* Clean up aws oidc integration instructions
* Change ResourceSpec icon type from ReactElement to string
When storing state into location URL, it doesn't allow storing
ReactElement, so I changed the icon element into string that
refers to the correct icon. Also adds rds aurora tiles to
Select Resources screen.
* Fix the expected backend aws status value for RDS list
* For RDS list, allow refreshing the table
Helpful when user makes changes to the RDS instance
(eg. tags) and needs to get the most up to date listing
* Update rds db setup access text info
* Make create database dialog more consistent btwn states
* Fix label matching
Previously we required the agent matcher labels
be an exact match of registered db labels otherwise we
prevented the user from deploying an agent (which was wrong).
Now the only requirement is that the matcher labels are all
able to match against registered db labels.
* Implement resuming discover flow from where user left of
* Enable integration access and rds flow
* Strip 443 ports from cluster uri
* Use the labels returned from polling db instaed
* Various touch ups
- Make label matching error less confusing by showing
error upon user trying to generate command
- Make label messaging clearer
- Emit errors when failing to fetch rds dbs
* Address CR and update test
* Create locks using the correct property
The "lock target" in Teleport's backend uses a different value
depending on the type of lock you want to create. For example,
to lock a node you use its UUID, but to lock a role you use its
name.
We were incorrectly always using the name to create a lock,
which appears to work fine in the UI but is not correctly
enforced on the backend.
This change adds a new required field called targetValue, allowing
us to specify the value to be used for the lock on a per-resource
basis.
Fixesgravitational/teleport-private#556
* Simplify useGetTargetData
* Finish defining rest of fields for fetching aws db list
* Define aurora postgres/mysql engine type
* Finish checking for integration access
* Remove aws related logic and pull out dialog into own file
* Refactor useCreateDatabase hook
- Remove hook prop and use context instead
- Instead of automatically taking user to nextstep after
registering db, let user manually go to next
step by clicking button (removes brief flashing of loading
dialog before next step)
* Add the new fields from response to table
* Finish implementing the after user selects a database
- on submit db, re-use the hook that creates database,
checks if a database service exists to pick up this
database by matching labels
- while this is happening, a dialog will render showing
the process
* Update test
* Address CR
* Apply create db feedback and apply backend changes
* Move tshd test helpers to a better location
* Support passing no props to tshd test helpers
* Refactor ResourcesService getServerByHostname tests
* Move pluralize to shared package
* SearchContext: Rename `opened` to `isOpen`
* ActionPicker story: Show auxiliary items in a separate column
* ActionPicker: Split getClusterName into two functions
getClusterName used to not return the name of the cluster if there's only
a single cluster present. Some places needed to get the cluster name
no matter what, such as the modal with resource errors that will be added
to ActionPicker.
* Refactor resource search to use Promise.allSettled
* useSearchAttempts has been renamed to useActionAttempts
* useActionAttempts returns resourceSearchAttempt in order to supply errors
from ResourcesService.searchResources to ActionPicker.
* SearchContext: Implement lockOpen
We'll want to display error details in a modal. While the user interacts
with the modal, we don't want to close the search bar and reset the results.
So instead, we are going to force the search bar to stay open until the
user closes the modal. This will use the lockOpen function from this commit.
* Add modal for showing resource search errors
* Refactor mockedSearchContext to not be a top-level mutable var
* Show an item in search bar with resource search errors
* ResourceSearchError: Add instanceof check to tests, include clusterUri in message
* Make isLockedOpen into a ref
* Use table tests for lockOpen tests
* Revert "Make isLockedOpen into a ref"
This reverts commit 07f4206cc2.
* Move capitalization to ResourceSearchError.messageWithClusterName
* ResourceSearchError: Use `public` in constructor
* Connect: Improve focus management in search bar (#24665)
* Renders user auth types to match expected capitalization for GitHub, SAML and OIDC
* Update test to use cap OIDC
* Update SAML and GitHub auth type test compare
* UI lint fix
* Applied comments for function location and import
* lint fix
* lint fix
* fix typecheck
* Do not hide any filters if the search term limits the list of clusters to just one cluster
* Rename `ExtraComponent` -> `ExtraTopComponent`
* Use `active` prop only for `InteractiveItem`
* Enroll new AWS integration flow
* Move IntegrationEnroll/* into Integration/Enroll/*
* Rename AWS into AwsOidc, story expects pascal case
but ran into non-story issues where casing was a problem
even renaming AWS to Aws wasn't enough, i don't know
why
* Capitalize browser directory to Browser
* Remove passing in clusterId for integration requests
Also define IntegrationKind as enum string values
to avoid hard coding it all over.
* Add sub routing for lazy loading AwsOidc comp
* Fix some styling, remove unused props, and add story
* Add a success dialog after creating integration
* Remove first in wording for now
* Replace teleport.lol with root cluster public URI
* revert renaming browser to Browser
* Fix lint: add license headers
---------
Co-authored-by: Ryan Clark <ryan.clark@goteleport.com>
* Add new assets for integration enroll flow
* Adapt integration status after switch to enum
* Prettier
* Fix some lints
* Rename enum numbers according to conventions
* Limit results after sorting
* Rename `sortAndLimitResults` -> `rankResults`
* Add `useResourceSearch` test, check if the items are sorted correctly
* Use `renderHook` from the testing library, fix test name
* Create a shareable tooltip no permission badge comp
* Implement the open source enroll integration screen
Copied over tile styling and header description with
minor refactoring from enterprise
* Add integration feature
This feature is manually disabled.
The user ACL for this screen is manually
set to always return false.
* Remove testing implementation detail?
* Make open source check for only integration resource access
* Update snapshot
* Move icons to design pkg to share between packages
* Moved integration routes from enterprise
* Add integrations ACL to user context
Also fixes inaccurate plugin perm checking for features.
Plugin "create" is moved to new feature flag "enrollIntegrations".
* Moved feature definition from enterprise
* Add integration service and types
Also moved Plugin type from enterprise
* Create add integration button comp for use in both OS/enterprise
* Move integration list from enteprise (refactored)
* Create open source integrations comp
* Update user.test
* Address CRs
* Make updates in response to backend PR updates
* Add clarifying comment
* Remove return value, export integration list
* Add stories for longer resource and cluster names
* Extract `PickerContainer`, improve styling of pickers and input
* Extract `FilterButton` component to avoid repeating the same code
* Add a message about excluded clusters
* Show a hint message when input is empty
* Show cluster filters only when there is more than one cluster
* Make search bar input responsive
* Review fixes
* Add a story for no results state
* Fix missing margin when input wraps
* Add license header
* Render `NoResultsItem` and `TypeToSearchItem` as extra items above regular items
* Use `calc` to calculate padding
* Fix comment
* Show TypeToSearchItem only after filter actions attempt finishes
* Run filter search synchronously
---------
Co-authored-by: Rafał Cieślak <rafal.cieslak@goteleport.com>
* Delete teleterm's ptyHost/v1, added by mistake
* Add package name to protos conforming to PACKAGE_VERSION_SUFFIX
* use go run in buf-connect-go.gen.yaml directly
* Run protogen in place
* Run the buf-go generation off of go run
This also adds protoc-gen-go-grpc to go.mod
Staging environments are typically less secure than production ones.
We should not include the staging feedback URL in the final packaged app
in case it gets compromised.
* Rename following naming convention
* Rename and add more db protocols
* Define new events and add event names to resource spec
* Emit events for unguided resources
Also clear the loc state if the search bar
was cleared to fix a weird quirk where
when user goes back to the select resources
screen, the preserved loc state applied
filter again
* Update tests
* Add database doc event types
This commit adds an MVP of the search bar to Connect. Currently it's
behind a feature flag (`feature.searchBar`) but we'll enable it by
default before the release. The plan was to merge the code ASAP,
potentially even straight to v12 when we have the chance, which didn't
exactly pan out but there's no harm to having this feature flag for now.
On top of that, this commit adds a new shortcut to open the search bar
(this replaces the current shortcut to open the command bar) and a
shortcut to open a new terminal tab.
The search works by essentially making a `ListResources` request for
each supported resource type to every cluster the user is logged in to.
We repurposed the old command palette UI for that but rewritten it to
use React context and hooks rather than a class and a store. This
allowed us to be a little bit more flexible as the old approach required
every picker to conform to the same interface, both in terms of UI and
code.
This implementation has two main pickers so far:
* `ActionPicker` which is the main one. It searches for resources but at
the moment it also supports applying filters. In the future, we plan
to add more actions to it such as "Open a new tab" or "Install tsh".
* `ParameterPicker` is activated when you pick an action from the
`ActionPicker` that requires an additional parameter. Think choosing
an SSH server or a db – you need to provide an SSH login or a db user
for those item. In those situations, `ActionPicker` will switch to
`ParameterPicker` and let you pick a relevant item from the list.
Everything is contained within `web/packages/teleterm/src/ui/Search`.
Arguably, `useSearch` could be refactored a little bit to maybe make its
structure a little more clear as it handles both the resource search and
the filter search. However, at the moment we're not totally sure how the
search bar will evolve, so we want to leave any bigger refactors for
later. We added a couple of basic tests for regressions that happened so
far. We also have stories for the items from the action picker.
Error handling will be added in an upcoming PR. Docs updates will be
done in a separate PR as well.
Co-authored-by: Rafał Cieślak <rafal.cieslak@goteleport.com>
* Respect route exactness in TopNav
* Allow submitting CSRF token via form
* Skip "safe" methods in CSRF checks
* Export getXCSRFToken
* Add WithAuth2
* Passthrough "name" of FieldInput
Allows it to be used in an actual form
* icomoon: add hashtag icon
* Add GetAvailablePluginTypes to PluginService proto
* Expose ProxyPublicAddr
For use in Enterprise web Plugin
* Run prettier
* Factor out app.MetaRedirect
* Rename: WithAuth2 -> WithAuthCookieAndCSRF
* Run GCI
* Renegerate protos
New endpoints were added to the API server for fetching, creating and deleting locks.
The 'editor' role now has the ability to create, edit, and remove locks by default.
Created new SlidePanel component to easily add a panel that slides in from the right of the screen.
* Use `cloud/stable` when Automatic Upgrades is on.
Teleport provides scripts to install teleport agents/services.
Those scripts use YUM/DEB repositories when possible.
Each repo has multiple channels:
- stable/v11
- stable/v12
- cloud/stable
We want to ensure that if the cluster is running in the cloud and
automatic upgrades is on (auth service was started with
TELEPORT_AUTOMATIC_UPGRADES=yes teleport ...), then the installation
script must offer the `cloud/stable` channel.
This PR changes the following scripts:
- Discover Install Node
- Discover Install Database Service
- Install App script
- EC2 default-installer and EC2 default-agentless-installer
* add helm chart knobs to enable auto updater
* use let instead of const and remove default export
* add HA to helm chart
* always return .automatic_upgrades in web ping response
* rename cloud/stable to stable/cloud
* fix ts test
* Subscribe navigation items to clusterId updates
* Add a test for navigtion item changing correctly
* Add license to test
* Update license to match others
* Delete files
* Add new icons to discover assets
* Update context mocks for storybooking/tests
* Refactor PermissionErrorMessage
- Move file location to SelectResource directory
(only used in SelectResource comp)
- Pass ResourceKind as prop to determine action
and product name instead
* Hardcode resource specs and rename variables
- Split "resource" file into multiple parts since it
was getting so large. Database got its own file b/c
it's the biggest with potential to grow even larger
- Renamed stuff for clarity, a lot of things were getting
named "resource"
- `shouldPrompt` for type ResourceViewConfig is now optional
because resource flows will not start with "Select Resource Type"
view now (change coming in later commit) so we don't have to
skip the "first" view anymore
* Remove "Select Resource Type" as a view from resource configs
Each resource no longer needs its own "select view" as
resources are all combined into one view now (SelectResource.tsx)
* Refactor the SelectResource component
- Combines all resource kinds into one view
- Provides filtering by searching for keywords.
As discussed in meeting, we did not want to provide
like a sorting (filtering?) dropdown at this time
- Provides on hover explanation of why user can't
add resources if user doesn't have access
* Update StepItem and step Navigation
The first item of the step nav used to be "Select a Resource Type"
which used to be part of the views list. The first item is now
replaced with the resources assigned icon and the resource name.
* Refactor Discover component
Major change is now we init variables such as
indexing views and finding resource cfgs after a user has
selected a resource.
Updates how events are init and emitted
and handles user going back to the resource screen
* Remove duplicated type (defined in ResourceKind.ts)
* Minor micro changes from mostly path/variable rename/restruc
* Allows user to go back to the select resource screen
Adds a back button to the first view for each guided resource
* Update snapshot from rebasing with master
* Address Crs
* feat: user acl for device trust ui
* Update lib/web/ui/usercontext.go
Co-authored-by: Zac Bergquist <zac.bergquist@goteleport.com>
* revert e ref to current from master
* Update web/packages/teleport/src/stores/storeUserContext.ts
Co-authored-by: Lisa Kim <lisa@goteleport.com>
* Update web/packages/teleport/src/teleportContext.tsx
Co-authored-by: Lisa Kim <lisa@goteleport.com>
* update defaultAllowRules to RW()
* commend added to highlight preset rules should be same when added to defaultAllowRules
---------
Co-authored-by: Zac Bergquist <zac.bergquist@goteleport.com>
Co-authored-by: Lisa Kim <lisa@goteleport.com>
* Rename old "quick input" to the current "command bar" feature name
* Remove 'Droid Sans Fallback' from Linux fonts
* Add docs for config
* Link to the proper documentation section
* Apply suggestions from @ravicious and @ibeckermayer
Co-authored-by: Rafał Cieślak <rafal.cieslak@goteleport.com>
Co-authored-by: Isaiah Becker-Mayer <isaiah@goteleport.com>
* Adjust property descriptions with the names used in User Interface
* Drop `Courier New`
* Simplify `$schema` description
* Fix lint issues
* Add a break line after each heading
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
* Schema should not be modified
* Config file is created on first launch
---------
Co-authored-by: Rafał Cieślak <rafal.cieslak@goteleport.com>
Co-authored-by: Isaiah Becker-Mayer <isaiah@goteleport.com>
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
* Add GetType() to Plugin
* Add Plugins feature flag to web
* Run prettier
* Update e_imports.go with slack plugin subpackage
Respective enterprise changes imports a new subpackage,
which pulls new dependencies.
* Expose `openConfigFile` IPC
* Add "Open Config File" to `NavigationMenu`
* Make `NavigationMenu` more concise
* Remove unused imports
* Call "three dots" menu "More Options" to make it easier to refer to in the docs
* Show a notification with a config file path
* Render the icon component only in `NavigationItem`
* Render the separator only with access request items
* Use just `separator` string instead of an object
* Render `StyledListItem` as a button
* Shorten the notification
Co-authored-by: Rafał Cieślak <rafal.cieslak@goteleport.com>
---------
Co-authored-by: Rafał Cieślak <rafal.cieslak@goteleport.com>
* Fix uncaught exception handling in Connect's shared process
Without this patch, an uncaught exception being thrown would result in
the following error due to how binding methods to class instances works:
C:\Users\rav\AppData\Local\Programs\teleport-connect\resources\app.asar\
build\app\dist\main\sharedProcess.js:73614
this.getLogger().error(message, ...args);
^
TypeError: this.getLogger is not a function
at process.error (C:\Users\rav\AppData\Local\Programs\teleport-connect\
resources\app.asar\build\app\dist\main\sharedProcess.js:73614:10)
at process.emit (node:events:513:28)
at process._fatalException (node:internal/process/execution:167:25)
* Log the origin of the uncaught exception
* Filter version alerts out of the alerts list
* Use constants to alert names
* Update test
* Addres code review comment
* Use afterEach to undo cfg change
* Add a function that returns error that might happen during loading the file
* Return validation and file loading errors from `ConfigService`
* Discard file storage updates when the file was not loaded correctly
* Do not show usage reporting dialog when the file was not loaded correctly
* Make title of notifications a little bit smaller, so longer titles do not look weird
* Get rid of sync fs functions wherever possible in file storage
* Move error handling code to `createFileStorage`
* Improve `getConfigError` comment
* Rename `discardUpdatesWhenLoadingFileFailed` to `discardUpdatesOnLoadError`
* Fix the error message in `notifyAboutConfigErrors`
* Revert "Make title of notifications a little bit smaller, so longer titles do not look weird"
* Make `writeSync` async too
* Return `unknown` from `FileStorage.get`
* Add a TODO comment about createFileStorage type
* Add "the" to "Using default config instead"
* Remove `toString()`
---------
Co-authored-by: Rafał Cieślak <rafal.cieslak@goteleport.com>
* Define new endpoints and request fields
- Add MFA response field for test connection reqs
- Define new types for checking if MFA is required
* Implement logic to check if MFA is required
* Add MFA dialog to test connectors
Adds a new function field for ReAuthenticate dialog
that just returns the MFA response
* Update storybook
* Change json field names as a result of backend CR
* Address CRs
* Address CR 2
* Connect: Remove leftovers from resource cache removal
* GetAll* RPCs were used in the resource cache and are no longer used.
* ListApps was pretty much never actually used as we didn't ever list apps
in Connect.
* ClusterContext.state.searchValue ceased to be used after we moved to
fetching resources from the backend.
* Remove remaining leftovers from tshd client mock
* Remove unused imports
* Rename `putAllSync` to `writeSync`
* Extend `FileStorage` with functions to replace an entire state and return file path used to create it
* Add `updateJsonSchema` function
* Generate schema for the app config
* Always return a string from `createMockFileStorage().getFilePath()`
* Add missing license headers
* Rename 'teleport_connect_config_schema.json' to 'schema_app_config.json'
* Rename `getKeyboardShortcutDescription` to `getShortcutDesc`
* Rename `keyboardShortcutSchema` to `shortcutSchema`
* Update a valid shortcut message
* Rename `configJsonSchemaFile` to `jsonSchema`
* Simplify `updateJsonSchema`
* Set `$refStrategy` to none
* Add missing description for `usageReporting.enabled`
* Bump zod to the latest (improves TS performance)
* Move `configService` implementation to `configStore`
* Rename `configStore` to `configService`
* Move `updateJsonSchema` to `createConfigService`
* Move `validateStoredConfig` outside `createConfigService`
* Rename `createAppConfigSchema.ts` to `appConfigSchema.ts`, `getKeyboardShortcutSchema.ts` to `keyboardShortcutSchema.ts`
* Export `createKeyboardShortcutSchema`
* Add license header
* update storybook dependencies to resolve some dependabot issues.
* remove config that's already set to the default
* Resolve prettier issues after dep update.
* Pin x-default-browser version to resolve dependabot vulnerability.
* Use event.code for non A-z keys
Without this fix, shortcuts like "Shift+1" can't work, because the reported character is "!".
* Add Zod schema to validate keyboard shortcuts
* Render better formatted error notification, add a link to docs
* Notify about duplicated accelerators
* Improve the error message for re-parsing failure (it can happen when a default value does not pass validation)
* A bunch of renames
* Allow spaces in accelerators
* Rename `isContentAnObject`
* Allow `Notification` to render links and lists
* Split by optional whitespace and "+"
* Allow lowercase letters
* Require a modifier for non-function keys
* Move VALID_SHORTCUT_MESSAGE to `initUi`
* Always return from `getDuplicateAccelerators`
* Use 'Cmd' and 'Ctrl' for mac
* Add comments
* Fix notification not rendering content
* Add more comments, rename `getKeyCode` to `getKeyName`
* Fix incorrect size of <Link> text
* Remove "expected" prefix
* Revert `typeof content === 'object'` in `Notification`
* Remove a comment about disabled keys in `ConfigService`, add a note about `keymap.` prefix
* Improve `getKeyName` comment
* Extract an inline object to a variable in `getKeyName`
* Fix notification list padding
* Change text for doc link & description for config error
* Improve comment for `getKeyName`
* Remove special formatting for list === 1 in `Notification`
* Print valid modifiers
* Call `getKeyboardShortcutSchema()` once
* Collect issues from all validations, run `invalidModifiers` through a set
* Change error message for `missingModifierIssue`
* Convert duplicates warning to error
* Define ALLOWED_KEY_CODES in a more concise way
* Support both `IntlBackslash` and `Backquote`
* Restore modifiers for mac to full spelling, sort them in order recommended by platform guidelines
* Fix old comment about the shortcuts order
---------
Co-authored-by: Rafał Cieślak <rafal.cieslak@goteleport.com>
* Make naming around keyboard shortcuts more consistent
Previously, we used words like: "key", "type", "shortcut" which were really confusing (and I wrote this code), because it was hard to tell what exactly they describe.
From now, we will use only "accelerator" (borrowed from Electron) and "action" words.
For example, in a shortcut "Command+1": "tab-1":
- "Command+1" is "accelerator"
- "tab-1" is "action"
* Use "+" instead of "-" as a separator
With "-" we are not able to use this symbol as a valid key code.
* Rename some config keys to follow the same naming pattern
* Rename keyboard shortcuts to match config keys
* Extract `mapAcceleratorsToActions` to a function
* Rename other "keyboard shortcuts" to "accelerators" and "actions"
* Add in SAML IdP service provider session metadata to auth attempts.
The SAML IdP auth attempt event now contains SAML IdP service provider,
which will allow the audit logs to display which service provider the user
is attempting to log into.
Additionally, a shortcut name has been added to the SAML IdP service provider
metadata to handle auth attempts where the service provider could not be found
given a shortcut name.
* Linting fix.
* Modify the auth attempt audit log entries.
* SAML IdP audit events.
SAML IdP audit events have been added. These events have been added to the UI
for proper rendering. Additionally, service provider events will be emitted
when managing service providers.
* Align the naming more with the existing events.
* Zac's feedback.
* Add in delete all event.
* Fix typo.
* Update story snapshot.
* Linting and test fixes.
* Audit auth failures.
* Removing the nopermissions test, as it's covered in the regular create test.
* services.usagereporter to lib/usagereporter/teleport
* teleterm/daemon/usagereporter to usagereporter/daemon
* usagereporter/daemon type aliases
* Move UsageAnonymizable newtypes in a separate file
* DiscardUsageReporter should be passed by value
* Type renames in usagereporter/teleport
* Move audit event to usage event conversion to lib/usagereporter
* package import renames
* Don't break the e build for now
* move web usage report events to lib/usagereporter
* forgot license blurb
* lib/usagereporter/discover.go to types_discover.go
* Add UiConfig option to proxy service config
* Add uiConfig to GRV_CONFIG window object and use in terminal constructor
* Update configuration reference docs
* Remove extra structs and change property to scrollbackLines
* Update web/packages/teleport/src/config.ts
Co-authored-by: Jeff Pihach <hatched@users.noreply.github.com>
* Use a common struct and apply in applyProxyConfig
* Remove webclient dependency for fileconf
* Add missing doc comments
* Set individual properties of cfg.Proxy.UI
* Remove unneeded comment
* Add nolint rule
* Fix nolint
* Add test for UIConfig
* Cleanup tests
* Fix TestUIConfig context
* Allow dynamic config for web ui (#22097)
* Update protofiles
---------
Co-authored-by: Jeff Pihach <hatched@users.noreply.github.com>
* Connect: Remove resource cache
This commit refactors parts of the Electron app which still depend on
the resource cache, that is cluster sync and `tsh ssh` executed from the
command bar.
A number of adjustments has been made to executing `tsh ssh` from the
command bar, namely the logic of resolving the hostname has been moved
from the command launcher to useDocumentTerminal. The UI was also
adjusted to allow the user to reconnect to an SSH server if resolving
the hostname fails. This has a nice benefit of also allowing them to
retry if the PTY couldn't be created for some reason.
---
Before gravitational/webapps#1307, Connect was pulling all resources
from the cluster on app start and cluster login. Then it'd show them to
you in tables if you opened a new tab with cluster resources. There were
at least two problems with this approach:
1. It was slow for big clusters as pagination, filtering and sorting
were all done client-side and blocked the main thread.
2. It wasn't possible to implement advanced search unless we copied the
implementation from the backend to tshd.
gravitational/webapps#1307 made it so that instead of depending on that
resource cache to show resource tables, Connect would pull paginated
resources from the backend.
However, the resource tables were not the only part of the app depending
on that cache. Due to time constraints, we weren't able to refactor all
of them. We managed to refactor autocomplete (gravitational/webapps#1406)
and the remaining places are listed in #21800.
This PR refactors those remaining places to not use the cache by either
not depending on resource details or by making a call to the proxy
instead.
* Add missing license
* Removes desktop logins from the ACL and adds them to each Desktop resource
as returned to the frontend. This behavior parallels what's currently being
done with other similar resources such as Nodes, and fixes a bug where
users were able to see all the logins permitted by their roles on every
desktop "connect" dropdown, even if the role permitting that login didn't
apply to a given desktop.
* Extracts common logic out of GetWindowsDesktopLogins (now GetAllowedWindowsDesktopLogins), uses it to create a GetAllowedServerLogins as well, tests both of them together, removing EnumerateServerLogins
* reduce unnecessary looping by using maps
* fixes flakiness by sorting lists
* uses require.ElementsMatch rather than manually sorting lists
* consolidates duplicated logic
* Consolidates separate server and desktop logic into a single GetAllowedLoginsForResource
* fixes tests
* fixes import order and test
Without this early return, createPtyProcess of PtyHostService would call
the callback twice on error. This doesn't have much negative implications
since the gRPC implementation will simply ignore the second call, however
it does pose some problems when trying to manually test PTY failures
by making `new PtyProcess` return an error.
* Remove sans serif from config
* Pass 'fonts.monoFamily' as style prop
* Get rid of `getSansSerif` function
* Use mono font from theme
* Add 'terminal.fontFamily' and 'terminal.fontSize' config options
* Require 'terminal.fontSize' size to be int
* Revert unneeded changes to mono font usage
* Add comment with a link to `ctrl.ts`
* Allow 'terminal.fontSize' to be in the range 1-256
Update the helm chart for kube-agent.
The image swap logic was already there.
Update the UI to include `enterprise: <isEnterprise>` when installing
the kube-agent.
* Create new local util lib to replace lodash.
* Replace usage of isInteger and debounce from lodash with highbar.
* Create isObject and runOnce utility methods.
* remove use of at, isObject, and once lodash method usage.
* remove map and transform lodash calls.
* Add memoize function to highbar.
* remove memoize lodash usage.
* remove merge and isEqual lodash methods and update other missing refs to highbar.
* convert the throttle to debounce.
* add throttle method to highbar.
* use the new throttle method instead of debounce where necessary.
* Add mergeDeep function for init config merge.
* remove lodash from the build process.
* Fix introduced bug in workspacesService.
* Added tests for highbar mergeDeep and expanded its functionality to support arrays.
* review updates.
* Added types to mergeDeep function.
* Add missing MapCache prototype methods.
* Add license notices, types and missing hash code.
* First pass at compare an array objects function.
* use new compareArrayObjs fn
* Add missing not
* Added types to arrayObjectIsEqual
* Add tests for arrayObjectIsEqual and fix some edge case bugs.
* update util fn name
Change the text on the MFA dialog to be less alarming.
Additionally, focus the OK button by default, so that users can
press enter to go straight to the MFA prompt without manually
clicking a button.
Closes#19042
* Update teleterm README
* Remove the Usage section in favor of linking to the docs.
* Mention that the OSS build is broken.
* Remove post-webapps-merge inconsistencies.
* Remove "Gravitational", align teleterm desc with teleport
* Update JS grpc-tools to 1.12.4
1.11.2 didn't have support for arm64 so we had to do all this extra stuff
in the Dockerfile.
1.11.3 added support for Darwin arm64 and 1.12.4 finally adds support for
Linux arm64. This means we can completely remove extra cruft and just
install grpc-tools 1.12.4 on all architectures.
* Add comment to ptyHostService.proto
* Adds values for when labels aren't defined
* fixes formatting and prevents usePingTeleport from rerunning the poll when used twice within a single context
* Adds comments, pushes start logic into start itself
* polishing usePingTeleport api such that it reflects that either the join token or search term is used for search
* simplify and fix searchTerm bug
* [Backend]: allow more db fields to be updatable
* Add preventing duplicate keys for label creator
* Add sort compare fn helper
* Update db request update object
* Update CreateDatabase component
- Uncomment and touch up db service checker
- Fix db service label checking
- Allow user to make changes to updatable db fields
- Split defining db name and the other fields into
two views, to prevent user from changing the db name
which is not allowed with the update action
* Address CR: use nil value to determine CACert update
* Few more touch ups
- address CR: don't OR update db request field CACert
and use consistent camelCasing
- remove the skip button for deploying service since
we have the service checker now, which auto skips it
for user if detects service
- refactor label matching for both register database
and deploy service steps
* Address CR: make all fields updatable
* Update service polling after rebase
* Allow for inputs to be disabled
* Remove timeouts from the discover workflows
* Correct the resource type to be cleared on unmount
* Update test snapshots
* Rename useJoinToken to useJoinTokenSuspender
* Remove TODO
* Simplify usePoll
* Simplify the hint box code, add a shared hook
* Add the generte command button back to db flow
* Store the joinToken in PingTeleportContext state instead of using the hook
* Fix rebase diff mistake
* Fix bug with polling for result
- once we get the result, we set the result
back to null, so we can't proceed to next step
---------
Co-authored-by: Lisa Kim <lisa@goteleport.com>
* Define event types
* Define event names for each flow
* Report events upon start, exiting, and next steps
* Update json property name change
* Emit user skipped event
* Emit error events
* Handle unloading event for 'completed' step
* Move updating event state into hook
* Finish emitting events for desktop
* Address CR: rename DiscoverDesktop to DiscoverResources
* Various changes:
- address CR: remove use of ref
- diagnostic traces can also be a success, only emit event on failed traces
- add mysql to discover events
- consistent naming on exit prompt
* Update and add new event names
* Update tests
* Emit events for unimplemented flows (apps and other dbs)
* Redo emitting events for test connection
Send event for EACH test connection failure or success.
If a user does not do any testing, send a skipped event.
* Fix the navigation not listening to the back button
* Update web/packages/teleport/src/Navigation/Navigation.tsx
Co-authored-by: Rafał Cieślak <rafal.cieslak@goteleport.com>
* Allow for history.Location and Location types to be used
* Run prettier
---------
Co-authored-by: Rafał Cieślak <rafal.cieslak@goteleport.com>
* Adjust go_package of lib/prehog Go protobufs
This makes them follow the pattern set out by api/proto and proto.
* Adjust go_package of lib/teleterm Go protobufs
* Use single buf.gen.yaml to generate JS protos
This also entailed changing the location of lib/teleterm protos and changing
the value of their package specifier to match the conventions in other parts
of the codebase. This is a breaking change but that is fine for Connect
as the protos are used locally only and each build ships with matching
protobufs.
* Make web/packages/teleterm use protobufs from gen-proto-js
We used to copy protobufs over to web/packages/teleterm/src/services/tshd
since webapps used to be in a separate repo.
This is no longer the case, so we can just make teleterm use protobufs
from gen-proto-js.
* Move prehog & teleterm protos into proto/teleport/lib
* Generate JS protos to gen/proto/js
* Move lib/teleterm Go protobufs to gen/proto/go
* Move lib/prehog Go protobufs to gen/proto/go
* Rename lib/teleterm proto package
* Re-enable linter rules for teleterm & prehog
* Update prehogv1 path in usagereporter_test.go
* Use except instead of ignore_only to allow Google API-style responses
* Add UNARY_RPC to api/proto & proto
* Ignore gen/ when running addlicense
* buf-js.gen.yaml: Remove comment about lack of go_package for JS
* Move prehog protos to proto/prehog/v1alpha
* Adjust prehog's go_package to match proto package
* Initial pass at lint and test GHA for UI.
* Fix lint
* Add --frozen-lockfile
* Skip the e directory if it doesn't exist while linting.
* Update failing snapshots.
* use a more reasonable filter for eslint to support missing e
* ignore type check on e imports.
* ignore failing file that requires e teleterm file.
* fix lint
* quiet down the log output for prettier-write.
* Improve error message when trying to rename resource
This commit improves the error message when a user tries to rename a
resource (role, auth connector and trusted cluster) using the web UI.
* Fix tests
* gofmt
* resourceExists -> getResource
* Improve comment.
Co-authored-by: Rafał Cieślak <rafal.cieslak@goteleport.com>
* Improve error message
Co-authored-by: Rafał Cieślak <rafal.cieslak@goteleport.com>
---------
Co-authored-by: Rafał Cieślak <rafal.cieslak@goteleport.com>
* Render loading screen when initialization is in progress
* Wait with showing the window until it is ready to prevent "empty screen" flash
* Add comments
* Remove CLANG_FORMAT from Makefiles
It was used to format protos but we use Buf for that since v10.
* Move installing grpc_node_plugin into Dockerfile
This commit basically takes grpc_node_plugin compilation from
Dockerfile-teleterm and moves it to Dockerfile.
* Replace Dockerfile-teleterm with Dockerfile
After moving grpc_node_plugin compilation to Dockerfile, the only remaining
thing that Dockerfile-teleterm does is installing rpm so that we can make
an RPM package for Connect during tag builds.
Installing this package can be simply moved to Dockerfile.
* Remove grpc-teleterm Make target in favor of grpc
* Add updated protobufs
It looks like they're a result of someone changing protos in lib/prehog
without running `make grpc-teleterm` separately. Which is why we're getting
rid of grpc-teleterm as a separate Make target in the first place. ;)
* Move tsconfig.json to root dir
At the moment, it looks like the TS language server has problems with
recognizing imports when editing files inside e/web.
I figured this is probably because tsconfig.json is in web, so the lang
server doesn't recognize it when editing files from e/web.
* Remove web/Dockerfile and web/Makefile
* Misc updates to readme
* Fix links in readme
The new app access authentication workflow inadvertently preserves the URL
encoded values present in the AWS role ARN, which are then passed directly
to the webapi/sessions endpoint. As a result, Teleport RBAC doesn't properly
match AWS role ARNs, as they contain (in particular) `/` characters encoded as
`%2F`.
By default, eslint outputs warnings as well as errors but doesn't sort
them in any way. When the lint step fails in CI because of an error, it's
hard to find that error among warnings.
The warnings are still useful when they show up in the editor, so let's
add --quiet which makes eslint output only errors and no warnings.
* Simplify the app launcher flow
* Use `X-Cookie-Value` header instead of using a cookie name
* Export AppLauncher as default to allow for lazy loading
* Do not include credentials
* Include the port & credentials when making requests to applications
* Add the subject cookie header
* Update packages/teleport/src/AppLauncher/AppLauncher.tsx
Co-authored-by: Lisa Kim <lisa@goteleport.com>
* Handle the ?path= query param
* Remove `useAppLauncher`
* Improve the error handling
* Remove unused import
Co-authored-by: Lisa Kim <lisa@goteleport.com>
* Create ToolTipInfo component
* Update FieldInput to accept optional tool tip content
* Temp fix for story viewing timed out polling state
* Support different informational texts depending on database
* Add database service checker to determine if we can skip next step
* Enable AWS RDS postgres flow
* Rename assets to build_resources
* Add resources\bin to Path during installation on Windows
* Adjust docs related to USE_SYSTEM_FPM
It turns out you need that for deb packages too.
* Create symlink to bundled tsh on Linux targets
* after-install: Get rid of old symlink removal
* Expand story for QuickInput
* Make command suggestions stay in place
* Align suggestion icons to the top rather than center
This makes it easier to tell when one suggestion ends and another starts.
* Add install & uninstall cmds to command bar
* Exclude new commands from OSes other than macOS
* Implement commands for symlinking tsh
* Change placement of info content for SetupAccessWrapper
* Create AnimatedProgressBar
* Allow fixed labels for LabelsCreater
* Fix a regression where events were getting passed
down to nextStep function on button click (expected number)
* Add matching label rule for DB DownloadScript
* Add a modal loader for CreateDatabase (also add port input field)
- Add countdown and error to this modal
In #1442 we added a close code when closing websockets, but didn't
properly adhere to the API. When explicitly setting a close code,
you must either use the normal code or use a custom code. Usage of
the standard codes in the 1001-1015 range is reserved for the browser.
Fixesgravitational/teleport#19688
Co-authored-by: Isaiah Becker-Mayer <isaiah@goteleport.com>
This unbreaks some Connect stories which depend on keyboard shortcuts
config.
If we ever need to change the config in stories or tests, we should
revisit the mock. But it might be enough to call the `set` method on
the config service.
* Refactored add db modal to accept a selected database
resource and removed drop down selector
* Unimplemented db flow will fallback to the refactored
modal
* Enabled self-hosted postgres flow
* Remove ClustersService methods related to apps
I had problems with the new types and apps because I didn't create a
separate type for app URI. So I decided to remove it all because it isn't
used anyway.
* Remove WorkspacesService.getWorkspacesDocumentsServices
This method wasn't used anywhere since #1203 got merged.