[v13] update tsh db resource selection

api/types/constants.go

@@ -533,6 +533,12 @@ const (
 	// See also TeleportNamespace and TeleportInternalLabelPrefix.
 	TeleportHiddenLabelPrefix = "teleport.hidden/"
 
+	// DiscoveredNameLabel is a resource metadata label name used to identify
+	// the discovered name of a resource, i.e. the name of a resource before a
+	// uniquely distinguishing suffix is added by the discovery service.
+	// See: RFD 129 - Avoid Discovery Resource Name Collisions.
+	DiscoveredNameLabel = TeleportInternalLabelPrefix + "discovered-name"
+
 	// BotLabel is a label used to identify a resource used by a certificate renewal bot.
 	BotLabel = TeleportInternalLabelPrefix + "bot"
 

docs/pages/reference/predicate-language.mdx

@@ -68,6 +68,7 @@ The language also supports the following functions:
 | `exists(labels["env"])`               | resources with a label key `env`; label value unchecked    |
 | `!exists(labels["env"])`              | resources without a label key `env`; label value unchecked |
 | `search("foo", "bar", "some phrase")` | fuzzy match against common resource fields                 |
+| `hasPrefix(name, "foo")`              | resources with a name that starts with the prefix `foo`    |
 
 See some [examples](cli.mdx#filter-examples) of the different ways you can filter resources.
 

lib/client/api.go

@@ -375,6 +375,16 @@ type Config struct {
 	// MockHeadlessLogin is used in tests for mocking the Headless login response.
 	MockHeadlessLogin SSHLoginFunc
 
+	// OverrideMySQLOptionFilePath overrides the MySQL option file path to use.
+	// Useful in parallel tests so they don't all use the default path in the
+	// user home dir.
+	OverrideMySQLOptionFilePath string
+
+	// OverridePostgresServiceFilePath overrides the Postgres service file path.
+	// Useful in parallel tests so they don't all use the default path in the
+	// user home dir.
+	OverridePostgresServiceFilePath string
+
 	// HomePath is where tsh stores profiles
 	HomePath string
 

lib/client/db/dbcmd/dbcmd.go

@@ -330,7 +330,7 @@ func (c *CLICommandBuilder) getMySQLOracleCommand() (*exec.Cmd, error) {
 		// We save configuration to ~/.my.cnf, but on Windows that file is not read,
 		// see tables 4.1 and 4.2 on https://dev.mysql.com/doc/refman/8.0/en/option-files.html.
 		// We instruct mysql client to use use that file with --defaults-extra-file.
-		configPath, err := mysql.DefaultConfigPath()
+		configPath, err := c.getMySQLOptionFilePath()
 		if err != nil {
 			return nil, trace.Wrap(err)
 		}
@@ -346,6 +346,15 @@ func (c *CLICommandBuilder) getMySQLOracleCommand() (*exec.Cmd, error) {
 	return exec.Command(mysqlBin, args...), nil
 }
 
+// getMySQLOptionFilePath gets the filepath to .my.cnf from the default location
+// in ~/.my.cnf, unless overridden by config.
+func (c *CLICommandBuilder) getMySQLOptionFilePath() (string, error) {
+	if c.tc.OverrideMySQLOptionFilePath != "" {
+		return c.tc.OverrideMySQLOptionFilePath, nil
+	}
+	return mysql.DefaultConfigPath()
+}
+
 // getMySQLCommand returns mariadb command if the binary is on the path. Otherwise,
 // mysql command is returned. Both mysql versions (MariaDB and Oracle) are supported.
 func (c *CLICommandBuilder) getMySQLCommand() (*exec.Cmd, error) {

lib/client/db/mysql/optionfile.go

@@ -43,8 +43,10 @@ type OptionFile struct {
 	path string
 }
 
+// DefaultConfigPath returns the default config path, which is .my.cnf file in
+// the user's home directory. Home dir is determined by environment if not
+// supplied as an argument.
 func DefaultConfigPath() (string, error) {
-	// Default location is .my.cnf file in the user's home directory.
 	home, err := os.UserHomeDir()
 	if err != nil || home == "" {
 		usr, err := utils.CurrentUser()

lib/client/db/postgres/servicefile.go

@@ -43,23 +43,33 @@ type ServiceFile struct {
 	path string
 }
 
-// Load loads Postgres connection service file from the default location.
-func Load() (*ServiceFile, error) {
+// DefaultConfigPath returns the default config path, which is .pg_service.conf
+// file in the user's home directory.
+func defaultConfigPath() (string, error) {
 	// Default location is .pg_service.conf file in the user's home directory.
 	// TODO(r0mant): Check PGSERVICEFILE and PGSYSCONFDIR env vars as well.
 	home, err := os.UserHomeDir()
 	if err != nil || home == "" {
-		user, err := utils.CurrentUser()
+		usr, err := utils.CurrentUser()
 		if err != nil {
-			return nil, trace.ConvertSystemError(err)
+			return "", trace.ConvertSystemError(err)
 		}
-		home = user.HomeDir
+		home = usr.HomeDir
 	}
 
-	return LoadFromPath(filepath.Join(home, pgServiceFile))
+	return filepath.Join(home, pgServiceFile), nil
+}
+
+// Load loads Postgres connection service file from the default location.
+func Load() (*ServiceFile, error) {
+	cnfPath, err := defaultConfigPath()
+	if err != nil {
+		return nil, trace.Wrap(err)
+	}
+	return LoadFromPath(cnfPath)
 }
 
-// LoadFromPath loads Posrtgres connection service file from the specified path.
+// LoadFromPath loads Postgres connection service file from the specified path.
 func LoadFromPath(path string) (*ServiceFile, error) {
 	// Loose load will ignore file not found error.
 	iniFile, err := ini.LooseLoad(path)

lib/client/db/profile.go

@@ -45,7 +45,7 @@ func Add(ctx context.Context, tc *client.TeleportClient, db tlsca.RouteToDatabas
 	if !IsSupported(db) {
 		return nil
 	}
-	profileFile, err := load(db)
+	profileFile, err := load(tc, db)
 	if err != nil {
 		return trace.Wrap(err)
 	}
@@ -98,7 +98,7 @@ func New(tc *client.TeleportClient, db tlsca.RouteToDatabase, clientProfile clie
 
 // Env returns environment variables for the specified database profile.
 func Env(tc *client.TeleportClient, db tlsca.RouteToDatabase) (map[string]string, error) {
-	profileFile, err := load(db)
+	profileFile, err := load(tc, db)
 	if err != nil {
 		return nil, trace.Wrap(err)
 	}
@@ -114,7 +114,7 @@ func Delete(tc *client.TeleportClient, db tlsca.RouteToDatabase) error {
 	if !IsSupported(db) {
 		return nil
 	}
-	profileFile, err := load(db)
+	profileFile, err := load(tc, db)
 	if err != nil {
 		return trace.Wrap(err)
 	}
@@ -138,11 +138,17 @@ func IsSupported(db tlsca.RouteToDatabase) bool {
 }
 
 // load loads the appropriate database connection profile.
-func load(db tlsca.RouteToDatabase) (profile.ConnectProfileFile, error) {
+func load(tc *client.TeleportClient, db tlsca.RouteToDatabase) (profile.ConnectProfileFile, error) {
 	switch db.Protocol {
 	case defaults.ProtocolPostgres:
+		if tc.OverridePostgresServiceFilePath != "" {
+			return postgres.LoadFromPath(tc.OverridePostgresServiceFilePath)
+		}
 		return postgres.Load()
 	case defaults.ProtocolMySQL:
+		if tc.OverrideMySQLOptionFilePath != "" {
+			return mysql.LoadFromPath(tc.OverrideMySQLOptionFilePath)
+		}
 		return mysql.Load()
 	}
 	return nil, trace.BadParameter("unsupported database protocol %q",

lib/services/parser.go

@@ -741,6 +741,22 @@ func NewResourceParser(resource types.ResourceWithLabels) (BoolPredicateParser,
 			return predicate.Equals(a, b)
 		}
 	}
+	predPrefix := func(a interface{}, prefix string) predicate.BoolPredicate {
+		switch aval := a.(type) {
+		case label:
+			return func() bool {
+				return strings.HasPrefix(aval.value, prefix)
+			}
+		case string:
+			return func() bool {
+				return strings.HasPrefix(aval, prefix)
+			}
+		default:
+			return func() bool {
+				return false
+			}
+		}
+	}
 
 	p, err := predicate.NewParser(predicate.Def{
 		Operators: predicate.Operators{
@@ -753,7 +769,8 @@ func NewResourceParser(resource types.ResourceWithLabels) (BoolPredicateParser,
 			},
 		},
 		Functions: map[string]interface{}{
-			"equals": predEquals,
+			"hasPrefix": predPrefix,
+			"equals":    predEquals,
 			// search allows fuzzy matching against select field values.
 			"search": func(searchVals ...string) predicate.BoolPredicate {
 				return func() bool {

lib/services/parser_test.go

@@ -192,6 +192,11 @@ func TestNewResourceParser(t *testing.T) {
 			`search("os", "mac", "prod")`,
 			`search()`,
 			`!search("_")`,
+			// Test hasPrefix.
+			`hasPrefix(name, "")`,
+			`hasPrefix(name, "test-h")`,
+			`!hasPrefix(name, "foo")`,
+			`hasPrefix(resource.metadata.labels["env"], "pro")`,
 			// Test exists.
 			`exists(labels.env)`,
 			`!exists(labels.undefined)`,
@@ -206,6 +211,7 @@ func TestNewResourceParser(t *testing.T) {
 			`labels.os == "mac" && name == "test-hostname" && search("v8")`,
 			`exists(labels.env) && labels["env"] != "qa"`,
 			`search("does", "not", "exist") || resource.spec.addr == "_" || labels.version == "v8"`,
+			`hasPrefix(labels.os, "m") && !hasPrefix(labels.env, "dev") && name == "test-hostname"`,
 			// Test operator precedence
 			`exists(labels.env) || (exists(labels.os) && labels.os != "mac")`,
 			`exists(labels.env) || exists(labels.os) && labels.os != "mac"`,
@@ -233,6 +239,7 @@ func TestNewResourceParser(t *testing.T) {
 			`equals(resource.metadata.labels["env"], "wrong-value")`,
 			`equals(resource.spec.hostname, "wrong-value")`,
 			`search("mac", "not-found")`,
+			`hasPrefix(name, "x")`,
 		}
 		for _, expr := range exprs {
 			t.Run(expr, func(t *testing.T) {
@@ -269,6 +276,10 @@ func TestNewResourceParser(t *testing.T) {
 			`exists(labels.env, "too", "many")`,
 			`search(1,2)`,
 			`"just-string"`,
+			`hasPrefix(1, 2)`,
+			`hasPrefix(name)`,
+			`hasPrefix(name, 1)`,
+			`hasPrefix(name, "too", "many")`,
 			"",
 		}
 		for _, expr := range exprs {