* Proto and Go module changes for Windows TPM support
* Obligatory `go mod tidy` && `make fix-imports`
* Godocs for proto conversion methods
* Move dependencies to main indirect block
* Handle nil more gracefully
* (wip) add unlock feature button to support page
* Fix typo
* (wip) add locked feature join session
* Improve session join style
* Add session join lock button
* Remove hover on locked join menu
* Update copy
* Only show `join as...` when appropriate
* (wip)
* Make ButtonLockedFeature theme sensitive
* Remove debug stuff
* Adjust feature button height
* Fix session join button on locked
* Remove unused import
* typo
* Add link to cta button
* Remove teams flag
* Add cta service
* Update snapshots
* Lock button style
* Add cta to context
* Rename cta to ctaService
* Stories and tests
* Add comments clarifying that ctas are not used currently
* add showActiveSessionsCTA to useSessions
* Licenses
* Lint license
* Remove commented out code
* Add missing types
* Replace cta service for an object with cta on context
* Fix menu hack
* small refactor in styled stuff
* Update SessionJoinBtn to use master code
* Snapshot update
* Add events to cta clicks
* rebase
* revert e ref update
* Revert e change
* Update proto message to start at 1
* Use enum from proto files instead of rewriting
* Improve comments on usageevents.proto cta enum
* Fix import
* Fix type errs
* Add comments
* Rename CtaEvents > CtaEvent
* Copy the CtaEvent enum instead of importing from proto
* Add back blank line
* Fix import order
* Update proto files
* Add TODO comment
* Delete teleterm's ptyHost/v1, added by mistake
* Add package name to protos conforming to PACKAGE_VERSION_SUFFIX
* use go run in buf-connect-go.gen.yaml directly
* Run protogen in place
* Run the buf-go generation off of go run
This also adds protoc-gen-go-grpc to go.mod
* Add GetType() to Plugin
* Add Plugins feature flag to web
* Run prettier
* Update e_imports.go with slack plugin subpackage
Respective enterprise changes imports a new subpackage,
which pulls new dependencies.
* Move configuration from lib/service to lib/service/servicecfg
The new servicecfg package will hold only configuration for services.
This will allow other packages (like tctl and tsh) to depend on
servicecfg without pulling in all of lib/service (which has a number
of platform-specific details).
This is the first step towards being able to build tctl for Windows.
* Move PAM and BPF config into servicecfg
This breaks a compile-time dependency on BPF/PAM for tctl.
* Add plugin exchange service
* Add Plugin methods to auth
* Add gRPC-layer methods for Plugin
* Add RBAC presets for Plugin
* Test GetPlugin()/NoSecrets access
* Make error assertions more correct in role test
* Deny setting credentials if user can not read them
* gofmt
* Apply minor suggestions from code review
Co-authored-by: rosstimothy <39066650+rosstimothy@users.noreply.github.com>
Co-authored-by: Tiago Silva <tiago.silva@goteleport.com>
* Move dependency into an existing block in go.mod
* Improve error messages for failed type assertions
* DRY WithSecrets access checks for Plugins
* Run new tests in parallel
* Improve error assertions in auth_with_roles_test
* TestGetPluginWithSecrets: split cases to subtests
* Clean up test servers and clients
* Add proto for plugin service
* Remove Plugin methods from auth service
Moved to a dedicated service
* Remove plugin-related auth methods
Moved to a dedicated service in Enterprise
* Remove CreatePlugin test from auth_with_roles_test
Moved to a dedicated service in Enterprise
* Pass "backend getter" to local plugins service
This pattern is used in Enterprise to set up secondary services
before auth (and backend) are created.
* Rename InitialCredentials to BootstrapCredentials
* Add plugins service to genproto.sh
* Reformat generated proto
* Remove obsolete PluginExchangeService
The equivalent of this is now in Enterprise
* Add kube service to genproto.sh; regenerate
* Add ListPlugins to plugin backend service
* Reimplement GetPlugins on top of ListPlugins
This is a "convenience" implementation for the backend service layer.
* Replace GetPlugins with ListPlugins in gRPC schema
* Fix ListKubernetesResources unit test
* Simplify plugin pagination key to just the name
* Use existing constant for page size
* Make dummy clients return errors instead of panic
* Remove obsolete field
* Ensure go.mod is valid for corresponding e changes
* Fix passing mutex ref
* Move teleport-plugins import to e_imports
* Revert oauth change in go.mod
* Use limit+1 to look-ahead when paginating plugins
* Test plugin pagination with pageSize > numPlugins
* Add descriptive messages to gRPC dummy clients
* Plugin: add RW for editor; remove secrets from gRPC
* Make message more descriptive for dummy gRPC conn
---------
Co-authored-by: rosstimothy <39066650+rosstimothy@users.noreply.github.com>
Co-authored-by: Tiago Silva <tiago.silva@goteleport.com>
* Extract entity ID when creating SAML service provider.
The entity ID will be parsed from the entity descriptor metadata when the
service provider's entity descriptor is set. The motivation of this PR is to
do the following:
* Extract the entity ID from the entity descriptor during the creation of the
SAML IdP service provider.
* Prevent the creation of service providers in the backend that have an
entity ID that does not match the entity ID represented in the entity
descriptor.
* When reading or listing service providers, prevent the parsing of every
entity descriptor during the listing.
The goal here is to make it performant to look up entity descriptors by their
entity ID without incurring the cost of parsing every single entity descriptor
to determine the entity ID.
* Feedback, eliminating the parsing from the object, pushing parsing verification into the local service.
* Fix up tests, e_imports.
* Fix comment in types.proto.
* Remove dead comment.
* Deduplicate entity ID in update as well.
* Small refactor to move parse out of lock.
* Remove XML parsing from type, fix grpcserver test, fix locking boundaries.
* Tim's and Edoardo's feedback.
* Fix cache test.
* Update lib/services/local/saml_idp_service_provider.go
Co-authored-by: Edoardo Spadolini <edoardo.spadolini@goteleport.com>
* Expanding the comments on the EntityID field.
---------
Co-authored-by: Edoardo Spadolini <edoardo.spadolini@goteleport.com>
* Run go mod tidy in CI
* Update e_imports.go
* Use git diff on just go.mod/go.sum, tidy api too
* Fix the e_imports list by accomodating build tags
* Wording
* Simplify commands in the workflow
* Delete go.sum before go mod tidy
* Shell suggestions
* Fix missing saml imports for upcoming PRs
* Add in crewjam/saml dependencies for SAML IdP feature.
The crewjam/saml dependency has been added for the SAML IdP feature.
* Move crewjam dependency to big require block, remove self-replaces.
* Add crewjam/saml/samlidp to e_imports.go
* Bump libc from 0.2.135 to 0.2.136
* Bump k8s.io/apiserver from 0.25.2 to 0.25.3
* Bump github.com/aws/aws-sdk-go-v2/feature/ec2/imds
* Bump github.com/aws/aws-sdk-go-v2/service/sts from 1.16.19 to 1.17.1
* Bump github.com/golang-jwt/jwt/v4 from 4.2.0 to 4.4.2
* Bump go.opentelemetry.io/otel/sdk from 1.11.0 to 1.11.1
* Bump github.com/aws/aws-sdk-go-v2/credentials from 1.12.21 to 1.12.23
* Bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.63.1 to 1.63.3
* Bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
* Bump github.com/stretchr/testify from 1.8.0 to 1.8.1 in /api
* Bump go.opentelemetry.io/otel/sdk from 1.11.0 to 1.11.1 in /api
* Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
* Bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
* Bump github.com/aws/aws-sdk-go from 1.44.117 to 1.44.123