* Add server version to cluster
* Add components to display compatibility promise
* Show compatibility promise on status page
* Show compatibility promise on setup page
* Rename `serverVersion` -> `proxyVersion`, make all places to use `makeRootCluster`/`makeLeafCluster`
* Move `UpgradeAgentSuggestion` to a new file, make it stateless
* Return `isAgentCompatible` instead of `isNonCompatibleAgent` from context
* Add // DELETE IN comments
* Improve copies
* Add a story for too old client in Setup
* Extract CONNECT_MY_COMPUTER_RELEASE_MAJOR_VERSION
* Run prettier
* Fix license
* Show an error on the CMC icon when the agent is not compatible
* Always say "version" before the version number
* Adjust tests
* Drop "if you wish" from the copies
Access List usage events have been added, counting create and delete for
Access Lists and Access List members. Additionally, an event for granting
Access List access to users has been added to the userloginstate Generator
and is now tested for.
* Add RPCs for removing the node and reading its name
* Extract `isAccessDeniedError`
* Add a function to remove agent directory
* Add methods in Connect My Computer service to remove node, agent directory and connections
* Do not print warning when there is no agent to kill. The agent could not be started or even configured, so there is no point in showing that warning.
* Remove agent by clicking a button in the status document
* Remove agent by logging out
* Improve comments and error message
* `getConnectMyComputerNodeName` should return `string`, not `ServerUri`
* Move `removeConnections` method from `ConnectMyComputerService` to `ConnectMyComputerContext`
* Simplify integration test
* Document that connections have to be removed before removing agent dir
* Ignore NOT_FOUND errors
* Show a notification after removing the agent and close the tab
* `readUUid` -> `readUUID`
* Run prettier
* Extract a function that renders `useConnectMyComputerContext` hook to avoid duplicating the setup
* Move showing notification outside `catch` block, add tests
* Use `connection.kind` instead of parsing the resource URI
* Add `assertUnreachable`
* Pass `closeDocument` function to the status component instead of a document object
* Post-rebase fixes
* Add daemon.Service.ResolveClusterURI
* Accept agents dir through command line flag
tshd needs to know this out of band, so that when the Electron app tells
it to watch for host UUID file for a specific cluster, the Electron app
can send just the profile name of the cluster instead of an arbitrary path
on the computer.
* Implement WaitForConnectMyComputerNodeJoin in tsh daemon
* wait: Use addEventListener instead of onabort
* Make TshAbortController emit abort event only once
This aligns it with a regular AbortController, which also emits the event
only once.
* Refactor how types are imported in tshd fixtures
* Implement WaitForConnectMyComputerNodeJoin in Electron app
* createAbortController: Add signal.aborted, use emitter.once
* Improve wait function based on Deno implementation
72d6e6641e/async/delay.ts (L39)
* Add a comment about the events package
Some of the plumbing was there, but Teleport never actually
emitted this event. The new join_token.create event is already
emitted when a bot join token is created, so no additional work
is necessary here.
Closes#31901
* Add AssistAction and AssistAccessRequest PostHog event reporting
This commit introduced new usage tracking for Assist features. AssistAction event is emitted when user triggers an action like SSH command generation or output explaining. AssistAccessRequest event is fired when user requests access to a resource. The events capture anonymized username, resource type or action triggered, and a breakdown of tokens used for generating command summaries or completion responses.
* "Removed userName in AssistAccessRequest and AssistAction"
Both "AssistAccessRequest" and "AssistAction" messages in usageevents.proto file and their corresponding Go structures were modified to remove the "userName" field.
* Add GoDoc
* Event Schema protoc plugin, initial commit
* Generate mappings + dump table and schema views
* Add license headers
* Add license headers pt.2
* go mod tidy
* go mod tidy pt.2
* goimports
* Address feedback: consistent order, document rebuild, drop eventype mapping
* Reduce the list of queryable events
* Remove stale comment
* fixup! Address feedback: consistent order, document rebuild, drop eventype mapping
* Fix view generation
- support nested dmlTypes (`array(map(...))`)
- support fields with `.` in their names
- use same function to generate field names for view and table
- use leading commas when generating schema views
* display event_date and event_table in tableSchema + add tests
* Add docstrings
* Address jakule's feedback
* Address marco's feedback
* Convert Fields from a map to a list of fields
* lint
* Make sure Connect My Computer is not shown to SSO users
* Improve user type check in RoleSetup
* Reexport UserType
* Fix protos
* Add makeLoggedInUser test helper and use it in tests
* Add methods to create and remove tokens
* Add a function to create agent config file
* Integrate token generation and config file creation
* Move response formatting to the handler
* Remove doc links
* Declare struct before its methods
* Remove `useRetryWithRelogin` usage
* Hold a clock in `TokenProvisionerConfig`, add a function that creates `TokenProvisioner`
* Do not use `EmptyResponse` in proto
* Create a specialized struct to return token and labels
* Add an integration test
* Uncomment `runGenerateConfigFileAttempt` step
* Run prettier
* Remove duplicated assertion and use more meaningful name
* Fix lint issue
* Ignore specific teleterm proto file rather than whole package
* clusters.Storage: Avoid unnecessary casting of URI back to string
* Storage.fromProfile: Move loading profile status to separate function
* Return client.TeleportClient together with clusters.Cluster
This is a stopgap to make clusters.Cluster a regular struct with no extra
behavior and a much smaller interface.
At the moment, almost all RPCs go through layers like these:
gRPC handler → daemon.Service → clusters.Storage → clusters.Cluster →
→ TeleportClient
As a result, clusters.Cluster has a gigantic interface that's hard to test.
Instead, we want to make it hold basic information about the cluster.
The real work will be done by collaborator structs which take clusters.Cluster
and TeleportClient as args. This way we can mock them out more easily in tests.
See the issue linked in the comment of clusters.Storage.GetByResourceURI
for more details.
* Make AddMetadataToRetryableError public
Since we're moving away from doing everything in clusters.Cluster, we'll
need to use this function from within the daemon package.
* Add IsRoot and IsLeaf methods to uri.ResourceURI
These methods will be used to return early if someone tries to set up
roles for a leaf cluster. Connect My Computer works with root clusters only.
* Add handler for creating Connect My Computer role
* Add test for calling GenerateUserCerts with bogus request ID
* Fix checking logins of existing role
* Remove commented out argument to ReissueUserCerts
* Add a stopgap comment to Storage.GetByURI
* Remove invalid doc links
* Ensure owner node label has expected value if role already exists
* Add unit test which checks RoleSetup.Run idempotency
* Add godoc for Resolver
* Simplify watcher equality check, add a comment
* Expand the comment for DropAccessRequests
* Fix position of Connect My Computer popover
* Integrate role setup with setup document
* Add temporary action to additional actions
This will be removed once the parent PR is approved. I just wanted to give
reviewers a shortcut to triggering the endpoint from the actual app.
* Add return type to createRole
* Add useRetryWithRelogin
* Wrap role setup in retryWithRelogin
* Remove useRetryWithRelogin in favor of retryWithRelogin & useCallback
* Remove CMC role setup from AdditionalActions
* Prettier fix
* Fix eslint
* First pass at adding buttons to the integrations page
* Add analytics events for clicking Machine ID enrollment tiles
* Run prettier
* Fix eslint complaints
* Push fixed icons
* Flatten the styling for the Jenkins logo
* Rearrange machine ID title code
* Remove logs from event processing
* Switch to coloured gitLab icon
* Use GitLabs proper name for CI/Cd
* Fix imports
* Further adjustments from PR
---------
Co-authored-by: Ryan Clark <ryan.clark@goteleport.com>
* Move CMC icon and setup document to common `ConnectMyComputer` directory
* Add permissions to show CMC
* Use `cluster.leaf` to check if a cluster is a root cluster
* Rename `isConnectMyComputerPermittedForRootCluster` to `canUseConnectMyComputer`
* Add licenses
* Rename `DocumentSetup` to `DocumentConnectMyComputerSetup`
* Check `cluster.leaf` flag to verify if the cluster is a root cluster
* Do not throw in `canUseConnectMyComputer`
* Add comments
* Use the same field name in a documentation comment
* Use relative import
* Define a deployed_method field to discover deploy event
* Add deployed_method field to expected events
* Add deployed method type and define its field when emitting event from web UI
* Address CR and add another field
* Address CR
* Add ACL to Connect
* Apply Zac's suggestions
Co-authored-by: Zac Bergquist <zac.bergquist@goteleport.com>
* Rename `convertToApiResourceAccess`
* Use `recorded_sessions` and `active_sessions` instead of `sessions` to avoid confusion.
Web has two fields for "sessions", and we should have too.
* Reserve "sessions" too
* Rename `ACL` to `acl`
---------
Co-authored-by: Zac Bergquist <zac.bergquist@goteleport.com>
* At the notion of friendly names to access request details.
Access request details can now return friendly names. This will help display
access request resources in a way that allows easier reviewing of Okta apps
and user groups, where the names are not human readable.
* Use friendly name for nodes, tune variable names.
* Add in DetailsID helper function for use by the enterprise UI.
* Request apps instead of app servers, remove DetailsID as its no longer needed.
* Push friendly name into app and usergroup UI objects.
* Fix apps test.
* Linting.
* [Connect] Add FriendlyName to AccessRequest (#27694)
---------
Co-authored-by: Michael <michael.myers@goteleport.com>
* Return os.exec.Cmd as gateway CLI command
* Remove separate Props type from DocumentTerminal
* Refactor Kind type exported from documentsService
* Export makeRuntimeSettings from MainProcess mock
* PtyProcess: Join args in logger name
* ptyHostService: Pass ptyOptions explicitly instead of using spread
I noticed that we pass both argsList and args to the PtyProcess constructor.
While TypeScript allows that, it is a bit confusing when inspecting the
actual values received in the constructor.
* Add empty DocumentGatewayCliClient
* Start terminal from DocumentGatewayCliClient
* Add waiting state for DocumentGatewayCliClient
* Remove targetSubresourceName from DocumentGatewayCliClient title
* (wip) add unlock feature button to support page
* Fix typo
* (wip) add locked feature join session
* Improve session join style
* Add session join lock button
* Remove hover on locked join menu
* Update copy
* Only show `join as...` when appropriate
* (wip)
* Make ButtonLockedFeature theme sensitive
* Remove debug stuff
* Adjust feature button height
* Fix session join button on locked
* Remove unused import
* typo
* Add link to cta button
* Remove teams flag
* Add cta service
* Update snapshots
* Lock button style
* Add cta to context
* Rename cta to ctaService
* Stories and tests
* Add comments clarifying that ctas are not used currently
* add showActiveSessionsCTA to useSessions
* Licenses
* Lint license
* Remove commented out code
* Add missing types
* Replace cta service for an object with cta on context
* Fix menu hack
* small refactor in styled stuff
* Update SessionJoinBtn to use master code
* Snapshot update
* Add events to cta clicks
* rebase
* revert e ref update
* Revert e change
* Update proto message to start at 1
* Use enum from proto files instead of rewriting
* Improve comments on usageevents.proto cta enum
* Fix import
* Fix type errs
* Add comments
* Rename CtaEvents > CtaEvent
* Copy the CtaEvent enum instead of importing from proto
* Add back blank line
* Fix import order
* Update proto files
* Add TODO comment
* Delete teleterm's ptyHost/v1, added by mistake
* Add package name to protos conforming to PACKAGE_VERSION_SUFFIX
* use go run in buf-connect-go.gen.yaml directly
* Run protogen in place
* Run the buf-go generation off of go run
This also adds protoc-gen-go-grpc to go.mod
* Fix prehog protos package name
* sync prehog/v1alpha/teleport.proto from cloud
* AggregatingUsageReporter
* graceful stopping
* alerts WIP
* Split reporter and submitter
* batch_uuid
* Naming
* more naming
* Move backend stuff in a "service" object
* Return the correct err from gracefulstop
* Tweak alert link
* Better field comments
* payloadContext rather than a manual type assertion
* Rework reporter logic
* Close the base context at the end of run
* Use the count parameter in listUserActivityReports
* Use ttl parameter in createUserActivityReportsLock
* service tests
* submitter test
* reporter test
* Document GracefulStopper.GracefulStop
* Fix errorf/warnf that don't need formatting
* Add debug line on a successful report
* fix license
* sync prehog proto from cloud
* Only send non-nil events through test channel
This fixes a hang/data race, as we effectively "send" a nil event
whenever the ticker hits
* Docs and variable names
* Add some debug info to the lock and the alert
* Sync prehog protos from cloud
This includes a move to prehog.v1 for the new rpc and messages
* mechanical: rename imports of prehog/v1alpha
This renames imports of ".../prehog/v1alpha" from prehogv1a to prehogv1,
and imports of ".../prehog/v1alpha/prehogv1alphaconnect" from prehogv1c
to prehogv1ac, to avoid confusion with imports of the newly added
".../prehog/v1" and ".../prehog/v1/prehogv1connect".
* Merge remote-tracking branch 'origin/master' into espadolini/usagereporter-onprem