diff --git a/integration/helpers/ports.go b/integration/helpers/ports.go index 77a4209a34888..873167a12b41f 100644 --- a/integration/helpers/ports.go +++ b/integration/helpers/ports.go @@ -107,7 +107,7 @@ func WebReverseTunnelMuxPortSetup(t *testing.T, fds *[]servicecfg.FileDescriptor } } -// WebReverseTunnelMuxPortSetup generates a listener config with a defined port for Postgres +// SeparatePostgresPortSetup generates a listener config with a defined port for Postgres func SeparatePostgresPortSetup(t *testing.T, fds *[]servicecfg.FileDescriptor) *InstanceListeners { return &InstanceListeners{ Web: NewListener(t, service.ListenerProxyWeb, fds), @@ -120,7 +120,7 @@ func SeparatePostgresPortSetup(t *testing.T, fds *[]servicecfg.FileDescriptor) * } } -// WebReverseTunnelMuxPortSetup generates a listener config with a defined port for MongoDB +// SeparateMongoPortSetup generates a listener config with a defined port for MongoDB func SeparateMongoPortSetup(t *testing.T, fds *[]servicecfg.FileDescriptor) *InstanceListeners { return &InstanceListeners{ Web: NewListener(t, service.ListenerProxyWeb, fds), @@ -133,7 +133,7 @@ func SeparateMongoPortSetup(t *testing.T, fds *[]servicecfg.FileDescriptor) *Ins } } -// WebReverseTunnelMuxPortSetup generates a listener config with a defined port for Postgres and Mongo +// SeparateMongoAndPostgresPortSetup generates a listener config with a defined port for Postgres and Mongo func SeparateMongoAndPostgresPortSetup(t *testing.T, fds *[]servicecfg.FileDescriptor) *InstanceListeners { return &InstanceListeners{ Web: NewListener(t, service.ListenerProxyWeb, fds), @@ -159,7 +159,7 @@ func PortStr(t *testing.T, addr string) string { return portStr } -// PortStr extracts the port number from the supplied string, which is assumed +// Port extracts the port number from the supplied string, which is assumed // to be a host:port pair. The port value is returned as an integer. Any errors // result in an immediately failed test. func Port(t *testing.T, addr string) int { @@ -172,7 +172,7 @@ func Port(t *testing.T, addr string) int { return port } -// NewListener creates a new TCP listener on `hostAddr`:0, adds it to the +// NewListenerOn creates a new TCP listener on `hostAddr`:0, adds it to the // FileDescriptor slice (with the specified type) and returns its actual local // address as a string (for use in configuration). The idea is to subvert // Teleport's file-descriptor injection mechanism (used to share ports between @@ -224,3 +224,40 @@ func NewListenerOn(t *testing.T, hostAddr string, ty service.ListenerType, fds * func NewListener(t *testing.T, ty service.ListenerType, fds *[]servicecfg.FileDescriptor) string { return NewListenerOn(t, Loopback, ty, fds) } + +// DynamicServiceAddr collects listeners addresses and sockets descriptors allowing to create and network listeners +// and pass the file descriptors to teleport service. +// This is usefully when Teleport service is created from config file where a port is allocated by OS. +type DynamicServiceAddr struct { + // Descriptors ia a list of descriptors associated with listens. + Descriptors []servicecfg.FileDescriptor + // WebAddr is a Teleport Proxy Web Address. + WebAddr string + // TunnelAddr is a Teleport Proxy Tunnel Address. + TunnelAddr string + // AuthAddr is a Teleport Auth Address. + AuthAddr string + // TunnelAddr is a Teleport Proxy SSH Address + ProxySSHAddr string + // TunnelAddr is a Teleport node SSH Address. + NodeSSHAddr string +} + +// NewDynamicServiceAddr creates an instance of DynamicServiceAddr. +func NewDynamicServiceAddr(t *testing.T) *DynamicServiceAddr { + var fds []servicecfg.FileDescriptor + webAddr := NewListener(t, service.ListenerProxyWeb, &fds) + tunnelAddr := NewListener(t, service.ListenerProxyTunnel, &fds) + authAddr := NewListener(t, service.ListenerAuth, &fds) + proxySSHAddr := NewListener(t, service.ListenerProxySSH, &fds) + nodeSSHAddr := NewListener(t, service.ListenerNodeSSH, &fds) + + return &DynamicServiceAddr{ + Descriptors: fds, + WebAddr: webAddr, + TunnelAddr: tunnelAddr, + AuthAddr: authAddr, + ProxySSHAddr: proxySSHAddr, + NodeSSHAddr: nodeSSHAddr, + } +} diff --git a/lib/web/apiserver_test.go b/lib/web/apiserver_test.go index 6351a4d82cc7e..16664b13121db 100644 --- a/lib/web/apiserver_test.go +++ b/lib/web/apiserver_test.go @@ -7563,7 +7563,10 @@ func newWebPack(t *testing.T, numProxies int, opts ...proxyOption) *webPack { require.NoError(t, err) require.NoError(t, node.Start()) - t.Cleanup(func() { require.NoError(t, node.Close()) }) + t.Cleanup(func() { + require.NoError(t, node.Close()) + node.Wait() + }) var proxies []*testProxy for p := 0; p < numProxies; p++ { diff --git a/tool/tctl/common/helpers_test.go b/tool/tctl/common/helpers_test.go index 2380a94e63fdd..e83848800eda7 100644 --- a/tool/tctl/common/helpers_test.go +++ b/tool/tctl/common/helpers_test.go @@ -36,7 +36,6 @@ import ( "github.com/gravitational/teleport/api/breaker" apidefaults "github.com/gravitational/teleport/api/defaults" - "github.com/gravitational/teleport/integration/helpers" "github.com/gravitational/teleport/lib/auth" "github.com/gravitational/teleport/lib/auth/authclient" "github.com/gravitational/teleport/lib/cloud" @@ -294,27 +293,3 @@ func waitForDatabases(t *testing.T, auth *service.TeleportProcess, dbs []service } } } - -func newDynamicServiceAddr(t *testing.T) *dynamicServiceAddr { - var fds []servicecfg.FileDescriptor - webAddr := helpers.NewListener(t, service.ListenerProxyWeb, &fds) - tunnelAddr := helpers.NewListener(t, service.ListenerProxyTunnel, &fds) - authAddr := helpers.NewListener(t, service.ListenerAuth, &fds) - - return &dynamicServiceAddr{ - descriptors: fds, - webAddr: webAddr, - tunnelAddr: tunnelAddr, - authAddr: authAddr, - } -} - -// dynamicServiceAddr collects listeners addresses and sockets descriptors allowing to create and network listeners -// and pass the file descriptors to teleport service. -// This is usefully when Teleport service is created from config file where a port is allocated by OS. -type dynamicServiceAddr struct { - webAddr string - tunnelAddr string - authAddr string - descriptors []servicecfg.FileDescriptor -} diff --git a/tool/tctl/common/lock_command_test.go b/tool/tctl/common/lock_command_test.go index 3d4b742a80254..d0003d701cedf 100644 --- a/tool/tctl/common/lock_command_test.go +++ b/tool/tctl/common/lock_command_test.go @@ -26,11 +26,12 @@ import ( "github.com/stretchr/testify/require" "github.com/gravitational/teleport/api/types" + "github.com/gravitational/teleport/integration/helpers" "github.com/gravitational/teleport/lib/config" ) func TestLocks(t *testing.T) { - dynAddr := newDynamicServiceAddr(t) + dynAddr := helpers.NewDynamicServiceAddr(t) fileConfig := &config.FileConfig{ Global: config.Global{ DataDir: t.TempDir(), @@ -39,20 +40,20 @@ func TestLocks(t *testing.T) { Service: config.Service{ EnabledFlag: "true", }, - WebAddr: dynAddr.webAddr, - TunAddr: dynAddr.tunnelAddr, + WebAddr: dynAddr.WebAddr, + TunAddr: dynAddr.TunnelAddr, }, Auth: config.Auth{ Service: config.Service{ EnabledFlag: "true", - ListenAddress: dynAddr.authAddr, + ListenAddress: dynAddr.AuthAddr, }, }, } timeNow := time.Now().UTC() fakeClock := clockwork.NewFakeClockAt(timeNow) - makeAndRunTestAuthServer(t, withFileConfig(fileConfig), withFileDescriptors(dynAddr.descriptors), withFakeClock(fakeClock)) + makeAndRunTestAuthServer(t, withFileConfig(fileConfig), withFileDescriptors(dynAddr.Descriptors), withFakeClock(fakeClock)) t.Run("create", func(t *testing.T) { err := runLockCommand(t, fileConfig, []string{"--user=bad@actor", "--message=Come see me"}) diff --git a/tool/tctl/common/resource_command_test.go b/tool/tctl/common/resource_command_test.go index 090d3b5dce7ef..0fd3ef05c698d 100644 --- a/tool/tctl/common/resource_command_test.go +++ b/tool/tctl/common/resource_command_test.go @@ -36,6 +36,7 @@ import ( "github.com/gravitational/teleport/api/constants" apidefaults "github.com/gravitational/teleport/api/defaults" "github.com/gravitational/teleport/api/types" + "github.com/gravitational/teleport/integration/helpers" "github.com/gravitational/teleport/lib/config" "github.com/gravitational/teleport/lib/defaults" "github.com/gravitational/teleport/lib/fixtures" @@ -44,7 +45,7 @@ import ( // TestDatabaseServerResource tests tctl db_server rm/get commands. func TestDatabaseServerResource(t *testing.T) { - dynAddr := newDynamicServiceAddr(t) + dynAddr := helpers.NewDynamicServiceAddr(t) caCertFilePath := filepath.Join(t.TempDir(), "ca-cert.pem") require.NoError(t, os.WriteFile(caCertFilePath, []byte(fixtures.TLSCACertPEM), 0644)) @@ -89,13 +90,13 @@ func TestDatabaseServerResource(t *testing.T) { Service: config.Service{ EnabledFlag: "true", }, - WebAddr: dynAddr.webAddr, - TunAddr: dynAddr.tunnelAddr, + WebAddr: dynAddr.WebAddr, + TunAddr: dynAddr.TunnelAddr, }, Auth: config.Auth{ Service: config.Service{ EnabledFlag: "true", - ListenAddress: dynAddr.authAddr, + ListenAddress: dynAddr.AuthAddr, }, }, } @@ -157,7 +158,7 @@ func TestDatabaseServerResource(t *testing.T) { }) require.NoError(t, err) - _ = makeAndRunTestAuthServer(t, withFileConfig(fileConfig), withFileDescriptors(dynAddr.descriptors)) + _ = makeAndRunTestAuthServer(t, withFileConfig(fileConfig), withFileDescriptors(dynAddr.Descriptors)) var out []*types.DatabaseServerV3 @@ -217,7 +218,7 @@ func TestDatabaseServerResource(t *testing.T) { // TestDatabaseServiceResource tests tctl db_services get commands. func TestDatabaseServiceResource(t *testing.T) { - dynAddr := newDynamicServiceAddr(t) + dynAddr := helpers.NewDynamicServiceAddr(t) ctx := context.Background() fileConfig := &config.FileConfig{ @@ -228,18 +229,18 @@ func TestDatabaseServiceResource(t *testing.T) { Service: config.Service{ EnabledFlag: "true", }, - WebAddr: dynAddr.webAddr, - TunAddr: dynAddr.tunnelAddr, + WebAddr: dynAddr.WebAddr, + TunAddr: dynAddr.TunnelAddr, }, Auth: config.Auth{ Service: config.Service{ EnabledFlag: "true", - ListenAddress: dynAddr.authAddr, + ListenAddress: dynAddr.AuthAddr, }, }, } - auth := makeAndRunTestAuthServer(t, withFileConfig(fileConfig), withFileDescriptors(dynAddr.descriptors)) + auth := makeAndRunTestAuthServer(t, withFileConfig(fileConfig), withFileDescriptors(dynAddr.Descriptors)) var out []*types.DatabaseServiceV1 @@ -299,7 +300,7 @@ func TestDatabaseServiceResource(t *testing.T) { // TestIntegrationResource tests tctl integration commands. func TestIntegrationResource(t *testing.T) { - dynAddr := newDynamicServiceAddr(t) + dynAddr := helpers.NewDynamicServiceAddr(t) ctx := context.Background() fileConfig := &config.FileConfig{ @@ -310,18 +311,18 @@ func TestIntegrationResource(t *testing.T) { Service: config.Service{ EnabledFlag: "true", }, - WebAddr: dynAddr.webAddr, - TunAddr: dynAddr.tunnelAddr, + WebAddr: dynAddr.WebAddr, + TunAddr: dynAddr.TunnelAddr, }, Auth: config.Auth{ Service: config.Service{ EnabledFlag: "true", - ListenAddress: dynAddr.authAddr, + ListenAddress: dynAddr.AuthAddr, }, }, } - auth := makeAndRunTestAuthServer(t, withFileConfig(fileConfig), withFileDescriptors(dynAddr.descriptors)) + auth := makeAndRunTestAuthServer(t, withFileConfig(fileConfig), withFileDescriptors(dynAddr.Descriptors)) t.Run("get", func(t *testing.T) { @@ -412,7 +413,7 @@ func TestIntegrationResource(t *testing.T) { } func TestCreateLock(t *testing.T) { - dynAddr := newDynamicServiceAddr(t) + dynAddr := helpers.NewDynamicServiceAddr(t) fileConfig := &config.FileConfig{ Global: config.Global{ DataDir: t.TempDir(), @@ -421,20 +422,20 @@ func TestCreateLock(t *testing.T) { Service: config.Service{ EnabledFlag: "true", }, - WebAddr: dynAddr.webAddr, - TunAddr: dynAddr.tunnelAddr, + WebAddr: dynAddr.WebAddr, + TunAddr: dynAddr.TunnelAddr, }, Auth: config.Auth{ Service: config.Service{ EnabledFlag: "true", - ListenAddress: dynAddr.authAddr, + ListenAddress: dynAddr.AuthAddr, }, }, } timeNow := time.Now().UTC() fakeClock := clockwork.NewFakeClockAt(timeNow) - makeAndRunTestAuthServer(t, withFileConfig(fileConfig), withFileDescriptors(dynAddr.descriptors), withFakeClock(fakeClock)) + makeAndRunTestAuthServer(t, withFileConfig(fileConfig), withFileDescriptors(dynAddr.Descriptors), withFakeClock(fakeClock)) _, err := types.NewLock("test-lock", types.LockSpecV2{ Target: types.LockTarget{ @@ -481,7 +482,7 @@ func TestCreateLock(t *testing.T) { // TestCreateDatabaseInInsecureMode connects to auth server with --insecure mode and creates a DB resource. func TestCreateDatabaseInInsecureMode(t *testing.T) { - dynAddr := newDynamicServiceAddr(t) + dynAddr := helpers.NewDynamicServiceAddr(t) fileConfig := &config.FileConfig{ Global: config.Global{ @@ -496,18 +497,18 @@ func TestCreateDatabaseInInsecureMode(t *testing.T) { Service: config.Service{ EnabledFlag: "true", }, - WebAddr: dynAddr.webAddr, - TunAddr: dynAddr.tunnelAddr, + WebAddr: dynAddr.WebAddr, + TunAddr: dynAddr.TunnelAddr, }, Auth: config.Auth{ Service: config.Service{ EnabledFlag: "true", - ListenAddress: dynAddr.authAddr, + ListenAddress: dynAddr.AuthAddr, }, }, } - makeAndRunTestAuthServer(t, withFileConfig(fileConfig), withFileDescriptors(dynAddr.descriptors)) + makeAndRunTestAuthServer(t, withFileConfig(fileConfig), withFileDescriptors(dynAddr.Descriptors)) // Create the databases yaml file. dbYAMLPath := filepath.Join(t.TempDir(), "db.yaml") @@ -612,7 +613,7 @@ spec: ) func TestCreateClusterAuthPreference_WithSupportForSecondFactorWithoutQuotes(t *testing.T) { - dynAddr := newDynamicServiceAddr(t) + dynAddr := helpers.NewDynamicServiceAddr(t) fileConfig := &config.FileConfig{ Global: config.Global{ DataDir: t.TempDir(), @@ -620,12 +621,12 @@ func TestCreateClusterAuthPreference_WithSupportForSecondFactorWithoutQuotes(t * Auth: config.Auth{ Service: config.Service{ EnabledFlag: "true", - ListenAddress: dynAddr.authAddr, + ListenAddress: dynAddr.AuthAddr, }, }, } - makeAndRunTestAuthServer(t, withFileConfig(fileConfig), withFileDescriptors(dynAddr.descriptors)) + makeAndRunTestAuthServer(t, withFileConfig(fileConfig), withFileDescriptors(dynAddr.Descriptors)) tests := []struct { desc string @@ -697,7 +698,7 @@ version: v2`, } func TestCreateSAMLIdPServiceProvider(t *testing.T) { - dynAddr := newDynamicServiceAddr(t) + dynAddr := helpers.NewDynamicServiceAddr(t) fileConfig := &config.FileConfig{ Global: config.Global{ DataDir: t.TempDir(), @@ -705,12 +706,12 @@ func TestCreateSAMLIdPServiceProvider(t *testing.T) { Auth: config.Auth{ Service: config.Service{ EnabledFlag: "true", - ListenAddress: dynAddr.authAddr, + ListenAddress: dynAddr.AuthAddr, }, }, } - makeAndRunTestAuthServer(t, withFileConfig(fileConfig), withFileDescriptors(dynAddr.descriptors)) + makeAndRunTestAuthServer(t, withFileConfig(fileConfig), withFileDescriptors(dynAddr.Descriptors)) tests := []struct { desc string @@ -858,7 +859,7 @@ func (test *dynamicResourceTest[T]) setup(t *testing.T) *config.FileConfig { requireResource(t, test.fooResource, "foo") requireResource(t, test.fooBarResource, "foo-bar") requireResource(t, test.fooBarBazResource, "foo-bar-baz") - dynAddr := newDynamicServiceAddr(t) + dynAddr := helpers.NewDynamicServiceAddr(t) fileConfig := &config.FileConfig{ Global: config.Global{ DataDir: t.TempDir(), @@ -867,17 +868,17 @@ func (test *dynamicResourceTest[T]) setup(t *testing.T) *config.FileConfig { Service: config.Service{ EnabledFlag: "true", }, - WebAddr: dynAddr.webAddr, - TunAddr: dynAddr.tunnelAddr, + WebAddr: dynAddr.WebAddr, + TunAddr: dynAddr.TunnelAddr, }, Auth: config.Auth{ Service: config.Service{ EnabledFlag: "true", - ListenAddress: dynAddr.authAddr, + ListenAddress: dynAddr.AuthAddr, }, }, } - _ = makeAndRunTestAuthServer(t, withFileConfig(fileConfig), withFileDescriptors(dynAddr.descriptors)) + _ = makeAndRunTestAuthServer(t, withFileConfig(fileConfig), withFileDescriptors(dynAddr.Descriptors)) return fileConfig } diff --git a/tool/tctl/common/tctl_test.go b/tool/tctl/common/tctl_test.go index 5eb0fd0eacd37..c6d0f9d5e7e47 100644 --- a/tool/tctl/common/tctl_test.go +++ b/tool/tctl/common/tctl_test.go @@ -21,6 +21,7 @@ import ( "github.com/stretchr/testify/require" "github.com/gravitational/teleport/api/breaker" + "github.com/gravitational/teleport/integration/helpers" "github.com/gravitational/teleport/lib/auth/authclient" "github.com/gravitational/teleport/lib/config" "github.com/gravitational/teleport/lib/service/servicecfg" @@ -28,7 +29,7 @@ import ( // TestConnect tests client config and connection logic. func TestConnect(t *testing.T) { - dynAddr := newDynamicServiceAddr(t) + dynAddr := helpers.NewDynamicServiceAddr(t) ctx := context.Background() fileConfig := &config.FileConfig{ @@ -38,11 +39,11 @@ func TestConnect(t *testing.T) { Auth: config.Auth{ Service: config.Service{ EnabledFlag: "true", - ListenAddress: dynAddr.authAddr, + ListenAddress: dynAddr.AuthAddr, }, }, } - makeAndRunTestAuthServer(t, withFileConfig(fileConfig), withFileDescriptors(dynAddr.descriptors)) + makeAndRunTestAuthServer(t, withFileConfig(fileConfig), withFileDescriptors(dynAddr.Descriptors)) username := "admin" mustAddUser(t, fileConfig, "admin", "access") diff --git a/tool/tctl/common/token_command_test.go b/tool/tctl/common/token_command_test.go index dcc146b551c9c..7a25260e7af2e 100644 --- a/tool/tctl/common/token_command_test.go +++ b/tool/tctl/common/token_command_test.go @@ -25,6 +25,7 @@ import ( "github.com/gravitational/teleport" "github.com/gravitational/teleport/api/types" + "github.com/gravitational/teleport/integration/helpers" "github.com/gravitational/teleport/lib/config" ) @@ -49,7 +50,7 @@ type listedToken struct { } func TestTokens(t *testing.T) { - dynAddr := newDynamicServiceAddr(t) + dynAddr := helpers.NewDynamicServiceAddr(t) fileConfig := &config.FileConfig{ Global: config.Global{ DataDir: t.TempDir(), @@ -63,18 +64,18 @@ func TestTokens(t *testing.T) { Service: config.Service{ EnabledFlag: "true", }, - WebAddr: dynAddr.webAddr, - TunAddr: dynAddr.tunnelAddr, + WebAddr: dynAddr.WebAddr, + TunAddr: dynAddr.TunnelAddr, }, Auth: config.Auth{ Service: config.Service{ EnabledFlag: "true", - ListenAddress: dynAddr.authAddr, + ListenAddress: dynAddr.AuthAddr, }, }, } - makeAndRunTestAuthServer(t, withFileConfig(fileConfig), withFileDescriptors(dynAddr.descriptors)) + makeAndRunTestAuthServer(t, withFileConfig(fileConfig), withFileDescriptors(dynAddr.Descriptors)) // Test all output formats of "tokens add". t.Run("add", func(t *testing.T) { diff --git a/tool/tctl/common/user_command_test.go b/tool/tctl/common/user_command_test.go index 5ab0947c789f1..be5c47fdf92cf 100644 --- a/tool/tctl/common/user_command_test.go +++ b/tool/tctl/common/user_command_test.go @@ -25,6 +25,7 @@ import ( "github.com/gravitational/teleport/api/constants" "github.com/gravitational/teleport/api/types" + "github.com/gravitational/teleport/integration/helpers" "github.com/gravitational/teleport/lib/config" ) @@ -65,7 +66,7 @@ func TestTrimDurationSuffix(t *testing.T) { } func TestUserAdd(t *testing.T) { - dynAddr := newDynamicServiceAddr(t) + dynAddr := helpers.NewDynamicServiceAddr(t) fileConfig := &config.FileConfig{ Global: config.Global{ DataDir: t.TempDir(), @@ -73,11 +74,11 @@ func TestUserAdd(t *testing.T) { Auth: config.Auth{ Service: config.Service{ EnabledFlag: "true", - ListenAddress: dynAddr.authAddr, + ListenAddress: dynAddr.AuthAddr, }, }, } - makeAndRunTestAuthServer(t, withFileConfig(fileConfig), withFileDescriptors(dynAddr.descriptors)) + makeAndRunTestAuthServer(t, withFileConfig(fileConfig), withFileDescriptors(dynAddr.Descriptors)) ctx := context.Background() client := getAuthClient(ctx, t, fileConfig) @@ -217,7 +218,7 @@ func TestUserAdd(t *testing.T) { } func TestUserUpdate(t *testing.T) { - dynAddr := newDynamicServiceAddr(t) + dynAddr := helpers.NewDynamicServiceAddr(t) fileConfig := &config.FileConfig{ Global: config.Global{ DataDir: t.TempDir(), @@ -225,11 +226,11 @@ func TestUserUpdate(t *testing.T) { Auth: config.Auth{ Service: config.Service{ EnabledFlag: "true", - ListenAddress: dynAddr.authAddr, + ListenAddress: dynAddr.AuthAddr, }, }, } - makeAndRunTestAuthServer(t, withFileConfig(fileConfig), withFileDescriptors(dynAddr.descriptors)) + makeAndRunTestAuthServer(t, withFileConfig(fileConfig), withFileDescriptors(dynAddr.Descriptors)) ctx := context.Background() client := getAuthClient(ctx, t, fileConfig) diff --git a/tool/tsh/common/tsh_helper_test.go b/tool/tsh/common/tsh_helper_test.go index 7980a54e4cc75..8ca1853dc724d 100644 --- a/tool/tsh/common/tsh_helper_test.go +++ b/tool/tsh/common/tsh_helper_test.go @@ -21,7 +21,6 @@ import ( "fmt" "io" "io/fs" - "net" "os" "os/user" "path/filepath" @@ -34,6 +33,7 @@ import ( "github.com/gravitational/teleport/api/breaker" apiclient "github.com/gravitational/teleport/api/client" "github.com/gravitational/teleport/api/types" + "github.com/gravitational/teleport/integration/helpers" "github.com/gravitational/teleport/lib/cloud" "github.com/gravitational/teleport/lib/config" "github.com/gravitational/teleport/lib/service" @@ -49,9 +49,7 @@ type suite struct { } func (s *suite) setupRootCluster(t *testing.T, options testSuiteOptions) { - sshListenAddr := localListenerAddr() - _, sshListenPort, err := net.SplitHostPort(sshListenAddr) - require.NoError(t, err) + dynAddr := helpers.NewDynamicServiceAddr(t) fileConfig := &config.FileConfig{ Version: "v2", Global: config.Global{ @@ -61,32 +59,34 @@ func (s *suite) setupRootCluster(t *testing.T, options testSuiteOptions) { SSH: config.SSH{ Service: config.Service{ EnabledFlag: "true", - ListenAddress: localListenerAddr(), + ListenAddress: dynAddr.NodeSSHAddr, }, }, Proxy: config.Proxy{ Service: config.Service{ EnabledFlag: "true", - ListenAddress: sshListenAddr, + ListenAddress: dynAddr.ProxySSHAddr, }, - SSHPublicAddr: []string{net.JoinHostPort("localhost", sshListenPort)}, - WebAddr: localListenerAddr(), - TunAddr: localListenerAddr(), + SSHPublicAddr: []string{dynAddr.ProxySSHAddr}, + WebAddr: dynAddr.WebAddr, + TunAddr: dynAddr.TunnelAddr, }, Auth: config.Auth{ Service: config.Service{ EnabledFlag: "true", - ListenAddress: localListenerAddr(), + ListenAddress: dynAddr.AuthAddr, }, - ClusterName: "root", + ClusterName: "root", + SessionRecording: "node-sync", }, } cfg := servicecfg.MakeDefaultConfig() cfg.CircuitBreakerConfig = breaker.NoopBreakerConfig() cfg.Log = utils.NewLoggerForTests() - err = config.ApplyFileConfig(fileConfig, cfg) + err := config.ApplyFileConfig(fileConfig, cfg) require.NoError(t, err) + cfg.FileDescriptors = dynAddr.Descriptors cfg.Proxy.DisableWebInterface = true cfg.Auth.StaticTokens, err = types.NewStaticTokens(types.StaticTokensSpecV2{ @@ -138,9 +138,7 @@ func (s *suite) setupRootCluster(t *testing.T, options testSuiteOptions) { } func (s *suite) setupLeafCluster(t *testing.T, options testSuiteOptions) { - sshListenAddr := localListenerAddr() - _, sshListenPort, err := net.SplitHostPort(sshListenAddr) - require.NoError(t, err) + dynAddr := helpers.NewDynamicServiceAddr(t) fileConfig := &config.FileConfig{ Version: "v2", Global: config.Global{ @@ -150,17 +148,17 @@ func (s *suite) setupLeafCluster(t *testing.T, options testSuiteOptions) { SSH: config.SSH{ Service: config.Service{ EnabledFlag: "true", - ListenAddress: localListenerAddr(), + ListenAddress: dynAddr.NodeSSHAddr, }, }, Proxy: config.Proxy{ Service: config.Service{ EnabledFlag: "true", - ListenAddress: sshListenAddr, + ListenAddress: dynAddr.ProxySSHAddr, }, - SSHPublicAddr: []string{net.JoinHostPort("localhost", sshListenPort)}, - WebAddr: localListenerAddr(), - TunAddr: localListenerAddr(), + SSHPublicAddr: []string{dynAddr.ProxySSHAddr}, + WebAddr: dynAddr.WebAddr, + TunAddr: dynAddr.TunnelAddr, }, Auth: config.Auth{ Service: config.Service{ @@ -169,14 +167,16 @@ func (s *suite) setupLeafCluster(t *testing.T, options testSuiteOptions) { }, ClusterName: "leaf1", ProxyListenerMode: types.ProxyListenerMode_Multiplex, + SessionRecording: "node-sync", }, } cfg := servicecfg.MakeDefaultConfig() cfg.CircuitBreakerConfig = breaker.NoopBreakerConfig() cfg.Log = utils.NewLoggerForTests() - err = config.ApplyFileConfig(fileConfig, cfg) + err := config.ApplyFileConfig(fileConfig, cfg) require.NoError(t, err) + cfg.FileDescriptors = dynAddr.Descriptors user, err := user.Current() require.NoError(t, err)