NotificationsYou must be signed in to change notification settings
Fork928
Star10.1k

Commit200a87e

authored

feat(cli/ssh): allow multiple remote forwards and allow missing local file (#11648)

1 parent73e6bbf commit200a87eCopy full SHA for 200a87e

File tree

5 files changed

+127

-32

lines changed

cli
- remoteforward.go
- ssh.go
- ssh_test.go
- testdata
  - coder_ssh_--help.golden
docs/cli
- ssh.md

5 files changed

+127

-32

lines changed

`‎cli/remoteforward.go`

Lines changed: 3 additions & 10 deletions

Original file line number	Diff line number	Diff line change
`@@ -5,7 +5,6 @@ import (`
`5`	`5`	`"fmt"`
`6`	`6`	`"io"`
`7`	`7`	`"net"`
`8`		`-"os"`
`9`	`8`	`"regexp"`
`10`	`9`	`"strconv"`
`11`	`10`
`@@ -67,19 +66,13 @@ func parseRemoteForwardTCP(matches []string) (net.Addr, net.Addr, error) {`
`67`	`66`	`returnlocalAddr,remoteAddr,nil`
`68`	`67`	`}`
`69`	`68`
	`69`	`+// parseRemoteForwardUnixSocket parses a remote forward flag. Note that`
	`70`	`+// we don't verify that the local socket path exists because the user`
	`71`	`+// may create it later. This behavior matches OpenSSH.`
`70`	`72`	`funcparseRemoteForwardUnixSocket(matches []string) (net.Addr, net.Addr,error) {`
`71`	`73`	`remoteSocket:=matches[1]`
`72`	`74`	`localSocket:=matches[2]`
`73`	`75`
`74`		`-fileInfo,err:=os.Stat(localSocket)`
`75`		`-iferr!=nil {`
`76`		`-returnnil,nil,err`
`77`		`-}`
`78`		`-`
`79`		`-iffileInfo.Mode()&os.ModeSocket==0 {`
`80`		`-returnnil,nil,xerrors.New("File is not a Unix domain socket file")`
`81`		`-}`
`82`		`-`
`83`	`76`	`remoteAddr:=&net.UnixAddr{`
`84`	`77`	`Name:remoteSocket,`
`85`	`78`	`Net:"unix",`

`‎cli/ssh.go`

Lines changed: 24 additions & 20 deletions

Original file line number	Diff line number	Diff line change
`@@ -53,7 +53,7 @@ func (r RootCmd) ssh() clibase.Cmd {`
`53`	`53`	`waitEnumstring`
`54`	`54`	`noWaitbool`
`55`	`55`	`logDirPathstring`
`56`		`-remoteForwardstring`
	`56`	`+remoteForwards[]string`
`57`	`57`	`disableAutostartbool`
`58`	`58`	`)`
`59`	`59`	`client:=new(codersdk.Client)`
`@@ -135,13 +135,15 @@ func (r RootCmd) ssh() clibase.Cmd {`
`135`	`135`	`stack:=newCloserStack(ctx,logger)`
`136`	`136`	`deferstack.close(nil)`
`137`	`137`
`138`		`-ifremoteForward!="" {`
`139`		`-isValid:=validateRemoteForward(remoteForward)`
`140`		`-if!isValid {`
`141`		-returnxerrors.Errorf(`invalid format of remote-forward, expected: remote_port:local_address:local_port`)
`142`		`-}`
`143`		`-ifisValid&&stdio {`
`144`		-returnxerrors.Errorf(`remote-forward can't be enabled in the stdio mode`)
	`138`	`+iflen(remoteForwards)>0 {`
	`139`	`+for_,remoteForward:=rangeremoteForwards {`
	`140`	`+isValid:=validateRemoteForward(remoteForward)`
	`141`	`+if!isValid {`
	`142`	+returnxerrors.Errorf(`invalid format of remote-forward, expected: remote_port:local_address:local_port`)
	`143`	`+}`
	`144`	`+ifisValid&&stdio {`
	`145`	+returnxerrors.Errorf(`remote-forward can't be enabled in the stdio mode`)
	`146`	`+}`
`145`	`147`	`}`
`146`	`148`	`}`
`147`	`149`
`@@ -311,18 +313,20 @@ func (r RootCmd) ssh() clibase.Cmd {`
`311`	`313`	`}`
`312`	`314`	`}`
`313`	`315`
`314`		`-ifremoteForward!="" {`
`315`		`-localAddr,remoteAddr,err:=parseRemoteForward(remoteForward)`
`316`		`-iferr!=nil {`
`317`		`-returnerr`
`318`		`-}`
	`316`	`+iflen(remoteForwards)>0 {`
	`317`	`+for_,remoteForward:=rangeremoteForwards {`
	`318`	`+localAddr,remoteAddr,err:=parseRemoteForward(remoteForward)`
	`319`	`+iferr!=nil {`
	`320`	`+returnerr`
	`321`	`+}`
`319`	`322`
`320`		`-closer,err:=sshRemoteForward(ctx,inv.Stderr,sshClient,localAddr,remoteAddr)`
`321`		`-iferr!=nil {`
`322`		`-returnxerrors.Errorf("ssh remote forward: %w",err)`
`323`		`-}`
`324`		`-iferr=stack.push("sshRemoteForward",closer);err!=nil {`
`325`		`-returnerr`
	`323`	`+closer,err:=sshRemoteForward(ctx,inv.Stderr,sshClient,localAddr,remoteAddr)`
	`324`	`+iferr!=nil {`
	`325`	`+returnxerrors.Errorf("ssh remote forward: %w",err)`
	`326`	`+}`
	`327`	`+iferr=stack.push("sshRemoteForward",closer);err!=nil {`
	`328`	`+returnerr`
	`329`	`+}`
`326`	`330`	`}`
`327`	`331`	`}`
`328`	`332`
`@@ -460,7 +464,7 @@ func (r RootCmd) ssh() clibase.Cmd {`
`460`	`464`	`Description:"Enable remote port forwarding (remote_port:local_address:local_port).",`
`461`	`465`	`Env:"CODER_SSH_REMOTE_FORWARD",`
`462`	`466`	`FlagShorthand:"R",`
`463`		`-Value:clibase.StringOf(&remoteForward),`
	`467`	`+Value:clibase.StringArrayOf(&remoteForwards),`
`464`	`468`	`},`
`465`	`469`	`sshDisableAutostartOption(clibase.BoolOf(&disableAutostart)),`
`466`	`470`	`}`

`‎cli/ssh_test.go`

Lines changed: 98 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -883,6 +883,104 @@ func TestSSH(t *testing.T) {`
`883`	`883`	`require.NoError(t,err)`
`884`	`884`	`})`
`885`	`885`
	`886`	`+// Test that we can remote forward multiple sockets, whether or not the`
	`887`	`+// local sockets exists at the time of establishing xthe SSH connection.`
	`888`	`+t.Run("RemoteForwardMultipleUnixSockets",func(t*testing.T) {`
	`889`	`+ifruntime.GOOS=="windows" {`
	`890`	`+t.Skip("Test not supported on windows")`
	`891`	`+}`
	`892`	`+`
	`893`	`+t.Parallel()`
	`894`	`+`
	`895`	`+client,workspace,agentToken:=setupWorkspaceForAgent(t)`
	`896`	`+`
	`897`	`+_=agenttest.New(t,client.URL,agentToken)`
	`898`	`+coderdtest.AwaitWorkspaceAgents(t,client,workspace.ID)`
	`899`	`+`
	`900`	`+// Wait super long so this doesn't flake on -race test.`
	`901`	`+ctx,cancel:=context.WithTimeout(context.Background(),testutil.WaitSuperLong)`
	`902`	`+defercancel()`
	`903`	`+`
	`904`	`+tmpdir:=tempDirUnixSocket(t)`
	`905`	`+`
	`906`	`+typetestSocketstruct {`
	`907`	`+localstring`
	`908`	`+remotestring`
	`909`	`+}`
	`910`	`+`
	`911`	`+args:= []string{"ssh",workspace.Name}`
	`912`	`+varsockets []testSocket`
	`913`	`+fori:=0;i<2;i++ {`
	`914`	`+localSock:=filepath.Join(tmpdir,fmt.Sprintf("local-%d.sock",i))`
	`915`	`+remoteSock:=filepath.Join(tmpdir,fmt.Sprintf("remote-%d.sock",i))`
	`916`	`+sockets=append(sockets,testSocket{`
	`917`	`+local:localSock,`
	`918`	`+remote:remoteSock,`
	`919`	`+})`
	`920`	`+args=append(args,"--remote-forward",fmt.Sprintf("%s:%s",remoteSock,localSock))`
	`921`	`+}`
	`922`	`+`
	`923`	`+inv,root:=clitest.New(t,args...)`
	`924`	`+clitest.SetupConfig(t,client,root)`
	`925`	`+pty:=ptytest.New(t).Attach(inv)`
	`926`	`+inv.Stderr=pty.Output()`
	`927`	`+`
	`928`	`+w:=clitest.StartWithWaiter(t,inv.WithContext(ctx))`
	`929`	`+deferw.Wait()// We don't care about any exit error (exit code 255: SSH connection ended unexpectedly).`
	`930`	`+`
	`931`	`+// Since something was output, it should be safe to write input.`
	`932`	`+// This could show a prompt or "running startup scripts", so it's`
	`933`	`+// not indicative of the SSH connection being ready.`
	`934`	`+_=pty.Peek(ctx,1)`
	`935`	`+`
	`936`	`+// Ensure the SSH connection is ready by testing the shell`
	`937`	`+// input/output.`
	`938`	`+pty.WriteLine("echo ping' 'pong")`
	`939`	`+pty.ExpectMatchContext(ctx,"ping pong")`
	`940`	`+`
	`941`	`+fori,sock:=rangesockets {`
	`942`	`+i:=i`
	`943`	`+// Start the listener on the "local machine".`
	`944`	`+l,err:=net.Listen("unix",sock.local)`
	`945`	`+require.NoError(t,err)`
	`946`	`+deferl.Close()//nolint:revive // Defer is fine in this loop, we only run it twice.`
	`947`	`+testutil.Go(t,func() {`
	`948`	`+for {`
	`949`	`+fd,err:=l.Accept()`
	`950`	`+iferr!=nil {`
	`951`	`+if!errors.Is(err,net.ErrClosed) {`
	`952`	`+assert.NoError(t,err,"listener accept failed",i)`
	`953`	`+}`
	`954`	`+return`
	`955`	`+}`
	`956`	`+`
	`957`	`+testutil.Go(t,func() {`
	`958`	`+deferfd.Close()`
	`959`	`+agentssh.Bicopy(ctx,fd,fd)`
	`960`	`+})`
	`961`	`+}`
	`962`	`+})`
	`963`	`+`
	`964`	`+// Dial the forwarded socket on the "remote machine".`
	`965`	`+d:=&net.Dialer{}`
	`966`	`+fd,err:=d.DialContext(ctx,"unix",sock.remote)`
	`967`	`+require.NoError(t,err,i)`
	`968`	`+deferfd.Close()//nolint:revive // Defer is fine in this loop, we only run it twice.`
	`969`	`+`
	`970`	`+// Ping / pong to ensure the socket is working.`
	`971`	`+_,err=fd.Write([]byte("hello world"))`
	`972`	`+require.NoError(t,err,i)`
	`973`	`+`
	`974`	`+buf:=make([]byte,11)`
	`975`	`+_,err=fd.Read(buf)`
	`976`	`+require.NoError(t,err,i)`
	`977`	`+require.Equal(t,"hello world",string(buf),i)`
	`978`	`+}`
	`979`	`+`
	`980`	`+// And we're done.`
	`981`	`+pty.WriteLine("exit")`
	`982`	`+})`
	`983`	`+`
`886`	`984`	`t.Run("FileLogging",func(t*testing.T) {`
`887`	`985`	`t.Parallel()`
`888`	`986`

`‎cli/testdata/coder_ssh_--help.golden`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -33,7 +33,7 @@ OPTIONS:`
`33`	`33`	`behavior as non-blocking.`
`34`	`34`	`DEPRECATED: Use --wait instead.`
`35`	`35`
`36`		`- -R, --remote-forward string, $CODER_SSH_REMOTE_FORWARD`
	`36`	`+ -R, --remote-forward string-array, $CODER_SSH_REMOTE_FORWARD`
`37`	`37`	`Enable remote port forwarding (remote_port:local_address:local_port).`
`38`	`38`
`39`	`39`	`--stdio bool, $CODER_SSH_STDIO`

`‎docs/cli/ssh.md`

Lines changed: 1 addition & 1 deletion

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit200a87e

File tree

5 files changed

5 files changed

`‎cli/remoteforward.go`

`‎cli/ssh.go`

`‎cli/ssh_test.go`

`‎cli/testdata/coder_ssh_--help.golden`

`‎docs/cli/ssh.md`

0 commit comments