* Allow external audit log plugins
* Add support for auth API server plugins
* Add license file path configuration parameter (not used in open-source)
* Extend audit log with user login events
This was fixed running the `misspell` linter in fix mode using
`gometalinter`. The exact command I ran was :
```
gometalinter --vendor --disable-all -E misspell --linter='misspell:misspell -w {path}:^(?P<path>.*?\.go):(?P<line>\d+):(?P<col>\d+):\s*(?P<message>.*)$' ./...
```
Some typo were fixed by hand on top of it.
Instead of quietly changing behavior because `DEBUG` envar was set to
true, Teleport now explicitly requires scary --insecure flag to enable
this behavior.
goterm had no license, I quickly replaced it with our own little table
formatter.
also rewrote some tsh commands, that were using home-made formatting, to
the new table, so the output is now much nicer.
`tctl create` used to create or update (AKA "upsert") resources.
Now there's a difference:
`--force, -f` flag, if not set, means "create only". Otherwise it means
"update".
This means you can fail updating non-existing resources.
This commit refs #1137
- tctl get user/joe now works (as reported in #1247)
- tctl create/rm roles changes
- added synonyms for various resources
- made YAML the default output for tctl get
- added better help + examples for tctl get
- edited error messages
- minor refactoring
- added the system of "command plugins" which allows enterprise version
of tctl to introduce different behavior to OSS commands
- Renamed "dir" format to "openssh"
- Replaced self-made key fingerprinting function with a standard one
- Changed fingerprinting from legacy md5 to sha256
This commit prepares TCTL for easier modifications for 2.3
Specifically:
1. CLI commands have been placed in separate go files.
2. Removed some dead code. We had commands that haven't even been hooked
to CLI!
3. Added comments in a few places.
1. Got rid of `tool/tsh/common` package. See below.
2. Fixed logger in config test (it was getting reset by the test itself)
The reason we don't need `tool/tsh/common` is because `tsh` is the same
for OSS or Enterprise versions. This is good for two reasons:
1. Enterprise customers don't need to bother telling users to use a
proprietary binary, they can just get OSS (which will eventually get
pacakged for OSX/Ubuntu/RHEL) and will be one `apt-get` or `brew install` away
2. Easier for us to package/maintain.
Changes:
* Moved identity file code from tctl (because `tctl auth sign` already
does what we need) into `lib/client/identity.go`
* Updated tctl to use the new stuff.
Next steps:
* Change `tsh` to use that code
* Tests
- Switched to new way of building Enterprise
- Removed `tctl tunnels` command (preparation for new resources)
- Removed `tctl auth ls` command (preparation for new resources)