Skip to content

check for discovered kube cluster name exact match#31744

Merged
GavinFrazar merged 2 commits intomasterfrom
gavinfrazar/tsh-match-against-discovered-kube-name
Sep 12, 2023
Merged

check for discovered kube cluster name exact match#31744
GavinFrazar merged 2 commits intomasterfrom
gavinfrazar/tsh-match-against-discovered-kube-name

Conversation

@GavinFrazar
Copy link
Copy Markdown
Contributor

@GavinFrazar GavinFrazar commented Sep 12, 2023
edited
Loading

related issue: #31286

changelog: tsh commands can select a Kubernetes cluster by the original cluster name instead of the more detailed name generated by the v14+ Teleport Discovery service.

This PR updates tsh kube for the same issue. Now if a discovered kube cluster name matches exactly, it is preferentially selected over prefix matches.

@GavinFrazar GavinFrazar added ux kubernetes-access tsh tsh - Teleport's command line tool for logging into nodes running Teleport. labels Sep 12, 2023
@GavinFrazar
Copy link
Copy Markdown
Contributor Author

GavinFrazar commented Sep 12, 2023

@zmb3 flaky test detector is just timing out after 10m, please skip. The test cases are already in parallel, most test time is spent in setting up the test cluster

@zmb3
Copy link
Copy Markdown
Collaborator

zmb3 commented Sep 12, 2023

/excludeflake TestProxyKubeComplexSelectors

@GavinFrazar GavinFrazar added this pull request to the merge queue Sep 12, 2023
Merged via the queue into master with commit df5f18a Sep 12, 2023
@GavinFrazar GavinFrazar deleted the gavinfrazar/tsh-match-against-discovered-kube-name branch September 12, 2023 20:21
@public-teleport-github-review-bot
Copy link
Copy Markdown

public-teleport-github-review-bot Bot commented Sep 12, 2023

@GavinFrazar See the table below for backport results.

Branch Result
branch/v13 Failed
branch/v14 Create PR

This was referenced Sep 14, 2023
Merged
Merged
GavinFrazar added a commit that referenced this pull request Sep 16, 2023
@GavinFrazar
[v13] check for discovered kube cluster name exact match
0020b71 
backports #31744 to branch/v13.
@GavinFrazar GavinFrazar mentioned this pull request Sep 16, 2023
Closed
@GavinFrazar GavinFrazar mentioned this pull request Sep 18, 2023
Merged
GavinFrazar added a commit that referenced this pull request Sep 19, 2023
@GavinFrazar
[v13] check for discovered kube cluster name exact match
7304a08 
backports #31744 to branch/v13.
GavinFrazar added a commit that referenced this pull request Sep 19, 2023
@GavinFrazar
[v13] check for discovered kube cluster name exact match (#32091)
e8f0e9a 
backports #31744 to branch/v13.
github-merge-queue Bot pushed a commit that referenced this pull request Sep 19, 2023
@GavinFrazar @tigrato
[v13] Fix Kubernetes selected cluster (#32087)
04d8985 
* [v13] Fix Kubernetes selected cluster

backports #30167 to branch/v13.

* Fix Kubernetes selected cluster

Kubeconfig context name can be customized using `--set-context-name`
flag. When using it, the selected Kubernetes cluster fails to correctly
identify the cluster name.

* [v13] tsh kube login by prefix, query, labels (#32088)

backports #30252 to branch/v13.

* fetch kube clusters once for login

* [v13] update `tsh proxy kube` cluster selection ux (#32089)

backports #30478 to branch/v13.

* select by labels, query predicate, name, and/or prefix of name.
* fix --cluster flag not being propagated

* [v13] simplify tsh db prefix predicate logic (#32090)

backports #30531 to branch/v13.

* [v13] check for discovered kube cluster name exact match (#32091)

backports #31744 to branch/v13.

* [v13] rework tsh database selection logic (#32092)

backports #31689 to branch/v13.

* disallow prefix matching
* select by exact name match first,
* otherwise look for unambiguous discovered name label match.
* look for an active db to resolve discovered name match ambiguity.
* add more predicate builder helpers
* check for db name in not found error for stale cert hint
* no error status on tsh db logout with no logged in dbs
* remove dead code
* refactor helper funcs to simplify code and make it easier to test
* test complex database selection
* test findActiveDatabase
* test choosing one db by discovered name
* add more resource selectors tests
* test formatDatabaseLoginCommand
* add debug logging for db selection

* [v13] Fix `tsh kube login` when creds are expired or doesn't exist (#32095)

Backports #31418 to branch/v13.

This PR uses `client.RetryWithRelogin` helper to deal with cases where user's
credentials don't exist or are already expired.

Co-authored-by: Tiago Silva <tiago.silva@goteleport.com>

* remove tsh kube prefix matching (#31852) (#32097)

* fix retry with relogin for ambiguous clusters
* consolidate test setup for login/proxy kube selection tests
* add more test cases for kube selection
* remove prefix testing
* add origin cloud label in tests
* refactor the check for multiple cluster login into a func

* [v13] remove prefix matching in tctl (#32104)

Backports #31916 to branch/v13.

* remove prefix matching in tctl
* replace prefix matching with exact discovered name match as a fallback
  when no resource full name matches the name given by a user
* refactor test helpers
* avoid decoding yaml/json into already initialized var

---------

Co-authored-by: Tiago Silva <tiago.silva@goteleport.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gabrielcorado gabrielcorado gabrielcorado approved these changes

@tigrato tigrato tigrato approved these changes

Assignees

No one assigned

Labels

kubernetes-access size/sm tsh tsh - Teleport's command line tool for logging into nodes running Teleport. ux

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@GavinFrazar @zmb3 @gabrielcorado @tigrato