Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix tsh kube login when creds are expired or doesn't exist #31418

Merged
merged 1 commit into from Sep 5, 2023
Merged

Fix tsh kube login when creds are expired or doesn't exist #31418

merged 1 commit into from Sep 5, 2023

Conversation

tigrato
Copy link
Contributor

@tigrato tigrato commented Sep 4, 2023

This PR chains client.RetryWithRelogin and retryWithAccessRequest helpers to deal with cases where user's credentials don't exist or are already expired.

@tigrato
Fix tsh kube login when creds are expired or doesn't exist
453741f 
This PR chains `client.RetryWithRelogin` and `retryWithAccessRequest`
helpers to deal with cases where user's credentials don't exist or are
already expired.

Signed-off-by: Tiago Silva <tiago.silva@goteleport.com>
@github-actions github-actions bot added size/sm tsh tsh - Teleport's command line tool for logging into nodes running Teleport. labels Sep 4, 2023
@tigrato tigrato added this pull request to the merge queue Sep 5, 2023
Merged via the queue into master with commit 8e5ac12 Sep 5, 2023
22 checks passed
@tigrato tigrato deleted the tigrato/fix-kube-login-no-creds branch September 5, 2023 16:46
@public-teleport-github-review-bot
Copy link

@tigrato See the table below for backport results.

Branch Result
branch/v14 Create PR

@tigrato tigrato mentioned this pull request Sep 5, 2023
Merged
@GavinFrazar GavinFrazar mentioned this pull request Sep 14, 2023
Merged
@GavinFrazar GavinFrazar mentioned this pull request Sep 18, 2023
Merged
GavinFrazar pushed a commit that referenced this pull request Sep 19, 2023
@tigrato @GavinFrazar
[v13] Fix tsh kube login when creds are expired or doesn't exist
eb51705 
Backports #31418 to branch/v13.

This PR uses `client.RetryWithRelogin` helper to deal with cases where user's
credentials don't exist or are already expired.
GavinFrazar added a commit that referenced this pull request Sep 19, 2023
@GavinFrazar @tigrato
[v13] Fix tsh kube login when creds are expired or doesn't exist (#…
86ae3af 
…32095)

Backports #31418 to branch/v13.

This PR uses `client.RetryWithRelogin` helper to deal with cases where user's
credentials don't exist or are already expired.

Co-authored-by: Tiago Silva <tiago.silva@goteleport.com>
github-merge-queue bot pushed a commit that referenced this pull request Sep 19, 2023
@GavinFrazar @tigrato
[v13] Fix Kubernetes selected cluster (#32087)
04d8985 
* [v13] Fix Kubernetes selected cluster

backports #30167 to branch/v13.

* Fix Kubernetes selected cluster

Kubeconfig context name can be customized using `--set-context-name`
flag. When using it, the selected Kubernetes cluster fails to correctly
identify the cluster name.

* [v13] tsh kube login by prefix, query, labels (#32088)

backports #30252 to branch/v13.

* fetch kube clusters once for login

* [v13] update `tsh proxy kube` cluster selection ux (#32089)

backports #30478 to branch/v13.

* select by labels, query predicate, name, and/or prefix of name.
* fix --cluster flag not being propagated

* [v13] simplify tsh db prefix predicate logic (#32090)

backports #30531 to branch/v13.

* [v13] check for discovered kube cluster name exact match (#32091)

backports #31744 to branch/v13.

* [v13] rework tsh database selection logic (#32092)

backports #31689 to branch/v13.

* disallow prefix matching
* select by exact name match first,
* otherwise look for unambiguous discovered name label match.
* look for an active db to resolve discovered name match ambiguity.
* add more predicate builder helpers
* check for db name in not found error for stale cert hint
* no error status on tsh db logout with no logged in dbs
* remove dead code
* refactor helper funcs to simplify code and make it easier to test
* test complex database selection
* test findActiveDatabase
* test choosing one db by discovered name
* add more resource selectors tests
* test formatDatabaseLoginCommand
* add debug logging for db selection

* [v13] Fix `tsh kube login` when creds are expired or doesn't exist (#32095)

Backports #31418 to branch/v13.

This PR uses `client.RetryWithRelogin` helper to deal with cases where user's
credentials don't exist or are already expired.

Co-authored-by: Tiago Silva <tiago.silva@goteleport.com>

* remove tsh kube prefix matching (#31852) (#32097)

* fix retry with relogin for ambiguous clusters
* consolidate test setup for login/proxy kube selection tests
* add more test cases for kube selection
* remove prefix testing
* add origin cloud label in tests
* refactor the check for multiple cluster login into a func

* [v13] remove prefix matching in tctl (#32104)

Backports #31916 to branch/v13.

* remove prefix matching in tctl
* replace prefix matching with exact discovered name match as a fallback
  when no resource full name matches the name given by a user
* refactor test helpers
* avoid decoding yaml/json into already initialized var

---------

Co-authored-by: Tiago Silva <tiago.silva@goteleport.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@espadolini espadolini espadolini approved these changes

@atburke atburke atburke approved these changes

Assignees
No one assigned
Labels
backport/branch/v13 backport/branch/v14 size/sm tsh tsh - Teleport's command line tool for logging into nodes running Teleport.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@tigrato @espadolini @atburke @GavinFrazar