Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ssh: add flag to confirm access restrictions #309

Merged
merged 3 commits into from
May 31, 2023
Merged

ssh: add flag to confirm access restrictions #309

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
b449961
ssh: add flag to confirm access restriction
petersutter May 25, 2023
e7ea5b8
p-env: deprecate force flag in favor of -y
petersutter May 25, 2023
1061bb1
make gen-markdown
petersutter May 25, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 10 additions & 9 deletions docs/help/gardenctl_provider-env.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,15 +34,16 @@ gardenctl provider-env [flags]
### Options

```
--control-plane target control plane of shoot, use together with shoot argument
-f, --force Generate the script even if there are access restrictions to be confirmed
--garden string target the given garden cluster
-h, --help help for provider-env
-o, --output string One of 'yaml' or 'json'.
--project string target the given project
--seed string target the given seed cluster
--shoot string target the given shoot cluster
-u, --unset Generate the script to unset the cloud provider CLI environment variables and logout for
-y, --confirm-access-restriction Confirm any access restrictions. Set this flag only if you are completely aware of the access restrictions.
--control-plane target control plane of shoot, use together with shoot argument
-f, --force Deprecated. Use --confirm-access-restriction instead. Generate the script even if there are access restrictions to be confirmed.
--garden string target the given garden cluster
-h, --help help for provider-env
-o, --output string One of 'yaml' or 'json'.
--project string target the given project
--seed string target the given seed cluster
--shoot string target the given shoot cluster
-u, --unset Generate the script to unset the cloud provider CLI environment variables and logout for
```

### Options inherited from parent commands
Expand Down
3 changes: 2 additions & 1 deletion docs/help/gardenctl_provider-env_bash.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,8 +26,9 @@ gardenctl provider-env bash [flags]
--add-dir-header If true, adds the file directory to the header of the log messages
--alsologtostderr log to standard error as well as files (no effect when -logtostderr=true)
--config string config file (default is ~/.garden/gardenctl-v2.yaml)
-y, --confirm-access-restriction Confirm any access restrictions. Set this flag only if you are completely aware of the access restrictions.
--control-plane target control plane of shoot, use together with shoot argument
-f, --force Generate the script even if there are access restrictions to be confirmed
-f, --force Deprecated. Use --confirm-access-restriction instead. Generate the script even if there are access restrictions to be confirmed.
--garden string target the given garden cluster
--log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
--log-dir string If non-empty, write log files in this directory (no effect when -logtostderr=true)
Expand Down
3 changes: 2 additions & 1 deletion docs/help/gardenctl_provider-env_fish.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,8 +26,9 @@ gardenctl provider-env fish [flags]
--add-dir-header If true, adds the file directory to the header of the log messages
--alsologtostderr log to standard error as well as files (no effect when -logtostderr=true)
--config string config file (default is ~/.garden/gardenctl-v2.yaml)
-y, --confirm-access-restriction Confirm any access restrictions. Set this flag only if you are completely aware of the access restrictions.
--control-plane target control plane of shoot, use together with shoot argument
-f, --force Generate the script even if there are access restrictions to be confirmed
-f, --force Deprecated. Use --confirm-access-restriction instead. Generate the script even if there are access restrictions to be confirmed.
--garden string target the given garden cluster
--log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
--log-dir string If non-empty, write log files in this directory (no effect when -logtostderr=true)
Expand Down
3 changes: 2 additions & 1 deletion docs/help/gardenctl_provider-env_powershell.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,8 +26,9 @@ gardenctl provider-env powershell [flags]
--add-dir-header If true, adds the file directory to the header of the log messages
--alsologtostderr log to standard error as well as files (no effect when -logtostderr=true)
--config string config file (default is ~/.garden/gardenctl-v2.yaml)
-y, --confirm-access-restriction Confirm any access restrictions. Set this flag only if you are completely aware of the access restrictions.
--control-plane target control plane of shoot, use together with shoot argument
-f, --force Generate the script even if there are access restrictions to be confirmed
-f, --force Deprecated. Use --confirm-access-restriction instead. Generate the script even if there are access restrictions to be confirmed.
--garden string target the given garden cluster
--log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
--log-dir string If non-empty, write log files in this directory (no effect when -logtostderr=true)
Expand Down
3 changes: 2 additions & 1 deletion docs/help/gardenctl_provider-env_zsh.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,8 +26,9 @@ gardenctl provider-env zsh [flags]
--add-dir-header If true, adds the file directory to the header of the log messages
--alsologtostderr log to standard error as well as files (no effect when -logtostderr=true)
--config string config file (default is ~/.garden/gardenctl-v2.yaml)
-y, --confirm-access-restriction Confirm any access restrictions. Set this flag only if you are completely aware of the access restrictions.
--control-plane target control plane of shoot, use together with shoot argument
-f, --force Generate the script even if there are access restrictions to be confirmed
-f, --force Deprecated. Use --confirm-access-restriction instead. Generate the script even if there are access restrictions to be confirmed.
--garden string target the given garden cluster
--log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
--log-dir string If non-empty, write log files in this directory (no effect when -logtostderr=true)
Expand Down
1 change: 1 addition & 0 deletions docs/help/gardenctl_ssh.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,7 @@ gardenctl ssh --keep-bastion --bastion-name cli-xxxxxxxx --public-key-file /path
--bastion-port string SSH port of the bastion used for the SSH client command. Defaults to port 22 (default "22")
--bastion-user-known-hosts-file strings Path to a custom known hosts file for the SSH connection to the bastion. This file is used to verify the public keys of remote hosts when establishing a secure connection.
--cidr stringArray CIDRs to allow access to the bastion host; if not given, your system's public IPs (v4 and v6) are auto-detected.
-y, --confirm-access-restriction Bypasses the need for confirmation of any access restrictions. Set this flag only if you are fully aware of the access restrictions.
--control-plane target control plane of shoot, use together with shoot argument
--garden string target the given garden cluster
-h, --help help for ssh
Expand Down
25 changes: 20 additions & 5 deletions pkg/cmd/providerenv/options.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,11 +50,19 @@ type options struct {
// Template is the script template
Template env.Template
// Force generates the script even if there are access restrictions to be confirmed
// Deprecated: Use ConfirmAccessRestriction instead
Force bool
// ConfirmAccessRestriction, when set to true, implies the user's understanding of the access restrictions for the targeted shoot.
// When set to false and access restrictions are present, the command will terminate with an error.
ConfirmAccessRestriction bool
}

// Complete adapts from the command line args to the data required.
func (o *options) Complete(f util.Factory, cmd *cobra.Command, _ []string) error {
ctx := f.Context()

logger := klog.FromContext(ctx)

if cmd.Name() != "provider-env" {
o.Shell = cmd.Name()
}
Expand All @@ -71,6 +79,12 @@ func (o *options) Complete(f util.Factory, cmd *cobra.Command, _ []string) error
o.SessionDir = manager.SessionDir()
o.TargetFlags = f.TargetFlags()

if o.Force {
o.ConfirmAccessRestriction = true

logger.Info("The --force flag is deprecated and will be removed in a future gardenctl version. Please use the --confirm-access-restriction flag instead.")
}

return nil
}

Expand All @@ -93,7 +107,8 @@ func (o *options) Validate() error {

// AddFlags binds the command options to a given flagset.
func (o *options) AddFlags(flags *pflag.FlagSet) {
flags.BoolVarP(&o.Force, "force", "f", false, "Generate the script even if there are access restrictions to be confirmed")
flags.BoolVarP(&o.Force, "force", "f", false, "Deprecated. Use --confirm-access-restriction instead. Generate the script even if there are access restrictions to be confirmed.")
flags.BoolVarP(&o.ConfirmAccessRestriction, "confirm-access-restriction", "y", o.ConfirmAccessRestriction, "Confirm any access restrictions. Set this flag only if you are completely aware of the access restrictions.")
flags.BoolVarP(&o.Unset, "unset", "u", o.Unset, fmt.Sprintf("Generate the script to unset the cloud provider CLI environment variables and logout for %s", o.Shell))
}

Expand Down Expand Up @@ -186,12 +201,12 @@ func printProviderEnv(o *options, shoot *gardencorev1beta1.Shoot, secret *corev1
metadata := generateMetadata(o, cli)

if len(messages) > 0 {
if o.TargetFlags.ShootName() == "" || o.Force {
if o.TargetFlags.ShootName() == "" || o.ConfirmAccessRestriction {
metadata["notification"] = messages.String()
} else {
if o.Output != "" {
return errors.New(
"the cloud provider CLI configuration script can only be generated if you confirm the access despite the existing restrictions. Use the --force flag to confirm the access",
"the cloud provider CLI configuration script can only be generated if you confirm the access despite the existing restrictions. Use the --confirm-access-restriction flag to confirm the access",
)
}

Expand All @@ -200,8 +215,8 @@ func printProviderEnv(o *options, shoot *gardencorev1beta1.Shoot, secret *corev1
"format": messages.String() + "\n%s %s\n%s\n",
"arguments": []string{
"The cloud provider CLI configuration script can only be generated if you confirm the access despite the existing restrictions.",
"Use the --force flag to confirm the access.",
s.Prompt(runtime.GOOS) + s.EvalCommand(fmt.Sprintf("%s --force %s", o.CmdPath, o.Shell)),
"Use the --confirm-access-restriction flag to confirm the access.",
s.Prompt(runtime.GOOS) + s.EvalCommand(fmt.Sprintf("%s --confirm-access-restriction %s", o.CmdPath, o.Shell)),
},
})
}
Expand Down
7 changes: 6 additions & 1 deletion pkg/cmd/providerenv/options_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -81,17 +81,22 @@ var _ = Describe("Env Commands - Options", func() {
})

Describe("completing the command options", func() {
var root,
var (
root,
parent,
child *cobra.Command
ctx context.Context
)

BeforeEach(func() {
ctx = context.Background()
root = &cobra.Command{Use: "root"}
parent = &cobra.Command{Use: "parent", Aliases: []string{"alias"}}
child = &cobra.Command{Use: "child"}
parent.AddCommand(child)
root.AddCommand(parent)
factory.EXPECT().GardenHomeDir().Return(gardenHomeDir)
factory.EXPECT().Context().Return(ctx)
root.SetArgs([]string{"alias", "child"})
Expect(root.Execute()).To(Succeed())
baseTemplate = nil
Expand Down
2 changes: 1 addition & 1 deletion pkg/cmd/providerenv/providerenv_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -126,7 +126,7 @@ var _ = Describe("Env Commands", func() {
factory.EXPECT().GardenHomeDir().Return(gardenHomeDir)

ctx = context.Background()
factory.EXPECT().Context().Return(ctx)
factory.EXPECT().Context().Return(ctx).AnyTimes()

secretBindingName = "secret-binding"
cloudProfileName = "cloud-profile"
Expand Down
7 changes: 6 additions & 1 deletion pkg/cmd/ssh/options.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -224,6 +224,10 @@ type SSHOptions struct {
// not be kept alive after it became available.
// This option can only be used if KeepBastion is set to true and Interactive is set to false.
NoKeepalive bool

// ConfirmAccessRestriction, when set to true, implies the user understands the access restrictions for the targeted shoot.
// In this case, the access restriction banner is displayed without further confirmation.
ConfirmAccessRestriction bool
}

// NewSSHOptions returns initialized SSHOptions.
Expand Down Expand Up @@ -254,6 +258,7 @@ func (o *SSHOptions) AddFlags(flagSet *pflag.FlagSet) {
flagSet.StringVar(&o.BastionHost, "bastion-host", o.BastionHost, "Override the hostname or IP address of the bastion used for the SSH client command. If not provided, the address will be automatically determined.")
flagSet.StringVar(&o.BastionPort, "bastion-port", o.BastionPort, "SSH port of the bastion used for the SSH client command. Defaults to port 22")
flagSet.StringSliceVar(&o.BastionUserKnownHostsFiles, "bastion-user-known-hosts-file", o.BastionUserKnownHostsFiles, "Path to a custom known hosts file for the SSH connection to the bastion. This file is used to verify the public keys of remote hosts when establishing a secure connection.")
flagSet.BoolVarP(&o.ConfirmAccessRestriction, "confirm-access-restriction", "y", o.ConfirmAccessRestriction, "Bypasses the need for confirmation of any access restrictions. Set this flag only if you are fully aware of the access restrictions.")

o.Options.AddFlags(flagSet)
}
Expand Down Expand Up @@ -1104,7 +1109,7 @@ func (o *SSHOptions) checkAccessRestrictions(cfg *config.Config, gardenName stri
return false, err
}

askForConfirmation := tf.ShootName() != ""
askForConfirmation := tf.ShootName() != "" && !o.ConfirmAccessRestriction
handler := ac.NewAccessRestrictionHandler(o.IOStreams.In, o.IOStreams.ErrOut, askForConfirmation) // do not write access restriction to stdout, otherwise it would break the output format

return handler(ac.CheckAccessRestrictions(garden.AccessRestrictions, shoot)), nil
Expand Down