@p0security/cli 0.22.6 → 0.24.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/dist/commands/index.js +18 -2
- package/build/dist/commands/index.js.map +1 -1
- package/build/dist/commands/print-bearer-token.js +2 -1
- package/build/dist/commands/print-bearer-token.js.map +1 -1
- package/build/dist/commands/rdp.js +3 -2
- package/build/dist/commands/rdp.js.map +1 -1
- package/build/dist/commands/scp.js +49 -35
- package/build/dist/commands/scp.js.map +1 -1
- package/build/dist/commands/shared/request.js +21 -0
- package/build/dist/commands/shared/request.js.map +1 -1
- package/build/dist/commands/shared/ssh.d.ts +4 -0
- package/build/dist/commands/shared/ssh.js +29 -14
- package/build/dist/commands/shared/ssh.js.map +1 -1
- package/build/dist/commands/ssh.js +42 -29
- package/build/dist/commands/ssh.js.map +1 -1
- package/build/dist/common/auth/server.js +1 -0
- package/build/dist/common/auth/server.js.map +1 -1
- package/build/dist/drivers/api.js +1 -2
- package/build/dist/drivers/api.js.map +1 -1
- package/build/dist/drivers/config.d.ts +1 -0
- package/build/dist/drivers/config.js +3 -1
- package/build/dist/drivers/config.js.map +1 -1
- package/build/dist/index.js +4 -0
- package/build/dist/index.js.map +1 -1
- package/build/dist/middlewares/version.js +14 -21
- package/build/dist/middlewares/version.js.map +1 -1
- package/build/dist/opentelemetry/constants.d.ts +16 -0
- package/build/dist/opentelemetry/constants.js +20 -0
- package/build/dist/opentelemetry/constants.js.map +1 -0
- package/build/dist/opentelemetry/instrumentation.js +1 -0
- package/build/dist/opentelemetry/instrumentation.js.map +1 -1
- package/build/dist/opentelemetry/otel-helpers.d.ts +56 -0
- package/build/dist/opentelemetry/otel-helpers.js +139 -0
- package/build/dist/opentelemetry/otel-helpers.js.map +1 -0
- package/build/dist/plugins/aws/idc/index.js +2 -2
- package/build/dist/plugins/aws/idc/index.js.map +1 -1
- package/build/dist/plugins/aws/ssh.js +7 -4
- package/build/dist/plugins/aws/ssh.js.map +1 -1
- package/build/dist/plugins/aws/types.d.ts +20 -11
- package/build/dist/plugins/kubeconfig/index.js +7 -5
- package/build/dist/plugins/kubeconfig/index.js.map +1 -1
- package/build/dist/plugins/kubeconfig/types.d.ts +13 -8
- package/build/dist/plugins/rdp/index.js +2 -1
- package/build/dist/plugins/rdp/index.js.map +1 -1
- package/build/dist/plugins/ssh/index.js +65 -50
- package/build/dist/plugins/ssh/index.js.map +1 -1
- package/build/dist/types/request.d.ts +3 -6
- package/build/tsconfig.build.tsbuildinfo +1 -1
- package/package.json +1 -1
|
@@ -26,6 +26,7 @@ You should have received a copy of the GNU General Public License along with @p0
|
|
|
26
26
|
const config_1 = require("../drivers/config");
|
|
27
27
|
const stdio_1 = require("../drivers/stdio");
|
|
28
28
|
const version_1 = require("../middlewares/version");
|
|
29
|
+
const otel_helpers_1 = require("../opentelemetry/otel-helpers");
|
|
29
30
|
const version_2 = require("../version");
|
|
30
31
|
const allow_1 = require("./allow");
|
|
31
32
|
const aws_1 = require("./aws");
|
|
@@ -41,7 +42,7 @@ const scp_1 = require("./scp");
|
|
|
41
42
|
const ssh_1 = require("./ssh");
|
|
42
43
|
const ssh_proxy_1 = require("./ssh-proxy");
|
|
43
44
|
const ssh_resolve_1 = require("./ssh-resolve");
|
|
44
|
-
const
|
|
45
|
+
const api_1 = require("@opentelemetry/api");
|
|
45
46
|
const yargs_1 = __importDefault(require("yargs"));
|
|
46
47
|
const helpers_1 = require("yargs/helpers");
|
|
47
48
|
const commands = [
|
|
@@ -99,6 +100,20 @@ const getCli = () => __awaiter(void 0, void 0, void 0, function* () {
|
|
|
99
100
|
.strict()
|
|
100
101
|
.demandCommand(1)
|
|
101
102
|
.fail((message, error, yargs) => {
|
|
103
|
+
// Mark active span as error if it exists
|
|
104
|
+
// Wrapped in try/catch - telemetry must never break the CLI
|
|
105
|
+
try {
|
|
106
|
+
const activeSpan = api_1.trace.getActiveSpan();
|
|
107
|
+
if (activeSpan) {
|
|
108
|
+
const errorMessage = error ? String(error) : message;
|
|
109
|
+
(0, otel_helpers_1.markSpanError)(activeSpan, errorMessage);
|
|
110
|
+
}
|
|
111
|
+
}
|
|
112
|
+
catch (e) {
|
|
113
|
+
// Silently ignore telemetry failures
|
|
114
|
+
// CLI functionality takes precedence over observability
|
|
115
|
+
}
|
|
116
|
+
// Print error messages (existing behavior)
|
|
102
117
|
if (error) {
|
|
103
118
|
(0, stdio_1.print2)(error);
|
|
104
119
|
}
|
|
@@ -107,7 +122,8 @@ const getCli = () => __awaiter(void 0, void 0, void 0, function* () {
|
|
|
107
122
|
(0, stdio_1.print2)(`\n${message}`);
|
|
108
123
|
(0, stdio_1.print2)(`\n${(0, config_1.getHelpMessage)()}`);
|
|
109
124
|
}
|
|
110
|
-
|
|
125
|
+
// Use exitProcess instead of sys.exit for consistent span handling
|
|
126
|
+
(0, otel_helpers_1.exitProcess)(1);
|
|
111
127
|
});
|
|
112
128
|
});
|
|
113
129
|
exports.getCli = getCli;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/commands/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,8CAAmD;AACnD,4CAAkD;AAClD,oDAAsD;AACtD,wCAAiE;AACjE,mCAAuC;AACvC,+BAAmC;AACnC,mCAAuC;AACvC,6CAAiD;AACjD,mCAAuC;AACvC,qCAAyC;AACzC,6BAAiC;AACjC,6DAA+D;AAC/D,+BAAmC;AACnC,uCAA2C;AAC3C,+BAAmC;AACnC,+BAAmC;AACnC,2CAA8C;AAC9C,+CAAkD;AAClD,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/commands/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,8CAAmD;AACnD,4CAAkD;AAClD,oDAAsD;AACtD,gEAA2E;AAC3E,wCAAiE;AACjE,mCAAuC;AACvC,+BAAmC;AACnC,mCAAuC;AACvC,6CAAiD;AACjD,mCAAuC;AACvC,qCAAyC;AACzC,6BAAiC;AACjC,6DAA+D;AAC/D,+BAAmC;AACnC,uCAA2C;AAC3C,+BAAmC;AACnC,+BAAmC;AACnC,2CAA8C;AAC9C,+CAAkD;AAClD,4CAA2C;AAC3C,kDAA0B;AAC1B,2CAAwC;AAExC,MAAM,QAAQ,GAAG;IACf,gBAAU;IACV,oBAAY;IACZ,oBAAY;IACZ,sBAAa;IACb,cAAS;IACT,wBAAc;IACd,oBAAY;IACZ,gBAAU;IACV,2BAAe;IACf,+BAAiB;IACjB,gBAAU;IACV,gBAAU;IACV,8BAAiB;IACjB,4CAAuB;CACxB,CAAC;AAEF,MAAM,SAAS,GAAG,GAAS,EAAE;IAC3B,MAAM,IAAI,GAAG,IAAA,eAAK,EAAC,IAAA,iBAAO,EAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAC/C,IAAA,8BAAoB,EAAC,uBAAa,CAAC,CACpC,CAAC;IAEF,6FAA6F;IAC7F,MAAM,gBAAgB,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAClD,IAAI,CAAC,QAAQ,GAAG,CAAC,GAAoC,EAAE,EAAE;QACvD,IAAI,OAAO,GAAG,KAAK,UAAU,EAAE;YAC7B,gBAAgB,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,GAAG,IAAA,uBAAc,GAAE,CAAC,CAAC,CAAC;SAC3D;aAAM;YACL,gBAAgB,CAAC,GAAG,CAAC,CAAC;YACtB,IAAA,cAAM,EAAC,KAAK,IAAA,uBAAc,GAAE,EAAE,CAAC,CAAC;SACjC;QAED,OAAO,IAAI,CAAC;IACd,CAAC,CAAC;IAEF,OAAO,IAAI,CAAC;AACd,CAAC,CAAA,CAAC;AAEF,4DAA4D;AAC5D,MAAM,mBAAmB,GAAG,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;AAEzD,SAAe,uBAAuB,CAAC,IAA8B;;QACnE,MAAM,cAAc,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAEjC,IAAI,OAAO,cAAc,KAAK,QAAQ,EAAE;YACtC,OAAO;SACR;QAED,IAAI,mBAAmB,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE;YAChD,OAAO;SACR;aAAM;YACL,OAAO,MAAM,IAAA,sBAAY,EAAC,IAAI,CAAC,CAAC;SACjC;IACH,CAAC;CAAA;AAEM,MAAM,MAAM,GAAG,GAAS,EAAE;IAC/B,OAAA,QAAQ;SACL,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,MAAM,SAAS,EAAE,CAAC;SACzC,UAAU,CAAC,uBAAuB,CAAC;SACnC,MAAM,EAAE;SACR,aAAa,CAAC,CAAC,CAAC;SAChB,IAAI,CAAC,CAAC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE;QAC9B,yCAAyC;QACzC,4DAA4D;QAC5D,IAAI;YACF,MAAM,UAAU,GAAG,WAAK,CAAC,aAAa,EAAE,CAAC;YACzC,IAAI,UAAU,EAAE;gBACd,MAAM,YAAY,GAAG,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;gBACrD,IAAA,4BAAa,EAAC,UAAU,EAAE,YAAY,CAAC,CAAC;aACzC;SACF;QAAC,OAAO,CAAC,EAAE;YACV,qCAAqC;YACrC,wDAAwD;SACzD;QAED,2CAA2C;QAC3C,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,KAAK,CAAC,CAAC;SACf;aAAM;YACL,IAAA,cAAM,EAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;YACrB,IAAA,cAAM,EAAC,KAAK,OAAO,EAAE,CAAC,CAAC;YACvB,IAAA,cAAM,EAAC,KAAK,IAAA,uBAAc,GAAE,EAAE,CAAC,CAAC;SACjC;QAED,mEAAmE;QACnE,IAAA,0BAAW,EAAC,CAAC,CAAC,CAAC;IACjB,CAAC,CAAC,CAAA;EAAA,CAAC;AA/BM,QAAA,MAAM,UA+BZ"}
|
|
@@ -22,6 +22,7 @@ You should have received a copy of the GNU General Public License along with @p0
|
|
|
22
22
|
**/
|
|
23
23
|
const auth_1 = require("../drivers/auth");
|
|
24
24
|
const stdio_1 = require("../drivers/stdio");
|
|
25
|
+
const otel_helpers_1 = require("../opentelemetry/otel-helpers");
|
|
25
26
|
const printBearerTokenArgs = (yargs) => yargs.help(false);
|
|
26
27
|
const printBearerTokenCommand = (yargs) => yargs.command("print-bearer-token", false, // hides command from --help output
|
|
27
28
|
printBearerTokenArgs, exports.printBearerToken);
|
|
@@ -31,7 +32,7 @@ const printBearerToken = () => __awaiter(void 0, void 0, void 0, function* () {
|
|
|
31
32
|
const token = yield authn.getToken();
|
|
32
33
|
if (!token) {
|
|
33
34
|
(0, stdio_1.print2)("No access token found in identity.");
|
|
34
|
-
|
|
35
|
+
(0, otel_helpers_1.exitProcess)(1);
|
|
35
36
|
}
|
|
36
37
|
(0, stdio_1.print1)(token);
|
|
37
38
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"print-bearer-token.js","sourceRoot":"","sources":["../../../src/commands/print-bearer-token.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,0CAA+C;AAC/C,4CAAkD;
|
|
1
|
+
{"version":3,"file":"print-bearer-token.js","sourceRoot":"","sources":["../../../src/commands/print-bearer-token.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,0CAA+C;AAC/C,4CAAkD;AAClD,gEAA4D;AAG5D,MAAM,oBAAoB,GAAG,CAAI,KAAoB,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAErE,MAAM,uBAAuB,GAAG,CAAC,KAAiB,EAAE,EAAE,CAC3D,KAAK,CAAC,OAAO,CACX,oBAAoB,EACpB,KAAK,EAAE,mCAAmC;AAC1C,oBAAoB,EACpB,wBAAgB,CACjB,CAAC;AANS,QAAA,uBAAuB,2BAMhC;AAEG,MAAM,gBAAgB,GAAG,GAAS,EAAE;IACzC,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAY,GAAE,CAAC;IAEnC,MAAM,KAAK,GAAG,MAAM,KAAK,CAAC,QAAQ,EAAE,CAAC;IACrC,IAAI,CAAC,KAAK,EAAE;QACV,IAAA,cAAM,EAAC,oCAAoC,CAAC,CAAC;QAC7C,IAAA,0BAAW,EAAC,CAAC,CAAC,CAAC;KAChB;IACD,IAAA,cAAM,EAAC,KAAK,CAAC,CAAC;AAChB,CAAC,CAAA,CAAC;AATW,QAAA,gBAAgB,oBAS3B"}
|
|
@@ -22,6 +22,7 @@ You should have received a copy of the GNU General Public License along with @p0
|
|
|
22
22
|
**/
|
|
23
23
|
const auth_1 = require("../drivers/auth");
|
|
24
24
|
const stdio_1 = require("../drivers/stdio");
|
|
25
|
+
const otel_helpers_1 = require("../opentelemetry/otel-helpers");
|
|
25
26
|
const rdp_1 = require("../plugins/rdp");
|
|
26
27
|
const util_1 = require("../util");
|
|
27
28
|
const rdpCommand = (yargs) => yargs.command("rdp <destination>", "Connect to a Windows virtual machine via RDP", (yargs) => yargs
|
|
@@ -64,14 +65,14 @@ const rdpAction = (cmdArgs) => __awaiter(void 0, void 0, void 0, function* () {
|
|
|
64
65
|
const os = (0, util_1.getOperatingSystem)();
|
|
65
66
|
if (os !== "win") {
|
|
66
67
|
(0, stdio_1.print2)("RDP session connections are only supported on Windows.");
|
|
67
|
-
|
|
68
|
+
(0, otel_helpers_1.exitProcess)(1);
|
|
68
69
|
}
|
|
69
70
|
const authn = yield (0, auth_1.authenticate)(cmdArgs);
|
|
70
71
|
yield (0, rdp_1.rdp)(authn, cmdArgs);
|
|
71
72
|
// Force exit to prevent hanging due to orphaned child processes
|
|
72
73
|
// Skip in tests to avoid killing the test runner
|
|
73
74
|
if (process.env.NODE_ENV !== "unit") {
|
|
74
|
-
|
|
75
|
+
(0, otel_helpers_1.exitProcess)(0);
|
|
75
76
|
}
|
|
76
77
|
});
|
|
77
78
|
//# sourceMappingURL=rdp.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rdp.js","sourceRoot":"","sources":["../../../src/commands/rdp.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,0CAA+C;AAC/C,4CAA0C;AAC1C,wCAAqC;AAErC,kCAAyD;AAGlD,MAAM,UAAU,GAAG,CAAC,KAAiB,EAAE,EAAE,CAC9C,KAAK,CAAC,OAAO,CACX,mBAAmB,EACnB,8CAA8C,EAC9C,CAAC,KAAK,EAAE,EAAE,CACR,KAAK;KACF,UAAU,CAAC,aAAa,EAAE;IACzB,IAAI,EAAE,QAAQ;IACd,YAAY,EAAE,IAAI;CACnB,CAAC;KACD,MAAM,CAAC,QAAQ,EAAE;IAChB,QAAQ,EAAE,yBAAyB;IACnC,IAAI,EAAE,QAAQ;CACf,CAAC;KACD,MAAM,CAAC,OAAO,EAAE;IACf,IAAI,EAAE,SAAS;IACf,QAAQ,EAAE,0BAA0B;IACpC,OAAO,EAAE,KAAK;CACf,CAAC;KACD,MAAM,CAAC,WAAW,EAAE;IACnB,IAAI,EAAE,SAAS;IACf,QAAQ,EAAE,6CAA6C;IACvD,OAAO,EAAE,KAAK;CACf,CAAC;KACD,KAAK,CAAC,sBAAsB,CAAC;KAC7B,QAAQ,CACP;;;MAGJ,IAAA,iBAAU,GAAE,iDAAiD,CAC1D,EAEL,SAAS,CACV,CAAC;AAjCS,QAAA,UAAU,cAiCnB;AAEJ;;;;;;;;GAQG;AACH,MAAM,SAAS,GAAG,CAAO,OAAiD,EAAE,EAAE;IAC5E,wEAAwE;IACxE,sJAAsJ;IACtJ,MAAM,EAAE,GAAG,IAAA,yBAAkB,GAAE,CAAC;IAChC,IAAI,EAAE,KAAK,KAAK,EAAE;QAChB,IAAA,cAAM,EAAC,wDAAwD,CAAC,CAAC;QACjE,
|
|
1
|
+
{"version":3,"file":"rdp.js","sourceRoot":"","sources":["../../../src/commands/rdp.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,0CAA+C;AAC/C,4CAA0C;AAC1C,gEAA4D;AAC5D,wCAAqC;AAErC,kCAAyD;AAGlD,MAAM,UAAU,GAAG,CAAC,KAAiB,EAAE,EAAE,CAC9C,KAAK,CAAC,OAAO,CACX,mBAAmB,EACnB,8CAA8C,EAC9C,CAAC,KAAK,EAAE,EAAE,CACR,KAAK;KACF,UAAU,CAAC,aAAa,EAAE;IACzB,IAAI,EAAE,QAAQ;IACd,YAAY,EAAE,IAAI;CACnB,CAAC;KACD,MAAM,CAAC,QAAQ,EAAE;IAChB,QAAQ,EAAE,yBAAyB;IACnC,IAAI,EAAE,QAAQ;CACf,CAAC;KACD,MAAM,CAAC,OAAO,EAAE;IACf,IAAI,EAAE,SAAS;IACf,QAAQ,EAAE,0BAA0B;IACpC,OAAO,EAAE,KAAK;CACf,CAAC;KACD,MAAM,CAAC,WAAW,EAAE;IACnB,IAAI,EAAE,SAAS;IACf,QAAQ,EAAE,6CAA6C;IACvD,OAAO,EAAE,KAAK;CACf,CAAC;KACD,KAAK,CAAC,sBAAsB,CAAC;KAC7B,QAAQ,CACP;;;MAGJ,IAAA,iBAAU,GAAE,iDAAiD,CAC1D,EAEL,SAAS,CACV,CAAC;AAjCS,QAAA,UAAU,cAiCnB;AAEJ;;;;;;;;GAQG;AACH,MAAM,SAAS,GAAG,CAAO,OAAiD,EAAE,EAAE;IAC5E,wEAAwE;IACxE,sJAAsJ;IACtJ,MAAM,EAAE,GAAG,IAAA,yBAAkB,GAAE,CAAC;IAChC,IAAI,EAAE,KAAK,KAAK,EAAE;QAChB,IAAA,cAAM,EAAC,wDAAwD,CAAC,CAAC;QACjE,IAAA,0BAAW,EAAC,CAAC,CAAC,CAAC;KAChB;IAED,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAY,EAAC,OAAO,CAAC,CAAC;IAC1C,MAAM,IAAA,SAAG,EAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IAE1B,gEAAgE;IAChE,iDAAiD;IACjD,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,MAAM,EAAE;QACnC,IAAA,0BAAW,EAAC,CAAC,CAAC,CAAC;KAChB;AACH,CAAC,CAAA,CAAC"}
|
|
@@ -21,6 +21,7 @@ This file is part of @p0security/cli
|
|
|
21
21
|
You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
|
|
22
22
|
**/
|
|
23
23
|
const auth_1 = require("../drivers/auth");
|
|
24
|
+
const otel_helpers_1 = require("../opentelemetry/otel-helpers");
|
|
24
25
|
const ssh_1 = require("../plugins/ssh");
|
|
25
26
|
const ssh_2 = require("../types/ssh");
|
|
26
27
|
const ssh_3 = require("./shared/ssh");
|
|
@@ -53,7 +54,8 @@ const scpCommand = (yargs) => yargs.command("scp <source> <destination>",
|
|
|
53
54
|
})
|
|
54
55
|
.option("sudo", {
|
|
55
56
|
type: "boolean",
|
|
56
|
-
describe: "Add user to sudoers file",
|
|
57
|
+
describe: "Add user to sudoers file. Set P0_SSH_SUDO=1 to enable by default.",
|
|
58
|
+
default: (0, ssh_3.getDefaultSudo)(),
|
|
57
59
|
})
|
|
58
60
|
.option("debug", {
|
|
59
61
|
type: "boolean",
|
|
@@ -73,41 +75,53 @@ exports.scpCommand = scpCommand;
|
|
|
73
75
|
* Implicitly gains access to the SSH resource if required.
|
|
74
76
|
*/
|
|
75
77
|
const scpAction = (args) => __awaiter(void 0, void 0, void 0, function* () {
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
privateKey,
|
|
102
|
-
|
|
103
|
-
|
|
78
|
+
yield (0, otel_helpers_1.traceSpan)("scp.command", (span) => __awaiter(void 0, void 0, void 0, function* () {
|
|
79
|
+
span.setAttribute("source", args.source);
|
|
80
|
+
span.setAttribute("destination", args.destination);
|
|
81
|
+
if (args.provider) {
|
|
82
|
+
span.setAttribute("provider", args.provider);
|
|
83
|
+
}
|
|
84
|
+
if (args.sudo) {
|
|
85
|
+
span.setAttribute("sudo", args.sudo);
|
|
86
|
+
}
|
|
87
|
+
// Clean up any stale SSH config files before proceeding
|
|
88
|
+
yield (0, ssh_cleanup_1.cleanupStaleSshConfigs)(args.debug);
|
|
89
|
+
const authn = yield (0, auth_1.authenticate)(args);
|
|
90
|
+
const sshOptions = Array.isArray(args["--"])
|
|
91
|
+
? args["--"].map(String)
|
|
92
|
+
: [];
|
|
93
|
+
args.sshOptions = sshOptions;
|
|
94
|
+
// TODO(ENG-3142): Azure SSH currently doesn't support specifying a port; throw an error if one is set.
|
|
95
|
+
if (args.provider === "azure" &&
|
|
96
|
+
sshOptions.some((opt) => opt.startsWith("-P"))) {
|
|
97
|
+
throw "Azure SSH does not currently support specifying a port. SSH on the target VM must be listening on the default port 22.";
|
|
98
|
+
}
|
|
99
|
+
const host = getHostIdentifier(args.source, args.destination);
|
|
100
|
+
if (!host) {
|
|
101
|
+
throw "Could not determine host identifier from source or destination";
|
|
102
|
+
}
|
|
103
|
+
const { request, requestId, privateKey, sshProvider, sshHostKeys } = yield (0, ssh_3.prepareRequest)(authn, args, host);
|
|
104
|
+
// replace the host with the linuxUserName@instanceId
|
|
105
|
+
const { source, destination } = replaceHostWithInstance(request, args);
|
|
106
|
+
const exitCode = yield (0, ssh_1.sshOrScp)({
|
|
107
|
+
authn,
|
|
108
|
+
request,
|
|
109
|
+
requestId,
|
|
110
|
+
cmdArgs: Object.assign(Object.assign({}, args), { source,
|
|
111
|
+
destination }),
|
|
112
|
+
privateKey,
|
|
113
|
+
sshProvider,
|
|
114
|
+
sshHostKeys,
|
|
115
|
+
});
|
|
116
|
+
// Force exit to prevent hanging due to orphaned child processes (e.g., session-manager-plugin)
|
|
117
|
+
// holding open file descriptors. See: https://github.com/aws/amazon-ssm-agent/issues/173
|
|
118
|
+
// Skip in tests to avoid killing the test runner
|
|
119
|
+
if (process.env.NODE_ENV !== "unit") {
|
|
120
|
+
(0, otel_helpers_1.exitProcess)(exitCode !== null && exitCode !== void 0 ? exitCode : 0);
|
|
121
|
+
}
|
|
122
|
+
}), {
|
|
123
|
+
command: "scp",
|
|
104
124
|
});
|
|
105
|
-
// Force exit to prevent hanging due to orphaned child processes (e.g., session-manager-plugin)
|
|
106
|
-
// holding open file descriptors. See: https://github.com/aws/amazon-ssm-agent/issues/173
|
|
107
|
-
// Skip in tests to avoid killing the test runner
|
|
108
|
-
if (process.env.NODE_ENV !== "unit") {
|
|
109
|
-
process.exit(exitCode !== null && exitCode !== void 0 ? exitCode : 0);
|
|
110
|
-
}
|
|
111
125
|
});
|
|
112
126
|
/** If a path is not explicitly local, use this pattern to determine if it's remote */
|
|
113
127
|
const REMOTE_PATTERN_COLON = /^([^:]+:)(.*)$/; // Matches host:[path]
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scp.js","sourceRoot":"","sources":["../../../src/commands/scp.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,0CAA+C;AAC/C,wCAA0C;AAC1C,sCAAiE;AACjE,
|
|
1
|
+
{"version":3,"file":"scp.js","sourceRoot":"","sources":["../../../src/commands/scp.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,0CAA+C;AAC/C,gEAAuE;AACvE,wCAA0C;AAC1C,sCAAiE;AACjE,sCAA8E;AAC9E,sDAA8D;AAGvD,MAAM,UAAU,GAAG,CAAC,KAAiB,EAAE,EAAE,CAC9C,KAAK,CAAC,OAAO,CACX,4BAA4B;AAC5B,6DAA6D;AAC7D,mDAAmD,EACnD,CAAC,KAAK,EAAE,EAAE,CACR,KAAK;KACF,UAAU,CAAC,QAAQ,EAAE;IACpB,IAAI,EAAE,QAAQ;IACd,YAAY,EAAE,IAAI;IAClB,WAAW,EAAE,wBAAwB;CACtC,CAAC;KACD,UAAU,CAAC,aAAa,EAAE;IACzB,IAAI,EAAE,QAAQ;IACd,YAAY,EAAE,IAAI;IAClB,WAAW,EAAE,wBAAwB;CACtC,CAAC;KACD,MAAM,CAAC,QAAQ,EAAE;IAChB,QAAQ,EAAE,yBAAyB;IACnC,IAAI,EAAE,QAAQ;CACf,CAAC;KACD,MAAM,CAAC,SAAS,EAAE;IACjB,IAAI,EAAE,QAAQ;IACd,QAAQ,EAAE,8CAA8C;CACzD,CAAC;KACD,MAAM,CAAC,UAAU,EAAE;IAClB,IAAI,EAAE,QAAQ;IACd,QAAQ,EAAE,iDAAiD;IAC3D,OAAO,EAAE,2BAAqB;CAC/B,CAAC;KACD,MAAM,CAAC,MAAM,EAAE;IACd,IAAI,EAAE,SAAS;IACf,QAAQ,EACN,mEAAmE;IACrE,OAAO,EAAE,IAAA,oBAAc,GAAE;CAC1B,CAAC;KACD,MAAM,CAAC,OAAO,EAAE;IACf,IAAI,EAAE,SAAS;IACf,QAAQ,EAAE,0BAA0B;CACrC,CAAC;KACD,KAAK,CAAC,8CAA8C,CAAC;IACtD,+DAA+D;KAC9D,mBAAmB,CAAC;IACnB,YAAY,EAAE,IAAI;CACnB,CAAC;KACD,QAAQ,CACP;;sGAE4F,CAC7F,EAEL,SAAS,CACV,CAAC;AApDS,QAAA,UAAU,cAoDnB;AAEJ;;;GAGG;AACH,MAAM,SAAS,GAAG,CAAO,IAA8C,EAAE,EAAE;IACzE,MAAM,IAAA,wBAAS,EACb,aAAa,EACb,CAAO,IAAI,EAAE,EAAE;QACb,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;QACzC,IAAI,CAAC,YAAY,CAAC,aAAa,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QACnD,IAAI,IAAI,CAAC,QAAQ,EAAE;YACjB,IAAI,CAAC,YAAY,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;SAC9C;QACD,IAAI,IAAI,CAAC,IAAI,EAAE;YACb,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;SACtC;QAED,wDAAwD;QACxD,MAAM,IAAA,oCAAsB,EAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAEzC,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAY,EAAC,IAAI,CAAC,CAAC;QAEvC,MAAM,UAAU,GAAa,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACpD,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC;YACxB,CAAC,CAAC,EAAE,CAAC;QACP,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAE7B,uGAAuG;QACvG,IACE,IAAI,CAAC,QAAQ,KAAK,OAAO;YACzB,UAAU,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,EAC9C;YACA,MAAM,wHAAwH,CAAC;SAChI;QAED,MAAM,IAAI,GAAG,iBAAiB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QAE9D,IAAI,CAAC,IAAI,EAAE;YACT,MAAM,gEAAgE,CAAC;SACxE;QAED,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,EAAE,GAChE,MAAM,IAAA,oBAAc,EAAC,KAAK,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;QAE1C,qDAAqD;QACrD,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,GAAG,uBAAuB,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;QAEvE,MAAM,QAAQ,GAAG,MAAM,IAAA,cAAQ,EAAC;YAC9B,KAAK;YACL,OAAO;YACP,SAAS;YACT,OAAO,kCACF,IAAI,KACP,MAAM;gBACN,WAAW,GACZ;YACD,UAAU;YACV,WAAW;YACX,WAAW;SACZ,CAAC,CAAC;QAEH,+FAA+F;QAC/F,yFAAyF;QACzF,iDAAiD;QACjD,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,MAAM,EAAE;YACnC,IAAA,0BAAW,EAAC,QAAQ,aAAR,QAAQ,cAAR,QAAQ,GAAI,CAAC,CAAC,CAAC;SAC5B;IACH,CAAC,CAAA,EACD;QACE,OAAO,EAAE,KAAK;KACf,CACF,CAAC;AACJ,CAAC,CAAA,CAAC;AAEF,sFAAsF;AACtF,MAAM,oBAAoB,GAAG,gBAAgB,CAAC,CAAC,sBAAsB;AAErE,gFAAgF;AAChF,MAAM,kBAAkB,GAAG,CAAC,IAAY,EAAW,EAAE;IACnD,OAAO,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACzC,CAAC,CAAC;AAEF,MAAM,iBAAiB,GAAG,CAAC,MAAc,EAAE,WAAmB,EAAE,EAAE;IAChE,6FAA6F;IAC7F,MAAM,cAAc,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;IAClD,MAAM,mBAAmB,GAAG,kBAAkB,CAAC,WAAW,CAAC,CAAC;IAE5D,MAAM,MAAM,GAAG,cAAc,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC;IAErD,IAAI,cAAc,IAAI,mBAAmB,EAAE;QACzC,OAAO,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;KAC7B;IAED,6DAA6D;IAC7D,MAAM,0DAA0D,CAAC;AACnE,CAAC,CAAC;AAEF,MAAM,uBAAuB,GAAG,CAAC,MAAkB,EAAE,IAAoB,EAAE,EAAE;IAC3E,IAAI,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;IACzB,IAAI,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;IAEnC,IAAI,kBAAkB,CAAC,MAAM,CAAC,EAAE;QAC9B,MAAM,GAAG,GAAG,MAAM,CAAC,aAAa,IAAI,MAAM,CAAC,EAAE,IAAI,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;KACzE;IAED,IAAI,kBAAkB,CAAC,WAAW,CAAC,EAAE;QACnC,WAAW,GAAG,GAAG,MAAM,CAAC,aAAa,IAAI,MAAM,CAAC,EAAE,IAAI,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;KACnF;IAED,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;AACjC,CAAC,CAAC"}
|
|
@@ -30,6 +30,8 @@ You should have received a copy of the GNU General Public License along with @p0
|
|
|
30
30
|
const api_1 = require("../../drivers/api");
|
|
31
31
|
const auth_1 = require("../../drivers/auth");
|
|
32
32
|
const stdio_1 = require("../../drivers/stdio");
|
|
33
|
+
const otel_helpers_1 = require("../../opentelemetry/otel-helpers");
|
|
34
|
+
const api_2 = require("@opentelemetry/api");
|
|
33
35
|
const typescript_1 = require("typescript");
|
|
34
36
|
exports.PROVISIONING_ACCESS_MESSAGE = "Waiting for access to be provisioned";
|
|
35
37
|
exports.EXISTING_ACCESS_MESSAGE = "Existing access found.";
|
|
@@ -64,16 +66,35 @@ const requestArgs = (yargs) => yargs
|
|
|
64
66
|
exports.requestArgs = requestArgs;
|
|
65
67
|
const resolveCode = (permission, logMessage) => {
|
|
66
68
|
const { status } = permission;
|
|
69
|
+
// Get the active span from OpenTelemetry context
|
|
70
|
+
const activeSpan = api_2.trace.getActiveSpan();
|
|
67
71
|
if (isCompletedStatus(status)) {
|
|
68
72
|
const { message, code } = COMPLETED_REQUEST_STATUSES[status];
|
|
69
73
|
const errorMessage = permission.error
|
|
70
74
|
? `${message}: ${permission.error.message}`
|
|
71
75
|
: message;
|
|
76
|
+
// Mark span based on request outcome
|
|
77
|
+
if (activeSpan) {
|
|
78
|
+
if (code !== 0) {
|
|
79
|
+
(0, otel_helpers_1.markSpanError)(activeSpan, `Request ${status}: ${errorMessage}`);
|
|
80
|
+
}
|
|
81
|
+
activeSpan.setAttribute("request.status", status);
|
|
82
|
+
activeSpan.setAttribute("request.exitCode", code);
|
|
83
|
+
}
|
|
84
|
+
// TODO(ENG-6770): Consider adding debug logging when activeSpan is null to detect
|
|
85
|
+
// when resolveCode is called outside of traced contexts
|
|
72
86
|
if (code !== 0 || logMessage)
|
|
73
87
|
(0, stdio_1.print2)(errorMessage);
|
|
74
88
|
return code;
|
|
75
89
|
}
|
|
76
90
|
else {
|
|
91
|
+
// Request timed out
|
|
92
|
+
if (activeSpan) {
|
|
93
|
+
(0, otel_helpers_1.markSpanError)(activeSpan, "Request timed out after 5 minutes");
|
|
94
|
+
activeSpan.setAttribute("request.status", "TIMEOUT");
|
|
95
|
+
activeSpan.setAttribute("request.exitCode", 4);
|
|
96
|
+
}
|
|
97
|
+
// TODO(ENG-6770): Consider adding debug logging when activeSpan is null
|
|
77
98
|
(0, stdio_1.print2)("Your request did not complete within 5 minutes.");
|
|
78
99
|
return 4;
|
|
79
100
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"request.js","sourceRoot":"","sources":["../../../../src/commands/shared/request.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,2CAAwE;AACxE,6CAAkD;AAClD,+CAAwD;
|
|
1
|
+
{"version":3,"file":"request.js","sourceRoot":"","sources":["../../../../src/commands/shared/request.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,2CAAwE;AACxE,6CAAkD;AAClD,+CAAwD;AACxD,mEAAiE;AAOjE,4CAA2C;AAC3C,2CAAiC;AAGpB,QAAA,2BAA2B,GACtC,sCAAsC,CAAC;AAC5B,QAAA,uBAAuB,GAAG,wBAAwB,CAAC;AACnD,QAAA,2BAA2B,GACtC,wCAAwC,CAAC;AAE3C,MAAM,QAAQ,GAAG,EAAE,OAAO,EAAE,2BAA2B,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;AACnE,MAAM,MAAM,GAAG,EAAE,OAAO,EAAE,yBAAyB,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;AAC/D,MAAM,OAAO,GAAG,EAAE,OAAO,EAAE,mCAAmC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;AAE1E,MAAM,0BAA0B,GAAG;IACjC,QAAQ;IACR,iBAAiB,EAAE,QAAQ;IAC3B,IAAI,EAAE,QAAQ;IACd,aAAa,EAAE,QAAQ;IACvB,MAAM;IACN,OAAO;CACR,CAAC;AAEF,MAAM,iBAAiB,GAAG,CACxB,MAAW,EACwC,EAAE,CACrD,MAAM,IAAI,0BAA0B,CAAC;AAEhC,MAAM,WAAW,GAAG,CAAI,KAAoB,EAAE,EAAE,CACrD,KAAK;KACF,mBAAmB,CAAC,EAAE,yBAAyB,EAAE,IAAI,EAAE,CAAC;KACxD,IAAI,CAAC,KAAK,CAAC,CAAC,4HAA4H;KACxI,MAAM,CAAC,MAAM,EAAE;IACd,KAAK,EAAE,GAAG;IACV,OAAO,EAAE,IAAI;IACb,OAAO,EAAE,KAAK;IACd,QAAQ,EAAE,sCAAsC;CACjD,CAAC;KACD,MAAM,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,0BAA0B,EAAE,CAAC;KAC1E,MAAM,CAAC,WAAW,EAAE;IACnB,KAAK,EAAE,IAAI;IACX,MAAM,EAAE,IAAI;IACZ,OAAO,EAAE,EAAc;CACxB,CAAC,CAAC;AAfM,QAAA,WAAW,eAejB;AAEP,MAAM,WAAW,GAAG,CAClB,UAA4C,EAC5C,UAAmB,EACnB,EAAE;IACF,MAAM,EAAE,MAAM,EAAE,GAAG,UAAU,CAAC;IAE9B,iDAAiD;IACjD,MAAM,UAAU,GAAG,WAAK,CAAC,aAAa,EAAE,CAAC;IAEzC,IAAI,iBAAiB,CAAC,MAAM,CAAC,EAAE;QAC7B,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,0BAA0B,CAAC,MAAM,CAAC,CAAC;QAC7D,MAAM,YAAY,GAAG,UAAU,CAAC,KAAK;YACnC,CAAC,CAAC,GAAG,OAAO,KAAK,UAAU,CAAC,KAAK,CAAC,OAAO,EAAE;YAC3C,CAAC,CAAC,OAAO,CAAC;QAEZ,qCAAqC;QACrC,IAAI,UAAU,EAAE;YACd,IAAI,IAAI,KAAK,CAAC,EAAE;gBACd,IAAA,4BAAa,EAAC,UAAU,EAAE,WAAW,MAAM,KAAK,YAAY,EAAE,CAAC,CAAC;aACjE;YACD,UAAU,CAAC,YAAY,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC;YAClD,UAAU,CAAC,YAAY,CAAC,kBAAkB,EAAE,IAAI,CAAC,CAAC;SACnD;QACD,kFAAkF;QAClF,wDAAwD;QAExD,IAAI,IAAI,KAAK,CAAC,IAAI,UAAU;YAAE,IAAA,cAAM,EAAC,YAAY,CAAC,CAAC;QACnD,OAAO,IAAI,CAAC;KACb;SAAM;QACL,oBAAoB;QACpB,IAAI,UAAU,EAAE;YACd,IAAA,4BAAa,EAAC,UAAU,EAAE,mCAAmC,CAAC,CAAC;YAC/D,UAAU,CAAC,YAAY,CAAC,gBAAgB,EAAE,SAAS,CAAC,CAAC;YACrD,UAAU,CAAC,YAAY,CAAC,kBAAkB,EAAE,CAAC,CAAC,CAAC;SAChD;QACD,wEAAwE;QACxE,IAAA,cAAM,EAAC,iDAAiD,CAAC,CAAC;QAC1D,OAAO,CAAC,CAAC;KACV;AACH,CAAC,CAAC;AAEK,MAAM,OAAO,GAClB,CAAC,OAA4B,EAAE,EAAE,CACjC,CACE,IAIE,EACF,KAAa,EACb,OAGC,EACwC,EAAE;IAC3C,MAAM,aAAa,GAAG,KAAK,aAAL,KAAK,cAAL,KAAK,GAAI,CAAC,MAAM,IAAA,mBAAY,GAAE,CAAC,CAAC;IAEtD,MAAM,aAAa,GAAG,CAAC,OAAgB,EAAE,EAAE;QACzC,QAAQ,OAAO,EAAE;YACf,KAAK,mBAAmB;gBACtB,OAAO,2BAA2B,CAAC;YACrC;gBACE,OAAO,mBAAmB,CAAC;SAC9B;IACH,CAAC,CAAC;IAEF,MAAM,iBAAiB,GAAG,CACxB,OAAgD,EAChD,EAAE;QACF,OAAO,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,KAAI,OAAO;YAChC,CAAC,CAAC,MAAM,IAAA,iBAAS,EAAC,aAAa,CAAC,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,CAAC,EAAE,OAAO,CAAC;YAC3D,CAAC,CAAC,MAAM,OAAO,CAAC;IACpB,CAAC,CAAA,CAAC;IAEF,MAAM,eAAe,GAAG,CACtB,IAAoC,EACqB,EAAE;QAC3D,IAAI,IAAI,IAAI,IAAI,IAAI,IAAI,IAAI,SAAS,IAAI,IAAI,IAAI,IAAI,CAAC,EAAE,EAAE;YACxD,MAAM,gBAAgB,GACpB,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,CAAA;gBACjB,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,MAAK,KAAK;gBAC1B,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,MAAK,mBAAmB;oBACvC,CAAC,IAAI,CAAC,aAAa;oBACnB,CAAC,IAAI,CAAC,YAAY;oBAClB,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YACzB,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,CAAC;SACnC;aAAM;YACL,MAAM,IAAI,CAAC;SACZ;IACH,CAAC,CAAC;IAEF,MAAM,aAAa,GAAG,GAAS,EAAE;QAC/B,MAAM,mBAAmB,GAAG,IAAA,kBAAY,EACtC,aAAa,EACb,IAAI,EACJ,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,CAC7B,CAAC;QACF,MAAM,QAAQ,GAAG,MAAM,iBAAiB,CAAC,mBAAmB,CAAC,CAAC;QAC9D,MAAM,EAAE,IAAI,EAAE,gBAAgB,EAAE,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAC;QAC7D,IAAI,gBAAgB;YAAE,IAAA,cAAM,EAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC3C,OAAO,IAAI,CAAC;IACd,CAAC,CAAA,CAAC;IAEF,MAAM,uBAAuB,GAAG,GAAS,EAAE;;QACzC,MAAM,8BAA8B,GAAG,IAAA,2BAAqB,EAE1D,aAAa,EAAE,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;QACjE,MAAM,6BAA6B,GAAG,GAAS,EAAE;YAC/C,MAAM,cAAc,GAAG,MAAM,8BAA8B,CAAC,IAAI,EAAE,CAAC;YACnE,IAAI,cAAc,CAAC,IAAI,EAAE;gBACvB,OAAO,SAAS,CAAC;aAClB;YACD,OAAO,cAAc,CAAC,KAAK,CAAC;QAC9B,CAAC,CAAA,CAAC;QACF,MAAM,UAAU,GAAG,MAAM,iBAAiB,CACxC,6BAA6B,EAAE,CAChC,CAAC;QACF,MAAM,EAAE,IAAI,EAAE,gBAAgB,EAAE,GAAG,eAAe,CAAC,UAAU,CAAC,CAAC;QAC/D,IAAI,gBAAgB,EAAE;YACpB,IAAA,cAAM,EAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACrB,IAAA,cAAM,EAAC,2DAA2D,CAAC,CAAC;SACrE;;YACD,KAA8B,eAAA,mCAAA,cAAA,8BAA8B,CAAA,oCAAA;gBAA9B,8CAA8B;gBAA9B,WAA8B;;oBAAjD,MAAM,SAAS,KAAA,CAAA;oBACxB,IAAI,CAAC,SAAS,EAAE;wBACd,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;qBAC5D;oBACD,MAAM,IAAI,GAAG,WAAW,CACtB,SAAS,CAAC,OAA2C,EACrD,gBAAgB,CACjB,CAAC;oBACF,IAAI,IAAI,EAAE;wBACR,gBAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;wBACf,OAAO,SAAS,CAAC;qBAClB;oBACD,OAAO,SAAS,CAAC;;;;;aAClB;;;;;;;;;QACD,MAAM,IAAI,CAAC;IACb,CAAC,CAAA,CAAC;IAEF,IAAI;QACF,OAAO,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC,uBAAuB,EAAE,CAAC,CAAC;KACzE;IAAC,OAAO,KAAU,EAAE;QACnB,IAAI,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,IAAI,KAAK,cAAc,EAAE;YAC3D,IAAA,cAAM,EAAC,iDAAiD,CAAC,CAAC;SAC3D;QACD,IACE,KAAK,YAAY,KAAK;YACtB,CAAC,KAAK,CAAC,IAAI,KAAK,YAAY,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY,CAAC,EAC5D;YACA,IAAA,cAAM,EAAC,kDAAkD,CAAC,CAAC;SAC5D;QACD,MAAM,KAAK,CAAC;KACb;AACH,CAAC,CAAA,CAAC;AAhHS,QAAA,OAAO,WAgHhB;AAEG,MAAM,gBAAgB,GAAG,CAC9B,IAGE,EACF,KAAY,EACZ,EAAE;IACF,IAAI;QACF,MAAM,QAAQ,GAAG,MAAM,IAAA,eAAO,EAAC,SAAS,CAAC,iCAAM,IAAI,KAAE,IAAI,EAAE,IAAI,KAAI,KAAK,EAAE;YACxE,OAAO,EAAE,mBAAmB;SAC7B,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,EAAE;YACb,IAAA,cAAM,EAAC,uCAAuC,CAAC,CAAC;YAChD,OAAO;SACR;QAED,MAAM,EAAE,aAAa,EAAE,GAAG,QAAQ,CAAC;QAEnC,IAAA,cAAM,EACJ,CAAC,aAAa,CAAC,CAAC,CAAC,mCAA2B,CAAC,CAAC,CAAC,+BAAuB,CACvE,CAAC;KACH;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,KAAK,KAAK,mCAA2B,EAAE;YACzC,IAAA,cAAM,EAAC,+BAAuB,CAAC,CAAC;SACjC;aAAM;YACL,MAAM,KAAK,CAAC;SACb;KACF;AACH,CAAC,CAAA,CAAC;AA7BW,QAAA,gBAAgB,oBA6B3B"}
|
|
@@ -47,6 +47,10 @@ export type SshAdditionalSetup = {
|
|
|
47
47
|
teardown: () => Promise<void>;
|
|
48
48
|
};
|
|
49
49
|
export declare const SSH_PROVIDERS: Record<SupportedSshProvider, SshProvider<any, any, any, any>>;
|
|
50
|
+
/** Returns true if sudo should be enabled by default.
|
|
51
|
+
* Set P0_SSH_SUDO=1 to enable sudo by default.
|
|
52
|
+
*/
|
|
53
|
+
export declare const getDefaultSudo: () => boolean;
|
|
50
54
|
export declare const isSudoCommand: (args: {
|
|
51
55
|
sudo?: boolean;
|
|
52
56
|
command?: string;
|
|
@@ -9,7 +9,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
9
9
|
});
|
|
10
10
|
};
|
|
11
11
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
-
exports.prepareRequest = exports.provisionRequest = exports.isSudoCommand = exports.SSH_PROVIDERS = void 0;
|
|
12
|
+
exports.prepareRequest = exports.provisionRequest = exports.isSudoCommand = exports.getDefaultSudo = exports.SSH_PROVIDERS = void 0;
|
|
13
13
|
/** Copyright © 2024-present P0 Security
|
|
14
14
|
|
|
15
15
|
This file is part of @p0security/cli
|
|
@@ -25,6 +25,7 @@ const keys_1 = require("../../common/keys");
|
|
|
25
25
|
const api_1 = require("../../drivers/api");
|
|
26
26
|
const config_1 = require("../../drivers/config");
|
|
27
27
|
const stdio_1 = require("../../drivers/stdio");
|
|
28
|
+
const otel_helpers_1 = require("../../opentelemetry/otel-helpers");
|
|
28
29
|
const ssh_1 = require("../../plugins/aws/ssh");
|
|
29
30
|
const ssh_2 = require("../../plugins/azure/ssh");
|
|
30
31
|
const ssh_3 = require("../../plugins/google/ssh");
|
|
@@ -51,6 +52,15 @@ const validateSshInstall = (authn, args) => __awaiter(void 0, void 0, void 0, fu
|
|
|
51
52
|
throw "This organization is not configured for SSH access";
|
|
52
53
|
}
|
|
53
54
|
});
|
|
55
|
+
/** Returns true if sudo should be enabled by default.
|
|
56
|
+
* Set P0_SSH_SUDO=1 to enable sudo by default.
|
|
57
|
+
*/
|
|
58
|
+
const getDefaultSudo = () => {
|
|
59
|
+
var _a;
|
|
60
|
+
const sudo = process.env.P0_SSH_SUDO;
|
|
61
|
+
return !!sudo && sudo !== "0" && ((_a = sudo.toLowerCase) === null || _a === void 0 ? void 0 : _a.call(sudo)) !== "false";
|
|
62
|
+
};
|
|
63
|
+
exports.getDefaultSudo = getDefaultSudo;
|
|
54
64
|
const isSudoCommand = (args) => args.sudo || args.command === "sudo";
|
|
55
65
|
exports.isSudoCommand = isSudoCommand;
|
|
56
66
|
const provisionRequest = (authn, args, destination, options) => __awaiter(void 0, void 0, void 0, function* () {
|
|
@@ -127,19 +137,24 @@ const pluginToCliRequest = (request, options) => __awaiter(void 0, void 0, void
|
|
|
127
137
|
return yield exports.SSH_PROVIDERS[request.permission.provider].toCliRequest(request, options);
|
|
128
138
|
});
|
|
129
139
|
const prepareRequest = (authn, args, destination, options) => __awaiter(void 0, void 0, void 0, function* () {
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
|
|
140
|
+
return yield (0, otel_helpers_1.traceSpan)("ssh.prepareRequest", (span) => __awaiter(void 0, void 0, void 0, function* () {
|
|
141
|
+
var _a, _b;
|
|
142
|
+
span.setAttribute("destination", destination);
|
|
143
|
+
const result = yield (0, exports.provisionRequest)(authn, args, destination, options);
|
|
144
|
+
if (!result) {
|
|
145
|
+
throw `Server did not return a request id. ${(0, config_1.getContactMessage)()}`;
|
|
146
|
+
}
|
|
147
|
+
const { requestId, publicKey, provisionedRequest } = result;
|
|
148
|
+
const sshProvider = exports.SSH_PROVIDERS[provisionedRequest.permission.provider];
|
|
149
|
+
span.setAttribute("provider", provisionedRequest.permission.provider);
|
|
150
|
+
span.setAttribute("requestId", requestId);
|
|
151
|
+
yield ((_a = sshProvider.submitPublicKey) === null || _a === void 0 ? void 0 : _a.call(sshProvider, authn, provisionedRequest, requestId, publicKey, args.debug));
|
|
152
|
+
yield sshProvider.ensureInstall();
|
|
153
|
+
const cliRequest = yield pluginToCliRequest(provisionedRequest, Object.assign(Object.assign({}, args), { publicKey }));
|
|
154
|
+
const request = sshProvider.requestToSsh(cliRequest);
|
|
155
|
+
const sshHostKeys = yield ((_b = sshProvider.saveHostKeys) === null || _b === void 0 ? void 0 : _b.call(sshProvider, request, args));
|
|
156
|
+
return Object.assign(Object.assign({}, result), { request, sshProvider, provisionedRequest, sshHostKeys });
|
|
157
|
+
}));
|
|
143
158
|
});
|
|
144
159
|
exports.prepareRequest = prepareRequest;
|
|
145
160
|
//# sourceMappingURL=ssh.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ssh.js","sourceRoot":"","sources":["../../../../src/commands/shared/ssh.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,wBAA0C;AAC1C,4CAAkD;AAClD,2CAA2D;AAC3D,iDAAyD;AACzD,+CAA6C;AAC7C,+CAAuD;AACvD,iDAA2D;AAC3D,kDAA0D;AAC1D,uDAAsE;AAItE,yCAMyB;AACzB,uCAAoC;AACpC,mCAA8B;AAC9B,2CAAiC;AA0DpB,QAAA,aAAa,GAGtB;IACF,GAAG,EAAE,oBAAc;IACnB,KAAK,EAAE,sBAAgB;IACvB,MAAM,EAAE,oBAAc;IACtB,aAAa,EAAE,2BAAqB;CACrC,CAAC;AAEF,MAAM,kBAAkB,GAAG,CACzB,KAAY,EACZ,IAAkD,EAClD,EAAE;IACF,MAAM,SAAS,GAAG,MAAM,IAAA,4BAAsB,EAC5C,KAAK,EACL,KAAK,EACL,IAAI,CAAC,KAAK,CACX,CAAC;IACF,MAAM,WAAW,GAAG,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,MAAM,CAAC,WAAW,CAAC,CAAC;IAEnD,MAAM,gBAAgB,GAAG,IAAI,CAAC,QAAQ;QACpC,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC;QACjB,CAAC,CAAC,2BAAqB,CAAC;IAE1B,MAAM,KAAK,GAAG,MAAM,CAAC,OAAO,CAAC,WAAW,aAAX,WAAW,cAAX,WAAW,GAAI,EAAE,CAAC,CAAC,MAAM,CACpD,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CACf,KAAK,CAAC,KAAK,IAAI,WAAW;QAC1B,gBAAgB,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAC5D,CAAC;IAEF,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;QACtB,MAAM,oDAAoD,CAAC;KAC5D;AACH,CAAC,CAAA,CAAC;AAEK,MAAM,aAAa,GAAG,CAAC,IAA0C,EAAE,EAAE,CAC1E,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,KAAK,MAAM,CAAC;AAD1B,QAAA,aAAa,iBACa;AAEhC,MAAM,gBAAgB,GAAG,CAC9B,KAAY,EACZ,IAAkD,EAClD,WAAmB,EACnB,OAA2B,EAC3B,EAAE;IACF,MAAM,kBAAkB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IAEtC,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,MAAM,IAAA,oBAAa,GAAE,CAAC;IAExD,MAAM,WAAW,GAAG,CAAO,cAAuC,EAAE,EAAE;QACpE,OAAO,MAAM,IAAA,iBAAO,EAAC,SAAS,CAAC,iCAExB,IAAA,aAAI,EAAC,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC,KACxB,SAAS,EAAE;gBACT,KAAK;gBACL,SAAS;gBACT,WAAW;gBACX,cAAc;gBACd,SAAS;gBACT,GAAG,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,YAAY,EAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBAChD,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,YAAY,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACvD,GAAG,CAAC,CAAA,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,SAAS,KAAI,IAAA,qBAAa,EAAC,IAAI,CAAC;oBAClD,CAAC,CAAC,CAAC,QAAQ,CAAC;oBACZ,CAAC,CAAC,EAAE,CAAC;gBACP,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACjD,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;aAClD,EACD,IAAI,EAAE,IAAI,EACV,KAAK,EAAE,IAAI,CAAC,KAAK,KAEnB,KAAK,EACL,EAAE,OAAO,EAAE,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,EAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,mBAAmB,EAAE,CAC5D,CAAC;IACJ,CAAC,CAAA,CAAC;IAEF,gHAAgH;IAChH,MAAM,mBAAmB,GAAG,CAAC,GAAQ,EAAE,EAAE;QACvC,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;YAC3B,IAAA,cAAM,EAAC,GAAG,CAAC,CAAC;YACZ,IACE,GAAG,CAAC,UAAU,CAAC,uCAAuC,CAAC;gBACvD,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,EACzB;gBACA,IAAA,cAAM,EACJ,wFAAwF,CACzF,CAAC;aACH;SACF;QACD,gBAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACd,CAAC,CAAC;IAEF,IAAI,QAAQ,CAAC;IACb,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,YAAY,EAAE;QACzB,sBAAsB;QACtB,IAAI;YACF,QAAQ,GAAG,MAAM,WAAW,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC,KAAK,CACrD,mBAAmB,CACpB,CAAC;SACH;QAAC,OAAO,KAAK,EAAE;YACd,kCAAkC;YAClC,IAAI,IAAI,CAAC,KAAK,EAAE;gBACd,IAAA,cAAM,EAAC,iDAAiD,CAAC,CAAC;aAC3D;YACD,QAAQ,GAAG,MAAM,WAAW,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;SAC3D;KACF;SAAM;QACL,wCAAwC;QACxC,QAAQ,GAAG,MAAM,WAAW,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;KAC3D;IAED,IAAI,CAAC,QAAQ,EAAE;QACb,IAAI,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,CAAA,EAAE;YACnB,IAAA,cAAM,EAAC,uCAAuC,CAAC,CAAC;SACjD;QACD,OAAO;KACR;IAED,MAAM,EAAE,EAAE,EAAE,aAAa,EAAE,GAAG,QAAQ,CAAC;IAEvC,MAAM,OAAO,GAAG,aAAa;QAC3B,CAAC,CAAC,iDAAiD;QACnD,CAAC,CAAC,sCAAsC,CAAC;IAC3C,IAAA,cAAM,EAAC,OAAO,CAAC,CAAC;IAEhB,MAAM,MAAM,GAAG,MAAM,IAAA,wBAAqB,EACxC,QAAQ,CAAC,OAAO,CACjB,CAAC;IAEF,IAAI,CAAC,MAAM;QAAE,gBAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAEzB,OAAO;QACL,SAAS,EAAE,EAAE;QACb,kBAAkB,EAAE,QAAQ,CAAC,OAAO;QACpC,SAAS;QACT,UAAU;KACX,CAAC;AACJ,CAAC,CAAA,CAAC;AAjGW,QAAA,gBAAgB,oBAiG3B;AAEF,MAAM,kBAAkB,GAAG,CACzB,OAA4C,EAC5C,OAA+C,EACJ,EAAE;IAC7C,OAAA,MAAM,qBAAa,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,YAAY,CAC3D,OAAc,EACd,OAAO,CACR,CAAA;EAAA,CAAC;AAEG,MAAM,cAAc,GAAG,CAC5B,KAAY,EACZ,IAAkD,EAClD,WAAmB,EACnB,OAA2B,EAC3B,EAAE
|
|
1
|
+
{"version":3,"file":"ssh.js","sourceRoot":"","sources":["../../../../src/commands/shared/ssh.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,wBAA0C;AAC1C,4CAAkD;AAClD,2CAA2D;AAC3D,iDAAyD;AACzD,+CAA6C;AAC7C,mEAA6D;AAC7D,+CAAuD;AACvD,iDAA2D;AAC3D,kDAA0D;AAC1D,uDAAsE;AAItE,yCAMyB;AACzB,uCAAoC;AACpC,mCAA8B;AAC9B,2CAAiC;AA0DpB,QAAA,aAAa,GAGtB;IACF,GAAG,EAAE,oBAAc;IACnB,KAAK,EAAE,sBAAgB;IACvB,MAAM,EAAE,oBAAc;IACtB,aAAa,EAAE,2BAAqB;CACrC,CAAC;AAEF,MAAM,kBAAkB,GAAG,CACzB,KAAY,EACZ,IAAkD,EAClD,EAAE;IACF,MAAM,SAAS,GAAG,MAAM,IAAA,4BAAsB,EAC5C,KAAK,EACL,KAAK,EACL,IAAI,CAAC,KAAK,CACX,CAAC;IACF,MAAM,WAAW,GAAG,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,MAAM,CAAC,WAAW,CAAC,CAAC;IAEnD,MAAM,gBAAgB,GAAG,IAAI,CAAC,QAAQ;QACpC,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC;QACjB,CAAC,CAAC,2BAAqB,CAAC;IAE1B,MAAM,KAAK,GAAG,MAAM,CAAC,OAAO,CAAC,WAAW,aAAX,WAAW,cAAX,WAAW,GAAI,EAAE,CAAC,CAAC,MAAM,CACpD,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CACf,KAAK,CAAC,KAAK,IAAI,WAAW;QAC1B,gBAAgB,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAC5D,CAAC;IAEF,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;QACtB,MAAM,oDAAoD,CAAC;KAC5D;AACH,CAAC,CAAA,CAAC;AAEF;;GAEG;AACI,MAAM,cAAc,GAAG,GAAY,EAAE;;IAC1C,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC;IACrC,OAAO,CAAC,CAAC,IAAI,IAAI,IAAI,KAAK,GAAG,IAAI,CAAA,MAAA,IAAI,CAAC,WAAW,oDAAI,MAAK,OAAO,CAAC;AACpE,CAAC,CAAC;AAHW,QAAA,cAAc,kBAGzB;AAEK,MAAM,aAAa,GAAG,CAAC,IAA0C,EAAE,EAAE,CAC1E,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,KAAK,MAAM,CAAC;AAD1B,QAAA,aAAa,iBACa;AAEhC,MAAM,gBAAgB,GAAG,CAC9B,KAAY,EACZ,IAAkD,EAClD,WAAmB,EACnB,OAA2B,EAC3B,EAAE;IACF,MAAM,kBAAkB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IAEtC,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,MAAM,IAAA,oBAAa,GAAE,CAAC;IAExD,MAAM,WAAW,GAAG,CAAO,cAAuC,EAAE,EAAE;QACpE,OAAO,MAAM,IAAA,iBAAO,EAAC,SAAS,CAAC,iCAExB,IAAA,aAAI,EAAC,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC,KACxB,SAAS,EAAE;gBACT,KAAK;gBACL,SAAS;gBACT,WAAW;gBACX,cAAc;gBACd,SAAS;gBACT,GAAG,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,YAAY,EAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBAChD,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,YAAY,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACvD,GAAG,CAAC,CAAA,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,SAAS,KAAI,IAAA,qBAAa,EAAC,IAAI,CAAC;oBAClD,CAAC,CAAC,CAAC,QAAQ,CAAC;oBACZ,CAAC,CAAC,EAAE,CAAC;gBACP,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACjD,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;aAClD,EACD,IAAI,EAAE,IAAI,EACV,KAAK,EAAE,IAAI,CAAC,KAAK,KAEnB,KAAK,EACL,EAAE,OAAO,EAAE,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,EAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,mBAAmB,EAAE,CAC5D,CAAC;IACJ,CAAC,CAAA,CAAC;IAEF,gHAAgH;IAChH,MAAM,mBAAmB,GAAG,CAAC,GAAQ,EAAE,EAAE;QACvC,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;YAC3B,IAAA,cAAM,EAAC,GAAG,CAAC,CAAC;YACZ,IACE,GAAG,CAAC,UAAU,CAAC,uCAAuC,CAAC;gBACvD,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,EACzB;gBACA,IAAA,cAAM,EACJ,wFAAwF,CACzF,CAAC;aACH;SACF;QACD,gBAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACd,CAAC,CAAC;IAEF,IAAI,QAAQ,CAAC;IACb,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,YAAY,EAAE;QACzB,sBAAsB;QACtB,IAAI;YACF,QAAQ,GAAG,MAAM,WAAW,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC,KAAK,CACrD,mBAAmB,CACpB,CAAC;SACH;QAAC,OAAO,KAAK,EAAE;YACd,kCAAkC;YAClC,IAAI,IAAI,CAAC,KAAK,EAAE;gBACd,IAAA,cAAM,EAAC,iDAAiD,CAAC,CAAC;aAC3D;YACD,QAAQ,GAAG,MAAM,WAAW,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;SAC3D;KACF;SAAM;QACL,wCAAwC;QACxC,QAAQ,GAAG,MAAM,WAAW,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;KAC3D;IAED,IAAI,CAAC,QAAQ,EAAE;QACb,IAAI,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,CAAA,EAAE;YACnB,IAAA,cAAM,EAAC,uCAAuC,CAAC,CAAC;SACjD;QACD,OAAO;KACR;IAED,MAAM,EAAE,EAAE,EAAE,aAAa,EAAE,GAAG,QAAQ,CAAC;IAEvC,MAAM,OAAO,GAAG,aAAa;QAC3B,CAAC,CAAC,iDAAiD;QACnD,CAAC,CAAC,sCAAsC,CAAC;IAC3C,IAAA,cAAM,EAAC,OAAO,CAAC,CAAC;IAEhB,MAAM,MAAM,GAAG,MAAM,IAAA,wBAAqB,EACxC,QAAQ,CAAC,OAAO,CACjB,CAAC;IAEF,IAAI,CAAC,MAAM;QAAE,gBAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAEzB,OAAO;QACL,SAAS,EAAE,EAAE;QACb,kBAAkB,EAAE,QAAQ,CAAC,OAAO;QACpC,SAAS;QACT,UAAU;KACX,CAAC;AACJ,CAAC,CAAA,CAAC;AAjGW,QAAA,gBAAgB,oBAiG3B;AAEF,MAAM,kBAAkB,GAAG,CACzB,OAA4C,EAC5C,OAA+C,EACJ,EAAE;IAC7C,OAAA,MAAM,qBAAa,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,YAAY,CAC3D,OAAc,EACd,OAAO,CACR,CAAA;EAAA,CAAC;AAEG,MAAM,cAAc,GAAG,CAC5B,KAAY,EACZ,IAAkD,EAClD,WAAmB,EACnB,OAA2B,EAC3B,EAAE;IACF,OAAO,MAAM,IAAA,wBAAS,EAAC,oBAAoB,EAAE,CAAO,IAAI,EAAE,EAAE;;QAC1D,IAAI,CAAC,YAAY,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC;QAE9C,MAAM,MAAM,GAAG,MAAM,IAAA,wBAAgB,EAAC,KAAK,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,CAAC,CAAC;QACzE,IAAI,CAAC,MAAM,EAAE;YACX,MAAM,uCAAuC,IAAA,0BAAiB,GAAE,EAAE,CAAC;SACpE;QAED,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,kBAAkB,EAAE,GAAG,MAAM,CAAC;QAE5D,MAAM,WAAW,GAAG,qBAAa,CAAC,kBAAkB,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;QAE1E,IAAI,CAAC,YAAY,CAAC,UAAU,EAAE,kBAAkB,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;QACtE,IAAI,CAAC,YAAY,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;QAE1C,MAAM,CAAA,MAAA,WAAW,CAAC,eAAe,4DAC/B,KAAK,EACL,kBAAkB,EAClB,SAAS,EACT,SAAS,EACT,IAAI,CAAC,KAAK,CACX,CAAA,CAAC;QAEF,MAAM,WAAW,CAAC,aAAa,EAAE,CAAC;QAElC,MAAM,UAAU,GAAG,MAAM,kBAAkB,CAAC,kBAAkB,kCACzD,IAAI,KACP,SAAS,IACT,CAAC;QAEH,MAAM,OAAO,GAAG,WAAW,CAAC,YAAY,CAAC,UAAU,CAAC,CAAC;QAErD,MAAM,WAAW,GAAG,MAAM,CAAA,MAAA,WAAW,CAAC,YAAY,4DAAG,OAAO,EAAE,IAAI,CAAC,CAAA,CAAC;QAEpE,uCAAY,MAAM,KAAE,OAAO,EAAE,WAAW,EAAE,kBAAkB,EAAE,WAAW,IAAG;IAC9E,CAAC,CAAA,CAAC,CAAC;AACL,CAAC,CAAA,CAAC;AA1CW,QAAA,cAAc,kBA0CzB"}
|
|
@@ -21,6 +21,7 @@ This file is part of @p0security/cli
|
|
|
21
21
|
You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
|
|
22
22
|
**/
|
|
23
23
|
const auth_1 = require("../drivers/auth");
|
|
24
|
+
const otel_helpers_1 = require("../opentelemetry/otel-helpers");
|
|
24
25
|
const ssh_1 = require("../plugins/ssh");
|
|
25
26
|
const util_1 = require("../util");
|
|
26
27
|
const ssh_2 = require("./shared/ssh");
|
|
@@ -42,7 +43,8 @@ const sshCommand = (yargs) => yargs.command("ssh <destination> [command [argumen
|
|
|
42
43
|
})
|
|
43
44
|
.option("sudo", {
|
|
44
45
|
type: "boolean",
|
|
45
|
-
describe: "Add user to sudoers file",
|
|
46
|
+
describe: "Add user to sudoers file. Set P0_SSH_SUDO=1 to enable by default.",
|
|
47
|
+
default: (0, ssh_2.getDefaultSudo)(),
|
|
46
48
|
})
|
|
47
49
|
// Match `p0 request --reason`
|
|
48
50
|
.option("reason", {
|
|
@@ -81,34 +83,45 @@ exports.sshCommand = sshCommand;
|
|
|
81
83
|
* - AWS EC2 via SSM with Okta SAML
|
|
82
84
|
*/
|
|
83
85
|
const sshAction = (args) => __awaiter(void 0, void 0, void 0, function* () {
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
sshHostKeys,
|
|
86
|
+
yield (0, otel_helpers_1.traceSpan)("ssh.command", (span) => __awaiter(void 0, void 0, void 0, function* () {
|
|
87
|
+
span.setAttribute("destination", args.destination);
|
|
88
|
+
if (args.provider) {
|
|
89
|
+
span.setAttribute("provider", args.provider);
|
|
90
|
+
}
|
|
91
|
+
if (args.sudo) {
|
|
92
|
+
span.setAttribute("sudo", args.sudo);
|
|
93
|
+
}
|
|
94
|
+
// Clean up any stale SSH config files before proceeding
|
|
95
|
+
yield (0, ssh_cleanup_1.cleanupStaleSshConfigs)(args.debug);
|
|
96
|
+
// Prefix is required because the backend uses it to determine that this is an AWS request
|
|
97
|
+
const authn = yield (0, auth_1.authenticate)(args);
|
|
98
|
+
const sshOptions = Array.isArray(args["--"])
|
|
99
|
+
? args["--"].map(String)
|
|
100
|
+
: [];
|
|
101
|
+
args.sshOptions = sshOptions;
|
|
102
|
+
// TODO(ENG-3142): Azure SSH currently doesn't support specifying a port; throw an error if one is set.
|
|
103
|
+
if (args.provider === "azure" &&
|
|
104
|
+
sshOptions.some((opt) => opt.startsWith("-p"))) {
|
|
105
|
+
throw "Azure SSH does not currently support specifying a port. SSH on the target VM must be listening on the default port 22.";
|
|
106
|
+
}
|
|
107
|
+
const { request, requestId, privateKey, sshProvider, sshHostKeys } = yield (0, ssh_2.prepareRequest)(authn, args, args.destination);
|
|
108
|
+
const exitCode = yield (0, ssh_1.sshOrScp)({
|
|
109
|
+
authn,
|
|
110
|
+
request,
|
|
111
|
+
requestId,
|
|
112
|
+
cmdArgs: args,
|
|
113
|
+
privateKey,
|
|
114
|
+
sshProvider,
|
|
115
|
+
sshHostKeys,
|
|
116
|
+
});
|
|
117
|
+
// Force exit to prevent hanging due to orphaned child processes (e.g., session-manager-plugin)
|
|
118
|
+
// holding open file descriptors. See: https://github.com/aws/amazon-ssm-agent/issues/173
|
|
119
|
+
// Skip in tests to avoid killing the test runner
|
|
120
|
+
if (process.env.NODE_ENV !== "unit") {
|
|
121
|
+
(0, otel_helpers_1.exitProcess)(exitCode !== null && exitCode !== void 0 ? exitCode : 0);
|
|
122
|
+
}
|
|
123
|
+
}), {
|
|
124
|
+
command: "ssh",
|
|
106
125
|
});
|
|
107
|
-
// Force exit to prevent hanging due to orphaned child processes (e.g., session-manager-plugin)
|
|
108
|
-
// holding open file descriptors. See: https://github.com/aws/amazon-ssm-agent/issues/173
|
|
109
|
-
// Skip in tests to avoid killing the test runner
|
|
110
|
-
if (process.env.NODE_ENV !== "unit") {
|
|
111
|
-
process.exit(exitCode !== null && exitCode !== void 0 ? exitCode : 0);
|
|
112
|
-
}
|
|
113
126
|
});
|
|
114
127
|
//# sourceMappingURL=ssh.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ssh.js","sourceRoot":"","sources":["../../../src/commands/ssh.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,0CAA+C;AAC/C,wCAA0C;AAC1C,kCAAqC;AACrC,
|
|
1
|
+
{"version":3,"file":"ssh.js","sourceRoot":"","sources":["../../../src/commands/ssh.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,0CAA+C;AAC/C,gEAAuE;AACvE,wCAA0C;AAC1C,kCAAqC;AACrC,sCAA8E;AAC9E,sDAA8D;AAGvD,MAAM,UAAU,GAAG,CAAC,KAAiB,EAAE,EAAE,CAC9C,KAAK,CAAC,OAAO,CACX,2CAA2C,EAC3C,4BAA4B,EAC5B,CAAC,KAAK,EAAE,EAAE,CACR,KAAK;KACF,UAAU,CAAC,aAAa,EAAE;IACzB,IAAI,EAAE,QAAQ;IACd,YAAY,EAAE,IAAI;CACnB,CAAC;KACD,UAAU,CAAC,SAAS,EAAE;IACrB,IAAI,EAAE,QAAQ;IACd,QAAQ,EAAE,2BAA2B;CACtC,CAAC;KACD,UAAU,CAAC,WAAW,EAAE;IACvB,QAAQ,EAAE,mBAAmB;IAC7B,KAAK,EAAE,IAAI;IACX,MAAM,EAAE,IAAI;IACZ,OAAO,EAAE,EAAc;CACxB,CAAC;KACD,MAAM,CAAC,MAAM,EAAE;IACd,IAAI,EAAE,SAAS;IACf,QAAQ,EACN,mEAAmE;IACrE,OAAO,EAAE,IAAA,oBAAc,GAAE;CAC1B,CAAC;IACF,8BAA8B;KAC7B,MAAM,CAAC,QAAQ,EAAE;IAChB,QAAQ,EAAE,yBAAyB;IACnC,IAAI,EAAE,QAAQ;CACf,CAAC;KACD,MAAM,CAAC,QAAQ,EAAE;IAChB,IAAI,EAAE,QAAQ;IACd,QAAQ,EACN,qGAAqG;CACxG,CAAC;KACD,MAAM,CAAC,UAAU,EAAE;IAClB,IAAI,EAAE,QAAQ;IACd,QAAQ,EAAE,iDAAiD;IAC3D,OAAO,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,aAAa,CAAC;CACnD,CAAC;KACD,MAAM,CAAC,OAAO,EAAE;IACf,IAAI,EAAE,SAAS;IACf,QAAQ,EAAE,0BAA0B;CACrC,CAAC;KACD,KAAK,CAAC,gEAAgE,CAAC;IACxE,+DAA+D;KAC9D,mBAAmB,CAAC;IACnB,YAAY,EAAE,IAAI;CACnB,CAAC;KACD,QAAQ,CACP;;;;MAIJ,IAAA,iBAAU,GAAE,8FAA8F,CACvG,EAEL,SAAS,CACV,CAAC;AA3DS,QAAA,UAAU,cA2DnB;AAEJ;;;;;;GAMG;AACH,MAAM,SAAS,GAAG,CAAO,IAA8C,EAAE,EAAE;IACzE,MAAM,IAAA,wBAAS,EACb,aAAa,EACb,CAAO,IAAI,EAAE,EAAE;QACb,IAAI,CAAC,YAAY,CAAC,aAAa,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QACnD,IAAI,IAAI,CAAC,QAAQ,EAAE;YACjB,IAAI,CAAC,YAAY,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;SAC9C;QACD,IAAI,IAAI,CAAC,IAAI,EAAE;YACb,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;SACtC;QAED,wDAAwD;QACxD,MAAM,IAAA,oCAAsB,EAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAEzC,0FAA0F;QAC1F,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAY,EAAC,IAAI,CAAC,CAAC;QAEvC,MAAM,UAAU,GAAa,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACpD,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC;YACxB,CAAC,CAAC,EAAE,CAAC;QACP,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAE7B,uGAAuG;QACvG,IACE,IAAI,CAAC,QAAQ,KAAK,OAAO;YACzB,UAAU,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,EAC9C;YACA,MAAM,wHAAwH,CAAC;SAChI;QAED,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,EAAE,GAChE,MAAM,IAAA,oBAAc,EAAC,KAAK,EAAE,IAAI,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QAEtD,MAAM,QAAQ,GAAG,MAAM,IAAA,cAAQ,EAAC;YAC9B,KAAK;YACL,OAAO;YACP,SAAS;YACT,OAAO,EAAE,IAAI;YACb,UAAU;YACV,WAAW;YACX,WAAW;SACZ,CAAC,CAAC;QAEH,+FAA+F;QAC/F,yFAAyF;QACzF,iDAAiD;QACjD,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,MAAM,EAAE;YACnC,IAAA,0BAAW,EAAC,QAAQ,aAAR,QAAQ,cAAR,QAAQ,GAAI,CAAC,CAAC,CAAC;SAC5B;IACH,CAAC,CAAA,EACD;QACE,OAAO,EAAE,KAAK;KACf,CACF,CAAC;AACJ,CAAC,CAAA,CAAC"}
|
|
@@ -96,6 +96,7 @@ const withRedirectServer = (beginAuth, completeAuth, options) => __awaiter(void
|
|
|
96
96
|
});
|
|
97
97
|
// Register signal handlers to ensure cleanup on interruption
|
|
98
98
|
const signalHandler = () => {
|
|
99
|
+
// NOTE: Cannot use exitProcess() here - OAuth server runs outside of traced command context
|
|
99
100
|
void cleanup().finally(() => process.exit(0));
|
|
100
101
|
};
|
|
101
102
|
process.once("SIGINT", signalHandler);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.js","sourceRoot":"","sources":["../../../../src/common/auth/server.ts"],"names":[],"mappings":";AAAA;;;;;;;;;GASG;;;;;;;;;;;;;;;AAEH,qFAAqF;AACrF,qCAAmC;AACnC,sDAA8B;AAC9B,mCAA8B;AAC9B,+CAA4C;AAE5C,yCAA0C;AAC1C,uCAAiD;AACjD,6CAAuC;AAEvC,MAAM,WAAW,GAAG,IAAA,mBAAO,EAAC,GAAG,IAAA,gBAAI,EAAC,SAAS,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;AACrE,MAAM,iBAAiB,GAAG,uBAAuB,CAAC;AAClD,MAAM,YAAY,GAAG,aAAa,CAAC;AAEnC;;GAEG;AACH,MAAM,2BAA2B,GAAG,GAAG,CAAC;AAExC,MAAM,cAAc,GAAG,CACrB,KAAa,EACb,GAAqB,EACrB,WAAmB,EACnB,EAAE;IACF,MAAM,MAAM,GAAG,sBAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACpC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAChB,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,WAAW,CAAC,CAAC;IAC3C,GAAG,CAAC,SAAS,CAAC,gBAAgB,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAC9C,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACnB,CAAC,CAAC;AAEF,MAAM,eAAe,GAAG,CAAO,IAAY,EAAmB,EAAE;IAC9D,IAAI,IAAA,gBAAK,GAAE,EAAE;QACX,MAAM,IAAI,GAAG,IAAA,yBAAc,EAAC,IAAI,CAAC,CAAC;QAClC,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;KAC9C;IACD,MAAM,QAAQ,GAAG,IAAA,gBAAI,EAAC,WAAW,EAAE,IAAI,CAAC,CAAC;IACzC,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAQ,EAAC,QAAQ,CAAC,CAAC;IACvC,OAAO,KAAK,CAAC;AACf,CAAC,CAAA,CAAC;AAEF,8EAA8E;AACvE,MAAM,kBAAkB,GAAG,CAChC,SAA8C,EAC9C,YAAgD,EAChD,OAA2B,EAC3B,EAAE;;IACF,MAAM,GAAG,GAAG,IAAA,iBAAO,GAAE,CAAC;IAEtB,IAAI,eAAoC,CAAC;IACzC,IAAI,cAAoC,CAAC;IACzC,IAAI,KAAQ,CAAC;IACb,MAAM,eAAe,GAAG,IAAI,OAAO,CAAI,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACzD,eAAe,GAAG,OAAO,CAAC;QAC1B,cAAc,GAAG,MAAM,CAAC;IAC1B,CAAC,CAAC,CAAC;IAEH,MAAM,SAAS,GAAG,MAAM,eAAe,CAAC,iBAAiB,CAAC,CAAC;IAC3D,MAAM,YAAY,GAAG,MAAM,eAAe,CAAC,YAAY,CAAC,CAAC;IAEzD,GAAG,CAAC,GAAG,CAAC,cAAc,EAAE,CAAC,CAAC,EAAE,GAAG,EAAE,EAAE;QACjC,cAAc,CAAC,YAAY,EAAE,GAAG,EAAE,cAAc,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,MAAM,cAAc,GAAG,iBAAO,CAAC,MAAM,EAAE,CAAC;IACxC,cAAc,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;QACnC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAU,CAAC;QAC7B,YAAY,CAAC,KAAK,EAAE,KAAK,CAAC;aACvB,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE;YACf,cAAc,CAAC,SAAS,EAAE,GAAG,EAAE,0BAA0B,CAAC,CAAC;YAC3D,eAAe,CAAC,MAAM,CAAC,CAAC;QAC1B,CAAC,CAAC;aACD,KAAK,CAAC,CAAC,KAAU,EAAE,EAAE;;YACpB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,OAAO,mCAAI,KAAK,CAAC,CAAC;YAC9C,cAAc,CAAC,KAAK,CAAC,CAAC;QACxB,CAAC,CAAC,CAAC;IACP,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IAExB,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,IAAI,mCAAI,CAAC,CAAC,CAAC;IAE9C,kDAAkD;IAClD,MAAM,OAAO,GAAG,GAAS,EAAE;QACzB,MAAM,IAAA,YAAK,EAAC,2BAA2B,CAAC,CAAC;QACzC,MAAM,CAAC,mBAAmB,EAAE,CAAC;QAC7B,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC1C,MAAM,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;QACzD,CAAC,CAAC,CAAC,KAAK,CAAC,aAAI,CAAC,CAAC;IACjB,CAAC,CAAA,CAAC;IAEF,6DAA6D;IAC7D,MAAM,aAAa,GAAG,GAAG,EAAE;QACzB,KAAK,OAAO,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;IAChD,CAAC,CAAC;IACF,OAAO,CAAC,IAAI,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;IACtC,OAAO,CAAC,IAAI,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;IAEvC,6CAA6C;IAC7C,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QAC1C,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC;QAC1C,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE;YAC7B,cAAc,CAAC,KAAK,CAAC,CAAC;YACtB,MAAM,CAAC,KAAK,CAAC,CAAC;QAChB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,IAAI;QACF,KAAK,GAAG,MAAM,SAAS,CAAC,MAAM,CAAC,CAAC;QAChC,OAAO,MAAM,eAAe,CAAC;KAC9B;YAAS;QACR,OAAO,CAAC,cAAc,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;QAChD,OAAO,CAAC,cAAc,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;QAEjD,MAAM,OAAO,EAAE,CAAC;KACjB;AACH,CAAC,CAAA,CAAC;
|
|
1
|
+
{"version":3,"file":"server.js","sourceRoot":"","sources":["../../../../src/common/auth/server.ts"],"names":[],"mappings":";AAAA;;;;;;;;;GASG;;;;;;;;;;;;;;;AAEH,qFAAqF;AACrF,qCAAmC;AACnC,sDAA8B;AAC9B,mCAA8B;AAC9B,+CAA4C;AAE5C,yCAA0C;AAC1C,uCAAiD;AACjD,6CAAuC;AAEvC,MAAM,WAAW,GAAG,IAAA,mBAAO,EAAC,GAAG,IAAA,gBAAI,EAAC,SAAS,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;AACrE,MAAM,iBAAiB,GAAG,uBAAuB,CAAC;AAClD,MAAM,YAAY,GAAG,aAAa,CAAC;AAEnC;;GAEG;AACH,MAAM,2BAA2B,GAAG,GAAG,CAAC;AAExC,MAAM,cAAc,GAAG,CACrB,KAAa,EACb,GAAqB,EACrB,WAAmB,EACnB,EAAE;IACF,MAAM,MAAM,GAAG,sBAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACpC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAChB,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,WAAW,CAAC,CAAC;IAC3C,GAAG,CAAC,SAAS,CAAC,gBAAgB,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAC9C,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACnB,CAAC,CAAC;AAEF,MAAM,eAAe,GAAG,CAAO,IAAY,EAAmB,EAAE;IAC9D,IAAI,IAAA,gBAAK,GAAE,EAAE;QACX,MAAM,IAAI,GAAG,IAAA,yBAAc,EAAC,IAAI,CAAC,CAAC;QAClC,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;KAC9C;IACD,MAAM,QAAQ,GAAG,IAAA,gBAAI,EAAC,WAAW,EAAE,IAAI,CAAC,CAAC;IACzC,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAQ,EAAC,QAAQ,CAAC,CAAC;IACvC,OAAO,KAAK,CAAC;AACf,CAAC,CAAA,CAAC;AAEF,8EAA8E;AACvE,MAAM,kBAAkB,GAAG,CAChC,SAA8C,EAC9C,YAAgD,EAChD,OAA2B,EAC3B,EAAE;;IACF,MAAM,GAAG,GAAG,IAAA,iBAAO,GAAE,CAAC;IAEtB,IAAI,eAAoC,CAAC;IACzC,IAAI,cAAoC,CAAC;IACzC,IAAI,KAAQ,CAAC;IACb,MAAM,eAAe,GAAG,IAAI,OAAO,CAAI,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACzD,eAAe,GAAG,OAAO,CAAC;QAC1B,cAAc,GAAG,MAAM,CAAC;IAC1B,CAAC,CAAC,CAAC;IAEH,MAAM,SAAS,GAAG,MAAM,eAAe,CAAC,iBAAiB,CAAC,CAAC;IAC3D,MAAM,YAAY,GAAG,MAAM,eAAe,CAAC,YAAY,CAAC,CAAC;IAEzD,GAAG,CAAC,GAAG,CAAC,cAAc,EAAE,CAAC,CAAC,EAAE,GAAG,EAAE,EAAE;QACjC,cAAc,CAAC,YAAY,EAAE,GAAG,EAAE,cAAc,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,MAAM,cAAc,GAAG,iBAAO,CAAC,MAAM,EAAE,CAAC;IACxC,cAAc,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;QACnC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAU,CAAC;QAC7B,YAAY,CAAC,KAAK,EAAE,KAAK,CAAC;aACvB,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE;YACf,cAAc,CAAC,SAAS,EAAE,GAAG,EAAE,0BAA0B,CAAC,CAAC;YAC3D,eAAe,CAAC,MAAM,CAAC,CAAC;QAC1B,CAAC,CAAC;aACD,KAAK,CAAC,CAAC,KAAU,EAAE,EAAE;;YACpB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,OAAO,mCAAI,KAAK,CAAC,CAAC;YAC9C,cAAc,CAAC,KAAK,CAAC,CAAC;QACxB,CAAC,CAAC,CAAC;IACP,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IAExB,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,IAAI,mCAAI,CAAC,CAAC,CAAC;IAE9C,kDAAkD;IAClD,MAAM,OAAO,GAAG,GAAS,EAAE;QACzB,MAAM,IAAA,YAAK,EAAC,2BAA2B,CAAC,CAAC;QACzC,MAAM,CAAC,mBAAmB,EAAE,CAAC;QAC7B,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC1C,MAAM,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;QACzD,CAAC,CAAC,CAAC,KAAK,CAAC,aAAI,CAAC,CAAC;IACjB,CAAC,CAAA,CAAC;IAEF,6DAA6D;IAC7D,MAAM,aAAa,GAAG,GAAG,EAAE;QACzB,4FAA4F;QAC5F,KAAK,OAAO,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;IAChD,CAAC,CAAC;IACF,OAAO,CAAC,IAAI,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;IACtC,OAAO,CAAC,IAAI,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;IAEvC,6CAA6C;IAC7C,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QAC1C,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC;QAC1C,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE;YAC7B,cAAc,CAAC,KAAK,CAAC,CAAC;YACtB,MAAM,CAAC,KAAK,CAAC,CAAC;QAChB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,IAAI;QACF,KAAK,GAAG,MAAM,SAAS,CAAC,MAAM,CAAC,CAAC;QAChC,OAAO,MAAM,eAAe,CAAC;KAC9B;YAAS;QACR,OAAO,CAAC,cAAc,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;QAChD,OAAO,CAAC,cAAc,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;QAEjD,MAAM,OAAO,EAAE,CAAC;KACjB;AACH,CAAC,CAAA,CAAC;AA3EW,QAAA,kBAAkB,sBA2E7B"}
|
|
@@ -70,7 +70,6 @@ You should have received a copy of the GNU General Public License along with @p0
|
|
|
70
70
|
const retry_1 = require("../common/retry");
|
|
71
71
|
const version_1 = require("../version");
|
|
72
72
|
const config_1 = require("./config");
|
|
73
|
-
const env_1 = require("./env");
|
|
74
73
|
const stdio_1 = require("./stdio");
|
|
75
74
|
const path = __importStar(require("node:path"));
|
|
76
75
|
// We retry with these delays: 1s, 2s, 4s, 8s, 16s, 30s, 30s, 30s
|
|
@@ -82,7 +81,7 @@ const RETRY_OPTIONS = {
|
|
|
82
81
|
multiplier: 2.0,
|
|
83
82
|
maxDelayMs: 30000,
|
|
84
83
|
};
|
|
85
|
-
const tenantOrgUrl = (tenant) =>
|
|
84
|
+
const tenantOrgUrl = (tenant) => `${(0, config_1.getAppUrl)()}/orgs/${tenant}`;
|
|
86
85
|
const tenantUrl = (tenant) => `${(0, config_1.getTenantConfig)().appUrl}/o/${tenant}`;
|
|
87
86
|
const publicKeysUrl = (tenant) => `${tenantUrl(tenant)}/integrations/ssh/public-keys`;
|
|
88
87
|
const certSignRequestUrl = (tenant) => `${tenantUrl(tenant)}/integrations/ssh/certificates`;
|