add 'zrok access private' to dual-path cli (#751)

This commit is contained in:
Michael Quigley 2024-09-23 13:53:56 -04:00
parent 05e0e3a979
commit 2163f0220d
No known key found for this signature in database
GPG Key ID: 9B60314A9DD20A62
2 changed files with 59 additions and 82 deletions

View File

@ -1,17 +1,21 @@
package main
import (
"context"
"encoding/json"
"fmt"
tea "github.com/charmbracelet/bubbletea"
"github.com/go-openapi/runtime"
httptransport "github.com/go-openapi/runtime/client"
"github.com/openziti/zrok/agent/agentClient"
"github.com/openziti/zrok/agent/agentGrpc"
"github.com/openziti/zrok/endpoints"
"github.com/openziti/zrok/endpoints/proxy"
"github.com/openziti/zrok/endpoints/tcpTunnel"
"github.com/openziti/zrok/endpoints/udpTunnel"
"github.com/openziti/zrok/endpoints/vpn"
"github.com/openziti/zrok/environment"
"github.com/openziti/zrok/environment/env_core"
"github.com/openziti/zrok/rest_client_zrok"
"github.com/openziti/zrok/rest_client_zrok/share"
"github.com/openziti/zrok/rest_model_zrok"
@ -54,18 +58,37 @@ func newAccessPrivateCommand() *accessPrivateCommand {
}
func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
shrToken := args[0]
env, err := environment.LoadRoot()
root, err := environment.LoadRoot()
if err != nil {
tui.Error("error loading environment", err)
if !panicInstead {
tui.Error("error loading environment", err)
}
panic(err)
}
if !env.IsEnabled() {
if !root.IsEnabled() {
tui.Error("unable to load environment; did you 'zrok enable'?", nil)
}
zrok, err := env.Client()
if cmd.agent {
cmd.accessLocal(args, root)
} else {
agent, err := agentClient.IsAgentRunning(root)
if err != nil {
tui.Error("error checking if agent is running", err)
}
if agent {
cmd.accessAgent(args, root)
} else {
cmd.accessLocal(args, root)
}
}
}
func (cmd *accessPrivateCommand) accessLocal(args []string, root env_core.Root) {
shrToken := args[0]
zrok, err := root.Client()
if err != nil {
if !panicInstead {
tui.Error("unable to create zrok client", err)
@ -73,11 +96,11 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
panic(err)
}
auth := httptransport.APIKeyAuth("X-TOKEN", "header", env.Environment().Token)
auth := httptransport.APIKeyAuth("X-TOKEN", "header", root.Environment().Token)
req := share.NewAccessParams()
req.Body = &rest_model_zrok.AccessRequest{
ShrToken: shrToken,
EnvZID: env.Environment().ZitiIdentity,
EnvZID: root.Environment().ZitiIdentity,
}
accessResp, err := zrok.Share.Access(req, auth)
if err != nil {
@ -121,7 +144,7 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
case "tcpTunnel":
fe, err := tcpTunnel.NewFrontend(&tcpTunnel.FrontendConfig{
BindAddress: cmd.bindAddress,
IdentityName: env.EnvironmentIdentityName(),
IdentityName: root.EnvironmentIdentityName(),
ShrToken: args[0],
RequestsChan: requests,
})
@ -143,7 +166,7 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
case "udpTunnel":
fe, err := udpTunnel.NewFrontend(&udpTunnel.FrontendConfig{
BindAddress: cmd.bindAddress,
IdentityName: env.EnvironmentIdentityName(),
IdentityName: root.EnvironmentIdentityName(),
ShrToken: args[0],
RequestsChan: requests,
IdleTime: time.Minute,
@ -166,7 +189,7 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
case "socks":
fe, err := tcpTunnel.NewFrontend(&tcpTunnel.FrontendConfig{
BindAddress: cmd.bindAddress,
IdentityName: env.EnvironmentIdentityName(),
IdentityName: root.EnvironmentIdentityName(),
ShrToken: args[0],
RequestsChan: requests,
})
@ -190,7 +213,7 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
Scheme: "VPN",
}
fe, err := vpn.NewFrontend(&vpn.FrontendConfig{
IdentityName: env.EnvironmentIdentityName(),
IdentityName: root.EnvironmentIdentityName(),
ShrToken: args[0],
RequestsChan: requests,
})
@ -210,7 +233,7 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
}()
default:
cfg := proxy.DefaultFrontendConfig(env.EnvironmentIdentityName())
cfg := proxy.DefaultFrontendConfig(root.EnvironmentIdentityName())
cfg.ShrToken = shrToken
cfg.Address = cmd.bindAddress
cfg.ResponseHeaders = cmd.responseHeaders
@ -232,10 +255,10 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
}
c := make(chan os.Signal)
signal.Notify(c, os.Interrupt, syscall.SIGTERM)
signal.Notify(c, os.Interrupt, os.Kill, syscall.SIGHUP, syscall.SIGTERM, syscall.SIGKILL, syscall.SIGQUIT)
go func() {
<-c
cmd.destroy(accessResp.Payload.FrontendToken, env.Environment().ZitiIdentity, shrToken, zrok, auth)
cmd.destroy(accessResp.Payload.FrontendToken, root.Environment().ZitiIdentity, shrToken, zrok, auth)
os.Exit(0)
}()
@ -285,12 +308,12 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
}
close(requests)
cmd.destroy(accessResp.Payload.FrontendToken, env.Environment().ZitiIdentity, shrToken, zrok, auth)
cmd.destroy(accessResp.Payload.FrontendToken, root.Environment().ZitiIdentity, shrToken, zrok, auth)
}
}
func (cmd *accessPrivateCommand) destroy(frontendName, envZId, shrToken string, zrok *rest_client_zrok.Zrok, auth runtime.ClientAuthInfoWriter) {
logrus.Debugf("shutting down '%v'", shrToken)
logrus.Infof("shutting down '%v'", shrToken)
req := share.NewUnaccessParams()
req.Body = &rest_model_zrok.UnaccessRequest{
FrontendToken: frontendName,
@ -303,3 +326,22 @@ func (cmd *accessPrivateCommand) destroy(frontendName, envZId, shrToken string,
logrus.Errorf("error shutting down: %v", err)
}
}
func (cmd *accessPrivateCommand) accessAgent(args []string, root env_core.Root) {
client, conn, err := agentClient.NewClient(root)
if err != nil {
tui.Error("error connecting to agent", err)
}
defer func() { _ = conn.Close() }()
acc, err := client.AccessPrivate(context.Background(), &agentGrpc.AccessPrivateRequest{
Token: args[0],
BindAddress: cmd.bindAddress,
ResponseHeaders: cmd.responseHeaders,
})
if err != nil {
tui.Error("error creating access", err)
}
fmt.Println(acc)
}

View File

@ -1,65 +0,0 @@
package main
import (
"context"
"fmt"
"github.com/openziti/zrok/agent/agentClient"
"github.com/openziti/zrok/agent/agentGrpc"
"github.com/openziti/zrok/environment"
"github.com/openziti/zrok/tui"
"github.com/spf13/cobra"
)
func init() {
agentAccessCmd.AddCommand(newAgentAccessPrivateCommand().cmd)
}
type agentAccessPrivateCommand struct {
bindAddress string
responseHeaders []string
cmd *cobra.Command
}
func newAgentAccessPrivateCommand() *agentAccessPrivateCommand {
cmd := &cobra.Command{
Use: "private <token>",
Short: "Bind a private access in the zrok Agent",
Args: cobra.ExactArgs(1),
}
command := &agentAccessPrivateCommand{cmd: cmd}
cmd.Flags().StringVarP(&command.bindAddress, "bind", "b", "127.0.0.1:9191", "The address to bind the private frontend")
cmd.Flags().StringArrayVar(&command.responseHeaders, "response-header", []string{}, "Add a response header ('key:value')")
cmd.Run = command.run
return command
}
func (cmd *agentAccessPrivateCommand) run(_ *cobra.Command, args []string) {
root, err := environment.LoadRoot()
if err != nil {
if !panicInstead {
tui.Error("unable to load environment", err)
}
panic(err)
}
if !root.IsEnabled() {
tui.Error("unable to load environment; did you 'zrok enable'?", nil)
}
client, conn, err := agentClient.NewClient(root)
if err != nil {
tui.Error("error connecting to agent", err)
}
defer conn.Close()
acc, err := client.AccessPrivate(context.Background(), &agentGrpc.AccessPrivateRequest{
Token: args[0],
BindAddress: cmd.bindAddress,
ResponseHeaders: cmd.responseHeaders,
})
if err != nil {
tui.Error("error creating access", err)
}
fmt.Println(acc)
}