Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add remote call authn #1

Open
wants to merge 8 commits into
base: master
Choose a base branch
from
Open

feat: add remote call authn #1

wants to merge 8 commits into from
+773 −211

Conversation

abhinav-harness
Copy link
Collaborator

@abhinav-harness abhinav-harness commented Aug 29, 2024
edited
Loading

SSH piper has a plugin based env where main code provides handle to plugin binary via grpc and asks for things it need for authn on upstream to create the pipe.

As part of response of plugin it expects callback for each of the auth method which plugin supports and host-port-username-key to use while talking to upstream.

So we are implementing the interface remotecall over helper pluginbase which takes as cli input different host names to get auth data and then return it to grpc main to handle connection

johannesHarness
johannesHarness reviewed Sep 6, 2024
View reviewed changes
plugin/remotecall/main.go
return remoteCall, nil
}

func getUserName(response *remotecall.UserKeyAuthResponse) string {
Copy link

@johannesHarness johannesHarness Sep 6, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe call it generateUpstreamUserName or sth like that to avoid confusion between incoming and outgoing user name

kapilgarg1996
kapilgarg1996 reviewed Sep 12, 2024
View reviewed changes
plugin/remotecall/main.go Outdated
return &libplugin.SshPiperPluginConfig{

NextAuthMethodsCallback: func(_ libplugin.ConnMetadata) ([]string, error) {
return []string{"publickey"}, nil
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

does it map to PublicKeyCallback ?

plugin/remotecall/main.go
},

PublicKeyCallback: func(conn libplugin.ConnMetadata, key []byte) (*libplugin.Upstream, error) {
clusterName, err := caller.GetClusterName(conn.User())
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

does this .User() method return the username passed in ssh connection ?

plugin/remotecall/main.go

k := caller.MapKey()

inClusterSvcUrl, err := caller.GetUpstreamSvcURL(clusterName)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

does this point to the actual service url where the request will go ?

plugin/remotecall/main.go
remoteCall, err := remotecall.InitRemoteCall(
c.String(userClusterEndpoint),
c.Generic(remoteEndpoints).(*remotecall.StringMapFlag).Value,
c.Path(mappingKeyPath),
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what does this file contain ? Is it part of different PR ?
Can we add that in this same PR so it can be tested independently.

@bot2-harness
Copy link

This pull request has been automatically closed due to 30 days of inactivity. If you believe this was done in error, please feel free to reopen the PR or reach out to the BT team for further assistance. Thank you for your contributions!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@johannesHarness johannesHarness johannesHarness left review comments

@kapilgarg1996 kapilgarg1996 kapilgarg1996 left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@abhinav-harness @bot2-harness @kapilgarg1996 @johannesHarness