revert: PAM RDP MVP and AD support (#191, #203)#221
Conversation
|
💬 Discussion in Slack: #pr-review-cli-221-revert-pam-rdp-mvp-and-ad-support-191-203 Posted by Review Police — reviews, comments, new commits, and CI failures will stream into this channel. |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 0fe56be962
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| @@ -2,12 +2,6 @@ name: Build and release CLI | |||
|
|
|||
| on: | |||
| workflow_dispatch: | |||
There was a problem hiding this comment.
With workflow_dispatch still enabled but the dry-run/tag guards removed, a manual run from the default branch proceeds into the release jobs using github.ref_name as the version. In that common case github.ref_name is main, so the NPM step computes CLI_VERSION=main and npm version main is invalid because npm version accepts a semver or bump keyword, making the manual workflow broken unless the operator explicitly dispatches against a tag. Either restrict manual runs to tags or restore the snapshot/dry-run path.
Useful? React with 👍 / 👎.
| // Try new format first: pam_session_{sessionID}_{resourceType}_expires_{timestamp}.enc | ||
| // Build regex pattern using constants | ||
| resourceTypePattern := fmt.Sprintf("(%s|%s|%s|%s|%s|%s|%s|%s)", ResourceTypeSSH, ResourceTypePostgres, ResourceTypeRedis, ResourceTypeMysql, ResourceTypeMssql, ResourceTypeKubernetes, ResourceTypeMongodb, ResourceTypeWindows) | ||
| resourceTypePattern := fmt.Sprintf("(%s|%s|%s|%s|%s|%s|%s)", ResourceTypeSSH, ResourceTypePostgres, ResourceTypeRedis, ResourceTypeMysql, ResourceTypeMssql, ResourceTypeKubernetes, ResourceTypeMongodb) |
There was a problem hiding this comment.
When users upgrade from the RDP-enabled build with an existing recording such as pam_session_<id>_windows_expires_<ts>.enc, this regex no longer recognizes the windows resource type. ListSessionFiles skips any parse error, so those pending/expired recordings are never uploaded or cleaned up and remain orphaned on disk; accepting the legacy windows filename token here preserves cleanup even if new RDP sessions are no longer supported.
Useful? React with 👍 / 👎.
2 participants
Summary
Reverted commits
37a5224Merge PR feat(pam-rdp): thread AD domain through RDP bridge #203 (feat/pam-rdp-ad-support)82180bbMerge PR feat(pam): native RDP client support #191 (feat/pam-rdp-mvp)Test plan
go build ./...passes (verified locally)