feat: SOCKS5 proxy #40
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
thib92
commented
Jul 26, 2023
Comment on lines
+56
to
+58
| // Assert AWS Creds | ||
| handler.AssertCredentials() | ||
|
|
There was a problem hiding this comment.
Moved to the Run function instead of init(), as init() runs every time, even when this specific command isn't called, so we were calling handler.AssertCredentials() twice now (and more if we add more commands)
harrywm
approved these changes
Jul 27, 2023
|
|
||
| Then, setup your database client's proxy settings to target the proxy port, leave `dbc proxy` running as long as you need, and enjoy! | ||
|
|
||
| When running Terraform plans locally for databases, you need to use this option. Otherwise, you would have to change your Postgres provider configuration (host and port) each time you need to plan locally. To use the SOCKS5 proxy with the Terraform PostgreSQL provider, set `ALL_PROXY=socks5://localhost:1080` before running your plan. |
There was a problem hiding this comment.
I'm assuming there's no way we can manage this ALL_PROXY business within the Go code? No worries if not
There was a problem hiding this comment.
Nope, there is no way of exporting an environment variable from a program to the parent shell.
Moreover, dbc proxy has to run in the background in another tab, so either way, you'd need to set this environment variable in another tab, where you'd run your terraform plan or whatever
|
So cool 🚀 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Create the
dbc proxycommand to open a SOCKS5 proxy through SSM+SSH with the bastion.This command fetches the SSH private key that is used to connect to the bastion host in AWS SecretsManager. It then opens an SSH connectionto a bastion host using this key, tunneled through an SSM connection. This SSH connection uses
-Dto create a SOCKS5 proxy.