Skip to content

Commit

Permalink
Merge branch 'master' into tener/disable-default-import-rule
Browse files Browse the repository at this point in the history
  • Loading branch information
Tener authored Dec 23, 2024
2 parents 136007c + d4bdb76 commit 803f936
Show file tree
Hide file tree
Showing 444 changed files with 22,676 additions and 9,763 deletions.
42 changes: 42 additions & 0 deletions .github/workflows/docs-amplify.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
name: Docs Preview
on:
pull_request:
paths:
- 'docs/**'
- .github/workflows/docs-amplify.yaml
workflow_dispatch:

permissions:
pull-requests: write
id-token: write

jobs:
amplify-preview:
name: Prepare Amplify preview URL
runs-on: ubuntu-22.04-2core-arm64
environment: docs-amplify
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4
with:
aws-region: us-west-2
role-to-assume: ${{ vars.IAM_ROLE }}

- name: Create Amplify preview environment
uses: gravitational/shared-workflows/tools/amplify-preview@tools/amplify-preview/v0.0.1
continue-on-error: true
with:
app_ids: ${{ vars.AMPLIFY_APP_IDS }}
create_branches: "true"
github_token: ${{ secrets.GITHUB_TOKEN }}
wait: "true"

- name: Print failure message
if: failure()
env:
ERR_TITLE: Teleport Docs preview build failed
ERR_MESSAGE: >-
Please refer to the following documentation for help: https://www.notion.so/goteleport/How-to-Amplify-deployments-162fdd3830be8096ba72efa1a49ee7bc?pvs=4
run: |
echo ::error title=$ERR_TITLE::$ERR_MESSAGE
exit 1
44 changes: 23 additions & 21 deletions .golangci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,54 +9,55 @@ issues:
exclude-dirs-use-default: false
exclude-rules:
- linters:
- gosimple
text: "S1002: should omit comparison to bool constant"
- gosimple
text: 'S1002: should omit comparison to bool constant'
- linters:
- revive
text: "exported: exported const"
- revive
text: 'exported: exported const'
# TODO(hugoShaka): Remove once https://github.com/dominikh/go-tools/issues/1294 is fixed
- linters:
- unused
- unused
path: 'integrations/operator/controllers/resources/(.+)_controller_test\.go'
# TODO(codingllama): Remove once we move to grpc.NewClient.
- linters: [staticcheck]
text: "grpc.Dial is deprecated"
text: 'grpc.Dial is deprecated'
- linters: [staticcheck]
text: "grpc.DialContext is deprecated"
text: 'grpc.DialContext is deprecated'
# Deprecated gRPC dial options. Related to grpc.NewClient.
- path: (client/client.go|client/proxy/client_test.go) # api/
linters: [staticcheck]
# grpc.FailOnNonTempDialError
# grpc.WithReturnConnectionError
text: "this DialOption is not supported by NewClient"
text: 'this DialOption is not supported by NewClient'
- path: lib/kube/grpc/grpc_test.go
linters: [staticcheck]
text: "grpc.WithBlock is deprecated"
text: 'grpc.WithBlock is deprecated'
- path: lib/observability/tracing/client.go
linters: [staticcheck]
text: "grpc.WithBlock is deprecated"
text: 'grpc.WithBlock is deprecated'
- path: integrations/lib/config.go
linters: [staticcheck]
text: "grpc.WithReturnConnectionError is deprecated"
text: 'grpc.WithReturnConnectionError is deprecated'
- path: lib/service/service_test.go
linters: [staticcheck]
# grpc.WithReturnConnectionError
# grpc.FailOnNonTempDialError
text: "this DialOption is not supported by NewClient"
text: 'this DialOption is not supported by NewClient'
- path: integration/client_test.go
linters: [staticcheck]
text: "grpc.WithReturnConnectionError is deprecated"
text: 'grpc.WithReturnConnectionError is deprecated'
- path: integration/integration_test.go
linters: [staticcheck]
text: "grpc.WithBlock is deprecated"
text: 'grpc.WithBlock is deprecated'
- path: lib/multiplexer/multiplexer_test.go
linters: [staticcheck]
text: "grpc.WithBlock is deprecated"
text: 'grpc.WithBlock is deprecated'
- path: provider/provider.go # integrations/terraform
linters: [staticcheck]
text: "grpc.WithReturnConnectionError is deprecated"
text: 'grpc.WithReturnConnectionError is deprecated'
- linters: [govet]
text: "non-constant format string in call to github.com/gravitational/trace."
path-except: ^e/
text: 'non-constant format string in call to github.com/gravitational/trace.'
exclude-use-default: true
max-same-issues: 0
max-issues-per-linter: 0
Expand Down Expand Up @@ -121,6 +122,7 @@ linters-settings:
files:
- '**/api/**'
- '**/e/**'
- '**/lib/srv/**'
deny:
- pkg: github.com/sirupsen/logrus
desc: 'use "log/slog" instead'
Expand All @@ -130,7 +132,7 @@ linters-settings:
client-tools:
files:
# Tests can do anything
- "!$test"
- '!$test'
- '**/tool/tbot/**'
- '**/lib/tbot/**'
- '**/tool/tctl/**'
Expand Down Expand Up @@ -158,7 +160,7 @@ linters-settings:
cgo:
files:
# Tests can do anything
- "!$test"
- '!$test'
- '**/tool/tbot/**'
- '**/lib/client/**'
- '!**/lib/integrations/**'
Expand Down Expand Up @@ -240,8 +242,8 @@ linters-settings:
require-specific: true
revive:
rules:
- name: unused-parameter
disabled: true
- name: unused-parameter
disabled: true
sloglint:
context: all
key-naming-case: snake
Expand Down
104 changes: 100 additions & 4 deletions api/client/client.go
Original file line number Diff line number Diff line change
Expand Up @@ -2286,12 +2286,56 @@ func (c *Client) GetTrustedClusters(ctx context.Context) ([]types.TrustedCluster
}

// UpsertTrustedCluster creates or updates a Trusted Cluster.
func (c *Client) UpsertTrustedCluster(ctx context.Context, trusedCluster types.TrustedCluster) (types.TrustedCluster, error) {
trustedCluster, ok := trusedCluster.(*types.TrustedClusterV2)
//
// Deprecated: Use [Client.UpsertTrustedClusterV2] instead.
func (c *Client) UpsertTrustedCluster(ctx context.Context, trustedCluster types.TrustedCluster) (types.TrustedCluster, error) {
trustedClusterV2, ok := trustedCluster.(*types.TrustedClusterV2)
if !ok {
return nil, trace.BadParameter("invalid type %T", trusedCluster)
return nil, trace.BadParameter("invalid type %T", trustedCluster)
}
resp, err := c.grpc.UpsertTrustedCluster(ctx, trustedCluster)
resp, err := c.grpc.UpsertTrustedCluster(ctx, trustedClusterV2)
if err != nil {
return nil, trace.Wrap(err)
}
return resp, nil
}

// UpsertTrustedClusterV2 creates or updates a Trusted Cluster.
func (c *Client) UpsertTrustedClusterV2(ctx context.Context, trustedCluster types.TrustedCluster) (types.TrustedCluster, error) {
trustedClusterV2, ok := trustedCluster.(*types.TrustedClusterV2)
if !ok {
return nil, trace.BadParameter("invalid type %T", trustedCluster)
}
req := &trustpb.UpsertTrustedClusterRequest{TrustedCluster: trustedClusterV2}
resp, err := c.TrustClient().UpsertTrustedCluster(ctx, req)
if err != nil {
return nil, trace.Wrap(err)
}
return resp, nil
}

// CreateTrustedCluster creates a Trusted Cluster.
func (c *Client) CreateTrustedCluster(ctx context.Context, trustedCluster types.TrustedCluster) (types.TrustedCluster, error) {
trustedClusterV2, ok := trustedCluster.(*types.TrustedClusterV2)
if !ok {
return nil, trace.BadParameter("invalid type %T", trustedCluster)
}
req := &trustpb.CreateTrustedClusterRequest{TrustedCluster: trustedClusterV2}
resp, err := c.TrustClient().CreateTrustedCluster(ctx, req)
if err != nil {
return nil, trace.Wrap(err)
}
return resp, nil
}

// UpdateTrustedCluster updates a Trusted Cluster.
func (c *Client) UpdateTrustedCluster(ctx context.Context, trustedCluster types.TrustedCluster) (types.TrustedCluster, error) {
trustedClusterV2, ok := trustedCluster.(*types.TrustedClusterV2)
if !ok {
return nil, trace.BadParameter("invalid type %T", trustedCluster)
}
req := &trustpb.UpdateTrustedClusterRequest{TrustedCluster: trustedClusterV2}
resp, err := c.TrustClient().UpdateTrustedCluster(ctx, req)
if err != nil {
return nil, trace.Wrap(err)
}
Expand Down Expand Up @@ -4262,6 +4306,12 @@ func (c *Client) GetSSHTargets(ctx context.Context, req *proto.GetSSHTargetsRequ
return rsp, trace.Wrap(err)
}

// ResolveSSHTarget gets a server that would match an equivalent ssh dial request.
func (c *Client) ResolveSSHTarget(ctx context.Context, req *proto.ResolveSSHTargetRequest) (*proto.ResolveSSHTargetResponse, error) {
rsp, err := c.grpc.ResolveSSHTarget(ctx, req)
return rsp, trace.Wrap(err)
}

// CreateSessionTracker creates a tracker resource for an active session.
func (c *Client) CreateSessionTracker(ctx context.Context, st types.SessionTracker) (types.SessionTracker, error) {
v1, ok := st.(*types.SessionTrackerV1)
Expand Down Expand Up @@ -5091,6 +5141,52 @@ func (c *Client) UpsertUserLastSeenNotification(ctx context.Context, req *notifi
return rsp, trace.Wrap(err)
}

// GetWorkloadIdentity returns a workload identity by name.
func (c *Client) GetWorkloadIdentity(ctx context.Context, name string) (*workloadidentityv1pb.WorkloadIdentity, error) {
resp, err := c.WorkloadIdentityResourceServiceClient().GetWorkloadIdentity(ctx, &workloadidentityv1pb.GetWorkloadIdentityRequest{
Name: name,
})
if err != nil {
return nil, trace.Wrap(err)
}
return resp, nil
}

// DeleteWorkloadIdentity deletes a workload identity by name. It will throw an
// error if the workload identity does not exist.
func (c *Client) DeleteWorkloadIdentity(ctx context.Context, name string) error {
_, err := c.WorkloadIdentityResourceServiceClient().DeleteWorkloadIdentity(ctx, &workloadidentityv1pb.DeleteWorkloadIdentityRequest{
Name: name,
})
if err != nil {
return trace.Wrap(err)
}
return nil
}

// CreateWorkloadIdentity creates a new workload identity, it will not overwrite
// an existing workload identity with the same name.
func (c *Client) CreateWorkloadIdentity(ctx context.Context, r *workloadidentityv1pb.WorkloadIdentity) (*workloadidentityv1pb.WorkloadIdentity, error) {
resp, err := c.WorkloadIdentityResourceServiceClient().CreateWorkloadIdentity(ctx, &workloadidentityv1pb.CreateWorkloadIdentityRequest{
WorkloadIdentity: r,
})
if err != nil {
return nil, trace.Wrap(err)
}
return resp, nil
}

// UpsertWorkloadIdentity creates or updates a workload identity.
func (c *Client) UpsertWorkloadIdentity(ctx context.Context, r *workloadidentityv1pb.WorkloadIdentity) (*workloadidentityv1pb.WorkloadIdentity, error) {
resp, err := c.WorkloadIdentityResourceServiceClient().UpsertWorkloadIdentity(ctx, &workloadidentityv1pb.UpsertWorkloadIdentityRequest{
WorkloadIdentity: r,
})
if err != nil {
return nil, trace.Wrap(err)
}
return resp, nil
}

// ResourceUsageClient returns an unadorned Resource Usage service client,
// using the underlying Auth gRPC connection.
// Clients connecting to non-Enterprise clusters, or older Teleport versions,
Expand Down
Loading

0 comments on commit 803f936

Please sign in to comment.