Remove PAM & BPF build tags from tsh & tctl targets in Makefile #11666
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
espadolini
approved these changes
Apr 1, 2022
rosstimothy
approved these changes
Apr 1, 2022
espadolini
requested changes
Apr 1, 2022
xacrimon
approved these changes
Apr 1, 2022
ravicious
force-pushed
the
ravicious/remove-pam-tag-from-tsh
branch
from
7072802 to
961fb2f
Compare
The PAM & BPF build tags are needed only when building teleport. For tsh and tctl we have stub implementations under lib/bpf/bpf_nop.go & lib/pam/pam_nop.go. Building tsh with the PAM tag was causing the push-build-windows-amd64 pipeline to fail since lib/teleterm imports lib/srv/alpnproxy which in turn indirectly depends on lib/pam.
ravicious
force-pushed
the
ravicious/remove-pam-tag-from-tsh
branch
from
961fb2f to
a768239
Compare
espadolini
approved these changes
Apr 1, 2022
ravicious
changed the title
ravicious
added a commit
that referenced
this pull request
Apr 25, 2022
The PAM tag is not needed when building tsh. Moreover, it was causing the push-build-windows-amd64 pipeline to fail since lib/teleterm imports lib/srv/alpnproxy which in turn indirectly depends on lib/pam.
ravicious
added a commit
that referenced
this pull request
Apr 27, 2022
* teleterm (alpha) * Add grpc-teleterm Makefile target The grpc-tools package is needed to generate gRPC files for JavaScript. However, at the moment it can't be installed on M1 MacBooks because of missing prebuilt binaries for arm64. [1] One of them, protoc, is already installed in our buildbox. We still need to compile grpc_node_plugin from source though. This adds significant overhead as we need to pull in cmake, build-essential and then about 300 MB of git repos from protocolbuffers/protobuf. Initially, those Teleterm gRPC were generated within `make grpc` with other files. M1 users who don't work on Teleterm would not be happy about incurring that additional overhead, hence I extracted everything into separate target and Dockerfile. Teleterm proto files don't depend on any other proto files. Once grpc-tools adds support for arm64, we'll be able to essentially almost revert this commit and generate Teleterm gRPC files within `make grpc`. [1] grpc/grpc-node#1405 * Use oneof for LoginRequest params The login is either local or SSO but not both. * Use db name for URI in Teleterm rather than db server host ID The previous version of the code used GetHostId return value for the URI. That caused problems as a single host can run multiple database servers. This in turn resulted in stuff like Teleterm not listing all databases. There's `Database.GetURI` function which I decided not to use, because it's an URI on its own which might include stuff like port numbers and what not. I wanted to avoid a situation in which the database URI creates some potential conflicts with the Teleterm URIs. I noticed that the Web UI code runs `DeduplicateDatabases` already and it uses `Database.GetName` underneath, so I deemed it a good candidate to be a part of a database URI in Teleterm. Fixes gravitational/webapps.e#127 * Remove PAM build tag from tsh target in Makefile (#11666) The PAM tag is not needed when building tsh. Moreover, it was causing the push-build-windows-amd64 pipeline to fail since lib/teleterm imports lib/srv/alpnproxy which in turn indirectly depends on lib/pam. * Move WebConfig from lib/web/ui to api/client/webclient (#11690) * Move WebConfig from lib/web/ui to api/client/webclient Web config was shared with the Web UI through the dynamically generated /web/config.js file available on the cluster. With the addition of Teleport Terminal (RFD 63), the Electron app needs to get a hold of this config as well. However, unlike the Web UI which directly loads the file and injects the config this way, any communication between the cluster and Teleport Terminal is done through the tsh daemon (RFD 63). The tsh daemon needs to essentially pipe this config from /web/config.js to the gRPC response it gives to Teleport Terminal. To achieve this, a GetWebConfig function was added to TeleportClient. Unfortunately, this breaks the build on Windows as lib/web (where WebConfig resides) includes code which is not meant to be compiled or run on Windows. Since we need to share the web config with another frontend application, it only makes sense to move it to the webclient package. We already have types shared between the server and the client there, for example the PingResponse struct. Co-authored-by: Alexey Kontsevoy <[email protected]>
This was referenced May 11, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The PAM tag is not needed when building tsh. Moreover, it was causing the
push-build-windows-amd64pipeline to fail sincelib/teletermimportslib/srv/alpnproxywhich in turn indirectly depends onlib/pam.