Skip to content

Commit

Permalink
Merge branch 'master' into lisa/add-v2-endpoint
Browse files Browse the repository at this point in the history
  • Loading branch information
kimlisa authored Dec 30, 2024
2 parents 0627466 + 2dbdfd2 commit 4db33f1
Show file tree
Hide file tree
Showing 451 changed files with 17,669 additions and 8,107 deletions.
29 changes: 17 additions & 12 deletions .github/workflows/doc-tests.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ jobs:
- name: Checkout
uses: actions/checkout@v4
with:
repository: 'gravitational/docs'
repository: 'gravitational/docs-website'
path: 'docs'

# Cache node_modules. Unlike the example in the actions/cache repo, this
Expand Down Expand Up @@ -80,30 +80,35 @@ jobs:
# use for the live docs site in that we only test a single version of
# the content.
#
# To do this, we replace the three submodules we use for building the
# live docs site with a single submodule, pointing to the
# gravitational/teleport branch we are linting.
#
# To do this, we delete the three submodules we use for building the
# live docs site and copy a gravitational/teleport clone into the
# content directory.
#
# The docs engine expects a config.json file at the root of the
# gravitational/docs clone that associates directories with git
# submodules. By default, these directories represent versioned branches
# of gravitational/teleport. We override this in order to build only a
# single version of the docs.
#
# We also replace data fetched from Sanity CMS with hardcoded JSON
# objects to remove the need to authenticate with Sanity. Each includes
# the minimal set of data required for docs builds to succeed.
run: |
echo "" > .gitmodules
rm -rf content/*
cd content
# Rather than using a submodule, copy the teleport source into the
# content directory.
cp -r $GITHUB_WORKSPACE/teleport $GITHUB_WORKSPACE/docs/content
cd $GITHUB_WORKSPACE/docs
echo "{\"versions\": [{\"name\": \"teleport\", \"branch\": \"teleport\", \"deprecated\": false}]}" > $GITHUB_WORKSPACE/docs/config.json
cat <<< "$(jq '.scripts."git-update" = "echo Skipping submodule update"' package.json)" > package.json
yarn build-node
cp -r "$GITHUB_WORKSPACE/teleport" "$GITHUB_WORKSPACE/docs/content/current"
jq -nr --arg version "current" '{"versions": [{"name": $version,"branch": $version,"deprecated": false,"isDefault": true}]}' > config.json
NEW_PACKAGE_JSON=$(jq '.scripts."git-update" = "echo Skipping submodule update"' package.json);
NEW_PACKAGE_JSON=$(jq '.scripts."prepare-sanity-data" = "echo Using pre-populated Sanity data"' <<< "$NEW_PACKAGE_JSON");
echo "$NEW_PACKAGE_JSON" > package.json;
echo "{}" > data/events.json
echo '{"bannerButtons":{"second":{"title":"LOG IN","url":"https://teleport.sh"},"first":{"title":"Support","url":"https://goteleport.com/support/"}},"navbarData":{"rightSide":{},"logo":"/favicon.svg","menu":[]}}' > data/navbar.json
- name: Check spelling
working-directory: 'docs'
run: yarn spellcheck content/teleport
run: yarn spellcheck content/current

- name: Lint docs formatting
working-directory: 'docs'
Expand Down
42 changes: 42 additions & 0 deletions .github/workflows/docs-amplify.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
name: Docs Preview
on:
pull_request:
paths:
- 'docs/**'
- .github/workflows/docs-amplify.yaml
workflow_dispatch:

permissions:
pull-requests: write
id-token: write

jobs:
amplify-preview:
name: Prepare Amplify preview URL
runs-on: ubuntu-22.04-2core-arm64
environment: docs-amplify
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4
with:
aws-region: us-west-2
role-to-assume: ${{ vars.IAM_ROLE }}

- name: Create Amplify preview environment
uses: gravitational/shared-workflows/tools/amplify-preview@tools/amplify-preview/v0.0.1
continue-on-error: true
with:
app_ids: ${{ vars.AMPLIFY_APP_IDS }}
create_branches: "true"
github_token: ${{ secrets.GITHUB_TOKEN }}
wait: "true"

- name: Print failure message
if: failure()
env:
ERR_TITLE: Teleport Docs preview build failed
ERR_MESSAGE: >-
Please refer to the following documentation for help: https://www.notion.so/goteleport/How-to-Amplify-deployments-162fdd3830be8096ba72efa1a49ee7bc?pvs=4
run: |
echo ::error title=$ERR_TITLE::$ERR_MESSAGE
exit 1
11 changes: 2 additions & 9 deletions .github/workflows/update-docs-webhook.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,18 +15,11 @@ jobs:
environment: update-docs
strategy:
fail-fast: false
matrix:
webhooks:
- url_secret_name: DOCS_DEPLOY_HOOK
http_method: GET
- url_secret_name: AMPLIFY_DOCS_DEPLOY_HOOK
http_method: POST
steps:
- name: Call deployment webhook
env:
WEBHOOK_URL: ${{ secrets[matrix.webhooks.url_secret_name] }}
HTTP_METHOD: ${{ matrix.webhooks.http_method }}
WEBHOOK_URL: ${{ secrets[AMPLIFY_DOCS_DEPLOY_HOOK] }}
run: |
if curl -X "$HTTP_METHOD" --silent --fail --show-error "$WEBHOOK_URL" > /dev/null; then
if curl -X POST --silent --fail --show-error "$WEBHOOK_URL" > /dev/null; then
echo "Triggered successfully"
fi
65 changes: 0 additions & 65 deletions .github/workflows/vercel-preview.yaml

This file was deleted.

1 change: 1 addition & 0 deletions .golangci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,7 @@ issues:
linters: [staticcheck]
text: 'grpc.WithReturnConnectionError is deprecated'
- linters: [govet]
path-except: ^e/
text: 'non-constant format string in call to github.com/gravitational/trace.'
exclude-use-default: true
max-same-issues: 0
Expand Down
104 changes: 100 additions & 4 deletions api/client/client.go
Original file line number Diff line number Diff line change
Expand Up @@ -2286,12 +2286,56 @@ func (c *Client) GetTrustedClusters(ctx context.Context) ([]types.TrustedCluster
}

// UpsertTrustedCluster creates or updates a Trusted Cluster.
func (c *Client) UpsertTrustedCluster(ctx context.Context, trusedCluster types.TrustedCluster) (types.TrustedCluster, error) {
trustedCluster, ok := trusedCluster.(*types.TrustedClusterV2)
//
// Deprecated: Use [Client.UpsertTrustedClusterV2] instead.
func (c *Client) UpsertTrustedCluster(ctx context.Context, trustedCluster types.TrustedCluster) (types.TrustedCluster, error) {
trustedClusterV2, ok := trustedCluster.(*types.TrustedClusterV2)
if !ok {
return nil, trace.BadParameter("invalid type %T", trusedCluster)
return nil, trace.BadParameter("invalid type %T", trustedCluster)
}
resp, err := c.grpc.UpsertTrustedCluster(ctx, trustedCluster)
resp, err := c.grpc.UpsertTrustedCluster(ctx, trustedClusterV2)
if err != nil {
return nil, trace.Wrap(err)
}
return resp, nil
}

// UpsertTrustedClusterV2 creates or updates a Trusted Cluster.
func (c *Client) UpsertTrustedClusterV2(ctx context.Context, trustedCluster types.TrustedCluster) (types.TrustedCluster, error) {
trustedClusterV2, ok := trustedCluster.(*types.TrustedClusterV2)
if !ok {
return nil, trace.BadParameter("invalid type %T", trustedCluster)
}
req := &trustpb.UpsertTrustedClusterRequest{TrustedCluster: trustedClusterV2}
resp, err := c.TrustClient().UpsertTrustedCluster(ctx, req)
if err != nil {
return nil, trace.Wrap(err)
}
return resp, nil
}

// CreateTrustedCluster creates a Trusted Cluster.
func (c *Client) CreateTrustedCluster(ctx context.Context, trustedCluster types.TrustedCluster) (types.TrustedCluster, error) {
trustedClusterV2, ok := trustedCluster.(*types.TrustedClusterV2)
if !ok {
return nil, trace.BadParameter("invalid type %T", trustedCluster)
}
req := &trustpb.CreateTrustedClusterRequest{TrustedCluster: trustedClusterV2}
resp, err := c.TrustClient().CreateTrustedCluster(ctx, req)
if err != nil {
return nil, trace.Wrap(err)
}
return resp, nil
}

// UpdateTrustedCluster updates a Trusted Cluster.
func (c *Client) UpdateTrustedCluster(ctx context.Context, trustedCluster types.TrustedCluster) (types.TrustedCluster, error) {
trustedClusterV2, ok := trustedCluster.(*types.TrustedClusterV2)
if !ok {
return nil, trace.BadParameter("invalid type %T", trustedCluster)
}
req := &trustpb.UpdateTrustedClusterRequest{TrustedCluster: trustedClusterV2}
resp, err := c.TrustClient().UpdateTrustedCluster(ctx, req)
if err != nil {
return nil, trace.Wrap(err)
}
Expand Down Expand Up @@ -4262,6 +4306,12 @@ func (c *Client) GetSSHTargets(ctx context.Context, req *proto.GetSSHTargetsRequ
return rsp, trace.Wrap(err)
}

// ResolveSSHTarget gets a server that would match an equivalent ssh dial request.
func (c *Client) ResolveSSHTarget(ctx context.Context, req *proto.ResolveSSHTargetRequest) (*proto.ResolveSSHTargetResponse, error) {
rsp, err := c.grpc.ResolveSSHTarget(ctx, req)
return rsp, trace.Wrap(err)
}

// CreateSessionTracker creates a tracker resource for an active session.
func (c *Client) CreateSessionTracker(ctx context.Context, st types.SessionTracker) (types.SessionTracker, error) {
v1, ok := st.(*types.SessionTrackerV1)
Expand Down Expand Up @@ -5091,6 +5141,52 @@ func (c *Client) UpsertUserLastSeenNotification(ctx context.Context, req *notifi
return rsp, trace.Wrap(err)
}

// GetWorkloadIdentity returns a workload identity by name.
func (c *Client) GetWorkloadIdentity(ctx context.Context, name string) (*workloadidentityv1pb.WorkloadIdentity, error) {
resp, err := c.WorkloadIdentityResourceServiceClient().GetWorkloadIdentity(ctx, &workloadidentityv1pb.GetWorkloadIdentityRequest{
Name: name,
})
if err != nil {
return nil, trace.Wrap(err)
}
return resp, nil
}

// DeleteWorkloadIdentity deletes a workload identity by name. It will throw an
// error if the workload identity does not exist.
func (c *Client) DeleteWorkloadIdentity(ctx context.Context, name string) error {
_, err := c.WorkloadIdentityResourceServiceClient().DeleteWorkloadIdentity(ctx, &workloadidentityv1pb.DeleteWorkloadIdentityRequest{
Name: name,
})
if err != nil {
return trace.Wrap(err)
}
return nil
}

// CreateWorkloadIdentity creates a new workload identity, it will not overwrite
// an existing workload identity with the same name.
func (c *Client) CreateWorkloadIdentity(ctx context.Context, r *workloadidentityv1pb.WorkloadIdentity) (*workloadidentityv1pb.WorkloadIdentity, error) {
resp, err := c.WorkloadIdentityResourceServiceClient().CreateWorkloadIdentity(ctx, &workloadidentityv1pb.CreateWorkloadIdentityRequest{
WorkloadIdentity: r,
})
if err != nil {
return nil, trace.Wrap(err)
}
return resp, nil
}

// UpsertWorkloadIdentity creates or updates a workload identity.
func (c *Client) UpsertWorkloadIdentity(ctx context.Context, r *workloadidentityv1pb.WorkloadIdentity) (*workloadidentityv1pb.WorkloadIdentity, error) {
resp, err := c.WorkloadIdentityResourceServiceClient().UpsertWorkloadIdentity(ctx, &workloadidentityv1pb.UpsertWorkloadIdentityRequest{
WorkloadIdentity: r,
})
if err != nil {
return nil, trace.Wrap(err)
}
return resp, nil
}

// ResourceUsageClient returns an unadorned Resource Usage service client,
// using the underlying Auth gRPC connection.
// Clients connecting to non-Enterprise clusters, or older Teleport versions,
Expand Down
Loading

0 comments on commit 4db33f1

Please sign in to comment.