertLsSizeArg(args.arguments);
64
+ const data = yield (0, stdio_1.spinUntil)("Listing accessible resources", (0, api_1.fetchCommand)(authn, args, ["ls", ...convertedArgs]));
46
65
  const allArguments = [...args._, ...args.arguments];
47
66
  if (data && "ok" in data && data.ok) {
48
67
  const label = (0, pluralize_1.default)(data.arg);
@@ -50,8 +69,8 @@ const ls = (args) => __awaiter(void 0, void 0, void 0, function* () {
50
69
  (0, stdio_1.print2)(`No ${label}`);
51
70
  return;
52
71
  }
53
- const truncationPart = data.isTruncated
54
- ? ` the first ${data.items.length}`
72
+ const truncationPart = data.items.length > requestedSize
73
+ ? ` the first ${requestedSize} (of ${data.isTruncated ? "many" : data.items.length})`
55
74
  : "";
56
75
  const postfixPart = data.term
57
76
  ? ` matching '${data.term}'`
@@ -59,7 +78,8 @@ const ls = (args) => __awaiter(void 0, void 0, void 0, function* () {
59
78
  ? ` (use \`p0 ${allArguments.join(" ")} <like>\` to narrow results)`
60
79
  : "";
61
80
  (0, stdio_1.print2)(`Showing${truncationPart} ${label}${postfixPart}.\nResources labeled with * are already accessible to you:`);
62
- const sortedItems = (0, lodash_1.orderBy)(data.items, "isPreexisting", "desc");
81
+ const truncated = (0, lodash_1.slice)(data.items, 0, requestedSize);
82
+ const sortedItems = (0, lodash_1.orderBy)(truncated, "isPreexisting", "desc");
63
83
  const isSameValue = sortedItems.every((i) => !i.group && i.key === i.value);
64
84
  const maxLength = (0, lodash_1.max)(sortedItems.map((i) => i.key.length)) || 0;
65
85
  for (const item of sortedItems) {
package/dist/commands/ls.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ls.js","sourceRoot":"","sources":["../../src/commands/ls.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,0CAA0C;AAC1C,wCAA8C;AAC9C,0CAA+C;AAC/C,oDAAuD;AACvD,4CAA6D;AAC7D,mCAAsC;AACtC,0DAAkC;AAgBlC,MAAM,MAAM,GAAG,CAAI,KAAoB,EAAE,EAAE,CACzC,KAAK;KACF,mBAAmB,CAAC,EAAE,yBAAyB,EAAE,IAAI,EAAE,CAAC;KACxD,IAAI,CAAC,KAAK,CAAC;KACX,MAAM,CAAC,WAAW,EAAE;IACnB,KAAK,EAAE,IAAI;IACX,MAAM,EAAE,IAAI;IACZ,OAAO,EAAE,EAAc;CACxB,CAAC,CAAC;AAEA,MAAM,SAAS,GAAG,CAAC,KAAiB,EAAE,EAAE,CAC7C,KAAK,CAAC,OAAO,CACX,kBAAkB,EAClB,gCAAgC,EAChC,MAAM,EACN,IAAA,2BAAe,EAAC,EAAE,CAAC,CACpB,CAAC;AANS,QAAA,SAAS,aAMlB;AAEJ,MAAM,EAAE,GAAG,CACT,IAEE,EACF,EAAE;IACF,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAY,GAAE,CAAC;IACnC,MAAM,IAAI,GAAG,MAAM,IAAA,iBAAS,EAC1B,8BAA8B,EAC9B,IAAA,kBAAY,EAAa,KAAK,EAAE,IAAI,EAAE,CAAC,IAAI,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CACjE,CAAC;IACF,MAAM,YAAY,GAAG,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC;IAEpD,IAAI,IAAI,IAAI,IAAI,IAAI,IAAI,IAAI,IAAI,CAAC,EAAE,EAAE;QACnC,MAAM,KAAK,GAAG,IAAA,mBAAS,EAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAClC,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;YAC3B,IAAA,cAAM,EAAC,MAAM,KAAK,EAAE,CAAC,CAAC;YACtB,OAAO;SACR;QACD,MAAM,cAAc,GAAG,IAAI,CAAC,WAAW;YACrC,CAAC,CAAC,cAAc,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE;YACnC,CAAC,CAAC,EAAE,CAAC;QACP,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI;YAC3B,CAAC,CAAC,cAAc,IAAI,CAAC,IAAI,GAAG;YAC5B,CAAC,CAAC,IAAI,CAAC,WAAW;gBAChB,CAAC,CAAC,cAAc,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,8BAA8B;gBACpE,CAAC,CAAC,EAAE,CAAC;QAET,IAAA,cAAM,EACJ,UAAU,cAAc,IAAI,KAAK,GAAG,WAAW,4DAA4D,CAC5G,CAAC;QACF,MAAM,WAAW,GAAG,IAAA,gBAAO,EAAC,IAAI,CAAC,KAAK,EAAE,eAAe,EAAE,MAAM,CAAC,CAAC;QACjE,MAAM,WAAW,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC;QAC5E,MAAM,SAAS,GAAG,IAAA,YAAG,EAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC;QACjE,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE;YAC9B,MAAM,OAAO,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,KAAK,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,CAAC,KAAK,EAAE,CAAC;YACvE,MAAM,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;YAChD,IAAA,cAAM,EACJ,GAAG,MAAM,GACP,WAAW;gBACT,CAAC,CAAC,IAAI,CAAC,GAAG;gBACV,CAAC,CAAC,SAAS,GAAG,EAAE;oBACd,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,OAAO,cAAO,CAAC,GAAG,GAAG,OAAO,GAAG,cAAO,CAAC,KAAK,EAAE;oBAC3D,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,GAAG,cAAO,CAAC,GAAG,MAAM,OAAO,GAAG,cAAO,CAAC,KAAK,EAChF,EAAE,CACH,CAAC;SACH;KACF;SAAM;QACL,MAAM,IAAI,CAAC;KACZ;AACH,CAAC,CAAA,CAAC"}
1
+ {"version":3,"file":"ls.js","sourceRoot":"","sources":["../../src/commands/ls.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,0CAA0C;AAC1C,wCAA8C;AAC9C,0CAA+C;AAC/C,oDAAuD;AACvD,4CAA6D;AAC7D,mCAAqD;AACrD,0DAAkC;AAGlC,MAAM,qBAAqB,GAAG,EAAE,CAAC;AAejC,MAAM,MAAM,GAAG,CAAI,KAAoB,EAAE,EAAE,CACzC,KAAK;KACF,mBAAmB,CAAC,EAAE,yBAAyB,EAAE,IAAI,EAAE,CAAC;KACxD,IAAI,CAAC,KAAK,CAAC;KACX,MAAM,CAAC,WAAW,EAAE;IACnB,KAAK,EAAE,IAAI;IACX,MAAM,EAAE,IAAI;IACZ,OAAO,EAAE,EAAc;CACxB,CAAC,CAAC;AAEA,MAAM,SAAS,GAAG,CAAC,KAAiB,EAAE,EAAE,CAC7C,KAAK,CAAC,OAAO,CACX,kBAAkB,EAClB,gCAAgC,EAChC,MAAM,EACN,IAAA,2BAAe,EAAC,EAAE,CAAC,CACpB,CAAC;AANS,QAAA,SAAS,aAMlB;AAEJ;;;;;;GAMG;AACH,MAAM,gBAAgB,GAAG,CAAC,IAAc,EAAE,EAAE;;IAC1C,MAAM,aAAa,GAAG,CAAC,GAAG,IAAI,CAAC,CAAC;IAChC,MAAM,SAAS,GAAG,aAAa,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,QAAQ,CAAC,CAAC;IACjE,MAAM,aAAa,GAAG,CAAC,CACrB,MAAA,CAAC,SAAS,IAAI,CAAC;QACb,CAAC,CAAC,IAAA,eAAM,EAAC,aAAa,EAAE,SAAS,EAAE,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACpD,CAAC,CAAC,SAAS,CAAC,mCAAI,qBAAqB,CACxC,CAAC;IACF,aAAa,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,aAAa,GAAG,CAAC,CAAC,CAAC,CAAC;IACxD,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,CAAC;AAC1C,CAAC,CAAC;AAEF,MAAM,EAAE,GAAG,CACT,IAEE,EACF,EAAE;IACF,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAY,GAAE,CAAC;IACnC,MAAM,EAAE,aAAa,EAAE,aAAa,EAAE,GAAG,gBAAgB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IAE1E,MAAM,IAAI,GAAG,MAAM,IAAA,iBAAS,EAC1B,8BAA8B,EAC9B,IAAA,kBAAY,EAAa,KAAK,EAAE,IAAI,EAAE,CAAC,IAAI,EAAE,GAAG,aAAa,CAAC,CAAC,CAChE,CAAC;IACF,MAAM,YAAY,GAAG,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC;IAEpD,IAAI,IAAI,IAAI,IAAI,IAAI,IAAI,IAAI,IAAI,CAAC,EAAE,EAAE;QACnC,MAAM,KAAK,GAAG,IAAA,mBAAS,EAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAClC,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;YAC3B,IAAA,cAAM,EAAC,MAAM,KAAK,EAAE,CAAC,CAAC;YACtB,OAAO;SACR;QACD,MAAM,cAAc,GAClB,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,aAAa;YAC/B,CAAC,CAAC,cAAc,aAAa,QAAQ,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG;YACrF,CAAC,CAAC,EAAE,CAAC;QACT,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI;YAC3B,CAAC,CAAC,cAAc,IAAI,CAAC,IAAI,GAAG;YAC5B,CAAC,CAAC,IAAI,CAAC,WAAW;gBAChB,CAAC,CAAC,cAAc,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,8BAA8B;gBACpE,CAAC,CAAC,EAAE,CAAC;QAET,IAAA,cAAM,EACJ,UAAU,cAAc,IAAI,KAAK,GAAG,WAAW,4DAA4D,CAC5G,CAAC;QACF,MAAM,SAAS,GAAG,IAAA,cAAK,EAAC,IAAI,CAAC,KAAK,EAAE,CAAC,EAAE,aAAa,CAAC,CAAC;QACtD,MAAM,WAAW,GAAG,IAAA,gBAAO,EAAC,SAAS,EAAE,eAAe,EAAE,MAAM,CAAC,CAAC;QAChE,MAAM,WAAW,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC;QAC5E,MAAM,SAAS,GAAG,IAAA,YAAG,EAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC;QACjE,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE;YAC9B,MAAM,OAAO,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,KAAK,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,CAAC,KAAK,EAAE,CAAC;YACvE,MAAM,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;YAChD,IAAA,cAAM,EACJ,GAAG,MAAM,GACP,WAAW;gBACT,CAAC,CAAC,IAAI,CAAC,GAAG;gBACV,CAAC,CAAC,SAAS,GAAG,EAAE;oBACd,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,OAAO,cAAO,CAAC,GAAG,GAAG,OAAO,GAAG,cAAO,CAAC,KAAK,EAAE;oBAC3D,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,GAAG,cAAO,CAAC,GAAG,MAAM,OAAO,GAAG,cAAO,CAAC,KAAK,EAChF,EAAE,CACH,CAAC;SACH;KACF;SAAM;QACL,MAAM,IAAI,CAAC;KACZ;AACH,CAAC,CAAA,CAAC"}
package/dist/commands/scp.js CHANGED
@@ -83,6 +83,11 @@ const scpAction = (args) => __awaiter(void 0, void 0, void 0, function* () {
83
83
  ? args["--"].map(String)
84
84
  : [];
85
85
  args.sshOptions = sshOptions;
86
+ // TODO(ENG-3142): Azure SSH currently doesn't support specifying a port; throw an error if one is set.
87
+ if (args.provider === "azure" &&
88
+ sshOptions.some((opt) => opt.startsWith("-P"))) {
89
+ throw "Azure SSH does not currently support specifying a port. SSH on the target VM must be listening on the default port 22.";
90
+ }
86
91
  const host = getHostIdentifier(args.source, args.destination);
87
92
  if (!host) {
88
93
  throw "Could not determine host identifier from source or destination";
package/dist/commands/scp.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"scp.js","sourceRoot":"","sources":["../../src/commands/scp.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,0CAA+C;AAC/C,oDAAuD;AACvD,wCAA0C;AAC1C,sCAAiE;AACjE,sCAA8D;AAGvD,MAAM,UAAU,GAAG,CAAC,KAAiB,EAAE,EAAE,CAC9C,KAAK,CAAC,OAAO,CACX,4BAA4B;AAC5B,6DAA6D;AAC7D,mDAAmD,EACnD,CAAC,KAAK,EAAE,EAAE,CACR,KAAK;KACF,UAAU,CAAC,QAAQ,EAAE;IACpB,IAAI,EAAE,QAAQ;IACd,YAAY,EAAE,IAAI;IAClB,WAAW,EAAE,wBAAwB;CACtC,CAAC;KACD,UAAU,CAAC,aAAa,EAAE;IACzB,IAAI,EAAE,QAAQ;IACd,YAAY,EAAE,IAAI;IAClB,WAAW,EAAE,wBAAwB;CACtC,CAAC;KACD,MAAM,CAAC,GAAG,EAAE;IACX,KAAK,EAAE,WAAW;IAClB,IAAI,EAAE,SAAS;IACf,QAAQ,EAAE,qCAAqC;CAChD,CAAC;KACD,MAAM,CAAC,QAAQ,EAAE;IAChB,QAAQ,EAAE,yBAAyB;IACnC,IAAI,EAAE,QAAQ;CACf,CAAC;KACD,MAAM,CAAC,SAAS,EAAE;IACjB,IAAI,EAAE,QAAQ;IACd,QAAQ,EAAE,8CAA8C;CACzD,CAAC;KACD,MAAM,CAAC,UAAU,EAAE;IAClB,IAAI,EAAE,QAAQ;IACd,QAAQ,EAAE,iDAAiD;IAC3D,OAAO,EAAE,2BAAqB;CAC/B,CAAC;KACD,MAAM,CAAC,MAAM,EAAE;IACd,IAAI,EAAE,SAAS;IACf,QAAQ,EAAE,0BAA0B;CACrC,CAAC;KACD,MAAM,CAAC,OAAO,EAAE;IACf,IAAI,EAAE,SAAS;IACf,QAAQ,EAAE,0BAA0B;CACrC,CAAC;KACD,KAAK,CAAC,8CAA8C,CAAC;IACtD,+DAA+D;KAC9D,mBAAmB,CAAC;IACnB,YAAY,EAAE,IAAI;CACnB,CAAC;KACD,QAAQ,CACP;;sGAE4F,CAC7F,EAEL,IAAA,2BAAe,EAAC,SAAS,CAAC,CAC3B,CAAC;AAvDS,QAAA,UAAU,cAuDnB;AAEJ;;;GAGG;AACH,MAAM,SAAS,GAAG,CAAO,IAA8C,EAAE,EAAE;IACzE,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAY,GAAE,CAAC;IAEnC,MAAM,UAAU,GAAa,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACpD,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC;QACxB,CAAC,CAAC,EAAE,CAAC;IACP,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAE7B,MAAM,IAAI,GAAG,iBAAiB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;IAE9D,IAAI,CAAC,IAAI,EAAE;QACT,MAAM,gEAAgE,CAAC;KACxE;IAED,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,GAAG,MAAM,IAAA,oBAAc,EAC/D,KAAK,EACL,IAAI,EACJ,IAAI,CACL,CAAC;IAEF,qDAAqD;IACrD,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,GAAG,uBAAuB,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IAEvE,MAAM,IAAA,cAAQ,EAAC;QACb,KAAK;QACL,OAAO;QACP,OAAO,kCACF,IAAI,KACP,MAAM;YACN,WAAW,GACZ;QACD,UAAU;QACV,WAAW;KACZ,CAAC,CAAC;AACL,CAAC,CAAA,CAAC;AAEF,sFAAsF;AACtF,MAAM,oBAAoB,GAAG,gBAAgB,CAAC,CAAC,sBAAsB;AAErE,gFAAgF;AAChF,MAAM,kBAAkB,GAAG,CAAC,IAAY,EAAW,EAAE;IACnD,OAAO,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACzC,CAAC,CAAC;AAEF,MAAM,iBAAiB,GAAG,CAAC,MAAc,EAAE,WAAmB,EAAE,EAAE;IAChE,6FAA6F;IAC7F,MAAM,cAAc,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;IAClD,MAAM,mBAAmB,GAAG,kBAAkB,CAAC,WAAW,CAAC,CAAC;IAE5D,MAAM,MAAM,GAAG,cAAc,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC;IAErD,IAAI,cAAc,IAAI,mBAAmB,EAAE;QACzC,OAAO,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;KAC7B;IAED,6DAA6D;IAC7D,MAAM,0DAA0D,CAAC;AACnE,CAAC,CAAC;AAEF,MAAM,uBAAuB,GAAG,CAAC,MAAkB,EAAE,IAAoB,EAAE,EAAE;IAC3E,IAAI,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;IACzB,IAAI,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;IAEnC,IAAI,kBAAkB,CAAC,MAAM,CAAC,EAAE;QAC9B,MAAM,GAAG,GAAG,MAAM,CAAC,aAAa,IAAI,MAAM,CAAC,EAAE,IAAI,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;KACzE;IAED,IAAI,kBAAkB,CAAC,WAAW,CAAC,EAAE;QACnC,WAAW,GAAG,GAAG,MAAM,CAAC,aAAa,IAAI,MAAM,CAAC,EAAE,IAAI,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;KACnF;IAED,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;AACjC,CAAC,CAAC"}
1
+ {"version":3,"file":"scp.js","sourceRoot":"","sources":["../../src/commands/scp.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,0CAA+C;AAC/C,oDAAuD;AACvD,wCAA0C;AAC1C,sCAAiE;AACjE,sCAA8D;AAGvD,MAAM,UAAU,GAAG,CAAC,KAAiB,EAAE,EAAE,CAC9C,KAAK,CAAC,OAAO,CACX,4BAA4B;AAC5B,6DAA6D;AAC7D,mDAAmD,EACnD,CAAC,KAAK,EAAE,EAAE,CACR,KAAK;KACF,UAAU,CAAC,QAAQ,EAAE;IACpB,IAAI,EAAE,QAAQ;IACd,YAAY,EAAE,IAAI;IAClB,WAAW,EAAE,wBAAwB;CACtC,CAAC;KACD,UAAU,CAAC,aAAa,EAAE;IACzB,IAAI,EAAE,QAAQ;IACd,YAAY,EAAE,IAAI;IAClB,WAAW,EAAE,wBAAwB;CACtC,CAAC;KACD,MAAM,CAAC,GAAG,EAAE;IACX,KAAK,EAAE,WAAW;IAClB,IAAI,EAAE,SAAS;IACf,QAAQ,EAAE,qCAAqC;CAChD,CAAC;KACD,MAAM,CAAC,QAAQ,EAAE;IAChB,QAAQ,EAAE,yBAAyB;IACnC,IAAI,EAAE,QAAQ;CACf,CAAC;KACD,MAAM,CAAC,SAAS,EAAE;IACjB,IAAI,EAAE,QAAQ;IACd,QAAQ,EAAE,8CAA8C;CACzD,CAAC;KACD,MAAM,CAAC,UAAU,EAAE;IAClB,IAAI,EAAE,QAAQ;IACd,QAAQ,EAAE,iDAAiD;IAC3D,OAAO,EAAE,2BAAqB;CAC/B,CAAC;KACD,MAAM,CAAC,MAAM,EAAE;IACd,IAAI,EAAE,SAAS;IACf,QAAQ,EAAE,0BAA0B;CACrC,CAAC;KACD,MAAM,CAAC,OAAO,EAAE;IACf,IAAI,EAAE,SAAS;IACf,QAAQ,EAAE,0BAA0B;CACrC,CAAC;KACD,KAAK,CAAC,8CAA8C,CAAC;IACtD,+DAA+D;KAC9D,mBAAmB,CAAC;IACnB,YAAY,EAAE,IAAI;CACnB,CAAC;KACD,QAAQ,CACP;;sGAE4F,CAC7F,EAEL,IAAA,2BAAe,EAAC,SAAS,CAAC,CAC3B,CAAC;AAvDS,QAAA,UAAU,cAuDnB;AAEJ;;;GAGG;AACH,MAAM,SAAS,GAAG,CAAO,IAA8C,EAAE,EAAE;IACzE,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAY,GAAE,CAAC;IAEnC,MAAM,UAAU,GAAa,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACpD,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC;QACxB,CAAC,CAAC,EAAE,CAAC;IACP,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAE7B,uGAAuG;IACvG,IACE,IAAI,CAAC,QAAQ,KAAK,OAAO;QACzB,UAAU,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,EAC9C;QACA,MAAM,wHAAwH,CAAC;KAChI;IAED,MAAM,IAAI,GAAG,iBAAiB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;IAE9D,IAAI,CAAC,IAAI,EAAE;QACT,MAAM,gEAAgE,CAAC;KACxE;IAED,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,GAAG,MAAM,IAAA,oBAAc,EAC/D,KAAK,EACL,IAAI,EACJ,IAAI,CACL,CAAC;IAEF,qDAAqD;IACrD,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,GAAG,uBAAuB,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IAEvE,MAAM,IAAA,cAAQ,EAAC;QACb,KAAK;QACL,OAAO;QACP,OAAO,kCACF,IAAI,KACP,MAAM;YACN,WAAW,GACZ;QACD,UAAU;QACV,WAAW;KACZ,CAAC,CAAC;AACL,CAAC,CAAA,CAAC;AAEF,sFAAsF;AACtF,MAAM,oBAAoB,GAAG,gBAAgB,CAAC,CAAC,sBAAsB;AAErE,gFAAgF;AAChF,MAAM,kBAAkB,GAAG,CAAC,IAAY,EAAW,EAAE;IACnD,OAAO,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACzC,CAAC,CAAC;AAEF,MAAM,iBAAiB,GAAG,CAAC,MAAc,EAAE,WAAmB,EAAE,EAAE;IAChE,6FAA6F;IAC7F,MAAM,cAAc,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;IAClD,MAAM,mBAAmB,GAAG,kBAAkB,CAAC,WAAW,CAAC,CAAC;IAE5D,MAAM,MAAM,GAAG,cAAc,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC;IAErD,IAAI,cAAc,IAAI,mBAAmB,EAAE;QACzC,OAAO,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;KAC7B;IAED,6DAA6D;IAC7D,MAAM,0DAA0D,CAAC;AACnE,CAAC,CAAC;AAEF,MAAM,uBAAuB,GAAG,CAAC,MAAkB,EAAE,IAAoB,EAAE,EAAE;IAC3E,IAAI,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;IACzB,IAAI,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;IAEnC,IAAI,kBAAkB,CAAC,MAAM,CAAC,EAAE;QAC9B,MAAM,GAAG,GAAG,MAAM,CAAC,aAAa,IAAI,MAAM,CAAC,EAAE,IAAI,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;KACzE;IAED,IAAI,kBAAkB,CAAC,WAAW,CAAC,EAAE;QACnC,WAAW,GAAG,GAAG,MAAM,CAAC,aAAa,IAAI,MAAM,CAAC,EAAE,IAAI,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;KACnF;IAED,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;AACjC,CAAC,CAAC"}
package/dist/commands/shared/ssh.d.ts CHANGED
@@ -5,7 +5,7 @@ import yargs from "yargs";
5
5
  export type BaseSshCommandArgs = {
6
6
  sudo?: boolean;
7
7
  reason?: string;
8
- account?: string;
8
+ parent?: string;
9
9
  provider?: SupportedSshProvider;
10
10
  debug?: boolean;
11
11
  sshOptions?: string[];
@@ -22,6 +22,16 @@ export type SshCommandArgs = BaseSshCommandArgs & {
22
22
  command?: string;
23
23
  };
24
24
  export type CommandArgs = ScpCommandArgs | SshCommandArgs;
25
+ export type SshAdditionalSetup = {
26
+ /** A list of SSH configuration options, as would be used after '-o' in an SSH command */
27
+ sshOptions: string[];
28
+ /** The path to the private key file to use for the SSH connection, instead of the default P0 CLI managed key */
29
+ identityFile: string;
30
+ /** The port to connect to, overriding the default */
31
+ port: string;
32
+ /** Perform any teardown required after the SSH command exits but before terminating the P0 CLI */
33
+ teardown: () => Promise<void>;
34
+ };
25
35
  export declare const SSH_PROVIDERS: Record<SupportedSshProvider, SshProvider<any, any, any, any>>;
26
36
  export declare const isSudoCommand: (args: {
27
37
  sudo?: boolean;
package/dist/commands/shared/ssh.js CHANGED
@@ -66,7 +66,7 @@ const provisionRequest = (authn, args, destination) => __awaiter(void 0, void 0,
66
66
  ...(args.provider ? ["--provider", args.provider] : []),
67
67
  ...((0, exports.isSudoCommand)(args) ? ["--sudo"] : []),
68
68
  ...(args.reason ? ["--reason", args.reason] : []),
69
- ...(args.account ? ["--account", args.account] : []),
69
+ ...(args.parent ? ["--parent", args.parent] : []),
70
70
  ], wait: true }), authn, { message: "approval-required" });
71
71
  if (!response) {
72
72
  (0, stdio_1.print2)("Did not receive access ID from server");
@@ -78,9 +78,6 @@ const provisionRequest = (authn, args, destination) => __awaiter(void 0, void 0,
78
78
  else
79
79
  (0, stdio_1.print2)("Existing access found. Connecting to instance.");
80
80
  const provisionedRequest = yield (0, _1.waitForProvisioning)(authn, id);
81
- if (provisionedRequest.permission.publicKey !== publicKey) {
82
- throw "Public key mismatch. Please revoke the request and try again.";
83
- }
84
81
  return { provisionedRequest, publicKey, privateKey };
85
82
  });
86
83
  exports.provisionRequest = provisionRequest;
@@ -89,8 +86,12 @@ const prepareRequest = (authn, args, destination) => __awaiter(void 0, void 0, v
89
86
  if (!result) {
90
87
  throw "Server did not return a request id. Please contact support@p0.dev for assistance.";
91
88
  }
92
- const { provisionedRequest } = result;
89
+ const { provisionedRequest, publicKey } = result;
93
90
  const sshProvider = exports.SSH_PROVIDERS[provisionedRequest.permission.provider];
91
+ if (sshProvider.validateSshKey &&
92
+ !sshProvider.validateSshKey(provisionedRequest, publicKey)) {
93
+ throw "Public key mismatch. Please revoke the request and try again.";
94
+ }
94
95
  yield sshProvider.ensureInstall();
95
96
  const cliRequest = yield pluginToCliRequest(provisionedRequest, {
96
97
  debug: args.debug,
package/dist/commands/shared/ssh.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ssh.js","sourceRoot":"","sources":["../../../src/commands/shared/ssh.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,wBAAwC;AACxC,4CAAkD;AAClD,uDAA8C;AAC9C,+CAA6C;AAC7C,+CAAuD;AACvD,iDAA2D;AAC3D,kDAA0D;AAI1D,yCAMyB;AACzB,uCAAoC;AACpC,kDAA4C;AAC5C,mCAA8B;AA2BjB,QAAA,aAAa,GAGtB;IACF,GAAG,EAAE,oBAAc;IACnB,KAAK,EAAE,sBAAgB;IACvB,MAAM,EAAE,oBAAc;CACvB,CAAC;AAEF,MAAM,kBAAkB,GAAG,CACzB,KAAY,EACZ,IAAkD,EAClD,EAAE;;IACF,MAAM,SAAS,GAAG,MAAM,IAAA,kBAAM,EAC5B,IAAA,eAAG,EAAC,KAAK,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,mBAAmB,CAAC,CACzD,CAAC;IACF,MAAM,WAAW,GAAG,MAAA,SAAS,CAAC,IAAI,EAAE,0CAAG,WAAW,CAAC,CAAC;IAEpD,MAAM,gBAAgB,GAAG,IAAI,CAAC,QAAQ;QACpC,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC;QACjB,CAAC,CAAC,2BAAqB,CAAC;IAE1B,MAAM,KAAK,GAAG,MAAM,CAAC,OAAO,CAAC,WAAW,aAAX,WAAW,cAAX,WAAW,GAAI,EAAE,CAAC,CAAC,MAAM,CACpD,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CACf,KAAK,CAAC,KAAK,IAAI,WAAW;QAC1B,gBAAgB,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAC5D,CAAC;IACF,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;QACtB,MAAM,mEAAmE,CAAC;KAC3E;AACH,CAAC,CAAA,CAAC;AAEF,MAAM,kBAAkB,GAAG,CACzB,OAAkC,EAClC,OAA6B,EACI,EAAE;IACnC,OAAA,MAAM,qBAAa,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,YAAY,CAC3D,OAAc,EACd,OAAO,CACR,CAAA;EAAA,CAAC;AAEG,MAAM,aAAa,GAAG,CAAC,IAA0C,EAAE,EAAE,CAC1E,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,KAAK,MAAM,CAAC;AAD1B,QAAA,aAAa,iBACa;AAEhC,MAAM,gBAAgB,GAAG,CAC9B,KAAY,EACZ,IAAkD,EAClD,WAAmB,EACnB,EAAE;IACF,MAAM,kBAAkB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IAEtC,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,MAAM,IAAA,oBAAa,GAAE,CAAC;IAExD,MAAM,QAAQ,GAAG,MAAM,IAAA,iBAAO,EAAC,SAAS,CAAC,iCAElC,IAAA,aAAI,EAAC,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC,KACxB,SAAS,EAAE;YACT,KAAK;YACL,SAAS;YACT,WAAW;YACX,cAAc;YACd,SAAS;YACT,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,YAAY,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACvD,GAAG,CAAC,IAAA,qBAAa,EAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC1C,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACjD,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;SACrD,EACD,IAAI,EAAE,IAAI,KAEZ,KAAK,EACL,EAAE,OAAO,EAAE,mBAAmB,EAAE,CACjC,CAAC;IAEF,IAAI,CAAC,QAAQ,EAAE;QACb,IAAA,cAAM,EAAC,uCAAuC,CAAC,CAAC;QAChD,OAAO;KACR;IACD,MAAM,EAAE,EAAE,EAAE,aAAa,EAAE,GAAG,QAAQ,CAAC;IACvC,IAAI,CAAC,aAAa;QAAE,IAAA,cAAM,EAAC,sCAAsC,CAAC,CAAC;;QAC9D,IAAA,cAAM,EAAC,iDAAiD,CAAC,CAAC;IAE/D,MAAM,kBAAkB,GAAG,MAAM,IAAA,sBAAmB,EAClD,KAAK,EACL,EAAE,CACH,CAAC;IACF,IAAI,kBAAkB,CAAC,UAAU,CAAC,SAAS,KAAK,SAAS,EAAE;QACzD,MAAM,+DAA+D,CAAC;KACvE;IAED,OAAO,EAAE,kBAAkB,EAAE,SAAS,EAAE,UAAU,EAAE,CAAC;AACvD,CAAC,CAAA,CAAC;AA9CW,QAAA,gBAAgB,oBA8C3B;AAEK,MAAM,cAAc,GAAG,CAC5B,KAAY,EACZ,IAAkD,EAClD,WAAmB,EACnB,EAAE;IACF,MAAM,MAAM,GAAG,MAAM,IAAA,wBAAgB,EAAC,KAAK,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC;IAChE,IAAI,CAAC,MAAM,EAAE;QACX,MAAM,mFAAmF,CAAC;KAC3F;IAED,MAAM,EAAE,kBAAkB,EAAE,GAAG,MAAM,CAAC;IAEtC,MAAM,WAAW,GAAG,qBAAa,CAAC,kBAAkB,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IAC1E,MAAM,WAAW,CAAC,aAAa,EAAE,CAAC;IAElC,MAAM,UAAU,GAAG,MAAM,kBAAkB,CAAC,kBAAkB,EAAE;QAC9D,KAAK,EAAE,IAAI,CAAC,KAAK;KAClB,CAAC,CAAC;IACH,MAAM,OAAO,GAAG,WAAW,CAAC,YAAY,CAAC,UAAU,CAAC,CAAC;IAErD,uCAAY,MAAM,KAAE,OAAO,EAAE,WAAW,IAAG;AAC7C,CAAC,CAAA,CAAC;AArBW,QAAA,cAAc,kBAqBzB"}
1
+ {"version":3,"file":"ssh.js","sourceRoot":"","sources":["../../../src/commands/shared/ssh.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,wBAAwC;AACxC,4CAAkD;AAClD,uDAA8C;AAC9C,+CAA6C;AAC7C,+CAAuD;AACvD,iDAA2D;AAC3D,kDAA0D;AAI1D,yCAMyB;AACzB,uCAAoC;AACpC,kDAA4C;AAC5C,mCAA8B;AAyCjB,QAAA,aAAa,GAGtB;IACF,GAAG,EAAE,oBAAc;IACnB,KAAK,EAAE,sBAAgB;IACvB,MAAM,EAAE,oBAAc;CACvB,CAAC;AAEF,MAAM,kBAAkB,GAAG,CACzB,KAAY,EACZ,IAAkD,EAClD,EAAE;;IACF,MAAM,SAAS,GAAG,MAAM,IAAA,kBAAM,EAC5B,IAAA,eAAG,EAAC,KAAK,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,mBAAmB,CAAC,CACzD,CAAC;IACF,MAAM,WAAW,GAAG,MAAA,SAAS,CAAC,IAAI,EAAE,0CAAG,WAAW,CAAC,CAAC;IAEpD,MAAM,gBAAgB,GAAG,IAAI,CAAC,QAAQ;QACpC,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC;QACjB,CAAC,CAAC,2BAAqB,CAAC;IAE1B,MAAM,KAAK,GAAG,MAAM,CAAC,OAAO,CAAC,WAAW,aAAX,WAAW,cAAX,WAAW,GAAI,EAAE,CAAC,CAAC,MAAM,CACpD,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CACf,KAAK,CAAC,KAAK,IAAI,WAAW;QAC1B,gBAAgB,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAC5D,CAAC;IAEF,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;QACtB,MAAM,mEAAmE,CAAC;KAC3E;AACH,CAAC,CAAA,CAAC;AAEF,MAAM,kBAAkB,GAAG,CACzB,OAAkC,EAClC,OAA6B,EACI,EAAE;IACnC,OAAA,MAAM,qBAAa,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,YAAY,CAC3D,OAAc,EACd,OAAO,CACR,CAAA;EAAA,CAAC;AAEG,MAAM,aAAa,GAAG,CAAC,IAA0C,EAAE,EAAE,CAC1E,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,KAAK,MAAM,CAAC;AAD1B,QAAA,aAAa,iBACa;AAEhC,MAAM,gBAAgB,GAAG,CAC9B,KAAY,EACZ,IAAkD,EAClD,WAAmB,EACnB,EAAE;IACF,MAAM,kBAAkB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IAEtC,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,MAAM,IAAA,oBAAa,GAAE,CAAC;IAExD,MAAM,QAAQ,GAAG,MAAM,IAAA,iBAAO,EAAC,SAAS,CAAC,iCAElC,IAAA,aAAI,EAAC,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC,KACxB,SAAS,EAAE;YACT,KAAK;YACL,SAAS;YACT,WAAW;YACX,cAAc;YACd,SAAS;YACT,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,YAAY,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACvD,GAAG,CAAC,IAAA,qBAAa,EAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC1C,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACjD,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;SAClD,EACD,IAAI,EAAE,IAAI,KAEZ,KAAK,EACL,EAAE,OAAO,EAAE,mBAAmB,EAAE,CACjC,CAAC;IAEF,IAAI,CAAC,QAAQ,EAAE;QACb,IAAA,cAAM,EAAC,uCAAuC,CAAC,CAAC;QAChD,OAAO;KACR;IACD,MAAM,EAAE,EAAE,EAAE,aAAa,EAAE,GAAG,QAAQ,CAAC;IACvC,IAAI,CAAC,aAAa;QAAE,IAAA,cAAM,EAAC,sCAAsC,CAAC,CAAC;;QAC9D,IAAA,cAAM,EAAC,iDAAiD,CAAC,CAAC;IAE/D,MAAM,kBAAkB,GAAG,MAAM,IAAA,sBAAmB,EAClD,KAAK,EACL,EAAE,CACH,CAAC;IAEF,OAAO,EAAE,kBAAkB,EAAE,SAAS,EAAE,UAAU,EAAE,CAAC;AACvD,CAAC,CAAA,CAAC;AA3CW,QAAA,gBAAgB,oBA2C3B;AAEK,MAAM,cAAc,GAAG,CAC5B,KAAY,EACZ,IAAkD,EAClD,WAAmB,EACnB,EAAE;IACF,MAAM,MAAM,GAAG,MAAM,IAAA,wBAAgB,EAAC,KAAK,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC;IAChE,IAAI,CAAC,MAAM,EAAE;QACX,MAAM,mFAAmF,CAAC;KAC3F;IAED,MAAM,EAAE,kBAAkB,EAAE,SAAS,EAAE,GAAG,MAAM,CAAC;IAEjD,MAAM,WAAW,GAAG,qBAAa,CAAC,kBAAkB,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IAE1E,IACE,WAAW,CAAC,cAAc;QAC1B,CAAC,WAAW,CAAC,cAAc,CAAC,kBAAkB,EAAE,SAAS,CAAC,EAC1D;QACA,MAAM,+DAA+D,CAAC;KACvE;IAED,MAAM,WAAW,CAAC,aAAa,EAAE,CAAC;IAElC,MAAM,UAAU,GAAG,MAAM,kBAAkB,CAAC,kBAAkB,EAAE;QAC9D,KAAK,EAAE,IAAI,CAAC,KAAK;KAClB,CAAC,CAAC;IACH,MAAM,OAAO,GAAG,WAAW,CAAC,YAAY,CAAC,UAAU,CAAC,CAAC;IAErD,uCAAY,MAAM,KAAE,OAAO,EAAE,WAAW,IAAG;AAC7C,CAAC,CAAA,CAAC;AA7BW,QAAA,cAAc,kBA6BzB"}
package/dist/commands/ssh.js CHANGED
@@ -48,14 +48,14 @@ const sshCommand = (yargs) => yargs.command("ssh <destination> [command [argumen
48
48
  describe: "Reason access is needed",
49
49
  type: "string",
50
50
  })
51
- .option("account", {
51
+ .option("parent", {
52
52
  type: "string",
53
- describe: "The account on which the instance is located",
53
+ describe: "The containing parent resource which the instance belongs to (account, project, subscription, etc.)",
54
54
  })
55
55
  .option("provider", {
56
56
  type: "string",
57
57
  describe: "The cloud provider where the instance is hosted",
58
- choices: ["aws", "gcloud"],
58
+ choices: ["aws", "azure", "gcloud"],
59
59
  })
60
60
  .option("debug", {
61
61
  type: "boolean",
@@ -86,6 +86,11 @@ const sshAction = (args) => __awaiter(void 0, void 0, void 0, function* () {
86
86
  ? args["--"].map(String)
87
87
  : [];
88
88
  args.sshOptions = sshOptions;
89
+ // TODO(ENG-3142): Azure SSH currently doesn't support specifying a port; throw an error if one is set.
90
+ if (args.provider === "azure" &&
91
+ sshOptions.some((opt) => opt.startsWith("-p"))) {
92
+ throw "Azure SSH does not currently support specifying a port. SSH on the target VM must be listening on the default port 22.";
93
+ }
89
94
  const { request, privateKey, sshProvider } = yield (0, ssh_2.prepareRequest)(authn, args, args.destination);
90
95
  yield (0, ssh_1.sshOrScp)({
91
96
  authn,
package/dist/commands/ssh.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ssh.js","sourceRoot":"","sources":["../../src/commands/ssh.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,0CAA+C;AAC/C,oDAAuD;AACvD,wCAA0C;AAC1C,sCAA8D;AAGvD,MAAM,UAAU,GAAG,CAAC,KAAiB,EAAE,EAAE,CAC9C,KAAK,CAAC,OAAO,CACX,2CAA2C,EAC3C,4BAA4B,EAC5B,CAAC,KAAK,EAAE,EAAE,CACR,KAAK;KACF,UAAU,CAAC,aAAa,EAAE;IACzB,IAAI,EAAE,QAAQ;IACd,YAAY,EAAE,IAAI;CACnB,CAAC;KACD,UAAU,CAAC,SAAS,EAAE;IACrB,IAAI,EAAE,QAAQ;IACd,QAAQ,EAAE,2BAA2B;CACtC,CAAC;KACD,UAAU,CAAC,WAAW,EAAE;IACvB,QAAQ,EAAE,mBAAmB;IAC7B,KAAK,EAAE,IAAI;IACX,MAAM,EAAE,IAAI;IACZ,OAAO,EAAE,EAAc;CACxB,CAAC;KACD,MAAM,CAAC,MAAM,EAAE;IACd,IAAI,EAAE,SAAS;IACf,QAAQ,EAAE,0BAA0B;CACrC,CAAC;IACF,8BAA8B;KAC7B,MAAM,CAAC,QAAQ,EAAE;IAChB,QAAQ,EAAE,yBAAyB;IACnC,IAAI,EAAE,QAAQ;CACf,CAAC;KACD,MAAM,CAAC,SAAS,EAAE;IACjB,IAAI,EAAE,QAAQ;IACd,QAAQ,EAAE,8CAA8C;CACzD,CAAC;KACD,MAAM,CAAC,UAAU,EAAE;IAClB,IAAI,EAAE,QAAQ;IACd,QAAQ,EAAE,iDAAiD;IAC3D,OAAO,EAAE,CAAC,KAAK,EAAE,QAAQ,CAAC;CAC3B,CAAC;KACD,MAAM,CAAC,OAAO,EAAE;IACf,IAAI,EAAE,SAAS;IACf,QAAQ,EAAE,0BAA0B;CACrC,CAAC;KACD,KAAK,CAAC,gEAAgE,CAAC;IACxE,+DAA+D;KAC9D,mBAAmB,CAAC;IACnB,YAAY,EAAE,IAAI;CACnB,CAAC;KACD,QAAQ,CACP;;;;mGAIyF,CAC1F,EAEL,IAAA,2BAAe,EAAC,SAAS,CAAC,CAC3B,CAAC;AAxDS,QAAA,UAAU,cAwDnB;AAEJ;;;;;;GAMG;AACH,MAAM,SAAS,GAAG,CAAO,IAA8C,EAAE,EAAE;IACzE,0FAA0F;IAC1F,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAY,GAAE,CAAC;IAEnC,MAAM,UAAU,GAAa,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACpD,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC;QACxB,CAAC,CAAC,EAAE,CAAC;IACP,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAE7B,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,GAAG,MAAM,IAAA,oBAAc,EAC/D,KAAK,EACL,IAAI,EACJ,IAAI,CAAC,WAAW,CACjB,CAAC;IAEF,MAAM,IAAA,cAAQ,EAAC;QACb,KAAK;QACL,OAAO;QACP,OAAO,EAAE,IAAI;QACb,UAAU;QACV,WAAW;KACZ,CAAC,CAAC;AACL,CAAC,CAAA,CAAC"}
1
+ {"version":3,"file":"ssh.js","sourceRoot":"","sources":["../../src/commands/ssh.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,0CAA+C;AAC/C,oDAAuD;AACvD,wCAA0C;AAC1C,sCAA8D;AAGvD,MAAM,UAAU,GAAG,CAAC,KAAiB,EAAE,EAAE,CAC9C,KAAK,CAAC,OAAO,CACX,2CAA2C,EAC3C,4BAA4B,EAC5B,CAAC,KAAK,EAAE,EAAE,CACR,KAAK;KACF,UAAU,CAAC,aAAa,EAAE;IACzB,IAAI,EAAE,QAAQ;IACd,YAAY,EAAE,IAAI;CACnB,CAAC;KACD,UAAU,CAAC,SAAS,EAAE;IACrB,IAAI,EAAE,QAAQ;IACd,QAAQ,EAAE,2BAA2B;CACtC,CAAC;KACD,UAAU,CAAC,WAAW,EAAE;IACvB,QAAQ,EAAE,mBAAmB;IAC7B,KAAK,EAAE,IAAI;IACX,MAAM,EAAE,IAAI;IACZ,OAAO,EAAE,EAAc;CACxB,CAAC;KACD,MAAM,CAAC,MAAM,EAAE;IACd,IAAI,EAAE,SAAS;IACf,QAAQ,EAAE,0BAA0B;CACrC,CAAC;IACF,8BAA8B;KAC7B,MAAM,CAAC,QAAQ,EAAE;IAChB,QAAQ,EAAE,yBAAyB;IACnC,IAAI,EAAE,QAAQ;CACf,CAAC;KACD,MAAM,CAAC,QAAQ,EAAE;IAChB,IAAI,EAAE,QAAQ;IACd,QAAQ,EACN,qGAAqG;CACxG,CAAC;KACD,MAAM,CAAC,UAAU,EAAE;IAClB,IAAI,EAAE,QAAQ;IACd,QAAQ,EAAE,iDAAiD;IAC3D,OAAO,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,QAAQ,CAAC;CACpC,CAAC;KACD,MAAM,CAAC,OAAO,EAAE;IACf,IAAI,EAAE,SAAS;IACf,QAAQ,EAAE,0BAA0B;CACrC,CAAC;KACD,KAAK,CAAC,gEAAgE,CAAC;IACxE,+DAA+D;KAC9D,mBAAmB,CAAC;IACnB,YAAY,EAAE,IAAI;CACnB,CAAC;KACD,QAAQ,CACP;;;;mGAIyF,CAC1F,EAEL,IAAA,2BAAe,EAAC,SAAS,CAAC,CAC3B,CAAC;AAzDS,QAAA,UAAU,cAyDnB;AAEJ;;;;;;GAMG;AACH,MAAM,SAAS,GAAG,CAAO,IAA8C,EAAE,EAAE;IACzE,0FAA0F;IAC1F,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAY,GAAE,CAAC;IAEnC,MAAM,UAAU,GAAa,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACpD,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC;QACxB,CAAC,CAAC,EAAE,CAAC;IACP,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAE7B,uGAAuG;IACvG,IACE,IAAI,CAAC,QAAQ,KAAK,OAAO;QACzB,UAAU,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,EAC9C;QACA,MAAM,wHAAwH,CAAC;KAChI;IAED,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,GAAG,MAAM,IAAA,oBAAc,EAC/D,KAAK,EACL,IAAI,EACJ,IAAI,CAAC,WAAW,CACjB,CAAC;IAEF,MAAM,IAAA,cAAQ,EAAC;QACb,KAAK;QACL,OAAO;QACP,OAAO,EAAE,IAAI;QACb,UAAU;QACV,WAAW;KACZ,CAAC,CAAC;AACL,CAAC,CAAA,CAAC"}
package/dist/plugins/aws/ssh.js CHANGED
@@ -55,6 +55,7 @@ exports.awsSshProvider = {
55
55
  ? yield (0, aws_1.assumeRoleWithOktaSaml)(authn, request)
56
56
  : (0, util_1.throwAssertNever)(config.login);
57
57
  }),
58
+ validateSshKey: (request, publicKey) => request.permission.publicKey === publicKey,
58
59
  ensureInstall: () => __awaiter(void 0, void 0, void 0, function* () {
59
60
  if (!(yield (0, install_1.ensureSsmInstall)())) {
60
61
  throw "Please try again after installing the required AWS utilities";
package/dist/plugins/aws/ssh.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ssh.js","sourceRoot":"","sources":["../../../src/plugins/aws/ssh.ts"],"names":[],"mappings":";;;;;;;;;;;;AAWA,qCAA8C;AAC9C,qCAAqD;AACrD,qCAAwC;AACxC,+BAA0C;AAC1C,2CAAiD;AASjD,MAAM,4BAA4B,GAAG,EAAE,GAAG,IAAI,CAAC;AAE/C,iGAAiG;AACjG,MAAM,+BAA+B,GAAG,qBAAqB,CAAC;AAE9D;;;;;;GAMG;AACH,MAAM,2BAA2B,GAAG;IAClC,kFAAkF;IAClF,sFAAsF;IACtF;QACE,OAAO,EACL,0RAA0R;KAC7R;IACD;;;;;;OAMG;IACH;QACE,OAAO,EAAE,kEAAkE;KAC5E;CACO,CAAC;AAEE,QAAA,cAAc,GAKvB;IACF,kBAAkB,EAAE,CAAO,KAAK,EAAE,OAAO,EAAE,EAAE;;QAC3C,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,IAAA,qBAAY,EAAC,KAAK,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;QAChE,IAAI,CAAC,CAAA,MAAA,MAAM,CAAC,KAAK,0CAAE,IAAI,CAAA,IAAI,CAAA,MAAA,MAAM,CAAC,KAAK,0CAAE,IAAI,MAAK,KAAK,EAAE;YACvD,MAAM,8DAA8D,CAAC;SACtE;QAED,OAAO,CAAA,MAAA,MAAM,CAAC,KAAK,0CAAE,IAAI,MAAK,KAAK;YACjC,CAAC,CAAC,MAAM,IAAA,uBAAiB,EAAC,OAA2B,CAAC;YACtD,CAAC,CAAC,CAAA,MAAA,MAAM,CAAC,KAAK,0CAAE,IAAI,MAAK,WAAW;gBAClC,CAAC,CAAC,MAAM,IAAA,4BAAsB,EAAC,KAAK,EAAE,OAA4B,CAAC;gBACnE,CAAC,CAAC,IAAA,uBAAgB,EAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACvC,CAAC,CAAA;IAED,aAAa,EAAE,GAAS,EAAE;QACxB,IAAI,CAAC,CAAC,MAAM,IAAA,0BAAgB,GAAE,CAAC,EAAE;YAC/B,MAAM,8DAA8D,CAAC;SACtE;IACH,CAAC,CAAA;IAED,YAAY,EAAE,KAAK;IAEnB,oBAAoB,EAAE,4BAA4B;IAElD,4BAA4B,EAAE,GAAG,EAAE,CAAC,SAAS;IAE7C,YAAY,EAAE,CAAC,OAAO,EAAE,EAAE;QACxB,OAAO;YACL,KAAK;YACL,KAAK;YACL,eAAe;YACf,UAAU;YACV,OAAO,CAAC,MAAM;YACd,UAAU;YACV,IAAI;YACJ,iBAAiB;YACjB,+BAA+B;YAC/B,cAAc;YACd,iBAAiB;SAClB,CAAC;IACJ,CAAC;IAED,aAAa,EAAE,CAAC,OAAO,EAAE,EAAE;QACzB,0CAA0C;QAC1C,IAAI,OAAO,CAAC,MAAM,KAAK,KAAK,EAAE;YAC5B,OAAO;gBACL,6BAA6B,OAAO,CAAC,IAAI,cAAc,OAAO,CAAC,SAAS,GAAG;aAC5E,CAAC;SACH;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,YAAY,EAAE,CAAC,OAAO,EAAE,EAAE;QACxB,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC;QAC1C,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,UAAU,CAAC;QACxC,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,QAAQ,CAAC;QAC7D,MAAM,EAAE,aAAa,EAAE,QAAQ,EAAE,iBAAiB,EAAE,GAAG,SAAS,CAAC;QACjE,MAAM,EAAE,IAAI,EAAE,GAAG,iBAAiB,CAAC;QACnC,MAAM,MAAM,GAAG,EAAE,aAAa,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,CAAC;QACpE,OAAO,CAAC,KAAK,IAAI,CAAC,SAAS;YACzB,CAAC,iCAAM,MAAM,KAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,IACtD,CAAC,iCACM,MAAM,KACT,GAAG,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,EACrC,aAAa,EAAE,IAAI,EACnB,IAAI,EAAE,KAAK,EACX,MAAM,EAAE,KAAK,GACd,CAAC;IACR,CAAC;IAED,YAAY,EAAE,CAAO,OAAO,EAAE,EAAE,kDAAC,OAAA,iCAAM,OAAO,KAAE,YAAY,EAAE,SAAS,IAAG,CAAA,GAAA;IAE1E,2BAA2B;CAC5B,CAAC"}
1
+ {"version":3,"file":"ssh.js","sourceRoot":"","sources":["../../../src/plugins/aws/ssh.ts"],"names":[],"mappings":";;;;;;;;;;;;AAWA,qCAA8C;AAC9C,qCAAqD;AACrD,qCAAwC;AACxC,+BAA0C;AAC1C,2CAAiD;AASjD,MAAM,4BAA4B,GAAG,EAAE,GAAG,IAAI,CAAC;AAE/C,iGAAiG;AACjG,MAAM,+BAA+B,GAAG,qBAAqB,CAAC;AAE9D;;;;;;GAMG;AACH,MAAM,2BAA2B,GAAG;IAClC,kFAAkF;IAClF,sFAAsF;IACtF;QACE,OAAO,EACL,0RAA0R;KAC7R;IACD;;;;;;OAMG;IACH;QACE,OAAO,EAAE,kEAAkE;KAC5E;CACO,CAAC;AAEE,QAAA,cAAc,GAKvB;IACF,kBAAkB,EAAE,CAAO,KAAK,EAAE,OAAO,EAAE,EAAE;;QAC3C,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,IAAA,qBAAY,EAAC,KAAK,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;QAChE,IAAI,CAAC,CAAA,MAAA,MAAM,CAAC,KAAK,0CAAE,IAAI,CAAA,IAAI,CAAA,MAAA,MAAM,CAAC,KAAK,0CAAE,IAAI,MAAK,KAAK,EAAE;YACvD,MAAM,8DAA8D,CAAC;SACtE;QAED,OAAO,CAAA,MAAA,MAAM,CAAC,KAAK,0CAAE,IAAI,MAAK,KAAK;YACjC,CAAC,CAAC,MAAM,IAAA,uBAAiB,EAAC,OAA2B,CAAC;YACtD,CAAC,CAAC,CAAA,MAAA,MAAM,CAAC,KAAK,0CAAE,IAAI,MAAK,WAAW;gBAClC,CAAC,CAAC,MAAM,IAAA,4BAAsB,EAAC,KAAK,EAAE,OAA4B,CAAC;gBACnE,CAAC,CAAC,IAAA,uBAAgB,EAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACvC,CAAC,CAAA;IAED,cAAc,EAAE,CAAC,OAAO,EAAE,SAAS,EAAE,EAAE,CACrC,OAAO,CAAC,UAAU,CAAC,SAAS,KAAK,SAAS;IAE5C,aAAa,EAAE,GAAS,EAAE;QACxB,IAAI,CAAC,CAAC,MAAM,IAAA,0BAAgB,GAAE,CAAC,EAAE;YAC/B,MAAM,8DAA8D,CAAC;SACtE;IACH,CAAC,CAAA;IAED,YAAY,EAAE,KAAK;IAEnB,oBAAoB,EAAE,4BAA4B;IAElD,4BAA4B,EAAE,GAAG,EAAE,CAAC,SAAS;IAE7C,YAAY,EAAE,CAAC,OAAO,EAAE,EAAE;QACxB,OAAO;YACL,KAAK;YACL,KAAK;YACL,eAAe;YACf,UAAU;YACV,OAAO,CAAC,MAAM;YACd,UAAU;YACV,IAAI;YACJ,iBAAiB;YACjB,+BAA+B;YAC/B,cAAc;YACd,iBAAiB;SAClB,CAAC;IACJ,CAAC;IAED,aAAa,EAAE,CAAC,OAAO,EAAE,EAAE;QACzB,0CAA0C;QAC1C,IAAI,OAAO,CAAC,MAAM,KAAK,KAAK,EAAE;YAC5B,OAAO;gBACL,6BAA6B,OAAO,CAAC,IAAI,cAAc,OAAO,CAAC,SAAS,GAAG;aAC5E,CAAC;SACH;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,YAAY,EAAE,CAAC,OAAO,EAAE,EAAE;QACxB,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC;QAC1C,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,UAAU,CAAC;QACxC,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,QAAQ,CAAC;QAC7D,MAAM,EAAE,aAAa,EAAE,QAAQ,EAAE,iBAAiB,EAAE,GAAG,SAAS,CAAC;QACjE,MAAM,EAAE,IAAI,EAAE,GAAG,iBAAiB,CAAC;QACnC,MAAM,MAAM,GAAG,EAAE,aAAa,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,CAAC;QACpE,OAAO,CAAC,KAAK,IAAI,CAAC,SAAS;YACzB,CAAC,iCAAM,MAAM,KAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,IACtD,CAAC,iCACM,MAAM,KACT,GAAG,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,EACrC,aAAa,EAAE,IAAI,EACnB,IAAI,EAAE,KAAK,EACX,MAAM,EAAE,KAAK,GACd,CAAC;IACR,CAAC;IAED,YAAY,EAAE,CAAO,OAAO,EAAE,EAAE,kDAAC,OAAA,iCAAM,OAAO,KAAE,YAAY,EAAE,SAAS,IAAG,CAAA,GAAA;IAE1E,2BAA2B;CAC5B,CAAC"}
package/dist/plugins/azure/auth.d.ts ADDED
@@ -0,0 +1,11 @@
1
+ export declare const azLoginCommand: () => {
2
+ command: string;
3
+ args: string[];
4
+ };
5
+ export declare const azAccountSetCommand: (subscriptionId: string) => {
6
+ command: string;
7
+ args: string[];
8
+ };
9
+ export declare const azLogin: (subscriptionId: string, options?: {
10
+ debug?: boolean;
11
+ }) => Promise<void>;
package/dist/plugins/azure/auth.js ADDED
@@ -0,0 +1,56 @@
1
+ "use strict";
2
+ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
+ function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
+ return new (P || (P = Promise))(function (resolve, reject) {
5
+ function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
6
+ function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
7
+ function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
8
+ step((generator = generator.apply(thisArg, _arguments || [])).next());
9
+ });
10
+ };
11
+ Object.defineProperty(exports, "__esModule", { value: true });
12
+ exports.azLogin = exports.azAccountSetCommand = exports.azLoginCommand = void 0;
13
+ /** Copyright © 2024-present P0 Security
14
+
15
+ This file is part of @p0security/cli
16
+
17
+ @p0security/cli is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License.
18
+
19
+ @p0security/cli is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
20
+
21
+ You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
22
+ **/
23
+ const stdio_1 = require("../../drivers/stdio");
24
+ const util_1 = require("../../util");
25
+ const azLoginCommand = () => ({
26
+ command: "az",
27
+ args: ["login"],
28
+ });
29
+ exports.azLoginCommand = azLoginCommand;
30
+ const azAccountSetCommand = (subscriptionId) => ({
31
+ command: "az",
32
+ args: ["account", "set", "--subscription", subscriptionId],
33
+ });
34
+ exports.azAccountSetCommand = azAccountSetCommand;
35
+ const azLogin = (subscriptionId, options = {}) => __awaiter(void 0, void 0, void 0, function* () {
36
+ const { debug } = options;
37
+ if (debug)
38
+ (0, stdio_1.print2)("Logging in to Azure...");
39
+ const { command: azLoginExe, args: azLoginArgs } = (0, exports.azLoginCommand)();
40
+ const loginResult = yield (0, util_1.exec)(azLoginExe, azLoginArgs, { check: true });
41
+ if (debug) {
42
+ (0, stdio_1.print2)(loginResult.stdout);
43
+ (0, stdio_1.print2)(loginResult.stderr);
44
+ (0, stdio_1.print2)(`Setting active Azure subscription to ${subscriptionId}...`);
45
+ }
46
+ const { command: azAccountSetExe, args: azAccountSetArgs } = (0, exports.azAccountSetCommand)(subscriptionId);
47
+ const accountSetResult = yield (0, util_1.exec)(azAccountSetExe, azAccountSetArgs, {
48
+ check: true,
49
+ });
50
+ if (debug) {
51
+ (0, stdio_1.print2)(accountSetResult.stdout);
52
+ (0, stdio_1.print2)(accountSetResult.stderr);
53
+ }
54
+ });
55
+ exports.azLogin = azLogin;
56
+ //# sourceMappingURL=auth.js.map
package/dist/plugins/azure/auth.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/plugins/azure/auth.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,+CAA6C;AAC7C,qCAAkC;AAE3B,MAAM,cAAc,GAAG,GAAG,EAAE,CAAC,CAAC;IACnC,OAAO,EAAE,IAAI;IACb,IAAI,EAAE,CAAC,OAAO,CAAC;CAChB,CAAC,CAAC;AAHU,QAAA,cAAc,kBAGxB;AAEI,MAAM,mBAAmB,GAAG,CAAC,cAAsB,EAAE,EAAE,CAAC,CAAC;IAC9D,OAAO,EAAE,IAAI;IACb,IAAI,EAAE,CAAC,SAAS,EAAE,KAAK,EAAE,gBAAgB,EAAE,cAAc,CAAC;CAC3D,CAAC,CAAC;AAHU,QAAA,mBAAmB,uBAG7B;AAEI,MAAM,OAAO,GAAG,CACrB,cAAsB,EACtB,UAA+B,EAAE,EACjC,EAAE;IACF,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC;IAE1B,IAAI,KAAK;QAAE,IAAA,cAAM,EAAC,wBAAwB,CAAC,CAAC;IAE5C,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,IAAA,sBAAc,GAAE,CAAC;IACpE,MAAM,WAAW,GAAG,MAAM,IAAA,WAAI,EAAC,UAAU,EAAE,WAAW,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IAEzE,IAAI,KAAK,EAAE;QACT,IAAA,cAAM,EAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QAC3B,IAAA,cAAM,EAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QAC3B,IAAA,cAAM,EAAC,wCAAwC,cAAc,KAAK,CAAC,CAAC;KACrE;IAED,MAAM,EAAE,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,gBAAgB,EAAE,GACxD,IAAA,2BAAmB,EAAC,cAAc,CAAC,CAAC;IACtC,MAAM,gBAAgB,GAAG,MAAM,IAAA,WAAI,EAAC,eAAe,EAAE,gBAAgB,EAAE;QACrE,KAAK,EAAE,IAAI;KACZ,CAAC,CAAC;IAEH,IAAI,KAAK,EAAE;QACT,IAAA,cAAM,EAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;QAChC,IAAA,cAAM,EAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;KACjC;AACH,CAAC,CAAA,CAAC;AA3BW,QAAA,OAAO,WA2BlB"}
package/dist/plugins/azure/keygen.d.ts ADDED
@@ -0,0 +1,13 @@
1
+ export declare const AD_CERT_FILENAME = "p0cli-azure-ad-ssh-cert.pub";
2
+ export declare const AD_SSH_KEY_PRIVATE = "id_rsa";
3
+ export declare const azSshCertCommand: (keyPath: string) => {
4
+ command: string;
5
+ args: string[];
6
+ };
7
+ export declare const createTempDirectoryForKeys: () => Promise<{
8
+ path: string;
9
+ cleanup: () => Promise<void>;
10
+ }>;
11
+ export declare const generateSshKeyAndAzureAdCert: (keyPath: string, options?: {
12
+ debug?: boolean;
13
+ }) => Promise<void>;
package/dist/plugins/azure/keygen.js ADDED
@@ -0,0 +1,69 @@
1
+ "use strict";
2
+ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
+ function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
+ return new (P || (P = Promise))(function (resolve, reject) {
5
+ function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
6
+ function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
7
+ function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
8
+ step((generator = generator.apply(thisArg, _arguments || [])).next());
9
+ });
10
+ };
11
+ var __importDefault = (this && this.__importDefault) || function (mod) {
12
+ return (mod && mod.__esModule) ? mod : { "default": mod };
13
+ };
14
+ Object.defineProperty(exports, "__esModule", { value: true });
15
+ exports.generateSshKeyAndAzureAdCert = exports.createTempDirectoryForKeys = exports.azSshCertCommand = exports.AD_SSH_KEY_PRIVATE = exports.AD_CERT_FILENAME = void 0;
16
+ /** Copyright © 2024-present P0 Security
17
+
18
+ This file is part of @p0security/cli
19
+
20
+ @p0security/cli is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License.
21
+
22
+ @p0security/cli is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
23
+
24
+ You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
25
+ **/
26
+ const stdio_1 = require("../../drivers/stdio");
27
+ const util_1 = require("../../util");
28
+ const node_path_1 = __importDefault(require("node:path"));
29
+ const tmp_promise_1 = __importDefault(require("tmp-promise"));
30
+ // We pass in the name of the certificate file to generate
31
+ exports.AD_CERT_FILENAME = "p0cli-azure-ad-ssh-cert.pub";
32
+ // The `az ssh cert` command manages key generation, and generates SSH RSA keys with the standard names
33
+ exports.AD_SSH_KEY_PRIVATE = "id_rsa";
34
+ const azSshCertCommand = (keyPath) => ({
35
+ command: "az",
36
+ args: ["ssh", "cert", "--file", node_path_1.default.join(keyPath, exports.AD_CERT_FILENAME)],
37
+ });
38
+ exports.azSshCertCommand = azSshCertCommand;
39
+ const createTempDirectoryForKeys = () => __awaiter(void 0, void 0, void 0, function* () {
40
+ // unsafeCleanup lets us delete the directory even if there are still files in it, which is fine since the
41
+ // files are no longer needed once we've authenticated to the remote system.
42
+ const { path, cleanup } = yield tmp_promise_1.default.dir({
43
+ mode: 0o700,
44
+ prefix: "p0cli-",
45
+ unsafeCleanup: true,
46
+ });
47
+ return { path, cleanup };
48
+ });
49
+ exports.createTempDirectoryForKeys = createTempDirectoryForKeys;
50
+ const generateSshKeyAndAzureAdCert = (keyPath, options = {}) => __awaiter(void 0, void 0, void 0, function* () {
51
+ const { debug } = options;
52
+ if (debug)
53
+ (0, stdio_1.print2)("Generating Azure AD SSH certificate...");
54
+ try {
55
+ const { command, args } = (0, exports.azSshCertCommand)(keyPath);
56
+ const { stdout, stderr } = yield (0, util_1.exec)(command, args, { check: true });
57
+ if (debug) {
58
+ (0, stdio_1.print2)(stdout);
59
+ (0, stdio_1.print2)(stderr);
60
+ }
61
+ }
62
+ catch (error) {
63
+ (0, stdio_1.print2)(error.stdout);
64
+ (0, stdio_1.print2)(error.stderr);
65
+ throw `Failed to generate Azure AD SSH certificate: ${error}`;
66
+ }
67
+ });
68
+ exports.generateSshKeyAndAzureAdCert = generateSshKeyAndAzureAdCert;
69
+ //# sourceMappingURL=keygen.js.map
package/dist/plugins/azure/keygen.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"keygen.js","sourceRoot":"","sources":["../../../src/plugins/azure/keygen.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,+CAA6C;AAC7C,qCAAkC;AAClC,0DAA6B;AAC7B,8DAA8B;AAE9B,0DAA0D;AAC7C,QAAA,gBAAgB,GAAG,6BAA6B,CAAC;AAE9D,uGAAuG;AAC1F,QAAA,kBAAkB,GAAG,QAAQ,CAAC;AAEpC,MAAM,gBAAgB,GAAG,CAAC,OAAe,EAAE,EAAE,CAAC,CAAC;IACpD,OAAO,EAAE,IAAI;IACb,IAAI,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,mBAAI,CAAC,IAAI,CAAC,OAAO,EAAE,wBAAgB,CAAC,CAAC;CACtE,CAAC,CAAC;AAHU,QAAA,gBAAgB,oBAG1B;AAEI,MAAM,0BAA0B,GAAG,GAGvC,EAAE;IACH,0GAA0G;IAC1G,4EAA4E;IAC5E,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,MAAM,qBAAG,CAAC,GAAG,CAAC;QACtC,IAAI,EAAE,KAAK;QACX,MAAM,EAAE,QAAQ;QAChB,aAAa,EAAE,IAAI;KACpB,CAAC,CAAC;IAEH,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;AAC3B,CAAC,CAAA,CAAC;AAbW,QAAA,0BAA0B,8BAarC;AAEK,MAAM,4BAA4B,GAAG,CAC1C,OAAe,EACf,UAA+B,EAAE,EACjC,EAAE;IACF,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC;IAE1B,IAAI,KAAK;QAAE,IAAA,cAAM,EAAC,wCAAwC,CAAC,CAAC;IAE5D,IAAI;QACF,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,IAAA,wBAAgB,EAAC,OAAO,CAAC,CAAC;QACpD,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,IAAA,WAAI,EAAC,OAAO,EAAE,IAAI,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QAEtE,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,MAAM,CAAC,CAAC;YACf,IAAA,cAAM,EAAC,MAAM,CAAC,CAAC;SAChB;KACF;IAAC,OAAO,KAAU,EAAE;QACnB,IAAA,cAAM,EAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACrB,IAAA,cAAM,EAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACrB,MAAM,gDAAgD,KAAK,EAAE,CAAC;KAC/D;AACH,CAAC,CAAA,CAAC;AArBW,QAAA,4BAA4B,gCAqBvC"}
package/dist/plugins/azure/ssh.d.ts CHANGED
@@ -9,7 +9,5 @@ This file is part of @p0security/cli
9
9
  You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
10
10
  **/
11
11
  import { SshProvider } from "../../types/ssh";
12
- import { AzureSshPermissionSpec, AzureSshRequest } from "./types";
13
- export declare const azureSshProvider: SshProvider<AzureSshPermissionSpec, {
14
- linuxUserName: string;
15
- }, AzureSshRequest>;
12
+ import { AzureLocalData, AzureSshPermissionSpec, AzureSshRequest } from "./types";
13
+ export declare const azureSshProvider: SshProvider<AzureSshPermissionSpec, AzureLocalData, AzureSshRequest>;
package/dist/plugins/azure/ssh.js CHANGED
@@ -8,19 +8,22 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
8
8
  step((generator = generator.apply(thisArg, _arguments || [])).next());
9
9
  });
10
10
  };
11
+ var __importDefault = (this && this.__importDefault) || function (mod) {
12
+ return (mod && mod.__esModule) ? mod : { "default": mod };
13
+ };
11
14
  Object.defineProperty(exports, "__esModule", { value: true });
12
15
  exports.azureSshProvider = void 0;
13
- const util_1 = require("../../util");
14
- const ssh_key_1 = require("../google/ssh-key");
16
+ const auth_1 = require("./auth");
15
17
  const install_1 = require("./install");
18
+ const keygen_1 = require("./keygen");
19
+ const tunnel_1 = require("./tunnel");
20
+ const node_path_1 = __importDefault(require("node:path"));
16
21
  // TODO: Determine what this value should be for Azure
17
22
  const PROPAGATION_TIMEOUT_LIMIT_MS = 2 * 60 * 1000;
18
23
  exports.azureSshProvider = {
19
24
  // TODO: Natively support Azure login in P0 CLI
20
25
  cloudProviderLogin: () => __awaiter(void 0, void 0, void 0, function* () {
21
- // Always invoke `az login` before each SSH access. This is needed because
22
- // Azure permissions are only updated upon login.
23
- yield (0, util_1.exec)("az", ["login"]);
26
+ // Login is handled as part of setup() below
24
27
  return undefined;
25
28
  }),
26
29
  ensureInstall: () => __awaiter(void 0, void 0, void 0, function* () {
@@ -33,26 +36,89 @@ exports.azureSshProvider = {
33
36
  // TODO: Determine value
34
37
  loginRequiredPattern: undefined,
35
38
  propagationTimeoutMs: PROPAGATION_TIMEOUT_LIMIT_MS,
36
- // TODO: Implement
39
+ // TODO(ENG-3149): Implement sudo access checks here
37
40
  preTestAccessPropagationArgs: () => undefined,
38
- // TODO: Determine if necessary
41
+ // Azure doesn't support ProxyCommand, as nice as that would be. Yet.
39
42
  proxyCommand: () => [],
40
- // TODO: Determine if necessary
41
- reproCommands: () => undefined,
42
- // TODO: Placeholder
43
- requestToSsh: (request) => ({
44
- type: "azure",
45
- id: request.permission.resource.instanceId,
46
- instanceId: request.permission.resource.instanceId,
47
- linuxUserName: request.cliLocalData.linuxUserName,
43
+ reproCommands: (request, additionalData) => {
44
+ var _a;
45
+ const { command: azLoginExe, args: azLoginArgs } = (0, auth_1.azLoginCommand)();
46
+ const { command: azAccountSetExe, args: azAccountSetArgs } = (0, auth_1.azAccountSetCommand)(request.subscriptionId);
47
+ const getKeyPath = () => {
48
+ // Use the same key path as the one generated in setup() so it matches the ssh command that is generated
49
+ // elsewhere. It'll be an annoying long temporary directory name, but it strictly will work for reproduction. If
50
+ // additionalData isn't present (which it always should be for the azureSshProvider), we'll use the user's home
51
+ // directory.
52
+ if (additionalData) {
53
+ return node_path_1.default.dirname(additionalData.identityFile);
54
+ }
55
+ else {
56
+ const basePath = process.env.HOME || process.env.USERPROFILE || "";
57
+ return node_path_1.default.join(basePath, "p0cli-azure-ssh-keys");
58
+ }
59
+ };
60
+ const keyPath = getKeyPath();
61
+ const { command: azCertGenExe, args: azCertGenArgs } = (0, keygen_1.azSshCertCommand)(keyPath);
62
+ // If additionalData is undefined (which, again, should be never), use the default port for Azure Network Bastion
63
+ // tunnels instead of generating a random one
64
+ const { command: azTunnelExe, args: azTunnelArgs } = (0, tunnel_1.azBastionTunnelCommand)(request, (_a = additionalData === null || additionalData === void 0 ? void 0 : additionalData.port) !== null && _a !== void 0 ? _a : "50022", { debug: true } // reproCommands() is only invoked in debug mode, so this is a safe assumption
65
+ );
66
+ return [
67
+ `${azLoginExe} ${azLoginArgs.join(" ")}`,
68
+ `${azAccountSetExe} ${azAccountSetArgs.join(" ")}`,
69
+ `mkdir ${keyPath}`,
70
+ `${azCertGenExe} ${azCertGenArgs.join(" ")}`,
71
+ `${azTunnelExe} ${azTunnelArgs.join(" ")}`,
72
+ ];
73
+ },
74
+ setup: (request, options = {}) => __awaiter(void 0, void 0, void 0, function* () {
75
+ const { debug } = options;
76
+ // The subscription ID here is used to ensure that the user is logged in to the correct tenant/directory.
77
+ // As long as a subscription ID in the correct tenant is provided, this will work; it need not be the same
78
+ // subscription as which contains the Bastion host or the target VM.
79
+ yield (0, auth_1.azLogin)(request.subscriptionId, { debug }); // Always re-login to Azure CLI
80
+ const { path: keyPath, cleanup: sshKeyPathCleanup } = yield (0, keygen_1.createTempDirectoryForKeys)();
81
+ const wrappedCreateCertAndTunnel = () => __awaiter(void 0, void 0, void 0, function* () {
82
+ try {
83
+ yield (0, keygen_1.generateSshKeyAndAzureAdCert)(keyPath, { debug });
84
+ return yield (0, tunnel_1.trySpawnBastionTunnel)(request, { debug });
85
+ }
86
+ catch (error) {
87
+ yield sshKeyPathCleanup();
88
+ throw error;
89
+ }
90
+ });
91
+ const { killTunnel, tunnelLocalPort } = yield wrappedCreateCertAndTunnel();
92
+ const sshPrivateKeyPath = node_path_1.default.join(keyPath, keygen_1.AD_SSH_KEY_PRIVATE);
93
+ const sshCertificateKeyPath = node_path_1.default.join(keyPath, keygen_1.AD_CERT_FILENAME);
94
+ const teardown = () => __awaiter(void 0, void 0, void 0, function* () {
95
+ yield killTunnel();
96
+ yield sshKeyPathCleanup();
97
+ });
98
+ return {
99
+ sshOptions: [
100
+ `CertificateFile=${sshCertificateKeyPath}`,
101
+ // Because we connect to the Azure Network Bastion tunnel via a local port instead of a ProxyCommand, every
102
+ // instance connected to will appear to `ssh` to be the same host but presenting a different host key (i.e.,
103
+ // `ssh` always connects to localhost but each VM will present its own host key), which will trigger MITM attack
104
+ // warnings. We disable host key checking to avoid this. This is ordinarily very dangerous, but in this case,
105
+ // security of the connection is ensured by the Azure Bastion Network tunnel, which utilizes HTTPS and thus has
106
+ // its own MITM protection.
107
+ "StrictHostKeyChecking=no",
108
+ "UserKnownHostsFile=/dev/null",
109
+ ],
110
+ identityFile: sshPrivateKeyPath,
111
+ port: tunnelLocalPort,
112
+ teardown,
113
+ };
48
114
  }),
115
+ requestToSsh: (request) => (Object.assign(Object.assign({ type: "azure", id: "localhost" }, request.cliLocalData), { instanceId: request.permission.resource.instanceId, subscriptionId: request.permission.resource.subscriptionId, instanceResourceGroup: request.permission.resource.resourceGroupId, bastionId: request.permission.bastionHostId })),
49
116
  // TODO: Implement
50
117
  unprovisionedAccessPatterns: [],
51
- // TODO: Placeholder
52
- toCliRequest: (request, options) => __awaiter(void 0, void 0, void 0, function* () {
53
- return (Object.assign(Object.assign({}, request), { cliLocalData: {
54
- linuxUserName: yield (0, ssh_key_1.importSshKey)(request.permission.publicKey, options),
55
- } }));
118
+ toCliRequest: (request) => __awaiter(void 0, void 0, void 0, function* () {
119
+ return Object.assign(Object.assign({}, request), { cliLocalData: {
120
+ linuxUserName: request.principal,
121
+ } });
56
122
  }),
57
123
  };
58
124
  //# sourceMappingURL=ssh.js.map
package/dist/plugins/azure/ssh.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ssh.js","sourceRoot":"","sources":["../../../src/plugins/azure/ssh.ts"],"names":[],"mappings":";;;;;;;;;;;;AAWA,qCAAkC;AAClC,+CAAiD;AACjD,uCAA4C;AAG5C,sDAAsD;AACtD,MAAM,4BAA4B,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;AAEtC,QAAA,gBAAgB,GAIzB;IACF,+CAA+C;IAC/C,kBAAkB,EAAE,GAAS,EAAE;QAC7B,0EAA0E;QAC1E,iDAAiD;QACjD,MAAM,IAAA,WAAI,EAAC,IAAI,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;QAC5B,OAAO,SAAS,CAAC;IACnB,CAAC,CAAA;IAED,aAAa,EAAE,GAAS,EAAE;QACxB,IAAI,CAAC,CAAC,MAAM,IAAA,yBAAe,GAAE,CAAC,EAAE;YAC9B,MAAM,uDAAuD,CAAC;SAC/D;IACH,CAAC,CAAA;IAED,YAAY,EAAE,iBAAiB;IAE/B,oBAAoB,EAAE,qDAAqD;IAE3E,wBAAwB;IACxB,oBAAoB,EAAE,SAAS;IAE/B,oBAAoB,EAAE,4BAA4B;IAElD,kBAAkB;IAClB,4BAA4B,EAAE,GAAG,EAAE,CAAC,SAAS;IAE7C,+BAA+B;IAC/B,YAAY,EAAE,GAAG,EAAE,CAAC,EAAE;IAEtB,+BAA+B;IAC/B,aAAa,EAAE,GAAG,EAAE,CAAC,SAAS;IAE9B,oBAAoB;IACpB,YAAY,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAC1B,IAAI,EAAE,OAAO;QACb,EAAE,EAAE,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,UAAU;QAC1C,UAAU,EAAE,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,UAAU;QAClD,aAAa,EAAE,OAAO,CAAC,YAAY,CAAC,aAAa;KAClD,CAAC;IAEF,kBAAkB;IAClB,2BAA2B,EAAE,EAAE;IAE/B,oBAAoB;IACpB,YAAY,EAAE,CAAO,OAAO,EAAE,OAAO,EAAE,EAAE;QAAC,OAAA,iCACrC,OAAO,KACV,YAAY,EAAE;gBACZ,aAAa,EAAE,MAAM,IAAA,sBAAY,EAAC,OAAO,CAAC,UAAU,CAAC,SAAS,EAAE,OAAO,CAAC;aACzE,IACD,CAAA;MAAA;CACH,CAAC"}
1
+ {"version":3,"file":"ssh.js","sourceRoot":"","sources":["../../../src/plugins/azure/ssh.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAWA,iCAAsE;AACtE,uCAA4C;AAC5C,qCAMkB;AAClB,qCAAyE;AAMzE,0DAA6B;AAE7B,sDAAsD;AACtD,MAAM,4BAA4B,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;AAEtC,QAAA,gBAAgB,GAIzB;IACF,+CAA+C;IAC/C,kBAAkB,EAAE,GAAS,EAAE;QAC7B,4CAA4C;QAC5C,OAAO,SAAS,CAAC;IACnB,CAAC,CAAA;IAED,aAAa,EAAE,GAAS,EAAE;QACxB,IAAI,CAAC,CAAC,MAAM,IAAA,yBAAe,GAAE,CAAC,EAAE;YAC9B,MAAM,uDAAuD,CAAC;SAC/D;IACH,CAAC,CAAA;IAED,YAAY,EAAE,iBAAiB;IAE/B,oBAAoB,EAAE,qDAAqD;IAE3E,wBAAwB;IACxB,oBAAoB,EAAE,SAAS;IAE/B,oBAAoB,EAAE,4BAA4B;IAElD,oDAAoD;IACpD,4BAA4B,EAAE,GAAG,EAAE,CAAC,SAAS;IAE7C,qEAAqE;IACrE,YAAY,EAAE,GAAG,EAAE,CAAC,EAAE;IAEtB,aAAa,EAAE,CAAC,OAAO,EAAE,cAAc,EAAE,EAAE;;QACzC,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,IAAA,qBAAc,GAAE,CAAC;QACpE,MAAM,EAAE,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,gBAAgB,EAAE,GACxD,IAAA,0BAAmB,EAAC,OAAO,CAAC,cAAc,CAAC,CAAC;QAE9C,MAAM,UAAU,GAAG,GAAG,EAAE;YACtB,wGAAwG;YACxG,gHAAgH;YAChH,+GAA+G;YAC/G,aAAa;YACb,IAAI,cAAc,EAAE;gBAClB,OAAO,mBAAI,CAAC,OAAO,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;aAClD;iBAAM;gBACL,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,IAAI,EAAE,CAAC;gBACnE,OAAO,mBAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,sBAAsB,CAAC,CAAC;aACpD;QACH,CAAC,CAAC;QAEF,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;QAE7B,MAAM,EAAE,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,aAAa,EAAE,GAClD,IAAA,yBAAgB,EAAC,OAAO,CAAC,CAAC;QAE5B,iHAAiH;QACjH,6CAA6C;QAC7C,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,YAAY,EAAE,GAAG,IAAA,+BAAsB,EACzE,OAAO,EACP,MAAA,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,IAAI,mCAAI,OAAO,EAC/B,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,8EAA8E;SAC/F,CAAC;QAEF,OAAO;YACL,GAAG,UAAU,IAAI,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;YACxC,GAAG,eAAe,IAAI,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;YAClD,SAAS,OAAO,EAAE;YAClB,GAAG,YAAY,IAAI,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;YAC5C,GAAG,WAAW,IAAI,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;SAC3C,CAAC;IACJ,CAAC;IAED,KAAK,EAAE,CAAO,OAAO,EAAE,OAAO,GAAG,EAAE,EAAE,EAAE;QACrC,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC;QAE1B,yGAAyG;QACzG,0GAA0G;QAC1G,oEAAoE;QACpE,MAAM,IAAA,cAAO,EAAC,OAAO,CAAC,cAAc,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,+BAA+B;QAEjF,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,iBAAiB,EAAE,GACjD,MAAM,IAAA,mCAA0B,GAAE,CAAC;QAErC,MAAM,0BAA0B,GAAG,GAAS,EAAE;YAC5C,IAAI;gBACF,MAAM,IAAA,qCAA4B,EAAC,OAAO,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;gBACvD,OAAO,MAAM,IAAA,8BAAqB,EAAC,OAAO,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;aACxD;YAAC,OAAO,KAAU,EAAE;gBACnB,MAAM,iBAAiB,EAAE,CAAC;gBAC1B,MAAM,KAAK,CAAC;aACb;QACH,CAAC,CAAA,CAAC;QAEF,MAAM,EAAE,UAAU,EAAE,eAAe,EAAE,GAAG,MAAM,0BAA0B,EAAE,CAAC;QAE3E,MAAM,iBAAiB,GAAG,mBAAI,CAAC,IAAI,CAAC,OAAO,EAAE,2BAAkB,CAAC,CAAC;QACjE,MAAM,qBAAqB,GAAG,mBAAI,CAAC,IAAI,CAAC,OAAO,EAAE,yBAAgB,CAAC,CAAC;QAEnE,MAAM,QAAQ,GAAG,GAAS,EAAE;YAC1B,MAAM,UAAU,EAAE,CAAC;YACnB,MAAM,iBAAiB,EAAE,CAAC;QAC5B,CAAC,CAAA,CAAC;QAEF,OAAO;YACL,UAAU,EAAE;gBACV,mBAAmB,qBAAqB,EAAE;gBAE1C,2GAA2G;gBAC3G,4GAA4G;gBAC5G,gHAAgH;gBAChH,6GAA6G;gBAC7G,+GAA+G;gBAC/G,2BAA2B;gBAC3B,0BAA0B;gBAC1B,8BAA8B;aAC/B;YACD,YAAY,EAAE,iBAAiB;YAC/B,IAAI,EAAE,eAAe;YACrB,QAAQ;SACT,CAAC;IACJ,CAAC,CAAA;IAED,YAAY,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,+BACzB,IAAI,EAAE,OAAO,EACb,EAAE,EAAE,WAAW,IACZ,OAAO,CAAC,YAAY,KACvB,UAAU,EAAE,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,UAAU,EAClD,cAAc,EAAE,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,cAAc,EAC1D,qBAAqB,EAAE,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,eAAe,EAClE,SAAS,EAAE,OAAO,CAAC,UAAU,CAAC,aAAa,IAC3C;IAEF,kBAAkB;IAClB,2BAA2B,EAAE,EAAE;IAE/B,YAAY,EAAE,CAAO,OAAO,EAAE,EAAE;QAC9B,uCACK,OAAO,KACV,YAAY,EAAE;gBACZ,aAAa,EAAE,OAAO,CAAC,SAAS;aACjC,IACD;IACJ,CAAC,CAAA;CACF,CAAC"}
package/dist/plugins/azure/tunnel.d.ts ADDED
@@ -0,0 +1,14 @@
1
+ import { AzureSshRequest } from "./types";
2
+ export type BastionTunnelMeta = {
3
+ killTunnel: () => Promise<void>;
4
+ tunnelLocalPort: string;
5
+ };
6
+ export declare const azBastionTunnelCommand: (request: AzureSshRequest, port: string, options?: {
7
+ debug?: boolean;
8
+ }) => {
9
+ command: string;
10
+ args: string[];
11
+ };
12
+ export declare const trySpawnBastionTunnel: (request: AzureSshRequest, options?: {
13
+ debug?: boolean;
14
+ }) => Promise<BastionTunnelMeta>;
package/dist/plugins/azure/tunnel.js ADDED
@@ -0,0 +1,160 @@
1
+ "use strict";
2
+ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
+ function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
+ return new (P || (P = Promise))(function (resolve, reject) {
5
+ function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
6
+ function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
7
+ function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
8
+ step((generator = generator.apply(thisArg, _arguments || [])).next());
9
+ });
10
+ };
11
+ Object.defineProperty(exports, "__esModule", { value: true });
12
+ exports.trySpawnBastionTunnel = exports.azBastionTunnelCommand = void 0;
13
+ /** Copyright © 2024-present P0 Security
14
+
15
+ This file is part of @p0security/cli
16
+
17
+ @p0security/cli is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License.
18
+
19
+ @p0security/cli is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
20
+
21
+ You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
22
+ **/
23
+ const retry_1 = require("../../common/retry");
24
+ const stdio_1 = require("../../drivers/stdio");
25
+ const util_1 = require("../../util");
26
+ const node_child_process_1 = require("node:child_process");
27
+ const TUNNEL_READY_STRING = "Tunnel is ready";
28
+ const SPAWN_TUNNEL_TRIES = 3;
29
+ // Ignore these debug messages from the tunnel process; they are far too noisy and spam the terminal with useless info
30
+ // anytime the SSH/SCP session has network activity.
31
+ const tunnelDebugOutputIgnorePatterns = [
32
+ /Waiting for (debugger|websocket) data/i,
33
+ /Received (debugger|websocket)/i,
34
+ /Sending to (debugger|websocket)/i,
35
+ ];
36
+ const azBastionTunnelCommand = (request, port, options = {}) => ({
37
+ command: "az",
38
+ args: [
39
+ "network",
40
+ "bastion",
41
+ "tunnel",
42
+ "--ids",
43
+ request.bastionId,
44
+ "--target-resource-id",
45
+ request.instanceId,
46
+ "--resource-port",
47
+ "22",
48
+ "--port",
49
+ port,
50
+ ...(options.debug ? ["--debug"] : []),
51
+ ],
52
+ });
53
+ exports.azBastionTunnelCommand = azBastionTunnelCommand;
54
+ const selectRandomPort = () => {
55
+ // The IANA ephemeral port range is 49152 to 65535, inclusive. Pick a random value in that range.
56
+ // If the port is in use (unlikely but possible), we can just generate a new value and try again.
57
+ // 16384 is 65535 - 49152 + 1, the number of possible ports in the range.
58
+ const port = Math.floor(Math.random() * 16384) + 49152;
59
+ return port.toString();
60
+ };
61
+ const spawnBastionTunnelInBackground = (request, port, options = {}) => {
62
+ const { debug } = options;
63
+ return new Promise((resolve, reject) => {
64
+ let processSignalledToExit = false;
65
+ let processExited = false;
66
+ let stdout = "";
67
+ let stderr = "";
68
+ const { command, args } = (0, exports.azBastionTunnelCommand)(request, port, { debug });
69
+ if (debug)
70
+ (0, stdio_1.print2)("Spawning Azure Bastion tunnel process...");
71
+ // Spawn the process in detached mode so that it is in its own process group; this lets us kill it and all
72
+ // descendent processes together.
73
+ const child = (0, node_child_process_1.spawn)(command, args, { detached: true });
74
+ child.on("exit", (code) => {
75
+ processExited = true;
76
+ if (code === 0) {
77
+ if (debug)
78
+ (0, stdio_1.print2)("Azure Bastion tunnel process exited normally.");
79
+ return;
80
+ }
81
+ if (!debug) {
82
+ // stdout and stderr are printed in real-time when debugging is enabled, so we don't need to print them here
83
+ (0, stdio_1.print2)(stdout);
84
+ (0, stdio_1.print2)(stderr);
85
+ }
86
+ reject(`Error running Azure Network Bastion tunnel; tunnel process ended with status ${code}`);
87
+ });
88
+ child.stdout.on("data", (data) => {
89
+ const str = data.toString("utf-8");
90
+ stdout += str;
91
+ if (debug &&
92
+ !tunnelDebugOutputIgnorePatterns.some((regex) => str.match(regex))) {
93
+ (0, stdio_1.print2)(str);
94
+ }
95
+ });
96
+ child.stderr.on("data", (data) => {
97
+ const str = data.toString("utf-8");
98
+ stderr += str;
99
+ if (debug &&
100
+ !tunnelDebugOutputIgnorePatterns.some((regex) => str.match(regex))) {
101
+ (0, stdio_1.print2)(str);
102
+ }
103
+ if (str.includes(TUNNEL_READY_STRING)) {
104
+ (0, stdio_1.print2)("Azure Bastion tunnel is ready.");
105
+ resolve({
106
+ killTunnel: () => __awaiter(void 0, void 0, void 0, function* () {
107
+ if (processSignalledToExit || processExited)
108
+ return;
109
+ processSignalledToExit = true;
110
+ if (child.pid) {
111
+ // Kill the process and all its descendents via killing the process group; this is only possible
112
+ // because we launched the process with `detached: true` above. This is necessary because `az` is
113
+ // actually a bash script that spawns a Python process, and we need to kill the Python process as well.
114
+ // SIGINT is equivalent to pressing Ctrl-C in the terminal; allows for the tunnel process to perform any
115
+ // necessary cleanup of its own before exiting. The negative PID is what indicates that we want to kill
116
+ // the whole process group.
117
+ try {
118
+ if (debug) {
119
+ (0, stdio_1.print2)(`Sending SIGINT to Azure Bastion tunnel process (${child.pid})...`);
120
+ }
121
+ process.kill(-child.pid, "SIGINT");
122
+ // Give the tunnel a chance to quit gracefully after the SIGINT by waiting at least 250 ms and up to
123
+ // 5 seconds. If the process is still running after that, it's probably hung; SIGKILL it to force it to
124
+ // end immediately.
125
+ const SPIN_WAIT_MS = 250;
126
+ for (let spins = 0; spins < 20; spins++) {
127
+ yield (0, util_1.sleep)(SPIN_WAIT_MS);
128
+ if (processExited) {
129
+ if (debug) {
130
+ (0, stdio_1.print2)(`Azure Bastion tunnel process exited after SIGINT after ${spins * SPIN_WAIT_MS} ms.`);
131
+ }
132
+ return;
133
+ }
134
+ }
135
+ if (debug) {
136
+ (0, stdio_1.print2)(`Azure Bastion tunnel process (${child.pid}) not responding, sending SIGKILL...`);
137
+ }
138
+ process.kill(-child.pid, "SIGKILL");
139
+ }
140
+ catch (error) {
141
+ // Ignore the error and move on; we might as well just exit without waiting since we can't control
142
+ // the child process, for whatever reason
143
+ (0, stdio_1.print2)(`Failed to kill Azure Bastion tunnel process: ${error}`);
144
+ child.unref();
145
+ }
146
+ }
147
+ }),
148
+ tunnelLocalPort: port,
149
+ });
150
+ }
151
+ });
152
+ });
153
+ };
154
+ const trySpawnBastionTunnel = (request, options) => __awaiter(void 0, void 0, void 0, function* () {
155
+ // Attempt to spawn the tunnel SPAWN_TUNNEL_TRIES times, picking a new port each time. If we fail
156
+ // too many times, then the problem is likely not the port, but something else.
157
+ return yield (0, retry_1.retryWithSleep)(() => spawnBastionTunnelInBackground(request, selectRandomPort(), options), () => true, SPAWN_TUNNEL_TRIES, 1000);
158
+ });
159
+ exports.trySpawnBastionTunnel = trySpawnBastionTunnel;
160
+ //# sourceMappingURL=tunnel.js.map
package/dist/plugins/azure/tunnel.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"tunnel.js","sourceRoot":"","sources":["../../../src/plugins/azure/tunnel.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,8CAAoD;AACpD,+CAA6C;AAC7C,qCAAmC;AAEnC,2DAA2C;AAE3C,MAAM,mBAAmB,GAAG,iBAAiB,CAAC;AAC9C,MAAM,kBAAkB,GAAG,CAAC,CAAC;AAE7B,sHAAsH;AACtH,oDAAoD;AACpD,MAAM,+BAA+B,GAAa;IAChD,wCAAwC;IACxC,gCAAgC;IAChC,kCAAkC;CACnC,CAAC;AAOK,MAAM,sBAAsB,GAAG,CACpC,OAAwB,EACxB,IAAY,EACZ,UAA+B,EAAE,EACjC,EAAE,CAAC,CAAC;IACJ,OAAO,EAAE,IAAI;IACb,IAAI,EAAE;QACJ,SAAS;QACT,SAAS;QACT,QAAQ;QACR,OAAO;QACP,OAAO,CAAC,SAAS;QACjB,sBAAsB;QACtB,OAAO,CAAC,UAAU;QAClB,iBAAiB;QACjB,IAAI;QACJ,QAAQ;QACR,IAAI;QACJ,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;KACtC;CACF,CAAC,CAAC;AApBU,QAAA,sBAAsB,0BAoBhC;AAEH,MAAM,gBAAgB,GAAG,GAAW,EAAE;IACpC,iGAAiG;IACjG,iGAAiG;IACjG,yEAAyE;IACzE,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,KAAK,CAAC,GAAG,KAAK,CAAC;IACvD,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC;AACzB,CAAC,CAAC;AAEF,MAAM,8BAA8B,GAAG,CACrC,OAAwB,EACxB,IAAY,EACZ,UAA+B,EAAE,EACL,EAAE;IAC9B,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC;IAE1B,OAAO,IAAI,OAAO,CAAoB,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACxD,IAAI,sBAAsB,GAAG,KAAK,CAAC;QACnC,IAAI,aAAa,GAAG,KAAK,CAAC;QAC1B,IAAI,MAAM,GAAG,EAAE,CAAC;QAChB,IAAI,MAAM,GAAG,EAAE,CAAC;QAEhB,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,IAAA,8BAAsB,EAAC,OAAO,EAAE,IAAI,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;QAE3E,IAAI,KAAK;YAAE,IAAA,cAAM,EAAC,0CAA0C,CAAC,CAAC;QAE9D,0GAA0G;QAC1G,iCAAiC;QACjC,MAAM,KAAK,GAAG,IAAA,0BAAK,EAAC,OAAO,EAAE,IAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;QAEvD,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;YACxB,aAAa,GAAG,IAAI,CAAC;YACrB,IAAI,IAAI,KAAK,CAAC,EAAE;gBACd,IAAI,KAAK;oBAAE,IAAA,cAAM,EAAC,+CAA+C,CAAC,CAAC;gBACnE,OAAO;aACR;YAED,IAAI,CAAC,KAAK,EAAE;gBACV,4GAA4G;gBAC5G,IAAA,cAAM,EAAC,MAAM,CAAC,CAAC;gBACf,IAAA,cAAM,EAAC,MAAM,CAAC,CAAC;aAChB;YAED,MAAM,CACJ,gFAAgF,IAAI,EAAE,CACvF,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;YAC/B,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;YACnC,MAAM,IAAI,GAAG,CAAC;YACd,IACE,KAAK;gBACL,CAAC,+BAA+B,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAClE;gBACA,IAAA,cAAM,EAAC,GAAG,CAAC,CAAC;aACb;QACH,CAAC,CAAC,CAAC;QAEH,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;YAC/B,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;YACnC,MAAM,IAAI,GAAG,CAAC;YACd,IACE,KAAK;gBACL,CAAC,+BAA+B,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAClE;gBACA,IAAA,cAAM,EAAC,GAAG,CAAC,CAAC;aACb;YAED,IAAI,GAAG,CAAC,QAAQ,CAAC,mBAAmB,CAAC,EAAE;gBACrC,IAAA,cAAM,EAAC,gCAAgC,CAAC,CAAC;gBAEzC,OAAO,CAAC;oBACN,UAAU,EAAE,GAAS,EAAE;wBACrB,IAAI,sBAAsB,IAAI,aAAa;4BAAE,OAAO;wBAEpD,sBAAsB,GAAG,IAAI,CAAC;wBAE9B,IAAI,KAAK,CAAC,GAAG,EAAE;4BACb,gGAAgG;4BAChG,iGAAiG;4BACjG,uGAAuG;4BACvG,wGAAwG;4BACxG,uGAAuG;4BACvG,2BAA2B;4BAC3B,IAAI;gCACF,IAAI,KAAK,EAAE;oCACT,IAAA,cAAM,EACJ,mDAAmD,KAAK,CAAC,GAAG,MAAM,CACnE,CAAC;iCACH;gCACD,OAAO,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;gCAEnC,oGAAoG;gCACpG,uGAAuG;gCACvG,mBAAmB;gCACnB,MAAM,YAAY,GAAG,GAAG,CAAC;gCACzB,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,EAAE,EAAE,KAAK,EAAE,EAAE;oCACvC,MAAM,IAAA,YAAK,EAAC,YAAY,CAAC,CAAC;oCAE1B,IAAI,aAAa,EAAE;wCACjB,IAAI,KAAK,EAAE;4CACT,IAAA,cAAM,EACJ,0DAA0D,KAAK,GAAG,YAAY,MAAM,CACrF,CAAC;yCACH;wCACD,OAAO;qCACR;iCACF;gCAED,IAAI,KAAK,EAAE;oCACT,IAAA,cAAM,EACJ,iCAAiC,KAAK,CAAC,GAAG,sCAAsC,CACjF,CAAC;iCACH;gCACD,OAAO,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;6BACrC;4BAAC,OAAO,KAAU,EAAE;gCACnB,kGAAkG;gCAClG,yCAAyC;gCACzC,IAAA,cAAM,EAAC,gDAAgD,KAAK,EAAE,CAAC,CAAC;gCAChE,KAAK,CAAC,KAAK,EAAE,CAAC;6BACf;yBACF;oBACH,CAAC,CAAA;oBACD,eAAe,EAAE,IAAI;iBACtB,CAAC,CAAC;aACJ;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC;AAEK,MAAM,qBAAqB,GAAG,CACnC,OAAwB,EACxB,OAA6B,EACD,EAAE;IAC9B,iGAAiG;IACjG,+EAA+E;IAE/E,OAAO,MAAM,IAAA,sBAAc,EACzB,GAAG,EAAE,CAAC,8BAA8B,CAAC,OAAO,EAAE,gBAAgB,EAAE,EAAE,OAAO,CAAC,EAC1E,GAAG,EAAE,CAAC,IAAI,EACV,kBAAkB,EAClB,IAAI,CACL,CAAC;AACJ,CAAC,CAAA,CAAC;AAbW,QAAA,qBAAqB,yBAahC"}
package/dist/plugins/azure/types.d.ts CHANGED
@@ -12,30 +12,36 @@ import { PermissionSpec } from "../../types/request";
12
12
  import { CliPermissionSpec } from "../../types/ssh";
13
13
  import { CommonSshPermissionSpec } from "../ssh/types";
14
14
  export type AzureSshPermissionSpec = PermissionSpec<"ssh", AzureSshPermission>;
15
- export type AzureSsh = CliPermissionSpec<AzureSshPermissionSpec, {
16
- linuxUserName: string;
17
- }>;
15
+ export type AzureSsh = CliPermissionSpec<AzureSshPermissionSpec, AzureLocalData>;
18
16
  export type AzureSshPermission = CommonSshPermissionSpec & {
19
17
  provider: "azure";
20
18
  destination: string;
21
19
  parent: string | undefined;
22
20
  group: string | undefined;
21
+ bastionHostId: string;
22
+ principal: string;
23
23
  resource: {
24
- instanceName: string;
25
24
  instanceId: string;
26
- subscriptionId: string;
25
+ instanceName: string;
27
26
  subscriptionName: string;
28
27
  resourceGroupId: string;
28
+ subscriptionId: string;
29
29
  region: string;
30
30
  networkInterfaceIds: string[];
31
31
  };
32
32
  };
33
33
  export type AzureNodeSpec = {
34
- type: "azure";
35
34
  instanceId: string;
36
35
  sudo?: boolean;
37
36
  };
38
- export type AzureSshRequest = AzureNodeSpec & {
39
- id: string;
37
+ export type AzureBastionSpec = {
38
+ bastionId: string;
39
+ };
40
+ export type AzureSshRequest = AzureNodeSpec & AzureBastionSpec & AzureLocalData & {
41
+ type: "azure";
42
+ id: "localhost";
43
+ subscriptionId: string;
44
+ };
45
+ export type AzureLocalData = {
40
46
  linuxUserName: string;
41
47
  };
package/dist/plugins/google/ssh.js CHANGED
@@ -65,6 +65,7 @@ exports.gcpSshProvider = {
65
65
  throw "Please try again after installing the required GCP utilities";
66
66
  }
67
67
  }),
68
+ validateSshKey: (request, publicKey) => request.permission.publicKey === publicKey,
68
69
  friendlyName: "Google Cloud",
69
70
  loginRequiredMessage: "Please login to Google Cloud CLI with 'gcloud auth login'",
70
71
  loginRequiredPattern: /You do not currently have an active account selected/,
package/dist/plugins/google/ssh.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ssh.js","sourceRoot":"","sources":["../../../src/plugins/google/ssh.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,mDAA0D;AAE1D,uCAAgD;AAChD,uCAAyC;AAGzC,oGAAoG;AACpG,MAAM,4BAA4B,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;AAEnD;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,2BAA2B,GAAG;IAClC,EAAE,OAAO,EAAE,iCAAiC,EAAE;IAC9C;QACE,mEAAmE;QACnE,OAAO,EAAE,uCAAuC;KACjD;IACD,EAAE,OAAO,EAAE,mDAAmD,EAAE;IAChE;QACE,OAAO,EAAE,+CAA+C;QACxD,kBAAkB,EAAE,IAAI;KACzB;IACD,EAAE,OAAO,EAAE,4DAA4D,EAAE;CACjE,CAAC;AAEE,QAAA,cAAc,GAIvB;IACF,uCAAuC;IACvC,kBAAkB,EAAE,GAAS,EAAE,kDAAC,OAAA,SAAS,CAAA,GAAA;IAEzC,aAAa,EAAE,GAAS,EAAE;QACxB,IAAI,CAAC,CAAC,MAAM,IAAA,6BAAmB,GAAE,CAAC,EAAE;YAClC,MAAM,8DAA8D,CAAC;SACtE;IACH,CAAC,CAAA;IAED,YAAY,EAAE,cAAc;IAE5B,oBAAoB,EAClB,2DAA2D;IAE7D,oBAAoB,EAAE,sDAAsD;IAE5E,oBAAoB,EAAE,4BAA4B;IAElD,4BAA4B,EAAE,CAAC,OAAO,EAAE,EAAE;QACxC,IAAI,IAAA,mBAAa,EAAC,OAAO,CAAC,EAAE;YAC1B,uCACK,OAAO;gBACV,6GAA6G;gBAC7G,6HAA6H;gBAC7H,OAAO,EAAE,MAAM,EACf,SAAS,EAAE,CAAC,IAAI,CAAC,IACjB;SACH;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,YAAY,EAAE,CAAC,OAAO,EAAE,EAAE;QACxB,OAAO;YACL,QAAQ;YACR,SAAS;YACT,kBAAkB;YAClB,OAAO,CAAC,EAAE;YACV,IAAI;YACJ,kEAAkE;YAClE,oGAAoG;YACpG,oEAAoE;YACpE,kDAAkD;YAClD,mBAAmB;YACnB,UAAU,OAAO,CAAC,IAAI,EAAE;YACxB,aAAa,OAAO,CAAC,SAAS,EAAE;SACjC,CAAC;IACJ,CAAC;IAED,aAAa,EAAE,GAAG,EAAE,CAAC,SAAS;IAE9B,YAAY,EAAE,CAAC,OAAO,EAAE,EAAE;QACxB,OAAO;YACL,EAAE,EAAE,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,YAAY;YAC5C,SAAS,EAAE,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,SAAS;YAChD,IAAI,EAAE,OAAO,CAAC,UAAU,CAAC,IAAI;YAC7B,aAAa,EAAE,OAAO,CAAC,YAAY,CAAC,aAAa;YACjD,IAAI,EAAE,QAAQ;SACf,CAAC;IACJ,CAAC;IAED,2BAA2B;IAE3B,YAAY,EAAE,CAAO,OAAO,EAAE,OAAO,EAAE,EAAE;QAAC,OAAA,iCACrC,OAAO,KACV,YAAY,EAAE;gBACZ,aAAa,EAAE,MAAM,IAAA,sBAAY,EAAC,OAAO,CAAC,UAAU,CAAC,SAAS,EAAE,OAAO,CAAC;aACzE,IACD,CAAA;MAAA;CACH,CAAC"}
1
+ {"version":3,"file":"ssh.js","sourceRoot":"","sources":["../../../src/plugins/google/ssh.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,mDAA0D;AAE1D,uCAAgD;AAChD,uCAAyC;AAGzC,oGAAoG;AACpG,MAAM,4BAA4B,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;AAEnD;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,2BAA2B,GAAG;IAClC,EAAE,OAAO,EAAE,iCAAiC,EAAE;IAC9C;QACE,mEAAmE;QACnE,OAAO,EAAE,uCAAuC;KACjD;IACD,EAAE,OAAO,EAAE,mDAAmD,EAAE;IAChE;QACE,OAAO,EAAE,+CAA+C;QACxD,kBAAkB,EAAE,IAAI;KACzB;IACD,EAAE,OAAO,EAAE,4DAA4D,EAAE;CACjE,CAAC;AAEE,QAAA,cAAc,GAIvB;IACF,uCAAuC;IACvC,kBAAkB,EAAE,GAAS,EAAE,kDAAC,OAAA,SAAS,CAAA,GAAA;IAEzC,aAAa,EAAE,GAAS,EAAE;QACxB,IAAI,CAAC,CAAC,MAAM,IAAA,6BAAmB,GAAE,CAAC,EAAE;YAClC,MAAM,8DAA8D,CAAC;SACtE;IACH,CAAC,CAAA;IAED,cAAc,EAAE,CAAC,OAAO,EAAE,SAAS,EAAE,EAAE,CACrC,OAAO,CAAC,UAAU,CAAC,SAAS,KAAK,SAAS;IAE5C,YAAY,EAAE,cAAc;IAE5B,oBAAoB,EAClB,2DAA2D;IAE7D,oBAAoB,EAAE,sDAAsD;IAE5E,oBAAoB,EAAE,4BAA4B;IAElD,4BAA4B,EAAE,CAAC,OAAO,EAAE,EAAE;QACxC,IAAI,IAAA,mBAAa,EAAC,OAAO,CAAC,EAAE;YAC1B,uCACK,OAAO;gBACV,6GAA6G;gBAC7G,6HAA6H;gBAC7H,OAAO,EAAE,MAAM,EACf,SAAS,EAAE,CAAC,IAAI,CAAC,IACjB;SACH;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,YAAY,EAAE,CAAC,OAAO,EAAE,EAAE;QACxB,OAAO;YACL,QAAQ;YACR,SAAS;YACT,kBAAkB;YAClB,OAAO,CAAC,EAAE;YACV,IAAI;YACJ,kEAAkE;YAClE,oGAAoG;YACpG,oEAAoE;YACpE,kDAAkD;YAClD,mBAAmB;YACnB,UAAU,OAAO,CAAC,IAAI,EAAE;YACxB,aAAa,OAAO,CAAC,SAAS,EAAE;SACjC,CAAC;IACJ,CAAC;IAED,aAAa,EAAE,GAAG,EAAE,CAAC,SAAS;IAE9B,YAAY,EAAE,CAAC,OAAO,EAAE,EAAE;QACxB,OAAO;YACL,EAAE,EAAE,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,YAAY;YAC5C,SAAS,EAAE,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,SAAS;YAChD,IAAI,EAAE,OAAO,CAAC,UAAU,CAAC,IAAI;YAC7B,aAAa,EAAE,OAAO,CAAC,YAAY,CAAC,aAAa;YACjD,IAAI,EAAE,QAAQ;SACf,CAAC;IACJ,CAAC;IAED,2BAA2B;IAE3B,YAAY,EAAE,CAAO,OAAO,EAAE,OAAO,EAAE,EAAE;QAAC,OAAA,iCACrC,OAAO,KACV,YAAY,EAAE;gBACZ,aAAa,EAAE,MAAM,IAAA,sBAAY,EAAC,OAAO,CAAC,UAAU,CAAC,SAAS,EAAE,OAAO,CAAC;aACzE,IACD,CAAA;MAAA;CACH,CAAC"}
package/dist/plugins/ssh/index.js CHANGED
@@ -143,14 +143,20 @@ function spawnSshNode(options) {
143
143
  });
144
144
  });
145
145
  }
146
- const createCommand = (data, args, proxyCommand) => {
147
- addCommonArgs(args, proxyCommand);
146
+ const createCommand = (data, args, setupData, proxyCommand) => {
147
+ var _a;
148
+ addCommonArgs(args, proxyCommand, setupData);
149
+ const sshOptionsOverrides = (_a = setupData === null || setupData === void 0 ? void 0 : setupData.sshOptions) !== null && _a !== void 0 ? _a : [];
150
+ const port = setupData === null || setupData === void 0 ? void 0 : setupData.port;
151
+ const argsOverride = sshOptionsOverrides.flatMap((opt) => ["-o", opt]);
148
152
  if ("source" in args) {
149
153
  addScpArgs(args);
150
154
  return {
151
155
  command: "scp",
152
156
  args: [
153
157
  ...(args.sshOptions ? args.sshOptions : []),
158
+ ...argsOverride,
159
+ ...(port ? ["-P", port] : []),
154
160
  args.source,
155
161
  args.destination,
156
162
  ],
@@ -160,6 +166,8 @@ const createCommand = (data, args, proxyCommand) => {
160
166
  command: "ssh",
161
167
  args: [
162
168
  ...(args.sshOptions ? args.sshOptions : []),
169
+ ...argsOverride,
170
+ ...(port ? ["-p", port] : []),
163
171
  `${data.linuxUserName}@${data.id}`,
164
172
  ...(args.command ? [args.command] : []),
165
173
  ...args.arguments.map((argument) =>
@@ -173,7 +181,8 @@ const createCommand = (data, args, proxyCommand) => {
173
181
  *
174
182
  * These common args are only added if they have not been explicitly specified by the end user.
175
183
  */
176
- const addCommonArgs = (args, proxyCommand) => {
184
+ const addCommonArgs = (args, sshProviderProxyCommand, setupData) => {
185
+ var _a;
177
186
  const sshOptions = args.sshOptions ? args.sshOptions : [];
178
187
  const identityFileOptionExists = sshOptions.some((opt, idx) => {
179
188
  var _a;
@@ -184,15 +193,15 @@ const addCommonArgs = (args, proxyCommand) => {
184
193
  // Explicitly specify which private key to use to avoid "Too many authentication failures"
185
194
  // error caused by SSH trying every available key
186
195
  if (!identityFileOptionExists) {
187
- sshOptions.push("-i", keys_1.PRIVATE_KEY_PATH);
196
+ sshOptions.push("-i", (_a = setupData === null || setupData === void 0 ? void 0 : setupData.identityFile) !== null && _a !== void 0 ? _a : keys_1.PRIVATE_KEY_PATH);
188
197
  // Only use the authentication identity specified by -i above
189
198
  if (!identitiesOnlyOptionExists) {
190
199
  sshOptions.push("-o", "IdentitiesOnly=yes");
191
200
  }
192
201
  }
193
- const proxyCommandExists = sshOptions.some((opt, idx) => { var _a; return opt === "-o" && ((_a = sshOptions[idx + 1]) === null || _a === void 0 ? void 0 : _a.startsWith("ProxyCommand")); });
194
- if (!proxyCommandExists) {
195
- sshOptions.push("-o", `ProxyCommand=${proxyCommand.join(" ")}`);
202
+ const userSpecifiedProxyCommand = sshOptions.some((opt, idx) => { var _a; return opt === "-o" && ((_a = sshOptions[idx + 1]) === null || _a === void 0 ? void 0 : _a.startsWith("ProxyCommand")); });
203
+ if (!userSpecifiedProxyCommand && sshProviderProxyCommand.length > 0) {
204
+ sshOptions.push("-o", `ProxyCommand=${sshProviderProxyCommand.join(" ")}`);
196
205
  }
197
206
  // Force verbose output from SSH so we can parse the output
198
207
  const verboseOptionExists = sshOptions.some((opt) => opt === "-v");
@@ -234,7 +243,8 @@ const preTestAccessPropagationIfNeeded = (sshProvider, request, cmdArgs, proxyCo
234
243
  // Pre-testing comes at a performance cost because we have to execute another ssh subprocess after
235
244
  // a successful test. Only do when absolutely necessary.
236
245
  if (testCmdArgs) {
237
- const { command, args } = createCommand(request, testCmdArgs, proxyCommand);
246
+ const { command, args } = createCommand(request, testCmdArgs, undefined, // No need to re-apply SSH options from setupData
247
+ proxyCommand);
238
248
  // Assumes that this is a non-interactive ssh command that exits automatically
239
249
  return spawnSshNode({
240
250
  credential,
@@ -251,15 +261,18 @@ const preTestAccessPropagationIfNeeded = (sshProvider, request, cmdArgs, proxyCo
251
261
  return null;
252
262
  });
253
263
  const sshOrScp = (args) => __awaiter(void 0, void 0, void 0, function* () {
264
+ var _a;
254
265
  const { authn, request, cmdArgs, privateKey, sshProvider } = args;
266
+ const { debug } = cmdArgs;
255
267
  if (!privateKey) {
256
268
  throw "Failed to load a private key for this request. Please contact support@p0.dev for assistance.";
257
269
  }
258
270
  const credential = yield sshProvider.cloudProviderLogin(authn, request);
259
271
  const proxyCommand = sshProvider.proxyCommand(request);
260
- const { command, args: commandArgs } = createCommand(request, cmdArgs, proxyCommand);
261
- if (cmdArgs.debug) {
262
- const reproCommands = sshProvider.reproCommands(request);
272
+ const setupData = yield ((_a = sshProvider.setup) === null || _a === void 0 ? void 0 : _a.call(sshProvider, request, { debug }));
273
+ const { command, args: commandArgs } = createCommand(request, cmdArgs, setupData, proxyCommand);
274
+ if (debug) {
275
+ const reproCommands = sshProvider.reproCommands(request, setupData);
263
276
  if (reproCommands) {
264
277
  const repro = [
265
278
  ...reproCommands,
@@ -269,20 +282,27 @@ const sshOrScp = (args) => __awaiter(void 0, void 0, void 0, function* () {
269
282
  }
270
283
  }
271
284
  const endTime = Date.now() + sshProvider.propagationTimeoutMs;
272
- const exitCode = yield preTestAccessPropagationIfNeeded(sshProvider, request, cmdArgs, proxyCommand, credential, endTime);
273
- if (exitCode && exitCode !== 0) {
274
- return exitCode; // Only exit if there was an error when pre-testing
285
+ let sshNodeExit;
286
+ try {
287
+ const exitCode = yield preTestAccessPropagationIfNeeded(sshProvider, request, cmdArgs, proxyCommand, credential, endTime);
288
+ if (exitCode && exitCode !== 0) {
289
+ return exitCode; // Only exit if there was an error when pre-testing
290
+ }
291
+ sshNodeExit = yield spawnSshNode({
292
+ credential,
293
+ abortController: new AbortController(),
294
+ command,
295
+ args: commandArgs,
296
+ stdio: ["inherit", "inherit", "pipe"],
297
+ debug,
298
+ provider: request.type,
299
+ endTime: endTime,
300
+ });
275
301
  }
276
- return spawnSshNode({
277
- credential,
278
- abortController: new AbortController(),
279
- command,
280
- args: commandArgs,
281
- stdio: ["inherit", "inherit", "pipe"],
282
- debug: cmdArgs.debug,
283
- provider: request.type,
284
- endTime: endTime,
285
- });
302
+ finally {
303
+ yield (setupData === null || setupData === void 0 ? void 0 : setupData.teardown());
304
+ }
305
+ return sshNodeExit;
286
306
  });
287
307
  exports.sshOrScp = sshOrScp;
288
308
  //# sourceMappingURL=index.js.map
package/dist/plugins/ssh/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/plugins/ssh/index.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,mDAAuE;AACvE,4CAAqD;AACrD,+CAA6C;AAG7C,qCAAmC;AAEnC,2DAK4B;AAG5B;;GAEG;AACH,MAAM,4BAA4B,GAAG,GAAG,CAAC;AAEzC,MAAM,cAAc,GAAG,IAAI,CAAC;AAE5B;;;;;;;;;;;;;;;GAeG;AACH,MAAM,sBAAsB,GAAG,CAC7B,QAAqB,EACrB,KAAgD,EAChD,OAA4B,EAC5B,EAAE;IACF,IAAI,gCAAgC,GAAG,KAAK,CAAC;IAC7C,IAAI,gBAAgB,GAAG,KAAK,CAAC;IAE7B,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE;QAChC,MAAM,WAAW,GAAW,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QACpD,8BAA8B,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;QAErD,MAAM,KAAK,GAAG,QAAQ,CAAC,2BAA2B,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAClE,WAAW,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CACnC,CAAC;QAEF,IAAI,KAAK,EAAE;YACT,gCAAgC,GAAG,IAAI,CAAC;SACzC;QAED,IAAI,QAAQ,CAAC,oBAAoB,EAAE;YACjC,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,QAAQ,CAAC,oBAAoB,CAAC,CAAC;YACpE,gBAAgB,GAAG,gBAAgB,IAAI,CAAC,CAAC,UAAU,CAAC,CAAC,yBAAyB;SAC/E;QAED,IAAI,gBAAgB,EAAE;YACpB,gCAAgC,GAAG,KAAK,CAAC,CAAC,yDAAyD;SACpG;IACH,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,kBAAkB,EAAE,GAAG,EAAE,CAAC,CAAC,gCAAgC;QAC3D,gBAAgB,EAAE,GAAG,EAAE,CAAC,gBAAgB;KACzC,CAAC;AACJ,CAAC,CAAC;AAEF;;;;;;;GAOG;AACH,MAAM,8BAA8B,GAAG,CACrC,WAAmB,EACnB,OAA4B,EAC5B,EAAE;IACF,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACtC,MAAM,SAAS,GAAG,OAAO,CAAC,0BAA0B,CAAC;IAErD,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE;QACxB,IAAI,OAAO,CAAC,KAAK,EAAE;YACjB,IAAA,cAAM,EAAC,IAAI,CAAC,CAAC;SACd;aAAM;YACL,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE;gBACnD,oEAAoE;gBACpE,IAAA,cAAM,EAAC,IAAI,CAAC,CAAC;aACd;iBAAM,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,QAAQ,CAAC,wBAAwB,CAAC,EAAE;gBAChE,8DAA8D;gBAC9D,IAAA,cAAM,EAAC,IAAI,CAAC,CAAC;aACd;SACF;KACF;AACH,CAAC,CAAC;AAEF,MAAM,iBAAiB,GAAG,CACxB,UAAsC,EACtC,OAAe,EACf,IAAc,EACd,KAAwC,EACxC,EAAE,CACF,IAAA,0BAAK,EAAC,OAAO,EAAE,IAAI,EAAE;IACnB,GAAG,kCACE,OAAO,CAAC,GAAG,GACX,UAAU,CACd;IACD,KAAK;IACL,KAAK,EAAE,KAAK;CACb,CAAC,CAAC;AAeL,SAAe,YAAY,CACzB,OAA4B;;QAE5B,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,MAAM,QAAQ,GAAG,mBAAa,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YAEjD,IAAI,OAAO,CAAC,KAAK,EAAE;gBACjB,MAAM,MAAM,GAAG,OAAO,CAAC,0BAA0B;oBAC/C,CAAC,CAAC,aAAa;oBACf,CAAC,CAAC,QAAQ,CAAC;gBACb,MAAM,gBAAgB,GAAG,CAAC,CAAC,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,OAAO,CACrE,CAAC,CACF,CAAC;gBACF,IAAA,cAAM,EACJ,oCAAoC,MAAM,oCAAoC,gBAAgB,WAAW,CAC1G,CAAC;aACH;YAED,MAAM,KAAK,GAAG,iBAAiB,CAC7B,OAAO,CAAC,UAAU,EAClB,OAAO,CAAC,OAAO,EACf,OAAO,CAAC,IAAI,EACZ,OAAO,CAAC,KAAK,CACd,CAAC;YAEF,mIAAmI;YACnI,MAAM,EAAE,kBAAkB,EAAE,gBAAgB,EAAE,GAAG,sBAAsB,CACrE,QAAQ,EACR,KAAK,EACL,OAAO,CACR,CAAC;YAEF,MAAM,YAAY,GAAG,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;;gBAC7C,YAAY,CAAC,KAAK,EAAE,CAAC;gBACrB,uEAAuE;gBACvE,sDAAsD;gBACtD,IAAI,CAAC,kBAAkB,EAAE,EAAE;oBACzB,IAAI,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE;wBAChC,MAAM,CACJ,oCAAoC,QAAQ,CAAC,YAAY,yDAAyD,CACnH,CAAC;wBACF,OAAO;qBACR;oBAED,IAAA,YAAK,EAAC,cAAc,CAAC;yBAClB,IAAI,CAAC,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;yBACjC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;yBAC7B,KAAK,CAAC,MAAM,CAAC,CAAC;oBACjB,OAAO;iBACR;qBAAM,IAAI,gBAAgB,EAAE,EAAE;oBAC7B,MAAM,CACJ,MAAA,QAAQ,CAAC,oBAAoB,mCAC3B,wBAAwB,QAAQ,CAAC,YAAY,aAAa,CAC7D,CAAC;oBACF,OAAO;iBACR;gBAED,MAAA,OAAO,CAAC,eAAe,0CAAE,KAAK,CAAC,IAAI,CAAC,CAAC;gBACrC,IAAI,CAAC,OAAO,CAAC,0BAA0B;oBAAE,IAAA,cAAM,EAAC,wBAAwB,CAAC,CAAC;gBAC1E,OAAO,CAAC,IAAI,CAAC,CAAC;YAChB,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;CAAA;AAED,MAAM,aAAa,GAAG,CACpB,IAAgB,EAChB,IAAiB,EACjB,YAAsB,EACtB,EAAE;IACF,aAAa,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;IAElC,IAAI,QAAQ,IAAI,IAAI,EAAE;QACpB,UAAU,CAAC,IAAI,CAAC,CAAC;QAEjB,OAAO;YACL,OAAO,EAAE,KAAK;YACd,IAAI,EAAE;gBACJ,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC3C,IAAI,CAAC,MAAM;gBACX,IAAI,CAAC,WAAW;aACjB;SACF,CAAC;KACH;IAED,OAAO;QACL,OAAO,EAAE,KAAK;QACd,IAAI,EAAE;YACJ,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;YAC3C,GAAG,IAAI,CAAC,aAAa,IAAI,IAAI,CAAC,EAAE,EAAE;YAClC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACvC,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CACnB,CAAC,QAAQ,EAAE,EAAE;YACX,yGAAyG;YACzG,mGAAmG;YACnG,IAAI,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,CAC/C;SACF;KACF,CAAC;AACJ,CAAC,CAAC;AAEF;;;GAGG;AACH,MAAM,aAAa,GAAG,CAAC,IAAiB,EAAE,YAAsB,EAAE,EAAE;IAClE,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;IAE1D,MAAM,wBAAwB,GAAG,UAAU,CAAC,IAAI,CAC9C,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;;QACX,OAAA,CAAC,GAAG,KAAK,IAAI,IAAI,UAAU,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;YACrC,CAAC,GAAG,KAAK,IAAI,KAAI,MAAA,UAAU,CAAC,GAAG,GAAG,CAAC,CAAC,0CAAE,UAAU,CAAC,cAAc,CAAC,CAAA,CAAC,CAAA;KAAA,CACpE,CAAC;IAEF,MAAM,0BAA0B,GAAG,UAAU,CAAC,IAAI,CAChD,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,WACX,OAAA,GAAG,KAAK,IAAI,KAAI,MAAA,UAAU,CAAC,GAAG,GAAG,CAAC,CAAC,0CAAE,UAAU,CAAC,gBAAgB,CAAC,CAAA,CAAA,EAAA,CACpE,CAAC;IAEF,0FAA0F;IAC1F,iDAAiD;IACjD,IAAI,CAAC,wBAAwB,EAAE;QAC7B,UAAU,CAAC,IAAI,CAAC,IAAI,EAAE,uBAAgB,CAAC,CAAC;QACxC,6DAA6D;QAC7D,IAAI,CAAC,0BAA0B,EAAE;YAC/B,UAAU,CAAC,IAAI,CAAC,IAAI,EAAE,oBAAoB,CAAC,CAAC;SAC7C;KACF;IAED,MAAM,kBAAkB,GAAG,UAAU,CAAC,IAAI,CACxC,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,WACX,OAAA,GAAG,KAAK,IAAI,KAAI,MAAA,UAAU,CAAC,GAAG,GAAG,CAAC,CAAC,0CAAE,UAAU,CAAC,cAAc,CAAC,CAAA,CAAA,EAAA,CAClE,CAAC;IAEF,IAAI,CAAC,kBAAkB,EAAE;QACvB,UAAU,CAAC,IAAI,CAAC,IAAI,EAAE,gBAAgB,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;KACjE;IAED,2DAA2D;IAC3D,MAAM,mBAAmB,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,KAAK,IAAI,CAAC,CAAC;IACnE,IAAI,CAAC,mBAAmB,EAAE;QACxB,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;KACvB;AACH,CAAC,CAAC;AAEF,MAAM,UAAU,GAAG,CAAC,IAAiB,EAAE,EAAE;IACvC,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;IAE1D,+DAA+D;IAC/D,iCAAiC;IACjC,MAAM,+BAA+B,GAAG,UAAU,CAAC,IAAI,CACrD,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,WACX,OAAA,GAAG,KAAK,IAAI,KAAI,MAAA,UAAU,CAAC,GAAG,GAAG,CAAC,CAAC,0CAAE,UAAU,CAAC,qBAAqB,CAAC,CAAA,CAAA,EAAA,CACzE,CAAC;IAEF,IAAI,CAAC,+BAA+B,EAAE;QACpC,UAAU,CAAC,IAAI,CAAC,IAAI,EAAE,uBAAuB,CAAC,CAAC;KAChD;IAED,MAAM,+BAA+B,GAAG,UAAU,CAAC,IAAI,CACrD,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,WACX,OAAA,GAAG,KAAK,IAAI,KAAI,MAAA,UAAU,CAAC,GAAG,GAAG,CAAC,CAAC,0CAAE,UAAU,CAAC,qBAAqB,CAAC,CAAA,CAAA,EAAA,CACzE,CAAC;IAEF,IAAI,CAAC,+BAA+B,EAAE;QACpC,UAAU,CAAC,IAAI,CAAC,IAAI,EAAE,yBAAyB,CAAC,CAAC;KAClD;IAED,MAAM,qBAAqB,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,KAAK,IAAI,CAAC,CAAC;IACrE,IAAI,CAAC,qBAAqB,EAAE;QAC1B,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;KACvB;AACH,CAAC,CAAC;AAEF,uJAAuJ;AACvJ,MAAM,iBAAiB,GAAG,CAAC,IAAc,EAAE,EAAE;IAC3C,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QACtB,8DAA8D;QAC9D,IAAI,GAAG,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE;YACnC,MAAM,CAAC,IAAI,EAAE,GAAG,KAAK,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,2HAA2H;YACpK,OAAO,GAAG,IAAI,KAAK,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;SACvC;QACD,OAAO,GAAG,CAAC;IACb,CAAC,CAAC,CAAC;AACL,CAAC,CAAC;AAEF,+HAA+H;AAC/H,MAAM,gCAAgC,GAAG,CAGvC,WAAc,EACd,OAAmB,EACnB,OAAoB,EACpB,YAAsB,EACtB,UAEa,EACb,OAAe,EACf,EAAE;IACF,MAAM,WAAW,GAAG,WAAW,CAAC,4BAA4B,CAAC,OAAO,CAAC,CAAC;IAEtE,kGAAkG;IAClG,wDAAwD;IACxD,IAAI,WAAW,EAAE;QACf,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,aAAa,CAAC,OAAO,EAAE,WAAW,EAAE,YAAY,CAAC,CAAC;QAC5E,8EAA8E;QAC9E,OAAO,YAAY,CAAC;YAClB,UAAU;YACV,eAAe,EAAE,IAAI,eAAe,EAAE;YACtC,OAAO;YACP,IAAI;YACJ,KAAK,EAAE,CAAC,SAAS,EAAE,SAAS,EAAE,MAAM,CAAC;YACrC,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,QAAQ,EAAE,OAAO,CAAC,IAAI;YACtB,OAAO,EAAE,OAAO;YAChB,0BAA0B,EAAE,IAAI;SACjC,CAAC,CAAC;KACJ;IACD,OAAO,IAAI,CAAC;AACd,CAAC,CAAA,CAAC;AAEK,MAAM,QAAQ,GAAG,CAAO,IAM9B,EAAE,EAAE;IACH,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC;IAElE,IAAI,CAAC,UAAU,EAAE;QACf,MAAM,8FAA8F,CAAC;KACtG;IAED,MAAM,UAAU,GACd,MAAM,WAAW,CAAC,kBAAkB,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IAEvD,MAAM,YAAY,GAAG,WAAW,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;IAEvD,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,aAAa,CAClD,OAAO,EACP,OAAO,EACP,YAAY,CACb,CAAC;IAEF,IAAI,OAAO,CAAC,KAAK,EAAE;QACjB,MAAM,aAAa,GAAG,WAAW,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;QACzD,IAAI,aAAa,EAAE;YACjB,MAAM,KAAK,GAAG;gBACZ,GAAG,aAAa;gBAChB,GAAG,OAAO,IAAI,iBAAiB,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;aACzD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACb,IAAA,cAAM,EACJ,gGAAgG,KAAK,2BAA2B,CACjI,CAAC;SACH;KACF;IAED,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,WAAW,CAAC,oBAAoB,CAAC;IAE9D,MAAM,QAAQ,GAAG,MAAM,gCAAgC,CACrD,WAAW,EACX,OAAO,EACP,OAAO,EACP,YAAY,EACZ,UAAU,EACV,OAAO,CACR,CAAC;IACF,IAAI,QAAQ,IAAI,QAAQ,KAAK,CAAC,EAAE;QAC9B,OAAO,QAAQ,CAAC,CAAC,mDAAmD;KACrE;IAED,OAAO,YAAY,CAAC;QAClB,UAAU;QACV,eAAe,EAAE,IAAI,eAAe,EAAE;QACtC,OAAO;QACP,IAAI,EAAE,WAAW;QACjB,KAAK,EAAE,CAAC,SAAS,EAAE,SAAS,EAAE,MAAM,CAAC;QACrC,KAAK,EAAE,OAAO,CAAC,KAAK;QACpB,QAAQ,EAAE,OAAO,CAAC,IAAI;QACtB,OAAO,EAAE,OAAO;KACjB,CAAC,CAAC;AACL,CAAC,CAAA,CAAC;AA7DW,QAAA,QAAQ,YA6DnB"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/plugins/ssh/index.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,mDAImC;AACnC,4CAAqD;AACrD,+CAA6C;AAG7C,qCAAmC;AAEnC,2DAK4B;AAG5B;;GAEG;AACH,MAAM,4BAA4B,GAAG,GAAG,CAAC;AAEzC,MAAM,cAAc,GAAG,IAAI,CAAC;AAE5B;;;;;;;;;;;;;;;GAeG;AACH,MAAM,sBAAsB,GAAG,CAC7B,QAAqB,EACrB,KAAgD,EAChD,OAA4B,EAC5B,EAAE;IACF,IAAI,gCAAgC,GAAG,KAAK,CAAC;IAC7C,IAAI,gBAAgB,GAAG,KAAK,CAAC;IAE7B,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE;QAChC,MAAM,WAAW,GAAW,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QACpD,8BAA8B,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;QAErD,MAAM,KAAK,GAAG,QAAQ,CAAC,2BAA2B,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAClE,WAAW,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CACnC,CAAC;QAEF,IAAI,KAAK,EAAE;YACT,gCAAgC,GAAG,IAAI,CAAC;SACzC;QAED,IAAI,QAAQ,CAAC,oBAAoB,EAAE;YACjC,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,QAAQ,CAAC,oBAAoB,CAAC,CAAC;YACpE,gBAAgB,GAAG,gBAAgB,IAAI,CAAC,CAAC,UAAU,CAAC,CAAC,yBAAyB;SAC/E;QAED,IAAI,gBAAgB,EAAE;YACpB,gCAAgC,GAAG,KAAK,CAAC,CAAC,yDAAyD;SACpG;IACH,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,kBAAkB,EAAE,GAAG,EAAE,CAAC,CAAC,gCAAgC;QAC3D,gBAAgB,EAAE,GAAG,EAAE,CAAC,gBAAgB;KACzC,CAAC;AACJ,CAAC,CAAC;AAEF;;;;;;;GAOG;AACH,MAAM,8BAA8B,GAAG,CACrC,WAAmB,EACnB,OAA4B,EAC5B,EAAE;IACF,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACtC,MAAM,SAAS,GAAG,OAAO,CAAC,0BAA0B,CAAC;IAErD,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE;QACxB,IAAI,OAAO,CAAC,KAAK,EAAE;YACjB,IAAA,cAAM,EAAC,IAAI,CAAC,CAAC;SACd;aAAM;YACL,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE;gBACnD,oEAAoE;gBACpE,IAAA,cAAM,EAAC,IAAI,CAAC,CAAC;aACd;iBAAM,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,QAAQ,CAAC,wBAAwB,CAAC,EAAE;gBAChE,8DAA8D;gBAC9D,IAAA,cAAM,EAAC,IAAI,CAAC,CAAC;aACd;SACF;KACF;AACH,CAAC,CAAC;AAEF,MAAM,iBAAiB,GAAG,CACxB,UAAsC,EACtC,OAAe,EACf,IAAc,EACd,KAAwC,EACxC,EAAE,CACF,IAAA,0BAAK,EAAC,OAAO,EAAE,IAAI,EAAE;IACnB,GAAG,kCACE,OAAO,CAAC,GAAG,GACX,UAAU,CACd;IACD,KAAK;IACL,KAAK,EAAE,KAAK;CACb,CAAC,CAAC;AAeL,SAAe,YAAY,CACzB,OAA4B;;QAE5B,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,MAAM,QAAQ,GAAG,mBAAa,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YAEjD,IAAI,OAAO,CAAC,KAAK,EAAE;gBACjB,MAAM,MAAM,GAAG,OAAO,CAAC,0BAA0B;oBAC/C,CAAC,CAAC,aAAa;oBACf,CAAC,CAAC,QAAQ,CAAC;gBACb,MAAM,gBAAgB,GAAG,CAAC,CAAC,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,OAAO,CACrE,CAAC,CACF,CAAC;gBACF,IAAA,cAAM,EACJ,oCAAoC,MAAM,oCAAoC,gBAAgB,WAAW,CAC1G,CAAC;aACH;YAED,MAAM,KAAK,GAAG,iBAAiB,CAC7B,OAAO,CAAC,UAAU,EAClB,OAAO,CAAC,OAAO,EACf,OAAO,CAAC,IAAI,EACZ,OAAO,CAAC,KAAK,CACd,CAAC;YAEF,mIAAmI;YACnI,MAAM,EAAE,kBAAkB,EAAE,gBAAgB,EAAE,GAAG,sBAAsB,CACrE,QAAQ,EACR,KAAK,EACL,OAAO,CACR,CAAC;YAEF,MAAM,YAAY,GAAG,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;;gBAC7C,YAAY,CAAC,KAAK,EAAE,CAAC;gBACrB,uEAAuE;gBACvE,sDAAsD;gBACtD,IAAI,CAAC,kBAAkB,EAAE,EAAE;oBACzB,IAAI,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE;wBAChC,MAAM,CACJ,oCAAoC,QAAQ,CAAC,YAAY,yDAAyD,CACnH,CAAC;wBACF,OAAO;qBACR;oBAED,IAAA,YAAK,EAAC,cAAc,CAAC;yBAClB,IAAI,CAAC,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;yBACjC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;yBAC7B,KAAK,CAAC,MAAM,CAAC,CAAC;oBACjB,OAAO;iBACR;qBAAM,IAAI,gBAAgB,EAAE,EAAE;oBAC7B,MAAM,CACJ,MAAA,QAAQ,CAAC,oBAAoB,mCAC3B,wBAAwB,QAAQ,CAAC,YAAY,aAAa,CAC7D,CAAC;oBACF,OAAO;iBACR;gBAED,MAAA,OAAO,CAAC,eAAe,0CAAE,KAAK,CAAC,IAAI,CAAC,CAAC;gBACrC,IAAI,CAAC,OAAO,CAAC,0BAA0B;oBAAE,IAAA,cAAM,EAAC,wBAAwB,CAAC,CAAC;gBAC1E,OAAO,CAAC,IAAI,CAAC,CAAC;YAChB,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;CAAA;AAED,MAAM,aAAa,GAAG,CACpB,IAAgB,EAChB,IAAiB,EACjB,SAAyC,EACzC,YAAsB,EACtB,EAAE;;IACF,aAAa,CAAC,IAAI,EAAE,YAAY,EAAE,SAAS,CAAC,CAAC;IAE7C,MAAM,mBAAmB,GAAG,MAAA,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,UAAU,mCAAI,EAAE,CAAC;IACxD,MAAM,IAAI,GAAG,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,IAAI,CAAC;IAE7B,MAAM,YAAY,GAAG,mBAAmB,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC;IAEvE,IAAI,QAAQ,IAAI,IAAI,EAAE;QACpB,UAAU,CAAC,IAAI,CAAC,CAAC;QAEjB,OAAO;YACL,OAAO,EAAE,KAAK;YACd,IAAI,EAAE;gBACJ,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC3C,GAAG,YAAY;gBACf,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC7B,IAAI,CAAC,MAAM;gBACX,IAAI,CAAC,WAAW;aACjB;SACF,CAAC;KACH;IAED,OAAO;QACL,OAAO,EAAE,KAAK;QACd,IAAI,EAAE;YACJ,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;YAC3C,GAAG,YAAY;YACf,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC7B,GAAG,IAAI,CAAC,aAAa,IAAI,IAAI,CAAC,EAAE,EAAE;YAClC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACvC,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CACnB,CAAC,QAAQ,EAAE,EAAE;YACX,yGAAyG;YACzG,mGAAmG;YACnG,IAAI,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,CAC/C;SACF;KACF,CAAC;AACJ,CAAC,CAAC;AAEF;;;GAGG;AACH,MAAM,aAAa,GAAG,CACpB,IAAiB,EACjB,uBAAiC,EACjC,SAAyC,EACzC,EAAE;;IACF,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;IAE1D,MAAM,wBAAwB,GAAG,UAAU,CAAC,IAAI,CAC9C,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;;QACX,OAAA,CAAC,GAAG,KAAK,IAAI,IAAI,UAAU,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;YACrC,CAAC,GAAG,KAAK,IAAI,KAAI,MAAA,UAAU,CAAC,GAAG,GAAG,CAAC,CAAC,0CAAE,UAAU,CAAC,cAAc,CAAC,CAAA,CAAC,CAAA;KAAA,CACpE,CAAC;IAEF,MAAM,0BAA0B,GAAG,UAAU,CAAC,IAAI,CAChD,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,WACX,OAAA,GAAG,KAAK,IAAI,KAAI,MAAA,UAAU,CAAC,GAAG,GAAG,CAAC,CAAC,0CAAE,UAAU,CAAC,gBAAgB,CAAC,CAAA,CAAA,EAAA,CACpE,CAAC;IAEF,0FAA0F;IAC1F,iDAAiD;IACjD,IAAI,CAAC,wBAAwB,EAAE;QAC7B,UAAU,CAAC,IAAI,CAAC,IAAI,EAAE,MAAA,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,YAAY,mCAAI,uBAAgB,CAAC,CAAC;QAEnE,6DAA6D;QAC7D,IAAI,CAAC,0BAA0B,EAAE;YAC/B,UAAU,CAAC,IAAI,CAAC,IAAI,EAAE,oBAAoB,CAAC,CAAC;SAC7C;KACF;IAED,MAAM,yBAAyB,GAAG,UAAU,CAAC,IAAI,CAC/C,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,WACX,OAAA,GAAG,KAAK,IAAI,KAAI,MAAA,UAAU,CAAC,GAAG,GAAG,CAAC,CAAC,0CAAE,UAAU,CAAC,cAAc,CAAC,CAAA,CAAA,EAAA,CAClE,CAAC;IAEF,IAAI,CAAC,yBAAyB,IAAI,uBAAuB,CAAC,MAAM,GAAG,CAAC,EAAE;QACpE,UAAU,CAAC,IAAI,CAAC,IAAI,EAAE,gBAAgB,uBAAuB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;KAC5E;IAED,2DAA2D;IAC3D,MAAM,mBAAmB,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,KAAK,IAAI,CAAC,CAAC;IACnE,IAAI,CAAC,mBAAmB,EAAE;QACxB,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;KACvB;AACH,CAAC,CAAC;AAEF,MAAM,UAAU,GAAG,CAAC,IAAiB,EAAE,EAAE;IACvC,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;IAE1D,+DAA+D;IAC/D,iCAAiC;IACjC,MAAM,+BAA+B,GAAG,UAAU,CAAC,IAAI,CACrD,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,WACX,OAAA,GAAG,KAAK,IAAI,KAAI,MAAA,UAAU,CAAC,GAAG,GAAG,CAAC,CAAC,0CAAE,UAAU,CAAC,qBAAqB,CAAC,CAAA,CAAA,EAAA,CACzE,CAAC;IAEF,IAAI,CAAC,+BAA+B,EAAE;QACpC,UAAU,CAAC,IAAI,CAAC,IAAI,EAAE,uBAAuB,CAAC,CAAC;KAChD;IAED,MAAM,+BAA+B,GAAG,UAAU,CAAC,IAAI,CACrD,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,WACX,OAAA,GAAG,KAAK,IAAI,KAAI,MAAA,UAAU,CAAC,GAAG,GAAG,CAAC,CAAC,0CAAE,UAAU,CAAC,qBAAqB,CAAC,CAAA,CAAA,EAAA,CACzE,CAAC;IAEF,IAAI,CAAC,+BAA+B,EAAE;QACpC,UAAU,CAAC,IAAI,CAAC,IAAI,EAAE,yBAAyB,CAAC,CAAC;KAClD;IAED,MAAM,qBAAqB,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,KAAK,IAAI,CAAC,CAAC;IACrE,IAAI,CAAC,qBAAqB,EAAE;QAC1B,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;KACvB;AACH,CAAC,CAAC;AAEF,uJAAuJ;AACvJ,MAAM,iBAAiB,GAAG,CAAC,IAAc,EAAE,EAAE;IAC3C,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QACtB,8DAA8D;QAC9D,IAAI,GAAG,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE;YACnC,MAAM,CAAC,IAAI,EAAE,GAAG,KAAK,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,2HAA2H;YACpK,OAAO,GAAG,IAAI,KAAK,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;SACvC;QACD,OAAO,GAAG,CAAC;IACb,CAAC,CAAC,CAAC;AACL,CAAC,CAAC;AAEF,+HAA+H;AAC/H,MAAM,gCAAgC,GAAG,CAGvC,WAAc,EACd,OAAmB,EACnB,OAAoB,EACpB,YAAsB,EACtB,UAEa,EACb,OAAe,EACf,EAAE;IACF,MAAM,WAAW,GAAG,WAAW,CAAC,4BAA4B,CAAC,OAAO,CAAC,CAAC;IAEtE,kGAAkG;IAClG,wDAAwD;IACxD,IAAI,WAAW,EAAE;QACf,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,aAAa,CACrC,OAAO,EACP,WAAW,EACX,SAAS,EAAE,iDAAiD;QAC5D,YAAY,CACb,CAAC;QACF,8EAA8E;QAC9E,OAAO,YAAY,CAAC;YAClB,UAAU;YACV,eAAe,EAAE,IAAI,eAAe,EAAE;YACtC,OAAO;YACP,IAAI;YACJ,KAAK,EAAE,CAAC,SAAS,EAAE,SAAS,EAAE,MAAM,CAAC;YACrC,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,QAAQ,EAAE,OAAO,CAAC,IAAI;YACtB,OAAO,EAAE,OAAO;YAChB,0BAA0B,EAAE,IAAI;SACjC,CAAC,CAAC;KACJ;IACD,OAAO,IAAI,CAAC;AACd,CAAC,CAAA,CAAC;AAEK,MAAM,QAAQ,GAAG,CAAO,IAM9B,EAAE,EAAE;;IACH,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC;IAClE,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC;IAE1B,IAAI,CAAC,UAAU,EAAE;QACf,MAAM,8FAA8F,CAAC;KACtG;IAED,MAAM,UAAU,GACd,MAAM,WAAW,CAAC,kBAAkB,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IAEvD,MAAM,YAAY,GAAG,WAAW,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;IAEvD,MAAM,SAAS,GAAG,MAAM,CAAA,MAAA,WAAW,CAAC,KAAK,4DAAG,OAAO,EAAE,EAAE,KAAK,EAAE,CAAC,CAAA,CAAC;IAEhE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,aAAa,CAClD,OAAO,EACP,OAAO,EACP,SAAS,EACT,YAAY,CACb,CAAC;IAEF,IAAI,KAAK,EAAE;QACT,MAAM,aAAa,GAAG,WAAW,CAAC,aAAa,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QACpE,IAAI,aAAa,EAAE;YACjB,MAAM,KAAK,GAAG;gBACZ,GAAG,aAAa;gBAChB,GAAG,OAAO,IAAI,iBAAiB,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;aACzD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACb,IAAA,cAAM,EACJ,gGAAgG,KAAK,2BAA2B,CACjI,CAAC;SACH;KACF;IAED,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,WAAW,CAAC,oBAAoB,CAAC;IAE9D,IAAI,WAAW,CAAC;IAEhB,IAAI;QACF,MAAM,QAAQ,GAAG,MAAM,gCAAgC,CACrD,WAAW,EACX,OAAO,EACP,OAAO,EACP,YAAY,EACZ,UAAU,EACV,OAAO,CACR,CAAC;QACF,IAAI,QAAQ,IAAI,QAAQ,KAAK,CAAC,EAAE;YAC9B,OAAO,QAAQ,CAAC,CAAC,mDAAmD;SACrE;QAED,WAAW,GAAG,MAAM,YAAY,CAAC;YAC/B,UAAU;YACV,eAAe,EAAE,IAAI,eAAe,EAAE;YACtC,OAAO;YACP,IAAI,EAAE,WAAW;YACjB,KAAK,EAAE,CAAC,SAAS,EAAE,SAAS,EAAE,MAAM,CAAC;YACrC,KAAK;YACL,QAAQ,EAAE,OAAO,CAAC,IAAI;YACtB,OAAO,EAAE,OAAO;SACjB,CAAC,CAAC;KACJ;YAAS;QACR,MAAM,CAAA,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,QAAQ,EAAE,CAAA,CAAC;KAC7B;IAED,OAAO,WAAW,CAAC;AACrB,CAAC,CAAA,CAAC;AAzEW,QAAA,QAAQ,YAyEnB"}
package/dist/types/ssh.d.ts CHANGED
@@ -8,7 +8,7 @@ This file is part of @p0security/cli
8
8
 
9
9
  You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
10
10
  **/
11
- import { CommandArgs } from "../commands/shared/ssh";
11
+ import { CommandArgs, SshAdditionalSetup } from "../commands/shared/ssh";
12
12
  import { AwsSsh, AwsSshPermissionSpec, AwsSshRequest } from "../plugins/aws/types";
13
13
  import { AzureSsh, AzureSshPermissionSpec, AzureSshRequest } from "../plugins/azure/types";
14
14
  import { GcpSsh, GcpSshPermissionSpec, GcpSshRequest } from "../plugins/google/types";
@@ -26,6 +26,8 @@ export type SshProvider<PR extends PluginSshRequest = PluginSshRequest, O extend
26
26
  cloudProviderLogin: (authn: Authn, request: SR) => Promise<C>;
27
27
  /** Callback to ensure that this provider's CLI utils are installed */
28
28
  ensureInstall: () => Promise<void>;
29
+ /** Validate the SSH key if necessary; throw an exception if the key is invalid */
30
+ validateSshKey?: (request: Request<PR>, publicKey: string) => boolean;
29
31
  /** A human-readable name for this CSP */
30
32
  friendlyName: string;
31
33
  /** Friendly message to ask the user to log in to the CSP */
@@ -42,11 +44,16 @@ export type SshProvider<PR extends PluginSshRequest = PluginSshRequest, O extend
42
44
  * the actual ssh/scp command.
43
45
  */
44
46
  preTestAccessPropagationArgs: (cmdArgs: CommandArgs) => CommandArgs | undefined;
47
+ /** Perform any setup required before running the SSH command. Returns a list of additional arguments to pass to the
48
+ * SSH command. */
49
+ setup?: (request: SR, options?: {
50
+ debug?: boolean;
51
+ }) => Promise<SshAdditionalSetup>;
45
52
  /** Returns the command and its arguments that are going to be injected as the ssh ProxyCommand option */
46
53
  proxyCommand: (request: SR) => string[];
47
54
  /** Each element in the returned array is a command that can be run to reproduce the
48
55
  * steps of logging in the user to the ssh session. */
49
- reproCommands: (request: SR) => string[] | undefined;
56
+ reproCommands: (request: SR, additionalData?: SshAdditionalSetup) => string[] | undefined;
50
57
  /** Unwraps this provider's types */
51
58
  requestToSsh: (request: CliPermissionSpec<PR, O>) => SR;
52
59
  /** Regex matches for error strings indicating that the provider has not yet fully provisioned node acces */
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@p0security/cli",
3
- "version": "0.12.0",
3
+ "version": "0.13.0",
4
4
  "description": "Execute infra CLI commands with P0 grants",
5
5
  "main": "index.ts",
6
6
  "repository": {