* Add locked feature options
* Remove routes from items with locked parents
* Refactor to simplify features
* Add type for LockedFeatures
* Improve comment
* Fix call to isLockedAndUpdatedRouteAndNavigationItem wrong param
* Set locked features based on usage based billing
* Add back lockedRoute and list items
* Use simpler sintax
Co-authored-by: Grzegorz Zdunek <gzdunek@users.noreply.github.com>
* Simplify isParentLocked
* Improve navigation item rendering
* Remove unucessary condition from if
* Prevent adding a route if the feature is locked
* Throw error instead of logging
* Improve if condition
---------
Co-authored-by: Grzegorz Zdunek <gzdunek@users.noreply.github.com>
* ResultList: Reset active item on pick
* Extract inner item component with icon to ResultList
We want to reuse it in ParameterPicker.
* Remove hardcoded icon color of ResourceSearchErrorsItem
* Handle errors when getting suggestions for ParameterPicker
* (wip) add unlock feature button to support page
* Fix typo
* (wip) add locked feature join session
* Improve session join style
* Add session join lock button
* Remove hover on locked join menu
* Update copy
* Only show `join as...` when appropriate
* (wip)
* Make ButtonLockedFeature theme sensitive
* Remove debug stuff
* Adjust feature button height
* Fix session join button on locked
* Remove unused import
* typo
* Add link to cta button
* Remove teams flag
* Add cta service
* Update snapshots
* Lock button style
* Add cta to context
* Rename cta to ctaService
* Stories and tests
* Add comments clarifying that ctas are not used currently
* add showActiveSessionsCTA to useSessions
* Licenses
* Lint license
* Remove commented out code
* Add missing types
* Replace cta service for an object with cta on context
* Fix menu hack
* small refactor in styled stuff
* Update SessionJoinBtn to use master code
* Snapshot update
* Add events to cta clicks
* rebase
* revert e ref update
* Revert e change
* Update proto message to start at 1
* Use enum from proto files instead of rewriting
* Improve comments on usageevents.proto cta enum
* Fix import
* Fix type errs
* Add comments
* Rename CtaEvents > CtaEvent
* Copy the CtaEvent enum instead of importing from proto
* Add back blank line
* Fix import order
* Update proto files
* Add TODO comment
* Use solid color for table row border to fix Safari rendering issue
* Use `emphasize` function
* Improve comment
* Add fallback value to alpha
* Clarify comment
* Remove closeAndResetInput
* Remove unnecessary input focus from `open`
As the comment in SearchBar explains, the focus wasn't actually achieving
anything. I added it only because I was testing SearchContext in separation
and depended on the input getting focused in the test.
This doesn't reflect how the input is actually used so I adjusted the test.
* Move onFocus on input, add onBlur to input
* Remove nesting from handling outside click
* SearchContext: Rename onInputValueChange to setInputValue
* Do proper type check before calling focus on previouslyActive
* Add a temp workaround for tsc issue
* Make TypeScript 4.8.4 happy
* build: Support ARM64 (cross)builds of fido2 et al
Add support for building/cross-building the fido2 libraries (cbor,
openssl and fido2), supporting ARM64 builds. This is done by adding the
appropriate flags to the library builds in `build-fido2-macos.sh` based
on the `C_ARCH` environment variable. If unset then the host
architecture is used. The `Makefile` defined `C_ARCH` based on the
`ARCH` variable, mapping it to an appropriate value for the C compiler.
Building the libraries should now be done through the new `build-fido2`
target, and getting the pkg-config path should be done with the
`print-fido2-pkg-path`. This is instead of calling the
`build-fido2-macos.sh` script directly as the `Makefile` takes care of
setting the `C_ARCH` environment variable appropriately.
* build: Add make target to install rust cross toolchain
Add the `rustup-set-target-toolchain` target to the Makefile to ensure
the right rust toolchain is installed for the version of Rust we use as
well as the target architecture we wish to generate code for, based on
the `ARCH` variable. This is intended to be used by CI jobs to ensure
they build with the correct toolchain.
* build: Support building MacOS packages for ARM64
Remove the restriction that allows only AMD64 packages to be built on
MacOS for the teleport and tsh packages. This is via the existing `-a`
flag to `build-package.sh` and a newly added `-a` flag to
`build-pkg-tsh.sh`.
This adds the architecture to the filename of the package to distinguish
the packages for different architectures.
Update the comments in the Makefile mentioning that `arch` is ignored.
build: add architecture to package names
* build: Build Teleport Connect with target architecture
When packaging Teleport Connect with electron-builder, pass an
architecture flag so that we can cross-build Teleport Connect. This will
allow us to build MacOS ARM64 binaries on the AMD64 runners.
Add the architecture to the `dmg` filename via the electron-builder
config, so that the filenames for different architectures don't clash.
* build: Copy Mac release artifacts to release directory
Copy the Mac release artifacts to a release artifact directory so that
the CI scripts do not have to. This makes it clearer what is and is not
a release artifact and puts the logic in the Makefile instead of the CI
yaml, so it can more easily be tested locally and to make it easier to
migrate to the next CI system.
This will also be useful for building universal binaries for Mac as the
CI system can put the architecture-specific binaries from a previous
workflow job into a common location.
We should look at copying all release artifacts for the other builds
(Linux tarballs and packages, etc) into this directory too. It may help
with unifying the GitHub Actions release workflows.
* build: Add MacOS universal builds
Add support for ARCH=universal on Darwin to produce universal (fat)
binaries from pre-built arm64 and amd64 binaries.
Packages (pkg) and disk images (dmg) for containing universal binaries
are named without an architecture in the filename, as that is the
current naming for the current AMD64-only releases. These universal ones
will replace those AMD64-only ones providing a single release artifact
working across architectures.
Co-authored-by: Grzegorz Zdunek <grzegorz.zdunek@goteleport.com>
* build: Do not clean before release-darwin
Remove the `clean` prerequisite from the `release-darwin-unsigned`
target as it is not needed when building on GitHub Actions, as it starts
with a fresh slate each run. We do not make releases manually so we
don't need to ensure a clean working directory there either.
Not doing a clean makes it easier to build a MacOS universal release as
it depends on the architecture-specific tarballs from a previous release
build. We would need to manually save the tarballs from the first
architecture release build as they would get deleted by the `clean` from
the second. So just stop cleaning as it is not needed.
---------
Co-authored-by: Grzegorz Zdunek <grzegorz.zdunek@goteleport.com>
* Add IsUsageBased to features and send to web UI
* Update flag name
* Improve comment
* Add comments and improve field name
* Remove duplicated property
* Make pagination icons a little more visible
* Use different color for `tr` border
* Use `opacity: 1` for placeholders
* Include `borderRadius` in `StyledPanel` to fix rounded corners in Connect custom tables
* Use `colors.text.primary` for items in `MenuLogin`
* Adjust Connect theme to the updated dark theme
* Remove unused component
* Update snapshots
* Remove `surfaceSecondary` and `sunkenSecondary` colors
* Remove unneeded `inherit`
* Do not hardcode bg color in `TextArea`
* Expand comment
* Simplify the look of top bar elements
* Remove unused component
* Remove `text.contrast`
* Use the same dark theme for WebUI and Connect
* Revert "Make pagination icons a little more visible"
This reverts commit 1fe1d7baec.
* Add shadow for the tabs
* Post-merge fixes
* Do not use Arial on custom buttons
* Revert snapshot changes
* Fix colors in `ActionPicker`
* Apply hover styles directly on `SearchBar` input
* Use white color for "Database Connection" header
* Add shadow directly to `StyledTabs`
* Run prettier
* Update e
* Add some top padding to the terminal
* Review fixes
* Move SearchBar hover to the Flex element
* Table-related improvements (#25333)
* Use a better icon for the reverse tunnel cell
* Use `ButtonIcon` for pagination icons
* Fix rendering table border on Safari
* Manually add a visual separator between the table and the element below it
* Add bottom padding to resource tables in Connect
* Update snapshots
* Update snapshots
* Revert e
* Remove unnecessary useEffect
* Remove offline cluster handling on reconnect
We used to have to handle this manually, but nowadays it's handled by
retryWithRelogin that's used in createGateway.
* Create a gateway only once on mount
* Fix and refactor DocumentGateway story
* Add missing user groups entry to getEmptyResource state.
UserGroups will be requestable, so the UI needs to include user_group in the
empty resource state.
* Update test for object change.
* Add missing references to user_group.
* Support UI methods for user groups, label match user groups in API.
UI methods have been added to User Groups to support the enterprise Okta
service. This will allow groups to be queried and displayed on the new
access request page appropriately.
Additionally, after adding group labels to roles, the access checking was
not added to the appropriate user groups endpoints in auth_with_roles.
This has been added to ensure that users can only see the user groups they're
supposed to see when requesting access.
* UI lint issues.
* Let count be 0 (it will be zero on error)
* Put back IamPolicy screen with updated links
* Fix typo
* Remove port for 443 from very beginning of AWS integration flow
in addition fix inconsistent animation JSON policy
* Remove hard coded colors and remove unnecessary border
* (wip) add unlock feature button to support page
* Fix typo
* (wip) add locked feature join session
* Improve session join style
* Add session join lock button
* Remove hover on locked join menu
* Update copy
* Only show `join as...` when appropriate
* (wip)
* Make ButtonLockedFeature theme sensitive
* Remove debug stuff
* Adjust feature button height
* Fix session join button on locked
* Remove unused import
* typo
* Add link to cta button
* Remove teams flag
* Add cta service
* Update snapshots
* Lock button style
* Add cta to context
* Rename cta to ctaService
* Stories and tests
* Add comments clarifying that ctas are not used currently
* add showActiveSessionsCTA to useSessions
* Licenses
* Lint license
* Remove commented out code
* Add missing types
* Replace cta service for an object with cta on context
* Fix menu hack
* small refactor in styled stuff
* Update SessionJoinBtn to use master code
* Snapshot update
* Minor stuff
Switch to using the newer `notarytool` to notarize MacOS binaries
instead of the older `altool`, as `altool` is deprecated and will no
longer work come Fall 2023. This also makes for a quieter build as
altool's output was quite verbose, and anecdotally, it seems to be more
reliable - I haven't had a single notarization failure this way as
opposed to the many we see in CI with `altool`.
We used to use `gon` as part of our notarizing tool. `gon` still has an
open issue to upgrade to `notarytool`, so we've switched away from it
and used the Apple CLI tools instead to do the notarization. This is
available now that we have moved to GitHub Actions for builds as it has
a newer Xcode that contains notarytool.
Update the Teleport Connect notarization, which was quite a bit simpler,
although we do need an extra `$TEAMID` input, so handle it when that is
not supplied and document in the README that it is needed.
* Add isModeratedSession flag to web ssh session
* Fix lint
* Change to snakecase
* Change to moderated
* Ensures every Session has a valid Kind field.
Also cleans up the client code to distinguish between
terminalSessionPath and activeAndPendingSessionsPath.
* Entirely removes siteSessionGet which was not being used
* removes siteSessionGenerate which was not being used
* removes test testing webapi/sites/<cluster-name>/sessions post call, which is no longer used by the frontend
* removing unused struct
---------
Co-authored-by: Michael Myers <michael.myers@goteleport.com>
* Fix logout sequence
* Adjust `useLoggedInUser` documentation
* Mark clusters as disconnected after logging out
* Refactor `ClusterLogout` to not use the hook/container pattern
* Run prettier
* Fix test
* Use `routing.belongsToProfile`
* Render ExtraTopComponent based on computed action picker status
* Fix formatting
* Use named args for getActionPickerStatus
* Use const for nonRetryableResourceSearchErrors
* Fix logic behind determining remaining filters
* Adjust copy of db action
* Use retryWithRelogin when getting db usernames
* useAsync: Remove unnecessary useCallback
The state setter coming from useState is always stable.
https://legacy.reactjs.org/docs/hooks-reference.html#usestate
* useAsync: Expand docs with `run` return value example
* useSearch: Rename `restrictions` to `filters`
* useSearch: Remove unnecessary useState calls
* Refactor lockOpen into pauseUserInteraction
lockOpen worked great when we were concerned only about user interaction
with a modal closing the search bar as well. However, in the next commit
I'm going to add a login modal that's shown if the search fails with a
retryable error.
In that scenario, pressing Enter in the modal wouldn't work, as it would
be captured by the window listener that ResultList adds.
To work around this problem, I refactored lockOpen into pauseUserInteraction.
It still works pretty much the same way. But then instead of having checking
isLockedOpen in the close function, we have a new addWindowEventListener
function.
addWindowEventListener automatically removes the listener after
pauseUserInteraction is called. This solves both the problem of closing
the modal and the problem of using the enter key in the modal.
* Relogin & retry resource search if current workspace cert has expired
* addWindowEventListener: Name the cleanup function
* Make addWindowEventListener a prop of ResultList
* Clean up aws oidc integration instructions
* Change ResourceSpec icon type from ReactElement to string
When storing state into location URL, it doesn't allow storing
ReactElement, so I changed the icon element into string that
refers to the correct icon. Also adds rds aurora tiles to
Select Resources screen.
* Fix the expected backend aws status value for RDS list
* For RDS list, allow refreshing the table
Helpful when user makes changes to the RDS instance
(eg. tags) and needs to get the most up to date listing
* Update rds db setup access text info
* Make create database dialog more consistent btwn states
* Fix label matching
Previously we required the agent matcher labels
be an exact match of registered db labels otherwise we
prevented the user from deploying an agent (which was wrong).
Now the only requirement is that the matcher labels are all
able to match against registered db labels.
* Implement resuming discover flow from where user left of
* Enable integration access and rds flow
* Strip 443 ports from cluster uri
* Use the labels returned from polling db instaed
* Various touch ups
- Make label matching error less confusing by showing
error upon user trying to generate command
- Make label messaging clearer
- Emit errors when failing to fetch rds dbs
* Address CR and update test
* Create locks using the correct property
The "lock target" in Teleport's backend uses a different value
depending on the type of lock you want to create. For example,
to lock a node you use its UUID, but to lock a role you use its
name.
We were incorrectly always using the name to create a lock,
which appears to work fine in the UI but is not correctly
enforced on the backend.
This change adds a new required field called targetValue, allowing
us to specify the value to be used for the lock on a per-resource
basis.
Fixesgravitational/teleport-private#556
* Simplify useGetTargetData
* Finish defining rest of fields for fetching aws db list
* Define aurora postgres/mysql engine type
* Finish checking for integration access
* Remove aws related logic and pull out dialog into own file
* Refactor useCreateDatabase hook
- Remove hook prop and use context instead
- Instead of automatically taking user to nextstep after
registering db, let user manually go to next
step by clicking button (removes brief flashing of loading
dialog before next step)
* Add the new fields from response to table
* Finish implementing the after user selects a database
- on submit db, re-use the hook that creates database,
checks if a database service exists to pick up this
database by matching labels
- while this is happening, a dialog will render showing
the process
* Update test
* Address CR
* Apply create db feedback and apply backend changes
* Move tshd test helpers to a better location
* Support passing no props to tshd test helpers
* Refactor ResourcesService getServerByHostname tests
* Move pluralize to shared package
* SearchContext: Rename `opened` to `isOpen`
* ActionPicker story: Show auxiliary items in a separate column
* ActionPicker: Split getClusterName into two functions
getClusterName used to not return the name of the cluster if there's only
a single cluster present. Some places needed to get the cluster name
no matter what, such as the modal with resource errors that will be added
to ActionPicker.
* Refactor resource search to use Promise.allSettled
* useSearchAttempts has been renamed to useActionAttempts
* useActionAttempts returns resourceSearchAttempt in order to supply errors
from ResourcesService.searchResources to ActionPicker.
* SearchContext: Implement lockOpen
We'll want to display error details in a modal. While the user interacts
with the modal, we don't want to close the search bar and reset the results.
So instead, we are going to force the search bar to stay open until the
user closes the modal. This will use the lockOpen function from this commit.
* Add modal for showing resource search errors
* Refactor mockedSearchContext to not be a top-level mutable var
* Show an item in search bar with resource search errors
* ResourceSearchError: Add instanceof check to tests, include clusterUri in message
* Make isLockedOpen into a ref
* Use table tests for lockOpen tests
* Revert "Make isLockedOpen into a ref"
This reverts commit 07f4206cc2.
* Move capitalization to ResourceSearchError.messageWithClusterName
* ResourceSearchError: Use `public` in constructor
* Connect: Improve focus management in search bar (#24665)