cloudx-proxy 0.3.15__py3-none-any.whl → 0.4.1__py3-none-any.whl

cloudx_proxy/_version.py

@@ -17,5 +17,5 @@ __version__: str
 __version_tuple__: VERSION_TUPLE
 version_tuple: VERSION_TUPLE
 
-__version__ = version = '0.3.15'
-__version_tuple__ = version_tuple = (0, 3, 15)
+__version__ = version = '0.4.1'
+__version_tuple__ = version_tuple = (0, 4, 1)

cloudx_proxy/cli.py

@@ -52,7 +52,8 @@ def connect(instance_id: str, port: int, profile: str, region: str, ssh_key: str
 @click.option('--ssh-key', default='vscode', help='SSH key name to use (default: vscode)')
 @click.option('--ssh-config', help='SSH config file to use (default: ~/.ssh/vscode/config)')
 @click.option('--aws-env', help='AWS environment directory (default: ~/.aws, use name of directory in ~/.aws/aws-envs/)')
-def setup(profile: str, ssh_key: str, ssh_config: str, aws_env: str):
+@click.option('--1password', 'use_1password', is_flag=True, help='Use 1Password SSH agent for SSH authentication')
+def setup(profile: str, ssh_key: str, ssh_config: str, aws_env: str, use_1password: bool):
     """Set up AWS profile, SSH keys, and configuration for CloudX.
     
     This command will:
@@ -65,9 +66,16 @@ def setup(profile: str, ssh_key: str, ssh_config: str, aws_env: str):
         cloudx-proxy setup
         cloudx-proxy setup --profile myprofile --ssh-key mykey
         cloudx-proxy setup --ssh-config ~/.ssh/cloudx/config
+        cloudx-proxy setup --1password
     """
     try:
-        setup = CloudXSetup(profile=profile, ssh_key=ssh_key, ssh_config=ssh_config, aws_env=aws_env)
+        setup = CloudXSetup(
+            profile=profile, 
+            ssh_key=ssh_key, 
+            ssh_config=ssh_config, 
+            aws_env=aws_env,
+            use_1password=use_1password
+        )
         
         print("\n\033[1;95m=== cloudx-proxy Setup ===\033[0m\n")
         

cloudx_proxy/core.py

@@ -91,9 +91,21 @@ class CloudXProxy:
         return False
 
     def push_ssh_key(self) -> bool:
-        """Push SSH public key to instance via EC2 Instance Connect."""
+        """Push SSH public key to instance via EC2 Instance Connect.
+        
+        Determines which SSH key to use (regular key or 1Password-managed key),
+        then pushes the correct public key to the instance.
+        """
         try:
-            with open(self.ssh_key) as f:
+            # Check if file exists with .pub extension (could be a non-1Password key)
+            # or if the .pub extension is already part of self.ssh_key (because of 1Password integration)
+            key_path = self.ssh_key
+            if not key_path.endswith('.pub'):
+                key_path += '.pub'
+                
+            self.log(f"Using public key: {key_path}")
+            
+            with open(key_path) as f:
                 public_key = f.read()
             
             self.ec2_connect.send_ssh_public_key(

cloudx_proxy/setup.py

@@ -7,9 +7,11 @@ from pathlib import Path
 from typing import Optional, Tuple
 import boto3
 from botocore.exceptions import ClientError
+from ._1password import check_1password_cli, check_ssh_agent, list_ssh_keys, create_ssh_key, get_vaults, save_public_key
 
 class CloudXSetup:
-    def __init__(self, profile: str = "vscode", ssh_key: str = "vscode", ssh_config: str = None, aws_env: str = None):
+    def __init__(self, profile: str = "vscode", ssh_key: str = "vscode", ssh_config: str = None, 
+                 aws_env: str = None, use_1password: bool = False):
         """Initialize cloudx-proxy setup.
         
         Args:
@@ -17,11 +19,14 @@ class CloudXSetup:
             ssh_key: SSH key name (default: "vscode")
             ssh_config: SSH config file path (default: None, uses ~/.ssh/vscode/config)
             aws_env: AWS environment directory (default: None)
+            use_1password: Use 1Password SSH agent for authentication (default: False)
         """
         self.profile = profile
         self.ssh_key = ssh_key
         self.aws_env = aws_env
+        self.use_1password = use_1password
         self.home_dir = str(Path.home())
+        self.onepassword_agent_sock = Path(self.home_dir) / ".1password" / "agent.sock"
         
         # Set up ssh config paths based on provided config or default
         if ssh_config:
@@ -151,6 +156,124 @@ class CloudXSetup:
             self.print_status(f"\033[1;91mError:\033[0m {str(e)}", False, 2)
             return False
 
+    def _check_1password_availability(self) -> bool:
+        """Check if 1Password CLI and SSH agent are available.
+        
+        Returns:
+            bool: True if 1Password is available and configured
+        """
+        if not self.use_1password:
+            return False
+            
+        self.print_status("Checking 1Password availability...")
+        
+        # Use our helper function to check 1Password CLI
+        installed, authenticated, version = check_1password_cli()
+        
+        if not installed:
+            self.print_status("1Password CLI not found. Please install it from https://1password.com/downloads/command-line/", False, 2)
+            return False
+        
+        self.print_status(f"1Password CLI {version} installed", True, 2)
+        
+        if not authenticated:
+            self.print_status("1Password CLI is not authenticated. Run 'op signin' first.", False, 2)
+            return False
+        
+        self.print_status("1Password CLI is authenticated", True, 2)
+        
+        # Check if 1Password SSH agent is running
+        agent_running = check_ssh_agent(str(self.onepassword_agent_sock))
+        
+        if not agent_running:
+            self.print_status("1Password SSH agent is not running", False, 2)
+            self.print_status("Please ensure 1Password SSH agent is enabled in 1Password settings", None, 2)
+            return False
+        
+        self.print_status("1Password SSH agent is running", True, 2)
+        return True
+
+    def _create_1password_key(self) -> bool:
+        """Create a new SSH key in 1Password.
+        
+        Returns:
+            bool: True if successful
+        """
+        try:
+            # Get vaults to determine where to store the key
+            vaults = get_vaults()
+            if not vaults:
+                self.print_status("No 1Password vaults found", False, 2)
+                return False
+            
+            # Display available vaults
+            self.print_status("Creating a new SSH key in 1Password", None, 2)
+            print("\n\033[96mAvailable 1Password vaults:\033[0m")
+            for i, vault in enumerate(vaults):
+                print(f"  {i+1}. {vault['name']}")
+            
+            # Let user select vault
+            vault_num = self.prompt("Select vault number to store SSH key", "1")
+            try:
+                vault_idx = int(vault_num) - 1
+                if vault_idx < 0 or vault_idx >= len(vaults):
+                    self.print_status("Invalid vault number", False, 2)
+                    return False
+                selected_vault = vaults[vault_idx]['id']
+            except ValueError:
+                self.print_status("Invalid input", False, 2)
+                return False
+            
+            # Create a title for the 1Password item
+            ssh_key_title = f"cloudX SSH Key - {self.ssh_key}"
+            
+            # Check if a key with this title already exists in 1Password
+            ssh_keys = list_ssh_keys()
+            existing_key = next((key for key in ssh_keys if key['title'] == ssh_key_title), None)
+            
+            if existing_key:
+                self.print_status(f"SSH key '{ssh_key_title}' already exists in 1Password", True, 2)
+                # Get the public key
+                result = subprocess.run(
+                    ['op', 'item', 'get', existing_key['id'], '--fields', 'public key'],
+                    capture_output=True,
+                    text=True,
+                    check=False
+                )
+                
+                if result.returncode == 0:
+                    public_key = result.stdout.strip()
+                    # Save it to the expected location
+                    if save_public_key(public_key, f"{self.ssh_key_file}.pub"):
+                        self.print_status(f"Saved existing public key to {self.ssh_key_file}.pub", True, 2)
+                        return True
+            else:
+                # Create a new SSH key in 1Password
+                self.print_status(f"Creating new SSH key '{ssh_key_title}' in 1Password...", None, 2)
+                success, public_key, item_id = create_ssh_key(ssh_key_title, selected_vault)
+                
+                if not success:
+                    self.print_status("Failed to create SSH key in 1Password", False, 2)
+                    return False
+                
+                self.print_status("SSH key created successfully in 1Password", True, 2)
+                
+                # Save the public key to the expected location
+                if save_public_key(public_key, f"{self.ssh_key_file}.pub"):
+                    self.print_status(f"Saved public key to {self.ssh_key_file}.pub", True, 2)
+                    return True
+                else:
+                    self.print_status(f"Failed to save public key to {self.ssh_key_file}.pub", False, 2)
+                    return False
+            
+            # Remind user to enable the key in 1Password SSH agent
+            self.print_status("\033[93mImportant: Make sure the key is enabled in 1Password's SSH agent settings\033[0m", None, 2)
+            return True
+            
+        except Exception as e:
+            self.print_status(f"Error creating key in 1Password: {str(e)}", False, 2)
+            return False
+
     def setup_ssh_key(self) -> bool:
         """Set up SSH key pair.
         
@@ -158,6 +281,21 @@ class CloudXSetup:
             bool: True if key was set up successfully
         """
         self.print_header("SSH Key Configuration")
+        
+        # Check 1Password integration if requested
+        if self.use_1password:
+            op_available = self._check_1password_availability()
+            if op_available:
+                self.print_status("Using 1Password SSH agent for authentication", True, 2)
+                
+                # Always prefer to create keys in 1Password
+                return self._create_1password_key()
+            else:
+                proceed = self.prompt("1Password integration not available. Continue with standard SSH key setup?", "Y").lower() != "n"
+                if not proceed:
+                    return False
+                self.use_1password = False  # Fallback to standard setup
+        
         self.print_status(f"Checking SSH key '{self.ssh_key}' configuration...")
         
         try:
@@ -196,6 +334,8 @@ class CloudXSetup:
                     self.ssh_key_file.with_suffix('.pub').chmod(stat.S_IRUSR | stat.S_IWUSR | stat.S_IROTH | stat.S_IRGRP)  # 644 permissions
                     self.print_status("Set key file permissions", True, 2)
             
+            # Standard key generation successful
+            self.print_status("Key generated successfully", True, 2)
             return True
 
         except Exception as e:
@@ -206,6 +346,75 @@ class CloudXSetup:
                 return True
             return False
 
+    def _build_proxy_command(self) -> str:
+        """Build the ProxyCommand with appropriate parameters.
+        
+        Returns:
+            str: The complete ProxyCommand string
+        """
+        proxy_command = "uvx cloudx-proxy connect %h %p"
+        if self.profile != "vscode":
+            proxy_command += f" --profile {self.profile}"
+        if self.aws_env:
+            proxy_command += f" --aws-env {self.aws_env}"
+        if self.ssh_key != "vscode":
+            proxy_command += f" --ssh-key {self.ssh_key}"
+            
+        return proxy_command
+        
+    def _build_auth_config(self) -> str:
+        """Build the authentication configuration block.
+        
+        Returns:
+            str: SSH config authentication section
+        """
+        if self.use_1password:
+            # When using 1Password:
+            # 1. Set IdentityAgent to the 1Password socket 
+            # 2. Set IdentityFile to the PUBLIC key (.pub) to limit key search
+            # 3. Set IdentitiesOnly to yes to avoid using ssh-agent keys
+            return f"""    IdentityAgent {self.onepassword_agent_sock}
+    IdentityFile {self.ssh_key_file}.pub
+    IdentitiesOnly yes
+"""
+        else:
+            # Standard SSH key configuration
+            return f"""    IdentityFile {self.ssh_key_file}
+    IdentitiesOnly yes
+"""
+
+    def _build_host_config(self, cloudx_env: str, hostname: str, instance_id: str, include_proxy: bool = True) -> str:
+        """Build a host configuration block.
+        
+        Args:
+            cloudx_env: CloudX environment
+            hostname: Hostname for the instance
+            instance_id: EC2 instance ID (None for wildcard entries)
+            include_proxy: Whether to include the ProxyCommand (default: True)
+            
+        Returns:
+            str: Complete host configuration block
+        """
+        host_pattern = hostname if hostname else "*"
+        host_entry = f"""
+Host cloudx-{cloudx_env}-{host_pattern}
+"""
+        # Add HostName only for specific hosts, not for wildcard entries
+        if instance_id:
+            host_entry += f"""    HostName {instance_id}
+"""
+        host_entry += """    User ec2-user
+"""
+        # Add authentication configuration
+        host_entry += self._build_auth_config()
+        
+        # Add proxy command if requested
+        if include_proxy:
+            host_entry += f"""    ProxyCommand {self._build_proxy_command()}
+"""
+        
+        return host_entry
+        
     def _add_host_entry(self, cloudx_env: str, instance_id: str, hostname: str, current_config: str) -> bool:
         """Add settings to a specific host entry.
         
@@ -219,25 +428,8 @@ class CloudXSetup:
             bool: True if settings were added successfully
         """
         try:
-            # Build host entry with all settings
-            proxy_command = "uvx cloudx-proxy connect %h %p"
-            if self.profile != "vscode":
-                proxy_command += f" --profile {self.profile}"
-            if self.aws_env:
-                proxy_command += f" --aws-env {self.aws_env}"
-            if self.ssh_key != "vscode":
-                proxy_command += f" --ssh-key {self.ssh_key}"
-
-            host_entry = f"""
-Host cloudx-{cloudx_env}-{hostname}
-    HostName {instance_id}
-    User ec2-user
-"""
-            host_entry += f"""    IdentityFile {self.ssh_key_file}
-    IdentitiesOnly yes
-"""
-            host_entry += f"""    ProxyCommand {proxy_command}
-"""
+            # Generate the host entry using the consolidated helper method
+            host_entry = self._build_host_config(cloudx_env, hostname, instance_id)
             
             # Append host entry
             with open(self.ssh_config_file, 'a') as f:
@@ -367,30 +559,18 @@ Host cloudx-{cloudx_env}-{hostname}
 
             # Create base config
             self.print_status(f"Creating new config for cloudx-{cloudx_env}-*", None, 2)
-            # Build ProxyCommand with only non-default parameters
-            # We don't need to include ssh_config here as SSH will handle that through the config
-            proxy_command = "uvx cloudx-proxy connect %h %p"
-            if self.profile != "vscode":
-                proxy_command += f" --profile {self.profile}"
-            if self.aws_env:
-                proxy_command += f" --aws-env {self.aws_env}"
-            if self.ssh_key != "vscode":
-                proxy_command += f" --ssh-key {self.ssh_key}"
-
+            
             # Ensure control directory exists with proper permissions
             if not self._ensure_control_dir():
                 return False
             
-            # Build base configuration
-            base_config = f"""# cloudx-proxy SSH Configuration
-Host cloudx-{cloudx_env}-*
-    User ec2-user
-"""
-            # Add key configuration
-            base_config += f"""    IdentityFile {self.ssh_key_file}
-    IdentitiesOnly yes
-
-"""
+            # Build base configuration with wildcard hostname pattern
+            # Start with a header comment
+            base_config = "# cloudx-proxy SSH Configuration\n"
+            
+            # Add base host pattern with wildcard
+            base_config += self._build_host_config(cloudx_env, None, None, include_proxy=True)
+            
             # Add SSH multiplexing configuration
             control_path = "~/.ssh/control/%r@%h:%p"
             if platform.system() == 'Windows':
@@ -402,9 +582,6 @@ Host cloudx-{cloudx_env}-*
     ControlPath {control_path}
     ControlPersist 4h
 
-"""
-            # Add ProxyCommand
-            base_config += f"""    ProxyCommand {proxy_command}
 """
             
             # If file exists, append the new config, otherwise create it
@@ -421,12 +598,9 @@ Host cloudx-{cloudx_env}-*
                 self.ssh_config_file.chmod(stat.S_IRUSR | stat.S_IWUSR)  # 600 permissions (owner read/write)
                 self.print_status("Set config file permissions to 600", True, 2)
 
-            # Add specific host entry
+            # Add specific host entry using the consolidated helper method
             self.print_status(f"Adding host entry for cloudx-{cloudx_env}-{hostname}", None, 2)
-            host_entry = f"""
-Host cloudx-{cloudx_env}-{hostname}
-    HostName {instance_id}
-"""
+            host_entry = self._build_host_config(cloudx_env, hostname, instance_id, include_proxy=False)
             with open(self.ssh_config_file, 'a') as f:
                 f.write(host_entry)
             self.print_status("Host entry added", True, 2)

{cloudx_proxy-0.3.15.dist-info → cloudx_proxy-0.4.1.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.2
 Name: cloudx-proxy
-Version: 0.3.15
+Version: 0.4.1
 Summary: SSH proxy command to connect VSCode with Cloud9/CloudX instance using AWS Systems Manager
 Author-email: easytocloud <info@easytocloud.com>
 License: MIT License

cloudx_proxy-0.4.1.dist-info/RECORD

@@ -0,0 +1,11 @@
+cloudx_proxy/__init__.py,sha256=ZZ2O_m9OFJm18AxMSuYJt4UjSuSqyJlYRaZMoets498,61
+cloudx_proxy/_version.py,sha256=yF2DwGUoQKNnLhAbpZX8kCQKjw77EZzhRk7_OTftets,511
+cloudx_proxy/cli.py,sha256=kdrZydxL94BJrv6NnjIcceRqhoonBzMIx4vfm1Wl7qc,4104
+cloudx_proxy/core.py,sha256=RF3bX5MQiokRKjYEPnfWdKywGdtoVUvV2xZqm9uOl1g,8135
+cloudx_proxy/setup.py,sha256=jvv7ibJQ8svyjYYeVKwGa70L7RV2W7yS7JXEvKed3wI,33339
+cloudx_proxy-0.4.1.dist-info/LICENSE,sha256=i7P2OR4zsJYsMWcCUDe_B9ZfGi9bU0K5I2nKfDrW_N8,1068
+cloudx_proxy-0.4.1.dist-info/METADATA,sha256=wFL6lV-shLLfI6cn8H5ZItIF944-TrX67LJC0Ml-muc,14037
+cloudx_proxy-0.4.1.dist-info/WHEEL,sha256=jB7zZ3N9hIM9adW7qlTAyycLYW9npaWKLRzaoVcLKcM,91
+cloudx_proxy-0.4.1.dist-info/entry_points.txt,sha256=HGt743N2lVlKd7O1qWq3C0aEHyS5PjPnxzDHh7hwtSg,54
+cloudx_proxy-0.4.1.dist-info/top_level.txt,sha256=2wtEote1db21j-VvkCJFfT-dLlauuG5indjggYh3xDg,13
+cloudx_proxy-0.4.1.dist-info/RECORD,,

cloudx_proxy-0.3.15.dist-info/RECORD

@@ -1,11 +0,0 @@
-cloudx_proxy/__init__.py,sha256=ZZ2O_m9OFJm18AxMSuYJt4UjSuSqyJlYRaZMoets498,61
-cloudx_proxy/_version.py,sha256=HSn5cGZLA_vnXREa9sRtSYCA5Ii9CJlQbi1YMzsfUGM,513
-cloudx_proxy/cli.py,sha256=tP-Ftf2VNKtaiu26x5nDKCMZOPKoa4XCNDd5-okoE4s,3827
-cloudx_proxy/core.py,sha256=iHloywyiDcWRXzFxgX0TdcOPHujW2u83WUMllk4m9Es,7588
-cloudx_proxy/setup.py,sha256=zZMMGAAQMqXlfVJ8_M4f5-SEcYqsFQ82kQv18ikdta0,25409
-cloudx_proxy-0.3.15.dist-info/LICENSE,sha256=i7P2OR4zsJYsMWcCUDe_B9ZfGi9bU0K5I2nKfDrW_N8,1068
-cloudx_proxy-0.3.15.dist-info/METADATA,sha256=qOT0s-RuqhXnU69PHxWELyeBKNgluZyHpO-R6O5d2q8,14038
-cloudx_proxy-0.3.15.dist-info/WHEEL,sha256=jB7zZ3N9hIM9adW7qlTAyycLYW9npaWKLRzaoVcLKcM,91
-cloudx_proxy-0.3.15.dist-info/entry_points.txt,sha256=HGt743N2lVlKd7O1qWq3C0aEHyS5PjPnxzDHh7hwtSg,54
-cloudx_proxy-0.3.15.dist-info/top_level.txt,sha256=2wtEote1db21j-VvkCJFfT-dLlauuG5indjggYh3xDg,13
-cloudx_proxy-0.3.15.dist-info/RECORD,,