* Add docs for Connect My Computer
* Update Troubleshooting Connect My Computer header
This way it doesn't conflict with the general Troubleshooting header.
* Add troubleshooting section about expired token
* Expand section on agent not being visible in cluster
* Mention that logout removes the agent
* OneOff Script: use ent build if cluster is Enterprise
We were always using the OSS version of teleport in the one-off scripts.
This PR changes that to pick the correct version depending on the
running version in the Proxy.
* use gzip bestspeed for compressing files
* Remove check that enforces slack oauthProviders are set
* Remove test that checks for an error when hosted plugins is true
* Set hosted plugins to always be true
* Update tests that check hosted plugins is disabled
* Add comment explaining hosted being set to true at all times
When user starts a session, we do not report the initial command used
which causes visibility problems to moderators when they need to figure
out if they join or not the session.
This PR exposes the intial command for SSH and Kubernetes so moderators
can decide if they want to join the session or not based on the initial
command.
Signed-off-by: Tiago Silva <tiago.silva@goteleport.com>
When checking GHA logs of OS Compatibility build, I notice info log
```
The repository will be downloaded using the GitHub REST API
To create a local Git repository instead, add Git 2.18 or higher to the PATH
```
suggesting that our self-compiled git is not being used. For some reason out git binary was installed in /usr/local/usr/local/bin/git. I removed the additional /usr/local prefix to install the binary in the correct directory. I also updated git to the latest version.
* docs: Add WinSCP to PuTTY client instructions
* Restore validity section
* Restore validity section
* Formatting tweaks
* Merge lists
* Change title
* Fix docs link title to match page
* Bump tsh version for WinSCP support
* Whitelist WinSCP in spellcheck
* putty.mdx -> putty-winscp.mdx
The Vercel preview workflow currently inserts the head branch of a pull
request into the edge version of the Teleport docs. This makes it
difficult to post a link to the correct version, since we need to
include the version number in the path.
This change edits the Vercel preview workflow to include only one
version of the docs--the user's version--in the preview site. This makes
it easier to find the user's changes.
* log message improvements
* fix etcd cleanup
* re-enable TestHSMDualAuthRotation
* retry client connection tests
* fixes based on code review
* make fix-imports
* fix: use EventuallyWithT
* set short polling period
* fix leaf SSH sessions not getting recorded
* add integration test
* address feedback, overhaul integration test
* make each test case use fresh clusters to fix failing case
* address feedback
* Apply suggestions from code review
Co-authored-by: rosstimothy <39066650+rosstimothy@users.noreply.github.com>
* fix integration test failures
---------
Co-authored-by: rosstimothy <39066650+rosstimothy@users.noreply.github.com>
* Deflake `TestInteractiveSessionsNoAuth` test
For this test, the LockWatcher is marked as stalled. When in stalled
mode, the watcher bypasses cache and hits auth server directly.
During the test, the auth rate limit is exceeded which causes the
watcher to fail and report unexpected errors.
This PR bumps the auth server limits to prevent these cases.
Signed-off-by: Tiago Silva <tiago.silva@goteleport.com>
* add comment
---------
Signed-off-by: Tiago Silva <tiago.silva@goteleport.com>
* Implement MFA verification on CreateAuthenticateChallenge
* Update IsMFARequired tests
* Test challenge verification in CreateAuthenticateChallenge
* Add TODO regarding Required vs MFARequired
* Add the Access List review backend.
The Access List review backend has been added to Teleport.
* Update tests to remove frequency_changed.
* Update lib/services/access_list.go
Co-authored-by: rosstimothy <39066650+rosstimothy@users.noreply.github.com>
* Update lib/services/access_list.go
Co-authored-by: rosstimothy <39066650+rosstimothy@users.noreply.github.com>
* Tweak errors, add gRPC client to go along with new interfaces.
* Update comments, fix errant bugs with api client, remove reviews getter.
* Fix comments in proto, tweaks to tests and backend.
* Remove call to SetName.
---------
Co-authored-by: rosstimothy <39066650+rosstimothy@users.noreply.github.com>
* Change --debug to --connect-debug
* Add debug and insecure to RuntimeSettings, change how dev is set
* Enable devtools in debug mode instead of dev mode
This will allow us to access devtools in a packaged app if needed.
* Reduce the use of capitalized trusted clusters and a few other fixes
* fix a typo
* Modify the description of trusted clusters in core concepts
* Lower case cluster, add root and leaf to the description for self-hosted
* OpenSSH split into two topics
* caveat for token permissions not scoped to any resource context
* Add section for token resource
* Split paragraph
* Modify wording to remove type of token language
* fix typo
Remove bypass workflows for integration tests (root) and kube
integration tests (non-root) in favor of the paths-filter approach,
since path filtering is not supported with the merge queue.