@p0security/cli 0.9.0 → 0.10.1

package/dist/plugins/google/ssh-key.js

@@ -60,6 +60,9 @@ const importSshKey = (publicKey, options) => __awaiter(void 0, void 0, void 0, f
             "Content-Type": "application/json",
         },
     });
+    if (!response.ok) {
+        throw `Import of SSH public key failed. HTTP error ${response.status}: ${yield response.text()}`;
+    }
     const data = yield response.json();
     if (debug) {
         (0, stdio_1.print2)(`Login profile for user after importing public key: ${JSON.stringify(data)}`);
@@ -78,3 +81,4 @@ const importSshKey = (publicKey, options) => __awaiter(void 0, void 0, void 0, f
     return posixAccount.username;
 });
 exports.importSshKey = importSshKey;
+//# sourceMappingURL=ssh-key.js.map

package/dist/plugins/google/ssh-key.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ssh-key.js","sourceRoot":"","sources":["../../../src/plugins/google/ssh-key.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,wDAAqD;AACrD,+CAA6C;AAG7C;;;;;;;;;;GAUG;AACI,MAAM,YAAY,GAAG,CAC1B,SAAiB,EACjB,OAA6B,EAC7B,EAAE;;IACF,MAAM,KAAK,GAAG,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,mCAAI,KAAK,CAAC;IACtC,yDAAyD;IACzD,MAAM,WAAW,GAAG,MAAM,IAAA,uBAAU,EAAC,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE,QAAQ,EAAE;QAC/D,MAAM;QACN,oBAAoB;KACrB,CAAC,CAAC;IAEH,MAAM,OAAO,GAAG,MAAM,IAAA,uBAAU,EAAC,EAAE,KAAK,EAAE,EAAE,QAAQ,EAAE;QACpD,QAAQ;QACR,WAAW;QACX,SAAS;KACV,CAAC,CAAC;IAEH,IAAI,KAAK,EAAE;QACT,IAAA,cAAM,EACJ,0BAA0B,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,mBAAmB,OAAO,EAAE,CAC/E,CAAC;KACH;IAED,MAAM,GAAG,GAAG,2CAA2C,OAAO,qBAAqB,CAAC;IACpF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;QAChC,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,GAAG,EAAE,SAAS;SACf,CAAC;QACF,OAAO,EAAE;YACP,aAAa,EAAE,UAAU,WAAW,EAAE;YACtC,cAAc,EAAE,kBAAkB;SACnC;KACF,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE;QAChB,MAAM,+CAA+C,QAAQ,CAAC,MAAM,KAAK,MAAM,QAAQ,CAAC,IAAI,EAAE,EAAE,CAAC;KAClG;IAED,MAAM,IAAI,GAA+B,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;IAC/D,IAAI,KAAK,EAAE;QACT,IAAA,cAAM,EACJ,sDAAsD,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAC7E,CAAC;KACH;IAED,MAAM,EAAE,YAAY,EAAE,GAAG,IAAI,CAAC;IAE9B,yEAAyE;IACzE,MAAM,aAAa,GAAG,YAAY,CAAC,aAAa,CAAC,MAAM,CACrD,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,mBAAmB,KAAK,OAAO,CACrD,CAAC;IAEF,MAAM,YAAY,GAChB,aAAa,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC;QAChD,YAAY,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC;IAEhC,IAAI,KAAK,EAAE;QACT,IAAA,cAAM,EAAC,2BAA2B,YAAY,aAAZ,YAAY,uBAAZ,YAAY,CAAE,QAAQ,EAAE,CAAC,CAAC;KAC7D;IAED,IAAI,CAAC,YAAY,EAAE;QACjB,MAAM,2HAA2H,CAAC;KACnI;IAED,OAAO,YAAY,CAAC,QAAQ,CAAC;AAC/B,CAAC,CAAA,CAAC;AAlEW,QAAA,YAAY,gBAkEvB"}

package/dist/plugins/google/ssh.js

@@ -21,6 +21,7 @@ This file is part of @p0security/cli
 You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
 **/
 const ssh_1 = require("../../commands/shared/ssh");
+const install_1 = require("./install");
 const ssh_key_1 = require("./ssh-key");
 /** Maximum number of attempts to start an SSH session
  *
@@ -42,6 +43,11 @@ exports.gcpSshProvider = {
                 linuxUserName: yield (0, ssh_key_1.importSshKey)(request.permission.spec.publicKey, options),
             } }));
     }),
+    ensureInstall: () => __awaiter(void 0, void 0, void 0, function* () {
+        if (!(yield (0, install_1.ensureGcpSshInstall)())) {
+            throw "Please try again after installing the required GCP utilities";
+        }
+    }),
     cloudProviderLogin: () => __awaiter(void 0, void 0, void 0, function* () { return undefined; }),
     proxyCommand: (request) => {
         return [
@@ -72,3 +78,4 @@ exports.gcpSshProvider = {
     maxRetries: MAX_SSH_RETRIES,
     friendlyName: "Google Cloud",
 };
+//# sourceMappingURL=ssh.js.map

package/dist/plugins/google/ssh.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ssh.js","sourceRoot":"","sources":["../../../src/plugins/google/ssh.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,mDAA0D;AAE1D,uCAAgD;AAChD,uCAAyC;AAGzC;;;GAGG;AACH,MAAM,eAAe,GAAG,GAAG,CAAC;AAEf,QAAA,cAAc,GAIvB;IACF,YAAY,EAAE,CAAC,OAAO,EAAE,EAAE;QACxB,OAAO;YACL,EAAE,EAAE,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY;YACxC,SAAS,EAAE,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS;YAC5C,IAAI,EAAE,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI;YAClC,aAAa,EAAE,OAAO,CAAC,YAAY,CAAC,aAAa;YACjD,IAAI,EAAE,QAAQ;SACf,CAAC;IACJ,CAAC;IACD,YAAY,EAAE,CAAO,OAAO,EAAE,OAAO,EAAE,EAAE;QAAC,OAAA,iCACrC,OAAO,KACV,YAAY,EAAE;gBACZ,aAAa,EAAE,MAAM,IAAA,sBAAY,EAC/B,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,EACjC,OAAO,CACR;aACF,IACD,CAAA;MAAA;IACF,aAAa,EAAE,GAAS,EAAE;QACxB,IAAI,CAAC,CAAC,MAAM,IAAA,6BAAmB,GAAE,CAAC,EAAE;YAClC,MAAM,8DAA8D,CAAC;SACtE;IACH,CAAC,CAAA;IACD,kBAAkB,EAAE,GAAS,EAAE,kDAAC,OAAA,SAAS,CAAA,GAAA;IACzC,YAAY,EAAE,CAAC,OAAO,EAAE,EAAE;QACxB,OAAO;YACL,QAAQ;YACR,SAAS;YACT,kBAAkB;YAClB,OAAO,CAAC,EAAE;YACV,IAAI;YACJ,kEAAkE;YAClE,oGAAoG;YACpG,oEAAoE;YACpE,kDAAkD;YAClD,mBAAmB;YACnB,UAAU,OAAO,CAAC,IAAI,EAAE;YACxB,aAAa,OAAO,CAAC,SAAS,EAAE;SACjC,CAAC;IACJ,CAAC;IACD,aAAa,EAAE,GAAG,EAAE,CAAC,SAAS;IAC9B,4BAA4B,EAAE,CAAC,OAAO,EAAE,EAAE;QACxC,IAAI,IAAA,mBAAa,EAAC,OAAO,CAAC,EAAE;YAC1B,uCACK,OAAO;gBACV,6GAA6G;gBAC7G,6HAA6H;gBAC7H,OAAO,EAAE,MAAM,EACf,SAAS,EAAE,CAAC,IAAI,CAAC,IACjB;SACH;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,UAAU,EAAE,eAAe;IAC3B,YAAY,EAAE,cAAc;CAC7B,CAAC"}

package/dist/plugins/google/types.d.ts

@@ -11,7 +11,7 @@ You should have received a copy of the GNU General Public License along with @p0
 import { PermissionSpec } from "../../types/request";
 import { CliPermissionSpec } from "../../types/ssh";
 import { CommonSshPermissionSpec } from "../ssh/types";
-export declare type GcpSshPermission = {
+export type GcpSshPermission = {
     spec: CommonSshPermissionSpec & {
         instanceName: string;
         projectId: string;
@@ -20,18 +20,18 @@ export declare type GcpSshPermission = {
     };
     type: "session";
 };
-export declare type GcpSshPermissionSpec = PermissionSpec<"ssh", GcpSshPermission>;
-export declare type GcpSsh = CliPermissionSpec<GcpSshPermissionSpec, {
+export type GcpSshPermissionSpec = PermissionSpec<"ssh", GcpSshPermission>;
+export type GcpSsh = CliPermissionSpec<GcpSshPermissionSpec, {
     linuxUserName: string;
 }>;
-export declare type GcpSshRequest = {
+export type GcpSshRequest = {
     linuxUserName: string;
     projectId: string;
     zone: string;
     id: string;
     type: "gcloud";
 };
-declare type PosixAccount = {
+type PosixAccount = {
     username: string;
     uid: string;
     gid: string;
@@ -39,19 +39,19 @@ declare type PosixAccount = {
     homeDirectory?: string;
     primary?: boolean;
 };
-declare type SshPublicKey = {
+type SshPublicKey = {
     key: string;
     fingerprint?: string;
     expirationTimeUsec?: number;
 };
-declare type LoginProfile = {
+type LoginProfile = {
     name: string;
     posixAccounts: PosixAccount[];
     sshPublicKeys: {
         [fingerprint: string]: SshPublicKey;
     };
 };
-export declare type ImportSshPublicKeyResponse = {
+export type ImportSshPublicKeyResponse = {
     loginProfile: LoginProfile;
 };
 export {};

package/dist/plugins/google/types.js

@@ -1,2 +1,3 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=types.js.map

package/dist/plugins/google/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/plugins/google/types.ts"],"names":[],"mappings":""}

package/dist/plugins/kubeconfig/index.d.ts

@@ -12,10 +12,14 @@ import { KubeconfigCommandArgs } from "../../commands/kubeconfig";
 import { Authn } from "../../types/identity";
 import { Request } from "../../types/request";
 import { AwsCredentials } from "../aws/types";
-import { EksClusterConfig, K8sGenerated, K8sPermissionSpec } from "./types";
+import { K8sGenerated, K8sPermissionSpec } from "./types";
 import yargs from "yargs";
 export declare const getAndValidateK8sIntegration: (authn: Authn, clusterId: string) => Promise<{
-    clusterConfig: EksClusterConfig;
+    clusterConfig: {
+        clusterId: string;
+        awsAccountId: string;
+        awsClusterArn: string;
+    };
     awsLoginType: "federated" | "idc";
 }>;
 export declare const requestAccessToCluster: (authn: Authn, args: yargs.ArgumentsCamelCase<KubeconfigCommandArgs>, clusterId: string, role: string) => Promise<Request<K8sPermissionSpec>>;

package/dist/plugins/kubeconfig/index.js

@@ -21,15 +21,18 @@ const aws_1 = require("../okta/aws");
 const firestore_2 = require("firebase/firestore");
 const lodash_1 = require("lodash");
 const getAndValidateK8sIntegration = (authn, clusterId) => __awaiter(void 0, void 0, void 0, function* () {
-    var _a;
+    var _a, _b;
     const configDoc = yield (0, firestore_2.getDoc)((0, firestore_1.doc)(`o/${authn.identity.org.tenantId}/integrations/k8s`));
     // Validation done here in lieu of the backend, since the backend doesn't validate until approval. TODO: ENG-2365.
-    const clusterConfig = (_a = configDoc
-        .data()) === null || _a === void 0 ? void 0 : _a.workflows.items.find((c) => c.clusterId === clusterId && c.state === "installed");
-    if (!clusterConfig) {
+    const config = (_b = (_a = configDoc.data()) === null || _a === void 0 ? void 0 : _a["iam-write"]) === null || _b === void 0 ? void 0 : _b[clusterId];
+    if (!config) {
         throw `Cluster with ID ${clusterId} not found`;
     }
-    const { awsAccountId, awsClusterArn } = clusterConfig;
+    if (config.state !== "installed" || config.provider.type !== "aws") {
+        throw `Cluster with ID ${clusterId} is not installed`;
+    }
+    const { provider } = config;
+    const { accountId: awsAccountId, clusterArn: awsClusterArn } = provider;
     if (!awsAccountId || !awsClusterArn) {
         throw (`This command currently only supports AWS EKS clusters, and ${clusterId} is not configured as one.\n` +
             "You can request access to the cluster using the `p0 request k8s` command.");
@@ -41,8 +44,11 @@ const getAndValidateK8sIntegration = (authn, clusterId) => __awaiter(void 0, voi
         throw "This AWS account is not configured for kubectl access via the P0 CLI.\nYou can request access to the cluster using the `p0 request k8s` command.";
     }
     return {
-        clusterConfig: Object.assign(Object.assign({}, clusterConfig), { awsAccountId,
-            awsClusterArn }),
+        clusterConfig: {
+            clusterId,
+            awsAccountId,
+            awsClusterArn,
+        },
         awsLoginType: awsLogin.type,
     };
 });
@@ -96,3 +102,4 @@ const awsCloudAuth = (authn, awsAccountId, generated, loginType) => __awaiter(vo
     }
 });
 exports.awsCloudAuth = awsCloudAuth;
+//# sourceMappingURL=index.js.map

package/dist/plugins/kubeconfig/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/plugins/kubeconfig/index.ts"],"names":[],"mappings":";;;;;;;;;;;;AAWA,kDAA4D;AAC5D,2DAAwD;AACxD,uDAA8C;AAC9C,+CAA6C;AAG7C,qCAAyC;AACzC,0CAA6C;AAC7C,oCAA+C;AAE/C,qCAAqD;AAErD,kDAA4C;AAC5C,mCAA8B;AAGvB,MAAM,4BAA4B,GAAG,CAC1C,KAAY,EACZ,SAAiB,EAQhB,EAAE;;IACH,MAAM,SAAS,GAAG,MAAM,IAAA,kBAAM,EAC5B,IAAA,eAAG,EAAC,KAAK,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,mBAAmB,CAAC,CACzD,CAAC;IAEF,kHAAkH;IAClH,MAAM,MAAM,GAAG,MAAA,MAAA,SAAS,CAAC,IAAI,EAAE,0CAAG,WAAW,CAAC,0CAAG,SAAS,CAAC,CAAC;IAC5D,IAAI,CAAC,MAAM,EAAE;QACX,MAAM,mBAAmB,SAAS,YAAY,CAAC;KAChD;IAED,IAAI,MAAM,CAAC,KAAK,KAAK,WAAW,IAAI,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,KAAK,EAAE;QAClE,MAAM,mBAAmB,SAAS,mBAAmB,CAAC;KACvD;IAED,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,CAAC;IAC5B,MAAM,EAAE,SAAS,EAAE,YAAY,EAAE,UAAU,EAAE,aAAa,EAAE,GAAG,QAAQ,CAAC;IAExE,IAAI,CAAC,YAAY,IAAI,CAAC,aAAa,EAAE;QACnC,MAAM,CACJ,8DAA8D,SAAS,8BAA8B;YACrG,2EAA2E,CAC5E,CAAC;KACH;IAED,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,IAAA,qBAAY,EAAC,KAAK,EAAE,YAAY,CAAC,CAAC;IACtE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,SAAS,CAAC;IAEtC,yEAAyE;IACzE,IAAI,CAAC,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,IAAI,CAAA,IAAI,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,IAAI,MAAK,KAAK,EAAE;QAC/C,MAAM,kJAAkJ,CAAC;KAC1J;IAED,OAAO;QACL,aAAa,EAAE;YACb,SAAS;YACT,YAAY;YACZ,aAAa;SACd;QACD,YAAY,EAAE,QAAQ,CAAC,IAAI;KAC5B,CAAC;AACJ,CAAC,CAAA,CAAC;AAnDW,QAAA,4BAA4B,gCAmDvC;AAEK,MAAM,sBAAsB,GAAG,CACpC,KAAY,EACZ,IAAqD,EACrD,SAAiB,EACjB,IAAY,EACyB,EAAE;IACvC,MAAM,QAAQ,GAAG,MAAM,IAAA,iBAAO,EAAC,SAAS,CAAC,iCAElC,IAAA,aAAI,EAAC,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC,KACxB,SAAS,EAAE;YACT,KAAK;YACL,UAAU;YACV,WAAW;YACX,SAAS;YACT,QAAQ;YACR,IAAI;YACJ,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACtD,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACjD,GAAG,CAAC,IAAI,CAAC,iBAAiB;gBACxB,CAAC,CAAC,CAAC,sBAAsB,EAAE,IAAI,CAAC,iBAAiB,CAAC;gBAClD,CAAC,CAAC,EAAE,CAAC;SACR,EACD,IAAI,EAAE,IAAI,KAEZ,KAAK,EACL,EAAE,OAAO,EAAE,mBAAmB,EAAE,CACjC,CAAC;IAEF,IAAI,CAAC,QAAQ,EAAE;QACb,MAAM,uCAAuC,CAAC;KAC/C;IACD,MAAM,EAAE,EAAE,EAAE,aAAa,EAAE,GAAG,QAAQ,CAAC;IACvC,IAAI,CAAC,aAAa,EAAE;QAClB,IAAA,cAAM,EACJ,qEAAqE,CACtE,CAAC;KACH;IAED,OAAO,MAAM,IAAA,4BAAmB,EAAoB,KAAK,EAAE,EAAE,CAAC,CAAC;AACjE,CAAC,CAAA,CAAC;AAvCW,QAAA,sBAAsB,0BAuCjC;AAEK,MAAM,WAAW,GAAG,CAAC,aAAqB,EAAU,EAAE,CAC3D,qBAAqB,aAAa,EAAE,CAAC;AAD1B,QAAA,WAAW,eACe;AAEhC,MAAM,YAAY,GAAG,CAC1B,KAAY,EACZ,YAAoB,EACpB,SAAuB,EACvB,SAA8B,EACL,EAAE;IAC3B,MAAM,EAAE,YAAY,EAAE,GAAG,SAAS,CAAC;IACnC,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,YAAY,CAAC;IAEnC,QAAQ,SAAS,EAAE;QACjB,KAAK,KAAK;YACR,IAAI,CAAC,GAAG,EAAE;gBACR,MAAM,+FAA+F,CAAC;aACvG;YAED,OAAO,MAAM,IAAA,uBAAiB,EAAC;gBAC7B,SAAS,EAAE,YAAY;gBACvB,aAAa,EAAE,IAAI;gBACnB,GAAG;aACJ,CAAC,CAAC;QACL,KAAK,WAAW;YACd,OAAO,MAAM,IAAA,4BAAsB,EAAC,KAAK,EAAE;gBACzC,SAAS,EAAE,YAAY;gBACvB,IAAI,EAAE,IAAI;aACX,CAAC,CAAC;QACL;YACE,MAAM,IAAA,kBAAW,EAAC,SAAS,CAAC,CAAC;KAChC;AACH,CAAC,CAAA,CAAC;AA5BW,QAAA,YAAY,gBA4BvB"}

package/dist/plugins/kubeconfig/install.js

@@ -63,3 +63,4 @@ const EksInstall = Object.assign(Object.assign({}, install_1.AwsInstall), { kube
     } });
 const ensureEksInstall = () => __awaiter(void 0, void 0, void 0, function* () { return yield (0, install_1.ensureInstall)(EksItems, EksInstall); });
 exports.ensureEksInstall = ensureEksInstall;
+//# sourceMappingURL=install.js.map

package/dist/plugins/kubeconfig/install.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"install.js","sourceRoot":"","sources":["../../../src/plugins/kubeconfig/install.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,kDAK8B;AAE9B,MAAM,QAAQ,GAAG,CAAC,GAAG,kBAAQ,EAAE,SAAS,CAAU,CAAC;AAGnD;;;;GAIG;AACH,MAAM,mBAAmB,GAAG,GAAW,EAAE;IACvC,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAE1B,QAAQ,IAAI,EAAE;QACZ,KAAK,KAAK,EAAE,4BAA4B;YACtC,OAAO,OAAO,CAAC;QACjB,KAAK,OAAO,EAAE,uBAAuB;YACnC,OAAO,IAAI,CAAC;QACd;YACE,MAAM,gDAAgD,IAAI,gFAAgF,CAAC;KAC9I;AACH,CAAC,CAAC;AAEF,MAAM,4BAA4B,GAAG,GAAuB,EAAE;IAC5D,MAAM,IAAI,GAAG,mBAAmB,EAAE,CAAC;IAEnC,4CAA4C;IAC5C,OAAO;QACL,qGAAqG,IAAI,WAAW;QACpH,kBAAkB;QAClB,8BAA8B;QAC9B,6CAA6C;QAC7C,yCAAyC;KAC1C,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,UAAU,mCACX,oBAAU,KACb,OAAO,EAAE;QACP,KAAK,EAAE,8BAA8B;QACrC,QAAQ,EAAE;YACR,IAAI,MAAM;gBACR,oFAAoF;gBACpF,uFAAuF;gBACvF,sFAAsF;gBACtF,wDAAwD;gBACxD,OAAO,4BAA4B,EAAE,CAAC;YACxC,CAAC;SACF;KACF,GACF,CAAC;AAEK,MAAM,gBAAgB,GAAG,GAAS,EAAE,kDACzC,OAAA,MAAM,IAAA,uBAAa,EAAC,QAAQ,EAAE,UAAU,CAAC,CAAA,GAAA,CAAC;AAD/B,QAAA,gBAAgB,oBACe"}

package/dist/plugins/kubeconfig/types.d.ts

@@ -9,32 +9,27 @@ This file is part of @p0security/cli
 You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
 **/
 import { PermissionSpec } from "../../types/request";
-export declare type K8sConfig = {
-    workflows: {
-        items: K8sClusterConfig[];
-    };
-};
-export declare type K8sClusterConfig = {
-    clusterId: string;
+export type K8sClusterConfig = {
+    label?: string;
     clusterServer: string;
     clusterCertificate: string;
+    isProxy: boolean;
+    token: string;
+    publicJwk?: string;
+    provider: {
+        type: "aws";
+        clusterArn: string;
+        accountId: string;
+    } | {
+        type: "email";
+    };
     state: string;
-    awsAccountId?: string;
-    awsClusterArn?: string;
-} & (KubernetesProxyComponentConfig | KubernetesPublicComponentConfig);
-export declare type EksClusterConfig = K8sClusterConfig & {
-    awsAccountId: string;
-    awsClusterArn: string;
-};
-declare type KubernetesProxyComponentConfig = {
-    isProxy: true;
-    publicJwk: string;
 };
-export declare type KubernetesPublicComponentConfig = {
-    isProxy: false;
+export type K8sConfig = {
+    "iam-write": Record<string, K8sClusterConfig>;
 };
-export declare type K8sPermissionSpec = PermissionSpec<"k8s", K8sResourcePermission, K8sGenerated>;
-export declare type K8sResourcePermission = {
+export type K8sPermissionSpec = PermissionSpec<"k8s", K8sResourcePermission, K8sGenerated>;
+export type K8sResourcePermission = {
     resource: {
         name: string;
         namespace: string;
@@ -44,7 +39,7 @@ export declare type K8sResourcePermission = {
     clusterId: string;
     type: "resource";
 };
-export declare type K8sGenerated = {
+export type K8sGenerated = {
     eksGenerated: {
         name: string;
         idc?: {
@@ -54,4 +49,3 @@ export declare type K8sGenerated = {
     };
     role: string;
 };
-export {};

package/dist/plugins/kubeconfig/types.js

@@ -1,2 +1,3 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=types.js.map

package/dist/plugins/kubeconfig/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/plugins/kubeconfig/types.ts"],"names":[],"mappings":""}

package/dist/plugins/login.d.ts

@@ -11,6 +11,6 @@ You should have received a copy of the GNU General Public License along with @p0
 import { TokenResponse } from "../types/oidc";
 import { OrgData } from "../types/org";
 declare const loginPlugins: readonly ["google", "okta", "ping", "oidc-pkce", "microsoft", "azure-oidc", "google-oidc", "aws-oidc"];
-export declare type LoginPluginType = (typeof loginPlugins)[number];
+export type LoginPluginType = (typeof loginPlugins)[number];
 export declare const pluginLoginMap: Record<string, (org: OrgData) => Promise<TokenResponse>>;
 export {};

package/dist/plugins/login.js

@@ -29,3 +29,4 @@ exports.pluginLoginMap = {
     ping: login_3.pingLogin,
     "oidc-pkce": (org) => __awaiter(void 0, void 0, void 0, function* () { return yield exports.pluginLoginMap[org.providerType](org); }),
 };
+//# sourceMappingURL=login.js.map

package/dist/plugins/login.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"login.js","sourceRoot":"","sources":["../../src/plugins/login.ts"],"names":[],"mappings":";;;;;;;;;;;;AAYA,0CAA6C;AAC7C,wCAAyC;AACzC,wCAAyC;AAEzC,MAAM,YAAY,GAAG;IACnB,QAAQ;IACR,MAAM;IACN,MAAM;IACN,WAAW;IACX,WAAW;IACX,YAAY;IACZ,aAAa;IACb,UAAU;CACF,CAAC;AAIE,QAAA,cAAc,GAGvB;IACF,MAAM,EAAE,mBAAW;IACnB,IAAI,EAAE,iBAAS;IACf,IAAI,EAAE,iBAAS;IACf,WAAW,EAAE,CAAO,GAAG,EAAE,EAAE,kDAAC,OAAA,MAAM,sBAAc,CAAC,GAAG,CAAC,YAAa,CAAE,CAAC,GAAG,CAAC,CAAA,GAAA;CAC1E,CAAC"}

package/dist/plugins/oidc/login.js

@@ -171,3 +171,4 @@ const oidcLogin = (steps) => __awaiter(void 0, void 0, void 0, function* () {
     return yield (0, exports.waitForActivation)(deviceAuthorizationResponse, processAuthzExpiry, buildTokenRequest(deviceAuthorizationResponse));
 });
 exports.oidcLogin = oidcLogin;
+//# sourceMappingURL=login.js.map

package/dist/plugins/oidc/login.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"login.js","sourceRoot":"","sources":["../../../src/plugins/oidc/login.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,iDAAsD;AACtD,8CAAiE;AACjE,+CAA6C;AAG7C,qCAAqD;AAErD,gDAAwB;AAEX,QAAA,iBAAiB,GAAG,8CAA8C,CAAC;AAEzE,MAAM,sBAAsB,GAAG,CAAC,GAAY,EAAE,EAAE;IACrD,IAAI,CAAC,GAAG,CAAC,cAAc;QAAE,MAAM,8CAA8C,CAAC;AAChF,CAAC,CAAC;AAFW,QAAA,sBAAsB,0BAEjC;AAEF,MAAM,kBAAkB,GAAG,CAAC,YAA6B,EAAE,EAAE;IAC3D,QAAQ,YAAY,EAAE;QACpB,KAAK,MAAM;YACT,OAAO,MAAM,CAAC;QAChB,KAAK,MAAM;YACT,OAAO,SAAS,CAAC;QACnB,KAAK,QAAQ,CAAC;QACd,KAAK,aAAa;YAChB,OAAO,QAAQ,CAAC;QAClB,KAAK,WAAW;YACd,OAAO,MAAM,CAAC;QAChB,KAAK,UAAU;YACb,OAAO,KAAK,CAAC;QACf,KAAK,YAAY,CAAC;QAClB,KAAK,WAAW;YACd,OAAO,UAAU,CAAC;QACpB;YACE,IAAA,uBAAgB,EAAC,YAAY,CAAC,CAAC;KAClC;IACD,MAAM,uBAAuB,CAAC;AAChC,CAAC,CAAC;AAEF,mEAAmE;AACnE,8EAA8E;AACvE,MAAM,SAAS,GAAG,CACvB,OAGC,EACD,gBAA2D,EAC3D,EAAE;IACF,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC;IAC9B,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;IACxC,MAAM,gBAAgB,CAAC,QAAQ,CAAC,CAAC;IACjC,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAM,CAAC;AACtC,CAAC,CAAA,CAAC;AAXW,QAAA,SAAS,aAWpB;AAEF;;;;;GAKG;AACI,MAAM,cAAc,GAAG,CAAU,OAGvC,EAAE,EAAE;IACH,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC;IAC9B,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;IACxC,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE;QAChB,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE;YAC3B,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,IAAI,IAAI,CAAC,KAAK,KAAK,uBAAuB;gBAAE,OAAO,SAAS,CAAC;YAC7D,IAAI,IAAI,CAAC,KAAK,KAAK,eAAe;gBAAE,MAAM,0BAA0B,CAAC;SACtE;QACD,MAAM,IAAA,wBAAgB,EAAC,QAAQ,CAAC,CAAC;KAClC;IACD,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAM,CAAC;AACtC,CAAC,CAAA,CAAC;AAfW,QAAA,cAAc,kBAezB;AAEF;;;GAGG;AACI,MAAM,iBAAiB,GAAG,CAC/B,SAAY,EACZ,qBAGC,EAAE,0FAA0F;AAC7F,YAAgD,EAChD,EAAE;IACF,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACzB,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,GAAG,qBAAqB,CAAC,SAAS,CAAC,CAAC;IAClE,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,IAAI,UAAU,GAAG,GAAG,EAAE;QAC7C,MAAM,QAAQ,GAAG,MAAM,IAAA,sBAAc,EAAI,YAAY,CAAC,CAAC;QACvD,IAAI,CAAC,QAAQ;YAAE,MAAM,IAAA,YAAK,EAAC,QAAQ,GAAG,GAAG,CAAC,CAAC;;YACtC,OAAO,QAAQ,CAAC;KACtB;IACD,MAAM,4CAA4C,CAAC;AACrD,CAAC,CAAA,CAAC;AAhBW,QAAA,iBAAiB,qBAgB5B;AAEK,MAAM,cAAc,GAAG,CAC5B,GAAY,EACZ,KAAa,EACb,IAAgE,EAChE,EAAE;IACF,MAAM,EAAE,sBAAsB,EAAE,QAAQ,EAAE,GAAG,IAAI,EAAE,CAAC;IACpD,IAAI,GAAG,CAAC,YAAY,KAAK,SAAS,EAAE;QAClC,MAAM,0KAA0K,CAAC;KAClL;IACD,MAAM,yBAAyB,GAAG,GAAG,EAAE;QACrC,IAAA,8BAAsB,EAAC,GAAG,CAAC,CAAC;QAC5B,OAAO;YACL,IAAI,EAAE;gBACJ,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,mBAAY;gBACrB,IAAI,EAAE,IAAA,iBAAS,EAAC;oBACd,SAAS,EAAE,GAAG,CAAC,QAAQ;oBACvB,KAAK;iBACN,CAAC;aACH;YACD,GAAG,EAAE,sBAAsB;SAC5B,CAAC;IACJ,CAAC,CAAC;IACF,MAAM,qBAAqB,GAAG,CAAC,SAA4B,EAAE,EAAE;QAC7D,IAAA,8BAAsB,EAAC,GAAG,CAAC,CAAC;QAE5B,OAAO;YACL,GAAG,EAAE,QAAQ;YACb,IAAI,EAAE;gBACJ,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,mBAAY;gBACrB,IAAI,EAAE,IAAA,iBAAS,EAAC;oBACd,SAAS,EAAE,GAAG,CAAC,QAAQ;oBACvB,WAAW,EAAE,SAAS,CAAC,WAAW;oBAClC,UAAU,EAAE,yBAAiB;iBAC9B,CAAC;aACH;SACF,CAAC;IACJ,CAAC,CAAC;IACF,OAAO;QACL,YAAY,EAAE,GAAG,CAAC,YAAY;QAC9B,gBAAgB,EAAhB,wBAAgB;QAChB,qBAAqB,EAAE,yBAAyB;QAChD,iBAAiB,EAAE,qBAAqB;QACxC,kBAAkB,EAAE,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;YAClC,UAAU,EAAE,SAAS,CAAC,UAAU;YAChC,QAAQ,EAAE,SAAS,CAAC,QAAQ;SAC7B,CAAC;QACF,oBAAoB,EAAE,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;YACpC,SAAS,EAAE,SAAS,CAAC,SAAS;YAC9B,yBAAyB,EAAE,SAAS,CAAC,yBAAyB;SAC/D,CAAC;KACkC,CAAC;AACzC,CAAC,CAAC;AArDW,QAAA,cAAc,kBAqDzB;AAEF,+CAA+C;AACxC,MAAM,SAAS,GAAG,CAAa,KAAwB,EAAE,EAAE;IAChE,MAAM,EACJ,YAAY,EACZ,qBAAqB,EACrB,iBAAiB,EACjB,kBAAkB,EAClB,oBAAoB,EACpB,gBAAgB,GACjB,GAAG,KAAK,CAAC;IACV,MAAM,2BAA2B,GAAG,MAAM,IAAA,iBAAS,EACjD,qBAAqB,EAAE,EACvB,gBAAgB,CACjB,CAAC;IACF,MAAM,EAAE,SAAS,EAAE,yBAAyB,EAAE,GAAG,oBAAoB,CACnE,2BAA2B,CAC5B,CAAC;IACF,IAAA,cAAM,EAAC;;kCAEyB,kBAAkB,CAAC,YAAY,CAAC;;QAE1D,SAAS;;;KAGZ,CAAC,CAAC;IACL,KAAK,IAAA,cAAI,EAAC,yBAAyB,CAAC,CAAC;IACrC,OAAO,MAAM,IAAA,yBAAiB,EAC5B,2BAA2B,EAC3B,kBAAkB,EAClB,iBAAiB,CAAC,2BAA2B,CAAC,CAC/C,CAAC;AACJ,CAAC,CAAA,CAAC;AA9BW,QAAA,SAAS,aA8BpB"}

package/dist/plugins/okta/aws.js

@@ -40,3 +40,4 @@ const assumeRoleWithOktaSaml = (authn, args) => __awaiter(void 0, void 0, void 0
     }), { duration: 3600e3 });
 });
 exports.assumeRoleWithOktaSaml = assumeRoleWithOktaSaml;
+//# sourceMappingURL=aws.js.map

package/dist/plugins/okta/aws.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"aws.js","sourceRoot":"","sources":["../../../src/plugins/okta/aws.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,kDAAsE;AACtE,6CAA4C;AAE5C,kDAAuD;AAEhD,MAAM,sBAAsB,GAAG,CACpC,KAAY,EACZ,IAA0C,EAC1C,EAAE;IACF,OAAA,MAAM,IAAA,aAAM,EACV,YAAY,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,IAAI,EAAE,EACzC,GAAS,EAAE;QACT,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,IAAA,mBAAY,EAC1D,KAAK,EACL,IAAI,CAAC,SAAS,CACf,CAAC;QACF,MAAM,EAAE,KAAK,EAAE,GAAG,IAAA,oBAAa,EAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACvD,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC;YAC5B,MAAM,yCAAyC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QACzF,OAAO,MAAM,IAAA,+BAAkB,EAAC;YAC9B,OAAO;YACP,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,IAAI,EAAE;gBACJ,YAAY,EAAE,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,gBAAgB;gBACpD,QAAQ,EAAE,YAAY;aACvB;SACF,CAAC,CAAC;IACL,CAAC,CAAA,EACD,EAAE,QAAQ,EAAE,MAAM,EAAE,CACrB,CAAA;EAAA,CAAC;AAxBS,QAAA,sBAAsB,0BAwB/B"}

package/dist/plugins/okta/login.js

@@ -89,3 +89,4 @@ const getSamlResponse = (identity, config) => __awaiter(void 0, void 0, void 0,
     return samlResponse;
 });
 exports.getSamlResponse = getSamlResponse;
+//# sourceMappingURL=login.js.map

package/dist/plugins/okta/login.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"login.js","sourceRoot":"","sources":["../../../src/plugins/okta/login.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,iDAAsD;AACtD,8CAAiE;AAKjE,yCAIuB;AACvB,iCAA8B;AAC9B,mCAA8B;AAE9B,MAAM,iBAAiB,GAAG,+CAA+C,CAAC;AAC1E,MAAM,aAAa,GAAG,2CAA2C,CAAC;AAClE,MAAM,mBAAmB,GAAG,iDAAiD,CAAC;AAC9E,MAAM,kBAAkB,GAAG,yCAAyC,CAAC;AAErE,iEAAiE;AACjE,MAAM,gBAAgB,GAAG,CACvB,KAAa,EACb,EAAE,GAAG,EAAE,UAAU,EAAY,EAC7B,EAAE;IACF,MAAM,IAAI,GAAG;QACX,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,mBAAY;QACrB,IAAI,EAAE,IAAA,iBAAS,EAAC;YACd,QAAQ,EAAE,iBAAiB,KAAK,EAAE;YAClC,SAAS,EAAE,GAAG,CAAC,QAAQ;YACvB,WAAW,EAAE,UAAU,CAAC,YAAY;YACpC,gBAAgB,EAAE,iBAAiB;YACnC,aAAa,EAAE,UAAU,CAAC,QAAQ;YAClC,kBAAkB,EAAE,aAAa;YACjC,UAAU,EAAE,mBAAmB;YAC/B,oBAAoB,EAAE,kBAAkB;SACzC,CAAC;KACH,CAAC;IACF,IAAA,8BAAsB,EAAC,GAAG,CAAC,CAAC;IAC5B,MAAM,QAAQ,GAAG,MAAM,KAAK,CAC1B,SAAS,GAAG,CAAC,cAAc,kBAAkB,EAC7C,IAAI,CACL,CAAC;IACF,MAAM,IAAA,wBAAgB,EAAC,QAAQ,CAAC,CAAC;IACjC,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAkB,CAAC;AAClD,CAAC,CAAA,CAAC;AAEF,4CAA4C;AAC5C,MAAM,iBAAiB,GAAG,CACxB,GAAY,EACZ,EAAE,YAAY,EAAiB,EAC/B,EAAE;IACF,MAAM,IAAI,GAAG;QACX,MAAM,EAAE,KAAK;QACb,OAAO,EAAE,IAAA,aAAI,EAAC,mBAAY,EAAE,cAAc,CAAC;KAC5C,CAAC;IACF,IAAA,8BAAsB,EAAC,GAAG,CAAC,CAAC;IAC5B,MAAM,GAAG,GAAG,WACV,GAAG,CAAC,cACN,0BAA0B,kBAAkB,CAAC,YAAY,CAAC,EAAE,CAAC;IAC7D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;IACxC,MAAM,IAAA,wBAAgB,EAAC,QAAQ,CAAC,CAAC;IACjC,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;IACnC,MAAM,GAAG,GAAG,IAAI,aAAK,CAAC,IAAI,CAAC,CAAC;IAC5B,MAAM,SAAS,GAAG,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,aAAa,CACjD,4BAA4B,CAC7B,CAAC;IACF,OAAQ,SAA0C,aAA1C,SAAS,uBAAT,SAAS,CAAmC,KAAK,CAAC;AAC5D,CAAC,CAAA,CAAC;AAEF,+BAA+B;AACxB,MAAM,SAAS,GAAG,CAAO,GAAY,EAAE,EAAE;IAC9C,OAAA,IAAA,iBAAS,EACP,IAAA,sBAAc,EAAC,GAAG,EAAE,oCAAoC,EAAE,GAAG,EAAE;QAC7D,IAAI,GAAG,CAAC,YAAY,KAAK,MAAM,EAAE;YAC/B,MAAM,yBAAyB,GAAG,CAAC,YAAY,oBAAoB,CAAC;SACrE;QACD,OAAO;YACL,sBAAsB,EAAE,WAAW,GAAG,CAAC,cAAc,6BAA6B;YAClF,QAAQ,EAAE,WAAW,GAAG,CAAC,cAAc,kBAAkB;SAC1D,CAAC;IACJ,CAAC,CAAC,CACH,CAAA;EAAA,CAAC;AAXS,QAAA,SAAS,aAWlB;AAEJ,gDAAgD;AAChD,wBAAwB;AACjB,MAAM,eAAe,GAAG,CAC7B,QAAkB,EAClB,MAAyB,EACzB,EAAE;IACF,MAAM,gBAAgB,GAAG,MAAM,gBAAgB,CAC7C,MAAM,CAAC,QAAQ,CAAC,KAAK,EACrB,QAAQ,CACT,CAAC;IACF,MAAM,YAAY,GAAG,MAAM,iBAAiB,CAAC,QAAQ,CAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC;IAC7E,IAAI,CAAC,YAAY,EAAE;QACjB,MAAM,uCAAuC,CAAC;KAC/C;IACD,OAAO,YAAY,CAAC;AACtB,CAAC,CAAA,CAAC;AAbW,QAAA,eAAe,mBAa1B"}

package/dist/plugins/ping/login.js

@@ -24,3 +24,4 @@ const pingLogin = (org) => __awaiter(void 0, void 0, void 0, function* () {
     }));
 });
 exports.pingLogin = pingLogin;
+//# sourceMappingURL=login.js.map

package/dist/plugins/ping/login.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"login.js","sourceRoot":"","sources":["../../../src/plugins/ping/login.ts"],"names":[],"mappings":";;;;;;;;;;;;AAYA,yCAA0D;AAE1D,kCAAkC;AAC3B,MAAM,SAAS,GAAG,CAAO,GAAY,EAAE,EAAE;IAC9C,OAAA,IAAA,iBAAS,EACP,IAAA,sBAAc,EAAC,GAAG,EAAE,sBAAsB,EAAE,GAAG,EAAE;QAC/C,IAAI,GAAG,CAAC,YAAY,KAAK,MAAM,IAAI,GAAG,CAAC,YAAY,KAAK,SAAS,EAAE;YACjE,MAAM,yBAAyB,GAAG,CAAC,YAAY,oBAAoB,CAAC;SACrE;QACD,OAAO;YACL,sBAAsB,EAAE,WAAW,GAAG,CAAC,cAAc,IAAI,GAAG,CAAC,aAAa,0BAA0B;YACpG,QAAQ,EAAE,WAAW,GAAG,CAAC,cAAc,IAAI,GAAG,CAAC,aAAa,WAAW;SACxE,CAAC;IACJ,CAAC,CAAC,CACH,CAAA;EAAA,CAAC;AAXS,QAAA,SAAS,aAWlB"}

package/dist/plugins/ssh/index.d.ts

@@ -10,5 +10,11 @@ You should have received a copy of the GNU General Public License along with @p0
 **/
 import { CommandArgs } from "../../commands/shared/ssh";
 import { Authn } from "../../types/identity";
-import { SshRequest } from "../../types/ssh";
-export declare const sshOrScp: (authn: Authn, request: SshRequest, cmdArgs: CommandArgs, privateKey: string) => Promise<number | null>;
+import { SshProvider, SshRequest } from "../../types/ssh";
+export declare const sshOrScp: (args: {
+    authn: Authn;
+    request: SshRequest;
+    cmdArgs: CommandArgs;
+    privateKey: string;
+    sshProvider: SshProvider<any, any, any, any>;
+}) => Promise<number | null>;

package/dist/plugins/ssh/index.js

@@ -23,7 +23,6 @@ You should have received a copy of the GNU General Public License along with @p0
 const ssh_1 = require("../../commands/shared/ssh");
 const keys_1 = require("../../common/keys");
 const stdio_1 = require("../../drivers/stdio");
-const ssh_agent_1 = require("../ssh-agent");
 const node_child_process_1 = require("node:child_process");
 /** Matches the error message that AWS SSM print1 when access is not propagated */
 // Note that the resource will randomly be either the SSM document or the EC2 instance
@@ -137,6 +136,13 @@ function spawnSshNode(options) {
     return __awaiter(this, void 0, void 0, function* () {
         return new Promise((resolve, reject) => {
             const provider = ssh_1.SSH_PROVIDERS[options.provider];
+            const attemptsRemaining = options.attemptsRemaining;
+            if (options.debug) {
+                const gerund = options.isAccessPropagationPreTest
+                    ? "Pre-testing"
+                    : "Trying";
+                (0, stdio_1.print2)(`Waiting for access to propagate. ${gerund} SSH session... (remaining attempts: ${attemptsRemaining})`);
+            }
             const child = spawnChildProcess(options.credential, options.command, options.args, options.stdio);
             // TODO ENG-2284 support login with Google Cloud: currently return a boolean to indicate if the exception was a Google login error.
             const { isAccessPropagated, isGoogleLoginException } = accessPropagationGuard(child, options.debug);
@@ -146,10 +152,6 @@ function spawnSshNode(options) {
                 // In the case of ephemeral AccessDenied exceptions due to unpropagated
                 // permissions, continually retry access until success
                 if (!isAccessPropagated()) {
-                    const attemptsRemaining = options.attemptsRemaining;
-                    if (options.debug) {
-                        (0, stdio_1.print2)(`Waiting for access to propagate. Retrying SSH session... (remaining attempts: ${attemptsRemaining})`);
-                    }
                     if (attemptsRemaining <= 0) {
                         reject(`Access did not propagate through ${provider.friendlyName} before max retry attempts were exceeded. Please contact support@p0.dev for assistance.`);
                         return;
@@ -174,6 +176,13 @@ function spawnSshNode(options) {
 const createCommand = (data, args, proxyCommand) => {
     const commonArgs = [
         ...(args.debug ? ["-v"] : []),
+        // Explicitly specify which private key to use to avoid "Too many authentication failures"
+        // error caused by SSH trying every available key
+        "-i",
+        keys_1.PRIVATE_KEY_PATH,
+        // Only use the authentication identity specified by -i above
+        "-o",
+        "IdentitiesOnly=yes",
         "-o",
         `ProxyCommand=${proxyCommand.join(" ")}`,
     ];
@@ -200,7 +209,9 @@ const createCommand = (data, args, proxyCommand) => {
             ...commonArgs,
             ...(args.A ? ["-A"] : []),
             ...(args.L ? ["-L", args.L] : []),
+            ...(args.R ? ["-R", args.R] : []),
             ...(args.N ? ["-N"] : []),
+            ...(args.o ? ["-o", args.o] : []),
             `${data.linuxUserName}@${data.id}`,
             ...(args.command ? [args.command] : []),
             ...args.arguments.map((argument) => 
@@ -243,41 +254,38 @@ const preTestAccessPropagationIfNeeded = (sshProvider, request, cmdArgs, proxyCo
     }
     return null;
 });
-const sshOrScp = (authn, request, cmdArgs, privateKey) => __awaiter(void 0, void 0, void 0, function* () {
+const sshOrScp = (args) => __awaiter(void 0, void 0, void 0, function* () {
+    const { authn, request, cmdArgs, privateKey, sshProvider } = args;
     if (!privateKey) {
         throw "Failed to load a private key for this request. Please contact support@p0.dev for assistance.";
     }
-    const sshProvider = ssh_1.SSH_PROVIDERS[request.type];
     const credential = yield sshProvider.cloudProviderLogin(authn, request);
     const proxyCommand = sshProvider.proxyCommand(request);
-    return (0, ssh_agent_1.withSshAgent)(cmdArgs, () => __awaiter(void 0, void 0, void 0, function* () {
-        const { command, args } = createCommand(request, cmdArgs, proxyCommand);
-        if (cmdArgs.debug) {
-            const reproCommands = sshProvider.reproCommands(request);
-            if (reproCommands) {
-                const repro = [
-                    `eval $(ssh-agent)`,
-                    `ssh-add "${keys_1.PRIVATE_KEY_PATH}"`,
-                    ...reproCommands,
-                    `${command} ${transformForShell(args).join(" ")}`,
-                ].join("\n");
-                (0, stdio_1.print2)(`Execute the following commands to create a similar SSH/SCP session:\n*** COMMANDS BEGIN ***\n${repro}\n*** COMMANDS END ***"\n`);
-            }
-        }
-        const exitCode = yield preTestAccessPropagationIfNeeded(sshProvider, request, cmdArgs, proxyCommand, credential);
-        if (exitCode && exitCode !== 0) {
-            return exitCode; // Only exit if there was an error when pre-testing
+    const { command, args: commandArgs } = createCommand(request, cmdArgs, proxyCommand);
+    if (cmdArgs.debug) {
+        const reproCommands = sshProvider.reproCommands(request);
+        if (reproCommands) {
+            const repro = [
+                ...reproCommands,
+                `${command} ${transformForShell(commandArgs).join(" ")}`,
+            ].join("\n");
+            (0, stdio_1.print2)(`Execute the following commands to create a similar SSH/SCP session:\n*** COMMANDS BEGIN ***\n${repro}\n*** COMMANDS END ***"\n`);
         }
-        return spawnSshNode({
-            credential,
-            abortController: new AbortController(),
-            command,
-            args,
-            stdio: ["inherit", "inherit", "pipe"],
-            debug: cmdArgs.debug,
-            provider: request.type,
-            attemptsRemaining: sshProvider.maxRetries,
-        });
-    }));
+    }
+    const exitCode = yield preTestAccessPropagationIfNeeded(sshProvider, request, cmdArgs, proxyCommand, credential);
+    if (exitCode && exitCode !== 0) {
+        return exitCode; // Only exit if there was an error when pre-testing
+    }
+    return spawnSshNode({
+        credential,
+        abortController: new AbortController(),
+        command,
+        args: commandArgs,
+        stdio: ["inherit", "inherit", "pipe"],
+        debug: cmdArgs.debug,
+        provider: request.type,
+        attemptsRemaining: sshProvider.maxRetries,
+    });
 });
 exports.sshOrScp = sshOrScp;
+//# sourceMappingURL=index.js.map

package/dist/plugins/ssh/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/plugins/ssh/index.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,mDAAuE;AACvE,4CAAqD;AACrD,+CAA6C;AAI7C,2DAK4B;AAG5B,kFAAkF;AAClF,sFAAsF;AACtF,MAAM,kCAAkC,GACtC,0RAA0R,CAAC;AAC7R;;;;;;GAMG;AACH,MAAM,yBAAyB,GAC7B,kEAAkE,CAAC;AACrE,MAAM,yBAAyB,GAAG,iCAAiC,CAAC;AACpE,MAAM,gCAAgC,GACpC,mDAAmD,CAAC;AACtD,MAAM,kCAAkC,GACtC,+CAA+C,CAAC;AAClD,MAAM,sBAAsB,GAC1B,4DAA4D,CAAC;AAC/D,MAAM,oBAAoB,GACxB,sDAAsD,CAAC;AACzD,MAAM,YAAY,GAAG,uCAAuC,CAAC,CAAC,mEAAmE;AAEjI;;GAEG;AACH,MAAM,4BAA4B,GAAG,GAAG,CAAC;AAEzC;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AACH,MAAM,6BAA6B,GAAG;IACpC,EAAE,OAAO,EAAE,kCAAkC,EAAE;IAC/C,EAAE,OAAO,EAAE,yBAAyB,EAAE;IACtC,EAAE,OAAO,EAAE,yBAAyB,EAAE;IACtC,EAAE,OAAO,EAAE,YAAY,EAAE;IACzB,EAAE,OAAO,EAAE,gCAAgC,EAAE;IAC7C,EAAE,OAAO,EAAE,kCAAkC,EAAE,kBAAkB,EAAE,IAAI,EAAE;IACzE,EAAE,OAAO,EAAE,sBAAsB,EAAE;CACpC,CAAC;AAEF;;;;;;;;;;;;;;;GAeG;AACH,MAAM,sBAAsB,GAAG,CAC7B,KAAgD,EAChD,KAAe,EACf,EAAE;IACF,IAAI,gCAAgC,GAAG,KAAK,CAAC;IAC7C,IAAI,sBAAsB,GAAG,KAAK,CAAC;IACnC,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE/B,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE;QAChC,MAAM,WAAW,GAAW,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAEpD,IAAI,KAAK;YAAE,IAAA,cAAM,EAAC,WAAW,CAAC,CAAC;QAE/B,MAAM,KAAK,GAAG,6BAA6B,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAC3D,WAAW,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CACnC,CAAC;QAEF,IACE,KAAK;YACL,IAAI,CAAC,GAAG,EAAE;gBACR,WAAW,GAAG,CAAC,KAAK,CAAC,kBAAkB,IAAI,4BAA4B,CAAC,EAC1E;YACA,gCAAgC,GAAG,IAAI,CAAC;SACzC;QAED,MAAM,gBAAgB,GAAG,WAAW,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC;QACjE,sBAAsB,GAAG,sBAAsB,IAAI,CAAC,CAAC,gBAAgB,CAAC,CAAC,yBAAyB;QAChG,IAAI,sBAAsB,EAAE;YAC1B,gCAAgC,GAAG,KAAK,CAAC,CAAC,yDAAyD;SACpG;IACH,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,kBAAkB,EAAE,GAAG,EAAE,CAAC,CAAC,gCAAgC;QAC3D,sBAAsB,EAAE,GAAG,EAAE,CAAC,sBAAsB;KACrD,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,iBAAiB,GAAG,CACxB,UAAsC,EACtC,OAAe,EACf,IAAc,EACd,KAAwC,EACxC,EAAE,CACF,IAAA,0BAAK,EAAC,OAAO,EAAE,IAAI,EAAE;IACnB,GAAG,kCACE,OAAO,CAAC,GAAG,GACX,UAAU,CACd;IACD,KAAK;IACL,KAAK,EAAE,KAAK;CACb,CAAC,CAAC;AAeL;;;GAGG;AAEH,SAAe,YAAY,CACzB,OAA4B;;QAE5B,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,MAAM,QAAQ,GAAG,mBAAa,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YAEjD,MAAM,iBAAiB,GAAG,OAAO,CAAC,iBAAiB,CAAC;YACpD,IAAI,OAAO,CAAC,KAAK,EAAE;gBACjB,MAAM,MAAM,GAAG,OAAO,CAAC,0BAA0B;oBAC/C,CAAC,CAAC,aAAa;oBACf,CAAC,CAAC,QAAQ,CAAC;gBACb,IAAA,cAAM,EACJ,oCAAoC,MAAM,wCAAwC,iBAAiB,GAAG,CACvG,CAAC;aACH;YAED,MAAM,KAAK,GAAG,iBAAiB,CAC7B,OAAO,CAAC,UAAU,EAClB,OAAO,CAAC,OAAO,EACf,OAAO,CAAC,IAAI,EACZ,OAAO,CAAC,KAAK,CACd,CAAC;YAEF,mIAAmI;YACnI,MAAM,EAAE,kBAAkB,EAAE,sBAAsB,EAAE,GAClD,sBAAsB,CAAC,KAAK,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;YAE/C,MAAM,YAAY,GAAG,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;;gBAC7C,YAAY,CAAC,KAAK,EAAE,CAAC;gBACrB,uEAAuE;gBACvE,sDAAsD;gBACtD,IAAI,CAAC,kBAAkB,EAAE,EAAE;oBACzB,IAAI,iBAAiB,IAAI,CAAC,EAAE;wBAC1B,MAAM,CACJ,oCAAoC,QAAQ,CAAC,YAAY,yFAAyF,CACnJ,CAAC;wBACF,OAAO;qBACR;oBAED,YAAY,iCACP,OAAO,KACV,iBAAiB,EAAE,iBAAiB,GAAG,CAAC,IACxC;yBACC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;yBAC7B,KAAK,CAAC,MAAM,CAAC,CAAC;oBAEjB,OAAO;iBACR;qBAAM,IAAI,sBAAsB,EAAE,EAAE;oBACnC,MAAM,CAAC,2DAA2D,CAAC,CAAC;oBACpE,OAAO;iBACR;gBAED,MAAA,OAAO,CAAC,eAAe,0CAAE,KAAK,CAAC,IAAI,CAAC,CAAC;gBACrC,IAAI,CAAC,OAAO,CAAC,0BAA0B;oBAAE,IAAA,cAAM,EAAC,wBAAwB,CAAC,CAAC;gBAC1E,OAAO,CAAC,IAAI,CAAC,CAAC;YAChB,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;CAAA;AAED,MAAM,aAAa,GAAG,CACpB,IAAgB,EAChB,IAAiB,EACjB,YAAsB,EACtB,EAAE;IACF,MAAM,UAAU,GAAG;QACjB,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7B,0FAA0F;QAC1F,iDAAiD;QACjD,IAAI;QACJ,uBAAgB;QAChB,6DAA6D;QAC7D,IAAI;QACJ,oBAAoB;QACpB,IAAI;QACJ,gBAAgB,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;KACzC,CAAC;IAEF,IAAI,QAAQ,IAAI,IAAI,EAAE;QACpB,OAAO;YACL,OAAO,EAAE,KAAK;YACd,IAAI,EAAE;gBACJ,GAAG,UAAU;gBACb,+DAA+D;gBAC/D,iCAAiC;gBACjC,IAAI;gBACJ,uBAAuB;gBACvB,IAAI;gBACJ,yBAAyB;gBACzB,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACjC,IAAI,CAAC,MAAM;gBACX,IAAI,CAAC,WAAW;aACjB;SACF,CAAC;KACH;IAED,OAAO;QACL,OAAO,EAAE,KAAK;QACd,IAAI,EAAE;YACJ,GAAG,UAAU;YACb,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACzB,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACjC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACjC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACzB,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACjC,GAAG,IAAI,CAAC,aAAa,IAAI,IAAI,CAAC,EAAE,EAAE;YAClC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACvC,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CACnB,CAAC,QAAQ,EAAE,EAAE;YACX,yGAAyG;YACzG,mGAAmG;YACnG,IAAI,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,CAC/C;SACF;KACF,CAAC;AACJ,CAAC,CAAC;AAEF,uJAAuJ;AACvJ,MAAM,iBAAiB,GAAG,CAAC,IAAc,EAAE,EAAE;IAC3C,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QACtB,8DAA8D;QAC9D,IAAI,GAAG,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE;YACnC,MAAM,CAAC,IAAI,EAAE,GAAG,KAAK,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,2HAA2H;YACpK,OAAO,GAAG,IAAI,KAAK,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;SACvC;QACD,OAAO,GAAG,CAAC;IACb,CAAC,CAAC,CAAC;AACL,CAAC,CAAC;AAEF,+HAA+H;AAC/H,MAAM,gCAAgC,GAAG,CAGvC,WAAc,EACd,OAAmB,EACnB,OAAoB,EACpB,YAAsB,EACtB,UAEa,EACb,EAAE;IACF,MAAM,WAAW,GAAG,WAAW,CAAC,4BAA4B,CAAC,OAAO,CAAC,CAAC;IACtE,kGAAkG;IAClG,wDAAwD;IACxD,IAAI,WAAW,EAAE;QACf,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,aAAa,CAAC,OAAO,EAAE,WAAW,EAAE,YAAY,CAAC,CAAC;QAC5E,8EAA8E;QAC9E,OAAO,YAAY,CAAC;YAClB,UAAU;YACV,eAAe,EAAE,IAAI,eAAe,EAAE;YACtC,OAAO;YACP,IAAI;YACJ,KAAK,EAAE,CAAC,SAAS,EAAE,SAAS,EAAE,MAAM,CAAC;YACrC,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,QAAQ,EAAE,OAAO,CAAC,IAAI;YACtB,iBAAiB,EAAE,WAAW,CAAC,UAAU;YACzC,0BAA0B,EAAE,IAAI;SACjC,CAAC,CAAC;KACJ;IACD,OAAO,IAAI,CAAC;AACd,CAAC,CAAA,CAAC;AAEK,MAAM,QAAQ,GAAG,CAAO,IAM9B,EAAE,EAAE;IACH,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC;IAClE,IAAI,CAAC,UAAU,EAAE;QACf,MAAM,8FAA8F,CAAC;KACtG;IAED,MAAM,UAAU,GACd,MAAM,WAAW,CAAC,kBAAkB,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IAEvD,MAAM,YAAY,GAAG,WAAW,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;IAEvD,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,aAAa,CAClD,OAAO,EACP,OAAO,EACP,YAAY,CACb,CAAC;IAEF,IAAI,OAAO,CAAC,KAAK,EAAE;QACjB,MAAM,aAAa,GAAG,WAAW,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;QACzD,IAAI,aAAa,EAAE;YACjB,MAAM,KAAK,GAAG;gBACZ,GAAG,aAAa;gBAChB,GAAG,OAAO,IAAI,iBAAiB,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;aACzD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACb,IAAA,cAAM,EACJ,gGAAgG,KAAK,2BAA2B,CACjI,CAAC;SACH;KACF;IAED,MAAM,QAAQ,GAAG,MAAM,gCAAgC,CACrD,WAAW,EACX,OAAO,EACP,OAAO,EACP,YAAY,EACZ,UAAU,CACX,CAAC;IACF,IAAI,QAAQ,IAAI,QAAQ,KAAK,CAAC,EAAE;QAC9B,OAAO,QAAQ,CAAC,CAAC,mDAAmD;KACrE;IAED,OAAO,YAAY,CAAC;QAClB,UAAU;QACV,eAAe,EAAE,IAAI,eAAe,EAAE;QACtC,OAAO;QACP,IAAI,EAAE,WAAW;QACjB,KAAK,EAAE,CAAC,SAAS,EAAE,SAAS,EAAE,MAAM,CAAC;QACrC,KAAK,EAAE,OAAO,CAAC,KAAK;QACpB,QAAQ,EAAE,OAAO,CAAC,IAAI;QACtB,iBAAiB,EAAE,WAAW,CAAC,UAAU;KAC1C,CAAC,CAAC;AACL,CAAC,CAAA,CAAC;AAzDW,QAAA,QAAQ,YAyDnB"}

package/dist/plugins/ssh/types.d.ts

@@ -8,14 +8,14 @@ This file is part of @p0security/cli
 
 You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
 **/
-declare type SshItemConfig = {
+type SshItemConfig = {
     label?: string;
     state: string;
 };
-export declare type SshConfig = {
+export type SshConfig = {
     "iam-write": Record<string, SshItemConfig>;
 };
-export declare type CommonSshPermissionSpec = {
+export type CommonSshPermissionSpec = {
     publicKey: string;
     sudo?: boolean;
 };

package/dist/plugins/ssh/types.js

@@ -1,2 +1,3 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=types.js.map

package/dist/plugins/ssh/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/plugins/ssh/types.ts"],"names":[],"mappings":""}

package/dist/testing/firestore.js

@@ -14,3 +14,4 @@ You should have received a copy of the GNU General Public License along with @p0
 const firestore_1 = require("firebase/firestore");
 const mockGetDoc = (data) => firestore_1.getDoc.mockResolvedValue({ data: () => data });
 exports.mockGetDoc = mockGetDoc;
+//# sourceMappingURL=firestore.js.map

package/dist/testing/firestore.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"firestore.js","sourceRoot":"","sources":["../../src/testing/firestore.ts"],"names":[],"mappings":";;;AAAA;;;;;;;;;GASG;AACH,kDAA4C;AAErC,MAAM,UAAU,GAAG,CAAC,IAAS,EAAE,EAAE,CACrC,kBAAoB,CAAC,iBAAiB,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC;AADnD,QAAA,UAAU,cACyC"}

package/dist/testing/yargs.js

@@ -21,3 +21,4 @@ const failure = (spec, command) => __awaiter(void 0, void 0, void 0, function* (
     return error;
 });
 exports.failure = failure;
+//# sourceMappingURL=yargs.js.map

package/dist/testing/yargs.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"yargs.js","sourceRoot":"","sources":["../../src/testing/yargs.ts"],"names":[],"mappings":";;;;;;;;;;;;AAYO,MAAM,OAAO,GAAG,CAAO,IAAgB,EAAE,OAAe,EAAE,EAAE;IACjE,IAAI,KAAU,CAAC;IACf,IAAI;QACF,MAAM,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,KAAK,GAAG,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;KAC3D;IAAC,OAAO,MAAW,EAAE;QACpB,KAAK,GAAG,MAAM,CAAC;KAChB;IACD,OAAO,KAAK,CAAC;AACf,CAAC,CAAA,CAAC;AARW,QAAA,OAAO,WAQlB"}

package/dist/types/allow.d.ts

@@ -8,7 +8,7 @@ This file is part of @p0security/cli
 
 You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
 **/
-export declare type AllowResponse = {
+export type AllowResponse = {
     ok: true;
     message: string;
 };

package/dist/types/allow.js

@@ -1,2 +1,3 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=allow.js.map

package/dist/types/allow.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"allow.js","sourceRoot":"","sources":["../../src/types/allow.ts"],"names":[],"mappings":""}

package/dist/types/aws/oidc.d.ts

@@ -8,7 +8,7 @@ This file is part of @p0security/cli
 
 You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
 **/
-export declare type AWSClientInformation = {
+export type AWSClientInformation = {
     authorizationEndpoint: string;
     clientId: string;
     clientIdIssuedAt: number;
@@ -19,14 +19,14 @@ export declare type AWSClientInformation = {
 /**
  * AWS OIDC token response uses camelCase instead of snake_case
  */
-export declare type AWSTokenResponse = {
+export type AWSTokenResponse = {
     accessToken: string;
     expiresIn: number;
     idToken: string;
     refreshToken: string;
     tokenType: string;
 };
-export declare type AWSAuthorizeResponse = {
+export type AWSAuthorizeResponse = {
     deviceCode: string;
     expiresIn: number;
     interval: number;

package/dist/types/aws/oidc.js

@@ -10,3 +10,4 @@ This file is part of @p0security/cli
 You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
 **/
 Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=oidc.js.map

package/dist/types/aws/oidc.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"oidc.js","sourceRoot":"","sources":["../../../src/types/aws/oidc.ts"],"names":[],"mappings":";AAAA;;;;;;;;;GASG"}

package/dist/types/identity.d.ts

@@ -11,13 +11,13 @@ You should have received a copy of the GNU General Public License along with @p0
 import { TokenResponse } from "./oidc";
 import { OrgData } from "./org";
 import { UserCredential } from "firebase/auth";
-export declare type Identity = {
+export type Identity = {
     credential: TokenResponse & {
         expires_at: number;
     };
     org: OrgData;
 };
-export declare type Authn = {
+export type Authn = {
     identity: Identity;
     userCredential: UserCredential;
 };